General Merchant
Terms and conditions
1. Interpretation and definitions
1.1 In this agreement, unless the context indicates otherwise, the following applies:
1.1.1 Natural persons include juristic entities (incorporated or unincorporated) and vice versa.
1.1.2 Headings are for convenience only and must not be used to interpret the agreement.
1.1.3 Expressions in the General Merchant Terms and Conditions have the same meaning in the product terms and conditions and related annexures, schedules, and merchant documents, unless defined otherwise. The terms and conditions below are the general provisions applicable to processing card transactions, you must read these terms and conditions in conjunction with the relevant product terms and conditions.
1.1.4 If a provision in a definition is a substantive provision giving rights to or imposing obligations on a party, regardless of whether it appears in the definitions clause only, it will be a substantive provision of the agreement.
1.1.5 Reference to a statutory enactment must be interpreted as a reference to that enactment (as amended or substituted) at the start date of the agreement.
1.1.6 Reference to ‘days’ means calendar days, unless qualified by the word ‘business’.
1.1.7 Unless specifically stated otherwise, any number of days will be determined by excluding the first and including the last day. If the last day falls on a Saturday, Sunday or public holiday, it will be the following business day.
1.1.8 Where figures are referred to in numerals and in words and there is any conflict between the two, the words shall prevail;
1.1.9 reference to payments refers to that payment as being in South African rands (ZAR). You must adhere to the South African Reserve Bank’s (SARB’s) financial limits for ZAR when processing payments in foreign currency.
1.1.10 No provision in the agreement must be interpreted against or to the disadvantage of a party because that party has or is deemed to have structured, drafted and/or introduced that provision.
1.1.11 The words ‘include’ and ‘including’ mean ‘include without limitation’ and ‘including without limitation’. The use of the words ‘include’, ‘includes’ and ‘including’ followed by a specific example or examples must not be interpreted as limiting the meaning of the general wording preceding it.
1.1.12 The agreement is subject to the Financial Intelligence Centre Act (FICA), 38 of 2001; Consumer Protection Act (CPA), 68 of 2008; Protection of Personal Information Act (POPIA), 4 of 2013; and all other legislation and regulations as well as the card network rules and card industry requirements (as amended).
1.2. Definitions
Unless expressly indicated otherwise, the words and expressions below mean the following:
1.2.1 3D Secure |
An authentication method approved by a Card Network that provides the ability to authenticate Cardholders during an online purchase, thus reducing the likelihood of Fraudulent Card usage. |
1.2.2 acquirer, acquiring bank |
A bank or financial institution that allows you to accept card payments from the issuing bank and processes card payments on your behalf. In the context of the agreement, we are the acquirer. |
1.2.3 agreement |
The merchant agreement, which consists of the following and may be amended:
|
1.2.4 American Express / Amex |
American Express Limited, an American financial services corporation. Nedbank issues American Express cards in South Africa under license of American Express. |
1.2.5 Amex terms and conditions |
The terms and conditions as set out in Annexure 3 containing all of the relevant provisions relating the Amex product, which must be read in conjunction with the general terms and conditions. |
1.2.6 AMT |
An Authenticated mobile transaction (a card-not-present mobile transaction, authenticated with a PIN). |
1.2.7 annexure |
A document that is attached or to be attached to the agreement and that sets out specific provisions of each card acceptance product. |
1.2.8 applicable law |
All legal and regulatory requirements and enactments in South Africa and any other jurisdiction from which the services are provided and/or that may be applicable in relation to your and our services and activities, including applicable anti-bribery law (which is any bribery, fraud, kickback or other similar anti-corruption law of any relevant country, including the UK Bribery Act, 2010) or similar legislation. |
1.2.9 authorisation, authorised |
The issuing bank confirming that there is enough money available on the card or in the account linked to the card, allowing a transaction to be processed. If the issuing bank indicates that there is not enough money available, the transaction will be declined. |
1.2.10 bank, Nedbank, we, us, our |
Nedbank Limited, with registration number 1951/000009/06, a licensed financial services and registered credit provider (NCRCP16), with limited liability, duly incorporated in line with the company laws of South Africa, together with its successors in title. |
1.2.11 batch |
means a series of electronic financial Card Transactions in a Settlement. |
1.2.12 budget |
A feature that allows a cardholder to pay a transaction off over an extended period. |
1.2.13 card |
A valid debit, credit, virtual or digital card that is acceptable to us and that is issued by the issuing bank or by a financial institution for the exclusive use of a cardholder to perform card transactions. A card may have contactless card, digital wallet, QR code or other payment features developed to facilitate card payments. |
1.2.14 card acceptance products |
The products below that form part of the suite of products that we offer, enabling you to accept cards as a payment method: a) POS devices b) E-commerce services |
1.2.15 cardholder |
The natural person or legal entity to whom a card is issued and/or who is authorised to use it. This would include physical cards as well as digital or virtual cards. |
1.2.16 card network |
An entity that operates a card network engaged in the business of issuing cards as a payment method, including Mastercard International, Visa International, Diners Club International, American Express, Union Pay International (UPI), the Buy Aid associations, and any other entities operating another card network that may exist. |
1.2.17 card network rules, rules |
The rules that the card networks publish and that stipulate and regulate the terms of use of their cards and network infrastructure. These rules may sometimes change. |
1.2.18 card not present |
means a Card payment transaction processed without the presence of a physical Card (or representation thereof such as Samsung Pay, Google Pay, Apple Pay etc), either by way of a manual entry of Card details or online capture of Card details for E-commerce transactions, in other words where the physical Card has not been swiped, dipped or tapped by means of a reader. |
1.2.19 card transaction |
A commercial transaction for which the card is used as a payment method. |
1.2.20 chargeback |
When the issuing bank returns payment instruction to the acquiring bank as a result of a dispute that the cardholder has raised on the grounds of, among others, an invalid or fraudulent transaction. |
1.2.21 chargeback fee |
Fees, penalties and charges associated with a chargeback. |
1.2.22 chip card |
means a plastic Card embedded with an integrated circuit, or chip, that communicates information to a point-of-sale (POS) device, depending on the risk parameters on the Card and POS device. |
1.2.23 contactless card |
means a chip Card with additional functionality, which is able to make a contactless payment, this includes digital/virtual Cards. |
1.2.24 contactless payment |
A transaction made whereby a contactless card is tapped against or within close proximity of a contactless POS device, commonly known as ‘tap and go’. |
1.2.25 commencement date |
The date on which this agreement is signed by the Merchant, regardless of when Nedbank signs the Agreement. |
1.2.26 confidential information |
Information relating to data subjects, business activities and relationships. It is data of any nature, tangible or intangible, oral or in writing and in any format or medium, which by its nature or content is or reasonably ought to be identifiable as confidential and/or proprietary to either party and is provided or disclosed in confidence or may come to the knowledge of the other party by whatever means. Confidential information includes the following, even if it is not marked as ‘confidential’, ‘restricted’ or ‘proprietary’ (or with similar descriptions): a) Technical, scientific, commercial, financial and market information, methodologies, formulas and trade secrets. b) Architectural information, demonstrations, plans, designs, drawings, processes, process maps, functional and technical requirements and specifications, and the data relating to them. c) Intellectual property, including third-party intellectual property, as the context may indicate. d) Personal information. |
1.2.27 CVV2/CVC2/4DBC |
Is a security feature for Card-not-present Transactions on most Visa, MasterCard, American Express and Diners Club Cards, consisting of a three- or four-digit value that provides a cryptographic check of the information embossed on the Card. CVV2, CVC2 and 4DBC are Card verification codes for Visa, MasterCard and American Express® respectively. For American Express® the code, called CID, is a four-digit number on the front of the Card above the account number. For Visa and MasterCard the code is a three-digit number that appears at the end of the account number on the back of the Card. A CVV2, CVC2 or 4DBC number is printed only on the Card – it is not contained in the magnetic strip information, nor does it appear on sales receipts or statements. |
1.2.28 days |
All days except Saturdays, Sundays and public holidays. Where a number of days is stipulated, it will exclude the first day and include the last. |
1.2.29 debit card |
A card that gives online access via the POS device to a cardholder’s bank account and that allows an immediate debit to this account of the full transaction amount. |
1.2.30 digital card |
A card that is registered on an electronic device such as a cellphone, smart watch or tablet and that enables a cardholder to use the device to make contactless payments. This is sometimes referred to as a virtual card. |
1.2.31 e-commerce |
Electronic commerce, including transactions performed by means of electronic media in a non-face-to-face environment. |
1.2.32 e-commerce transaction |
A transaction that a cardholder performs over the internet for which authorisation was obtained. |
1.2.33 e-commerce terms and conditions |
The terms and conditions as set out in Annexure 2 containing all of the relevant provisions relating the e-commerce product and must be read in conjunction with the general terms and conditions. |
1.2.34 fees |
Charges that we are entitled to debit to your nominated account, including service charges and fees, the merchant service commission, and administration charges. |
1.2.35 fee schedule |
The schedule as set out in the cover page of this agreement and sets out the fees applicable to the card acceptance products |
1.2.36 floor limit |
The maximum amount (including VAT) that we allow you to charge to a card for a single card transaction before authorisation is required. |
1.2.37 foreign card |
A Card issued by a foreign issuing bank and therefore not governed by local interchange regulations. |
1.2.38 fraud |
A wrongful or criminal deception intended to result in financial or personal gain. |
1.2.39 fraudulent transaction |
Any transaction that constitutes fraud under the law and/or common law; or a transaction that is processed using a cardholder’s financial details or account information or card without the cardholder’s authorisation; or use of a card that has not been issued by a genuine card issuer – in all cases regardless of whether the card transaction was authorised or whether we provided an authorisation code. |
1.2.40 general terms and conditions |
The terms and conditions that set out all of the provisions that relate to processing card transactions as a whole and our relationship. These terms and conditions will apply to the agreement notwithstanding which products have been selected by you. |
1.2.41 Hot-Card File |
A limited electronic file of Cards that are considered high risk by the banking industry of South Africa. |
1.2.42 intellectual property |
Any know-how (not in the public domain), invention (whether patented or not), design, trademark (whether registered or not), software or copyright material (whether registered or not), processes, process methodology (whether patented or not), and all other identical or similar intellectual property that may exist anywhere in the world that is not in the public domain, including applications for registration of the intellectual property. |
1.2.43 intellectual property rights |
In relation to any intellectual property, all and any proprietary rights to the intellectual property, or any other right, title, authority or entitlement that a party holds in respect of the intellectual property, whether under licence or otherwise. |
1.2.44 Interchange Rate |
The fee paid by the Acquiring Bank to the Issuing Bank, which is regulated and prescribed by the SARB on local Transactions. International Transactions attract various and often higher interchange fees that are not regulated by the SARB. |
1.2.45 invalid transaction |
A transaction that constitutes or arises as a result of any of the following (irrespective of whether the card transaction was authorised or whether we gave you an authorisation code): a) An act and/or omission by you and/or your employees that results in a loss or chargeback. b) The use of a card by a person other than the cardholder. c) The processing of a transaction without our prior authorisation. d) A transaction where the date of the transaction is earlier than the start date shown on the card. e) Accepting cards that are defaced, blank or illegible or cards from which the embossed inscription are illegible. f) Accepting a card that has expired. g) Accepting a card for any purpose other than current transactions. h) Duplicating a transaction. i) A transaction in terms of which the sales voucher: i) does not exist or cannot be provided; ii) is illegible; iii) is materially different or incomplete when compared with the sales voucher that was given to the cardholder; or iv) is laundered. j) A transaction where the value exceeds the authorised floor limit without our prior authorisation. k) A transaction that does not comply with the obligations set out in the card network rules. l) A transaction for which the goods or services were not delivered within the agreed period or at all. m) A transaction where the supply of goods or services is illegal. n) A transaction performed by your employee(s) when they are not authorised to do so. o) A transaction that occurred as a result of your error. p) A fraudulent transaction. q) Accepting a payment instrument from you or your authorised representative in respect of any type of transaction for any reason other than the valid supply of goods or services, which will be evidenced on request by us. If a transaction is regarded as an invalid transaction or an incomplete transaction, we have the right to charge each invalid transaction or incomplete transaction back to you, and you will be liable for all losses incurred as a result of the invalid transaction or incomplete transaction. We also have the right to terminate the agreement immediately. |
1.2.46 issuing bank, issuer |
The bank or entity that issued a card to a cardholder. |
1.2.47 loss |
All losses, liabilities, costs, expenses, fines, penalties, damages, claims and all related costs and expenses (including legal fees on the scale as between attorney and own client, tracing and collection charges, costs of investigation, interest and penalties). |
1.2.48 M-commerce |
An E-commerce transaction performed through wireless and/or mobile electronic media. |
1.2.49 magnetic strip |
A strip of magnetic tape affixed to the back of a card containing basic data such as the account number and the cardholder’s name. |
1.2.50 manual entry |
The keying of a card number into the pos device to effect a transaction without inserting the card into or swiping the card through the pos device. |
1.2.51 manual entry facility |
The ability of a merchant to process transactions by making use of manual entry. |
1.2.52 manual transaction |
A transaction processed by way of manual entry. |
1.2.53 Mastercard |
Mastercard Incorporated or Mastercard Worldwide, an American multinational financial services corporation. |
1.2.54 Masterpass |
Nedbank Masterpass. |
1.2.55 Masterpass compatible app |
means the application a Customer will install on a smartphone and/or tablet or similar technology, which will allow a Customer to load Card details to create a digital wallet and scan Masterpass QR codes. |
1.2.56 material amendment |
An amendment to these terms and conditions that impacts your day-to-day business operations, specifically relating to using the services. |
1.2.57 merchant, you, your |
The entity or person who has entered into the agreement with us. |
1.2.58 merchant application form |
The application form that you completed and that sets out, among others, your particulars.. |
1.2.59 merchant portal |
As it relates to Masterpass, the interface on your device enabling you to, among others, check transactions and access reports. |
1.2.60 merchant service commission, MSC |
Fees that you must pay to us. |
1.2.61 Merchant Service Desk |
The Nedbank contact centre designated for merchant support services. |
1.2.62 nominated account |
The bank account that you nominate in the cover page of this agreement. We use this account to credit amounts due to you and to debit costs, chargebacks and/or amounts for which you are liable in terms of the agreement. |
1.2.63 party |
You or us. ‘Parties’ means you and us. |
1.2.64 PASA |
The Payments Association of South Africa and its successor in title, being the payment system management body as approved by the South African Reserve Bank, which determines industry requirements applicable to you and us. |
1.2.65 PCI DSS |
The Payment Card Industry Data Security Standards as stipulated by the PCI Council and card networks. |
1.2.66 penalty |
A fine that a card network levies to a bank if you contravene its regulations and/or operational risk parameters. |
1.2.67 personal information |
Has the meaning set out in POPIA, includes special personal information and relates only to the personal information of which we are the responsible party. |
1.2.68 PIN |
A Cardholder’s personal identification number that is issued to the Cardholder by the Issuing Bank. |
1.2.69 POS |
Point of sale. |
1.2.70 POS terms and conditions |
The terms and conditions as set out in Annexure 1 containing all of the relevant provisions relating the POS product and which must read in conjunction with the general terms and conditions. |
1.2.71 POPIA |
Protection of Personal Information Act, 4 of 2013. |
1.2.72 processing, process |
When it comes to personal information, has the meaning set out in POPIA. |
1.2.73 QR code |
A quick-response code generated to enable one to process transactions. It is a machine-readable code consisting of either an array of black and white squares or a linked numeric code, typically used for storing internet links or other information. The QR code can be a static QR code or a dynamic QR code: a) A static QR code has a predetermined value or will allow the customer to enter a value. b) A dynamic QR code is linked to specific purchases. |
1.2.74 refund |
The amount that is debited to your nominated account and credited to the cardholder in terms of clause 11, or to cause this to happen in respect of the amount in terms of clause 11. |
1.2.75 sales voucher |
The written confirmation of a transaction that you have processed, recording the date, your business name and location, PAN, the amount of the transaction, and the reference number. Within the context of the E-commerce Terms and Conditions, this includes electronic sales vouchers. |
1.2.76 services |
Any of the functions that we provide and fulfil in relation to any of the card acceptance products as fully set out in clause 5. |
1.2.77 settle, settlement |
Settling your nominated account in terms of the transactions that you have processed and banked, subject to our conducting the necessary verification and fraud checks. |
1.2.78 start date |
The date on which you sign the agreement, regardless of when we sign it. |
1.2.79 smart device |
A compatible electronic device operated by the Customer, including a smartphone or tablet. |
1.2.80 territory |
South Africa. |
1.2.81 third party service provider |
A third party service provider that Nedbank has contracted with in order to provide the Services. |
1.2.82 transaction |
a monetary transaction in terms of which you ou accept payment from a customer via a card transaction. |
1.2.83 transaction fee |
The fee that we charge you for each card transaction, as specified in the fee schedule. |
1.2.84 Visa |
Visa Inc., an American multinational financial services corporation; |
2. Introduction
2.1 The agreement regulates the relationship between the parties as it relates to the services.
2.2 The agreement sets out the general terms of the services and consists of various annexures that set out the specific terms of the card acceptance products, which must be read together with these General Merchant Terms and Conditions.
2.3 Our relationship and the agreement are subject to the card network rules and all applicable laws. By entering into the agreement, you agree to be bound by all of them at all times.
3. Your business
3.1 Your business is as described in the cover page of this agreement, and you undertake to accept cards in payment of goods and/or services relating to your business only and within South Africa only.
3.2 The goods and/or services you offer may not be sold or produced in contravention of the agreement, applicable law, common-law provisions or the card network rules.
3.3 You must notify us in writing of any change in the nature of your business or a change in the ownership or beneficial control of your business within three business days.
3.4 The card networks restrict and/or prohibit certain industries. Therefore, if you are dishonest with regard to your business or if you supply goods and/or services that are not aligned with the disclosed business, we may view that as a material breach of the agreement and terminate it accordingly.
4. Duration
4.1 The agreement will come into force on the start date, subject to its provisions, and will endure for an initial period of one year (initial period).
4.2 If you want to terminate the agreement when the initial period expires, you must inform us at least 90 days before the expiry date. If you do not inform us within 90 days of the expiry date, the agreement will continue indefinitely until it is terminated in line with the provisions set out in the agreement.
4.3 Termination of the agreement will not affect any existing obligations that you may have towards us, and will not affect our rights in terms of the agreement.
4.4 Each annexure to this agreement will endure for the period set out in clause 4.1, subject to the further provisions of clause 4.
5. Services
5.1 The services that we provide in terms of the agreement are the following:
5.1.1 The ability to accept and process transactions through using the card acceptance products.
5.1.2 Clearing and settlement services, which entail –
5.1.2.1 debit and credit card clearing and settlement by us, in terms of which you receive payment from a cardholder for goods and/or services; and
5.1.2.2 our paying the amounts due to you and retaining the amounts that you owe us in terms of the agreement.
5.1.3 Supply and support services, which entail –
5.1.4 support in respect of the debit and credit card clearing and settlement services referred to in clause 5.1.2;
5.1.5 billing and invoicing; and
5.1.6 any services that are as set out in the annexures.
6. Your obligations
6.1 In providing your goods and/or services, you agree to the following:
6.1.1 You will display and disclose all information necessary for the cardholder to make an informed decision, including the total price, the cost of any taxes and delivery charges that apply.
6.1.2 You will not process a transaction if it does not relate to a genuine transaction for goods and/or services that you provide.
6.1.3 You will accept all valid cards that a cardholder presents in payment for the goods and/or services.
6.1.4 You will process transactions originating within South Africa and denominated in South African rands only.
6.1.5 You will supply goods and/or services at your ordinary price and will not add extra charges or set any minimum or maximum transaction amount for a particular transaction.
6.1.6 You will not require a cardholder to pay a surcharge or a part of a discount of yours or any related finance charges in connection with a transaction.
6.1.7 You will make comprehensive details of return and refund policies available to cardholders and disclose to them that you (not the original manufacturer or supplier of the goods and/or services) are the merchant of record and responsible for fulfilment of the transaction.
6.2 In addition to the above, you must do the following:
6.2.1 Comply with all legislation regulating your business, products and services, including the Consumer Protection Act, 68 of 2008, and the Electronic Communications and Transactions Act, 25 of 2002.
6.2.2 Check the expiry date of every card before you process a transaction.
6.2.3 Ensure that you have procedures in place for all transactions to prevent or reduce invalid transaction and/or fraudulent transactions.
6.2.4 At all times when accepting a card adhere to the card network rules, applicable laws, and the agreement.
6.2.5 Keep copies of all signed sales vouchers for at least 180 days from the date of the transactions.
6.2.6 Not attempt to limit your liability by requesting or inducing cardholders to waive their dispute rights in your favour.
7. Authorisation
7.1 The authorisation process that must be followed for each card acceptance product is as set out in the relevant annexures for each product.
7.2 An authorisation granted under any provision of this clause 7 or any annexure does not constitute evidence or a warranty that:
7.2.1 we will eventually make the payment;
7.2.2 the card is valid;
7.2.3 the card is genuine (ie that the card is not counterfeit); and/or
7.2.4 the person presenting the card is the actual cardholder.
7.3 Authorisation is merely an indication that the account linked to the card has enough money to pay for the card transaction on the authorisation date and that the card has not been reported lost or stolen at the time the card is presented for payment. Authorisation does not mean that a card transaction may not be subject to a chargeback. An authorisation also does not mean that payment will ultimately be made following the actions or inactions of a third party participating in the payment process.
7.4 All budget transactions require authorisation.
7.5 You must ensure that the transaction will take place on the same date the authorisation was given, unless we have given prior written consent to your processing the transaction on a different day. Certain categories of merchants are exempt from this rule.
7.6 The floor limit for all transactions will be R0, unless we have agreed otherwise in writing.
7.7 We have the right to increase, decrease or cancel your floor limit at any time at our discretion without giving reasons by giving you written notice.
7.8 We reserve the right to decline an authorisation request for any reason. We will endeavour to provide you with reasons for that decision but are not obliged to do so.
8. Our rights and obligations
8.1 We will pay to you electronically the value of all goods and/or services that you have supplied once the transaction has been authorised, less the agreed merchant service commission, which is payable by you. However, in the event of excessive chargebacks, bankruptcy, fraud, suspected fraud, invalid transactions or unfulfilled transactions, we may retain the money.
8.2 We are authorised to debit any other account that you have with us or with any other financial institution with the fees and charges set out in the agreement if we are unable to debit your nominated account.
8.3 We may apply set-off to any amount that we must pay in terms of this agreement against any amount that you owe us, whether in terms of this agreement or otherwise. We may not apply set-off to amounts that you owe to us arising from any possible commercial banking relationship that may exist between the parties.
8.4 In addition to any obligation specified in this agreement, we will:
8.4.1 give you monthly statements (electronic or paper-based) detailing all activity, relating to this agreement, on your nominated account; and
8.4.2 keep you informed of any changes in our operational policies or the card network rules that affect you.
9. Invalid transactions
9.1 We may, at our discretion, choose to treat invalid transactions as valid, but without prejudice to our right to treat any later similar transactions as invalid transactions.
9.2 We may charge back invalid transactions as described in clause 12.
9.3 We may debit the value of invalid transactions against your nominated account at any time or recover it from you in any other way.
10. Fraudulent transactions
10.1 The onus is on you to implement fraud prevention measures and to establish processes and controls aimed at combating, preventing and detecting fraud when processing transactions. You must ensure that you are adequately protected against fraud activities.
10.2 You must not honour transactions and/or accept cards that you know or suspect are fraudulent transactions, fraudulent cards or transactions that are not authorised by the customer.
10.3 If a fraudulent transaction or a suspected fraudulent transaction occurs, or if we suspect that a transaction is for any reason suspicious, invalid, erroneous or illegal, we are irrevocably authorised to:
10.3.1 withhold or delay settlement of the transaction;
10.3.2 recover the value of the transaction from you by debiting your nominated account, even if it is held at another bank, or by applying set-off or net-settling amounts due to you with the value of the fraudulent transaction and losses that we incurred or suffered as a result of or in connection with the fraudulent, invalid, erroneous or illegal transaction that you have processed, and you indemnify us against all losses in this regard;
10.3.3 place a hold on your nominated account;
10.3.4 pledge an amount equal to an estimate of any potential losses that we may incur as a result of the fraudulent, invalid or suspicious transaction;
10.3.5 suspend the acquiring service and products; or
10.3.6 terminate the agreement immediately without prior notice and without prejudice to any other rights in law.
11. Refund procedure
11.1 If a cardholder asks for a refund and/or you are required to refund the cardholder in terms of legislative provisions and/or because you reasonably believe that the cardholder is entitled to a refund, you must process the refund to the card used for the transaction or any other card issued to the cardholder.
11.2 You may not give the cardholder a cash refund. If you choose to do so, you do it at your own risk.
11.3 You must calculate the amount of any refund at the refund date using the prevailing exchange rate (where applicable). Any fees due to us resulting from the transaction will remain due and payable to us.
12. Cardholder disputes and chargebacks
12.1 Disputes and chargebacks will be dealt with in terms of the card network rules and the prevailing provisions.
12.2 The cardholder must dispute transactions within 180 days of the transaction date. In some instances this period may be longer.
12.3 We reserve the right to charge back the amount of disputed transactions directly to your nominated account on receiving the dispute.
12.4 Reasons for chargebacks include, but are not limited to the following:
12.4.1 Actual or suspected lack of authorisation.
12.4.2 Unlawful or suspicious transactions.
12.4.3 Goods and/or services not having been delivered.
12.4.4 Goods and/or services not being to the agreed standard or quality.
12.4.5 A transaction being fraudulent or invalid.
12.4.6 A transaction not having been processed in line with the card network rules.
12.5 You will be liable to us for the full chargeback amount as well as any Nedbank and/or card network fees relating to chargebacks.
12.6 We will debit the transaction amount against your nominated account or any other bank account in your name with enough credit.
12.7 We may hold the transaction amount in advance for potential chargebacks until the chargeback process has been completed.
12.8 You are liable for all chargebacks as well as their resolution with the cardholder and issuing bank. We will not intervene on behalf of you, the cardholder or the issuing bank and will not become involved in a dispute between you and a cardholder. We will assist only in the exchange of documents between you and the issuing bank.
12.9 If you want to dispute a chargeback, you must submit all the relevant and necessary documents to us on request within the requested time frames. If you do not submit the documents to us, the chargeback will be upheld.
12.10 The card networks prescribe certain thresholds relating to chargebacks and fraudulent transactions. If these thresholds are exceeded, the card networks may charge fines and/or penalties, for which you will be liable. It may also result in us terminating the agreement or reviewing and amending it.
12.11 You agree and accept full chargeback liability for all fraud established on a card, regardless of whether the chargeback is regarded as being the result of fraudulent card use.
13. Liability shift
13.1 If you have complied with the authorisation procedures as set out in the agreement and annexures, the liability for any resultant chargebacks will shift from you to the issuing bank.
13.2 However, if you do not follow the necessary processes, the liability for any resultant chargeback will shift from the issuing bank to you and you will be liable for the chargebacks.
13.3 Liability shift occurs only when a chargeback arises from the authorisation process relating to the transaction. A cardholder may still raise a chargeback if the dispute relates to the services rendered or the goods provided.
14. Merchant service commission, fees and charges
14.1 We are entitled to charge the merchant service commission, fees and charges as set out in the fee schedule.
14.2 We will provide you with a statement reflecting the merchant service commission, fees and charges debited or any other amount credited to your nominated account. This statement will be paper-based or electronic.
14.3 If we do not provide you with a statement, it will not be a waiver of our claims to the merchant service commission, fees or charges concerned.
14.4 It is your obligation to dispute statement within 90 days after the statement date in order to us to review your dispute and address your dispute. If you fail to raise a dispute within the indicated time, it will be deemed that you are in agreement with the relevant statement.
14.5 We will determine the percentage of the merchant service commission at our discretion. We may review this percentage, and will notify you of any changes.
14.6 We reserve the right to levy other fees at any time but will always notify you accordingly one month before they become applicable.
14.7 All amounts specified in the cover page of this agreement are payable free of any deductions or set-off.
14.8 You acknowledge and agree that we will be entitled to debit your nominated account with all the amounts specified in the agreement within 180 days of the date of the cancellation of this agreement.
14.9 If we are unable to debit your nominated account, we will net-settle you.
15. Debiting your account
15.1 You nominate the bank account set out in the cover page of this agreement for the debiting of any fees as it relates to the agreement.
15.2 We may debit your nominated account, at whichever bank this account is held, with the following:
15.2.1 Refunds due to a cardholder in line with the refund procedure set out in clause 9, 10, 11 and/or 12.
15.2.2 The value of reversals of invalid transactions.
15.2.3 Rentals for software and/or devices and/or fees for the provision of merchant facilities.
15.2.4 The merchant service commission as detailed in the fee schedule.
15.2.5 Refunds to a cardholder not attended to by you.
15.2.6 The value of disputed transactions that cardholders brought to our attention.
15.2.7 Interest at our prime overdraft rate on any amount that you owe us.
15.2.8 The value of transactions performed with a cancelled or otherwise invalid card.
15.2.9 Fees and/or fines and/or penalties that the card networks or industry regulatory bodies charge for excessive chargebacks or other disputes relating to you and/or your failure to comply with regulatory requirements.
15.3 You must pay an administration fee for each payment that is due to us that your bank has returned unpaid.
15.4 You undertake to notify us immediately in writing or by email of any changes in the details of your nominated account. This notification must reach us at least 10 business days before the change will come into effect. You waive any right to claim damages from us if the damages result from non-compliance with this clause.
15.5 The amounts referred to in the agreement may be subject to exchange rate variations, where applicable.
15.6 VAT will be payable on all fees referred to in the agreement and the fee schedule, where applicable, unless otherwise stated.
15.7 We reserve the right to terminate the agreement immediately if your bank returns a payment for whatever reason.
15.8 We reserve the right to change any other fees provided for in the agreement by giving you written notice, which could be a letter, statement message, statement insert or something else.
15.9 You agree and acknowledge that if your facility is cancelled, we may debit your nominated account with all the amounts specified in the agreement within 180 days of the date of the cancellation.
16. PCI DSS
16.1 When processing card transactions, you must comply with PCI DSS and therefore do the following:
16.1.1 Consult the PCI DSS website (https://www.pcisecuritystandards.org/Merchants/).
16.1.2 At your own cost agree to and do comply with all the requirements of PCI DSS, which are available at https://www.pcisecuritystandards.org.
16.1.3 Report all instances of a data compromise, as defined by PCI DSS, to us immediately but not later than 24 hours from the time you became aware of the incident.
16.1.4 Ensure that identified breaches of the PCI DSS are rectified within six months of the reported breach.
17. Warranties
17.1 By presenting transactions to us for payment, you warrant and continue to warrant the following:
17.1.1 No proceedings have started or are threatened against you that would or could restrain you from entering into the agreement or from providing the goods and/or services.
17.1.2 All statements of fact contained in them are true.
17.1.3 The goods and/or services concerned were supplied at your normal cash price, which does not include additional charges or element of credit.
17.1.4 The transaction between you and a cardholder is legal and conforms to the laws of South Africa.
17.1.5 The goods and/or services supplied in terms of the transactions are not in conflict with the laws of South Africa or the card network rules.
17.1.6 There has been full compliance with the terms of the agreement.
17.1.7 You indemnify us against any claim or liability that may arise from a dispute between you and a cardholder about goods and/or services supplied, with the onus being on you to provide satisfactory evidence to us that the cardholder had authorised the debit from their account.
17.1.8 You indeed supplied the goods and/or services referred to in the transactions to the cardholder at the agreed location and within the agreed period.
17.1.9 You have full capacity and authority to enter into and perform your obligations under the agreement in terms of your constitutive documents and applicable law, and are not subject to any legal or contractual restrictions or limitations in this regard.
17.1.10 You have not been induced to enter into the agreement by any prior representations, warranties or guarantees, whether oral or in writing, except as expressly contained in the agreement.
17.1.11 If you are -
17.1.11.1 a legal person or trust, you are incorporated in terms of the relevant laws of South Africa and registered in line with South African law; or
17.1.11.2 a natural person, you are a South African citizen and domiciled in South Africa or are a permanent resident of South Africa or a foreign citizen holding the necessary permits and visas to conduct business in South Africa; or
17.1.11.3 a partnership, the majority of the partners are South African citizens and domiciled in South Africa and the main business of the partnership is conducted in South Africa.
17.2 In addition to the other undertakings, you unconditionally and irrevocably undertake to do the following:
17.2.1 Inform us promptly in writing –
17.2.1.1 of any alterations to your constitutional documents;
17.2.1.2 of any change in the present shareholding or ultimate beneficial control relating to your voting rights;
17.2.1.3 of any other events or circumstances relating to business rescue proceedings in respect of you or your members or by an affected person as set out in the Companies Act, 71 of 2008 (the Companies Act), or at the instance of the court pursuant to a court order starting business rescue proceedings (whether the proceedings are anticipated, threatened or have started), and immediately provide us with the full details of the proceedings; copies of all relevant documents, including applications, notices of meetings and resolutions, and any steps that you are taking or proposing to take in respect of the proceedings; and
17.2.1.4 if you have received notices from the Companies and Intellectual Property Commission (commission’) in terms of sections 22(2) and 22(3) of the Companies Act.
17.2.2 Deliver to us written notice of a board or members’ meeting of yours to approve a resolution as set out under section 129 of the Companies Act within five business days before the date on which it will held, together with the details of the date and place at which the meeting will be held. You agree that we will be entitled to attend the meeting at our discretion. If we attend the meeting, we will have the right, subject to applicable laws, to be consulted in respect of the appointment of an appropriate business rescue practitioner.
17.2.3 Inform us in writing before entering into a merger, a demerger or an amalgamation. On receipt of this notice we may terminate the agreement immediately.
17.2.4 Comply with section 75 (disclosure of financial interest) of the Companies Act in respect of all agreements you contemplate and, in the event of non-compliance, obtain a ratifying extract from the shareholders.
17.2.5 If applicable, promptly deliver the written notice as set out in section 129(7) of the Companies Act to us.
17.2.6 Promptly comply with the requirements of section 11(3)(b) (RF companies) and section 13(3) of the Companies Act in respect of any special conditions contained in your memorandum.
18. Protection of personal information
18.1 If you have access to, store (including in digital form) or communicate (including any digital communication) personal information relating to the data subjects, you must:
18.1.1 treat the personal information as confidential;
18.1.2 not disclose the personal information to any third party, unless we have authorised the disclosure in writing;
18.1.3 ensure that any person who has lawful access to the personal information has signed a legally binding non-disclosure agreement;
18.1.4 take appropriate, technical and/or organisational measures to ensure the integrity of the personal information and to ensure that it is secured and protected against unauthorised or unlawful processing, accidental loss, destruction or damage, alteration, disclosure or access by –
18.1.4.1 having regard to any requirement in law or stipulated in industry rules or in codes of conduct or by a professional body; and
18.1.4.2 taking all necessary steps to -
18.1.4.2.1 at least every 12 months identify all internal and external risks to the personal information and provide us with a detailed written audit report within 30 days of having completed your investigations, whether the investigations happen as frequently as every 12 months or more frequently;
18.1.4.2.2 implement and maintain appropriate safeguards against the identified risks;
18.1.4.2.3 regularly verify that the safeguards have been implemented effectively and, where there has been a change of your environment regarding cyber or privacy during the tenure of the agreement, provide a written report to us within two days after the change of that environment;
18.1.4.2.4 accord the same levels of privacy and confidentiality for a natural person who is the data subject to a juristic person who is the data subject; and
18.1.4.2.5 comply with any audit requirements that we impose in respect of the personal information.
18.2 Notification of a security breach
18.2.1 You must:
18.2.1.1 notify our information officer or the Nedbank relationship manager by sending an email to privacy@nedbank.co.za (as referred to in the Nedbank Group PAIA (Promotion of Access to Information) Manual posted on our website) immediately but within 24 hours of becoming aware or suspecting any unauthorised or unlawful use, disclosure or processing of personal information; and
18.2.1.2 at your own cost take all necessary steps to mitigate the extent of the loss or compromise of the personal information and restore the integrity of the affected information systems as quickly as possible and -
18.2.1.2.1 give us all the necessary information that we may request pursuant to the security breach and help us meet any regulatory requirements and obligations in respect of the personal information;
18.2.1.2.2 in consultation with us and where required by law notify any legally mandated authority or data subjects; and
18.2.1.2.3 help us (in any format that we may require) comply with any requests for access to personal information from data subjects.
18.3 Permitted processing of personal information
You must process the personal information of data subjects in line with the agreement.
19. Confidential information and data security
19.1 The parties agree and undertake in favour of each other to keep the confidential information confidential, except as permitted (i) by the agreement, (ii) by prior written consent, (iii) by law, or (iv) if the confidential information is in the public domain. The parties will protect each other’s confidential information in the manner of a reasonable person protecting their own confidential information.
19.2 The confidentiality obligations in terms of this clause 19, with respect to each item of confidential information, will start on the date on which the information is disclosed or otherwise received and will endure indefinitely after the termination of the agreement for as long as the confidential information remains confidential.
19.3 Neither party will use or permit the use of the confidential information for any purpose other than for the purpose of the agreement and in particular not to use or permit the use of the confidential information, whether directly or indirectly, to obtain a commercial, trading, investment, financial or other advantage over the other party or otherwise use it to the detriment of the other party.
19.4 The parties will not copy or reproduce the confidential information by any means without the prior written consent of the disclosing party, it being recorded that any copies of the confidential information will be and remain the property of the disclosing party. The parties may disclose confidential information to attorneys or auditors, provided that the disclosure is reasonably required for purposes of conducting that party’s business activities. The party must then ensure that the recipient of the confidential information maintains the confidentiality.
19.5 Each party will ensure that its employees or contractors engaged in terms of the agreement are under an equivalent obligation of confidentiality to that imposed by the agreement on the parties, and will use commercially reasonable efforts to ensure that no employees or contractors will be in breach of that obligation and that any employee or contractor who is in breach is prevented from continuing the breach.
19.6 In the event that either party is required to disclose the confidential information by law, the party receiving the request to disclose information will:
19.6.1 advise the other party prior to disclosure, if possible;
19.6.2 take steps to limit the extent of the disclosure to the extent that it lawfully and reasonably practically can;
19.6.3 afford the other party a reasonable opportunity, if possible, to intervene in the proceedings; and
19.6.4 comply with the other party’s requests as to the manner and terms of the disclosure.
19.7 You may receive or have access to our confidential information and will therefore adopt appropriate technical and/or organisational security measures to:
19.7.1 prevent any unauthorised person from having access to computer systems processing or storing our confidential information, especially with regard to –
19.7.1.1 unauthorised reading, copying, alteration or removal of storage media;
19.7.1.2 unauthorised data input and unauthorised disclosure, alteration or erasure of our stored confidential information; and
19.7.1.3 unauthorised use of data-processing systems by means of data transmission facilities; and
19.7.2 ensure that authorised users of a data-processing system can access only our confidential information to which their access rights refer;
19.7.3 record which of our confidential information has been communicated, when and to whom;
19.7.4 ensure that our confidential information being processed on behalf of third parties can be processed only in the manner that we or the third party has prescribed;
19.7.5 ensure that, during communication of our confidential information and transport of storage media, the data cannot be read, copied or erased without authorisation; and
19.7.6 design your organisational structure in such a manner as to comply with industry best-practice data protection requirements.
19.8 The security measures set out above must be recorded in a plan and must be presented to us on demand.
19.9 The content and existence of the agreement constitute confidential information and must be treated as such.
19.10 The obligations in this clause will endure even if the agreement has been terminated.
20. Intellectual property
20.1 The parties to the agreement acknowledge that all intellectual property rights presently vesting in the respective parties at the date of signature of the agreement will continue to vest in those parties.
20.2 The parties undertake not to use one another’s intellectual property in any publication, advertisement, signage, media, circular or similar medium without the written approval of the other party.
20.3 Any intellectual property that we develop during the subsistence of the agreement for purposes of the services as set out in the agreement will vest exclusively with us.
20.4 We grant you a non-assignable and non-exclusive licence to use the service.
20.5 Subject to any intellectual property rights held by any other third parties, we retain all intellectual property and intellectual property rights in and to all intellectual property in connection with the service and specifically to any Masterpass logos, the Masterpass app, the Merchant Portal and QR codes.
20.6 You may not copy, republish, distribute, adapt, modify, alter, decompile, reverse-engineer or attempt to derive the source code of works or create a derivative of the source code, or otherwise try to reproduce the Masterpass app, the Merchant Portal or QR codes, their respective content, including any intellectual property in the content, their respective designs, any updates to the proprietary features and/or any proprietary features in relation to them, or any parts of them.
21. Regulators’ and our audit rights
21.1 We and/or our agents and/or our internal or external auditors will have the right to audit you at any time to determine whether you comply with the agreement. These audit rights include the right of access to systems, procedures and software; vulnerability testing of systems, procedures and software; and inspection of the physical security of your premises. You will offer reasonable assistance and cooperation to us and/or our agents and/or our internal or external auditors for the carrying out of the auditing exercise.
21.2 To the extent that you engage an independent auditor to carry out an audit of your operations, you agree to provide us with the relevant copies of the audit reports of all those audit exercises on request.
21.3 You acknowledge that as a banking group, we have to comply with directives and guidelines from the South African Reserve Bank (SARB), other regulators and the card networks. Accordingly, any of our regulators, including SARB, will have the same audit rights as set out in this clause 21. If a regulator wants to do an audit of you, you must inform us to the extent allowed in law.
22. Disclaimer
22.1 We will not accept liability for incorrect transaction details you submit to us.
22.2 We do not guarantee uninterrupted availability of the service.
22.3 We do not accept liability for failed transactions if transactions fail for reasons beyond our control, including a telecommunication connectivity failure.
22.4 We do not warrant that the service will be error-free or that the service will perform to any particular standard.
22.5 You use the service at your own risk.
22.6 If you do not notify us of changes to your contact details, we will not be liable for any loss you may suffer if we cannot contact you or if you do not receive notifications or other documents or information from us.
23. Breach
23.1 Unless stated otherwise in the agreement, if either party commits a breach of this agreement and fails to remedy it within seven days of written notice, the notifying party will be entitled to terminate the agreement, without prejudice to any rights that the party may have.
23.2 If (i) a causal event (as defined below) occurs in respect of you; or (ii) you do not adhere to applicable laws; or (iii) you breach any term or condition of any licence, authorisation or consent required for the provision of the services, which breach we, at our discretion, consider to be prejudicial or potentially prejudicial to us, we will be entitled to terminate the agreement and/or any transaction document immediately on written notice to you. The termination will be without any liability to us and without prejudice to any claims that we may have for losses against you.
23.3 For the purposes of the agreement, a causal event is:
23.3.1 a compromise, scheme of arrangement or composition by you with any or all your creditors;
23.3.2 your liquidation, whether provisionally or finally, or the start of business rescue proceedings in relation to your business;
23.3.3 a default or cessation, or a reasonable prospect of default or cessation (as the case may be), of your normal line of business;
23.3.4 the commission of an act or an omission that is an act of insolvency by an individual in terms of the Insolvency Act, 24 of 1936, or the existence of circumstances that would allow for the winding up of your business in terms of the Companies Act and/or in terms of section 68 of the Close Corporations Act, 69 of 1984, as the case may be;
23.3.5 your disposal of a material portion of your undertaking or assets;
23.3.6 any change of control of your business, and this change of control will be accepted to have occurred in circumstances where, subsequent to the start date, any person (whether natural, juristic, or otherwise) acquires the ability, by virtue of ownership, rights of appointment, voting rights, management agreement, or agreement of any kind, to control or direct (directly or indirectly) your board or executive body or decision-making process or management as set out in the Companies Act; or
23.3.7 your conduct or alleged conduct or your association or alleged association to a third party that, at our discretion, could result in reputational risk to us, provided that the causal events will be accepted to be causal events if we consider these events, at our discretion, to be detrimental to you for sound business reasons.
24. Termination
24.1 After expiration of the initial period, you may terminate the agreement on a calendar month’s written notice to us. You will then be responsible for the remaining responsibilities in respect of the services and products that we have delivered and for all losses incurred as a result of your actions and/or omissions.
24.2 We may terminate the agreement (in whole or in part) without cause or incurring liability at any time by giving you at least 30 days’ prior written notice indicating the termination date. Our rights in terms of this clause will not be affected by any force majeure event.
24.3 The termination of one annexure will not affect the validity of any other annexure, unless stated otherwise in the annexure. However, all annexures will terminate when the agreement terminates.
24.4 When the agreement terminates, the clauses in the agreement will continue to apply to transactions that you processed on or before the termination date. Termination of the agreement will not affect any rights and/or obligations of the parties that arose in terms of the agreement on or before the termination date.
25. Jurisdiction
The agreement is governed by the laws of South Africa and all disputes, actions and other matters in connection with it will be determined in line with those laws.
26. Limitation of liability
26.1 If a breach of any of the provisions of the agreement happens, you will be liable to us for all losses that we have sustained as a result of the breach.
26.2 We will not in any way be liable to you or any third party for any indirect, special and/or consequential losses that you or a third party have sustained.
26.3 Neither party’s direct or indirect liability is limited for fraud or theft by it or its employees, death or personal injury caused by you or your employees or authorised subcontractors or any liability arising from a breach or an indemnity given in respect of a party’s obligations, in relation to confidential information, intellectual property rights and applicable law.
27. Force majeure
27.1 No party will be liable to the other for any losses resulting from non-performance of its obligations if and to the extent that the non-performance is caused by events not within the control of that party, provided that the non-performance could not have been prevented by reasonable precautions. ‘Reasonable precautions’ by way of example include making provision for alternative electrical power during temporary electrical power outages so that each party can continue performing its obligations.
27.2 If any event under clause 27.1, at our discretion, substantially prevents performance of the services, we may, at our option: (i) procure the services from another source; or (ii) terminate the agreement or any portion of it without liability. To the extent applicable, the charges payable under the agreement will then be adjusted to reflect the terminated services.
27.3 If either party (invoking party) cannot fulfil any of its obligations in terms of the agreement as envisaged in 27.1 and/or as a result of an act of God, strike, war, riots, fire, flood, legislation, insurrection, sanctions, trade disputes or economic embargo or any similar cause beyond the reasonable control of the invoking party (any event from here is called a force majeure), the invoking party will immediately give written notice of the force majeure to the other party:
27.3.1 specifying the cause and anticipated duration of the force majeure; and
27.3.2 promptly on termination of the force majeure confirming that the force majeure has ended.
27.4 Performance of these obligations will be suspended from the date on which notice is given in terms of subclause 27.3.1 until the date on which notice is given in terms of subclause 27.3.2.
27.5 The invoking party will not be liable for any delay or failure in the performance of any obligation in terms of the agreement or for loss or damage due to or resulting from the force majeure during the period referred to in subclause 27.3 above, provided that:
27.5.1 the invoking party uses and continues to use its best efforts and takes all reasonable steps to perform it obligations and provides the necessary notices as specified in clause 27.3; and
27.5.2 if the force majeure continues for more than 30 days, the other party will be entitled to cancel the agreement on the expiry of the 30 days with immediate effect on written notice. The other party will not be able to claim damages against the invoking party as a result of the delay or failure in the performance of any obligations under this agreement due to or resulting from the force majeure, except as otherwise stated in this agreement.
27.6 The provisions of this clause do not derogate our rights in terms of clause 24.
28. Domicilia and notices
28.1 You choose the physical address as set out in the cover page of this agreement as your domicilium citandi et executandi and, for the purposes of giving or sending any notice through electronic communication, the last email address that you have given us.
28.2 We choose 135 Rivonia Road, Sandown, Sandton, 2196, as our domicilium citandi et executandi and, for the purposes of giving or sending any notice through electronic communication, the last email address that we gave you.
28.3 Any notice addressed to a party at its physical or postal address must be sent by prepaid registered post, delivered by hand or sent by email.
28.4 Any notice will be deemed to have been given and received as follows:
28.4.1 If it was posted, seven days after the date it was posted (or on the next business day if no postal services are available on that day).
28.4.2 If it was hand-delivered, on the day of delivery.
28.4.3 If it was faxed or emailed, on the date of the sending of the fax or email.
28.5 Regardless of anything to the contrary contained in this clause 28, a written notice or communication that a party actually received will be adequate written notice or communication to that party, even if it was not sent or delivered to its chosen domicilium citandi et executandi or in a way provided for in this clause 28.
29. Amendment to the agreement
29.1 During the term of the agreement we may revise and update it or discontinue or otherwise modify (temporarily or permanently) the services and/or any part of your access to it. We reserve the right to make these changes effective immediately if it is necessary to maintain the integrity and security of the services and related systems, and to comply with the card network rules, legislation, regulations and industry requirements.
29.2 The latest version of the agreement and annexures are available on our website and this version will at all times be the agreement that governs our relationship.
29.3 You are obligated to review any changes to the agreement and must contact us if you require clarity on any of the provisions.
29.4 Material amendments to the agreement will be communicated to you through a telephone call, written notice, statement messages or SMSs.
29.5 If you do not agree to an material amendment, you must inform us in writing or telephonically if you want to terminate the agreement within five days after having received our notice.
29.6 If you do not notify us of your intention to terminate the agreement, your continued use of the services after that will serve as confirmation that you have receive adequate notice of the material amendments and have accepted the amended agreement. All transactions processed after material changes have been made to the agreement will be governed by the amended agreement.
30. General
30.1 The agreement, which we may amended from time to time, constitutes the entire agreement between the parties in respect of the subject matter, correctly reflects the intention of the parties and constitutes all arrangements entered into between them.
30.2 A certificate of indebtedness signed by any manager of ours will be regarded as sufficient proof of the particulars included in the certificate for the purposes of provisional sentence, summary judgment or any other purpose.
30.3 No failure, delay, relaxation or indulgence on our part in exercising any power or right conferred on us in terms of the agreement will be a waiver of that power or right, and it will not change or cancel any of the terms and conditions of the agreement.
30.4 Unless expressly stated otherwise, the agreement (in whole or in part), any share or interest in it, or any rights or obligations conferred on you may not be ceded, assigned or otherwise transferred without our prior written consent.
30.5 You acknowledge that, apart from what is recorded in the agreement, we have given no warranty (express or implied) concerning our obligations under the agreement or in respect of any provisions contained in it.
30.6 We will not be liable for any corrupted computer data or vouchers lost in transit, whatever the cause.
30.7 We will be entitled, at our discretion and without notifying you, to consolidate any or all your Nedbank accounts. A partial consolidation will not prevent us from claiming from you any amount excluded in the consolidation.
30.8 We may, for any reason, set off amounts due and payable to us against amounts that we may owe you from any account that you have with us. You must immediately pay to us any net amount that is still payable to us after set-off.
30.9 The terms of the agreement in respect of each part will be accepted as whole, separate, severable and separately enforceable in the widest sense from the rest of the agreement.
30.10 The parties acknowledge that each clause of the agreement is separate. If a clause is or becomes illegal, invalid and/or unenforceable for any reason, it must be treated as if it had not been included in the agreement. This will not result in the remainder of the agreement being illegal, invalid or unenforceable.
30.11 The agreement is subject to the card acquiring rules and regulations of the card networks (as amended).
ANNEXURE 1
POS Terms and Conditions
1. Definitions and interpretation
1.1 You must read this annexure together with the General Merchant Terms and Conditions.
1.2 Words and phrases not defined in this annexure will have the same meaning as assigned to it in the General Merchant Terms and Conditions.
1.3 If there is a conflict between this annexure and the General Merchant Terms and Conditions, this annexure will prevail only to the extent that the inconsistency relates to POS devices and the processes applicable to them.
1.4 In this annexure the words and expressions below mean the following, and you must refer to the definitions in the General Merchant Terms and Conditions as well:
1.4.1 cashback advance |
means the withdrawal of cash by a Cardholder from the Merchant till, which may or may not be combined with a Transaction and subject to the provisions of PASA applicable to Transactions of this nature. |
1.4.2 contactless POS device |
A Nedbank POS device that is enabled to perform contactless payments. |
1.4.3 DCC |
Dynamic Currency Conversion, which is the system that enables you to process foreign transactions. |
1.4.4 DCC participation payment |
The payment we make to you for participating in DCC. |
1.4.5 delivery address |
Your address or addresses where we must deliver the equipment as specified in the merchant application form. |
1.4.6 foreign card |
A card that is issued by a bank outside South Africa, is held by a foreign cardholder and holds foreign currency. |
1.4.7 foreign currency |
The currency other than South African rand in which a foreign cardholder’s account is denominated. |
1.4.8 foreign transaction |
The process where a foreign cardholder presents a foreign card at your POS device to pay for a purchase and the local currency is converted to the foreign currency at an exchange rate that Reuters determines. You will receive settlement of the foreign transaction in South African rand. |
1.4.9 EMV |
A payment method that is named after Europay, Mastercard and Visa and that enables card issuers, retailers and consumers to use chip cards and POS devices with added security. |
1.4.10 equipment |
A POS device, PIN entry device (PED) and other peripherals, including communication equipment such as a SIM, a Wi-Fi router or similar equipment, that we supply to enable the equipment to work. |
1.4.11 maintenance period |
The period between the delivery date of the equipment and the date of its return. |
1.4.12 merchant supervisor card and/or PIN |
The card(s) or PIN(s) that we issued to you and that gives you access to the supervisor functions of the POS device. |
1.4.13 MOTO Merchants |
Means a Merchant who processes MOTO Transactions and who is approved as such by the Bank |
1.4.14 MOTO transactions |
means a mail-order, or telephone-order transaction, in terms of which a cardholder orders goods or services from a MOTO merchant by way of mail or telephone. Neither the card nor the cardholder is present at the MOTO merchant’s premises when the transaction is processed and processed by way of manual entry. |
1.4.15 petrol card and/or garage card and/or fleet card |
A card that is issued specifically to buy petroleum products and/or to pay for repairs and maintenance (in the case of a garage card). |
1.4.16 petroleum products |
Petrol, oil, oil additives, lubricants, diesel, paraffin, power paraffin, petroleum additives and other similar motor products. |
1.4.17 petrol sales voucher |
A sales voucher that you issue for petroleum product sales. |
1.4.18 POS device |
An imprinter and/or point-of-sale device and/or PIN entry device that is used for processing card transactions. |
1.4.19 POS agreement or POS terms and conditions |
This annexure, which sets out the terms and conditions applicable to the use of POS devices, including any addenda, annexures or schedules attached or to be attached to it. |
1.4.20 PocketPOS |
The PocketPOS app that is downloaded from an app store. It may include the card acceptance device that is optional and at an additional cost. The PocketPOS app offers tap-on-phone contactless payment acceptance and Masterpass QR code acceptance functionalities on compatible mobile devices. The optional card acceptance device offers card swipe and EMV transactions. |
1.4.21 Replaceable Value |
means the value of parts of the POS equipment that can be replaced without discarding the device in its entirety. |
1.4.22 rental fee |
The monthly fee that you must pay us to use the POS device, as set out in the merchant application form. |
1.4.23 SIM |
Security identity module, which is a security device that may be an integral part of or used in conjunction with the POS device and which enables the POS device to communicate via mobile communication data networks. |
2. Duration
2.1 This annexure will endure for the same period as the agreement. If the agreement is terminated, the annexure will also terminate.
2.2 If you terminate this annexure for any reason within the initial period, we will be entitled to debit your nominated account with the rental fee, including VAT, multiplied by the number of months remaining in the initial period, which you agree is a reasonable cancellation penalty.
3. Card payment acceptance
3.1 You undertake to clearly display all payment acceptance promotional material that we give to you. You also undertake to replace or remove the material immediately when we ask you to do so. The promotional material contains intellectual property that is proprietary to us or the card networks, and you may not use the intellectual property for any purpose other than the ones we have prescribed.
3.2 You may accept and process only cards that are:
3.2.1 genuine, signed, correct and valid;
3.2.2 issued by a bank or a card issuer in its original form;
3.2.3 not rejected by the POS device;
3.2.4 contactless cards for the purpose of processing contactless payments;
3.2.5 authorised for use by us; and
3.2.6 presented by the cardholder.
4. Your procedures
4.1 You may use a POS device and POS promotional material only as we or our appointed agents have supplied them.
4.2 Before concluding a transaction, you must ensure that the process set out in clause 5 is complied with.
4.3 You specifically accept responsibility for and assume all risk relating to fraudulent transactions, even if the card concerned does not appear on the hot-card file.
4.4 You must compare the number on the card with the number that the POS device printed on the sales voucher. If the numbers differ, you must contact the Nedbank Card Authorisation Department on 0860 321 222 for instructions.
4.5 When a cardholder presents a non-PIN-driven magnetic-strip card, you must ensure that the cardholder signs the sales voucher generated via POS device. You must then compare this signature with the specimen signature in the signature panel at the back of the card.
4.6 If the POS device cannot read the electronic magnetic strip and/or chip, you must follow the provisions applicable to manual transactions, and only to the extent that we permit you to do so.
4.7 You must also make sure that each sales voucher includes the transaction date and enough information to identify the transaction.
4.8 You must keep your sales vouchers for at least three years from the transaction date in a way that will ensure their clarity. If we require a copy of a sales voucher for any reason, you must respond to our request within seven days.
4.9 In the case of card payments you may not charge more than your normal cash price for the goods and/or services.
4.10 You may not sell, store, provide, exchange or divulge any information relating to the card and/or the cardholder.
4.11 You may not allow a cardholder to split transactions or carry out multiple card transactions on one day if the total value of these transactions would exceed your floor limit. You may also not charge parts of a single transaction on different dates to bypass authorisation or take any other measures that would have this effect.
4.12 No manual entry is allowed, unless you have received our prior written consent, which we will give at our discretion and on conditions that we will determine. You specifically accept responsibility for and assume all risk relating to the processing of manual transactions and any related chargebacks.
4.13 Card transactions must be processed as follows:
4.13.1 The cardholder must be present when the card is being processed and verify the transaction by entering their valid PIN into the POS device or PED.
4.13.2 Transactions may be processed online only by the customer’s swiping the debit card through the POS device. You may not process debit card transaction manually by using imprinters or other devices.
4.13.3 Under no circumstances may you ask the cardholder to give you their PIN.
4.13.4 You must ensure that card transactions are performed in a secure environment.
4.13.5 You may process refunds to the card only by using the reversal option. This reversal of an online card sale must be in relation to a sale processed during the same day in the same batch.
4.14 EMV chip card transactions must be processed as follows:
4.14.1 The cardholder must be present when the card is being processed and verify the transaction by entering their valid PIN into the POS device or PED.
4.14.2 Transactions may be processed online or offline by the customer’s inserting the chip card into the POS device.
4.14.3 You must ensure that chip card transactions are performed in a secure environment.
4.15 An EMV transaction will be incomplete:
4.15.1 if the card is taken out of the device slot before the transaction has been completed; and/or
4.15.2 if the chip technology fails during the transaction; and/or
4.15.3 if the telecommunications are interrupted during the transaction flow.
4.16 Contactless payments:
4.16.1 may be processed on a contactless POS device only;
4.16.2 must be processed online;
4.16.3 may not always be subject to chargebacks and any incorrect contactless payment must be refunded to the cardholder in terms of clause 11 of the General Merchant Terms and Conditions;
4.16.4 are subject to your floor limit, which we may review at our discretion; and
4.16.5 over a prescribed amount will require the cardholder to enter a PIN.
4.17 You are responsible for the control and use of the merchant supervisor card(s) and/or PIN(s) and indemnify us against and agree to hold us harmless from any direct or indirect damage, loss, claims, costs and expenses incurred or suffered by us as a result of or in connection with the use of the merchant supervisor card(s) and/or PIN(s).
4.18 You will under no circumstances be allowed to store the PIN(s) and any track 2 information.
4.19 You must refund the cardholder in the case of:
4.19.1 damaged goods;
4.19.2 no proof of delivery; or
4.19.3 incorrect delivery of a specified order.
4.20 Regardless of the provisions of clause 4.19, you may be required to refund the cardholder as required in terms of relevant legislative provisions.
4.21 You may under no circumstances keep or make a permanent record of the following card information pertaining to a particular card: CVV2/CVC2/4DBC number and the expiry date of the card and the card number, as this is in direct violation of PCI DSS rules. All fines imposed by card networks as a result of this violation will be charged to you.
5. Authorisations
5.1 You must present all transactions to us for authorisation at the time of the transactions by:
5.1.1 having the card with a magnetic strip swiped;
5.1.2 having a chip card inserted into the POS device and the cardholder key in the PIN;
5.1.3 having a contactless card tapped onto a POS device; or
5.1.4 having the security prompts followed for other cards and/or any other payment mechanisms as developed from time to time.
5.2 You may not override a transaction by requesting voice authorisation from us if your request for authorisation of the transaction was declined electronically.
5.3 You may not process a fallback transaction to avoid processing the card by using the POS device.
5.4 You may not force through transactions by swiping the supervisor card or PIN without obtaining a valid authorisation code.
5.5 You must ensure that the card that the cardholder presents to you has not expired.
5.6 You must obtain the signature of the cardholder on the sales voucher (if the sales voucher requests you to do so) and give a legible copy of the sales voucher to the cardholder. You must compare the signature on the back of the card with the signature on the sales voucher. If the signatures do not match, you must obtain a code 10 authorisation from us irrespective of the transaction amount. This provision does not apply to chip cards, except where a chip on a chip card has been damaged and a fallback transaction is processed.
5.7 If one or more of the abovementioned requirements are not met, the transaction in question will be regarded as an invalid transaction and we may terminate the agreement immediately on notice to you and apply set-off, apply net settlement and/or debit your nominated account with the value of the losses.
6. Garage and petrol cards
6.1 These card types may be accepted only if you conduct one or more of the following businesses:
6.1.1 Sale of petroleum products.
6.1.2 Sale of motor accessories and motor spares.
6.1.3 Repair and maintenance of motor vehicles.
6.1.4 Payment of toll fees.
6.2 The following additional procedures will apply when a petroleum product sale is performed:
6.2.1 Only petrol sales vouchers must be used to record petroleum product sales.
6.2.2 You must ensure that the registration number of the motor vehicle for which the petroleum products have been purchased and the signature of your attendant appear on the petrol sales vouchers.
7. Hot-card file
7.1 You must ensure that the POS device is at all times charged and connected to a communication network in order for it to receive and download the latest updates and to update the hot-card file lists.
7.2 If the POS device identifies a particular card as being present on a current hot-card file, you may under no circumstances attempt to process a transaction against that card.
7.3 You undertake to take all reasonable steps at all times to ensure that each card presented is not listed on the hot-card file.
7.4 You agree that you will remain responsible for and assume all risk in relation to fraudulent transactions, regardless of the fact that the cards used for these transactions may not appear on the hot-card file.
8. Rental
8.1 You agree to rent the equipment from us or any of our authorised agents for the rental fee as set out in the merchant application form.
8.2 You may not defer or withhold payment of any rental fee or other fee or amount due to us, whether on the basis of set-off or counterclaim or for any other reason.
8.3 If we terminate the agreement and you dispute the termination, you must continue to pay all rental fees (including VAT) to us on the due date. Our acceptance of these rental fees will be without prejudice to our right of termination, though disputed, or any other claim or right that we may have in relation to you. Without prejudice to any other rights and remedies that we may have against you in terms of the agreement or in law, any arrear rental fees or other amounts due and payable by you will be subject to interest at the prevailing maximum interest rate permitted by law (as certified by any manager of ours). This interest will be calculated from the due date of payment of the amount to the date you actually pay the amount (both days inclusive), and must be paid together with the amount in arrears.
8.4 The basic monthly rental fee will be debited to your nominated account once a month. We will, at our discretion, be entitled to amend the rental amount on giving you prior notice of the new rental.
9. Equipment and its use
9.1 The equipment will be delivered to the delivery address set out in the merchant application form.
9.2 You must, at your own cost, provide telecommunication equipment to link the equipment to our systems.
9.3 We may supply SIM cards and you may rent these SIM cards from us together with the associated POS device.
9.4 Unless you engage in business activities that require the POS device to be removed from your premises, the equipment may not be removed from the delivery address or relocated anywhere else without our prior approval.
9.5 We will not be liable for any telecommunication failures.
9.6 You must always keep the equipment fully charged (where applicable) and in a safe place at the delivery address. You must also ensure that the equipment is used with due skill and care, and only in the way and for the purpose that it was designed and intended for, in line with your business as specified in the agreement.
9.7 You may not alter or modify the equipment. All replacement parts used in or attached to the equipment are regarded as being part of the equipment and remain our property.
9.8 You must ensure that the equipment is always operated in line with the law.
9.9 You may not sell, assign, mortgage, encumber or otherwise dispose of, deal with, or part with the equipment (or any interest in it) under the agreement or attempt to do so without our prior written consent.
9.10 Subject to your compliance with all your obligations in terms of the agreement, we will maintain the equipment for the duration of the maintenance period to the extent provided for in the agreement.
9.11 You must give us and our agents, contractors and subcontractors access to your premises at all reasonable times (including, by arrangement, access after business hours) to inspect, deliver, maintain, repair or replace the equipment.
9.12 You must ensure that the equipment has a constant supply of power insofar as it is within your control in order for the equipment to update vital information, which includes the hot-card file, daily.
9.13 If we suffer any damages because you directly or indirectly abused the equipment, we will debit the cost of those damages to your nominated account, together with any other associated costs.
9.14 Regardless of whether the equipment is delivered to you, we will always keep ownership of the equipment.
9.15 All risk relating to the equipment, including loss of, damage to or destruction of the equipment arising from any cause (including acts of God) will pass to you on delivery of the equipment and remain yours until you return the equipment to us.
9.16 Insurance
9.16.1 With effect from the delivery date you must take out insurance for the equipment with a registered insurer for the market value, which we will stipulate from time to time, against risks of loss, theft, damage or destruction. You must ensure that our respective rights and interests are noted on the insurance policy. Refer to annexure B for the market value.
9.17 Return of equipment
9.17.1 You must return the equipment and stationery to us in good condition, fair wear and tear excepted, together with all licences, permits and instruction manuals relating to it. If you do not return the equipment and stationery to us within seven days of the termination of the agreement, you will be liable to us for its market value and other related costs.
9.17.2 If the equipment is not returned in a condition that is acceptable to us, the full market value of the equipment or the value of the replaceable part will be debited to your nominated account. A certificate signed by a manager of the Nedbank Card Division will be sufficient proof of this value.
9.18 Our obligations
9.18.1 We will supply you with the necessary stationery and promotional material.
9.18.2 We will provide you with the necessary training to use the equipment.
9.18.3 We will maintain and service the equipment, subject to clause 9 and the agreement.
9.18.4 We will ensure that the hot-card files are systematically updated on the POS device.
10. Granting of licence and terms of use of pocketpos
10.1 We grant you a licence to install and download the PocketPOS app and to access and use the PocketPOS services available via the PocketPOS app on a compatible mobile device or any other portable communication device (mobile device) that you lawfully own and/or control for your personal use only. This licence is not exclusive and we will allow other users to download the PocketPOS app. The licence is limited to use by you alone and you cannot transfer it.
10.2 You may use the PocketPOS services only for legal purposes, and you may not allow a third party to use the PocketPOS services.
10.3 You must not, or allow or cause any third party to:
10.3.1 tamper, decompile, edit, reverse-engineer, disassemble, attempt to derive the source code of or modify the PocketPOS services, or use the PocketPOS services to develop software applications functionally similar to those available via the PocketPOS app;
10.3.2 use or exploit the PocketPOS app for commercial gain under any circumstances or copy the PocketPOS services, except as may be expressly allowed in terms of the agreement;
10.3.3 sublicense, distribute, export or resell the PocketPOS services (in whole or in part) or otherwise transfer any rights in the services;
10.3.4 remove any proprietary or intellectual property rights notices or labels that appear on the PocketPOS services or that appear on or are used in relation to the mobile services; or
10.3.5 exercise any other right to the PocketPOS services not expressly granted in the agreement.
10.4 You must ensure that you download and use the latest version of the PocketPOS app. If you do not install the latest version of the PocketPOS app, the mobile services may not function correctly or you may experience security and/or data flaws, for which we will not be liable under any circumstances.
10.5 If you download the PocketPOS app from a mobile app store, you may be required to comply with and will be bound by terms and conditions prescribed by the mobile app store. The terms and conditions are separate to and specifically do not form part of the terms contained in the agreement.
10.6 Mobile device requirements and related security obligations
10.6.1 We do not warrant that the PocketPOS services will be compatible with or that they will operate with every type of mobile device.
10.6.2 You acknowledge that the display, layout, look and feel of the content of the mobile services may differ depending on the mobile device being used to access the mobile services.
10.7 You acknowledge that, for the PocketPOS app to load and/or to function, you are fully responsible for the following:
10.7.1 Ascertaining whether your mobile device is appropriate and compatible for operation of the PocketPOS services.
10.7.2 The continued functionality of the mobile device on which the PocketPOS app has been installed and downloaded, including for ensuring that the mobile device is (i) in good working order; (ii) at all times updated to run on the latest version of your operating system; and (iii) operating in line with the relevant mobile device manufacturer’s specifications.
10.7.3 The mobile device that you use to access the mobile services. We will not be responsible for and we disclaim any liability for losses that may arise due to any defect in the mobile device. You agree that you will (i) not leave your mobile device unattended or accessible in any way by any third party while you are still logged in to the mobile services; (ii) not save your access details to your mobile device; and (iii) immediately inform us of any fraudulent or unauthorised use of the mobile services by a third party.
10.7.4 If your mobile device is lost or stolen, informing us immediately by contacting the Merchant Service Desk. You acknowledge that you will remain responsible for all transactions that may be processed via the PocketPOS services up to the time that you report the loss or theft to us.
10.8 Third-party telecommunications
10.8.1 You acknowledge that (i) we will not be responsible for any mobile operator’s or service provider’s network and/or Wi-Fi (wireless internet access) connectivity preventing or negatively impacting your access to the mobile services; and (ii) your mobile device network operator (cellphone service provider) or internet service provider may charge you for access and use of the mobile services via a mobile network or Wi-Fi connection, and you will be solely responsible for these charges.
10.8.2 The use of the PocketPOS services is in addition to and not in substitution of other online channels that we provide. You acknowledge that the PocketPOS services are subject to downtime (times when the services are of necessity not available) and that we may, from time to time, fully or partially interrupt access to the PocketPOS services, whether for maintenance purposes or otherwise. You may be able to use other banking channels if the PocketPOS services are interrupted.
11. Ownership and intellectual property
11.1 We own all right, title and interest in and to PocketPOS and all information, documents and proprietary products made available via the PocketPOS app. No licence or other right or interest in or to the PocketPOS is granted to you, except for the licence rights specifically set out in the agreement.
11.2 You may not in any way duplicate or reproduce the PocketPOS and information, documents and proprietary products made available via the PocketPOS without our express prior written consent.
11.3 In respect of third-party software (such as operating systems and internet browsers) that you may use to operate or use the PocketPOS, you acknowledge that we are not a party to any third-party software licence agreement that you enter or have entered into with a third-party software licensor. We provide no warranties regarding the software, including warranties relating to the suitability for a particular purpose, security features or performance. You acknowledge that you use third-party software at your own risk and indemnify us against and hold us harmless from any and all loss or damage that you may suffer as a result of the use, abuse or possession of third-party software.
12. Masterpass
12.1 Cardholders can use the Masterpass app to scan QR codes to pay for purchases.
12.2 Cardholders can perform transactions by either scanning the QR code or manually entering the numeric code linked to the QR code into the Masterpass app.
12.3 All transactions will be authenticated either by 3D Secure, AMT or another accepted authentication method.
12.4 As it relates to the Masterpass services, you agree that you will:
12.4.1 be responsible for implementing and managing appropriate security measures to prevent invalid and fraudulent transactions;
12.4.2 display all promotional material that we give to you to indicate that you accept Masterpass transactions, and to replace or remove this material immediately when we ask you to do so;
12.4.3 use the Merchant Portal with the necessary care and not allow any unauthorised persons access to it; and
12.4.4 use the Masterpass service, Merchant Portal, and any new capabilities that we introduce in a diligent way and with the necessary care.
12.5 As it relates to the Masterpass services, we will:
12.5.1 provide you with the necessary training so that you can use the Masterpass services;
12.5.2 keep you informed of any changes to the Masterpass services that may affect you or your ability to use the Masterpass services; and
12.5.3 use reasonable efforts to remedy non-performance, defects or errors to the extent that the Masterpass services fail to perform or if any defects or errors become apparent.
The clauses below set out additional functionality that may be activated on your POS device and for which additional fees may be charged to you. This additional functionality is not automatically activated on your POS device and you need prior application and approval from us before we enable it:
13. Manual entry facility
13.1 You must apply to us for a manual entry facility and in that application process provide us with all the documents and information that we request. We will determine our approval of a manual entry facility at our discretion.
13.2 You may not process manual transactions without our prior written permission.
13.3 A manual entry facility can be separated into two processes, as set out in clauses 13.4 and 13.5 below, and in both cases the provisions in 13.1 and 13.2 will apply.
13.4 Manual PAN entry facility
13.4.1 We reserve our rights to deactivate the manual entry facility on your profile at any time and without notice to you and, if necessary, remove the equipment and terminate the agreement.
13.4.2 When processing manual entry transactions, you must do the following:
13.4.2.1 Ensure that the POS device is charged at all times.
13.4.2.2 Ensure that the POS device is connected to a communication network at all times in order for it to receive and download the latest updates.
13.4.2.3 Ensure that manual entry transactions are processed online.
13.4.3 Manual entry transactions carry risks to you, including:
13.4.3.1 your being non-compliant with processing requirements set out above and in the rules;
13.4.3.2 the manual entry transaction being considered an invalid and/or fraudulent transaction;
13.4.3.3 the manual entry transaction being charged back to you; and
13.4.3.4 their resulting in losses to you, which will include foreign exchange loss, and their possibly being debited from your nominated account.
13.4.4 By successfully applying for the manual entry facility and/or processing manual entry transactions, you acknowledge and understand the risks set out above and accept the risk and full liability for all manual entry transactions.
13.5 Manual PAN entry and voice authorisation
13.5.1 You may try voice authorisation if a manual PAN entry, due to a communication or other technical failure, was not completed after the POS device tried to request online authorisation.
13.5.2 Voice authorisation is when, after this failure has happened, you phone the Merchant Support Desk to request and do receive authorisation for the transaction.
13.5.3 You must enter the authorisation number on the POS device to complete the transaction.
13.5.4 If it is found that you intervened in any way to prevent the POS device from obtaining authorisation during the manual PAN entry process, we will view this conduct as a material breach of the agreement and may terminate the agreement immediately. You will then be liable for any losses that we may suffer as a result of the breach or the resultant authorisation granted for the transaction.
13.5.5 You will not be able to dispute any chargebacks for manual entry facility transactions, irrespective of the card presented for payment.
14. Moto transactions
14.1 If you perform MOTO transactions, you must do by using manual PAN entry.
14.2 A MOTO merchant may process MOTO transactions only with our written consent. We will give this consent at our discretion.
14.3 A MOTO merchant must enter the following information into the POS device to obtain authorisation:
14.3.1 The card number.
14.3.2 The expiry date.
14.3.3 The CVV2/CVC2/4DBC number.
14.4 The MOTO merchant must write on the sales voucher the cardholder’s name and account number and the address to which the goods were dispatched or the date on which the services were rendered. The MOTO merchant must also label the sales voucher a MOTO transaction and ensure that it is signed by the MOTO merchant (or authorised official) in the cardholder’s signature block on the sales voucher. The MOTO merchant must keep the order form with the cardholder’s signature and attach it to the POS-device-generated sales voucher. The MOTO merchant will be liable for the amount reflected on the sales voucher if the cardholder subsequently repudiates or disputes any MOTO transaction.
14.5 This clause 14 is applicable to Visa and American Express Cards only, as no manual entry transactions can be processed on Mastercard cards.
15. Cashback advance
15.1 This clause is not applicable to the acceptance of fleet cards and the processing of fleet card transactions.
15.2 We or PASA determine or will determine the limits applicable to the maximum amount of cash that a cardholder may withdraw at a particular time or any day.
15.3 A cashback advance may not be processed through manual entry.
15.4 You are allowed to process cashback advance transactions on domestic Mastercard and Visa cards only.
15.5 You may not reverse or refund cashback advance transactions on debit cards. You must refund the cardholder in cash.
15.6 When using cashback advance, you must do the following:
15.6.1 Process all cashback advance transactions electronically on the POS device as purchases.
15.6.2 Apply for authorisation for all cashback advance transactions, regardless of your floor limit.
15.6.3 Allow us to conduct random mystery shopper exercises or checks at your store.
15.7 Important notice: Tax Implications
15.7.1 We recommend that you obtain independent professional advice regarding any tax implications arising from the acceptance and processing of cashback advance transactions.
15.7.2 You are fully responsible for any tax implications arising from the acceptance and processing of cashback advance transactions.
15.7.3 You agree that you will not hold us liable and you indemnify against us fully and hold us completely harmless from all losses that arise from processing cashback advance transactions.
15.7.4 You agree and acknowledge that you will not issue a tax invoice, credit note or debit note in respect of the taxable supply of goods and/or services if we have issued a tax invoice, credit note or debit note.
15.8 Cashback advance is a value-added service that can go together with use of the POS device and its primary function is accepting card payments. Therefore, you may not use the POS device to process only cashback advance transactions.
15.9 If the cashback advance facility is abused, we may terminate the facility and levy penalties, and you would be liable for any losses we incur.
15.10 You will be liable for any fraudulent transactions and associated chargebacks that arise from cashback advance transactions.
16. DCC
16.1 In terms of DCC, a foreign transaction will be converted to the foreign currency at the current exchange rate when the foreign transaction is authorised.
16.2 A foreign transaction, as converted, will be cleared through the card networks in the foreign currency in which the cardholder’s account is denominated.
16.3 DCC applies only to those cards issued by card networks that currently subscribe to DCC (Visa and Mastercard) and will apply to those cards issued under the brands of other card networks when they subscribe to DCC in future.
16.4 DCC does not apply to refunds, certain foreign currencies and MOTO transactions.
16.5 Fees and charges for DCC
16.5.1 For valid and completed foreign transactions we will pay you DCC participation payments, which transactions will exclude, among others, foreign transactions that are refunded or charged back for any reason.
16.5.2 We will pay you DCC participation payments in an amount equal to a percentage, as set out in the merchant application form, of the amount of foreign transactions settled on your behalf using DCC, calculated in South African rands before any conversion of the foreign transaction by using DCC.
16.5.3 We will make the DCC participation payments in South African rands by the end of the calendar month following the month in which a foreign transaction was processed.
16.5.4 The DCC participation payment is applicable to supported currencies only and does not apply to all foreign cards.
16.6 Our rights and obligations
16.6.1 We reserve the right to add, delete or suspend any currency to or from DCC, as the case may be, at any time without notice to you.
16.6.2 We may terminate or suspend DCC for any reason after we have given you notice.
16.7 Your rights and obligations
16.7.1 You must comply with all reasonable instructions we provide pertaining to your participation in DCC.
16.7.2 You must follow DCC procedures, which may change from time to time.
16.7.3 You must always offer foreign cardholders the choice of participating in DCC and may not default any transaction to a foreign transaction or force a foreign cardholder to use DCC for their transaction.
16.7.4 You must present foreign transactions timeously, which is normally within 24 hours of your having processed them.
16.7.5 You agree to make the reasonable modifications as we may request to increase the likelihood of foreign cardholders choosing DCC.
16.7.6 You agree that you will display marketing collateral, as we deem necessary, to create the necessary awareness of DCC among cardholders.
16.7.7 You must ensure that all affected parties complete the DCC training that we provide.
16.7.8 You must pay all fines and penalties imposed by card networks if you have violated any DCC rules and regulations. You will also be liable for any loss suffered as a result of your non-compliance with this annexure or non-delivery of any obligations related to it when using DCC.
16.8 Refunds
16.8.1 You must follow the refund procedure for foreign transactions as explained in the agreement, unless you use a POS device that cannot process refunds in foreign currency in the way that we require.
16.8.2 A refund to a foreign cardholder’s account, reflecting either the partial or complete cancellation of a foreign transaction, will be converted to foreign currency through use of the current exchange rate when you present the credit (refund), and that credit, as converted, will be cleared through the applicable card network in foreign currency. If that support is not in place, the credit or refund foreign transaction will be processed in South African rands and will always be subject to applicable card network rules.
16.9 Chargebacks
16.9.1 A foreign transaction for which you fail to give the holder of a foreign card the choice to use DCC as described in this annexure may be subject to a chargeback as defined in the agreement.
16.9.2 The applicable card network will transmit to us in foreign currency a chargeback incurred in connection with a foreign transaction and convert it io South African rands at that card network’s designated foreign exchange rate.
16.9.3 If a cardholder successfully disputes a foreign transaction, you will be liable for the DCC participation payment as well as the full commission that we and DCC service provider charge for that specific foreign transaction.
ANNEXURE 2
E-commerce terms and conditions
1. Definitions and interpretation
1.1 You must read this annexure together with the General Merchant Terms and Conditions.
1.2 Words and expressions, not expressly defined in this annexure will have the same meaning as in the General Merchant Terms and Conditions.
1.3 If there is a conflict between this annexure and the General Merchant Terms and Conditions, this annexure will prevail only to the extent that the inconsistency relates to e-commerce transactions.
1.4 In this annexure the words and expressions mean the following, and you must use refer to the definitions in the General Merchant Terms and Conditions as well:
1.4.1. authentication |
The process of verifying that a person making an e-commerce purchase is entitled to use the card tendered for payment. |
1.4.2. authorisation, authorised |
The issuing bank confirming that there is enough money available on the card or in the account linked to the card, allowing a transaction to be processed. If the issuing bank indicates that there is not enough money available, the transaction will be declined. |
1.4.3. card network |
An entity that operates a card network engaged in the business of issuing cards as a payment method, including Mastercard International, Visa International, Diners Club International, American Express, Union Pay International (UPI), the Buy Aid associations, and any other entities operating another card network that may exist. |
1.4.4. CAVV |
Customer authentication verification value, the three-digit number on the back of a card. |
1.4.5. ECI |
Electronic-commerce indicator, a two- or three-digit code issued by the card networks or us to notify you of the authentication of the cardholder and the status of the cardholder’s issuing bank under 3D Secure. |
1.4.6. internet |
The collection of local area networks, wide-area networks and third-party networks that all use the same protocol (namely TCP/IP) to form a packet-switched network, colloquially referred to as the internet, and accessible by any person or business through an internet service provider. |
1.4.7. liability shift |
The burden of proof for qualifying e-commerce transactions from us and you to the issuing bank. This shift of liability applies only in cases where the dispute relates to cardholder authentication in processing the transaction. No shift of liability occurs if the dispute relates to the actual provision of goods or services or their quality. Liability shift applies when you are enrolled in the 3D Secure programme. |
1.4.8. M-commerce |
An e-commerce Transaction performed through wireless and/or mobile electronic media. |
1.4.9. merchant portal |
As it relates to Masterpass, the interface on your device that enables you to, among others, check transactions and access reports. |
1.4.10. merchant server plug-in, MPI |
A component that is incorporated into your web storefront and performs functions related to Verified by Visa and SecureCode on your behalf. |
1.4.11. message |
An electronic communication from your server to the payment gateway or vice versa in a format that we prescribe. |
1.4.12. payer authentication request, PAReq |
A message sent from the MPI to the issuing bank’s Access Control Server (ACS) (via the cardholder’s browser) requesting the authentication of the cardholder. |
1.4.13. payer authentication response, PARes |
A message formatted, digitally signed and sent from the issuing bank’s ACS to the MPI (via the cardholder’s browser), providing the results of the issuing bank’s authentication of the cardholder. |
1.4.14. payment gateway |
A service provider that specialises in providing web-based secured e-commerce services and with whom you contract to receive these services. |
1.4.15. payment gateway network |
The information technology network of the Payment Gateway (connected between its entry and exit core routers), which includes routers, switches, firewalls, cabling, Payment Gateway software and any other hardware, software and infrastructure that forms part of it or is related to it. |
1.4.16. SecureCode |
The Mastercard 3D Secure programme. |
1.4.17. UCAF/ECI |
Universal cardholder authentication field or e-commerce indicator, which identifies an internet transaction. |
1.4.18. Verified by Visa |
The Verified by the Visa 3D Secure programme. |
2. Duration
This annexure will endure for the same period as the agreement. If the agreement is terminated, the annexure will also terminate.
3. E-commerce card payment acceptance
3.1 You must be enrolled in the 3D Secure programme.
3.2 You must process e-commerce transactions in line with the prevailing 3D Secure measures.
3.3 If you process e-commerce transactions that are not protected via 3D Secure, you will be liable for all losses (and fees that we or the card networks levy) arising as a result of this non-compliance.
3.4 E-commerce transactions that are processed via 3D Secure will result in a liability shift. However, the following transactions under the following circumstances will have no liability shift:
3.4.1 An e-commerce transaction is processed on a business or corporate card that is a Mastercard or Visa card. You will remain liable for all disputed e-commerce transactions when these cards are used.
3.4.2 3D Secure authentication is unavailable or unsuccessful and you choose to proceed with the transaction, or your infrastructure and/or systems or your payment gateway fails when you attempt a transaction.
3.5 You acknowledge that, if an issuing bank receives an authorisation request for an e-commerce transaction from a 3D Secure-enabled merchant and finds that the transaction has not been processed as a 3D Secure transaction, then the issuing bank is entitled to and will claim a greater interchange rate for that transaction. The merchant service commission payable by you in this case will be higher and we may choose to levy further penalties on these transactions.
3.6 If it is discovered that you are not applying 3D Secure processes to transactions either routinely or periodically, we reserve the right to increase the merchant service commission retrospectively from the time it is evident that the 3D Secure processes are not consistently applied. We will also have the right to claim any resultant and/or related fines or penalties levied by the relevant regulatory bodies and/or terminate the agreement.
4. Your obligations
4.1 You must adhere to the following provisions when processing e-commerce transactions:
4.1.1 Operate this facility only within our jurisdictional territory.
4.1.2 Ensure that your website complies with the provisions as prescribed by the card network rules.
4.1.3 Install or integrate into your website software, internet infrastructure and processes that enable electronic data to identify you and the cardholder by verifying you and the integrity of the message.
4.1.4 Ensure that your website, server, internet infrastructure, policies and procedures adhere to our minimum requirements.
4.1.5 Implement hardware or software that we prescribe to limit or reduce fraud.
4.1.6 Notify us of any changes relating to your payment gateway or your website.
4.1.7 Ensure that the information printed and completed on the delivery note and/or proof of dispatch is true and correct.
4.2 You must display the following information on your website:
4.2.1 The Visa and Mastercard brand mark in full colour to indicate Visa and Mastercard acceptance, as specified in the respective Visa and Mastercard product brand standards.
4.2.2 A complete description of the goods and/or services offered.
4.2.3 The applicable returns or refund and cancellation policies, which must:
4.2.3.1 clearly stipulate to the cardholder where the return of goods or cancellation of services are restricted;
4.2.3.2 be clearly disclosed to a cardholder before final payment; and
4.2.3.3 be accepted and/or agreed to by the cardholder through positive conduct such as clicking on a ‘Click to accept’ button or marking a checkbox on your website. The cardholder must not be requested to make payment unless they have accepted the returns or refund and cancellation provisions. You may provide any other evidence that proves the cardholder’s acceptance, eg a cardholder-signed copy of the returns or refund and cancellation provisions or the cardholder’s return email accepting the returns or refund and cancellation provisions.
4.2.4 Your contact details, which include a contact name, telephone number, physical address of your permanent establishment, and email address.
4.2.5 Transaction currency [only South African rand (ZAR) is allowed].
4.2.6 Your delivery policy.
4.2.7 Your data privacy policy.
5. Authorisations
5.1 You must follow the procedure below when presenting an e-commerce transaction for authorisation:
5.1.1 Prior to accepting any e-commerce transaction, you must obtain prior authorisation from us via the payment gateway.
5.1.2 Authorisation must be requested only at the time of and for a particular e-commerce transaction.
5.1.3 You are responsible for ensuring that your payment gateway populates the correct CAVV and ECI indicators in the message, failing which you will be liable for any loss incurred.
5.1.4 You must forward a message to the payment gateway consisting of a record of all authorised e-commerce transactions in respect of which the goods and/or services have been dispatched. This message will be construed as being a guarantee given by you that the goods and/or services have been dispatched and will constitute an instruction to us to process the virtual transaction.
5.1.5 Failure to comply with any or all of the requirements set out above will render the e-commerce transaction invalid.
5.2 In addition to the above, you must adhere to the following when processing an e-commerce transaction:
5.2.1 You may not store a cardholder’s CAVV number.
5.2.2 You may not split an e-commerce transaction, disguise a transaction or act in a way as to avoid obtaining authorisation.
5.2.3 Authorisation is a prerequisite for the dispatch of goods and delivery of services. If the initial amount for which authorisation was obtained differs from the final amount charged to the cardholder, you must cancel the initial authorisation request by contacting us and resubmit a new request.
5.2.4 On authorisation being granted, the provision of your goods and/or services must take place within the periods stipulated in your delivery policies or as otherwise agreed between you and the cardholder.
5.2.5 Record must be kept of cardholder details in a secure manner.
5.3 The risk relating to the operational effectiveness through which e-commerce transactions are transmitted (ie the payment gateway network) will vest in you. The contents of the message we receive from the payment gateway will be deemed to be the contents of the message as received from your server. The foregoing will not be applicable only if we appoint the payment gateway or provide this service to you.
6. Your obligations in respect of transaction data
6.1 You must keep all information relating to a transaction on your database for at least three years after the transaction date.
6.2 You must keep proof of supply or delivery of the goods or services for at least three years after the transaction date.
6.3 Having regard to the chargeback procedures, you may be liable for the value of the sale if the cardholder subsequently repudiates or disputes any transaction.
6.4 For transactions processed through the payment gateway, you must, within five days of the transaction date, query any non-reflected credits.
6.5 When processing card transactions, you must at all times comply with the PCI DSS and must therefore:
6.5.1 at your own cost comply with all aspects of the PCI DSS as published by the card networks from time to time;
6.5.2 report all instances of a data compromise to us immediately but within 24 hours from the time you became aware of the incident; and
6.5.3 ensure that identified breaches of the PCI DSS are rectified within six months of the reported breach.
6.6 You will be liable to settle any fines or penalties that the card networks levy in the event of a data breach.
6.7 A transaction requiring payment must be presented by means of a message to the payment gateway. The message must include a record of all authorised transactions relating to goods that have been dispatched. The frequency of the data interchange will be at our discretion. However, you must ensure that all transactions are presented for payment within three business days of the transaction date.
6.8 You undertake to notify us immediately if there are any errors in the data interchange arising from a defective communication link. Our liability will then be limited to correcting the faulty data interchange in the system.
6.9 The fact that we may have credited your nominated account does not deprive us of our right to effect chargebacks or cancel the payment of transactions by debiting your nominated account with the amount of the invalid transaction.
7. Provisions relating specifically to software and infrastructure
7.1 You must, in accordance with our requirements and with reference to clauses 4 and 5 above, install or integrate with our Verified by Visa and SecureCode merchant plug-in technology to identify yourself to us and/or the cardholder in line with the standards and specifications of the bank.
7.2 A 3D Secure transaction will be invalid:
7.2.1 if you insert falsified 3D Secure authentication information into the transaction message by inserting invalid card numbers; or
7.2.2 if the UCAF/ECI indicators are incorrect; or
7.2.3 if you tamper with the 3D Secure authentication response from the issuer; or
7.2.4 if you do not process a transaction in compliance with the 3D Secure authentication process.
7.3 Verified by Visa and SecureCode liability shift protection is provided only for Visa and Mastercard internet e-commerce transactions and this protection applies to cardholder disputes or card-not-present transactions.
7.4 You must implement Verified by Visa and SecureCode in such a way that the cardholder account details are never stored in an unprotected manner and that you adhere to the PCI DSS requirements.
7.5 A message received from your server will be accepted to be a message from you.
7.6 You must supply us with the PAReq and/or PARes messages if requested to do so to resolve disputes.
7.7 If you do not comply with this entire clause 7 and this annexure in general, you will be liable for the transaction and the amount of the transaction will be debited to your nominated account.
8. Additional provisions relating specifically to software and infrastructure
8.1 You may carry out transactions only if you have infrastructure approved by us and a valid merchant certificate (or if the certificate was provided as part of the payment gateway).
8.2 You must comply with all applicable laws regarding import and export transactions performed over the internet.
8.3 We will not be party to any dispute between you and an e-commerce service provider that you appointed to establish your internet infrastructure. We will also not be liable for any damage that you suffer resulting from any failure or malfunction of this infrastructure.
8.4 You will be responsible for paying any charges or additional charges levied by Telkom or other government or non-government body authorised to control any connections that the infrastructure needs to function properly.
8.5 We will not be liable for damage caused by a network breakdown, system failure or equipment malfunction, or by the destruction of or damage to facilities caused by power failures or similar occurrences. It will also not be liable for loss or damage caused by events beyond our control and/or the fact that you or the cardholder is unable to gain access to your infrastructure or to use it.
8.6 You must, within a period agreed to by both parties, implement any hardware or software that we prescribe to manage or reduce fraud. If you do not implement it, we will have the right to cancel the agreement immediately.
8.7 You agree to implement security standards in the manner that we prescribe.
9. Moto transactions
9.1 If you perform MOTO transactions, you must do by using manual PAN entry.
9.2 A MOTO merchant may process MOTO transactions only with our written consent. We will give this consent at our discretion.
9.3 A MOTO merchant must enter the following information into the POS device to obtain authorisation:
9.3.1 The card number.
9.3.2 The expiry date.
9.3.3 The CVV2/CVC2/4DBC number.
9.4 The MOTO merchant must write on the sales voucher the cardholder’s name and account number and the address to which the goods were dispatched or the date on which the services were rendered. The MOTO merchant must also label the sales voucher a MOTO transaction and ensure that it is signed by the MOTO merchant (or authorised official) in the cardholder’s signature block on the sales voucher. The MOTO merchant must keep the order form with the cardholder’s signature and attach it to the POS-device-generated sales voucher. The MOTO merchant will be liable for the amount reflected on the sales voucher if the cardholder subsequently repudiates or disputes any MOTO transaction.
9.5 This clause 14 is applicable to Visa and American Express Cards only, as no manual entry transactions can be processed on Mastercard cards.
10. Masterpass
10.1 Cardholders can use the Masterpass app to scan QR codes to pay for purchases.
10.2 Transactions can be performed by cardholders either scanning the QR code manually or entering the numeric code linked to the QR code into the Masterpass app.
10.3 All transactions will be authenticated either by 3D Secure, AMT or another accepted authentication method.
10.4 As it relates to the Masterpass service, you agree that you will:
10.4.1 be responsible for implementing and managing appropriate security measures to prevent invalid transactions and fraudulent transactions;
10.4.2 display all promotional material that we give you to indicate that you accept Masterpass transactions, and to replace or remove this material immediately when we ask you to do so;
10.4.3 use the Merchant Portal with the necessary care, and not allow any unauthorised persons access to the portal; and
10.4.4 use the Masterpass service and the Merchant Portal, and any new capabilities that we introduce, in a diligent manner and with the necessary care.
10.5 As it relates to the Masterpass services, we will:
10.5.1 provide you with the necessary training to use the Masterpass services;
10.5.2 keep you informed of any changes to the Masterpass services that may affect you or your ability to use the Masterpass services; and
10.5.3 use reasonable efforts to remedy non-performance, defects or errors to the extent that the services fail to perform or if any defects or errors become apparent.