DIGICERT GATEKEEPER 3.0 CERTIFICATE SUBSCRIBER AGREEMENT

YOU MUST READ THIS DIGICERT GATEKEEPER 3.0 CERTIFICATE SUBSCRIBER AGREEMENT ("AGREEMENT") BEFORE APPLYING FOR, ACCEPTING, OR USING A DIGICERT GATEKEEPER INDIVIDUAL, BUSINESS, OR DEVICE CERTIFICATE (EACH, A "CERTIFICATE"). IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, DO NOT APPLY FOR, ACCEPT, OR USE THE CERTIFICATE. BY CLICKING "ACCEPT" BELOW OR BY ACCEPTING OR USING A CERTIFICATE, YOU AGREE TO BECOME A PARTY TO, AND BE BOUND BY, THESE TERMS.

1. Background

1.1 The Digital Transformation Agency (DTA) has accredited Digicert Australia Pty. Ltd. (“DigiCert”) to provide certain PKI services to, or for the purposes of, Australian government agencies.

1.2 You wish to obtain a DigiCert Gatekeeper Certificate of the type and grade offered by DigiCert.

1.3 DigiCert’s Gatekeeper Certification Services, and the use of the Certificate, are governed by the DigiCert Gatekeeper General Category Certificate Policy, as amended from time to time ("CP"), which is incorporated in its entirety into this Agreement. This Agreement contains some important matters dealt within the CP. For full details of the obligations of the DigiCert Certificate Authority, the DigiCrt Registration Authority, Subscribers, Relying Parties, and all other PKI Entities, please refer to the CP.

1.4 All documents referred to in this Agreement are published in the Repository (https://gatekeeper.digicert.com/repository) on the DigiCert Gatekeeper Website (http://gatekeeper.digicert.com/).

2. Interpretation

Expressions used in this Agreement have the same meanings as they have under the DigiCert Gatekeeper CPS and the CP.

3. Obligations

3.1 This Agreement will become effective on the date you electronically accept the terms of this Agreement, at which point you become a Subscriber for the purposes of the CP. "You" shall mean you individually and/or on behalf of your Organisation.

3.2 By signing this Agreement you:

(a) request that the DigiCert CA issues you with a Certificate identifying you (and, if applicable, your Organisation) in accordance with the CP;

(b) agree to comply with the terms of the CP, including, without limitation, the following sections:

section 9.6.3 (Subscriber Representations and Warranties)

section 9.6.4 (Relying Party Representations and Warranties)

section 9.6.4.1 (Digital Signature Validation)

section 9.8 (Limitations of Liability)

section 9.14 (Governing Law)

section 9.16.3 (Severability, Survival, Merger)

section 9.17.1 (Conflict of Provisions)

(c) if you have applied for and have been issued a Gatekeeper Device Certificate, then the following applies to you: You further agree that, on your instructions (which may be communicated by means of an email digitally-signed with your Private Key), DigiCert may: (i) issue Certificates for use by Devices identifying your Organisation and the nominated application, device, process or service; (ii) revoke Certificates; and perform such other actions as specified in the CP.

4. Privacy

DigiCert will treat and process the data you provide in your certificate application in accordance with the DigiCert Privacy Statement, as amended from time to time and accessible from the home page of the website from which you enrolled for your Certificate. You agree and consent that DigiCert may place in your Certificate information that you provide in your application. DigiCert may also (i) publish your Certificate, and information contained therein, in the Repository and other third-party sites; and (ii) use such information for the purposes set out in this Agreement and in the DigiCert Privacy Statement. You further agree and consent that DigiCert will process and/or transfer such data to the United States and in other jurisdictions where DigiCert maintains a presence. For further information on processing of customer data, please see the applicable DigiCert Privacy Statement.