Terms & Conditions
Last Modified: 02.09.24
Introduction
This User Agreement constitutes a legal agreement (“Agreement”) between You, the Organization (which in this document includes “Organization”, “you”, “your”), of which the details are included in the profile page under ‘Company Information’, and CardCorp Limited (“CardCorp”, “we”, “us”, “our”). In this agreement you and we are referred to jointly as Parties.
This Agreement consists of 8 sections, namely 1 through 8. The main subjects in each section are:
- Scope of Agreement and the position of CardCorp;
- Your registration with CardCorp;
- Services Provided to You by CardCorp;
- Your obligations to CardCorp;
- Payments and balances;
- Security and confidentiality;
- Privacy; and
- Final Conditions & Stipulations.
Definitions
In this Agreement, the following terms mean:
Account
The account held with CardCorp in the name of the Organization for which the Organization for which CardCorp, among other things, enables one or more Payment Methods, records Transactions and updates Balances;
Agreement
This User Agreement, which constitutes a legal agreement between you and CardCorp;
Balance
The funds held by a Financial Institution on behalf of the Organization, after deduction of the expenses and fees of the Financial Institution and by extension CardCorp and any other amounts to be charged by the Financial Institution, or funds to be kept by the Financial Institution to cover the risk of possible Reclaim(s);
Chargeback
The reversal of a transaction, or a request to that effect, initiated by a Financial Institution or a Customer of a Financial Institution. Depending on the Payment Method used, such reversal may have its own name, such as Dispute on the case of Visa or Chargeback in the case of MasterCard;
Customer(s)
Your customer who wish to pay for products and/or services provided by you and sold through the Payment Module;
Dashboard
A web page made available to the Organization by CardCorp through which the Organization can launch a series of Payment Actions and view data recorded by CardCorp relating to historical Transactions, and where settings relating to the services provided by CardCorp to the Organization can be configured and modified;
Error Message(s)
An error message that results in you not being able to use the CardCorp Platform and Payment Module as intended in this Agreement;
Financial Institution(s)
One or more banks or payment institutions and in particular card Acquirers the Payment Module is connected to and that process Transaction(s) for which an order has been given via the Payment Module;
Fraud
The intentional misuse of the Payment Services, Payment Information, Personal Data or the Dashboard for the purpose of obtaining unlawful gains;
Intermediary / Intermediaries
Every possible intermediary between CardCorp and the Financial Institutions, including proprietors of payment products and brands (such as Visa and MasterCard) as well as the networks they use for the transmission and processing of transactions, judicial or government authorities;
Marks
Logos, trademarks, trade names, slogans or other indications of ownership;
Organization
The organization that aims to use the CardCorp Platform and Payment Module for purposes including, but not limited to, the sale of products and/or services to Customers;
Outage
An unannounced interruption or unintentional modification in the operation of the CardCorp Platform and Payment Module, which results in the Payment Module not delivering the functionality agreed upon by the Organization;
Parties
The Organization as well as CardCorp
Party
The Organization or CardCorp
Payment
Information All personal financial, card or transaction information corresponding to a Transaction processed through the Payment Module;
Payment Method
The way a Customer wishes to compensate the Organization for the goods and/or services delivered or to be delivered. The payment method must be offered by CardCorp to the Organization and by the Organization to its Customer, and the resulting Transactions must be processed by the Payment Module;
Payment Module
Software provided to the Organization by CardCorp by which:
Transactions can be presented by Financial Institutions for processing, possibly via one or more intermediaries
Information on the status of the processing of payments, which will be displayed and can be viewed in the dashboard or which can be downloaded by the Organization;
Payment Services
The services provided by CardCorp, which handles payment orders, given through the website of the Organization or through the CardCorp Platform Tools or in any other way, from Customers for products and services of the Organization, by using the Payment Module;
Personal Data
Any information relating to an identified or identifiable natural person;
Refund
The full or partial reversal of a transaction, or a request to that effect, initiated by the Organization;
Security Measure
Any procedure or measure introduced by CardCorp or proposed for the purpose or reducing the risk of Fraud in the use of the Payment Module by the Organization. CardCorp or the Organization can implement such security measures by way of policy, processes and/or systems;
Solution
A remedy or alternative manner of operation for an Error Message after CardCorp has received any confirmed Error Message, in such a way that the Payment Module delivers the functionality agreed upon with the Organization;
Transaction(s)
Orders given via the CardCorp Platform or via the website of the Organization by one or more Customer(s) for products and/or services of the Organization, which order is presented for processing to one or more Financial Institutions by using the Payment Module;
Updates
Software that corrects errors in the CardCorp Platform or the Payment Module;
Upgrades
Software that is an addition to the functionality and/or the security of the CardCorp Platform or the Payment Module;
Website
One or more websites or other services maintained by the Organization, such as apps for mobile devices.
SECTION 1: SCOPE OF AGREEMENT AND POSITION OF CARDCORP
1.1 Scope of Agreement
This Agreement applies to all (legal) acts between you and CardCorp and will remain applicable after termination of the services, regardless of whether you explicitly communicated this termination to us. The applicability of any other conditions or agreements is explicitly rejected, unless agreed upon explicitly by the Parties in writing. By entering into this Agreement, you implicitly express your consent to be bound by its terms and conditions.
1.2 Position of CardCorp
CardCorp is a technical platform operator specializing in digital payments. The services of CardCorp enable you to accept payments from your Customers in exchange for the products and/or services delivery by you. CardCorp does not accept any liability for the products and/or services that are purchased using the CardCorp services. We act as a technical service provider directly and in conjunction with Third Party Providers, specifically the Financial Institutions who clear and settle the financial transactions we send to them for authorization on your behalf, who ultimately provide the Payment Service.
Our partner Financial Institutions are each duly licensed and regulated in their EU/EEA country or origin with licenses passported to each EU/EEA member state and each are Principal Members of Visa and MasterCard. Depending on the Service provided, we may require that you contract directly with our Third-Party Providers to receive their Services, which will form an essential component of our overall Service offering to You.
Hereinafter in this Agreement where our services are provided either solely by ourselves or in conjunction with our partners, it is under hereby understood and agreed that any such reference to ourselves as specified in item 1 above shall also include any Third-Party Providers who may be involved in the provision of the associated service.
SECTION 2: REGISTRATION WITH CARDCORP
2.1 Registration Process
The services of CardCorp are only available to legal persons and legal constructs (organizations), and explicitly not to persons who want to receive payments in the personal, family or household context. You must register with CardCorp before you can use our services. CardCorp will evaluate your request, and if you qualify at face value as being eligible for merchant account approval, CardCorp will request information including your registered entity information and location, your trade name (if applicable), your address details, your phone and email contact details, and your VAT number. You must also provide CardCorp with information on the ultimate beneficial owners of your organization. The persons you register with CardCorp must be competent and authorized to that effect. You confirm that you are a national or a legal resident of the country you indicate on registration, and that you authorized to develop business activities you that country.
You guarantee that all the information you provide to CardCorp is complete and truthful, and that you will keep your information registered with us up to date. You must inform CardCorp without delay of changes in the corporate name, corporate status, corporate structure, type and scope of the services or any other relevant changes.
When you register with CardCorp your email address is assigned as your username and you will be asked to select and confirm a password of your own choosing. You will be asked to validate the email address by clicking a confirmation link on an email we send you. The username and password provided to access CardCorp are strictly personal and may not be shared with anyone. You are responsible for damage and/or loss arising from misuse of the username and password, and you must inform CardCorp of the loss, theft and/or misuse thereof.
2.2 Business Cases
You are required to register all websites (URLs) using the Payment Services with CardCorp. It is not permitted to use the Payment Module on websites other than those registered explicitly and in advance with CardCorp, and approved by the Financial Institution that issues your Merchant Account. Nor is it permitted to initiate Transactions via a business case other than the case belonging to the website on which the Transaction was initiated. Besides the URL you must register the trade name under which you do business via this URL. CardCorp can use this information in the way in which Transactions are displayed on Customers account statements. CardCorp is not responsible for any costs arising from the fact that Customers do not recognize the trade name of a specific Transaction on their account statement.
You guarantee that the URL(s) you register with CardCorp do not contain any libellous, defamatory, obscene, pornographic or blasphemous material or expressions. CardCorp will terminate the use of the Payment Module for such URLs immediately upon discovery.
Where you mention the Payment Method(s) available to Customers, not limited to the payment page of your website, you must include all Payment Methods offered by you, and you must display the Brand(s) belonging to the Payment Method described as your specific Payment Method. You must not criticize or deliberately misrepresent any of the Payment Methods or the services linked to them, nor are you allowed to develop activities that damage the interests of the Brands or CardCorp or the Payment Method(s). In such a case, CardCorp may discontinue your use of the Payment Module.
2.3 Verification and Acceptance
After registration, we will verify your identity and assess the risk that your business activities pose for CardCorp, and it is on this basis that we decide whether to make the Payment Services available to you and request a Merchant Account for you with our partner Financial Institution. For this purpose, CardCorp may share your information, including the Personal Data of your legal representative(s) or ultimate beneficial owner(s) with the Financial Institution, which can make its own assessment with respect to use of the Payment Services. We may ask you to make additional information available for these verification activities, including financial statements, invoices, permits or other types of identification or permissions issued by the government. By accepting this Agreement, you give us and the Financial Institution permission to retrieve any information deemed necessary about you and to make this information available to third parties including, but not limited to businesses engaged in the registration of creditworthiness and other information providers. You hereby give these third parties permission as well to provide such information about you to us. You are aware that such information includes name, address, credit history and other data. CardCorp may update this information periodically to determine whether you continuously meet our conditions and comply with this Agreement.
You hereby give CardCorp permission to share information about you and your application (irrespective of whether the application is approved or rejected) and your Account with our partner Financial Institutions(s). This includes information:
- About Transactions, so that CardCorp and/or the Acquirer can comply with obligations arising from statutory requirements or requirements of supervisory authorities;
- For use in relation to management and maintenance of the Payment Services;
- By which the information about you can be recorded and updated, and where the information helps to improve the Payment Services;
- That CardCorp needs for its risk management.
In exceptional cases, we may request your approval to conduct an inspection at your office or inspect your financial and other records, insofar as they may relate to the extent and way in which you comply with this Agreement. Should you not comply with our requests within five (5) days, this could lead to the suspension or termination of your account.
SECTION 3: SERVICES PROVIDED BY CARDCORP
3.1 Payment Module
CardCorp will make efforts to keep the Payment Module available to you. CardCorp cannot, however, guarantee complete and permanent availability of the Payment Module. CardCorp will have the right to switch off the Payment Module for maintenance purposes. This will preferably be done at night. CardCorp will have the right as well at any time to modify the Payment Module. CardCorp will not be required to maintain, modify or add certain properties or functions specifically for the Organization.
CardCorp reserves the right, with immediate effect, to discontinue the provision of its services to you, deny you access to the Payment Module and terminate this Agreement if CardCorp suspects that you are acting in conflict with this Agreement. CardCorp hereby reserves the right to recover any losses incurred through this from you.
If you use the Payment Module in a way as referred to below, this use will in any case (but not exclusively) qualify as punishable, unlawful, and/or harmful in the following circumstances:
- Purchase and/or sale of goods and/or services of which the purchase and/or sale in the country of origin and/or the country in which the goods and/or services are offered is in conflict with any applicable statutory provision or public morals;
- The sale of products and/or services by the Organization without being willing or able to deliver them to one or more Customers within a reasonable period;
- Use of Personal Data in conflict with the General Data Protection Regulation, or insufficiently informing Customers in a way as referred to in the General Data Protection Regulation;
- Hacking, phishing, unauthorized penetration in the system and/or network structure of CardCorp, Acquirers, Intermediaries, Suppliers and/or third parties;
- Collecting payments without a legally valid contract between you and the Customer;
- Deliberately misleading Customers, CardCorp, Acquirers, Intermediaries, Suppliers and/or third parties, and
- Committing Fraud or aiding and abetting and/or allowing fraudulent activities.
3.2 Payment Methods
The Payment Module enables your Customers to use different Payment Methods depending on their availability to you. Each Payment Method has its own characteristics, risks and conditions, including cost structure, payment term, the manner in which the payment is made, and the possibilities offered to Customers to dispute the payments or claim refunds or process chargebacks. When you request to enable a Payment Method via the Dashboard, we assume that you understand and accept the conditions of that Payment Method. CardCorp may add new Payment Methods in the future, which must in general be activated before they can be used in the Payment Module. CardCorp reserves the right to delete Payment Methods from the Payment Module and may deny the Organization the use of a specific Payment Method.
3.3 Foreign Currency
CardCorp offers you the possibility to receive payments from your Customers in different (foreign) currencies. When you use this option, the Financial Institution converts the payments for you into an amount in the settlement currency you select from the Financial Institution’s available settlement currency options. The amount to be received by you is calculated by the Financial Institution per individual payment on the basis of the buying rate (combination of, among other things, the exchange rate of the currency at the time of the reimbursement and the costs as charged by the Financial Institution’s supplier) and a mark-up. The mark-up is usually set by the Financial Institution at two and a half (2.5) percent of the exchange rate charged the to the Financial Institution, unless otherwise agreed upon by the Parties.
SECTION 4: YOUR OBLIGATIONS
4.1 Prohibited Activities
You must only accept payments and process them via CardCorp’s Payment Module for the lawful sale of legal goods and services. There are certain categories of Organizations and activities for with the Payment Services cannot be used. Most of these categories are imposed by the Financial Institutions and Intermediaries which are used by CardCorp to process Transactions. Activities for which CardCorp cannot provide its services include but are not limited to products or services that (may) constitute an unacceptable financial risk or a risk to CardCorp’s reputation.
By registering with CardCorp, you confirm that you will not use our services for activities other than those approved during registration or explicitly approved by CardCorp afterwards. If CardCorp thinks or suspects that, despite this assurance, you are accepting payments for prohibited activities as referred to in this Agreement, you must end these prohibited activities immediately at CardCorp’s request. If you have not ended the prohibited activities within the timeframe set by CardCorp, CardCorp reserves the right to terminate the Agreement with immediate effect. In case of doubt, you should refer to CardCorp support for further information.
4.2 Compliance with Laws and Regulations
You warrant and guarantee that your activities, both online and offline, comply with the relevant laws and regulations and this Agreement. You must ensure that the correct use of the Payment Module and the manner in which the Payment Module is applied. You must inform your Customers how they can use the Payment Module in a correct and safe manner. You guarantee as well that you will not perform or omit acts – and see to it that your Customers do not perform or omit any acts – regarding which you know or reasonably ought to have known that such acts or omissions will result in the use of the Payment Module that is punishable and/or unlawful, or might possibly cause damage.
4.3 Provision of Information
You are responsible for the clear and orderly inclusion of the following information on your site:
- Your contact information (or that of customer service), consisting of at least the address, telephone number and email address;
- Information on the prices of your products and/or services;
- Delivery information, especially timelines and charges;
- Payment terms;
- Where relevant, information on subscriptions, the term of a subscription and the way in which it can be cancelled.
You must also be clear and pro-active in communicating any delay in delivery or the cancellation of an order. If CardCorp receives complaints about you, and such complaints necessitate an investigation or other activities to be carried out by CardCorp as determined by CardCorp, CardCorp will have the right to charge you for the costs to be determined for this investigation.
SECTION 5: PAYMENTS & BALANCES
5.1 Safeguarding Customers’ Funds
CardCorp does not receive funds on your behalf, in each case they are safeguarded by your contracting Financial Institution and settled directly to the bank account details you confirmed by you in your Merchant Agreement or as updated by Merchant Agreement Amendment by you thereafter. The Financial Institution is not required to verify the correctness of these instructions with CardCorp. Consequently, each payment made by your Financial Institution is made on your instructions to your Financial Institution and each incorrect payment is therefore the consequence of incorrect instructions to that effect given by you to your Financial Institution. Each request for a payment to which you are or think you are entitled will therefore be a request to your Financial Institution, and you hereby waive your right to demand the amount from CardCorp or to take legal action to demand such amount from CardCorp
5.2 Rates
Your contracted Financial Institution charges a rate per successful transaction and a fixed processing fee per transaction regardless of outcome. The amount of the rates your contracting Financial Institution charges are displayed in your Merchant Agreement with your contracting Financial Institution.
CardCorp is not entitled to adjust your rates with your Financial Institution unilaterally, but we may require you to agree to a change in commercial terms with your Financial Institution under certain conditions. If this concerns an increase in the rate, we will inform you at least one (1) month before this new rate takes effect, by email or via the CardCorp dashboard, and prepare a Merchant Agreement Amendment detailing the revised rates, which we will present to you electronically for your signature. If you inform us within one (1) month after receiving this information from CardCorp, in writing or by email, the fact that you do not agree to this increase and if you do not sign the Merchant Agreement Amendment, this Agreement and your Merchant Agreement with your contracting Financial Institution will automatically terminate as of the date on which the new rate is scheduled to take effect.
All rates listed in your Agreement with your contracting Financial Institution or on CardCorp’s website are exclusive of VAT and other government charges, unless explicitly stated otherwise.
5.3 Transactions
CardCorp only processes Transactions that are authorized by the relevant Intermediary/Intermediaries and/or the Financial Institution involved in the specific Payment Method and/or Customer. You yourself are responsible for checking the correctness of the Transaction Data presented in the Payment Module in connection with the purchase of products and/or services.
On each Transaction, there will only be a contractual relationship between you and the Customer(s) on the one hand and the Financial Institution and Customer on the other. CardCorp explicitly remains outside these contractual relationship(s), which also means that no obligations exist or arise for CardCorp because of these contractual relationships.
5.4 Reversals, Chargebacks, and Refunds
CardCorp gives no guarantees and accepts no liability for Transactions that are automated and completed, but which at a later stage, in whatever form, are reversed by the Customer or the Financial Institution (“Reversals”). Such Reversals, whether Refunds or Chargebacks may be the (non-limitative) result of:
- A dispute with the Customer;
- Unauthorized or incorrectly authorized Transactions;
- Transactions that do not comply with the rules of the relevant Transaction-processing network of the card-issuing agency involved or this Agreement, or which are allegedly unlawful of suspicious, or
- Other reasons used by the Card Network, the Financial Institution or the Cardholder’s card-issuing institution.
You are fully responsible and liable for Reversals, irrespective of the reason for, timing of or termination of the Reversal. In the event of a Reversal, you will be immediately liable to your Financial Institution and to CardCorp for the entire amount of the Reversal, together with any costs and penalties, including the penalties that could be imposed on CardCorp by the Intermediary/intermediaries and the Financial Institution. You agree you’re your Financial Institution may, and hereby authorize your Financial Institution to, set off the total claim based on the Reversal against your claim against your Financial Institution, or debit the amount from the bank account of your Financial Institution. If CardCorp’s partner Financial Institution is unable to collect this claim itself, you must pay CardCorp or its partner Financial Institution the full amount immediately on request.
In addition to the above, if there is a suspicion that a certain Transaction can result in a Reversal, CardCorp’s partner Financial Institution will be entitled to retain the amount of the possible reversal, or withhold it from the balances you are yet to receive, until the time that:
- A Reversal is established as a result of a complaint from a Customer, in which case the Financial Institution will retain the funds;
- You have successfully disputed a Reversal;
- Under the relevant laws or regulations, the period has expired during which a Customer can dispute the Transaction in question; or
- We have established that a Reversal will not take place anymore.
You have the possibility to dispute a Reversal imposed on you. We can assist you in doing so by means of notifications and software. We, however, do not accept any liability for our role or our assistance in disputing the Reversal. You declare that you will provide us in a timely fashion, at your own expense, with the information needed to investigate and help resolve the Reversal. You give us permission to share relevant information with the card holder, the card-issuing institution and the Financial Institution to help resolve the dispute. You are aware that no providing us in a timely fashion with complete and accurate information can result in a final, irreversible Reversal. If the card-issuing institution or the relevant Intermediary/ Intermediaries does/do not resolve a dispute in your favour, we can claim the amount of the Reversal and related costs from you, as specified in this Agreement. We reserve the right to charge costs of our investigation and the mediator’s role in relation to Refunds.
CardCorp, the Financial Institution or the Intermediary/intermediaries may decide that you are responsible for an excessive number of Reversals. An excessive number of Reversals can result in additional costs and penalties. They can also lead to restrictions in the way in which you can use our services, including, but not limited to:
- Changes in the conditions for and the amount of guarantee to be retained by the Financial Institution;
- Increase of the costs charged;
- Delay in payouts, or
- Possible suspension or termination of the Payment Services provided by CardCorp and/or it’s partner Financial Institution.
In the event of an excessive number of Reversals, the Financial Institution and/or Intermediaries can also implement additional checks and restrictions in the processing of your Transactions.
5.5 Funds
All payments made by your Customers via one or more Transactions, after deduction of the costs withheld by the Financial Institution which include CardCorp’s rates, are received and held for Safekeeping on your behalf by the Financial Institution. The Financial Institution retains the deducted costs and fees and pays the remainder to you. You hereby authorize the Financial Institution to receive all payments relating to your Transactions in an account of the Financial Institution.
5.6 Settlements
The payment of a Balance to you will be made from a threshold value, usually €150 (one hundred and fifty Euros), unless the Parties have agreed otherwise. If CardCorp or the Financial Institution discovers a difference in the payment made to you and the outstanding Balance, the Financial Institution reserves the right to settle the difference or reclaim the incorrect payment until the situation has been corrected. You can request changes to the settlement frequency in the Dashboard.
The Financial Institution is entitled to change the settlement frequency or to suspend Payment Service and settlements (temporarily), or to cancel Transactions, for instance in case of complaints, attachments or investigation into possible Fraud. Your obligations relating to use of the Payment Module will remain fully in force during this period.
SECTION 6: SECURITY AND CONFIDENTIALITY
6.1 Fraud
CardCorp will have the right to terminate this Agreement with immediate effect, or request suspension of the Provision of Services or settlements by the Financial Institution temporarily in the event of (a suspicion of) Fraud, indications of Fraud and/or situations in which more detailed investigation needs to be done. You will be notified of this by email or telephone, unless such notification is not considered desirable in the context of the investigation; CardCorp will not be liable for losses incurred because of such an investigation.
6.2 Security and Fraud Measures
CardCorp can provide you with security procedures and measures or make suggestions with a view to reducing Fraud. These procedures and measures can include processes or systems developed by CardCorp or by third parties. You agree to assess these procedures and measures and choose which of them are appropriate for your activities to protect you against unauthorized Transactions, and if necessary, to use additional systems and procedures not provided by CardCorp. Switching off or refusal to use the security measures and/or procedures increases the chance of unauthorized Transactions.
If applicable to you, you are responsible for use of information on lost or stolen cards by which goods and/or services can be purchased on your website. CardCorp is not responsible, nor does CardCorp indemnify you for losses or damage caused using lost or stolen credit cards for the Payment Services. This also relates to losses arising from the use of lost or stolen credit cards to make purchases via your Website, or cause by user names and passwords getting into the wrong hands.
6.3 Confidentiality
Parties will, barring prior written consent from the other Party, treat all data and information about the other Party that is secret or of a confidential nature as strictly confidential, secure it in an appropriate manner and not disclose them to third parties in any way whatsoever. Parties will only use the above-mentioned information in the context of the Agreement.
Secret or confidential information is, barring written consent of what is stipulated by the Agreement, in any case, but not limited to: all information that is explicitly indicated as secret or confidential by the other Party, all information and data Parties come to know in the context of the Agreement, technical, financial and business information, drawings, formats, concepts, source codes, pilots and all other information which Parties know, or reasonably ought to know, is secret or of a confidential nature and should not be disclosed to third parties, for example because its disclosure could result in a reasonable change that the other Party could incur a loss or other disadvantage.
Nor may Parties use or disclose confidential information and/or data provided to them or which they have come to know in the context of an Agreement in the vent of, whether premature or not, full or partial termination of an Agreement, or after the termination of an Agreement.
Parties are entitled to disclose or hand over confidential information of the other Party to the competent authorities, in cases in which they are required to do so under applicable statutory provisions, or in which CardCorp is required to deliver it to an Acquirer or Intermediary based on agreements made with such Acquirer or Intermediary.
CardCorp is entitled to provide information (including confidential information) to an intermediary and/or a Financial Institution in the event of (a suspicion of) fraudulent use of the Payment Module and/or at the request of an Intermediary and/or and Financial Institution.
SECTION 7: PRIVACY
7.1 Responsibilities of Parties in relation to Data Protection
Personal Data are processed in the context of the execution of the Agreement and are subject to our Privacy Policy, which may be viewed in full on our website at [privacy policy url]. With respect to the processing of the Personal Data, both Parties are controllers within the meaning of the General Data Protection Regulation, insofar as they independently determine the purposes and means for the processing. Parties must take appropriate technical and organizational measures for the protection of Personal Data. If asked, Parties will inform each other of the security measures taken.
CardCorp is responsible for the protection of the Payment Data in its possession, and will take all administrative, technical and physical measures reasonable from a commercial point of view to protect your Personal and Payment Data against unauthorized access or unintended loss or alteration. Notwithstanding the above, CardCorp cannot guarantee that unauthorized third parties will never be able to breach or circumvent the security measures taken by CardCorp and use the Personal and/or Payment Data for malafide purposes. You accept this risk if you provide us with your own and your Customer’s Personal Data.
CardCorp will process Personal Data in the context of its services, in connection with statutory obligations, and to safeguard the security and integrity of, inter alia, its organization and the financial sector. In processing Transactions and payments, CardCorp works with different Financial Institutions and CardCorp shares Personal Data with Financial Institutions.
CardCorp will only make Personal Data available to third parties in the contexts of its services. In addition, in case of complaints or questions from your Customers, CardCorp can share your contact information with your Customers.
7.2 Protection of User’s Data
In your contract with your Customer, or in the general terms and conditions applicable to the relationship with your Customer, you must state that you use CardCorp for the processing of Transactions, and that Personal Data of your Customer are shared with CardCorp in this context. If applicable, you must ensure that your Customer, directly or indirectly, gives CardCorp all required (explicit) consents as referred to in the applicable privacy legislation.
You guarantee that you comply with all requirements set by the GDPR for the processing of Personal Data as presented to the Payment Module by you as the Organization or by your Customers. Should you fail to comply with this obligation, or if an Intermediary or a Financial Institution, court or government institution so requests or requires of CardCorp, CardCorp will be entitled to suspend its obligations with respect to you.
You are fully responsible for the security of the data on your Website(s), your app, or otherwise in your possession. You agree to comply with all applicable national and international laws and regulations pertaining to the collection, secure storage and dissemination of Payment Data or Personal Data on your site, your app or otherwise.
If applicable to you, you must comply with the rules as set out in the relevant parts of the Payment Card Industry Data Security Standards (PCI-DSS) and the Payment Application Data Security Standards (PA-DSS). If, in spite of this, and ‘Account Data Compromise’ (ADC) occurs nevertheless, and it occurs through your actions, you will be liable for this. If CardCorp and/or an Intermediary conducts and investigation as a result of an ADC, and costs are involved in this investigation, you hereby accept these costs in advance, only, however, insofar as CardCorp has shared the amount, or an indication, of these costs beforehand with you. You can find information on PCI-DSS on the website of the PCI Council.
If CardCorp considers it necessary to verify wither you meet the PCI standards, you must immediately provide the documents from which this is clearly and unambiguously evident. You declare that you will use only suppliers that meet the PCI standards when it comes to the storage and transmission of Payment Data, particularly concerning, but not limited to, the card number (referred to as the Primary Account Number or PAN), the expiration dates of cards and the CVV2 Code. You are advised not to store any such data at all, and you are aware that it is strictly prohibited at all times to store the CVV2 code in any form.
In the event of a (suspected) data breach at your organization, in which Payment Data may be involved, you must notify CardCorp of this data breach without delay, and under no circumstances later than two days (48 hours) after the discovery of the data breach. CardCorp or another Financial Institution may request additional information on this data breach, in which case you must provide such information without delay.
7.3 Your Privacy Rights
You have the right, upon request, to view, alter, limit or delete your Personal Data which CardCorp processes, unless CardCorp is under a statutory obligation not to comply with your request. Furthermore, you have a right to data portability. Such a request can be made up to 30 (thirty) days after the termination of your Agreement with CardCorp. CardCorp will makes sure that your data are provided to you in a structured, frequently used and machine-readable format.
7.4 Privacy rights of Data Subjects
Parties must thoroughly inform data subjects (usually consumers) whose Personal Data they process of their privacy rights, and must ensure that these rights can be reasonably exercised. Where reasonably necessary, Parties will assist each other in complying with these obligations, as set out in the applicable privacy legislation.
If a data subject wishes to exercise his or her rights with CardCorp or you, and CardCorp or the Organization is of the opinion that the data subject should exercise these rights with the other Party, CardCorp or the Organization will refer the data subject to the other Party.
SECTION 8: FINAL CONDITIONS AND STIPULATIONS
8.1 Third-Party Clause
Parties acknowledge that this Agreement also entails a third-party clause for the purposes of Financial Institution which CardCorp may introduce to the Organization. Rights of the Parties under this Agreement will not require the approval of any third party.
8.2 Indemnification
You indemnify CardCorp for claims (as well as all costs incurred by CardCorp in relation to such a claim) of Customers, Financial Institutions, Intermediaries and/or third parties arising from:
- Abuse of the Payment Module by the Organization, as defined in Article 3.1;
- Defects in the Website and/or defects in the products and/or services provided by the Organization;
- Non-compliance by the Organization with obligations arising from applicable privacy legislation, including, but not limited to, the General Data Protection Act;
- Non-compliance and/or unlawful acts in the broadest sense y you with respect to Customers and/or third parties.
8.3 Liability
CardCorp must be held liable in writing, after CardCorp has been given a reasonable period to offer an appropriate solution. If CardCorp is liable in connection with a breach of its obligations or for losses otherwise incurred by you, CardCorp will be liable only for direct loss and not for indirect loss. Indirect loss means, but is not limited to, loss of goodwill, lost profits, missed (investment) opportunities and missed savings.
If and insofar as CardCorp is liable to you, such liability will be limited in all cases to an amount equal to the amount received by CardCorp in the form of revenue share from the Financial Institution introduced by CardCorp in relation to the rates charged to you by the Financial Institution, to which the loss relates. In the event of an Agreement with a term of more than six (6) months, the liability of CardCorp will be limited to the maximum of the amounts received by CardCorp under the Agreement in the last six (6) months, exclusive of VAT. Notwithstanding the preceding paragraphs, the liability of CardCorp will in all cases be limited to EUR 10,000 (ten thousand euros) per harmful incident. A series of incidents count as one (1) incident. Any claim against CardCorp will lapse by the elapse of a period of three (3) months after the harmful incident became known to you, except in the case of written acknowledgement of the claim by CardCorp
8.4 Force Majeure
Parties will not be liable in the event of Force Majeure. “Force Majeure” means: circumstances or events beyond the control of the Parties – regardless of whether or not these circumstances were foreseen or foreseeable at the time the Agreement is signed – as a result of which Parties cannot reasonably be required to comply with their obligations under the Agreement. These circumstances include in any case, but are not limited to: war, fire, natural disasters, labour disputes, power outages, strikes, epidemics, government rules and/or comparable rules, embargoes, non-compliance (due to bankruptcy or other reasons) by suppliers, Financial Institutions, Intermediaries, sub-contractors or any other third party or parties engaged by Parties in performing the Agreement, attachments, unavailability of the systems of Financial Institutions and/or telecommunication services and (attempted) unauthorized penetration in and/or unauthorized use of the systems, networks and databases belonging to CardCorp, the Organization, Intermediaries and/or Financial institutions, and/or on which CardCorp, the Organization, Intermediaries and/or Financial institutions depend, as well as all incompetent work performed on them by parties other than CardCorp or third parties it has engaged.
8.5 Intellectual Property
All intellectual property rights, including, but not limited to, all existing and future rights and claims on, or in relation to, the use of copyrights and neighbouring rights, chip rights, trade name rights, trademark rights, domain names, patent rights, design rights and database rights in relation to the platform or related items, will be vested exclusively in CardCorp.
You have the right to use regarding a Payment Service for the term of the Agreement, to the extent it is necessary for performance of the Agreement. None of the stipulations in this Agreement will entitle you to any right with respect to the platform and/or the Payment Module in related terms.
You will never have the right to make an adaptation or modification to the platform and/or the Payment Module, nor the right to make copies of them, to decompile the platform and/or the Payment Module and/or to modify or to attempt to modify them otherwise.
8.6 Complaints, Outages and Support
When you discover a problem that renders the Payment Module unusable in the way specified in the Agreement, you must report this to CardCorp as soon as possible. CardCorp will process the report in its registration system and then make maximum efforts to arrive at a remedy for an Outage with a reasonable time, so that the Payment Module will once again provide the agreed functionality. CardCorp will remain available during business hours to provide you with a reasonable level of technical support with your use of the Payment Module.
You yourself are solely responsible for supporting your Customers. You are responsible for replying to emails from Customers within a reasonable time, when the questions in the emails relate to the use of the Payment Module.
You must notify CardCorp as soon as possible after discovering an Outage. In the event of an Outage, the following protocol must be followed:
- You must notify CardCorp of the Outage as soon as possible;
- CardCorp will register this and provide you with a ticket number as a reference to the Outage;
- CardCorp will start an investigation into the Outage and make efforts to arrive at a Solution within a reasonable time;
- CardCorp will inform you of the Solution put in place.
8.7 Term, end and transfer of this Agreement
This Agreement is effective as of the date this Agreement is accepted by you. The Agreement is effective for an indefinite period of time. Each Party has the right to terminate the Agreement, considering a notice period of at least one (1) calendar month. Each Party may terminate this Agreement with immediate effect (in writing) in case the other Party:
- Is declared bankrupt, has been granted a moratorium on payment, has discontinued its business activities or has been liquidated;
- Each Party may terminate this Agreement for a period of 30 (thirty) days after being sent a written notice of default.
8.8 Miscellaneous other stipulations
This Agreement supersedes all previous agreements between the Parties, regardless of whether these agreements were made orally or in writing. CardCorp reserves the right to amend this Agreement. The notification hereof can be made in writing, by email or via the CardCorp Dashboard. The amendments will enter into effect one (1) month after notification, unless stipulated otherwise. If you do not wish to agree to these amendments, you will be entitled to terminate the Agreement, with a notice period of one (1) month.
This Agreement is governed exclusively by English law and the Parties must bring disputes before the court in England. If the court declares articles of this Agreement invalid, the other articles will remain fully in force.
CardCorp has the right to outsource some of its services to third parties.
Transfer by you of this Agreement or the rights and obligations contained in it is only possible with prior written permission from CardCorp, which permission can be given under certain conditions, to be determined at such time. You hereby give CardCorp permission in advance, to transfer an Agreement at any time desired by CardCorp to a third party to be indicated by CardCorp. If and insofar as necessary or desirable, you undertake as well to confirm the aforementioned permission in writing.
You specifically warrant that the Organisation has the authority to enter into this Agreement and that the person(s) agreement on behalf of the Organisation are duly authorized and directed to do so by the Organisation. Furthermore, the Organisation warrants that all references hereinafter to the “Organisation” shall mean the Organisation and its officers, agents and contracted agents.
END OF AGREEMENT