SWEDBANK AS TERMS AND CONDITIONS FOR PAYMENT CARDS SERVICING Valid from 01.12.2014 1. TERMS AND DEFINITIONS 1.1 Account is a current account of the Merchant specified in the Agreement. 1.2 Agreement is an agreement entered into by the Merchant and the Bank for servicing the payment cards together with all the annexes thereto. 1.3 Authorization is a query to check Card validity and availability of corresponding funds on the Card s related account. 1.4 Business Day is the day when the Bank is open for general banking business. 1.5 Card is an electronic means of payment, which enables the Cardholder to conduct Transactions. The Cards accepted by the Bank are determined in the Agreement. 1.6 Cardholder is an account holder or a person appointed by the account holder with the right to use the Card. 1.7 Certification is a procedure and respective actions carried out by the Bank or third party authorized by the Bank to verify the compliance of a specific type of Terminal with the requirements of the Bank and the International Card Organisation. 1.8 Commission Fee is a fee determined in the Agreement, which the Merchant pays to the Bank for processing the Transactions and/or servicing the Cards. 1.9 International Card Organisation is MasterCard Worldwide, VISA International, American Express International or any other payment card organisation, whose member the Bank is or whom the Bank has the right to represent during the term of the Agreement. 1.10 Merchant is any legal entity or natural person with whom the Bank has entered into the Agreement. 1.11 Payment Card Industry Data Security Standard (PCI DSS) is a set of industry-wide requirements and processes to protect sensitive Card and account data at the Merchant, supported by the International Card Organisations (available https://www.pcisecuritystandards.org/). 1.12 Point of Sale is a retail location specified in the Agreement where the Merchant offers goods and/or services within its sphere of economic activity specified in the Agreement. 1.13 Principles of Client Data Processing is a document regulating the main principles and terms and conditions for processing client data in the Estonian companies of Swedbank. 1.14 Receipt means a document which serves as proof of the Transaction, compliant with the requirements of the Bank and the International Card Organisation as approved by the Bank during the Certification. 1.15 Service Provider is a third person indicated by the Bank who provides any services on behalf of the Bank for the performance of the obligations mentioned in the Agreement. 1.16 Transaction is an order given by the Cardholder using the Card to initiate the payment for goods or services, or any another operation permitted by the Bank through the Terminal. 1.17 Terminal is a mechanical or an electronic device, which enables the processing of the Transactions in compliance with and is certified according to the requirements of the Bank 2. SUBJECT OF THE AGREEMENT 2.1 The Agreement regulates the relations between the Bank and the Merchant in respect of conducting the Transactions at the Point of Sale and any other circumstances relating to the above. 3. SETTLEMENT 3.1 The Bank shall transfer the amount from which the Commission Fee has been deducted for the Transactions to the Account of the Merchant within 3 (three) Business Days following the receipt of the Transactions with exception of cases provided herein, when the Bank is entitled to suspend the implementation of its obligations as provided below. If the
Transactions reach the Bank on the day, which is not a Business Day, the Transactions shall be deemed to have been received on the following Business Day. 3.2 The Merchant shall pay Commission Fees to the Bank based on the Transactions and at the rates specified in the Agreement. 3.3 Transactions conducted during the current day must reach the Bank by the following Business Day in compliance with the procedure prescribed by the Terminal User Manual or the Technical Specification 3.4 The Bank is entitled not to accept requests by the Merchant to transfer the amounts specified in clause 3.1 of the Agreement if the Transaction in question reaches the Bank later than within 2 (two) weeks after conducting the Transaction. 3.5 The Bank is entitled to suspend the performance of its obligation to transfer amounts according to clause 3.1 in case of following Transactions: 3.5.1 the Cardholder and/or the issuing bank has filed valid claim according to the rules of any International Card Organisation; or 3.5.2 the Merchant has failed to deliver to the Bank the Receipt itself and/or any other relevant information required by the Bank according to the Agreement; 3.5.3 the Bank has valid suspicion that the Transaction has not been conducted according to the requirements specified in the Agreement, including within the sphere of the Merchant s economic activity. 3.6 The Bank is entitled to suspend the performance of its obligation under clause 3.5 to transfer amounts according to clause 3.1 until the due dates set for filing and/or proceeding chargeback according to the rules of any International Card Organisations. 4. RIGHTS AND OBLIGATIONS OF THE MERCHANT 4.1 The Merchant shall display the advertising materials indicating the servicing of the Cards delivered by the Bank at a place visible for the Cardholder in the location of the Terminal. 4.2 Upon conducting the Transactions, the Merchant undertakes to comply with the instructions "Payment Cards Acceptance Requirements and Security Features" (available on the Bank's homepage on the Internet https://www.swedbank.ee/business or at any Bank branch; hereinafter Requirements) and Terminal usage manual, which all constitute an integral part of the Agreement. 4.2.1 Unless the use of unattended Terminal or the right to make Transactions without the presence of the Card has been agreed in the Agreement, the Merchant shall: 4.2.1.1 verify the Card prior to each Transaction to ensure its compliance with the Requirements in case of magnetic stripe based Transactions and chip based Transactions, if the Terminal requires the Transaction to be confirmed by the signature;. 4.2.1.2 identity the bearer of the Card according to the Requirements in case of any magnetic stripe based Transactions or chip based Transactions, if the Terminal requires the Transaction to be confirmed by the signature, if the amount of Transaction exceeds the amount set forth in the Requirements or there is a doubt of authenticity of the Card or identity of the bearer of the Card; 4.2.1.3 ensure the signing of the Receipt by the Cardholder in case of magnetic stripe based Transactions and chip based Transactions, if the Terminal requires the Transaction to be confirmed by the signature;. 4.2.1.4 ensure that the Receipt has PIN-code approval confirmation in case of any chip based Transactions, if the Terminal requires the Transaction to be confirmed by the PIN code; 4.3 If the use of unattended Terminal or the right to make Transactions without the presence of the Card has been agreed in the Agreement, the Merchant shall use all reasonable endeavours in order to ensure that the Transaction is made by the Cardholder only. 4.4 Unless the right to make Transactions without the presence of the Card has been agreed in the Agreement, the Merchant shall make any and all Transactions only in the presence of the Cardholder. 4.5 If the right to make Transactions without the presence of the Card has been agreed in the Agreement, the Merchant shall ensure that manually entered Card data is received legally
and delivered to the Merchant by the Cardholder according to the security requirements foreseen for delivering Card data and that sufficient due diligence and precautions are used for entering. 4.6 If the right to reserve a Transaction amount on a Card in order to ensure the fulfilment of obligations of a Cardholder is agreed in the Agreement, the reservation shall be null and void or finalized as a Transaction according to the Terminal usade manual at the latest within 30 calendar days as from the date of reservation. 4.7 The Merchant undertakes to Authorize the Cards in case of all Transactions. 4.8 The Merchant undertakes to immediately comply with any security instructions received from the Bank. 4.9 The Merchant shall keep the Receipts and Transactions delivery reports for at least 2 (two) years from conducting the Transaction. 4.10 The Merchant may engage third party for the implementation of the Terminals only with the prior consent of the Bank, remaining itself fully responsible for fulfilling the requirements of the Agreement.. 4.11 In case the Terminal belongs to the Merchant or any third party, the Terminal must be approved and certified by the Bank prior to using it. In case the Merchant uses the Bank's Terminal, the Bank is obliged to give to the Merchant only such equipment that is certified by the International Card Organisation. 4.12 It is prohibited for the Merchant: 4.12.1 to establish minimum and maximum Transaction amounts; 4.12.2 to accept Card payments for the settlement or refinancing of any existing liability; 4.12.3 to pay out any cash based on a Transaction or cancellation of a Transaction; 4.12.4 to divide the purchase, for which the payment is made using one Card, on several Transactions or Receipts; 4.12.5 to use such card reading system that copies, stores or preserves in any other way the information on the magnetic stripe or chip of the Card and in the company's data processing systems; 4.12.6 to accept the Card for making a settlement for the business of any third persons; 4.12.7 to allow the acceptance of the Cards by any workers of the Merchant who has not received the training in Card acceptance; 4.12.8 to assign their rights and obligations arising from the Agreement or transfer these in any other manner to any third persons. 4.12.9 to conduct the Transaction with the Card that is forged or has fallen into the possession of any third persons due losing, theft or in any other way (including in case if the right to use the Card is doubtable) nor allow the Cards to be used in any other illegal way. 4.13 The Merchant shall ensure that only Merchant's employee(s) and the Service Provider can access the Terminal, and shall ensure sufficient protection for the preservation of the Terminal. 4.14 The Merchant is obliged to give to the Cardholder a Receipt to verify the Transaction and to serve as a proof, if the Cardholder requires so or it is required by the applicable law and store the Receipt itself to verify the Transaction and to serve as a proof. 4.15 Upon a written request of the Bank, the Merchant shall deliver to the Bank the copy of the Receipt confirming the Transaction, document certifying the purchase and the relevant explanations at the latest within 3 (three) Business Days as from the day of receiving the request. 4.16 The Merchant shall maintain the technical equipment transferred to the Merchant and required for processing the Transactions in working order. The Merchant is not allowed to amend the technical data of the Terminal itself nor allow any third parties to do so without the consent of the Bank. 4.17 The Merchant shall assure at its own costs that Merchants Terminal, location of the Terminal at the Point of Sale, and the means of communication required for the use of the Terminal comply with the effective requirements of the International Card Organisation and the Payment Card Industry Data Security Standards at all times during the validity of the Agreement. In case of amendments in the requirements of any International Card
Organisation and Payment Card Industry Data Security Standards the Merchant shall ensure to be in compliance with requirements by the due date. The Bank is entitled to require the Merchant to submit to the Bank the documentation certifying the compliance with the above mentioned requirements and standards. If the Merchant breaches the obligation set forth in this clause, and does not end breaching by the reasonable due date notified by the Bank, the Bank is entitled to: 4.17.1 carry out itself or through the Service Provider regular compliance check to examine the compliance to the requirements of any International Card Organisation and Payment Card Industry Data Security Standards until the Merchant fulfils its obligation set forth in clause 4.17; 4.17.2 place an order to ensure the Merchant to become compliant with the requirements of any International Card Organisation and Payment Card Industry Data Security Standards on behalf of the Merchant; 4.17.3 require the Merchant to reimburse any and all the costs related to activities specified in clause 4.17.1 and 4.17.2 according to the Banks Price List. 4.18 The Merchant shall pay all the costs relating to the communication costs. 4.19 Unless otherwise agreed in the Agreement, the Merchant shall not change the location of the Terminal itself or the software in the Terminal or allow the changing thereof by any third party. 4.20 The Merchant is obliged to confiscate from any Card bearer the Card that is forged or has fallen into the possession of any third persons due losing, theft or in any other way, and to send it immediately to the Bank. 4.21 The Merchant shall use the Terminals only for legal and ethical activities, which do not in any way harm Bank s reputation and only within its economic activity area specified in the Agreement. The Merchant must inform the Bank of any changes in its economic activity area prior to the change. 4.22 The Merchants must hold an activity licence and/or be registered in the respective registry, if it is required so by the applicable law for operating in its area of economic activity. Any such licence and/or registration must be valid upon entering into the Agreement and throughout the whole term of the Agreement and be presented to the Bank upon Bank s request. 5. RIGHTS AND OBLIGATIONS OF THE BANK 5.1 The Bank is entitled to use third persons for the performance of the obligations of the Bank. 5.2 The Bank is entitled without an additional consent of the Merchant to withhold from the turnover of the Merchant s Cards sales, or debit the Merchant's Account, or in case there are not enough funds in the Account, any other Merchant s current account with the Bank, the following: 5.2.1 Amounts of Transactions in case of which the Merchant has violated the Agreement; 5.2.2 Amounts of Transactions in case of which the Cardholder and/or the issuing bank has submitted a justified claim according to the rules of the International Card Organisation (including amounts of Transactions in case of which the Cardholder has not received the goods or services); 5.2.3 Any fees, contractual penalties for late payment etc payable by the Merchant to the Bank according to the Agreement or Price List; 5.2.4 Any loss caused by the Agreement, including any amounts of loss, which arise from violating the requirements of the Terminal, and any fines, fees and claims imposed by the International Card Organisation. 5.3 If the Bank is unable to debit or withhold the claim mentioned in clause 5.2 of the Agreement due to lack of money or no turnover, the Bank is entitled to demand the allocation of funds to the Account within 10 (ten) Business Days by sending a respective message to the Merchant and freeze the Account or any other Merchant s account in the Bank in the amount equal to the amount of claim.
5.4 If the Bank advises the Merchant with regard to the use, maintenance, etc. of the Terminal, the Bank is entitled to charge a fee for it. The Price List of the Bank constitutes an annex to the Agreement. 5.5 In justified cases (e.g. at the request of the International Card Organisation, due to safety considerations) the Bank is entitled to suspend or terminate immediately the Merchant s right to conduct the Transactions with all or certain Cards by notifying the Merchant thereof. 6. LIABILITY 6.1 The Merchant shall be fully liable for any losses which have arisen if the Merchant has breached the Agreement, including: 6.1.1 if the Merchant has breached the obligation to comply with the Authorization procedure; 6.1.2 if the Merchant has disclosed any information about the acceptance of Cards and their users to any third party or used such information in bad faith; 6.1.3 if the Merchant has not stored the Receipt that is serving as a proof of the Transaction; 6.2 In case of any illegal use of the Card or Card data, the Merchant shall be liable in compliance with the procedure provided by the legislation of the Republic of Estonia. 6.3 The Merchant shall bear responsibility for accepting the Card and/or using Card data for any unlawful actions, including conducting of Transactions for goods and/or services that are prohibited under the legislation. 6.4 Transactions with compromised, lost, stolen Card/Card data or Card/Card data that has fallen into the possession of any third party in any other way is forbidden. The Merchant shall be liable towards the Bank for any damages or losses incurred to the Bank due to any error of the Merchant, if the Transaction is conducted for the settlement of any goods and/or services by means of a compromised, lost, stolen Card/Card data or any Card/Card data that has fallen into the possession of any third party in any other way. 6.5 If the Transaction is made without the physical presence of the Card, the Merchant shall bear full liability for all and any loss and damage caused to the Bank irrespective of Merchant s rights agreed in the Agreement to conduct the Transactions with or without the presence of the Card. 6.6 The Merchant shall submit all the claims relating to any Transaction at the latest within 6 (six) months from conducting the Transaction; any claim filed thereafter will be deemed expired and the Bank will be under no obligation to reimburse for any costs associated with expired claims. 7. CONFIDENTIALITY 7.1 The Merchant may not disclose confidential information to any third parties without prior written consent of the Bank. Under confidential information the parties understand the Transaction data and Transaction related data, Agreement related security requirements, technical data and any other information, experience, know-how and business secrets connected to the activities of the Parties. 7.2 The Merchant shall be liable for any loss arising from the failure to adopt sufficient security measures. 7.3 The Merchant may use the data resulting from the Transaction and the Terminal only for the purpose and in compliance with the procedure specified in the Agreement. 7.4 The Bank is entitled to disclose information about the Merchant and the Agreement to any third parties if such requirement is provided by the Republic of Estonia laws, the General Conditions of the Bank, the Principles of Processing Customer Data or this is required by the International Card Organisation. 8. AMENDMENT OF THE AGREEMENT 8.1 The Bank has the right to unilaterally amend the Agreement by notifying the Merchant of the amendments in the manner determined by the Bank at least 1 (one) month in advance. 8.2 If Merchant does not agree with the amendments of the Agreement, the Merchant has the right to terminate the Agreement within the term specified in clause 8.1 of the Agreement.
8.3 If the Merchant has not terminated the Agreement within the term specified in clause 8.1 of the Agreement it shall be deemed that the Merchant agrees with the amendments. 9. VALIDITY, SUSPENSION AND TERMINATION OF THE AGREEMENT 9.1 The Agreement enters into force and is binding upon the parties as from the moment of activating the Card servicing at the Point of Sale. 9.2 The Bank activates the Card servicing if the following conditions are fulfilled: 9.2.1 The compliance check performed by the Bank after signing the Agreement is positive; and 9.2.2. The Bank has approved and certified the Merchant s Terminal; or 9.2.3. The Bank or Service Provider has installed the Bank s Terminal at the Point of Sale. 9.3 The Bank has the right not to activate the Card servicing if the Merchant does not comply with the requirements of the Bank according to the compliance check performed by the Bank within three (3) Business Days after signing the Agreement or the Merchant s Terminal does not comply with the requirements. In such cases the Agreement does enter into force and the Bank informs the Merchant thereof according to the General Conditions of the Bank (f.e. internet bank message, e-mail, mail) within five (5) Business Days. 9.4 In case the parties sign the Annex for the Point of Sale together with the pre-printed Agreement and the compliance check has not performed by the Bank prior to signing the Annex, the Effective Date of the Annex is the date of activating the Card servicing at the Point of Sale in accordance with the clause 9.2 above. 9.5 The Agreement is valid for an unspecified term (unless otherwise agreed by the parties). 9.6 In the interests of security or at the request of the International Card Organisation, the Bank is entitled to immediately suspend the performance of the Agreement by notifying the Merchant thereof. The performance of the Bank's obligations to the Merchant under the Agreement is suspended upon suspension of the Agreement. 9.7 If the party fails to fulfil its obligations under the Agreement, the injured party is entitled to terminate the Agreement with immediate effect by giving the other party notice thereof. 9.8 The Bank is entitled to terminate the Agreement with immediate effect unilaterally if: 9.8.1 the Merchant does not perform the obligations specified in the Agreement or other agreement with the Bank or Swedbank group company; 9.8.2 no Transactions have been conducted through the Merchant for at least 2 (two) months; 9.8.3 the International Card Organisation demands the termination of the Agreement; 9.8.4 the Merchant has submitted incorrect information to the Bank; 9.8.5 the Merchant, in the Bank's opinion, is involved in illegal actions, f.e related to processing of Transactions at the Point of Sale; 9.8.6 the Bank becomes aware of the fact that the Merchant has no activity license and/or registration required by law, including in case such license or registration has expired or been revoked during the term of the Agreement or the Merchants economic activity area is not in compliance with Banks compliance requirements; 9.8.7 circumstances have become evident or an event has taken place (e.g. possible insolvency, bankruptcy or liquidation proceedings) which, in the reasoned opinion of the Bank, may jeopardise the realisation of the Bank s rights regarding the Merchant or result in the non-performance of the duties and obligations arising from the Agreement by the Merchant; 9.8.8 other good reasons provided in the General Conditions of the Bank occur. 9.9 Either party to the Agreement is entitled to unilaterally terminate the Agreement by giving the other party at least 1 (one) month prior written notice to such effect. 9.10 Expiry of the Agreement shall not affect the collectability or satisfaction of the monetary claims that have arisen before the expiry of the Agreement. Termination of the Agreement shall have no impact on the monetary claims provided in the Agreement.
10. OTHER PROVISIONS 10.1 In all other respects the General Conditions of the Bank, Price List of the Bank and the Client Data Processing Principles apply and form an integral part of the Agreement. The Merchant confirms that they have examined these documents and consents to these.