MANGOPAY PAYMENT SERVICES FRAMEWORK AGREEMENT 

General Terms and Conditions of Use for Payment Services

Concluded between:

(version for France)

The customer, whether a legal person or a natural person registered with the Commercial and Companies Registry (or with the national trade register or any equivalent professional body) in a Member State of the European Union or in a State party to the European Economic Area or in a third country imposing equivalent obligations regarding the fight against money laundering and the financing of terrorism, acting on its behalf exclusively for professional purposes (commercial, industrial, craft or freelance professions),

hereinafter referred to as the “Account Holder” or “Professional Account Holder”,

or

The customer, a natural person residing in a Member State of the European Union or in a State party to the European Economic Area or in a third country imposing equivalent obligations regarding the fight against money laundering and the financing of terrorism, acting on its behalf exclusively for non-professional purposes,

hereinafter referred to as the “Account Holder” or “Consumer Account Holder”, on the one hand, and

MANGOPAY SA, a limited liability company under Luxembourg law, having its registered office at 2, Avenue Amélie, L-1125 Luxembourg and registered with the Luxembourg Commerce and Companies Registry under number B173459 (the amount of the share capital can be can be consulted here : https://www.mangopay.com/legal-notice/), authorised to carry out business within the European Economic Area, as an electronic money institution approved by the Commission de Surveillance du Secteur Financier, 283 route d’Arlon L-1150 Luxembourg, www.cssf.lu,

hereinafter referred to as the “Service Provider”, on the other hand,
hereinafter referred to separately as a “Party” or together as the “Parties”.

Version as of 1 February 2021

1. Definitions

For the purposes hereof, the following terms are defined as follows:

“Authentication” means the procedures defined by the Platform to verify the identity of the Account Holder or the validity of a Payment Order. These procedures include the use of Personalised Security Data and Identification Data.

“Strong Authentication” means the Authentication procedures defined by the Platform and meeting the requirements of European Directive 2015/2366 of 25 November 2015. This Strong Authentication includes, in particular, elements enabling a dynamic link to be established between the Transaction, the amount and the Beneficiary.

“Banks” means the credit institutions in charge of protecting the funds collected by the Service Provider on behalf of the Account Holder. These funds are recorded in its records in an escrow account opened for this purpose with an institution designated by the Service Provider. The Service Provider reserves the right to select any other approved credit institution.

“Beneficiary” means a legal or natural person who is a creditor of a Payment Transaction issued by the Account Holder.

“Card” means the bank, charge or credit card used to transfer funds to a named Account Holder on their Payment Account opened in the Service Provider’s records. This card is attached to one of the following card networks: Visa, MasterCard or CB.

“Payment Account“ or “Account” means the Payment Account operated by the Service Provider in the name of the Account Holder and used for the purpose of implementing payment transactions. In no case shall the Account be treated as a deposit account. The Account is denominated in the currency indicated on the Website upon registering.

“General Terms and Conditions of the Website” means the general terms and conditions of use of the Website concluded between the users of the Website and the Platform, governing, in particular, access to the Website.

“Tariff Conditions“ means the financial terms and conditions agreed between the Account Holder and the Platform, including the fees due under this Framework Agreement.

“Framework Agreement” means these General Terms and Conditions of Use for Payment Services, together with the Subscription Form and the Tariff Conditions, governing the use of the Payment Services and the management of the Payment Account by the Service Provider.

“Personalised Security Data” means the personalised data provided by the Platform to the Account Holder for Authentication purposes. They include Identification Data, and possibly any other data related to the Authentication or Strong Authentication procedures.

“Identification Data” means the Account Holder’s unique identifier and password enabling them to access their Personal Space.

“Personal Data” means any information relating to the Account Holder as a natural person, or to a natural person related to the Account Holder as a legal person (in particular, a designated company representative, a beneficial owner, an Authorised Person), within the meaning of European Regulation 2016/679 on the protection of personal data.

“Personal Space” means the Account Holder’s dedicated environment, accessible on the Platform Website, enabling them to access their Payment Account and use the Payment Services.

“Subscription Form” means the form to be completed by any prospective customer wishing to subscribe to the Payment Services, accessible on the Website upon registration or made available by the Platform.

“Business Day” means a calendar day except Saturdays, Sundays and public holidays in mainland France and Luxembourg, and any other day designated as such by the Service Provider.

“Payment Method” means the payment method other than the Card, listed on the Website, the acquisition of which is offered by the Service Provider as an option. The Account Holder activates the Payment Method of their choice from their Personal Space.

“Payment Transaction” means a periodic or one-off transfer, ordered by the Account Holder, or by any authorised representative, debiting the Payment Account.

“Payment Order” means the instruction given by the Account Holder to the Service Provider in accordance with the procedure set out in the Framework Agreement to carry out a Payment Transaction.

“Payment Page” means the page secured by the Service Provider’s electronic payment service provider.

“Data Subject” means the Account Holder as a natural person or any natural person related to the Account Holder (in particular, a designated company representative, a beneficial owner, an Authorised Person) whose Personal Data is processed in the context of the implementation of this Framework Agreement.

“Authorised Person” means any agent appointed by the Account Holder to access the Payment Account and use the Payment Services on its behalf.

“Platform” means the entity, whose contact details are indicated in the General Terms and Conditions of the Website, that operates the Website. It prepares, facilitates and advises prospective customers with a view to the conclusion of the Framework Agreement via its Website. It assists Account Holders throughout their relationship with the Service Provider in carrying out their Payment Transactions. It collects the documents required to open the Account. The Platform does not collect funds except for the fees agreed in the Tariff Conditions.

“Service Provider” means MANGOPAY SA, an issuer of Electronic Money approved in Luxembourg by the Commission de Surveillance du Secteur Financier under reference No. 3812 and authorised to carry out its activity in all member countries of the European Union. The Service Provider is included in the list of electronic money institutions available at www.cssf.lu/surveillance/ep-eme/listes-officielles.

“Third-Party Payment Service Provider” or “Third-Party PSP” means any institution, other than the Service Provider, authorised in a country that is a member of the European Union or a party to the European Economic Area or in a third country imposing equivalent obligations regarding the fight against money laundering and the financing of terrorism.

“Platform’s Customer Service Department” means the service whose contact details are stated on the Website, from which the Account Holder may obtain information relating to the Framework Agreement.

“Payment Services” means the payment services defined in points 3 and 5 of the Appendix to the Luxembourg Law of 10 November 2009 relating to payment services.

“Website” means the website operated by the Platform, the purpose of which is to sell goods or services to Users or to collect funds from them, or to put Account Holders in contact with Users.

“Durable Medium” means any instrument that enables the Account Holder to store information addressed personally to the Account Holder in order to be able to refer to it at a later date for a period of time appropriate to the purpose for which the information is intended and that enables the identical reproduction of the stored information. This is usually in the form of a PDF file.

“Account Holder” means any legal person or natural person acting on its own behalf and in whose name a Payment Account is opened to use the Payment Services.

“User” means any legal person or natural person who has transferred funds to an Account Holder through the Website using their Card or any other Payment Method accepted by the Service Provider to transfer funds.

2. Purpose

The purpose of the Framework Agreement is to define the conditions under which the Service Provider provides Payment Services to the Account Holder in return for remuneration as defined in Article 11 herein.

These Payment Services include:

• -  the opening and management of Payment Accounts,

• -  crediting the Payment Account: the registration of funds transferred by Cards or by any other

  Payment Method accepted by the Service Provider; the receipt of transfers.

• -  debiting the Payment Account: the implementation of one-off or recurring Transfer Transactions, the charging of fees due hereunder, the reversal of transfers of funds by Cards (or by any other

  Payment Method).

  The Account shall not be subject to any overdraft, advance, credit or discount. The Service Provider does not offer a currency exchange service.

  The Service Provider has authorised the Platform to facilitate the conclusion of this Agreement with each Account Holder and to support them throughout their relationship with the Service Provider.

3. Subscribing to the Services

3.1. Subscription Terms and Conditions

The Framework Agreement is concluded remotely, according to the terms and conditions provided by the Platform in the General Terms and Conditions of the Website. In order to be able to conclude the Framework Agreement online, the applicant must have access to equipment (hardware and software), for which it is solely responsible.

By default, acceptance of the Framework Agreement is carried out remotely via the Website and is confirmed by an electronic signature. The applicant may request to sign the Agreement by hand. To this end, the Applicant must print this Agreement, sign it, and return it electronically or by post to the Platform’s Customer Service Department, the contact details of which are indicated in the General Terms and Conditions of the Website.

In case of a handwritten signature, the date of conclusion of the Framework Agreement is deemed to be the date indicated on it, and in the absence of a date, it will be deemed to be the date of receipt of the Framework Agreement by the Platform.

The electronic signature of the Framework Agreement is carried out via the Website. The date of conclusion of the Framework Agreement corresponds to the date on which the applicant completes the electronic signature process indicated on the Website.

The Framework Agreement concluded between the Parties by electronic means shall have the same probative value as a paper Framework Agreement.

3.2. Contractual Documents

The Framework Agreement is composed of:

- these General Terms and Conditions of Use for Payment Services,
- the Subscription Form available on the Website,
- the Tariff Conditions communicated by the Platform.
These General Terms and Conditions of Use for Payment Services, as well as the Tariff Conditions, are made available to the Account Holder on the Website and can be downloaded on a Durable Medium. At any time during the contractual relationship, the Account Holder may, upon request, receive these documents in paper form.

The Service Provider shall maintain access to the contractual documents for a period of five (5) years from the end of the contractual relationship. The Service Provider will cease to provide this service at the end of the aforementioned period of five (5) years.

The Service Provider may make the conclusion of this Agreement conditional on the provision of certification and additional information by the Account Holder in order to validate its status with regard to these terms.

4. Opening an Account

4.1. Necessary Conditions and Prerequisites for Opening an Account

Any natural person aged at least eighteen (18) years who is legally capable, and any legal person, resident and/or registered in a Member State of the European Union or in a State party to the Agreement on the European Economic Area or in a third country imposing equivalent obligations regarding the fight against money laundering and the financing of terrorism, may submit an application to open an Account provided that the natural person is listed on the Website as a consumer or as a professional. A legal person can only be listed as a professional.

Upon submission of the Account Holder’s application for registration to the Platform and throughout the duration of the Framework Agreement, the Account Holder declares:

• -  that they are at least eighteen (18) years of age and legally capable, or that they are duly constituted as a company,

• -  that they are acting on their own behalf;

4.2. Registration and Account Opening Procedure

4.2.1. Information and Supporting Documents

Prospective Customers shall provide the Platform with the information and documents listed below, using the Application Form, if the said information and documents are not already in the Platform’s possession.

The prospective customer undertakes to transmit the information and documents corresponding to its capacity, either as a professional or as a consumer.

For a Consumer Account Holder as a natural person:
> their sur name, first name, email address, date and place of birth, nationality and country of residence.

> a copy of a valid official identity document of the Account Holder (e.g., identity card, driving licence and, for non-EU nationals, a passport). For a Professional Account Holder:

For natural persons:
> their surname, first name, email address, date of birth, nationality and country of residence. 

> an original or a copy of an extract from the official register, dated less than three (3)months ago, establishing the registration as a trader or in the national register of trades or any other

professional body to which the Account Holder belongs.
> a copy of a valid official identity document of the Account Holder (e.g., identity card,

driving licence and, for non-EU nationals, a passport).

- for legal persons:
> their name, type of organisation, capital, the address of their registered office, the

description of their activity, the identity of the partners and corporate managers, as well as

the list of beneficial owners as defined by the regulations,
> a Kbis extract (Certificate of Incorporation) or an equivalent document less than three (3)

months old justifying its registration with the Commercial and Companies Registry of a Member State of the European Union or of a State party to the Agreement on the European Economic Area or of a third country imposing equivalent obligations regarding the fight against money laundering and the financing of terrorism, and its articles of association. This document must state the name, legal status, address of the registered office and the identity of the partners and corporate managers mentioned in Section 1 and Section 2 of Article R.123-54 of the French Commercial Code or their equivalents in foreign law.

> a copy of the articles of association and any decisions appointing the certified legal representative;

> a copy of the identity card or passport of the legal representative and, if applicable, of the beneficial owner(s).

> Thedeclarationofthebeneficialownersofthelegalpersonholdingmorethan25%,ifthe prospective customer has not declared their beneficial owners in the national register, or if they are not subject to this obligation.

The Account Holder may also be asked to provide a bank statement for an account opened in their name with a person mentioned in Section 1 to Section 6 bis of Article L.561-2 of the French Monetary and Financial Code established in a Member State of the European Union or in a State party to the Agreement on the European Economic Area or in a third country imposing equivalent obligations regarding the fight against money laundering and the financing of terrorism.

It is expressly provided that the Service Provider reserves the right to request, prior to any registration and at any time during the duration of the Framework Agreement, additional documents concerning the Account

Holder, the beneficial owner or a specific Payment Transaction. 4.2.2. Payment Account Limitation

At the discretion of the Service Provider, the use of a Payment Account may be limited without the Service Provider needing to justify its decision to the Account Holder concerned. In particular, the operation of the Payment Account will be limited if the Account Holder has not transmitted all the information and documents required by the Service Provider, as listed above. These limits are indicated to the Account Holder by the Platform.

4.2.3. Finalisation of the Registration Process

After concluding the Framework Agreement, the Account Holder must provide all the information and supporting documents requested by the Platform. By agreeing to the terms of the Framework Agreement, the Account Holder agrees that the Platform may forward to the Service Provider its application for registration as an Account Holder and all supporting documents received by it.

Only the Service Provider can accept the registration of a prospective customer as a Payment Account Holder on behalf of the prospective customer. This agreement will be notified to the Account Holder by the Platform by any means in accordance with the terms and conditions set out on the Website.

The Service Provider may, without giving any reason or entitlement to compensation in favour of the Account Holder, refuse an application to open an Account. This refusal will be notified to the Holder by the Platform by any means in accordance with the terms and conditions set out on the Website.

5. Payment Account Operation

The amounts credited to the Payment Account result from funds transferred by Card (or by any other Payment Method accepted by the Service Provider), or from the receipt of a transfer. The amounts debited to the Payment Account result from: the implementation of a Payment Order to an account opened in the records of a Third-Party Payment Service Provider, the debiting by the Provider of the fees owed by the Account Holder under the Framework Agreement, or the reversal of a transaction by Card (or by any other Payment Method).

5.1. Acquiring Payment Orders by Cards on the Payment Account

The Payment Account may be funded by Card (or any other Payment Method accepted by the Service Provider), in one or more instalments. When the User wishes to carry out such an operation, they must identify themselves on the Website by indicating their User identifier (valid email address) and password or by logging in via their Facebook account. The order for the transfer of funds is entered on a dedicated Payment Page. For any payment, the User may be asked to enter a single-use code notified on their mobile phone to the institution issuing the Card. If necessary, it is the Service Provider’s responsibility to refuse any payment at its own discretion and without this decision giving rise to any compensation whatsoever. The funds transfer transaction is carried out by the institution issuing the Card. Any dispute of such a transfer must be notified to the aforementioned institution. The Service Provider is not entitled to cancel such a transfer.

The Cardholder is informed that the acceptance of a Card payment order by the Service Provider does not guarantee the receipt of the corresponding funds by the Account Holder on their Account. The registration of funds on the Account Holder’s Payment Account is subject to actual receipt by the Service Provider of the funds collected minus the fees agreed in the Tariff Conditions.

In the absence of receipt of funds for technical reasons, the Service Provider shall use its best efforts to rectify the transaction. If the funds are not received for any other reason, the Service Provider shall inform the Account Holder as soon as possible of its inability to credit its Account with the expected amount, so that the Account Holder may contact the User.

In the event that the transfer of funds from the Account Holder’s Account is cancelled by the Card issuer following a dispute by the User, the Account Holder agrees that the Service Provider may reverse any Card funds transfer transaction by debiting the corresponding amount from the Payment Account. The Cardholder acknowledges that such a dispute may, in particular, be brought to the attention of the Card issuer until the expiry of a maximum period of thirteen (13) months following the date of debit of the account with which the Card is associated. In the absence of sufficient funds in the Account in order to carry out such a reversal, the Service Provider may suspend or cancel any Payment Transaction initiated by the Account Holder or an agent, or, where applicable, assume the rights of the Account Holder and proceed to recover the amounts due by the User by any means.

5.2. Receipt of Transfer to the Payment Account

The Account Holder authorises the Service Provider to receive on its Payment Account SEPA credit transfer transactions in euros from a bank or payment account opened in the records of a Third-Party PSP.

The funds are credited to their Payment Account by the Service Provider as soon as possible following their actual receipt by the Service Provider.

Once the funds have been paid to the Account Holder’s Payment Account, the Service Provider provides the Account Holder with a summary of the received transfer transaction, including the following information: the reference of the payment transaction, a reference to identify the payer, the amount of the transaction, and the credit’s value date.

5.3. Implementation of a Transfer Transaction Debiting the Payment Account

The Account Holder may transmit SEPA or international Transfer Orders to a Beneficiary’s account held by a Third-Party PSP.

When the Account Holder wishes to carry out a Transfer Transaction, the Account Holder identifies themself in their Personal Space by indicating their Identification Data and, where applicable, by following the Strong Authentication procedure indicated. It indicates on the Payment Page: the amount of the Payment Transaction, the currency, the Payment Account to be debited, the implementation date of the Order and any other required information. In the absence of any indication of date, the Transfer Order is deemed to be immediate. The Account Holder must also follow the Authentication (or Strong Authentication, as the case may be) procedure specified by the Provider.

The Account Holder may at any time send a request to implement a Transfer Order to a Beneficiary designated by it who has a bank or payment account with a Third-Party Payment Service Provider. The Account Holder must provide the reason for each transfer and comply with the Authentication (or Strong Authentication, as the case may be) procedure indicated by the Service Provider.

The Account Holder gives irrevocable consent to the Payment Order by clicking on the “Validation” tab (“Date of Receipt”). The receipt of the Payment Order is confirmed on the Account Holder’s Personal Space. The Account Holder may not withdraw any Order after the date on which it is deemed to be irrevocable, i.e., from the Date of Receipt.

Before transmitting a Transfer Order, the Account Holder (or the Platform acting on its behalf) must ensure that it has sufficient funds available in its Account to cover the amount of the Payment Transaction and related fees as agreed in the Tariff Conditions. Where applicable, the Account Holder shall credit its Account before the Order can be validly transmitted to the Service Provider for implementation.

It is hereby expressly agreed that Payment Orders will be executed no later than the end of the Business Day following the Date of Receipt of the Order by the Service Provider (and on the agreed implementation date for deferred or standing order transfers). Any payment order received after 4 p.m. by the Service Provider is deemed to have been received on the next Business Day. If the Date of Receipt is not a Business Day, the Payment Order is deemed to have been received on the next Business Day.

For each Transfer Transaction, the Account Holder may request the Service Provider to provide information on a Durable Medium relating to the maximum implementation period for that specific transaction, the fees to be paid by the Account Holder and, where applicable, the details of such fees.

The Service Provider may refuse to implement an incomplete or erroneous Transfer Order. The Account Holder shall re-issue the Order to ensure its compliance. The Service Provider may, in addition, block a Transfer Order in the event of serious suspicion of fraudulent use of the Account, unauthorised use of the Account, breach of the security of the Account, in the event of an asset-freezing measure by an administrative authority or for any other reason.

In the event of a refusal to implement a Transfer Order or the blocking of a Transfer Order, the Service Provider shall inform the Account Holder by any means. If possible, the Service Provider will indicate to the Account Holder the reasons for the refusal or blocking, unless prohibited by a relevant provision of national or European Union law.

5.4. Refund

The Holder may at any time send an instruction to cancel a funds transfer in order to refund a User. The Account Holder identifies themselves on the Website by indicating their identifier and password. The Account Holder indicates, in their Personal Space, the amount to be refunded, the currency, the User to be refunded and any other information required.

The refund transaction is implemented by the Service Provider by crediting the Card used by the User or by transfer according to the original payment method, within the limit of the available balance on the Account and within the rules of each network and the SEPA rules within five (5) Business Days following receipt by the Service Provider of the refund request.

5.5.Specific Provisions for Payment Initiation and Account Information Services Provided by Third-Party PSPs

Where consent to a Transfer Order is given through a Third-Party PSP providing a payment initiation service, the form of such consent shall be agreed between the Account Holder and such PSP under the terms and conditions agreed between them. The Service Provider is not a party to these terms and conditions and shall not be liable in any way for any dispute arising in connection with the provision of this initiation service by the Third-Party PSP under the said terms and conditions.

The Account Holder may not revoke the payment order after having given their consent for the Third-Party PSP providing the payment initiation service to initiate the payment transaction.

Where the unauthorised, non-implemented or incorrectly implemented payment transaction is initiated through a Third-Party PSP providing a payment initiation service, the Service Provider shall immediately, and in any event no later than the end of the next Business Day, refund to the Account Holder the amount of the unauthorised, non-implemented or incorrectly implemented payment transaction and, where applicable, restore the debited Account to the state it would have been in if the unauthorised or incorrectly implemented payment transaction had not taken place. The value date on which the Account Holder’s payment account is credited is no later than the date on which it was debited.

6. Reporting

The Account Holder has, in their Personal Space, a statement of the payment transactions carried out on the Payment Account. The Account Holder is invited to read the list of these transactions carefully. Transaction records may also be made available to a Professional Account Holder at other intervals upon specific request.

It is specified that for each Transfer Transaction implemented by the Service Provider, the Account Holder will be provided with the following information: the reference number of the Transaction, the identification of the Beneficiary, the amount of the Transaction, the date of receipt of the Order and, where applicable, the fees relating to the implementation of this Transaction.

7. Payment Account Access and Confidentiality of Personalised Security Data

The Payment Account is accessible online in the Personal Space, using Identification Data and in accordance with the requested Authentication (or Strong Authentication, as the case may be) procedure.

The Account Holder shall provide Identification Data for each Authorised Person. Each Authorised Person shall agree not to use the name or Identification Data of another person. The Account Holder shall be solely responsible for any use of their identifier.
Each Authorised Person is fully responsible for maintaining the confidentiality of their Identification Data, as well as any other Personalised Security Data that may be assigned by the Service Provider or the Platform. The Account Holder shall take all reasonable steps in order to maintain the confidentiality and security of its Personalised Security Data. The Account Holder also undertakes to make Authorised Persons aware of the confidentiality and security of their own Personalised Security Data.

The Account Holder (and each Authorised Person) agrees not to disclose their Personalised Security Data to third parties. By way of exception, the Account Holder may communicate such information to Third- Party PSPs authorised in a Member State of the European Union or in a State party to the European Economic Area for account information and payment transaction initiation services (as defined in Article 4 of European Directive 2015/2366, referred to as the “PSD2”). The Account Holder shall ensure that such Third-Party PSP is approved for the above services and that they enter their Personalised Security Data in a secure environment.

8. Opposition to Personalised Safety Data

The Account Holder must inform the Platform of the loss or theft of their Personalised Security Data, the misappropriation or any unauthorised use of their Personal Space or related data as soon as they become aware of it in order to request that it be blocked. This declaration must be made:

• -  by telephone call to the Platform’s Customer Service Department at the number indicated in the General Terms and Conditions of the Website; or

• -  directly by email via the contact form accessible on the Website.

The Service Provider, through the Platform, will immediately carry out the opposition request. The event will be recorded and time-stamped. An opposition number with a time-stamp will be communicated to the Account Holder. A written confirmation of this opposition will be sent via email by the Platform to the Account Holder concerned. The Service Provider shall be responsible for the file from an administrative point of view and shall keep all traces for eighteen (18) months. Upon written request by the Account Holder and before the expiry of this period, the Service Provider will communicate a copy of this opposition.

Any opposition request must be confirmed without delay by the Account Holder concerned, by letter signed by the latter, delivered or sent by registered post, or email, to the Service Provider at the postal address mentioned at the beginning of these Terms and Conditions or at the address indicated in the General Terms and Conditions of the Website.

The Service Provider cannot be held responsible for the consequences of an opposition by fax or email that does not come from the Account Holder.

An opposition request is deemed to have been made on the date and time of the actual receipt of the request by the Platform. In the event of theft of the Personalised Security Data or fraudulent use of the Personal Space, the Service Provider is entitled to request, via the Platform, a receipt or a copy of the complaint filed from the Account Holder, who undertakes to respond as soon as possible.

9. Blocking of the Payment Account and Refusal of Access to the Payment Account

The Service Provider reserves the right to block the Payment Account for objectively justified reasons relating to the security of the Payment Account, the presumption of unauthorised or fraudulent use of the Payment Account or the significantly increased risk that the Account Holder will be unable to fulfil its obligation to pay the fees due under this Framework Agreement.

The Account Holder is hereby informed that the Service Provider may deny access to the Payment Account to a Third-Party PSP providing payment initiation or account information services, for objectively justified or documented reasons related to unauthorised or fraudulent access to the Payment Account by that service provider, including the unauthorised or fraudulent initiation of a payment transaction.

In such cases, the Account Holder will be informed in their Personal Space of the blocking of or refusal of access to the Payment Account, and of the reasons for such blocking or refusal. This information will be communicated to the Account Holder, if possible, before the Payment Account is blocked or access is denied and at the latest immediately after the blocking or refusal, unless the provision of this information is not communicable for objectively justified security reasons or is prohibited under another provision of European Union law or relevant national law.

The Service Provider unblocks the Account or restores access to it as soon as the reasons justifying the blocking or refusal of access no longer exist. The Account Holder may request for the Account to be unblocked at any time by contacting the Platform’s Customer Service Department, the contact details of which are indicated in the General Terms and Conditions of the Website. The Account Holder may be requested to define new Identification Data.

10. Disputing a Transaction
10.1. Provisions Common to All Account Holders

For any complaint relating to the Payment Transactions carried out by the Service Provider within the framework hereof, the Account Holder is invited to contact the Platform’s Customer Service Department or the address indicated for this purpose in the General Terms and Conditions of the Website.

If the Service Provider carries out an Order with errors due to the Service Provider’s fault, the dispute is forwarded to the Service Provider as soon as possible, the Order is cancelled and the Account is restored to the condition it was in before receipt of the Payment Order. Thereafter, the Order is properly represented.

Fees indicated in the Tariff Conditions may be charged in the event of unjustified disputing of a Transaction.

10.2. Provisions Applicable to Professional Account Holders

A Professional Account Holder who wishes to dispute a Transfer Transaction that has not been authorised by it or has been incorrectly implemented must contact the Platform’s Customer Service Department by telephone as soon as possible after becoming aware of the anomaly and no later than eight (8) weeks after the transaction has been recorded in the account, and must forward the dispute to the Service Provider as soon as possible. Unless the Service Provider has good reason to suspect fraud on the part of the Account Holder, the Service Provider shall reimburse the Account Holder for the amount of the Transaction immediately upon receipt of the dispute request, and in any event no later than the end of the next Business Day. The Service Provider shall restore the Account to the state in which it would have been if the unauthorised Payment Transaction had not taken place.

In the event of loss or theft of the Personalised Security Data, any unauthorised Transactions carried out prior to the notification of the opposition shall be borne by the Account Holder. Transactions carried out after the opposition are borne by the Service Provider except in the event of fraud by the Account Holder.

10.3. Provisions Applicable to Consumer Account Holders

A Consumer Account Holder who wishes to dispute a Transfer Transaction that has not been authorised by it or has been incorrectly implemented must contact the Platform’s Customer Service Department by telephone as soon as possible after becoming aware of the anomaly and no later than thirteen (13) months after the date of debit, and must forward the dispute to the Service Provider as soon as possible. Unless the Service Provider has good reason to suspect fraud on the part of the Account Holder, the Service Provider shall reimburse the Account Holder for the amount of the Transaction immediately upon receipt of the dispute request, and in any event no later than the end of the next Business Day. The Service Provider shall restore the Account to the state in which it would have been if the unauthorised Payment Transaction had not taken place.

In the event of a dispute, the burden of proof that the Transaction has been authenticated, duly recorded and accounted for, and that it has not been affected by a technical or other deficiency is the responsibility of the Service Provider.

In the event of an unauthorised payment transaction resulting from the loss or theft of the Personalised Security Data, the Account Holder shall bear, prior to the notification of the objection, the losses related to the use of the Personalised Security Data, up to a maximum of fifty (50) euros. Transactions carried out after the opposition are borne by the Service Provider except in the event of fraud by the Account Holder. However, the Account Holder shall not be held liable in the event of:

• -  an unauthorised payment transaction carried out without the use of the Personalised Security Data;
  -  loss or theft of Personalised Security Data that cannot be detected by the Account Holder before
  payment;

  - loss due to acts or omissions of an employee, agent or branch of a PSP or of an entity to which its activities have been outsourced.

  
  

The Account Holder shall not be held responsible:

• -  if the unauthorised Payment Transaction was carried out by misappropriating the Personalised
  Security Data without the Account Holder’s knowledge;

  -  in the event of counterfeiting of Personalised Security Data, if, at the time of the unauthorised Payment Transaction, the Account Holder is in possession of such Data.

The Account Holder shall bear all losses caused by the unauthorised Transactions if such losses result from any fraudulent action on its part or if it has intentionally, through gross negligence, failed to comply with its obligations to maintain the security of its Personalised Security Data and to notify its opposition in the event of loss, theft or misappropriation of such Data.

Except in the event of fraudulent action on its part, the Account Holder shall bear no financial consequences if the unauthorised Transaction has been carried out without the Service Provider requiring Strong Authentication from the Account Holder, in cases where the regulations stipulate that Strong Authentication is mandatory.

11. Financial Conditions

The services offered hereunder are invoiced by the Platform on behalf of the Service Provider in accordance with the Tariff Conditions.

All commissions owed by the Account Holder are automatically deducted from the Payment Account by the Service Provider. The Account Holder authorises the Service Provider to compensate at any time, including after the Account has been closed, any definite, liquid and due claim that remains outstanding for any reason whatsoever. It may compensate the provision on the Payment Account against any amount due, payable and unpaid by the Account Holder to the Service Provider.

In the event of late payment of fees due and payable by the Account Holder to the Service Provider, the Account Holder will be liable to the pay default interest for the period from the due date until the full payment has been made. The applicable interest rate will be calculated on the basis of two times the legal annual interest rate published semi-annually for companies. The amount of late payment interest due will be equal to the product of the amount of the unpaid sum by the aforementioned annual legal rate and the number of days overdue out of 365.

12. Duration and Termination

The Framework Agreement is concluded for an indefinite period. It comes into force upon its acceptance by the Account Holder.

The latter may, at any time and subject to thirty (30) calendar days’ prior notice, terminate the Framework Agreement. The Service Provider may terminate the Framework Agreement at any time, subject to two (2) months’ prior notice provided on a Durable Medium. In such a case, the regular fees for Payment Services will be payable by the Account Holder on a pro-rata basis for the period up to the date of termination.

Beyond six (6) months, the Framework Agreement may be terminated free of charge. In other cases, termination fees may apply in accordance with the Tariff Conditions.

To that end, each Party must send its notice of termination of this Agreement to the other Party, by registered letter with acknowledgement of receipt, to the postal and email address indicated in the General Terms and Conditions of the Website.

As a result, the entire Framework Agreement is terminated and the Payment Account is closed. Any credit on the Account will be transferred within thirteen (13) months to the Account Holder’s Bank Account following the deduction of the fees due and payable to the Service Provider. If the credit on the Payment Account exceeds the limit specified in the Tariff Conditions, the amount exceeding this limit will be transferred within thirty (30) days of the effective date of termination to the bank account of the Account Holder following the deduction of the fees due and payable to the Service Provider. The Service Provider is released of all obligations once it has confirmed the transfer to the bank account indicated by the Account Holder.

In the event of serious breaches, fraud, or unpaid debts on the part of the Account Holder, the Service Provider reserves the right to suspend or terminate this Agreement by sending an email accompanied by a registered letter with acknowledgement of receipt without reason or prior notice.

It is intended that the Framework Agreement will be automatically terminated in the event of new circumstances affecting a Party’s ability to commit hereunder.

13. Amendment of the Agreement

The Service Provider reserves the right to amend the Framework Agreement at any time. Any draft amendment of the Framework Agreement is provided to the Account Holder by the Platform.

Any Account Holder may refuse the proposed amendments and must notify its refusal to the Platform’s Customer Service Department by registered letter with acknowledgement of receipt two (2) months before the date of entry into force of the proposed amendments (postmark recognised as affording proof) to the address indicated in the General Terms and Conditions of the Website.

If the Account Holder has not notified its refusal prior to the indicated date of entry into force, the Account Holder is deemed to have accepted the proposed amendments. Relations between the Parties after the date of entry into force will then be governed by the new version of the Framework Agreement.

In the event of refusal by the Account Holder, this refusal will give rise, free of charge, to the termination of the Framework Agreement, as well as the transfer of the balance of the Payment Account within thirteen (13) months following the effective date of the termination in order to cover any future disputes.

Any legislative or regulatory provisions that would make it necessary to amend all or part of the Framework Agreement will be applicable as from their date of entry into force, without prior notice. However, the Account Holder will be informed.

14. Security

The Service Provider undertakes to provide its services in compliance with the applicable laws and regulations and best practices. In particular, the Service Provider will make every effort to ensure the security and confidentiality of the Account Holders’ data, in accordance with the regulations in force.

The Service Provider reserves the right to temporarily suspend access to the Online Account for technical, security or maintenance reasons without these operations giving the right to any compensation. It undertakes to limit this type of interruption to what is strictly necessary.

However, the Service Provider cannot be held liable to the Account Holder for any errors, omissions, interruptions or delays in operations carried out via the Website resulting from unauthorised access thereto. Furthermore, the Service Provider cannot be held liable for theft, destruction or unauthorised communication of data resulting from unauthorised access to the Website. In addition, the Service Provider is not involved in the legal relationship between the Account Holder and a User or between the Account Holder and the Website. The Service Provider cannot be held liable for the faults, shortcomings or negligence of a User and the Account Holder towards each other, or of the Website and the Account Holder towards each other.

If the unique identifier or any other information necessary for the implementation of a Payment Transaction provided by the Account Holder is inaccurate, the Service Provider shall not be liable for the improper implementation of such Service.

The Platform is solely responsible for the security and confidentiality of the data exchanged in the context of the use of the Website in accordance with the General Terms and Conditions of the Website, with the Service Provider being responsible for the security and confidentiality of the data that it exchanges with the Account Holder in the context of this Agreement in connection with the creation and management of its Account, as well as the Payment Transactions associated with the Account.

15. Limitation of the Service Provider’s Liability

The Service Provider shall not intervene in any way in the legal and commercial relations and any disputes arising between the Account Holder and the User or between the Account Holder and the Platform or between the Account Holder and a Beneficiary. The Service Provider has no control over the conformity, security, legality, characteristics and adequacy of the products and services that are the subject of a Payment Transaction.

Each transaction carried out by the Account Holder gives rise to an agreement, directly formed between the Account Holder and a User, in which the Service Provider is not involved. Consequently, the latter may not be held liable for the non-implementation or improper implementation of the obligations resulting therefrom, nor for any damage caused to the Account Holder.

Notwithstanding anything to the contrary in this Agreement, the Service Provider’s liability towards an Account Holder is limited to compensation for direct damages as provided for in the regulations.

16. Commitments of the Account Holder

The Account Holder guarantees that nothing in their Personal Space infringes the rights of third parties or is contrary to the law, public order or morality.
The Account Holder undertakes not to:

1. (i)  Implement the Framework Agreement in an unlawful manner or under conditions that may damage, disable, overburden or impair the Website;

2. (ii)  Impersonate the identity of another person or entity, falsify or conceal their identity, age or create a false identity;

3. (iii)  Distribute personal data or information relating to a third party, such as postal addresses, telephone numbers, email addresses, bank card numbers, etc. In the event of failure to comply with its obligations, the Service Provider may take all appropriate measures to cease the actions concerned. The Service Provider will also be entitled to suspend, delete and/or block the Account Holder’s access to their Account.

4. (iv)  Without prejudice to any legal action taken by third parties, the Service Provider is entitled to take any legal action in its own right to compensate for any damage that it may have personally

suffered as a result of the Account Holder’s failure to comply with its obligations under this Agreement.

If the Account Holder notices a breach of the above obligations, the Account Holder is invited to inform the Service Provider of such actions by contacting the Service Provider at: legal@mangopay.com.

17. Right of Withdrawal

17.1. Provisions Common to All Account Holders

An Account Holder who has been solicited within the meaning of Articles L.341-1 et seq. of the French Monetary and Financial Code has a period of fourteen (14) completed calendar days to exercise their right of withdrawal, subject to meeting the conditions of Article D341-1 of the same code, without having to provide any reason or incur any penalty. This withdrawal period begins from the day of registration as an Account Holder.

17.2. Provisions Applicable to Consumer Account Holders

Under the terms of Article L222-7 of the French Consumer Code, a Consumer Account Holder has a right of withdrawal that can be exercised within a period of fourteen (14) days without having to provide any reason or incur any penalty. This withdrawal period begins either from the day of the conclusion of the Framework Agreement or from receipt of the contractual conditions and information, if the latter date is later than that of the conclusion of the Framework Agreement. The implementation of the Framework Agreement may only be initiated before the expiry of the withdrawal period with the consent of the Consumer Account Holder. The Consumer Account Holder acknowledges that the use of the Payment Services after the conclusion of the Framework Agreement will constitute an express request on its part to start the implementation of the Framework Agreement before the expiry of the above-mentioned deadline. The exercise of the right of withdrawal entails the termination of the Framework Agreement, which, in the event of initiation of implementation, consists of cancellation and does not call into question the services previously provided. In this case, the Consumer Account Holder will only be required to pay proportionally for the Services actually provided.

17.3. Exercising the Right of Withdrawal

The Account Holder must notify the Platform’s Customer Service Department by telephone or email within the specified period and send a confirmation letter to the address of the Platform’s Customer Service Department. For this purpose, they can use the withdrawal form provided by the Platform.

18. Rules Regarding the Fight against Money Laundering and the Financing of Terrorism

The Service Provider is subject to all Luxembourg and French regulations relating to the fight against money laundering and the financing of terrorism.

Pursuant to the provisions of French and Luxembourg law relating to the participation of financial institutions in the fight against money laundering and the financing of terrorist activities, the Service Provider is required to obtain information from all Account Holders for all transactions or business relationships as to the origin, purpose and destination of the transaction or the opening of the Account. The Service Provider must also take all necessary steps to identify the Account Holder and, where applicable, the beneficial owner of the Account and/or the Payment Transactions linked to it.

The Account Holder acknowledges that the Service Provider may, at any time, terminate or postpone the

use of Personalised Security Data, access to an Account or the implementation of a Transaction in the absence of sufficient information regarding its purpose or nature. The Account Holder is informed that a transaction carried out hereunder may be subject to the exercise of the national financial intelligence unit’s right of disclosure.

The Account Holder may, in accordance with the regulations, access all information thereby communicated, provided that this right of access does not jeopardise the purpose of the fight against money laundering and the financing of terrorism when this data relates to the applicant.

No legal action or civil action may be brought or any professional sanction imposed against the Service Provider, its managers or employees who have made declarations of suspicion in good faith to their national authorities.

19. Personal Data Protection

The Service Provider shall collect and process all Personal Data in accordance with the regulations in force applicable to the protection of such Data and, in particular, with Law No. 78-17 of 6 January 1978 as amended and with European Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016.

The Personal Data required at the time of subscription is necessary within the framework of the services provided in accordance herewith. Failure to provide the mandatory Personal Data may result in the applicant being refused access to the services.

The Data Subject is informed that Personal Data is collected in particular for the following purposes: the provision of the services provided as described herein; the fight against money laundering and the financing of terrorism; the processing of requests for information and complaints; the production of statistics. These processing operations are, in particular, necessary for the implementation of the Framework Agreement and to comply with the legal obligations to which the data controllers are subject. The Provider and the Platform act as joint controllers of this processing.

Personal Data will not be transmitted to third parties without the express consent of the Data Subjects. However, the Data Subject is informed that Personal Data is transmitted to subcontractors of the Service Provider, for the aforementioned purposes. The aforementioned subcontractors shall act only on the instructions of the Service Provider and exclusively on behalf of the latter.

The Data Subject concerned can access the list of subcontractors by sending their request to the Platform’s Customer Service Department. The Data Subject is informed that the Service Provider shall ensure that its subcontractors take all necessary measures to preserve the security and confidentiality of Personal Data. In the event of the occurrence of a Data breach (loss, intrusion, destruction, etc.) involving high risks for the Data Subject concerned, the latter will be informed.

The Service Provider reserves the right to disclose Personal Data at the request of a legal authority to comply with any applicable law or regulation, to protect or defend the rights of the Account Holder or a Data Subject, if justified by compelling circumstances, or to protect the security of the Account Holder, the Services or the public.

Personal Data processed by the Service Provider within the framework of the services provided in accordance herewith shall be retained for the period of time strictly necessary to achieve the purposes mentioned above. Unless otherwise provided by law and regulations, the Data will not be retained beyond the effective date of termination of the Agreement. In particular, it is specified that Personal Data relating to identification is kept for a period of five (5) years from the end of the contractual relationship, pursuant to the regulations applicable to the fight against money laundering and the financing of terrorism.

Where the Personal Data relates to a Data Subject who is not a party to the Framework Agreement and has been transmitted by the Account Holder, the Account Holder is responsible for communicating the information in this Article to the Data Subject.

Further information regarding the processing of Personal Data carried out within the framework of this Agreement, the retention periods and the rights of Data Subjects is available in the Service Provider’s Privacy Policy (accessible on the website www.mangopay.com).

20. Professional Secrecy

The Service Provider is bound by professional secrecy. However, this secrecy may be lifted, in accordance with the legislation in force, by virtue of a regulatory and prudential legal obligation, in particular, at the request of the supervisory authorities, the tax or customs administration, as well as that of the criminal court or, in the event of a court order, notified to the Service Provider. Notwithstanding the foregoing, the User is entitled to release the Service Provider from the obligation of professional secrecy by expressly indicating to the Service Provider the third parties authorised to receive confidential information concerning the User.

It is specified that professional secrecy may be lifted by the effect of the regulations in favour of companies providing the Service Provider with important operational tasks within the framework of this Agreement.

21. Intellectual Property

The Service Provider shall retain full ownership of the property titles and rights of any kind attached to the Services offered to the Account Holder. None of these property rights are transferred to the Account Holder hereunder.

22. Death of the Account Holder and Inactive Accounts 22.1. Death of the Account Holder

22.2. Inactive Accounts

Any inactive Account may be subject to a notification of inactivity sent via email by the Service Provider followed by a reminder one (1) month later. The Account Holder’s Payment Account is considered inactive when, at the end of a period of twelve (12) months, it has not been the subject of any transaction (other than the charging of management fees) at the initiative of the Account Holder (or any authorised representative) and they have not communicated with the Service Provider in any form whatsoever.

If there is no response and no use of the balance credited to the Account within this period, the Service Provider may close the Account and maintain it for the sole purpose of transferring the amounts due to the account indicated by the Account Holder. In the event of death, the balance can only be refunded to the Account Holder’s successors.

The Account will no longer be allowed to carry out Payment Transactions.

23. Force Majeure

The Parties shall not be held liable or considered as having failed hereunder, in the event of a delay or non- implementation, when their cause is related to force majeure as defined by Article 1218 of the French Civil Code.

24. Independence of Contractual Stipulations

If any provision hereof is held to be null or void, it shall be treated as if it had never existed and shall not invalidate the other stipulations.

If one or more of the provisions hereof should become null and void or be declared as such in application of a law, a regulation or following a final decision given by a competent court, the other provisions shall retain their mandatory force and scope. The stipulations declared null and void would then be replaced by the stipulations that come closest in meaning and scope to the stipulations initially agreed upon.

25. Protection of Funds

The Account Holder’s funds are deposited, at the end of the Business Day following the day on which they were received by the Service Provider, in an escrow account opened in the records of a Bank under the conditions required by the regulations.

Pursuant to Article 24-10 (5) of the Law of 20 May 2011 published in Mémorial A No. 104 of 24 May 2011 of the Grand Duchy of Luxembourg and Article 14 of the Law of 10 November 2009 published in Mémorial A No. 215 of 11 November 2009 of the Grand Duchy of Luxembourg, transposing Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 concerning access to the activity of electronic money institutions, the funds collected are protected and do not fall into the electronic money institution’s assets in the event of its liquidation, bankruptcy or any other state of support.

26. Non-Assignability

The Framework Agreement may not be transferred in whole or in part by the Account Holder, whether in return for payment or free of charge. The Account Holder is hereby prohibited from transferring any of its rights or obligations hereunder to a third party. In the event of failure to comply with this prohibition, in addition to the immediate termination hereof, the Account Holder may be held liable by the Service Provider.

27. Agreement on Evidence

All data contained in an unalterable, reliable and secure manner in the Service Provider’s computer database, in particular, relating to Payment Orders and notifications sent, shall be deemed authentic between the Parties until proven otherwise.

28. Territorial Scope

The provisions of Articles L133-1 et seq. and L314-1 et seq. of the French Monetary and Financial Code shall apply when the Service Provider and the Payment Service Provider of the payer or a beneficiary of a payment transaction carried out to debit or credit the Account are both located within the territory of Metropolitan France, Guadeloupe, French Guiana, Martinique, Réunion, Mayotte, Saint Martin or Saint Barthélemy, or in another Member State of the European Union or in another State party to the Agreement on the European Economic Area, and that the transaction is carried out in euros or in the currency of a Member State of the European Union that does not belong to the SEPA Zone or of another State party to the Agreement on the European Economic Area.

The provisions of Articles L133-1 et seq. and L314-1 et seq. of the French Monetary and Financial Code apply (with the exception of those of Articles L. 133-11 to L. 133-13; L133-14, II and with the exception of the time limits mentioned in Article L314-13, VI) when the Service Provider and the payment service provider of the payer or a beneficiary of a payment transaction carried out to debit or credit the Account, are located, one within the territory of Metropolitan France, Guadeloupe, French Guiana, Martinique, Reunion, Mayotte or Saint Martin, the other within the territory of Metropolitan France, Guadeloupe, French Guiana, Martinique, Reunion, Mayotte, Saint Martin, or in another Member State of the European Union or in another State party to the Agreement on the European Economic Area, and that the transaction is carried out in the currency of a State that does not belong to the Agreement on the European Economic Area, with regard to those parts of the payment transaction that are carried out within the European Union.

The provisions of Articles L133-1 et seq. and L314-1 et seq. of the French Monetary and Financial Code apply (with the exception of those of Articles L. 133-11, L133-13, I; L133-22; L133-25 to L133-25-2; L133- 27, and with the exception of the time limits mentioned in Article L314-13, VI) when only the Service Provider or only the Payment Service Provider of the beneficiary or the payer is located in metropolitan France, Guadeloupe, French Guiana, Martinique, Reunion, Mayotte or Saint Martin, irrespective of the currency in which the payment transaction is carried out, with regard to those parts of the payment transaction that are carried out within the European Union.

29. Complaints and Mediation

The Account Holder is invited to contact the Platform’s Customer Service Department, which may be indicated on the Website, for any complaint.

Any complaint other than that provided for in Article 10 concerning the conclusion, implementation or termination of the Framework Agreement must be notified by email to the following address:

legal@mangopay.com.

The Account Holder agrees that the Service Provider may respond to their complaints on a Durable Medium. The response will be sent as soon as possible and no later than fifteen (15) Business Days following receipt of the complaint by the Service Provider. However, for reasons beyond its control, the Service Provider may not be able to respond within this period of fifteen (15) days.

In this case, it shall communicate to the Account Holder a response specifying the reasons for this additional time and the date on which it will send the final response. In any event, the Account Holder will receive a final response no later than thirty-five (35) Business Days following receipt of the complaint.

The Account Holder is informed that the CSSF (Commission de Surveillance du Secteur Financier) is competent to settle, on an extrajudicial basis, disputes relating to the implementation of this Framework Agreement. For more information regarding the CSSF and the conditions of such recourse, you may contact the Platform’s Customer Service Department or consult the CSFF website (http://www.cssf.lu). Applications for mediation must be addressed to the Ombudsman of the Commission de Surveillance du Secteur Financier (CSSF), 283 route d’Arlon, L-1150 Luxembourg (direction@cssf.lu), without prejudice to other legal remedies. However, the matter may not be referred to the Ombudsman if the application is clearly unfounded or abusive, if the dispute has been previously examined or is being examined by another Ombudsman or by a court, if the application to the Ombudsman is submitted more than one (1) year after the written complaint to the Service Provider, or if the dispute does not fall within the Ombudsman’s field of competence.

30. Language – Applicable Law and Jurisdiction

Except in the event of application of a law of public order (which will apply only within the strict limits of its purpose), it is expressly stipulated that English is the language chosen and used by the Parties in their pre-contractual and contractual relations and that the Framework Agreement is subject to French law. Any dispute between the Parties in respect of the Framework Agreement will be subject to the jurisdiction of the competent French courts.