Agmt11 EPX-Electronic Payment Exchange

Browse Search

ii. In the event of a security intrusion, Merchant agrees to fully cooperate with a third party approvcd Paymcnt Card Industry assessor and/or representative to conduct a thorough security review and validate compliance with the Payment Cazd Indusuy Data Securiry Standards (PCI) for protecung Cardholder data; iii. Merchant is responsible for security of Card6older data in possession; iv. Bank, EPX, Merchant and each payment cazd brand have ownership of Cardholder data and may use such data ONLY for assisting these parties in the wmpletion of Transactions, suppoRing a loyalty program, providing fraud control services, or For other uses specifically required by law; v. In the event this Agreement is terminated by any of the parties, each party agees to continue to treat account holder data as confidential; vi. Immediately notify Visa USA Risk Management, through its acquirer, of thc use of a Merchant Scrviccr; and vii. Ensure the Merchant Scrvicer implements and maintains all of the security requirements, as specified in the PCl program. viii. Merchant must ensure PCI compliance of any residual data which may exist. My residual data which is destroyed must be disposed of in a secure manner. 5.4. Use of EPX S sv tems. Use of software programs approved by EPX and related equipment installcd or improved by GPX for use with the EPX System, will be subject to the following: i. Merchant will use and operate thc EPX Systems onty in accordance with Manuals, as amended from time to time by EPX; ii. If Merchant is using EPX-provided softwaze, Merchant will install, use and operate the Sofivare only in accordancc with the Manuals, as amended from time to time by EPX; iii. In processing Transactions, Merchant shall use only software programs, file fomiats and processing methods that have been approved and ce�tified by EPX's Integration staff; and iv. Merchant shall be responsible for the custody and control of all passwords provided by EPX to Merchant to access the EPX reporcing system. 5.5. Compliance with Anplicable Law. Merchant represents and warrants that it has obtained all necessary regulatory approvals, certificates and licenses ro provide any services it intends to offer and that it is in compliance with the regulations of the Federal Trade Commission and the Federal Communications Commission and shall comply with all present and future federal, state and local laws and regulations pertaining to Transactions, including, without limitation, the Federal Fair Credit Reporting Act, the Federal Truth-in-Lending Act, the Electronic Fuud Transfers Act, the Federal Equal Credit Opportunity Act, as amended, and the Telephone Disclosure and Dispute Resoludon Act, as applicable. 5.6. Web Site Requirements for E-Commerce Merchanu. A web site operated by the Merchant that accepts Card Transactions must contain all of the following information: i. Complete description of the services offered; ii. Retum merchandise and refund policy; which includes the communication of the retum policy during the order process and thc requirement that the cardholder must be allowed to sclect a "click to accepY' option of other affirmative button to acknowledge the policy; iii. Terms xnd conditions must be displayed on the same screen view as the checkout screen used to present the total purchase amount; or iv. Witt�in the sequence of web pages the cazdholder accesses during the checkout process. v. Customer servicc contact including e-mail address or telephone number; vi. Transaction currency; vii. Export or legal resvictions; viii. Delivery policy; ix. Consumer data privacy policy; x. The security method offered For transmission of payment data such as Secure Sockets Layer or 3-D Secure•, and Initinls I`" �n � P:�ge % of 19 -- -- � � �.