The following lays out the terms and conditions for the use of the Endeavour 3DSecure MPI for the provision of 3DSecure for Acquiring/Merchant Services.
WHEREBY IT IS AGREED as follows:
1. ENDEAVOUR MERCHANT-PLUG-IN (MPI) FOR 3DSECURE (VISA,MASTERCARD, AMEX, DINERS, MIR AND JCB)
1. Endeavour is providing the merchant plug in (MPI) which is compatible with 1.0.2 standard.
2. MPI works for all of Visa, MasterCard, Amex, Diners, MIR and JCB (Card Schemes).
3. The Endeavour MPI is licensed by Card Schemes for the provision of 3DSecure.
4. MPI is installed on servers operated by Endeavour and will be accessed by Client via an API over a secure internet.
2. DESCRIPTION OF SERVICES
5. Endeavour undertakes to provide services to the client, with the following specifications:
a. Endeavour shall maintain the MPI and will fix any issues or bugs in the software in a timely fashion.
b. Endeavour shall host the MPI and provide hardware and network facilities to ensure the maximum uptime. Endeavour is not responsible for any losses or costs that may be incurred by Merchant through either the delivery or services or the non-delivery of services.
c. Endeavour shall ensure that the MPI is functional with availability of 99.99%. Merchants are entitled to terminate contract with Endeavour if this QOS is not achieved.
3. RESPONSIBILITIES OF MERCHANTS
6. Merchants undertakes to comply with the following conditions:
a. Merchants shall ensure that fees are not in arrears.
b. Merchants shall use the MPI exclusively for their own website. MPI will not be shared or resold to other merchants.
c. Merchant shall use the MPI for the sole purpose of authenticating card holders online.
d. Merchant shall use the MPI in accordance with card scheme regulations.
4. DATA PROTECTION
7. Merchants must treat all information about the Endeavour MPI as confidential.
8. Merchants undertakes to respect the following obligations:
a. to treat all manuals and documentation for the Endeavour MPI as being confidential;
b. to treat access to any systems provided by Endeavour MPI as being confidential;
c. Take all measures to prevent any fraudulent use of Endeavour MPI;
9. All information collected by Endeavour during the delivery of its services will be strictly covered by professional secrecy.
10. With reference to any country specific laws concerning the protection of individuals with regards to the processing of personal data, Endeavour agrees to take all necessary precautions to preserve data security and particularly to prevent it from being distorted, damaged or communicated to unauthorized persons.
11. Endeavour undertakes to respect the following obligations:
a. Not to use any data collected except for the purposes specified in these terms and conditions;
b. Not to disclose any data collected outside of authorized parties;
c. Take all measures to prevent any fraudulent use of data;
d. Take all security measures ensure the conservation and integrity of data in its possession;
12. Endeavour shall inform Payment Processor as soon as it becomes aware of any request for access to Personal Data by judicial and/or administrative authority.
13. Both Parties shall take all necessary measures to ensure that their employees and staff respect the obligations above, which remain applicable for a period of three (03) years from the expiration of this Agreement regardless of the cause.
14. Upon the termination of this agreement Endeavour agrees to return to Client or to destroy - according to the instructions of Client - Personal Data and / or files created in any form under this agreement.
15. Unless otherwise indicated in any other Part of this Agreement or its attached Schedules, the copyright in any report, documentation, information, software or invention on whatever media, prepared or created by Endeavour pursuant to this Agreement shall be the property of the Endeavour notwithstanding termination hereof unless otherwise expressly agreed in writing by the Client. The Merchant hereby assigns all right, title and interest in and to the same to the Endeavour.
16. Both parties mutually agree that They shall not, other than with the prior written consent of the other party, during or after the termination, determination or expiry of this Agreement disclose directly or indirectly to any person, firm, company or third party and shall only use for the purposes of this Agreement, any information relating to the Assignment, company information, its business, trade secrets, customers, suppliers or any other information of whatever nature which either party or its customer or nominee may deem to be confidential and which either has or shall hereafter become possessed of.
17. The foregoing provisions shall not prevent the disclosure or use by either party of any information which is or hereafter, through no fault of the either party, become public knowledge or to the extent permitted by law.
18. The archiving duration of information stored will be in conformity with PCI-DSS which states that historical data and audit logs should be retained for at least one year, with a minimum of three months immediately available online (PCI Requirement 10.7). Client can specifically request a change the archiving period as long as it does not fall below the minimum requirements for PCI-DSS.
19. If either party shall be guilty of any serious misconduct or any serious breach or non-observance of any of the conditions of this Agreement or shall neglect or fail or refuse to carry out the duties assigned to him hereunder (insofar as these requests are in accordance with the Law), the other party shall be entitled summarily to terminate the engagement hereunder without notice and without any payment in lieu of notice and without prejudice to any rights or claims the first party may have against the other party arising out of such default.
20. Each part shall have the right to terminate this Agreement subject to giving the other part at least 90 days prior written notice.
21. Upon the termination of this Agreement or the Client?s engagement whichever shall be the earlier, the Client or his personal representative as the case may be, shall immediately deliver up to the Endeavour all correspondence, reports, documents, specifications, papers, information (on whatever media) and property belonging to Endeavour which may be in his possession or under his control together with all confidential information or copyright works specified in Clause 4 above.
22. Similarly, upon the termination of this agreement all information belonging to Client which may be in possession of Endeavour or under its control shall be delivered up to Client.
23. Both Client and Endeavour undertake that it shall not without the other Party?s prior written consent, either during or within six months after completion of the Assignment or termination of this Agreement whichever is the later, engage employ or otherwise solicit for employment any person who, during the relevant period, was an employee of the other Party or its customer or nominee as the case may be.
24. Neither Client nor Endeavour shall transfer or assign the whole or any part of this Agreement without the prior written consent of the other party.
12. HEADINGS AND EXPRESSIONS
25. The headings contained herein are for convenience of reference only and shall not affect the construction hereof. The expressions "client" "consultant", "acquirer", "gateway", "merchant", "him" "its" or such other expressions as appear herein shall be deemed to include the masculine, feminine or plural thereof where the context so admits.
26. In the event that any of the terms contained herein are determined by any competent authority to be invalid or unenforceable to any extent, such term shall to that extent be severed from the body of this Agreement which shall continue to be valid and enforceable to the fullest extent permitted by the Law.
27. This Agreement shall take effect in substitution for all previous agreements and arrangements whether written or oral or implied between the Client and the Consultant relating to the services of the Consultant and all such agreements and arrangements shall be deemed to have been terminated by mutual consent with effect from the date hereof.
28. This agreement does not supersede the rules, regulations and directives issued by the card schemes governing the use of 3DSecure; rules, regulations and directives issued by the card schemes takes priority over this agreement.