Terms of Use for SocialKYC

Application of These Terms of Use

For all services provided by the SocialKYC Software under the website socialkyc.io (the “Website”), these Terms of Use shall apply.

The Services are provided to you via software (the “Software”) created and run by B.T.E. BOTLabs Trusted Entity GmbH (hereinafter referred to as “BTE”, “us”, “we” or “our”) as defined below. The software is published and you are free to check out the code under github.com/KILTprotocol/socialkyc.io.

PLEASE READ THE TERMS OF USE CAREFULLY TO ENSURE THAT YOU UNDERSTAND EACH PROVISION. IF YOU DO NOT AGREE TO ALL OF THE TERMS, DO NOT ACCESS OR USE THE SOFTWARE.

YOU ACCEPT THE TERMS OF USE, EITHER BY CLICKING TO SIGNIFY ACCEPTANCE, OR BY TAKING ANY ONE OR MORE OF THE FOLLOWING ACTIONS: ACCESSING OR USING THE APPLICABLE SOFTWARE, YOU AGREE TO BE BOUND BY THE TERMS OF USE.

YOU REPRESENT AND WARRANT THAT YOU ARE 18 YEARS OLD OR OLDER AND HAVE THE RIGHT AND AUTHORITY TO ENTER AND COMPLY WITH THE TERMS OF USE.

What is SocialKYC

SocialKYC allows you to create, manage and use social credentials. Social credentials are credentials for your social accounts (such as Twitter, TikTok, Discord, GitHub, Twitch, etc.), email addresses or phone numbers as they become available over time in SocialKYC.

A credential of your social identity is issued after you have proved control of the respective social account, email address or phone number. You can use these credentials to access third party services for example for logging into services that accept such credential.

Therefore, you can:

  • Verify your digital identity by proving control of your social account, email address or phone number
  • Receive a social credential for your control of this social account, address or number
  • Store the social credential locally on your device in your wallet
  • Save a proof for the validity of your credential on the KILT blockchain and
  • Use these credentials and the proof for their validity for pages that allow their usage e.g. to log into their services or to leave your contact data.

SocialKYC forgets about the user and the credential as soon as the credential is issued. Personal data is not stored, siloed, or shared.

The data generated in and for your digital identities is stored locally on your device.

SocialKYC stores a hash of each credential on the KILT blockchain to enable third parties to check the validity of a credential whenever you decide to share or show it.

How SocialKYC Works

First, you are asked to connect your wallet with SocialKYC, which needs to be downloaded before starting. At launch, the Website supports only the Sporran wallet also developed by BTE; other wallets may follow over time. For those other wallets, the process might differ slightly.

The wallet allows you to create digital identities for which SocialKYC attests verifiable credentials; this attestation is done automatically by the Software. You can choose between a set of credentials to be attested. Currently, we are supporting attestations for email addresses as well as Twitter, Discord, GitHub, Twitch, Telegram, YouTube and Instagram accounts; credentials for further digital identities are planned to be released over time.

To start the attestation process you first need to agree to the terms of a specific attestation (e.g. costs and expiration date) by signing a request for attestation with your identity’s password.

In the beginning all credentials will be valid for a year and free of charge. This might change later, and costs and expiration date will then be shown and signed before each attestation process begins.

Next you receive a credential that is not yet verified. Depending on the type of credential you need to perform a challenge to prove ownership of the credential. These challenges will be as follows:

  • For your email address, you have to enter the email address you want to have attested. Then, you will receive a verification link that you need to click to show that you control the account.
  • For your Twitter account, you need to enter your Twitter handle. Subsequently, SocialKYC provides a message you need to post publicly on your Twitter account. SocialKYC will check for the posting and verify the credential after that.
  • For your Discord account, you click onto the button to sign into Discord and in a new tab you sign in to the account you want to have attested. Then, you grant us a one-time permission to fetch your Discord user ID as well as username and discriminator. We show you the fetched data and after you clicked to confirm this data, SocialKYC creates the credential with this data and anchors it to the blockchain.
  • For your GitHub account, you click onto the button to sign into GitHub and in a new tab you sign in to the account you want to have attested. Then, you grant us a permission to fetch your GitHub user ID as well as your username. We show you the fetched data and after you clicked to confirm this data, SocialKYC creates the credential with this data and anchors it to the blockchain.
  • For your Twitch account, you click onto the button to sign into Twitch and in a new tab you log in to the account you want to have attested. Then, you grant us a one-time permission to fetch your Twitch user ID and username. We show you the fetched data and after you clicked to confirm this data, SocialKYC creates the credential with this data and anchors it to the blockchain.
  • For your Telegram account, you click onto the button to sign into Telegram and in a new tab you log in to the account you want to have attested. Then, you grant us a one-time permission to fetch your Telegram user ID and first name, optionally the username and last name if available. We show you the fetched data and after you click to confirm this data, SocialKYC creates the credential with this data and anchors it to the blockchain.
  • For your YouTube account, you click onto the button to sign into YouTube and in a new tab you log in to the Google account that owns/manages the YouTube channel you want to have attested. If there are multiple channels owned/managed by this account, on a second login screen you will select the specific channel you want to have attested. Then, you grant us a one-time permission to fetch your YouTube channel ID and channel name. We show you the fetched data and after you clicked to confirm this data, SocialKYC creates the credential with this data and anchors it to the blockchain.
  • For your Instagram account, you click onto the button to sign into Instagram and in a new tab you sign in to the account you want to have attested. Then, you grant SocialKYC permission to fetch your Instagram user ID as well as username and the account type. We show you the fetched data and after you clicked to confirm this data, SocialKYC creates the credential with this data and anchors it to the blockchain.

Once a credential is verified an attestation hash is anchored to the KILT blockchain.

Your Commitments

By using this service for one or more of your social channels, you confirm that both this channel and this address via which you apply for the credential actually only belong to you, i.e. that your identity is linked to both and that no other identity is linked to them or in case of a credential for a YoutTube brand channel that you are the owner of that Youtube brand channel or have been delegated access to that YouTube brand channel and act in accordance with the owner(s) of that channel.

Furthermore, you confirm that the use of the service and the further disposal of the credential does not violate the rights of third parties.

If you have received a credential for a social account but have actually lost or relinquished access to the respective social account or suspect its fraudulent use, you will immediately terminate the use of the credential in order to avoid giving the wrong impression to the public or third parties. We accept no liability in this respect. Consequently, the credential is generated only once after your use of the Software, provided that the respective prerequisite is fulfilled.

Liability

BTE is liable for damages that are based on an intentional or grossly negligent breach of duty by BTE, its legal representatives or various agents.

In the event of a breach of essential contractual duties, BTE shall only be liable for the contractually typical, foreseeable damage if this was simply cause by negligence. Significant contractual obligations are those whose fulfilment enables the proper execution of the contract in the first place and whose compliance you can regularly rely on.

The limitation of the two preceding paragraphs also apply to the legal representatives and various agents of BTE, if claims are asserted directly against them. The liability limitations resulting from the two preceding paragraphs do not apply insofar as BTE fraudulently concealed the defect or assumed a guarantee for the quality of SocialKYC.

Liability for culpable injury to life, limb and health and liability under Product Liability Act remain unaffected.

Any additional claims for damages are excluded.

Risk information

The following risk information contains a list of risks associated with the use of SocialKYC. The list is not exhaustive. It is not excluded that further unknown or unpredictable risks exist.

Independent of the creation of credentials but also to prevent others from getting credentials for controlling your account, please always keep the password and other access data to your social accounts, email addresses and phones safe.

SocialKYC is used via the Website and its services are accessed via your wallet – please check all the information, instruction and warnings given about your wallet by its provider and closely follow the advice given. Always ensure that you do not lose your access data to your wallet and keep access to your wallet as well as the values and credentials stored in it safe from access by others.

SocialKYC communicates with the KILT blockchain and depends on its functionality in regard to the proof of validity of your credentials. Errors, dysfunctionalities, including failure of the KILT blockchain or the technical ecosystem in which it lives may adversely affect the SocialKYC functionalities.

You acknowledge and agree that we have no support, service level, or other obligations like these hereunder.

SocialKYC and in particular the underlying software application may be the subject of hacking or other malicious interference by unauthorized third parties resulting in the loss, theft or other violation of data.

Because the software of SocialKYC is published, there is a risk that a third party may copy it and unconsciously or knowingly incorporate errors leading to potential adverse consequences for the usability and functionality of the SocialKYC. To ensure you are using the original, always use through us directly and if uncertain, compare the code with the code published on GitHub before usage and only use if it matches fully with the code there.

Communication via internet-based systems is fundamentally susceptible to data/information being read out and possibly even changed. We have no influence on which processes (now and in the future) run in the background of the web browser or the wallet used.

Right to Change Social Credentials and These Terms of Use

BTE reserves the right to change the social credentials offered on the Website as well as the Software, the commercial and non-commercial conditions.

BTE also reserves the right to change these Terms of Use at any time for any future products of SocialKYC in our sole discretion.

Such changes will be made via uploading new Terms of Use, the Software and/or other information to the Website and any usage of the SocialKYC will from that time on fall under these new Terms of Use, will be handled by the new version of the Software and will be for the commercial and non-commercial, while existing Credentials acquired previous to this change shall remain untouched.

License to the Website and the Software

Copyright (c) 2021-2022, B.T.E. BOTLabs Trusted Entity GmbH. All rights reserved.

Miscellaneous

These Terms of Use and the entire legal relationship between the parties shall be governed by the laws of the Federal Republic of Germany to the exclusion of the UN Convention on Contracts for the International Sale of Goods (CISG) unless the choice of law is legally prohibited.

If a term of this agreement to be invalid or unenforceable, the remaining provisions will continue in full force and effect.

The place of performance and exclusive place of jurisdiction for all disputes arising from these Terms of Use and the entire legal relationship between the parties shall be BTE’s registered office, unless choice of jurisdiction is legally prohibited.