Terms of Service

Read this document before using our website.

---

User Agreement: In order to protect our users, as well as our information and service providers, you are required to comply with all of the rules set forth in this Agreement. By registering as a user or by using this website (the "Service"), you hereby agree to be bound by all of the following terms and conditions ("Terms of Service Agreement" or "TOS".)

Termination of Service & Billing Errors: You understand and agree that in OSM 's sole discretion, and without prior notice, On-Site Manager, Inc. may terminate your access to this website and the service and it may also exercise any other available remedy. OSM may also remove any unauthorized user content if OSM believes that your use of the website, service and/or any user content you provided violates or conflicts with the Agreement, violates the rights of OSM, or another user or the law. Claims for billing errors must be made in writing to OSM within fifteen (15) days after date of invoice.

Damages & Relief Against User: You agree that monetary damages may not provide an adequate remedy to OSM for violations of these terms and conditions. You therefore consent to injunctive or other equitable relief for such violations. OSM is not required to provide any refund to you if you are terminated as a user because you have violated this Agreement.

Security for Member Account & Password: You will receive a password and Member account designation once you are registered. You are responsible for maintaining the confidentiality of the password and account. You are solely responsible for all activities that occur under your password or account. You agree to immediately notify OSM of any unauthorized use of your password or account or any other breach of security. You agree to make sure that you exit from your account at the end of each session. OSM cannot and will not be liable for any loss or damage arising from your failure to comply with this Section.

Proprietary Materials - Restrictions on Use: All materials provided on this website, including but not limited to all text, logos, designs, graphics, images, sounds, information, software, documents, products and services, and the onsite selection, arrangement and display thereof, are the copyrighted works of OSM and/or its vendors or suppliers. All materials herein and all OSM software are the property of OSM. Said materials and software are protected by worldwide copyright and other intellectual property laws. Unless provided for in this Agreement, none of said materials may be modified, copied, reproduced, distributed, republished, downloaded, displayed, sold, compiled, posted or transmitted in any form or by any means. This ban includes, but is not limited to, electronic, mechanical, photocopying, recording or other means, without the prior express written permission of OSM.

Copyright and Trademark Information: All content included or available on this site, including site design, text, graphics, interfaces, and the onsite selection and arrangements thereof is ©2008 by On-Site Manager, Inc., with all rights reserved, or is the property of On-Site Manager, Inc. and/or third parties protected by intellectual property rights. Any use of materials on the website, including reproduction for purposes other than those noted above, modification, distribution, or replication, any form of data extraction or data mining, or other commercial exploitation of any kind, without prior written permission of an authorized officer of OSM is strictly prohibited. Members agree that they will not use any automatic device (such as a "spider" or "robot" and/or any other automatic device) or any manual process to monitor or copy our web pages or the content contained therein without prior written permission of an authorized officer of OSM. Rental Express, Apply Now, Point of Lease, Rental Address, Ad Blast, On-Site Manager, Inc. and On-Site.com are proprietary marks of OSM. OSM's trademarks may not be used in connection with any product or service that is not provided by OSM, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits OSM. All other trademarks displayed on OSM's website are the trademarks of their respective owners. Their display does not constitute an endorsement or a recommendation of those vendors. In addition, such use of trademarks or links to the websites of vendors is not intended to imply, directly or indirectly, that those vendors endorse or have any affiliation with OSM.

Third-Party Sites: Our website may include links to other sites on the Internet that are owned and operated by online merchants and other third parties. You acknowledge and understand that OSM is not responsible for third-party sites and is not responsible for the availability or content of third-party sites. If you have any questions or concerns regarding such links or the content available on such sites, you should contact the site administrator or webmaster for those third-party sites. Your use of those Third-Party Sites is subject to the terms of use and privacy policies of each third-party site. We are not responsible in any way for third-party sites. We encourage all members to review the privacy policies of third-parties' sites.

Ban on Resale of Service: You agree not to reproduce, duplicate, copy, sell, resell or exploit for any commercial purposes, any portion of the Service, use of the Service, or access to the Service.

General Disclaimer: Although OSM has attempted to provide accurate information on the website, OSM assumes no responsibility for the accuracy of the information. You understand and agree that all information provided on this website is provided "as is," with all faults, without warranty of any kind, either express or implied. OSM hereby disclaims all warranties, express or implied, including, and without limitation, those of merchantability, fitness for a particular purpose, title and non-infringement or arising from a course of dealing, and usage or trade practice. This is inapplicable where such a disclaimer has been legally held to be invalid but only to the extent of the specific invalidity.

No Unlawful or Prohibited Use: As a condition of your use of this website, you agree and represent to OSM that you will comply with all applicable laws, statutes, ordinances and regulations regarding your use of our service and any related activities. In addition, you agree and represent that you will not use this website in any way prohibited by these terms, conditions and notices.

Modification of the Website: OSM reserves the right, in its sole discretion, to improve, modify or remove any information or content appearing on the website. Without prior notice, and in its sole discretion, OSM may discontinue or revise any or all aspects of the website.

Disclaimer Regarding Accuracy of Vendor Information: Product specifications and other information have either been provided by the Vendors or collected from publicly available sources. While OSM makes every effort to ensure that the information on this website is accurate, we can make no representations or warranties as to the accuracy or reliability of any information provided on this website.

Governing Jurisdiction of the Courts of California: Our website is operated and provided in the State of California. As such, we are subject to the laws of the state California. California law will govern this Agreement, without giving effect to any choice of law rules. We make no representation that our website or other services are appropriate, legal or available for use in other locations. Accordingly, if you choose to access our site you agree to do so subject to the internal laws of the state of California.

Fair Housing Act: As a Member you agree not to post, email, or otherwise make available content that violates the Fair Housing Act by stating, in any notice or ad for the sale or rental of any dwelling, a discriminatory preference based on race, color, national origin, religion, sex, familial status or handicap (or that otherwise violates any state or local law prohibiting discrimination on the basis of these or other characteristics.)

Limitation of Liability: OSM shall not be liable for any damages whatsoever, and in particular OSM shall not be liable for any special, indirect, consequential, or incidental damages, or damages for lost profits, loss of revenue, or loss of use, arising out of or in any way related to this website or the information contained in it, whether such damages arise in contract, negligence, tort, under statute, in equity, at law, or otherwise, even if OSM has been advised of the possibility of such damages.

Possible Exceptions to Limitation of Liability: Because some jurisdictions do not allow for the limitation or exclusion of liability for incidental or consequential damages, some of the limitations set forth in the previous paragraph may be inapplicable.

Indemnification: You agree to indemnify and hold OSM, its parents, subsidiaries, affiliates, officers and employees, harmless from any claim or demand, including reasonable attorneys' fees and costs, made by any third party due to or arising out of the Member's use of the Service, any violation of this Agreement, or infringement by user, or other user of the Service using Member computer, of any intellectual property or any other right of any person or entity.

Other Terms: If any provision of this Agreement shall be unlawful, void or unenforceable for any reason, the other provisions (and any partially-enforceable provision) shall not be affected thereby and shall remain valid and enforceable to the maximum possible extent. You agree that this Agreement and any other Agreements referenced herein may be assigned OSM, in our sole discretion, to a third party in the event of a merger or acquisition. This Agreement shall apply in addition to, and shall not be superseded by, any other written Agreement between us in relation to your participation as a Member. Member agrees that by accepting this Agreement, Member is consenting to the use and disclosure of their personally identifiable information and other practices described in our Privacy Policy Statement. Client may not assign, delegate, sub-contract or otherwise transfer this agreement (or any of its rights or obligations hereunder) without OSM’s prior written consent, and any attempt to do so without OSM’s approval will be void. OSM may assign this agreement (or any of its rights or obligations hereunder) to a related company or to an unrelated company pursuant to a sale, merger of other consolidation of OSM or any of its operating divisions upon written notice to Client. Nothing in this Agreement is intended to confer any rights or remedies under or by reason of this Agreement on any person other than the parties and their respective successors and permitted assigns. The waiver by either party of a breach or violation of any provision of this Agreement shall not operate as, nor be construed to be, a waiver of any subsequent breach hereof. This Agreement may be amended only upon the parties’ mutual written consent. This Agreement and any amendments hereto may be executed in duplicate copies on behalf of OSM and Client, and facsimile or online signatures shall be deemed originals. Each duplicate copy shall be deemed an original, but both duplicate originals together shall constitute one and the same instrument. The terms that are defined in this Agreement may be used in the singular or plural, or the masculine, feminine or neutral, as the context requires. The headings and subheadings in this Agreement are inserted for convenience of reference and shall not affect the meaning or interpretation of the Agreement.

Additional Restrictions of Use of OSM Rental Address™ Promotional Services

Cancellation: Client may cancel any contracted subscription upon sixty (60) days notice to OSM in the event that Client ceases to own or manage the designated apartment community; such notice shall be sent to enroll@on-site.com but shall not be deemed to have been received until Client receives a confirming response which acknowledges such notice.
Content: All content designed by OSM, whether artistic or technical in nature, shall be deemed to be owned by OSM. Client shall have a limited use of such content throughout the term of the Agreement for its intended use. Permission of OSM is required for Client to use such content other than the use intended by OSM. OSM may use any such content and usage statistics and testimonials, for its own promotional purposes. OSM reserves the right to edit or reject advertising, photographs, artwork and copy provided by Client and Client accepts all liability for all content supplied by it. Client warrants to OSM that its copy is true, that it is not libelous or defamatory, that it violates no rights of privacy, that it infringes no trademark, copyright, literary or other rights, nor constitutes unfair competition with any other party, and that it complies with all federal, state and local laws and regulations, including any and all Fair Housing laws. The fact that content submitted to OSM shall have been previously approved by it, either in whole or in part, shall not relieve the Client of this warranty. Client agrees to defend, indemnify, and hold harmless OSM from any and all claims, demands, liability, suits, costs or expense, arising by reason of the publication of the Client’s consent, or breach of the foregoing warranty, whether such claims are well grounded or not.
No Warranty: OSM and its affiliates, agents and licensors, cannot and do not warrant the accuracy, completeness, currentness, non-infringement, merchantability or fitness for a particular purpose of the content designed by OSM, whether artistic or technical, nor does OSM guarantee that the content will be error-free, or continuously available, or that the website will be free of viruses or other harmful components. Under no circumstances will OSM or its affiliates, agents or licensors be liable to Client or anyone else for any damages, including, without limitation, consequential, special, incidental, indirect, punitive, exemplary, or other damages of any kind (including lost revenues or profits, loss of business or loss of data), even if OSM is advised beforehand of the possibility of such damages. Client agrees that the liability of OSM and its affiliates, agents and licensors, if any, arising out of any kind of legal claim arising out of or otherwise related to this Agreement will not exceed the amount Client paid, if any, to OSM under the terms of this Agreement.

Additional Restrictions of Use of OSM Rental Express™ Screening Services

Use of OSM services is at Client's sole risk. Client acknowledges and agrees that while OSM and its third-party data suppliers make every reasonable effort to assure that the data and information contained therein are an accurate reflection of the information received from their governmental and other sources, neither OSM nor its third-party data suppliers can or does represent or warrant that the data and information contained therein or obtained therefrom will be complete and accurate. Client understands and agrees that its use of OSM services is entirely at its sole risk. Neither OSM nor its third-party data suppliers shall be responsible or liable for any inaccuracy of the data and information contained therein, or for interruption in service caused by the failure of the Internet or the World Wide Web, by any Act of God, or by any other force majeure. UNDER NO CIRCUMSTANCES SHALL OSM OR ITS THIRD-PARTY DATA SUPPLIERS BE LIABLE FOR CONSEQUENTIAL, INCIDENTAL, INDIRECT, EXEMPLARY OR SPECIAL DAMAGES, INCLUDING LOST PROFITS, EVEN IF THEY HAVE BEEN MADE AWARE OF THE POTENTIAL FOR SUCH DAMAGES. ADDITIONALLY, OSM AND ITS THIRD-PARTY DATA SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, WARRANTIES OF CORRECTNESS, COMPLETENESS, ACCURACY, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OF THE DATABASES AND DATA AND INFORMATION CONTAINED THEREIN OR OBTAINED THEREFROM, OR SERVICES PROVIDED HEREUNDER.

Parties will protect confidential information. Both Client and OSM agree that they will, to the extent and in accordance with the policies used to protect its own information of similar importance, use their best efforts to refrain from and prevent the use of or disclosure of any confidential information as defined below ("Confidential Information") of the other party, disclosed or obtained by such party while performing its obligations under this Agreement, provided, however, that OSM may disclose any information reasonably necessary to be disclosed in order for OSM to provide the services and perform its obligations under this Agreement. Notwithstanding anything to the contrary, neither party shall use any Confidential Information in a manner which is detrimental to the other party. The phrase "Confidential Information" includes, without limitation, all materials and information supplied by one party to the other in the course of each party's performance under this Agreement, including but not limited to each party's business objectives and plans, marketing plans, customer lists, and financial information. Client's Confidential Information does not include property locations and aggregate rental rate figures, which may be used by OSM for market trend reporting and similar uses as long as OSM conceals information that identifies Client's identity. Confidential Information of OSM includes, in addition to the information described above, OSM's reports, recommendations, any forms or agreements provided by OSM to Client, and any information available on the OSM's websites. Neither party will have an obligation of confidentiality with regard to any information insofar as such information: (1) was known to such party prior to obtaining it from the other party; (2) is at the time of disclosure publicly available or becomes publicly available other than as a result of a breach of this Agreement; or (3) is disclosed to such Party by a third party not under a duty not to disclose such information. In addition, the confidentiality obligations set forth above shall not apply to any Confidential Information which is disclosed pursuant to: (a) any law of the United States or any state thereof; or (b) the order, rules or regulations of any court or governmental agency. Prior to any disclosure required by law or order of any court or government agency, the disclosing party agrees to notify the other party of the required disclosure, so that the other party may attempt to seek a protective order or other appropriate remedy and/or waive compliance with this provision. If, in the absence of a protective order or other remedy, or the receipt of a waiver, the disclosing party concludes, after consultation with legal counsel, that it is nonetheless legally compelled to disclose Confidential Information, then the disclosing Party may, without liability hereunder, disclose only that portion of the Confidential Information which such counsel advises is legally required to be disclosed, provided that such party agrees to exercise its reasonable best efforts to preserve the confidentiality of the Confidential Information, and reasonably cooperate with the other party's efforts to obtain an appropriate protective order or other reliable assurance that confidential treatment will be accorded the Confidential Information.

Transactions with third parties. In the event that Client elects to enable direct transactions by applicants, whether through OSM or an integrated third-party provider, you agree that these transactions will be charged using the same pricing model as the screening initiated by Client via the OSM interface. In the event Client elects to integrate third-party providers for related services, Client grants OSM permission to provide appropriate information for the purpose of generating such services, including but not limited to tenant data, applicant data, consumer reports and lease data. Client agrees to notify OSM in writing as soon as is practical upon termination of its relationship with any third-party to prevent unauthorized access of Client's information.

FCRA Requirements

Although the Federal Fair Credit Reporting Act (as amended by the Consumer Credit Reporting Reform Act of 1996) primarily regulates the operations of consumer credit reporting agencies, it also affects you as a user of information. We have included a copy of the FCRA with your membership kit. We suggest that you and your employees become familiar with the following sections in particular:

§ 604. Permissible Purposes of Reports

§ 607. Compliance Procedures

§ 615. Requirement on users of consumer reports

§ 616. Civil liability for willful noncompliance

§ 617. Civil liability for negligent noncompliance

§ 619. Obtaining information under false pretenses

§ 621. Administrative Enforcement

§ 623. Responsibilities of Furnishers of Information to Consumer Reporting Agencies

§ 628. Disposal of Records

Each of these sections is of direct consequence to users who obtain reports on consumers.

As directed by the law, credit reports may be issued only if they are to be used for extending credit, review or collection of an account, employment purposes, underwriting insurance or in connection with some other legitimate business transaction such as in investment, partnership, etc. It is imperative that you identify each request for a report to be used for employment purposes when such report is ordered. Additional state laws may also impact your usage of reports for employment purposes.

We strongly endorse the letter and spirit of the Federal Fair Credit Reporting Act. We believe that this law and similar state laws recognize and preserve the delicate balance between the rights of the consumer and the legitimate needs of commerce.

In addition to the Federal Fair Credit Reporting Act, other federal and state laws addressing such topics as computer crime and unauthorized access to protected databases have also been enacted. As a prospective user of consumer reports, we expect that you and your staff will comply with all relevant federal statutes and the statutes and regulations of the states in which you operate.

Access Security Requirements

We must work together to protect the privacy and information of consumers. The following information security measures are designed to reduce unauthorized access to consumer information. It is your responsibility to implement these controls.

If you do not understand these requirements or need assistance, it is your responsibility to employ an outside computer systems provider to assist you.

The credit-reporting agency reserves the right to make changes to Access Security Requirements without notification.

The information provided herewith provides minimum baselines for information security. In accessing the credit-reporting agency's services, you agree to follow these security requirements:

1. Implement Strong Access Control Measures

1.1 Do not share your On-Site Manager, Inc. (On-Site.com) access/user passwords with anyone. No one from the credit-reporting agency or from On-Site.com will ever contact you and request your password.

1.2 Access to the On-Site.com website has all user password(s) encrypted hidden or embedded. User ID's and passwords should be known only by the appropriate authorized individual personnel.

1.3 You must request your User password be changed immediately when:

• any system access software is replaced by another system access software or is no longer used;
• the hardware on which the software resides is upgraded, changed or disposed of

1.4 Protect access/user password(s) to the On-Site.com website, so that only key personnel know their own access/user password. Unauthorized personnel should not have knowledge of your password(s).

1.5 Each authorized client employee has their own separate, unique user ID for each user to enable individual authentication and accountability for access to the On-Site.com infrastructure. Each authorized client employee who accesses the On-Site.com website must also have their own unique logon password.

1.6 Ensure that user IDs are not shared and that no Peer-to-Peer file sharing is enabled on those users' profiles.

1.7 Keep user passwords Confidential.

1.8 Develop strong passwords that are:

• Not easily guessable (i.e. your name or company name, repeating numbers and letters or consecutive numbers and letters)
• Contain a minimum of seven (7) alpha/numeric characters for all user accounts

1.9 Implement password protected screensavers with a maximum fifteen (15) minute timeout to protect unattended workstations.

1.10 It is understood that all active On-Site.com user logins to credit information systems are automatically configured with a 30-minute inactive session, timeout feature.

1.11 Restrict the number of key personnel who have access to credit information.

1.12 Ensure that personnel who are authorized access to credit information have a business need to access such information and understand these requirements to access such information are only for the permissible purposes listed in the Permissible Purpose Information section of your membership application.

1.13 Ensure that you and your employees do not access your own credit reports or those reports of any family member(s) or friend(s) unless it is in connection with a credit transaction or for another permissible purpose

1.14 Implement a process to terminate access rights immediately for users who access On-Site.com for credit reporting agency credit information when those users are terminated or when they have a change in their job tasks and no longer require access to that credit information.

1.15 After normal business hours, turn off and lock all devices or systems used to obtain credit information.

1.16 Implement physical security controls to prevent unauthorized entry to your facility and access to systems used to obtain credit information.

2. Maintain a Vulnerability Management Program

2.1 Keep operating system(s), Firewalls, Routers, servers, personal computers (laptop and desktop) and all other systems current with appropriate system patches and updates.

2.2 Configure infrastructure such as Firewalls, Routers, personal computers, and similar components to industry best security practices, including disabling unnecessary services or features, removing or changing default passwords, IDs and sample files/programs, and enabling the most secure configuration features to avoid unnecessary risks.

2.3 Implement and follow current best security practices for Computer Virus detection scanning services and procedures:

• Use, implement and maintain a current, commercially available Computer Virus detection/scanning product on all computers, systems and networks.
• If you suspect an actual or potential virus, immediately cease accessing the system and do not resume the inquiry process until the virus has been eliminated.
• On a weekly basis at a minimum, keep anti-virus software up-to-date by vigilantly checking or configuring auto updates and installing new virus definition files.

2.4 Implement and follow current best security practices for computer anti-Spyware scanning services and procedures:

• Use, implement and maintain a current, commercially available computer anti-Spyware scanning product on all computers, systems and networks.
• If you suspect actual or potential Spyware, immediately cease accessing the system and do not resume the inquiry process until the problem has been resolved and eliminated.
• Run a secondary anti-Spyware scan upon completion of the first scan to ensure all Spyware has been removed from your computers.
• Keep anti-Spyware software up-to-date by vigilantly checking or configuring auto updates and installing new anti-Spyware definition files weekly, at a minimum. If your company's computers have unfiltered or unblocked access to the Internet (which prevents access to some known problematic sites), then it is recommended that anti-Spyware scans be completed more frequently than weekly.

3. Protect Data

3.1 Develop and follow procedures to ensure that data is protected throughout its entire information lifecycle (from creation, transformation, use, storage and secure destruction) regardless of the media used to store the data (i.e., tape, disk, hard drive, paper, etc.)

3.2 All credit reporting agency data is classified as Confidential and must be secured to this requirement at a minimum.

3.3 Procedures for transmission, disclosure, storage, destruction and any other information modalities or media should address all aspects of the lifecycle of the information.

3.4 Encrypt all credit reporting agency data and information when stored on any laptop computer and in the database using AES or 3DES with 128-bit key encryption at a minimum.

3.5 Only open email attachments and links from trusted sources and after verifying legitimacy.

4. Maintain an Information Security Policy

4.1 Develop and follow a security plan to protect the Confidentiality and integrity of personal consumer information as required under the GLB Safeguard Rule.

4.2 Establish processes and procedures for responding to security violations, unusual or suspicious events and similar incidents to limit damage or unauthorized access to information assets and to permit identification and prosecution of violators.

4.3 The FACTA Disposal Rules requires that you implement appropriate measures to dispose of any sensitive information related to consumer credit reports and records that will protect against unauthorized access or use of that information.

4.4 Implement and maintain ongoing mandatory security training and awareness sessions for all staff to underscore the importance of security within your organization.

5. Build and Maintain a Secure Network

5.1 Protect Internet connections with dedicated, industry-recognized Firewalls that are configured and managed using industry best security practices.

5.2 Internal private Internet Protocol (IP) addresses must not be publicly accessible or natively routed to the Internet. Network address translation (NAT) technology should be used.

5.3 Administrative access to Firewalls and servers must be performed through a secure internal wired connection only.

5.4 Any stand-alone computers that directly access the Internet must have a desktop Firewall deployed that is installed and configured to block unnecessary/unused ports, services, and network traffic.

5.5 Encrypt Wireless access points with a minimum of WEP 128 bit encryption, WPA encryption where available.

5.6 Disable vendor default passwords, SSIDs and IP Addresses on Wireless access points and restrict authentication on the configuration of the access point.

6. Regularly Monitor and Test Networks

6.1 Perform regular tests on information systems (port scanning, virus scanning, vulnerability scanning).

6.2 Use current best practices to protect your telecommunications systems and any computer system or network device(s) you use to provide Services hereunder to access credit reporting agency systems and networks. These controls should be selected and implemented to reduce the risk of infiltration, hacking, access penetration or exposure to an unauthorized third party by:

• protecting against intrusions;
• securing the computer systems and network devices;
• and protecting against intrusions of operating systems or software.

Record Retention: The Federal Equal Opportunities Act states that a creditor must preserve all written or recorded information connected with an application for 60 months. In keeping with the ECOA, the credit reporting agency requires that you retain the credit application and, if applicable, a purchase agreement for a period of not less than 60 months. When conducting an investigation, particularly following a breach or a consumer complaint that your company impermissibly accessed their credit report, the credit reporting agency will contact you and will request a copy of the original application signed by the consumer or, if applicable, a copy of the sales contract.

Under Section 621 (a) (2) (A) of the FCRA, any person that violates any of the provisions of the FCRA may be liable for a civil penalty of not more than $2,500 per violation.

Additional rules on employment screening

Client hereby certifies that it will ensure that prior to procurement or causing the procurement of a consumer report for purposes of employment, promotion, reassignment or retention of an employee that: (1) a clear and conspicuous disclosure has been made in writing to the consumer at any time before the report is procured or caused to be procured, in a document that consists solely of the disclosure, that a consumer report may be obtained for employment purposes; and (2) the consumer has authorized in writing the procurement of the report by Client. In using a consumer report for employment purposes, before taking any adverse action based in whole or in part on the report, Client shall provide to the consumer to whom the report relates: (1) a copy of the report; and (2) a description in writing of the rights of the consumer under FCRA in a format approved by the Federal Trade Commission. Client requests for employment screening reports are pursuant to procedures prescribed by OSM, are for a one-time use, and shall be held in strict confidence and not disclosed to any third parties not involved in the employment decision. The information from the consumer report will not be used in violation of any applicable federal or state equal employment opportunity law or regulation. OSM shall provide to Client employment screening reports for employment purposes, and shall not provide general consumer reports or other services to any subscriber for such purpose. Client shall provide to the consumer to whom the report relates a Summary of Consumer Rights as required by Section 609(c)(3) of FCRA with each report. By virtue of this certification, neither OSM nor its data suppliers are providing legal advice to Client regarding FCRA. These disclosures to the consumer include:

• Consumer must be told if information in your file has been used against him or her.
• Consumer has a right to know what is in his or her file, and this disclosure may be free. If an employer relies on a consumer credit report and takes adverse action against consumer, consumer is entitled to receive a copy of that report from the employer.
• Consumer has the right to ask for a credit score (there may be a fee for this service).
• Consumer has the right to dispute incomplete or inaccurate information. Consumer reporting agencies must correct or delete inaccurate, incomplete or unverifiable information.
• Access to your file is limited. Consumer must get permission for reports to be furnished to employers.
• A summary of consumer rights under the Fair Credit Reporting Act are available by visiting or writing: (Para informacion en espanol, visite o escribe:) http://www.ftc.gov/credit or Consumer Response Center, Room 130-A, Federal Trade Commission, 600 Pennsylvania Avenue N.W., Washington, D.C. 20580

Additional rules on FICO scores

Additional rules governing FICO scores from TransUnion. Based on an agreement with TransUnion and Fair Isaac Corporation (Fair Isaac), OSM has access to a unique and proprietary statistical credit scoring service jointly offered by TransUnion and Fair Isaac which evaluates certain information in the credit reports of individual consumers from TransUnion's database (Classic) and provides a score (the Classic Score). Client may desire to obtain Classic Scores from TransUnion in connection with consumer credit reports. Client will request Scores only for Client's exclusive use and may store Scores solely for Client's own use in furtherance of Client's original purpose for obtaining the Scores. Client has a permissible purpose for obtaining consumer reports, as defined by Section 604 of FCRA. Client shall not use the Score for model development or model calibration and shall not reverse-engineer the Score. All Scores provided hereunder will be held in strict confidence and may never be sold, licensed, copied, reused, disclosed, reproduced, revealed or made accessible, in whole or in part to any Person except (i) to those employees of Client with a need to know and in the course of their employment; (ii) to those third party processing agents of Client who have executed an agreement that limits the use of the Scores by the third party to the use permitted to Client and contains the prohibitions set forth herein regarding model development, model calibration and reverse engineering; (iii) when accompanied by the corresponding reason codes, to the consumer who is the subject of the Score; or (iv) as required by law. Client recognizes that factors other than the Classic Score may be considered in making a credit decision. Such other factors include, but are not limited to, the credit report, the individual account history, and economic factors. TransUnion and Fair Isaac shall be deemed third party beneficiaries under this clause. Up to five score reason codes, or if applicable, exclusion reasons, are provided to Client with Classic Scores. These score reason codes are designed to indicate the reasons why the individual did not have a higher Classic Score, and may be disclosed to consumers as the reasons for taking adverse action, as required by the Equal Credit Opportunity Act (ECOA) and its implementing Regulation (Reg. B). However, the Classic Score itself is proprietary to Fair Isaac, may not be used as the reason for adverse action under Reg. B and, accordingly, shall not be disclosed to credit applicants or any other third party, except: (1) to credit applicants in connection with approval/disapproval decisions in the context of bona fide credit extension transactions when accompanied with its corresponding score reason codes; or (2) as clearly required by law. Client will not publicly disseminate any results of the validations or other reports derived from the Classic Scores without Fair Isaac and TransUnion's prior written consent. In the event Client intends to provide Classic Scores to any agent, Client may do so provided, however, that Client first enters into a written agreement with such agent that is consistent with Client's obligations under this agreement.

Moreover, such agreement between Client and such agent shall contain the following obligations and acknowledgments of the agent: (1) Such agent shall utilize the Classic Scores for the sole benefit of Client and shall not utilize the Classic Scores for any other purpose including for such agent's own purposes or benefit; (2) That the Classic Score is proprietary to Fair Isaac and, accordingly, shall not be disclosed to the credit applicant or any third party without TransUnion and Fair Isaac's prior written consent except (a) to credit applicants in connection with approval/disapproval decisions in the context of bona fide credit extension transactions when accompanied with its corresponding score reason codes; or (b) as clearly required by law; (3) Such Agent shall not use the Classic Scores for model development, model validation, model benchmarking, reverse engineering, or model calibration; (4) Such agent shall not resell the Classic Scores; and (5) Such agent shall not use the Classic Scores to create or maintain a database for itself or otherwise. Client acknowledges that the Classic Scores provided under this Agreement which utilize an individual's consumer credit information will result in an inquiry being added to the consumer's credit file. Client shall be responsible for compliance with all applicable federal or state legislation, regulations and judicial actions, as now or as may become effective including, but not limited to, the FCRA, the ECOA, and Reg. B, to which it is subject. Fair Isaac, the developer of Classic, warrants that the scoring algorithms as delivered to TransUnion and used in the computation of the Classic Score (Models) are empirically derived from TransUnion's credit data and are a demonstrably and statistically sound method of rank-ordering candidate records with respect to the relative likelihood that United States consumers will repay their existing or future credit obligations satisfactorily over the twenty four (24) month period following scoring when applied to the population for which they were developed, and that no scoring algorithm used by Classic uses a "prohibited basis" as that term is defined in the ECOA) and Reg. B promulgated thereunder. Classic provides a statistical evaluation of certain information in TransUnion's files on a particular individual, and the Classic Score indicates the relative likelihood that the consumer will repay their existing or future credit obligations satisfactorily over the twenty four (24) month period following scoring relative to other individuals in TransUnion's database. The score may appear on a credit report for convenience only, but is not a part of the credit report nor does it add to the information in the report on which it is based.

THE WARRANTIES SET FORTH ARE THE SOLE WARRANTIES MADE UNDER THIS CLAUSE CONCERNING THE CLASSIC SCORES AND ANY OTHER DOCUMENTATION OR OTHER DELIVERABLES AND SERVICES PROVIDED UNDER THIS AGREEMENT; AND NEITHER FAIR ISAAC NOR TRANSUNION MAKE ANY OTHER REPRESENTATIONS OR WARRANTIES CONCERNING THE PRODUCTS AND SERVICES TO BE PROVIDED UNDER THIS AGREEMENT OTHER THAN AS SET FORTH HERE. THE WARRANTIES AND REMEDIES SET FORTH ABOVE ARE IN LIEU OF ALL OTHERS, WHETHER WRITTEN OR ORAL, EXPRESS OR IMPLIED (INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT MIGHT BE IMPLIED FROM A COURSE OF PERFORMANCE OR DEALING OR TRADE USAGE). THERE ARE NO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL ANY PARTY BE LIABLE FOR ANY CONSEQUENTIAL, INCIDENTAL, INDIRECT, SPECIAL, OR PUNITIVE DAMAGES INCURRED BY THE OTHER PARTIES AND ARISING OUT OF THE PERFORMANCE OF THIS AGREEMENT, INCLUDING BUT NOT LIMITED TO LOSS OF GOOD WILL AND LOST PROFITS OR REVENUE, WHETHER OR NOT SUCH LOSS OR DAMAGE IS BASED IN CONTRACT, WARRANTY, TORT, NEGLIGENCE, STRICT LIABILITY, INDEMNITY, OR OTHERWISE, EVEN IF A PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THESE LIMITATIONS SHALL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. THE FOREGOING NOTWITHSTANDING, WITH RESPECT TO CLIENT, IN NO EVENT SHALL THE AFORESTATED LIMITATIONS OF LIABILITY, SET FORTH ABOVE IN SECTION 16, APPLY TO DAMAGES INCURRED BY TRANSUNION AND/OR FAIR ISAAC AS A RESULT OF: (A) GOVERNMENTAL, REGULATORY OR JUDICIAL ACTION(S) PERTAINING TO VIOLATIONS OF THE FCRA AND/OR OTHER LAWS, REGULATIONS AND/OR JUDICIAL ACTIONS TO THE EXTENT SUCH DAMAGES RESULT FROM CLIENT'S BREACH, DIRECTLY OR THROUGH CLIENT'S AGENT(S), OF ITS OBLIGATIONS UNDER THIS AGREEMENT. ADDITIONALLY, NEITHER TRANSUNION NOR FAIR ISAAC SHALL BE LIABLE FOR ANY AND ALL CLAIMS ARISING OUT OF OR IN CONNECTION WITH THIS ADDENDUM BROUGHT MORE THAN ONE (1) YEAR AFTER THE CAUSE OF ACTION HAS ACCRUED. IN NO EVENT SHALL TRANSUNION'S AND FAIR ISAAC'S AGGREGATE TOTAL LIABILITY, IF ANY, UNDER THIS AGREEMENT, EXCEED THE AGGREGATE AMOUNT PAID, UNDER THIS ADDENDUM, BY CLIENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING ANY SUCH CLAIM, OR TEN THOUSAND DOLLARS ($10,000.00), WHICHEVER AMOUNT IS LESS.

This Agreement may be terminated automatically and without notice: (1) in the event of a breach of the provisions of this supplement by Client; (2) in the event the agreement(s) related to Classic between TransUnion, Fair Isaac and OSM are terminated or expire; (3) in the event the requirements of any law, regulation or judicial action are not met, (4) as a result of changes in laws, regulations or regulatory or judicial action, that the requirements of any law, regulation or judicial action will not be met; and/or (5) the use of the Classic Service is the subject of litigation or threatened litigation by any governmental entity.

Additional rules governing FICO scores from Experian. Client may access scores utilizing a statistical scoring model furnished by Experian and Fair Isaac (Experian FICO score). Client shall limit its use of Experian FICO scores and reason codes solely to use in its own business with no right to transfer, sell, license, sublicense or distribute said Scores or reason codes to third parties. Notwithstanding any contrary provision of this Agreement, Client may disclose the Experian FICO score to credit applicants, when accompanied by the corresponding reason codes, in the context of bona fide lending transactions and decisions only. Client, its employees, agents or subcontractors, are prohibited from using the trademarks, service marks, logos, names, or any other proprietary designations, whether registered or unregistered, of Experian or Fair Isaac, or the affiliates of either of them, or of any other party involved in the provision of the Experian FICO score without such entity's prior written consent. Client may not attempt, in any manner, directly or indirectly, to discover or reverse engineer any confidential and proprietary criteria developed or used by Experian/Fair, Isaac in performing the Experian FICO score. The aggregate liability of Experian/Fair, Isaac to Client is limited to the lesser of the fees paid by OSM to Experian/Fair, Isaac pursuant for the Experian FICO score resold to the pertinent Client during the six (6) month period immediately preceding the Client's claim, or the fees paid by Client to OSM under this Agreement during said six (6) month period, and excluding any liability of Experian/Fair, Isaac for incidental, indirect, special or consequential damages of any kind.

Additional rules on retail sellers

California Civil Code - Section 1785.14(a)

Section 1785.14(a), as amended, states that a consumer credit reporting agency does not have reasonable grounds for believing that a consumer credit report will only be used for a permissible purpose unless all of the following requirements are met:

Section 1785.14(a)(1) states: "If a prospective user is a retail seller, as defined in Section 1802.3, and intends to issue credit to a consumer who appears in person on the basis of an application for credit submitted in person, the consumer credit reporting agency shall, with a reasonable degree of certainty, match at least three categories of identifying information within the file maintained by the consumer credit reporting agency on the consumer with the information provided to the consumer credit reporting agency by the retail seller. The categories of identifying information may include, but are not limited to, first and last name, month and date of birth, driver's license number, place of employment, current residence address, previous residence address, or social security number. The categories of information shall not include mother's maiden name."

Section 1785.14(a)(2) states: "If the prospective user is a retail seller, as defined in Section 1802.3, and intends to issue credit to a consumer who appears in person on the basis of an application for credit submitted in person, the retail seller must certify, in writing, to the consumer credit reporting agency that it instructs its employees and agents to inspect a photo identification of the consumer at the time the application was submitted in person. This paragraph does not apply to an application for credit submitted by mail."

Section 1785.14(a)(3) states: "If the prospective user intends to extend credit by mail pursuant to a solicitation by mail, the extension of credit shall be mailed to the same address as on the solicitation unless the prospective user verifies any address change by, among other methods, contacting the person to whom the extension of credit will be mailed."

In compliance with Section 1785.14(a) of the California Civil Code, Member hereby certifies to OSM Member is NOT a retail seller, as defined in Section 1802.3 of the California Civil Code ("Retail Seller") and issues credit to consumers who appear in person on the basis of applications for credit submitted in person ("Point of Sale").

End User also certifies that if End User is a Retail Seller who conducts Point of Sale transactions, End User will, beginning on or before July 1, 1998, instruct its employees and agents to inspect a photo identification of the consumer at the time an application is submitted in person.

End User also certifies that it will only use the appropriate End User code number designated by Consumer Reporting Agency for accessing consumer reports for California Point of Sale transactions conducted by Retail Seller.

If End User is not a Retail Seller who issues credit in Point of Sale transactions, End User agrees that if it, at any time hereafter, becomes a Retail Seller who extends credit in Point of Sale transactions, End User shall provide written notice of such to Consumer Reporting Agency prior to using credit reports with Point of Sale transactions as a Retail Seller, and shall comply with the requirements of a Retail Seller conducting Point of Sale transactions, as provided in this certification.

Additional rules on Vermont consumers

Member acknowledges that it subscribes to receive various information services in accordance with the Vermont Fair Credit Reporting Statute, 9 V.S.A. § 2480e (1999), as amended (the "VFCRA") and the Federal Fair Credit Reporting Act, 15, U.S.C. 1681 et. Seq., as amended (the "FCRA") and its other state law counterparts. In connection with Member's continued use of OSM services in relation to Vermont consumers, Member hereby certifies as follows:

Vermont Certification. Member certifies that it will comply with applicable provisions under Vermont law. In particular, Member certifies that it will order information services relating to Vermont residents that are credit reports as defined by the Vermont Fair Credit Reporting Act ("VFCRA"), only after Member has received prior consumer consent in accordance with VFCRA Section 2480e and applicable Vermont Rules. Member further certifies that the below copy of Section 2480e of the Vermont Fair Credit Reporting Statute was received.

Vermont Fair Credit Reporting Statute, 9 V.S.A. § 2480e (1999) § 2480e. Consumer consent

(a) A person shall not obtain the credit report of a consumer unless:

1. the report is obtained in response to the order of a court having jurisdiction to issue such an order; or
2. the person has secured the consent of the consumer, and the report is used for the purpose consented to by the consumer.

(b) Credit reporting agencies shall adopt reasonable procedures to assure maximum possible compliance with subsection (a) of this section.

(c) Nothing in this section shall be construed to affect:

1. the ability of a person who has secured the consent of the consumer pursuant to subdivision (a)(2) of this section to include in his or her request to the consumer permission to also obtain credit reports, in connection with the same transaction or extension of credit, for the purpose of reviewing the account, increasing the credit line on the account, for the purpose of taking collection action on the account, or for other legitimate purposes associated with the account; and
2. the use of credit information for the purpose of prescreening, as defined and permitted from time to time by the Federal Trade Commission.

VERMONT RULES *** CURRENT THROUGH JUNE 1999 ***

AGENCY 06. OFFICE OF THE ATTORNEY GENERAL SUB-AGENCY 031. CONSUMER PROTECTION DIVISION
CHAPTER 012. Consumer Fraud--Fair Credit Reporting RULE CF 112 FAIR CREDIT REPORTING
CVR 06-031-012, CF 112.03 (1999) CF 112.03 CONSUMER CONSENT

(a) A person required to obtain consumer consent pursuant to 9 V.S.A. §§ 2480e and 2480g shall obtain said consent in writing if the consumer has made a written application or written request for credit, insurance, employment, housing or governmental benefit. If the consumer has applied for or requested credit, insurance, employment, housing or governmental benefit in a manner other than in writing, then the person required to obtain consumer consent pursuant to 9 V.S.A. §§ 2480e and 2480g shall obtain said consent in writing or in the same manner in which the consumer made the application or request. The terms of this rule apply whether the consumer or the person required to obtain consumer consent initiates the transaction.

(b) Consumer consent required pursuant to 9 V.S.A. §§ 2480e and 2480g shall be deemed to have been obtained in writing if, after a clear and adequate written disclosure of the circumstances under which a credit report or credit reports may be obtained and the purposes for which the credit report or credit reports may be obtained, the consumer indicates his or her consent by providing his or her signature.

(c) The fact that a clear and adequate written consent form is signed by the consumer after the consumer's credit report has been obtained pursuant to some other form of consent shall not affect the validity of the earlier consent.

Privacy Statement

This document was last updated on March 25, 2008.

1. Acknowledgment and acceptance of terms On-Site Manager, Inc. (OSM), is committed to protecting your privacy. This Privacy Statement sets forth our current privacy practices with regard to the information we collect when you or your computer interact with our website. By accessing our websites, you acknowledge and fully understand our Website Privacy Statement and freely consent to the information collection and use practices described in this Website Privacy Statement.

2. Participating Merchant Policies Related services and offerings with links from this website, including vendor sites, have their own privacy statements that can be viewed by clicking on the corresponding links within each respective website. Online merchants and others who participate in OSM services are encouraged to participate in industry privacy initiatives and to take a responsible attitude towards consumer privacy. However, since we do not have direct control over the policies or practices of participating merchants and other third parties, we are not responsible for the privacy practices or contents of those sites. We recommend and encourage that you always review the privacy policies of merchants and other third parties before you provide any personal information or complete any transaction with such parties.

3. Information We Collect and How We Use It OSM collects certain information from and about its users three ways: directly from our Web Server logs, the user, and with Cookies.

a. Web Server Logs When you visit our Website, we may track information to administer the site and analyze its usage. Examples of information we may track include:

• Your Internet protocol address.
• The kind of browser or computer you use.
• Number of links you click within the site.
• State or country from which you accessed the site.
• Date and time of your visit.
• Name of your Internet service provider.
• Web page you linked to our site from.
• Pages you viewed on the site.

b. Use of Cookies OSM may use cookies to personalize or enhance your user experience. A cookie is a small text file that is placed on your hard disk by a Web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a Web Server in the domain that issued the cookie to you.

One of the primary purposes of cookies is to provide a convenience feature to save you time. For example, if you personalize a web page, or navigate within a site, a cookie helps the site to recall your specific information on subsequent visits. Hence, this simplifies the process of delivering relevant content and eases site navigation by providing and saving your preferences and login information as well as providing personalized functionality.

You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies. If you reject cookies by changing your browser settings then be aware that this may disable some of the functionality on our Website.

Personal Information Users Visitors to our websites can register to purchase services. When you register, we will request some personal information such as name, address, email, telephone number or facsimile number, account number and other relevant information. If you are purchasing a service, we will request financial information. Any financial information we collect is used only to bill you for the services you purchased. If you purchase by credit card, this information may be forwarded to your credit card provider. For other types of registrations, we will ask for the relevant information. You may also be asked to disclose personal information to us so that we may provide assistance and information to you. For example, such data may be warranted in order to provide online technical support and troubleshooting.

We will not disclose personally identifiable information we collect from you to third parties without your permission except to the extent necessary including:

• To fulfill your service requests for services,
• To protect ourselves from liability,
• To respond to legal process or comply with law, or
• In connection with a merger, acquisition, or liquidation of our company.

4. Use of Web Beacons or GIF files Some OSM web pages may contain electronic images known as web beacons, sometimes also called single-pixel gifs, that allow OSM to count users who have visited those pages and to deliver co-branded services. OSM may include web beacons in promotional e-mail messages or newsletters in order to determine whether messages have been opened and acted upon.

Some of these web beacons may be placed by third party service providers to help determine the effectiveness of our advertising campaigns or email communications. These Web beacons may be used by these service providers to place a persistent cookie on your computer. This allows the service provider to recognize your computer each time you visit certain pages or emails and compile anonymous information in relation to those page views, which in turn enables us and our service providers to learn which advertisements and emails bring you to our website and how you use the site. OSM prohibits web beacons from being used to collect or access your personal information.

5. Accessing Web Account Information We provide you with the means to ensure that personally identifiable information in your web account file is correct and current. You may review this information by contacting us by the methods listed on our site.

6. Changes to this Statement OSM has the discretion to occasionally update this privacy statement. When we do, we will also revise the updated date at the top of this Privacy page. We encourage you to periodically review this privacy statement to stay informed about how we are helping to protect the personal information we collect. Your continued use of the service constitutes your agreement to this privacy statement and any updates.

7. Contacting Us If you have questions regarding our Privacy Statement, its implementation, or adherence to this Privacy Statement and/or our general practices, contact us by the methods listed on our site. OSM will use commercially reasonable efforts to promptly respond and resolve any problem or question.