I. Definitions

Throughout this Agreement and the Merchant Agreement, the following definitions apply:

3D Secure	The “Three-Domain Secure” protocol developed by Visa International Inc. (Visa) branded as “Verified by Visa” and “MasterCard SecureCode” developed by MasterCard International Inc. (MasterCard), including successive versions thereof and any amendments thereto.
Access Pin	A unique secret code used to authorize changes to Merchant's details.
Account Holder	Any person who is authorized to use a Payment Method issued to him for means of consumption or making a purchase.
Acquirer	A financial institution that is authorized by a Scheme Owner or Issuer to enable the use of a Payment Method by accepting Transactions made with Merchant on behalf of the Scheme Owners or Issuers, routing these to the Scheme Owners or Issuers and collecting and settling the resulting funds to the Merchant in accordance with this Agreement (directly or indirectly).
Additional Collateral	Non-interest bearing funds provided to EPAG by the Merchant as a security to guarantee payment of any and all debt or liability from the Merchant to EPAG, the Scheme Owners, Acquirers, Issuers and/or the Payment Methods such as, without limitation, unpaid MFs, Deductions such as Disputes, Fines, and Refunds, or other potential debt or liability, including those arising out of or in connection with any Settlement.
Affiliate	In relation to any party, any entity in the same group as that party, including but not limited to subsidiaries or holding entities of that party and any direct or indirect subsidiaries of such entity.
Agreement	Means the terms of conditions set out within this Agreement, the Merchant Agreement and/or any Service supplement, amendments, appendices, extensions, modifications, policies and revisions.
API	Application programming interface used for sending Payment Data from the Merchant to EPAG with a direct secure internet connection.
Authorization	The process whereby a Customer (or Merchant on Customer’s behalf) requests permission for a Payment Method to be used for a Transaction.
Business Day	Means a day other than a Saturday or Sunday on which banks are open in the relevant EPAG or Scheme Owner Territory.
Capture Period	The period during which a Transaction can be Captured. The Capture Period varies per Payment Method.
Capturing / Capture	The confirmation by (or on behalf of) the Merchant to the Acquirer that a Transaction for which Merchant received an Authorization is to be executed and the Account or other Payment Method used by Customer is to be charged/used for the Transaction.
Card	Any form of credit card or debit card, which may be used by a Cardholder to carry out a Transaction on a Cardholder’s account.
Cardholder	Any person who possesses and uses a Card issued on his name by one of the Issuers, authorized by Card Schemes and/or relevant authorities and, where required on the Card, whose signature appears on the Card as an authorized user.
Collection Cycle	The number of days considered as an individual period for which Transactions and Services will be grouped by EPAG.
Currency	Any system of money in general use in a relevant Territory or any digital Currency generally accepted or in use.
Customer	Any Account Holder who attempts or carries out a Transaction with the Merchant using any of the Payment Methods.
Data	Documents, Records, and any other Data of any kind relating to the Transactions.
Data Controller	The entity which alone or jointly with others determines the purposes and the means of the Processing of Personal Data.
Data Subject	An identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier, or to one or more factors specific to his physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Deductions	The overall amount of deductions applicable under this Agreement for which the Merchant shall be exclusively and fully liable. Deductions include: (i) Disputes, (ii) Fines, (iii) Refunds, and (iv) amounts needed to comply with the Rolling Reserves Rate.
Dispute	Any circumstance where an Issuer, Payment Method, Scheme Owner and its Scheme Rules or other financial institution requires repayment of a Transaction in respect of which a Merchant was paid or due to be paid, notwithstanding that Authorization for such Transaction may have already been obtained.
Downtime	The period of time during which the Merchant Interface and/or any other of Services are down and not accessible.
Effective Date	The date at which this Agreement becomes effective, as stated in the Merchant Agreement.
EPAG	EPLP Tecnologia em Pagamentos Ltda. (28.667.127/0001-69) or any of its Affiliates, delegates, or sub-contractors thereof or Affiliates thereto.
Exchange Rate	The market exchange rate provided by a financial institution authorized by the corresponding monetary authority as per the Regulatory Requirements to conduct foreign currency exchange operations.
Fines	Any and all fines, levies, costs, expenses, charges, assessments, or imposition of liabilities of any nature which the Payment Methods, Scheme Owners, Acquirers, Issuers, or any other financial institution require either the Merchant or EPAG to pay, at any time directly or indirectly in relation to any aspect of our relationship with the Merchant.
Hosted Payment Pages	The payment site hosted by EPAG featuring the Payment Interface where Customers are redirected from the Merchant Interface to fill in their respective Payment Data to carry out a Transaction.
Inflation	The Euro Area Inflation (HICP All Items Euro Area).
Installments	For certain Payment Methods, a Customer may have the ability to divide the payment of the Transaction into several equal payments, spread over an agreed period of time.
Issuer	An institution that issues Payment Methods to the Account Holder and whose name appears on the Card or bank account statement as the Issuer or who enters into a contractual relationship with the Account Holder with respect to the Payment Method.
Merchant	The entity who enters into this Agreement and the Merchant Agreement with EPAG as identified in the Merchant KYC.
Merchant Agreement / MA	The attachment to this Agreement between EPAG and the Merchant, specifically outlining the provision of the Services to Merchant and the corresponding Merchant Fee.
Merchant Interface	Any point wherein the Merchant’s systems (whether owned or used under license by Merchant) connect and communicate with EPAG’s systems in an automated and predefined manner, such as via API.
Merchant Fee / MF	All Fees, charges or other payments to be made by the Merchant to EPAG from time to time, including but not limited to the fees EPAG charges per Transaction and the Fees further described in the Merchant Agreement.
Order Currency	The Currency in which the Transaction is originally offered to the Account Holder.
Merchant Product / Merchant Service / Merchant Products and Services	A product/service which the Merchant (or any of its Affiliates) is selling and for which Transactions are processed.
Merchant KYC	Know Your Customer - set of information about Merchant’s activities, in particular about its financial status, solvency and liquidity, its activities, its payment acquiring and processing arrangements, its shareholders, its ultimate beneficial owners, the Merchant Products/Services, its registered office address, as well as any and all regulatory licenses and registrations required to sell Merchant Products/Services.
Payment Currency	The Currency in which a Transaction is processed.
Payment Data	All Transaction information including, but not limited to, the Customer’s personal and financial information such as account number, Card number, expiration date, and CVV2.
Payment Interface	An electronic connection method provided by EPAG to the Merchant for providing the Payment Data for individual Transactions allowing EPAG to provide its Services with respect thereto.
Payment Method	A method of enabling payments by Customers to Merchants, such as Cards, online and offline bank transfers, and direct debits offered by the Scheme Owners.
PCI DSS	The security standards for transmitting, processing or storing card data, or Payment Data, known under the name PCI DSS, as required to be observed under the Scheme Rules of the Scheme Owner.
Personal Data	Has the meaning given to it in GDPR, as amended from time to time, and is “any information relating to a Data Subject. This includes but is not limited to Data of Customers, Merchant’s employees, directors and shareholders (or Merchant itself where it is a sole trader).
Processing (of) Personal Data	Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Refund	A partial or total reversal of a particular Transaction, whereby the funds are reimbursed to the Customer upon the initiative or request of the Merchant.
Regulatory Requirements	Any law, statute, regulation, order, judgment, decision, recommendation, rule, policy or guideline passed or issued by any competent authority or any other arrangement that is being used for providing the Services.
Reserve Account	A virtual or actual account that will collect all amounts withheld as Rolling Reserve.
Rolling Reserve	A non-interest bearing amount withheld by EPAG from the Settlement as a security to guarantee payment of any and all debt or liability from the Merchant to EPAG, the Scheme Owners, Acquirers, Issuers, and/or the Payment Methods such as, without limitation, unpaid MFs, Deductions such as Disputes, Fines, and Refunds, or other potential debt or liability, including those arising out of or in connection with any Settlement.
Rolling Reserves Rate	A percentage of the TPV, which shall be subtracted from the Settlements and held in the Reserve Account. The applicable Rolling Reserve Rate shall be set out in the Merchant Agreement.
Scheme Owner	Any party or institution offering and/or regulating a relevant Payment Method used by EPAG, e.g. to process Transactions or Settlements.
Scheme Rule	The collective set of bylaws, rules, regulations, operating regulations, procedures and/or waivers issued by the Scheme Owner, Acquirer, Issuer, or any other competent institution or authority as may be amended or supplemented over time with which Merchant must comply when using the relevant Payment Method.
Service / Services	The collective set of payment processing, payment routing, anti-fraud control, reconciliation, reporting, Settlement and/or other services as provided by EPAG to the Merchant to enable the Merchant to use Payment Methods to process Transactions.
Service Level Agreement / SLA	The level of availability in regards to the Payment Interface and any other Services to which EPAG commits in relation to the Merchant.
Settlement	The payment of amounts owed by EPAG to the Merchant, with respect to Settlements received by EPAG from Acquirers or Scheme Owners for Transactions validly processed for the Merchant, minus the amounts for Disputes, Fines, Merchant Fees, Refunds or any other amounts due by Merchant to EPAG.
Settlement Currency	The Currency in which the Settlement is paid to the Merchant.
Settlement Cycle	The time (in Business Days) between the closing of a Collection Cycle and the actual Settlement of EPAG to the Merchant, i.e. Settlement Schedule.
Sub-processor	The entity engaged by the Data Processor or any further sub-contractor to Process Personal Data on behalf of and under the instructions of the Data Controller.
Territory	An organized area of land usually under the jurisdiction of a ruler or state.
Total Payment Value / TPV	The accumulated amount comprising of the gross value of all Transactions processed by EPAG on behalf of the Merchant in a specific period of time, usually calculated on a monthly basis.
Traffic	The profile or characteristics of Transactions submitted by Merchant to or through EPAG, including volume, spread across Payment Methods, spread by Territory and other relevant information.
Transaction	An Authorization request of a Customer for a payment from the Customer to the Merchant submitted by the Merchant to or through EPAG for a purchase of certain Merchant Products and Services.
Uncompleted Order Amount	The total amount of authorized, captured and/or settled Transactions for the Merchant at any point in time, for which the corresponding products or services have not been delivered to the relevant Customers.
Uptime	Shall define the availability of the Payment Interface or other Services provided in percent over a certain period of time, usually one month.
Working Hours	From 09:00 to 18:00 on Business Days in the relevant EPAG Territory.

Any capitalized terms used but not defined herein shall have the definition given to them in this Agreement or the Merchant Agreement.

II. Definition of the Services

The following Services may be provided by EPAG to Merchant as specified in the Merchant Agreement in accordance with the terms and conditions herein:

1. Payment Processing

EPAG allows the Merchant to process Transactions over the internet using different Payment Methods to the Payment Interface.

1. 1. Depending on the Payment Method selected by the Customer in order to make a Transaction, EPAG allows for different ways to handle Authorization and Capturing, whenever allowed so by the Payment Method and the Scheme Rules:
      1. One-off Transactions (immediate Authorization and Capturing); or
      2. Transactions with prior Authorization.
   2. The Merchant acknowledges and agrees that:
      1. the Services provided by EPAG are not related in any way to the business conducted between the Merchant and its Customers, EPAG shall thus not be a party of any resulting disputes;
      2. EPAG does not, nor intends to, provide financial services as offered by Scheme Owners, Acquirers or financial institutions;
      3. EPAG solely operates as an intermediary and in under no circumstances acts or purports to act as a seller, buyer, dealer, middleman, retailer, auctioneer, supplier, distributor, manufacturer, broker, agent or hirer of Merchant’s products;
      4. EPAG makes no representations or warranties and does not ensure the quality, safety or legality of any of Merchant’s products or services.
      5. EPAG’s activities are limited to receiving amounts from Customers for Transactions generated by order of the Merchant;
      6. It is solely the Merchant’s responsibility to obtain the Customer’s Authorization in compliance with applicable legal requirements and Scheme Rules;
      7. It is solely the Merchant’s responsibility to inform and to transfer the necessary Payment Data to EPAG in order to allow for Capturing of the Transactions; and
      8. Authorizations have a limited maximum Capture Period during which they allow for Capturing, which is set by the Issuer or the relevant Scheme Owner. It is the Merchant’s sole responsibility to check the applicable Capture Period and to ensure a Capturing of an Authorization.

2. Payment Methods

EPAG will support the Payment Methods as specified in the Merchant Agreement, as long as EPAG continues to support these in its general product portfolio.

1. 1. Depending on the Payment Method used by the Customer for making the Transaction, EPAG may charge a Transaction Fee and/or Platform Fee as specified in the Merchant Agreement.
   2. EPAG may decide within its reasonable discretion to stop supporting particular Payment Methods or make future support conditional on the acceptance by Merchant of additional conditions or Fees, in case of

1. 1. 1. materially different terms imposed by the relevant Scheme Owner or Acquirer;
      2. malperformance by the relevant Scheme Owner or Acquirer;
      3. reasonable grounds to doubt the creditworthiness of the Scheme Owner or Acquirer; or
      4. sharply increased costs for EPAG to offer the Payment Method due to new circumstances.

1. 3. Merchant acknowledges and agrees that Scheme Owners or Acquirers might cancel certain Payment Methods, change the characteristics thereof or change the acceptance criteria under which they make them available.
      
   4. Merchant acknowledges and agrees that Customers may incur eventual additional charges or fees upon completing a Transaction, as may be imposed for example by the Scheme Owner, Acquirers or other agents involved in the facilitation of a Transaction, depending on the Payment Method selected.
   5. Merchant acknowledges and agrees that specific Payment Methods for which the Scheme Owners or Acquirers charge a particularly high fixed fee may require a certain minimum amount charged whenever processing an Authorization or a Transaction, or an additional Transaction Fee and/or Platform Fee may be charged to the Merchant.
   6. For any changes made to the availability or support of Payment Methods, EPAG will notify the Merchant at least thirty (30) days in advance, unless not reasonable given the cause of the decision.
   7. EPAG will use reasonable endeavors to offer an alternative for any discontinued Payment Method to the Merchant.

3. Currencies

EPAG supports several different Currencies and will, whenever possible, offer Customers the ability to make Transactions in whatever Currency appears most natural to them, ideally the official legal tender of the Territory.

1. 1. The Merchant may decide to use one or several of the supported Settlement Currencies. Funds gathered through successful Transactions will be made available in the Payment Currency.
   2. In case the Merchant does not make a bank account available for Settlement in the Payment Currency or another Currency is agreed upon in the Merchant Agreement, EPAG shall allow the Merchant to receive any Settlement in a different Settlement Currency.

1. 3. EPAG may decide within its reasonable discretion to convert the Order Currency and allow Customers to pay in a different Payment Currency, in case of

1. 1. 1. Payment Methods or Scheme Rules not accepting to process Transactions in the Order Currency;
      2. A material change in tax understanding for processing Transactions in a different Currency; or
      3. Payment Methods being more accessible to Customers in a different Currency;

1. 4. EPAG shall use, as the conversion rate between the Order Currency and the Payment Currency, the Exchange Rate as applicable during the day of the Transaction, minus the Order Currency Conversion Fee.

1. 5. EPAG shall use, as the conversion rate between the Payment Currency and the Settlement Currency, the Exchange Rate as applicable on the time of the conversion, minus the Settlement Currency Conversion Fee.

4. Refunds

The Merchant may, at its sole request, but always in accordance with the Scheme Rules and Regulatory Requirement, allow for a full or partial Refund to be made in correspondence to a Transaction’s previously successful Authorization or Capturing.

1. 1. The Merchant acknowledges and agrees that any Refunds made by EPAG are made

1. 1. 1. exclusively at the Merchant’s demand; and
      2. at the Merchant’s sole discretion and liability.
         

1. 2. EPAG may, in case of a Refund, apply a Refund Fee, depending on the Payment Method or Scheme Rules in place, as specified in the Merchant Agreement.
   3. The Merchant acknowledges and agrees that EPAG will not execute a Refund, if

1. 1. 1. the relevant Payment Method does not allow Refunds;
      2. the time that the Scheme Rules allow Refunds has passed;
      3. the necessary funds cannot be deducted from the Merchant’s next Settlement; or
      4. the Refund is not requested by the Merchant using EPAG’s Merchant Interface or any similar mechanism in place to automatically communicate the Refund.
         

1. 4. For the avoidance of doubt, the Refund amount shall be limited to the total value paid by the Customer for the original Transaction. Eventual fees, convenience taxes, surcharges and other additional charges incurred by the Customer depending on the Payment Method selected will not be refundable.

1. 5. Fees applied to the original Transaction will not be refunded to the Merchant in part or in whole if a Transaction is refunded.

5. Disputes

Many Payment Methods, and in particular including most Scheme Owners issuing Cards allow Customers to file a Dispute for Transactions through their Scheme Rules, even if previously reported as a successful Authorization or Capturing.

1. 1. The Merchant acknowledges and agrees that, in relation to Disputes,

1. 1. 1. any receipt of Settlement and/or Authorization confirmation regarding a particular Transaction does not mean the Merchant is unconditionally entitled to receive or keep the corresponding Settlement; and
         
      2. in case a Customer successfully claims a Dispute in accordance with the relevant and applicable Scheme Rules, EPAG must return such amount on behalf of the Merchant to the Customer.

1. 2. EPAG may, in case of a Dispute, apply a Dispute Fee, depending on the Payment Method or Scheme Rules in place, as specified in the Merchant Agreement, unless Merchant has opted to pay the Fraud Protection Fee, in which case such fee shall be the only Merchant Fee charged for Disputes.
   3. Merchant Fees applied to the original Transaction will not be refunded to the Merchant in part or in whole, if a Transaction is disputed.
   4. EPAG may withhold amounts from the Settlement due to Merchant if Dispute levels are deemed unreasonably high, e.g. exceeding an average of one (1) percent of the value or number of Transactions.
   5. Fees applied to the original Transaction will not be refunded to the Merchant in part or in whole if a Transaction is considered a Dispute.

6. Fraud Protection

All Transactions processed by EPAG on behalf of the Merchant will automatically be screened by EPAG’s Fraud Protection system to prevent the occurrence of potentially fraudulent Transactions.

1. 1. Merchant acknowledges and agrees that, in relation to Fraud Protection,

1. 1. 1. the Fraud Protection Service does not in any way guarantee the prevention of potentially fraudulent Transactions, nor against resulting Disputes or Fines;
      2. EPAG has the right to cancel Transactions that it has reasonable grounds to suspect to be fraudulent; and
         
      3. once a Transaction is submitted by the Merchant to be processed by EPAG, the final responsibility for accepting that Transaction remains with the Merchant. As such, EPAG may cancel, reverse or charge from Merchant any transaction that is fraudulent or that is notified as a Dispute.

1. 2. For some Payment Methods, Merchant has the ability to cancel Transactions even after successful Authorization depending on the terms and conditions and the timeframe stipulated within the corresponding Scheme Rules.
   3. Merchant may have the choice to opt for a Fraud Protection Fee, which will protect Merchant from any Dispute Fees to be payable otherwise as long as the recommendation from EPAG’s Fraud Protection system is to accept the Transaction. Depending on the particularity of the business of Merchant, EPAG may require the Merchant to opt for the Fraud Protection Fee.
   4. The Fraud Protection Fee will apply for any request, regardless of the recommendation from EPAG’s Fraud Protection system.
   5. The Merchant agrees and acknowledges that EPAG is allowed to collect, use and share aggregate Payment Data and Personal Data with selected third parties, including, but not limited to fraud protection and risk management systems.

7. Settlement

Funds received from Customers as a result of validly processed Transactions, which are settled by the Scheme Owners or Acquirers to EPAG, will be made available for withdrawal by Merchant at the end of each Settlement Cycle.

1. 1. Merchant acknowledges and agrees that,

1. 1. 1. Settlements are subject to the availability of funds in a Settlement Currency;
      2. any Settlement may be withheld by EPAG free of interest if so required by valid court order, Regulatory Requirements, or Scheme Rules;
      3. any tax, Deductions, or Fines imposed upon the Settlement by Regulatory Requirements or Scheme Rules will be deducted from the Settlement amount payable to Merchant;
      4. Regulatory Requirements force EPAG to, before obtaining approval for any and each Settlement made to Merchant, submit all underlying Transactions from the corresponding Settlement Cycle to financial institutions legally authorized to process foreign exchange operations; and
      5. the financial institution may, under its own discretion and according to its own compliance policies, deny to process Settlements for said Transactions.

1. 2. EPAG may charge Merchant a Transfer Fee on each Settlement made, as specified in the Merchant Agreement.
   3. EPAG may offer Merchant the ability to assign Settlements to any third party of their choosing, or divide Settlements between several different receivers and Settlement Currencies, using EPAG’s Merchant Interface or any similar mechanism in place.

1. 4. No interest is due over amounts held by EPAG on behalf of Merchant prior to Settlement to Merchant, except in case Settlement is delayed for more than twenty (20) Business Days after the end of the corresponding Settlement Cycle due to intent or gross negligence by EPAG. In such a case interest is due by EPAG over the late Settlement at the official interest rate + one (1) percent.

1. 5. EPAG may withhold payment to the Merchant even after Settlement Cycle has been completed if the Settlement amount will require the Merchant to pay the Transfer Fee stated in the Merchant Agreement unless expressly confirmed by the Merchant.

1. 6. Prior to Settlement, EPAG shall hold funds due to the Merchant on behalf of and for the sole and exclusive benefit of the Merchant and will keep sufficient records of the funds of the Merchant in such a manner that the assets are appropriately distinguished with respect to applicable legislation regarding matters of bankruptcy and general insolvency.
      
   7. Merchant acknowledges and agrees that EPAG may charge the Merchant a Collection Cycle Fee and a Settlement Cycle Fee for any Settlements to the Merchant which occur at an increased speed as agreed upon between the Parties.
   8. EPAG must always use the financial system for payment of Settlements. In case EPAG finds itself unable to pay the due Settlement amount to Merchant due to Merchant’s Transactions and/or activities being denied by a legally registered financial institution, Merchant acknowledges and agrees that (i) EPAG makes the corresponding payments to a legal court; and (ii) this Agreement may be terminated as per clause XIII. c 5 (v).

8. Customer Support

EPAG may provide customer support services to Customers contacting EPAG about Authorizations or Captures or in case of general questions about Payment Methods.

1. 1. Merchant acknowledges that EPAG may charge the Merchant a Customer Support Fee for any Transaction of the Merchant requiring assistance by any Customer.

1. 2. In case of the Customer contacting EPAG about a Transaction related to the Merchant, the Merchant acknowledges that,

1. 1. 1. EPAG will only be able to provide customer support related to the Transaction itself;
      2. EPAG will pass on any request not directly related to the Transaction or to any of the Services to the Merchant;
      3. EPAG may require the Customer or Account Holder to provide valid Data for authentication purposes;
      4. EPAG will never require any Card Data and will never Authorize or Capture Transactions any other way than through the Payment Interface and in accordance to PCI DSS, the corresponding Scheme Rules and the Regulatory Requirements.

1. 3. The Merchant and EPAG may agree on certain standardized information about Merchant’s products or services to be passed on to Customers or specific handover processes between customer support representatives.
      
   4. EPAG may collect additional Data from Customers using customer support in order to provide the best possible service quality.

9. Installment / Consumer Credit Fee
   

In Territories where available, EPAG may allow for Transactions to be divided by the Account Holders into several equal payments, spread over an agreed period of time.

1. 1. EPAG may, in case of an Installment, apply a Consumer Credit Fee, depending on the total amount due within a Transaction as well as the period of time chosen, as specified in the Merchant Agreement.

1. 2. The Merchant acknowledges and agrees that in relation to Consumer Credit Fee applied for Installments:

1. 1. 1. EPAG will only allow for an Installment, if in accordance with the Scheme Rules for the corresponding Payment Method, as well as the Regulatory Requirements.
      2. it is EPAG’s sole discretion whether to approve a request from a Customer to divide a Transaction into an Installment.
      3. it is EPAG’s sole discretion whether to offer a Customer the ability to pay a Transaction in Installment.
      4. if any Installment payment is not met by the Customer, EPAG will automatically consider the Transaction a Dispute.

10. Reserve Account
    

The Merchant agrees that a Rolling Reserves Rate may be subtracted from Settlements, and shall be retained by EPAG in order to be used to cover for Merchant Fees, Deductions such as Disputes, Fines, and Refunds, or other obligations of the Merchant under this Agreement.

1. 1. The Rolling Reserves may be capped or converted to a fixed reserve amount after a set period of time, to be held in the Reserve Account, as determined by EPAG.

1. 2. The Merchant acknowledges and agrees that in relation to the Reserve Account, the Rolling Reserves Rate or the Rolling Reserve:

1. 1. 1. The Rolling Reserve Rate shall be set out in the Merchant Agreement;
      2. EPAG, at its sole discretion, may change the Rolling Reserves Rate and/or the terms of the Reserve Account based on Merchant’s Traffic immediately upon written notification to the Merchant;
      3. no interest rate of any sort applies on the funds credited in the Reserve Account;
      4. Merchant has no right to direct that account, cannot and will not assign or grant any security interest in those funds or that account, or allow any encumbrance upon the funds contained on that account; and
      5. EPAG may, without notice to Merchant, apply deposits in the Reserve Account against any outstanding amounts owed to EPAG under this Agreement, or any other future agreement between the Merchant and EPAG or the Scheme Owner.

1. 3. Funds in the Reserve Account will remain in the Reserve Account for the period of time defined as per the Merchant Agreement. Periods may differ between Scheme Owners, Payment Methods, Acquirers, and Issuers.

11. Additional Collateral
    

In addition to the Reserve Account, EPAG may request the Merchant to provide funds to EPAG as non-interest bearing Additional Collateral.

1. 1. EPAG will fund the Additional Collateral, replenish and EPAG will fund the Additional Collateral, replenish and maintain it at the designated level or will instruct the Scheme Owners, Acquirers, Issuers, and/or Payment Methods to do so by deducting the required amount from Settlements or any other funds due to the Merchant.

1. 2. EPAG may at its sole discretion at any time and without prior notice draw and receive amounts from the Additional Collateral, or instruct the Scheme Owners, Acquirers, Issuers, and/or Payment Methods to do so, as required to cover any amounts owed to EPAG directly or indirectly which cannot be deducted from the Merchant’s Settlements because of lack of funds or otherwise. EPAG may subsequently replenish the Additional Collateral or instruct the Scheme Owners, Acquirers, Issuers, and/or Payment Methods to do so, from Settlements and funds due to the Merchant under this Agreement or require that the Merchant makes a payment to EPAG for the amount required to replenish the Additional Collateral.

1. 3. EPAG may change the Additional Collateral upon notice and at its sole discretion depending on Traffic, Refund rations, Dispute ratios, and other risk considerations.

1. 4. The Merchant expressly acknowledges and agrees that, in relation to the Additional Collateral,

1. 1. 1. the Additional Collateral is separate to and does not form part of the funds subject to EPAG’s safeguarding obligations;
      2. EPAG or the Scheme Owners, Acquirers, Issuers, and/or Payment Methods may charge or debit against the Additional Collateral;
      3. the Merchant is not entitled to any interest on the Additional Collateral;
      4. the Merchant has no right to direct the Additional Collateral; and
      5. the Merchant cannot and will not assign or grant any security interest in the Additional Collateral, or allow any encumbrance upon those funds.
      6. EPAG may, without notice to the Merchant, apply deposits to the Additional Collateral against any outstanding amounts owed to EPAG under this Agreement or any other future agreement between the Merchant and EPAG or the Scheme Owner.

III. Reporting and Merchant Fees

The following Merchant Fees may apply for the Services provided, as specified in the Merchant Agreement. All Merchant Fees will be clearly stated within the Reporting:

1. Invoicing

EPAG will invoice the Merchant during a recurring period of time, usually monthly, for the Services rendered.

1. 1. Invoices will provide an overview of:

1. 1. 1. Merchant Fees due for the period for which the invoice was issued, calculated on the basis of that period’s Traffic and the number of Settlements made;
      2. an overview of the Merchant Fees already withheld from the Settlements;
      3. an overview of the Rolling Reserve already withheld from the Settlement, as well as the difference between the held and released Rolling Reserves, will be communicated to the Merchant in the statements under section ‘Reserve Account’;
      4. an overview of the Additional Collateral provided by the Merchant to EPAG;
      5. wherever relevant the remaining amount due or credited to the Merchant.
         

1. 2. Amounts due or credited are subsequently added to or subtracted from the next Settlement to the Merchant or in absence of a next Settlement are payable or credited as applicable within 30 days of the invoice date.

1. 3. EPAG provides electronic invoices as standard. Printed invoices or statements can be requested for subsequent invoices via the Customer Area (additional costs may be charged by EPAG for the provision of printed invoices in form of a Records Request Fee).

1. 4. The invoice currency will be in United States Dollars (USD) or Euro (EUR), unless expressly otherwise agreed in the Merchant Agreement.
   5. In case of discrepancies on invoices, Merchant shall notify EPAG no later than fourteen (14) days after receipt of an invoice, if any part of such invoice is disputed, stating the complaint and the reasons for the dispute. If it is established that the complaint was justified, the invoice shall be adjusted and EPAG shall deduct the disputed part of the invoice, if any, from the next invoice due to the Merchant after consensus has been reached. If it is established that the complaint was unjustified, the invoice will remain in force as issued.

2. Pricing

EPAG aims to provide transparent and clear pricing that is applicable solely whenever a Service has actually been utilized.

1. 1. EPAG shall be unilaterally entitled to change its Merchant Fees for its Services, with thirty (30) days prior notice. Said changes in pricing shall only become effective for the Services rendered by EPAG starting at the end of the notice period.

1. 2. The Merchant may, in case of a Merchant Fee change, during the notice period, cancel the Merchant Agreement at the end of the notice period.

1. 1. 1. For the avoidance of doubt, this clause does not apply due to communicated changes in pricing due to changes in Regulatory Requirements, including but not limited to changes in taxation, or due to Inflation.

1. 3. EPAG shall be entitled to adjust its Merchant Fees to account for inflation in accordance with the previous year’s published Inflation. Said changes may be applied by EPAG only once annually and will be announced at least thirty (30) days prior notice.

1. 4. The consolidated Merchant Fee may comprise of several different Merchant Fees charged upon the different Services rendered by EPAG and will be detailed in the corresponding Merchant Agreement. The Merchant acknowledges and agrees that depending on the Services rendered, the following Merchant Fees, and/or other agreed upon Merchant Fees not specified hereinbelow, may apply:

1. 1. 1. Collection Cycle Fee;
      2. Consumer Credit Fee;
      3. Consumer Identification Fee;
      4. Country Adjustment;
      5. Customer Support Fee;
      6. Dispute Fee;
      7. Fraud Protection Fee;
      8. Order Currency Conversion Fee;
      9. Platform Fee;
      10. Premium Membership Fee;
      11. Records Request Fee;
      12. Refund Fee;
      13. Rolling Reserve Rate;
      14. Settlement Currency Conversion Fee;
      15. Settlement Cycle Fee;
      16. Transaction Fee;
      17. Transfer Fee; and
      18. Withdrawal Fee

1. 5. The Merchant agrees that other Merchant Fees may be added from time to time with the addition of new Services provided by EPAG.

1. 6. The Merchant acknowledges that the consolidated Merchant Fee is calculated based on Traffic and may differ from characteristics provided by the Merchant.

3. Payment

1. 1. Merchant agrees with the withholding of any Fees and other sums due to EPAG under the Merchant Agreement including Disputes and Fines from the Settlement amounts.
   2. If the Settlement amounts are not sufficient to cover amounts due to EPAG, the amounts remain due as per the due date as stated on their corresponding invoice and shall be paid separately by the Merchant within thirty (30) days of the reception date of the relevant invoice by Merchant.
   3. Interest shall accrue on any unpaid amounts owed by the Merchant to EPAG at the rate of two (2) percent per month.

4. Taxes

1. 1. All Merchant Fees of EPAG are excluding applicable VAT, turnover, and other taxes or levies which will be separately payable by Merchant where applicable to invoiced amounts or services.
   2. Except as otherwise agreed herein, each Party shall be liable for the corresponding taxes as defined by Regulatory Requirements.
   3. Merchant is solely responsible to charge any taxes related to the Merchant Products and Services, including, but not limited to value-added, (general) sales, consumption, (withholding) income taxes, or other excise taxes if required by the applicable tax authorities in the Territory.

IV. Merchant Obligations

1. Merchant Registration & KYC

1. 1. Merchant must provide all Merchant KYC about itself, its activities, and its shareholders.

1. 2. Merchant warrants unconditionally that all Merchant KYC provided is correct and up to date. Merchant will provide EPAG written notice of any change of Merchant KYC, within seven (7) Business Days of any material change of any of the Merchant KYC, including in particular (but not limited to) any change of its directors, shareholders, and/or ultimate beneficial owners.
      1. 1. Merchant may communicate any changes thereto by signed and written letter or using the online form service provided by EPAG in combination with the Access Pin provided.
         2. Merchant agrees and acknowledges that it is the Merchant’s sole responsibility to safeguard the Access Pin and to ensure it is only accessible by authorized personnel. EPAG shall under no circumstances be liable for any damages occurring from the Merchant’s failure in doing so.
   1. 3. Merchant will upon request from EPAG provide such additional information and supporting documentation regarding its activities and identity and that of its shareholders as EPAG may reasonably determine the need to ensure compliance with applicable laws and regulations and Scheme Owner and Acquirer KYC requirements.
      4. Merchant agrees that EPAG may run further checks on Merchant’s identity, creditworthiness, and background by contacting and consulting relevant registries and governmental authorities or any other relevant sources.
      5. EPAG’s acceptance of Merchant as user of the Services and the relevant Payment Methods is strictly personal and limited to the use by Merchant of the Services for payment of Merchant’s own products and services. The Merchant may not use the Services to facilitate the payment for products or services sold by third parties and therefore may not resell the Services to third parties.
   2. 6. Support for each Payment Method is subject to acceptance by the relevant Scheme Owner or Acquirer used by the Scheme Owner, which such Acquirer Scheme Owner may withhold or withdraw at its discretion at any time. Some Scheme Owners or Acquirers may require the Merchant to enter into a direct agreement with the Acquirer or Scheme Owner before the Merchant may use the relevant Payment Method. Merchant hereby authorizes EPAG to submit Merchant KYC received from Merchant to the relevant Scheme Owners and Acquirers to obtain permission for providing access to their Payment Methods for Merchant.
   2. Merchant’s Website
   1. 1. The Merchant is required to provide exact URL(s) of its websites for which the Services are required and Merchant may amend existing URLs/add new URLs from time to time, subject to approval by EPAG to that effect, in which case the same obligations that apply to existing URLs shall apply with respect to these additional URLs.
   1. 2. For any Transactions the Merchant agrees to include the following information clearly and conspicuously on its websites:
   1. 1. 1. Payment Method’s brand mark in full color to indicate that Payment Method’s acceptance;
         2. complete description of the Merchant Products and Services offered by the Merchant and the applicable terms and conditions; the terms and conditions should be displayed to the Customer during the order process;
         3. complete description of the refund, return and cancellation policies (if the Merchant has a limited refund policy, it must be clearly communicated to the Customer prior to the purchase);
         4. “click to accept” button, or other acknowledgment, evidencing that the Customer has accepted the return/refund policy;
         5. Merchant service contact information including email address or telephone number;
         6. Merchant’s permanent business address;
         7. Transaction currency in both words and symbols;
         8. all export restrictions (if known);
         9. delivery policy, and special delivery policy if any;
         10. Merchant’s Territory which must be provided to the Customer during the payment process;
         11. Personal Data privacy policy; and
         12. security capabilities and policy covering Transaction details, Payment Data, or any other sensitive Personal Data. Additional information may be required, depending on the Payment Method offered by the Merchant.
   3. Integration
   1. 1. Unless otherwise expressly set forth in this Agreement, the Merchant agrees and acknowledges that in order to use any of EPAG’s Services provided herein, Merchant must use EPAG’s approved integration methods, including, but not limited to:
   1. 1. 1. Complete online self-registration, authentication, and validation process;
         2. PCI compliant Data Security processes;
         3. Correct usage and communication via provided API; and
         4. Correct usage of the Hosted Payment Pages.
   4. Required Data
      
   1. 1. In addition to the Merchant KYC, Merchant must provide additional financial and other information, as well as other Data as specified by EPAG, including, but not limited to: required information regarding the then current actual or expected Uncompleted Order Amount and estimates for the average time between Transaction Authorization and the related delivery date. Further Merchant shall provide EPAG on its first request with all requested information on Merchant’s then-current ability to provide the Merchant Products and Services, its financial status, solvability, and liquidity. This information is used by EPAG to estimate the likely Uncompleted Order Amount as used to determine the Rolling Reserves Rate as per clause IV. d. 2.
   1. 2. In case EPAG has reasonable grounds to question:
         
   1. 1. 1. 1. the accuracy or reliability of the information regarding Uncompleted Order Amount;
            2. Merchant’s financial stability; and/or
            3. its ability to provide the Merchant Products and Services to the Customers, EPAG may in its discretion take this into account in estimating the Uncompleted Order Amount for setting the Rolling Reserves Rate. EPAG will not take such action arbitrarily and will where reasonably possible (considering the grounds and urgency of the adjustment) request and consider Merchant’s input on EPAG’s amended assessment of the Uncompleted Order Amount before using it to amend the Rolling Reserves Rate.
   1. 3. If the Merchant fails to provide the Data requested in accordance with clauses IV. a. 1 and IV. c. 1, EPAG reserves the right to suspend the provision of the Services until such Data is provided.
   1. 4. The Merchant hereby authorizes EPAG to submit Merchant KYC, or any other relevant information received from the Merchant, to the relevant Scheme Owners, to obtain permission for providing access to their Payment Methods for the Merchant, or for any ongoing monitoring related purpose.
   5. Data Security
   1. 1. Merchant is fully responsible for the security of data on its site, through its app, or otherwise in its possession. Merchant agrees to comply with all applicable national or regional laws and rules in connection with the collection, security, and dissemination of any Payment Data on its site or through its app. Merchant specifically agrees that at all times Merchant will be compliant with the Payment Card Industry Data Security Standards (PCI-DSS) and the Payment Application Data Security Standards (PA-DSS), as applicable. The steps Merchant will need to take to comply with PCI-DSS and PA-DSS when using EPAG will vary based on Merchant’s implementation.
   1. 2. Merchant also agrees to use only PCI compliant service providers in connection with the storage, or transmission of Payment Data. The Merchant must not store CVV2 data at any time. Information on the PCI DSS can be found on the PCI Council’s website. It is the Merchant’s responsibility to comply with these standards.
   1. 3. The Merchant represents and warrants to EPAG that, in relation to the Processing of Personal Data in the context of the Services, Merchant acts as a Data Controller and that it:
   1. 1. 1. Complies with applicable Data protection law and EPAG’s Privacy Policy in respect of Processing of Personal Data, and only gives lawful instructions to EPAG. The Merchant must comply with the Personal Data protection laws of the Merchant’s country of origin and of the Territory in which the Merchant offers Merchant Products/Services and, in particular when Processing and sending the Personal Data to EPAG in the context of using the Services and submitting Transactions).
         2. Relies on a valid legal ground under applicable Data protection law for each purpose of its personal data processing activities, including obtaining Data Subjects’ appropriate consent if required or appropriate under Data protection law).
         3. Takes reasonable steps to ensure that Personal Data is accurate, complete and current; adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed; and kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the Personal Data are processed unless a longer retention is required or allowed under applicable law.
         4. Implements appropriate technical and organizational measures to ensure, and to be able to demonstrate, that the Processing of Personal Data is performed in accordance with applicable Data protection laws, including, as appropriate, appointing a data protection officer, maintaining records of processing, complying with the principles of data protection by design and by default and, where required, performing data protection impact assessments and conducting prior consultations with supervisory authorities.
         5. Responds to Data Subject requests to exercise their rights of: (i) access; (ii) rectification; (iii) erasure; (iv) data portability; (v) restriction of Processing of Personal Data; and (vi) objection to the Processing of Personal Data in accordance with applicable Data protection law .
         6. Cooperates with EPAG to fulfill their respective data protection compliance obligations in accordance with applicable Data protection law.
         7. Ensures that all Merchant staff are appropriately trained in line with their responsibilities under applicable Data protection laws.
         8. With respect to Processing of Personal Data should such processing occur, it has put in place suitable measures to safeguard the Data Subject’s rights and freedoms and legitimate interests and the right to obtain human intervention on the part of the Merchant, to allow Data Subjects to express their point of view and to contest the decision made in relation to the Data Subject.
   6. Merchant Services Registered
   1. 1. Merchant may only use the Services for payment of those Merchant Products and Services which Merchant registered and disclosed in the Merchant KYC when entering into the Merchant Agreement with EPAG as reflected in the Merchant Agreement. The acceptance by EPAG of a Merchant as customer is strictly linked to the description of Merchant’s Products and Services Merchant registered and disclosed in the Merchant KYC when entering into the Merchant Agreement.
   1. 2. Merchant must ask prior written approval for any change or addition materially changing the nature of the Merchant Products and Services prior to submitting Transaction requests for those Merchant Products and Services.
   7. Legality of Merchant Services
   1. 1. Merchant shall not use the Services for the payment of any products and services where it is illegal to offer or provide these to or from the relevant Territory and/or which are stated in EPAG’s Prohibited and Restricted Products and Services List, accessible via https://www.epag.com/en/legal/prohibited/.
   1. 2. This list may be updated at EPAG’s discretion where needed to ensure legal compliance, compliance to Scheme Rules, prevent high levels of Disputes, reputational risks and/or to reduce exposure to potentially fraudulent or illegal transactions. In the event that EPAG modifies its Prohibited and Restricted Products and Services List to include Merchant Product and Services, EPAG shall notify the Merchant.
   1. 3. Merchant represents, warrants, and covenants that Merchant shall comply with all applicable laws relating to its business, and that it has secured all rights necessary to sell or distribute any products, services or other content with respect to which Services are provided. For Merchant Products and Services where user-generated content is made available to the public, Merchant complies with the corresponding Regulatory Requirements, such as the Digital Millennium Copyright Act (DMCA).
   8. Scheme Rules and Merchant Services
   1. 1. Merchant is and remains solely responsible to ensure the Merchant Products and Services sold are compliant with the Scheme Rules and applicable laws in its country of origin and the Territory its Customers are based in. Further some Payment Methods apply additional restrictions as set out in the applicable Scheme Rules which Merchant must at all times ensure compliance with.
   1. 2. Merchant is strongly advised to regularly review current Scheme Rules and relevant changes to applicable laws as applicable to its Merchant Products and Services and business practices to ensure their compliance to applicable Scheme Rules.
   1. 3. For violations of certain key requirements under the Scheme Rules by Merchants, some Scheme Owners can levy significant Fines, ranging from twenty-five thousand (25,000.00) to over one million (1,000,000.00) Dollars. The Scheme Owners do this to protect the Customers, Merchants, and providers of the Payment Methods collectively against misuse, fraud, illegal activities, breach of applicable laws, reputational damage, and excessive costs. Where the Merchant considers the Scheme Rules to be unacceptable, the Merchant is free to stop using the relevant Payment Method, however, the Scheme Rules and the Agreement shall apply to processed Transactions which are made using the Payment Methods covered by such Scheme Rules.
   1. 4. Key examples of Scheme Rules which are subject to such Fines: (i) using the Payment Method for other Merchant Products and Services than for which the Merchant received express authorization to use it for; (ii) using the Payment Method for Merchant Products and Services which are violating applicable laws; (iii) using the Payment Method for selling Merchant Products and Services for which the Scheme Owner explicitly prohibited its use (e.g. drugs, arms, gambling); (iv) Using the Payment Method for the benefit of a third party / reselling the use of the Payment Method to a third party (the authorization for Merchant to use a Payment Method is strictly personal); (v) percentage of Transactions of a Merchant which is subject to a Dispute is above the applicable acceptable level; (vi) breaches of security and confidentiality obligations with respect to Payment Details; (vii) fraudulent, misleading activities of which Customers are the victim.
   9. Disputes, Deductions, Fines and penalties
   1. 1. Where EPAG becomes aware of and/or receives any notice of potential exposure to a Deduction or Dispute related to any Merchant behavior, Merchant will upon the first request provide all reasonable co-operation to help investigate the relevant circumstances and remedy the relevant violation, notwithstanding all other rights and remedies of EPAG in such situation as per this Agreement.
   1. 2. Where possible EPAG will share relevant feedback received by Merchant with the Acquirer/Scheme Owner handling the potential Fine so it can be taken into consideration by the Acquirer/Scheme Owner. If Fines are applied for Merchant violations, these may be invoiced by the Scheme Owners and/or the relevant Acquirer to EPAG as their contracting party. Merchant shall fully indemnify and hold EPAG harmless from any Fines applied by the Scheme Owners as a result of Merchant’s breach of the terms of the Merchant Agreement and/or the Scheme Rules, unless such Fine is the result of EPAG’s gross negligence or willful misconduct.
   1. 3. The Merchant agrees to be held responsible and liable for:
   1. 1. 1. any and all Deductions and any Fines. Each Deduction and Assessment represents a debt immediately due and payable to EPAG.
   1. 4. Any Deductions and/or Dispute for which the Merchant is required to reimburse EPAG shall correspond to the whole or part of the processing value of the original Transaction.
   1. 5. Where Deductions occur, EPAG shall immediately be entitled to debit the Reserve Account, Additional Collateral, and/or make a deduction from the Settlement amount due to the Merchant, and/or invoice the Merchant to recover:
   1. 1. 1. the full amount of the relevant Deduction; and
         2. any other costs, expenses, including without limitation legal fees and other legal expenses, liabilities or fines which EPAG may incur as a result of or in connection with such Deductions.
   1. 6. Where the full amount of any Deduction is not debited by EPAG from the Reserve Account, Additional Collateral, and/or deducted from any Settlement, then EPAG shall be entitled to otherwise recover from the Merchant by any means the full amount of such Deduction.
   1. 7. EPAG shall not be obliged to investigate the validity of any Deductions by any Acquirer, Issuer, Payment Method or Scheme Owner, whose decision or determination shall be final and binding in respect of any Deduction.
   1. 8. As Deductions may arise a considerable period after the date of the relevant Transaction, the Merchant acknowledges and agrees that, notwithstanding any termination of the Agreement for any reason, EPAG shall remain entitled to recover Disputes from the Merchant (and, where relevant, from any person who has provided EPAG with a guarantee or security relating to Merchant’s obligations under the Agreement) in respect of all Disputes that occur in relation to Transactions effected during the term of the Agreement, provided that the terms and conditions of this section shall survive such termination and continue to apply for the handling of any such Deductions or Disputes post-expiration/termination of this Agreement.
   10. Set-off
   1. 1. The Merchant hereby authorizes EPAG to set-off by whatever means the whole or any part of Merchant’s liabilities to EPAG under this Agreement (or any other contract with EPAG) against any funds credited to or owing to the Merchant under this Agreement (or any other contract with EPAG). EPAG may exercise this right of set-off at any time, without notice to the Merchant, whether either liability is present or future, liquidated or unliquidated, and whether or not either liability arises under this Agreement. If the liabilities to be set off are expressed in different currencies, EPAG may convert either liability at a market rate of exchange for the purpose of set-off. In the event such set-off does not fully reimburse EPAG for the amount owed, the Merchant shall immediately pay EPAG such amount. The Merchant shall hold harmless any financial institution that follows our request pursuant to this clause. Any exercise of EPAG’s right under this provision is without prejudice and in addition to any rights or remedies available to EPAG under this Agreement or otherwise.

V. EPAG Obligations

1. EPAG covenants that it shall comply with all applicable laws relating to its business, including any Data privacy or Data security laws relating to any information it receives from Merchant. EPAG will:

1. 1. Only Process Personal Data in accordance with the Merchant’s lawful written instructions and not for any other purposes than as required for: (i) the provision of our Services, including, but not limited to the Services described in II.; (ii) our role as a Data Controller as described in clauses IV. and XI; or (iii) other purposes agreed by both Parties in writing.
   2. Promptly inform Merchant if in its opinion, the Merchant’s instructions infringe Data protection law, or if EPAG is unable to comply with the Merchants’ instructions.
   3. Cooperate with the Merchant in its role as Data Controller to fulfill its own Data protection compliance obligations under Data protection law, including by providing all information available to EPAG as necessary to demonstrate compliance with the Merchant’s own obligations and where applicable to help Merchant conducting data protection impact assessments or prior consultation with supervisory authorities.
   4. Keep internal records of Processing of Personal Data carried out as a Data Processor on behalf of Merchant, in accordance with applicable Data privacy or Data security laws.
   5. Assist Merchant in fulfilling its obligation to respond to Data Subjects’ requests to exercise their rights as provided under Data protection laws and specified under Clause IV. 3 e), and notify the Merchant about such requests if EPAG receives it directly from the Data Subject.
   6. Notify Merchant when local laws prevent EPAG: (i) fulfilling its obligations under this Agreement and have a substantial adverse effect on the guarantees provided by this Agreement; and (ii) complying with the instructions received from the Merchant via this Agreement, except if such disclosure is prohibited by applicable law, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation.
   7. When the Agreement expires or upon the termination of the Agreement or upon a request to delete or return Personal Data by Merchant, except for any Personal Data which EPAG processes as a Data Controller, EPAG will, at the choice of Merchant, delete, anonymize, or return such Personal Data to Merchant, and delete or anonymize existing copies unless applicable law prevents it from returning or destroying all or part of the Personal Data or requires storage of the Personal Data (in which case EPAG will protect the confidentiality of the Personal Data and will not actively process the Personal Data anymore).

2. EPAG covenants that it shall comply with Scheme Rules, Regulatory Requirements, rules and regulations of any card payment network or other payment processors with respect to which it provides any Services.

3. EPAG represents and warrants that the use of EPAG systems or Services by Merchant as contemplated herein, and any EPAG software (if any), and any EPAG trademarks or service marks, will not infringe the intellectual property rights of any third parties.

VI. SLA

1. Uptime Commitment Payment Interface – EPAG will provide Merchant access to the Merchant Interface and Hosted Payment Pages on a twenty-four hour, seven days a week (24×7) basis at a rate of ninety-nine point nine (99.9) percent.

1. 1. This commitment excludes the periods of time when the Service is not available as a result of scheduled Downtime.
   2. The Merchant acknowledges and agrees that, in relation to Uptime Commitment, the following events may affect the actual availability of the Payment Interface or other Services provided, but shall not have any effect on the calculation of the Uptime Rate:

1. 1. 1. Due to factors outside EPAG’s reasonable control, including but not limited to Acts of God (including fire, flood, earthquake, storm, hurricane or other natural disaster), war, invasion, act of foreign enemies, hostilities (regardless of whether war is declared), civil war, rebellion, revolution, insurrection, military or usurped power or confiscation, terrorist activities, nationalization, government sanction, blockage, embargo, labor dispute, strike, lockout or interruption or failure of electricity or telephone service;
      2. Related to add-on features for the Service, including, but not limited to Internet Marketing or Reporting Services;
      3. That resulted from Merchant’s or third party hardware, software or services;
      4. That resulted from actions or inactions of Merchant or third parties;
      5. That resulted from actions or inactions by Merchant or Merchant’s employees, agents, contractors, or vendors, or anyone gaining access to EPAG’s network by means of Merchant’s passwords or equipment;
      6. That was caused by Merchant’s use of the Service after EPAG advised Merchant to modify its use of the Service, if Merchant did not modify its use as advised;
      7. Intermittent periods of Downtime that are ten minutes or less in duration; or
      8. Through Merchant’s use of beta, trial offers, early access programs, and/or demos (as determined by EPAG).

2. Security and Compliance

1. 1. EPAG takes reasonable measures to provide a secure payment system and shall keep its systems compliant to PCI DSS and any other Regulatory Requirements, even if not expressly certified.

VII. Confidentiality and Privacy

1. Each party (the “Receiving Party”) hereby agrees (i) to hold the other party’s (the “Disclosing Party”) Confidential Information in strict confidence and to take reasonable precautions to protect such Confidential Information (including, without limitation, all precautions the Receiving Party employs with respect to its own confidential materials), (ii) not to divulge any such Confidential Information or any information derived therefrom to any third person; (iii) not to make any use whatsoever at any time of such Confidential Information except as contemplated hereunder, (iv) not to copy or reverse engineer any such Confidential Information, and (v) that any employee, subcontractor, or agent given access to any such Confidential Information must have a legitimate “need to know” and shall be bound in writing to comply with the Receiving Party’s confidentiality obligations, whether general or specific to this Agreement. For the purposes of this Agreement, “Confidential Information” shall include all proprietary information or confidential information relating to the other’s business, processes, practices, products, Customers, payment transactions processed hereunder, Settlements, the accounts, finance or contractual arrangements or trade secrets of the other party.

2. Notwithstanding any provision in this Agreement to the contrary, each party may disclose Confidential Information of the other party to the extent it is required to be disclosed pursuant to a valid order or requirement of a governmental agency or court of competent jurisdiction, provided that the owner of the Confidential Information shall be given reasonable notice of the pendency of such an order or requirement and the opportunity to contest it.

3. Nothing in this Agreement shall be construed to prohibit or restrict each party’s disclosure of Personal Data, to third parties and Affiliates for the purpose of providing each party’s services, including without limitation thereof, for purposes related to fraud and risk management, and as otherwise permitted or required by law or applicable regulation.

4. Except for any announcement intended solely for internal distribution or any disclosure required by legal, accounting, or regulatory requirements beyond the reasonable control of either party, all media releases, public announcements, or public disclosures (including, but not limited to, promotional or marketing material) by either party or its employees or agents relating to this Agreement or its subject matter, or including the name, trade name, trademark, or symbol of the other party, are prohibited without the prior written consent of both parties. Notwithstanding the foregoing, either party shall be entitled to disclose the existence of the relationship formed hereunder between Merchant and EPAG without the prior written consent of the other party.

VIII. Liability

1. EXCEPT IN CASE OF BREACH OF CONFIDENTIALITY, INDEMNIFICATION FOR INFRINGEMENT OF THIRD PARTY INTELLECTUAL PROPERTY RIGHTS, WHERE THERE IS NO LIMITATION, (i) NEITHER PARTY SHALL BE LIABLE TO THE OTHER PARTY FOR INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR EXEMPLARY DAMAGES (EVEN IF THAT PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES), SUCH AS, BUT NOT LIMITED TO, LOSS OF REVENUE, PROFITS OR BUSINESS, COSTS OF DELAY, COSTS OF LOST OR DAMAGED DATA OR DOCUMENTATION, OR SUCH PARTY’S LIABILITIES TO THIRD PARTIES ARISING FROM ANY SOURCE; AND (ii) NOR SHALL THE ENTIRE LIABILITY OF EITHER PARTY TO THE OTHER PARTY UNDER THIS AGREEMENT, WITH RESPECT TO ANY SUBJECT MATTER OF THIS AGREEMENT UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER LEGAL OR EQUITABLE THEORY, EXCEED THE FEES PAID OR PAYABLE TO EPAG HEREUNDER DURING THE TWELVE (12) MONTHS PERIOD IMMEDIATELY PRIOR TO THE DATE THE CAUSE OF ACTION AROSE.

2. Nothing in this Agreement shall operate to exclude or restrict a party’s liability for:

1. 1. death or personal injury due to negligence;
      
   2. payment and remittance of monies due hereunder;
      
   3. willful or malicious conduct;
      
   4. breaches of obligations hereunder regarding confidentiality;
      
   5. indemnification for infringement of third party intellectual property rights; and
      
   6. for breaches of applicable laws or Scheme Rules (if applicable) in performing its obligations under this Agreement.
      

3. EPAG will only be liable for EPAG’s own acts or omissions and not for acts or omissions of third parties. This expressly excludes EPAG’s liability for acts or omissions of the Scheme Owners, Payment Methods, Acquirers, and Issuers, or for events or activities originating outside EPAG’s system (such as infrastructure failure, internet disturbances, or malfunctioning in third party systems), except in case such events were caused by EPAG’s willful misconduct or gross negligence.

4. EPAG shall not be liable to the Merchant or any third party for any liquidated, indirect, consequential, exemplary, or incidental damages (including damages for loss of business profits, business interruption, loss of business information, and the like) arising out of this Agreement.

5. Nothing in this Agreement shall exclude or limit any liability of any party for fraud, death, personal injury, or gross negligence.

IX. Indemnification and Fines

1. Each party (the “Indemnifying Party”) will indemnify, defend, and hold harmless at its expense any legal cause of action brought against the other party, its officers, directors, employees, and the successors and assigns of the foregoing (the “Indemnified Party”), from and against all losses, damages, liabilities, deficiencies, actions, judgments, interest, awards, penalties, fines, costs or expenses of whatever kind, including professional fees and reasonable attorneys’ fees and the cost of enforcing any right to indemnification hereunder and the cost of pursuing any insurance providers (collectively, the “Costs”) resulting from or arising out of or in connection with any third party claim, suit, action, proceeding (collectively, the “Claims”) relating to any actual, alleged or threatened: (a) breach by the Indemnifying Party of any of its duties, obligations, representations and warranties contained in this Agreement or (b) infringement or other violation in any manner of any copyright, patent, trade secret, or other intellectual property rights or proprietary rights, in each case whether registered or unregistered, of a third party caused by the use of the services or products of the Indemnifying Party. The Indemnifying Party will pay those Costs incurred by the Indemnified Party which are attributable to any such Claims, provided that (i) the Indemnified Party notifies the Indemnifying Party in writing promptly after the Indemnified Party becomes aware of such Claim (provided that the failure to so notify shall not affect the Indemnified Party’s rights to indemnification hereunder unless, and then only to the extent that, the Indemnifying Party has been actually prejudiced thereby); and, (ii) the Indemnifying Party has sole control of the settlement, compromise, negotiation, and defense of any such Claim (provided that the Indemnifying Party may not agree to any settlement that involves injunctive or equitable relief affecting the Indemnified Party or admission of liability by the Indemnified Party without obtaining the Indemnified Party’s prior written consent); and, (iii) the Indemnified Party cooperates, in good faith, in the defense of any such Claim.

2. Should any of the Indemnifying Party’s products or services become, or in the Indemnifying Party’s opinion is highly likely to become, the subject of a Claim of infringement, the Indemnifying Party may, at its option, (i) obtain the right for the Indemnified Party to continue using said products or services; (ii) replace or modify the Indemnifying Party’s products or services with substantially similar products or services so that they are no longer infringing or reduces the likelihood that they will be determined to be infringing; or (iii) if neither of the foregoing options is commercially reasonable, terminate this Agreement.

3. The Indemnifying Party shall have no liability for any Claim of infringement based on (i) products or services of the Indemnifying Party which have been modified by parties other than the Indemnifying Party; (ii) the Indemnified Party’s use of the Indemnifying Party’s products or services in conjunction with data where use with such data gave rise to the infringement claim; (iii) failure of the Indemnified Party to install upgrades or patches provided by the Indemnifying Party where such upgrade or patch would have removed the infringing condition; or, (iv) the Indemnified Party’s use of the Indemnifying Party’s products or services in a manner inconsistent with documentation provided with such products or services; or, (v) the Indemnified Party’s use of the Indemnifying Party’s products or services with software or hardware not authorized by the Indemnifying Party, where use with such other software or hardware gave rise to the infringement Claim.

X. General Provisions

1. Neither party may assign this Agreement without the prior written consent of the other party, which shall not be unreasonably withheld or delayed. Notwithstanding the foregoing, (i) either party may assign this Agreement or any rights hereunder without consent to an entity that acquires substantially all of its stock, assets or business; or (ii) to an Affiliate, provided that the non-assigning party may terminate the Agreement immediately upon such assignment. Except as provided in this section, any attempts by either party to assign any of its rights or delegate any of its duties hereunder without the prior written consent of the other party shall be null and void.

2. The parties shall perform all of their duties under this Agreement as independent contractors. Nothing in this Agreement shall be construed to give either party the power to direct or control the daily activities of the other party, or to constitute the parties as principal and agent, employer and employee, franchisor and franchisee, partners, joint venturers, co-owners, or otherwise as participants in a joint undertaking. The parties understand and agree that, except as specifically provided in this Agreement, neither party grants the other party the power or authority to make or give any agreement, statement, representation, warranty, or other commitment on behalf of the other party, or to enter into any contract or otherwise incur any liability or obligation, express or implied, on behalf of the other party, or to transfer, release, or waive any right, title, or interest of such other party.

3. The relative tolerance of one party to the breach of any obligations of the other must not be considered a novation or waiver of any right, being mere liberality, that will not prevent the tolerant party to demand compliance from the other at any time.

4. Neither party hereto shall be responsible for any failure to perform its obligations under this Agreement if such failure is caused by acts of God, natural disasters, war, acts of terrorism, strikes, revolutions, lack or failure of transportation facilities, lack or failure of public utilities, laws or governmental regulations or other causes that are beyond the reasonable control of such party. Obligations hereunder, however, shall in no event be excused but shall be suspended only until the cessation of any cause of such failure. In the event that such force majeure should obstruct performance of this Agreement for more than ten (10) Business Days, the parties hereto shall consult with each other to determine whether this Agreement should be modified or terminated. The party facing an event of force majeure shall use commercially reasonable efforts to remedy that situation as well as to minimize its effects. A case of force majeure shall be notified to the other party by any of the methods described in the Notices section below within five (5) Business Days after the occurrence of the event of force majeure.

5. This Agreement and each of its Schedules or appendices constitute and contain the entire agreement between the parties with respect to the subject matter hereof and supersedes any prior or contemporaneous oral or written agreements, including, without limitation, any pre-printed terms and conditions contained in any purchase order or other documentation or any click-through agreement available at https://www.epag.com/en/legal/tcs/. Each party acknowledges and agrees that the other has not made any representations, warranties, or agreements of any kind, except as expressly set forth herein.

6. This Agreement may be executed in counterparts, including counterparts transmitted by facsimile, each of which shall be deemed an original, and all such counterparts shall constitute one and the same agreement.

7. The provisions of this Agreement relating to the payment of any fees or other amounts owed, confidentiality, disclaimers, warranties, limitation of liability, indemnification, governing law, severability, headings, and this paragraph, as well to Intellectual Property shall survive for five (5) years after termination or expiration of this Agreement.

8. If any provision of this Agreement shall be held illegal or unenforceable, that provision shall be limited or eliminated to the minimum extent necessary so that this Agreement shall otherwise remain in full force and effect and enforceable.

9. The headings in this Agreement are intended for convenience or reference and shall not affect the Agreement’s interpretation.

10. This Agreement may be executed in counterparts, including counterparts transmitted by facsimile, each of which shall be deemed an original, and all such counterparts shall constitute one and the same agreement.

11. This Merchant Agreement may not be modified or amended, including by custom, usage of trade, or course of dealing, except by an instrument in writing signed by duly authorized employees of both of the parties hereto. The waiver by either party of a breach of any provision contained herein shall be effective if given in writing and shall in no way be construed as a waiver of any subsequent breach of such provision or the waiver of the provision itself. A failure or delay by a party to exercise any right or remedy provided under this Agreement or under the Applicable Law shall not constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict any further exercise of that or any other right or remedy. No single or partial exercise of any right or remedy provided under this Agreement or under the Applicable Law shall prevent or restrict the further exercise of that or any other right or remedy.

XI. Data Protection

1. Roles of the Parties

1. 1. Where EPAG processes Personal Data while performing the Services EPAG will act as a Data Processor for the Merchant, other than in the circumstances where EPAG determines the purpose and the manner of Processing of Personal Data and subsequently act as a Data Controller, as per clause XI.a.2.

1. 2. Merchant authorizes EPAG to Process Personal Data, as a Data Controller, in the following cases:
      1. Where EPAG determines the purpose and the manner of Processing of Personal Data, for example, in order to: (i) comply with the Applicable Law (including specifically anti-money laundering and counter-terrorism financing laws and regulations), Scheme Rules, applicable Data protection law, or (ii) perform any obligation under this Agreement;
      2. Where the Merchant is provided with a Tokenization Service from EPAG, or any other similar encryption service in the provision of which EPAG determines the purpose and the manner of Processing of the Personal Data (for the avoidance of doubt, if the Merchant decides to switch to another payment services provider, EPAG shall not obstruct this process by withholding the Card Tokens/Card IDs);
      3. Where EPAG processes Personal Data for the purpose of internal research, fraud, security and risk management and assessing financial, credit, or information security risk; and
      4. Where EPAG passes on Data as per clause II. f. 5.

2. Data Transfers

1. 1. Merchant authorizes (and confirms that it has obtained, on EPAGs behalf, the required informed consents from the Customer and Merchant’s employees, directors and shareholders) EPAG to transfer the Personal Data Processed in connection with the Services outside of the Territory in accordance with lawful data transfer mechanisms that provide an adequate level of protection under applicable Data protection laws and appropriate or suitable safeguards as required by applicable law.

3. Sub-Processing

1. 1. Merchant gives general authorization to EPAG to Process and sub-process Personal Data using internal and external Sub-Processors in the context of the Services under the conditions set forth below and EPAG represents and warrants that when sub-processing the Processing of Personal Data in the context of the Services, it:

1. 1. 1. Binds its internal Sub-Processors to respect the Standard Contractual Clauses and to comply with the Merchant’s instructions.
      2. Requires its external Sub-Processors, via a written agreement, to comply with the requirements of applicable Data protection laws applicable to processors and data transfers, with the Merchant’s instructions and with the same obligations as are imposed on EPAG by this Agreement. This will be done by using the Standard Contractual Clauses or another appropriate transfer solution.
      3. Remains liable to the Merchant for the performance of its Sub-Processors’ obligations.
      4. Commits to provide a list of Sub-Processors to Merchant upon request.
      5. Will inform Merchant of any addition or replacement of a Sub-Processor in a timely fashion so as to give Merchant an opportunity to object to the change or to terminate the Agreement before the Personal Data is communicated to the new Sub-Processor, except where the Services cannot be provided without the involvement of a specific Sub-Processor.

4. Security of Processing; Confidentiality; and Personal Data Breach

1. 1. The Parties must implement and maintain a comprehensive written information security program with appropriate technical and organizational measures to ensure a level of security appropriate to the risk, which includes, as appropriate:

1. 1. 1. the pseudonymization and encryption of Personal Data;
      2. the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
      3. the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; and
      4. a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing. In assessing the appropriate level of security, the Parties must take into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing of Personal Data as well as the risk of varying likelihood and severity for the rights and freedoms of Data Subjects and the risks that are presented by the Processing of Personal Data, in particular from an accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data transmitted, stored or otherwise Processed.

1. 2. The Parties must take steps to ensure that any person acting under their authority who has access to Personal Data is subject to a duly enforceable contractual or statutory confidentiality obligation, and if applicable Process Personal Data in accordance with the Controller’s instructions.

1. 3. The Parties must notify a Personal Data Breach that relates to Personal Data Processed in the context of the Service to the other Party, without undue delay, and no later than forty-eight (48) hours after having become aware of a Personal Data Breach. EPAG will provide reasonable assistance to Merchant in complying with its obligations to notify a Personal Data Breach (Personal Data Breaches).

1. 4. The Parties will use their best efforts to reach an agreement on whether and how to notify a Personal Data Breach, and must document all Personal Data Breaches, including the facts relating to the Personal Data Breach, its effects and the remedial action taken in case of Personal Data Breaches.

5. Data Protection Audit

1. 1. Upon prior written request by Merchant, EPAG agrees to cooperate and within a reasonable time provide Merchant with:

1. 1. 1. a summary of the audit reports demonstrating a summary of the audit reports demonstrating EPAG’s compliance with applicable Data protection laws under this Agreement, after redacting any confidential and commercially sensitive information; and
      2. confirmation that the audit has not revealed any material vulnerability in EPAG’s systems, or to the extent that any such vulnerability was detected, that EPAG has fully remedied such vulnerability. If the above measures are not sufficient to confirm compliance with applicable Data protection laws or reveal some material issues, subject to the strictest confidentiality obligations, EPAG allows Merchant to request an audit of EPAG’s data protection compliance program by external independent auditors, which are jointly selected by the Parties. The external independent auditor cannot be a competitor of EPAG, and the Parties will mutually agree upon the scope, timing, and duration of the audit. EPAG will make available to Merchant the result of the audit of its data protection compliance program.

6. Liability Towards Data Subjects

1. 1. Subject to the liability clauses in this Agreement, the Parties agree that they will be held liable for violations of applicable Data protection or Data privacy laws towards Data Subjects as follows:

1. 1. 1. Merchant is responsible for the damage caused by the Processing which infringes applicable Data protection laws or this Agreement.
      2. When EPAG acts as a Processor, it will be liable for the damage caused by the Processing only where it has not complied with the obligations of applicable Data protection laws specifically directed to Processors or where it has acted outside of or contrary to Merchant’s lawful instructions. In that context, EPAG will be exempt from liability if it proves that it is not in any way responsible for the event giving rise to the damage.
      3. Where the Parties are involved in the same Processing and where they are responsible for any damage caused by the Processing, both Merchant and EPAG may be held liable for the entire damage in order to ensure effective compensation of the Data Subject. If EPAG paid full compensation for the damage suffered, it is entitled to claim back from Merchant that part of the compensation corresponding to Merchant’s part of the responsibility for the damage.

XII. Settlement of Disputes

1. The parties hereby elect the Central Court of the Judiciary District of Sao Paulo, Brazil to resolve any disputes directly or indirectly arising out hereof, to the express exclusion of any other, no matter how privileged it may be.

XIII. Duration, Amendment, and Termination

1. Duration

1. 1. Except where explicitly agreed otherwise in the Merchant Agreement, this Agreement is entered into for an indefinite period as of the Effective Date until it is terminated by either party in accordance with section XIII. c).

2. Amendment

1. 1. In order to maintain and meet the latest market demands and technological developments, EPAG may, at its sole discretion, both in form and content, suspend or cancel any services, products, utilities or applications, provided by itself or by third parties, including the Services and any additional services provided in this Agreement. EPAG will inform Merchant of the change by giving two (2) months’ written notice. If the Merchant does not notify EPAG of its objections to the change within fifteen (15) Business Days of the written notice of the change, the Merchant will be deemed to have accepted the change. If the Merchant notifies EPAG of his objection to the changes within a period of fifteen (15) Business Days of our written notice of the change, and EPAG still does not withdraw the changes, the Merchant may terminate the Agreement immediately by giving EPAG a written notice after the entry into force of the change. However, if the Merchant does not object to the changes by terminating this Agreement within five (5) Business Days of the entry into force of the changes, it will be deemed to have accepted it. The Merchant’s use of the Services after EPAG has provided any such notice, constitutes the Merchant’s acceptance of the terms of the modified Agreement. The Merchant still remains liable to EPAG after the termination of this Agreement for any liability it might have incurred and is responsible for prior to terminating this Agreement.

1. 2. The two (2) month notice period will not apply where:
      1. the change relates to interest rate or exchange rates and, in EPAGs’s reasonable opinion, is more favorable to the Merchant, or
      2. relates to the addition of a new service or extra functionality to the existing Service. In such instances, the changes will be made and shall be effective immediately upon giving the Merchant notice of it.

1. 3. The Merchant is not entitled to object to and shall not have the rights set out in this clause for any change, which EPAG implements in order to comply with Applicable Law or requirements by the relevant Payment Methods and Scheme Owners. For such imposed changes shorter notice periods may be imposed.

3. Termination

1. 1. Either Party may at any time request termination of this Agreement, without charge, by notifying the other Party with at least sixty (60) days in advance or upon cancellation of the Service.

1. 2. This Agreement may be terminated by the non-breaching party, regardless of any judicial summons or extrajudicial communication, in case of a material breach by the other party that remains uncured after five (5) Business Days from notification by the non-breaching party to the breaching party.

1. 3. This Agreement will also be terminated by operation of law, regardless of any judicial summons or extrajudicial communication, if Merchant in any way jeopardizes EPAG’s public image and/or any EPAG Affiliate in the rendering of the Service. If the termination of this Agreement occurs in accordance with clause C.2 by Merchant’s fault, EPAG may withhold a reasonable amount of Funds to establish a reserve to cover any potential Disputes, credits and/or uncollected discounts or Fees, which Funds shall be released after sixty (60) days have passed since (i) termination of this Agreement or (ii) the date of the last Dispute or fine, whichever occurs last.

1. 4. The termination of this Agreement, for any reason, must not harm the right of either party to have the amounts owed by the other whether in respect of the rendered Service prior to the termination nor to have any indemnity owed by either party.

1. 5. This Agreement may be terminated by either party effective immediately upon written notice, in the event that (i) the other party files a petition, in bankruptcy, seeking any reorganization, arrangement, composition, or similar relief under any law regarding insolvency or relief for debtors, or makes an assignment for the benefit of creditors; (ii) a receiver, trustee, or similar officer is appointed for the business or property of such party; (iii) any involuntary petition or proceeding, under bankruptcy or insolvency laws, is instituted against such party and not stayed, enjoined, or discharged within sixty (60) days; (iv) the other party adopts a resolution for discontinuance of its business or for dissolution; or (v) financial institution authorized with the foreign exchange process denies Settlement payment to Merchant. In case of Merchant’s insolvency, the funds held in the Reserve Account will be available for the purposes of the insolvency administration only after the period defined in the Merchant Agreement, and subject to any additional Merchant’s liability to EPAG under this Agreement occurring between the Merchant’s insolvency event and the expiry of the period.

1. 6. Unless otherwise advised by EPAG, the Additional Collateral will be held and maintained for a minimum of six (6) months from the termination of this Agreement. If after such six (6) month period there is still a risk of more Deductions or other potential debt or liability, then EPAG will have the right to withhold, or instruct the Scheme Owners, Acquirers, Issuers, and/or Payment Methods to withhold the funds until such risk is eliminated. Upon expiration of this six (6) month period (or longer, as the case may be), any remaining amount of Additional Collateral will be transferred to the Merchant. EPAG will inform the Merchant of any charges debited to the Additional Collateral during this period.

1. 7. Following the date of termination set out in the termination letter of this Agreement or Merchant’s last Transaction submitted to EPAG, provided, however, that the Merchant will remain liable to EPAG for all liabilities occurring beyond such period.

1. 8. All EPAG’s rights with respect to the Reserve Account, the Rolling Reserves Rate, the Rolling Reserve, and the Additional Collateral shall survive the termination of this Agreement.

1. 9. Except as otherwise provided in this Agreement, within thirty (30) calendar days of termination of this Agreement, the Receiving Party shall, at the Disclosing Party’s discretion, (i) return to the other party all materials belonging to the other party that constitutes Disclosing Party’s Confidential Information and/or Intellectual Property; or, (ii) destroy all materials that constitute Confidential Information and/or Intellectual Property of the Disclosing Party and provide to the Disclosing Party written certification signed by an authorized officer of the Receiving Party that all such information was so destroyed. Notwithstanding the foregoing, each party may retain Confidential Information that is (i) stored on archival or backup files or (ii) required for compliance with applicable law, Payment Card Rules (if applicable) or its systems archiving or backup policies, provided that such continues to maintain the confidentiality of such Confidential Information pursuant to the terms of this Agreement.

1. 10. Merchant has the right to terminate the Merchant Agreement immediately if:
       1. the SLA availability in any given month is less than ninety (90) percent;
       2. EPAG changes the Merchant Fees as per III. b) 1 and III. b) 2.; or
       3. EPAG imposes new Merchant Fees or any other fees for existing Services under this Agreement.

XIV. Power of Attorney

1. In regard to transactions in Brazil, Merchant shall grant EPAG powers of attorney to carry out foreign exchange transactions on its behalf.
2. As such, and in accordance with articles 653 to 691 of the Brazilian Civil Code and in compliance with the provisions of article 117, item I, of Circular 3,691 of the Brazilian Central Bank, Merchant grants EPAG powers to perform, on its behalf, all acts necessary for conducting foreign exchange transactions, and to represent Merchant before the Brazilian Central Bank and before Brazilian financial and capital market institutions, with respect to said foreign exchange transactions. This mandate is irreversible and irrevocable, and the obligations arising therefrom shall remain valid until all operations performed by EPAG on behalf of Merchant are settled.

XV. Notices and Electronic Consent

1. Unless otherwise expressly set forth in this Agreement, any legal notice required under this Agreement shall be given in writing and in the English language at the address set forth in the Merchant Agreement, as may be amended in writing from time to time, and shall be deemed to have been delivered and given for all purposes (i) on the delivery date, if delivered by hand courier to the party to whom such notice is directed; (ii) two (2) Business Days after deposit with a commercial overnight carrier; (iii) five (5) Business Days when mailed by an official postal service; and, (iv) upon completion of transmission, if sent via facsimile with a confirmation of successful transmission.

2. The Merchant confirms that it has internet access and has an email account to receive notices, communications and information relating to the Services. The Merchant agrees to the receipt of electronic communications and notices by email or by posting of the information on EPAG’s website. Such communications may pertain to the Services delivered by EPAG, changes in laws or rules impacting the service or other reasons, such as amendment of this Agreement. The Merchant may request a copy of any legally required disclosures (including this Agreement) from EPAG and EPAG will provide this to the Merchant in a form that allows it to store and reproduce the information (for example, by email) and the Merchant may terminate its consent to receive required disclosures through electronic communications by contacting EPAG as described in this clause XV. of the Agreement. EPAG may charge the Merchant a Records Request Fee to provide this information. EPAG reserves the right to terminate this Agreement if the Merchant withdraws its consent to receive electronic communications.

3. Where Merchant has concluded this Agreement with EPAG via any other online means, EPAG may at any time request that the Merchant re-confirms its acceptance of the terms of the Agreement by means of a written document signed by an authorized representative of the Merchant. If the Merchant does not comply with such request within five (5) Business Days after receiving a request by EPAG to do so (which request may be issued to Merchant via the contact email address submitted by Merchant when concluding the Agreement), EPAG reserves the right to suspend part or all of the Services until the Merchant has complied with such requests.

Version 1.53
Valid as of August 11, 2021