Merchant Services Agreement

7.3 Credit Cards Processing

 

 

7.3.1 If the Principal is providing the Company merchant account information to use the Principals merchant account items 7.3.1.1 – 7.3.1.6 apply

 

 

7.3.1.1      The Company will provide technology for and authorizes the Principal to utilize the technology to interface with SafeSave, Authorize.net, BlueFin, Vital / VisaNet / TSYS credit card processing network. There will be no additional charges assessed by the Company for use of this technology.  

 

 

7.3.1.2      The Principal authorizes the Company to host the merchant information for purposes of processing credit card payments for sales conducted for the Principal.

 

 

7.3.1.3      The Company will use its best efforts to ensure that no fraudulent or stolen credit cards are used to purchase Items through the Company’s Systems.  Except in cases of negligence by the Company, the Principal assumes the risk of credit card sales and related fees and penalties associated with the use of fraudulent or stolen credit cards.

 

 

7.3.1.4      All charge back disputes and any fees or refunds given due to such action will be the responsibility of the Principal.

 

 

7.3.1.5      If Principal’s account becomes more than 60 days delinquent, Principal agrees that the Company has the authority to modify the merchant services account to the Company’s account until account delinquency has been satisfied.

 

 

7.3.2         If the Principal is using merchant services provided by the Company items 7.3.2.1 – 7.3.2.7 apply

 

 

7.3.2.1      Service Fees and Credit Card processing fees due to the Company will be automatically deducted from Principal’s proceeds prior to the Company releasing the funds to the Principal. Revenue collected by the Company on behalf of the Principal shall be released on the Tuesday following the completion of the event(s) or monthly for non-date specific items. Principal understands and agrees that fees cannot be released earlier than the event occurring.

 

 

7.3.2.2      Principal hereby agrees that Customers are entitled to full refunds of the face value of the ticket for cancelled, postponed, or relocated events.  Principal accepts responsibility for all refunds related to cancelled, postponed, or relocated events.

 

 

7.3.2.3      Principal hereby agrees that Customers are entitled to full refunds for errors caused by Principal that prevent Customers from being admitted to the Event(s) or being allowed to sit or otherwise be located in the location specified on Customer’s Ticket or the Admission Report.

 

 

7.3.2.4      If an Event or Events are cancelled, postponed, relocated, or a Customer or Customers are otherwise entitled to a refund(s), service fees stated in Exhibit A of this contract ARE NOT refundable to the ticket buyer.  If the Principal chooses to reimburse the consumer for the entire ticket purchase (including fees) the Principal will accept the responsibility to pay any applicable fees to the Company.

 

 

7.3.2.5      Principal agrees to be responsible for all chargeback claims and associated fees not related to an error on the part of Company. Said charges will be taken out of any pending remittance or invoiced to Principal for payment upon receipt of invoice.

 

 

7.3.2.6      Principal agrees to procure a signature of ticket buyers who receive their tickets via hard or soft will call and supply Company with that signature upon request.

 

 

7.3.2.7      Principal agrees to make every effort to dispute chargeback claims with ticket buyer verification information.

 

 

7.3.3 PCI-DSS Compliance

 

 

7.3.3.1      The Principal is responsible for ensuring that its use of the Service to store or process credit card data complies with applicable Payment Card Industry Data Security Standards (“PCI DSS”) requirements and shall not store credit card data in the Service except in the designated encrypted fields for such data. During the Contract Term defined in the attached Schedule A, the Company shall maintain PCI DSS compliance for those portions of the Service that are designated by the Company as being designed to store and process credit card data. Any changes made to the Service by the Principal or at the Principal’s direction may affect the Principal’s compliance with PCI DSS requirements and the Principal shall be solely responsible for ensuring that any such changes are compliant with PCI DSS requirements.

 

 

7.3.3.2       In the performance of this agreement the Company acknowledges and agrees that, in connection with fulfilling its obligations hereunder, the Company may gain access to and/or acquire the ability to transmit, store or process Cardholder account and/or transaction information (collectively, “Cardholder Data”). To the extent that the Company has access to, or possession of, Cardholder Data, the Company covenants, agrees, represents and warrants as set forth in this Section, all of which shall be undertaken at Company’s sole cost and expense. The Company will comply with and adhere to the payment card industry (“PCI”) data security standard (“DSS”) in effect from time to time and shall implement and maintain appropriate measures designed to meet the objectives of PCI DSS. In the event a PCI representative or PCI authorized third-party seeks to conduct a security audit or review of the Company at any time, including, without limitation, after an alleged or actual security intrusion, for the purpose of validating the Company’s status, effectiveness or compliance with the PCI DSS, the Company will fully cooperate with such audit or review. The Company (a) is solely responsible for, and will ensure, the integrity, security and confidentiality of Cardholder Data, (b) will protect against any anticipated unauthorized access, threats or hazards to the integrity, security or confidentiality of Cardholder Data; and (c) will only disclose or use the Cardholder Data for those permitted purposes required for the performance of its covenants and obligations under this Agreement and, in any event, only in accordance with Legal Requirement. Upon the reasonable request of Principal, the Company shall promptly provide the Principal with information regarding the Company’s security measures. the Company shall immediately advise the Principal as to any threatened, suspected or actual compromise of the integrity, security or confidentiality of Cardholder Data and will thereafter diligently keep the Principal advised as to the status and process of same. The Company will maintain a recovery plan designed to minimize risks associated with any unplanned interruption of the Company’s operations or business or any unplanned inaccessibility to Cardholder Data.

 

 

7.3.3.3       In the performance of the Agreement during which the Company will accept, store, use, process, transmit or have access to payment account, cardholder or transaction data belonging to Principal, the Company shall (a) comply with the Payment Card Industry Data Security Standard (“PCI-DSS”), as set forth at https://www.pcisecuritystandards.org/ and as may be updated from time to time by the Payment Card Industry Security Standards Council, and (b) upon request by Customer and not more than once annually, provide Customer an Attestation of Compliance (AOC) letter, certifying the Company’s compliance with PCI-DSS for purposes of this Agreement.