Legal Terms and Terms of Use of SecPaid

These are the terms and conditions for the technical service software SecPaid, which is offered

as a carrier/messenger of e-money on the website secpaid.com. If a contract is concluded for

the use of this technical service software SecPaid, the following shall apply. The contract

governs your use of the SecPaid user account, hereinafter referred to as the user, with which

you agree to the general terms and conditions and terms of use by signing a physical contract.

As a registered user of a SecPaid User Account, you can offer your customers, hereinafter

referred to as users, various payment options. Payments are referred to as transactions. If a

transaction for your SecPaid user account is initiated by a user, it is no longer possible to

cancel a transaction, nor can the user reclaim the transaction from SecPaid, as SecPaid has

already provided its service in full by triggering the user's transaction and at the latest with the

crediting of the corresponding SecPaid user account and has thus fulfilled its contract as a

technical service provider. A fourteen (14) day right of cancellation is excluded, and this

exclusion is accepted by the user by initiating the transaction. Data protection guidelines and

data collected by the payment services/payment sources offered can be obtained directly from

the providers. We hereinafter refer to these Legal Terms and Terms of Use as Legal Terms.

They apply to registered SecPaid user accounts whose users are residents or registered

companies of the Federal Republic of Germany or the European Economic Area and whose

users, who do not necessarily have to be residents of the European Economic Area, initiate

transactions to registered SecPaid user accounts.

For international registrations, the same Legal Terms with its provisions, the money laundering

section and the Privacy regulation are in force, but must be requested in the required language.

The latest version of our technical services software SecPaid, will always be made available

to you on the secpaid.com website. Signed contracts or subscriptions retain their legal force

and do not have to be adapted to the current version.

By opening and using a SecPaid user account, you agree to comply with all provisions of these

Terms of Use. You also agree to comply with any separate agreements that may apply to you

or your company through a physical contract. Users who initiate a transaction to a SecPaid

user account must identify themselves to the payment service/payment source used.

As these Legal Terms are subject to the laws and jurisdiction of the Federal Republic of

Germany, it may be necessary to amend them.

All future changes to the Legal Terms will be published on the secpaid.com website. This does

not affect any separate agreements for you resulting from a physically concluded contract. By

continuing to use the SecPaid user account after a change to these Legal Terms, you agree

to the changes. If you do not agree to the changes, you can cancel your account before the

changes take effect.

The services of the technical service software SecPaid on the secpaid.com website is provided

for registered users in the European Economic Area of SecPaid Limited & Co. KG, Tal 44,

80331 Munich. Information on how to contact us can be found on the secpaid.com website or,

if applicable to you, in the details of a physical contract.

The main business of SecPaid is the transaction from a payer, hereinafter referred to as the

customer, to the payee, hereinafter referred to as the user, and the provision of payment

services used for the transaction by the customer.

Your company must be properly registered in the country where its headquarters are located.

When using the right of establishment, your establishment must be duly registered in the

country in which the right of establishment is used.

We also require a PCI declaration of conformity from your company, which you must submit to

us independently on an annual basis.

You need Internet access and a device and operating system of your choice to register on

secpaid.com. Mandatory fields must be completed.

You can cancel your SecPaid user account at any time.

If you have signed a physical contract, you can find the cancellation information there.

After cancellation of the contract or deletion/deactivation of your SecPaid user account, our

business relationship ends immediately.

SecPaid is obliged to withhold a reasonable period of time for the settlement of claims and

other liabilities of your account and compliance with the applicable laws and regulations for

your credit balance on the SecPaid user account. If there is no credit balance, you will receive

corresponding statements of any claims from us or third parties.

You remain responsible for any outstanding obligations that arose prior to the cancellation of

your SecPaid user account. If no claims are expected after a maximum holding period of thirty

days, your credit balance will be paid out to the IBAN you have deposited with us.

If a SecPaid user account is used for criminal activities or only partially used for such activities,

the SecPaid user account will be blocked and the matter will then be passed on to the relevant

authorities. In such a case, your contract will be cancelled by us without notice. Even if we

receive this information from the authorities.

SecPaid has the right to terminate your SecPaid user account, and consequently your

contractual relationship based on a physical contract or subscription, if your behaviour is

damaging to SecPaid and SecPaid's contractual partners, image, or reputation.

In particular, SecPaid shall terminate any contractual relationship if your behaviour violates

morals, ethics, human rights, international law, public morals, discrediting, discrimination,

GDPR, AMLA or is otherwise reprehensible in any way.

By using a SecPaid user account, you are obliged to submit a PCI compliance declaration to

SecPaid annually, independently and unsolicited. If you fail to fulfil this obligation, SecPaid

reserves the right to terminate the contractual relationship.

You must keep your access data safe to prevent misuse.

You can receive money from the payment service providers we offer, hereinafter referred to

as transactions. You can view the payment service providers on our website, as well as in your

physical contract, or by contacting the SecPaid team. If you, as our customer, a payment link

with them SecPaid program create, for your customer, will SecPaid Limited & Co. KG,

automatically, but only formally, to the assignee and our customer to the assignor. In this case,

the assignee is to be regarded as the new creditor of the claim, so that he is also entitled to

collect it. However, he has no authority to dispose of the claim in question; thus, a so-called

fiduciary relationship exists between him and the assignor. Therefore, the assignee ultimately

has more legal power in external relations than in internal relations. Therefore, the intended

use also includes SecPaid and no service or goods from our customers, because SecPaid

Limited & Co. KG then acts for the claim amount, in its own name, but is obliged by law and

legal situation, as assignee, that is SecPaid Limited & Co. KG, immediately upon receipt of the

claim amount, to transfer it to our customer, the assignor, to his bank account known to us. For

this transaction, SecPaid Limited & Co. KG receives the SecPaid service fee. You can find the

information regarding your SecPaid service fee on the website secpaid.com or in your physical

contract.

You will find the full explanation in the contents, under the chapter assignment of receivables.

This account is managed and administered by you.

As a company, you use your SecPaid user account to receive online payments for your

company. We offer various payment source options for this purpose, which can be found on

the secpaid.com website.

The privacy policies of the payment sources used, including which data is collected by them,

must be obtained by the user and the user from the providers of the payment sources that are

linked to the SecPaid user account.

If you have concluded a physical contract with SecPaid, these will be listed in your contract.

You can view a list of your transactions in your SecPaid user account.

The base currency is Euro.

Credit balances are automatically transferred daily by SecPaid to your IBAN stored with us.

No interest is charged on your SecPaid balance.

You are responsible for paying any taxes on your balance to a tax office.

In international business transactions, assignment of receivables is particularly used to assert

claims across borders. In addition to national civil law provisions, European Union regulations,

such as Regulation EC No. 593/2008, Rome I, apply with regard to applicable law, in particular

Articles 14 and 15.

In principle, no special legal formal requirements apply to assignment of receivables. National

under German law, in particular Section 398 of the German Civil Code (BGB), a claim can be

assigned informally unless a special form, such as written form, is required by law or contract.

This process is automated in the SecPaid software, and our customers do not need to take

any further action or sign a separate contract. The assignment of receivables enables the

SecPaid Limited & Co. KG to assert the third-party claim in one's own name, so that SecPaid

Limited & Co. KG can ultimately demand a performance from oneself, which is done by

charging the SecPaid service fee. However, SecPaid Limited & Co. KG has no further rights.

The creditor retains all other rights and is the only one who can exercise them. In most cases

of cancellation, such as frequently known from PayPal, we take on the first escalation, but if it

is not successful, you must then deal with the collection of the invoice amount alone, or take

measures, as further intervention by SecPaid Limited & Co. KG would violate the legal and

regulatory situation regarding the assignment of receivables.

5.1 Concept and fundamental meaning of assignment of receivables

The assignment of receivables is a term from civil law that refers to the transfer of a claim for

the purpose of collection by a new creditor. In this case, the claim is not definitively transferred

to the new creditor, but rather the new creditor merely receives the authority and right to assert

the claim in his own name on behalf of the original creditor. The assignment of receivables

represents a special legal institution and is in particular used in commercial transactions to

collect receivables efficiently.

5.2 Legal basis of assignment of receivables

Assignment for the purpose of confiscation the claim by the assignee. As with the assignment

for security purposes, a fiduciary assignment in which the assignee although in external

relationship the creditor position completely transmitted, in the Internal relationship but is

bound in a fiduciary capacity to the assignor when exercising this legal position. The

assignment of receivables serves typically the economic interest of the assignor. The fiduciary

obligation of the assignee typically includes the obligation to collect the claim for the account

and in the interest of the assignor and to comply with any instructions from the assignor, if

required. With the SecPaid software, all processes are automated, so that the invoice amount,

after crediting in the system SecPaid is paid out to our customer at his or her known financial

institution.

5.3 Legal regulation and demarcation

The assignment of receivables finds its legal basis in the general provisions of the German

Civil Code (BGB), on the assignment of claims, §§ 398 ff. BGB. Compared to the real, the

assignment of receivables differs from a full assignment in that the collected claim is formally

transferred to the assignee, the acquirer of the claim, but the assignee remains obligated to

transfer the proceeds to the assignor, the original creditor. The assignment is usually silent,

i.e., without disclosure to the debtor, unless there are contractual or statutory disclosure

obligations. The assignment of receivables is direct debit authorisation to demarcate, there at

the assignment of receivables the claim is not transferred to the recipient, but only the right to

it is transferred to him confiscation the commercial confiscation of claims assigned for

collection purposes, what a direct debit authorisation would be, falls as dept collection service

under the regulation of the Legal Services Act, Section 2, Paragraph 2 RDG, which does not

apply to the assignment of receivables, since SecPaid Limited & Co. KG does not receive a

direct debit authorisation, can this procedure be carried out without an assignment of

receivables licence, as explained in detail in this chapter on assignment of receivables.

5.4 Contracting parties and participants

The assignment of receivables usually involves three parties:

• Assignor: The assignor is our customer.

• Assignee: This is SecPaid Limited & Co. KG.

• Debtor/Customer of the assignor: The person against whom the claim is directed.

The SecPaid service fees are calculated and charged by us as a service fee based on the

agreements, we have with a payment service or payment source. The service fees are subject

to the global financial market and other price increases beyond our control, which may result

in an increase in the service fees, temporarily or permanently.

If a contract or subscription with a term has been concluded with us, the SecPaid user account

will always be set to the module that comes closest to the contract from the agreed SecPaid

service fees. SecPaid shall always endeavour to bring about the origin of physical contracts, if

possible.

A term of a subscription or contract merely means that SecPaid would want to fulfil the

individual agreements.

If influences affecting a contractual partner are either unacceptable or measures to be taken

by SecPaid are not satisfactory, both the contractual partner and SecPaid may terminate the

contract.

SecPaid uses the KONG API to manage and forward API requests. The aim is to achieve a

response time of <500 milliseconds, although this depends on the performance of the KONG

API tool. To ensure strong authentication and authorisation, Keycloak is used, which enables

single sign-on (SSO) and the management of roles and authorisations for API access. This

ensures that only authorised users can use the API. In the event of problems with the API,

SecPaid takes over communication with the third-party providers, but has no direct influence

on the resolution, as the infrastructure and services are operated by the third-party providers

(IONOS SE, KONG, Keycloak).

If your SecPaid user account is frequently debited with chargebacks, which would be from one

(1%) percentage point of the monthly transactions, SecPaid will hold back twenty (20%)

percent of your credit balance until the following month in order to be able to service any

chargebacks.

If these chargebacks are constant and monthly over a longer period of time and you do not

remedy the situation or do not contact the SecPaid service for clarification, SecPaid reserves

the right to restrict or cancel your SecPaid user account.

In this case, SecPaid will also send you a warning and charge you fees for the additional work

involved, which will be communicated to you separately.

As a technical service provider, we have no influence on the contract concluded between the

customer and the user. Therefore, discrepancies, defects in the subject matter of the contract,

cancellations, or other complaints arising from this contract are the responsibility of the

contracting parties, in this case the customer and the user. The contracting parties shall then

apply the applicable law of the respective country and, in the case of defaulting customers, for

example, shall themselves be responsible for the costs of debt collection, lawyers or court

costs. SecPaid accepts no liability or warranty for this.

Should you as a user require support from us, you can optionally request the necessary

individual fee for our service. A fee will then be charged based on the expected effort required,

e.g. to recover an unjustified chargeback/reversal of a transaction from your SecPaid user

account, and will be communicated to you before the SecPaid team becomes involved in the

matter.

You are responsible for the security of the devices and operating systems you choose for your

SecPaid user account.

You must protect your access data from misuse.

If you grant or authorise third parties to access your SecPaid user account or instruct third

parties to manage your SecPaid user account on your behalf or to make payments and

bookings, SecPaid accepts no liability or warranty for their actions.

The technical service software SecPaid is maintained and serviced by us in accordance with

the current state of technology available.

SecPaid provides a service for you on weekdays from 09:00 a.m. - 05:00 p.m., which you can

contact if you have any questions or need help.

SecPaid cannot accept any liability for the failure of servers or third-party systems, as SecPaid

is dependent on third-party providers and third-party systems.

If SecPaid detects malfunctions or security risks that jeopardise systems and applications, the

technical service software SecPaid may be temporarily deactivated or restricted until the

malfunction or security risk has been rectified. In this case, SecPaid cannot accept any liability

or warranty.

SecPaid shall not and cannot assume any liability or warranty for events that are beyond the

control of SecPaid and its service team.

Users who register on the secpaid.com website or users who sign a customised contract

receive neither ownership nor possession rights, only the non-exclusive right to use the

technical service software SecPaid.

The rights of ownership/possession remain with the authors/owners.

Anyone who registers for a SecPaid user account has a duty to co-operate. The information

required to identify a natural person, a legal entity or a partnership is set out in § 11 (4), (5)

and (6) GwG. This information is collected during registration.

Should changes occur during the business relationship, SecPaid must be notified immediately.

If changes are not notified to SecPaid promptly, SecPaid shall not be liable for any resulting

damages or losses caused by the contractual partner's breach of the duty of notification.

The contractual partner of SecPaid shall be obliged to fulfil requirements for prevention in

accordance with the GwG, to keep the provision or updating of his data and/or documents up

to date.

Should the contractual partner fail to fulfil his obligations even after being requested to do so

by the SecPaid service or after a request has been made, the SecPaid user account shall be

restricted or deleted. A processing fee will be charged for the additional work involved, which

will be communicated to you separately.

The SecPaid user account may only be used for the ordinary business operations of the

company.

If a contractual partner wishes to establish, continue or execute transactions for a beneficial

owner, the identity of the beneficial owner must be proven to SecPaid.

SecPaid is obliged by the GwG to provide information on conspicuous transactions to the

authorities upon request, even without the contractual partner's consent, or to forward

conspicuous transactions that are recognised by SecPaid to the relevant authorities. This also

applies if there is an initial suspicion of money laundering, criminal activities of any kind or

support for terrorism, or if an initial suspicion is confirmed.

SecPaid processes and secures data that is collected in accordance with the General Data

Protection Regulation (GDPR).

Furthermore, data is processed on the basis of our PCI compliance declaration.

The cookies from secpaid.com on your device are valid for 24 hours.

The GDPR regulates the handling of personal data, both private and public, within the

European Union and also in non-EU countries in the European Economic Area.

The data protection standard under the GDPR also applies to international registrations for a

SecPaid user account, as well as to authorisation.

You authorise us for this.

If you register for a SecPaid user account, personal data or company-related data will be

collected. When a physical contract is concluded, the data is also collected and stored at

IONOS SE. The data collected by us is not passed on to third parties, it is used for registration

or when signing a contract in order to credit transactions to your SecPaid user account, to be

able to allocate the corresponding service fees incurred and to carry out transactions to your

IBAN stored with us and to fulfil legal requirements.

In order to be able to realise the transaction processes for your SecPaid user account, we work

together with third-party providers, which you can find on our website secpaid.com. Only a

system-relevant exchange of the necessary data takes place here.

The privacy policy can be found on the websites of the respective providers.

For customers who initiate transactions to a SecPaid user account, the data is collected by the

payment service providers, where customers can find the privacy policy.

Please contact us if you have any questions or concerns. Our contact details are as follows:

Postal address:

SecPaid Limited & Co.KG

Tal 44

80331 Munich

Germany

or

SecPaid Limited

Kandoy House, 2 Fairview Strand

Clontarf West Dublin 3, D03 R8P3

Ireland

E-Mail: contact@secpaid.com

You can also contact us via the contact form available on our website.