Contrato T&C (para pessoas jurídicas)

These terms and conditions (“Terms”) govern the use of the Payment Processing Services (as defined below), which are provided by Larstal Denmark ApS, a Danish limited company with registered office at Frederiksborggade 15 3, 1360 Copenhagen (“Processor”) to the entity identified in the Merchant Agreement Form, whose application is approved.

By accepting these Terms, the Merchant acknowledges and understands that the Processor is an authorized e-money institution license under the Danish Financial Supervisory Authority. The Processor issues e-money and holds the Users and Merchant’s funds in segregated accounts held by credit institutions in the European Economic Area. The Danish Consolidated Act no. 2710 of 7 December 2021 (“Danish Payment Act”) applies unless specifically agreed otherwise in these Terms.

  1. Definitions and Interpretation
    1. The following definitions shall have the following meanings:
“Account Holder Data” means the account number, the name, the address and any other relevant information of the Account Holder required from time to time by the Processor necessary to process the proposed Transaction;
“Account Holder” means the person in the Territory in whose name an account is registered with the Processor;
“Accelerated Settlement” means the Processor advancing to the Merchant funds form Customer’s Transactions upon Merchant’s request (not earlier than certain calendar days -specified in the Schedule A- from the day the Transaction is made and not later than the Availability Date);
“Affected Country” has the meaning specified in Clause 11.8;
“Affected Services” has the meaning specified in Clause 11.7;
“Agreement” means these Terms, the Merchant Agreement Form and the Schedules attached thereto;
“Applicable Legislation” means all applicable legislation, regulations, any and all directives and/or guidelines of any applicable regulatory or governmental authority relating (as the context requires) to each Party's business and obligations under and/or pursuant to this Agreement, including the highest standards and international practices of the specific industry which the Merchant operates;
“Authorization Code” means an identification number, which is provided by the Processor to the Merchant, indicating that payment for a particular Transaction has been authorized;
“Authorization Data” means all the data the Processor requires to be transmitted by the Merchant (including the Account Holder data or the Cardholder Data) prior to the Processor authorising a Transaction in accordance with Clauses 8.1 and 8.2 below;
“Authorization Request” means the request for payment to be taken for a particular Transaction which is made in accordance with Clause 8.1 below;
“Authorized Transaction” means a Transaction which complies with the requirements set out in Clause 8.5 below;
“Availability Date” means the date when the funds specified in Clause 6.2.1 will be available for payment, which will be after certain calendar days (specified in the Schedule A) has elapsed from receiving payment through the Payment Processing Services;
“Bank” means a bank with which Processor maintains an account, which must be subject to regulation as a financial institution by its respective national financial supervisory authority or authorities;
“Business Day” means any day other than: (i) a Saturday or Sunday; (ii) a holiday and/or; (iii) a day on which banking institutions are Authorized by law EU by a regulatory order to be closed;
“Card” means a debit card or a credit card as applicable;
“Cardholder” means the holder of a Card;
“Card Association” means any organization owned by a financial institution that licenses bank credit or debit card programs;
“Card Data” means in relation to a Card: Card number, Card expiration date, Card security code (CVV), amount and the currency of the Card, as applicable;
“Cardholder Data” means the Card Data and any other relevant information concerning a Cardholder or their Card required from time to time by the Processor to process the proposed Transaction;
“Chargebacks” means a circumstance whereby the Customer claims that the products and/or services were not received and therefore demands to be refunded the payment made for that product and/or service or when the Customer states that the purchase has not been done by himself; The Parties hereby irrevocably agree that any and all chargebacks either fraudulent or not, shall be covered by the Merchant;
“Confidential Information” means all information or trade secrets including, without limitation any details regarding the Authorization Data and the Account Holder or the Cardholder payments or the Account Holders’, Cardholders’ or the Merchant’s Transactions processed hereunder, market or business data or software, relating to the Parties or that becomes available to the other Party during the Term of this Agreement;
“Customer” means a person situated in the Territory that wishes to make purchases from Merchants through the Payment Processing Services;
“Data Protection Legislation” means all applicable data protection and privacy legislation in force from time to time in the Data Protection Act (Act No. 502 of 23 May 2018) and the General Data Protection Regulation (Regulation (EU) 2016/679 - GDPR);
“Daily Transaction Limit” means the daily limits set out in Schedule C as they may be varied from time to time;
“Deposit” means the sum of money collected by Processor on behalf of the Merchant, minus fees and any monies payable to the Processor such as Fraud Costs, Chargebacks, frauds, refunds and/or taxes;
“Disconnect or Disconnection” means the disconnection of the Merchant from the Payment Processing Services;
“Disconnection Date” means the date the Merchant is Disconnected;
“DP Addendum” means the data protection addendum included in these Terms;
“Effective Date” means the date in the first page of these Terms;
“Force Majeure” means any event or circumstance beyond the reasonable control of a Party including but not limited to pandemics, acts of God, storm, earthquake, fire, flood, war, industrial action, vandalism, non-availability of any part of a communications network, governmental action, inclement weather conditions, atmospheric conditions and other causes of radio interference, failure or shortage of power or fuel supplies, the acts or omissions or service failures of communications operators or internet service providers or third parties;
“Fraud Costs” are any circumstance in which a Customer acts irregularly, illegally or in a fraudulent manner using any way, either directly or indirectly by the Merchants or the Merchant’s services or products;
“Intellectual Property Rights” means patents, rights to inventions, copyright and related rights, trademarks, trade names and domain names, rights in get-up, goodwill and the right to sue for passing off, unfair competition rights, rights in designs, rights in computer software, database rights, topography rights, rights to preserve the confidentiality of information (including know-how and trade secrets) and any other intellectual property rights, in each case whether registered or unregistered and including all applications (or rights to apply) for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world;
“Merchant Bank Account” means the Merchant’s bank account as notified to the Processor in writing from time to time, for the avoidance of doubt the Merchant bank account must be in the same name as the Merchant;
“Merchant Panel” means the virtual, secured account and related back office maintained by Processor and operated by the Merchant, for the recording of all credits (incoming Merchant funds or Customer deposit payments to Merchant) and debits (outgoing payments/Payouts), and access of Transaction Data and reports for Merchant;
“Monthly Deposit Payback” has the meaning specified in Clause 11.11.1.c);
“Net Transaction Value” means the sum of the Authorized Transactions less the applicable Service Fees;
“Notified Party” has the meaning specified in Clause 10.7;
“Notifying Party” has the meaning specified in Clause 10.7;
“One Touch” Payment Service provided to Customers, who may pay the Merchant with balance accumulated in One Touch;
“Payment Processing Services” means the payment processing services provided by the Processor pursuant to this Agreement, including (but not limited to): (i) One Touch services, (ii) the processing of Payouts either through Customer’s Bank Accounts or other payment methods provided by the Processor;
“Payouts” means the amount transferred by the Processor to a Customer’s Bank Account, debit card or credit card as may apply, by the instruction of the Merchant as defined below;
“Payout Fee” means the fee deducted by the Processor to the Merchant based on the sum of all the effective Payouts made;
“Refund” means a reversal of all or part of a Transaction where the Account Holder or the Cardholder is refunded with the value of all or part of the Transaction less the Transaction Fee (and the refunded amount shall mean the refunded amount plus associated bank charges);
“Rolling Reserve” means a 10% of the Net Transaction Value which shall be calculated monthly based on previous six-month Transactions. All funds that are retained by the Processor and, once the six-month period has elapsed, shall be returned to the Merchant in the current month;
“Secret Key” has the meaning specified in Schedule B;
“Service Fees” has the meaning ascribed to it in Schedule A;
“Settleable Balance” has the meaning specified in Clause 6.2.1;
“Settlement” means the money transfer from the Processor to the Merchant of all or part of the Settleable Balance that was requested or executed in accordance with Clause 6.2.2;
“Small Transfer Fees” has the meaning ascribed to it in Schedule A;
“Taxes” has the meaning ascribed to it in Clause 6.3;
“Term” means the Initial Term and any subsequent Renewal Term as defined in Clause 11.1;
“Termination Date” means the date of termination of the Agreement;
“Territory” means the list of territories set out in Schedule D;
“Transaction” means: (i) a payment made by a Customer using the Payment Processing Services; or (ii) a Payout, as the case may be, in the context of a contract for the sale of products and/or services entered into between the relevant Merchant and a Customer;
“Transaction Fee” has the meaning ascribed to it in Schedule A; and
“Usable Balance” means the current account balance for which the Availability Date has not yet elapsed.
  1. Appointment of the Processor 
    1. The Merchant appoints and retains the Processor as its non-exclusive provider of Payment Processing Services in the Territory with respect to its Customers.
      • The Processor shall assume the obligation to meet the financial obligations arising from the proper use of the payment processing methods in accordance with these Terms.
    2. The Processor hereby grants the Merchant a royalty free, non-exclusive, non-transferable right for the Term and for the purposes of this Agreement to use the Payment Processing Services for the benefit of its Customer
    3. The Merchant shall not: 
      1. accept payment from an individual which has not passed highest standards in relation to KYC rules and AML regulations; and/or
      2. sub-license the use of the Payment Processing Services to any person or third party (other than its Customers).
  2. Duties of Merchant
     
    1. The Merchant agrees to accept the Payment Processing Services for its online sales to its Customers in the Territory. This means that, at the moment to start executing this Agreement the Merchant shall be in a position to be able accept the Payment Processing Services. 
    2. The Merchant accepts and acknowledges that the Processor will not enable the Merchant to accept transactions from Payment Processing Services, until the pay-out solution is operative and ready to be offered to the Merchant’s Customers.
    3. The Merchant shall at all times hold the licenses, permissions and clearances necessary to conduct its business in all jurisdictions in which it operates and shall not be in breach of any Applicable Legislation whilst providing the Merchants’ products and services in the Territory.
    4. The Merchant shall sell the products and services to persons paying by the Payment Processing Services at the same price and conditions as the Merchant does for Customers using other means of payment. For the avoidance of doubts, Customers using payment methods supplied by the Processor shall not be subject to any commission or surcharge of any type resulting in a higher price to be paid by them in comparison with other means of payment offered by third parties.
    5. Payment using the Payment Processing Services may only be accepted for the purpose of paying for the Merchant’s products and services where there is a direct contractual relationship between the Merchant and the Account Holder or Cardholder.  
    6. Merchant agrees to fully and timely cooperate with and assist the Processor to address any issues affecting the Payment Processing Service where cooperation or assistance from the Processor is reasonably required.
    7. The Merchant shall not be entitled to:  
      1. accept payment by Payment Processing Services for the sale of services or products which are to be performed or delivered by a third party; 
      2. accept payment or offer Payouts by Payment Processing Services, for services or products which are outside the Merchant’s ordinary course of business;
      3. accept payment made by Payment Processing Services where such payment would breach the Daily Transaction Limit;
      4. accept payment by Payment Processing Services for a loan or an extension of a loan or any other financial services; or
      5. accept payment or offer Payouts by Payment Processing Services for illegal or unlawful products or services which, without limitation, involve or are connected to pharma obscene, pornographic, unlawful, or to instructions on the production of weapons or explosives. Any exception therefrom shall require the prior written consent of the Processor which is at the discretion of the Processor and only given if the relevant product or service is not unlawful or immoral.
    8. For the avoidance of doubt, the Processor makes no warranties nor representation as to the goods and/or services provided by the Merchant.
    9. The Processor shall be entitled to refer to, identify and quote the Merchant in the Processor’s press releases, websites, and other marketing materials for the purposes of identifying the Merchant as a customer of the Processor. The Processor shall be entitled for these purposes to use the Merchant’s trading names and logos for these purposes subject to compliance by the Processor with any brand guidelines that are provided by the Merchant to the Processor. 
  3. Duties of the Processor
    1. During the Term of this Agreement, subject to the terms and conditions of this Agreement, the Processor shall provide the Payment Processing Services for Transactions to allow the Merchant to accept payments from Customers using the Payment Processing Services.
    2. The Processor shall provide such Payment Processing Services according to good industry practices. The Processor shall use its reasonable efforts to perform its obligations in a timely, and efficient manner.
    3. The Processor shall at all times hold all necessary permits, permissions and licenses (whether of a statutory, regulatory, contractual or other kind) necessary to perform the Payment Processing Services.
    4. In the performance of its duties hereunder, the Processor shall be an independent contractor, and not an employee or agent of the Merchant nor vice versa.
    5. Provision of Management Reports
      1. The Processor shall provide the Merchant with (i) online access on a 24/7 basis to reports with respect to Transactions; and (ii) daily detail of all its relevant activity, including: (a) all payment notifications served by the Merchant confirming that a payment has been made; (b) any charges deducted; (c) the current balance owed to Merchant; (d) the history of all transfers to Merchant; and (e) any Payouts.
      2. Such reports and all other reports that qualify as Confidential Information      and shall be retained by the Processor in accordance with applicable regulations and, in any event, shall be retained in a readable form for not less than three (3) years after the relevant payment was made.
      3. The Processor will supply login credentials to the Merchant to all relevant online administrative tools supplied by the Processor as part of the Payment Processing Services and the Merchant shall be solely responsible for keeping such logging credentials secure and confidential.
    6. Account or Cardholder Complaints
      1. In the event that the Processor receives a complaint from an Account or a Cardholder, the Processor shall as soon as reasonably practicable refer the complaint to the Merchant where such complaint is in respect of products or services provided or to be provided by the Merchant.
      2. The Merchant shall indemnify in full and hold the Processor, its affiliates, subsidiaries, officers, agents, partners, employees and licensors harmless from and against any and all claims, actions and proceedings made or brought by any third party (including by the Customers) and against all liabilities, losses, costs, damages (including legal costs as part of a pre-litigation and settlement process or otherwise), and expenses incurred by the Processor, arising out of or related to: (i) the products or services provided or to be provided by the Merchant to its Customers (including without limitation in relation to the delivery of these services or products to the Customers); or (ii) any breach by the Merchant of its relevant end user terms and conditions.
    7. Fair Competition: The Merchant declares under oath that all payment services providers operating with Merchant in the same territories as the Processor will be subject to the same scrutiny and legal standards as those imposed to the Processor by the Merchant.
    8. Support
      1. Subject to receiving reasonable and timely cooperation and assistance from the Merchant, the Processor shall use its reasonable efforts to resolve any technical or other problem that is raised by the Merchant regarding the Payment Processing Services. The Processor shall use commercially reasonable endeavours to provide reliable and regular technical support to the Merchant via email 24 (twenty-four) hours a day, 7 (seven) days a week.
      2. The Merchant hereby expressly agrees that it will provide timely assistance to its Customers and use all reasonable endeavours to resolve any technical or other problem raised by its Customers quickly, amicably and in good faith.
      3. In order for the Merchant to provide duly assistance to its Customers, the Merchant may request 10 (ten) hours of training for its support team from the Processor. The first 10 (ten) hours of training will be free of charge and provided by the Processor to the Merchant on reasonable request at reasonable hours/dates to be agreed between the parties, every extra hour will be charged at a fee of EUR 300.
  4. Fraud Prevention; Compliance
    1. The Merchant acknowledges that the use of Payment Processing Services in online sales involves a particularly high risk of abuse and that thus it is imperative that the highest standard measures for preventing abuse are taken by the Merchant.
    2. The Merchant shall have and maintain in place throughout the Term of this Agreement adequate policies and procedures (and where applicable carry out credit checks) to prevent fraudulent abuse, enforcing them where appropriate and coordinating to that extent with the Processor in order to avoid that such events will materially adversely affect the Processor and its business, as well as any actual or attempted Transaction hereunder. Merchant shall immediately inform the Processor of any actual or attempted fraud, misuse, irregularity, or other suspicious activity upon Processor’s Payment Processing Services. Further, Merchant shall provide the Processor with corresponding documentation, including the non-identifiable user number associated with a suspected fraudster or suspicious Transaction and/or, subject to any legal requirements, any other relevant information that the Merchant is aware of.
    3. Where applicable, the Merchant shall use all special security processes reasonably introduced by the Processor to prevent abuse in any Transactions. The Merchant shall take such further anti-abuse measures that the Processor, at its reasonable discretion, deems necessary.  For the avoidance of doubt, the Merchant shall bear the costs for implementing and using such processes. While Processor may make certain recommendations or impose certain requirements with respect to the reduction of fraud or improvement of security, Processor shall not be liable for any failures of any of them all of which liability rests with the Merchant.
    4. The Merchant shall not accept payment by Payment Processing Services if, due to the circumstances in which these are being used, the Merchant has reasons to assume that the use of the Payment Processing Services was fraudulent. In the event that Merchant’s internal systems and procedures detect a user of Payment Processing Services or a Transaction with high risk of fraud, the Merchant shall promptly either: (i) decline the proposed Transaction; or (ii) reverse the Transaction; in either case the Merchant shall provide the Processor with immediate notice that the proposed Transaction has been declined and/or the reversal of the Transaction.
    5. The Processor shall not be responsible whether in contract, tort (including negligence), for breach of statutory duty, or otherwise for payments disputed by Customers or the Merchant if those payments or Payouts acknowledged by the Merchant were in conflict with the terms of this Agreement and or with the Merchant’s relevant end user terms.
    6. The Merchant shall be responsible for marketing Payment Processing Services at all times in compliance with applicable law and shall ensure that it is used only by persons of legal age in the territory where Payment Processing Services are being provided. Nevertheless, when in the marketing content, any mention directly or indirectly to the Processor is raised, the prior written approval of the Processor shall be requested.
    7. The Merchant accepts and acknowledges that Processor will not be obliged to perform a Settlement in the terms of the Clause 6 below until the Merchant has (i) provided its KYC documentation to Processor’s full satisfaction and/or (ii) updated its KYC documentation to Processor’s full satisfaction upon Processor’s request or when Merchant reasonably deems necessary according to industry practices.
    8. In any case, Merchant carries exclusive responsibility for Transactions, Refunds and all related disputes, such as any damages, costs, liabilities, disputes, loss of chance, reputational losses, or any other reparation applicable, caused by actions or omissions either directly or indirectly from the Merchant in relation to this agreement.
    9. If the Merchant offers Payouts in conflict with this Agreement and/or with the Merchant`s relevant end user terms, Processor will not be responsible for any payments disputed by a customer or any damage caused by these Transactions nor any other fine, or responsibility whatsoever due to the non-compliance of the Merchant of the maximum standards of the processed industry.
  5. Payments to Merchant and Merchant Deposits
    1. Merchant Deposits:
      1. The Processor reserves the right to retain, at any time, the Rolling Reserve or the Usable Balance and Settleable Balance of the Merchant to cover Refunds, Fraud Costs, Chargebacks, Payouts connected to the Merchant.
      2. In the event that the Processor decides to retain any of the abovementioned from the Merchant, the Processor will notify the Merchant through the Merchant Panel.
      3. The Rolling Reserve of the Merchant may be updated at any time upon notification in writing by the Processor to the Merchant through the Merchant Panel.
      4. The Processor shall be entitled to apply the Rolling Reserve, Usable Balance and or Settleable Balance to cover any Refunds, Fraud Costs, Chargebacks and Payouts connected to the Merchant. The Processor shall be entitled to retain further amounts from the Net Transaction Value to replenish the amounts of the Rolling Reserve applied to cover such liabilities.
    2. Payment terms:
      1. The Net Transaction Value (less any Refunds, Payouts, Fraud Costs, Chargebacks and Deposits where applicable and any other amounts deductible from the Net Transaction Value under the Agreement) will be available for payment to the Merchant on or after the Availability Date (the “Settleable Balance”).
      2. Upon the Merchant’s request throughout the Merchant Panel, the Processor will pay to the Merchant all or part of the Settable Balance, as requested by the Merchant, in accordance with Clause 6.2.3.
      3. Subject to Clause 6.2.4, all payments shall be made to the Merchant’s Bank account by bank wire transfer in Euros on the next Business Day after receiving a request from the Merchant (requesting payment of all or part of the Settleable Balance) to a bank account authorized and approved by Processor, the bank account must be of the Merchant directly and no subsidiary or third party.
      4. Any and all payments made by Processor may be made from whichever bank account Processor deems appropriate, whether it is under its own name or an affiliate, subsidiary, or any other third party.
      5. Notwithstanding the foregoing, in the event any funds due to the Merchant are seized or made unavailable by an action of a law enforcement body, regulator or other third party, the Processor shall use reasonable efforts, at the Merchant’s expense, to assist the Merchant in securing release of such funds as soon as possible.
      6. The Merchant shall be responsible for the payment of any and all applicable sales or other taxes due upon the Transactions.
      7. The Merchant shall as soon as practicable, verify the correctness and completeness of the payments and statements of account by the Processor. Complaints and objections about these may only be made in writing within a strict time limit of 8 (eight) weeks after the Merchant receives the payment or statement of account.  
      8. Payment of Payouts: in the event that a Customer requests a Payout and the Processor has authorized the Merchant to offer Payouts, the Merchant shall request the Processor to issue the Payout (in the manner specified by the Processor). The Processor will show to the Customer (and where applicable to the Merchant) the Payout amount converted into the applicable local currency (only as backup information). The Payout Fee (whenever applicable) will always be credited or deducted accordingly in EUR. The Processor will send the Payout to the Customer (in the applicable local currency) within 3 (three) Business Days from the Merchant’s request.
    3. Taxes:
      1. The sole responsible party for any or all applicable national, state, or local sales, charges, use, value-added, or income withholding taxes (“Tax/Taxes”), related to payments made by the Processor under this Agreement is the Merchant. The Processor shall not assume any extra cost in this regard, including any penalty, interest, or other additional thereto. The Merchant shall indemnify the Processor and hold it harmless from and against all claims, damages, losses, costs, and expenses, including reasonable fees and expenses of attorneys and other professionals, in connection to any obligation imposed on the Processor to pay any Tax in respect to payments due under this Agreement.
      2. If the Processor is required by Applicable Law to collect or make a deduction or withholding of any Tax to perform any payment due under this Agreement, it will make the payment net of such Tax. In this event, the Processor shall make its best efforts to collaborate with the Merchant to recover such Tax, only if this is legally feasible and applicable, provided that the Merchant previously provides the Processor with the necessary funds to cover all the costs and expenses required for the respective measures.
  6. Processor’s Service Fees 
    1. The Merchant shall pay the Processor the Service Fee as set out in Schedule A. 
    2. The Parties specifically agree that section 96 (i.e. limitations on redemption fees) of the Danish Payments Act does not apply.
    3. The Merchant authorizes the Processor to deduct the Service Fees from the payments to be made to the Merchant. If, however, there are insufficient funds for settlement to pay Fees, the Merchant shall pay the Fees by wire transfer to the Processor no later than two (2) business days following the Transactions to which they apply. In case of delay in payment, Merchant will be charged the maximum legal interest per day of delay in payment.
    4. The Processor may change the Service Fees by providing fifteen (15) day prior notice to the Merchant. The Processor will notify the Merchant in accordance with Clause 21 (Notice). Any new Service Fees shall be applicable to the Merchant after the fifteen (15) day period has elapsed from notification or at such later date as may be specified by the Processor in a notice to the Merchant. Where the Service Fees change is a direct result of an increase in third party costs related to Payment Processing Services (e.g. an increase in payment network interchange costs), the Processor may, at its discretion, amend the Service Fees accordingly immediately upon notification to the Merchant. 
    5. Merchant agrees that it will reimburse the Processor for the amount of any Refunds, Fraud Costs, Chargebacks, Payouts, and any other cost incurred in the provision of the Services (including but not limited to fx costs); and that the Processor is entitled to deduct such Refunds, Fraud Costs, Fx costs and Payouts, plus any other amounts deductible from the Net Transaction Value under the Agreement, from the payments to be made to the Merchant.  
  7. Merchant’s Authorization Request 
    1. The Merchant shall complete an Authorization Request prior to accepting any payment through the Payment Processing Services. The Authorization Request shall be made by transmitting the Authorization Data of the relevant proposed Transaction to the Processor, which shall meet the requirements specified by the Processor as regards content, format and communication channel.
    2. The Authorization Data shall include:
      1. the Merchant’s internet address;
      2. Merchant’s Credentials (as per article 4.5.3 of this Agreement);
      3. the amount of the proposed Transaction;
      4. the identification number of the proposed Transaction; and
      5. such additional information arising from the API documentation defined by the Processor.
    3. The Processor shall verify the Merchant’s Authorization Request for the proposed Transaction to be processed and if satisfactory, the Processor shall communicate an Authorization Code to the Merchant.
    4. Merchant shall not accept payment through Payment Processing Services for a proposed Transaction unless it has received an Authorization Code from the Processor.
    5. A Transaction will only be considered to be an Authorized Transaction where all of the following requirements are met: 
      1. the Transaction originated from one of the Merchant’s Authorized IP addresses;
      2. the Merchant has complied with the requirements set out in this Clause 8;
      3. the payment instruction by the Account Holder or the Cardholder has been given using the communication channel specified by the Processor;  
      4. the Payment Processing Services was valid according to purchaser statements;
      5. the sales are denominated in Euros or any other agreed currency;
      6. neither the account held by Account Holder or the Cardholder, has not been declared as invalid, and is not included in a blacklist or any other communication to the Merchant;
      7. the Cardholder has successfully passed the Merchant’s credit checks (where applicable);
      8. where an obligatory special security process has been introduced, payment by the Payment Processing Services shall only be admitted if the Merchant has instituted this process;  
      9. the Merchant has provided the Account Holder or the Cardholder with a complete, correct and legible description of its offered products and/or services or has made it easily accessible to him or her;  
      10. the Merchant shall include the following disclaimer on its webpage:
        DISCLAIMER (MERCHANT’S WEBSITE)
        We (the “Merchant”) expressly recognize and will communicate to our Customers that neither the Processor, nor any of its affiliates nor any of its brands, have made or will make any warranty nor representation as to the goods and/or services provided by us and that the Processor and its affiliates shall not be liable whether in contract, tort (including negligence), for breach of statutory duty, or otherwise for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising out of, or in connection with the products and/or services Merchant provides. Moreover, regarding our business relation with the Processor, we hereby declare their activities are exclusively those related to Payment Processing.”
      11. The Merchant has submitted or made easily accessible its general terms and conditions of business to the Account Holder or the Cardholder in such a way that the Account Holder or the Cardholder can become aware of any material conditions, including the right to revocation or redemption, any export or age restrictions, other restrictions in relation to the use or purchase and any other material circumstances which are reasonably necessary to make a reasonable decision on the proposed purchase or Cash Out;
      12. the Merchant has issued an order confirmation and/or invoice for the Transaction in writing or by e-mail to the Account Holder or to the Cardholder, indicating that the Account Holder or the Cardholder will be debited (in the case of a purchase of goods or services) or credited (in the case of a Payout); any other sensitive information, shall not appear in this confirmation for security reasons;
      13. the Payout is transferred to a valid Customer’s Bank Account linked to the relevant Customer; and
      14. the Transaction was processed accordance to the terms of this Agreement.
  8. Submission of Transactions
    1. Transactions will be initiated pursuant to the Account Holder or Cardholder’s request and Merchant agreement to such request, communicated via Merchant’s internet site.
  9. Electronic Transmission
    1. Unless otherwise agreed, only electronic transmission shall be used for the Authorization and submission of Transactions.  
    2. In order for the Processor to provide the Payment Processing Services, the Parties shall develop and implement a connection either through a direct connection or secure connection resulting in a reliable and secure network communication facility to support the platform interface. The Merchant shall cooperate and assist the Processor timely to implement this connection.  Each Party shall assume responsibility for the costs of any required telecommunication equipment on its respective end of the communication facility.
    3. The Merchant shall bear the costs (including the telecommunication costs) and the risk of malfunctions of the electronic transmission. The Merchant shall be responsible for continuously ensuring that its apparatus, networks, data carriers or other equipment used for data transmission are in a good working order.  
    4. The Merchant shall ensure that it is not possible to abuse the Account Holder Data, the Cardholder Data or the electronic transmission, e.g. by manipulation of the data input, within its personnel area or on its premises, including the persons commissioned by it (e.g. internet provider). When entering data, the manufacturer’s operating instructions shall be strictly observed.  Should the Merchant become aware of any abuse of the electronic transmission, it shall inform the Processor immediately.  
    5. Each Party shall inform the other in writing of the list of approved IP addresses for the Transactions.  Any change to the list of accepted valid IP addresses shall be notified at least 7 (seven) days in advance.  
    6. The Processor shall notify Merchant of any changes in its Secret Key.  Any change to the Secret Key shall be notified at least 7 (seven) days in advance. Transactions signed by an out-of-date key shall be deemed invalid.  
    7. In the event that either the Processor or Merchant detects a security breach to one of its servers (the “Notifying Party”), it shall immediately notify the other Party (the “Notified Party”), using the contacts listed under Clause 21.The notification shall include the list of affected IP address(es) and/or keys. The Notifying Party shall be responsible for all Transactions executed until 6 (six) hours after the security breach has been notified to the Notified Party. After that period, it is up to the Notified Party to reject all Transactions originated from the affected IP address(es) and/or signed with the affected keys.‍
  10. Term and Termination
    1. This Agreement shall commence on the Effective Date and continue for an initial period of 24 (twenty-four) months (the “Initial Term”) with automatic 24 (twenty-four) months periods of renewal thereafter (the “Renewal Terms”), unless otherwise terminated pursuant to the terms hereof.
    2. In addition to any rights of termination provided hereunder: (i) the Processor may terminate this agreement with immediate effect without cause by giving written notice to the Merchant; (ii) any Party may terminate this Agreement at any time without cause upon 30 (thirty) calendar days prior written notice; and (iii) either Party may terminate this Agreement immediately should the other Party remains in breach of a material provision of this Agreement for more than 10 (ten) Business Days following notice thereof unless during the notice period the breach is cured to the Parties’ mutual satisfaction.
    3. If any case or proceeding is commenced by or against the Processor under any law dealing with insolvency, bankruptcy, receivership or other debt relief, the Processor shall immediately notify the Merchant in writing and, this Agreement shall terminate upon the Merchant’s notice in writing. Any Net Transaction Value due to Merchant shall accelerate and become immediately due and payable, without the necessity of any notice, declaration or other act whatsoever by the Merchant and the Processor is entitled to deduct from the Net Transaction Value any Refunds, Payouts, Fraud Costs, Chargebacks, Deposits and, any other amounts deductible from the Net Transaction Value under the Agreement).
    4. If the Merchant ceases trading online, or ceases providing the services associated to the Payment Processing Services or if any case or proceeding is commenced by or against a Merchant under any law dealing with insolvency, bankruptcy, receivership or other debt relief, the Merchant shall immediately notify the Processor in writing and the Processor shall, at its sole discretion, be entitled to terminate this Agreement immediately. Any Service Fees or any other amounts payable to the Processor under the Agreement in connection with the Merchant, shall accelerate and become immediately due and payable (without the necessity of any notice, declaration or other act whatsoever by the Processor). 
    5. Where the Processor believes Merchant is acting illegally or not in compliance with the requirements set-out in this Agreement, the Processor shall, at its sole discretion, be entitled to terminate this Agreement immediately, or suspend or Disconnect the Payment Processing Services to the Merchant (and its Customers) until such time as the Merchant satisfies the Processor that it is in compliance with its obligations.
    6. If the breach is in respect of the Merchant’s duties established in Clause 3 and in light of the difficulties in estimating the damages for an early termination due to Merchant’s breach, the Parties hereby agree that a sum of EUR 500,000 shall be applied to the Merchant by the Processor as liquidated damages, in addition to the rights of terminate the Agreement. Liquidated damages are not intended to be a penalty and are solely intended to compensate for damages.
    7. The Processor may stop providing all or part of the Payment Processing Services in a specific country within the Territory, pursuant to any regulatory demand, requirement or directive within this country for the cessation of the provision of all or part of the Payment Processing Services or in connection with specific products or services sold by the Merchant (the “Affected Services”). In the event of receipt of such notice, the Processor shall notify the Merchant as soon as reasonably practicable of such demand, requirement or directive. Upon 14 (fourteen) calendar days of the Processor’s notice, the Agreement will be terminated by the Processor as it relates to the Affected Services and Clauses 11.9 to 11.12 below will apply to such termination. For the avoidance of doubt, the Agreement will remain in force for the remaining Services and countries of the Territory, not affected by the regulatory changes referred to in the paragraph above.
    8. The Processor may terminate this Agreement with immediate effect, as it relates to a specific country within the Territory, pursuant to any regulatory demand, requirement or directive within this country for the cessation of Payment Processing Service for all or part of the products or services sold by the Merchant (the “Affected Country”).  In the event of receipt of such notice, the Processor shall immediately notify Merchant of such demand, requirement or directive. Upon giving 14 (fourteen) days written notice to the Merchant, the Agreement will be terminated by the Processor as it relates to the Affected Country and Clauses 11.9 to 11.12 will apply to such termination. For the avoidance of doubt, the Agreement will remain in force for the remaining countries of the Territory not affected by the regulatory changes referred to in the paragraph above. 
    9. Within 180 (one hundred and eighty) days from termination the Processor shall pay the Merchant the Net Transaction Value less any Refunds, Chargebacks, FX costs, and Fraud Costs for the period between when Settlement was last made to Merchant pursuant to Clause 6.2 above up until the effective date of termination as shall be communicated to Merchant by the Processor. 
    10. Termination shall not affect any legal rights or obligations that may already have arisen under this Agreement at the date of termination.
    11. Where the Agreement terminates, or the Merchant is Disconnected then:
      1. In circumstances where the termination of the Agreement or the Disconnection is pursuant to Clause 11.4 then the Processor shall:
        1. retain the Deposit for a period of 6 (six) months from the Termination Date or from the Disconnection Date (as applicable); 
        2. be entitled to apply such Net Transaction Value to cover any Fraud Costs, Payouts, Chargebacks and Refunds; and 
        3. pay to the Merchant, at the end of the 6 (six) months period referred to in Clause a), any remaining Deposit (not applied to cover any Fraud Costs Chargebacks or Refunds).
      2. In circumstances where the termination of the Agreement or the Disconnection is not pursuant to Clause 11.4 then the Processor shall:
        1. retain the 6 (six) month Deposit from the Disconnection Date or from the Termination Date and release it in accordance with Clause c) below; 
        2. be entitled to apply the 6 (six) month Deposit to cover any Fraud Costs or Refunds; and
        3. successively release 1 (one) month of the 6 (six) month Rolling Reserve to the Merchant at the end of each month (the “Monthly Deposit Payback”), starting from the end of the month following the Disconnection Date or Termination Date (less any amounts of the Deposit applied to cover Fraud Costs and Chargebacks, Refunds). In the event that the Fraud Costs and the Chargebacks, Refunds are higher than the Monthly Deposit Payback in any month, the remaining Fraud Costs and Refunds shall be deducted from the following Monthly Deposit Payback along with any new Fraud Costs, Chargebacks and Refunds.
        4. be entitled to retain any Merchant´s funds up to the end of any legal, administrative procedure initiated against the Merchant, its affiliates, subsidiaries, officers, agents, partners, suppliers, employees, sub-contractors and licensors caused or related directly or indirectly, to the Merchant´s activity. Processor may apply those funds to any cost or damage suffered itself, its affiliates, subsidiaries, officers, agents, partners, suppliers, employees, sub-contractors and licensors evidencing to Merchant proof of such costs or damages paid and then release remaining funds if any.
    12. Upon termination of the Agreement:
      1. licenses granted pursuant to this Agreement shall immediately terminate and the Processor shall be entitled to immediately remove the Merchant (and its Customers) from the Payment Processing Services; and
      2. Clauses that are necessary for the enforcement or interpretation of this Agreement shall survive, which shall include Clauses relating to confidentiality and protection of Intellectual Property Rights.
  11. Exclusion and Limitation of Liability 
    1. Nothing in this Agreement shall exclude or restrict either Party’s liability for death, personal injury, fraudulent misrepresentation or fraud or any other liability that cannot be excluded or limited by law.
    2. Subject to Clause 12.1 above, in no event shall the Processor be liable for any loss of revenue, loss of actual or anticipated profits, loss of the use of money, loss of business, loss or corruption of data, loss of operating time or loss of use, loss of opportunity, loss of goodwill, or any other indirect or consequential loss or damage however caused.  The Processor shall not be liable for any loss sustained by Merchant arising from a Transaction made in breach of Clause 3.7 and Merchant shall be responsible for any fines or penalties to the extent arising from such Transaction that are levied by a bank or applicable regulatory authority, provided that such fines or penalties are not attributable to a breach of this Agreement by the Processor, that the Processor notifies the Merchant of such fines or penalties as soon as it becomes aware that they may be imposed and that the Processor has taken reasonable measures within its control that are necessary to mitigate the extent of any such exposure. Further in any case in which the Processor deems appropriate, either for Fraud, penalties or any other cause, the Processor may freeze and retain the funds of the Merchants until said matters are clarified. In case any penalty, or Fraud occurs the Processor is hereby authorized to set off the Merchant’s Funds against such costs or damages.
    3. Subject to this Clause 12, the total aggregate liability of the Processor to the Merchant under or in connection with this Agreement, whether arising from tort (including negligence), breach of contract, or otherwise, shall not exceed in aggregate an amount equal to the lower of: (i) the 100% (hundred per cent) of the Service Fees paid by the Merchant during the 12 (twelve) months preceding the event or circumstances giving rise to such liability; or (ii) EUR 250,000.
    4. For the purposes of this Clause, the Processor includes its employees, sub-contractors and licensors. 
    5. The Processor shall not be liable for any failure to meet its obligations under this Agreement to the extent that such failure arises from a failure of the Merchant to meet any of its obligations arising under this Agreement or otherwise.
    6. To the maximum extent permitted by law, the Processor shall not be liable whether in contract, tort (including negligence), for breach of statutory duty, or otherwise:
      1. for any payments in excess of the Daily Transaction Limit; or
      2. for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising out of, or in connection with the contract between the Merchant and the Customer regarding the sale of goods and/or services of the Merchant.
  12. Indemnities
    1. Subject to Clauses 12.2 and 12.6, the Processor shall defend and hold harmless the Merchant, its officers and directors against any and all third party claims resulting from any breach by the Processor of any of its representations and warranties in this Agreement.
    2. The Merchant shall defend and hold harmless the Processor, its officers and directors against any and all claims resulting from any breach by the Merchant of any of its representations and warranties in this Agreement.‍
  13. Representations, Warranties and Covenants
    1. Both Parties represent, warrant and undertake to the other that:
      1. they have the full right, power, legal capacity and authority to perform their obligations under this Agreement; 
      2. by entering into this Agreement, it will not conflict with, or breach the terms, conditions or provisions of, or default under any other agreement to which it is a party;
      3. there is no action, suit or proceeding at law or in equity now pending or, to their knowledge, threatened by or against or affecting them which would substantially impair their right to carry on their business as contemplated herein or adversely affect their financial condition or operations;
      4. they have and shall continue to comply with relevant Data Protection Legislation in relation to all Account Holder Data and Cardholder Data which is personal data (including any sensitive personal data); 
      5. they will undertake their obligations pursuant to this Agreement with all reasonable skill, care and diligence and in accordance with the provisions of this Agreement; and  
      6. The Merchant represents, warrants and covenants that it shall at all times during the Term hold all necessary permissions licenses and clearances in connection with the provision of its services in any applicable jurisdiction.
  14. Non-Compliance
    1. The Merchant shall be responsible and shall reimburse the Processor for any non-compliance fines, fees or penalties levied by any Card Association (or any other relevant body or authority) or otherwise related to the Transactions, and the Processor is entitled to deduct such fines, fees or penalties from the Rolling Reserve or the Net Transaction Value provided that the Merchant shall not be responsible for such penalties to the extent that: (i) the Processor required that the Merchant take the actions specifically and directly resulting in the non-compliant activity giving rise to the penalties; or (ii) the Merchant has taken all steps necessary to ensure that the Transaction complies with the Card Association (or any other relevant body or authority) by laws and rules and the non-compliance giving rise to the penalties directly results from the Bank’s processing error.‍
  15. Entire Agreement
    1. This Agreement sets out the entire agreement and understanding between the Parties in relation to the subject matter of this Agreement and no Party has entered into this Agreement in reliance upon any representation, warranty or undertaking which is not set out, or referred to, in this Agreement.
    2. This Agreement replaces, supersedes and overrides any previous agreements or understandings, written or oral, between the Parties and/or any other company related to the Payment Processing Services provided in this Agreement.
  16. Assignment
    1. The Processor may, from time to time, transfer, novate or assign any of its rights and/or obligations under this Agreement, including partial or total assignment, to any of its affiliate companies upon prior written notice to the Merchant. If any assignment, disposal, novation or transfer be required, the Merchant shall enter into such an agreement and/or a deed as the Processor shall reasonably require so as to give effect to such an assignment, disposal or novation.
    2. The Merchant may not, and may not purport to, assign, transfer, novate, charge or part with all or any of its rights and/or obligations under this Agreement or sub-contract the performance of any of its obligations under this Agreement without the prior written consent of the Processor.
  17. Confidentiality
    1. All Confidential Information communicated by one Party (the “Disclosing Party”) to the other Party (the “Receiving Party”), whether before or after the Effective Date, shall be, and shall be deemed to have been, received in strict confidence and shall be used only for the Agreement. Without obtaining the prior written consent of the Disclosing Party, the Receiving Party shall not disclose any such Confidential Information received from the Disclosing Party.  Confidential Information will not include any information that: (a) is already in the possession of the Receiving Party without being subject to another confidentiality agreement; (b) is or becomes generally available to the public other than as a result, directly or indirectly, of a disclosure of information by the receiving party or by other persons to whom such Party disclosed information; (c) is or becomes available to the Receiving Party on a non-confidential basis from a source other than the Disclosing Party or its representatives, provided that such source is not bound by a confidentiality agreement with the Disclosing Party; (d) is independently developed by the Receiving Party without the use of the other Party’s information; (e) is required to be disclosed pursuant to a Court order or arbitration proceeding conducted in accordance with this Agreement; or (f) is required to be disclosed pursuant to a requirement of any governmental authority or any statute, rule or regulation, provided that such Party gives the Disclosing Party notice of such requirement prior to any such disclosure.  For the avoidance of doubt, Confidential Information shall include the existence and content of this Agreement.
    2. However, the Merchant hereby agrees that the Processor may disclose any information concerning this Agreement such as process volumes, fees, amongst others, to any of its subsidiaries or group companies or any other bank or company if it is necessary to the Processor for the performance of the services under this Agreement.
  18. Non-Circumvent
    1. It is expressly agreed that the Merchant will not seek to by-pass, compete, avoid or circumvent the Processor from any business opportunity that relates to the Payment Processing Services by utilizing Confidential Information or by otherwise exploiting or deriving any beneficial know how or proprietary information shared in the development of their commercial relationship. The Processor shall be able to sue for damages and freeze Merchant’s funds should the covenants in this Clause be violated in any way. The Merchant shall be bound by the covenant set out in this Clause during the term of this Agreement, and for a period of 12 (twelve) months after termination or expiry of this Agreement.
  19. Force Majeure
    1. If any Party is totally or partially prevented or delayed in the performance of any of its obligations under or pursuant to this Agreement by Force Majeure and gives written notice thereof to the other Party specifying the matters constituting Force Majeure and the period for which it is estimated that such prevention or delay will continue, together with such evidence as it reasonably can give, the Party so prevented or delayed shall, subject to the provisions of Clause 19, be excused the performance as from the date of such notice for so long as such cause or delay shall continue.
    2. If any Party gives to the other Party such notice as is referred to in Clause 21.1, both Parties shall attempt so far as reasonably within their power to mitigate the effect of such notice and, in particular, but without limitation, shall endeavor to agree a reasonable and cost-effective solution to the consequences of the matters constituting Force Majeure.
  20. Notice
    1. This Agreement and any other agreements, notices or other communications regarding the Payment Processing Services (the “Communications”), may be provided to or by the Parties by delivering them by hand, express courier, or electronic mail to the contact details indicated in the Merchant Agreement Form and for Larstal Denmark to:
      Larstal Denmark ApS, Frederiksborggade15 3,
      1360 København, Denmark.
      Mail: Support@astropay.com

      Such contact details may be varied by each Party only by notice in writing to the other Party and such change shall take effect at least after 5 (five) Business Days of receipt of such notice.
    2. Clause 21.1 does not affect any provision in any relevant legislation or the Agreement requiring Communications to be delivered in a particular way.
    3. A Notice is deemed to have been received:
      1. if delivered personally, at the time of delivery; 
      2. in the case of e-mail, at the time of being sent;
      3. in the case of express courier 5 (five) Business Days from the date of posting.
    4. Notwithstanding anything to the contrary contained in this Agreement or permitted by the law, no Communications referred to in this Clause 21 shall be deemed effective if mailed by regular post.
    5. A notice given as described above on a day which is not a Business Day (or after normal business hours in the place of receipt) shall be deemed to have been received on the next Business Day.
  21. Waiver
    1. The waiver by either Party of a breach or violation of any provision of this Agreement shall not operate as or be construed to be a waiver of any subsequent breach hereof. The failure to exercise any right or remedy hereunder shall in no way be construed as a waiver or release of the right or remedy.  
  22. Amendments
    1. No amendment shall be made to this Agreement unless in writing and approved by both Parties.
  23. No Intellectual Property Rights Conveyed
    1. Any Intellectual Property Rights which are owned or controlled by either Party prior to the Effective Date or which is acquired by a Party independently of this Agreement shall at all times continue to be owned and/or controlled by the said Party.
    2. During the Term, the Processor hereby grants a limited, non-exclusive, revocable, non-transferable license to the Merchant to display Processor’s trademarks or logos in the Merchant’s internet site strictly for the purposes of this Agreement and during the Term.
    3. The Merchant shall not seek to:
      1. copy, data-mine, cache, reverse engineer, decompile, disassemble or otherwise extract data from the Payment Processing Services, except as otherwise agreed in this Agreement;
      2. obtain or claim any ownership in any software (or in any derivation or improvement) connected to the Payment Processing Services;
      3. write or develop any derivative software or any other software based on the Payment Processing Services utilizing the proprietary and Confidential Information of the Processor or a third-party licensor of the Processor.
  24. Severability
    1. If any one or more of the provisions of this Agreement shall be invalid, illegal or unenforceable in any event the validity, legality and enforceability of the remaining provisions of this Agreement shall not in any way be affected or impaired and shall be valid and enforceable to the fullest extent permitted by law.
  25. Governing Law and Jurisdiction
    1. This agreement and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with it or its subject matter or formation shall be governed by and construed in accordance with the law of Denmark.
    2. Each party irrevocably agrees that the courts of Denmark shall have exclusive jurisdiction to settle any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with this agreement or its subject matter or formation.‍
  26. Partnership
    1. Each of the Parties are  independent contractors.  Nothing in this Agreement shall render a Party a partner, joint venture or an agent of the other.
  27. Third Party Rights
    1. The right of the Parties to terminate, rescind, or agree to any amendment, variation, waiver or settlement under this Agreement is not subject to the consent of any person who is not a Party to this Agreement.‍
  28. English Language
    1. All notices or communications under or in connection with this Agreement shall be in the English language or, if in any other language, accompanied by a translation into English. In the event of any conflict between the English text and the text in any other language, the English text shall prevail.
  29. Miscellaneous
    1. Where the context so admits or requires words denoting the singular include the plural and vice versa and words denoting any gender include all genders. A reference to any Party shall include that Party's personal representatives, successors and permitted assigns. A reference to a statute or statutory provision is a reference to it as amended, extended or re-enacted from time to time. A reference to a statute or statutory provision shall include all subordinate legislation made from time to time under that statute or statutory provision. References to Clauses and Schedules are to the Clauses and Schedules of this Agreement. Where there is a conflict between the Schedules and the main body of this Agreement, the main body of the Agreement shall take precedence unless the relevant Schedule expressly states to the contrary. A reference to a company shall include any company, corporation or other body corporate, wherever and however incorporated or established. A reference to writing or written includes e-mail. Any obligation on a Party not to do something includes an obligation to not to allow that thing to be done.

Data Processing Addendum

  1. Definitions
    The following definitions shall have the following meanings:
“PROCESSOR Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the Processor;
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data, or as otherwise defined in the Data Protection Legislation;
“Merchant Personal Data” means Personal Data of the Merchant’s personnel or its individual end users Processed by the Processor for the purposes of this Agreement;
“Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Merchant Personal Data transmitted, stored or otherwise Processed by the Processor, or as otherwise defined in the Data Protection Legislation;
“Data Subject Request” means, in connection with Personal Data, a request from a Data Subject to exercise any of its rights under the Data Protection Legislation;
“Personal Data” means any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, or as otherwise defined in the Data Protection Legislation;
“Process or Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction, or as otherwise defined in the Data Protection Legislation;
“Data Processor” means the person, entity or body which processes Personal Data on behalf of the Controller, or as otherwise defined in the Data Protection Legislation; and
“Standard Contract Clauses” means the European Commission's Standard Contractual Clauses for the transfer of Personal Data from the European Union to third countries, as adopted pursuant to Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to GDPR third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, which cover the transfer of Personal Data to processors located in a country or territory outside the European Economic Area (the “EEA”) in respect of which the Commission has not made a positive finding of adequacy.
  1. Personal Data Processing
    1. The Merchant and Processor shall comply with Data Protection Legislation when Processing the Merchant Personal Data.
    2. Notwithstanding the generality of paragraph 2.1, the Merchant shall ensure that it has all necessary appropriate consents and notices in place to enable the lawful processing of Merchant Personal Data by the Processor for the duration and purposes of this Agreement.
    3. Scenario 1 – The Merchant acts as the Controller, Processor acts as a Processor
      1. When acting as a Processor of the Merchant, Processor shall:
        • process the Merchant Personal Data only in accordance with the Merchant’s instructions from time to time and shall not process the Merchant Personal Data for any purpose other than those authorized by the Merchant, unless Processor is required by applicable law to process Personal Data in such manner. Where Processor is relying on applicable law as the basis for processing Personal Data, Processor shall notify the Merchant of this before performing the processing required by the applicable law unless the applicable law prohibit Processor from so notifying the Merchant;
        • not disclose the Merchant Personal Data to any third party other than in accordance with this Addendum, the Data Protection Legislation or at Merchant’s request;
        • notify the Merchant within three (3) Business Days if it receives a Data Subject Request and provide the Merchant with reasonable co-operation and assistance in relation to any Data Subject Request;
        • ensure that only persons authorized by Processor process the Merchant Personal Data and that such persons are subject to binding obligations to maintain the confidentiality of the Merchant Personal Data; and
        • without undue delay after discovering a Data Breach:
          1. notify the Merchant about the Data Breach;
          2. provide to the Merchant the details and describe the likely consequences of the Data Breach in accordance with the information requirements specified in Article 33 of the GDPR; and
          3. provide to the Merchant any reasonable co-operation and assistance.
      2. Processor shall be entitled to charge the Merchant for its assistance:
        • when the Merchant request Processor’s assistance to comply with Data Protection Legislation;
        • with a Data Subject Request; or
        • during a Data Breach (unless the Data Breach is directly attributable to Processor), at Processor’s standard rate card, unless the parties agree otherwise in writing.
    4. Scenario 2 – Processor acts as a Controller
      1. Processor will comply with Data Protection Legislation in relation to any Merchant Personal Data that Processor processes as a Controller. Processor may process Merchant Personal Data as a Controller when it determines what Personal Data to collect and process, and the purposes of means for which the Personal Data is processed:
        • to provide the services under the Agreement; or
        • to comply with its own professional obligations.
      2. Processor may act as a Controller when it:
        • processes Personal Data from Merchant’s representatives or personnel to provide the Services; or
        • records email and calls from the Merchant, members of staff, subcontractors or the Merchant’s end users relating to the provision of the Services (including emails and calls to its Services support team). Processor will do so for the purposes of providing the Services to Merchant, for training and quality purposes and to keep a record of the Services provided to the Merchant.
  2. Employees
    1. Each party shall take reasonable steps to ensure the reliability and adequate training on all applicable requirements of the Data Protection Legislation of all its employees who have access to Merchant Personal Data.
  3. Warranties
    1. Each party warrants to the other that it will comply with all applicable requirements of the Data Protection Legislation and that it will Process the Merchant Personal Data in compliance with the Data Protection Legislation.
    2. Processor warrants that, having regard to the state of technological development and the cost of implementing any measures, it will:
      • take appropriate technical and organisational measures against the unauthorized or unlawful Processing, and accidental loss or destruction of, or damage to, Merchant Personal Data;
      • ensure a level of security appropriate to the harm that might result from such unauthorized or unlawful Processing or accidental loss or destruction of, or damage to the Merchant Personal Data and the nature of the data to be protected; and
      • take reasonable steps to ensure compliance with the chosen technical and organisational measures.
  4.  Liability and Indemnity
    1. The limitations and exclusions of liability under the Agreement including but not limited to Clauses 12 and 13.1 shall apply to any liability or indemnity provisions under this Schedule.
    2. The Merchant acknowledges that Processor is reliant on the Merchant for direction as to the extent to which Processor is entitled to use and Process the Merchant Personal Data. Consequently, Processor shall not be liable for any claim brought by a Data Subject or a regulator arising from any action or omission by Processor, to the extent that such action or omission resulted from the Merchant 's instructions or it is based on inaccurate, incorrect or incomplete data, or information provided by the Merchant.
    3. Subject to paragraphs 5.1 and 5.2 above, Processor shall indemnify the Merchant against all liabilities, costs, expenses, damages and losses suffered or incurred by the Merchant, arising from Processor’s breaches of Data Protection Legislation.
    4. Notwithstanding Clause 13.2 (Indemnity) of the Agreement, the Merchant shall indemnify Processor against all liabilities, costs, expenses, damages and losses suffered or incurred by Processor arising out of or in connection with Merchant s breaches of Data Protection Legislation.
  5. Appointment of Sub-Processors
    1. The Merchant herewith generally authorizes Processor to appoint Sub-processors for the purposes of providing the Payment Processing Services, provided that:
      • the Sub-processor's contract is on terms which are substantially the same as those set out in this Schedule; and
      • Processor remains fully liable for all acts or omissions of any Sub-processor appointed by it pursuant to this paragraph.
    2. The Merchant herewith expressly authorizes Processor to engage any Processor Affiliate as a Sub-processor if that Processor Affiliate is engaged in the provision of the Payment Processing Services.
    3. In addition to the Sub-processors engaged pursuant to paragraph 6.1, Processor shall be entitled to engage additional or replacement Sub-processors, subject to:
      • the provisions of paragraph 6.1 above being applied; and
      • Processor notifying the Merchant of the additional or replacement Sub-processor.
  6. Return Or Destruction Of Merchant Personal Data
    1. Subject to paragraph 7.2 below, Processor shall, at the choice of the Merchant, delete or return all the Merchant Personal Data to the Merchant after the end of the provision of the Services relating to the Processing. The Merchant shall be responsible for arranging a back-up of such Merchant Personal Data before the end of the provision of the Services.
    2. In the event that the Merchant requires the Processor to return the Merchant Personal Data, Processor shall be entitled to charge the Merchant for this service, at Processor’s standard rate card.
    3. In the event that Processor is required by applicable law to retain all or part of the Merchant Personal Data (e.g. for tax and/or accounting purposes) Processor shall retain such data only for as long as it is required or needed. The provisions of this DP Addendum shall continue to apply to any Merchant Personal Data retained by Processor pursuant to this paragraph.
  7. Audits
    1. Processor shall use reasonable endeavours to make available to the Merchant all information necessary to demonstrate compliance with its obligations as a Processor under Data Protection Legislation and allow the Merchant or the Merchant’s designated auditors to carry out data protection compliance audits under terms agreed by the parties acting reasonably and in good faith.
  8. Transfers Of Merchant Personal Data Outside The EEA
    1. In the event that Processor transfers any Merchant Personal Data to a country outside the EEA in respect of which the EU Commission has not made a positive finding of adequacy, Processor shall ensure that there is adequate protection and appropriate safeguards in place for such transfer of Merchant Personal Data in accordance with applicable Data Protection Legislation. Such adequate protection and appropriate safeguards may include entering into Standard Contractual Clauses with the Merchant.
Data subjects The personal data transferred concern the following categories of data subjects (please specify): Merchant’s personnel and management individuals, and Customers
Categories of data The personal data transferred concern the following categories of data (please specify): first name, surname, title, date of birth, nationality, place of birth, full address, contact details including email address, business telephone number and facsimile number.
Special categories of data (if appropriate) The personal data transferred concern the following special categories of data (please specify): N/A
Processing operations The personal data transferred will be subject to the following basic processing activities (please specify): Provision of payment processing services to the Merchant, support services and other ancillary services.
Duration of the Processing of Personal Data Processor will process Personal Data during the Term, including an exit period (if any), and thereafter, as long as Processor is required to process the Personal Data by applicable law.
Personal Data transfers outside the EEA or outside an Adequate Country or Sector Processor will transfer Merchant Personal Data to countries outside the EEA. However, it will always ensure that adequate protection and appropriate safeguards are in place for such transfer in accordance with applicable Data Protection Legislation.