Terms & Conditions

Version 1.0.

This document sets out the terms that apply to our services. Please read it carefully. For ease of use, we have split it into these sections:

• Section A – General Terms – these govern the relationship between us and you in respect of all Services.
• Section B – Glossary – capitalised words used in this document have the meaning given to them in the Glossary, unless we say otherwise. The rules of interpretation in this Section also apply to the Agreement.
• Section C – Service Specific Terms, which apply only to the extent that we provide you with the relevant Service, as follows:
  • C1: Payment Gateway Services
  • C2: Card Acquiring Services
  • C3: FX Services
• Section D – our Data Sharing Terms.

You enter into the Agreement electronically by clicking an acceptance button. By doing so, you agree to be bound by the Agreement.

1.1 The Agreement is between:

• you, the person shown as the ‘merchant’ in your application, and
• Ecommpay Limited (company number 08580802, registered address: at 5th Floor, Churchill House, 142-146 Old Street, London, England, EC1V 9BW) (and references to we, us or our in this document will be interpreted as referring to Ecommpay Limited). Ecommpay Limited is authorised and regulated by the Financial Conduct Authority as a payment institution (firm reference number 607597).

1.2 In addition, where any of your Affiliates is involved in the sale of goods or provision of services to your customers, you must ensure that your Affiliate acts in compliance with the requirements which are imposed on you under the Agreement, and you will be liable to us for all acts and omissions of your Affiliates as if they were your own.

2.1 The Agreement sets out the basis on which we will provide you with certain Services relating to your taking of Payments. In providing the Services, we will act as your payment service provider. A clear description of each relevant Service that we may provide to you is set out in Section C of the Agreement.

2.2 The Agreement is made up of these General Terms, the Service Specific Terms relating to the Services you are using, the Data Sharing Terms, the Rate Card, and any Application Documents or other documents we provide to you in relation to a specific Service.

2.3 If there is any conflict or inconsistency between any of the documents comprising the Agreement, then unless otherwise agreed between the parties, the following order of priority will apply in interpreting the documents (and a conflicting term in a lower priority document will be disapplied, but only to the extent of any conflict):

• the Rate Card
• the relevant Service Specific Terms
• the Data Sharing Terms
• these General Terms
• any Application Documents or other documents incorporated by reference

3.1 You can contact us by using the contact details provided to you by us.

3.2 We will normally contact you by email, so please ensure you regularly check your inbox. We may also contact you using the Merchant Interface, by any messaging system as set out in Operating Instructions from time to time, or by post. We will use the details set out in the Application Documents, or the most recent contact details you have given us. You acknowledge that we may also contact Authorised Users regarding your receipt of the Services, as set out in clause 4, below.

3.3 Any formal notices relating to the Agreement must be in writing, in English, and sent by email or by post (or otherwise where this is set out in relevant Operating Instructions) using the contact details set out in clauses 3.1 and 3.2. Notices sent by email or the Merchant Interface (or any other messaging system) will be regarded as served at 9am on the Business Day after the date of the electronic transmission. Notices sent by post will be regarded as served 2 Business Days (7 Business Days for international post) after posting, unless delivered by hand in which case they will be regarded as served on signature of a delivery receipt.

3.4 In addition, we want to hear from you if you feel unhappy about any service you have received from us. Letting us know your concerns gives us the opportunity to put matters right and to improve our Services for all our customers. You can complain by following the complaints process on the Ecommpay Website, and by emailing us at: complaints@ecommpay.com.

3.5 If you are not happy with our final response to your complaint, you can refer the matter to the Financial Ombudsman Service. Details are available at https://www.financial-ombudsman.org.uk/.

3.6 The Agreement and any communications we send you will be in English. You can ask us to email you a copy of the Agreement at any time.

4.1 You may nominate Authorised Users to manage all or part of your relationship with us. Such Authorised Users may include a member of your staff or any of your agents, advisors or representatives. Persons having statutory rights to represent your company will have these rights without being designated as Authorised Users, although in some circumstances we may request certain authority for these persons.

4.2 We may provide and collect information, take instructions, and contact you and your Authorised Users regarding day-to-day aspects of your receipt of the Services.

4.3 You must seek permission from your Authorised Users prior to sharing any of their personal data with us. It is your responsibility to inform your Authorised Users that we (or other third parties) may carry out background checks, including identity checks for the use of the Services. We reserve the right not to authorise other people, and to limit the number of Authorised Users.

4.4 Your Authorised Users may act in the same capacity as you. You and any Authorised Users can take certain actions and give certain instructions about the Services. Authorised Users will be acting on your behalf and we do not have an agreement with them. We will treat all actions and instructions by your Authorised Users as if you had given them or carried them out.

4.5 It is your responsibility to ensure each Authorised User complies with the Agreement.

4.6 You are fully responsible and liable for the actions or omissions of each Authorised User, and your employees, contractors, sub-contractors, and agents.

4.7 You must tell us if you wish us to cancel or amend an Authorised User’s authority, for example if they leave your employment or partnership.

4.8 You are also responsible for telling us about any changes to any Authorised User's contact details.

5.1 In respect of each Service, we will only provide it to you where we are satisfied that your business meets the acceptance criteria which we apply to our customers from time to time, and where we are satisfied with:

• any information we require from you (including to comply with KYC and customer identity requirements);
• any credit assessment we carry out on you;
• any financial security which we notify you we require;
• any Website or Application in relation to which you propose to use the Service;
• the specific category of goods and/or services that you make available to customers on your Website or Application; and
• the legal basis on which you provide the relevant goods and/or services that you make available to customers on your Website or Application.

5.2 We may set special conditions which you will need to meet. In addition, where we are only satisfied with the above in respect of any particular part of your business, or in relation to certain (parts of) your Website or Application, or certain types of goods and/or services that you make available to your customers, we may approve your business to receive our Services in part rather than in whole, and you will only be able to use our Services to the extent we specify in our approval.

5.3 Before we can provide you with a Service, we and you will also need to ensure that the technical integration (or other technical set-up) between us and you, and any relevant third parties, is complete.

5.4 You agree to comply with our Technical Integration Standards together with our instructions in relation to the technical integration and Payment processing.

6.1 You can manage the Services through the Merchant Interface via your Merchant Interface Account.

6.2 We will provide you with a Merchant Interface Account together with confidential login credentials for the Authorised Users during your onboarding journey. We may also provide you with Operating Instructions in relation to your use of the Merchant Interface Account. You agree that the Agreement terms regarding your use of the Merchant Interface Account will become subject to the Agreement from the date you submit your application and provide your acceptance to the Agreement, which is before the Agreement takes effect. Your continued use of the Merchant Interface after the Effective Date constitutes your approval of all actions carried out on your Merchant Interface Account prior to the Effective Date.

6.3 Only the Authorised Users who you have registered with us (using the registration process we make available to you) can have access to the Merchant Interface Account. You will manage the access rights of each of your Authorised Users using the functionality that we provide you with on the Merchant Interface Account. It is your responsibility to make sure that the level of access you give to your Authorised Users is appropriate for your business.

6.4 We may from time to time make legal or operational documentation available on the Merchant Interface and request that an Authorised User approves such documentation, for example by way of an electronic signature or "click-through" (or any similar act which has the same effect). You agree that an Authorised User's acceptance in this way will constitute your acceptance of such legal or operational documentation, and you and your Authorised Users will comply with any obligations set out in such legal or operational documentation.

6.5 If you decide that any Authorised User should no longer have access to the Merchant Interface Account, then it is your responsibility to deactivate that Authorised User using the functionality provided within the Merchant Interface Account.

6.6 You must (and must ensure that all Authorised Users) keep safe any and all password(s) that are necessary to access or use the Merchant Interface Account.

6.7 You must immediately notify us in the event of any security threats related to the Merchant Interface Account, including if you have not received the Merchant Interface Account login credentials within 5 Business Days after the Effective Date.

6.8 You must not use the Merchant Interface for any abusive or improper purpose or in any way that damages our systems or interferes with other users.

6.9 We may block the Merchant Interface Account if we consider it necessary (in our sole discretion) to do so to protect the security of the Merchant Interface. We will notify you as soon as reasonably practicable in case of any such block. A block will cease once we are satisfied that the cause for it has been resolved.

6.10 We provide the Merchant Interface, and all information contained in it, to you on an “as is” basis and you acknowledge that we may change the Merchant Interface, and information contained in it, from time to time as we deem necessary.

6.11 We will try to notify you in advance of any unscheduled downtime to the Merchant Interface as well as of any material changes to the Merchant Interface that may adversely affect your access to or use of the Merchant Interface.

6.12 You acknowledge that we will not be liable to you for any Losses arising from the unavailability of the Merchant Interface.

7.1 Subject to you paying the Service Fees, we will provide you with the Services set out in the Rate Card from the Effective Date.

7.2 We will perform the Services with reasonable care and skill and in accordance with the terms of the Agreement; Applicable Law; and Card Scheme Rules relating to our provision of the Services.

7.3 We will provide a Financial Statement to you for each period within the applicable window, as set out in the Rate Card, via your Merchant Interface or as otherwise made available by us.

7.4 Information contained in a Financial Statement shall be deemed conclusive and correct, unless you notify us of any identified error or disagreement without undue delay and, in any event, within 13 months after receiving the relevant Financial Statement.

8.1 Where currency exchange is required in connection with any of our Services, then the terms of Section C3(FX Services) of the Agreement will apply.

9.1 You must comply with:

• all Applicable Law;
• Card Scheme Rules;
• the parts of our Operating Instructions that relate to the Services we are providing to you; and
• all certificates, licences, registrations and authorisations required for the operation of your business.

9.2 You must not use the Services (directly or indirectly) in a way that breaches Applicable Law, for any illegal purpose or in a way we reasonably believe might harm our ability to provide the Services or our reputation.

9.3 We may tell you to, and you will have to, give us (reasonable and proportionate) financial and other information about you and your business so we can assess our risk and/or so that we can comply with Applicable Law or Card Scheme Rules. This information may include your financial accounts (including any relevant management or audited accounts), customer due diligence information and any other information we believe may help us to assess any risks to us or to otherwise comply with our legal and regulatory obligations.

9.4 In accordance with the Card Scheme Rules we will assign you with a code that accurately describes your business (Merchant Category Code). We may consult with you in relation to which Merchant Category Code is most appropriate to your business and if we do so you will be responsible for the Merchant Category Code that we assign to you. You warrant to us that at the Effective Date and throughout the term of the Agreement you will accurately describe the category of goods and/or services you make available to customers on your Website or Application, and tell us immediately if this changes, so that we may assign you with the most appropriate Merchant Category Code. You must indemnify (meaning fully protect and reimburse) us against any Losses resulting from or in connection with your breach of this warranty.

9.5 You must also tell us immediately if:

• there is any material change in any of the information (or most recent instance of any particular information item) that you have provided to us, including in the Application Documents;
• you cease to be a microenterprise or charity within the meaning of the UK Payment Services Regulations 2017;
• you stop, or are planning to stop, trading;
• you plan to, or you do, sell your business;
• you change the nature of your business or the goods and services which you sell;
• you develop any new website or application which you have not told us about previously, or make any material changes to any existing Website or Application;
• you change your trading name or the registered name of your business;
• if there are any changes to the principals of your business (including any directors, officers, partners or similar) or a material direct or indirect change in your ownership;
• any Insolvency Event happens or is likely to happen;
• there is any material change in your financial position or you default on the payment of any of your debts.

9.6 Where you use our Gateway Services and Card Acquiring Services to take Payments, then you must also:

• comply with our Website Requirements (except where applicable Card Scheme Rules explicitly permit you to do otherwise);
• only accept Payments for sales of goods and services by you (as principal) and not on behalf of any third party;
• not submit or process any Illegal Transactions or any Payments which may damage the goodwill of or reflect negatively on us or any Card Scheme;
• not use any payment method for the purposes of, or in any way connected with, money laundering, terrorist financing, fraud or any other financial crime (and you warrant that the funds being transferred are not the proceeds of crime (as defined under the UK Proceeds of Crime Act 2002, as amended or succeeded from time to time);
• have measures in place to detect and prevent fraudulent Payments;
• not offer or otherwise make available any payment method for any of the categories of businesses and business practices or sale of any products/services that are illegal, posing significant risk, or are listed as prohibited business or transactions on our website or as otherwise notified to you from time to time;
• not offer the sale of a product or service other than in full compliance with Applicable Law (including, as applicable, all legal requirements applicable to distance sales agreement and consumer protection laws);
• only accept Payments for sales of goods/services that are within the business description and category of transactions, and within the territory(ies), you have agreed with us (from time to time);
• sufficiently call attention to and explain the payment methods offered and ensure it is clear and recognisable to your customers which payment method is being used and that the order placed for goods/services is irrevocable unless the relevant payment method provider permits otherwise;
• not treat any individual payment methods more favourably than other payment methods, in particular in relation to advertising, marketing or promoting them in a manner which could reasonably be considered to unfairly position or disadvantage one payment method or brand from another. However:
  • presenting the different payment methods in a vertical or sequential list on a webpage does not constitute unfair positioning, provided each method is otherwise presented in the same manner;
  • this does not prevent you from deciding at your sole discretion which payment methods you choose to use within a particular market;
• make available each payment method in such a manner that it does not actively exclude any individual banks connected to the relevant payment method;
• comply with all Applicable Laws in relation to surcharging;
• not set any minimum limit or maximum limit on payment values (including on any Card Transactions);
• not add or collect any VAT or other taxes unless these are lawful and collected as part of the total transaction amount;
• offer a sales receipt to the customer for each Payment;
• retain evidence (including any sales receipt or refund receipt) for at least 18 months from the date of the Payment or Refund. You must let us have that evidence if we ask (and you acknowledge that failure to do so may result in Chargebacks);
• not impose any requirement that a customer waives their right to dispute a Payment;
• implement a documented complaints and escalation procedure with a user support function contactable by email for user support with regards to the payment methods you offer; and
• not exceed the fraudulent transactions threshold and Chargeback threshold set out at ecommpay.com/fraud-and-chb-thresholds/ (as updated by us from time to time).

10.1 You must develop, maintain and make available to all of your customers a fair and reasonable refund policy for the return of goods and/or services and which, complies with Applicable Law (and you must ensure that all Refunds are processed by you in accordance with such refund policy).

10.2 You must process all Refunds of Payments taken using the Services in accordance with the Agreement and following the procedures set out in our Operating Instructions. Completed Refund instructions will be processed by the end of the next Business Day, provided the instruction is received before 16.00pm UK time on a Business Day.

10.3 A Refund only arises where there is a Payment which is being reversed (in whole or in part). You must ensure that the amount of any Refund is not greater than the amount of the original Payment.

10.4 Where you process any Refund in respect of a Payment transaction which you originally received using our Card Acquiring Services, then you must pay us the amount of the Refund. We may also charge you a fee for each Refund, as set out on the Rate Card.

10.5 Any Refund of a Card Transaction must be made on the same Card or Account as was used for the original Card Transaction (unless our Operating Instructions state otherwise). You will not give a cash or cheque Refund to the Cardholder for a Card Transaction made using a Card and you will not accept cash or any other incentive for making a Refund.

10.6 Following a Refund, you must offer a Refund receipt to the Cardholder.

10.7 You will be liable for any errors or failures when processing Refunds (including for processing Refunds when there is no original payment or for issuing any Refund that is not of an equivalent amount to the original payment).

10.8 We may refuse to execute a Refund if it does not meet the requirements of this agreement or is prohibited by applicable law. Where possible, we will inform you if we cannot execute the Refund and provide reasons for the refusal.

11.1 In certain circumstances:

• in respect of Card Transactions, the Card Issuer will have the right under Card Scheme Rules to either refuse to settle a Card Transaction or request a reimbursement of a Card Transaction that has already been settled under Card Scheme Rules. This is known as a Chargeback. This may arise because, for example, the Cardholder says the relevant goods or services were not provided or were defective in some way. Alternatively, a Card Transaction was processed in error. There are a range of such scenarios set out under Card Scheme Rules.

11.2 Where a Chargeback is raised:

• if we have not yet paid you for that Payment, we will not have to pay you for that Payment;
• if we have already paid you for that Payment, you must pay it back to us;
• you shall also indemnify (meaning fully protect and reimburse) us for any Chargebacks and any costs we incur relating to it; and
• we may also charge you a fee for each Chargeback, as set out on the Rate Card.

11.3 Whilst we are not obliged to do so we may, at your request on your behalf, or for our own purposes, dispute the validity of any Chargeback. Where we do so, you will provide us with reasonable support and information to enable us to raise the dispute, and you must provide any other evidence requested by us, a Card Scheme or Card Issuer in relation to the dispute.

11.4 You acknowledge that Chargebacks may arise some time after the initial Card Transaction, which could also be some time after a termination of the Agreement.

11.5 You also acknowledge that any decision or determination of a Card Scheme regarding the validity of any Chargeback will be final and binding.

12.1 Assessments are fines, fees, costs, expenses, assessments or charges of any nature which a Card Scheme imposes on us at any time, directly or indirectly, in relation to any Payment we support you with or any other aspect of our relationship with you.

12.2 If an Assessment is levied against us by a Card Scheme as a result of or in connection with your actions or omissions, you will be liable to us for the amount of that Assessment, and you must indemnify (meaning fully protect and reimburse) us against any Losses regarding that Assessment.

12.3 You also acknowledge that any decision or determination of a Card Scheme regarding the validity of any Assessment will be final and binding.

13.1 This clause applies where a Minimum Fee and/or Fee Term is included in the Rate Card.

13.2 A Minimum Fee may apply to the Service Fees you incur over each Minimum Fee Period, as set out in the Rate Card, where applicable. The Minimum Fee will apply from the date set out in the Rate Card, unless otherwise agreed and, where applicable, for the Fee Term. We may also agree with you on other Service Fees that may be subject to a Fee Term.

13.3 Where a Minimum Fee applies, we will calculate whether you have reached the equivalent of the Minimum Fee promptly at the end of each Minimum Fee Period. The details of any Minimum Fees applied will be available on your Financial Statement. If there is any shortfall between your Service Fees and the Minimum Fee for a Minimum Fee Period, we will collect the shortfall from you in accordance with clause 15.

13.4 Where a shortfall between your Service Fees and the Minimum Fee in a Minimum Fee Period is due to a failure caused by and attributable under the Agreement to us or an event of Force Majeure, then we will not apply the Minimum Fee in relation to the period of time that such event contributed to such shortfall (as determined by us).

13.5 Where your Service Fees exceed the Minimum Fee in a Minimum Fee Period, the excess Service Fees will not be counted towards the Minimum Fee in the following Minimum Fee Period.

13.6 If a Service, to which a Minimum Fee and/or or a Fee Term applies, is terminated, or if the Agreement is terminated, for any reason other than in accordance with our termination rights set out in clause 20.3 or your termination rights set out in clause 20.8 or 20.9, then the relevant Minimum Fees and/or Services Fees for the remaining Fee Term will become due and payable to us on demand, in which case the relevant amount will be payable in full not later than 10 Business Days from the date you received our demand. If we terminate the Agreement in accordance with our termination rights set out in clause 20.3 or you terminate the Agreement in accordance with your termination rights set out in clause 20.8 or 20.9, then the relevant Minimum Fees and/or Service Fees will only apply up to the date the Agreement ends.

14.1 This clause applies where a Minimum Volume Commitment is included in the Rate Card.

14.2 A Minimum Volume Commitment may apply to the Payments that you submit to us each month over the term of this Agreement, as set out in the Rate Card. The Minimum Volume Commitment will apply from the Effective Date, unless otherwise agreed.

14.3 Where a Minimum Volume Commitment applies, we will calculate whether you have met the Minimum Volume Commitment at the end of each month. The details of volumes processed will be available on your Financial Statement.

14.4 Where you have not met the Minimum Volume Commitment in any month and this is due to a failure caused by and attributable under the Agreement to us or an event of Force Majeure, then we will not apply the Minimum Volume Commitment in relation to the period of time that such event contributed to such shortfall (as determined by us).

14.5 Where the volume of Payments that you submit to us in a month exceed the Minimum Volume Commitment, the excess volume will not be counted towards the Minimum Volume Commitment in the following month.

14.6 If a Service to which a Minimum Volume Commitment applies, expires or is terminated, or the Agreement expires or is terminated, then the Minimum Volume Commitment will only apply up to the date the applicable Service or the Agreement ends.

15.1 You must pay us the Service Fees set out in the Rate Card and as otherwise agreed between us and you. The Service Fees are immediately due and payable to us when we provide the relevant Service to you and are non-refundable except where you have paid us in error or as otherwise provided by the Agreement.

15.2 We may also require you to make additional payments to us from time to time, including for:

• reimbursement of Chargebacks;
• the amount of any Refunds issued, if not already deducted;
• the amount of any overpayments we make to you;
• the amount of any Assessments payable by you in accordance with clause 12.2;
• any other fees or charges payable by us to a Card Scheme, or any other person as a result of your acts or omissions, including as a result of your failure to comply with PCI DSS, Card Scheme Rules, Applicable Law or the Agreement; and
• any other sums due and payable by you under the Agreement or due to Applicable Law.

15.3 We will set out the Service Fees in Financial Statements, which will constitute a demand for payment of such amounts.

15.4 We may collect the Service Fees, and other amounts owing to us under the Agreement:

• by setting off such amounts against Settlement amounts we transfer to you, amounts in your Ecommpay Balance, or against any other amounts we owe to you (and you acknowledge that our right of set-off may be exercised both before or after making a demand for payment and without giving you advance notice);
• by sending you a demand for payment of such amounts, in which case the amounts will be payable in full not later than 10 Business Days from the date you received our demand; or
• by exercising our rights in respect of Security or collateral under clause 16.

15.5 All payments to be made by you to us under the Agreement must be made without set off, deduction, withholding or counterclaim, unless that is required by Applicable Law, and you acknowledge that time is of the essence in relation to your payment obligations.

15.6 Where you use our Card Acquiring Services:

• we will also make available to you, upon your request, alongside your Rate Card, a separate document showing as at the Effective Date, the level of interchange and scheme fees applicable for each category and brand of Cards in a variety of transaction scenarios;
• you acknowledge that by signing the Agreement you have selected blended pricing, meaning that we will charge blended merchant services charges rather than merchant service charges individually specified for different categories and brands of Cards with different interchange fee levels. Any changes in Card Scheme fees, interchange or any other costs charged by the Card Schemes to us will not be automatically passed on to you and any changes to the Agreement will be dealt with in accordance with clause 29 of the General Terms.

16.1 Where, in our reasonable opinion, our risk exposure in relation to you reaches an unacceptable level, you agree that we shall be entitled, both before and after termination of the Agreement, to take steps at our discretion to control such risks, including as set out in this clause. For example, we may reach such reasonable opinion where we reasonably consider, based on more than mere suspicion, that:

• we may become liable to pay sums of money under the Card Scheme Rules as a result of your actions and/or omissions;
• you may fail to pay us any amounts you owe to us when due;
• there has been a non-immaterial deterioration in your financial position; or
• there is an increased level of disputes and/or increased risk of Chargebacks or fraudulent transactions, and/or you exceed the Chargebacks or fraudulent transactions threshold, and/or we consider the level of your Chargebacks or fraudulent transactions to pose a risk to us,

or we otherwise reasonably believe it is necessary to protect us from suffering any actual or potential Losses or in order to comply with Applicable Law or Card Scheme Rules.

16.2 In particular, where we reach such reasonable opinion, we may require that you procure, within 30 days (or such longer period as we may determine is reasonable) after receiving our written request, that you and/or a person (or persons) reasonably satisfactory to us provide us with a guarantee, indemnity, cash reserve or other security (including the replacement of any existing security) in such form and over such assets as we may reasonably require (including the Merchant Bank Account), and in an amount that is in our reasonable opinion proportionate to our risk exposure in relation to you, to secure to our reasonable satisfaction the performance of your obligations from time to time under the Agreement (“Security”). We will be entitled to charge you for our reasonable external costs incurred in obtaining the Security. You authorise us to hold any Security until we are satisfied with our risk exposure in relation to you or such other period as we agree with you in writing.

16.3 Without limiting clause 16.2, where we reach such reasonable opinion, we may also, by notice to you, holdback (withhold) payment of Settlement sums or any other amounts due to you and you hereby direct and authorise us to hold such Settlement sums or other amounts as collateral. Where we do this:

• you shall not be entitled to, and you may not request, and we shall have no obligation as controllers of the account in which the collateral is held, to make to you, any payment of such collateral unless and until, we are satisfied in our sole discretion that the level of risk exposure to us as described at clause 16.1 is at a level that is satisfactory;
• the collateral held that relates to you may be applied by us at any time to meet any liabilities that you owe us;
• we shall only holdback payment of Settlement sums that are, in our reasonable opinion, proportionate to our risk exposure in relation to you; and
• we shall only holdback payment of Settlement sums until we are satisfied with our risk exposure in relation to you.

16.4 At any time where we determine in our reasonable opinion that the risk exposure of providing services to you may exceed or is at the risk of exceeding our reasonable tolerances, you agree to provide to us a collateral or reserve representing (i) a fixed amount of funds, and/or (ii) funds on a rolling basis. If we set off amounts you owe to us under the Agreement against any part of your collateral or reserve, we will notify you about the set-off by reflecting it in the Financial Statement, and, in the case of a fixed collateral or reserve, you will, in accordance with the instructions that we provide, replenish that amount by making a payment to us within 5 Business Days after receiving the relevant Financial Statement.

16.5 If any Security or collateral is not enough to cover any amounts you owe us after the Agreement ends, or amounts become due after the Security has come to an end, you must pay us the additional amount when we ask you to.

16.6 In addition, where we reach a reasonable opinion in accordance with clause 16.1 that we need to take steps to manage our risk, we may also notify you of restrictions on your receipt of our Services, including (without limitation) volume and value limits on Payments you may take using our Services, or restrictions to the types of Payments you may process using our Services, on the locations you may use our Services in, or on the goods/services which you may use our Services to sell.

16.7 We may exercise our rights under this clause with or without notice to you, and you acknowledge that we may not be able to provide reasons for exercising such rights where this is not possible under Applicable Laws.

17.1 You agree to on demand indemnify us in full (meaning fully protect and reimburse us) against all Losses we suffer or incur that arise from or relate to:

• your taking of Payments;
• any Chargeback or Refund;
• any Assessment;
• any breach of the Agreement by you (or any Affiliate, Authorised User, employee or anyone else acting on your behalf); or
• your breach of or non-compliance with Applicable Law or Card Scheme Rules.

18.1 We warrant to you that as at the Effective Date and for the term of the Agreement:

• we have obtained and will maintain any and all licences, permits and registrations required under Applicable Law to conduct our business in all jurisdictions where we are established and where we conduct business;
• we have the power to execute and perform the Agreement, the Agreement is duly authorised, and entry into the Agreement will not violate any provisions of Applicable Law or conflict with any other agreement to which we are subject;
• we are a validly organised and validly existing company in good standing under the laws where we are incorporated and where our principal office is located and we shall inform each other immediately in writing should this change;
• to the best of our knowledge, there is no action, suit or proceeding at law or in equity now pending or threatened by or against or affecting which would substantially impair our right to carry on business as now conducted or adversely affect our financial condition or operations;
• we are not subject to any Insolvency Event; and
• we shall not issue any press release or public statement in connection with the Agreement or the Services without your prior written consent.

18.2 You warrant to us that as at the Effective Date and for the term of the Agreement:

• you have obtained and will maintain any and all licences, permits and registrations required under Applicable Law to conduct your business in all jurisdictions where you are established and where you conduct business;
• you have the power to execute and perform the Agreement, the Agreement is duly authorised, and entry into the Agreement will not violate any provisions of Applicable Law or conflict with any other agreement to which you are subject;
• you are a validly organised and validly existing company in good standing under the laws where you are incorporated and where your principal office is located and you shall inform us immediately in writing should this change;
• to the best of your knowledge, there is no action, suit or proceeding at law or in equity now pending or threatened by or against or affecting you which would substantially impair your right to carry on business as now conducted or adversely affect your financial condition or operations;
• you are not subject to any Insolvency Event;
• you shall not issue any press release or public statement in connection with the Agreement or the Services without our prior written consent;
• you comply and will not do anything that will cause us not to comply with:
  • Applicable Law; or
  • any applicable Card Scheme Rules ;
• all information that you have provided to us in relation to the Services and the Agreement, including the Application Documents and/or the Merchant Interface Account is true, complete, accurate and not misleading; and
• you will not use any Service in connection with any illegal or fraudulent activities.

18.3 Except as expressly stated in the Agreement, each Service is provided “as is”, and all other representations, warranties, and conditions, oral or written, express or implied, arising from course of dealing, course of performance, or otherwise (including implied terms of satisfactory quality, uninterrupted or error-free operation, fitness for a particular purpose, title, or non-infringement) are, to the fullest extent permitted by Applicable Law, excluded from the Agreement.

19.1 Subject to Applicable Law, the maximum liability we will have to you under or in connection with the Agreement, in each Contract Year, will not exceed:

• in the first Contract Year of the Agreement, the average monthly Service Fees (excluding any initial set-up or implementation fees, the application of a Minimum Fee or Fee Term) you have paid us in the period from the Effective Date up until the date immediately preceding the event, or series of connected events, giving rise to the liability, multiplied by twelve; and
• in each subsequent Contract Year of the Agreement (a "Relevant Contract Year"), the amount of the Service Fees (excluding any initial set-up or implementation fees, the application of a Minimum Fee or Fee Term) you have paid us in the Contract Year immediately preceding the Relevant Contract Year in which the event, or series of connected events giving rise to the liability first occurred.

For the avoidance of doubt this limit of liability does not apply to our obligation to pay Settlement amounts to you in accordance with the Agreement.

19.2 Nothing in the Agreement removes or limits our liability for death or personal injury resulting from our negligence or from fraud or fraudulent claims or statements, or any other liability that cannot be excluded or limited by Applicable Law.

19.3 Except as set out in the Agreement, we will be liable to you for the non-execution, defective execution, or late execution of any Settlement or Refund. You must notify us of any unauthorised or incorrectly executed Settlement or Refund without undue delay and, in any event, no later than 13 months from the date of the Settlement or Refund. Upon receiving notification of an incorrectly executed Settlement, we will investigate the issue and, where applicable, restore you to the position you would have been in had the error not occurred. If a Refund is not executed correctly, we will take corrective action to ensure the proper execution of the Refund.

19.4 If we fail to transmit a Payment in relation to a payment to a Card Scheme for onward transmission to a Card Issuer, we will immediately re-transmit the Payment on becoming aware. If we fail to correctly transmit the Card Transaction Data for a Payment to the Card Scheme and/or the Card Issuer, we will reimburse you for any charges and/or interest you had to pay as a result of the incorrect transmission of the Payment, provided in both cases that you let us know as soon as possible (and no later than within 13 months of the relevant debit date for such charges and/or interest).

19.5 Except as set out in clause 19.2, neither you nor we will be liable to each other for any of the following types of Losses arising under or in connection with the Agreement (whether arising for breach of contract, misrepresentation (whether tortious or statutory), tort (including but not limited to negligence or strict liability), breach of statutory duty, liability under indemnities or otherwise):

• any indirect or consequential loss; or
• any lost profits, lost goodwill (or any other damage to reputation), loss of revenue, loss of business, loss of contracts, loss of anticipated savings, business interruption, loss of opportunity, loss of bargain, or lost or corrupted data, in each case regardless of whether any of these types of Losses are direct, indirect or consequential,

even if us or you were advised or were aware of the possibility that such Losses might be incurred by the other.

19.6 We will not be liable for any failure to perform (nor any defective or delayed performance of) any of our obligations under the Agreement, if and to the extent that such failure, defect or delay is due to::

• your breach of the Agreement, negligent, wrongful or deliberate acts or omissions;
• a suspension of any Services under or in connection with clause 20.5;
• us complying with any of our obligations under any Card Scheme Rules, or Applicable Law as reasonably determined by us; and/or
• any deferment, withholding or deduction in accordance with any of our rights to do so under the Agreement.

19.7 You will not be liable for any failure to perform (nor any defective or delayed performance of) any of your obligations under the Agreement, if any to the extent that such failure, defect or delay is due to:

• our breach of the Agreement, negligent, wrongful or deliberate acts or omissions; and/or
• you complying with any of your obligations under any Card Scheme Rules, or Applicable Law as reasonably determined by you.

19.8 We will not:

• be liable for any Loss suffered by you which arises from our compliance with your instruction, or any of the data received by us being inaccurate or incomplete. We may make reasonable efforts to assess a transaction price and/or recover funds lost in an incorrect or misdirected Payment resulting from inaccurate or incomplete data and we may charge you for any such efforts; or
• be required nor liable under any term of the Agreement for any performance problem, infringement claim or other issue resulting from: (i) any modification of any Service (other than a modification made solely by us); (ii) any use of a Service in breach of the Agreement; (iii) any combination of the Service with any other software, hardware, product, technology, data or services; (iv) any use of any version of a Service other than the supported services; (v) your failure to implement corrections or changes to a Service that we provide; or (vi) any negligence or deliberate act or omission, or breach of the Agreement, by you, or the Authorised Users or your customers.

20.1 The Agreement comes into force on the Effective Date, and will continue until terminated in accordance with its terms by you or us.

20.2 You can terminate the Agreement without cause by giving at least 30 days’ written notice at any time.

20.3 We can terminate the Agreement or any Service without cause by giving at least 90 days’ written notice at any time.

20.4 We can immediately terminate the Agreement, or any Service (in whole or in part) by giving you written notice at any time if:

• we reasonably believe you are behaving fraudulently or using the Services for purposes in connection with money laundering, terrorist financing or other unauthorised purposes;
• we reasonably believe you are submitting Illegal Transactions;
• you fail to confirm your compliance with PCI DSS within 90 days (or any longer period we may agree) of us first giving you notice of your obligation to do so, unless the Card Schemes require us to terminate the Agreement earlier;
• we reasonably believe you are not complying with PCI DSS;
• We have good reason to believe your use of the Services as engaged in conduct that involves, or is likely to involve, the commission of an offence;
• we reasonably believe you have given us inaccurate information or not given us information we have requested within a timeframe we set;
• you have not kept us up to date with changes in your business (e.g. regarding the type of activities the business carries out; the goods and services it provides) and such changes create a financial crime risk;
• we are not satisfied with the outcome of any periodic ‘Know Your Customer’ or other diligence or background checks (for example creditworthiness);
• there has been a change that means you are not, or are no longer, permitted or licensed to conduct your business activities; or
• we are required to do so under Applicable Law, court order or an instruction or requirement of a Regulatory Authority or a Card Scheme. This includes circumstances in which your action or omission may cause harm or loss to the goodwill of the Card Schemes.

20.5 We may suspend or modify any of the Services (in whole or in part) and your access to the Merchant Interface (in whole or in part) immediately if:

• we reasonably believe you are behaving fraudulently or using the Services for purposes in connection with money laundering, terrorist financing or other unauthorised purposes;
• we reasonably believe you are submitting Illegal Transactions;
• you exceed the Chargebacks or fraudulent transactions threshold;
• you do not tell us about any changes the category of goods and/or services you make available to customers on your Website or Application which we reasonably believe impact your assigned Merchant Category Code;
• you fail to achieve the applicable Minimum Volume Commitment in any month (if applicable);
• you or your third party providers fail to provide us with the data we require for technical communication purposes, and you or your third party providers do not rectify this within a reasonable period following us requesting you to do so;
• you fail to confirm your compliance with PCI DSS within 90 days (or any longer period we may agree) of us first giving you notice of your obligation to do so, unless the Card Schemes require us to terminate the Agreement earlier;
• we reasonably believe you are not complying with PCI DSS;
• we have good reason to believe your use of the Services could damage our reputation or goodwill or may harm us;
• we reasonably believe you have given us inaccurate information or not given us information we have requested within a timeframe we set;
• you have not kept us up to date with changes in your business (e.g. regarding the type of activities the business carries out; the goods and services it provides; its Control or that of any company that owns it; its trading terms, directors or partners; its legal status or address; or any sale or disposal of a material part of it);
• we become entitled to enforce any Security granted under clause 16 or such Security is not provided within the required timeframe;
• you fail to pay the Service Fees when required by us twice in any 12-month period;
• we are not satisfied with the outcome of any periodic ‘Know Your Customer’ or other diligence or background checks (for example creditworthiness);
• there has been a change in your business that we are concerned about or regard as damaging to our brand, including a change in Control or the type of business activities you carry out or a change that means you are not, or are no longer, permitted or licensed to conduct your business activities;
• you have breached the Agreement in a serious or persistent way;
• you have been subject to an Insolvency Event;
• we are required to do so under Applicable Law, court order or an instruction or requirement of a Regulatory Authority or a Card Scheme. This includes circumstances in which your action or omission may cause harm or loss to the goodwill of the Card Schemes; or
• any of the functionality or systems we rely on to provide you with any Service is no longer available to us (through no fault of ours).

20.6 If we suspend or modify any of the services, we will notify you as soon as we (acting reasonably) consider that we are permitted to do so in the circumstances.

20.7 Where we suspend any of the Services under clause 20.5:

• we will be released from the relevant obligations under the Agreement with respect to the relevant Services until the cause of the suspension is remedied;
• the Minimum Fee and any Service Fees incurred by you will continue to be payable in accordance with the Agreement;
• we may holdback the payment of Settlement amounts due to you until such period of suspension has ended; and
• we will recommence providing the Services when we are satisfied that you have remedied the situation that gave rise to the suspension, and we will notify you of this decision as soon as we reasonably can.

20.8 You can immediately terminate the Agreement by giving written notice to us at any time if:

• we have breached the Agreement in a serious or persistent way;
• we have been subject to an Insolvency Event; or
• you are required to do so under Applicable Law.

20.9 You can terminate the Agreement by giving written notice to us at any time before changes take effect in accordance with clause 29.7.

21.1 If you or we terminate the Agreement or any Service for any reason, or the Agreement expires, then in relation to the terminated Agreement or Service (as applicable) the following will apply:

• you must not process any further Payments and must stop using the Ecommpay Property (except to process Refunds and Chargebacks);
• we will continue to provide Financial Statements to you until the balance reaches zero;
• we may continue to process Refunds that are due to customers for up to 180 days (except where this functionality has been disabled, in which case you should refund customers via another means);
• you must pay us any Service Fees that you incur or that become due up to the end of the termination notice period;
• you must pay us the amount of any Chargebacks or other amounts that become due during the termination notice period and after the end of the Agreement or any Service;
• we may notify the Card Schemes, and any relevant Regulatory Authority of the reasons for the termination of the Agreement or any Service, and we may be required to submit information about you in applicable restricted business lists;
• we and you will continue performing our and your obligations in relation to any continuing Service(s);
• you will continue paying the Service Fees relating to any continuing Service(s) in accordance with the Agreement; and
• subject to the above, we will cease provision of the expired or terminated Services to you.

21.2 The following provisions of the Agreement will remain in force post termination: 3, 4, 10, 11, 12, 15, 16, 17, 19, 21, 23, 24, 28, 30, and any other provision of this Agreement which by its nature survives termination or expiry (or is required to survive for the purpose of performance of the parties’ respective obligations and/or exercise of the parties' respective rights under their surviving obligations).

22.1 You and we hereby grant to each other a royalty free, non-exclusive, non-transferrable and revocable licence to access and use during the term of the Agreement your or our IP Rights, solely to the extent necessary to enable such person to provide (on the part of Ecommpay) or receive (on the part of the merchant) the Services or perform its obligations under the Agreement. We will at all times retain title to the Ecommpay Property. You hereby unconditionally and irrevocably assign and transfer to us all of your rights, title, and interest in and to any Ecommpay Property and all IP Rights in and to the same. We may use all of your comments and suggestions for the improvement of any Ecommpay Property without accounting or reservation.

22.2 You will not, and will not allow any third party to reverse engineer or create derivative works or competitive products or services based on the Ecommpay Property.

23.1 Where you or we receive Confidential Information (Recipient) of the other person (Discloser) the Recipient must not use Confidential Information for any purpose except as necessary to implement, perform or enforce the Agreement and/or to manage the relationship between you and us.

23.2 Neither you nor we will be required to maintain the confidentiality of any information that:

• was previously known or in the possession of the Recipient before the Discloser disclosed it;
• is or becomes a matter of public knowledge other than as a result of a breach of the Agreement by the Recipient or any person to whom the Recipient disclosed it;
• was or is independently developed without reference to or use of the Discloser's Confidential Information;
• is released for disclosure with the Discloser's written consent; or
• is received from a third party to whom it was disclosed by the Disclosing Party without restriction.

23.3 The Recipient will protect the Discloser's Confidential Information against unauthorised disclosure and access to the same standard that it applies to its own Confidential Information and in any case with reasonable care and skill.

23.4 The Recipient will promptly notify the Discloser if the Recipient becomes aware of any improper use or disclosure of Confidential Information and will promptly use all reasonable efforts to investigate and correct the causes of such improper use or disclosure.

23.5 In this clause 23, “Authorised Recipient” means:

• either of our third party service providers;
• in relation to you, any of your Affiliates and your or their employees, or agents, provided that the agent is not a competitor of Ecommpay; and
• in relation to us, any of our Affiliates and our or their respective employees, or agents,

and in each case an Authorised Recipient must have a need to know the Confidential Information in connection with the use or provision of the Services and must be required to protect and restrict the use of the Discloser's Confidential Information in accordance with terms equivalent to the requirements of the Agreement.

23.6 We may use and disclose your company or trading name and logo to third parties as reasonably necessary to perform any Services.

23.7 If the Recipient believes the Confidential Information must be disclosed or made publicly available under Applicable Law or any Card Scheme Rule, the requirement of any Regulatory Authority or an order of a court of competent jurisdiction, the Recipient may make such disclosure provided that, to the extent permitted by Applicable Law, the Discloser is given a reasonable opportunity to contest such disclosure and obtain a protective order. No commercially sensitive information such as fees or details of the Services will be made publicly available, unless such reservation is prohibited by Applicable Law.

24.1 Each of you and us will comply with the Data Sharing Terms in respect of the performance or receipt of the Services.

25.1 You (and any third party whose use we approve in connection with storing, transmitting or processing Payment data) must have in place technical and organisational measures that ensure an appropriate level of security for processing Payments and related transaction and customer data. You (and the third party) must protect that data against accidental or unlawful destruction or alteration, accidental loss and unauthorised disclosure, access or processing.

25.2 You must ensure that any customer identification and/or authenticating data that could be used to place orders shall not be stored electronically or written down in another form, except to the extent authorised by the PCI DSS.

25.3 We are responsible for meeting the latest version of PCI DSS in so far as it applies to the Services. You must comply with PCI DSS and follow any instructions we give you regarding the same.

25.4 If we reasonably believe you are not complying with this clause, we will notify you. You will need to promptly remedy areas of non-compliance that we tell you about within the time period we specify in the notice.

25.5 At any time, if you know or suspect that any Payment data and related transaction and customer data has been compromised, you must notify us immediately and provide all cooperation and help that we, the Card Schemes or Regulatory Authorities may need.

25.6 If you have told us about a data compromise or suspected data compromise or if we reasonably believe (including where we are informed by a Card Scheme that they believe) that you have (or any third party we have approved your use of has) suffered a data compromise we may require you to instruct an third party assessor to carry out a forensic investigation of the incident. You must do so at your own cost within the timescale we give you. You also agree that the third party assessor can give us any report they produce and that you will comply with all the recommendations they make to improve your data security.

26.1 No more than once annually during the term of the Agreement and where in our reasonable opinion our risk exposure in relation to you reaches an unacceptable level (unless prompted by a request from a Regulatory Authority, Card Scheme, or events giving rise to a potential breach of Applicable Law), we or our authorised representatives may conduct an inspection or audit of your business. We will normally give you at least 30 days' notice of when we plan to do so (although we may not always be able to) and we will try to minimise inconvenience. We will try to comply with any reasonable security and confidentiality requirements you tell us about in advance.

26.2 We may exercise our inspection and audit rights to help us to comply with any Applicable Law, and to check you are complying with the Agreement (including assessing the security measures you take to comply with your responsibilities), Applicable Law, Card Scheme Rules and PCI DSS.

26.3 You must give us or our authorised representatives access to the premises where your business trades and where your records, systems or stock are located so that we or they can:

• inspect your facilities, equipment, records, data and systems (including any computer system and software) relevant to the Agreement and your use of the Services;
• take any copies of such records, information, or data; and
• interview relevant members of your staff including directors, employees, contractors, and sub-contractors.

26.4 You must provide us or our authorised representatives all reasonable assistance in relation to such audit.

26.5 Where an audit is undertaken at the request of a Card Scheme, you must pay any reasonable costs and charges incurred by us in respect of such audit.

27.1 Neither you nor we will be held responsible for any delay in performance or inability to perform any of your or our obligations under the Agreement to the extent to which this is caused by a Force Majeure Event provided that the person which is the subject of a Force Majeure Event:

• has taken all reasonable steps to prevent and avoid the Force Majeure Event;
• carries out its duties to a level reasonably achievable in the circumstances of the Force Majeure Event;
• takes all reasonable steps to overcome and mitigate the effects of the Force Majeure Event as soon as reasonably practicable, including actively managing any problems caused or contributed to by third parties and liaising with them;
• on becoming aware of the Force Majeure Event promptly informs the other person in writing of the Force Majeure Event, giving details of the Force Majeure Event and which obligations have been affected, together with a reasonable estimate of the period during which the Force Majeure Event will continue;
• within 5 Business Days of becoming aware of the Force Majeure Event provides written confirmation and reasonable evidence of the Force Majeure Event; and
• notifies the other person when the Force Majeure Event has stopped.

27.2 If the Force Majeure Event in question lasts for a continuous period of more than 30 days, both sides will meet to work out how to ease the impact or agree an alternative plan that is fair and reasonable. If a solution cannot be agreed within 30 days of meeting, either of us can terminate the Agreement on giving 7 days’ written notice to the other.

27.3 If we suffer a Force Majeure Event this will not relieve you of liability for Chargebacks and other payments owing to us in accordance with the Agreement. If you suffer a Force Majeure Event this will not relieve us of our obligation to pay Settlement amounts to you in accordance with the Agreement.

28.1 Where discussions take place between you and us to explore and/or resolve dissatisfaction such communications take place 'without prejudice' which means in private and on the basis that they cannot be used in legal proceedings save for where expressed to be made on an open basis.

28.2 In the event of any dispute between you and us, in the first instance each of our day-to-day relationship managers must attempt to agree a resolution. If after 30 days (or such other time as agreed) those individuals are unable to resolve the dispute each of you and we will arrange for a senior representative to attend one or more meetings to resolve the matter in dispute. Such meetings will take place at a mutually acceptable time and can be conducted in person, via video conference, or over the phone.

28.3 If a dispute cannot be resolved in accordance with the dispute procedure set out in clause 28.2, then we or you may initiate legal proceedings.

28.4 Nothing in this clause will restrict either person's freedom to commence summary proceedings to procure or ensure performance of obligations and/or any required action to prevent further damages, preserve any legal right or remedy or to prevent the misuse of any of its Confidential Information.

29.1 We may change an interest or exchange rate set out in the Agreement without giving you notice of the change where the changes to the interest or exchange rate arise from changes to a reference interest rate or reference exchange rate or where the changes are more favourable to you.

29.2 We may add or remove additional services or payment methods (Functionality) from time to time. These changes to Functionality may be subject to other terms and charges which we will publish in the Merchant Interface or on the Ecommpay Website. We will give you at least two months’ notice of changes to Functionality that you are using. However, if we change Functionality that you are not using, we will not tell you about this. If you wish to receive or remove Functionality, you can tell us through the Merchant Interface or by email.

29.3 We may agree other changes with you from time to time, for example in relation to the Service Fees. We will give you at least two months’ notice of any of these changes.

29.4 We will inform you and all other merchants of technical changes to the Services which require updates to the technical integration between you and us in order for the Services to operate properly, via updates to the Technical Integration Standards or via email, as soon as reasonably practicable and in any event in advance of making the technical changes to the Services.

29.5 Where a Card Scheme changes the relevant arrangement between it and us that would affect, as reasonably determined by us, any of our Services, then we may change the terms of the Agreement as required to reflect that change by giving you notice of not less than two months.

29.6 We may otherwise change the terms of the Agreement by giving you at least two months’ notice through the Merchant Interface or by email.

29.7 If you do not want to accept any change we tell you about, you can terminate the Agreement at any time before the change takes effect in accordance with clause 20. If you do not terminate the Agreement before the change takes effect, you will be deemed to have accepted the change.

29.8 Where the Agreement refers to our right to update certain documents from time to time, these changes will take effect immediately without giving you notice of the change.

30.1 A person who is not party to the Agreement will not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any provisions of the Agreement.

30.2 You may not assign, novate, charge, declare a trust over or transfer the benefit of all or any part of the Agreement. You may only use an agent or subcontractor in relation to the performance of your obligations with our prior written consent which we may withhold, or withdraw at any time. You will at all times remain liable to us for the acts or omissions of any of your agents or subcontractors.

30.3 We may assign or transfer the benefit and/or burden of any of our rights and/or responsibilities under the Agreement and/or subcontract any of our responsibilities under the Agreement to anyone we choose, provided that they are appropriately licensed to benefit from such rights and/or comply with such responsibilities. You agree to sign any document we request you to so that we can make the transfer or assignment or assignation. You also agree that we may disclose your confidential information to any actual or prospective transferee.

30.4 If we fail to insist that you perform any of your obligations, or if we do not enforce our rights against you, or if we delay in doing so, that does not mean you do not have to perform those obligations or that we have waived our rights.

30.5 Each of the provisions of these General Terms operates separately. If a court decides that any provision is unenforceable, it will be treated as being modified as little as possible to make it valid and enforceable. The remaining provisions will remain in full force and effect.

30.6 Nothing in the Agreement may be read as forming a partnership, joint venture or agency between you and us.

30.7 The Agreement sets out the entire agreement between you and us. It replaces any previous written or verbal agreement between you and us regarding the matters dealt with in the Agreement.

30.8 The Agreement will be governed by and interpreted in accordance with English law. You and we irrevocably agree that the English courts will have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with the Agreement (including non-contractual disputes or claims).

Account: any valid payment account which is issued by an account provider under a Card Scheme.

Accountholder: the person who is authorised by the Account Provider to use the Account and who is a customer purchasing goods and/or services from you (including a Cardholder).

Account Provider: an organisation with which an Account is held by an Accountholder.

Affiliate: in respect of us or you means any undertaking which Controls or is Controlled by or under common Control with or by us or you.

Agreement: has the meaning given in clause 2.2.

Applicable Law: all laws, sanctions, regulations (and including any Regulatory Authority’s requirements) or similar or equivalent, that apply to you or us or to any Payment or Refund, or that you or us considers appropriate to adhere to, for the time being in force in any jurisdiction.

Application: any application software which is an e-commerce point of sale approved by us for use in relation to the Services.

Application Documents: the information we request to satisfy our eligibility checks so we could assess your application and your ongoing suitability as a business to receive the Services.

Assessment: has the meaning given to it in clause 12.1.

Authorised User: has the meaning given to it in clause 4.

Authorised Recipient: has the meaning given in clause 23.5.

Business Day: a day other than a Saturday or Sunday or public or bank holiday in England.

Card: a credit, debit, charge, purchase or other card payment method issued by a Card Issuer whose Payments we are able to process under a Card Scheme (as notified by us to you from time to time).

Card Acquiring Services: the services detailed in Section C2 of the Agreement.

Cardholder: a person who is the authorised user of a Card.

Cardholder Data: any information regarding a Cardholder including details of any Cards and personal data about the Cardholder.

Card Issuer: an organisation which issues a Card to a Cardholder.

Card Scheme: Visa, Mastercard and any other Card scheme we may approve and enable in connection with our Services.

Card Scheme Rules: the rules and operating instructions issued and updated by the Card Schemes, including but not limited to the Visa Core Rules and Visa Product and Service Rules (available at https://www.visa.co.uk/dam/VCOM/download/about-visa/visa-rules-public.pdf), the Mastercard Rules (available at https://www.mastercard.us/en-us/business/overview/support/rules.html), which URLs may be updated from time to time by the Card Schemes. The Click to Pay T&Cs (available at https://www.mastercard.us/content/dam/public/mastercardcom/na/us/en/smb/other/mastercard-click-to-pay-terms-conditions.pdf), which URLs may be updated from time to time by us.

Card Transaction: any payment made by the use of a Card, a Card number or in any other way authorised by the Cardholder for debit to the Cardholder’s Account.

Card Transaction Data: Card Transaction details, Refund details and any other Card or Cardholder Data, Authorisation, Authentication responses. These must be in a form the relevant Card Scheme requests, in line with any legal requirement, and approved by us.

Chargeback: has the meaning given in clause 11.

Confidential Information: the Agreement and all business or technical information (other than Card Transaction Data) disclosed by either us or you to the other person in connection with the Agreement.

Contract Year: the period of 12 calendar months from the Effective Date and each subsequent period of 12 calendar months from the anniversary of the Effective Date.

Control: in respect of us or you, the exercise, or ability to exercise or entitlement to acquire, direct or indirect control over us or you by means of ownership, contract or otherwise.

Deductions: all amounts we are entitled to deduct from Settlement under Applicable Law, the Card Scheme Rules and/or the Agreement including: (i) Service Fees; (ii) Chargebacks; (iii) Assessments; and (iv) Refunds.

Developer Portal: https://developers.ecommpay.com (which URL may be updated from time to time by us) or such other website as we notify you from time to time.

Ecommpay Balance: the funds held by you with us from time to time as a result of us providing Card Acquiring Services to you.

Ecommpay Property: the Services, including the Merchant Interface, any materials delivered to you under the Agreement and any invention, development, product, IP Rights, software program, or derivative of them, developed in connection with providing the Services or during the term of the Agreement.

Ecommpay Website: www.ecommpay.com, which URL may be updated from time to time by us.

Effective Date: the date when we approve your application for the Services under the Agreement.

Fee Term: the length of time which applies to the Minimum Fee or any Service Fee, which shall be: (i) applicable, if we agree with you on a Fee Term; or (ii) applicable by default in the case of an Agreement to which an Initial Term and/or a Renewal Term applies, and will be the period of such Initial Term and/or Renewal Term, unless otherwise agreed.

Financial Statement: a financial information report prepared and made available to you by us under the Agreement.

Force Majeure Event: an event beyond the control of us or you, including strikes, riots, war, civil disturbance, acts of God, power failure, telecommunications outage, and acts of a Regulatory Authority.

FX Services: the services detailed in Section C3 of the Agreement.

Illegal Transaction: any Payment involving you (i) selling or supplying (or offering to sell or supply) goods or services (including supplying cash) in a way that does not fully keep to all Applicable Laws or Card Scheme Rules, or (ii) submitting Payments which are not in accordance with the category of transactions described in Application Documents, or as otherwise agreed between us and you; or (iii) submitting Payments which are not in accordance with any term of the Agreement.

Initial Term: where applicable, the fixed term agreed between you and us for which the Agreement will continue unless it is terminated in accordance with the terms of the Agreement.

Insolvency Event: any of the following events in respect of a party: (i) the party is unable to pay its debts within the meaning of section 123 of the Insolvency Act 1986; (ii) any proposal or arrangement, howsoever described, is made with (or for the benefit of) the party’s creditors as well as any procedure or order (including issued by any court of competence), whether voluntary or mandatory, is initiated, with respect to the rescheduling or re-arranging of its debts, its winding up, the appointment of an administrator or receiver over it, or attachment or sequestration or other forced execution on or against it or its assets; or (iii) any event which is the equivalent of or similar to (i) or (ii) in any jurisdiction to which the party is subject.

IP Rights: any copyright, trademark, trade name, trade secret, patent, database rights or other intellectual property right.

Loss: any claim, liability, loss, damage, proceeding, fine, penalty, Assessment, fee, cost, charge or expense (including reasonable and properly incurred legal fees and costs).

Merchant Bank Account: an account with a duly authorised credit institution held in your name and used to pay Service Fees and other amounts due to us under the Agreement.

Merchant Interface: the secure merchant interface on the Ecommpay Website or another URL provided by us, where you can access information regarding your use of the Services via the Merchant Interface Account including Payments, Chargebacks and Refunds.

Merchant Interface Account: your business account within the Merchant Interface.

Minimum Fee: the minimum fee that applies to each Minimum Fee Period and, where applicable, for the Fee Term.

Minimum Fee Period: the monthly, annual or other time period in respect of the Minimum Fee.

Minimum Volume Commitment: the minimum volume of Payments that you will submit to us each month, where applicable.

Operating Instructions: rules, procedures and operating instructions in connection with your use of the Services, which are reasonably required to ensure that we comply with certain operational and technical requirements (including the requirements of Applicable Law, Card Scheme Rules and PCI SSC) as issued and updated by us.

Original Transaction Currency: the currency of any Payment we have received for you where you are using our Acquiring Services.

Payment: a payment for goods and/or services provided by you which the Accountholder has authorised you to charge to the Accountholder's Account, including Card Transactions, in each case, submitted by you to us in accordance with the Agreement.

Payment Gateway Services: the services detailed in Section C1 of the Agreement.

PCI DSS: the payment card industry data security standards which apply from time to time, which are issued by PCI SSC, or any successor to those standards.

PCI SSC: the Payment Card Industry Security Standards Council LLC or any successor to the council.

Rate Card: the document which sets out the Services and Service Fees (available at https://ecommpay.com/rate-card/, which URL may be updated from time to time by us).

Reference Rate: the currency exchange rate we may receive from the applicable service provider or Card Scheme, as applied from time to time.

Refund: a refund you make to an Accountholder in respect of a Payment, which will fully or partly reverse it.

Regulatory Authority: any governmental, regulatory authority or law enforcement department, agency, or other law, rule or regulation making entity (including any stock exchange or central bank) that we, you, or any Affiliates are subject to the jurisdiction of in respect of the Agreement, and any successor or replacement of any of them.

Renewal Term: where applicable, the fixed term for which the Agreement will renew after the expiry of the Initial Term and/or the then current Renewal Term.

Security: has the meaning given in clause 16.

Service: as applicable (i) Card Acquiring Services; (ii) Payment Gateway Services; and/or (iii) FX Services.

Service Fees: all charges and fees payable under the Agreement or in accordance with Applicable Law including fees due under these General Terms and those set out in the Rate Card or that we tell you about pursuant to clause 29.

Settlement: the transfer by us of the value of a Payment to you which may be net of Deductions.

Settlement Currency: the currency or currencies in which we will make Settlement to you where you are using our Acquiring as set out in the Rate Card or agreed between us and you from time to time.

Technical Integration Standards: our technical requirements as updated from time to time and made available on the Developer Portal that you will need to comply with in order to gain access to and continue to have the benefit of the Services via a software integration.

Website: any website which is an e-commerce point of sale approved by us for use in relation to the Services.

Website Requirements: our website requirements available at: ecommpay.com/uploads/2025/05/05/Website-Requirements.pdf, which URL may be updated from time to time by us.

In addition to the above, the following rules of interpretation in this Section B apply to the Agreement:
a) Any reference to a clause will be to the relevant clause of the document in which it appears unless specified otherwise.
b) The use of the term "including", "such as" and similar expressions mean including but not limited to.
c) A reference to a statute or statutory provision is a reference to it as it is in force as at the date of the Agreement. A reference to a statute or statutory provision includes all subordinate legislation made as at the date of the Agreement under that statute or statutory provision.

1.1 Where we provide you with our Card Acquiring Services that enable you to take Payments from your customers and receive Settlement of those Payments from us then we will also provide you with our Gateway Services. The Ecommpay Gateway is the technology that enables you to offer a range of ways to pay to your customers online, including on your Website or as part of your Application.

1.2 In particular, when we provide you with our Gateway Services, we will provide you with an online service that (among other things) supports the processing of:

• requests for authorisation of payment transactions by Card Issuers;
• confirmations from the relevant Card Issuer that there are adequate funds available at the time of the transaction to for the customer to make the payment in question; and
• the submission of authorised transaction data to the relevant Card Issuer for the purposes of executing a payment instruction in respect of a payment transaction.

Upon receipt of any such request for authorisation, or authorised transaction data, from you, we will promptly forward the request or data to the relevant Card Issuer.

1.3 We confirm that:

• in relation to Card Payments, our Gateway Services are PCI DSS compliant;
• we will maintain in place, and comply with, our own prudent information security policies in providing our Gateway Services to you; and
• if there is any security issue relating to our Gateway Services, which you promptly notify to us, then we will address or remedy the issue by taking appropriate corrective action and/or re-performing the defective part of the services.

However, you also acknowledge we can only control our own technical environment, and we cannot guarantee the security of data once it has left our environment and been transmitted to any third parties.

1.4 You acknowledge and agree that, in connection with, and only where you are using, our Gateway Services:

• we cannot guarantee any minimum response times in connection with on-line authorisations requested from third parties; and
• we do not offer any minimum availability targets in respect of the Ecommpay Gateway.

2.1 Subject to you providing us with the information or other input that we require from you, we will provide you with reasonable assistance in setting up the Gateway Services and integrating them with your Website or Application or other software so that you can make use of the Ecommpay Gateway. You acknowledge that in some circumstances we may refuse to integrate our Gateway Services with your Website or Application or other software, or with a third party solution, including where we cannot technically integrate or continue to integrate with their technical solution, the integration or continued integration becomes commercially unviable, or we want to limit the number of integrations we permit.

2.2 In this regard, we will let you know of your implementation responsibilities, and those for which we will be responsible, and you must perform each of your responsibilities in order that we can provide our reasonable set up support to you.

2.3 We will also let you know how the successful set up of our Gateway Services in connection with your business is to be tested by us or by you, including on an ongoing basis. You will co-operate with us in relation to any testing we tell you is required.

3.1 We may adjust the content and interfaces of our payment gateway in order to keep our Gateway Services up to date with market requirements. If these adjustments require you to make changes in your software, interfaces, operating procedures and/or Website, we will inform you as soon as we reasonably can and always prior to us making those adjustments.

3.2 You will be responsible for your own costs of making any such changes to your software, interfaces, operating procedures and/or Website. You are also responsible for any hardware, software or any other system used by you to access and use our payment gateway. Any programming, development and maintenance of your business’ hardware, software or systems and their functionality are your responsibility and you will be responsible for all matters relating to the integration of them with our gateway.

3.3 Where any functionality changes are specific only to you and do not impact on any other merchant customer of Ecommpay, then we will only activate the relevant functionality changes for your use in a live environment when agreed between us and you in writing.

3.4 Where we do make a technical change to our internet Gateway Service, then we will have no liability to you arising from your failure to implement or use the relevant change by the date notified by us, provided that you have wherever possible been given reasonable notice of the requirement to implement the relevant change.

4.1 In relation to the Website or Application (or equivalent) that your customers use when they wish to make Payments to you, you must ensure that this sets out the following information in relation to you and/or your Affiliates (as applicable):

• the address for customer correspondence;
• your and/or your Affiliate's (as applicable) legal name, trading name and principal address such as registered office;
• the address of the merchant outlet which sells the goods/services that are the subject of the relevant Payment transaction;
• the marks and logos of the Card Schemes that you and/or your Affiliate (as applicable) accept;
• a customer data privacy policy;
• a description of how you and/or your Affiliate (as applicable) transmit Payment data;
• a complete description of the goods and/or services offered;
• a return and refund policy that complies with the Agreement;
• contact details for a customer service function, including an email address and telephone number;
• the currency in which Payments will be made;
• any export restrictions that will apply to the good or services offered; and
• policies on delivery and split shipments of goods.

4.2 Where you use any other third party products or services in connection with the Ecommpay Gateway:

• you must ensure that all appropriate licences, approvals and clearances are obtained to use their services in connection with our Gateway Services (and you must ensure that the correct licence fees are paid in relation to this);
• we may determine that we need to enter into a contract directly with such third party provider in accordance with the Card Scheme Rules, and if we cannot agree such contract then we will not be under any obligation to provide the Gateway Services;
• you will keep us promptly informed of any changes in any such contract, and any technical changes to such third party products or services, in so far as such changes may affect the provision of our Gateway Services; and
• you will also be responsible for ensuring that each third party provider reasonably cooperates with us, is authorised by you to share relevant information with us, and promptly rectifies any problems which affect the provision of the Gateway Services which are attributable, whether in part or in whole, to the relevant third party.

4.3 When using our Gateway Services, you must not:

• use them for any abusive or improper purpose or in any way that damages our systems or interferes with or disrupts our other users;
• reverse compile, disassemble, translate, reconstruct, transform, extract, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Ecommpay Gateway or any software associated with it or attempt to do any such thing;
• attempt to circumvent user authentication or security of any host, system, or account (also known as cracking or hacking). This includes:
• accessing data that is not intended for you;
• logging into a server or account that you are not expressly authorised to access, and/or
• probing the security of other networks;
• attempt to interfere with service to any user, host, or system (also known as denial of service attacks). This includes:
  • flooding of networks;
  • deliberate attempts to overload a service; and/or
  • attempts to crash a host;
• use any kind of program/script/command, or send messages of any kind, that are designed to interfere with a user’s session, by any means, including locally or via the internet; and
• take any action that will result in:
• excessive consumption or utilisation of our system; and/or
• weakening the performance of our Gateway Services.

4.4 You must promptly report to us problems that you become aware of in respect of the set up of the Ecommpay Gateway and the Gateway Services in accordance with the fault reporting procedures that we notify to you from time to time.

5.1 Where you use the ‘Pay by Link’ functionality we make available to you via the Ecommpay Gateway:

• you shall be responsible for the completeness and accuracy of the information you submit in relation to a request for Payment to be made via the payment link, including the amount of the transaction;
• you shall only send a link to one of your customers where:
  • it is suitable and permitted under law to send them a payment link;
  • to the best of your knowledge, the payer does not suffer from any disability or vulnerability which may interfere with the payer's ability to receive and/or use a payment link;
  • you have provided the buyer with a valid invoice, bill or other demand for payment for the goods and/or services to which the payment link relates; and
  • the customer is willing to receive the payment link;
• you shall not modify any payment links you request from us; and
• you shall distribute the payment links you request from us to your customer through your chosen communication channels.

6.1 Except as expressly set out in the Agreement, and to the maximum extent permitted under applicable law, no representation, warranty or condition, express or implied, statutory or otherwise as to condition, quality, performance, fitness for purpose or otherwise is given by us in relation to our gateway services and all such representations, warranties and conditions are hereby excluded to the maximum extent permitted by Applicable Law.

6.2 Any statements made in any manuals or other documents, or by any of our employees or authorised representatives or service providers, are provided for information purposes only and not as warranties given by us.

6.3 You acknowledge that our Gateway Services may be or become temporarily unavailable for any reason including scheduled or unscheduled maintenance, equipment modifications or upgrades, as well as for other reasons beyond our reasonable control.

1.1 When providing you with our Card Acquiring Services, we will:

• when a Cardholder uses their Card to pay you for goods and/or services, transmit an authorisation request to the relevant Card Issuer in order to confirm that the Card may be used for the relevant transaction and that there are sufficient funds available in the Account connected to the Card;
• submit a payment order in respect of the Card Transaction to the relevant Card Scheme for onward transmission to the relevant Card Issuer. This will be processed in accordance with the relevant Card Scheme Rules; and
• upon receipt of funds from the relevant Card Scheme, make Settlement of the Card Transaction to you in accordance with the Agreement (and in accordance with the timeframe set out in the Rate Card) by paying you the value of the Card Transaction as set out in the Card Transaction Data and as determined by the relevant Card Scheme (net of any amounts we are permitted to deduct in accordance with the terms of the Agreement)

1.2 You acknowledge that as part of the Service Fees we may charge you an authorisation fee for each authorisation request you initiate, including where the authorisation is declined, unless agreed otherwise. If the authorisation is declined, the Card Transaction cannot proceed. Approval of an authorisation request is not a guarantee of payment.

2.1 You must obtain authorisation for every Card Transaction unless we tell you otherwise, including where a customer asks you to split a Payment between more than one Card or between a Card and another payment method.

2.2 In requesting authorisation to process a Card Transaction, you agree that:

• all information presented is true and complete;
• the Card Transaction is entered into in good faith and in compliance with all legal, Card Scheme and other requirements and you are not aware of any circumstances that would or might result in a breach of Applicable Law;
• the Card Transaction relates directly to your business and you have supplied (or will supply) the relevant goods or services, to the value stated, and the Card Transaction does not involve any Card issued in your name or your Account or those of any connected person; and
• you are not aware that the Card Transaction has previously been subject to a Chargeback.

2.3 If you do not ask for authorisation or if authorisation is refused, you must not complete the Card Transaction. To the extent within your control, you must not re-submit a Card Transaction for authorisation if the original authorisation is refused.

3.1 In addition to your general obligations relating to taking Payments at clause 9.6 of the General Terms, you must:

• display prominently in or on all of your Websites the scheme marks of the Card Schemes that you accept;
• not misrepresent yourself as being a direct member of a Card Scheme;
• not process a Card Transaction that involves any Card issued in your name or linked to your Account or those of any connected person; and
• in relation to strong customer authentication ("SCA"):
  • ensure that you support solutions allowing the performance of SCA for the required Card Transactions;
  • enable and cooperate in the application of SCA to the required Card Transactions;
  • follow any instructions regarding SCA received from us or the Card Issuer, including instructions provided electronically through a Card machine or your Website; and
  • not apply SCA on your own initiative if we or a Card Issuer have not instructed you to do so, or misrepresent the circumstances of a Card Transaction to avoid applying SCA.

3.2 You acknowledge and agree that you will remain liable for Card Transactions (and Service Fees) in accordance with the Agreement, even if we have performed SCA for a Card Transaction or determined that SCA is not necessary for a Card Transaction.

3.3 To the extent you utilise your own SCA solution or an SCA solution of a third party, you must ensure that any such solution is compliant with PCI DSS, Card Scheme Rules, Applicable Law and the Agreement.

4.1 You may only process recurring transactions (including Card Transactions that rely on you or us holding the Cardholder Data on file or creating a continuous payment authority), if we have given you permission to do so, and then only in accordance with our Operating Instructions and any other requirements we tell you about.

4.2 If we tell you that you are allowed to process such recurring transactions, you will:

• obtain the Cardholder’s written authority (which may include the Cardholder indicating their authority via a tick box and a zero value transaction) to take periodic Card Transactions from them, including confirmation as to whether the amount of the periodic payments is fixed or variable, the dates on which the Payments will be charged to the Cardholder's Card and whether the dates are fixed or variable;
• ensure that SCA has been applied unless exempt under Applicable Law;
• notify the Cardholder that they may cancel the recurring transaction authority at any time;
• notify the Cardholder within two working days of obtaining their authority that a recurring transaction authority has been established;
• notify the Cardholder at least 7 working days prior to a recurring transaction Payment being processed to their Card if:
  • the Payment amount or date has changed;
  • more than 6 months have elapsed since the last payment; or
  • a trial period or introductory offer has expired;
• immediately cease taking Card Payments from a Cardholder upon any receipt of a cancellation from him/her of their written authority to you;
• retain a copy of the recurring transaction authority for at least 18 months after the date of the final Card Payment you take under it; and
• provide us with a copy of the recurring transaction authority upon our request.

4.3 You process recurring transactions at your own risk, and you acknowledge that any recurring transaction that does not comply with the above requirements, or which is otherwise disputed by the Cardholder, may result in a Chargeback in accordance with clause 11 of the General Terms.

4.4 Where you wish to transfer to us Cardholder Data held on file by a third party (e.g. another acquirer) in order to process recurring transactions, you acknowledge that we may refuse to accept or use such Cardholder Data, if we determine that the use of such Cardholder Data may pose a risk to us, e.g. where the Cardholder Data has been obtained without proper consent. Should we accept or use such Cardholder Data you warrant that it has been obtained in compliance with the Appliable Law and Card Scheme Rules and that passing on such data to us by you or the third party for the purpose of processing recurring transactions will not be in breach of Appliable Law and Card Scheme Rules.

5.1 You may only offer pre-authorised orders if we specifically allow you to do so and then only in accordance with our Operating Instructions, and any other requirements we tell you about.

1.1 Our FX Services enable you to accept Payments from your customers using our Card Acquiring Services, in a range of currencies that we notify you of from time to time.

1.2 Where we provide our FX Services to you, where appropriate, the types of currencies which you are authorised to use for this purpose, and the applicable fees and charges to be paid by you, will be communicated by us to you when we agree to provide our FX Services and/or at the time of each currency exchange transaction you request or require us to carry out for you.

1.3 You agree that where you instruct us to convert any currency for you, you shall pay us our applicable fees and charges, in addition to the transaction exchange rate to complete the relevant currency exchange.

2.1 Where we are providing you with our Card Acquiring Services, we may upon agreeing with you enable the currency choice feature that will allow your customers to choose a different Original Transaction Currency for their Payment.

2.2 The applicable exchange rate (which may include a mark up/margin) will be provided to your customers before they proceed with the Payment, and they must decide whether to proceed. Your customers may choose not to proceed with a different Original Transaction Currency and make the Payment in the initial currency (i.e. the initial currency in which you priced and offered the goods/services for sale).

2.3 If your customer does proceed with a different Original Transaction Currency for their Payment, we will then process the Payment in that currency.

2.4 Where you use this currency choice feature, you must follow all instructions we provide to you in relation to it, including in respect of obtaining your customer's consent to paying in any different Original Transaction Currency and in respect of any information or disclosures or receipts you must provide to your customer in respect of the currency conversion carried out at their request.

3.1 Where we are providing you with our Card Acquiring Services, and the Original Transaction Currency of the Payment is different from your Ecommpay Balance currency, then:

• we will process the Payment in the relevant Original Transaction Currency;
• we will convert the currency of the Payment into your Ecommpay Balance currency on the day we process the Payment in accordance with this Section C3.

4.1 If Ecommpay converts currency, it will be completed at the Reference Rate or the transaction exchange rate we set for the relevant currency exchange at the time of conversion, details of which we will make available or notify to you at the time that:

• you request that information; or
• you request us, or we are required, in order to provide the FX Services to you, to convert currency for you.

4.2 Each transaction exchange rate will have a validity period, which information we will also make available or notify to you at the same time as providing you with the transaction exchange rate details.

4.3 Where:

• you then instruct us to convert any currency for you, and you do so; or
• we are required to convert any currency in order to provide our Services to you

then, within the validity period of a relevant transaction exchange rate, we will use that rate to complete the relevant currency exchange, unless there have been material changes to the exchange rate, in which case we may decide not to proceed with the currency exchange and notify you thereof.

4.4 You may be able to access certain information within the Merchant Interface to see what transaction exchange rate may apply for certain currency conversions in certain scenarios. Any rates shown in the Merchant Interface indicate the applicable rates at the time you use the Merchant Interface for this purpose and are subject to change, including when the relevant transaction is ultimately processed.

4.5 Where a currency conversion is carried out by a Card Scheme, not by Ecommpay, then Ecommpay has no liability to you for that currency conversion.

5.1 If you are required to reimburse any Chargebacks in a currency that is different from the currency of your Ecommpay Balance, then, to enable this, we may convert the currency of the Chargeback into the relevant Ecommpay Balance currency on the day we process the Chargeback in accordance with this Section C5. However, at certain instances the currency of the Chargebacks may be converted into the Card currency.

5.2 If your Ecommpay Balance is not enough to cover the amount of a Chargeback in a particular currency, we may perform a currency conversion from your Ecommpay Balance in another currency to cover the shortfall.

6.1 You agree that Ecommpay will not provide you with advice on the merits of a particular currency exchange or provide you with personal recommendations in relation to any Payment or currency exchange transaction.

6.2 You should not rely on any opinion or analysis expressed or communicated by Ecommpay or any of our employees or agents as being a recommendation or advice in relation to any currency exchange transaction.

These Data Sharing Terms set out the terms that you and we must comply with when Processing Personal Data.

Controller: has the meaning given to it in the Data Protection Laws.

Data Subject: a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data Protection Laws: all applicable data protection and privacy legislation in force from time to time, including the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (EU GDPR), the EU GDPR as it as it forms part of the law of the UK by virtue of section 3 of the European Union (Withdrawal) Act 2018 (UK GDPR), the UK Data Protection Act 2018, the Privacy and Electronic Communications Regulations 2003 (SI 2003 No. 2426), all other legislation and regulatory requirements in force from time to time which apply to either you or us relating to the Processing of Personal Data, and the guidance and codes of practice issued by the Information Commissioner or other relevant data protection or Regulatory Authority and applicable to either you or us.

Data Subject Rights Request: any request made by, or on behalf of, a Data Subject, seeking to exercise any of the Data Subject's rights under the Data Protection Laws.

Personal Data: any information relating to a Data Subject that is Processed by you and/or us as a result of, or in connection with, the Services.

Personal Data Breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed.

Processing: any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (and Process, Processes and Processed shall be construed accordingly).

Processor: a natural or legal person, public authority, agency or other body which Processes Personal Data on behalf of the Controller.

Restricted Transfer: the transfer, sharing or Processing of Personal Data to or in any country or territory outside the United Kingdom which has not been recognised as providing an adequate level of protection for Personal Data by the UK government.

2.1 For the purpose of the Agreement, you and we each acknowledge that the factual arrangements between you and us in relation to each of your and our respective obligations under the Agreement and in connection with the Services dictates each of your and our data protection role(s) under the Data Protection Laws.

2.2 You and we envisage that, in respect of any Processing of Personal Data under the Agreement:

• you shall only ever act as an independent Controller, and you and we do not envisage any scenario under the Agreement where you would act as a Processor on our behalf as the relevant Controller; and
• we shall act as an independent Controller wherever you and we each independently determine the purposes and means of any Processing of Personal Data.

2.3 You and we agree that wherever you and we each act as independent Controllers in respect of any Processing of Personal Data, you and we shall each comply with the obligations in paragraph 3 below.

2.4 Without affecting paragraphs 2.2 and 2.3 above, you and we further agree that in connection with the Services, we will:

• act as an independent Controller in respect of the following activities (which is not an exhaustive list) when we provide Payment Gateway Services, Card Acquiring Services and FX Services:
  • Onboarding, associated due diligence and entering into agreements with you.
  • Managing our relationship with you.
  • Conducting checks to prevent money laundering, terrorism financing, fraud detection or detecting other suspicious activity.
  • Complying with KYC and customer identity requirements.
  • Assessing and/or mitigating financial, information/data security, credit and insurance risks.
  • Processing transactions.
  • Managing authentication and authorisation.
  • Blocking transactions for reasons such as insufficient funds or stolen Cards.
  • Determining the duration we retain transaction data.
  • Complying with Applicable Law together with legal, regulatory or other obligations conferred on us.
  • Determining any recipients of the transaction data.
  • Evaluating and improving our products and services and developing new products and services.
  • Providing reports to you.

3.1 In instances where you and we act as independent Controllers, each of you and we shall:

• comply with the Data Protection Laws in respect of the Processing of Personal Data as a Controller;
• not do anything to cause the other to be in breach of its obligations;
• only provide Personal Data to each other in accordance with the Data Protection Laws and only to the extent necessary to perform your and our respective obligations under the Agreement;
• reasonably cooperate with the other to assist it in fulfilling its respective obligations under the Data Protection Laws;
• implement appropriate technical and organisational measures in order to ensure the appropriate level of security of the Personal Data. In this regard, you and we shall take into account industry standards and practices, the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing Personal Data, as well as the risk of varying likelihood and severity for the rights and freedoms of Data Subjects and the risks that are presented by the Processing of Personal Data, in particular from a Personal Data Breach;
• provide appropriate privacy notices to Data Subjects regarding the Processing of Personal Data in line with the requirements of the Data Protection Laws, including as set out in paragraph 5 below;
• take reasonable steps to ensure that Personal Data is:
  • accurate, complete and up to date;
  • adequate, relevant and limited to what is necessary in relation to the purposes for which they are Processed under the Agreement in connection with the Services; and
  • kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the Personal Data are Processed, unless a longer retention is required or allowed under Applicable Laws; and
• implement appropriate technical and organisational measures to ensure, and be able to demonstrate, that the Processing of Personal Data is undertaken in accordance with Data Protection Laws, including, where appropriate, appointing a data protection officer, complying with the principles of the Data Protection Laws in respect of data protection by design and default and, where required, performing data protection impact assessments and conducting prior consultations with data protection Regulatory Authorities.

3.2 Where either you or we receive a Data Subject Rights Request in relation to the Personal Data, each of you and we shall:

• provide any information and/or assistance as reasonably requested by the party in receipt of the Data Subject Rights Request to help it respond to the request or correspondence; or
• where a Data Subject Rights Request is directed to or received by one party and relates to the other party's Processing of the Personal Data, the party in receipt of the Data Subject Rights Request will:
  • promptly, and in any event within 5 Business Days of receipt of the Data Subject Rights Request, inform the other party that it has received the same and shall forward such request or correspondence to the other party; and
  • provide any information and/or assistance as reasonably requested by the other party to help it respond to the Data Subject Rights Request in the timeframes specified by Data Protection Laws.

3.3 You and we shall promptly notify (and in any event no later than 48 hours after having become aware of a Personal Data Breach that impacts the Personal Data Processed in the context of the Services under the Agreement) the other when you or we become aware of a Personal Data Breach that relates to Personal Data Processed in the context of the Services and shall:

• do all such things as reasonably necessary to assist the other in mitigating the effects of the Personal Data Breach;
• implement any measures necessary to restore the security of any compromised Personal Data;
• work with each other to help make any required notifications to applicable data protection Regulatory Authorities and/or affected Data Subjects in accordance with the Data Protection Laws (including in respect of timeframes); and
• not do anything which may damage the reputation of the other or its relationship with relevant Data Subjects, save as required by Applicable Laws.

3.4 Where the provision of Personal Data from either you or us to the other involves a Restricted Transfer, each of you and we shall ensure that appropriate safeguards are in place, or any other valid transfer mechanism that is deemed legally sufficient under the Data Protection Laws to ensure the lawfulness of any such Restricted Transfer.

You shall inform the Data Subjects regarding the Personal Data Processing carried out in relation to the provision of Services by inserting in your privacy notice a statement that shall appropriately reflect the fact that you rely on the services of a payment service provider.

5.1 Our and your obligation to protect the data and information received from the other party shall survive the expiration or termination of the Agreement. In the event we or you continue to provide any data or information to the other party after the expiration or termination of the Agreement, the receiving party agrees to continue to protect all such data and information received in accordance with the provisions of Section D.

5.2 Subject to clause 5.1, the obligations under Section D shall survive termination or expiration of this Agreement for a period of 5 years, or as long as required by Applicable Laws.

Download Terms & Conditions