Difference between revisions of "PayPal Commercial Entity Agreement"

Notes

This is the text entitled "Commercial Entity Agreement" when you sign up for Virtual Terminal service at PayPal. The 2006-11-23 text was retrieved during the initial sign-up process; the 2006-11-29 text is apparently an amendment, and was retrieved during the log-in process, as were subsequent texts.

The only strange part is in the 11/29 text where it says that the governing laws shall be those of England and Wales.

2010-09-10 The latest text is available here.

The 2007-11-09 text seems to be for regular PayPal use, i.e. not through Virtual Terminal, although the title of the document is the same: "H. Access to Cardholder Data." states that the merchant "does not have access to Cardholder Data", when obviously a merchant using the Virtual Terminal must have this information.

2008-01-27 text

COMMERCIAL ENTITY USER AGREEMENT FOR PAYPAL PAYMENT CARD FUNDED PROCESSING SERVICES

(Version date: 27 January 2008)

This Commercial Entity User Agreement for PayPal Payment Card Funded Processing Services (“Commercial Entity Agreement” or “CEA”) is provided to all PayPal Users that are Commercial Entities (as defined by Visa Europe, Visa Inc, Visa International, MasterCard Worldwide, UK Maestro, Solo and/or International Maestro (together the "Associations")) and open a Premier or Business Account (such use of such accounts collectively termed the “Premier/Business Service”). Each such PayPal User is hereby referred to as “Merchant” and may be referred to herein as “you” and/or “your”. This CEA constitutes your separate legally binding contract for credit and debit card processing for PayPal transactions between you and National Westminster Bank PLC and its Affiliate(s) (collectively, the “Bank”). For the purpose of this CEA, “Affiliate(s)” shall mean the financial institution(s) domiciled in the same Association region as you are domiciled in for Association purposes and which Bank has formed a relationship with in accordance with Association requirements to allow the processing of card transactions [the identity of which you can obtain on contacting PayPal]. In accordance with the provisions of this CEA, the Bank may terminate its provision of credit and debit card processing services and enforce any of the provisions of Merchant’s PayPal Payment Processing Agreement (also known as the PayPal User Agreement) (“PPA”), agreed by and between Merchant and PayPal. In this CEA “we”, “us” and “our” refer to Bank.

Merchant agrees to the terms and conditions of this CEA. Merchant further agrees that this CEA forms a legally binding contract between Merchant and Bank. This Commercial Entity Agreement may be amended at any time by us via PayPal posting a revised version of the CEA on the PayPal website(s). The revised version will be effective at the time PayPal posts it. If we propose to change this CEA in a substantial manner, we will provide you with at least 30 days' prior notice of such a change by posting notice on the "Policy Updates" page of PayPal's web site(s). After this 30 days' notice, you will be considered as having expressly consented to all amendments to the CEA. If you disagree with those proposed amendments, you may close your account before the expiry of such 30 day period in accordance with the terms of the PPA and this CEA will terminate on the closure of your account. For the purpose of the CEA a change to this CEA will be considered to be made in a “substantial manner” if the change involves a reduction to your rights or increases your responsibilities.

1. Purpose of this CEA.

When your customers pay you through PayPal, they have the option of paying you through a funding source offered on the PayPal website including a card funded payment. In most instances, you will not know the funding source that your customer selected. Since you may be the recipient of a card funded payment, the Associations require that you enter into a direct contractual relationship with a bank who is a member of the Associations. By entering into this CEA, you are fulfilling such Association requirement and you are agreeing to comply with Association rules as they pertain to payments you receive through the PayPal service.

2. Association Rules.

A. Deposit Transactions. Merchant agrees that it shall only accept payments through PayPal Processing Services for bona fide transactions between the Merchant and its customer for the sale of goods or services. Merchant shall not submit a transaction for the refinance or transfer of an existing obligation that was uncollectible. Merchant acknowledges that for Visa and MasterCard payments, PayPal shall obtain an authorization for transaction amounts prior to completing the transaction.

B. Split Transactions. Merchant agrees to submit a single transaction for the full amount of each sale. Except, however in an instance where the Merchant and cardholder agree on a partial shipment of product, or where the transaction qualifies for delayed delivery or special order deposits (such as partial shipments based on inventory on hand), a sale may be split into multiple transactions.

C. Minimum or Maximum/Surcharges. Merchant agrees that it shall not set minimum or maximum transaction amounts or impose surcharges as a condition of honoring Visa and MasterCard cards.

D. Visa and MasterCard Marks. Merchant is authorized to use the Visa and MasterCard logos or marks only on Merchant’s promotional materials and website to indicate that Visa and MasterCard cards are accepted as funding sources for PayPal transactions.

E. Credit Vouchers. Credit vouchers may only be submitted for the purpose of refunding a prior transaction from the same card.

F. Cash Disbursements. Merchant agrees that if it sells travelers cheques or foreign currency that disbursements shall be limited to the value of cheques, Visa TravelMoney, or currency sold in a single transaction, plus any applicable commissions.

G. Discrimination. Merchant agrees that it shall not engage in any acceptance practice that discriminates against or discourages the use of Visa or MasterCard in favor of any other card brand.

H. Access to Cardholder Data. Merchant acknowledges that it does not have access to Cardholder Data (defined as the cardholder’s account number, expiration date, and CVV2) and will not request access to Cardholder Data from either PayPal or the cardholder. In the event that Merchant receives Cardholder Data in connection with the PayPal Processing Services provided under this Agreement, Merchant agrees that it will not use the Cardholder Data for any purpose that it knows or should know to be fraudulent or in violation of any Association Rules. Merchant also agrees that it will not sell, purchase, provide or exchange in any manner or disclose Cardholder Data to anyone other than its acquirer, Visa or MasterCard (as applicable) or in response to a government request. In the event that Merchant receives Cardholder Data, it will promptly notify Bank and PayPal of such.

I. Merchant Identifi cation. Merchant agrees to prominently and unequivocally inform the cardholder of the identity of the Merchant at all points of interaction.

J. Chargebacks. Merchant shall use all reasonable methods to resolve disputes with the cardholder. Should a chargeback dispute occur, Merchant shall promptly comply with all requests for information from PayPal. Merchant shall not attempt to recharge a cardholder for an item that has been charged back to the cardholder, unless the cardholder has authorized such actions.

3. Merchant's Refund Policy Must Be on Merchant's Website.

If Merchant limits refund/exchange terms or other specific conditions for Card sales, Merchant’s policy must be clearly provided to the cardholder prior to the sale and Merchant must conform with all applicable laws and the Association Rules.

4. Term and Termination.

This CEA is effective upon the date Merchant agrees to the CEA and continues so long as the PPA remains in force between Merchant and PayPal but shall automatically terminate without notice on termination of such PPA for any reason, provided that those terms which by their nature are intended to survive termination (including without limitation, indemnification obligations and limitations of liability) shall survive. This CEA may be terminated by Bank at any time based on a breach of any of Merchant’s obligations under this CEA or the PPA, or by Merchant based on a breach of any of Bank’s obligations under this CEA, or by the Bank based on the termination of the acquiring services agreement entered into between PayPal (or its applicable group company) and Bank as notified to the Merchant.

5. Indemnification.

Merchant agrees to indemnify and hold Bank harmless from and against all losses, liabilities, damages and expense: (a) resulting from any breach of any warranty, covenant or agreement or any misrepresentation by Merchant under this CEA; (b) arising out of Merchant’s or its employees’ negligence or willful misconduct, (c) arising in connection with Card transactions or otherwise arising from Merchant’s provision of goods and services to Cardholders or customers; (d) arising out of Merchant’s use of the PayPal Service; or (e) resulting from any [Fines] or arising out of any third party indemnifications Bank is obligated to make as a result of Merchant’s actions (including indemnification of any Association or Issuing Bank).

6. Assignment/Amendments.

This CEA may not be assigned by Merchant without the prior written consent of Bank. Bank may assign its rights under this CEA without Merchant’s consent.

7. Warranty Disclaimer.

This CEA is a service agreement. Bank disclaims all representations or warranties, express or implied, made to Merchant or any other person, including without limitation, any warranties regarding quality, suitability, merchantability, fitness for a particular purpose or otherwise of any services or any goods provided incidental to the services provided under this CEA to the extent permitted by law.

8. Limitation of Liability.

Notwithstanding anything in this CEA to the contrary, in no event shall Bank, or its Affiliate(s) or any of its directors, officers, employees, agents or subcontractors, be liable under any theory of tort, contract, strict liability or other legal theory for lost profits, lost revenues, lost business opportunities, exemplary, punitive, special, incidental, indirect or consequential damages, each of which is hereby excluded by agreement of the parties, regardless of whether such damages were foreseeable or whether Bank has been advised of the possibility of such damages. Notwithstanding anything in this CEA to the contrary, in no event shall Bank be liable or responsible for any delays or errors in its performance of the services caused by our service providers or other parties or events outside of Bank's reasonable control, including PayPal. Notwithstanding anything in this CEA to the contrary, Bank's cumulative liability for all losses, claims, suits, controversies, breaches or damages for any cause whatsoever arising out of or related to this CEA and regardless of the form of action or legal theory and whether or not arising in contract or tort (including negligence shall not exceed the total volume of all transactions, expressed as a U.S. dollar amount processed by the Merchant under this CEA via PayPal. Nothing in this CEA shall exclude or limit any liability of any party for death or personal injury caused by negligence or fraud, deceit or fraudulent misrepresentation, howsoever caused.

9. Waiver.

The failure of a party to assert any of its rights under this CEA, including, but not limited to, the right to terminate this CEA in the event of breach or default by the other party, will not be deemed to constitute a waiver by that party of its right to enforce each and every provision of this CEA in accordance with its terms.

10.Relationship between the Parties.

No agency, partnership, joint venture or employment relationship is created between Merchant and Bank by way of this CEA. In the performance of their respective obligations hereunder, the parties are, and will be, independent contractors. Nothing in this CEA will be construed to constitute either party as the agent for the other for any purpose whatsoever. Neither party will bind, or attempt to bind, the other party to any contract or the performance of any obligation, and neither party will represent to any third party that it has any right to enter into any binding obligation on the other party's behalf.

11. No Illegal Use of Services.

Merchant will not access and/or utilize the Services for illegal purposes and will not interfere or disrupt networks connected with the Services.

12. Severability

Whenever possible, each provision of this CEA will be interpreted in such a manner as to be effective and valid under applicable law, but if any provision hereof will be prohibited by or determined to be invalid by a court of competent jurisdiction, such provision will be ineffective to the extent of such prohibition or invalidity, without invalidating the remainder of such provision or the remaining provisions of this CEA.

13. Governing Law.

This CEA (and the relationships referred to or contemplated by it) shall be governed and construed in accordance with the laws as set out as the governing laws of the PPA which the Merchant has agreed to.

JSFP/JSFP/23307/120111/16828051.1

2007-11-09 text

PayPal Credit Card Funded Processing Services

(Last modified on January 2007)

This Commercial Entity User Agreement for PayPal Credit Card Funded Processing Services ("Commercial Entity Agreement" or "CEA") is provided to all PayPal users that are Commercial Entities (as defined by Visa and MasterCard) and open a Premier or Business Account (such use of such accounts collectively termed the "Premier/Business Service"). Each such entity or person receiving this CEA is hereby referred to as "Merchant" and may be referred to herein as "you" and/or "your". This CEA constitutes your separate legally binding contract for credit and debit card processing for PayPal transactions between (1) you, as a Commercial Entity; (2) Member (which is JP Morgan Chase Bank N.A. Member takes responsibility only towards merchants that are located in the territory designated for it in the preceding sentence). Member may terminate its provision of credit and debit card processing services and enforce any of the provisions of Merchant's PayPal Payment Processing Agreement ("PPA"), signed by and between Merchant and PayPal, which sets forth requirements regarding credit and debit card payments, all of which are incorporated in this CEA by reference. In this CEA "we", "us" and "our" refer to Member.

By signing the PayPal Payment Processing Agreement, the Merchant agrees to this CEA which is included in the PPA. Merchant agrees to the terms and conditions of this CEA and any documents incorporated by reference. Merchant further agrees that this CEA forms a legally binding contract between Merchant and Member. Any rights not expressly granted herein are reserved by Member.

1. Purpose of this CEA

When your customers pay you through PayPal, they have the option of paying you through a funding source offered on the PayPal website including a credit card funded payment. In most instances, you will not know the funding source that your customer selected. Since you may be the recipient of a credit card funded payment, Visa U.S.A., Inc. and Visa International ("Visa") and MasterCard International Incorporated ("MasterCard") (collectively the "Associations") require that you enter into a direct contractual relationship with a bank that is a member of the Associations. By entering into the CEA, you are fulfi lling the Association rule of entering into a direct contractual relationship with a member bank, and you are agreeing to comply with Association rules as they pertain to payments you receive through the PayPal service.

2. Association Rules

A. Deposit Transactions.

Merchant agrees that it shall only accept payments through PayPal Processing Services for bona fide transactions. A bona fide transaction is a transaction between the Merchant and its customer for the sale of goods or services. Merchant shall not submit a transaction for the refinance or transfer of an existing obligation that was uncollectible. Merchant acknowledges that for Visa and MasterCard payments, PayPal shall obtain an authorization for transaction amounts prior to completing the transaction.

B. Split Transactions.

Merchant agrees to submit a single transaction for the full amount of each sale. Except, however in an instance where the Merchant and cardholder agree on a partial shipment of product, or where the transaction qualifies for delayed delivery or special order deposits (such as partial shipments based on inventory on hand), a sale may be split into multiple transactions.

C. Minimum or Maximum/Surcharges.

Merchant agrees that it shall not set minimum or maximum transaction amounts or impose surcharges as a condition of honoring Visa and MasterCard cards.

D. Visa and MasterCard Marks.

Merchant is authorized to use the Visa and MasterCard logos or marks only on Merchant's promotional materials and website to indicate that Visa and MasterCard cards are accepted as funding sources for PayPal transactions.

E. Credit Vouchers.

Credit vouchers may only be submitted for the purpose of refunding a prior transaction from the same card.

F. Cash Disbursements.

Merchant agrees that if it sells travelers cheques or foreign currency that Disbursements shall be limited to the value of cheques, Visa TravelMoney, or currency sold in a single transaction, plus any applicable commissions.

G. Discrimination.

Merchant agrees that it shall not engage in any acceptance practice that discriminates against or discourages the use of Visa or MasterCard in favor of any other card brand.

H. Access to Cardholder Data.

Merchant acknowledges that it does not have access to Cardholder Data (defined as the cardholder's account number, expiration date, and CVV2) and will not request access to Cardholder Data from either PayPal or the cardholder. In the event that Merchant receives Cardholder Data in connection with the PayPal Processing Services provided under this Agreement, Merchant agrees that it will not use the Cardholder Data for any purpose that it knows or should know to be fraudulent or in violation of any Association Rules. Merchant also agrees that it will not sell, purchase, provide or exchange in any manner or disclose Cardholder Data to anyone other than its acquirer, Visa or MasterCard (as applicable) or in response to a government request. In the event that Merchant receives Cardholder Data, it will promptly notify Member and PayPal of such.

I. Merchant Identification.

Merchant agrees to prominently and unequivocally inform the cardholder of the identity of the Merchant at all points of interaction.

J. Chargebacks.

Merchant shall use all reasonable methods to resolve disputes with the cardholder. Should a chargeback dispute occur, Merchant shall promptly comply with all requests for information from PayPal. Merchant shall not attempt to recharge a cardholder for an item that has been charged back to the cardholder, unless the cardholder has authorized such actions.

3. Merchant's Refund Policy Must Be on Merchant's Website.

If Merchant limits refund/exchange terms or other specifi c conditions for Card sales, Merchant's policy must be clearly provided to the cardholder prior to the sale and as part of the sale confi rmation process. Proper disclosure would include wording that is prominently displayed and states "NO REFUND, EXCHANGE ONLY" or something substantially similar and includes any special terms.

NOTE: Qualifying your refund or exchange terms does not completely eliminate your liability for a refund because consumer protection laws and Association Rules frequently allow the Cardholder to still dispute these items.

4. Term and Termination.

This CEA is effective upon the date Merchant signed the PPA and continues so long as Merchant uses the PayPal Service or until terminated by Merchant or Member provided that those terms which by their nature are intended to survive termination (including without limitation, indemnification obligations and limitations of liability) shall survive. This CEA may be terminated by Member at any time based on a breach of any of Merchant's obligations under this Agreement or the PPA, or a breach of any of Member's obligations under this Agreement, or based on the termination of the payment processing relationship between PayPal and Member. This CEA will terminate automatically upon any termination or expiration of Merchant's PPA.

5. Indemnification.

Merchant agrees to indemnify and hold Member harmless from and against all losses, liabilities, damages and expense: (a) resulting from any breach of any warranty, covenant or agreement or any misrepresentation by Merchant under this Agreement; (b) arising out of Merchant's or its employees' negligence or willful misconduct, in connection with Card transactions or otherwise arising from Merchant's provision of goods and services to Cardholders; (c) arising out of your Merchant's use of the PayPal Service; or (d) arising out of any third party indemnifi cations Member is obligated to make as a result of Merchant's actions (including indemnifi cation of any Association or Issuing Bank).

Member agrees to indemnify and hold Merchant harmless from and against all losses, liabilities, damages and expenses: (a) resulting from any breach of any warranty, covenant, or agreement or any misrepresentation by each of us under this Agreement; or (b) arising from our or our employee's gross negligence or willful misconduct in connection with this Agreement.

6. Arbitration.

Any dispute with respect to this CEA between Merchant and Member, including a dispute as to the validity or existence of this CEA and/or this clause, shall be resolved by binding arbitration in accordance with the rules of the American Arbitration Association.

7. Assignment/Amendments.

This CEA may not be assigned by Merchant without the prior written consent of Member. Member may assign their rights under this CEA without Merchant's consent. This CEA may be amended by the parties only upon mutual written agreement. Notwithstanding the above, Member may amend this CEA upon written notice to Merchant.

8. Warranty Disclaimer.

This CEA is a service agreement. We disclaim all representations or warranties, express or implied, made to Merchant or any other person, including without limitation, any warranties regarding quality, suitability, merchantability, fi tness for a particular purpose or otherwise of any services or any goods provided incidental to the services provided under this CEA to the extent permitted by law.

9. Limitation of Liability.

Notwithstanding anything in this CEA to the contrary, in no event shall the parties hereunder, or their affiliates or any of their respective directors, officers, employees, agents or subcontractors, be liable under any theory of tort, contract, strict liability or other legal theory for lost profi ts, lost revenues, lost business opportunities, exemplary, punitive, special, incidental, indirect or consequential damages, each of which is hereby excluded by agreement of the parties, regardless of whether such damages were foreseeable or whether any party or any entity has been advised of the possibility of such damages. Notwithstanding anything in this CEA to the contrary, in no event shall we be liable or responsible for any delays or errors in our performance of the services caused by our service providers or other parties or events outside of our reasonable control, including PayPal. Notwithstanding anything in this CEA to the contrary, the parties’ cumulative liability for all losses, claims, suits, controversies, breaches or damages for any cause whatsoever (including, but not limited to, those arising out of or related to this CEA) and regardless of the form of action or legal theory and whether or not arising in contract or tort (excluding negligence and willful misconduct) shall not exceed the total volume of all transactions, expressed as a U.S. dollar amount, processed under this CEA. Nothing in this CEA shall exclude or limit any liability of any party for death or personal injury caused by negligence or fraud, deceit or fraudulent misrepresentation, howsoever caused.

10. Governing Law.

Governing law with respect to this CEA shall be determined in accordance with the laws of the State of New York.

11. Waiver.

The failure of a party to assert any of its rights under this CEA, including, but not limited to, the right to terminate this CEA in the event of breach or default by the other party, will not be deemed to constitute a waiver by that party of its right to enforce each and every provision of this CEA in accordance with its terms.

12. Relationship Between the Parties.

No agency, partnership, joint venture or employment relationship is created between Merchant by way of this CEA. In the performance of their respective obligations hereunder, the parties are, and will be, independent contractors. Nothing in this CEA will be construed to constitute either party as the agent for the other for any purpose whatsoever. Neither party will bind, or attempt to bind, the other party to any contract or the performance of any obligation, and neither party will represent to any third party that it has any right to enter into any binding obligation on the other party’s behalf.

13. No Illegal Use of Services.

Merchant will not access and/or utilize the Services for illegal purposes and will not interfere or disrupt networks connected with the Services.

14. Severability.

Whenever possible, each provision of this CEA will be interpreted in such a manner as to be effective and valid under applicable law, but if any provision hereof will be prohibited by or determined to be invalid by a court of competent jurisdiction, such provision will be ineffective to the extent of such prohibition or invalidity, without invalidating the remainder of such provision or the remaining provisions of this CEA.

2006-11-29 Text

Preface

This explanation was not part of the actual agreement.

Important Account Information: You must agree to the new terms below by Feb. 1, 2007. Effective Feb. 1, 2007, your PayPal account will no longer be able to accept MasterCard funded credit card payments unless you agree to the terms below.

PayPal has added a new partner merchant bank, HSBC Bank plc. In order to comply with MasterCard and Visa requirements for adding a new merchant bank, we ask that you accept the updated Commercial Entity User Agreement For Credit Card Processing Services ("Commercial Entity Agreement”). This is for PayPal members who receive a large number of credit card payments. This supplementary agreement replaces your existing Card Processing Agreement, but does not replace PayPal’s existing User Agreement and will NOT change the way your PayPal account works. Your account’s fees and status will remain the same, as will your eligibility for protection under PayPal’s Seller Protection Policy.

The Commercial Entity Agreement is included below. Please read it for further details.

COMMERCIAL ENTITY USER AGREEMENT FOR CREDIT CARD PROCESSING SERVICES

This Commercial Entity User Agreement for Credit Card Processing Services ("Commercial Entity Agreement" or "CEA") is provided to all PayPal Users that meet the definition of "Commercial Entities" or the equivalent under Association Rules (defined below) and that open and use a Premier or Business Account (such use of such accounts collectively termed the "Premier/Business Service"). (Each such entity or person receiving this document is hereby referred to as "Merchant"). This CEA constitutes Merchant's separate legally binding contract for credit card processing between (1) Merchant, as a Commercial Entity; and (2) Member (which is HSBC Bank plc or any member of the group of companies of which HSBC Holdings plc is the holding company or any relevant third party with which any such HSBC company shares a Bank Identification Number (BIN) in the Merchant’s country of residence) for MasterCard and Visa transactions acquired for Merchants. Member may terminate its provision of credit card processing services and enforce or rely on any term or provision of the Merchant’s PayPal User Agreement ("PUA"), all of which Member considers relevant are incorporated in this CEA by reference. In this CEA "we", "us" and "our" refer to Member. Any reference to the PUA shall mean the PayPal User Agreement made between Merchant and PayPal.

By accepting the Commercial Entity Agreement, Merchant agrees to the terms and conditions of this CEA and any documents incorporated by reference. Merchant further agrees that this CEA forms a legally binding contract between Merchant and Member. Any rights not expressly granted herein are reserved by Member. Descriptions of material amendments to this CEA will be provided as applicable. Any capitalised terms used in this CEA and not otherwise defined shall have the meanings set forth in the PUA.

This agreement was last modified on September 15, 2005.

1. Association Rules.

1.1. Deposit Transactions. Merchant agrees that it shall only submit card transactions that directly results from bona fide cardholder transactions with that Merchant. Merchant agrees that it will not submit a transaction until Merchant: (i) obtains an authorisation, (ii) completes the transaction, and either: (iii) ships or provides goods, (iv) performs the purchased service, or (v) obtains the cardholder’s consent for a recurring transaction.

1.2. Anti Money Laundering. Merchant agrees that it shall not submit a transaction that does not result from a purchase of goods or services between the cardholder and Merchant.

1.3. Split Transactions. Split sales transactions are not allowed. Specifically, Merchant agrees that it will not use two or more sales transaction receipts for a single transaction to avoid or circumvent authorisation limits, or monitoring programs.

1.4. Minimum or Maximum. Merchant agrees that it shall not set minimum or maximum transaction amounts as a condition of honouring Visa and MasterCard cards.

1.5. Surcharges. Merchant agrees that it will not impose surcharges on debit card transactions.

1.6. Visa and MasterCard Marks. Merchant is authorised to use the Visa and MasterCard logos or marks only on Merchant’s promotional materials and website to indicate that Visa and MasterCard cards are accepted as payment for the business goods and services. Merchant agrees that it shall not use the logos and marks either directly or indirectly, to imply that Visa or MasterCard endorses Merchant’s goods or services; nor may Merchant refer to Visa or MasterCard when stating eligibility requirements for purchasing its products, services, or memberships.

1.7. Credit Vouchers. Credit vouchers may not be submitted for non-credit transactions. Merchant agrees that it shall not: (i) accept a payment from a card holder for the purpose of depositing funds to the cardholder’s account, or (ii) process a credit transaction without having completed a previous debit transaction with the same cardholder.

1.8. Cash Disbursements. Merchant agrees that if it sells travellers cheques or foreign currency that Disbursements shall be limited to the value of cheques, Visa TravelMoney, or currency sold in a single transaction, plus any applicable commissions. Merchant agrees that under no circumstances shall a Visa or MasterCard transaction represent collection of a dishonoured cheque.

1.9. Authorisation Requirements. Merchant agrees to obtain an authorisation for all transaction amounts.

1.10. Discrimination. Merchant agrees that it shall not engage in any acceptance practice that discriminates against or discourages the use of Visa or MasterCard in favour of any other acceptance brand.

1.11. Present Transactions within 30 Business Days. Merchant agrees that a debit transaction shall not be presented until after the goods are shipped, or services provided, unless, at the time of the transaction, the cardholder agrees to a properly disclosed delayed delivery of the goods or services. Merchant agrees that when it receives authorisation for delayed presentment, the words “Delayed Presentment” or something substantially similar must be disclosed to the cardholder.

1.12. Fraudulent or Unauthorised Use of Account Information Prohibited. Merchant agrees that it shall not request or use Visa or MasterCard account number information for any purpose that it knows or should have known to be fraudulent or in violation of Visa and MasterCard standards, Association Rules, the PUA, or this CEA, or for any purpose that the cardholder did not authorise.

1.13. Merchant Identification. Merchant agrees to prominently and unequivocally inform the cardholder of the identity of the Merchant at all points of interaction so that the cardholder readily can identify the transaction.

2. Card Associations.

Visa U.S.A., Inc. and Visa International (“Visa”) and MasterCard International Incorporated (“MasterCard”) (the “Associations”) have developed rules and regulations (the “Association Rules”) that govern their member banks and merchants in the procedures, responsibilities and allocation of risk for payments made through the Associations. By accepting this CEA, Merchant is agreeing to comply with all such Association Rules.

3. Merchant's Refund Policy

3. Merchant’s Refund Policy must be on Merchant’s Website. If Merchant limits refund/exchange terms or other specific conditions for Card sales, Merchant’s POLICY MUST BE CLEARLY PROVIDED TO THE CARDHOLDER PRIOR TO THE SALE AND AS PART OF YOUR SALE CONFIRMATION PROCESS. PROPER DISCLOSURE WOULD INCLUDE WORDING THAT IS PROMINANTLY DISPLAYED AND STATES “NO REFUND, EXCHANGE ONLY”, OR SOMETHING SUBSTANTIALLY SIMILAR AND INCLUDES ANY SPECIAL TERMS. NOTE: QUALIFYING YOUR REFUND OR EXCHANGE TERMS DOES NOT COMPLETELY ELIMINATE YOUR liability for a refund because consumer protection laws and Association Rules frequently allow the cardholder to still dispute these items. In particular, by implementing Directive 97/7/EC many European Union member states will have distance selling regulations which allow a consumer to cancel its contract with the Merchant within a defined period and receive a refund.

4. Term and Termination.

This CEA is effective upon the date Merchant accepts the terms and conditions set out herein and continues so long as Merchant uses the PayPal Service (“Services”) or until terminated by Merchant or Member, provided that those terms which by their nature are intended to survive termination (including without limitation, indemnification and chargeback obligations and limitations of liability) shall so survive termination. This CEA may be terminated by Member at any time based on a breach of any of Merchant’s obligations hereunder or for any other reason that Member deems exceptional.

This CEA will terminate automatically upon any termination of Merchant’s PUA.

5. Indemnification.

Merchant agrees to indemnify, defend, and hold Member harmless from and against all losses, liabilities, damages and expenses (including legal fees and collection costs) which the Member or their affiliates or agents may suffer or incur arising from any breach of any warranty, covenant or misrepresentation by Merchant under this CEA, or arising as a result of any tortious conduct by Merchant or Merchant’s employees or agents, in connection with Card transactions or otherwise arising from Merchant’s provision of goods and services to cardholders or from any contravention of any legal requirements.

6. Arbitration.

Any dispute with respect to this CEA between Merchant and HSBC Bank plc, including a dispute as to the validity or existence of this CEA and/or this clause, shall be resolved by arbitration in London, England, conducted in English by a single arbitrator in accordance with the ICC Rules. The parties agree to waive any right of appeal against the arbitration award. In the event of a failure by the parties to agree on the sole arbitrator within 30 days of one party calling upon the other to do so, one shall be appointed by the ICC.

7. Assignment/Amendments.

This CEA may not be assigned by Merchant without the prior written consent of Member. Member may assign their rights under this CEA without Merchant’s consent. This CEA may be amended by Member as provided under the PUA.

8. Warranty Disclaimer.

This CEA is a service agreement. We disclaim all representations or warranties, express or implied, made to merchant or any other person, including without limitation, any warranties regarding quality, suitability, merchantability, fitness for a particular purpose or otherwise of any services or any goods provided incidental to the services provided under this CEA to the extent permitted by law.

9. Limitation of Liability.

Notwithstanding anything in this CEA to the contrary, in no event shall the parties hereunder, or their affiliates or any of their respective directors, officers, employees, agents or subcontractors, be liable under any theory of tort, contract, strict liability or other legal theory for lost profits, lost revenues, lost business opportunities, exemplary, punitive, special, incidental, indirect or consequential damages, each of which is hereby excluded by agreement of the parties, regardless of whether such damages were foreseeable or whether any party or any entity has been advised of the possibility of such damages. Notwithstanding anything in this CEA to the contrary, in no event shall we be liable or responsible for any delays or errors in our performance of the services caused by our service providers or other parties or events outside of our reasonable control, including PayPal. Notwithstanding anything in this CEA to the contrary, the parties’ cumulative liability for all losses, claims, suits, controversies, breaches or damages for any cause whatsoever (including, but not limited to, those arising out of or related to this CEA) and regardless of the form of action or legal theory and whether or not arising in contract or tort (excluding negligence and wilful misconduct) shall not exceed the total volume of all transactions, expressed as a U.S. dollar amount, processed under this CEA. Nothing in this CEA shall exclude or limit any liability of any party for death or personal injury caused by negligence or fraud, deceit or fraudulent misrepresentation, howsoever caused.

10. Enforceability.

No term of this CEA shall be enforceable by a third party and in particular a person who is not a party to this CEA has no rights under the Contracts (Rights of Third Parties) Act 1999 to enforce or enjoy any of the benefits of this CEA (being a person other than the parties and their permitted successors and assignees).

11. Governing Law.

Governing law with respect to this CEA shall be the laws of England and Wales. Each party hereby submits to the non-exclusive jurisdiction of the courts of England and Wales.

12. Waiver.

The failure of a party to assert any of its rights under this CEA, including, but not limited to, the right to terminate this CEA in the event of breach or default by the other party, will not be deemed to constitute a waiver by that party of its right to enforce each and every provision of this CEA in accordance with its terms.

13. Relationship between the Parties.

No Partnership or Agency; Independent Contractors No agency, partnership, joint venture or employment relationship is created between Merchant and Member by way of this CEA. In the performance of their respective obligations hereunder, the parties are, and will be, independent contractors. Nothing in this CEA will be construed to constitute either party as the agent for the other for any purpose whatsoever. Neither party will bind, or attempt to bind, the other party to any contract or the performance of any obligation, and neither party will represent to any third party that it has any right to enter into any binding obligation on the other party's behalf.

14. No Illegal Use of Services.

Merchant will not access and/or utilise the Services for illegal purposes and will not interfere or disrupt networks connected with the Services.

15. Severability.

Whenever possible, each provision of this CEA will be interpreted in such a manner as to be effective and valid under applicable law, but if any provision hereof will be prohibited by or determined to be invalid by a court of competent jurisdiction, such provision will be ineffective to the extent of such prohibition or invalidity, without invalidating the remainder of such provision or the remaining provisions of this CEA.

2006-11-23 Text

COMMERCIAL ENTITY USER AGREEMENT FOR CREDIT CARD PROCESSING SERVICES

This policy was last modified on April 28, 2005

This Commercial Entity User Agreement for Credit Card Processing Services ("Commercial Entity Agreement" or "CEA") is provided to all PayPal Users that meet the definition of "Commercial Entities" or the equivalent under Association Rules (defined below) and that open and use a Premier or Business Account (such use of such accounts collectively termed the "Premier/Business Service"). (Each such entity or person receiving this document is hereby referred to as "Merchant". This CEA constitutes Merchant’s separate legally binding contract for credit card processing between (1) Merchant, as a Commercial Entity; (2) Member (which is (i) Wells Fargo Bank, N.A., for merchants domiciled in the United States or (ii) Trans Canada Credit Corp. for MasterCard transactions acquired for merchants domiciled in Canada or (iii) Deutsche Postbank AG, Bonn, Germany, for MasterCard transactions acquired for Merchants domiciled in Member states of the European Union or the following European countries: Andorra, Cyprus, Iceland, Liechtenstein, Malta, Monaco, Norway, San Marino, Switzerland, Turkey, Vatican City (collectively, the "European Countries"); and (3) Wells Fargo Merchant Services, LLC, San Francisco, CA, U.S. ("WFMS"), as agent for Member. Each such Member takes responsibility only towards Merchants that are located in the territory designated for it in the preceding sentence. Member and/or WFMS may terminate its provision of credit card processing services and enforce any of the provisions of Merchant’s PayPal Payment Processing Agreement ("PPA") setting forth requirements regarding credit card payments, all of which are incorporated in this CEA by reference. In this CEA "we", "us" and "our" refer to Member and WFMS. Any reference to the PPA shall mean the Payment Processing Agreement signed between Merchant and PayPal.

By signing the PayPal Payment Processing Agreement; Merchant agrees to the terms and conditions of this CEA and any documents incorporated by reference. Merchant further agrees that this CEA forms a legally binding contract between Merchant and Member and WFMS. Any rights not expressly granted herein are reserved by Member and WFMS. Descriptions of material amendments to this CEA will be provided as applicable. Any capitalized terms used in this CEA and not otherwise defined shall have the meanings set forth in the PPA.

1. Association Rules.

A. Deposit Transactions. Merchant agrees that it shall deposit only transactions that directly results from bona fide cardholder transactions with that Merchant. Merchant agrees that it will not deposit a transaction until Merchant: (i) obtains an authorization, (ii) completes the transaction, and either: (iii) ships or provides goods, (iv) performs the purchased service, or (v) obtains the cardholder’s consent for a recurring transaction.

B. Anti Money Laundering. Merchant agrees that it shall not deposit a transaction that does not result from a purchase of goods or services between the cardholder and Merchant.

C. Split Transactions. Split sales transactions are not allowed. Specifically, Merchant agrees that it will not use two or more sales transaction receipts for a single transaction to avoid or circumvent authorization limits, or monitoring programs.

D. Minimum or Maximum. Merchant agrees that it shall not set minimum or maximum transaction amounts as a condition of honoring Visa and MasterCard cards.

E. Surcharges. Merchant agrees that it will not impose surcharges on transactions.

F. Visa and MasterCard Marks. Merchant is authorized to use the Visa and MasterCard logos or marks only on Merchant’s promotional materials and website to indicate that Visa and MasterCard cards are accepted as payment for the business goods and services. Merchant agrees that it shall not use the logos and marks either directly or indirectly, to imply that Visa or MasterCard endorses Merchant’s goods or services; nor may Merchant refer to Visa or MasterCard when stating eligibility requirements for purchasing its products, services, or memberships.

G. Credit Vouchers. Credit vouchers may not be submitted for noncredit transactions. Merchant agrees that it shall not: (i) accept a payment from a card holder for the purpose of depositing funds to the cardholder’s account, or (ii) process a credit transaction without having completed a previous debit transaction with the same cardholder.

H. Cash Disbursements. Merchant agrees that if it sells travelers cheques or foreign currency that Disbursements shall be limited to the value of cheques, Visa TravelMoney, or currency sold in a single transaction, plus any applicable commissions. Merchant agrees that under no circumstances shall a Visa or MasterCard transaction represent collection of a dishonored check.

I. Authorization Requirements. Merchant agrees to obtain an authorization for transaction amounts above the specified floor limits required by Visa and MasterCard.

J. Discrimination. Merchant agrees that it shall not engage in any acceptance practice that discriminates against or discourages the use of Visa or MasterCard in favor of any other acceptance brand.

K. Present Transactions within 30 Business Days. Merchant agrees that a debit transaction shall not be presented until after the goods are shipped, or services provided, unless, at the time of the transaction, the cardholder agrees to a properly disclosed delayed delivery of the goods or services. Merchant agrees that when it receives authorization for delayed presentment, the words "Delayed Presentment" or something substantially similar must be disclosed to the cardholder.

L. Exchange of Cardholder and Account Data Prohibited. Merchant agrees that it will not sell, purchase, provide or exchange in any manner or disclose Visa or MasterCard account number information to anyone other than its acquirer, Visa or MasterCard (respectively) or in response to a government request.

M. Fraudulent or Unauthorized Use of Account Information Prohibited. Merchant agrees that it shall not request or use Visa or MasterCard account number information for any purpose that it knows or should have known to be fraudulent or in violation of Visa and MasterCard standards, Association Rules, the PPA, or this CEA, or for any purpose that the cardholder did not authorize.

N. Merchant Identification. Merchant agrees to prominently and unequivocally inform the cardholder of the identity of the Merchant at all points of interaction so that the cardholder readily can identify the transaction.

2. Card Associations. Visa U.S.A., Inc. and Visa International ("Visa") and MasterCard International Incorporated ("MasterCard") are associations of banks that electronically exchange sales records for credits and debits and reversals of sale transactions. Visa and MasterCard may be referred to in this CEA as the "Associations." Sales records are electronically transferred from banks that acquire them from sellers such as the Merchant (these banks are referred to as "Acquirers") through the appropriate Association, to the bank that issued the buyer’s credit card (these banks are referred to as "Issuers" or "Issuing Banks," and the buyers using credit cards are "Cardholders"). The Issuing Banks then bill their Cardholders for the transactions. The Associations have developed rules and regulations (the "Association Rules") that govern their member banks and merchants in the procedures, responsibilities and allocation of risk for payments made through the Associations. By accepting this CEA, Merchant is agreeing to comply with all such Association Rules.

3. Merchant’s Refund Policy must be on Merchant’s Website. If Merchant limits refund/exchange terms or other specific conditions for Card sales, Merchant’s POLICY MUST BE CLEARLY PROVIDED TO THE CARDHOLDER PRIOR TO THE SALE AND AS PART OF YOUR SALE CONFIRMATION PROCESS. PROPER DISCLOSURE WOULD INCLUDE WORDING THAT IS PROMINANTLY DISPLAYED AND STATES "NO REFUND, EXCHANGE ONLY", OR SOMETHING SUBSTANTIALLY SIMILAR AND INCLUDES ANY SPECIAL TERMS. NOTE: QUALIFYING YOUR REFUND OR EXCHANGE TERMS DOES NOT COMPLETELY ELIMINATE YOUR liability for a refund because consumer protection laws and Association Rules frequently allow the Cardholder to still dispute these items.

4. Term and Termination. This CEA is effective upon the date Merchant signed the PPA and continues so long as Merchant uses the PayPal Service ("Services") or until terminated by Merchant, Member, or WFMS, provided that those terms which by their nature are intended to survive termination (including without limitation, indemnification obligations and limitations of liability) shall continue in perpetuity. This CEA may be terminated by Member or WFMS at any time based on breach of any of Merchant’s obligations or representations herein or for any other reason. This CEA will terminate automatically upon any termination of Merchant’s PPA.

5. Indemnification. Merchant agrees to indemnify, defend, and hold Member and WFMS harmless from and against all losses, liabilities, damages and expenses (including attorneys’ fees and collection costs) which the Member and/or WFMS or their affiliates or agents may suffer or incur arising from any breach of any warranty, covenant or misrepresentation by Merchant under this CEA, or arising as a result of any tortious conduct by Merchant or Merchant’s employees or agents, in connection with Card transactions or otherwise arising from Merchant’s provision of goods and services to Cardholders or from any contravention of any legal requirements.

6. Arbitration.

A. Any dispute with respect to this CEA between Merchant and Wells Fargo Bank, N.A as Member, and/or WFMS as its agent, including a dispute as to the validity or existence of this CEA and/or this clause, shall be resolved by binding arbitration in accordance with the rules of the American Arbitration Association. Venue for any such arbitration shall be Santa Clara County, California. B. Any dispute with respect to this CEA between Merchant and Trans Canada Credit Corp. or Laurentian Bank, as Members, and/or WFMS as their agent, including a dispute as to the validity or existence of this CEA and/or this clause, shall be resolved by binding arbitration in accordance with the Arbitration Act of Ontario, and conducted in English. Venue for any such arbitration shall be Ontario, Canada C. Any dispute with respect to this CEA between Merchant and Deutsche Postbank AG and/ or WFMS as their agent, including a dispute as to the validity or existence of this CEA and/or this clause, shall be resolved by arbitration in London, England, conducted in English by a single arbitrator in accordance with the ICC Rules. The parties agree to waive any right of appeal against the arbitration award. In the event of a failure by the parties to agree on the sole arbitrator within 30 days of one party calling upon the other to do so, one shall be appointed by the ICC.

7. Assignment/Amendments. This CEA may not be assigned by Merchant without the prior written consent of Member and WFMS. The Member and WFMS may assign their rights under this CEA without Merchant’s consent. This CEA may be amended by the parties only upon mutual written agreement. Notwithstanding the above, WFMS and Member may amend this CEA to comply with Associational and regulatory regulations upon written notice to Merchant.

8. Warranty Disclaimer. This CEA is a service agreement. We disclaim all representations or warranties, express or implied, made to merchant or any other person, including without limitation, any warranties regarding quality, suitability, merchantability, fitness for a particular purpose or otherwise of any services or any goods provided incidental to the services provided under this CEA to the extent permitted by law.

9. Limitation of Liability. Notwithstanding anything in this CEA to the contrary, in no event shall the parties hereunder, or their affiliates or any of their respective directors, officers, employees, agents or subcontractors, be liable under any theory of tort, contract, strict liability or other legal theory for lost profits, lost revenues, lost business opportunities, exemplary, punitive, special, incidental, indirect or consequential damages, each of which is hereby excluded by agreement of the parties, regardless of whether such damages were foreseeable or whether any party or any entity has been advised of the possibility of such damages. Notwithstanding anything in this CEA to the contrary, in no event shall we be liable or responsible for any delays or errors in our performance of the services caused by our service providers or other parties or events outside of our reasonable control, including PayPal. Notwithstanding anything in this CEA to the contrary, the parties’ cumulative liability for all losses, claims, suits, controversies, breaches or damages for any cause whatsoever (including, but not limited to, those arising out of or related to this CEA) and regardless of the form of action or legal theory and whether or not arising in contract or tort (excluding negligence and willful misconduct) shall not exceed the total volume of all transactions, expressed as a U.S. dollar amount, processed under this CEA. Nothing in this CEA shall exclude or limit any liability of any party for death or personal injury caused by negligence or fraud, deceit or fraudulent misrepresentation, howsoever caused.

10. Enforceability. No term of this CEA shall be enforceable by a third party (being a person other than the parties and their permitted successors and assignees).

11. Governing Law. Governing law with respect to this CEA shall be determined in accordance with the Member: California, U.S. for Wells Fargo Bank, N.A.; Ontario, Canada for Laurentian Bank and Trans Canada Credit Corp.; and the laws of England and Wales for Deutsche Postbank AG.

12. Waiver. The failure of a party to assert any of its rights under this CEA, including, but not limited to, the right to terminate this CEA in the event of breach or default by the other party, will not be deemed to constitute a waiver by that party of its right to enforce each and every provision of this CEA in accordance with its terms.

13. Relationship between the Parties. No Partnership or Agency; Independent Contractors No agency, partnership, joint venture or employment relationship is created between Merchant and WFMS and/or Member by way of this CEA. In the performance of their respective obligations hereunder, the parties are, and will be, independent contractors. Nothing in this CEA will be construed to constitute either party as the agent for the other for any purpose whatsoever. Neither party will bind, or attempt to bind, the other party to any contract or the performance of any obligation, and neither party will represent to any third party that it has any right to enter into any binding obligation on the other party's behalf.

14. No Illegal Use of Services. Merchant will not access and/or utilize the Services for illegal purposes and will not interfere or disrupt networks connected with the Services.

15. Severability. Whenever possible, each provision of this CEA will be interpreted in such a manner as to be effective and valid under applicable law, but if any provision hereof will be prohibited by or determined to be invalid by a court of competent jurisdiction, such provision will be ineffective to the extent of such prohibition or invalidity, without invalidating the remainder of such provision or the remaining provisions of this CEA.

ADDENDUM ONE TO COMMERCIAL ENTITY USER AGREEMENT FOR CREDIT CARD PROCESSING SERVICES

This policy was last modified on August 31, 2005

This Addendum One (“Addendum”) to the Commercial Entity User Agreement for Credit Card Processing Services (“Commercial Entity Agreement”) is provided to all PayPal Users that have applied for Virtual Terminal as a stand-alone product or PayPal Payments Pro provided by PayPal in conjunction with card processing services provided by Wells Fargo Bank, N.A. and Wells Fargo Merchant Services, LLC (collectively, “Wells Fargo”). (Each such entity or person receiving this document is hereby referred to as “you” or “your.”) This Addendum applies in addition to the Commercial Entity Agreement, and the PayPal User Agreement and all other agreements incorporated therein (collectively “User Agreements”). In this Addendum “we”, “us” and “our” refer to Wells Fargo. The card processing services provided by Wells Fargo to PayPal Users through the Virtual Terminal or Payment Pro products are referred to as “Virtual Terminal and/or Payment Pro Card Services”.

By clicking "I Agree" or "I Accept"; you agree to the terms and conditions of this Addendum and any documents incorporated by reference. You further agree that this Addendum forms a legally binding contract between you and us, and that this Addendum constitutes "a writing signed by you" under any applicable law or regulation. Any rights not expressly granted herein are reserved by us. This Addendum is subject to change by us without prior notice (unless prior notice and/or consent is required by law), by posting of the revised agreement on the PayPal website. Descriptions of material amendments to this Addendum will be posted on the PayPal website. You may review the current Addendum prior to initiating a transaction using Virtual Terminal and/or PayPal payments Pro Card Services at any time at PayPal’s Card Processing Agreement page.

Any capitalized terms used in this Addendum and not otherwise defined shall have the meanings set forth in the User Agreements. Except as expressly provided in this Addendum, no changes are being made to the User Agreements.

1. Virtual Terminal and/or PayPal Payments Pro Card Services.

The Virtual Terminal and/or PayPal Payments Pro Card Services allows merchants to initiate a credit card payment via the merchant’s hosted web payment page. Virtual Terminal and/or PayPal Payments Pro Card Services will be used to accept credit or debit cards over the telephone or per fax or mail notice. Each transaction submitted through Virtual Terminal and/or PayPal Payments Pro Card Services must be for a distinct sale.

1.1 Information provided by you during the application process will be used to evaluate your eligibility to use Virtual Terminal and/or PayPal Payments Pro Card Services. You may also be required to provide additional information after you have been accepted for Virtual Terminal and/or PayPal Payments Pro Card Services to confirm your ongoing eligibility and compliance with the conditions for using Virtual Terminal and/or PayPal Payments Pro Card Services. This evaluation and ongoing review may include the evaluation of both personal and business credit records. If, on the basis of this evaluation, it is determined that you are eligible, you will be notified of your acceptance and provided with information on activating the Virtual Terminal and/or PayPal Payments Pro Card Service. Upon your acceptance for Virtual Terminal and/or PayPal Payments Pro Card Services this Addendum will be deemed to be fully executed and will become effective starting on the date of your acceptance ("Effective Date") except with respect to your representations in the application process on which we may rely immediately. YOU AGREE AND ACKNOWLEDGE THAT WE AND/OR OUR AGENTS RESERVE THE RIGHT IN OUR SOLE DISCRETION TO REJECT YOUR ENROLLMENT FOR THE VIRTUAL TERMINAL AND/OR PAYPAL PAYMENTS PRO CARD SERVICES WITHOUT ANY FURTHER OBLIGATION TO YOU.

1.2 Subject to all the terms and conditions of this Addendum and any applicable terms of the Card Processing Agreement and PayPal User Agreement, you are hereby granted a non-exclusive, revocable license to use Virtual Terminal and/or PayPal Payments Pro Card Services.

1.3 Under this Addendum, you may elect to submit transactions under (1) credit cards, (2) consumer debit cards or prepaid cards, or (3) both, at the pricing set forth in the Fee Schedule, subject to the limitations herein.

2. Fees

PayPal's current Fee Schedule for using Virtual Terminal and/or PayPal Payments Pro Card Services is posted on the website. Unless otherwise stated, all fees quoted are in U.S. dollars. You are responsible for paying all fees associated with the use of Virtual Terminal and/or PayPal Payments Pro Card Services.

3. Password and Implementation Materials Promptly on or following the Effective Date, you will be allowed to access and utilize the Virtual Terminal and/or PayPal Payments Pro Card Services and you will be provided with some information and materials to utilize the Virtual Terminal and/or PayPal Payments Pro Card Services. Such information and materials and all intellectual property rights associated therewith will remain the property of PayPal or Wells Fargo, as appropriate. You agree to restrict use and access to your password and log-on ID to Your employees and agents as may be reasonably necessary, and will ensure that each such employee or agent complies with all applicable provisions of this Addendum. You will not give, transfer, assign, sell, resell or otherwise dispose of the information and materials provided to you to utilize the Virtual Terminal and/or PayPal Payments Pro Card Services. You are solely responsible for maintaining adequate security and control of any and all IDs, passwords, or any other codes that are issued to you by PayPal or Wells Fargo.

4. Compliance with Data Security Requirements

4.1 You will: (i) comply with all then-current legal obligations and guidelines, including without limitation those issued by Associations and the Federal Trade Commission, associated with the collection, security and dissemination of data on your website, and expressly including the Visa Cardholder Information Security Program (CISP). (For details of this program log onto www.visabrc.com) and the MasterCard Site Data Protection Program (SDP); and (ii) conspicuously post on your website a privacy policy that meets all applicable legal and Association requirements and is consistent with good business practices with respect to the collection and use of customers' personally identifiable information. You shall not store Cardholder Verification Value 2 (CVV2) information or any other payment method information of any cardholder (whether received electronically or by fax or hardcopy) and will be liable for any fines for violation of such Association Rule. If you fail to comply with the requirements of this Section, we may terminate your use of Virtual Terminal and/or PayPal Payments Pro Card Services

4.2 You are fully responsible for the security of data on your website or otherwise in your possession. You will: (i) comply with all then-current legal obligations and guidelines, including without limitation those issued by Visa USA, Inc., MasterCard International Incorporated or other applicable card associations (collectively, the “Associations”, and the “Association Rules”) and the Federal Trade Commission, associated with the collection, security and dissemination of data on your website, and expressly including the Visa Cardholder Information Security Program (CISP) and MasterCard’s Site Data Protection (SDP) Program. These programs include without limitation requirements that you: maintain a network firewall, keep security patches up-to-date, encrypt stored data, maintain updated anti-virus software, restrict access to data (including physical access), maintain unique user identification, user tracking and password requirements, conduct regular testing of security systems and procedures, maintain a security information policy for employees and contractors. For details of these programs log onto www.visa.com/cisp or MasterCard’s SDP Program website ); (ii) conspicuously post on your website a privacy policy that meets all applicable legal and Association requirements and is consistent with good business practices with respect to the collection and use of customers' personally identifiable information; and (iii) notify us of any agent, including any web hosting service, gateway, shopping cart, or other third party provider, that has access to cardholder data and ensure that such agent is compliant with all then-current legal obligations associated with the collection, security and dissemination of data; (iv) provide information or access to records as needed for us to evaluate your compliance with this section, and (v) notify us immediately of any security breach to your data records or system as it relates to your use of Virtual Terminal and/or PayPal Payments Pro Card Services . If you fail to comply with the requirements of this Section, or we have indication of an actual or potential security breach, we may suspend or terminate your use of Virtual Terminal and/or PayPal Payments Pro Card Services. If you are suspended, the notice will explain the basis for such suspension, including measures reasonably calculated to rectify the failure or security breach. The suspension will remain in effect and until such time as we are satisfied that you have cured your failure or properly addressed the security breach. You shall not store or retain, PIN data, AVS data, or Card Validation Codes (three-digit values printed in the signature panel of most Cards, and a four-digit code printed on the front of an American Express Card) of any cardholder and will be liable for any fines for violation of such Association Rule. You acknowledge that in the event that we receive indication of a security breach or compromise of cardholder data relating to you, you may be required to have a third party forensic auditor certified by the Associations, conduct a security review of your systems and facilities and issue a report to be provided to us and the Associations. In the event that you fail to initiate such process after our request you authorize us to take such action, at your expense.

4.3 Under certain circumstances, and contingent upon receipt of our express permission, you may utilize third parties in order to perform certain of your obligations under this Addendum (each such party, a “Technical Services Provider”). The data security standards set forth in Section 4.1 above apply to any Technical Service Provider that you may use to store, process or transmit Cardholder data to us. Because such Technical Service Provider must be registered with the applicable Association(s), you must (1) notify us of any Technical Service Provider that engages in, or proposes to engage in, the storing, processing or transmitting of Cardholder data on your behalf, regardless of the manner or duration of such activities and (2) ensure that all such Technical Service Providers are (A) registered with the applicable Association and (B) comply with all applicable data security standards, including, without limitation, CISP and SDP Program requirements (see Section 6.4 of this Agreement). Your failure to comply with these requirements, or the failure of your Gateway processor to register and/or comply with applicable data security requirements, may result in fines or penalties for which you are liable and termination of this Agreement. In the event that such a Technical Service Provider is being used by you and we deem it necessary, you: (a) give us permission to register you with such Technical Service Provider, if needed; and (b) agree that you are solely responsible for your relationship with such Technical Service Provider and any data transmitted or made available to such Technical Service Provider, including complying with any requirements of such provider with respect to its services, hardware or software and obtaining any required end-user consents for transmission of data through such Technical Service Provider.

5. Use of Cardholder Information

Unless you obtain consents from us and each applicable Association, card issuing bank and Cardholder, you must not use, disclose, sell or disseminate any Cardholder information obtained in connection with a Card transaction (including the names, addresses and Card account numbers of Cardholders) except for purposes of authorizing, completing and settling Card transactions and resolving any chargebacks, retrieval requests or similar issues involving Card transactions, other than pursuant to a court or governmental agency request, subpoena or order. You shall use proper controls for and limit access to, and render unreadable prior to discarding, all records containing Cardholder account numbers and Card imprints. You may not retain or store magnetic stripe data or hardcopies containing cardholder data (including faxes) after a transaction has been authorized. If you store any electronically captured signature of a Cardholder, you may not reproduce such signature except upon our specific request. Association rules prohibit the sale or disclosure of databases containing Cardholder account numbers, personal information, or other Visa transaction information to third parties as an asset of a failed business. In such cases, transaction information is required to be returned to the acquiring bank (Wells Fargo Bank, N.A.) or acceptable proof of destruction of this data provided. You are responsible for compliance with this section by any third party processor, hosting service or other agent of yours engaged in the processing or storage of cardholder data. You must notify us of any such third party so engaged, and notify us of any access to transaction data by any unauthorized person. Unless you obtain consents from us and each applicable Association, card issuing bank and cardholder, you must not use, disclose, sell or disseminate any cardholder information obtained in connection with a Card transaction (including the names, addresses and Card account numbers of Cardholders) except for purposes of authorizing, completing and settling Card transactions and resolving any chargebacks, retrieval requests or similar issues involving Card transactions, other than pursuant to a court or governmental agency request, subpoena or order. You shall use proper controls for and limit access to, and render unreadable prior to discarding, all records, in whatever format they may exist, containing Cardholder account numbers and Card imprints. You may not retain or store magnetic stripe data after a transaction has been authorized. If you store any electronically captured signature of a Cardholder, you may not reproduce such signature except upon our specific request. Association Rules prohibit the sale or disclosure of databases containing cardholder account numbers, personal information, or other Visa transaction information to third parties as an asset of a failed business. In such cases, transaction information is required to be returned to the acquiring bank (Wells Fargo Bank, N.A.) or acceptable proof of destruction of this data provided.

6. Other Terms and Conditions

6.1 This Addendum is effective upon the date you first click "I Agree" or "I Accept" and continues so long as you use the Virtual Terminal and/or PayPal Payments Pro Card Services until terminated by you, PayPal, or Wells Fargo, provided that those terms which by their nature are intended to survive termination (including without limitation, indemnification obligations and limitations of liability) shall continue in perpetuity.

6.2 This Addendum may be terminated by us at any time based on breach of any of your obligations or representations herein or for any other reason, in our sole discretion, including, without limitation, any complaints of unauthorized transactions or unauthorized access to transaction data, which may result in immediate termination without notice of Virtual Terminal and/or PayPal Payments Pro Card Services eligibility. This Addendum will terminate automatically upon any termination of your Card Processing Agreement or PayPal User Agreement. The provisions of Section 6 (Other Terms and Conditions) shall survive any termination of this Addendum.

6.3 You agree to indemnify and hold each of PayPal and Wells Fargo harmless from and against all losses, liabilities, damages and expenses (including attorneys’ fees and collection costs) which we or any of our affiliates or agents may suffer or incur arising directly or indirectly from any breach of any warranty, covenant or agreement or any misrepresentation by you under this Addendum, or arising as a result of anything done or omitted to be done whether in contract or tort (including negligence) by you or your employees or agents, in connection with Virtual Terminal and/or PayPal Payments Pro Card Services or otherwise arising from your provision of goods and services to Cardholders or from any contravention of any legal requirements on you.

6.4 Any dispute with respect to this Addendum between you and either PayPal or Wells Fargo, including a dispute as to the validity or existence of this Addendum and/or this clause, shall be resolved by binding arbitration in accordance with the rules of the American Arbitration Association. Venue for any such arbitration shall be California.

6.5 This Addendum may not be assigned by you under any circumstances. PayPal or Wells Fargo may assign their rights under this Addendum without your consent.

6.6 This Addendum may be amended by us at any time by posting of a revised agreement on the Card Processing Agreement page of the PayPal website.

6.7 THIS ADDENDUM IS A SERVICE AGREEMENT. WE DISCLAIM ALL REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, MADE TO YOU OR ANY OTHER PERSON, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES REGARDING QUALITY, SUITABILITY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR OTHERWISE OF ANY SERVICES OR ANY GOODS PROVIDED INCIDENTAL TO THE SERVICES PROVIDED UNDER THIS ADDENDUM TO THE EXTENT PERMITTED BY LAW. ADDITIONALLY, WE SPECIFICALLY DISCLAIM ANY WARRANTIES THAT VIRTUAL TERMINAL AND/OR PAYPAL PAYMENTS PRO CARD SERVICES WILL WORK AS DESCRIBED, AND SHALL BEAR NO LIABILITY IF TRANSACTIONS ARE NOT PROCESSED.

6.8 NOTWITHSTANDING ANYTHING IN THIS ADDENDUM TO THE CONTRARY, IN NO EVENT SHALL WE, OUR AFFILIATES OR ANY OF OUR/THEIR RESPECTIVE DIRECTORS, OFFICERS, EMPLOYEES, AGENTS OR SUBCONTRACTORS, BE LIABLE UNDER ANY THEORY OF TORT, CONTRACT, STRICT LIABILITY OR OTHER LEGAL THEORY FOR LOST PROFITS, LOST REVENUES, LOST BUSINESS OPPORTUNITIES, EXEMPLARY, PUNITIVE, SPECIAL, INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES, EACH OF WHICH IS HEREBY EXCLUDED BY AGREEMENT OF THE PARTIES, REGARDLESS OF WHETHER SUCH DAMAGES WERE FORESEEABLE OR WHETHER ANY PARTY OR ANY ENTITY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

6.9 NOTWITHSTANDING ANYTHING IN THIS ADDENDUM TO THE CONTRARY, IN NO EVENT SHALL WE BE LIABLE OR RESPONSIBLE FOR ANY DELAYS OR ERRORS IN OUR PERFORMANCE OF THE VIRTUAL TERMINAL AND/OR PAYPAL PAYMENTS PRO CARD SERVICES CAUSED BY OUR SERVICE PROVIDERS OR OTHER PARTIES OR EVENTS OUTSIDE OF OUR REASONABLE CONTROL.

6.10 NOTWITHSTANDING ANYTHING IN THIS ADDENDUM TO THE CONTRARY, OUR CUMULATIVE LIABILITY FOR ALL LOSSES, CLAIMS, SUITS, CONTROVERSIES, BREACHES OR DAMAGES FOR ANY CAUSE WHATSOEVER (INCLUDING, BUT NOT LIMITED TO, THOSE ARISING OUT OF OR RELATED TO THIS ADDENDUM) AND REGARDLESS OF THE FORM OF ACTION OR LEGAL THEORY AND WHETHER OR NOT ARISING IN CONTRACT OR TORT (INCLUDING NEGLIGENCE) SHALL NOT EXCEED $50,000.

6.11 NOTHING IN THIS ADDENDUM SHALL EXCLUDE OR LIMIT ANY LIABILITY OF ANY PARTY FOR DEATH OR PERSONAL INJURY CAUSED BY NEGLIGENCE OR FRAUD, DECEIT OR FRAUDULENT MISREPRESENTATION, HOWSOEVER CAUSED.

6.12 In the event of any conflict between the terms of this Addendum and other terms of the Card Processing Agreement or the PayPal User Agreement, this Addendum shall have precedence.

6.13 No term of this Addendum shall be enforceable by a third party (being a person other than the parties and their permitted successors and assignees).

6.14 Governing law with respect to this Addendum shall be California.