incorporated under the laws of England, with registration number 12314440, whose registered office address is at 64 New Cavendish Street London Greater London W1G 8TB (“UNIPaaS”).
WHEREAS, UNIPaaS is party to an agreement with a Designated Acquirer under which Designated Acquirer provides payment processing and Card Scheme sponsorship services to UNIPaaS; and
WHEREAS, this Agreement sets forth, among other things, terms and conditions under which UNIPaaS will provide SM with services to facilitate SM’s acceptance of Cards and APM payments for its goods and services;
NOW THEREFORE, IN CONSIDERATION OF the mutual promises, covenants, undertakings, understandings and agreements hereinafter set forth, the parties hereto hereby agree as follows
- Definitions and interpretation
- Headings are used for convenience of reference only and in no way define, limit, construe or describe the scope or extent of any section, or in any way affect this Agreement.
- All Exhibits and Schedules annexed hereto or referred to herein are hereby incorporated in and made a part of this Agreement as if set forth in full herein.
- Any capitalized terms used in herein or in any Exhibit or Schedule, shall have the meaning ascribed thereto as set forth below:
“3D Secure” means special a security process consisting of “MasterCard SecureCode” for MasterCard and Maestro, “Verified by Visa” for Visa, J/Secure for JCB and other similar guidelines and processes, as these may change from time to time.
“Acquirer” means a Person who supplies Acquiring Services;
“Acquiring Services” means both Card Acquiring Services and Alternative Acquiring Services;
“Alternative Acquiring Services” mean, for each APM, both: (b) the processing of Transactions, Chargebacks and Refunds; and (b) the receipt and disbursement of related funds in each case arising from the use of an APM;
“Anticipated Liabilities” means amounts required to cover any sum due under: (a) potential or expected indemnity due by SM pursuant to the terms hereof; (b) in respect of potential or expected Refunds, Chargebacks, Chargeback Costs, Losses or any liability or expected liability relating to a Transaction or Assessments; or (c) any liability or potential liability of SM under this Agreement;
“APM” means a payment method (other than Cards) specified in Schedule 2 hereto, as may be updated by UNIPaaS in writing from time to time;
“APMP” mean, for each APM, the provider of such payment method;
“Applicable Law” means all laws; statutes; regulations; rules; codes; directives and ordinances of regulators, authorities, courts and government bodies having jurisdiction over a Party or the subject matter hereof, including but not limited to anti-money laundering and terrorist financing regulations, anti-bribery laws, consumer protection laws, in particular but without limitation the provisions governing distance selling and electronic business, consumer credit laws and data protection laws, all of the above to the extent applicable to a Party, to the performance or business of such Party or to the Services.
“Application Form” means each application form required to be submitted when applying for the provision of Services, any attached Pricing Schedule, and any attached addendum or addendum subsequently accepted by SM;
“Assessment” means any assessment, fine, liquidated damages, fee, cost, expense or charge of any nature which a Card Scheme, Other Financial Institution, APMP, Regulatory Authority or any other third-party levies on SM, UNIPaaS or Designated Acquirer at any time, directly or indirectly, in relation to a Service, Transaction or any other aspect of UNIPaaS or such third party’s relationship with SM;
“Authorization” means: (a) in the case of the Acquiring Services related to Cards: the confirmation at the time of a Transaction from the relevant Card Issuer that the Card used to pay for the Transaction has not been blocked for any reason or listed as lost or stolen or as having had its security compromised and that there are sufficient funds available for the relevant Transaction; and (b) in the case of Alternative Acquiring Services: authorization of a Transaction, including, where applicable, the confirmation from the relevant Other Financial Institution or APMP that adequate funds are available at the time of the Transaction to pay for the relevant Transaction; and “Authorize” and “Authorized” shall be construed accordingly;
“Authorization Request” means a request for Authorization;
“Authorized User” means an individual authorized by SM to access its Merchant Account;
“Business Day” means a day other than a Saturday, Sunday or public holiday in England on which banks are open for normal banking business in London, United Kingdom;
“Customer” means a Person who or which has ordered goods or services from SM and has initiated a Transaction in respect of that order, including a Cardholder;
“Capture” means, in relation to Card Acquiring Services, transmission of a payment instruction in relation to a Transaction to a Card Scheme for onward transmission to a Card Issuer to enable the earmarking of funds by a Card Issuer in a Cardholder’s account for Settlement;
“Card” means a credit, debit, charge, purchase or other payment card issued by a Card Issuer under a Card Scheme whose payments UNIPaaS is able to process (as notified by UNIPaaS from time to time);
“Card Acquiring Services” means the Authorization, Capture and Settlement of a Card related Transaction, and the processing of Chargebacks, Refunds, Representments and/or Retro-Charges in respect of Cards;
“Cardholder” means a Person who or which is the authorized user of a Card;
“Card Issuer” means a Person which issues Cards;
“Card Schemes” means schemes governing the issue and use of Cards listed in Schedule 2 hereto, as may updated by UNIPaaS in writing from time to time;
“Chargeback” means either: (a) any circumstances where Card Issuers, Card Schemes or Other Financial Institutions either refuse to Settle a Transaction or demand payment from in respect of a Transaction that has been Settled or in respect of which Remittance been made; or (b) (in respect of an APM) any Reversed Payment; or (iii) any other circumstance where any APMP or Other Financial Institution either refuses to make a payment or demands payment in respect of a disputed payment or other payment made in respect of a Transaction, or in respect of which payment has been made; in each case, whether due to dispute initiated by Customer or otherwise and notwithstanding any Authorization;
“Chargeback Costs” means administrative charge for processing a Chargeback and any (a) reasonable costs, expenses, liabilities, and (b) Assessments incurred as a result of or in connection with a Chargeback;
“Claim” means any action, proceeding, claim, demand or assessment (including Assessments), fine or similar charge whether arising in contract, delict, tort (including negligence or breach of statutory duty) or otherwise;
“Commencement Date” means the date on which SM is notified by UNIPaaS (in its sole and absolute discretion) that its application for provision of Services has been accepted;
“Confidential Information” means this Agreement and information relating to it (other than Transaction Data), or provided pursuant to it, that is designated as “confidential” or which by its nature is clearly confidential, howsoever presented, whether in oral, physical or electronic form and which is disclosed by one Party to another hereunder, including (but not limited to) pricing and specifications relating to the Services;
“Control” or “Controlled” means the exercise, or ability to exercise or entitlement to acquire, direct or indirect control over a Person, as defined in ss. 449 and 450 of the Corporation Tax Act 2010 and a “Change of Control” shall be deemed to have occurred if any Person or Persons who control(s) a Person at the Commencement Date subsequently cease to Control such Person;
“Customer Due Diligence” means the measures prescribed by the Money Laundering Regulations 2007, the Rules, PCI SSC Standards or any other Applicable Law;
“Customer Payments Account” means an account with any Other Financial Institution in which UNIPaaS holds the proceeds of Transactions, net of any amounts due to it.
“Data” means documents, data and records of any kind relating to Transactions, Chargebacks, Representments, Retro-Charge or Refunds (including, for the avoidance of doubt, data relating to Cards and Customers) and shall include Transaction Personal Data;
“Designated Acquirer” means the Acquirer the identity and contact details of which are set forth in Schedule 1 hereto, and to which the SM may address questions and concerns thereto.
“Documentation” means any documents UNIPaaS supplies SM from time to time, whether in physical or electronic form and whether in the form of text, graphics or still or moving images;
“Exchange Rate” means the reference currency exchange rate UNIPaaS may notify SM from time to time. The reference rate will fluctuate and is therefore indicative only;
“Fees” means the fees specified in the Application Form or Pricing Schedule;
“Floor Limit” means any monetary limit (of which UNIPaaS shall notify from time to time) above which UNIPaaS’ Authorization must be obtained prior to completing a Transaction;
“Insolvent” means: in respect of a person, that that person is unable to pay its debts as defined in s.123 (1) or (2) Insolvency Act 1986, except that in the interpretation of this definition: (a) the words “it is proved to the satisfaction of the court that” in subsections (1)(e) and (2) of section 123 shall be deemed to be deleted; and (b) a Party shall not be deemed to be unable to pay its debts if any demand under section 123(1)(a) or section 268(1)(a) is being contested in good faith by such Party and such Party has adequate funds to discharge the amount of such demand or if any such demand is satisfied before the expiration of 21 days from the date on which it is made; (for an individual) when it is the subject of a bankruptcy petition or order; (for an individual) when it is deemed either unable to pay its debts or as having no reasonable prospect of so doing, in either case, within the meaning of section 268 of the Insolvency Act 1986; (for a partnership) when any of the foregoing apply to any partner thereof; (for an individual) he dies or, by reason of illness or incapacity (whether mental or physical), is incapable of managing its own affairs or becomes a patient under any mental health legislation;
“Intellectual Property Rights” means any and all intellectual property rights of whatever nature and includes patents, inventions, know-how, proprietary knowledge, trade secrets and other confidential information, copyrights, database rights (including rights of extraction), design rights (registered or unregistered), copyright, trademarks, service marks, logos, internet domain names, business names, trade names, rights protecting goodwill and reputation, moral rights, all registrations or applications to register any of the aforesaid items, and all rights and forms of protection of a similar nature of any of the aforesaid items or having equivalent effect in any country or jurisdiction, rights in the nature of unfair competition rights and rights to sue for passing off;
“Login Credentials” means each personal identification number or password that is necessary to enable access or use of Merchant Account or any Service;
“Losses” means any liabilities, losses, damages, charges, fines, costs, Taxes or expenses (including reasonable and properly incurred legal fees and/or expenses);
“Rules” means all applicable rules, regulations and operating guidelines issued by the Card Schemes or any APMP from time to time relating to Cards, Transactions, APMs and any payments or processing of Data relating thereto (including those communicated in the Operating Instructions and such rules, regulations and guidelines posted on Card Scheme or APMP websites from time to time including: (a) www.visaeurope.com; (b) http://www.mastercard.co.uk/; (c) https://www.mastercard.us/en–us/aboutmastercard/what–we–do/rules.html; and (d) such other URLs notified from time to time); and all amendments, changes and revisions made thereto from time to time, and any current waivers or exceptions agreed with the Card Schemes or any APMP;
“Operating Instructions” means any instructions, guidance or manuals made available by UNIPaaS to SM, as amended from time to time;
“Other Financial Institution” means any third-party credit or financial institution or service provider (including Card Schemes, Card Issuers, APMPs and Acquirers) which may be involved, or which UNIPaaS in its sole and absolute discretion involve, in the course of provision of any of the Services;
“Party” means each party to this Agreement (as the context may require) and includes the successors and permitted assigns of each such party;
“Payment Facilitation Services” means services that facilitate acceptance of Cards and APM, including facilitating provision of Acquiring Services;
“PCI SSC Standards” means the Payment Card Industry Data Security Standard, Payment Application Data Security Standard and the PIN Transaction Security Standard as updated from time to time and published by the PCI Security Standards Council (the “PCI SSC”);
“Person” means any individual, company, body corporate, corporation sole or aggregate, government, state or agency of a state, firm, partnership, association, organization or trust (in each case, irrespective of the jurisdiction in or under the law of which it was incorporated, formed or otherwise exists);
“Personal Data” means data which relates to a Data Subject who can be identified from such data;
“Pricing Schedule” means the document(s) setting out the relevant Fees in connection with the Services, whether attached to or included within the Application Form or otherwise provided to SM from time to time, the current Pricing Schedule is attached hereto as Schedule 2;
“Reason Code” means a code or category used by any Card Scheme to classify a specific activity, act or omission, including any code in the Visa Merchant Alert Service, Mastercard Member Alert to Control High-Risk Merchants or an equivalent for any other Card Scheme, or a Regulatory Authority black list;
“Refund” means a Transaction, in respect of an initiating Transaction, made wholly or partially to reverse that initiating Transaction;
“Regulatory Authority” means any governmental or regulatory authority, and/or any self-regulatory authority, governmental department, agency, commission, board, tribunal, crown corporation, or court or other law, rule or regulation making entity having jurisdiction over any of the Parties and/or their businesses or any part or subdivision thereof in any territory in which the Services are made available or any local authority, district or other subdivision thereof (including, in respect of the United Kingdom, the Financial Conduct Authority, the Office of Fair Trading, the Office of the Information Commissioner) and anybody which succeeds or replaces any of the foregoing;
“Remittance” means any payment UNIPaaS makes to SM hereunder as a result of Acquiring Services (and “Remit” will be construed accordingly);
“Representment” means a Transaction to reverse a Chargeback by the re-execution of the original Transaction, where the Chargeback was successfully challenged;
“Restricted Person” means a Person that is (i) listed on, or owned or Controlled by a Person listed on any Sanctions List; (ii) located in, incorporated under the laws of, or owned or Controlled by, or acting on behalf of, a Person located in or organized under the laws of a country or territory that is the target of country-wide Sanctions; or (iii) otherwise a target of Sanctions.
“Reserve Account” means an account under UNIPaaS’ control where funds due to SM are credited until UNIPaaS agrees to release the funds to SM.
“Retro-Charge” means a Transaction initiated to reverse a Refund to which the Customer was not entitled;
“Sanctions” means any economic sanctions laws, regulations, embargoes or restrictive measures administered, enacted or enforced by: (a) the United States government; (b) the United Nations; (c) the European Union; (d) the United Kingdom; or (e) the respective governmental institutions and agencies of any of the foregoing, including without limitation, the Office of Foreign Assets Control of the US Department of Treasury (“OFAC”), the United States Department of State, and Her Majesty’s Treasury (together “Sanctions Authorities”)
“Sanctions List” means the “Specially Designated Nationals and Blocked Persons” list issued by OFAC, the Consolidated List of Financial Sanctions Targets issued by Her Majesty’s Treasury, or any similar list issued or maintained or made public by any of the Sanctions Authorities.
“Services” means any or all of the Acquiring Services, the Payment Facilitation Services and the Ancillary Services;
“Settlement” means the crediting to UNIPaaS, its agent or another Financial Institution (as applicable) of the value of a Transaction as determined by the relevant Card Scheme or Other Financial Institution as the case may be (and “Settle” and “Settled” shall be construed accordingly);
“SM Bank Account” means an account in SM’s name with a duly authorized credit institution acceptable to UNIPaaS that is maintained for the purposes of receiving Remittances and paying Fees due hereunder;
“SM Account” means an electronic management information account containing Data related to SM’s Transactions, Chargebacks, Refunds, Representments and Retro- Charges, and which may be made available from time to time or any replacement product made available from time to time;
“SM Material Adverse Change” means any circumstance, event or series of events that materially adversely affects or may materially adversely affect SM’s liabilities or potential liabilities; or its ability fully and promptly perform and comply with any one or more of its obligations hereunder, including: (a) a material change in the nature of business or the goods or services supplied; (b) a material positive or negative fluctuation month-on month in Transaction volumes or the average value of Transactions or the occurrence of such other event as may give rise in UNIPaaS’ discretion to a significant increase in SM’s risk profile; (c) a material increase in Chargeback, Refunds or declined Transactions levels relative to expected volume; (d) occurrence of a material Assessment or multiple Assessments; (e) Change of Control in respect of SM, or a sale or other disposal of any substantial division or part of SM business; (f) the withdrawal, removal, termination or unenforceability of any security in relation to SM which UNIPaaS or any Other Financial Institution rely upon; (g) the withdrawal or termination of any license, permission or authorization required to operate its business; (h) instructions from a Regulatory Authority which SM does not, or is unable or unwilling to, comply with; (i) the granting to a third party of any security or charge over all or a significant proportion of its assets; or (j) material deterioration in its profits or SM’s financial or trading position,
“Supporting Services” means the services provided by UNIPaaS.
“Tax” means all forms of tax and statutory, governmental, state, federal, provincial, local, government or municipal charges, duties, imposts, contributions, levies, withholdings or liabilities wherever chargeable and any penalty, fine, surcharge, interest, charges or costs relating thereto;
“Tax Authority” means any taxing or other authority (in any jurisdiction) competent to impose, administer or collect any Tax.
“Third Party Product” means a product (whether hardware, software or services) supplied by a third party;
“Trading Limit” means the maximum aggregate value of one or more Transactions that SM may complete in respect of any specified period as notified by UNIPaaS from time to time;
“Transaction” means any payment by a Customer for goods or services purchased by a Customer from and provided by SM, using either: (b) a Card, a Card number or otherwise to debit or credit the applicable Card account; or (b) an APM; in each case in accordance with the terms of this Agreement and in relation to which Services are supplied hereunder, or a reversal of the same. Unless the context requires otherwise, a reference to “Transaction” shall include a reference to a Refund, a Representment, a Retro-Charge, a Recurring Transaction and a series of connected Transactions;
“Transaction Data” means Transaction Personal Data and any other data relating to a specific Transaction;
“Transaction Personal Data” means Personal Data which it is necessary to provide or to Process in connection with Transactions, Chargebacks, Refunds, Representments or Retro-Charges in the course of providing the Services;
- Supply of Services
- Subject to timely and duly payment of the Fees and SM’s undertaking to comply with the terms hereof, UNIPaaS shall provide SM with Payment Facilitation Services, and shall further provide SM with Payment Facilitation Services availability and support in accordance with the SLA set forth in Schedule 3 hereto.
- Subject to timely and duly payment of the Fees and SM’s compliance with the terms hereof, UNIPaaS shall provide SM with the Supporting Services, and shall further provide SM with Supporting Services availability and support in accordance with the SLA set forth in Schedule 3 hereto.
- Services will be provided in respect of each Card Scheme and APM of which and for as long as the Designated Acquirer or UNIPaaS is a member or has an adequate arrangement. Card Schemes and APMs details may be updated by UNIPaaS from time to time, by issuing a 30-day prior written notice to SM to such effect. The form of Services, contractual structure, method of Settlement and Remittance as well as the respective terms and conditions may vary between various Card Schemes and APMs.
- SM Undertakings and Obligations Compliance
- SM hereby undertakes, at all times, to comply with:
- the terms and provisions of this Agreement.
- the Rules, whether or not reflected in this Agreement, including such Rules provided or made available thereto from time to time, or made publicly available by a Card Scheme or APMP.
- all Applicable Laws and such provisions which apply to the sale of goods or services by SM in connection with the Transactions and the performance of SM’s obligations pursuant to this Agreement; and
- PCI SSC Standards.
- SM’s obligations in respect of the sale and supply of goods or services to its Customers.
- Compliant Infrastructure. SM acknowledges and agrees that it will comply and ensure that its respective hardware, software and communications systems and Transactions processed shall at all times comply with all technical, communications, implementation and integration requirements as provided by UNIPaaS in writing from time to. Such compliance is mandatory to UNIPaaS’ ability to provide Services. SM shall bear all costs related to the aforementioned compliance, incurred prior to, on or following the Commencement Date.
- Due Diligence. SM undertakes to promptly comply with all initial and ongoing requests for information, documents and verification issued by UNIPaaS from time to time and assist UNIPaaS, for the purpose of meeting the various Card Schemes, APMs, Other Financial Institutions and UNIPaaS’ operational, legal, anti-money laundering, KYC, risk assessment requirements in respect of SM and to carry out Customer Due Diligence (including provision of Personal Data in respect of SM’s directors and beneficial owners, Persons providing security in respect of its undertakings hereunder). SM acknowledges that UNIPaaS may be restricted from entering into this Agreement by Card Schemes and APMs based on the business of the SM or other criteria as the Card Schemes and Alternative Payment deem appropriate. In the event that SM shall fail to timely comply with any such request for information, documents and verification by UNIPaaS or otherwise fail to timely complete Customer Due Diligence, UNIPaaS may limit the Payment Facilitation Services of Transactions in respect of SM up to an aggregate amount equal to the higher of: (a) US$1,500; (b) EUR1,500; or (c) GBP1,500, and as of such aggregate amount suspend all Payment Facilitation Services in respect of SM. In the event that, despite a 14 days prior written notice to SM, such non-compliance shall not be cured within 30 days as of UNIPaaS’ initial request, UNIPaaS shall be entitled to close down the SM Account, refund all Funds collected in respect of SM to the respective Cardholders and SM shall immediately pay to and indemnify UNIPaaS for any and all Assessments, Claims, Anticipated Liabilities, Losses, Fees and all other amounts due by SM hereunder, without derogating from UNIPaaS’ rights to collect and setoff any such amounts from the Reserve Account or from any such other collateral provided by SM or its respective marketplace to UNIPaaS.
- SM Domicile rules. SM hereby Warrants and undertakes that it shall:
- have a permanent establishment or business registration in the country referenced as its address in the Agreement which is where the Services are provided.
- abide by all relevant accounting principles as they apply to SM and record the Transactions processed by UNIPaaS in the accounting records of its permanent establishment or business registration as the case may, in full compliance with such principles and the Rules.
- pay all relevant Taxes as required by Applicable Law and the Rules relating to the Transactions submitted for processing and the goods and services sold thereby; and
- comply with all Rules as in force from time to time and to the extent any Rules require a change in the location of SM or its contracting entities, SM undertakes to comply with such requirements and execute all such documents as required by UNIPaaS in order to ensure compliance with the Rules or any Applicable Law, including novation of this Agreement to a compliant entity.
- provide UNIPaaS with adequate evidence of SM’s compliance with this section upon UNIPaaS’ written request, including provision of accounting records relating to the permanent establishment or business registration as the case may be.
- Compliance with Sanctions. SM undertakes and warrants: (a) to comply in all respect with all Sanctions and Applicable Laws related thereto; (b) that it is not, and that none of its directors, officers, agents, employees or persons acting on behalf of the foregoing are, a Restricted Person or act directly or indirectly on behalf of a Restricted Person; and (c) that promptly upon becoming aware of any claim, action, suit, proceedings or investigation against SM or the persons listed in section (b) above with respect to Sanctions by any Sanctions Authority, to immediately inform UNIPaaS and supply full and complete details thereof.
- Services Related Undertakings. SM hereby undertakes in respect of its use the Services that:
- it shall only accept payments and submit Data to UNIPaaS in respect of Transactions authorized by a Customer pursuant to Applicable Law, the terms hereof, the Operating Instructions, the Rules and any other information or instructions provided or made available by UNIPaaS from time to time;
- it shall only submit Data to UNIPaaS directly from SM’s systems, or via a Third Party Product which has been expressly approved by UNIPaaS in writing, and in respect of which all compliance standards, licenses and clearances have been obtained;
- it shall submit Transactions to UNIPaaS without delay and in any event no later than 2 days as of the date thereof.
- it shall only accept payments from and make Refunds to Customers in connection with goods or services that SM has sold and supplied as principal to such Customers, and only pay such Refunds to Customers using the payment method used by the Customers for the respective original Transaction.
- it shall only accept payments and make Refunds in respect of goods or services the sale and supply of which complies with SM’s business as disclosed in writing by SM to UNIPaaS and approved thereby.
- it shall provide UNIPaaS with complete description of goods sold and services provided thereby and inform UNIPaaS in writing prior to making any change to such goods and services, which shall at all times comply with SM’s business as disclosed by SM to UNIPaaS in the Application Form.
- it shall inform UNIPaaS in writing and without delay of any change of SM’s address or place of business and obtain UNIPaaS’ prior written consent (which may be withheld at its sole discretion) in respect of any URL of any website where SM accept or state that it accepts payments by Card or APMs using any of the Services;
- it shall inform UNIPaaS in writing and without delay of the current address of each of its offices, all “doing business as” (DBA) names used by the SM and any proposed change thereof, and shall refrain from affecting any change thereto without obtaining UNIPaaS’ prior written consent (which may be withheld at its sole discretion) in respect of any such change;
- it shall at all time adhere to and comply with the terms and conditions set forth in the “SM declaration and undertakings with respect to its services websites and applications” attached hereto as Schedule 4.
- Trading Limits
- UNIPaaS may, from time to time, notify SM of a Trading Limit and a Floor Limit. Unless otherwise notified in writing to SM, Floor Limit shall be nil (zero).
- SM may not exceed the Trading Limit or complete a Transaction in excess of the Floor Limit without receiving UNIPaaS’ prior written approval (to be given in its sole discretion). Such Trading Limit or Floor Limit shall continue to apply until SM is otherwise notified in writing.
- SM further acknowledges that each Card Scheme’s respective yearly Trading Limits as of the Commencement Date (and may be changed by Card Schemes from time to time), is one million US Dollars. SM undertakes to refrain from exceeding such Trading Limits. Unless otherwise approved by the respective Card Scheme and Designated Acquirer, in the event that SM shall exceed said Trading Limits with any Card Scheme, it shall be required to enter into a direct acquiring agreement with Designated Acquirer in order to continue to use the Services in respect of such Card Scheme.
- SM Representations and Warranties
- SM hereby represents, undertakes and warrants as follows:
- it will not process pursuant to this Agreement any face-to-face Transactions without UNIPaaS and Designated Acquirer prior written confirmation and the signature of the applicable addenda where required.
- this Agreement constitutes SM’s legal, valid and binding obligation, enforceable against SM in accordance with its terms.
- it will perform all obligations hereunder with reasonable skill and care.
- the execution, delivery and performance by SM of this Agreement and the use of Services will not conflict with or violate any Applicable Law. SM acknowledges that UNIPaaS does not warrant or represent that its use and access of the Services shall comply with Applicable Law in its specific jurisdiction, and that it is SM’s responsibility to inform UNIPaaS and request any specific jurisdiction mandated requirements.
- this Agreement is duly authorized and that it has and shall continue to maintain during the term of this Agreement the full power and authority to execute, deliver and perform this Agreement.
- it has examined and verified the legality of its operations in each applicable jurisdiction.
- it has obtained and shall continue to maintain during the term of this Agreement all necessary regulatory approvals, certificates and licenses to conduct its business including without limitation the required regulatory approvals, certificates and licenses to operate as a SM, operate SM’s websites, sell any product or provide any good and service SM intends to offer.
- there is no action, suit or proceeding at law or in equity now pending or, to the best of its knowledge, threatened by or against or affecting SM which would impair its right to carry on its business as now conducted or affect its financial conditions or operations or its ability to perform the obligations required under this Agreement.
- it has full knowledge of PCI CSS and hereby undertakes to faithfully comply therewith and apply best organizational and technical security measures and to prove compliance therewith in an appropriate manner upon request. It shall only use service providers that are PCI CSS compliant. It shall bear all costs associated with achieving compliance and shall be solely responsible for any Assessments arising from non-compliance. Without derogating from the generality of the above, SM assumes full responsibility in the event of its total or partial non-compliance with the PCI CSS.
- any and all information and documentation provided by SM is true, accurate, complete and updated and no information, document or statement provided, made available or made are untrue, false, incorrect, incomplete or misleading.
- it shall not knowingly do anything or allow anything to be done which is likely to harm UNIPaaS’, Designated Acquirer, Card Schemes or Other Financial Institutions reputation.
- SM, its directors, owners or personnel or any of the aforementioned immediate family members have not been entrusted with prominent public functions (a.k.a “Politically Exposed Persons” or “PEP”).
- it is not a beneficially owned or Controlled, directly or indirectly, by any governmental authority, governmental Controlled entity, political party or candidate, or by any representative, officer and/or employee of any of the aforementioned.
- SM shall not (directly or indirectly) pay, offer, give or promise to pay or authorize the payment of, any portion of the compensation or reimbursements received hereunder or any other monies or other things of value to an officer or employee of a government or any department, agency, or instrumentality or public international organization; any political party or official thereof; any candidate for political office; or any other person, at the suggestion, request or direction or for the benefit of any of the above-described persons and entities for the purpose or expectation of improperly obtaining, retaining or directing any business opportunity related to this Agreement or for purposes of influencing official actions or decisions or securing any improper advantage in order to obtain or retain business, or engage in acts or transactions otherwise in violation of any applicable anti-bribery legislation, including the OECD Convention on Combating Bribery in International Business Transactions (as amended from time to time), and equivalent local laws, including the Foreign Corrupt Practices Act of the United States, the Bribery Act 2010 of the UK and similar multilateral anti-bribery agreements.
- it will not require a Customer to waive a right to dispute a Transaction or include any statement that waives or seeks to waive a right to dispute a Transaction with the respective Card issuer or APM.
- SM further represents, undertakes and warrants that:
- it is not involved and will not be involved in any act or traffic that constitutes or can be reasonably expected to constitute fraud or other illegal activity, including but not limited to money laundering, under any Applicable Law.
- it shall not use the Services, directly or indirectly, in connection with any non-permitted, illegal or fraudulent business activities and shall not submit any transaction that is illegal or that SM should have known was illegal.
- all Transactions that will be processed in connection with the Services are owned by SM and only result from Transaction between Customer and SM and will be originated only from SM’s websites as such websites were declared by SM.
- it will only use the Services to transact on SM’s own account as a SM and not otherwise on behalf of any third party including but not limited another payment facilitator.
- it will keep to (and will not do anything that will cause UNIPaaS not to keep to all legal and regulatory requirements which apply (including the Consumer Credit Act 2006, the Data Protection Act 2018 and the Financial Services and Markets Act 2000 together with all rules, regulations, statements, codes and other requirements made under or imposed by the Financial Conduct Authority or other regulatory body) and all Rules which apply.
- SM shall be solely liable for all Losses resulting from any unauthorized activity in connection with its SM Account.
- SM Account and Security Measures
- SM shall keep its Login Credentials confidential and shall refrain from disclosing them to any third parties. SM shall take all commercially reasonable measures to prevent unauthorized use of the Login Credentials of any other confidential material or information in respect of the SM Account. In the event that SM shall be aware or suspect of any unauthorized use of the Login Credentials or of any confidential material or information in respect of the SM Account, SM shall notify UNIPaaS without delay by telephone, followed by written confirmation of such notice, through the applicable UNIPaaS contact information.
- SM hereby acknowledges and undertakes that it shall be solely responsible for establishing and applying adequate security systems and measures for: (a) compliance with the provisions of section 1; (b) monitoring all use of or access to SM’s Login Credentials, and SM Account in such manner as that will in guarantee that all Authorized Users will use the SM Account within the limits of their authority and that no transactions are performed which would indicate that unauthorized persons had access to SM’s Login Credentials; and (b) for Data after accessed within, printed or downloaded from, SM’s SM Account.
- except as expressly permitted under this Agreement, SM hereby undertakes to refrain from coping or disclosing any Data from its SM Account or Documentation, or any part thereof, to any third parties and for any purpose whatsoever.
- SM hereby undertakes to access and use the Data available in its SM Account and the Documentation for the sole purpose of using the Services in accordance with the provisions hereof and solely for its internal business purposes.
- SM hereby undertakes to notify UNIPaaS as soon as the authority of an Authorised User is terminated.
- Fees, Payments and Refunds
- all Fees payable by SM to UNIPaaS hereunder shall be immediately due and payable upon provision of the relevant Service to SM.
- if for any reason any amounts owed by SM to UNIPaaS was not deducted from a Remittance, while all such amounts are immediately due, they will be payable by SM in accordance with the terms of any invoice issued by UNIPaaS.
- all wiring or bank transfer and charges of Remittances and payments to SM hereunder shall be changed to and borne by SM and may be deducted by UNIPaaS from any Remittance or amount due to SM.
- UNIPaaS may from time to time vary the Pricing Schedule and the Fees or introduce new charges in addition to the Fees.
- SM acknowledges that Card Schemes and Other Financial Institutions may change their existing charges and fees (applicable to UNIPaaS or SM) as well as assess additional or different charges and fees, all of the above shall be respectively effect and be respectively reflected in the Fees and automatically apply to SM. UNIPaaS shall exert best efforts to provide SM with advance notice of the aforementioned variations.
- any fees or amounts paid by SM, whether directly or by way of a set-off, deduction or otherwise, to Card Schemes or Other Financial Institutions, shall not affect or derogate from its obligation to pay all Fees due to UNIPaaS hereunder.
- if a SM fails to pay any amount under this Agreement when due, then UNIPaaS shall be entitled to charge the SM interest at a rate equal the highest rate permitted under Applicable Law.
- in the event that SM shall fail to pay any amount under this Agreement when due, then in addition to any other remedies available to UNIPaaS under this Agreement or at law, SM will be charges with all reasonable costs and expenses incurred by UNIPaaS in connection with the collection of any unpaid and overdue amounts, including any debt collection agency charges and reasonable legal costs incurred in exercising or enforcing UNIPaaS’ rights hereunder.
- All Fees, charges and other payments hereunder are exclusive of VAT and any other applicable Taxes under any Applicable Law, for which SM shall be fully and solely liable.
- any Tax payable in respect of the Services provided or payments made under this Agreement will be borne and payable by SM without delay.
- any Tax payable in respect of the goods and services sold by SM within the scope of a Transaction will be borne by and payable by SM without delay.
- in the event that despite the aforementioned, joint liability shall be imposed on SM and UNIPaaS for any Tax, such Tax will be fully and solely payable by SM. In the event that UNIPaaS shall be required or elect to pay any such Tax to the relevant Tax Authority (such will not be deemed as an undertaking to so pay) SM shall immediately reimburse and indemnify UNIPaaS for any such payment and all costs associated therewith. UNIPaaS shall be entitled, it its sole discretion, to deduct and setoff such amounts from any Remittance or sums held by UNIPaaS and owed to SM.
- in the event that UNIPaaS shall be required to perform a deduction or withholding on account of Tax (a “Tax Deduction”) under Applicable Law, UNIPaaS may make such Tax Deduction from any Remittance and will pay such amounts as are due to the relevant Tax Authority. For the avoidance of doubt, UNIPaaS will not be obliged to increase or gross-up any payment on account of any Tax Deduction. At SM’s request, UNIPaaS will provide confirmation that the Tax Deduction has been made and/or that the appropriate payment has been made to the relevant Tax Authority.
- in the event that UNIPaaS shall be required to provide any Tax Authority with information in relation SM or Transactions processed under this Agreement, SM hereby consents to the provision of such information by UNIPaaS. SM further undertakes to provide UNIPaaS with its Tax identification details upon request.
- SM shall maintain and disclose to Customers at the time of purchase a fair policy in respect of Customer’s right to return goods or cancel services. SM shall refrain from giving a cash refund to a Customer for a payment made using a Card or accept cash or other compensation for making a refund to a Card, unless so required by Applicable Law.
- the form and procedure for making Refunds shall be in accordance with the Operating Instructions applicable to such type of Refund. Refunds shall only be permitted in circumstances the originating Transaction has been reversed in whole or in part. SM shall be solely responsible to ensure that the amount of any Refund shall not exceed the amount of the initiating Transaction, and shall solely liable for any misuse of any Service to process Refunds, including cases of Refunds without an originating Transaction.
- UNIPaaS shall be entitled to refuse to perform a Refund if it is not in compliance with the terms hereof or is prohibited by Applicable Law or the Rules. In the event that UNIPaaS shall refuse to execute a Refund, it shall notify SM: (a) (unless prohibited by law) of the refusal; (b) (if possible) the reasons for such refusal; and (c) (where it is possible to provide reasons for the refusal and those reasons relate to factual matters) the procedure for correcting such factual mistakes it. Any payment order refused by UNIPaaS will be deemed not to have been received for the purposes of execution times and liability for nonexecution or defective execution.
- in cases where UNIPaaS executes a Transaction or Refund in accordance with details provided by SM, the Transaction or Refund will be deemed to have been correctly executed by UNIPaaS and any Other Financial Institution applicable to such execution. In cases of provision of incorrect details by SM, UNIPaaS shall not liable for the nonexecution or defective execution of the Transaction or Refund. If SM so requests, UNIPaaS shall make reasonable efforts to recover the funds involved in such a Transaction or Refund and charge SM for any such efforts.
- SM undertakes to notify UNIPaaS promptly after becoming aware (and not later than 13 months as of the Transaction) of any Refund which has not been correctly executed, as well as any unauthorized Transactions.
- Payments and Remittances to SM
- Following and subject to the receipt of Funds by UNIPaaS in respect of a Transaction properly submitted by SM, UNIPaaS shall initiate or procure the initiation of a Remittance by bank transfer to the SM Bank Account. Remittances will be processes and performed on a weekly basis, or on a longer period basis, as may informed to SM in writing from time to time. Remittance shall constitute the full, final and complete payment and consideration due to SM.
- UNIPaaS shall be entitled to deduct or withhold the following amounts from, or set-off such sums against, any Remittance or any other amount UNIPaaS is otherwise obliged to pay SM: (a) any Refunds; (b) any Chargebacks; (c) any Assessments; (d) any Chargeback Costs; (d) any Claims; (e) any Anticipated Liabilities; (f) any Fees; (g) any Taxes; and (h) any other charges or amounts due by SM hereunder or otherwise.
- Remittance shall be paid in the currency or currencies agreed between SM and UNIPaaS as set forth in the Application Form, or as otherwise agreed in writing by SM and UNIPaaS from time to time. In cases where UNIPaaS applies a currency conversion to Remittance, it shall use the respective banks’, Card Scheme and UNIPaaS’ prevailing conversion rates and fees will apply to the specific Remittance and related circumstances.
- Notwithstanding the aforementioned, UNIPaaS may defer or withhold any amount it is obliged to pay SM, upon one of the following occurrences:
- following any permitted deductions, withholdings or setoff hereunder, such amount is less than the minimum Remittance threshold determined by UNIPaaS from time to time, in its sole and absolute discretion, until the total net Remittance amount payable reaches such threshold;
- UNIPaaS believes that a Transaction (including activity which would otherwise have constituted a Transaction) may be fraudulent, involves any illegal activity, made outside SM’s ordinary course of business, may incur Refunds, Chargebacks, Assessments or Anticipated Liabilities, is non-compliant with PCI SSC, or constitutes a breach of Applicable Law, the Rules or the terms hereof, until completion of investigation by UNIPaaS, any Other Financial Institution, Regulatory Authority, Card Scheme or any other applicable third party to its complete satisfaction;
- SM has failed to complete or comply with Customer Due Diligence or due to missing documentation UNIPaaS will be prevented from remitting funds to SM under the Rules or Applicable Law, until such time as all the requested documentation has been provided or Customer Due Diligence has been completed or complied with; or
- SM is entered into any of the Card Schemes’ chargeback, fraud or audit programs (e.g. MasterCard’s Global Merchant Audit Program or Visa’s respective Merchant Fraud Programs).
- UNIPaaS becomes aware or believes that SM is in breach of or is likely to be in breach of its obligations hereunder which may incur Anticipated Liabilities.
- UNIPaaS shall be entitled to suspend the processing of all or any Remittance, Transactions, Refunds, Representments or Retro-Charges in the event it shall believe that a Transaction, Refund, Representment or Retro-Charge (including activity which would otherwise have constituted a Transaction, Refund, Representment or Retro-Charge) may be fraudulent or constitutes a breach of Applicable Law, the Rules (including failure to provide documentation, information or Data hereunder) or the terms hereof, until the satisfactory completion of investigation by UNIPaaS, any Other Financial Institution, Regulatory Authority, Card Scheme, APMP, or any other applicable third party.
- Upon exercise of UNIPaaS’ rights under this clause 7, it shall notify SM of any such action and the reasons for it, unless such notice is prohibited under Applicable Law. Subject to UNIPaaS’ security measures and Applicable Law, UNIPaaS shall notify SM prior to any suspension of processing under clause 6 if it is able to do so, or otherwise as soon as possible following such suspension.
- SM hereby unconditionally instruct and authorize UNIPaaS or any Other Financial Institution to receive Funds from the Designated Acquirer or Other Financial Institutions on SM’s behalf, to remit such Funds to one or more Customer Payments Accounts for the purpose of holding such received funds in respect of Transactions processed by SM (net of any amounts due to UNIPaaS), prior to making each Remittance to SM. SM shall not be entitled to receive interest, if any, in connection with funds held in Customer Payments Accounts or otherwise held, deferred or withheld in accordance with the terms hereof, and any such interest may be retained by UNIPaaS.
- SM hereby acknowledges and agrees that: (i) authorization of a transaction indicates that a payment method is not restricted, declared invalid and within limits at the time of authorization and shall not be deemed as a payment undertaking or guarantee of payment acceptance from the end user, or protection against a Chargeback or Refund; and (ii) such authorization shall not relieve SM of its contractual and legal obligations or otherwise validate a fraudulent or a disputed Transaction.
- SM acknowledges and agrees that not applying a set-off, withholding or deduction for any period of time does not constitute a waiver of right to impose such retroactively or for such period of time. SM further acknowledges that Chargebacks, Refunds and Assessments may arise a considerable period of time after the date of the relevant Transaction, and agrees that, notwithstanding any termination or expiration of this Agreement for any reason, UNIPaaS shall remain entitled to recover such amounts from the SM. All Remittances and credits by UNIPaaS shall be provisional, conditional and subject at all times to permitted deductions, withholdings and setoff hereunder.
- UNIPaaS may at any time and without notice use third parties for the purpose of payment of Remittances, and will notify SM of the identity of such third parties from time to time. All payments to SM account by such third parties shall be deemed payment by UNIPaaS, for all intents and purposes. Notwithstanding, where Remittances are made directly by such third parties, such transfer of funds shall be subject to such third party’s practices and such third party may deduct wire fees for each Remittance in accordance with its applicable terms. UNIPaaS shall not have any liability to SM with respect to such payments by third parties, subject to UNIPaaS exhausting reasonable efforts to recover the full Remittances amount from such third parties.
- Chargebacks and Assessments
- Each Chargeback and each Assessment represents a debt immediately due and payable by SM to UNIPaaS, in respect of which SM solely assumes liability and related risks.
- SM hereby acknowledges and agrees that it will be required to reimburse and indemnify UNIPaaS for Chargebacks in circumstances where it has accepted payment in respect of a relevant Transaction, even if it is under no legal liability in respect of the supply of the goods or services related thereto. To the extent permitted by Applicable Law, UNIPaaS shall provide SM with a written notice in respect of any applicable Chargebacks and Chargeback Costs which have occurred or been incurred.
- Any Chargebacks for which SM shall be liable to reimburse or indemnify UNIPaaS shall correspond to the whole or part of the Settlement value in the currency of the original Transaction. Such amount may be converted to the Settlement currency from the currency of Chargeback at the UNIPaaS prevailing Exchange Rate.
- In the event that SM shall wish to dispute a Chargeback, it shall be responsible: (i) to prove to UNIPaaS’ satisfaction (which shall, be conditional, inter alia, upon the relevant Card Scheme, Card Issuer, Other Financial Institution, or APMP, as the case may be, confirming its satisfaction of such proof) that the debit of the Customer’s account was authorized by such Customer; and (ii) (additionally) to provide UNIPaaS with such other evidence as it or any Card Issuer, Other Financial Institution, APMP or Card Scheme may require for the purpose of supporting of SM’s claim. The evidence required to be provided may depend on, inter alia, the nature of the Chargeback.
- Subject to the Rules, UNIPaaS or any Other Financial Institution, shall not be under obligation to investigate the any Chargeback or Assessment. SM hereby acknowledges and agrees that any decision or determination of the relevant Card Scheme or APMP as to the validity and extent of any Chargeback and/or Assessment shall be final and binding.
- Since Chargebacks could occur a substantial period of time following the date of the relevant Transaction, SM hereby acknowledges and agrees that, notwithstanding termination hereof for any reason, UNIPaaS shall remain, entitled to recover Chargebacks and Chargeback Costs from SM (and, to the extent applicable, from any Person who provided guarantee or security relating to SM’s obligations hereunder) in respect of all Chargebacks occurring in relation to Transactions effected during the term hereof.
- In the event that SM shall wish to dispute a Chargeback or Assessment, it shall be entitled to do so in accordance with the applicable procedure set out in the Operating Instructions and Rules. In the case of a disputed Chargeback or Assessment, SM shall be required to provide UNIPaaS within any specified timeframe with the evidence required by UNIPaaS, the Card Scheme or the Card Issuer.
- Depending on SM’s Refunds ratios, fraud ratios, Chargeback ratios and other risk considerations, UNIPaaS may upon advance notice of 10 days and at UNIPaaS’ sole discretion, require SM to process Transactions via 3D Secure.
- Bank Account and Payments
- SM undertakes to open and maintain in its name a SM Bank Account throughout the term hereof and for such additional period as may be required thereafter for the purposes of any applicable provisions of this Agreement. SM is required to maintain with SM’s bank an instruction to authorizing UNIPaaS to directly debit from the SM Bank Account all sums that become due and payable by SM hereunder.
- In addition to, and notwithstanding UNIPaaS’ any other rights and remedies hereunder, UNIPaaS may debit the SM Bank Account, at its option, for any all amounts due and payable by SM hereunder including any Refunds, Chargebacks, Assessments, Chargeback Costs, Claims, Fees, Taxes, in accordance with the terms of the direct debit instruction maintained under clause 1. UNIPaaS shall, if practicable, notify SM in advance of any amount it intends to debit by direct debit.
- SM hereby to keep SM Bank Account at all times with a credit balance sufficient to meet any sums due and payable by SM hereunder.
- SM hereby undertakers to notify UNIPaaS in writing in advance of any changes proposed by SM or any third party in respect of the SM Bank Account (including the location of the branch at which such account is held) and to refrain from implementing such changes prior to receiving UNIPaaS’ prior written consent. In the event that any changes in the SM Bank Account details are required under Applicable Law, SM shall notify UNIPaaS in writing immediately, and proving full details of such changes and the reasons therefor.
- This clause shall not prejudice SM’s rights under Applicable Law.
- Any Remittance made by UNIPaaS, upon SM’s direction, to a SM Bank Account in the name of a person other than SM, will constitute good receipt by SM of the amount due and owing by UNIPaaS to SM under this Agreement.
- SM hereby irrevocably authorizes each of UNIPaaS and any Other Financial Institution, from time to time without notice and both before and after demand, to set off by whatever means the whole or any part of SM’s liabilities to UNIPaaS or to any Other Financial Institution hereunder or under any other contract (including present, future, actual or contingent or potential, liquidated or unliquidated liabilities and irrespective of the denomination currency thereof) against any Remittance due to SM or against any sums (whether or not related to the Transaction that gave rise to such liability) held by UNIPaaS or by any Other Financial Institution or owed to SM hereunder this Agreement or any security provided in respect of SM’s undertaking and liabilities hereunder. Any SM credit balance with UNIPaaS or any Other Financial Institution will not be repayable, or capable of being disposed of, charged or dealt with by SM until all such SM liabilities to UNIPaaS and any Other Financial Institution have been met. UNIPaaS and any Other Financial Institution shall not waive this restriction or their rights under this clause 10. UNIPaaS shall notify SM as soon as reasonably practicable upon exercise by UNIPaaS or by Other Financial Institution of such rights under this clause 9.
- SM shall not be entitled to any form of set-off in respect of any of UNIPaaS or any Other Financial Institution’s liabilities under this Agreement or any other Agreement (including present, future, actual or contingent or potential) against any amounts due to UNIPaaS or to any Other Financial Institution from SM.
- Any exercise of UNIPaaS or any Other Financial Institution’s rights under this clause 10 shall be without prejudice and in addition to any other rights or remedies available thereto.
- Reserve Account and Security
- UNIPaaS will maintain at all times a Reserve Account as security and guarantee of payment of any and all amounts or liabilities due by SM hereunder, including without limitation, in connection with any Refunds, Chargebacks, Assessments, Chargeback Costs, Claims, Anticipated Liabilities and Fees.
- The Reserve Account may, at sole discretion of UNIPaaS, be funded by: (a) requiring SM to deposit into the Reserve Account a cash amount determined by UNIPaaS within 7 Business Days of written notice; (b) UNIPaaS debiting SM Bank Account for any amount for deposit to the Reserve Account; and (c) UNIPaaS depositing into the Reserve Account any payments that it is obliged to pay SM hereunder.
- The amount of any Reserve Account may be set in UNIPaaS sole discretion and increased or decreased by it as it may determine from time to time. All funds held in any Reserve Account and all rights, title and interest to such funds, are at all times (and in the event of SM becoming Insolvent) exclusively for UNIPaaS benefit and vested in UNIPaaS.
- UNIPaaS may at its sole discretion at any time and without prior notice draw and receive amounts from the Reserve Account as may be required to cover any amounts owed by SM hereunder, which has not been deducted from Remittances due to insufficient funds or due to any other reason. UNIPaaS may subsequently replenish or require the replenishment of the Reserve Account in accordance as set forth herein. UNIPaaS will inform SM in writing of any charges debited to the Reserve Account during each period.
- Unless otherwise agreed by the parties, the amount of the Reserve shall be in the amount set forth in the Application Form or the Pricing Schedule and will be held and maintained for a minimum 6 calendar months as of the end of each calendar month during the term, on a rolling basis.
- If following said 6 calendar month period, UNIPaaS believes there is still a risk of Refunds, Chargebacks, Assessments, Chargeback Costs, Claims, Anticipated Liabilities, Fees and other amounts due by SM hereunder, then UNIPaaS shall have the right to withhold the Reserve Account or such respective amount therefrom until such risk is eliminated. Upon expiration of said 6 calendar month period or any extension thereof, any balance remaining in the Reserve Account will be paid to SM.
- UNIPaaS may at any time require that SM will provide, within 30 days of UNIPaaS’ written notice, that a Person or Persons satisfactory to UNIPaaS provide it with a guarantee, collateral indemnity or other security (including the replacement of any existing security) in such form and over such assets as UNIPaaS may require (including the SM Bank Account) to secure to UNIPaaS’ satisfaction the performance of SM’s undertakings (including contingent or potential) from time to time hereunder.
- No interest shall be payable in respect of the Reserve Account or any security arrangements entered into in connection with this Agreement. Any security provided by SM in accordance with this clause shall be held on trust to secure SM’s undertakings hereunder.
- UNIPaaS shall be entitled to charge SM for UNIPaaS’ reasonable external costs (including legal fees) incurred in obtaining the guarantee, indemnity or security referred to in this clause 11, and shall not be liable for any of SM’s costs.
- Terms of Termination
- This Agreement shall enter into force as of the Commencement Date and, unless terminated earlier in accordance with the terms hereof, shall continue to be in force and effect until it is terminated in accordance with this clause 12.
- Either Party shall be entitled to terminate this Agreement for convenience, by issuing the other party with a prior written notice corresponding to the following respective notice periods: (a) termination by UNIPaaS – 2 calendar months prior written notice; (b) termination by SM – 1 calendar months prior notice.
- SM may terminate this Agreement or any Service with immediate effect by giving written notice to UNIPaaS, upon occurrence of one of the following:
- UNIPaaS commits a material breach of this Agreement which, if capable of remedy, is not remedied within 30 days of service of a written notice requiring such remedy;
- UNIPaaS is declared Insolvent;
- UNIPaaS may terminate this Agreement or any Service, or suspend the provision of any Service with immediate effect, by giving written notice to SM, upon occurrence of one of the following:
- SM commits a material breach of this Agreement which: (a) is not, in UNIPaaS’ opinion, capable of remedy; or (b) if capable of remedy, is not remedied to UNIPaaS’ satisfaction within 7 days of service of a written notice requiring such remedy;
- SM breaches any applicable Trading Limit or Floor Limit;
- SM fails to comply with clause 16 hereto;
- SM acts in a manner, or subject to an event, or comes to UNIPaaS’ attention in relation to SM or arising from or incidental to SM’s business or the conduct thereof (including trading practices or any individual’s activity), that UNIPaaS, Card Scheme or Other Financial Institution, in their sole discretion consider: (a) to be disreputable or capable of damaging the reputation of UNIPaaS or that of any Card Scheme or Other Financial Institution; (b) to be detrimental to UNIPaaS’ systems, business or that of any Card Scheme or Other Financial Institution; (c) may or does give rise to fraud or any other criminal activity or suspicion of fraud or any other criminal activity; (d) may or does give rise to increased risk of loss or liability to UNIPaaS any Card Scheme or Other Financial Institution; (e) may affect SM’s ability or willingness to comply with all or any of its obligations or liabilities hereunder; or (f) to be or to be for a purpose contrary to Applicable Law or any policy of UNIPaaS in relation to Applicable Law;
- SM includes anything in the Application Form which is untrue, inaccurate or misleading.
- SM becomes Insolvent;
- SM is the subject of a petition, order, or resolution or any step-in connection with winding up (whether solvent or insolvent);
- SM ceases or threaten to cease to carry on all or a material part of its business, except for the purpose of a bona-fide solvent reconstruction, amalgamation, reorganization, merger or consolidation;
- SM commences negotiations or proceedings, or propose or agree to defer, reschedule or readjust its debts;
- SM proposes or make a general assignment of any of its debts or an arrangement or composition with or for the benefit of some or all of its creditors in respect of all or all of a particular type of debts;
- SM agrees to a moratorium, or a moratorium is agreed or declared in respect of all or a material part of (or of a particular type of) its debts or SM otherwise proposes, seeks or agrees to defer, reschedule or readjust any of its debts;
- SM is the subject of a petition for an administration order or an application for an administration order, or an administrator is appointed to SM or notice of intention to appoint an administrator to SM is filed or given, or any other step is taken by any person with a view to the administration of SM under the Insolvency Act 1986 including the passing of any resolution by SM’s directors or shareholders approving the presentation of any such petition, the making of any such application or appointment or the giving of any such notice;
- SM becomes the subject of any step for an execution or other process issued on a judgment, decree or order of any court in favor of a SM creditor that is returned unsatisfied in whole or in part, or any step to enforce security over, or a distress, execution or other similar process is levied or served against, the whole or a substantial part of SM’s assets or undertakings, including the appointment of a receiver, administrative receiver, manager or similar officer to enforce such security;
- SM suffers or is subject to any equivalent event, circumstance or procedure to those set out above in this clause 3 in any other jurisdiction;
- SM undergoes a SM Material Adverse Change;
- UNIPaaS may terminate this Agreement (or terminate or suspend the provision of all or part of any Service under this Agreement) with immediate effect, upon provision of a written notice to SM, if:
- UNIPaaS or any Other Financial Institution becomes entitled to enforce any guarantee or security from or in relation to SM;
- UNIPaaS is required to do so by any Card Scheme, Other Financial Institution or Regulatory Authority or under the Rules or Applicable Law or believes that a Transaction or this Agreement or the performance of it may be contrary to Applicable Law or Sanctions (SM hereby acknowledges that UNIPaaS or any Other Financial Institution is not obliged to provide any Service if it believes such provision would result in a failure to comply with any Applicable Law, Sanctions or the Rules);
- a Card Scheme, Other Financial Institution or any other third party ceases to provide UNIPaaS or the Designated Acquirer with any Service, license to Scheme Marks or service necessary for the provision of Services to SM or acceptance of any Cards or APMs thereby;
- SM installs or uses the Services at a place other than the premises at which it has previously informed to UNIPaaS;
- UNIPaaS considers that any act or omission of SM falls within a Reason Code;
- the ratio of Chargebacks to Transactions exceeds the ratio allowable by UNIPaaS from time to time, or UNIPaaS otherwise considers in its sole and absolute discretion that the total volume or value of Refunds, Chargebacks and/or declined Authorization Requests is excessive;
- any Regulatory Authority or court of competent jurisdiction (an “Authority”) has taken action or made statements, orders, requests, directives or demands regarding SM’s activities or another person operating in SM’s industry (“Actions or Communications”) and UNIPaaS determines in its sole and absolute discretion that the Actions or Communications of any Authority may harm or otherwise adversely affect, directly or indirectly, the reputation or goodwill of UNIPaaS or any applicable Rules making body if UNIPaaS continues to process Transactions hereunder;
- any of the above provisions of clause 4 applies to a Person who has provided any security under clause 11; or
- any changes to or of Applicable Law, including Sanctions: (a) prohibit UNIPaaS from exercising any of its rights or performing any of its obligations under this Agreement, (b) subject either party to potential penalties or enforcement actions by any Regulatory Authority or Sanctions Authority under Applicable Law, or (c) frustrate in any way the performance of the Agreement by either party.
- SM hereby undertakes to immediately inform UNIPaaS upon becoming aware of any of the events set out in clauses3.3 and 12.4.
- Notwithstanding the aforementioned, in accordance with and subject to the Rules, Card Schemes and Other Financial Institutions may terminate this Agreement at any time.
- SM hereby acknowledges and agrees that suspension or termination hereunder shall in no way create any cause of action, Losses, Claim or any other right (“Action”) in favor of SM against UNIPaaS and any Other Financial Institution whether under Applicable Law, contract, equity or otherwise. Without prejudice to the foregoing and notwithstanding clause 23, SM hereby waives, and fully release and discharge UNIPaaS and any Other Financial Institution from any Action SM may otherwise have arising from exercise of such suspension or termination right, including any challenge in relation to the exercise of UNIPaaS’ or any Other Financial Institution discretion, and SM hereby agrees that it shall not apply to any Authority for any form of relief, including (without limitation) injunctive relief, that could constrain or prevent UNIPaaS or any Other Financial Institution from exercising any of its rights of suspension or termination.
- Consequences of Termination
- Upon termination of this Agreement all rights and obligations of any Party shall cease to have effect immediately, except for:
- the clauses which expressly or by implication have effect after termination will continue to be enforceable notwithstanding such termination; and
- termination shall not affect accrued rights and obligations of any Party under this Agreement as at the date of termination.
- Upon termination of this Agreement, SM shall immediately pay to UNIPaaS all amounts owed by SM under this Agreement.
- SM may not access or use the Services or submit Transactions therein following the date of termination and any and all of its licenses and rights to use the Scheme Marks or any UNIPaaS Intellectual Property shall terminate and shall no longer be valid;
- Without derogating from any other right to which UNIPaaS is entitled to under this Agreement or under Applicable Law, it is hereby agreed that in the event of the suspension of part or all Services, termination or expiration of this Agreement or the issuance of a notice of termination hereof (each, a “Termination Event”), UNIPaaS shall be entitled, at its sole discretion, to freeze and withhold any amount due to SM thereby, for a period of up to 6 calendar months as of the end of the month of the last approved Transaction, as security and guaranty of payment of any and all current or potential amounts or liabilities due by SM hereunder, including without limitation, in connection with any Refunds, Chargebacks, Assessments, Chargeback Costs, Claims, Anticipated Liabilities and Fee (“Pending Liabilities”). UNIPaaS shall provide SM within written notice upon exercise of its withholding rights pursuant to this clause. In the event that following such 6 calendar months this seven (7) month period, UNIPaaS believes there still exists a risk of Pending Liabilities, UNIPaaS shall be entitled to withhold, or cause to be withheld, such respective amounts until such risk ceases to exist. At the end of the respective withholding period, the withheld amounts will be remitted to SM following deduction of all Pending Liabilities due hereunder.
- UNIPaaS may notify the Card Schemes and Other Financial Institutions of the termination and the reasons therefor and such details of SM Account may be notified to the Card Schemes, Other Financial Institutions and credit reference agencies
- SM shall indemnify UNIPaaS, Designated Acquirer or any Other Financial Institution and their respective employees, officers, agents, shareholders, and directors (“Indemnified Parties”) and hold them harmless and indemnified from, against and in respect of all and any Losses and in respect of any and all Claims brought against an Indemnified Party by a Customer, Card Scheme, Card Issuer, Other Financial Institution, Acquirer, Regulatory Authority or any other third party, to the extent such Losses or Claims arise out of or in consequence of or in connection with:
- a Transaction (including in respect of the provision of SM’s goods and services), Refund, Representment, Retro-Charge, Assessment, Chargeback, Chargeback Cost (including any activity which would otherwise constitute a Transaction, Refund, Representment, Retro-Charge);
- any breach of or failure by SM to comply with: (a) the requirements of any Card Scheme or APM; (b) the Rules; (c) the requirements of any Regulatory Authority; (d) SM’s warranties, representations and undertakings set forth in this Agreement; or (e) Applicable Law, and any reasonable steps taken in the protection of UNIPaaS’ interests in connection with any such breaches;
- any acts and omissions by SM, including the operation or use of any SM Website in contravention of any Applicable law, regulation or code of practice or any infringement or other violation of any Intellectual Property Rights of any third party;
- any security breach, compromise or theft of Data held by SM or on its behalf, or any other security breach or a security breach relating to Data (whether or not SM has complied with PCI SSC Standards), and any reasonable steps taken in the protection of UNIPaaS’ interests in connection with such breach;
- the enforcement or attempted enforcement of this Agreement;
- any reasonable steps taken in the protection of UNIPaaS’ interests in connection with any allegation of fraud made in relation to SM or its business; or
- any breach by SM of the PCI SSC standards or any confidentiality undertakings hereunder.
- The Indemnified Parties shall have sole discretion whether or not to resist, defend or compromise any Claim or to negotiate any settlement in respect of a Claim. Any decision whether or not to resist, defend or compromise any Claim or to negotiate any settlement shall be conclusive and binding upon SM.
- SM hereby undertakes to co-operate with UNIPaaS to the maximal extent possible in the prosecution or defense of an Claim brought against an Indemnified Party or by an Indemnified Party against a third party, in relation to any Transaction or dealing with or for SM.
- Exclusion and Limitation of Liability
- UNIPaaS shall not be liable for any failure to perform (nor any defective or delayed performance of) any of its obligations under this Agreement if and to the extent that such failure is due to:
- circumstances beyond its reasonable control, including: (a) any machine, data-processing system or transmission link failing to work for reasons beyond UNIPaaS’ (or its authorized representative’s) reasonable control; (b) any industrial disputes taking place; or (c) any natural disaster, epidemic, other parties’ strikes or lockouts, war, invasion of armed forces, insurrection or any other event beyond UNIPaaS’ control;
- any cessation or interruption of any part of the Services which are due to any act or omission of a third party (including, but not limited to, Acquirers, Other Financial Institutions and Card Schemes);
- UNIPaaS taking steps to comply with any relevant requirement under the Rules or any Applicable Law or the requests of any Regulatory Authority;
- SM’s failure to provide complete and/or correct Data to UNIPaaS, any Other Financial Institution or Card Scheme or SM’s negligence and/or breach of this Agreement;
- a suspension of Services performed in accordance with the terms hereof;
- SM’s breach of this Agreement, negligent, wrongful or bad faith acts or omissions;
- any deferment/withholding of any Remittance otherwise due to SM’s effected pursuant to the terms hereof.
- any inaccuracy in the information UNIPaaS or any Other Financial Institutions provide to any third parties pursuant to clause 17
- Notwithstanding the aforementioned, the maximum total liability UNIPaaS may be required pay under or in connection with this Agreement (whether in contract, tort, including negligence, or otherwise) for any event or series of connected events (and whether UNIPaaS or any of its employees, staff, agents, subcontractors or third parties acting on its behalf commit an act, fail to act or fail to meet a legal duty), will not be more than the aggregate amount of Fees paid by SM to UNIPaaS in the 3 calendar months period preceding the date upon which the cause of action arose. This
- UNIPaaS’ maximum total liability set out in section 2 above will not apply to UNIPaaS’ responsibility to make Remittances to SM in accordance with and subject to the terms hereof (without affecting UNIPaaS’ right to deduct, withhold or set-off any amount in accordance with the terms hereof).
- Neither UNIPaaS, any Other Financial Institution nor their affiliates or agents will be liable to SM in any circumstances for any Losses arising under or in connection with this Agreement which are any type of special, punitive, consequential or indirect Losses, including without limiting the foregoing, Losses of business, business interruption, data or corruption of data, reputation, opportunity, profit, interest, goodwill, revenue, expected savings (in each case, whether the Loss is direct, indirect or consequential and whether the relevant party was aware of the possibility of occurrence thereof). This limitation of liability shall not apply in respect of UNIPaaS’ liability to make Remittances, subject to its deduction, deferral, withholding and setoff rights hereunder.
- Nothing in this Agreement shall exclude or limit any liability for death or personal injury caused by negligence or fraud, deceit or fraudulent misrepresentation, howsoever caused or to the extent that any such exclusion or limitation is not permitted by Applicable Laws, or any other liability to the extent it cannot be lawfully excluded or limited.
- In addition to any other exclusion or limitation of liability contained in this Agreement, the following additional exclusions and limitations apply in relation to the Services:
- UNIPaaS accepts no responsibility, and shall not be liable for (a) the accuracy or reliability of any data provided by SM; (b) UNIPaaS’ interpretation of that data; or (c) the consequences or accuracy of UNIPaaS’ interpretation of that data or any subsequent interpretation or risk assessment SM undertakes in relation to that data.
- the Data available via the SM Account is supplied to SM on an “as is” basis for SM’s information only and is not intended to be relied upon by SM for any purpose whatsoever.
- UNIPaaS does not warrant that the Data available via the SM Account is accurate, sufficient, up-to-date, reliable or error-free at the time it is accessed.
- UNIPaaS accepts no responsibility, and shall not be liable for any Third-Party Product used by SM in connection with the Service.
- The parties recognize that the Services are provided on an “as-is” and “as available” basis. UNIPaaS hereby warrants that the Services shall substantially comply and conform to their description in their related Documentation. Except as expressly provided herein and to the extent permitted by Applicable Law, any and all other warranties are explicitly disclaimed, including warranties of any type or nature whatsoever whether express, implied, statutory or otherwise, including, without limitation (a) warranties of merchantability, suitability, satisfactory quality, fitness for a particular purpose or use, or accuracy in relation to or arising out of or in connection to any information provided, the Services or otherwise to performance hereunder; (b) as to the availability or content of UNIPaaS’ website(s), the electronic interface or the Services; or (3) that there are no viruses or other harmful components in the Services. UNIPaaS makes no warranties or representations about the accuracy or completeness of the Services and or that the Services will be uninterrupted, timely, secure, or error free or that defects in the operation or functionality will be corrected. This exclusion of liability shall not apply in the event of any proven criminal, dishonest or fraudulent acts on UNIPaaS’ part.
- Data Protection
- The Parties agree and acknowledge that the terms and conditions of the Data Processing Agreement attached as Schedule 4 hereto, shall be fully binding upon them and shall constitute an integral part hereof.
- Provision and Disclosure of Data and Information
- UNIPaaS may, from time to time, request SM to provide copies of Data, in which event it shall provide such copies, in such format specified by UNIPaaS, within 10 days of such request being received.
- Upon request, SM shall at all times throughout the term of this Agreement (and for such subsequent period as may be necessary thereafter): (a) promptly disclose to UNIPaaS or any Other Financial Institution such accurate, complete and reliable information as UNIPaaS or the Other Financial Institution require(s) relating to the performance of the Services or obligations under this Agreement, the Rules or Applicable Law; (b) take all reasonable steps to assist UNIPaaS or any Other Financial Institution in handling any Claim or query raised by a Buyer, a Card Issuer, a Card Scheme or any other third party in relation to the Services or any Transaction, Chargeback, Refund, Representment or Retro-Charge; (c) co-operate in providing any Other Financial Institution with all information requested by it in order for SM or its Transactions to be accepted by such Other Financial Institution or otherwise to enable UNIPaaS or Other Financial Institution to provide SM with any of the Services (or any part thereof); (d) to enable UNIPaaS to assess SM’s financial position throughout the term of this Agreement, provide UNIPaaS with its latest audited accounts and any other accurate, complete and reliable information UNIPaaS may reasonably require (including but not limited to SM management accounts).
- SM hereby authorizes UNIPaaS and any Other Financial Institution (including the credit institution at which SM maintains the Merchant Bank Account) to use, share and release Data and any other information relating to SM, the Services or the Card Schemes (or, if instructed by UNIPaaS, SM shall provide such Data or information or procure that such Data or information is provided) to any Person, UNIPaaS respective officers, Card Issuers, Card Schemes, Regulatory Authorities, law enforcement agencies, fraud prevention agencies and credit reference agencies: (a) for the purpose of fulfilling UNIPaaS or any Other Financial Institution’s obligations under the Agreement or the Rules or requirements of a Card Scheme or otherwise as required by Applicable Law; (b) to assess financial and insurance risks; (c) in relation to any breach of, or to enforce, this Agreement; (d) to recover debt or in relation to SM insolvency; (e) to develop customer relationships, services and systems; (f) to prevent and detect fraud or crime; (g) in the course of any investigation by UNIPaaS, any Other Financial Institution or any third party into any suspected criminal activity; (h) regarding information security, the risk of fraud, sector risk and credit risk; and (i) to enable the Card Schemes to assign a Reason Code to any undesirable act or omission.
- SM shall advise UNIPaaS in writing as soon as it becomes aware of any: (a) other agreement that it enters into concerning acceptance of Transactions; (b) act, omission or error which does or may cause material loss or damage to UNIPaaS or any Other Financial Institution; (c) actual or suspected violation or compromise of the security or integrity of any Data or any other information relating to the Services or the Card Schemes or any of UNIPaaS’ Confidential Information at any time obtained or held by SM.
- UNIPaaS may make periodic searches of and provide information about SM to credit reference agencies, fraud prevention agencies, Card Issuers, Card Schemes and Other Financial Institutions to manage and take decisions about their relationship or prospective relationship with SM. Such information may be used by other credit providers to take decisions about SM and its financial associates. UNIPaaS may also review SM and its business activities (including by electronic means) to monitor its compliance with the Agreement.
- UNIPaaS may disclose information concerning SM to third parties where it aggregates data to facilitate cross-industry analysis and comparisons.
- In the event that UNIPaaS may consider that any act or omission of SM falls within a Reason Code, details of any such act or omission shall be advised to SM. In addition, the fact of termination hereunder and the Reason Code forming the grounds for termination shall be notified to (and may be recorded by) the Card Schemes and thereafter be maintained by them in accordance with their normal practice. The aforementioned database records are available for enquiry by any Acquirer and Card Issuer. In certain circumstances, they are also made available to crime enforcement authorities.
- Right of Audit
- UNIPaaS, Card Schemes, Other Financial Institutions and Regulatory Authority shall be entitled to conduct annual or incident based audits. Upon request, SM shall disclose any required information and allow access and fully cooperate – at AM’s own expense – with any financial, technological, security, compliance with Applicable Law and Rules inspection, investigation or audit that may be conducted by the aforementioned entities to ensure compliance with the Rules, Applicable Law and provisions of this Agreement. The aforementioned may include inspection of SM’s business premises during normal business hours, require SM to make available Cardholder information and may include security audits (e.g. a PCI CSS audit) (“Audit”).
- Audits may particularly relate as to whether, and the extent to which, SM’s organizational measures are appropriate in comparison to the standards customary in the trade to prevent any unauthorized use or other manipulation of any kind of SM’s systems. SM must ensure that all inspections, investigations and/or audits can be carried out directly in relation to and at the business premises of the technical service providers and other subcontractors commissioned by the SM.
- Intellectual Property
- SM acknowledges and agrees that all right, title, and interest to, any and all Intellectual Property Rights in the Services and in UNIPaaS’ Intellectual Property Rights are and will remain the sole and exclusive property of UNIPaaS, the respective Acquirer or its respective licensors.
- SM not granted with any rights in or title to the Services or UNIPaaS’ Intellectual Property Rights. SM’s right to use the Services and any part thereof is strictly limited to the provisions of this Section and UNIPaaS reserves all rights not expressly granted herein.
- Subject to the terms and conditions hereof, and subject upon payment of the Fees by SM, UNIPaaS grants SM with a limited, non-exclusive, non-transferable right, during the term of this Agreement, to access and use the Services for the purposes set forth herein, for SM’s internal business purposes, subject to and in accordance with the terms and conditions hereof. SM may not (a) distribute, sell, license, sublicense, assign, reproduce, transfer, pledge, or share the Services and any part there for the benefit of any third party; or (b) make the Services or any part thereof available to others in a service bureau or outsourcing arrangement or for any other commercial time-sharing, data processing or other third-party use.
- Each Party represents and warrants that it is the sole and exclusive owner or is dully licensed in respect of its Intellectual Property Rights and in respect of all materials provided thereby to the other Party.
- SM hereby grants to UNIPaaS and any applicable Other Financial Institution, a worldwide, non-exclusive, limited (for the term hereof) and royalty-free license to use its Intellectual Property Rights to the extent required for the provision of Services and to make public disclosure of the Parties’ relationships hereunder.
- Any and all use by SM of Scheme Marks or if UNIPaaS Intellectual Property Rights, shall be subject to UNIPaaS’ prior written consent and strictly limited to the manner of use as approved by and UNIPaaS, such consent may be given, revoked or changed at any time upon notice at UNIPaaS’, APMs or Card Schemes’ sole discretion. SM will comply with any change or conditions issued by UNIPaaS, APMs or Card Schemes’ in respect of its use of Scheme Marks.
- Subject to UNIPaaS’ aforementioned consent, SM’s use of the Scheme Marks shall at all times comply with the Rules including any reproduction, usage, and artwork standards applicable to SM’s specific line of business, and will be limited for the purpose of indicating acceptance of Cards or APMs by SM. Where SM uses Scheme Marks of several Card Schemes or APMs, it shall maintain visual parity and no Scheme Mark shall appear in a more prominent way than others. SM may be required to provide samples of such usages.
- SM shall not use Scheme Marks or refer to Scheme Mark owners or licensors in any manner which implies their endorsement of SM, its activities, goods or services.
- SM acknowledges that the Scheme Marks are exclusive owned by or licensed to the respective Card Schemes or APMs, and undertakes not to contest or assist others, either directly or indirectly, in contesting the their respective right in and to the Scheme Marks, or otherwise take or fail to alert them of any action that would be inconsistent with such ownership. All use of any Scheme Mark will inure solely to the benefit of the respective owning Card Scheme or APMs. SM shall not register, attempt to register or in any way make use of a Scheme Mark, or any mark or term that is deemed to be derivative of, similar to, or in any way related to a Scheme Mark.
- Service Adjustments and Agreement Variations
- UNIPaaS and Other Financial Institutions may, from time to time, make changes, adjust the terms, conditions, specifications, content and interfaces of the Services which are necessary to comply with any Applicable Law, the Rules or any Card Scheme instructions, or make changes which do not materially affect the nature or quality of the Services. Such adjustments may result in changes to the Operating Instructions and are not subject to prior written notice or any right of termination hereunder. If such adjustments or changes lead to a change in software, interfaces or operating procedures, UNIPaaS shall notify SM as soon as reasonably practicable prior to the implementation of such adjustments or changes.
- UNIPaaS shall be entitled to vary the provisions of the Agreement from time to time by providing SM with at least 60 days prior written notice. Such variations may be notified by reference to materials available on UNIPaaS’ website. In the event UNIPaaS shall make changes to the terms and conditions herein affecting Services used by SM, it shall be entitled to terminate the Agreement immediately by providing written notice, provided that such notice is served to UNIPaaS within 60 days of SM being notified of the variation. Otherwise, SM will be deemed to have accepted any variation of the provisions of this Agreement as of the of the date upon which SM was notified of the variation.
- UNIPaaS may, from time to time, in its sole discretion, withdraw or decommission a product, software or a Service that SM are using and will, if practicable, give SM reasonable prior notice of such.
- UNIPaaS or Other Financial Institution may, from time to time, in their sole discretion, terminate or suspend the Services or any part thereof in any jurisdiction, at any time and for any period of time, on the basis of risk management considerations or for the purpose of compliance with Applicable Laws or the Rules, and will, if practicable, give SM reasonable prior notice of such.
- Each Party hereto (“Receiving Party”) agrees and undertakes to the other Party (“Disclosing Party”): (a) to hold in confidence the Disclosing Party’s Confidential Information; (b) that the Disclosing Party’s Confidential Information shall neither be disclosed nor caused to be disclosed, whether directly or indirectly, to any third party without Disclosing Party’s prior written consent and shall not be copied, reproduced or duplicated in any way or manner, in whole or in part, unless such copying, reproduction or duplication has been specifically authorized by Disclosing Party in writing; (c) not to use the Disclosing Party’s Confidential Information for any purpose other than the specific purpose for which it was disclosed as described herein; and (d) to limit disclosure of the Disclosing Party’s Confidential Information to the Receiving Party’s and its employees, agents, consultants, contractors and sub-contractors who have a need to know such Disclosing Party’s Confidential Information, who have been advised of Receiving Party’s obligations hereunder and who are bound by confidentiality obligations of not lesser scope and nature as required herein.
- Receiving Party hereby covenants and warrants that the Disclosing Party’s Confidential Information shall be protected, kept and treated by Receiving Party in strict confidence and Receiving Party shall apply a degree of care similar to the degree of care applied by Receiving Party in relation to Receiving Party’s own confidential information and data of a confidential nature provided that such degree of care shall in any way comply with applicable standard of reasonableness.
- The confidentiality obligations set forth herein, shall not apply to such information which: (a) becomes public domain without direct or indirect fault on Receiving Party’s part, as can be substantiated by written records; (b) is previously known to Receiving Party without an obligation to keep it confidential, as can be substantiated by written records; or (c) is required to be disclosed pursuant to Applicable Law or the Rules; provided however, that the Receiving Party shall notify Disclosing Party of such requirement and, to the extent practical, enable it to seek relief in respect of such requirement, and shall render reasonable assistance to the Disclosing Party in connection therewith.
- Disclosure of the Confidential Information to Receiving Party shall in no way be deemed as license to use, or transfer any right in, the Confidential Information or Intellectual Property Right in respect thereof.
- Notwithstanding the aforementioned, SM hereby authorizes UNIPaaS to process and transmit, any and all information and documents it receives or otherwise obtains in connection herewith (including any KYC information and documentation), which shall include the right disclose and transfer such information to the entities: (a) UNIPaaS’ partners, service providers and affiliates; or (b) any authority or regulator, Acquirer, Other Financial Institution, APM or Card Scheme; provided however that such disclosure or transfer is required in order to provide the Services, perform its undertakings hereunder, comply with Applicable Laws or the Rules, examine SM compliance hereunder, or validate information and documents provided by SM.
- Upon termination or expiration of this Agreement for any reason, or at UNIPaaS’ request (a) Receiving Party shall: (i) return to Disclosing Party any and all documents or materials in its possession which incorporate any Disclosing Party Confidential Information; (ii) upon request, destroy any and all documents or materials in its possession which incorporate any Disclosing Party Confidential Information; and (b) certify to Disclosing Party in writing such return or destruction. The above undertakings shall be subject to the Applicable Laws, the Rules and applicable Card Scheme and accounting guidelines, and to the Receiving Party’s data retention policies.
- Receiving Party acknowledges that breach of these confidentiality provisions may cause Disclosing Party extensive and irreparable harm and damage, and agrees that Disclosing Party shall be entitled to injunctive relief to prevent use or disclosure of its Confidential Information, in addition to any other remedy available to Disclosing Party under Applicable Law or hereunder.
- Assignment, Sub-Contracting and Novation
- The Agreement is personal to SM and it may not assign, novate or transfer it or any of its rights or obligations thereunder.
- SM may not use an agent or subcontractor in relation to the performance of its obligations hereunder with obtaining UNIPaaS’ prior written consent, which UNIPaaS may withdraw at any time.
- SM shall be liable to UNIPaaS for the acts or omissions of any of its employees, agents, consultants, contractors and sub-contractors in the course of or relating to the performance of its obligations hereunder or arising out of or in connection with any Transaction, Refund, Representment, Chargeback or Retro-Charge.
- Subject to Applicable Law and the Rules, UNIPaaS shall be entitled at any time to assign, transfer or novate the Agreement, its rights and obligations hereunder or any part thereof or to sub-contract its obligations hereunder, without SM’s consent. Upon request, SM shall execute any documents required to affect any such assignment, transfer, novation or subcontract.
- With effect from the date that UNIPaaS shall novate its obligations hereunder to a third party (the “Novation Date”), SM shall release and discharge UNIPaaS from further performance of its obligations hereunder and from all claims and demands against it, whatsoever arising out of or in respect of the Agreement, whether prior to, on or subsequent to the Novation Date and the third party shall perform, or procure the performance of, all such obligations under the Agreement, from the Novation Date.
- No Waiver
- No failure or delay by UNIPaaS in exercising any of its rights or remedies provided under the Agreement or under Applicable Law shall be construed as a waiver or release of that right or any other right or remedy, nor shall it preclude or restrict the further exercise of that or any other right or remedy. The Parties agree and acknowledge that the doctrine of affirmation, by which a Party is deemed to have affirmed a decision to proceed with a contract notwithstanding the enlivening of a right to terminate, shall have no application to the Agreement.
- No single or partial exercise of UNIPaaS’ rights or remedies under the Agreement or under Applicable Law shall preclude or restrict the further exercise of such right or remedy. A waiver by UNIPaaS of a breach of any provisions of the Agreement shall not constitute a waiver of any other breach, and shall not affect the other provisions, of the Agreement.
- The rights and remedies of a Party under the Agreement are cumulative and not exclusive of each other or of any rights or remedies provided by Applicable Law.
- Notices and Other Communications
- Subject to clause 2, any notice to be given under or in connection with the Agreement shall be in writing and signed by or on behalf of the Party giving it and shall be served by: (A) delivering it personally (including by commercial courier); (b) sending it by post (including by airmail or other international or local mail service in the case of an address for service outside the United Kingdom); or (c) by UNIPaaS sending it by email, to the email address of SM as set out in this Agreement or otherwise as notified thereby from time to time. For the avoidance of doubt, any notice delivered by email shall not need to be signed.
- Where SM provides an email address, UNIPaaS may send notices to and rely on the authenticity of communications it receives from that email address as being from and binding on SM. SM must ensure only it and persons with authority to act on its behalf have access to such email addresses, that they are kept secure.
- Any notice given in accordance with this Agreement shall be deemed to have been received: (a) if sent by email, on the day on which the communication is sent and no report of non-delivery is received by the sender, provided that: (i) any notice dispatched after 17:00 on any Business Day or at any time on a day which is not a Business Day shall be deemed to have been given at 09:00 on the next Business Day; (b) if delivered personally, at the time of delivery; (c) if sent by first class mail, two (2) Business Days from the date of posting.
- Notices given by UNIPaaS in hard or electronic format may refer to documents or materials made available on its website, by providing SM with a website URL address where it can access the documents or materials. The full contents of such documents and materials will be deemed to be communicated and notified to SM as if set out in full in the notice.
- In addition to formal notices given in accordance with this clause, UNIPaaS may communicate with SM from time to time in relation to its use of the Services by means of newsletters, emails, SMS or text message and messages on UNIPaaS’ website. UNIPaaS may also communicate with SM through products such as its SM Account. Such communications may include notification of changes to the Operating Instructions or the Rules, or new or replacement products or services in connection with the Services.
- Entire Agreement
- This Agreement constitutes the entire agreement and understanding between SM and UNIPaaS in respect of its subject matter and supersedes and invalidates all other prior representations, arrangements, understandings and agreements relating to the same subject matter, (whether oral or in writing, express or implied), other than any securities or written pledges, undertakings or assurances which SM may previously have given to UNIPaaS as a condition precedent or in anticipation of the Agreement. Each party acknowledges that in entering into this Agreement it does not rely on any statement, representation, warranty or understanding other than those expressly set out in this Agreement, save that, notwithstanding the foregoing, UNIPaaS has entered into this Agreement in reliance on SM’s representations set out in the Application Form.
- Save to the extent expressly set out in this Agreement, UNIPaaS hereby excludes all warranties, conditions, terms, obligations, undertakings and representations (whether in each case express or implied by statute, common law, custom, trade usage, course of dealing or otherwise, (including but not limited to implied undertakings of satisfactory quality and reasonable fitness for purpose)) to the fullest extent permissible by Applicable Law, and SM hereby irrevocably waive any rights or remedies it may otherwise have had in respect of any of the same.
- Nothing in this clause, or elsewhere in this Agreement, shall operate to exclude any liability for fraud.
- Each clause and sub-clause of the Agreement is severable.
- If any provision of the Agreement or any part of it is or becomes invalid under or contravenes Applicable Law, or is held to be unreasonable in the circumstances, or is held by any court or administrative body of competent jurisdiction to be illegal, invalid or unenforceable: (a) the remaining provisions shall not be affected and shall remain in full force; (b) the legality, validity, enforceability and reasonableness of the remainder of the Agreement shall not be affected; and (c) if such provision would cease to be illegal, invalid, unenforceable or unreasonable if some part of that provision were modified or deleted, the provision in question shall apply with the least such modification or deletion as may be necessary to make the provision legal, valid, enforceable and/or reasonable.
- In the event of any inconsistency between any provision of this Agreement and the Rules, the Rules will govern.
- SM hereby acknowledges and undertakes that the Cards Schemes and APMs shall have the right to enforce any provision of the Rules upon SM and to prohibit it and UNIPaaS from engaging in any conduct the Cards Schemes and APMs deem could injure or could create a risk of injury to the Cards Schemes and APMs, including injury to reputation, or that could adversely affect the integrity of the Cards Schemes and APMs system, the Cards Schemes and APMs’ Confidential Information, or both. SM hereby undertakes that it shall not take any action that could interfere with or prevent the exercise of such rights by the Cards Schemes and APMs.
- Nothing in the Agreement shall be construed as constituting a partnership, joint venture or agency between or among the Parties.
- Each Party hereby warrants and agrees that: (a) it is not relying on any communication (written or oral) of any other Party as advice, or on any such communication as an assurance or guarantee; (b) each other Party is not acting as a fiduciary or adviser to it in respect of the subject matter of this Agreement; (c) the relationship between each other Party and it is not that of employee or employer, franchisee or franchisor, and/or principal or agent, and contains no similar duty; and (d) it is acting wholly in the course of business and not as a consumer.
- The Services are made available to and accepted by SM solely for business purposes. SM represents, warrants and agrees that it shall not use the Services or any part of them outside of its business.
- Save as expressly provided herein, this Agreement is not intended to confer any benefit on any third party, and a Person who is not party to the Agreement shall have no right under the Contracts (Rights of Third Parties) Act 1999 to enforce any provision of the Agreement.
- If SM comprise more than one person, then its liability under its Merchant Agreement is joint and several. This means that each person comprising SM is treated legally as having assumed the obligation both collectively, on behalf of each of such persons and individually. UNIPaaS may proceed against any one or more of such persons for the full performance of any obligation owed to UNIPaaS hereunder or for all losses or damage arising from a breach or failure by any of such persons to perform, irrespective of which of such persons caused the breach. If such persons are a partnership, then any act or omission of any one partner shall be deemed to be an act or omission of all partners.
- The provision of the Services under this Agreement is not exclusive. UNIPaaS and Other Financial Institution may process payment transactions for any other Person acting in any capacity, including merchant, seller, wholesaler, retailer, payment service provider, credit institution or financial institution.
- At any time after the Commencement Date, SM shall, upon request, execute or procure the execution of such documents and do or procure the doing of such acts and things as the UNIPaaS may reasonably require, for the purpose of giving effect to all provisions of the Agreement.
- Except as provided herein, each Party shall pay its own costs in relation to the negotiation, preparation, execution and carrying into effect of this Agreement and in carrying out any related due diligence.
- This Agreement may be made and executed in any number of counterparts, which together constitute one Agreement.
- This Agreement is in the English language. UNIPaaS is only obliged to communicate with SM in English. UNIPaaS may provide to SM a foreign language translation of this Agreement or any other communication, provided that such translation shall be for information purposes only and in the event of any inconsistency between the English version and the foreign language version, the English version shall prevail.
- Governing Law and Jurisdiction
- This Agreement and any Dispute, shall be governed by and construed in accordance with English law.
- The Parties irrevocably agree, for their sole benefit that, subject as provided below, the English Courts shall have exclusive jurisdiction over any Dispute (including non-contractual disputes or claims). Nothing in this clause shall limit UNIPaaS’ right to initiate proceedings against SM in any other court of competent jurisdiction, nor shall the taking of proceedings in any one or more jurisdictions preclude the taking of proceedings by UNIPaaS in any other jurisdiction, whether concurrently or not, to the extent permitted by the law of such other jurisdiction. SM waive any objection to any proceedings in such courts pursuant to this clause on the grounds of venue or on the grounds that proceedings have been brought in an inappropriate forum. Any proceedings brought by SM against UNIPaaS in respect of a Dispute must be brought in the English Courts.
- Regulatory Information
- UNIPaaS Financial Services Limited, is a private limited company registered in England and Wales, under company registration number 12314440, and whose registered office address is at 64 New Cavendish Street London Greater London W1G 8TB. UNIPaaS Financial Services Limited is authorized and regulated by the UK Financial Conduct Authority (FCA register No. 929994).
Schedule 1 – Designated Acquirer
SafeCharge Limited – registered office at 9 Kafkasou, Aglantzia, CY 2112, Nicosia, Cyprus
Schedule 2 – Pricing Schedule
In order to review our processing and payout fees, please refer to the UNIPaaS website pricing page. UNIPaaS reserves the right to amend the pricing on the website from time to time.
- Additional fees are presented below:
- FX Currency conversion services fee: 2%
- Representment 15 EUR/GBP/USD
- Chargebacks 15 EUR/GBP/USD
- UNIPaaS will charge VAT (20% based on UK) in return to the following services: Vendor Account
management and other additional fees in case applicable. VAT will be charges monthly.
- Projects requiring customization – pricing will vary according to requirement.
Schedule 3 – SLA
- UNIPaaS shall exert best commercial efforts to meet best market practice regarding the availability of the Services.
- UNIPaaS will not be responsible for connectivity or communication difficulties, service availability or downtime which are external to UNIPaaS systems and control including but not limited to any of the aforementioned related to any Acquirer, Card Scheme and/or authorized processor and/or any other third party including but not limited to third parties (all collectively hereinafter in this schedule “Third Parties”).
- Service Availability
UNIPaaS shall exert best commercial efforts to ensure that the Services is available for a rate of no less than 99.5% when measured over a rolling 12-month period, during the Term of the Agreement (commencing upon the Effective Date), where “Availability” shall mean that the Services are available for SM to process authorization transactions successfully. Such availability shall be measured on a 24×7 basis, and UNIPaaS will notify Client’s designated contacts of any non-Availability of the Services.
For purposes of calculating the actual performance and operational levels (actual Availability) of the Services (the “Uptime Level”), the following formula shall be used:
Uptime Level (%) = Hours of Production minus Downtime divided by
Hours of Production
“Hours of Production” refers to the total number of hours in the relevant period, less any regularly scheduled Services unavailability for schedule maintenance or other routine support services.
“Downtime” refers to the number of hours during which there is no Availability. Downtime for each incident shall end upon resolution of a Critical Level 1 fault problem or when a proper fix or work around have been implemented and Availability is restored. Downtime shall not include, nor shall it be counted in the calculation of Uptime Levels, if the Services are not available and properly operating as a result of connectivity or communication difficulties, service availability or downtime which are outside UNIPaaS systems or control or in the case of Third-Party service providers.
- System boundaries
- UNIPaaS will be responsible for all systems hosted on its servers that are within its control. This includes:
- The UNIPaaS systems.
- Hosted payment web pages, where applicable.
- Network connectivity between the UNIPaaS servers, and the outside world. This responsibility will terminate at the interconnect point of the third-party supplier of network connectivity to UNIPaaS and the Internet, subject to the first bullet point above.
- UNIPaaS will not be responsible for any difficulties, service availability or downtime outside the control of UNIPaaS. This exclusion applies to any problems with:
- The Card acquiring or card issuing banks’ authorization systems
- The IP network availability beyond the boundaries of UNIPaaS’ providers’ networks
- SM’s service providers, systems and/or software integration, including use of UNIPaaS provided APIs
- Downtime caused by SM not complying with the Services Documentation (e.g. technical and service guidelines, connectivity and APIs).
Under this Agreement, SM has requested support level type 24X7 364 days a year.
SM may contact UNIPaaS when SM is experiencing any problems with the Services. When an incident needs to be notified to UNIPaaS by SM, the initial contact should be by opening a service call on”
- Client Support
- If escalation is required SM should also contact support by phone
- Or via Email – support@UNIPaaS.comand or limor@UNIPaaS.com
- Severity & Targets
The following definitions and targets shall apply in respect of for SM incident reporting and resolution. UNIPaaS shall respond to and endeavor to fix or provide work-arounds to faults in accordance with the timescales detailed below:
|Critical||Inability to process transactions||15 min.||Action will be taken promptly and will be continued until problem is resolved.||By phone and via Incident management system|
|High||Substantial but not complete failure or degradation of a Services with an immediate business impact.||30 minutes||1 Business Day||Incident management system and phone if required|
|Medium||Problem with one or more components of a Service that has no immediate business impact and remains operational through a temporary or automated workaround, but requires a permanent replacement or solution to be developed. Minor bugs will be treated individually according to the case in question||1 working day|
By arrangement with SM
Minor bugs will be treated individually according to the case in question
|Incident management system or mail|
|Enquiry||Support enquiries are not time critical to SM.||2 working days||By arrangement with SM||Incident management system or mail|
Note: Some cases, regardless of priority, require the involvement of additional UNIPaaS functions such as development, delivery, system, project management etc. in these cases the service calls are forwarded internally and Client can trace their status using the Incident management system or mail.
Schedule 4 – SM declarations and undertakings with respect to its services, websites and applications
This declaration and undertaking are being submitted by and on behalf of SM as part of and subject to the provisions of the Agreement to which it is attached.
SM hereby represents, covenants and warrants that upon signature of this declaration and throughout the term of the Agreement as following:
- In this document any capitalized terms shall have the meaning ascribed to them in the Agreement or the Rules, unless expressly stated otherwise. Declaration, confirmations, representations and undertakings herein are true to signature date and shall remain true and in effect for the term of the Agreement between the parties.
- SM owns and operates the URLs, websites and applications listed below (jointly the “Websites”) and has full control and authorization of the Websites’ content. In this document ‘Website’ shall include any and all subpages and webpages included under/in or referred by the URLs and websites identified below.
- SM is legally and contractually obligated to immediately provide an update to the Websites list by submitting a new declaration form in a format as shall be provided by Designated Acquirer and UNIPaaS.
- All transactions that will be processed in connection with the Services will be originated only from the Websites AFTER each of the Websites has been approved by Designated Acquirer and UNIPaaS in writing.
- SM is the owner of all sales traffic that originates from the Websites.
- SM’s use of Designated Acquirer and UNIPaaS’ Platform and Services shall comply in all matters with the provisions of the Agreement.
- SM may not include any statement that waives or seeks to waive a consumer’s right to dispute the transaction with the respective Scheme or Card Issuer.
- SM acknowledges and agrees to comply with and observe and that the Websites shall comply and observe all Rules and Applicable Law including without limitation PCI-DSS (Payment Card Industry Data Security Standard) regulations.
- SM undertakes to confirm the identity of Customers in full compliance with Applicable Law including but not limited to Anti-money Laundering directive and laws and SM will not honor any Payment Method if it has expired or if the Transaction has not been undertaken in good faith by Customer. In addition, SM may require additional identification if such information is required to complete the Transaction, such as for mail order, telephone order, or electronic commerce transactions. SM specifically acknowledges and agrees that Designated Acquirer may have regulatory obligations to audit SM’s performance hereunder including but not limited to requesting SM to provide the information and documentation collected on Customers and SM shall cooperate fully with such requirements.
- SM shall prominently and clearly disclose and inform Customers at all points of interaction: (a) of the SM’s identity so that the Customer can readily distinguish SM from any other party such as a supplier of goods or services to SM; (b) the location (physical address) of SM and fixed place of business through which it conducts its business to enable the Customer to easily determine, among other things, whether the Transaction will be a ‘Domestic Transaction’ or a ‘Cross-border Transaction’ as such terms are used in the Rules; and (c) Customer is easily able to understand that the SM is responsible for the Transaction, including delivery of the goods (whether physical or digital) or provision of the services that are the subject of the Transaction, and for customer service and dispute resolution, all in accordance with the terms applicable to the Transaction. The SM location will be disclosed before the Customer is prompted to provide Card information. SM name and location, as disclosed to the Customer, must be the same as what is provided in authorization and clearing Transaction messages.
- The name of UNIPaaS and SM must be included in the Transaction receipt, the billing statement and the clearing record and must remain the same across all transaction receipts, billing statements and clearing records.
- SM will honor, without discrimination, any Card properly submitted for payment and must maintain a policy to that effect. SM must not refuse to accept any Card on the basis of the identity of the Card Issuer or Cardholder or prevent use of a Card for domestic or intra-EU Transactions. Cardholders will be entitled to the same services and return privileges that the SM extends to cash customers.
- SM represents and warrants that the person whose name is submitted as Customer has made the Transaction with SM.
- SM shall not submit any data to UNIPaaS or Designated Acquirer in respect of any Transaction where an Customer has withdrawn authorization for such Transaction.
- SM shall only submit to UNIPaaS or Designated Acquirer the Customer’s payment details required for the processing of the Transaction.
- All Transactions must be electronically authorized by UNIPaaS and Designated Acquirer regardless of the amount and SM must request Authorization from UNIPaaS and Designated Acquirer for each Transaction submitted thereby.
- Prior to submitting any transaction, SM must electronically record and with each request for Authorization shall include the following information (to the extent applicable): (a) the Card account number, validation date and/or expiration date of the Card, if one appears on the Card; (b) the Card security code (e.g. card pin number, Visa CVV, CVV2 or Pin Block or MasterCard CVC2 number etc.) shall be included in the request and must be deleted after the authorization request has been made; (c) the name, address and telephone number of the End User, (d) the amount underlying the Transaction, (e) an authorization code, if required, (f) in lieu of the End User’s signature, a notation of, as applicable, (i) mail order (MO), (ii) telephone order (TO), (iii) e-commerce order (EO), or (iv) pre-authorized order (PO) on the signature line, and (g) notification that the order is a pre-authorized order, if applicable, (h) date of the transaction, and (h) such additional information as may from time to time be required by UNIPaaS or Designated Acquirer, including with respect to any non- Card Transactions.
- For recurring transactions, SM shall, using the agreed method of communication: (a) provides Customer with confirmation that a recurring transaction agreement has been entered into (and advise how to cancel such through a simple and easily accessible online procedure); (b) provide notification to Customer, at least seven working days prior to a Recurring Transaction if any of the following is true: (i) More than six months have elapsed since the previous recurring transaction; (ii) a trial period, introductory offer or any promotional activity has expired; or (iii) the recurring transaction agreement has been changed, including, but not limited to any change to the amount of the recurring transaction and/or any change to the date of the recurring transaction.
- When carrying out a Recurring Transaction, SM must does not: (a) Include any charges or payments other than those referred to in the relevant recurring transaction agreement; or (b) complete a Transaction that is part of a recurring transaction if it receives either a decline response from Scheme or Card Issuer or a cancellation notice from Customer.
- SM shall not present a Transaction until the goods or services underlying the Transaction have been delivered or provided to Customer or recipient of the goods or services, or Customer has agreed to an advanced debit or a recurring debit. Upon request SM must prove that the above conditions are met.
- In a delayed delivery transaction whereby Customer makes a deposit towards the full amount of the sale, the Schemes require that SM conducts two separate Transactions using the Services, the first for a deposit and the second for payment of the balance upon delivery of the merchandise or the performance of the services.
- After completing the Transaction, SM shall provide Customer with a Transaction receipt in writing or electronically. Said receipt must include a clear transaction ID as well as the SM ‘s internet address.
- SM shall present a Transaction for settlement only once. In the event that SM has concluded other card acceptance contracts with other service providers in addition to this Agreement, the SM shall furthermore without exception only ever present one and the same Transaction to one acquirer / payment service provider in each case for settlement (prohibition of multiple presentments).
- SM shall not submit any Transaction that the SM knows or should have known to be fraudulent or not authorized by Customer or that either knows or should have known to be authorized by a Cardholder colluding with the SM for a fraudulent purpose.
- Upon request SM provide with proof that each Transaction presented was based on a legal transaction with Customer which was permitted under this Agreement and in an amount that corresponds to the presented Transaction.
- SM shall presents records of valid Transactions no later than three (3) Business Days after the date of the Transaction, except, the record must not be presented until after a Transaction is deemed completed, i.e. SM’s goods are shipped or SM’s services are performed unless, at the time of the Transaction: (i) Customer agrees to a properly disclosed delayed delivery of the goods or services, if SM receive authorization for a delayed presentment (in which case the words “Delayed Presentation” must be noted on the TID), (ii) when SM is obligated by law to retain the sales slip or return it to a Customer upon timely cancellation, in which case, SM should present the record within ten (10) Business Days after the Transaction date, and (iii) when SM has multiple locations and uses a central facility to accumulate and present records. SM must present the record in accordance with Applicable Laws and regulations and, in any event, within thirty (30) Business Days of the Transaction date.
- SM must securely retain in readable format all written or electronic data and documents with respect to each Transaction, including but not limited to the information as described above, data transmitted by SMs, conversation and correspondence logs, documents transmitted, subsequent actions such as Chargebacks and Refunds and in the case of distance sales by telephone, the date and time of the phone call, the person from whom the instruction to pay was taken, the subject matter of the purchase order and the payment details transmitted by the Customer (but not the card security code). SM shall make the data and documents available immediately upon request. SM must retain the aforementioned data and documents for at least three (3) years unless deletion is mandatory by Applicable Law. SM shall not store any card security code or data.
- SM agrees not to do any of the following with respect to any Transaction: (1) obtain multiple Authorizations for amounts less than the total sale amount; (2) obtain Authorization for purposes of setting aside Cardholder’s credit line for use in future sales; (3) Surcharge. Add any amount to the agreed price of goods or services offered or require any security as a condition for allowing Customer to pay with a Card and shall not put Cardholder in any worse position than other Customer. Where permissible with MasterCard and always subject to Applicable Law, SM may apply different surcharges to Credit Card Transactions, Commercial Card Transactions, Debit Card Transactions and Maestro Transactions. This paragraph does not prohibit SM from offering a discount from the standard price to induce a person to pay by cash, cheque or a particular payment authentication instrument; (4) Reprocessing. Notwithstanding any authorization or request from Customer, SM will not re-enter or reprocess any sales slip or Transaction including but not limited to a sales slip or Transaction which have been charged back; (5) extend credit for or defer the time of payment of the total cash price in any Transaction; (6) honor a Card except in a Transaction where a total cash price is due and payable; (7) make any special charge to or extract any special agreement or security from any Customer in connection with any Transaction; (8) save or keep any Card data (unless PCI-DSS certified); (9) use SM own Card or account, as applicable, or one to which SM has access, to process a Transaction for the purpose of obtaining credit for SM’s own benefit; (10) initiate a Refund without a sufficient positive balance in SM’s favor held by UNIPaaS; (11) use any software or any data received from UNIPaaS or Designated Acquirer for any other purpose other than for determining whether or not SM should accept Cards or otherwise approve a payment order by Customer in connection with a current sale or lease of goods or services; (12) use any software or any data received from UNIPaaS for credit inquiry purposes or any other purpose not authorized by this Agreement; (13) draw or convey any inference concerning a person’s credit worthiness, credit standing, credit capacity, character, general reputation, personal characteristics or mode of living when any Card or other payment order is processed as non-accepted; (14) accept any payment from Customer in any other form with respect to a charge for goods or services resulting from the use of a Card or APM; (15) present for processing or credit, directly or indirectly, any Transaction that represents the refinancing or transfer of an existing End User obligation that is deemed to be uncollectible, or that arises from the dishonor of Customer’s personal cheque; (16) add any tax to Transactions unless Applicable Law expressly allows SM to do so (in which case any tax, if allowed, must be included in the Transaction amount and not collected separately), (17) accept a Card or APM for paying back a previously granted loan or a cash payment previously made, (18) require a minimum or maximum amount for Card or APM transactions; or (19) submit transactions that have previously been declined through a different own or third party account.
- SM further undertakes not to use the Services for Transactions relating to any the following (“Prohibited Transactions”): (1) goods and services which do not fall within SM’s ordinary course of business as identified by SM and specifically approved by UNIPaaS; (2) sales made under a different trade name and/or business affiliation than indicated in the Agreement or otherwise previously approved by UNIPaaS in writing; (3) sales by third parties; (4) fines, assessments or penalties of any kind, losses, damages or any other costs that are beyond the total sale price for the goods and services; (5) any transaction, content, goods or deliverable that violate any Rule or Applicable Law, including but not limited to anti-money laundering and terrorist financing regulations, anti-bribery laws (FCPA, UK Bribery Act and otherwise) and Data Protection Laws; (6) goods and services which SM knows or should know will be resold by a Customer whom SM should reasonably know is not ordinarily in the business of selling such goods; (7) goods or services that Customer would not reasonably expect to receive and only supply the relevant goods or services in accordance with Applicable Laws; (8) goods or services for which the SM has received or expects to receive payment in any other form; (9) any amounts for which Customer has not specifically authorized payment through the Services; (10) cash, traveler’s checks, cash equivalents, or other negotiable instruments; (11) Cash Advances. SM will not deposit any Transaction for the purpose of obtaining or providing a cash advance; (12) Amounts which do not represent a bona fide sale of goods or services by SM ; (13) Illegal, immoral or Brand Damaging Transactions: SM will not submit any Transactions that are illegal under Applicable Law or immoral or those transactions which could damage the goodwill or reflect negatively on Scheme Marks, Other Financial Institutions, Designated Acquirer or UNIPaaS, including but not limited to following examples;(14) prohibited cross border activities, (15) gaming or gambling transactions (unless specifically authorized); (16) Transactions arising from (a) illegal sale of drugs and controlled substances, (b) the non-face-to-face sale of prescription drugs, (c) sale of certain types of drugs or chemicals (such as synthetic drugs, salvia divinorum, psilocybin mushrooms and spores, and nitrite inhalants), (d) illegal sale of tobacco products, (e) sale or distribution of pornography, (f) prostitution, (g) depiction of sexual acts with persons being under the influence of intoxicating agents, hypnosis or with sleeping persons, (h) sale or distribution services based on offering telephone or chat services regarded as being of a sexual nature if the payment is processed through JCB credit cards, (i) illegal sale of child exploitation, (j) content which is subject to the applicable law governing the protection of young persons, (k) sale or distribution of counterfeit merchandise, (l) sale of goods or services in violation of intellectual property rights, (m) sale of illegal electronic devices (such as modification chips and jammers), (n) which include, or are associated with, instructions on how to produce weapons, bombs or other explosive devices, (o) guns, (p) rape, (q) hate, (r) violence, (s) bestiality, (t) illegal, depiction of mutilation of a person or body part, (u) human trafficking and exploitation, and/or (v) illegal sale of goods or products that consist of endangered species or their products.
- SM specifically acknowledges that SM breach the guidelines set forth in this Agreement in relation to Transactions, SM will be will be subject to Chargebacks and Assessments, and UNIPaaS and Designated Acquirer shall be entitled to immediately terminate the Agreement.
- All SM websites do not and shall not contain any illegal material or material depicting, advertising, promoting or endorsing and illegal or immoral activity and/or activity which is prohibited by Designated Acquirer, UNIPaaS and/or the respective Scheme and such prohibitions shall be conveyed to the SM and including but not limited to Prohibited Transactions.
- SM undertakes not to use Designated Acquirer and UNIPaaS’ system for any Prohibited Transactions e sale of goods or services by SM.
- All SM websites shall contain the following information at all times: (i) customer service contact including electronic mail address and/or telephone number, fax number, address, country(ies) of domicile; (ii) what goods and services are offered for sale and complete description of the goods or services; (iii) price of good or service and transaction currency; (iv) returned merchandise and refund/exchange/cancellation policies. If no refund or return will be given, the End User must be advised in writing that the sale is a “final sale” and “no returns” are permitted at the time of the Transaction. End Users must also be advised in writing of any of SM’s policies that provide for no-cash refunds and in-store credit only; (v) applicable export and legal terms and restrictions, if known; (vi) delivery policy; (vii) SM’s security capability and policy for the transmission of payment data; (viii) at the point where the payment is executed a clear message that states that a payment is about to be made and any other information required by Applicable Law or Rules; (ix) the Website and SM’s consumer data protection policy and method(s) of transaction security; (x) SM’s fixed place of business through which it conducts its business, regardless of website or server locations, and if none exists the address for which the SM holds a business license and if none exists the SM’s address for correspondence for the payment of its taxes relating to its sales activity; (xi) the way SM’s details will appear on the End User’s statement with the Payment Method; and (xii) in case of a recurring transaction, an explanation as to how to stop receiving goods and/or services, delivering goods and/or services and related charges.
- All SM websites shall also include the following shipping details: (i) time to deliver (which must be lower than ten (10) days); (ii) method of delivery; (iii) shipment fee; (iv) order tracking if applicable; (v) insurance if applicable; (vi) time of charge (upon shipment or upon arrival). If, after the order has been taken, additional delays will be incurred (e.g., out of stock), SM must notify the End User and have the transaction reauthorized.
- All SM websites shall prominently display an ownership statement identifying the SM stating that the SM is the owner of the Websites and that the SM is responsible for the transaction, including deliver of the products or provision of the services, for customer services and dispute resolution.
- Designated Acquirer and UNIPaaS may require SM to make any changes to the Website or otherwise that it deems necessary or appropriate to ensure that the SM remains in compliance.
Schedule 5 – DPA
This Data Processing Agreement (“DPA”) forms part of any written or electronic agreement between SM and UNIPaaS under which UNIPaaS Processes Personal Information on SM’s behalf.
- Processing of SM Personal Information
- Processor designation. The parties acknowledge and agree that with respect to the Personal Information that UNIPaaS Processes on behalf of SM (“SM Personal Information”) to provide the Services, which Processing may include, by way of example and for illustrative purposes the Processing detailed on Details of Processing SM Personal Information (Exhibit 2), that UNIPaaS is a “processor” or “service provider” under Applicable Data Protection Laws acting on SM’s instructions (referred to as “Processor” for purposes of this DPA).
- Authorization to Process. Processor will Process Personal Information on behalf of SM to provide such Services, and Processor is authorized to Process SM Personal Information solely in connection with the following activities:
- Services In accordance with the applicable Agreement(s), including, without limitation, any exhibits, schedules, and applicable price schedule(s), to provide the Services, and any Processing required under applicable law or regulations;
- Based on the instructions of SM and in its use of the Services, UNIPaaS transfers Personal Information to acquiring banks, issuing banks, payment processors providing services on behalf of acquiring banks, credit/debit card companies, or service providers performing payer authentication services used by SM;
- As reasonably necessary to enable UNIPaaS to comply with any other directions or instructions provided by SM; and
- To support the creation of models for UNIPaaS’ security and fraud prevention tools for use by the SMs of UNIPaaS.
- Compliance with Law. Each of UNIPaaS, in its provision of Services to SM, and SM, in its use of the Services, shall Process SM Personal Information in accordance with Applicable Data Protection Law.
- SM obligations
- SM shall provide its End-User(s) with all privacy notices, information and any necessary choices and shall obtain any necessary consents to enable the parties to comply with Applicable Data Protection Law;
- Where required by Applicable Data Protection Law, SM shall promptly inform Processor when SM Personal Information must be corrected, updated, and/or deleted;
- SM shall ensure that at the point of transferring SM Personal Information to Processor, the SM Personal Information is adequate, relevant and limited to what is necessary in relation to the Processing envisaged under the Agreement and this DPA; and
- SM shall comply (and ensure that its third-party auditors comply) with Processors relevant security policies and appropriate confidentiality obligations as set out in the Agreement.
- UNIPaaS obligations
- Applicable Data Protection Law. To the extent necessary to enable SM to comply with its obligations under Applicable Data Protection Law, UNIPaaS further agrees to comply with any required provisions of the GDPR Schedule (other than when acting in accordance with Section 1.2 (Authorization to Process) of this DPA).
- Data Subject Rights. Processor will, to the extent legally permitted, provide reasonable assistance to SM to respond to requests from End-Users to exercise their rights under Applicable Data Protection Law (e.g., rights to access or delete Personal Information) in a manner that is consistent with the nature and functionality of the Services. Where UNIPaaS receives any such request, it shall notify SM and the SM is responsible for handling such requests by an End User in accordance with Applicable Data Protection Law.
- Engaging with Sub-Processors. Processor shall ensure that when engaging with another data processor including any Affiliates (a “Sub-Processor”) for the purposes of carrying out specific Processing activities on behalf of SM, there will be a written contract in place between Processor and the relevant Sub-Processor. Such written contracts, to the extent applicable to the nature of the Services provided by the relevant Sub-Processor, will provide at least the same level of protection for SM Personal Information as set out in this DPA.
- Staff. Processor shall ensure that persons authorized to Process SM Personal Information have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
- Security of Processing. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Processor shall implement technical and organizational measures to ensure a level of security appropriate to that risk. In assessing the appropriate level of security, Processor shall, in particular, take into account the risks that are presented by the Processing, in particular from unauthorized or unlawful Processing, accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to SM Personal Information transmitted, stored or otherwise Processed. Processor shall provide reasonable assistance to SM in ensuring SM meets its own compliance obligations with respect to these same security measures.
- Security Breach
- In the event of an actual Security Breach (defined below) affecting SM Personal Information contained in Processor’s systems, Processor shall (i) investigate the circumstances, extent and causes of the Security Breach and report the results to SM and continue to keep SM informed on a regular basis of the progress of Processor’s investigation until the issue has been effectively resolved; and (ii) cooperate with SM in any legally required notification by SM of affected End-Users. The obligations herein shall not apply to Security Breaches caused by SM or SM’s End-Users.
- Processor shall notify SM without undue delay upon Processor or any Sub-Processor becoming aware of an actual Security Breach affecting SM Personal Information, providing the SM with sufficient information and reasonable assistance to allow SM to meet its obligations under Applicable Data Protection Law to (i) notify a Supervisory Authority (as defined under Applicable Data Protection Law) of the Security Breach; and (ii) communicate the Security Breach to the relevant Data Subjects.
- Notice to SM in accordance with Section 4.6.2 of this Agreement shall be made by sending an email and/or text message to the email address and/or mobile phone number.
- Except as required by applicable law or regulation, the notifying party will not make (or permit any third party to make) any statement concerning the Security Breach that directly or indirectly references the other party, unless the other party provides its explicit written authorization.
- Deletion and Retention. Processor shall, at the choice of SM, delete or return all SM Personal Information upon termination of the Agreement and delete existing copies unless storage is required by applicable law or the Rules.
- Miscellaneous. The terms of this DPA shall apply only to the extent required by Applicable Data Protection Law. To the extent not inconsistent herewith, the applicable provisions of the Agreement(s) (including without limitation, indemnifications, limitations of liability, enforcement, and interpretation) shall apply to this DPA. In the event of any conflict between this DPA and the terms of an applicable Agreement, the terms of this DPA shall control solely with respect to data processing terms where required by Applicable Data Protection Law, and, in all other respects, the terms of the applicable Agreement shall control. Notwithstanding any term or condition of the DPA, the DPA does not apply to any data or information that does not relate to one or more identifiable individuals, that has been aggregated or de-identified in accordance with Applicable Data Protection Law, or to the extent that UNIPaaS and SM have entered separate data processing terms that address the subject matter hereof.
- Definitions. Unless otherwise defined in the Agreement (including this DPA), all terms in this DPA shall have the definitions given to them in Applicable Data Protection Law.
- “Applicable Data Protection Law” means any law or regulation pertaining to data protection, privacy, and/or the Processing of Personal Information, to the extent applicable in respect of a party’s obligations under the Agreement and this DPA. For illustrative purposes only, Applicable Data Protection Laws include, without limitation, and to the extent applicable, the General Data Protection Regulation (Regulation (EU) 2016/679 (the “GDPR”) and any associated regulations or any other legislation or regulations that transpose or supersede the above;
- “End-User(s)” means any person that purchases goods or services of SM, whose information is submitted by SM to UNIPaaS during the course of SM using the Services hereunder;
- “Personal Information” means all data or information, in any form or format, that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer (“Data Subject”) or household or that is regulated as “personal data,” “personal information,” or otherwise under Applicable Data Protection Law. For the avoidance of doubt, this includes any information relating to an End-User as defined in the Agreement;
- “Process” or “Processed” or “Processing” means any operation or set of operations which is performed upon Personal Information, whether or not by automatic means, such as access, collection, recording, organization, storage, adaptation or alteration, retrieval, disclosure or otherwise making available, duplication, transmission, combination, blocking, redaction, erasure or destruction;
- “Security Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information. A Security Breach includes a “personal data breach” (as defined in the GDPR), a “breach of security of a system” or similar term (as defined in any other applicable privacy laws) as well as any other event that compromises the security, confidentiality or integrity of Personal Information.
GENERAL DATA PROTECTION REGULATION
This GDPR Schedule applies in addition to any terms set forth in the body of the DPA (and is incorporated therein) when the GDPR applies to your use of Services. Capitalized terms not defined herein have the meaning assigned to them under the DPA. To the extent there are any conflicts between this GDPR Schedule and the DPA, this GDPR Schedule shall prevail.
- Processor Obligations
- Processing of SM Personal Information. Processor shall Process SM Personal Information only on documented reasonable instructions from SM (including instructions with respect to transfers of SM Personal Information to a third country, if applicable) unless Processor is required to otherwise Process SM Personal Information by Applicable Data Protection Law. In such circumstances, Processor shall inform SM of that legal requirement before Processing, unless prohibited from doing so by applicable law, on important grounds of public interest.
- Use of Sub-Processor
- Processor shall not engage any Sub-Processor without the specific or general written authorization from SM.
- In the case of a general authorization, Processor shall inform SM of any intended changes concerning the addition or replacement of other Sub-Processors to give SM the reasonable opportunity to object to such changes. In the event SM objects to Processor’s change or addition of Sub-Processor, SM shall promptly notify Processor of its objections in writing within 10 business days after receipt of Processor’s notice of such change or addition.
- Processor may, at its option, undertake reasonable efforts to make available to SM a change in the Services or recommend a commercially reasonable change to SM’s configuration or use of the Services to avoid Processing of SM Personal Information by the objected-to new Sub-processor. If Processor is unable to make available such change within a reasonable period of time, which shall not exceed thirty (30) days, SM may terminate the Agreement with respect to only those aspects of the Services, which cannot be provided by Processor without the use of the objected-to new Sub-processor by providing written notice to Processor. If the Services as a whole cannot be performed without the objected-to new Sub-Processor, SM may terminate the entire Agreement.
- Processor agrees not to impose a penalty for any termination under Section 1.2.3 of this GDPR Schedule on SM. Processor reserves the right to maintain its Sub-Processor list through means such as publication of its Sub-Processor list online. In accordance with Section 1.2.1 of this GDPR Schedule, SM provides authorization for Processor to engage with the Sub-Processors listed by UNIPaaS online.
- Data Protection Impact Assessments and Prior Consultation with Regulator
- Processor shall immediately inform SM if, in Processor’s opinion, SM’s instructions would be in breach of Applicable Data Protection Law. SM agrees that Processor shall be under no obligation to take actions designed to form any such opinion.
- Processor shall provide reasonable assistance to SM with any legally required (a) data protection impact assessments; and (b) prior consultations initiated by the SM with its regulator in connection with such data protection impact assessments. Such assistance shall be strictly limited to the Processing of SM Personal Information by Processor on behalf of SM under the Agreement taking into account the nature of the Processing and information available to the Processor.
- Demonstrating Compliance with this DPA
- Processor shall make available to SM all information necessary to demonstrate compliance with its obligations under this DPA and allow for (and contribute to) audits, including inspections conducted by SM or another auditor under the instruction of the SM for the same purposes of demonstrating compliance with obligations set out in this DPA.
- SM’s right under Section 3.1 of this GDPR Schedule is subject to the following:
- if Processor can demonstrate compliance with its obligations set out in this DPA by adhering to an approved code of conduct, by obtaining an approved certification or by providing SM with an audit report issued by an independent third-party auditor (provided that SM will comply with appropriate confidentiality obligations as set out in the Agreement and shall not use such audit report for any other purpose), SM shall not conduct an audit or inspection under Section 3.1 above;
- in acknowledgement of the time, expense and disruption to business associated with performing audits and inspections involving interviews and onsite visits, SM agrees to only conduct such audits and inspections on condition that SM can demonstrate such audit or inspection is necessary beyond the information made available by Processor under Section 3.1 above. Such audits and inspections, shall be at reasonable intervals (but not more than once per year) upon not less than 60 days’ notice and at a date mutually agreed by the Parties, provided that the audit will (i) not disrupt Processor’s business; (ii) be conducted during business hours and at the SM’s expense; (iii) not interfere with the interests of Processor’s other SMs; and (iv) not exceed a period of two successive business days.
- Cross-Border Transfers
- Processor shall comply with SM’s documented instructions concerning the transfer of SM Personal Information to a third country.
- The Processor shall only Process or otherwise transfer any SM Personal Information outside the European Economic Area (“EEA”) in compliance with the Applicable Data Protection Law unless otherwise required by applicable law to which the Processor is subject; in such case, the Processor shall inform SM of that legal requirement before undertaking such processing of SM Personal Information unless such applicable law prohibits such information on important grounds of public interest.
- SM agrees and acknowledges that Processor may transfer and store certain SM Personal Information (relating to individuals located in the EEA) in the United States.
- The controller to processor standard contractual clauses (as set out in Commission Decision C (2010)593 dated 5 February 2010 made under Directive 95/46/EC of the European Parliament and of the Council as amended or superseded from time to time) (the “C2P Standard Contractual Clauses”) apply with respect to any transfer of SM Personal Information to UNIPaaS and any of its affiliated entities in the United States or other third countries (“UNIPaaS Entities”). The parties acknowledge and agree that:
- the C2P Standard Contractual Clauses are hereby incorporated by reference;
- SM and any of its commonly owned or controlled affiliates that have signed an Agreement for Services (“SM Entities”) shall be deemed to be “data exporters” for purposes of the C2P Standard Contractual Clauses;
- the UNIPaaS Entities shall be the “data importer” for the purposes of the C2P Standard Contractual Clauses;
- the SM Entities and the UNIPaaS Entities shall each comply with their respective obligations in the C2P Standard Contractual Clauses;
- if there is any conflict or inconsistency between a term in the body of this DPA, an Agreement and a term in the C2P Standard Contractual Clauses incorporated into this DPA, the term in the C2P Standard Contractual Clauses shall take precedence;
Appendix to the Data Protection Schedule
Part 1 – Description of the processing
|Subject matter of the processing||The processing of personal data to the extent necessary for the provision of the services set out in this Agreement between UNIPaaS and SM.|
|Duration of the processing||The duration of the processing of personal data by UNIPaaS under this Agreement is the period of this Agreement and the longer of such additional period as: (i) is specified in any provisions of this Agreement regarding data retention; and (ii) is required for compliance with Applicable Law.|
|Nature of the processing||Such processing as is necessary to enable UNIPaaS to comply with its obligations, pursue its legitimate interests, exercise its rights under this Agreement, and to comply with its statutory obligations, including collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.|
|Purpose of the processing|
The performance of UNIPaaS’ obligations, exercise of its rights under this
Agreement, the pursuit of its legitimate interests, its compliance with statutory obligations, including the performance of functions required or requested by the SM.
|Personal data types||Personal data provided to UNIPaaS by or on behalf of the SM, including personal data provided directly to UNIPaaS by a data subject or third party: (i) on the instruction or request of the SM; or (ii) on the request of UNIPaaS where UNIPaaS has been authorised to make such request by the SM or is legally required to make such request. The personal data processed under this Agreement will include (depending on the scope of Services provided): name; address; date of birth; gender; nationality; location; email address; billing address; address; Country; Country code; zip code; post code; userID; telephone number; IP address, primary account number and associated card information (or similar number or code identifying an APM).|
|Categories of data subjects|
Personal data related to individuals associated with the SM (including its past, current, and future shareholders and directors).
Personal data related to individuals purchasing goods and/or services from the SM.
|Obligations and rights of the processor||As set out in the Agreement.|
Part 2 – Authorised sub-sub-processors and categories of sub-sub-processor
Authorised sub-sub-processor / category
Description of the processing carried out by the
sub-processor / category of sub-sub-processor
|Other members of the UNIPaaS Group||Any of the processing carried out by UNIPaaS|
|UNIPaaS partners, service providers, affiliates and subsidiaries||Use of personal data in the provision of ancillary services, and other services necessary to support the provision of the Services.|
|Any applicable APM Provider, Financial Institution, Scheme and their respective sub-processors, (including sub-processors located outside the EEA||Use of personal data in the provision of ancillary services and other services necessary to support the provision of the Services.|
|Compliance service providers||Use of personal data in the performance of checks to identify politically exposed persons, persons that are subject to sanctions and other checks required by laws to which UNIPaaS is subject.|
|Technology service providers used in the administration of the Services and fraud services||Use of personal data to facilitate the provision of Services (including ancillary services) and fraud services.|