Terms of Service

EOS Systems Terms of Service Agreement Last updated: 21st October 2019 This EOS Terms of Service Agreement (“Agreement”) is a legal agreement between EOS Systems Sdn. Bhd. (“EOS”, “us”, “our”, or “we”) and the entity or person (“you”, “your”, or “user”) who entered into an agreement with us to receive certain payment processing, data, technology and analytics services, and other business services that may be offered by EOS and its affiliates (each, a “Service”). This Agreement describes the terms and conditions that apply to your use of the Services. If you do not understand any of the terms of this Agreement, please contact us before using the Services. You may not access or use any Services unless you agree to abide by all of the terms and conditions in this Agreement.

Section A: General Terms

1. Overview of this Agreement This Agreement provides a general description of the Services that EOS may provide to you, including those that allow you to accept payments from purchasers of your goods or services or donors to your organization (your “Customers”). We provide you with a more detailed description of the Services through published software libraries and application programming interfaces that may be used to access the Services (the “API”) and additional resources we make available to you on our website. Before using the Services, you must enter into an Agreement with EOS. Section A describes the process of entering into an Agreement with EOS and accessing the payment portal that we provide. Section B describes your use of the API and the Services. Section C describes the Payment Processing Services, which are one type of Service provided by EOS. Section D describes proper handling, management, and use of data generated during your use of the Services, including your Customers’ data. Finally, Section E describes your liability to EOS for all losses connected with your EOS Account, your agreement to resolve all disputes with EOS by arbitration and not in a lawsuit, and other legal terms that apply to you. 2. Your EOS Payment Portal a. Registration and Permitted Activities: Only businesses (including sole proprietors), bona fide charitable organizations, and other entities or persons located in Malaysia are eligible to enter into an Agreement with EOS to use the Services described in said Agreement. EOS and its affiliates may provide Services to you or your affiliates in other countries or regions under separate agreements. To enter into an Agreement with EOS, you or the person or people submitting the application (your “Representative”) must provide us with your business or trade name, physical address, email, phone number, business and/or tax identification number, URL, the nature of your business or activities, and certain other information about you that we require. We may also collect personal information (including name, birthdate, and government-issued identification number) about your beneficial owners, principals, and your EOS Account administrator. Until you have submitted, and we have reviewed and approved, all required information, your EOS Account will be available to you on a preliminary basis only, and we may terminate it at any time and for any reason. If you use Payment Processing Services, your name (or the name used to identify you) and URL may appear on your Customers’ bank or other statements. To minimize confusion and avoid potential disputes, these descriptors must be recognizable to your Customers and must accurately describe your business or activities. You may only use Payment Processing Services to facilitate Transactions (as defined below) with your Customers. You may not use Payment Processing Services to send money to others, to conduct any personal or non-commercial transactions, or for any other purposes prohibited by this Agreement. b. Business Representative: You and your Representative individually affirm to EOS that your Representative is authorised to provide the information described in this Section A.2 on your behalf and to bind you to this Agreement. We may require you or your Representative to provide additional information or documentation demonstrating your Representative’s authority. Without the express written consent of EOS, neither you nor your Representative may register or attempt to register for an EOS Account on behalf of a user EOS previously terminated from use of the Services. If you are a sole proprietor or individual trader, you and your Representative also affirm that your Representative is personally responsible and liable for your use of the Services and your obligations to Customers, including payment of any amounts owed under this Agreement. The following special requirements apply in relation to persons that are not at least 18 years old. If you are an individual or sole proprietor, and you are not at least 18 years old, but you are 13 years old or older, your Representative must be your parent or legal guardian. If you are a legal entity that is owned, directly or indirectly, by an individual who is not at least 18 years old, but the individual is 13 years old or older, your Representative must either obtain the consent of your board or of an authorized officer. Any such approving board, authorized officer, parent, or legal guardian is responsible to EOS and is legally bound to this Agreement as if it had agreed to the terms of this Agreement itself. You may not use the Services if you are under 13 years of age. c. Validation and Underwriting: At any time during the term of this Agreement and your use of the Services, we may require additional information from you to verify beneficial ownership or control of the business, validate information you provided, verify you or your Representative’s identity, and assess the risk associated with your business. This additional information may include business invoices, copies of government-issued identification, business licenses, or other information related to your business, its beneficial owners or principals. If you use Payment Processing Services, we may also request that you provide copies of financial statements or records pertaining to your compliance with this Agreement, or require you to provide a personal or company guarantee. Your failure to provide this information or material may result in suspension or termination of your EOS Account. You authorize us to retrieve information about you from our service providers and other third parties, including credit reporting agencies and information bureaus and you authorize and direct such third parties to compile and provide such information to us. You acknowledge that this may include your name, addresses, credit history, and other data about you or your Representative. You acknowledge that we may use your information to verify any other information you provide to us, and that any information we collect may affect our assessment of your overall risk to our business. You acknowledge that in some cases, such information may lead to suspension or termination of your EOS Account. EOS may periodically update this information as part of our underwriting criteria and risk analysis procedures. d. Changes to Your Business, Keeping your EOS Account Current: You agree to keep the information in your EOS Account current. You must promptly update your EOS Account with any changes affecting you, the nature of your business activities, your Representatives, beneficial owners, principals, or any other pertinent information. We may suspend your EOS Account or terminate this Agreement if you fail to keep this information current. You also agree to promptly notify us in writing no more than three days after any of the following occur: you are the subject of any voluntary or involuntary bankruptcy or insolvency application, petition or proceeding, receivership, or similar action (any of the foregoing, a “Bankruptcy Proceeding”); there is an adverse change in your financial condition; there is a planned or anticipated liquidation or substantial change in the basic nature of your business; you transfer or sell 25% or more of your total assets, or there is any change in the control or ownership of your business or parent entity; or you receive a judgment, writ or warrant of attachment or execution, lien or levy against 25% or more of your total assets. 3. Your Relationship with Your Customers You may only use the Services for legitimate Transactions with your Customers. You know your Customers better than we do, and you are responsible for your relationship with them. EOS is not responsible for the products or services you publicize or sell, or that your Customers purchase using the Services; or if you accept donations, for your communication to your Customers of the intended use of such donations. You affirm that you are solely responsible for the nature and quality of the products or services you provide, and for delivery, support, refunds, returns, and for any other ancillary services you provide to your Customers. EOS provides Services to you, but we have no way of knowing if any particular purchase, sale, donation, order, or other transaction (each a “Transaction”) is accurate or complete, or typical for your business. You are responsible for knowing whether a Transaction initiated by your Customer is erroneous (such as a Customer purchasing one item when they meant to order another) or suspicious (such as unusual or large purchases, or a request for delivery to a foreign country where this typically does not occur). If you are unsure if a Transaction is erroneous or suspicious, you agree to research the Transaction and, if necessary, contact your Customer before fulfilling or completing the Transaction. You are solely responsible for any losses you incur due to erroneous or fraudulent Transactions in connection with your use of the Services.4. Fees and Fines EOS will provide the Services to you at the rates and for the fees (“Fees”) described on the Pricing page, linked here and incorporated into this Agreement. The Fees include charges for Transactions (such as processing a payment) and for other events connected with your EOS Account (such as handling a disputed charge). We may revise the Fees at any time. However, we will provide you with at least 30 days’ advance notice before revisions become applicable to you (or a longer period of notice if this is required by applicable Law). In addition to the Fees, you are also responsible for any penalties or fines imposed in relation to your EOS Account on you or EOS by EOS or any Payment Method Provider or Payment Method Acquirer (each as defined in Section C) resulting from your use of Payment Processing Services in a manner not permitted by this Agreement or a Payment Method Provider’s rules and regulations. You are also obligated to pay all taxes, fees and other charges imposed by any governmental authority (“Taxes”), including any value added tax, goods and services tax, provincial sales tax and/or harmonized sales tax on the Services provided under this Agreement. If you are tax-exempt, you will provide us with an appropriate certificate or other evidence of tax exemption that is satisfactory to us. 4. Services and EOS Account Support We will provide you with support to resolve general issues relating to your EOS Account and your use of the Services. This support includes resources and documentation that we make available to you through the current versions of EOS’s support pages, API documentation, and other pages on our website (collectively, “Documentation”). The most efficient way to get answers to your questions is to review our Documentation. If you still have questions after reviewing the Documentation, please contact us. You are solely responsible for providing support to Customers regarding Transaction receipts, product or service delivery, support, returns, refunds, and any other issues related to your products and services and business activities. We are not responsible for providing support for the Services to your Customers unless we agree to do so in a separate agreement with you or one of your Customers. 5. Taxes and Other Expenses Our fees are exclusive of any applicable Taxes, except as expressly stated to the contrary. You have sole responsibility and liability for: (i) determining what, if any, Taxes apply to the sale of your products and services, acceptance of donations, or payments you receive in connection with your use of the Services; and (ii) assessing, collecting, reporting, and remitting Taxes for your business to the appropriate tax and revenue authorities. If we are required to withhold any Taxes, or we are unable to validate any tax-related identification information you provide to us, we may deduct such Taxes from amounts otherwise owed and pay them to the appropriate taxing authority. If you are exempt from payment of such Taxes, you must provide us with an original certificate that satisfies applicable legal requirements attesting to your tax-exempt status. Upon our reasonable request, you must provide us with information regarding your tax affairs. We may send documents to you and tax authorities for Transactions processed using the Services. Specifically, pursuant to applicable Law, we may be required to file periodic informational return with taxing authorities in relation to your use of the Services. If you use Payment Processing Services, you acknowledge that we will report the total amount of payments you receive each calendar year as required by the Internal Revenue Service. We also may, but are not obliged to, electronically send you tax-related information. 6. Service Requirements, Limitations and Restrictions a. Compliance with Applicable Laws: You must use the Services in a lawful manner, and must obey all laws, rules, and regulations (“Laws”) applicable to your use of the Services and to Transactions. As applicable, this may include compliance with domestic and international Laws related to the use or provision of financial services, notification and consumer protection, unfair competition, privacy, and false advertising, and any other Laws relevant to Transactions. b. Restricted Businesses and Activities: You may not use the Services to enable any person (including you) to benefit from any activities EOS has identified as a restricted business or activity (collectively, “Restricted Businesses”). Restricted Businesses include use of the Services in or for the benefit of a country, organization, entity, or person embargoed or blocked by any government, including those on sanctions lists identified by Malaysia. Please review the list of Restricted Businesses thoroughly before registering for and opening an EOS Account. If you are uncertain whether a category of business or activity is restricted or have questions about how these restrictions apply to you, please contact us. We may add to or update the Restricted Business List at any time. c. Other Restricted Activities: You may not use the Services to facilitate illegal Transactions or to permit others to use the Services for personal, family or household purposes. In addition, you may not allow, and may not allow others to: (i) access or attempt to access non-public EOS systems, programs, data, or services; (ii) copy, reproduce, republish, upload, post, transmit, resell, or distribute in any way, any data, content, or any part of the Services, Documentation, or our website except as expressly permitted by applicable Laws; (iii) act as service bureau or pass-through agent for the Services with no added value to Customers; (iv) transfer any rights granted to you under this Agreement; (v) work around any of the technical limitations of the Services or enable functionality that is disabled or prohibited; (vi) reverse engineer or attempt to reverse engineer the Services except as expressly permitted by Laws; (vii) perform or attempt to perform any actions that would interfere with the normal operation of the Services or affect use of the Services by our other users; or (ix) impose an unreasonable or disproportionately large load on the Service. 7. Suspicion of Unauthorized or Illegal Use We may refuse, condition, or suspend any Transactions that we believe: (i) may violate this Agreement or other agreements you may have with EOS; (ii) are unauthorized, fraudulent or illegal; or (iii) expose you, EOS, or others to risks unacceptable to EOS. If we suspect or know that you are using or have used the Services for unauthorized, fraudulent, or illegal purposes, we may share any information related to such activity with the appropriate financial institution, regulatory authority, or law enforcement agency consistent with our legal obligations. This information may include information about you, your EOS Account, your Customers, and Transactions made through your use of the Services. b. Methods of Delivery: You agree that EOS can provide Notices regarding the Services to you through our website or through the Dashboard (as defined below), or by mailing Notices to the email or physical addresses identified in your EOS Account. Notices may include notifications about your EOS Account, changes to the Services, or other information we are required to provide to you. You also agree that electronic delivery of a Notice has the same legal effect as if we provided you with a physical copy. We will consider a Notice to have been received by you within 24 hours of the time a Notice is either posted to our website or emailed to you. c. Requirements for Delivery: It should come as no surprise to you that you will need a computer or mobile device, Internet connectivity, and an updated browser to access your Dashboard and review the Notices provided to you. If you are having problems viewing or accessing any Notices, please contact us and we can find another means of delivery. d. Withdrawing Consent: Due to the nature of the Services, you will not be able to begin using the Services without agreeing to electronic delivery of Notices. However, you may choose to withdraw your consent to receive Notices electronically by terminating your EOS Account. 8. Termination a. Term and Termination: This Agreement is effective upon the date you first access or use the Services and continues until terminated by you or EOS. You may terminate this Agreement by contacting us. If you use the Services again or register for another EOS Account, you are consenting to this Agreement. We may terminate this Agreement or close your EOS Account at any time for any reason (including, without limitation, for any activity that may create harm or loss to the goodwill of a Payment Method). Where applicable Law requires advance notice of termination to be provided, we will, prior to termination, provide you with the required advance notice of termination. We may suspend your EOS Account and your ability to access funds in your EOS Account, or terminate this Agreement, if (i) we determine in our sole discretion that you are ineligible for the Services because of significant fraud or credit risk, or any other risks associated with your EOS Account; (ii) you use the Services in a prohibited manner or otherwise do not comply with any of the provisions of this Agreement; (iii) any Law, Payment Method Provider or Payment Method Acquirer requires us to do so; or (iv) we are otherwise entitled to do so under this Agreement. A Payment Method Provider or Payment Method Acquirer may terminate your ability to accept its Payment Method, at any time and for any reason, in which case you will no longer be able to accept the Payment Method under this Agreement. b. Effects of Termination: Termination does not immediately relieve you of obligations incurred by you under this Agreement. Upon termination, you agree to (i) complete all pending Transactions, (ii) stop accepting new Transactions, and (iii) immediately remove all EOS and payment network logos from your website (unless permitted under a separate license with the payment network). Your continued or renewed use of the Services after all pending Transactions have been processed serves to renew your consent to the terms of this Agreement. If you terminate this Agreement, we will pay out any remaining funds owed to you in accordance with Section C. In addition, upon termination you understand and agree that (i) all licenses granted to you by EOS under this Agreement will end; (ii) subject to Section D.5, we reserve the right (but have no obligation) to delete all of your information and account data stored on our servers; (iii) we will not be liable to you for compensation, reimbursement, or damages related to your use of the Services, or any termination or suspension of the Services or deletion of your information or account data; and (iv) you are still liable to us for any Fees or fines, or other financial obligation incurred by you or through your use of the Services prior to termination.

Section B: EOS Technology

1. API and Dashboard EOS has developed and provides access to the API that may be used to access the Services. You may use the API solely as described in the Documentation to use the Services on websites and through the applications identified in your EOS Account. You may manage your EOS Account, connect with other service providers, and enable additional features through the EOS management dashboard (“Dashboard”). EOS will use the Dashboard to provide you with information about your EOS Account. EOS will also provide you with access to monthly summary reports which will include all your EOS Account activity, grouped by month, up to the most recent full day. The information may be provided in your language, and if not, it will be provided in English. You may not use the API for any purpose, function, or feature not described in the Documentation or otherwise communicated to you by us. Due to the nature of the Services, we will update the API and Documentation from time to time, and may add or remove functionality. We will provide you Notice in the event of material changes, deprecations, or removal of functionality from the API so that you may continue using the Services with minimal interruption. We will make publishable and secret API keys for live and test Transactions available to you upon request. Publishable keys identify Transactions with your Customers, and secret keys permit any API call to your EOS Account. You are responsible for securing your secret keys — do not publish or share them with any unauthorized persons. Failure to secure your secret keys will increase the likelihood of fraud on your EOS Account and potential losses to you or your Customers. You should contact us immediately if you become aware of any unauthorized use of your secret key or any other breach of security regarding the Services. We provide more details on proper use of publishable and secret API keys in the Documentation. Information on securing your EOS Account is available in Section D. 2. Ownership of EOS IP As between you and EOS, EOS and its licensors exclusively own all rights, title, and interest in the patents, copyrights (including rights in derivative works), moral rights, rights of publicity, trademarks or service marks, logos and designs, trade secrets, and other intellectual property embodied by, or contained in the API, Services, Dashboard, and Documentation (collectively, “EOS IP”) or any copies thereof. EOS IP is protected by copyright, trade secret, patent, and other intellectual property Laws, and all rights in EOS IP not expressly granted to you in this Agreement are reserved. You may choose to, or we may invite you to submit comments or ideas about improvements to the Service, our API, our platform, or any other component of our products or services (“Ideas”). If you submit an Idea to us, we will presume that your submission was voluntary, unsolicited by us, and delivered to us without any restrictions on our use of the Idea. You also agree that EOS has no fiduciary or any other obligation to you in connection with any Idea you submit to us, and that we are free to use your Ideas without any attribution or compensation to you. 3. License You are granted a nonexclusive and non-transferable license to electronically access and use the EOS IP only in the manner described in this Agreement. EOS does not sell to you, and you do not have the right to sublicense the EOS IP. We may make updates to the EOS IP or new Services available to you automatically as electronically published by EOS, but we may require action on your part before you may use the EOS IP or new Services (including activation through the Dashboard, or acceptance of new or additional terms). EOS may revoke or terminate this licence at any time if you use EOS IP in a manner prohibited by this Agreement. You may not: (i) claim or register ownership of EOS IP on your behalf or on behalf of others; (ii) sublicense any rights in EOS IP granted by us; (iii) import or export any EOS IP to a person or country in violation of any country’s export control Laws; (iv) use EOS IP in a manner that violates this Agreement or Laws; or (v) attempt to do any of the foregoing. 4. EOS Marks; References to Our Relationship We may make certain EOS logos or marks (“EOS Marks”) available for use by you and other users to allow you to identify EOS as a service provider. To use EOS Marks, you must first agree to the EOS Marks Usage Agreement. EOS may limit or revoke your ability to use EOS Marks at any time. You may never use any EOS Marks or EOS IP consisting of trademarks or service marks without our express permission, or in a manner that may lead people to confuse the origin of your products or services with ours. During the term of this Agreement, you may publicly identify us as the provider of the Services to you and we may publicly identify you as an EOS user. If you do not want us to identify you as a user, please contact us. Neither you nor we will imply any untrue sponsorship, endorsement, or affiliation between you and EOS. Upon termination of your EOS Account, both you and EOS will remove any public references to our relationship from our respective websites. 5. Content a. You may use the Services to upload or publish text, images, and other content (collectively, “Content”) to your EOS Account and to third-party sites or applications but only if you agree to obtain the appropriate permissions and, if required, licenses to upload or publish any such Content using the Services. You agree to fully reimburse EOS for all fees, fines, losses, claims, and any other costs we may incur that arise from Content that you publish or upload through the Services, or claims that Content you publish or upload infringes the intellectual property, privacy, or other proprietary rights of others. b. EOS Billing: EOS Billing enables you to use the Payment Processing Services to receive recurring or subscription payments from your Customers, and to issue invoices to your Customers. If you use the Payment Processing Services to submit recurring or subscription Charges, you agree to comply with applicable Laws and Payment Method Rules, including clearly informing Customers in advance of submitting the initial Charge that they will be charged on an ongoing basis and explaining the method for unsubscribing or cancelling their recurring billing or subscription. If you use the Payment Processing Services to issue invoices to your Customers, you understand and agree that it is your responsibility to ensure that the form and content of the invoices comply with applicable Laws, and are sufficient to achieve any legal or tax effect that you are trying to achieve. Subject to any applicable laws and regulations which cannot be excluded, and to the maximum extent permitted by law, EOS will not be liable to you or any third parties for any loss suffered or incurred by you or any third party in the event that an invoice template provided to you by EOS does not comply with any laws or regulations that may apply to you or any third party, including any omission of information required to be included as a matter of law or regulation (whether or not such information has been prompted for inclusion by the template). We may also provide you access to services identified as “beta” or pre-release services. You understand that these services are still in development, may contain bugs or errors, may be feature incomplete, may materially change prior to a full commercial launch, or may never be released commercially. We provide beta services AS IS, and without warranty of any kind, and your use of, or reliance on beta services is at your own risk.

Section C: Payment Processing Services

1. Payment Processing Services Overview EOS works with various EOS affiliates, Payment Method Providers and Payment Method Acquirers to provide you with access to the Payment Methods and Payment Processing Services. Where the Payment Processing Services enable you to submit Charges (as defined below), we may limit or refuse to process Charges for any Restricted Businesses, or for Charges submitted in violation of this Agreement. Your use of a Payment Method may be subject to separate terms applicable to the Payment Method. See Section C.5 and Sections C.6 below for more detail. The following terms used in this Agreement relate to your use of Payment Processing Services: “Charge” means a credit or debit instruction to capture funds from an account that a Customer maintains with a bank or other financial institution in connection with a Transaction. “Dispute” means an instruction initiated by a Customer for the return of funds for an existing Charge (including a chargeback or dispute on a payment card network). “Fine” means any fines, levies, or other charges imposed by us, a Payment Method Provider or a Payment Method Acquirer, caused by your violation of Laws or this Agreement, or as permitted by the applicable Payment Method Rules. “Payment Method” means a type of payment method that EOS accepts as part of the Payment Processing Services, such as credit and debit cards, or e-wallets. “Payment Method Rules” means the guidelines, bylaws, rules, and regulations imposed by the Payment Method Providers and Payment Method Acquirers that operate Payment Methods supported by EOS (including the payment card network operating rules (“Network Rules”) for the Visa, Mastercard, and MyDebit networks. “Payment Method Acquirer” means an entity that is authorized by a Payment Method Provider to enable the use of a Payment Method by accepting Charges from Customers on behalf of the Payment Method Provider, and routing these Charges to the Payment Method Provider. EOS or an EOS affiliate may be the Payment Method Acquirer for a Payment Method. “Payment Method Provider” means the provider of a Payment Method, such as Visa, Mastercard, and MyDebit “Payment Processing Services” are Services that you may use to accept payments from your Customers for Transactions, perform other financial transactions, manage subscriptions, and perform transaction reporting. “Refund” means an instruction initiated by you to return funds to a Customer for an existing Charge. “Return” means an instruction initiated by you, a Customer, a Payment Method Provider or a Payment Method Acquirer to return funds unrelated to an existing Charge. “Reversal” means an instruction initiated by a Payment Method Provider, a Payment Method Acquirer or us to return funds for an existing Charge. Reversals may result from (i) invalidation of a charge by a Payment Method Provider or a Payment Method Acquirer; (ii) funds settled to you in error or without authorization; and (iii) submission of a Charge in violation of the applicable Payment Method Rules, or where submission of the Charge or your use of Payment Processing Services violates this Agreement. 2. Registering for Use of Payment Processing Services When you enter into an Agreement with EOS, you may be asked for financial information, or information we use to identify you, your Representatives, principals, beneficial owners, and other individuals associated with your EOS Account. Throughout the term of this Agreement, we may share information about your EOS Account with Payment Method Providers and Payment Method Acquirers in order to verify your eligibility to use the Payment Processing Services, establish any necessary accounts or credit with Payment Method Providers and Payment Method Acquirers, monitor Charges and other activity, and conduct risk management and compliance reviews. We may also share your Data (as that term is defined below) with Payment Method Providers and Payment Method Acquirers for the purpose of facilitating the compliance of EOS, the Payment Method Providers, and the Payment Method Acquirers with applicable Laws and Payment Method Rules. We will review and may conduct further intermittent reviews of your EOS Account information to determine that you are eligible to use the Payment Processing Services. EOS’s use of the information you provide to us under this Agreement is described in more detail in Section D. EOS is not a bank and we do not accept deposits, provide loans or extend credit. If you accept payment for products or services (including events such as concerts or other performances) not immediately deliverable to the Customer (a “Pre-order”), we may, in our sole discretion, initiate Reversals or hold Reserves for all or a portion of the Charges processed by us for a Pre-order. If you would like to receive payment for a Pre-order, please contact us before doing so. EOS does not offer banking or remittance services regulated by Bank Negara Malaysia. 3. Processing Transactions; Disputes, Refunds, Reversals You may only submit Charges through the Payment Processing Services that are authorized by your Customers. To enable us to process Transactions for you, you authorize and direct us, our affiliates, the Payment Method Providers and Payment Method Acquirers to receive and settle any payment processing proceeds owed to you through the Payment Processing Services. You may not, other than as required by the Financial Services Terms or Payment Terms (each as defined below), grant or assign any interest in payment processing proceeds to any third party until such time as the payment processing proceeds are deposited into your Pay-out Account (as defined below). We will promptly update your EOS Account balance to reflect any such proceeds that we receive on your behalf. Except where EOS and a Customer have otherwise agreed, you maintain the direct relationship with your Customers and are responsible for: (i) acquiring appropriate consent to submit Charges through the Payment Processing Services on their behalf; (ii) providing confirmation or receipts to Customers for each Charge; (iii) verifying Customers’ identities; and (iv) determining a Customer’s eligibility and authority to complete Transactions. However, even authorized Transactions may be subject to a Dispute. EOS is not responsible for or liable to you for authorized and completed Charges that are later the subject of a Dispute, Refund, or Reversal, are submitted without authorization or in error, or violate any Laws. You are immediately responsible to us for all Disputes, Refunds, Reversals, Returns, or Fines regardless of the reason or timing. We may decline to act upon a Refund instruction, or delay execution of the instruction, if: (i) it would cause your EOS Account balance to become negative; (ii) you are the subject of Bankruptcy Proceedings; or (iii) where we otherwise believe that there is a risk that you will not meet your liabilities under this Agreement (including with respect to the Charge that is the subject of the Refund instruction). In many but not all cases, you may have the ability to challenge a Dispute by submitting evidence through the API or the Dashboard. We may request additional information to provide to Payment Method Providers and Payment Method Acquirers to assist you in contesting the Dispute, but we cannot guarantee that your challenge will be successful. Payment Method Providers and Payment Method Acquirers may deny your challenge for any reason they deem appropriate. Where a challenge is entirely or partially successful, your EOS Account will, subject to our exercise of our rights under Section C.9 below, be credited with the funds associated with the Charge that is the subject of the Dispute (or a portion thereof). You may not submit a new Charge which duplicates a Transaction that is subject to a Dispute. Please keep in mind that, as explained in Section D.3, you are liable for all losses you incur when lost or stolen payment credentials or accounts are used to purchase products or services from you. EOS does not and will not insure you against losses caused by fraud under any circumstances. For example, if someone pretends to be a legitimate buyer but is a fraudster, you will be responsible for any resulting costs, including Disputes, even if you do not recover the fraudulently purchased product. Even if we work with you to assist you or law enforcement in recovering lost funds, EOS is not liable to you, or responsible for your financial losses or any other consequences of such fraud. We provide the Security Controls described in this Section D.3 to help you mitigate the risk of fraud losses on your EOS Account, and we strongly encourage you to review and use the Security Controls appropriate for your business. A Reversal for a Charge may be issued if the Charge is made without the account owner’s authorization or in connection with a Restricted Business, violates the applicable Payment Method Rules, or for other applicable reasons. If a Reversal is issued, we will provide you Notice and a description of the cause of the Reversal. 4. Responsibilities and Disclosures to Your Customers It is very important to us that your Customers understand the purpose, amount, and conditions of Charges you submit to us. With that in mind, when using the Payment Processing Services you agree to: (i) accurately communicate, and not misrepresent, the nature of the Transaction, and the amount of the Charge in the appropriate currency prior to submitting it to the API; (ii) provide a receipt that accurately describes each Transaction to Customers; (iii) provide Customers a meaningful way to contact you in the event that the product or service is not provided as described; (iv) not use Services to sell products or services in a manner that is unfair or deceptive, exposes Customers to unreasonable risks, or does not disclose material terms of a purchase in advance; and (v) inform Customers that EOS and its affiliates process Transactions (including payment Transactions) for you. You also agree to maintain and make available to your Customers a fair and neutral return, refund, cancellation, or adjustment policy, and clearly explain the process by which Customers can receive a Refund. If you engage in Transactions with Customers who are individuals (i.e. consumers), you specifically agree to provide consumers disclosures required by Law. 5. Payment Terms and Financial Services Terms Your use of the Payment Processing Services is subject to additional terms that apply between you and one or more of EOS, an EOS affiliate, and a Payment Method Provider. When these additional terms relate to a specific Payment Method they are “Payment Terms”, and when they relate to specific Payment Processing Services they are “Financial Services Terms”. By using the Payment Processing Services, you agree to the applicable Payment Terms and Financial Services Terms (as set out on our legal page), including those that separately bind you with our affiliates, Payment Method Providers and/or Payment Method Acquirers. Additionally, a Payment Method Provider may enforce the terms of this Agreement directly against you. You authorise us to instruct our financial services providers to hold, receive, and disburse funds on your behalf; and to instruct such financial services providers as to how and when funds are transferred to you. You also authorise us to designate which financial services providers may hold settlement funds, on deposit and in trust, pending transfer of funds to you in accordance with the terms of this Agreement. A clearing account through which funds are settled will be maintained by a financial services provider, and transfers to you from this account will be a full and final payment by the financial services provider to you. We may add or remove Payment Method Providers and Payment Method Acquirers at any time. The Payment Terms and Financial Services Terms may also be amended from time to time. Your continuing use of the Payment Processing Services constitutes your consent and agreement to such additions, removals and amendments. 6. Specific Payment Methods a. Payment Cards: When accepting payment card payments, you must comply with all applicable Network Rules, including, but not limited to, the Network Rules specified by the Visa Rules and Regulations Rules specified by Visa U.S.A., Inc. and Visa International (“Visa”), the MasterCard Rules specified by MasterCard International Incorporated (“Mastercard”). Collectively, Visa, MasterCard and MyDebit are referred to in this Agreement as the “Networks”. The Network Rules state that you may only accept payments using payment cards for bona fide legal commercial transactions between you and your Customers for goods or services that are free of liens, claims, and encumbrances. You may only use payment network trademarks or service marks consistent with the Network Rules, and the Network Rules also limit your ability to discriminate by card type or charge surcharges for acceptance of payment cards. The Networks may amend the Network Rules at any time without notice to you, and EOS reserves the right to change the Payment Processing Services at any time to comply with the Network Rules. We may share with the Networks (and the Payment Method Acquirer) information you provide to us that we use to identify the nature of your products or services, including the assignment of your business activities to a particular payment network merchant category code (MCC). Customers typically raise payment card network Disputes (also known as “chargebacks”) when a merchant fails to provide the product or service to the Customer, or where the payment card account holder did not authorize the Charge. High Dispute rates (typically those exceeding 1%) may result in your inability to use the Payment Processing Services. Failure to timely and effectively manage Disputes with your Customers may ultimately result in your inability to accept payment cards for your business. When you accept payment card Transactions, Network Rules specifically prohibit you from (i) providing cash refunds for a Charge on a credit card, unless required by Laws, (ii) initiating a Refund more than five calendar days after issuing a credit to your Customer, (iii) accepting cash, its equivalent, or any other item of value for a Refund, (iv) acting as a payment facilitator, intermediary or aggregator, or otherwise reselling Payment Processing Services on behalf of others, (v) submitting what you believe or know to be a fraudulent Charge or a Charge that has not been authorized by the cardholder, (vi) submitting a Charge where the Transaction has not been completed or the goods or services have not been shipped or provided (except where the cardholder has paid a partial or full prepayment or the cardholder’s consent is obtained for a recurring transaction), (vii) splitting Transactions into multiple Charges unless certain criteria are met, or (viii) using Payment Processing Services in a manner that is an abuse of the payment card networks or a violation of the Network Rules. If you misuse the Payment Processing Services for payment card Transactions or engage in activity the Networks identify as damaging to their brand, or if we are required to do so by the Network Rules, we may submit information about you, Representatives, your beneficial owners and principals, and other individuals associated with your EOS Account, to the MATCH terminated merchant listing maintained by Mastercard and accessed and updated by Visa Addition to one of these lists may result in your inability to accept payments from payment cards. You understand and consent to our sharing this information and to the listing itself, and you will fully reimburse us for any losses we incur from third-party claims, and you waive your rights to bring any direct claims against us that result from such reporting. Our reporting of information under this paragraph is separate from any other right that we may exercise under this Agreement, and we may separately terminate this Agreement or suspend your EOS Account due to the misuse or damaging activity that caused us to make the report. If you engage a third-party processor to create and deliver a payment card transaction directly to the payment card network, then you may be able to specify that the transaction will be cleared and settled by EOS via our Payment Processing Services. If you intend to make use of this service with respect to the EOS Payment Processing Services, you first must notify us. If you engage a third party to deliver this service, and you are permitted to designate EOS in this manner, then you take the risk of the third party properly delivering the transaction to the payment card network. You understand and agree that EOS will only clear and settle to you funds for transactions that are actually received by the payment card network. You further assume responsibility for any failure by such third party to comply with the applicable Network Rules. 7. Settlement and Pay-out Schedule a. Your Pay-out Account: EOS will, with its banking partners, arrange to settle funds to the bank or other financial institution account that you designate (your “Pay-out Account”). You affirm that you are authorized to initiate settlements to and debits from the Pay-out Account, and that the Pay-out Account is owned by you, and preferably managed by a financial institution based in Malaysia. If you update your Pay-out Account (including via the Dashboard) then you must ensure that you continue to comply with the requirements of this section. We may require you to provide us with documentary proof demonstrating your compliance with this section, and your failure to provide such proof will constitute a breach of this Agreement. b. Settlement to Your Pay-out Account: A positive balance in your EOS Account will result in settlement to your Pay-out Account and a negative balance in your EOS Account will result in a deduction, set-off and/or debit of the amounts owed in accordance with Section C.9 below. We may reduce the amount settled to your Pay-out Account by the amount of Fees, Fines, and amounts owed to us for any reason. c. Multi-currency Processing. We may offer you the ability to have funds settled to your Pay-out Account in a currency different from the one in which you accepted payment from a customer (“Multi-Currency Processing”). To use this service, you must provide us with a valid Pay-out Account for each currency for which you request settlement, based on our list of available settlement currencies. We may add or remove currencies from our list of available settlement currencies at any time. If you use Multi-Currency Processing, we will identify at the time of the Charge (for example, through the API), the conversion rate that will apply to the Charge. If you Refund a Charge, the conversion rate that will apply will be the rate in effect at the time of the Refund, not the Charge. By submitting a Charge or Refund you will be deemed to have accepted the applicable conversion rate. You may choose not to use the Multi-Currency Processing service at any time. You may also change the Pay-out Account information or other settings associated with your use of Multi-Currency Processing, but any such changes will only affect subsequent Charges. d. Pay-out Schedule: The term “Pay-out Schedule” refers to the time it takes for us to initiate settlement to your Pay-out Account. Your Pay-out Schedule is specified in the Dashboard. EOS may require a holding period before making initial settlement to the Pay-out Account. After the initial settlement of funds, we will settle funds to the Pay-out Account according to the Pay-out Schedule; however, please be aware that a Payment Method Provider, a Payment Method Acquirer, or the financial institution holding your Pay-out Account, may delay settlement for any reason. We are not responsible for any action taken by the institution holding your Pay-out Account to not credit the Pay-out Account or to otherwise not make funds available to you as you expected. We reserve the right to change the Pay-out Schedule or to suspend settlement to you. Examples of situations where we may do so are: (i) where there are pending, anticipated, or excessive Disputes, Refunds, or Reversals; (ii) in the event that we suspect or become aware of suspicious activity; or (iii) where we are required by Law or court order. We have the right to withhold settlement to your Pay-out Account upon termination of this Agreement if we reasonably determine that we may incur losses resulting from credit, fraud, or other legal risks associated with your EOS Account. If we exercise our right to withhold a Pay-out for any reason, we will communicate the general reason for withholding the Pay-out and give you a timeline for releasing the funds. e. Incorrect Settlement: The information required for settlement will depend on the financial institution holding the Pay-out Account. Please make sure that any information about the Pay-out Accounts that you provide to us is accurate and complete. If you provide us with incorrect information (i) you understand that funds may be settled to the wrong account and that we may not be able to recover the funds from such incorrect transactions and (ii) you agree that you are solely responsible for any losses you or third parties incur due to erroneous settlement transactions, you will not make any claims against us related to such erroneous settlement transactions, and you will fully reimburse us for any losses we incur. 8. Clearing Funds and Reserves All funds resulting from Charges are held in pooled clearing accounts (the “Clearing Accounts”) with our banking partners. We will settle funds to and from the Clearing Accounts in the manner described in this Agreement; however, you have no rights to the Clearing Accounts or to any funds held in the Clearing Accounts, you are not entitled to draw funds from the Clearing Accounts, and you will not receive interest from funds maintained in the Clearing Accounts. Funds in the Clearing Accounts are safeguarded in accordance with our statutory obligations. In certain circumstances, we may require you to place funds in reserve or to impose conditions on the release of funds (each a “Reserve”). We may impose a Reserve on you for any reason if we determine that the risk of loss to EOS, Customers, or others associated with your EOS Account is higher than normal. For example, we may hold a Reserve if: (i) your or your Customers’ activities increase the risk of loss to us or to your Customers, (ii) you have violated or are likely to violate this Agreement, or (iii) your EOS Account has an elevated or abnormally high number of Disputes. If we impose a Reserve, we will establish the terms of the Reserve and provide you Notice of the amount, timing, and conditions upon which the funds in the Reserve will be released to you. In many cases, the Reserve amount will be the entire amount of Charges processed using the Payment Processing Services. We may change or condition the terms of the Reserve based on our continuous assessment and understanding of the risks associated with your EOS Account, if required to do so by Payment Method Providers or Payment Method Acquirers, or for any other reason. We may fund the Reserve with funds processed through your use of Payment Processing Services, by debiting the Pay-out Account or another bank account associated with your EOS Account, or by requesting funds directly from you. To the extent possible, we prefer to identify the necessity for a Reserve in advance of establishing one. If you are concerned that we will impose a Reserve on you due to the nature of your business activities, please contact us before using the Services. 9. Security Interests, Collection, and Set-Off Rights a. Security Interests: You grant us a lien and security interest in all funds for Transactions that we process for you, including funds that we deposit into your Pay-out Accounts, as well as funds held in any other bank accounts to which such Transaction funds are deposited or transferred. This means that if you have not paid funds that you owe to us, your Customers, or to any of our affiliates, we have a right superior to the rights of any of your other creditors to seize or withhold funds owed to you for Transactions that we process through the Services, and to debit or withdraw funds from any bank account associated with your EOS Account (including your Pay-out Accounts). Upon our request, you will execute and deliver any documents and pay any associated fees we consider necessary to create, perfect, and maintain a security interest in such funds. b. Collection and Set-Off Rights: You agree to pay all amounts owed to us and to our affiliates on demand. Your failure to pay amounts owed to us or to our affiliates under this Agreement is a breach and you will be liable for any costs we incur during collection in addition to the amount you owe. Collection costs may include, attorneys’ fees and expenses, costs of any arbitration or court proceeding, collection agency fees, any applicable interest, and any other related cost. Where possible, we will first attempt to collect or set-off amounts owed to us and to or affiliates from balances in your EOS Accounts from your use of the Payment Processing Services or from funds that we hold in Reserve. However, we may collect any amounts you owe us under this Agreement by deducting or setting-off amounts that you owe from the EOS account balance (or debiting the pay-out account for such EOS account) for any EOS account that we determine, acting reasonably, is associated with your EOS Account. Similarly, we may deduct or set-off amounts from your EOS Account balance (or debit your Pay-out Accounts) in order to collect amounts owed to us in relation to such associated EOS accounts. In certain circumstances, we may require a personal, parent or other guarantee (a “Guarantee”) from a user’s principal, owner, or other guarantor. A Guarantee consists of a legally binding promise by an individual or an entity to pay any amounts the user owes in the event that the user is unable to pay. If we require you to provide us with a Guarantee, we will specifically inform you of the amount of, and the reasons for the Guarantee. If you are unable to provide such a Guarantee when required, you will not be permitted to use the Services. 10. Reconciliation and Error Notification The Dashboard contains details of Charges, Charge history, and other activity on your EOS Account. Except as required by Law, you are solely responsible for reconciling the information in the Dashboard generated by your use of Payment Processing Services with your records of Customer Transactions, and for identifying any errors. You agree to review your EOS Account and immediately notify us of any errors. We will investigate any reported errors, including any errors made by EOS or a Payment Method Provider, and, when appropriate, attempt to rectify them by crediting or debiting the Pay-out Account identified in the Dashboard. However, you should be aware that your ability to recover funds you have lost due to an error may be very limited or even impossible, particularly if we did not cause the error, or if funds are no longer available in any Pay-out Account. For Transaction errors, we will work with you and our Payment Method Providers to correct a Transaction error in accordance with the applicable Payment Method Rules. If you fail to communicate a Transaction error to us for our review without undue delay and, in any event, within 60 days after you discovered it and flagged it in the Dashboard, you waive your right to make any claim against us or our Payment Method Providers for any amounts associated with the error. 11. Dormant Accounts If you leave any funds dormant in an EOS Account and you do not give us instructions where to send them, we may be required by Law to deem the funds to be abandoned by you, and to deliver them to various government agencies. To the extent required by Law, we will attempt to provide you Notice if we hold funds payable to you in an account beyond the applicable dormancy period for abandoned property. If we are unable to contact you, we will treat the funds in your EOS Account to be abandoned, and will deliver them to the appropriate government authority.

Section D: Data Usage, Privacy, and Security

1. Data Usage Overview Protecting, securing, and maintaining the information processed and handled through the Services is one of our top priorities, and it should be yours too. This section describes our respective obligations when handling and storing information connected with the Services. The following terms used in this section relate to data provided to EOS by you or your Customers, or received or accessed by you through your use of the Services: “Payment Account Details” means the Payment Method account details for a Customer, and includes, with respect to credit and debit cards, the cardholder’s account number, card expiration date, and CVV2. “Payment Data” means Payment Account Details, information communicated to or by Payment Method Provider or Payment Method Acquirer, financial information specifically regulated by Laws and Payment Method Rules, and any other information used with the Payment Processing Services to complete a Transaction. “Personal Data” means information that identifies a specific living person (not a company, legal entity, or machine) and is transmitted to or accessible through the Services. “EOS Data” means details of the API transactions over EOS infrastructure, information used in fraud detection and analysis, aggregated or anonymized information generated from Data, and any other information created by or originating from EOS or the Services. “User Data” means information that describes your business and its operations, your products or services, and orders placed by Customers. The term “Data” used without a modifier means all Personal Data, User Data, Payment Data, and EOS Data. EOS processes, analyses, and manages Data to: (a) provide Services to you, other EOS users, and Customers; (b) mitigate fraud, financial loss, or other harm to users, Customers and EOS; and (c) analyse, develop and improve our products, systems, and tools. EOS provides Data to third-party service providers, including Payment Method Providers, Payment Method Acquirers, and their respective affiliates, as well as to EOS’s affiliates, to allow us to provide Services to you and other users. We do not provide Personal Data to unaffiliated parties for marketing their products to you. You understand and consent to EOS’s use of Data for the purposes and in a manner consistent with this Section D. 2. Data Protection and Privacy a. Confidentiality: EOS will only use User Data as permitted by this Agreement, by other agreements between you and us, or as otherwise directed or authorized by you. You will protect all Data you receive through the Services, and you may not disclose or distribute any such Data, and you will only use such Data in conjunction with the Services and as permitted by this Agreement or by other agreements between you and us. Neither party may use any Personal Data to market to Customers unless it has received the express consent from a specific Customer to do so. You may not disclose Payment Data to others except in connection with processing Transactions requested by Customers and consistent with applicable Laws and Payment Method Rules. b. Privacy: Protection of Personal Data is very important to us. Our Privacy Policy explains how and for what purposes we collect, use, retain, disclose, and safeguard the Personal Data you provide to us. You agree to the terms of our Privacy Policy, which we update from time to time. You affirm that you are now and will continue to be compliant with all applicable Laws governing the privacy, protection, and your use of Data that you provide to us or access through your use of the Services. You also affirm that you have obtained all necessary rights and consents under applicable Laws to disclose to EOS – or allow EOS to collect, use, retain, and disclose – any Personal Data that you provide to us or authorize us to collect, including Data that we may collect directly from Customers using cookies or other similar means. As may be required by Law and in connection with this Agreement, you are solely responsible for disclosing to Customers that EOS processes Transactions (including payment Transactions) for you and may receive Personal Data from you. Additionally, where required by Law or Payment Method Rules, we may delete or disconnect a Customer’s Personal Data from your EOS Account when requested to do so by the Customer. EOS will provide some or all of the Service from systems located within Malaysia or other countries outside of Malaysia. As such, it is your obligation to disclose to your customers that Data may be transferred, processed and stored outside of Malaysia and, as set forth in our Privacy Policy, may be subject to disclosure as required by applicable Laws, and to obtain from your customers all necessary consents under applicable Laws in relation to the foregoing. If we become aware of an unauthorized acquisition, disclosure or loss of Customer Personal Data on our systems, we will notify you consistent with our obligations under applicable Law. We will also notify you and provide you sufficient information regarding the unauthorized acquisition, disclosure or loss to help you mitigate any negative impact on the Customer. c. PCI Compliance: If you use Payment Processing Services to accept payment card Transactions, you must comply with the Payment Card Industry Data Security Standards (“PCI-DSS”) and, if applicable to your business, the Payment Application Data Security Standards (PA-DSS) (collectively, the “PCI Standards”). The PCI Standards include requirements to maintain materials or records that contains payment card or Transaction data in a safe and secure manner with access limited to authorized personnel. EOS provides tools to simplify your compliance with the PCI Standards, but you must ensure that your business is compliant. The specific steps you will need to take to comply with the PCI Standards will depend on your implementation of the Payment Processing Services. You can find more information about implementing EOS in a manner compliant with the PCI Standards in our Documentation. You will promptly provide us, or any applicable Payment Method Provider or Payment Method Acquirer, with documentation demonstrating your compliance with the PCI Standards upon our request. If you are unable to provide documentation sufficient to satisfy us, the Payment Method Providers, or their Payment Method Acquirers, that you are compliant with the PCI Standards, then EOS, and any applicable Payment Method Provider or Payment Method Acquirers, may access your business premises on reasonable notice to verify your compliance with the PCI Standards. If you elect to store or hold “Account Data”, as defined by the PCI Standards (including Customer card account number or expiration date), you must maintain a system that is compliant with the PCI Standards. If you do not comply with the PCI Standards, or if we or any Payment Method Provider or Payment Method Acquirer are unable to verify your compliance with the PCI Standards, we may suspend your EOS Account or terminate this Agreement. If you intend to use a third party service provider to store or transmit Account Data, you must not share any data with the service provider until you verify that the third party holds sufficient certifications under the PCI Standards, and notify us of your intention to share Account Data with the service provider. Further, you agree to never store or hold any “Sensitive Authentication Data”, as defined by the PCI Standards (including CVC or CVV2), at any time. You can find information about the PCI Standards on the PCI Council’s website. d. Data Processing. EOS will at all times comply with the provisions of applicable data protection law. If EOS processes any Personal Data on your behalf when performing our obligations under this Agreement, EOS and you both agree that it is intended that you shall be the data user and we shall be the data processor in relation to that data. We shall process the Personal Data only in accordance with the terms of this Agreement, and we will: (i) implement appropriate technical and organizational measures to protect the Personal Data that we process; and (ii) not retain Personal Data for longer than necessary in order to fulfil the purposes set out in this Agreement. As data processor, EOS may appoint sub-processors for parts of its processing of Personal Data, provided however, that the sub-processor assumes the same obligations as are imposed on EOS as data processor. You acknowledge that EOS is reliant on you for direction as to the extent to which we are entitled to use and process the Personal Data that you provide to us. Consequently, we will not be liable for any claim brought by a data subject arising from any action or omission by us, to the extent that such action or omission resulted from your instructions. e. Data Requests. We will notify you (within a reasonable time frame) if we receive a request from a person to have access to that person’s Personal Data, a complaint or request relating to your obligations under applicable data protection Laws, or any other communication relating directly to the processing of any Personal Data in connection with this Agreement. EOS will provide you with reasonable co-operation and assistance in relation to any complaint or request made in respect of any Personal Data processed by us on your behalf, including by providing you with details of the complaint or request, complying with any data subject access, rectification or deletion requests (within the relevant timescales set out in applicable data protection legislation) and providing you with any Personal Data we hold in relation to a person making a complaint or request (again, within a reasonable timescale). 3. Security and Fraud Controls a. EOS’s Security: EOS is responsible for protecting the security of Data in our possession. We will maintain commercially reasonable administrative, technical, and physical procedures to protect User Data and Personal Data stored in our servers from unauthorized access, accidental loss, modification, or breach, and we will comply with applicable Laws and Payment Method Rules when we handle User and Personal Data. However, no security system is impenetrable, and we cannot guarantee that unauthorized parties will never be able to defeat our security measures or misuse any Data in our possession. You provide User Data and Personal Data to EOS with the understanding that any security measures we provide may not be appropriate or adequate for your business, and you agree to implement Security Controls (as defined below) and any additional controls that meet your specific requirements. In our sole discretion, we may take any action, including suspension of your EOS Account, to maintain the integrity and security of the Services or Data, or to prevent harm to you, us, Customers, or others. You waive any right to make a claim against us for losses you incur that may result from such actions we may take to prevent such harm. b. Your Security: You are solely responsible for the security of any Data on your website, your servers, in your possession, or that you are otherwise authorized to access or handle. You will comply with applicable Laws and Payment Method Rules when handling or maintaining User Data and Personal Data, and will provide evidence of your compliance to us upon our request. If you do not provide evidence of such compliance to our satisfaction, we may suspend your EOS Account or terminate this Agreement. c. Security Controls: You are responsible for assessing the security requirements of your business, and selecting and implementing security procedures and controls (“Security Controls”) appropriate to mitigate your exposure to security incidents. We may provide Security Controls as part of the Services, or suggest that you implement specific Security Controls. However, your responsibility for securing your business is not diminished by any Security Controls that we provide or suggest, and if you believe that the Security Controls we provide are insufficient, then you must separately implement additional controls that meet your requirements. You may review some of the details of our Security Controls on our website. d. Fraud Risk: While we may provide or suggest Security Controls, we cannot guarantee that you or Customers will never become victims of fraud. Any Security Controls we provide or suggest may include processes or applications developed by EOS, its affiliates, or other companies. You agree to review all the Security Controls we suggest and choose those that are appropriate for your business to protect against unauthorized Transactions and, if appropriate for your business, independently implement other security procedures and controls not provided by us. If you disable or fail to properly use Security Controls, you will increase the likelihood of unauthorized Transactions, Disputes, fraud, losses, and other similar occurrences. The Payment Method Rules describe certain situations (e.g. where you have submitted a Transaction that fully complies with 3-D Secure specification) where you will not be held liable for unauthorized Transactions. However, if you do not fall within such a situation, you are solely responsible for losses you incur from the use of lost or stolen payment credentials or accounts by fraudsters who engage in fraudulent Transactions with you, including any related Disputes. We may assist you with recovering lost funds, but you are solely responsible for losses due to lost or stolen credentials or accounts, compromise of your username or password, changes to your Pay-out Account, and any other unauthorized use or modification of your EOS Account. EOS is not liable or responsible to you and you waive any right to bring a claim against us for any losses that result from the use of lost or stolen credentials or unauthorized use or modification of your EOS Account, unless such losses result from EOS’s wilful or intentional actions. Further, you will fully reimburse us for any losses we incur that result from the use of lost or stolen credentials or accounts. We may also provide you with Data regarding the possibility or likelihood that a Transaction may be fraudulent. We may incorporate any subsequent action or inaction by you into our fraud model, for the purpose of identifying future potential fraud. You understand that we provide this Data to you for your consideration, but that you are ultimately responsible for any actions you choose to take or not take in relation to such Data. 4. Provision of Payment Account Details upon Termination For 30 days after termination of your EOS Account, you may request in writing that we provide to an alternative payment services provider the Payment Account Details regarding Transactions between you and your Customers that you are entitled to receive. We may require you to provide evidence that the alternative payment services provider has appropriate systems and controls as a precondition to the provision of any Payment Account Details. In addition, for Payment Account Details regarding payment card transactions, the payment services provider must be a PCI-DSS Level 1-certified. Our obligation to comply with a request under this section is limited to the extent commercially reasonable, and we may delay or refuse any request if we believe the payment services provider you have identified does not have systems or controls in place that are sufficient to protect Payment Account Details, that the integrity of Payment Account Details may be compromised, or if Laws or Payment Method Rules prohibit us from providing the Payment Account Details.

Section E: Additional Legal Terms

1. Right to Amend We have the right to change or add to the terms of this Agreement at any time, solely with prospective effect, and to change, delete, discontinue, or impose conditions on use of the Services by posting such changes on our website or any other website we maintain or own. We will provide you with Notice of any changes through the Dashboard, via email, or other reasonable means. If you are an existing EOS user, the changes will come into effect 10 days after we post the changes to our website, and your use of the Services, API, or Data after we publish any such changes on our website, constitutes your acceptance of the terms of the modified Agreement. You can access a copy of the current terms of this Agreement on our website at any time. You can find out when this Agreement was last changed by checking the “Last updated” date at the top of the Agreement. If you do not accept a change to this Agreement, you must terminate the Agreement by contacting us before the change takes effect. 2. Assignment You may not assign this Agreement, any rights or licenses granted in this Agreement, or operation of your EOS Account to others without our prior written consent. If you wish to make such an assignment, please contact us. If we consent to the assignment, the assignee must agree to assume all of your rights and obligations owed by you related to the assignment, and must agree to comply with the terms of this Agreement. EOS may assign this Agreement without your consent or any other restriction. If we make an assignment, we will provide reasonable Notice to you. 3. Right to Audit If we believe that a security breach, leak, loss, or compromise of Data has occurred on your systems, website, or app affecting your compliance with this Agreement, we may require you to permit a third-party auditor approved by us to conduct a security audit of your systems and facilities, and you must fully cooperate with any requests for information or assistance that the auditor makes to you as part of the security audit. The auditor will issue a report to us which we may share with our Payment Method Providers and Payment Methods Acquirers. 4. No Agency; Third-Party Services Except as expressly stated in this Agreement, nothing in this Agreement serves to establish a partnership, joint venture, or other agency relationship between you and us, or with any Payment Method Provider. Each party to this Agreement, and each Payment Method Provider, is an independent contractor. Unless a Payment Method Provider expressly agrees, neither you nor we have the ability to bind a Payment Method Provider to any contract or obligation, and neither party will represent that you or we have such an ability. We may reference or provide access to third-party services, products, and promotions that utilize, integrate, or provide ancillary services to the Services (“Third-Party Services”). These Third-Party Services are provided for your convenience only and do not constitute our approval, endorsement, or recommendation of any such Third-Party Services for you. You access and use any Third-Party Service based on your own evaluation and at your own risk. You understand that your use of any Third-Party Service is not governed by this Agreement. If you decide to use a Third-Party Service, you will be responsible for reviewing, understanding and accepting the terms and conditions associated with its use. We expressly disclaim all responsibility and liability for your use of any Third-Party Service. Please also remember that when you use a Third-Party Service, our Privacy Policy is no longer in effect. Your use of a Third-Party Service, including those that have a link on our website, is subject to that Third-Party Service’s own terms of use and privacy policies. 5. Force Majeure Neither party will be liable for any delays in processing or other non-performance caused by telecommunications, utility, failures, or equipment failures; labour strife, riots, war, or terrorist attacks; non-performance of our vendors or suppliers, fires or acts of nature; or any other event over which the respective party has no reasonable control. However, nothing in this section will affect or excuse your liabilities or your obligation to pay Fees, Fines, Disputes, Refunds, Reversals, or Returns under this Agreement. 6. Your Liability for Third-Party Claims Against Us Without limiting, and in addition to, any other obligation that you may owe under this Agreement, you are at all times responsible for the acts and omissions of your employees, contractors and agents, to the extent such persons are acting within the scope of their relationship with you. You agree to defend EOS, our affiliates, and their respective employees, agents, and service providers (each a “EOS Entity”) against any claim, suit, demand, loss, liability, damage, action, or proceeding (each, a “Claim”) brought by a third party against an EOS Entity, and you agree to fully reimburse the EOS Entities for any Claims that results from: (i) your breach of any provision of this Agreement; (ii) any Fees, Fines, Disputes, Refunds, Reversals, Returns, or any other liability we incur that results from your use of the Payment Processing Services; (iii) negligent or wilful misconduct of your employees, contractors, or agents; or (iv) contractual or other relationships between you and Customers. Important Note for Sole Proprietors and Individual Traders: If you are using Services as a sole proprietor or individual trader, please keep in mind that the Law and the terms of this Agreement consider you and your business to be legally one and the same. You are personally responsible and liable for your use of the Services, payment of Fees, Refunds, Reversals, Fines, losses based on Disputes or fraud, or for any other amounts you owe under this Agreement for your failure to use Security Controls, and for all other obligations to us and to your Customers. You risk personal financial loss if you fail to pay any amounts owed. Please take the time to read our Documentation and take any measures appropriate to protect against such losses. 7. Representations and Warranties By accepting the terms of this Agreement, you represent and warrant that: (a) you are eligible to register and use the Services and have the authority to execute and perform the obligations required by this Agreement; (b) any information you provide us about your business, products, or services is accurate and complete; (c) any Charges represent a Transaction for permitted products, services, or donations, and any related information accurately describes the Transaction; (d) you will fulfil all of your obligations to Customers and will resolve all Disputes with them; (e) you will comply with all Laws applicable to your business and use of the Services; (f) your employees, contractors and agents will at all times act consistently with the terms of this Agreement; (g) you will not use Payment Processing Services for personal, family or household purposes, for peer-to-peer money transmission, or (except in the normal course of business) intercompany Transactions; and (h) you will not use the Services, directly or indirectly, for any fraudulent or illegal undertaking, or in any manner that interferes with the normal operation of the Services. 8. No Warranties WE PROVIDE THE SERVICES AND EOS IP “AS IS” AND “AS AVAILABLE”, WITHOUT ANY EXPRESS, IMPLIED, OR STATUTORY WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR ANY OTHER TYPE OF WARRANTY OR GUARANTEE. NO DATA, DOCUMENTATION OR ANY OTHER INFORMATION PROVIDED BY EOS OR OBTAINED BY YOU FROM OR THROUGH THE SERVICES – WHETHER FROM EOS OR ANOTHER EOS ENTITY, AND WHETHER ORAL OR WRITTEN – CREATES OR IMPLIES ANY WARRANTY FROM AN EOS ENTITY TO YOU. YOU AFFIRM THAT NO EOS ENTITY CONTROLS THE PRODUCTS OR SERVICES THAT YOU OFFER OR SELL OR THAT YOUR CUSTOMERS PURCHASE USING THE PAYMENT PROCESSING SERVICES. YOU UNDERSTAND THAT WE CANNOT GUARANTEE AND WE DISCLAIM ANY KNOWLEDGE THAT YOUR CUSTOMERS POSSESS THE AUTHORITY TO MAKE, OR WILL COMPLETE, ANY TRANSACTION. THE EOS ENTITIES DISCLAIM ANY KNOWLEDGE OF, AND DO NOT GUARANTEE: (a) THE ACCURACY, RELIABILITY, OR CORRECTNESS OF ANY DATA PROVIDED THROUGH THE SERVICES; (b) THAT THE SERVICES WILL MEET YOUR SPECIFIC BUSINESS NEEDS OR REQUIREMENTS; (c) THAT THE SERVICES WILL BE AVAILABLE AT ANY PARTICULAR TIME OR LOCATION, OR WILL FUNCTION IN AN UNINTERRUPTED MANNER OR BE SECURE; (d) THAT EOS WILL CORRECT ANY DEFECTS OR ERRORS IN THE SERVICE, API, DOCUMENTATION, OR DATA; OR (e) THAT THE SERVICES ARE FREE OF VIRUSES OR OTHER HARMFUL CODE. USE OF DATA YOU ACCESS OR DOWNLOAD THROUGH THE SERVICES IS DONE AT YOUR OWN RISK – YOU ARE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR PROPERTY, LOSS OF DATA, OR ANY OTHER LOSS THAT RESULTS FROM SUCH ACCESS OR DOWNLOAD. YOU UNDERSTAND THAT THE EOS ENTITIES MAKE NO GUARANTEES TO YOU REGARDING TRANSACTION PROCESSING TIMES OR PAYOUT SCHEDULES. NOTHING IN THIS AGREEMENT OPERATES TO EXCLUDE, RESTRICT OR MODIFY THE APPLICATION OF ANY IMPLIED CONDITION, WARRANTY OR GUARANTEE, OR THE EXERCISE OF ANY RIGHT OR REMEDY, OR THE IMPOSITION OF ANY LIABILITY UNDER LAW WHERE TO DO SO WOULD: (A) CONTRAVENE THAT LAW; OR (B) CAUSE ANY TERM OF THIS AGREEMENT TO BE VOID. 9. Limitation of Liability Under no circumstances will any EOS Entity be responsible or liable to you for any indirect, punitive, incidental, special, consequential, or exemplary damages resulting from your use or inability to use the Services or for the unavailability of the Services, for lost profits, personal injury, or property damage, or for any other damages arising out of, in connection with, or relating to this Agreement or your use of the Services, even if such damages are foreseeable, and whether or not you or the EOS Entities have been advised of the possibility of such damages. The EOS Entities are not liable, and deny responsibility for, any damages, harm, or losses to you arising from or relating to hacking, tampering, or other unauthorized access or use of the Services, your EOS Account, or Data, or your failure to use or implement anti-fraud measures, Security Controls, or any other data security measure. The EOS Entities further deny responsibility for all liability and damages to you or others caused by (a) your access or use of the Services inconsistent with the Documentation; (b) any unauthorized access of servers, infrastructure, or Data used in connection with the Services; (c) interruptions to or cessation of the Services; (d) any bugs, viruses, or other harmful code that may be transmitted to or through the Services; (e) any errors, inaccuracies, omissions, or losses in or to any Data provided to us; (f) third-party content provided by you; or (g) the defamatory, offensive, or illegal conduct of others. You agree to limit any additional liability not disclaimed or denied by the EOS Entities under this Agreement to your direct and documented damages; and you further agree that under no circumstances will any such liability exceed in the aggregate the amount of Fees paid by you to EOS during the three-month period immediately preceding the event that gave rise to your claim for damages. These limitations on our liability to you will apply regardless of the legal theory on which your claim is based, including contract, tort (including negligence), strict liability, or any other theory or basis. We provide the Services from facilities in Malaysia. We do not claim, and we cannot guarantee that Services we provide from Malaysia are or will be appropriate or available for any other location or jurisdiction, comply with the Laws of any other location or jurisdiction, or comply with Laws governing export, import, or foreign use. 10. Responding to Legal Process EOS may respond to and comply with any writ of attachment, lien, levy, subpoena, warrant, or other legal order (“Legal Process”) that we believe to be valid. We or any Payment Method Provider (including, where applicable, the Payment Method Acquirer for the Payment Method) may deliver or hold any funds or, subject to the terms of our Privacy Policy, any Data as required under such Legal Process, even if you are receiving funds or Data on behalf of other parties. Where permitted by Law, we will make reasonable efforts to provide you Notice of such Legal Process by sending a copy to the email address we have on file for you. EOS is not responsible for any losses, whether direct or indirect, that you may incur as a result of our response or compliance with a Legal Process. 11. Dispute Resolution; Agreement to Arbitrate a. Binding Arbitration: Any dispute, controversy or claim arising out of or relating to this contract, including the formation, interpretation, breach or termination thereof, including whether the claims asserted are arbitrable, will be referred to and finally determined by arbitration administered by the Asian International Arbitration Centre (Malaysia) (“AIAC”) in accordance with the Arbitration Rules of the AIAC for the time being in force, which rules are deemed to be incorporated by reference in this clause. The Tribunal shall consist of one arbitrator. Unless the parties agree upon an arbitrator, either party may request a nomination from the Director of the AIAC. The place of the arbitration will be Malaysia. The language to be used in the arbitral proceedings will be English. Judgment upon the award rendered by the arbitrator may be entered by any court having jurisdiction thereof. This Agreement and the rights of the parties hereunder shall be governed and construed in accordance with the laws of Malaysia, exclusive of conflict or choice of law rules. Nothing in this section will preclude the parties from seeking provisional remedies in aid of arbitration from a court of appropriate jurisdiction. b. Service of Process: Each party hereby irrevocably and unconditionally consents to service of process through personal service at their corporate headquarters, registered address, or primary address (for individuals or sole proprietors). Nothing in this Agreement will affect the right of any party to serve process in any other manner permitted by Law. c. Class Waiver: To the fullest extent permitted by Law, each of the parties agrees that any dispute arising out of or in connection with this Agreement, whether in arbitration or in court, will be conducted only on an individual basis and not in a class, consolidated or representative action. If for any reason a claim or dispute proceeds in court rather than through arbitration, each party knowingly and irrevocably waives any right to trial by jury in any action, proceeding or counterclaim arising out of or relating to this Agreement or any of the transactions contemplated between the parties. d. Provision of an Award: Subject to the limitations of liability identified in this Agreement, the appointed arbitrator may award monetary damages and any other remedies allowed by Law. In making a determination, the arbitrator will not have the authority to modify any term or provision of this Agreement. The arbitrator will deliver a reasoned written decision with respect to the dispute (the “Award”) to each party, who will promptly act in accordance with the Award. Any Award (including interim or final remedies) may be confirmed in or enforced by any court having jurisdiction over either party or its assets. The decision of the arbitrator will be final and binding on the parties, and will not be subject to appeal or review. e. Fees: Each party will advance one-half of the fees and expenses of the arbitrator, the costs of the attendance of the arbitration reporter at the arbitration hearing, and the costs of the arbitration facility. In any arbitration arising out of or related to this Agreement, the arbitrator will award to the prevailing party, if any, the costs and attorneys’ fees reasonably incurred by the prevailing party in connection with those aspects of its claims or defences on which it prevails, and any opposing awards of costs and legal fees awards will be offset. f. Confidentiality: The parties will maintain the confidential nature of the arbitration proceeding, the hearing and the Award, except (i) as may be necessary to prepare for or conduct the arbitration hearing on the merits, (ii) in connection with a court application as contemplated above for a preliminary remedy, or confirmation of an Award or its enforcement, (iii) our disclosure of the Award in confidential settlement negotiations, or (iv) as otherwise required by applicable Laws. The parties, witnesses, and arbitrator will treat as confidential and will not disclose to any third person (other than witnesses or experts) any documentary or other evidence produced in any arbitration hereunder, except as required by Law or except if such evidence was obtained from the public domain or was otherwise obtained independently from the arbitration. g. Conflict of Rules: In the case of a conflict between the provisions of this Section E.11.g and the rules governing arbitration identified in Section E.11.a, the provisions of this Section E.11.g will prevail. If any provision of this Agreement to arbitrate is held invalid or unenforceable, it will be so held to the minimum extent required by Law and all the other provisions will remain valid and enforceable. 12. Entire Agreement This Agreement and all policies and procedures that are incorporated by reference constitute the entire agreement between you and EOS for provision and use of the Services. Except where expressly stated otherwise in a writing executed between you and EOS, this Agreement will prevail over any conflicting policy or agreement for the provision or use of the Services. This Agreement sets forth your exclusive remedies with respect to the Services. If any provision or portion of this Agreement is held to be invalid or unenforceable under Law, then it will be reformed and interpreted to accomplish the objectives of such provision to the greatest extent possible, and all remaining provisions will continue in full force and effect. 13. Cumulative Rights, Construction, Waiver The rights and remedies of the parties under this Agreement are cumulative, and either party may enforce any of its rights or remedies under this Agreement, along with all other rights and remedies available to it at Law, in equity or under the Payment Method Rules. No provision of this Agreement will be construed against any party on the basis of that party being the drafter. Unless expressly stated otherwise, the use of the term “including” or “such as” is not to be interpreted as limiting the generality of the text preceding the term. The failure of either party to enforce any provision of this Agreement will not constitute a waiver of that party’s rights to subsequently enforce the provision. 14. Survival All provisions of this Agreement that give rise to a party’s ongoing obligation will survive termination of this Agreement, including Sections A.3 (“Your Relationship with Your Customers”), A.6 (“Taxes and Other Expenses”), A.7 (“Service Requirements, Limitations and Restrictions”), A.8 (“Suspicion of Unauthorized or Illegal Use”), A.9 (“Disclosures and Notices; Electronic Signature Consent”), A.10.b (“Effects of Termination”), B.2 (“Ownership of EOS IP”), C.6 (“Specific Payment Methods”), C.7 (“Settlement and Pay-out Schedule”), C.8 (“Clearing Funds and Reserves”), C.9 (“Security Interests, Collection, and Set-Off Rights”), C.10 (“Reconciliation and Error Notification”), C.11 (“Dormant Accounts”), D.3 (“Security and Fraud Controls”), D.4 (“Your Use of Data with EOS Connect and EOS Relay”), D.5 (“Provision of Payment Account Details upon Termination”), E.4 (“No Agency; Third-Party Services”), E.5 (“Force Majeure”), E.6 (“Your Liability for Third-Party Claims Against Us”), E.7 (“Representations and Warranties”), E.8 (“No Warranties”), E.9 (“Limitation of Liability”), E.10 (“Responding to Legal Process”), E.11 (“Dispute Resolution; Agreement to Arbitrate”), E.12 (“Entire Agreement”), E.13 (“Cumulative Rights, Construction, Waiver”) and E.14 (“Survival”); and any related terms in the Agreement. 15. Language The parties hereby acknowledge that they have required this Agreement and all related documents to be drawn up in the English language.