HomeMy WebLinkAboutC2006-274 - 4/10/2006 - NA
,.,.,.
....,..
Service Agreement
This Agreement is between CSC Credit Services, Inc. ("CSCCS"), and the undersigned Client ("Client"). This Agreement is
for infonnation from the nationwide credit reporting database operated by Equifax Information Services LLC ("Equifax"), or
from other sources, and covers all information from CSCCS unless another agreement between CSCCS and Client
specifically states otherwise.
I. Client certifies it will request and obtain information only as allowed by the Fair Credit Reporting Act, as amended
("FCRA"), and this Agreement Client certifies that it will access consumer credit information from CSCCS for the
following specific permissible purposes and for no other purpose (Initial all that apply):
~n connection with a credit transaction _ In connection with a valuation of, or an
invelving the consumer on whom the information is to assessment of the credit or prepayment risks
be famished and involving the extension of credit to, associated with, an existing credit obUgation. Client
or review or collection of an account of, the consumer. must be a potential investor in, potential servicer of, or a
Client will not use these reports for employment current insurer of an existing credit obligation.
purposes.
_ For employment purposes. Client will use
Persona reports only for employment purposes, and will
not access any other credit information for employment
purposes. Client will not order or use a Persona report to
determine eligibility for credit or insurance or in
conaection with the collection of a debt. Client certifies
that it will make the disclosures and meet the conditions
required by the Fair Credit Reporting Act, as amended
("FCRA"), to the subject of each Persona report it
accesses, and that information from the report will not be
used in violation of any applicable Federal or State equal
employment opportunity law or regulation. I f Client
takes any adverse action based on any information from a
Persona report, Client will verify that information through
another source.
_ In connection with the underwriting of
ins..-anee involving the consumer. Client will not
access credit reports in connection with any insurance
purpose other than underwriting. Client will not access
credit reports on any consumer after the consumer has
filed a claim for proceeds of any insurance policy
_ In connection with a determination of the
cODlUmer's eligibility for a license or other benefit
grated by a governmental instrumentality required
by law to consider an applicant's flnancial
responsibility or status. Client must be a governmental
instrumentality OT acting as an agent for a governmental
lDstrumen tality .
2006-274
04/10/06
csees
........-'
In connection with a business transaction
involving the consumer. CSCCS will not accept this
Agreement unless an explanation of the business
transaction is attached.
In connection with the estabUshment of an
individual's capacity to make child support payments
or determining the appropriate level of such
payments. Client must be the head of a state or local
child support enforcement agency or authorized by the
head of such an agency. Client certifies that it will make
the disclosures and meet the conditions required by the
FCRA to the subject of each report it accesses, and that
information from the report will not be used in connection
with any other civil, administrative, or criminal
proceeding, or for any other purpose.
_ Client is a non-credit granting government
agency and certifies that it will request and receive
identifying information, limited to name, address,
former addresses, places of employment, or former
places of employment.
_ Mortgage Reports. Client certifies that it will
obtain credit reports only in connection with a credit
transaction involving the consumer on whom the
information is furnished. CUent will request
information for preparing mortgage credit reports
only.
Service Agreement 12-05
CALIFORNIA LAW CERTIFICA nON
J Client certifies it will comply with all applicable provisions of the California Credit Reporting Agencies Act. (Please
i~1 the appropriate line below)
i~ Client is not a retail seller as defined in Section 1802.3 of the California Civil Code ("Retail Seller") and does not
issue credit to consumers who appear in person on the basis of applications for credit submitted in person in California
i "Point of Sale").
Client is a Retail Seller and does issue credit to consumers who appear at the Point of Sale in California.
a. If Client is Retail Seller, Client also certifies that, in compliance with Section 1785 .14(a)(2) of the California Civil
Code, Client will instruct its employees and agents to inspect a photo identification of the consumer at the time an
application is submitted in person.
b. If Client is a Retail Seller, Client agrees to request from csecs and use a separate member number for processing
consumer report inquiries that result from in-person credit applications at the Point of Sale, with the understanding
that all inquiries using this new member number will require that Client supply the applicant's complete name,
address and Social Security number.
Co Client acknowledges that it has received notification of the amendments to the California law resulting from the
passage of A.B. 156, mcluding provisions regarding Client's inspection of the photo identification of each
consumer who applies for in-person credit (Section 1785 .14(a)(2)), mailing extensions of credit to consumers at
specified addresses (Section 1785.14( a )(3)), taking special actions regarding a consumers presentment of a police
report regarding fraud (Section 1785.16), acknowledging consumer demands for reinvestigations within certain
time frames (Section 1785.30), and criminalization ofthe theft of identity information (Penal Code Section 530.5).
d. Client agrees that if, in the future, it begins to issue credit to consumers who appear at the Point of Sale in
California, it will notify CSCCS prior to accessing consumer credit reports regarding such consumers. Notice to
csees should be directed to: CSC Credit Services, Inc., Client Services Department, 652 North Sam Houston
Parkway East, Suite 300, Houston, Texas 77060.
VERMONT CERTIFICA nON
3. Client certifies that it will comply with applicable provisions under Vermont law if it accesses consumer credit reports
on Vermont residents. In particular, Client certifies that it will order information services relating to Vermont residents,
that are credit reports as defmed by the VFCRA, only after Client has received prior consumer consent in accordance with
VFCRA Section 2480e and applicable Vermont Rules. Client further certifies that the attached copy of VFCRA Section
2480e applicable Vermont Rules were received from CSCCS, as referenced on Exhibit A. (Please sign and return the
certtfication found in Exhibit A attached).
GENERAL PROVISIONS
4. lfClient is an attorney or law firm, Client agrees (a) to treat consumer DTEC reports as consumer reports as defined by
the peRA, (b) to order and use DTEC reports only in connection with the collection of an account or for the purpose of
detem1ining whether a prospective customer will pay the fee, (c) that such reports will be used for no other purpose, and (d)
to make and keep a DTEC Certification Form as provided by CSCCS for each consumer DTEC report obtained.
5 Client will request information for Client's exclusive use only, and will keep all information received in strict
confidence except as required by law. Client may, however, provide the subject of the report with a copy of the report or
otherwise disclose the contents of the report to the subject. Client will not resell the reports to anyone, including the
consumer who IS the subject of the report. Client agrees to notify consumers of adverse action and make the disclosures
required by the FCRA. Client's employees may not attempt to obtain reports on themselves, associates, or others except in
the exercise 0 f their official duties. Client agrees to use reasonable efforts to use the following identifiers when requesting
mfoanation: full last and first name, middle initial, full current street address and zip code, year ofbirth, any generational
desianation, and Social Security number.
2
Service Agreement 12-05
....... """""
6. Client agrees to take all necessary measures to prevent unauthorized access to and disclosure ofinformation. Client will
establish and enforce policies allowing access to information only as permitted by the FCRA and this Agreement. At a
minimum, Client agrees to follow CSCCS's Fraud and Security Policy (attached as Exhibit B) including but not limited to
measures to prevent unauthorized access to information through Client's assigned number, access codes and any equipment
owned or kept by Client through which the credit reporting database may be accessed. With reasonable notice, CSCCS
may alter its Fraud and Security Policy. Client agrees to indemnify and hold CSCCS harmless from any expense or
damage arismg or resulting from improper access to or disclosure of information obtained through CSCCS.
7 Client acknowledges that CSCCS secures mformation from third party sources and that, for the price of the
mformation. CSCCS cannot guarantee its accuracy. CLIENT RELEASES CSCCS AND ITS AGENTS, EMPLOYEES,
AND INDEPENDENT CONTRACTORS FROM LIABILITY FOR ANY LOSS OR DAMAGE, INCLUDING ANY
SPECIAL, LNDIRECT, INCIDENTAL OR EXEMPLARY DAMAGES AND CONSEQUENTIAL DAMAGES
INCLUDING, BUT NOT LIMlTED TO, LOSS OF ANTlCIPA TED PROFITS OR ECONOMiC LOSS, EVEN IF CSCCS
HAS BEEN ADVISED OF THE POSSIBiLITY OF SUCH LOSS OR DAMAGE, IN CONNECTION WITH OR
'\RlSING OUT OF THE ACCURACY OF THE INFORMATION, CLIENT'S USE OF THE INFORMATION, OR THE
INTERRUPTION OR LOSS OF ANY SERVICE PROVIDED UNDER THIS AGREEMENT.
8. Client will furnish all appropriate data that it believes may have been used for fraudulent purposes to Equifax for
Inclusion in Equifax's SAFESC AN System. Appropriate data will include, but is not limited to, consumer names, aliases,
Social Security numbers, addresses (current and former) and telephone numbers (business and residenti~). Client also
agrees to furnish the addresses of known mail-receiving services and prisons. Client agrees to make no credit granting,
msurance, or employment deCIsions based on a SAFESCAN message alone. Client understands that the information
supplied by Equifax's SAFESCAN system mayor may not apply to the consumer who has made the application and that a
SAFESCAN message is merely an indication that Client should thoroughly verify application information before making a
decision,
9. Client agrees that, if it should ever request, use or receive from CSCCS credit information that includes information
from a credit reporting database other than the Equifax database ("Merged File"), and it takes adverse action against a
CODlUI1ler as a result of information contained in a Merged File, it will list all databases used on its adverse action notice,
regardless of whether information from each database is a factor in the adverse decision.
10. Client agrees to pay CSCCS within thirty (30) days of the date of each CSCCS invoice.
a. Notwithstanding anything contrary contained in this Agreement, fees quoted for services received under this
Agreement do not include sales, use, excise, personal property, or any other taxes of such nature. in the event such
taxes are levied. Client will pay them, and CSCCS may separately invoice them.
b. CSCCS may assess a late charge of I Y2% per month or the highest rate allowed by law, whichever is less, on overdue
accounts.
c. Client agrees to pay, if applicable, a nonrefundable administrative fee for setup and to maintain minimum monthly
usage of credit reports or pay monthly charges, or both, as periodically set by CSCCS. Client agrees to pay a deposit
as specified in a letter agreement to be executed with this Agreement, to be refunded without interest after service has
been discontinued and Client's account has been fully reconciled. CSCCS may deduct any unpaid charges from the
deposit before refunding to Client.
d. In addition, in the event that CSCCS' s cost of rendering service increases as a result of federal, state or local laws,
ordinances or other regulatory, administrative or governmental acts, CSCCS, at its option may, upon thirty (30) days
prior wntten notice to Client, increase the fees charged to Client hereunder. Because of Colorado state law, reports
requested on Colorado residents shall be subject to a surcharge in addition to the per unit price quoted. Because of
costs associated with the federal Fair and Accurate Credit Transactions Act, all reports will be subject to a regulatory
recovery fee m addition to the price quoted.
11. CSCCS may request Client to provide information showing its compliance with the FCRA and this Agreement. Such
requests ("Permissible Purpose Audits") will be reasonable in scope and will allow Client a reasonable response time.
Penaissible Purpose Audits are normally conducted by mail. Among other requests, CSCCS will ask Client to provide
proof, such as a copy of a credit application. that Client had a permissible purpose to access particular consumers' credit
files.
3
Service Agreement 12-05
.~..,,,,,,,,,,
12. Either party may terminate this Agreement without cause upon thirty (30) days' written notice. However, CSCCS may
unmediately tenninate service, without prior notice, if Client breaches any term of this Agreement, including but not
limited to: (a) failure to pay amounts when due; (b) violation of the FCRA or any state or local law governing credit
reporting; or (c) refusal to fully cooperate with CSCCS in allowing access to necessary records for a Permissible Purpose
Audit pursuant to Section II of this Agreement. Any supplements or pricing addenda to this Agreement will terminate
when this Agreement terminates
13. Client agrees to follow all applicable laws relating to its access to and use of credit information. Client understands that
requesting reports for purposes other than those allowed under the FCRA may create a civil cause of action against Client
Client also understands that the criminal penalties under the FCRA for improper access to credit information include fines
and imprisonment.
14. Client will address any wntten notice to CSCCS required by this Agreement to Corporate Secretary, CSC Credit
Services, Inc., 652 N. Sam Houston Parkway E., Suite 400, Houston, Texas 77060 or another address designated in writing
by csces to Client. csces will address any written notice to Client required by this Agreement to Client's address at the
end of this Agreement or another address designated in writing by Client to CSCCS.
15. This Agreement and any supplements and letter agreements executed by the parties supersede all prior agreements
relating to the subject matter of this Agreement, and constitute the entire agreement between Client and CSCCS. There are
no written or oral understandings that are not fully expressed in this Agreement, any supplements, and letter agreements.
Letter agreements may not conflict with this Agreement and may address only pricing, administrative fee, minimum
moathly usage, minimum monthly charges, deposit, lease charges and lease term. Pricing, minimum monthly usage,
minimum monthly charges, and deposit will be subject to change by csecs on thirty (30) days' written notice unless
otherwise specified in a Letter Agreement. No changes may be made to this Agreement except in writing by the president
or a vice president ofCSCCS.
1 6. The undersigned Client representative is authorized to make this Agreement.
17. Client may not assign this Agreement. csces may, with written notice, assign this Agreement. This Agreement is
effective when esces accepts it.
INFORMA nON FURNISHER
18. Client may, at its option, agree to prepare and furnish to csees or its designee, on a non-exclusive basis and at no
chawge, accounts receivable data (hereinafter referred to as "Client Account Information"). CSCCS is not obligated by this
agt1leD1ent to accept Client's Account Information. If Client chooses this option, Client agrees:
a. to follow all applicable federal, state and local laws regarding the reporting and verification of information, including
the FCRA as amended;
b. to prepare and furnish Client Account Information in a mutually agreeable format, including payment history
information in the Metro 2 Consumer Reporting Format;
c. to use reasonable efforts to provide accurate and complete information;
d. to use reasonable efforts to use the following identifiers when reporting information:
1. full last and first name and middle initial;
ii. full current street address and zip code;
iii. year of birth;
IV. any generational designation; and
v. Social Security number;
e. that CSCCS may incorporate Client's Account Information into any computerized consumer credit reporting system;
f. tbat Client Account Information, once incorporated, will be the property of csces and will be referred to herein as
"Incorporated Client Account Information";
g. to notify CSCCS promptly when it discovers that any information it provided under this Agreement is inaccurate;
h. that Client will be liable for any loss or damage incurred by CSCCS as a result of Client knowingly supplying
inaccurate Client Account Information to csces or as a result ofCSCCS supplying such information to any other
person; and
1. to update all Client Account Information at least quarterly, if Client reports manually.
4
Service Agreement 12-05
.....,..'...".-
19. csces and Client agree that they are subject to and will comply with certain federal laws, including but not limited to
the Gramm-Leach-Bliley Act ("GLB") and the Fair Credit Reporting Act ("FCRA"). CSCCS, as a financial institution and
a coosumer reporting agency, adheres to the privacy tenets of the GLB and the FCRA. CSCCS will treat Client's
UniDcorporated Account Data as required by the GLB's Safeguard Rule as it applies to Service Providers. Once
incorporated mto esccs's consumer credit reporting database, CSCCS will treat Incorporated Account Data as its own
data, which is governed directly by the GLB's requirements applying to Financial Institutions.
20. As a Financial Institution, CSCCS complies with the Safeguard Rule promulgated by the Federal Trade Commission.
16 CFR part 314. CSCCS will allow access to Incorporated Consumer Information only as permitted under the FCRA and,
where applicable, the GLB,
2l. For both Unincorporated Client Account Data and Incorporated Account Data, CSCCS will maintain appropriate
meuures designed to:
a. ensure the security and confidentiality of the Information;
b. protect against any anticipated threats or hazards to the security or integrity of the Information; and
c. protect against unauthorized access to or use of the Information that could result in substantial hann or
inconvenience to any Client customer.
22. In order to perform its obligations under section 21. above, csees agrees to:
a. Designate an employee or employees to coordinate its information security program;
b. IdentifY reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of the
Information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of
the Information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a
risk assessment should mclude consideration of risks in each relevant area ofeSCCS's operations, including (x)
Employee training and management, (y) Information systems, including network and software design, as well as
information processing, storage transmission and disposal, and (z) Detecting, preventing and responding to attacks,
intrusions, or other systems failures.
c. Design and implement information safeguards to control the risks identified through risk assessment, and regularly
test or otherwise monitor the effectiveness of the safeguards' key controls, systems and procedures.
23. csces agrees to comply WIth Client's reasonable efforts to verifY compliance with Sections 19-25 of this Agreement.
24. In the event that C sces becomes aware of any unauthorized access to Client's Unincorporated Account Data, CSCCS
will take appropriate actions to address such unauthorized access. Further, in order to enable Client to expeditiously
implement its response program, csees agrees to notify Client of any known unauthorized access to Client's
Uniqcorporated Information. csces will take appropriate actions to address unauthorized access to Incorporated Account
Data.
25. CSCCS agrees to properly dispose of Client's Account Data by taking reasonable measures to protect against
unauthorized access to or misuse of the infonnation in connection with its disposal.
RISK SCORING MODELS
26. Client agrees to all the terms in paragraphs 26 through 31 if Client should ever request, use or receive DAS,
BEACON, or any other consumer prediction score available from CSCCS and Equifax.
27. BEACON and DAS are Risk Scoring Models ("Risk Scores") applied by Equifax, which periodically establishes the
priets for those services. BEACON was developed by The Fair Isaac Companies. BEACON and DAS are point scorable
prediction models computed using consumer credit information in Equifax's automated consumer reporting system, and
desilned to predict the risk that an individual will not pay his or her accounts as agreed (BEACON), and that an individual
will file bankruptcy (DAS). esees will also provide Client up to four of the factors contributing to the Risk Score.
28. Client agrees to request Risk Scores only for its own use, and further agrees that all Risk Score information will be
keptin strict confidence, except as allowed by law. Client agrees to hold Equifax, CSCCS, The Fair Isaac Companies and
5
Service Agreement 12-{)5
~----"-
their agents and employees harmless from any expense or damage arising or resulting from the publication or other
disclosure of the Risk Scores by Client or Client's employees or agents contrary to this Agreement.
29. EqUlfax and CSCCS reasonably believe:
a. that BEACON, DAS. and all other consumer prediction scores available from CSCCS and Equifax, subject to
validation by Client on its own records, are intended to be "empirically derived, demonstrably and statistically sound
credit scoring systems" as defined in Regulation B, 12 C.F.R. pt. 202 ("Reg. B"), promulgated by the United States
Federal Reserve Board pursuant to the Equal Credit Opportunity Act;
b. that neither BEACON, DAS nor any other consumer prediction score available from CSCCS and Equifax, use a
"prohibited basis, II as such term is defined and permitted in Reg. B; and
c. that the method used for generating the principal factors contributing to the Risk Scores complies with Reg. B.
30. Client acknowledges that It is responsible for meeting the requirements of the Equal Credit Opportunity Act and Reg.
B. Client understands that it is required by Reg. B to validate the Risk Scores and information on its own applicants and
customers. [f Client determines that Risk Scores or other information cannot be validated for its own applicants and
customers. it will unmediately cease using and requesting Risk Scores and notify Equifax and CSCCS.
3 I. Client acknowledges that the Risk Scores only represent an opinion and are not guaranteed to be accurate predictors
for Client's applicants and customers. Client understands that the Risk Score is only one of many items of information it
can use in connection with its review and decision regarding an applicant or customer. Client releases Equifax, CSCCS,
The Fair Isaac Companies, their officers, employees, agents, sister and affiliated companies and any third party contractors
and suppliers from liability for any damages, losses, costs or expenses, whether direct or indirect, suffered or incurred by
Client as a result of any failure of the Risk Scores to accurately predict the credit worthiness of any of Customer's
applicants and clients. In the event the Risk Scores were not correctly applied by Equifax to the credit file, the credit file
'Will be reprocessed at no additional charge.
GEOCODE INFORMATION
32. Client agrees to all the terms in paragraphs 32 through 34 if Client should ever request use, or receive GeoCode
Information from CSCCS.
33. GeoCode Information is provided only to aid Client in complying with certain legal requirements and in marketing
efforts. CSCCS assumes no responsibility for any use of the GeoCode Information by Client. Client assumes all
re8pC)nsibility for complying with all legal requirements for which GeoCode Information may be used. Client agrees and
aclalowledges that the GeoCode Information provided under this Agreement is not provided to aid Client in determining
whether to grant credit.
34. Client will indemnify, defend and hold harmless CSCCS from all liability , loss, costs, claims, expenses, demands and
fee~ including reasonable attorneys' fees, arising out of Client's use of the GeoCode Information provided under this
Agreement.
FLOOD ZONE DETERMINATIONS
35. If Client should ever request, use or receive Flood Zone Determinations under the terms of this Agreement, Client
agrees to all the terms in paragraphs 35 through 40.
36. Flood Zone Determinations ("FZDs") are based on: (I) the current and available Flood Insurance Rate Map
("FUlM") data as published by, or for, the Federal Emergency Management Agency ("FEMA"); (2) other data and
infO$lation as deemed pertinent and practical by the Company issuing the FZD ("lssuer"); and (3) the subject property
infOimation provided by Client. Tbe term FZD includes the following services:
a. Loan Determination Service-A flood zone assessment and Certification for improved real property that is
intended to secure an extension of credit, which is requested prior to, or as of, such extension of credit.
b. Recertification Service--A flood zone assessment and Certification requested after the Loan Determination
Servlce has been prOvided for the subject property due to the intended extension, increase or renewal of the
original loan, or due to additional information supplied by the borrower (same subject property, borrower and
loan number)
6
Service Agreement 12-05
-.........'....-
c. LIfe of Loan Service--A flood zone assessment and Certification for improved real property. After the initial
assessment and Certi fication, whenever the applicable FEMA map panel is revised and generally available to
Issuer, Issuer will, within sixty (60) days thereof, again perform an assessment and, in the event of a change in
desIgnation of the flood zone in which the subject improved property is located, issue a new Certification. This
Service benefits current and subsequent creditors in interest, and terminates as of the date the loan is paid or
otheI'Wlse terminates
37. Client agrees and acknowledges that the FZDs provided under this Agreement are exclusively for the benefit of
Clilllt and its borrower, and are provided solely to aid Client and its borrower in determining whether to purchase flood
msurance. Client acknowledges that the FZDs provided under this Agreement are not issued to aid Client or borrower in
det<<mining whether to finance or purchase property. In the case of Life of Loan Service, the Client's benefit will inure to
the heirs and assignees of the applicable loan only after CSCCS receives notice of assignment. All benefits will terminate
when the applicable loan is paid or otherwise terminates.
38. In the event that Issuer incorrectly issues a certification on a property stating that the insurable improvements thereon
are not located within a Special Flood Hazard Area, per the FEMA flood map effective at the date of certification, and
uniDsured flood loss occurs to such insurable improvements, Issuer will indemnify and hold Client and its borrower
harmless from uninsured flood loss, but only to the extent that such parties would be compensated under a National Flood
Insurance Protection (tiN F IP") policy as if in effect up to the maximum amount available for such property. In the event
that Issuer incorrectly issues a certification on a property stating that the insurable improvements thereon are in a Special
Flood Hazard Area, per the FEMA flood map effective at the date of the certification, Issuer will reimburse the borrower
for any nonmandatory NFLP insurance premiums that it paid for such property.
39. On loans covered by Life of Loan Service, (a) if the flood hazard status ofproperty Issuer has certified changes from
"not in" to "in" as a result of a FEMA flood map revision, and Issuer fails to notify Client within sixty (60) days of such
chaage, and uninsured flood loss occurs to the insurable improvements on such property after such notification period
expires and poor to notification by Issuer, Issuer will indemnify and hold Client and its borrower harmless from uninsured
flood loss, but only to the extent that such parties would be compensated under an NFLP policy as if in effect up to the
maxmllnn amount available for such property; (b) if the flood hazard status of a property Issuer had certified changes from
'in" to "not in", as a result of a FEMA flood map revision, and Issuer fails to notify the Client within sixty (60) days of
such change, Issuer will reimburse the borrower for any nonmandatory NFLP insurance premiums that it paid for such
property after Issuer's notification period expired; and (c) if the community participation status of a property Issuer has
certified changes, making flood insurance for such property unavailable, and Issuer fails to notify the Client within sixty
(60) days of the effective date of such change, and uninsured flood loss occurs to the insurable improvements thereon after
the notification period expires and prior to notification by Issuer, Issuer will indemnify and hold Client and its borrower
harmless from uninsured flood loss, but only to the extent that such parties would be compensated under an NFLP policy as
If in effect up to the maximum amount available for such property. None of the obligations set forth in this paragraph will
apply to any certifications that are not Life of Loan certification.
40. CLIENT AGREES TO NOTIFY CSCCS WITHIN SIXTY (60) DAYS IF SERVICING OF A LOAN COVERED
BY LIFE OF LOAN SERVICE IS TRANSFERREDTOASUBSEQUENT MORTGAGEE, OR IF THE LOAN IS SOLD,
PAID OFF, DECLINED, OR CANCELED. FAILURE TO NOTIFY csces WILL RELEASE csces AND ISSUER OF
ANY OBLIGATION TO PROViDE SERVICES UNDER THE LIFE OF LOAN PROGRAM FOR THEAPPLlCABLE
LOAN (Si.
CENSUS TRACT INFORMATION
41. Client agrees to all the terms in paragraphs 41 through 43 if Client should ever request, use or receive Census Tract
Information under this Agreement. Client acknowledges that the Census Tract Information provided under this Agreement
IS n4t provided for the purpose of aiding Client or borrower in determining whether to finance or purchase any property.
CSCCS provides Census Tract Information to aid Client in complying with certain legal requirements. CSCCS assumes no
responsibility for any use of the Census Tract Information by Client. Client assumes all responsibility for complying with
all legal requirements for which Census Tract Information may be used.
7
Service Agreement 12-05
42. csecs WILL NOT BE LJABLE FOR ANY SPECIAL OR EXEMPLARY DAMAGES OR FOR
CONSEQUENTIAL DAMAGES RELATED TO THE PROVISION OF CENSUS TRACT INFORMATION
INCLUDING, BUT NOT LIMITED TO, LOSS OF ANTIClP A TED PROFITS OR ECONOMIC LOSS, EVEN IF CSCCS
HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE.
li~\llAl - To e)(~ ~-t c.ll o\-v~ v-.....v.....- -r;.')o(Cu J ~ Lv
1 tr- ~ 43.! Client will indemnify, defend and hold harmless csecs from allllability, loss, costs, claims, expenses, demands and
I @l,tees,InCIUdingreasonableattorneyS'feeS'ariSingOutof Client's negligent or intentional improper use ofthe Census Tract
r (._- InformatIOn provided under this Agreement.
l. ' '
SOFTWARE LEASE
44. If Client should ever lease computer software from CSCCS for integration into the computerized reporting system to
permit access to the information available under this Agreement, Client agrees to the terms in this paragraph and to those
that will be contained in a letter agreement to be executed with this Agreement or at a later time. Client agrees to the terms
of tJae Software License Agreement for the applicable software leased or purchased by Client. Any implied warranties
mcluding any warranties of merchantability or fitness for a particular purpose are limited to the term of the express
warranties. csces will not in any case be liable for special, incidental, consequential, indirect or other similar damages
arising from any breach of these warranties, even if csces has been advised of the possibility of such damages.
AGREED BY CLIENT:
ChVI5h -reyC-,--)
(Si~ e f uthorized Representative)
_ bpcv-c t- Ie. Nop I G"-fJ
(PriIlt name-kd title of Representative)
, ;)-0 I L ~ 0 pc'-vf= St-
(Street Address of Client)
M~Y\~~
Cav-.l2U) C0VI"'S~
(City, Sta& and ZIp Code)
- ~ F).J - I
_ . \ -e n'~7 l ~C'p~ '-' \P
(NaIIle and number of Client Contact)
-IX
-) fV 0 I
g.)(a -?,y:.L <?
Date:
"/+r~:1
I 0 dOO~
ACCEPTED BY:
CSC C~Y'YSERVICES, INC.
By ;; t17i ~
Peggy Fisher
Vice President
(PriIIl name and title)
Date:
&-{I-~~
8
Service Agreement 12-05
"....,'..-
EXHlBIT A
VERMONT FAIR CREDIT REPORTING CONTRACT CERTIFICATION
The undersigned, (' I ~ of Cot- PV) C h v ,'') "C"Client"), acknowledges that it subscribes to receive various
infOfmation services fro CSC CredIt Services, Inc. ("CSCCS") m accordance WIth the Vermont Fatr Credit Reportmg
Statate,9 V.S.A. 9 2480e (1999), as amended (the "VFCRA") and the Federal Fair Credit Reporting Act, 15 U.S.C. 9
1681 et seq., as amended (the "FCRA") and its other state law counterparts. In connection with Client's continued use
of CSCCS information services in relation to Vermont consumers, Client hereby certifies as follows:
Vel'flont Certification. Client certifies that it will comply with applicable provisions under Vermont law. In particular,
Clicet certifies that it will order mformation services relating to Vermont residents, that are credit reports as defined by
the VFCRA, only after Client has received prior consumer consent in accordance with VFCRA ~ 2480e and applicable
Vermont Rules. Client further certifies that the attached copy of VFCRA 9 2480e and applicable Vermont Rules were
received from csces.
Clieat___ C 1~~~_L.oVj)uJ
SigoedBy', ~
Printed Name and Title: &e 0 v,"< e.. K,
J
LhVl'~ h'
tvxz
C I'~ /\"1 CAY)~~
Account Number ____.
Date: _,,___ ~ ryV! 1.E~d-D ~_!-
\J
Pleue also include tbe following information:
Compliance Officer or Person Responsible for Credit Reporting Compliance
Name :
'f ~YV'~
u-1l Ii -nh
c~"\ t::e L.
Title:
e)V II V)e,V'l
u{~. Cc
}..lO-AA~ ( AG+1V\~ ')
COvpv~ UAVI'~' IX f6-t.{.O I
Mailing Address:
l J- 0 I ~ <:) po- v1'l
+-ev"v~ c ('7) (c. +t X Co\. " .
~~<.- 34 Lf'
( -0""-.
E-Mail Address:
PhOlle:
:;(P/
Fax:
Obi
~(1) - 3 4-0 I
MaittaiD a copy for your records and return original witb Service Agreement.
9
Service Agreement 12-05
Vermont Fair Credit Reporting Statute, 9 V.S.A. ~ 2480e (1999)
~ 2480e. Consumer consent
(a) A person will not obtain the credit report of a consumer unless:
(1 ) the report is obtained in response to the order of a court having jurisdiction to issue such an order; or
(2) the person has secured the consent of the consumer, and the report is used for the purpose consented to by the
consumer
(b) Credit reporting agencies will adopt reasonable procedures to assure maximum possible compliance with
subsection (a) of this section.
(c) Nothing in this section will be construed to affect:
(1) the ability of a person who has secured the consent of the consumer pursuant to subdivision (a)(2) of this section
to include in his or her request to the consumer permission to also obtain credit reports, in connection with the same
tranaaction or extension of credit, for the purpose of reviewing the account, increasing the credit line on the account, for
the purpose of taking collection action on the account, or for other legitimate purposes associated with the account; and
(2) the use of credit information for the purpose of prescreening, as defined and permitted from time to time by the
Federal Trade Commission.
VERMONT RULES *** CURRENT THROUGH JUNE 1999 ***
AGENCY 06. OFFICE OF THE ATTORNEY GENERAL
SUB-AGENCY 031. CONSUMER PROTECTION DIVISION
CHAPTER 012. Consumer Fraud-Fair Credit Reporting
RULE CF 112 FAIR CREDIT REPORTING
CVR 06-031-012, CF 112.03 (1999)
CF 112.03 CONSUMER CONSENT
(a) A person required to obtain consumer consent pursuant to 9 V.S.A. S S 2480e and 2480g will obtain said consent in
writing if the consumer has made a written application or written request for credit, insurance, employment, housing or
governmental benefit. If the consumer has applied for or requested credit, insurance, employment, housing or
governmental benefit in a manner other than in writing, then the person required to obtain consumer consent pursuant to
9 V .S.A. ~S 2480e and 2480g WIll obtain said consent in writing or in the same manner in which the consumer made the
application or request. The terms of this rule apply whether the consumer or the person required to obtain consumer
consent initiates the transaction
(b) Consumer consent required pursuant to 9 V.S.A. SS 2480e and 2480g will be deemed to have been obtained in
writing if, after a clear and adequate written disclosure of the circumstances under which a credit report or credit reports
may be obtained and the purposes for which the credit report or credit reports may be obtained, the consumer indicates
his or her consent by providing his or her signature.
( c) The fact that a clear and adequate written consent fonn is signed by the consumer after the consumer's credit report
has been obtained pursuant to some other form of consent will not affect the validity of the earlier consent.
10
Service Agreement 12-05
~..-
EXHIBIT B
FRAUD AND SECURITY POLICY
CSC Credit Services, Inc. ("CSCCS") will issue subscriber member number(s), security code(s), and (when
applicable) telephone access number(s). Client must keep them strictly confidential. This requirement applies
to any means through which Client orders or accesses CSCCS credit information including, without limitation,
system-to-system, direct access terminal, personal computer or the Internet; provided, however, Client will not
order or access the credit information via the Internet without first obtaining CSCCS's written permission by
executing an Internet Security Addendum.
F or the purposes 0 f this Policy, the term "Authorized User" means a Client employee that Client has authorized
to order or access the credit information and who is trained on Client's obligations under this Agreement with
respect to the ordering and use of the credit information, and the information provided through same, including
Client's FCRA and other obligations with respect to the access and use of consumer reports.
, Client will:
(a) ensure that only Authorized Users can order or have access to the credit information,
(b) ensure that Authorized Users do not order credit reports for personal reasons or provide them to any third
party except as permitted by this Agreement,
(c) ensure that all devices used by Client to order or access the Credit information are placed in a secure
location and accessible only by Authorized Users, and that such devices are secured when not in use through
such means as screen locks, shutting power controls off, or other commercially reasonable security procedures,
and
(d) take all necessary measures to prevent unauthorized ordering of or access to the Credit information by any
person other than an Authorized User for permissible purposes.
"All necessary measures" will include, without limitation, limiting the knowledge of the Client security codes,
any telephone access number( s) C SCCS provides, and any passwords Client may use, to those individuals with
a need to know, changing Client's user passwords at least every ninety (90) days, or sooner if an Authorized
User is no longer responsible for accessing the Credit information, or if Client suspects an unauthorized person
has learned the password, and using all security features in the software and hardware Client uses to order or
access the Credit information. Client will monitor compliance with the obligations of this Policy, and will
immediately notify CSCCS if Client suspects or knows of any unauthorized access or attempt to access the
credit information. Such monitoring will include, without limitation, a review of each Equifax invoice for the
purpose of detecting any unauthorized activity.
4 Client will not ship hardware or software between Client's locations or to third parties without deleting all
C SC CS Client number( s), security codes, telephone access number( s) and Client user passwords. If Client uses
a third party vendor to establish access to the Credit information, Client is responsible for the third party
vendor's use of Client's member numbers, security access codes, or passwords, and Client will ensure the third
party vendor safeguards Client's security access code( s) and passwords through the use of security
requirements that are no less stringent than those applicable to Client under this Policy.
5 If CSCCS reasonably believes that Client has violated this Policy, CSCCS may, in addition to any other remedy
authorized by this Agreement, with reasonable advance written notice to Client and at Client's sole expense,
conduct, or have a third party conduct on its behalf, an audit of Client's network security systems, facilities,
practices and procedures ("security audit") to the extent CSCCS reasonably deems necessary, including an on-
site inspection, to evaluate Client's compliance with the data security requirements of this Policy.
II
Service Agreement 12-05
D. Client must mamtaIn, and be able to share with CSCCS upon a permissible purpose audit, a current list of all
Authorized Users. These individuals must be trained in compliance with the FCRA, the terms of Agreements
between Client and CSCCS, and this Policy. Client must notify CSC Credit Serivces' Client Services
Department each time an Authorized User leaves employment so that appropriate codes can be changed. Each
Authorized User must be informed that credit reports are to be kept strictly confidential and that failure to
comply with CSCCS's security procedures can result in termination of CSCCS's service. Client will inform
Authorized Users that unauthorized access to consumer reports may subject them to civil and criminal liability
under the FCRA punishable by fines and imprisonment.
C SCCS reserves the right to conduct periodic permissible purpose audits upon reasonable notice and without
sIgnificant disruption of Client's business operation. Client must always have a permissible purpose (as defined
by the Fair Credit Reporting Act) to access credit information. Client must keep all documentation evidencing
its permissible purpose on hand for at least two years and six months, regardless of whether credit was actually
extended or accepted. Upon CSCCS' s request in connection with a permissible purpose audit, Client will
prov1de permissible purpose documentation.
i:L CSCCS also reserves the right to terminate its service if it determines that Client have not complied with its
audit requests or this Fraud Prevention Security Policy.
q CSCCS reserves the nght to terminate its service at any time if it suspects that credit reports are being
improperly accessed or used.
10. In the event that a consumer notifies Client that he or she has been a victim of fraud, please instruct the
consumer to call CSCCS's Consumer Fraud Assistance Department at 1-800-272-9281 for assistance.
12
Service Agreement 12-05
~.........