Ethoca Terms of Use

Last updated: May, 2024

PURPOSE OF ETHOCA TERMS OF USE

These Ethoca Terms of Use (“Terms of Use”) are between the entity using the Ethoca services (“Customer”) and the Mastercard entity (“Mastercard”) as set out below.  Mastercard Affiliates, including but not limited to Ethoca Technologies, Inc. may perform the Service under this Agreement (collectively, Mastercard and Mastercard Affiliates are “Supplier”). Customer and Supplier may each be referred to as a “Party” and together as the “Parties.” Supplier may amend and modify the Terms of Use and issue new versions from time to time as Supplier decides in its reasonable discretion.

PLEASE READ THE FOLLOWING TERMS CAREFULLY.

BY CLICKING “I ACCEPT,” SIGNING THE SUPPLIER ORDER FORM, OR BY OTHERWISE ACCESSING OR USING THE SERVICE, CUSTOMER AGREES THAT IT HAS READ AND UNDERSTOOD, AND, AS A CONDITION TO ITS USE OF THE SERVICE, AGREES TO BE BOUND BY, THE FOLLOWING TERMS AND CONDITIONS. IF CUSTOMER IS NOT ELIGIBLE, OR DOES NOT AGREE TO ANY TERM OR CONDITION OF THIS AGREEMENT, THEN CUSTOMER DOES NOT HAVE SUPPLIER’S PERMISSION TO USE THE SERVICE. CUSTOMER’S USE OF THE SERVICE, AND SUPPLIER’S PROVISION OF THE SERVICE TO CUSTOMER, CONSTITUTES AN AGREEMENT BY SUPPLIER AND CUSTOMER TO BE BOUND BY THIS AGREEMENT.

1. DEFINITIONS

“Affiliate” of a Party means any entity directly or indirectly controlling, controlled by, or under common control with that Party, where “control” means ownership of at least 50% of the equity or beneficial interests of such entity or the right to vote for or appoint a majority of the board of directors or other governing body of such entity.

“Agreement” means these Terms of Use, the applicable order form provided by Supplier (the “Supplier Order Form”), the DPA and, if applicable, any written agreement between Customer and Supplier that incorporates these Terms of Use by reference.

“Alert(s)” means information on Confirmed Disputed Transactions and/or Non-Fraud Dispute Transactions that Supplier creates, evaluates or otherwise distributes.

“Alerts Data” means information related to Confirmed Disputed Transactions and/or Non-Fraud Dispute Transactions and provided to Customer as part of the Service, which may include some or all of the following: (i) card or account number, which number may be a cancelled or live card number; (ii) transaction amount; (iii) transaction type; (iv) transaction currency; (v) acquirer reference number; (vi) merchant descriptor; (vii) date and time of transaction; (viii) POS code; (ix) authorization amount; (x) authorization code; and (xi) any source identifier provided by Participating Issuer to permit tracking of the source of the Alert Data.

“Cardholder” means the holder of a credit or debit card. 

“Confirmed Disputed Transaction” means a transaction for a Merchant Identifier for which it is known that the transaction will be disputed by the cardholder.

“Customer Data” means any data provided by Customer to Supplier under this Agreement for the purpose of Supplier providing the Service, including Outcome Information.

“Deliverables” means any work product provided to Customer by Supplier as set forth herein including but not limited to the outputs of the Services, and other materials.

“Merchant Identifier” means the list of merchant IDs that Customer uses in its business as identified in the Merchant Identifiers Appendix of the applicable Supplier Order Form and as indicated by Customer in writing from time to time. 

“Non-Fraud Dispute Transaction” means a transaction that the Participating Issuer, by virtue of its operating processes, has identified that will be disputed by the cardholder for non-fraud reasons.

“Outcome Information” means the result of the Alert provided to Customer as part of the Service, including but not limited to: (i) the results, as modified from time-to-time, of: account suspended, shipment stopped, transaction refunded, order previously cancelled, too late, or other; (ii) the date and time of the response; (iii) additional optional relevant information about a transaction; and/ or (iv) any other commentary as it specifically relates to the outcome of the transaction in the optional free-form field for the provision of such commentary.

“Privacy and Data Security Requirements” means any law, regulation and applicable industry guidelines (including, without limitation Data Protection Law as defined in the DPA referenced in Section 13 below) relating to the protection and security of data.

“Participating Issuer” means a card issuer and/or related consumer financial services provider that has agreed to participate in the Service under the applicable Supplier Order Form.

“Service” means the service provided by Supplier to Customer identified in the applicable Supplier Order Form.

2. General Rules

To facilitate the provision of Services, Customer:

2.1 Agrees to provide timely, at least within 72 hours of receiving the Alert, full and accurate Outcome Information back to Supplier and further agrees that Supplier and its Affiliates may use Outcome Information in connection with the Services and in accordance with the terms of this Agreement, including for the provision of loss-risk evaluation and loss avoidance activities and for Supplier’s other business purposes, such as billing, account management, data analysis, benchmarking, technical support, product development and improvement, fraud prevention and monitoring, development of anti-fraud services, processing and resolving chargebacks or other disputes, expansion of its participating merchant base, auditing, reporting, and compliance with law.

2.2 Represents, warrants, and covenants that it will use the methods agreed to by the Parties to deliver timely and accurate Outcome Information back to Supplier.

2.3 Consents to Supplier receiving Alert Data for any payment network and permits Participating Issuers to send Alerts for all Merchant Identifiers including hard and soft merchant identifiers.

2.4 Represents, warrants, and covenants that it will only use Alert Data for the sole purpose of, and only to the extent necessary to, avoid fraud loss on the specific transaction to which the Alert relates. 

2.5 Represents, warrants, and covenants that it will not use Alert Data as a factor in determining a consumer’s eligibility for credit, insurance, employment or for any purpose that violates the Fair Credit Reporting Act (“FCRA”).

2.6 Represents, warrants, and covenants that it will comply with any other requirements or limitations relating to the use of Alert Data as required by Supplier from time to time.

2.7 Represents, warrants, and covenants that it will not combine Alert Data with any other data from any third party source, including, without limitation “consumer report“ information as defined in the FCRA;

2.8 Represents, warrants, and covenants that it will not share Alert Data with any third party except as necessary to carry out its obligations under the Agreement provided the third party is bound to confidentiality and privacy and data security terms at least as restrictive as those provided in this Agreement.

2.9 Represents, warrants, and covenants that it has the full legal right and permission to receive the Alerts for the Merchant Identifiers provided by Customer; 

2.10 Acknowledges that it may receive the numbers of active credit card numbers in connection with certain of Supplier’s services, notably the receipt of Non-Fraud Dispute Transaction based Alerts. In connection thereto, Customer acknowledges that it is responsible for ensuring the appropriate security safeguards are in place to protect the security of the Alert Data, that it is responsible for any breach of Alert Data provided to it by Supplier and that it will indemnify Supplier from any claims relating to such a data breach. If so requested, Customer agrees to provide Supplier evidence of its security safeguards, including without limitation fully signed attestation of compliance with the PCI DSS.

2.11 Acknowledges that Supplier provides an inclusive service and, in connection with this, agrees to receive Alerts based on data from all of Supplier’s data sources. As such, Customer agrees to action (i.e. suspend the applicable account, stop the applicable transaction, refund the applicable transaction, etc.) all Alerts received by it from Supplier. Customer will action the Alert even if similar or the same information is provided to it by another party.  Such obligation shall pertain to all Participating Issuers which are added during the term of this Agreement.

2.12 Acknowledges and agrees that Supplier shall have the ability to control and select the Alerts and Alerts Data it sends to Merchant in order to improve efficacy of the Alerts network and ensure a consistent value of the product, based on materiality, data quality, and other considerations in Supplier’s reasonable discretion. 

3. GRANT OF RIGHTS AND LICENSES

3.1 Subject to Customer’s strict compliance with the Agreement, Supplier grants Customer a limited, non-exclusive, non-transferable, revocable, non-sublicensable, right to access and use the Services and the Deliverables, solely in accordance with the restrictions and limitations in this Agreement.

3.2 Customer will provide Customer Data or other information and take such other steps as required to enable the delivery of Service. Customer hereby grants Supplier and its Affiliates, Participating Issuers, and any applicable intermediaries a non-exclusive, royalty-free, worldwide right and license to transmit, store, disclose, and otherwise process Customer Data in accordance with the terms of this Agreement and in connection with performing its obligations and exercising its rights under this Agreement.  This right and license will survive any termination of this Agreement.

3.3 Nothing in this Agreement will oblige Supplier to continue to provide Services to Customer. Except as otherwise expressly agreed in writing between the Parties, this Agreement will be non-exclusive and nothing will preclude either Party from entering into any similar agreement with other parties providing similar Services.

3.4 Supplier reserves all rights not expressly granted hereunder.  

3.5 Customer grants Supplier a non-exclusive, royalty-free, worldwide license for the duration of the term of this Agreement to use the Customer’s Marks (as defined below)  in connection with the provision and promotion of the Services including providing a copy of those Marks to the Participating Issuers in connection with any services provided by Supplier to the Customer. Customer agrees and consents that Supplier may name Customer, and each applicable affiliate, (i) as a user of the Services in Supplier’s press releases, earnings calls, case studies, customer lists, promotional and other communications, (ii) for internal purposes, and (iii) for ancillary uses related to (i) and (ii). “Marks” means such trademarks, logos, service marks and trade names as the Customer may from time to time authorize Supplier to use for this purpose. Any use of Customer’s Marks by Supplier will be in compliance with the Customer’s most current guidelines for use of its Marks, as provided to Supplier from time to time. Any unauthorized modification of or to Marks by Supplier is expressly prohibited. Except as expressly agreed herein, Supplier shall not acquire any rights in the Marks nor will it intentionally act to impair the rights of the Customer to the Marks.

4. FEES

4.1 Customer shall pay Supplier the Fees for the Service set out in the applicable Supplier Order Form pursuant to the payment terms set forth therein.

4.2 In the event that any Fees in the Supplier Order Form include any Per Refund Fee, any Percentage of Stopped Fee/Per Stopped Fee, or any other fees or exceptions based on Customer’s results of working the Alert, Customer acknowledges that such Fee is based on the Outcome Information provided by Customer to Supplier.  As such, Customer agrees to provide full and accurate Outcome Information back to Supplier within 72 hours from Customer’s receipt of the Alert.  In the event that Customer does not provide the Outcome Information with respect to any transaction within the timeline set forth above, such transaction shall be deemed refunded and/or stopped, as applicable, and Customer shall pay the Per Refund Fee and/or the Percentage of Stopped Fee/Per Stopped Fee and/or the applicable fee (in addition to the Per Alert Fee) set forth herein for such transaction.

4.3 Late payments will accrue interest at a rate of 0.5% per month. 

4.4 All Fees payable, and the value of services rendered by Supplier under this Agreement will be exclusive of any sales tax, withholding tax, use tax, goods and services tax, value-added tax, stamp duty, business activity tax, or any other tax, or charge of a similar nature, inclusive of information reporting obligations such as those imposed under the Foreign Account Tax Compliance Act of the U.S. (if applicable) (collectively, “Taxes”), which is applicable to payments made to Supplier under this Agreement pursuant to the laws or regulations of a federal, state, provincial, or any other recognized taxing authority. To the extent Customer is required by applicable law to deduct or withhold Taxes from any payments due hereunder, the amount paid or to be paid by Customer to Supplier will be increased by Customer such that the amount received by Supplier, after deduction or withholding for Taxes, equals the full amount invoiced. Supplier may charge and Customer will pay Taxes that Supplier is legally obligated to charge. Each Party will report and pay all taxes imposed on its revenue or income by any applicable by any applicable authority.

5. TERM AND TERMINATION

5.1 The Agreement is effective as of the start date set forth in the Supplier Order Form and continues until terminated in accordance with this Section 5.

5.2 If the Supplier Order Form sets forth any term of authorized use of the Services, these Terms of Use will automatically terminate at the end of that term.

5.3 Either Party may terminate the Agreement upon thirty (30) days written notice to the other Party, provided pursuant to the notice requirements of this Agreement.

5.4 Upon a material breach of this Agreement by either Party, the non-breaching Party may terminate the Agreement if such default continues and is not remedied for a period of ten (10) calendar days following written notice of default being given to the breaching Party. 

5.5 This Agreement will terminate effective immediately upon delivery of written notice to Customer, (i) upon the institution of insolvency, receivership or bankruptcy proceedings or any other proceedings for the settlement of debts of Customer, (ii) upon the making of an assignment for the benefit of creditors by Customer, or (iii) upon the dissolution of Customer.

5.6 In the event a change in law or regulation prohibits or impairs Supplier’s ability to perform the Services (“Adverse Change”), the Parties will work in good faith to address and implement any changes to the Services necessary to comply with that Adverse Change. Without limiting the foregoing, Supplier may suspend the Services for the duration of the Adverse Change as necessary to comply with the Adverse Change. If Supplier is not able to modify the Services to comply with the Adverse Change, Supplier may terminate this Agreement upon written notice with no further liability.

5.7 Upon termination or expiration of this Agreement, all rights to the Services and Deliverables granted hereunder will immediately terminate and Customer must cease all use of the Services and Deliverables.  Sections 3.2, 6, 7, 8, 9, 10, 11, 12, 13, 15, 15, 16, and 17 will survive termination or expiration of this Agreement. 

6. CONFIDENTIALITY

6.1 “Confidential Information” means: (a) any non-public technical or business information of a Party or its Affiliates, including without limitation customer information and any information relating to a Party’s techniques, algorithms, know-how, current and future products and services, research, engineering, designs, financial information, pricing, procurement requirements, manufacturing, customer lists, business forecasts, marketing plans and information; (b) any other information of a Party that is either designated as “Confidential” or proprietary, or that the receiving Party would reasonably understand to be confidential by its nature; and (c) the specific terms and conditions of this Agreement. 

6.2 Confidential Information will not include any information that: (a) is or becomes generally known to the public through no fault or breach of this Agreement by the receiving Party; (b) the receiving Party can demonstrate by written evidence was rightfully in the receiving Party’s possession at the time of disclosure, without an obligation of confidentiality or restriction on use or disclosure; (c) was independently developed by the receiving Party without use of or reference to the disclosing Party’s Confidential Information; or (d) was rightfully obtained by the receiving Party from a third party not under a duty of confidentiality without restriction on use or disclosure.

6.3 The receiving Party will only use the disclosing Party’s Confidential Information for the purpose of delivering or receiving the Service or as otherwise expressly set out in this Agreement.

6.4 Except as expressly provided in this Agreement or with the disclosing Party’s prior written consent, the receiving Party agrees that it will hold all Confidential Information of the disclosing Party in confidence, and that it will not disclose any Confidential Information of the disclosing Party to any third party (other than in the agreed upon manner in connection with the Service), except that it may disclose Confidential Information to its subsidiaries, Affiliates, and permitted assigns. The receiving Party will implement and maintain appropriate policies and procedures to: (i) ensure the security and confidentiality of the Confidential Information; (ii) protect against any anticipated threats or hazards to the security or integrity of such Confidential Information; (iii) protect against unauthorized access to or use of such Confidential Information that could result in harm or inconvenience to the disclosing Party or its customers, and (iv) ensure the proper disposal of such Confidential Information as required by applicable law. 

6.5 The receiving Party will promptly (but in no event greater than 48 hours after it becomes aware) notify the disclosing Party should there be any unauthorized disclosure of or access to the Confidential Information and this obligation will survive termination of the Agreement.

6.6 A receiving Party may disclose Confidential Information pursuant to a requirement or request of a governmental agency or pursuant to a court or administrative subpoena, order or other such legal process or requirement of law, or in defense of any claims or causes of action asserted against it; provided, however, that (a) it must first notify the disclosing Party of such request or requirement or use in defense of a claim, unless such notice is prohibited by statute, rule or court order, (b) attempt to obtain the disclosing Party’s consent to such disclosure, and (c) in the event consent is not given, agree to permit a motion to quash, or other similar procedural step, to frustrate the production or publication of Confidential Information.  Nothing herein will require a Party to fail to honor a subpoena, court or administrative order, or any similar binding requirement on a timely basis.
 

7. SECURITY

Customer will use no less than industry standard security measures and technologies in connection with its use and receipt of the Services and to protect the confidentiality, security, and integrity of the Alerts Data. Without limiting the foregoing, Customer will maintain appropriate technical and organizational measures, including information security policies and safeguards, to ensure the security, integrity, and confidentiality of Alerts Data and to protect against unauthorized or unlawful disclosure, use, or access to Alerts Data. Customer represents and warrants that Customer will comply with all applicable Privacy and Data Security Requirements. Customer will immediately notify Supplier after becoming aware of any actual or potential unauthorized access to, acquisition, disclosure, loss, use of, or corruption, compromise, or destruction of any Alerts Data maintained or processed by Customer (“Security Breach”). Customer will assist and cooperate with Supplier with respect to any investigation, disclosures to affected parties, and other remedial measures as requested by Supplier or required under any applicable Privacy and Data Security Requirements. If a Security Breach arises out of or relates to Customer’s failure to comply with any of its representations, warranties, or covenants in this Agreement, Customer will promptly reimburse Supplier for its costs and expenses and any costs and expenses of any Supplier Indemnified Parties (as defined in Section 10.1), including any claims, internal administrative costs, third-party fees and expenses (including attorneys and consultants), and any other costs, damages, and losses incurred by any Supplier Indemnified Parties in connection with such Security Breach. In the event of any Security Breach that requires notification to any person or entity, such notification will be provided by Supplier (or its Affiliate) or by Customer, as determined by Supplier, with Supplier having the right to review and approve any notification to any person or entity before any such notification is provided by Customer. Supplier will have sole control over the timing and method of providing such notification, and no notification of any Security Breach by Customer will mention Supplier or any of its Affiliates without Supplier’s prior written consent. Customer will use best efforts to promptly remedy any Security Breach and deliver to Supplier within sixty (60) days of such breach or unauthorized access or acquisition a root cause assessment and future incident mitigation plan with regard to any Security Breach.

8. INTELLECTUAL PROPERTY

8.1 Supplier and/ or its Affiliates is, and will remain, the sole owner of, and retains all right, title and interest, including intellectual property, in and to all technology, software, documentation, information, processes, methodologies, methods of analysis, ideas, concepts, and know-how owned by Supplier and/ or its Affiliates prior to the Effective Date, including the Services, Deliverables, and any and all improvements, modifications, or derivative works of or to any of the foregoing, whether undertaken by Supplier and/ or its Affiliates or another party whether before or after the Effective Date (collectively, “Supplier Property“). Supplier and/ or its Affiliates reserves all rights to Supplier Property, and Customer gains no rights or license to Supplier Property other than as expressly granted in this Agreement.

8.2 Customer acknowledges that Supplier will own the rights to use or incorporate into the Services (or Supplier’s other products or services) any suggestions, enhancement requests, recommendations or other feedback provided by Customer relating to the operation or features of the Services or other Supplier Property. Customer hereby assigns to Supplier any and all proprietary interest and rights in and to any and all such results, ideas and/or suggestions without further compensation.

8.3 Customer will not, and will not permit or authorize any third parties to: (a) create derivative works based on the Services or any other Supplier Property; (b) copy, frame or mirror any part of content of the Services or any other Supplier Property; (c) decompile, disassemble or reverse engineer the Services or any other Supplier Property or otherwise attempt to discover the source code of any Service or any other Supplier Property; (d) access the Services or any other Supplier Property in order to build a competitive product or service or to copy any features, functions, or graphics of such Services or any other Supplier Property; (e) remove or alter Supplier’s copyright notices, trademarks, restricted rights legends, or any other notices from the Services, documentation or other Supplier Property; nor (f) except as expressly permitted under the Agreement, copy, modify, or reproduce the Services, documentation or any other Supplier Property in any way, nor shall it permit third parties to do so.

9. DISCLAIMER

9.1 SUPPLIER MAKES NO REPRESENTATION OR WARRANTY OF ANY KIND WHETHER EXPRESS, IMPLIED (EITHER IN FACT OR BY OPERATION OF LAW), OR STATUTORY, AS TO ANY MATTER WHATSOEVER. SUPPLIER EXPRESSLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, QUALITY, ACCURACY, AND TITLE. SUPPLIER DOES NOT WARRANT AGAINST INTERFERENCE WITH THE ENJOYMENT OF THE SERVICE OR AGAINST INFRINGEMENT. SUPPLIER DOES NOT WARRANT THAT THE SERVICE IS ERROR-FREE OR THAT THE OPERATION OF THE SERVICE WILL BE SECURE OR UNINTERRUPTED. SUPPLIER DOES NOT GUARANTEE OR WARRANT THAT ANY PARTICULAR RESULT OR SAVINGS WILL BE ACHIEVED BY CUSTOMER THROUGH THE USE OF THE SERVICE. SUPPLIER EXERCISES NO CONTROL OVER AND EXPRESSLY DISCLAIMS ANY LIABILITY ARISING OUT OF OR BASED ON AN END USERS’ USE OF THE SERVICES. CUSTOMER DOES NOT HAVE THE RIGHT TO MAKE OR PASS ON ANY REPRESENTATION OR WARRANTY ON BEHALF OF SUPPLIER TO ANY THIRD PARTY.

9.2 TO THE EXTENT THAT ANY SERVICE DEPENDS ON THE INTERNET, INCLUDING NETWORKS, CABLING, EQUIPMENT AND FACILITIES THAT ARE NOT IN SUPPLIER’S CONTROL (THE “NETWORK FACILITIES”), THEN  ACCORDINGLY (I) ANY REPRESENTATION MADE BY SUPPLIER  REGARDING ACCESS PERFORMANCE, SPEEDS, RELIABILITY, AVAILABILITY, USE OR CONSISTENCY OF THE OFFERED SERVICE ARE ON A COMMERCIALLY REASONABLE EFFORTS BASIS TO THE EXTENT AFFECTED BY THE INTERNET OR SUCH NON-SUPPLIER FACILITIES, FACILITIES NOT PROVIDED BY OR ON BEHALF OF SUPPLIER (THE “NON-SUPPLIER FACILITIES”), AND (II) DATA, MESSAGES, INFORMATION OR MATERIALS SENT OVER THE INTERNET MAY NOT BE COMPLETELY PRIVATE, AND CUSTOMER’S (OR THEIR AUTHORIZED USERS’) ANONYMITY IS NOT GUARANTEED TO THE EXTENT AFFECTED BY THE NETWORK FACILITIES OR SUCH NON-SUPPLIER FACILITIES.

9.3 To the maximum extent permitted by applicable law, Supplier’s sole and exclusive obligation and Customer’s sole and exclusive remedy for any failure of any Service, including a Service’s failure to meet any warranty applicable to it under the Agreement, is limited to the correction, adjustment or replacement of the failed Service which examination indicates, to Supplier’s satisfaction, to be defective or, at Supplier’s sole option, termination of subscription and access rights to the failed Service.
 

10. INDEMNIFICATION; LIMITATION OF LIABILITY

10.1 Indemnification. Without limiting Supplier's available remedies, Customer agrees to defend, indemnify, and hold harmless Supplier and its Affiliates, employees, directors, agents, and representatives (“Supplier Indemnified Parties”), from and against any and all claims, demands, judgments, liability, damages, losses, costs and expenses, including reasonable attorneys' fees, arising out of or in connection with (a) facts, or alleged facts which, if proven, would constitute a breach by Customer of any obligations of this Agreement, (b) Customer's misuse, unauthorized use, unlawful use, or unauthorized disclosure of the Alerts Data, (c) the violation, infringement, or misappropriation of any third-party intellectual property right by Customer, (d) the misuse or misappropriation of Supplier's or its Affiliate’s or their supplier's trademarks, service marks, trade names, and trade dress, or (e) the negligence or willful misconduct of Customer or any of its personnel.  Supplier will give Customer prompt written notice of any claim of which it has knowledge, and will provide Customer with the assistance, information and authority necessary to perform Customer's obligations under this Section, provided however, that any failure to provide such notice or assistance will not limit Customer's indemnification obligations hereunder except to the extent that Customer is materially prejudiced by such failure. SUPPLIER MAY, IN ITS OWN DISCRETION, PARTICIPATE IN THE DEFENSE OF ANY CLAIM INCLUDING USING COUNSEL OF ITS OWN CHOOSING. SUCH PARTICIPATION WILL NOT RELIEVE CUSTOMER OF ANY OF ITS OBLIGATIONS UNDER THIS SECTION OR THIS AGREEMENT. CUSTOMER WILL NOT, WITHOUT THE PRIOR WRITTEN CONSENT OF SUPPLIER, NOT TO BE UNREASONABLY WITHHELD, SETTLE ANY CLAIM.

10.2 Limitation of Liability. NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED IN THIS AGREEMENT, IN NO EVENT WILL: (A) SUPPLIER, ITS AFFILIATES, OR ITS SUPPLIERS BE LIABLE FOR INDIRECT, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR SPECIAL DAMAGES IN CONNECTION WITH OR ARISING OUT OF THE USE OF THE SERVICE OR ANY OTHER SUPPLIER PROVIDED SERVICE, WHETHER OR NOT THE POSSIBILITY OF SUCH DAMAGES HAS BEEN DISCLOSED TO THE CUSTOMER IN ADVANCE OR COULD HAVE BEEN REASONABLY FORESEEN; OR (B) SUPPLIER'S AND ITS AFFILIATE’S AGGREGATE LIABILITY WITH RESPECT TO ANY CLAIM, LOSS OR LIABILITY IN CONNECTION WITH OR ARISING OUT OF THIS AGREEMENT EXCEED THE GREATER OF (I) THE AMOUNTS WHICH SUPPLIER RECEIVED HEREUNDER DURING THE TWELVE-MONTH PERIOD PRIOR TO THE DATE UPON WHICH SUCH CLAIM, LOSS OR LIABILITY ACCRUED; AND (II) TWENTY-FIVE THOUSAND U.S. DOLLARS (US$25,000).

11. AUDIT RIGHTS

Customer will allow Supplier or its designated agent access during normal business hours for as long as Customer utilizes Supplier services and for three (3) years thereafter to perform audits of Customer's facilities, operations and applicable business records to ensure Customer's compliance with this Agreement.  Customer will, at Supplier's reasonable request, also provide Supplier during normal business hours with books, records, and supporting documentation adequate to evaluate Customer's performance with this Agreement.  Similarly, Supplier may monitor Customer's use of Alerts Data.  Supplier reserves the right, in its sole discretion, to immediately suspend Customer’s use of the Services in the event of any suspected or actual violation of the terms of this Agreement. Without limiting Supplier's available remedies, in the event an audit reveals that Customer is not in compliance with the terms and conditions of this Agreement, Customer will be responsible for the costs of the audit.

12. REMEDIES AND ENFORCEMENT

Customer acknowledges that any breach of the licenses provided to Customer may give rise to continuing irreparable injury to Supplier inadequately compensable in damages at law and, without prejudice to any other remedy available to Supplier, Supplier may seek injunctive relief without the requirement of posting any bond.

13. PRIVACY AND DATA PROTECTION LAWS

Each Party will comply with all applicable privacy and data protection laws, regulations, and industry standards, including but not limited to the General Data Protection Regulation 2016/679, Payment Card Industry Data Security Standard, and all applicable privacy laws (collectively, “Privacy and Data Security Requirements”). The Data Protection Agreement (“DPA”) contained at https://www.ethoca.com/data-protection-agreement will apply to all Processing of Personal Data subject to Data Protection Law (as these terms are defined in the DPA) in the context of this Agreement. The DPA will prevail over any contradictory term otherwise contained in this Agreement solely with respect to the Processing of Personal Data subject to Data Protection Law.

14. DATA REPRESENTATIONS. 

Customer represents, warrants, and covenants to Supplier that:

14.1 It has provided all necessary notices to individuals, complied with and will comply with any requests from individuals to exercise their rights to Customer Data, and obtained and will maintain all necessary rights, consents, and authorizations with regard to the processing and provision of Customer Data to Supplier and its Affiliates by Customer in connection with the Services and in accordance with the terms of the Agreement, including the DPA.

14.2 Customer will provide Supplier with the Customer Data in a timely and comprehensive manner, and that the Customer Data will at all times be accurate and complete.

14.3 Customer will not modify Alerts Data which is supplied by Supplier to the Customer in a manner that adversely affects the integrity of the Alerts Data.

14.4 Customer will only use the Alerts Data which is supplied by Supplier to the Customer in connection with the Services and in accordance with the terms of the Agreement.

14.5 The delivery of the Services using the Customer Data will not cause Supplier to violate any laws or infringe any third party intellectual property.

14.6  The provisions of this Agreement do not conflict with those of any agreement with, or representation to, any third party, including without limitation, agreements with Cardholders.

15. COMPLIANCE

15.1  Anti-money Laundering.  At all times, the Parties shall comply with all applicable laws relating to anti-money laundering (including, in the U.S., the Bank Secrecy Act, Title III of the USA PATRIOT Act, and the implementing regulations promulgated by the Financial Crimes Enforcement Network) and any related or similar applicable laws, issued, administered, or enforced by any government authority.  

15.2 Anti-bribery and Corruption. It is the intent of the Parties that no payments or transfers of value or other advantage shall be made or undertaken or attempted which have the purpose or effect of public or commercial bribery, acceptance of or acquiescence in extortion, kickbacks or other unlawful or improper means of obtaining business for any person. Each Party shall comply with international laws related to anti-bribery and corruption, including the United States Foreign Corrupt Practices Act, the UK Bribery Act, as applicable, and all other applicable anti-bribery and Anti-Corruption laws. Each Party will, and will ensure that its employees, directors, temporary workers and personnel, subcontractors (if so approved or permitted), agents, third parties acting on its behalf and representatives, complies with all applicable anti-bribery and corruption laws, including when interacting with Government Body Officials and any implementing regulations. Each Party warrants, represents and covenants to the other Party that such Party (and each of its employees, directors, temporary workers and personnel, subcontractors (if so approved or permitted), agents, third parties acting on its behalf and representatives) has not and will not make, promise or offer to make any payment or transfer of anything of value or any other advantage directly or indirectly through a representative, intermediary agent or otherwise: (1) to any Government Body Official; (2) to any political party; or (3) to any other person for the purpose of improperly influencing any act, omission to act or decision or such official, political party or individual, or securing an improper advantage. Each Party also warrants, represents and covenants to the other Party that such Party (and each of its employees, directors, temporary workers and personnel, subcontractors (if so approved or permitted), agents, third parties acting on its behalf and representatives) and its suppliers, and each of their employees, directors, temporary workers and personnel, subcontractors (if so approved or permitted), agents, third parties acting on its behalf and representatives has not and will not accept anything of value from any third party seeking to improperly influence any act or decision of Customer or in order to secure an improper advantage to that third party. The term “Government Body Official” shall mean any employee or officer of a government of a country, state or region, including any federal, regional, state, or local government or department, agency, enterprise owned, in whole or in part, or controlled by such government, any official of a political party, any official or employee of a public international organization, any person acting in an official capacity for, or on behalf of such entities, and any candidate for political office.  Failure by either Party to comply with the terms of this Section will constitute a material breach of this Agreement.

15.3 OFAC. The Parties shall comply with all trade and economic sanctions programs relevant to where they do business, including trade and economic sanctions maintained by the Office of Foreign Assets Control and similar laws of the countries where the Parties are located. The Parties shall not engage in any conduct that would cause the other Party to violate applicable sanctions programs. The Parties shall notify the other party immediately if it becomes aware that it, its subcontractors, or related parties engage in activity prohibited by applicable sanctions. To the extent applicable, the Parties shall comply and shall ensure that each of its subcontractors and personnel complies, with all applicable laws (e.g., anti-bribery, corruption, export controls, sanctions) in connection with this Agreement. Each Party agrees to comply with all applicable laws and regulations in connection with this Agreement.

15.4 Compliance Review.  Customer understands that (i) in order to become a customer of Supplier, it must satisfy Supplier’s initial compliance review requirements, which requirements and determination of satisfaction will be determined by Supplier, in its sole discretion; and (ii) Supplier will conduct compliance reviews of Customer, from time to time, in each case to determine, in its sole discretion, whether Customer continues to satisfy the compliance requirements established by Supplier for its customers.  Customer agrees to provide any documentation and information reasonably requested by Supplier in connection with a compliance review.  Supplier may terminate the Agreement by written notice to Customer, effective immediately, should it determine, in its sole discretion, that Customer fails to satisfy the compliance requirements established by Supplier for its customers.
 

16. PUBLICITY. 

Unless otherwise agreed to in writing by Supplier, Customer must not, nor permit anyone else to, issue a press release or make any other public disclosure relating to its Agreement with Supplier (including its existence and its terms).

17. MISCELLANEOUS

17.1 Capacity. Customer represents and warrants that (i) it has the full right and capacity to enter into this Agreement; and (ii) it will act in accordance with all applicable laws and regulations in its performance of any obligations or the exercise of any rights under this Agreement.

17.2 Complete Agreement. This Agreement, including the DPA, contains the entire agreement between the Parties hereto with respect to the matters covered herein. This Agreement may be amended or revoked only by an instrument in writing signed by both Parties.

17.3 Severability. If any term or provision of this Agreement is found by a court of competent jurisdiction to be illegal or otherwise unenforceable, the same will not invalidate the whole of this Agreement, but such term or provision will be deemed modified to the extent necessary in the court‘s opinion to render such term or provision enforceable, and the rights and obligations of the Parties will be construed and enforced accordingly, preserving to the fullest permissible extent the intent and agreements of the Parties herein set forth.

17.4 Waiver. No waiver by either Party of the breach of any covenant, condition or term of this Agreement will be construed as a waiver of any preceding or succeeding breach, nor will the acceptance of any fee or other payment during any period in which either Party is in default be deemed to be a waiver of such default. All waivers must be in writing and signed by the waiving Party. 

17.5 Notices. Any notice in connection with the subject matter of this Agreement will be in writing and will be effective when delivered personally, sent by reputable overnight courier service (such as Federal Express), or sent by regular mail, if to Customer, at the address set forth in the Supplier Order Form, and if to Supplier at the address set forth in the Supplier Order Form with a copy to ethoca.legal@mastercard.com. Either Party may designate a different address by notice to the other given in accordance with the notice procedure set out herein.

17.6 Assignment. Customer may not assign or otherwise transfer its rights, duties, or obligations under this Agreement without prior written consent of Supplier. Supplier may assign this agreement to any Affiliate with written notice to Customer and such assignment will be effective upon that notice. This Agreement will bind and inure to the benefit of each Party and their successors and permitted assigns. Any attempted assignment of this Agreement in violation of this Section is void.

17.7 Relationship of the Parties. The relationship of the Parties established by this Agreement is that of independent contractors, and nothing contained in this Agreement should be construed to give either Party the power to act as an agent or direct or control the day-to-day activities of the other. Financial and other obligations associated with each Party’s business are the sole responsibility of that Party.

17.8 No Conflict. The provisions of this Agreement do not conflict with those of any agreement with, or representation to, any customer or other third party.

17.9 Force Majeure. The performance by Supplier of Services hereunder will at all times be subject to delay and/or extension on account of circumstances beyond the control of Supplier, including without limitation acts of God, epidemic, pandemic, fire, flood, hurricane or other natural catastrophe, terrorist actions, laws, or actions by any civil or military authority, national emergency, insurrection, riot, strike, war, the unavailability of technical items and/or required materials assigned to the performance of Service.

17.10 Governing Law and Jurisdiction.  This Agreement shall be governed solely by the governing law listed in the chart below for the Supplier’s Affiliate that is a party to the Agreement as set forth in the applicable Supplier Order Form (the “Supplier Contracting Party”) without regard to such jurisdiction’s principles of conflicts of law.  The application of the United Nations Convention of Contracts for the International Sale of Goods or other international laws is expressly excluded. Each party consents to the personal and exclusive jurisdiction of the courts located in the jurisdiction listed in the chart below for the Mastercard Contracting Party, in connection with all proceedings related to this Agreement.