Conditions of use - Device AUSkey
These Conditions of Use are to be read in conjunction with the following documents:
- The GKP002 Certification Practice Statement (the CPS)
- The GKP003 Device Certificate Policy (the CP)
- The AUSkey Terms and Conditions - Glossary (unless specially defined in these Conditions of Use, capitalised terms are defined in this glossary).
1.1 The Registrar of the Australian Business Register (ABR):
- has established the AUSkey System to facilitate internet-based electronic transactions between business entities and participating agencies
- is the Certification Authority (CA) for the AUSkey System.
1.2 The Business wishes to use (and have the Device Custodian responsible on its behalf for) the AUSkey Device Certificate issued under the CP.
- The Business means the entity identified by its Australian Business Number (ABN) in the application for that AUSkey Device Certificate and as the Organisation in that Certificate.
- The Device Custodian means the individual nominated in the application as the Device Custodian for that AUSkey Device Certificate, and associated with that Certificate as its Device Custodian.
2 Conditions associated with the AUSkey Device Certificate
2.1 The CP, the CPS and the AUSkey Device Certificate Conditions of Use may change over time. Those current at a given time are those then published on the Terms and Conditions page.
2.2 By accepting, and by using, the AUSkey Device Certificate, the Device Custodian and the Business agree in each case to be bound by the CP, the CPS and the AUSkey Device Certificate Conditions of Use current as at that time.
3 Use of the AUSkey Device Certificate
3.1 The Device Custodian and the Business are jointly and severally responsible for the storage and use of the AUSkey Device Certificate including all transactions and communications carried out under or using it.
3.2 The Business and the Device Custodian must ensure that the AUSkey Device Certificate is not used for any unlawful or improper purpose.
3.3 The Business warrants that the Device Custodian has full authority to manage the use of the AUSkey Device Certificate on the Business' behalf.
3.4 The Business and the Device Custodian permit the ABR CA to (and to authorise others to) publish information relating to the AUSkey Device Certificate, the Business and the Device Custodian for the purposes of AUSkey System and as indicated in the CP and CPS.
3.5 All intellectual property rights in the AUSkey Device Certificate are owned by (the ABR CA as custodian for) the Commonwealth of Australia. The Device Custodian and the Business may only reproduce, publish and transmit the AUSkey Device Certificate (in unaltered form) for the purposes of its use in accordance with the CPS, the CP and these Conditions of Use.
4 Responsibilities in relation to the AUSkey Device Certificate
4.1 The Device Custodian and the Business must not:
- disclose the password for the AUSkey Device Certificate to any other person
- store the AUSkey Device Certificate in a keystore to which any person may have unauthorised access
- otherwise allow, grant, permit or enable any person to use the AUSkey Device Certificate other than under their authority.
4.2 The Device Custodian and the Business must promptly advise the ABR CA if:
- the Device Custodian is no longer authorised to manage the use of the AUSkey Device Certificate on the Business' behalf
- it becomes aware of any unauthorised use of the AUSkey Device Certificate
- the security of the AUSkey Device Certificate or its password has been compromised.
5 Cancellation of the AUSkey Device Certificate
5.1 The circumstances under which the ABR CA may revoke the AUSkey Device Certificate are described in the CP and the CPS.
5.2 The AUSkey Device Certificate must not be used for any purpose after it has been cancelled.
6 Warranty and Indemnity
6.1 Except as set out in these Conditions of Use, the CP or the CPS, the ABR CA gives no implied or express warranties in relation to the AUSkey Device Certificate or its use. All statutory warranties are to the fullest extent permitted by law expressly excluded.
6.2 The Business indemnifies the ABR CA against any loss arising from:
- any failure by it (or the Device Custodian) to ensure the safety and integrity of the AUSkey Device Certificate and its password
- any use of the AUSkey Device Certificate otherwise than in accordance with these Conditions of Use
- any wilful, negligent or unlawful act or omission by it (or the Device Custodian) in relation to the use of the AUSkey Device Certificate.
6.3 The Business' liability under this indemnity is reduced to the extent that any wilful, negligent or unlawful act or omission by the ABR CA has contributed to its loss.
6.4 A reference in this clause to the ABR CA includes a reference to the ABR CA, the ABR Root Certification Authority, ABR Registration Authority, the Registrar, the Commonwealth, and their respective officers, employees and agents.
7.1 The CP and the CPS sets out how disputes between the persons referred to in these Conditions of Use are to be resolved.
7.2 These Conditions of Use are governed by, and are to be construed in accordance with, the laws for the time being in force in the Australian Capital Territory.