Framework Agreement for MANGOPAY Payment Services

General Terms of Use for Payment Services

Version as of 22 July 2020

Concluded between

The Provider, a legal entity or natural person registered in the commercial register (or in the national trade register or any comparable professional body) in a Member State of the European Union or a State of the European Economic Area or in a third country imposing equivalent obligations with regards to the fight against money laundering and terrorist financing, who acts on its behalf exclusively for commercial (industrial, workmanship, free) purposes, hereinafter referred to as the "Holder" or "Commercial Holder",

and

MANGOPAY SA, a public limited company incorporated under Luxembourg law, with a capital of 6,200,000 EUR, having its registered office at 2, Avenue Amélie, L-1125 Luxembourg and registered in the Luxembourg Trade and Companies Register under number B173459, authorised to operate in the European Economic Area as an electronic money institution by the Luxembourg Financial Markets Authority, 283 route d'Arlon L-1150 Luxembourg, www.cssf.lu, hereinafter referred to as the "Service Provider", on the other hand, hereinafter individually a "Party" or collectively the "Parties".

Please Note: The Holder is requested to carefully read this Framework Agreement sent to it by the Platform before accepting it. The Holder is requested to load it onto a permanent data carrier. By default, communication with the Service Provider shall always take place via the Platform in accordance with the terms provided for in Unite's General Terms and Conditions, unless a separate mode of communication is provided for in the Contract.

1 Definitions

For the purpose of this Contract, the terms are defined as follows:

"Authentication" means the procedures established by the Platform to verify the identity of the Holder or the validity of a Payment Order. These procedures include the use of personalised security features and identification data.

"Banks" means credit institutions responsible for protecting the amount of money deposited by the Service Provider on behalf of the Holder. This amount of money shall be opened in a separate account opened for this purpose to limit the seizure. The named institutions are now ING Luxembourg and Crédit Mutuel Arkéa. The Service Provider reserves the right to select any other approved credit institution.

"Payment Account" or "Account" means the Payment Account held by the Service Provider on behalf of the Holder and used for the implementation of Payment Transactions. Under no circumstances shall the account be treated as a custody account. The account shall be denominated in the currency specified when the Holder registers with Unite via the communication channel defined by Unite.

"Terms and Conditions" means the general terms and conditions of use of the Platform agreed between the Unite Users, the Holder and the Platform governing, inter alia, access to Unite, and the Service Description regarding the Unite Agency Model entered into between the Holder and the Platform.

"Pricing Terms" means the commercial terms agreed between the Holder and the Platform. This may include costs payable for this Framework Agreement.

"Framework Agreement" means the contractual documents referred to in Section 3.2.

"Personal Data" means any information relating to the Holder as a natural person or to a legal person in relation to the Holder as a legal person (including an Operating Agent, an Authorised User, an Authorised Person) within the meaning of the EU Personal Data Protection Regulation 2016/679.

"Application Form" means the form to be completed in order to access the Payment Services provided by the Service Provider through Unite.

"Business Day" means a calendar day other than Saturdays, Sundays and public holidays in France and Luxembourg and any other day defined as such by the Service Provider.

"Payment Methods" means Payment Methods whose acceptance and billing is offered by the Service Provider in accordance with the Contract with Unite.

"Payment Transaction" means a regular or one-off transfer debited to the Payment Account and ordered by the Holder or any authorised agent in this regard.

"Payment Order" means the instruction given by the Holder to the Service Provider in accordance with the procedure set out in the Framework Agreement for the implementation of a Payment Transaction.

"Authorised Person" means any agent appointed by the Holder to access the Payment Account and to use the Payment Services for its Account.

"Platform" means the Unite Network SE entity that operates the Unite B2B Network, as defined in the Terms and Conditions. It accompanies the Holders during the course of their relationship with the Service Provider in the context of their implemented payment transactions. It records the documents necessary for opening an account.

"Service Provider" means MANGOPAY SA, an electronic money issuer authorised in Luxembourg by the Financial Markets Authority under number 3812 and authorised to operate in all Member States of the European Union. The Service Provider appears on the list of e-money institutions available at https://searchentities.apps.cssf.lu/searchentities/entite/details/9651?lng=en&q=&st=advanced&entType=EMI.

"Third Party Payment Service Provider" means any institution other than the Service Provider authorised in a Member State of the European Union or a State of the European Economic Area or in a third country imposing equivalent anti-money laundering and counter-terrorist financing obligations.

"Platform Customer Service" means the Platform department (contact details usually on the Website) where the Holder can obtain information regarding the Framework Agreement.

"Payment Services" means the payment services set out in points 3 and 5 of the Appendix to the Luxembourg law as of 10 November 2009 on payment services.

"Unite" is the B2B network of Unite Network SE, which offers companies the opportunity, based on the General Terms and Conditions, to enter into business relationships in a digital form, to offer goods and services to each other or to purchase or use them.

"Durable Medium" means any medium which enables the Holder to store information addressed personally to it in a way, which is accessible for future reference for a period of time adequate for the purposes of the information and which allows the unchanged reproduction of the stored information. It is usually displayed in the form of a PDF file.

"Holder" means any legal or natural person acting on its own account and in whose name a Payment Account is opened for the use of the Payment Services.

"User" means any natural or legal person who has transferred/will transfer an amount of money to the Holder. (="Buyer")

2 Subject Matter

The purpose of the Framework Agreement is to specify the conditions under which the Service Provider will provide Payment Services to the Holder in return for payment specified in Article 11 of this Contract.

These Payment Services include:

Opening a Payment Account,
Crediting the Payment Account: Registration of the transferred amount of money; receipt of payment.
Debiting the Payment Account: Execution of one-off or recurring transfer transactions, direct debit of costs pursuant to this contract, book transfer of money transfers.

The account shall not result in an overdraft, prepayment, discount or credit. The Service Provider does not offer an exchange service.

The platform supports the Service Provider so that the conclusion of this Contract is made possible with each Holder and they are accompanied throughout their relationship with the Service Provider.

3 Use Services

3.1 Registration of Terms and Conditions

The Framework Agreement shall be concluded in accordance with the Terms and Conditions set out in the Service Description regarding the Unite Agency Model. The medium through which the Framework Agreement is concluded can be freely defined by Unite.

In the event of a handwritten signature, the date of conclusion of the Framework Agreement shall be the date indicated on it and, in the absence of a date, the date of receipt of the Framework Agreement by the platform.

In the case of an electronic signature of the Framework Agreement, the date of completion of the Framework Agreement shall be the date on which the Applicant completes the electronic signature process specified to it by Unite.

The Framework Agreement concluded between the parties by electronic means shall have the same conclusive force as a Framework Agreement in paper form.

3.2 Contractual documents

The Framework Agreement consists of:

These General Terms and Conditions of Use for Payment Services,
The service description provided by the platform as a contract between the platform and the Holder (optional, or also application/contract in paper form)
Price conditions transmitted by the platform/displayed on the website provided by the platform (optional).

At any time during the contractual relationship, the Holder may, upon request, receive these documents in paper form.

The Service Provider shall maintain access to the Contractual Documents for a period of five (5) years from the end of the contractual relationship. The Service Provider shall discontinue this service at the end of the above-mentioned five-year period.

The Service Provider may make the conclusion of this Contract subject to the provision of certification and supplementary information by the Holder in order to validate its status in relation to these arrangements.

4 Opening an account

4.1 Requirements necessary to open an account

Any legal person established and/or incorporated in a Member State of the European Union or in a State of the European Economic Area or in a third country imposing equivalent obligations with regards to the fight against money laundering and terrorist financing may transfer an application for the opening of an account. Only a legal person can be admitted as a trader.

The Holder declares upon the transfer of its application for admission to the Platform and throughout the duration of the Framework Agreement:

That it is at least 18 (eighteen) years of age and legally competent or that it is duly established in the form of a company,
That it is acting on its own account,
That all information provided at the time of its registration is true, accurate and up to date.

4.2 Registration and account opening procedures

4.2.1 Information and evidence

Each Interested Party must transfer, via a communication channel defined by Unite, the information and documentation listed below to be forwarded to the Service Provider, if such information and documentation is not already in Unite's or the Service Provider's possession.

The interested party undertakes to transfer the information and documents in accordance with its capacity, i.e. as a trader.

For commercial owners:

For natural persons:
- Their surname, first name, email address, date of birth and nationality as well as country of residence.
- An original or copy of an extract from the Official Gazette, not older than three months, confirming the registration as a trader or in the national trade register or any other professional association on which the Holder depends.
- A copy of the Holder's valid official identity document (e.g. identity card, driving licence and for third-country nationals in the European Union a passport).
For legal persons:
- Its corporate name, type of business, capital, address of registered office, description of business activities, identity of shareholders and directors and a list of Authorised Users as specified, for example, by the regulation,
- Certificate of Incorporation from the trade register or equivalent document not older than three months confirming registration in the trade register of a member state of the European Union or a state of the European Economic Area or in a third country imposing equivalent obligations to fight against money laundering and terrorist financing. This document must confirm the company name, the type of business, the address of the registered office and the identity of the partners and directors mentioned in Clause 1 and Clause 2 of Article R.123-54 of the Commercial Code or their equivalents in foreign law.
- Certified copy of the articles of association and any resolutions appointing the legal representative;
- Copy of the identity card or passport of the legal representative and, if applicable, of the Authorised User(s).
- The declaration of the Authorised User of the legal entity holding more than 25%, if the interested party has not declared its Authorised Users in the national register or is not subject to this obligation.

The Holder may also be required to provide proof of banking of an account opened in its name with the person mentioned in Clause 1 to Clause 6a of Article L.561-2 of the French Monetary and Financial Code, established in a Member State of the European Union or a State of the European Economic Area or in a third country imposing equivalent obligations with regards to the fight against money laundering and terrorist financing.

It is expressly provided that the Service Provider reserves the right to request supplementary documentation regarding the Holder, the Authorised User or a specific payment transaction prior to any registration and at any time during the term of the Framework Agreement.

4.2.2 Restriction of the Payment Account

Depending on the assessment of the Service Provider, the use of a Payment Account may be 7 restricted without the Service Provider justifying its decision to the Holder concerned. The operation of the account shall be restricted mainly if the Holder has not provided all the required information and documentation listed by the Service Provider or the Service Provider has detected suspicious activity on the account. The limits of restricted use are indicated to the Holder by the Platform. (KYC "Light" Limit)

4.2.3 Completion of registration

Once the Framework Agreement has been concluded, the Holder must provide all the information and evidence required by the Platform. By agreeing to the terms and conditions of the Framework Agreement, the Holder hereby accepts that the Platform transfers to the Service Provider its application for admission as a Holder and all evidence received from it.

The Service Provider shall be the only person authorised to accept the inclusion of an interested party as a Payment Account Holder in its name. This consent shall be communicated to the Holder by the Platform by any means in accordance with the Terms and Conditions provided for on the Platform.

The Service Provider may reject an application to open an account without providing reasons or entitling the Holder to compensation. This refusal shall be communicated to the Holder by the Platform by any means in accordance with the Terms and Conditions provided for on the Website.

5 Operation of the Payment Account

The amounts credited to the Payment Account result from the transferred amount of money/receipt of payment. The amounts debited to the Payment Account result from the execution of a payment transaction to an account opened with a third-party payment Service Provider (= "Payout").

To the extent agreed with the Platform in the General Terms and Conditions, the Holder instructs the Platform to issue the orders referred to in this section.

5.1 Acceptance and settlement of payment orders

Credits to the Payment Account can be made once or several times. The money transfer order is recorded on a designated payment page, if applicable. Where applicable, it is the responsibility of the Service Provider to refuse any payment depending on its assessment and without this decision being able to lead to compensation. The Service Provider shall not be entitled to cancel such a transfer.

The Holder is informed that acceptance of a Payment Order does not guarantee receipt of the funds in the Holder's account. The registration of money on the Holder's Payment Account depends on the actual receipt by the Service Provider of the amount of money deposited.

If no money is received for technical reasons, the Service Provider shall ensure that the process is regulated to the best of its ability. If no money is received for any other reason, the Service Provider shall immediately inform the Platform that it is unable to credit the anticipated amount to its account so that it can contact the User/Buyer.

5.2 Transfer Receipt on the Payment Account

The Holder instructs the Service Provider to enable it to receive transfers on its Payment Account from a bank account or a Payment Account opened in the registers of a third-party payment Service Provider.

The funds shall be credited to its Payment Account immediately by the Service Provider upon the actual receipt by the Service Provider.

After the registration of the funds on the Holder's Payment Account, the Service Provider shall provide the Platform with a summary of the transfer transaction received with the following information: purpose of the payment transaction, reference to identify the debtor, transaction amount, value date of the credit entry.

5.3 Execution of a Payment Transaction debiting the Payment Account (Payout to the Holder or reversal)

The Holder may give SEPA or international transfer orders to accounts held by a third party payment Service Provider (third party payee or own).

The execution of transfer transactions is transferred by the Platform to the Service Provider and acts in accordance with the Platform's General Terms And Conditions. Unless otherwise stated, the transfer order is valid immediately. The Holder must follow the authentication procedure (KYC) specified by the Service Provider. (4.2)

The Holder gives its irreversible consent for the order to be carried out.

Before the transfer of a transfer order, the Holder (or the platform acting on its behalf) must ensure that the Payment Account has sufficient funds to cover the payment transaction amount and the related costs as agreed in the Price Conditions. If necessary, the Holder must assure that the account is in credit before the order can be legally transferred to the Service Provider for execution.

It is expressly agreed that payment orders shall be carried out by the Service Provider no later than the end of the business day following the date of receipt of the order (and on the agreed execution date in the case of timed transfers or standing orders). Any payment order received by the 9 Service Provider after 4pm shall be deemed to have been received on the following Business Day. If the date of receipt is not a Business Day, the payment order shall be deemed to be received on the following Business Day.

The Holder may at any time request the Service Provider to provide information regarding the implementation time for a payment transaction (on a durable medium PDF).

The Service Provider has the right to refuse to carry out an incomplete or incorrect transfer order. In this case, the order must be corrected and sent to the Service Provider again via the Platform. The Service Provider may also reject a transfer order in the event of significant suspicion of fraudulent use of the Account, unauthorised use of the Account, freezing of funds by an administrative authority or for any other reason.

The Platform shall be informed of the refusal to carry out a transfer order or the blocking of a transfer order by means of the selected data interface. If possible, the Platform Service Provider shall indicate the reasons for refusal or blocking the transfer to the Holder, as long as this information is not required to be kept secret by a relevant provision of national or European Union law.

5.4 Refund

The Holder may at any time submit an instruction to reverse a financial transfer so that a Buyer is reimbursed. Corresponding to the payment order, the Platform takes over the transfer to the Service Provider in accordance with the Platform's General Terms And Conditions.

Provided that there are sufficient funds in the Payment Account, the refund process shall be carried out by crediting via the payment methods used by the User in accordance with the original payment Terms and Conditions. The international network and SEPA rules apply to the terms. (received by the recipient within five (5) business days according to the service provider's instruction).

6 Reporting

The transaction records may also be made available to the commercial owner upon express request.

It is noted that the Service Provider records the following information for each implemented payment transaction and makes it available to the Platform via a data interface: purpose of the payment transaction, identification of the beneficial owner, transaction amount, date of receipt of the order and, where applicable, the cost of carrying out the transaction.

7 Access to the Payment Account and confidentiality of personalised security features

The Holder must provide identification data for each authorised person. Any Authorised Person shall agree not to use the name or identification data of another person. The Holder is solely responsible for any use of its login details.

Each Authorised Person is fully responsible for maintaining the confidentiality of their identification data and any other personalised security feature that may be assigned by the Service Provider or the Platform. The Holder must take all reasonable measures to maintain the secrecy and security of its personalised security features. The Holder also undertakes to raise the awareness of authorised persons regarding the confidentiality and security of their own personalised security features.

The Holder (and any authorised person) hereby agrees not to disclose their personalised security features to any third party. Notwithstanding, the Holder may transfer them to the authorised third party payment service providers in a Member State of the European Union or in a state of the European Economic Area for information services regarding the accounts and payment transaction initiation services (as defined in Article 4 of the European Directive 2015/2366, referred to as "PSD2"). The Holder must ensure that this third party payment Service Provider is authorised for the aforementioned services and records its personalised security features in a secure environment.

8 Objection of the personalised security features

The Holder must notify the Platform of the loss or theft of its personalised security features, misappropriation or any unauthorised use of its personal space or data as soon as it becomes aware of it so that blocking can be initiated. This declaration must be carried out as follows:

By telephone to the Platform's customer service department using the contact details provided in the Website's General Terms and Conditions; or
Directly by electronic message via the contact form accessible on the Website.

The Service Provider shall immediately carry out the request for objection via the Platform. The event is recorded and time-stamped. An appeal number with a time stamp shall be sent to the Holder. A written confirmation of this objection shall be addressed to the Holder concerned by electronic message via the Platform. The Service Provider shall take over the files at the administrative level and shall preserve all evidence for 18 (eighteen) months. Upon the written request of the Holder and before the expiry of that period, the Service Provider shall send a copy of that objection.

Any request for objection shall be confirmed without delay by the Holder concerned by means of a letter signed by it, delivered or sent by registered mail or email to the address mentioned in the letterhead of this Contract or to the address indicated in the Website's general terms and conditions, if any.

The Service Provider cannot be held liable for the consequences of an objection sent by fax or email that does not originate from the Holder.

An objection request shall be deemed to have been made on the date and at the time of the actual receipt of the request by the Platform. In the event of theft of the personalised security features or fraudulent use of the personal area, the Service Provider is entitled to request a receipt or a copy of the submitted claim from the Holder via the platform, who undertakes to respond to it without delay.

9 Blocking of the Payment Account and refusal of access to the Payment Account

The Service Provider reserves the right to block the Payment Account if there are objective grounds to suspect that the security of a payment method is at risk or that unauthorised or fraudulent use has been made with it or for a significantly increased risk that the Holder is unable to fulfil its contractual obligations.

The Holder is informed that the Service Provider may deny access to the Payment Account to a third party Payment Service Provider providing payment initiation services or information on the Accounts for objective or documented grounds related to unauthorised or fraudulent access to the Payment Account on the part of the Service Provider, including the unauthorised or fraudulent initiation of a Payment Transaction.

In such cases, the Holder shall be informed of the blocking or refusal of access to the Payment Account and the reasons for such blocking or refusal. That information shall be provided to it, if possible, before the Payment Account is blocked or access is denied and at the latest immediately following the blocking or denial, unless the fact of providing that information is not communicable for objective security reasons or prohibited by another provision of European Union law or relevant national law.

The Service Provider shall unblock the account or restore access as the grounds justifying the blocking or denial of access no longer exist. The Holder may request the unblocking of the Account at any time by contacting the Platform's Customer Service, whose contact details are indicated in the Website's General Terms and Conditions. The Holder may be requested to set new identification data.

10 Disputed Transactions

10.1 Provisions common to all Holders

In the event of any complaint regarding Payment Transactions carried out by the Service Provider under this Contract, the Holder is invited to contact the Platform's Customer Service or the address indicated in this regard in the Website's General Terms and Conditions.

If an order is carried out by the Service Provider with errors due to the fault of the Service Provider, the complaint shall be immediately transmitted to the Service Provider, the order shall be cancelled and the account shall be restored to the way it was before the Payment Order was received. The Order shall then be represented correctly.

Charges specified in the Pricing Terms and Conditions may be imposed in the event of an unjustified complaint regarding a Transaction.

10.2 Applicable provisions for the Commercial Owner

The Commercial Owner who wishes to contest a transfer transaction not authorised by it or incorrectly carried out by it must contact the Platform's customer service by telephone without delay after becoming aware of the irregularity and at the latest within eight (8) weeks from the entry of the transaction; it shall be its responsibility to transfer the dispute to the Service Provider without delay. Unless there are reasonable grounds to suspect fraud on the part of the Holder, the Service Provider shall refund the amount of the Transaction to the Holder immediately after receipt of the appeal request and in any event no later than the end of the next Business Day. The Service Provider shall restore the account to its previous state as if the unauthorised payment transaction had not occurred.

In the event of loss or theft of the personalised security features, the unauthorised transactions that took place prior to notification of the objection shall be at the expense of the Holder. The transactions carried out after the objection are borne by the Service Provider, except in case of fraud by the Holder.

11 Financial conditions

The services offered under this Contract shall be invoiced by the Platform in accordance with the Pricing Terms.

12 Term and termination

The Framework Agreement is concluded for an unlimited period. It shall take effect from the date of its acceptance by the Holder.

The Holder may terminate the Framework Agreement at any time by giving thirty (30) calendar days' notice. Section 4.3.2 sentence 2 applies accordingly, i.e. by agreeing to the terms of the Framework Agreement, the Holder accepts that the Platform notifies the Service Provider of the termination.

The Service Provider may at any time terminate the Framework Agreement provided on a durable medium by giving two (2) months' notice.

For this purpose, each party must send its notice of termination to the other party (a) by registered letter with acknowledgement of receipt or (b) to the email address agreed in the General Terms and Conditions.

The entire Framework Agreement is then terminated and the Payment Account closed. The balance of the account after deduction of the charges due and payable to the Service Provider shall be transferred to the Holder's bank account within thirteen (13) months at the latest. If the balance of the Payment Account exceeds the limit specified in the Pricing Terms, the amount in excess of such limit, following the deduction of any charges due and payable to the Service Provider, shall be transferred to the Holder's bank account within thirty (30) days of the effective date of termination. The Service Provider shall be released from any obligation after confirming the transfer to the specified bank account to the Holder.

In the event of serious breaches, fraud or non-payment by the Holder, the Service Provider shall reserve the right to suspend or terminate this Contract without cause or prior notice.

The Framework Agreement shall be deemed automatically terminated to the extent that the ability to implement the contractual obligations on the part of one party is impaired.

13 Contract Modification

The Service Provider reserves the right to amend the Framework Agreement at any time. Any draft amendment to the Framework Agreement shall be provided to the Holder by the Platform.

Any Holder may reject the proposed changes and must notify its rejection to the Platform's Customer Service via the communication channels agreed in the General Terms and Conditions two (2) months before the proposed changes come into force.

In the absence of a rejection notice before the specified effective date, the proposed amendments shall be deemed to have been accepted by the Holder. The relations between the Parties after the entry into force of the Contract shall then be governed by the new version of the Framework Agreement.

In the event of rejection by the Holder, such rejection shall result in the termination of the Framework Agreement without costs and the transfer of the balance of the Payment Account to the Holder's bank account within thirteen (13) months of the effective date of the termination.

Any law or regulation requiring that all or any part of the Framework Agreement be amended shall apply from the Effective Date without notice. However, the Holder shall be informed of this.

14 Security

The Service Provider undertakes to guarantee its services in compliance with the applicable laws and regulations and the latest technology. In particular, the Service Provider shall take all necessary steps to ensure the security and confidentiality of the Holder's data in accordance with the applicable regulations.

The Service Provider reserves the right to temporarily suspend access to the Online Account for technical, security or maintenance reasons, without such operations giving rise to any compensation. The Service Provider undertakes to limit such interruptions to the extent as absolutely necessary.

In any case, the Service Provider cannot be held liable regarding the Holder for any errors, oversights, interruptions or delays in the transactions carried out via the Website that resulted from the unauthorised access of the Holder. The Service Provider cannot be held liable for any theft, destruction or unauthorised data transfer resulting from unauthorised access to the website. Furthermore, the Service Provider remains a third-party to the legal relationship that exists between the Holder and the User or between the Holder and the Website. The Service Provider shall not be liable for any error, defect or negligence made by the User and the Holder among each other or of the Website and the Holder among each other.

In the event of incorrectly submitted parameters by the Holder or the Platform in the data interface intended for payment processing, the Service Provider shall not be responsible for the functionally correct but contextually incorrect implementation of the aforementioned service.

The Platform is solely responsible for the security and confidentiality of the data exchanged in the context of the use of the Website, in accordance with the Website's general terms and conditions, with the Service Provider being responsible for the security and confidentiality of the data it exchanges with the Holder under this Contract for the creation and management of its Account, as well as payment transactions associated with the Account.

15 Limitation of liability of the Service Provider

The Service Provider shall not interfere in any way with the legal and business relations and any legal disputes between the Holder and the User or between the Holder and the Platform. The Service Provider does not exercise any control over the conformity, security, legality, characteristics and suitability of the products and services that are the subject of a Payment Transaction.

Each transaction carried out by the Holder shall give rise to a Contract directly between the Holder and a User for whom the Service Provider is a third-party. Consequently, the latter cannot be held liable for the non-performance or the defective performance of the obligations arising therefrom, nor for any damage caused to the Holder.

Notwithstanding any provisions to the contrary in this Contract, the Service Provider's liability to a Holder shall be limited to direct damages as provided by law.

16 Holder's obligations

The Holder guarantees that no element of its personal space shall infringe the rights of third parties nor violate the law, public order or morality. The Holder undertakes to refrain from the following:

(i) unlawfully execute the Framework Agreement or perform it under conditions that could damage, disable, overburden, or alter the Website;

(ii) impersonate another person or organisation, falsify or disguise its identity, age or create a false identity;

(iii) distribute personal data or information to a third party such as addresses, telephone numbers, electronic addresses, bank card numbers, etc. In the event of a breach of obligations, the Service Provider may take any appropriate measure to stop the practices in question. The Service Providers is also entitled to suspend, cancel and/or block the Holder's access to its account.

(iv) Without prejudice to legal action by third parties, the Service Provider shall be entitled to personally take legal action to recover the damages it has personally suffered as a result of the Holder's failure to comply with its obligations under this Contract.

If the Holder discovers a breach of the above obligations, it is requested to inform the Service Provider of such practices by contacting it at the following address: legal@mangopay.com.

17 Right of Cancellation

17.1 Provisions common to all Holders

The Holder, who within the meaning of Articles L.341-1 et seq. of the French Monetary and Financial Code, shall have a period of 14 (fourteen) calendar days to exercise its right of objection, subject to, where applicable, compliance with the conditions of Article D341-1 of the same Code, without giving reasons and payment of penalties. This cancellation period starts from the day of registration as a Holder.

17.2 Exercise of the right of withdrawal

The Holder must notify the Platform's Customer Service by telephone or email of its declaration of revocation in due time and send a letter of confirmation to the Platform's Customer Service address. In this respect, it may use the cancellation form provided by the Platform.

18 Rules to fight against money laundering and terrorist financing

The Service Provider is subject to Luxembourg legislation on fighting against money laundering and terrorist financing.

In application of the provisions of Luxembourg law regarding the participation of financial institutions in the fight against money laundering and terrorist financing, the Service Provider is 16 required to obtain information from each Holder for each transaction or business relationship on the origin, object and purpose of the transaction or opening of the account. The Service Provider must also carry out all necessary steps to identify the Holder and, where applicable, the actual authorised User of the account and/or payment transactions associated with it.

The Holder acknowledges that the Service Provider may terminate or postpone the use of the Personalised Security Features, access to an Account or the implementation of a Transaction at any time in the absence of a sufficient element to its object or nature. The Holder is informed that a transaction under this Contract is subject to the exercise of the communication right of the Financial Intelligence Unit.

The Holder may, in accordance with the legislation, access all information transmitted in this way, provided that this right of access does not affect the purpose of fighting against money laundering and terrorist financing where such data relates to the applicant.

Neither criminal prosecution nor civil liability action can be brought, nor sanctions by their profession against the Service Provider, its directors or its employees who in good faith made the Suspicious activity reports to the national authorities.

19 Data protection

The Service Provider collects and processes all personal data in accordance with the applicable data protection regulations.

The Applicant may be faced with a refusal of access to the services to be provided under this Contract for failure to provide the mandatory personal data required at the time of registration.

Personal data is collected in particular for the following purposes: providing the services as described in this Contract; fighting against money laundering and terrorist financing; processing information and complaint requests; compiling statistics. These processing operations shall be necessary, in particular, for the performance of the Framework Agreement as well as for compliance with legal obligations to which the persons responsible for the processing shall be subject. The Service Provider and the Platform act as joint responsible parties for these operations.

Personal data may not be transferred to any third party without the express consent of the data subjects. Each data subject is hereby informed that the personal data may be communicated to subcontractors for the purposes indicated above. The aforementioned subcontractors shall act only on the instructions of the Service Provider and exclusively for the account of the latter.

The data subject may access the list of subcontractors upon request to the Platform. The Service Provider shall ensure that its subcontractors take all necessary measures to ensure that the security and confidentiality of Personal Data is maintained. In the event of a breach of data protection (loss, interference, destruction, etc.), the data subjects shall be informed immediately.

The Service Provider reserves the right to disclose Personal Data upon the request of a lawful authority in order to comply with all applicable laws and regulations, to protect or defend the rights of the Account Holder or any data subject where binding circumstances warrant the need, or to protect the security of the Account Holder, the Services or the public.

The personal data processed by the Service Provider in the context of the services provided pursuant to this Contract shall be kept for the term strictly necessary to achieve the aforementioned objectives. Unless otherwise provided by law, the data shall not be kept beyond the effective date of termination of the Contract. Among other things, it is made clear that personal identification data shall be kept for five years from the end of the contractual relationship by virtue of the applicable anti-money laundering and anti-terrorist financing provisions.

Data subjects shall have the following rights to their data under the conditions provided for by the regulations: the right of access, right of rectification, right to object, right to erasure, right to limited processing and right to transferability. A data subject may exercise its rights at any time by contacting the Platform's customer service. Your application must state the surname, first name and identifier and be accompanied by a photocopy of an identity document with a signature.

A reply shall be sent to the data subject within one (1) month of receipt of the request. This deadline may be extended by two (2) months considering the complexity of the number of applications. In this case, the data subject shall be informed of the extension and the reasons for the postponement within one (1) month upon the receipt of the request.

The data subject shall be informed that it has the right to submit a complaint with the competent authority for any request relating to its personal data.

If the data subject submits its request electronically, it shall receive the response electronically unless it specifically requests another method.

If the personal data relates to a data subject who is not part of the Framework Agreement and has been transferred by the Holder, the Holder shall endeavour to provide the data subject with the information in this Article.

Additional information regarding the processing of personal data under this Contract, the retention periods and the rights of the data subjects are available in the Service Provider's privacy policy (accessible on the www.mangopay.com website).

20 Business secret

The Service Provider is bound by confidentiality. However, this secrecy may be lifted in accordance with applicable legislation, by virtue of a legal and regulatory obligation, in particular upon the request of the guardianship authorities, the tax and customs administration and the criminal court or in the event of court seizure, of which the Service Provider shall be notified. Notwithstanding the above, the User may release the Service Provider from the obligation of confidentiality and expressly indicate to the Service Provider the third parties authorised to receive the confidential information concerning it.

It is hereby noted that the duty of confidentiality may be waived by the provision in favour of the companies providing the Service Provider with important operational tasks under this Contract.

21 Intellectual property

The Service Provider retains full ownership of the securities and property rights, regardless of how they are associated with the services offered to the Holder. None of these rights shall be transferred to the Holder within the meaning of this Contract.

22 Inactive Accounts

Any inactive account may be subject to an inactivity notice sent by email from the Service Provider followed by a reminder one month later. The Holder's Payment Account shall be deemed to be inactive if, after a period of twelve (12) months, no transaction (other than the debit of the Account Maintenance Fees) has been made upon the initiative of the Holder (or any nominee) and it has not notified the Service Provider in any form whatsoever.

In the absence of a response or use of the balance appearing in credit on the account during this period, the Service Provider may close the account and maintain it for the sole purpose of transferring the amounts due to the account specified by the Holder. In the event of death, the balance may only be refunded to the Holder's rights holders.

No more payment transactions can be made on the account.

23 Force majeure

In the event of delays or in the event of non-performance of the contractual obligations, the contracting parties shall not be held liable or responsible under this Contract for any breach of obligation if the cause is related to an event of force majeure as defined by French legislation (Article 1218 of the Civil Code).

24 Independent contractual provisions

Should any of the provisions of this Contract be declared invalid and void, such provision shall be deemed not to have been incorporated into the Contract and shall not invalidate the remaining provisions.

Should one or more provisions of the present Contract become invalid or be declared invalid in application of a law, regulation or as a result of a final judgment of the relevant jurisdiction, the generally binding effect and scope of the remaining provisions shall remain unchanged. The provisions declared invalid and ineffective shall accordingly be replaced by provisions which correspond as far as possible to the provisions originally agreed in terms of their meaning and scope of application.

25 Protection of funds

The Holder's funds shall be deposited at the end of the Business Day following the day during which they are received by the Service Provider in an account for partial settlement opened in the records of a bank under such conditions as may be prescribed.

Pursuant to Article 24-10 (5) of the Law of 20 May 2011 published in the Mémorial A No. 104 of 24 May 2011 of the Grand Duchy of Luxembourg and Article 14 of the Law of 10 November 2009 published in the Mémorial A No. 215 of 11 November 2009 of the Grand Duchy of Luxembourg implementing Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the adoption, pursuit and prudential supervision of the business of the activities of electronic money institutions, the funds raised shall be protected and shall not become part of the assets of the electronic money institution in the event of liquidation, insolvency or any other bankruptcy situation of the institution.

26 Non-transferability

The Contract may not be transferred by the Holder either in whole or in part and neither for consideration nor free of charge. Consequently, it is prohibited to transfer to a third party any rights or obligations incumbent upon it by virtue of the present Contract. In case of breach of this restriction, the Holder may be held liable by the Service Provider in addition to the immediate termination of the present Contract.

27 Legally binding evidence

All unalterable, reliable and secure data transferred from the Service Provider's database, in particular for payment orders and sent messages, shall be binding between the Parties until proven otherwise.

28 Territorial scope

The provisions of Articles L133-1 et seq. and L314-1 et seq. of the French Monetary and Financial Code apply if the payee's payment service provider and the payment service provider or payee of a payment transaction carried out on the direct debit or on the credit balance of the account are both located in the territory of France, Guadeloupe, Guyana, Martinique, La Réunion, Mayotte, Saint-Martin or Saint-Barthélemy or in another Member State of the European Union, or in another State party to the Agreement on the European Economic Area, and that the transaction is executed in EUR or in the currency of a Member State of the European Union which is not a member of the SEPA zone or another State party to the Agreement on the European Economic Area.

The provisions of Articles L133-1 et seq. and L314-1 et seq. of the French Code on monetary and financial matters shall apply (with the exception of the provisions of Articles L. 133-11 to L. 133- 13 ; L133-14, II and with the exception of the time limits referred to in Article L314-13, VI) where one of the payee's payment service provider and the payment service provider or payee of a payment transaction carried out on the debit or credit balance of the account is located in the territory of France, Guadeloupe, Guyana, Martinique, La Réunion, Mayotte, Saint-Martin, the other in the territory of France, Guadeloupe, Guyana, Martinique, La Réunion, Mayotte, Saint Martin, or in another Member State of the European Union, or in another State party to the Agreement on the European Economic Area, and that the transaction is denominated in the currency of a State party to the Agreement on the European Economic Area, with regards to the Parties to the payment transaction which takes place in the European Union.

29 Complaints and mediation

The Holder is invited to contact the platform's customer service for any complaints, which may be indicated on the Website.

All complaints other than those referred to in Article 10 concerning the conclusion, performance or termination of the Framework Agreement must be communicated by email to the following address: legal@mangopay.com.

The Holder accepts that the Service Provider shall respond to its complaints in durable medium. The response shall be provided promptly and no later than within fifteen (15) business days of receipt of the complaint by the Service Provider. However, for reasons beyond its control, the Service Provider may be prevented from responding within fifteen (15) days. In this case, the Service Provider shall send the Holder a reply specifying the reasons for this additional delay and the date on which it shall send the final reply. In any event, the Holder shall receive a final response no later than thirty-five (35) business days after receipt of the complaint.

The Holder is informed that the CSSF (Commission de Surveillance du Secteur financier - Financial Market Supervisory Authority) is competent for the out-of-court settlement of disputes concerning the performance of this Framework Agreement. For further information regarding the CSSF and the conditions of such legal assistance, you may contact the Platform'S Customer Service or consult the CSFF's website (http://www.cssf.lu). Mediation requests must be addressed to the Mediator of the Commission de Surveillance du Secteur Financier (CSSF), 283 route d'Arlon, L1150 Luxembourg, (direction@cssf.lu), notwithstanding any other legal action. However, the Mediator may not be instructed if the request is clearly unjustified or abusive, if the dispute has been previously investigated or the investigation is ongoing by another Mediator or a court, if the Mediator's request was submitted to a professional after more than one year from the written complaint, if the dispute does not fall within the Mediator's jurisdiction.

30 Language - Governing Law And Jurisdiction

Except in the event of the application of a law of public order (which applies only within the strict limits of its purpose), it is expressly stipulated that English is the language chosen and used by the parties in their pre-contractual and contractual relations and that the Framework Agreement with the Service Provider is governed by French law. For the avoidance of doubt, provisions on the applicable law for contractual relations between the Platform and the Holder shall remain unaffected. Any dispute between the Parties relating to this Contract shall be subject to the jurisdiction of the competent French courts.

Last updated 02/2022