Version 8: February 14, 2023
Online Terms and Conditions
These Online Terms and Conditions form an integral part of the Technical Services Agreement or the Reseller Agreement, as applicable, entered into between the Client and the Provider (each a “Party” and collectively the “Parties”) for the provision of Provider Services. Capitalized terms not defined herein shall have the meaning ascribed to them in the relevant agreement.
1. Definitions
The following capitalised terms shall bear the meaning ascribed thereto:
“3D Secure” or “3DS” means any of the following: 3D Secure 1.0 Service and/or 3D Secure 2.0 Service and/or any later version of 3D Secure service (including any related software) developed by the Provider that could include any third party’s technologies, as per Provider’s sole discretion, following Card Scheme regulations and other regulations that mandate Card Holder authentication.
“3DS SDK” means the technological tool developed by the Provider for mobile applications.
“Abandoned Account” means any inactive account through which no transactions have been processed for a minimum of three (3) months and/or for which the contact information (address, phone numbers, fax numbers, email address) and billing information (ABA routing number and bank account number and/or card number) is no longer valid.
“Accepted Merchant” shall mean the Merchant of the Reseller which is receiving the Services and any other related services, by the Provider;
“Additional Service/s” means the service and or product that is/are offered by the Provider, as listed in the Agreement or which may be offered by the Provider in the future, as will be notified to the Client from time to time, in addition to any other services chosen by the Client on the Effective day.
“Affiliates” means any entity that controls, is controlled by, or is under common control with a party, including its parents and subsidiaries.
“Agreement” means: (i) the Technical Services Agreement; OR the Reseller Agreement, as may be applicable (ii) these Online Terms and Conditions (“OTC”), (iii) the online Data Processing Addendum (“DPA”), and (iv) any other guidelines, amendments, or notifications provided by the Provider as they may be amended from time to time. In the event of a conflict between the documents comprising the Agreement, the following order of priority will apply: (i) the body of and schedules to the Agreement; (ii) these Online Terms and Conditions and the Data Processing Addendum; and (iii) any other guidelines or information issued by the Provider from time to time; All Addendums to this Agreement are an integral part of this Agreement. Any prior discussions, if not expressly covered by this Agreement are invalid.
“Business day” means any calendar day not including public holidays or weekends in Malta;
“Card” means any valid payment card issued under any Card Scheme, where Card Scheme/s means Visa and/or Mastercard.
“Card Schemes” means Visa and/or MasterCard or any other similar schemes;
“Card Scheme Rules” or “Association Rules” means all rules, by-laws, guidance, regulations, directions and other requirements (whether contractual or otherwise) imposed or adopted by any Card Scheme from time to time;
“Client” means either the Client in the Technical Services Agreement, or the Reseller in the Reseller Agreement
“Client Payment Services Partner” means any Party with whom the Client may have to conclude its own direct agreement in order to be able to receive the Services, as supported by the Provider.
“Client Portal” means platform provided by the Provider to the Client for observation of Provider’s Services and/or any additional communications with Provider and/or opting for Additional Services.
“Confidential Information” means any data or information, oral or written, treated as confidential that relates to either Party’s (or, if either Party is bound to protect the confidentiality of any third party’s information, such third party’s) past, present, or future research, development or business activities, including any unannounced products and services, any information relating to services, developments, the Provider Services Documentation (in whatever form or media provided), inventions, processes, plans, financial information, Transaction Data, revenue, Transaction volume, forecasts, projections, and the financial terms of the Agreement. The obligations in this clause shall not apply to the Disclosing Party’s Confidential Information, which: (i) entered the public domain through no breach of the Agreement or other wrongful act of the receiving party; (ii) was already known to the receiving party prior to the Effective Date of the Agreement, as established by documentary evidence; (iii) was rightfully received by the Receiving Party from a third party and without breach of any obligation of confidentiality of such third party to the owner of such information; (iv) is being or was developed independently from such Confidential Information, as is shown by competent evidence; or (v) Provider is required to disclose to third parties in order to provide the Provider Services.
“Credorax Group” or “Credorax Group Company” means Source Ltd., Credorax Bank Limited, and any other Affiliates thereof.
“Data Protection Requirements” means the Data Privacy Compliance clause and any additional data protection requirements and provisions set out the Reseller Agreement or any other applicable data protection regulations, such as (but not limited to) EU 2016/679;
“End User/s” means any person that purchases any of Client’s goods or services, whose information Client will process via the Provider API, during the course of Client’s use of the Provider’s Services. End User could mean a Data Subject as defined in the DPA.
“Force Majeure” means any and all circumstances beyond the reasonable control of the Party concerned, including, without limitation, acts of God, earthquake, flood, storm, lightning, fire, explosion, war, terrorism, riot, civil disturbance, sabotage, strike, lockout, slowdown, labour disturbances, accident, epidemic, difficulties to obtain labour, lack of or failing transportation, emergency repair or maintenance, breakdown of public utilities, changes of law acts of third parties for which the Party concerned shall not be liable under the Agreement, or an inability to obtain or retain necessary authorizations, permits, easements or rights of ways.
“Gateway Services” means a technical connectivity platform offered to Clients or to Reseller’s Accepted Merchants.
“Intellectual Property” means any software and/or hardware developed by Provider, any patents, trademarks, service marks, design rights (whether registerable or otherwise), applications for any of the foregoing, copyrights (whether in database or otherwise), database rights, know-how, trade or business names, goodwill associated with the foregoing, Internet domain names and web site addresses and other similar rights or obligations, whether registerable or not, in any country (including but not limited to the countries where the Parties are incorporated), and all derivatives of the foregoing.
“Issuer” means a member of the Card Schemes that enters into a contractual relationship with a cardholder for the issuance of one or more Cards;
“Log-in Details” means the usernames, passwords, keys and other codes used by Client, in order to access and use the Provider Service.
“Merchant” means the Client as defined in the Technical Services Agreement, or a client of the Reseller as defined in the Reseller Agreement.
“Primary Account Number” or “PAN” means the 14 -19 digit identifying number either embossed or printed found on a Card.
“Processing/Transaction Fee” means a fee that is charged for every gateway operation request including basic operations, referral operations and token operations ,and any other operations as described in our API link: epower.credorax.com, which may be amended from time to time.
“Provider Payment Services Partner” means any and each out of the payment service providers with whom Provider has its own direct agreements and technical integrations in place, enabling Provider to support the provision of payment services by such providers through the Provider Services, including but not limited to application service provider, acquiring bank and financing agency.
“Provider Service/s” or “Services” means Gateway Services and/or each of the services listed herein, and in Addendum A of the Technical Services Agreement, or in Schedule 1 of the Reseller Agreement, as may be amended from time to time by Provider. To avoid any doubt, Provider Service is a technical service that supports the provision of payment services, without entering at any time into possession of the funds to be transferred, under Article 3(J) of the Payment Services Directive.
“Provider Services Fee” means the fees that are to be paid by the Client for the Provider Services, as specified in Addendum A of the Technical Services Agreement, or in Schedule 1 of the Reseller Agreement, as may be amended from time to time by the Provider, upon a written notification to the Client.
“Requirements of Law” means any applicable local laws, regulations, rules, codes, directives or other binding instruments issued or promulgated by any government;
“Seamless Token” means the unique digital identifier that replaces the PAN and is being stored electronically.
“Settlement” means the successful transfer of funds from a Card holder’s account to the Merchant’s account following a Transaction
“Smart 3DS” means the technological engine developed by the Provider to facilitate 3DS services provided to the Client.
“TPP” means third party services provider.
‘Transaction’ means the acceptance of a Card or information on the Card, for payment of goods sold and/or leased and/or services provided to Cardholders by the Merchant, and receipt of payment from Member, whether the Transaction is approved, declined, or processed as a forced sale. The term ‘Transaction’ also includes credits, errors, returns, refunds and adjustments.
2. The Provider Services
2.1. Subject to the terms of the Agreement, including due payment by the Client of the Provider Service Fees, Provider shall provide the Client with Provider Services through integration with its API and online Client Portal, as detailed in the documentation provided by the Provider to the Client or made available through the Client Portal (the “Documentation”) at: epower.credorax.com
2.2. Provider will provide the Client the details required for the Client to integrate with the API and Client Portal and to start using the Provider Services. Client must implement the integration in accordance with the directions of Provider and the Documentation, in order to use the Provider Services. It is the Client’s sole responsibility to purchase and operate the infrastructure necessary to use the Provider Services, such as computers and access to the internet.
2.3 Provider Services are any of the following Services listed below, which may be subject to additional terms as detailed:
I. ALTERNATIVE PAYMENT METHODS (“APM”)
a. Provider offers Client connectivity to a variety of APMs which is updated from time to time.
b. To enable smooth provision of APMs, Provider may adjust the content and interfaces of its Services to keep them up to date with market requirements and may use third parties’ technology and platform to process APMs. If such adjustments require Client to make necessary changes in its software, interfaces or operating procedures, Provider will inform Client as soon as reasonably practicable prior to the execution of such adjustments. Client shall be responsible for its own costs with respect to such changes to its software, interfaces or operating procedures.
c. Client acknowledges that for providing APM services it may be required to contract with TPPs, as may be required by TPPs.
d. It is in the best interests of both parties that Provider maintains a secure and stable environment; to that end, Provider may change the method of access to the Provider Services at any time.
II. SMART ROUTING
a. During the period of the Agreement and providing the Services to the Client, Provider is entitled to apply its Smart Routing technology, at its full discretion, that may optimize transferring and processing payments and may minimize declined Transactions. Smart Routing reflects a technical service that Provider may provide to the Client, and Client agrees that Provider will have full reasonable discretion to route Transactions to any third party, that may include any available Client Payment Services Partner.
b. Provider will be held free of any claims and/or charges relating to reasonable application of the Smart Routing technology, in accordance with the stipulated above.
III. PAYMENTPAGE SERVICE
Subject to additional conditions as specified at:
http://www.sourcepayments.com/legal/HPP
IV. SMART GUARD AND SMART GUARD PLUS
Subject to additional conditions as specified at:
www.sourcepayments.com/legal/smartguard
V. 3D SECURE SERVICES
a. The Client shall comply with the Card Schemes’ enrolment process and/or any other Card Scheme requirements relating to 3DS usage and/or with the Provider Documentation, as may be amended from time to time by the Card Schemes and/or by the Provider, and shall provide any required documentation, as may be requested by the Provider.
b. Provider shall not be held liable in any form, in case that the Card Schemes decline Client’s registration to the 3DS and/or Client’s misuse of 3DS service.
c. Providing of 3DS service is subject to timely payment by the Client of Fees, stipulated in the Agreement. In cases of any delay in payment of Fees and/or if the 3DS Service was suspended or terminated by the Provider, for any other reason, Client acknowledges and understands that he may be found liable for breach of Card Schemes mandates or any other regulatory obligations and the Provider shall be released from any claims or liabilities.
d. Without derogating form any other conditions of this Agreement and to avoid any doubt, the Client acknowledges that 3DS Service is a proprietary software and technology developed by the Provider and it shall not be copied or otherwise published or distributed or modified by the Client without a prior written permission and consent of the Provider.
e. Without derogating form any other conditions of this Agreement and to avoid any doubt, the Client acknowledges that he shall comply with the regulatory obligations on Strong Customer Authentication and related Card Scheme mandates, and/or regulations. The Client shall indemnify Provider and hold Provider harmless from and against any and all damages, costs, losses and expenses (including reasonable attorneys’ fees) which are incurred by Provider as a result of or in connection to exemptions from Strong Customer Authentication requests filed on behalf of the Client by the Provider.
f. Smart 3DS may be based on a pre-defined algorithms and/or statistic models and/or other methods used to predict recommendations provided to the Client (“AI”). Client agrees and confirms usage of AI models and provided recommendations, the Provider makes no representation and assumes no responsibility for the accuracy of recommendation provided via AI or available through use of Smart 3DS. Smart 3DS is subject to any and all conditions stipulated in this Section V and in the Agreement.
g. 3DS SDK service is subject to any and all conditions stipulated in this Section V and in the Agreement.
VI. ACCOUNT UPDATER
a. Account Updater means a service that shall enable updates of stored Card details of Card holders, required for, inter alia, recurring payments based on automatic tool and/or based on the information provided by the Client to the Provider detailing the Card details that shall be subject to Account Updater services.
b. Account Updater shall be activated by the Client in accordance and subject to the Card Scheme Rules and requirements and the Client shall fulfil all technical requirements specified in the Documentation provided by Provider as may be amended from time to time.
c. The Client acknowledges that Visa and Mastercard provide their separate solutions related to Account Updater subject to separate terms and conditions and fees as may be amended by Card Schemes from time to time. Provider shall connect the Client to any or both Visa and Mastercard related Account Updater solutions, while the enrolment with the Card Scheme shall be handled by Credorax Bank Ltd., based on the information provided by the Client. The Client undertakes to pay any fees as will be required by Credorax and/or the Card Schemes.
VII. CHARGEBACK PREVENTION SERVICES
Chargeback Prevention is a service that enables Client to reduce its level of chargebacks with the Card Schemes. The service is enabled by Mastercard and Visa, each for its respective transactions.
a. Applicable General Terms for Chargeback Prevention Service
i. These general terms are applicable for both the Mastercard and Visa chargeback transactions.
ii. The Chargeback Prevention Service allows the refund of the transaction to cardholder before it reaches Mastercard or Visa, resulting in reducing chargeback levels of the Merchant with the Card Schemes.
iii. Client may not sell, re-sell, provide access, license the Chargeback Prevention Service to any third parties that are not Client.
iv. Client acknowledges that by requesting the Chargeback Prevention Service it assumes liability to use or process any information and data received in connection with the chargebacks for the sole purpose of, and only to the extent necessary to receive the Chargeback Prevention Service.
v. Client shall not (nor shall allow or enable any third party to: (a) decompile, disassemble, or otherwise reverse engineer the Service or third party code or attempt to reconstruct or discover any source code, underlying ideas, algorithms, file formats or programming interfaces of the services or third party code by any means whatsoever; (b) distribute, sell, sublicense, rent, lease or use the services, third party code (or any portion thereof) for time sharing, hosting, service provider or like purposes; (c) remove any product identification, proprietary, copyright trademark, service mark, or other notices contained in Service, or third party code.
vi. Provider provides the Chargeback Prevention Service via third party service provider powered by Mastercard or Visa. Provider assumes no liability whatsoever for the provision and outcome of the Chargeback Prevention Service to the Client, its quality or proper functionality which may include but is not limited to, ACCEPTED chargebacks not being refunded, possible time-outs, or any other faults that may occur.
vii. Client bears the responsibility to pay in full any additional fees which are not part of the Fee Schedule, fees that are charged by Visa or by Mastercard with respect to this service, and shall reimburse Provider upon request as may be required.
viii. A Client contracting with Provider under Reseller Agreement shall maintain copies of all relevant Merchant data, records, including copies of its Merchant agreements and provide copies of such to Provider upon its advance, reasonable written request but in no event, more than five (5) days after receipt of request for same. For purposes of this Agreement any such data or records shall include at a minimum: a) BIN, b) CAID c) MID, d) Merchant (by name); e) complete street address; f) customer service phone number; g) customer service email address; h) website URL; i) logo (128×128) pixel that cardholder would recognize); and j) unless prohibited by applicable law, the Fees charged to each Merchant, and any other reasonably necessary documentation to ensure Reseller’s compliance with this Service requirements and any applicable addenda. For avoidance of doubt, a violation of any portion of this clause may be considered a material breach of this Agreement.
b. Chargeback Prevention Service -Additional Terms by Mastercard
i. Chargeback Prevention by Mastercard is a service provided with respect to Mastercard chargeback transactions only.
ii. Under the service the Issuer notifies the Merchant of a raised chargeback before the chargeback reaches Mastercard, permitting the Merchant to refund the raised chargeback within 24 hours from the notification, avoiding the registration of the chargeback with Mastercard.
iii. This service is provided in accordance with the terms of use that may be found at www.ethoca.com/terms-of-use. By accepting this service, Client accepts and agrees to undertake and act according to these terms of use.
c. Chargeback Prevention – Additional Terms by Visa
A. Rapid Dispute Resolution (“RDR”)
i. RDR by Visa is a service provided with respect to Visa chargeback transactions only. The service enables the Merchant to prevent and reduce its level of chargebacks with Visa by automatically refunding chargeback requests from cardholders and avoiding the registration of the chargebacks with Visa.
ii. To receive the service, the Merchant is required to pre-define a set of rules that enable the automatic refund of chargebacks, in accordance with the pre-defined rules.
iii. Chargeback requests that are meeting the pre-defined set of rules, will end as ACCEPT, resulting in automated credit of the cardholder through the Client’s acquirer and subsequently avoiding the registration of the chargeback with Visa. Chargebacks requests that do not meet the pre-defined set of rules will end as DECLINED and will be routed to Visa chargeback process.
iv. The service is fully automated and there is no action for the Merchant to take in preventing the chargeback dispute to Visa once the rules are not met.
v. Change of pre-defined rule/s is done by a written notification to Provider. The changes will be implemented within fourteen (14) working days.
vi. No notifications will be sent to Client whether a Chargeback request was ACCEPTED or DECLINED. Client will receive access to the information via third party portal to review all the initiated chargebacks and their outcome.
vii. Client is responsible to update Provider with current information, including any changes or additions to Client’s descriptors and CAID.
viii. Client hereby agrees to make any enhancements necessary to its integration in order to continue to receive the Chargeback Prevention Service, within no less than forty-five (45) days from receiving notice. A failure to upgrade or enhance the integration following such notice, may result errors in providing the Service and possibly the immediate termination of the rights provided.
ix. The fee shall be paid by the Client per chargeback dispute request, irrelevant to its outcome, whether it is ACCEPTED or DECLINED.
B. Cardholder Dispute Resolution Network (“CDRN”)
i. CDRN is a service that enables the Client to reduce its level of chargebacks with Visa. The CDRN service provides the Client chargeback notifications in the MyC Visa portal, before a chargeback is being raised to Visa, allowing the Client to react and avoiding a dispute with Visa.
ii. The Client shall receive a username and a password to access the MyC Visa portal, which is non-transferrable, and the Client shall keep secure. It is the Clients sole responsibility to actively monitor and timely react to the notifications in the MyC portal. Any notification received in the portal will be subject to Fees, whether such notification was handled by the Client or not.
iii. All CDRN cases appearing on the MyC portal must be processed by the Client within seventy-two (72) hours from the time that they appear in MyC Portal. Cases not processed by the Client within this time frame will be automatically closed and no longer eligible for processing and shall be registered as a chargeback with Visa. Provided however that Cases not processed shall bear the service fees.
iv. In case that the Client decides on refunding the card holder to avoid a dispute, it shall be the Client sole responsibility to report such refund in the MyC portal.
v. The Client shall update Provider with current information, including any changes or additions to the Clients descriptor that enrolled to the service.
VIII. “ON BEHALF OF” SERVICE
a. ‘On behalf of’ is a service that enables Provider to respond and approve transactions for the Client on behalf of the issuing bank, or the Card Schemes, or any third party gateway (“Approvers”), ahead of the actual approval received from Approvers.
b. The service is designated to take effect in case of a timeout or no-response is received from Approver with respect to a processed transaction. The Service enables the transaction to be settled to the Client at a later time, upon the actual approval being received by either of the Approvers.
c. Should a transaction end up as rejected or declined by either of the Approvers, the Client will not receive the funds of the transaction amount, even though the Provider had approved the transaction.
d. To initiate the service, the Client is requested to define and cap in advance the amount for each processed transaction and the amount of aggregated transactions under the service, that are processed within a 24 hours period, starting at 00:00 and ending at 23:59 (UTC). UPON RECEIVING THIS SERVICE, CLIENT UNDERSTANDS AND AGREES THAT PROVIDER SHALL NOT BE HELD LIABLE FOR ANY CLAIM, LOSS, DEMAND, PENALTY OR ANY OTHER EXPENSE THAT MAY BE INCURRED TO THE CLIENT IN RELATION TO THE PROVISION OF THIS SERVICE, INCLUDING BUT NOT LIMITED TO INDIRECT OR CONSEQUENTIAL LOSS OR DAMAGE, LOSS OF PROFITS OR EARNINGS, PUNITIVE OR SPECIAL DAMAGES HOWEVER CAUSED, OR FOR ANY OTHER LOSS TO END CUSTOMERS OR OTHER THIRD PARTIES).
IX. RETRY [RESUBMISSION] OPTIMIZATION
a. The Retry Optimization service enables blocking transactions at the gateway in case a transaction is considered a resubmission of a final declined transaction, in accordance with the Card Schemes rules and logic, subsequently preventing charges by the Card Schemes imposed due to the resubmission.
b. Client understands that Provider assumes no liability and makes no warranties that resubmitted transactions would be successfully blocked. Non blocked transactions would incur the applicable Card Scheme charges, as per the Card Scheme rules.
X. SEAMLESS TOKEN
a. The Seamless Token service enables processing payment transactions without exposing the account details and information, or Primary Account Number. The Seamless Token service reduce the Card Scheme fees imposed on Client for non-tokenized transactions.
b. To receive the services, the Client must register with the Card Schemes. The Client authorizes the Provider to register the Client with the Card Schemes and keep it so registered during the period it receives the service. The Client shall be responsible to pay for the registration fees, as may be applicable, in addition to the fees payable to the Provider for the service.
c. The Provider shall enable the creation of the Seamless Token for Visa and Mastercard Cards via Provider’s API. The finalization of the Seamless Token shall be subject to the Card Scheme and Issuer approvals.
XI. MOBILEPAY ONLINE
a. MobilePay Online service is a pass through wallet owned by MobilePay A/S, that allows the Client to accept payments from End-users utilizing a debit or credit card and a mobile device.
b. Client shall be fully compliant with the specified requirements under this service which specifications can be found here: www.sourcepayments.com/legal/mobilepayonline
c. Client shall bear full responsibility for its use of the MobilePay Online Services and shall indemnify Provider in full and upon request for any threatened or actual damage or loss suffered by Provider, as a result of Client’s use or connectivity to MobilePay Online Services. Provider assumes no responsibility and no liability for Client’s use of MobilePay Online Services and the services are provided AS-IS at Client’s own risk.
XII. CARD PRESENT Gateway/Point of Sale [POS]
a. The service enables the processing of card present payment transactions by providing:
i. gateway connectivity,
ii. a payment application, and
iii. support services.
b. The gateway allows for connectivity to local schemes, local payment methods. and domestic acquirers, subject to Provider’s review of the request and approval.
c. Management activities. Any requested changes or management of gateway terminal configurations shall be executed by Provider upon Client’s request.
d. Processing activity reports. Processing activity reports that include card present processing related information shall be provided from time to time by Provider to the Client.
e. Upgrades and Support. From time to time, Provider may make upgrades, patches, enhancements, or fixes for the product (“Upgrades”) and such Upgrades will become part of the applicable product.
f. Client understands and acknowledges that this service is provided via third party provider and that third party provider’s Upgrades may cause temporary downtime and Provider shall not be held liable for such downtime.
g. Provider provides support to the Client subject to reasonable availability of third party providers’ resources. Provider shall use commercially reasonable efforts to pro-actively improve the reliability of the services or resolve incidents that arise from Client interaction or malfunction of the services or services components.
3. Provider Obligations
3.1 Provider shall provide to the Client, if the Client is current in payment of all fees owed to the Provider and is otherwise not in default under the Agreement, the Provider Services with the care and skill that can be expected of a leading and expert supplier of similar services and in accordance with applicable laws that apply to a technical service provider like Provider, including, without limitation, the Payment Card Industry Data Security Standard (“PCI DSS“) and the Documentation.
3.2 Any efforts made by the Provider and any work carried out by the Provider with respect to the Provider Services pursuant to a request or an authorised order from a government agency or a relevant Provider Payment Services Partner shall, upon notice by the Provider to the Client, be calculated and charged to the amount of actual costs of the efforts.
3.3 The Provider Services and the Client Portal under the Agreement are provided ‘AS IS’ on an ‘as available’ basis, which the Client has been able to review prior to, and accepted by, entering into this Agreement. Furthermore, the Client acknowledges and agrees that actions or omissions, including downtime, on the part of the Provider Payment Services Provider, Client Payment Services Providers and other third parties may reduce, in whole or in part, the availability or functionality of the Provider Services, and Provider shall not be held liable for such reductions.
4. Client Obligations
4.1 Notification: The Client shall give Provider ninety (90) calendar days advance written notice of any guidelines, instructions or mandates the Client receives from other legal entity which may have an impact on Provider Services. The Provider and the Client shall collaborate in good faith in order to implement any such requirements, subject to any Provider fees as may be agreed in the Agreement or from time to time between the Parties. Notwithstanding the above, if the Provider, in its discretion, determines that it cannot comply with such requirements using commercially reasonable efforts, it may terminate immediately the provision of its Services.
4.2 Data Privacy Compliance. In connection with the exercise of Client’s rights and obligations under the Agreement (including, without limitation, any related to data privacy), the Client will comply, at its own expense, with all laws, policies, guidelines, regulations, ordinances, rules applicable to the Client, this Agreement, including, without limitation, GDPR, Payments Services Directives, including but not limited to the DIRECTIVE (EU) 2015/2366 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on payment services in the internal market, and Documentation and/or requirements of any kind, including with the Data Processing Addendum as stipulated at the following link: www.sourcepayments.com/legal/gdpr
4.3 The Provider reserves the right to amend or modify the Documentation or any of the above-mentioned requirements at any time by a written notification to the Client. The Client shall not use Provider Service in any manner, or in furtherance of any activity that may cause the Provider to be subject to investigation, prosecution, or legal action. If, at any time, the Provider has reason to believe that the Client is copying, capturing or intercepting payment details, is otherwise in breach of PCI DSS or not or no longer PCI DSS compliant, or cannot provide proof of its PCI DSS compliance, the Provider has the right to suspend any of the Provider Services, or immediately terminate this Agreement.
4.4 Reseller Agreement. To the extent that a Client is contracting with the Provider under a Reseller Agreement, it undertakes to bind all its Merchants receiving Provider Services to the same contractual terms and obligations indicated in the Reseller Agreement, OTC and DPA, and any other schedules, addendums or documentation attached thereto, as case may be. The Client assumes full responsibility and liability towards the Provider for its Merchants’ use or misuse of the Provider Services, which may cause breach of the Agreement, the OTC, DPA, and any other schedules, addendums or documentation, which results in damages to Provider and/or Provider TPPs and shall indemnify Provider in full for any such damages upon demand.
4.5 Technical Services Agreement. To the extent that a Client is contracting with the Provider under the Technical Services Agreement, it is not permitted under any circumstances to sell, resell, license, enable or provide the Provider Services to any third party. The Provider Services under this Agreement are intended for the use of the Client only, and a breach of this clause may lead to immediate termination of the Client. Client shall bear full liability for any damages caused to Provider as a result and shall indemnify provider in full for any damages upon demand.
4.6 Log-in Details. The Client will be provided with ID and password to access the Client’s payment gateway account and use the Provider Services. The Client shall restrict access to such ID, password, and account to the Client’s employees and agents as may be reasonably necessary consistent with the purposes of the Agreement and shall ensure that each such employee and agent accessing and using the account is aware of and otherwise complies with all applicable provisions of this Agreement regarding such use and access. The Client is solely responsible for maintaining adequate security and control of any and all IDs, passwords, or any other codes that grant access to the Provider Services. The Provider shall be entitled to rely on information it receives from the Client and may assume that all such information was transmitted by or on behalf of the Client. The Client shall comply with all Provider recommendations and notices regarding the security of the Client’s ID, password, and payment gateway account(s). The Client shall bear full liability for any damages caused to the Provider as a result of a security infringement and shall indemnify provider in full for any damages upon demand.
5. Acknowledgements by Client
5.1. A Transaction having the status ‘Authorised’ (“Authorised Transaction”) does not imply that the payment is guaranteed or that it is already due by the relevant Provider Payment Services Partner to the Client.
5.2. Authorised Transactions may still appear to be fraudulent, as the card or payment instrument used for making the payment may appear to be expired, the subject of unauthorised use, not sufficiently funded, or as otherwise be detailed in the Card Scheme Rules, which may cause an Authorised Transaction to not result in Settlement (including the possibility of chargeback) by the Provider Payment Services Partner to the Client.
5.3. The Client acknowledges and agrees that (i) Provider does not have, and cannot provide, visibility of Settlement, and (ii) the risk that an Authorised Transaction eventually does not result in Settlement or that a Transaction already settled shall be reimbursed, is a commercial risk which shall be solely borne by the Client.
5.4. A Client that is under a Reseller Agreement with the Provider acknowledges and agrees that the Provider shall bear no risk with respect to the sale of products and/or services by Client, including, without limitation any risk associated with fraud or chargebacks in relation to a payment method.
5.5. The Client acknowledges and agrees that the Provider shall not be responsible for the operation of web sites, the availability or performance of the Internet, or for any damages or costs it suffers or incurs as a result of any instructions given, actions taken or omissions made by itself or other third parties, including without any limitation Client Payment Services Partners.
5.6. The Client agrees and acknowledges that the Provider assumes no liability in either contract, tort, negligence, statutory duty or otherwise (to the maximum extent permitted by applicable law) arising out of its uses and connection to TPPs and/or third parties’ APM processing and/or relating to any claim, charge, fees, fines or any similar obligations relating to TPP services provided to the Client. Provider and/or TPPs may disconnect Client from any payment method that ceases to be provided by the relevant TPP or APMs Provider. Provider will not be liable for any failure of the TPP or APM Provider to effect payment in respect of a transaction including the remittance of any proceeds.
6. Provider Fees and Services
6.1. In the event that the information provided by the Client for the purpose of this Agreement ceases to be relevant or changes significantly after three (3) months following the Effective Date, the Provider may immediately adjust the Provider Service fees and will notify the Client of any such adjustment in writing.
6.2. The Client agrees to pay for the Provider Services either by bank transfer, subject to an issued monthly invoice by the Provider, payable within thirty (30) days to the Provider’s bank account or, the fees will be debited from the Client’s funds that are available under the acquiring agreement that the Client has with Credorax Bank Ltd. The client authorizes Provider and Credorax Bank Ltd., to debit the Service fees from the Client funds in the acquiring agreement.
6.3. Printed invoices or statements can be requested (additional costs may be charged by Provider). Fees and payments shall be due on the first day of the month.
6.4. Late Payment Fee Interest. If the owed amounts are not paid by the Client within thirty (30) days after the due date stipulated in Provider’s invoice, without prejudice to the other rights the Provider may have under the Agreement, the Client will be subject to a late payment fee interest for a period beginning on the payment date and ending on the date that the amount due is paid in full. The amount of the interest owed to Provider shall be computed using an annual rate equal to 5% or as it may be amended from time to time by Provider. If the Client has not paid all amounts due before the last day of the month in which they were due, Provider reserves the right in it’s sole discretion to suspend the use of the Provider’s Services.
6.5. Taxes. The fees described above are exclusive of all taxes. Client agrees to pay all applicable taxes other than tax assessed on the Provider’s income. The Client agrees that the payment of fees to Provider shall be made without deduction or withholding for any taxes. If the Client is required to withhold any taxes, the amount paid by the Client to the Provider shall be increased to the extent necessary to yield to the Provider (after withholding of such taxes) a net amount equal to the amount the Provider would have received had no such withholding been made. The Client bears the ultimate responsibility for the proper payment of taxes applicable to Client’s sale of its products or services.
6.6. Disputes of invoices. The Parties shall promptly investigate any disputed Fees under the Agreement. A dispute will not relieve the Client of its payment obligations herein. If an event of dispute is resolved in the Client’s favour, the Provider will credit back to the Client any applicable overpayments made by the Client. All disputes must be made in good faith and in writing within thirty (30) days of the invoice date. Fees billed and invoiced shall be deemed accepted where written objections were not received by the Provider within such thirty (30) day period.
7. Intellectual Property
7.1. The parties agree that the Provider owns and retains all rights, titles, and interests in and to Provider Intellectual Property, including but not limited to trademarks, patents, Documentation, copyrights, and any related technology utilized under or in connection with the Agreement, including but not limited to all intellectual property rights associated therewith. No title to or ownership of any of the foregoing is granted or otherwise transferred to Client or any other entity or person under the Agreement. Client shall not reverse engineer, disassemble, decompile, or otherwise attempt to discover the source code or trade secrets for any of the Provider Services or related technology.
7.2. API, MPI, Client Portal, and Documentation License. Subject to the terms of the Agreement, the Provider hereby grants to the Client a personal, limited, non-exclusive, non-transferable right to the Provider’s API, MPI, Client Portal, and accompanying documentation for the following purposes:
7.2.1. install and use the Provider’s API, MPI and Client Portal on as many computers as reasonably necessary (which are and shall be maintained in facilities owned, occupied, or leased by Client) to use the Provider Services, and where the Client for the purpose of selling products and/or services to End-Users;
7.2.2. use the accompanying Documentation solely for the purpose of using the Provider’s API, MPI, Client Portal and Provider Services.
7.3. Provider’s Trademarks License. Subject to the terms and conditions contained herein and subject to a prior written approval by one Party to the other, Client may get a non-exclusive, fully-paid up right to use, reproduce, publish, perform and display the Provider’s trademarks on Client’s website in connection with Client’s offering of payment options to End Users.
7.4. Client’s Trademarks License. Subject to the terms and conditions contained herein, the Client hereby grants the Provider a non-exclusive, royalty-free, fully paid up right to use, reproduce, publish, perform, and display the Client’s trademarks in connection with the Provider Services.
7.5. Use of Trademarks. Each Party shall strictly comply with all standards with respect to the other Party’s trademarks contained herein or which may be furnished by such party from time to time. Further, neither Party shall create a combination mark consisting of one or more trademarks of the other Party. All uses of the other Party’s trademarks shall inure to the benefit of the Party owning such trademark. Except as otherwise provided herein, the Client shall not use, register or attempt to register any (a) Provider trademarks or (b) marks or domain names that are confusingly similar to any of the Provider trademarks or Provider domain(s). Client shall not (a) use Provider trademarks except as expressly authorized in this Agreement; (b) take any actions inconsistent with Provider’s ownership of the Provider’s trademarks and any associated registrations, or attack the validity of Provider’s trademarks, its ownership thereof, or any of the terms of the Agreement; (c) use the Provider’s trademarks in any manner that would indicate Client is using such Provider’s trademarks other than as a licensee of the Provider according to the Agreement; nor (d) assist any third party do any of the same.
8. Confidentiality
8.1. A receiving party shall not use Confidential Information for purposes other than in direct relation with this Agreement. The receiving party shall hold the disclosing party’s Confidential Information in strict confidence, treat the disclosing party’s Confidential Information with at least the same degree of care as it would use in respect of its own confidential information of similar importance, but in any event a reasonable level of care. In particular, the receiving party shall not without the prior written consent of the disclosing party disclose, publish, disseminate or make accessible the disclosing party’s Confidential Information, in whole or in part, in any way or form, to third parties other than to its employees, subcontractors or agents who have a need-to-know in connection with the performance of the Receiving Party’s obligations under the Agreement.
8.2. In the event that Confidential Information is required to be disclosed by the receiving party by a court order or statutory duty, the receiving Party shall be allowed to do so, provided that it shall, without delay, inform the disclosing party in writing of receipt of such order or duty so that the disclosing party may seek protection against such order or duty.
8.3. Upon the first request of a disclosing party, the receiving party shall without delay (a) return all copies, samples and extracts of, and all other physical media containing, the disclosing party’s Confidential Information, and (b) delete or destroy and have deleted or destroyed all automated data containing the disclosing party’s Confidential Information.
8.4. Client shall not, and shall not permit any third party to, directly or indirectly: (i) reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, object code, or underlying structure, ideas, or algorithms of any aspect of the Services; (ii) modify or create derivative works based on an aspect of the Services; (iii) copy, distribute, assign, or otherwise transfer rights to any aspect of the Services; (iv) remove or otherwise alter any proprietary notices or labels from any aspect of the Services; (v) use any aspect of the Services to build an application, product, or service that is competitive with any product or service referred to in this Agreement; (vi) interfere or attempt to interfere with the proper working of aspect of the Services or any activities referred to in this Agreement; or (vii) bypass any measures Provider or any third party provider may use to prevent or restrict access to any aspect of the Services (or other accounts, computer systems, or networks connected to any aspect of the Services).
8.5. The Client is responsible for its activity in connection with the Services, including but not limited to transferring any personal data, or other protected information or data. Client shall:
a. use all aspects of the Services in compliance with all applicable laws, treaties and regulations (including those related to data privacy, international communications, export laws and the transmission of technical or personal data laws), and
b. shall not use any aspect of the Services in a manner that violates any third party’s intellectual property, contractual or other proprietary rights.
9. Representations and Warranties
9.1 Each Party undertakes that:
a. it is an entity validly existing and in good standing under the laws of the country it is formed and it is and shall remain in compliance throughout the Agreement with (i) all applicable laws in the jurisdictions in which it does business, including but not limited to privacy laws; and (ii) to the extent applicable, with PCI-DSS requirements.
b. it has all the requisite powers to execute and deliver this Agreement and to perform its obligations specified under this Agreement,
c. its performance of this Agreement will not violate any applicable law or regulation or any agreement to which it is bound as of the date hereof, including, without limitation and where applicable, any merchant processor agreement;
d. it has not and will not in connection with the activities contemplated by this Agreement and/or any other business transactions involving this Addendum, make any payment or transfer of value which has the purpose of effect of (A) public or commercial bribery or other unlawful or improper means of obtaining business; or (B) acceptance of or acquiescence in extortion, kickbacks, and (C) that it has in place appropriate internal controls to ensure compliance with this paragraph. Client shall not undertake any action that may cause Parties to be in violation of any applicable anti-corruption law or regulation
9.2. The Client undertakes that it shall not use, any details or credentials provided by the Provider for any purpose other than what it is intended for under the terms of this Agreement and acknowledges that use of such information for other purposes can and will result in penalties.
10. Liability
10.1. The Client undertakes to use Provider Services according to the terms of the Agreement and relevant Documentation. The Client shall bear full liability for the breach of any clause of the Agreement or misuse of the Provider Services as stipulated herein and shall indemnify the Provider in full and on demand for any damage caused to the Provider or its TPPs in connection with the Provider Services.
10.2. The Provider undertakes to provide its services with due care and skill. In the event the Client discovers that any of Provider’s services are not being provided in conformity with the obligations of the Provider as set forth in the Agreement, the Client shall report such non-conformity to the Provider. The Provider will, where the non-conformity can still be remedied, use its reasonable efforts to correct the non-conformity at no additional charge to the Client.
10.3. The total liability of the Provider for direct damages due to an attributable breach of the Provider’s obligations under the Agreement or for an otherwise unlawful act, shall be limited per damage event to an amount equal to the total amount of the Provider Service Fees paid by the Client during a 12 months period immediately preceding the date on which the event which caused the liability took place. Direct damage shall include only: (i) the reasonable costs) a Party would face to obtain the result of the other Party’s proper performance under the Agreement, either from the other Party or from a third party, (ii) as demonstrated by a Party in assessing the cause of the damage and the amount of the damage and (iii) as demonstrated by a Party to mitigate the damage. In no event shall the Provider be liable due to an attributable breach of its obligations or on the account of an unlawful act or otherwise for incidental, indirect, special, consequential or punitive damages, including any damages based on loss of profits or lost revenues, business interruption or loss of information, production failure, impairment of other goods or otherwise. The Provider will only be liable for the costs referred to herein if the Agreement was not terminated by the Provider for breach of Client’s obligations under the Agreement.
10.4. None of the limitations and exclusions of liability set out in the Agreement are intended to limit or exclude: (i) the liability of a Party for gross negligence or willful misconduct; or (ii) the liability of the Client under the indemnities given by the Client in this Agreement.
11. Indemnities
11.1. The Client shall indemnify the Provider and hold the Provider harmless from and against all damages, costs, losses and expenses (including reasonable attorneys’ fees) which are brought against the Provider by any third party as a result of or in connection with an alleged breach by Client of any of its obligations under the direct agreement between (i) the Client and its Merchants or its End User; (ii) or the Client and its Payment Service Partner; (iii) or any other alleged fault, act or omission which is attributable to the Client; or (iv) any breach or misuse under this Agreement.
11.2. The Provider shall indemnify and hold the Client harmless from and against direct damages, costs, losses and expenses (including reasonable attorneys’ fees) which are brought against the Client due to: (i) an attributable breach of the Provider’s obligations under the Agreement or otherwise for an unlawful act; or (ii) third party claims regarding the software and/or systems of the Provider. This indemnification is subject to the Client immediately advising the Provider upon a raise of a claim by any third party, which the Provider shall be at liberty to address at its own discretion.
12. Disconnection and Termination
12.1. Disconnection of Provider Services. The Client acknowledges that disconnection of Provider Services may take up to fifteen (15) business days. The Client is liable for all charges until final disconnection of Services.
12.2. Immediate Termination. A Party may terminate this Agreement with immediate effect by written notice, if the other Party: (i) materially breaches any of its obligations under the Agreement which remains uncured after thirty (30) day written notice thereof; (ii) is dissolved or liquidated, is declared bankrupt or otherwise the subject of suspension of payment or other insolvency proceedings, or if it must reasonably be expected to be unable to meet its obligations under the Agreement; or (iii) fails to comply with the laws and regulations to which it is subject; or (iv) if the other Party or any of its representatives commits fraud or willful intentional misconduct.
12.3. The Provider may terminate this Agreement with immediate effect due to immediate termination of the acquiring agreement with Credorax Bank Limited, if applicable.
12.4. Suspension. Without any prejudice to any other legal remedies, the Provider may suspend the provision of , in whole or in part Provider Services or may terminate the Agreement with immediate effect by written notice, if the Client: (i) has not submitted any transactions for a period longer than three (3) months; (ii) does not comply with its obligations under its direct agreement with the relevant Client Payment Services Partner or with the Relevant Payment Services Provider; (iii) instructs the Provider to no longer support the Client in relation to such Relevant Payment Services Partner; (iv) does not have a contractual relation with the relevant Client Payment Services Partner nor with any of the other Provider Payment Services Partners; (v) if the Provider received a written notification obliging the Provider to refrain from providing the Services from any legal authorities, inter alia, referring to the Clients’ misconduct; or (vi) did not approve in writing an acceptance of Fees Amendments, as defined in the Services Agreement. In any such case, the fees owned to the Provider and any other costs and expenses shall become payable at once.
12.5. A Party may not assign or in any way transfer its rights or obligations under this Agreement without the prior written approval of the other Party.
12.6. The Client acknowledges and agrees that during the term of this Agreement and after its termination or expiration for any reason whatsoever, the Client shall continue to bear liability for all transactions and all other amounts due or which may become due under this Agreement. This liability is not subject to any limitation of liability that may be expressed elsewhere in this Agreement.
13. Force Majeure
13.1. In case of Force Majeure, the affected Party shall immediately give the other Party written notice of the Force Majeure event. The notification shall include details of the Force Majeure event together with evidence of its effect on the obligations of the affected Party, and any action the affected Party proposes to take to mitigate its effect.
13.2. As soon as practicable following the affected Party’s notification, the Parties shall consult with each other in good faith and use all reasonable endeavours to agree appropriate terms to mitigate the effects of the Force Majeure event and to facilitate the continued performance of this Agreement.
13.3. The Party prevented to fulfil its obligations shall not be required to remove any cause of Force Majeure or to replace or provide any alternative to the affected source of supply or the affected facility if that would require additional expenses or a departure from its normal practices, and the Agreement would be immediately terminated if it becomes unpractical to continue it.
14. Miscellaneous Provisions
14.1. Independent contractors. The Parties are independent contractors. No Party shall have any power or authority to assume on behalf of or in the name of the other Party any obligations or duties or to bind the other Party to any contract, deed or undertaking vis-à-vis any third party.
14.2. Promotional materials/press releases. Each Party acknowledges and agrees that the other Party may disclose the existence of the business relationship formed by the Agreement, including the name of the Party, for marketing purposes, including through media releases, public announcements, public disclosures, and promotional and marketing materials.
14.3. Severability. If any provision in the Agreement is found to be invalid or unenforceable in any respect in any jurisdiction the validity or enforceability of such provision shall not in any way be affected and the validity and enforceability of the remaining provisions shall not be affected, unless this Agreement reasonably fails in its essential purpose, and the Parties shall substitute such provision by a valid and enforceable provision approximating to the greatest extent possible the essential purpose of the invalid or unenforceable provision.
14.4. Waiver. Any waiver shall only have effect if it is specific and in writing. The failure of a Party to enforce any of the provisions of this Agreement shall in no event be considered a waiver of such provision. No waiver of a provision by a Party shall (a) preclude that Party from later enforcing any other provision of the Agreement; (b) operate as a waiver of any succeeding breach of the same provision of the Agreement.
14.5. Involvement of Third Parties. If the Client uses the services of third parties it shall be responsible to the Provider for all actions, errors, and/or omissions of the third party as if the Client had performed these acts or omissions itself. The Client may not subcontract or otherwise delegate the performance of any of its obligations hereunder to any third party without Provider’s prior written consent.
14.6. Interim Remedies. Each party acknowledges and agrees that due to the unique nature of Intellectual Property, licenses, and Confidential Information, there can be no adequate remedy at law for any breach of its obligations hereunder, that any such breach may allow the breaching party or third parties to unfairly compete with the breached party resulting in irreparable harm to the breached party, and therefore, that upon any such breach or any threat thereof, the breached party shall be entitled to seek injunctive relief.
14.7. Existing obligations. Notwithstanding the expiry or termination of the Agreement, each Party shall procure the due and timely performance of all obligations assumed by it prior to such expiry or termination. Except in the event that the Agreement is terminated for breach of contract, no Party shall be required to make any payment for termination or expiration of the Agreement.
Continuing provisions. The sections and clauses of this Agreement relating to confidentiality, liability, indemnities, governing law, and other provisions that expressly or by their nature are intended to continue to have effect, shall survive termination or expiration of the Agreement.