|
414 The Settlement Account is owned and controlled by the Merchant and is a valid
<br />account for processing debit and credit transactions under this Merchant Agreement;
<br />4.15 Merchant is not if) a Sanctioned Person, (ii) located in or operating trader a
<br />license Issued by a jurisdiction whose government has been identified by the U S
<br />Department of State as a sponsor of international terrorisin under 22 U.S.C. 2371 or 50
<br />U.S.0 App. 24050). (iii) located in or operating under a license issued by u jurisdiction
<br />that has been designated as non-coopenlive with international anti -money laundering
<br />principles or procedures by an mars govermnenal group or organization of which like U.S.
<br />IS s memiser, or fly) located in or operating under a license issued by ajurisdiction thus has
<br />been designated by the U.S. Secretary of Treasury pursuant to 31 U.S.C. 5318A as
<br />warranting special measures due to money laundering concerns', and
<br />4.16 that Merchant will imnmeNately notify Merchant Bank and Processor of any
<br />material changes to any information provided herein including but not limited to n change
<br />in Merchant's legal entity, location, business type, or die types of goods and services
<br />oflered for sale by Merchant.
<br />5. CONFIDENTIALITY; DATA SECI'IIITY,
<br />5.1 Transaction Receipts. Merchant will retain to a secure and confidential manner
<br />anginal or complete and legible copies of each Transaction Receipt, and each Credit
<br />Transaction Receipt required to be provided to Cardholders, for at least two years or longer
<br />ifrequired by law or the Operating Rules. Merchant shall render all materials containing
<br />Cardholder Account Numbers unreadable prior to discarding.
<br />5.2 Storage. Merchant will store Transaction Receipts and Credit 'transaction
<br />Receipts in an area limited to selected personnel, and when record - retention requirements
<br />have been met, Merchant will destroy the records so that the same are rendered unreadable.
<br />53 Merchant Servicers nett Agents. Merchant must notify Bank and receive
<br />Bank's approval prior to engaging any Merchant Servicer or Agent in connection with
<br />Merchant's acceptance of Cards or tine submission of "Ilareaetions to Bank Merchant shall
<br />provide Merchant Bank avid Processor at least sixty days advance written notice of
<br />Merchant's election to use a Merchant Servicer or Agent. Merchant Bank and/or Processor
<br />may individually approve or deny the use ofa Merchant Servicer or Agent in their sole and
<br />absolute discretion and at any time Be Merchant Servicer or Agent is required to certify.
<br />register, or act in any fashion pursuant a the Operating Rules, Merchant shall cause such
<br />Merchant Servicer or Agent to cooperate with Merchant Bank in completing any steps
<br />required for registration and/or certification and/or action. Merchant is solely responsible
<br />for any and all applicable fees, costs, expenses and liabilities associated with such
<br />registration and/or certification and/or action. Bank shall in no event be liable to Merchant
<br />or any third perry for any actions or inactions of any Motorcar Servicer or Agent used by
<br />Merchant, mid Merchant hereby expressly assumes all such liability.
<br />Merchant will immediately notify Bank if Merchant decides to use electronic authorization
<br />or data capture terminals is by any entity other than Bank or its authorized designee
<br />( "Third Party Terminals ") to process Transactions, including leasing a terminal from a
<br />third parry. If Merchant elects to use Third Party Tonninals: (a) the third party providing
<br />the terminals will be Merchant's Merchant Servicer in the delivery of Transactions to
<br />Bank; and (b) Merchant assumes full responsibility and liability for any failure ofther third
<br />Perry to comply with the Operating Rules, applicable laws, rules or regulations o this
<br />Merchant Agreement. Bank will not be responsible for any losses or additional fees
<br />incurred by Merchant as a result of any error by n third party agent or n malfunction in a
<br />'Third Party Terminal,
<br />The me of a Merchant Servicer or Agent or software or systems provided by a Merchant
<br />Servicer or Agent that has connectivity, to the Internet poses an increased risk, and
<br />Merchant assumes all liability for such increased risks. If Merchant others software or
<br />hardware with if eomneehon to the Internet such hardware or software interacts in any
<br />capacity with the provision of services contemplated pursuant to this Merchant Agreement,
<br />Merchant is solely liable without hiliiation for any and all consequences of such
<br />interaction.
<br />5 4 Security. Merchant agrees and shall ensure that Merchant Servicers and Agents
<br />utilized by Merchmrt provide the same levels of security as those required ofMerclem, and
<br />that such Merchant Servicers and Agents tmnsaut data in accordance with (a) the required
<br />formar(s) of the Card Associations; (b) the Operating Rules; and (e) the requirements of
<br />Bank. Merchant must have a written contract between the Merchant mid its Agent or
<br />between the Merchant and the Merchant Servicer that stipulates adherence to the provisions
<br />of such information security requirements. Merchant shall indemnify and bold Merchant
<br />Bank and Processor harmless against losses or damages arising front the ants or omissions
<br />of Merchant Servicers or Agents engaged by Merchant.
<br />5.5 Loss or Theft, Merchant most immedirkoh, notify Merchant Bank and Processor
<br />affray suspected or confirmed loss or then of materials or retards that contain Cardholder
<br />Account Numbers or Card Transaction information. In the event of a suspected or
<br />confirmed loss or theft Merchant shall provide immediate access to all facilities, systems,
<br />procedures, equipment, and documents as may be deemed appropriate by Bank or its
<br />designated representatives for inspection, audit, and copying is deemed appropriate by
<br />both Merchant Bank and Processor in tire;, individual sole discretion. Merchant shall be
<br />responsible for all costs associated wish such inspection, audit, and copying however such
<br />costs may occur '.
<br />5.6 Merchant authorizes Bank to release its name and address to any third party
<br />whom the Bank determines tends to know such information in order for Dank to perform
<br />the Card Program services under this Merchant Agreement and who has requested such
<br />information.
<br />5.7 Merchant will not (a) provide Cardholder Account Numbers, personal
<br />Cardholder information or "Transaction information to anyone except Bank, the Card
<br />Associations. or Merchant's Merchant Servicers or Agents for the purpose of assisting
<br />Merchant in completing Card Transactions, an as specifically required by law; (b) retain or
<br />store Card Magnetic Stripe, CVV, CVV2, CVC2 or CID data (including Track Data)
<br />subsequent to Authonzafien for a Transaction: (c) sell, purchase, provide or exchange Card
<br />Account Number information to anv third party without the Cardholder's consent, or to any
<br />entity, other than Merchant's Merchant Servicers or Agents, Bank, the Card Associations,
<br />or in response to valid legal process or subpoena; or (d) release any Cardholder information
<br />over the telephone trader any circumstances.
<br />5.8 Merchant nary not in an -% event, including its failure, including bankruptcy,
<br />insolvency, or other suspension of business operations, sell, troosfer, or disclose any
<br />materials that contain Cardholder Account Numbers, personal information or Transaction
<br />information to third parties. In the event that Merchant's business fails or ceases to exist.
<br />Merchant is required to return
<br />rn to Bank all such infomtion or provide procure£ destruction
<br />ofthis information to Bank.
<br />59 Merchant agrees to establish secunty procedures to protect Cardholder
<br />information and comply with the Visa Cardholder Information Security Program (CISP),
<br />MosterCii Site Data Protection (SDPi Program, Discover Information Security
<br />Compliance (DISC), American Express Data Security Requirements, and the Payment
<br />Card Industry data security standards. The Card Associations or Batik, and the respective
<br />representatives, may insurer the premises of Merchant or any Merchant Servicer m Agenl
<br />engaged by Merchant for compliance with seeudty requirements. Merchant acknowledges
<br />that any failure to comply with security requirements may result in the imposition of
<br />restrictions on Merchant or the permanent prohibition of Merchant's participation in Card
<br />acceptance programs by the Card Associations. Merchant shall indemnify and hold Bank
<br />harmless against any losses or damages arising farm Merchant's failure to comply with
<br />security procedures and any losses or damages arising from or related to Merchant's acts or
<br />omissions that result in a breach of data security, including but not limited to Merchant's
<br />two- purlicipation in any breach security program Processor may offer
<br />5.10 Federal reyndations reacted pursuant to the USA PATRIOT Act mid other
<br />applicable laws require financial institutions with which the Processor has relationships to
<br />verify the identity of every person who seeks m open an account with a financial
<br />institution. As a result of Membani s status cis an account holder with Merchant Bank,
<br />Merchant shall provide documentary verification of Merchant's identify, such as a driver's
<br />license or passport for an individual and certified copy of organization document for an
<br />entity in manner acceptable to Bank. Bank reserves the fight to verify Merchant's identity
<br />through other non - documentary methods as Bank deems appropriate in its soft discretion.
<br />Bank may ream a copy of any document it obtains to verify Merchant's identity with the
<br />financial institution.
<br />6. OPERATING RULES.
<br />6.1 Merchant must comply with the Operating Rules, as the same may be amended
<br />no time to tune. The Operating Rules may change with little or no advance nonce to
<br />Merchant and Merchant will he bound by kill such changes. If Merchant oblects to am
<br />change to the Operating Rules, it must immediately stop accepting new Transactions for
<br />Cards governed by the change 1'he Operating Rules will govern in the event that there is
<br />any inconsistency between this Merchant Agreement and the Operating Rules. However,
<br />nothing in this Merchant Agreement shall be construed to impose on Merchant a
<br />requirement (including a requirement under the Operating Rules) which is prohibited by
<br />mandatory provisions of applicable law (i.e., where the applicability of such provisions of
<br />law to this Merchant Agreement, and of the law's prohibition to the particular acquirement
<br />which otherwise would be imposed on Merchant hereunder, cannot lawfully be waived by
<br />agreement), but the requirement hereunder shall be construed to continue in effect and to
<br />be imposed uu Merchant in all respects and at all times to the fullest extent possible
<br />without violating the law's prohibition, with only those particular applications of the
<br />requirement which would violate the law's prohibition deemed severed from the provisions
<br />boreal'
<br />6.2 Operating Rules of the Debit Networks may differ among them with respect to
<br />the Transactions they allow. Bank, at its discretion, may require that the most restrictive
<br />requirements of one Debit Network apply to all of Merchant's On -line Debit Card
<br />Transactions, regardless of Card type.
<br />7, MERCHANT'S BUSINESS; OTHER PROCESSORS.
<br />7.1 Compliance With Laws. Merchant will comply with all Requirements inflow
<br />and regulations, including but not limited to laws and regulations regarding anti- nisawy
<br />laundering compliance, in completing Transactions, submitting them to Bank, performing
<br />its obligations under this Merchant Agreement, and otherwise conducting its business.
<br />7.2 Change in Name or Business. Merchant will give Merchant Book and Processor
<br />at least thirty days' prior written notice before any change in Merchant's name or location,
<br />any choose in ownership or managerem, of Merchant's business, any sale, assignment,
<br />rental, lease or [transfer of ownership of any location that accepts Cards, or any material
<br />change in information concerning Merchant in the Merchant Application, and materal
<br />change in the type or nature of die business carried out by Merchant or otherwise required
<br />to be provided to Bank.
<br />7.3 Other processors. To the extent permitted by applicable Irv. Merchant agrees
<br />that it will not participate in a Card Program with another financial institution or processor
<br />without Bank's written approval.
<br />S. CREDIT REPORTS AND OTHER INFORMATION.
<br />8.1 Reports About Merchant From time to time, Bank may obtain credit and other
<br />information on Merchmrt, owuars and officers of Merchant, and any add all personal
<br />guarantors ufMerchant, from others (such as customers and suppliers of Merchant, lenders
<br />and credit reporting agencies), and furnish information on Merclant's relationship with
<br />Bank and Bank's experience with Merchant to others seeking fire information.
<br />82 Reports from Merchant. Merchant will provide Bank with updated business
<br />and financial information concerning Merchant, including Immoral statements, tax returns.
<br />Page 3 of7 UNIVMERAGMT v10.1013
<br />
|