Liability

Liability Exposure

As a qualified trust service provider Evrotrust is subject to statutory professional liability for damages caused intentionally or negligently to any natural or legal person due to a failure to comply with the obligations under Art. 13 of eIDAS (for example not following the policies and procedures for issuing qualified certificates or mistake of an operator in identifying the user).

Evrotrust fully informs their customers in advance of the limitations on the use of the services it provides and where those limitations are recognizable to third parties thus it is not liable for damages arising from the use of services exceeding the indicated limitations. Evrotrust does so by introducing such clauses in the terms and conditions of the service provided, in the Policies and Practices for the different eID and trust services offered, placing information on its website and by other appropriate measures.

Liability Insurance

In order to cover the damages under eIDAS Evrotrust maintains insurance policy issued by premiere international insurance company under Art. 24 (2) (c) of eIDAS. The policy covers risk of damages under eIDAS for user of eID and the following trust services – electronic identification, issuing of qualified electronic signatures, issuing of qualified electronic seals, issuing of qualified timestamps, qualified validation, qualified preservation, issuing of qualified website authentication, qualified electronic registered delivery service in the following limits – 2’000’000 USD per transaction and 5’000’000 USD in aggregate.

Liability Limitations

Evrotrust maintains commercial policies and practices for issuing different electronic signatures products, namely - variations of qualified certificates for electronic signatures, by placing liability limitations under Art. 13 of eIDAS as "value of transactions" in accordance with Section 4.3.2 of ETSI EN 319 412-5 Electronic Signatures and Infrastructures (ESI), Certificate Profiles, Part 5: QCStatements.

Based on Evrotrust policies, the default value of transactions we place into the certificate is up to 20 000 EUR, while other tiers are listed in the table below. This amount sets the Evrotrust maximum liability for damages in case of misuse of the certificate (when Evrotrust has issued the certificate by acting negligently under eIDAS). For example if due to wrong negligent identification a qualified certificate is issued not to the real signatory, but to an impostor, and the latter has signed a contract with the Company relying on the certificate to be of another person, the damages caused to the impersonated person or the bank shall be covered up to the limits of the value of transaction listed in the qualified certificate. The higher the value of transactions listed in the certificate, the higher the liability exposure of Evrotrust for damages.

Please bear in mind that in some countries the national laws consider the value of transactions as the maximum material value of the document (for example a contract) up to which the qualified electronic signatures are considered as qualified at all. Using of the qualified electronic signature supported by such qualified certificate for signing transactions beyond these limits is treated by the court in these jurisdictions as signing with a non-qualified (advanced) electronic signature, thus the burden of proof in court procedure is shifted to the person who benefits of the signed document to prove given facts.

The Client can select what level of transaction value to be included in the certificate that will be issued for the signing of the documents based on the contract value: e.g. for mortgage loans to be used higher transaction value certificate, while for opening an account to be used the standard certificate.