This Lock Trust Online Payment Services Agreement (“Agreement”) is a contract between you (“Merchant”, “you” and “your”) and Lock Trust, Inc. (“Lock Trust”, “we”, “us”, or “our”) and governs your use of the Online Payment Services. You must read, agree with, and accept all of the terms and conditions contained in this Agreement and the Lock Trust User Agreement to use any of the Online Payment Services set forth herein. By continuing to use any such Online Payment Services, you also agree to remain in compliance with all of the terms and conditions in this Agreement and the Lock Trust User Agreement, so please read all of the terms and conditions carefully.

This Agreement, the Lock Trust User Agreement, and any other applicable agreement(s) you have entered into with Lock Trust (collectively “Lock Trust Agreements”) shall apply to your use of the Online Payment Services. If any inconsistency exists between the terms of the Lock Trust User Agreement and this Agreement, then, except for Lock Trust Checkout, the terms of this Agreement shall control in connection with your use of the Online Payment Services. The terms of the Lock Trust User Agreement shall control for any inconsistency for Lock Trust Checkout.

We may amend or otherwise revise this Agreement and any applicable policies from time to time. The revised version will be effective at the time we post it unless otherwise noted. If our changes reduce your rights or increase your responsibilities, we will provide notice of such changes in accordance with the terms of the Lock Trust User Agreement. By continuing to use our Online Payment Services after any changes to this Agreement, you agree to abide and be bound by those changes. If you do not agree with any changes to this Agreement, you may, as applicable, terminate your use of the Online Payment Services before such changes become effective and/or close your account.

For purposes of this Agreement, “Online Payment Services” means services offered by Lock Trust:

• which provide merchants with the ability to accept and receive credit and debit card payments on a website or mobile application where cardholders enter their own Card Data, or by merchants manually entering Card Data given to them by a cardholder. For purposes of this Agreement, these services include Payments Credit and Debit Card Payments, and Virtual Terminal (the “Card Payment Services”); and
• that allow merchants to originate Automated Clearing House (“ACH”) credit and debit entries to a bank account (the “ACH Services” or “Direct Debit”).

Part I – Product-specific terms for Card Payment Services

1.1. Interchange Plus Pricing Terms

If you choose to activate Interchange Plus Plus pricing, then the following terms will apply to you:

1. Interchange Pass-through Costs. Interchange Pass-through Costs will be passed through to you in addition to all current fees as set forth on the Fees page which correspond to Interchange Plus Plus or IC++ pricing (collectively “Interchange Plus Plus” or “IC++”). Fees for card processing and third-party digital wallets will be charged monthly, all other applicable fees will continue to be charged per transaction.
2. Gross Settlement. We will invoice you on the 7th of each calendar month (or a date otherwise notified by Lock Trust) (“Fee Invoice”) for all fees, charges, or other amounts accrued in connection with your use of Lock Trust’s card processing services. (“Gross Settlement”).
3. Currency conversion. (a) Lock Trust may allow you to choose the currency in which the Fee Invoice will be billed (“Fee Invoice Currency”). If you have accepted transactions in currencies other than the Fee Invoice Currency, then Lock Trust will convert those currencies into the Fee Invoice Currency at the time of Fee Invoice generation. (b) Lock Trust may allow you to pay the Fee Invoice in the denominated currency of the linked bank account you nominate for debiting amounts owed to Lock Trust (“Linked Bank Account Currency”). If the Fee Invoice Currency is different from the Linked Bank Account Currency, Lock Trust will convert the amount of the Fee Invoice into the Linked Bank Account Currency at the time of debiting. If Lock Trust converts currency pursuant to this provision, it will be completed at an exchange rate that we set in accordance with the Lock Trust User Agreement and that includes our Currency Conversion spread; or, if required by law or regulation, set at the relevant government reference rate(s).
4. Debit Authorization. You authorize Lock Trust to debit your linked bank account and setoff from such bank account amounts to Lock Trust. If necessary, you also authorize Lock Trust to credit your account to correct erroneous debits and for fees, charges, or other amounts arising from your use of Lock Trust’s card processing services. You agree to provide Lock Trust with all necessary bank account information and grant Lock Trust permission to debit, setoff, or credit amounts due from your bank account on the 10th of the month (or a date otherwise notified by Lock Trust) and again on the 20th of the month (or a date otherwise notified by Lock Trust) if the authorization fails (“Debit Authorization”). You certify that the bank account information you provide to Lock Trust belongs to you.
5. Revocation of Debit Authorization. You may revoke this Debit Authorization at any time by deactivating IC++ in your Lock Trust account settings. However, the Debit Authorization will continue until the end of the month and Lock Trust will continue to debit, credit, or setoff from your account amounts due for the last month.

You understand that revocation of the Debit Authorization does not terminate, cancel, reduce, or otherwise affect the obligations you owe to Lock Trust, and the Debit Authorization applies only to the method of payment and does not have any bearing on amounts due to Lock Trust under the Agreement.

1. In the Event of Debit Failure. If both debit attempts fail, Lock Trust may:

1. • deduct these amounts from your Lock Trust account balance;

1. • engage in collection efforts to recover the amount due from you; or

1. • take any or all other actions as provided herein or in the user agreement.

1. Questions. If you have any questions about the fees, charges, or amounts found in your invoices, please contact us.

1.2. Service-Specific Payment Terms

1. VT Terms. If you use Virtual Terminal (“VT”) only, you agree to allow Lock Trust to charge your Lock Trust account for fees that become due under this Agreement. In the event that Lock Trust is unable to recover any fee amount that is due from your Lock Trust account, Lock Trust may terminate your use of the Services within thirty (30) days of the date that the fee was due and you will remain obligated to pay Lock Trust for any unpaid amounts. If you use Lock Trust and choose to have your fees under this Agreement charged to your Lock Trust account, the terms of this Section 2.d.i. apply.
2. Lock Trust Payment Gateway (LTPG) Terms. If you use Lock Trust Payment Gateway (LTPG), you agree to allow Lock Trust to charge the credit card or bank account that you provided when you registered for these Services for fees that become due under this Agreement. If you use LTPG and choose to have your fees under this Agreement charged to your credit card or bank account, the terms of this Section 2.d.ii. apply.
3. Required Use of Lock Trust-Hosted Pages for Lock Trust Payments. Requires the exclusive use of Lock Trust-hosted templates on your checkout pages to process payments. If you use TPSP to process payment sales or authorizations on non-Lock Trust hosted pages, you may be charged the higher monthly fee for using LTPG, but you may not receive full access to all features of LTPG. Lock Trust may implement this fee increase in its sole discretion at any time with thirty (30) days’ prior written notice to you. You agree to terminate your use of the Online Payment Services if you do not agree to this fee.

1.3. Failure to Use Lock Trust Checkout

If you fail to comply with the requirement to use Lock Trust Checkout described in Section 1.11, you may be subject to up to a 1% fee increase to your then current Transaction Fee rate. This fee may be included in your initial rate when you first sign up for the Online Payment Services, or may be added at any time by Lock Trust with thirty (30) days’ prior written notice of the fee increase. You agree to terminate your use of the Online Payment Services if you do not agree to this fee.

1.4. Risk Factors Fee

If Lock Trust determines that your Lock Trust account receives, or is likely to receive, a disproportionately high number of customer complaints, Reversals, chargebacks, disputes, claims, fees, fines, penalties or other liability (collectively “Risk Factors”), you may be subject to up to a 5% fee increase above your then current Transaction Fee rate. This fee may be added to your initial rate when you first sign up for the Online Payment Services, or may be added at any time by Lock Trust with thirty (30) days’ prior notice of the fee increase. You agree to terminate your use of the Online Payment Services if you do not agree to this Fee.

1.5. Processing Requirements

You agree to submit only any transactions for processing which represent a bona fide, permissible transaction free of liens, claims, and encumbrances other than ordinary sales taxes; as outlined in this Agreement and in the Card Company Rules, or which accurately describes the product or services being sold or the charitable donations being made. You authorize Lock Trust to submit transactions to and receive settlement from American Express and to disclose transaction and merchant information to American Express to perform analytics and create reports, and for any other lawful business purposes, including commercial marketing communications purposes and important transactional or relationship communications. You also agree to ensure data quality and that any Data is processed promptly, accurately and completely, and complies with the Card Companies’ technical specifications. You agree not to process transactions or receive payments on behalf of any other party or redirect payments to any other party. You agree not to bill or collect from any cardholder for any purchase or payment on the card unless you have the right to do so under the Card Company Rules.

1.6. Data Security; Data Protection; Data Portability.

1. Merchant PCI Compliance. You agree that at all times you shall be compliant with the Payment Card Industry Data Security Standards (PCI DSS), the Payment Application Data Security Standards (PA DSS), and any Card Company data security requirements, as applicable. You agree to promptly provide us with documentation evidencing your compliance with PCI DSS, PA DSS, or other Card Company data security requirements, if requested by us. You also agree that you will use only PCI compliant service providers in connection with the storage, or transmission of Card Data. You must not store CVV2 Data at any time.

Your customers’ Card Data is handled by Lock Trust if your Service is LTPG and you choose to activate the “transparent redirect” feature and integrate the feature properly per Lock Trust’s instructions. In order to verify your PCI DSS compliance in connection with these Services, you must complete PCI DSS compliance certification pursuant to the requirements that we notify to you via email.

If you are accessing the Online Payment Services through a platform service partner, you acknowledge that your platform service partner may offer solutions that help you comply with certain of these Merchant PCI compliance standards. While the platform service partner may help you comply or perform certain obligations on your behalf, you remain liable for compliance with these Merchant PCI Compliance standards.

1. Lock Trust PCI Compliance. Lock Trust agrees that it shall comply with the applicable PCI DSS requirements, as such may be amended from time to time, with respect to all cardholder data received by it in connection with this Agreement. Lock Trust acknowledges that it is responsible for the security of cardholder data it possesses or otherwise stores, processes or transmits on behalf of the Merchant, or to the extent that they could impact the security of the Merchant’s cardholder data environment.
2. Card Data Usage. Unless you get the express written consent of Lock Trust and each Acquiring Bank and/or the Card Companies, as applicable, you agree that you will not use nor disclose the Card Data for any purpose other than to support payment for your goods and services. Card Data must be completely removed from your systems, and any other place where you store Card Data, within 24 hours after you receive an authorization decision unless you have received the express consent of your customer to retain the Card Data for the sole purpose of processing recurring payments. To the extent that Card Data resides on your systems and other storage locations, it should do so only for the express purpose of processing your transactions. All Data and other information provided to you by Lock Trust in relationship to the Services and all Card Data will remain the property of Lock Trust, its Acquiring Bank or the Card Companies, as appropriate.

If you are using Credit and Debit Card Payments and VT for payments received through a partner platform service provider, you may not be receiving Card Data, but may receive other confidential information about another Lock Trust customer in order to fulfill the transaction and you will continue to be bound by the terms of our Lock Trust User Agreement.

1. Audit. If Lock Trust believes that a security breach or compromise of Data has occurred, Lock Trust may require you to have a third-party auditor that is approved by Lock Trust conduct a security audit of your systems and facilities and issue a report to be provided to Lock Trust, the Acquiring Banks, and/or the Card Companies. In the event that you fail to initiate an audit within ten (10) business days of Lock Trust’s request, Lock Trust may conduct or obtain such an audit at your expense. In addition, the Card Companies may conduct an audit at any time, for the purpose of determining compliance with the Card Company Rules.
2. Data Portability. Upon any termination or expiration of this Agreement, Lock Trust agrees, upon your written request, to provide your new Acquiring Bank or payment service provider (“Data Recipient”) with any available credit card information including personal data relating to your customers (“Card Information”). In order to do so, you must provide Lock Trust with all requested information including proof that the Data Recipient is in compliance with the Association PCI-DSS Requirements and is level 1 PCI compliant. Lock Trust agrees to transfer the Card Information to the Data Recipient so long as the following applies: (a) you provide Lock Trust with proof that the Data Recipient is in compliance with the Association PCI-DSS Requirements (Level 1 PCI compliant) by providing Lock Trust a certificate or report on compliance with the Association PCI-DSS Requirements from a qualified provider and any other information reasonably requested by Lock Trust; (b) the transfer of such Card Information is compliant with the latest version of the Association PCI-DSS Requirements; and (c) the transfer of such Card Information is allowed under the applicable Association Rules, and any applicable laws, rules or regulations (including data protection laws).

1.7. Additional Terms for American Express Card Acceptance.

1. American Express may use the information obtained in your application at the time of setup to screen and/or monitor you in connection with American Express Card marketing and administrative purposes.
2. You may be converted from this Agreement to a direct card acceptance agreement with American Express if you reach certain monthly sales volumes. Upon conversion, (i) you will be bound by American Express’ then-current Card Acceptance Agreement; and (ii) American Express will set your pricing and other fees for American Express Card acceptance.
3. By accepting this Agreement, you agree to receive commercial marketing communications from American Express. You may opt out by contacting Lock Trust at (800) 573-2658.
4. American Express shall be a third-party beneficiary of this Agreement for purposes of American Express Card acceptance. As a third-party beneficiary, American Express shall have the right to enforce directly against you the terms of this Agreement as related to American Express Card acceptance. You acknowledge and agree that American Express shall have no responsibility or liability with regard to Lock Trust’s obligations to you under this Agreement.
5. The American Express Merchant Operating Guide, which is incorporated herein by this reference, sets forth policies and procedures governing your acceptance of the American Express Card and can be accessed here: www.americanexpress.com/Merchantopguide.
6. You may terminate your acceptance of American Express at any time upon notice.

1.8. Third-Party Terms for Credit and Debit Card Payment Add-On Features

If you choose to integrate eligible third-party wallets as  Credit and Debit Card Payment add-on features, you also agree to the following applicable third-party terms:

• Apple Pay Platform Web Merchant Terms and Conditions
• Google Pay API Terms of Service
• Google APIs Terms of Service

You acknowledge and agree that the third-party features and terms are provided, updated, and noticed solely by the relevant third party (not Lock Trust), and that Lock Trust will under no circumstances be responsible or liable for any damages, losses, or costs whatsoever suffered or incurred by you resulting from any use of such third-party features or acceptance of such third-party terms.

1.9. Dynamic Currency Conversion.

You may not perform dynamic currency conversion. This means that you may not list an item in one currency and then accept payment in a different currency. If you are accepting payments in more than one currency, you must separately list the price of each product or service in each currency.

1.10. Brand Parity.

By using the Online Payment Services, Lock Trust permits you to directly accept Cards. With regard to your Card acceptance, you agree to the following:

1. Where you accept Cards on your website, you will display each Card’s logo with equal size and prominence, and you shall not display a preference for, nor discriminate against, one Card over another, including your refund policies for purchases.
2. You agree to comply with the logo usage standards.
3. You authorize Lock Trust to provide information regarding your business and individual Card transactions to third-parties for the purpose of facilitating the acceptance and settlement of your Card transactions and in connection with items, including chargebacks, refunds, disputes, adjustments, and other inquiries.

1.11. Card Not Present.

You acknowledge that Lock Trust routes and processes transactions, as appropriate, through the Online Payment Services via the relevant Card Company network(s) as remote (card not present) payments. If you accept a Card that is physically presented to you at the point of sale you acknowledge that the scope of your protection from chargebacks will be limited to the protection that is available for remote payments.

1.12. Required Use of Lock Trust Checkout, Lock Trust Credit.

1. If you use Credit and Debit Card Payments, LTPG, or LT eWallet you must use Lock Trust Checkout in the following manner:
   1. You must include a Lock Trust Checkout button either: (1) before you request the shipping/billing address and other financial information from your customers or (2) on the same page that you collect such information if you only use one page for your checkout process.
   2. You must provide your customers with the option of not storing their personal information, including their email address, shipping/billing address, and financial information.
2. If you use Credit and Debit Card Payments, you must offer Lock Trust Credit as a payment option on your hosted checkout page as automatically enabled by Lock Trust. Any offers associated with Lock Trust Credit that you present outside of the hosted checkout page must be displayed in the manner prescribed and instructed by Lock Trust and approved by Lock Trust prior to posting.

1.13. Fraud Protection.

1. General. Subject to the terms set forth in this Agreement, Lock Trust’s Fraud Protection services may be made available to Merchants who use Credit and Debit Card Payments and LTPG as a fraudulent transaction management tool to help you screen potentially fraudulent transactions based on the settings you may adopt. In the case of LTPG, alternative Fraud Protection services may be made available instead of, or in addition to, the Fraud Protection services described in this Agreement.

The Fraud Protection services may help Merchant screen potentially fraudulent transactions based on the setting the Merchant selects to adopt. For example, with the Fraud Protection services, you may set filter rules, i.e., to instruct Lock Trust which transactions Lock Trust will decline on your behalf based on abstract criteria.

Lock Trust may provide suggestions or recommendations regarding which filters and settings to use that may be appropriate for your business. These suggestions may take into account your profile and past transaction history.

If you are provided access to the Fraud Protection services, then it is your responsibility to set the filter rules. Please note: If you set these filter rules too restrictively, you might lose sales volume. We advise you to monitor your filter rules and settings on an ongoing basis. If you use LTPG, you may have the option to use our Fraud Protection services. If you use our Fraud Protection services, you are responsible for setting preferences for the Lock Trust Fraud Protection services. It is your responsibility to determine which transactions the Fraud Protection services will accept or reject based on the authentication information provided by Lock Trust.

You acknowledge and agree that you have all rights and authorities to share personal data with Lock Trust.

1. No Warranty; Limitation of Liability. We do not represent or warrant that the Fraud Protection services are error-free or that they will identify all potentially fraudulent transaction activity. Lock Trust shall not be liable for your losses (such as loss of profits) or damages. The sections of the Lock Trust User Agreement on “Indemnification and Limitation of Liability” and “Disclaimer of Warranty and Release” apply to your use of the Fraud Protection services.
2. Data Protection. Merchant may only use the Fraud Protection services, including any Data provided by you or to you, for the purpose of managing its fraudulent transaction risk and for no other purpose. You acknowledge that the Fraud Protection services do not provide Consumer Reports under the Fair Credit Reporting Act, and you will not use it, or let any other person use it, for the determination of eligibility for personal, family or household credit, loan, employment, or other purpose that would make the results from Fraud Protection be deemed Consumer Reports under the Fair Credit Reporting Act. You may not share use of the Fraud Protection services with any other person, nor may you disclose to any person the categories provided in the Fraud Protection services or the results generated from your use of Fraud Protection services.
3. Terms Supplemental. These terms supplement the Lock Trust User Agreement that governs your use of Lock Trust’s services in general. Lock Trust reserves the right to suspend, change or cancel Lock Trust’s Fraud Protection services at any time as it may determine in its sole discretion. Lock Trust reserves the right to add additional terms and conditions for continued use of the Fraud Protection services.
4. Payment. If you have successfully enabled Lock Trust Fraud Protection, Lock Trust will invoice you on a monthly basis for all fees in connection with Lock Trust Fraud Protection (“Invoice”).

Lock Trust may allow you to choose the currency in which the Invoice will be billed (“Fee Invoice Currency”). If you have accepted transactions in currencies other than the Invoice Currency, then Lock Trust will convert those currencies into the Currency at the time of Fee Invoice generation. Lock Trust may allow you to pay the Invoice in the denominated currency of the linked bank account you nominate for debiting amounts owed to Lock Trust (“Linked Bank Account Currency”). If the Invoice Currency is different to the Linked Bank Account Currency, Lock Trust will convert the amount of the Invoice into the Linked Bank Account Currency at the time of debiting. If Lock Trust converts currency under this clause, it will be completed at an exchange rate that we set and is based on rates within the wholesale currency markets on the conversion day or the prior business day; or, if required by law or regulation, set at the relevant government reference rate(s).

You authorize Lock Trust to debit your linked bank account and setoff from such bank accounts amounts to Lock Trust subject to this Agreement. If necessary, you also authorize Lock Trust to credit your account to correct erroneous debits and for fees, charges, or other amounts arising from your use of Lock Trust Fraud Protection. You agree to provide Lock Trust with all necessary bank account information and grant Lock Trust permission to debit, setoff, or credit amounts due from your bank account on a date notified by Lock Trust or if this payment fails on a further date(s) as notified by Lock Trust. You certify that the bank account information you provide to Lock Trust belongs to you.

1.14. Chargeback Protection Services.

1. General. To be eligible for Chargeback Protection Services, you must have a Lock Trust business account in good standing, you must be approved by Lock Trust for such Chargeback Protection Services, and you must:
   1. successfully integrate Lock Trust’s Credit and Debit Card Payments;
   2. successfully integrate the Risk Data Acquisition Service; and
   3. provide additional data as required by Lock Trust.

Lock Trust reserves the right to change integration requirements upon notice.

Your application for Chargeback Protection Services will be assessed by Lock Trust, and we may accept or reject applications at our sole discretion. You are not permitted to enable Chargeback Protection Services or Fraud Protection or Lock Trust Fraud Protection at the same time. Upon enrolling in Chargeback Protection Services, your use and access to Fraud Protection or Lock Trust Fraud Protection will be terminated. Lock Trust reserves the right, in its sole discretion, to cancel or suspend your use of Chargeback Protection Services for any reason it deems appropriate at any time upon reasonable notice to you or immediately if reasonable notice is impracticable in order to maintain the security of Lock Trust’s systems and/or your account is no longer in good standing.

If you are approved and enroll in Chargeback Protection Services, we will waive our right to recover the amount of any unauthorized chargeback and item not received chargeback losses made on “Eligible Transactions” (as defined below) pursuant to the Lock Trust User Agreement (see the ‘Refunds Reversals and Chargebacks’ section), and we will not charge a chargeback fee pursuant to the Lock Trust User Agreement. This means, in the event of an Eligible Chargeback, you will keep the transaction amount, and you will not pay any chargeback fee for such transaction. However, you must respond to our requests for documentation and other information within the required timeframe when you enroll in Chargeback Protection Services, as described below (“Chargeback Protection Services Options” and “Establishing proof of delivery or proof of shipment”).

Chargeback Protection Services are provided with two options – “Effortless Chargeback Protection” and “Chargeback Protection” (both as defined below).

1. Chargeback Protection Services Options. Chargeback Protection Services are available as two different options:
   1. “Effortless Chargeback Protection”: for chargebacks involving transactions not authorized by the cardholder, as determined by Lock Trust, you are not required to provide proof of shipment or proof of delivery for physical goods or services in order to retain the transaction amount and avoid paying any chargeback fee for such transaction. However, if the chargeback involves transactions where the item was not received by the buyer, you are required to provide proof of shipment or proof of delivery for physical goods or services in order to retain the transaction amount and avoid paying any chargeback fee for such transaction. Proof of delivery or proof of shipment shall be provided to Lock Trust within two days of receipt of the chargeback claim (or such time period as otherwise specified by Lock Trust).
   2. “Chargeback Protection”: you are required to provide proof of shipment or proof of delivery for physical goods or services for Eligible Chargebacks in order to retain the transaction amount and avoid paying any chargeback fee for such transaction. Proof of delivery or proof of shipment shall be provided to Lock Trust within two days of receipt of the chargeback claim (or such time period as otherwise specified by Lock Trust).
2. Eligible Chargebacks. Chargeback Protection Services only apply to chargeback claims involving: (i) transactions not authorized by the cardholder, as determined by Lock Trust; and (ii) transactions where the item was not received (“Item Not Received”) by the buyer (collectively “Eligible Chargebacks”).
3. Eligible Transactions. Chargeback Protection Services only apply to Eligible Chargebacks on Card transactions processed by Lock Trust that meet the criteria set forth below (“Eligible Transactions”):
   1. Card transactions processed via the Credit and Debit Card Payments checkout integration; and
   2. Card transactions for goods and services that are not (1) excluded under the terms of the Lock Trust User Agreement, including but not limited to the Acceptable Use Policy, or (2) “Ineligible Transactions” (as defined below).
4. Ineligible Transactions. Chargeback Protection Services do not apply to chargebacks involving transactions where the item received by the buyer is not what they ordered (“Significantly Not as Described”).

Chargeback Protection Services also do not apply to items or transactions that are ineligible for Lock Trust’s Seller Protection program (“Ineligible Transactions”). The list of the ineligible items or transactions for Lock Trust’s Seller Protection program are adopted and incorporated by reference, and can be found in the Lock Trust User Agreement.

1. Establishing proof of delivery or proof of shipment. The proof of delivery and proof of shipment requirements of Lock Trust’s Seller Protection program apply to the Chargeback Protection Services and are adopted and incorporated by reference. The proof of delivery and proof of shipment requirements can be found in the Lock Trust User Agreement.
2. Chargeback Protection Services Fees. The fees for the Chargeback Protection Services will vary depending on the Chargeback Protection Services option you select.

You may change your selected Chargeback Protection Services option at any time from the product page. The change will take effect immediately but will only apply to Eligible Chargebacks received for transactions that occur on or after the date you change the Chargeback Protection Services option. For the purpose of illustration:

For example, if you change your selection from the “Effortless Chargeback Protection” option to the “Chargeback Protection” option on September 1, but an unauthorized chargeback or Item Not Received chargeback is filed in relation to a transaction that occurred on August 1, you must still pay the higher “Effortless Chargeback Protection” fee on such transaction, but you will not be required to provide proof of shipment or proof of delivery for unauthorized chargeback only transaction. For any unauthorized chargebacks or item not received chargebacks filed on transactions that occur or after September 1, you will pay the lower “Chargeback Protection” fee, but you will be required to provide proof of shipment or proof of delivery in accordance with the “Chargeback Protection” requirements.

1. Chargeback Recovery by Lock Trust. If you have provided us with incorrect information (for example, with respect to your business type) during the application process for Chargeback Protection Services or during sign up for a Lock Trust account, we are entitled to recover all our chargeback losses from you (including for past transactions prior to us discovering that the information provided was incorrect). We are also entitled to recover all our chargeback losses from you if you violate the Lock Trust User Agreement (for example, if you engage in a Restricted Activity), the Acceptable Use Policy or this Agreement.

1.15. Account Updater Service for Certain Services.

If you useLTPG, LT eWallet, VT (as a standalone Service), or Credit and Debit Card Payments, you may be able to enroll in our Account Updater Service.

1. Description. Subject to the terms of this section, the Account Updater Service allows Lock Trust to send the applicable Card Data of eligible Cards to one or more third party sources (including, but not limited to, the Card Companies), and use information available to Lock Trust, to check and update the applicable Card Data. Following these checks, the applicable updated Card Data relating to Merchant’s customers, if any, is processed and stored by Lock Trust at Merchant’s direction and on the Merchant’s behalf for (i) recurring transactions using the Recurring Billing or Recurring Payments or (ii) other eligible transactions using the Services. Lock Trust will either provide Merchants with email notification that the Account Updater Service has been activated on such Merchants’ account(s) or allow Merchants to enable the Account Updater Service on their account(s) through their Lock Trust account settings. Merchants may elect to discontinue use of the Account Updater Service at any time by providing written notice to Lock Trust of such election or by such other means as may be determined by Lock Trust regarding the requirements for such Merchants to discontinue use of the Account Updater Service.
2. Permitted Use. Merchant acknowledges and agrees that the Account Updater Service is provided solely for the purpose of updating applicable Card Data to enable Merchant’s acceptance of transactions using the applicable Services. Merchant shall not use the Account Updater Service for any other purpose, including, without limitation, the use of any portion of the Account Updater Service data in connection with the development of any other service or product.
3. Merchant Obligations. Merchant shall fully comply with applicable law and the Card Company Rules in connection with its use of the Account Updater Service. Further, Merchant shall provide its customers, whose Card(s) is/are eligible for the Account Updater Service, with all disclosures required under applicable law to enable Merchant to use the Account Updater Service to update the customer’s Card(s). The foregoing shall include, but shall not be limited to, incorporating promptly into Merchant’s standard terms and conditions, privacy policy, and/or other customer facing documentation, any language required by applicable law or the Card Company Rules. Merchant shall also provide adequate disclosures to make clear to customers that if they do not want their applicable Card Data updated, they may request Merchant to remove their Card that is being stored by Lock Trust and/or terminate their recurring transaction agreement with Merchant.
4. Accuracy of Information. Merchant acknowledges that the Account Updater Service may only be accurate to the extent a card issuing bank and a customer participate, and that many card issuing banks and customers may not participate. Merchant acknowledges and agrees that the Account Updater Service may rely upon information, Card Data, and services provided to Lock Trust by third parties.
5. Cessation and Availability of Account Updater Service. Lock Trust may immediately cease offering or providing the Account Updater Service to Merchants at any time upon email notice to Merchants. Lock Trust does not ensure that the Account Updater Service will be available for all Card Data.

Part II – Product-specific terms for ACH Services (Direct Debit)

2.1. ACH Services

Lock Trust offers services that allow merchants to originate Automated Clearing House (“ACH”) credit and debit entries to a bank account (the “ACH Services”) and Merchant desires to use such services. Such entries are sent by Lock Trust, acting as a Third-Party Sender, to the Originating Depository Financial Institution (the “ODFI”), which it forwards through the ACH system to the Receiving Depository Financial Institution (the “RDFI”), who debits or credits the bank account of Merchant’s customer (the “Receiver”). Merchant agrees that its use of the ACH Services is subject to the terms herein and the applicable provisions of the Agreement. Merchant accepts and agrees to comply with all such terms. Capitalized words and phrases used and not otherwise defined in this Agreement have the same meaning as given to them in the operating rules and guidelines of the National Automated Clearing House Association (administrator of the ACH network – “Nacha”), as amended from time to time (the “Nacha Rules”, is available on Nacha’s web site). Merchant shall not originate entries on behalf of any third-party. In case Merchant intends to act as a Nested Third-Party Sender, it must enter into a separate agreement with Lock Trust before it originates any entries.

2.2. Fees

Merchant will pay Lock Trust the fees and charges as agreed in writing, as well as other amounts owed, pursuant to this Agreement. Such other amounts shall include, without limitation, any amounts charged to Lock Trust and/or Merchant by Nacha in connection with Merchant’s use of the ACH Services. Any amounts owed to Lock Trust under these terms may be deducted from any payout to Merchant or debited from Merchant’s bank account.

2.3. Compliance

Merchant agrees to (i) undertake the responsibilities of an Originator under the Nacha Rules and to comply with and be bound by such rules and other applicable laws and regulations related to use of the ACH network (as may be amended); and (iii) not originate entries that violate these ACH Service Terms, laws of the United States and/or the Nacha Rules.

2.4. Authorization to Originate Entries

Merchant authorizes Lock Trust and the ODFI to originate entries on Merchant’s behalf to Receivers’ accounts in accordance with the Nacha Rules.

2.5. Transaction Limits

Merchant shall operate and use the ACH Services in accordance with the transaction limits set by Lock Trust and/or the ODFI in accordance with the Nacha Rules. Lock Trust can modify the applicable transaction limits upon reasonable notice.

2.6. Authorizations

Merchant is solely responsible for obtaining any authorization required by the Nacha Rules, including authorization from each person shown as the Receiver on an entry for the crediting or debiting of the Receiver’s account (e.g. to debit its customers’ bank accounts for ACH payments), and agrees that it shall obtain such authorization in each instance (“ACH Authorization”). Lock Trust shall not be liable for any debit or other failure (or any related costs) arising from Merchant’s acts and omissions for failure to obtain any ACH Authorization. Merchant shall maintain data sufficient to reconstruct the transaction authorization and maintain such authorization in accordance with all applicable laws, rules and regulations. Merchant agrees Lock Trust is permitted to document and store ACH Authorization, including timestamp, Merchant logo and applicable ACH credentials. Merchant shall provide Lock Trust with evidence of ACH Authorization upon request.

2.7. Additional Obligations

For debit Web Entries, Merchant must:

1. establish and implement a commercially reasonable (i) fraudulent transaction detection system to screen entries (which must, at a minimum, validate the account to be debited for the first use of such account number, and for any subsequent changes to the account number), and (ii) method of authentication to verify the identity of the Receiver of a debit entry and that the routing number is valid; and
2. conduct, or have conducted on its behalf, annual audits to ensure that the Data it obtains from Receivers is protected by security practices and procedures that include, at a minimum, adequate levels of: (i) physical security to protect against theft, tampering, or damage; (ii) personnel and access controls to protect against unauthorized access and use; and (iii) network security to ensure secure capture, storage, and distribution (“Merchant’s Annual Audit”).

2.8. Validation by Lock Trust

Lock Trust may offer you the ability to validate your customers’ bank account information (including account number, routing number, and/or account holder name) in connection with the ACH Services (“Lock Trust’s Validation”). In that case, Lock Trust may share certain data from your customers with its third-party service providers (“Data Sources”) and such Data Sources may collect certain Data related to your customers from third-party information sources where such customers hold accounts and share it with Lock Trust.

2.8.1. To the extent that Merchant obtains access to Data in connection with Lock Trust’s Validation, Merchant shall comply with the obligations set forth in the ACH Services Addendum (in addition to the ones in Section 3.4 of this Agreement).

2.9. ACH Entries

1. UCC 4A Notice. In relation to credit entries subject to Article 4A of the Uniform Commercial Code, Merchant acknowledges that: (i) the entry may be transmitted through the ACH; (ii) the rights and obligations of the Merchant concerning the entry are governed by and construed in accordance with the laws of the State of California; (iii) any credit given by the RDFI to the Receiver for the entry is provisional until the RDFI has received final settlement (through a Federal Reserve Bank or otherwise has received payment as provided for in Section 4A-403(a) of Article 4A); and (iv) if the RDFI does not receive such payment for the provisional entry, the RDFI is entitled to a refund from the Receiver in the amount of the credit to the Receiver’s account, and the Merchant (acting as Originator) will not be considered to have paid the amount of the credit entry to the Receiver. Merchant agrees that it shall be responsible for all refunds, and Lock Trust shall have the right to be reimbursed by Merchant for any and all such refunds or other amounts that are charged to Lock Trust in connection with the ACH Services. Lock Trust can deduct such amounts from any payout to Merchant.
2. Payment to ODFI. Merchant agrees to pay the ODFI for any ACH credit entries or returned ACH debit entries if Lock Trust fails to pay the ODFI for such entries.
3. Cancellation or Amendment. Merchant shall not have the right to cancel or amend an ACH transaction entry after its receipt by Lock Trust, except as permitted or required by the Nacha Rules.
4. Inconsistency of Name and Number. If an entry describes a financial institution or the Receiver of an entry inconsistently by name and account or other identifying number, the account or other identifying number can be relied upon and the name disregarded.
5. Satisfaction of Customer Debt. In the event that a transaction is reversed, Merchant acknowledges that, as between Merchant and its customer, the customer’s debt to Merchant is satisfied when Lock Trust receives funds from the ODFI in payment of that debt, subject only to a reversal of such payment.

2.10. Audit

Merchant shall comply with any request made by Lock Trust, the ODFI, their personnel, auditors and/or representatives for the following: (i) access to Merchant’s facilities, data and records relating to the initiation of entries for the purpose of performing audits or on-site visits to verify Merchant’s compliance with these ACH Service terms and the Nacha Rules; and/or (ii) copies of Merchant’s Annual Audit reports/results. Merchant shall provide, and shall cause its subcontractors to provide, the access and assistance that may be required by Lock Trust, the ODFI, their personnel, auditors and/or representatives, including, but not limited to, copies of any data, records, authorizations, audit reports/results, if requested, as well as any other information reasonably requested relating to entries originated by the Merchant.

2.11. Representations & Warranties

Merchant represents and warrants to Lock Trust, as an Originator of entries under the Nacha Rules, that: (a) no entry delivered to Lock Trust or the ODFI, if accepted by the ODFI, will cause Lock Trust or the ODFI to be in violation of any regulation or sanction administered by the federal or state government or otherwise causes Lock Trust or the ODFI to be in violation of federal or state law or the Nacha Rules; and (b) it makes the same warranties to Lock Trust that Lock Trust, as Third-Party Sender, makes under the Nacha Rules to any ODFI when Lock Trust transmits an entry.

2.12. Indemnification

Merchant shall indemnify, defend and hold Lock Trust, the ODFI, any third-party and their employees, officers, directors and agents, harmless from and against any and all claims, demands, losses, liabilities or expenses (including attorneys’ fees and costs) resulting directly or indirectly from or arising out of (a) Merchant’s breach of the Nacha Rules or of these ACH Service Terms; (b) Merchant’s acts and/or omissions; and (c) compliance by Lock Trust, the ODFI and the RDFI with any request for a cancellation, stop payment, reversal, or recall of any entry originated by Merchant. Lock Trust shall have no responsibility for any delay by any ODFI, ACH Operator or RDFI in processing any entry Lock Trust transmits to the ODFI or failure to process or credit or debit any such entry.

2.13. Termination of the ACH Services

In addition to the term and termination rights in set forth in this Agreement, Lock Trust or the ODFI may terminate or suspend Merchant’s use of the ACH Services for violation of any Nacha Rules, including, without limitation, acceptable limits for ACH returns. Notwithstanding anything to the contrary in these terms or the Agreement, Lock Trust is not required to include ACH data in any forwarding or portability services offered under the Agreement.

Part III – General Terms applicable to all Online Payment Services

3.1. Credit Report Authorization

You understand and agree that you are providing Lock Trust with your “written instructions” in accordance with the Fair Credit Reporting Act, and you are authorizing and acknowledge that Lock Trust may obtain your personal credit report from a credit bureau for the purpose of your use of the Online Payment Services. You further understand and agree that you are authorizing Lock Trust to obtain your credit report on an ongoing basis for account review purposes.

3.2. Fees and Payment Terms

1. Lock Trust Services Fees. Fees for the Online Payment Services may be charged on a monthly basis or per transaction. The fees you pay for the applicable Online Payment Services can be found on the Fees page. All fees are in United States (“U.S.”) Dollars unless otherwise stated.
2. General Payment Terms:
   1. Monthly Fees. Any applicable monthly fees for the Online Payment Services will be charged in advance, unless otherwise set forth herein or on the Fees page.
   2. Transaction Fees. For fees charged per transaction, the fee amount will be deducted from the transaction amount at the time of the transaction. You are liable for all claims, expenses, fines, and liability Lock Trust incurs arising out of your use of the Online Payment Services.
   3. Non-Refundable. All fees are non-refundable.

3.3. Promotional Period

If you have signed up for any of the Online Payment Services pursuant to a promotional period, you agree to pay any applicable monthly fee upon the expiration of a promotional period offered by Lock Trust.

3.4. Data Security and Data Protection

You are fully responsible for the security of data on your website or otherwise in your possession or control. You agree to comply with all applicable laws and rules in connection with your collection, security and dissemination of any Data on your website.

1. Breach or Incident. You must report any Data breach or incident to Lock Trust and the Card Companies immediately after discovery of the incident.
2. Usage of Data. Unless you receive the express consent of your customer, you may not retain, track, monitor, store or otherwise use Data beyond the scope of the specific transaction.
3. Password Security. You agree to restrict use and access to your password and log-on ID to your employees and agents as may be reasonably necessary and you will ensure that each such employee or agent complies with the terms of this Agreement. You will not give, transfer, assign, sell, resell or otherwise dispose of the information and materials provided to you to utilize the Online Payment Services. You are solely responsible for maintaining adequate security and control of any and all IDs, passwords, or any other codes that are issued to you by Lock Trust, each Acquiring Bank, or the Card Companies.
4. Compliance with Data Protection Addendum. You, as a Merchant, and Lock Trust agree to comply with the Lock Trust Compliance which forms part of this Agreement. The terms of the Data Protection Addendum prevail over any conflicting terms in this Agreement relating to data protection and privacy.

3.5. Recurring Billing/Recurring Payments and Vaulting Consent for Certain Services.

This section applies if you use Payments LTPG, LT eWallet, VT (as a standalone Service) and ACH Services. If you are using the Recurring Billing, Recurring Payments, or vaulting functionality, including the Vaulting Tool or available third-party vault functionality, you agree that it is your responsibility to comply with Card Company Rules, Nacha Rules and applicable law (including the Electronic Funds Transfer Act (Reg E)), including by capturing your customers’ consent to store their Card and/or bank on file for future or recurring transactions and making available a mechanism for your customer to delete their Card and/or bank on file.

You acknowledge and agree that third-party vault functionality is provided and updated solely by the third-party vault provider (not Lock Trust). Lock Trust will under no circumstances be responsible or liable for any damages, losses, or costs whatsoever suffered or incurred by you resulting from any use of such third-party vault functionality.

3.7. No Warranty.

THE ONLINE PAYMENT SERVICES AND ALL ACCOMPANYING DOCUMENTATION ARE PROVIDED TO YOU ON AN “AS IS” BASIS WITHOUT ANY WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. LOCK TRUST MAKES NO WARRANTY THAT THE ONLINE PAYMENT SERVICES WILL BE CONTINUOUS OR ERROR-FREE. Lock Trust does not guarantee, represent or warrant that the Online Payment Services and related features that enable you to detect or minimize fraudulent transactions will discover or prevent all non-valid or fraudulent transactions. Lock Trust is not responsible for any non-valid or fraudulent transactions that are processed.

3.8. Reserves and other Protective Actions.

If, in our sole discretion, we believe there may be a high level of risk associated with you, your Lock Trust account, your business model, or your transactions we may take certain actions in connection with your Account and/or your use of the Online Payment Services.

1. Reserves. Lock Trust, in its sole discretion, may place a Reserve on funds held in your Lock Trust account when Lock Trust believes there may be a high level of risk associated with your Account. If Lock Trust places a Reserve on funds in your Lock Trust account, they will be shown as “pending” in your Lock Trust Balance. If your Lock Trust account is subject to a Reserve, Lock Trust will provide you with notice specifying the terms of the reserve. The terms may require that a certain percentage of the amounts received into your Lock Trust account are held for a certain period of time, or that a certain amount of money is held in reserve. Lock Trust may change the terms of the Reserve at any time by providing you with notice of the new terms.
2. Additional Actions. We may take other actions we determine are necessary to protect against the risk associated with your Lock Trust account including requesting additional collateral from you such as a letter of credit or a personal guarantee. Lock Trust may contact your customers, on your behalf, in the event that Lock Trust is investigating potential fraud.
3. Information. In order to determine the risk associated with your Lock Trust account, Lock Trust may request at any time, and you agree to provide, any information about your business, operations or financial condition. We reserve the right to reassess your eligibility for any Online Payment Service if your business is materially different from the information you provided in your application.

3.9. Termination.

1. By Merchant. You may terminate your use of the Online Payment Services at any time. Merchant may terminate its acceptance of American Express at any time upon notice.
2. By Lock Trust. Lock Trust may terminate your use of the Online Payment Services if:
3. You fail to comply with the terms of, or are unable to pay or perform your obligations under, this Agreement or any of the Lock Trust Agreements that apply to the Online Payment Services;
4. We decide, in our discretion, that you become ineligible for the Online Payment Services because there is a high level of risk associated with your Lock Trust account or for any other reason, or upon request by any Acquiring Bank or any of the Card Companies or any ODFI.

iii. You violate any Card Company Rule or the Nacha Rule as they may be amended from time to time.

1. Effect of Termination. If your use of any Online Payment Service is terminated, you agree to complete all pending Card transactions, immediately remove all logos for Cards (as applicable), and stop accepting new transactions through such Online Payment Service. You will not be refunded the remainder of any applicable Monthly Fees that you have paid for such Online Payment Service.

3.10. Lock Trust is Your Agent for Receiving Payment.

You represent and warrant to Lock Trust that each transaction that you process through the Credit and Debit Card Payments, Lock Trust LTPG, VT Services or ACH Services is solely in payment for your provision of bona fide goods and/or services), other than money transmission services, to your customers (each, a “Payor”). You hereby designate Lock Trust, and Lock Trust hereby agrees to serve, as your limited agent for the sole purpose of receiving and processing such payments on your behalf. You agree that upon Lock Trust receiving payment from your Payor: (a) you shall be deemed to have received payment from your Payor, (b) your Payor’s obligation to you in connection with your payment shall be satisfied in full, (c) any claim you have for such payment against your Payor shall be extinguished and (d) you are obligated to deliver the applicable goods and/or services to your Payor, in each case regardless of whether or when Lock Trust remits such payment to you.

Further, you represent and warrant to Lock Trust that for each transaction that you process using the Services, promptly upon payment by your Payor, you will provide a dated receipt which shall constitute a record of your acceptance of the Payor’s payment and the satisfaction of the Payor’s obligation to you in the amount stated on the receipt. You agree that the receipts will satisfy all applicable regulatory and Card Company Rule requirements, and that upon Lock Trust’s request, you will provide to Lock Trust copies of any such previously issued receipts. You further agree that you will hold out Lock Trust to your Payors as your agent for purposes of accepting payments on your behalf, including in response to any customer inquiry as to Lock Trust’s role with respect to a transaction or other reference to Lock Trust in connection with a transaction. You agree that the transaction reports provided by Lock Trust to you constitute a receipt evidencing your customer transactions.

This section states the entirety of Lock Trust’s duties as your agent for receipt of payment, and no other duties shall be implied by Lock Trust’s undertaking to act in that capacity. This section does not limit in any way Lock Trust’s rights against you or any funds held by Lock Trust, including any right of setoff or security interest in such funds. In accordance with this Agreement, Lock Trust will remit to you, or apply as an offset to any obligation you may have to Lock Trust, any such payments it receives on your behalf.

3.11. Law and Forum for Disputes

Except as otherwise agreed by the parties or as described in the Lock Trust User Agreement, you agree that any claim or dispute you may have against Lock Trust must be resolved by a court located in either Santa Clara County, California, or Omaha, Nebraska. You agree to submit to the personal jurisdiction of the courts located within Santa Clara County, California, or Omaha, Nebraska for the purpose of litigating all such claims or disputes. This Agreement shall be governed in all respects by the laws of the State of California, without regard to conflict of law provisions.

3.12. Indemnification

You agree to defend, indemnify and hold Lock Trust, its parent, officers, directors and employees harmless from any claim or demand (including attorneys’ fees) made or incurred by any third-party due to or arising (i) out of your breach of this Agreement; (ii) your use of the Online Payment Services, including, without limitation, chargebacks, refunds, returns, and Card Company or Nacha fines and penalties; (iii) your fraudulent transaction or data incidents.

3.13. No Waiver

Our failure to act with respect to a breach by you or others does not waive our right to act with respect to subsequent or similar breaches.

3.14. Compliance with Laws

You agree to comply with all applicable laws, rules, or regulations, including the Card Company Rules and the Nacha Rules.

3.15. Complete Agreement

This Agreement, along with the Lock Trust User Agreement and any applicable policies and agreements on the Lock Trust website, sets forth the entire understanding between you and Lock Trust with respect to your use of the Online Payment Services. If any provision of this Agreement is held to be invalid or unenforceable, such provision shall be struck and the remaining provisions shall be enforced. In addition, your acceptance of Card transactions via a Online Payment Service is also subject to a Commercial Entity Agreement you have with each of the Acquiring Banks.

3.16. Definitions.

“Account Monitoring Service” means the optional Service associated with LT Account that receives notifications of suspicious activity, as described in more fully on the Lock Trust website.

“Account Updater Service” means the Service in which Lock Trust may update applicable customer Card Data of eligible Cards using information and third-party sources available to Lock Trust, as further described in Section 12. In providing this Service, Lock Trust may obtain, on Merchant’s behalf, applicable updated customer Card Data of eligible Cards from participating card issuing banks and other third-party sources for use in the processing of Merchant’s Recurring Billing, Recurring Payments, or other eligible transactions using the Services.

“ACH” has the meaning provided in Section 2.1.

“ACH Authorization” has the meaning provided in Section 2.6.

“ACH Services” has the meaning provided in the fourth paragraph of this Agreement.

“Acquiring Bank” means each of the financial institutions Lock Trust partners with to process your Card payments, including your Direct Payments and VT Payments, and each of your Card funded Lock Trust Checkout payments, and with whom you entered into a Commercial Entity Agreement.

“Agreement” has the meaning provided in the first paragraph of this Agreement.

“American Express” means American Express Travel Related Services Company, Inc. and its affiliates.

“API” means Lock Trust’s proprietary application programming interfaces used to interface with the Lock Trust systems in order to use certain Services.

“Buyer Authentication Service” means the optional Service associated with LTPG that enables you to integrate Visa’s Verified by Visa and MasterCard’s SecureCode into LTPG, as described in more detail on the Lock Trust website.

“Card Company(ies)” means a company or group of financial institutions that promulgate rules to govern Card transactions via bankcard and payment networks including, but not limited to, MasterCard, Visa, Discover, American Express, as well as US debit networks, including Star, Nyce, Pulse, and Accel.

“Card Company Rules” means the rules and regulations governing acceptance of Cards. Rules are available for Visa, MasterCard, American Express, Discover, JCB, Diners, China UnionPay and for Star, Nyce, Pulse, and Accel upon request, each as updated from time to time.

“Card Data” means a cardholder’s account number, expiration date, and CVV2.

“Card(s)” means payment cards branded with the logos of (i) Visa, MasterCard, American Express, Discover; and (ii) US debit networks, including Star, Nyce, Pulse, and Accel.

“Card Payment Services” has the meaning provided in the fourth paragraph of this Agreement.

“Chargeback Protection Services” means the optional service that provides protection for eligible Credit and Debit Card Payments from “unauthorized” and “item not received” chargebacks, as further described herein.

“CVV2 Data” means the three or four digit number printed to the right of the Card number in the signature panel on the back of the Card. On American Express Cards, it is printed on the front of the Card above the Card number.

“Data” means any personal, financial, Card, or transaction information.

“Data Recipient” has the meaning provided in Section 1.6.

“Data Sources” has the meaning provided in Section 2.8.

“Direct Payment” means a payment processed by Lock Trust through the Direct Payment API that is funded directly by a Card and not through a Lock Trust account.

“Fraud Protection” means the optional Services associated with Credit and Debit Card Payments and LTPG that allows you to access additional risk management features that may help protect you from potentially fraudulent transactions, as described in more detail on the Lock Trust website and in Section 10.

“Fraud Protection Services” means the optional Service associated with Payments and LTPG that allows you to access additional risk management features to help protect you from fraud and chargebacks.

“Interchange Pass-through Costs” means Interchange, Card Company fees and bank foreign handling fees passed through to Merchant at cost. Any increase to, or introduction of, interchange or other fees by the Card Companies (including, for the avoidance of doubt, assessment fees, brand fees, scheme fees, and card association fees) will be passed through at cost in addition to all current fees.

“Merchant’s Annual Audit” has the meaning provided in Section 2.7.b.

“Monthly Sales Volume” means the total payment volume processed by you through any Service using any payment method, which is used for determination of fees as set forth on the Fees page.

“Nacha” has the meaning provided in Section 2.1.

“Nacha Rules” has the meaning provided in Section 2.1.

“ODFI” has the meaning provided in Section 2.1.

“Lock Trust’s Validation” has the meaning provided in Section 2.8.

“LTPG” means Lock Trust Payment Gateway, and is the suite of Services consisting of Lock Trust Checkout, Direct Payments, and Virtual Terminal, as described in more detail on the Lock Trust website. Optional additional Services include Fraud Protection services and Recurring Payments, which are all more fully described on our website.

“Payor” has the meaning provided in Section 1.15.

“Lock Trust Agreements” has the meaning provided in the second introductory paragraph of this Agreement.

“Lock Trust Checkout” means the Service where Lock Trust is a payment option on a Merchant’s website at checkout, with payments being processed by Lock Trust through the Lock Trust Checkout APIs and funded directly from a User’s Lock Trust account.

“Lock Trust Credit” means the open-end, consumer credit account issued by Synchrony Bank. It is available to U.S. consumers who are of legal age in their state of residence and is subject to credit approval.

“Lock Trust User Agreement” means the online agreement you entered into with Lock Trust when you opened your Lock Trust account, as it may have been amended from time to time. The Lock Trust User Agreement currently in effect can be accessed via the Legal Agreements link in the footer of nearly every page on the Lock Trust website.

“RDFI” has the meaning provided in Section 2.1.

“Receiver” has the meaning provided in Section 2.1.

“Recurring Billing” means the optional feature associated with LT eWwallet and LTPG that, with the consent of your customer, enables you to set up payments that recur at specified intervals and frequencies as described in more detail on the Lock Trust website.

“Recurring Payments” means the optional feature associated with Credit and Debit Card Payments, LTPG, and VT that, with the consent of your customer, enables you to set up payments that recur at specified intervals and frequencies, as described in more detail on the Lock Trust website.

“Risk Factors” has the meaning provided for in Section 1.4.

“Transaction Fees” means the fees described in Section 3.2.b.ii. of this Agreement and set forth on the Fees page. Note, if you use certain optional Online Payment Services, certain additional fees may apply to your transactions on a per transaction basis, as outlined in Section 3.2.c.; however, these are not included in this definition.

“Vaulting Tool” means API-based technology provided by Lock Trust to enable you to store and retrieve Card or bank details for payments that recur at specified intervals or frequencies with authorization from the Payor, as described in more detail on the Lock Trust website.

“Virtual Terminal” or “VT” means the Service that enables you to receive a Card payment by manually entering Card Data given to you by a customer.

“VT Payment” or “Virtual Terminal Payment” means a payment processed by Lock Trust through the Virtual Terminal flows that is funded directly by a Card and not through a Lock Trust account.

This ACH Services Addendum applies to services offered by Lock Trust, Inc. (“Lock Trust”) that allow merchants to originate Automated Clearing House (“ACH”) credit and debit entries to a bank account (the “ACH Services”). This Addendum forms part of the applicable agreement between you (“you” or “Merchant”) and Lock Trust that governs Lock Trust’s provision of ACH Services to you (the “Agreement”) and is incorporated by reference therein. In the event there is any conflict between the terms of this Addendum and the Agreement, the terms of this Addendum will control. Capitalized terms used but not defined in this Addendum have the meaning set out in the Agreement.

This Addendum is effective as of the later of (i) the effective date specified in the Agreement or (ii) the effective date stated in the notice posted or provided to you in connection with this Addendum. We may amend this Addendum from time to time. The revised version will be effective at the time we post it on our website, unless otherwise noted. If our changes reduce your rights or increase your responsibilities, we will post a notice on the “Policy Updates” page of our website within the timeframe required by the Agreement. If you do not agree with any change to this Addendum, you may discontinue your use of the ACH Services.

ADDITIONAL TERMS APPLICABLE TO LOCK TRUST’S VALIDATION

1. Lock Trust may offer to Merchant the ability to validate bank account information of Merchant’s customers (including account number, routing number, and/or account holder name) in connection with the ACH Services (“Lock Trust’s Validation”). In that case, Lock Trust may share certain data related to Merchant’s customer with Lock Trust’s third-party service providers (“Data Sources”) and Data Sources may collect certain Data related to Merchant’s customers from third-party information sources where such customers hold accounts and share it with Lock Trust.
2. To the extent that Merchant obtains access to Data in connection with Lock Trust’s Validation, Merchant shall comply with the obligations set forth below:
   1. Merchant shall follow a written privacy policy describing how it uses, collects, stores, handles and shares Data. Merchant’s customers must be able to access the privacy policy and Merchant shall clearly and conspicuously reference or display such policy (including, at a minimum, via a link on Merchant’s website and within Merchant’s mobile application, if applicable).
   2. When applicable, Merchant shall obtain its customer’s consent for Merchant to use, collect, store, handle and share the customer’s Data in accordance with Merchant’s privacy policy.
   3. If a Merchant customer submits a request for Merchant to delete its Data, Merchant shall promptly: (i) Securely Delete the Data, subject to any legal or regulatory requirements to maintain copies, and (ii) notify Lock Trust.
   4. Upon Lock Trust’s request Merchant shall Securely Delete all Data that may be at risk from a Security Issue.
   5. While Merchant keeps a customer’s Data, and for three (3) years thereafter (or a longer period if required under applicable law or regulation), Merchant must keep records sufficient for Lock Trust to verify its compliance with this Addendum and the Agreement.
   6. For so long as Merchant receives Data from Lock Trust, and for three (3) years thereafter (or a longer period if required under applicable law or regulation), Lock Trust may by itself or through a third-party, audit Merchant’s policies, procedures, books and records, data, and systems, to verify: (i) the security and integrity of Merchant’s systems, policies, and procedures for storing and using Data, and (ii) Merchant’s compliance with this Addendum and the Agreement. Lock Trust may provide to any Data Source from which Data was collected a summary of a Merchant audit.
   7. If Lock Trust becomes aware of a Security Issue or any violation of the obligations under this Addendum, Merchant shall fix or implement a mutually agreed plan to fix the issue within the period determined by Lock Trust and communicate to Merchant in writing. Lock Trust may report any Security Issue, investigations and/or remediation efforts to Data Sources.
   8. Merchant must promptly respond to Lock Trust’s requests for information about its use, storage, handling, and sharing of Data, including by providing all information in Merchant’s possession that Lock Trust may reasonably request in connection with such investigations.
3. Lock Trust may immediately suspend Merchant’s access to Data, in whole or in part if: (i) Merchant fails to comply with the obligations under this Addendum and the Agreement; (ii) Lock Trust becomes aware of a Security Issue, or (iii) Lock Trust reasonably believes that Merchant violated the Nacha Rules or any applicable law, regulation or court order. In such cases, Lock Trust will use commercially reasonable efforts to give prior notice of any suspension but may immediately suspend access without prior notice if appropriate under the circumstances to protect Merchant’s customers or Data Sources from harm. Lock Trust may notify a Data Source of any condition permitting suspension (and related circumstances) if the condition relates to Data obtained from such Data Source (including the nature of such condition, whether access has been suspended, and the status of Merchant’s efforts to cure the condition).
4. NEITHER LOCK TRUST NOR ANY DATA SOURCE MAKE ANY WARRANTIES TO MERCHANT OF ANY KIND (WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE). LOCK TRUST, DATA SOURCES AND RELATED PARTIES WILL HAVE NO LIABILITY WHATSOEVER TO MERCHANT RELATING TO (i) ACCESSING OR USING DATA; (ii) FOR ANY EXPENSES, LOSSES, OR DAMAGES RELATING TO MERCHANT’S ACCESS OR USE OF DATA, FOR ANY LOST PROFITS OR OTHER SPECIAL, CONSEQUENTIAL, INCIDENTAL OR INDIRECT DAMAGES. THE LIMITATIONS IN THIS SECTION WILL APPLY TO THE FULLEST EXTENT PERMITTED UNDER APPLICABLE LAW NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY AND REGARDLESS OF THE FORM OF ACTION UNDER WHICH RECOVERY FOR ANY LOSS, DAMAGE, OR EXPENSE IS SOUGHT (INCLUDING NEGLIGENCE).
5. If any inconsistency exists between this Addendum and any applicable law or regulation (including rules implementing Section 1033 of the Consumer Financial Protection Act of 2010), then the terms of the applicable law and/or regulation shall control.

DEFINITIONS

“ACH” has the meaning provided in the first paragraph of this Addendum.
“ACH Services” has the meaning provided in the first paragraph of this Addendum.
“Agreement” has the meaning provided in the first paragraph of this Addendum.
“Data” means any personal, financial, or transaction data.
“Data Sources” has the meaning provided in Section 1 of this Addendum.
“Lock Trust’s Validations” has the meaning provided in Section 1 of this Addendum.
“Securely Delete” means to delete using an industry standard method that ensures the deletion is permanent and information unrecoverable.
“Security Issue” means any: (i) unauthorized or unlawful access, transmission, corruption, deletion, or use of any Data; (ii) unauthorized access to systems storing, processing, or providing access to the same; (iii) Merchant’s material failure to comply with its information security requirements under this Agreement; or (iv) any reasonably suspected case of, or flaw in, Merchant’s policies, procedures, or systems reasonably likely to give rise to an incident described in the foregoing definition.