Fortis Platform Service Agreement
Updated: November 15, 2023
READ THIS FORTIS PLATFORM SERVICE AGREEMENT (THE “AGREEMENT”) CAREFULLY. IT IS A LEGAL AGREEMENT BETWEEN FORTIS PAYMENT SYSTEMS LLC, A DELAWARE LIMITED LIABILITY COMPANY AND FORTIS PAYMENT SYSTEMS OF CANADA, LTD(COLLECTIVELY “FORTIS”) AND THE PERSON OR ENTITY DOWNLOADING, DEVELOPING OR INSTALLING THE SOFTWARE INCLUDING, BUT NOT LIMITED, TO MERCHANTS, DEVELOPERS, SOFTWARE PROVIDERS OR OTHER USERS (HEREINAFTER COLLECTIVELY REFERRED TO AS “USER” “YOU”, OR “YOUR”) WHICH CONTAINS TERMS AND CONDITIONS THAT GOVERN USER’S ACCESS TO AND USE OF THE HOSTED SERVICE & ACH PROCESSING SERVICE (“SERVICES”) PROVIDED UNDER THE AGREEMENT, WHICH MAY BE MODIFIED FROM TIME-TO-TIME BY FORTIS IN ITS SOLE DISCRETION (COLLECTIVELY, THE “TERMS”). THESE TERMS APPLY TO EACH AND EVERY USE OF THE SERVICES BOTH NOW AND IN THE FUTURE. THIS AGREEMENT IS APPLICABLE DURING THE TESTING, DEVELOPMENT, INTEGRATION, AND USE OF THE SERVICES. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, YOU ARE NOT AUTHORIZED TO USE THE LICENSED SOFTWARE, HOSTED SERVICE OR ACH PROCESSING SERVICE.
1. Use and Restrictions.
1.1. Provision of Services
(a) Provision of Hosted Service. Conditioned upon User’s compliance with the terms of this Agreement, Fortis shall make the Hosted Service available to User pursuant to this Agreement for the limited purpose of enabling User to connect to selected bank processors for the transmission and security of payment card data. To the extent that any software will be delivered for download by User as part of the Hosted Service (the “Licensed Software”), Fortis grants User a limited, revocable, non-exclusive, non-transferable, royalty-free right and license (in object code only and with no right to sublicense) to use such Licensed Software solely as necessary to use the Hosted Service during the term of this Agreement and for no other purpose.
(b) ACH Processing Service. (i) Fortis provides payment solutions relating to electronic transaction processing services for organizations who receive payments from customers by credit card and/or electronic Automated Clearing House or Canadian Automated Clearing Settlement System (collectively “ACH”) transactions. With respect to ACH transactions, Fortis or its third-party partner, or Canadian Banking partner, is the ACH processor through which debit and credit transactions are submitted to the applicable Network in conjunction with ACH cheque processing origination and settlement services. User is lawfully engaged in the business of selling goods and/or services to third parties from whom it will receive credit card and/or ACH transactions and with whom it will initiate and process ACH transactions under an applicable Network, using Fortis’ payment solutions. (ii) Conditioned upon User’s compliance with the terms of this Agreement, Fortis shall provide User with software that permits User make an electronic payment transaction originated by User and processed through the applicable Network (“ACH Transaction”) during the term of this Agreement.
(c) Fortis may make the Services available to User directly or through resellers, ISOs, merchant aggregators, banks, a Canadian Banking Partner, or other third parties through which Fortis provides Services to users. Fortis reserves the right to amend the Terms and modify or discontinue all or part of the Services, temporarily or permanently, with or without notice, and is not obligated to support or update the Services. The amended Terms shall automatically become effective immediately after they are initially posted on the Hosted Service. User’s continued use of the Services after the posting of the amended Terms on the Site constitutes your affirmative: (a) acknowledgment of the Terms and its modifications; and (b) agreement to abide and be bound by the Terms, as amended. Should you object to any modifications of the Terms, your only recourse is to immediately: (a) terminate use of the Services; and (b) notify Fortis of the termination.
1.2. Restrictions; Reservation of Rights. User shall not use the Services or Licensed Software for any purpose other than as expressly set forth in Section 1.1. User shall not copy, frame, mirror, modify or create derivatives of, translate, reverse engineer, disassemble, reverse compile, de-compile, create derivative works based on the whole or any part of the Licensed Software, or otherwise attempt to determine the functionality of the Licensed Software or parts thereof. User shall not resell, redistribute, rent, lease, sub-lease, loan or otherwise make the Services or the Licensed Software available to any third party and shall not use the Services or the Licensed Software to provide services to any third party (e.g., business process outsourcing, service bureau applications or third-party training) without written authorization from Fortis (and subject to any additional fees payable). User shall not permit the Licensed Software or any part of it to be combined with, or become incorporated in, any other software. User acknowledges and agrees that the rights granted hereunder are not a sale of the Services or the Licensed Software and that User shall return all copies (in whatever form or media) of the Licensed Software to Fortis upon expiration or termination of this Agreement, for any reason. No express or implied rights or licenses are granted herein, except as expressly granted in Section 1.1, and Fortis reserves all title and all other rights in or to the Services and the Licensed Software including all intellectual property rights therein.
1.3. User and Fortis Responsibilities.
(a) User shall (i) be solely responsible for its users’, employees’, agents’, and representatives’ compliance with this Agreement and for their actions, (ii) be solely responsible for the accuracy, quality, integrity and legality of User Data and of the means by which it acquired User Data, (iii) use or disclose User Data only in connection with a Transaction, except as otherwise required by court order, government agency request, subpoena or order, (iv) be responsible for verifying the accuracy and completeness of all Transactions submitted to Fortis and for verifying that all corresponding funds are accurately processed, (v) use commercially reasonable efforts to prevent unauthorized access to or use of the Services or the Licensed Software, and notify Fortis promptly of any such unauthorized access or use of which User becomes aware and take such steps as may be necessary to prevent additional unauthorized access or use, (vi) use the Services and the Licensed Software only in accordance with associated user documentation provided by Fortis, and (vii) comply with all applicable laws and government regulations, including Data Laws, and rules, standards and guidelines promulgated by the Networks, and PCI DSS.
(b) User shall not (i) use the Services or the Licensed Software to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights, (ii) use the Services or the Licensed Software to store or transmit viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs, (iii) interfere with or disrupt the integrity or performance of the Services or the Licensed Software or third-party data contained therein, (iv) attempt to gain unauthorized access to the Services or the Licensed Software or their related systems or networks, (v) knowingly submit any Transaction that is illegal or that the User should have known was illegal, (vi) deposit a Transaction receipt that it knows or should have known to be either fraudulent or not authorized, or (vii) engage in any activity or knowingly submit any Transaction that (A) fails to comply with applicable provincial, state, and federal laws and government regulations, including, without limitation, any and all Data Laws, rules, standards and guidelines promulgated by the Networks, or PCI DSS, (collectively, the “Regulations”) or (B) subject Fortis to investigation, prosecution, or legal action. User bears the final responsibility to ensure that User’s policies and procedures meet the requirements of all applicable Regulations. User shall consult counsel regarding legal compliance with the Regulations.
(c) Each party shall comply with the then-current applicable Network Rules that apply to ACH Transactions processed under this Agreement. In addition, Fortis may publish to User and other users its own standard operating and implementation guidelines for the Services with respect to specific Network Rules which will govern and apply to this Agreement as if set forth herein.
(d) User authorizes Fortis to change its credit card processing account information to a new account, through Fortis, as of the Effective Date. User assumes responsibility for any loss that it may incur due to this change. Losses can occur if the account has been established incorrectly by a processor or the information has been entered incorrectly by Fortis. It is User’s responsibility to verify the information was entered correctly and the credit card settlements are being deposited into the correct bank account. User’s representations and warranties shall survive termination of this Agreement. In addition to all other indemnity obligations contained elsewhere in this Agreement, User shall defend, indemnify, and hold harmless Fortis for any claims, losses, liabilities, costs, fines, or expenses suffered or incurred (including attorneys’ fees and costs) relating to, arising out of, or involving any breach of these representations and warranties or failure to comply with any applicable Regulations. In addition to Fortis’ termination rights set forth in this Agreement, Fortis may immediately cancel this Agreement if Fortis or any regulatory agency believes that User is violating or has previously violated any applicable Regulation or is in breach of these representations and warranties.
1.4. User Data. As between Fortis and User, User owns all rights, title and interest in and to all User Data. User shall be solely responsible for the security of User Data residing on servers owned or operated by User or a third party designated by User, other than Fortis, and warrants that it has taken and will continue to take such precautions as may be necessary to ensure that User’s servers and electronic systems are secure from unauthorized access by third parties. User shall be solely responsible for maintaining records of all User Data. Fortis shall be solely responsible for maintaining records of all Transactions and providing such records, electronically and securely, to User via the application Programing Interface (“API”).
1.5. Credit Card Processing. Since the Hosted Service includes credit or debit card processing services to enable credit or debit card purchases, User hereby acknowledges that third party fund processors provide all fund-processing services. Fortis agrees and acknowledges that Fortis will submit all valid Transactions received for settlement to the applicable third-party fund processor no less than once each day. User shall be responsible for taking any action, providing information, maintaining, updating, implementing and executing any agreements or documentation required by any third parties, including obtaining a User account and all fees, costs and expenses in connection therewith. Fortis shall not be responsible for any errors or omissions of third-party contractors of User in connection with fund processing services.
1.6. Security Certificate. The Services may include issuance to User of an SSL certificate or other equivalent security certificate from a trusted certificate authority to enable secure and encrypted communications between User and the Services. User hereby acknowledges that all such security certificates are provided by third party certificate authorities and Fortis shall not be responsible for any errors or omissions of third parties in connection with security certificates. User is responsible for reasonably cooperating with Fortis as required in connection with the issuance and maintenance of security certificates.
1.7. Passwords. The Services are password protected. User shall solely and exclusively control the creation and provision of passwords for access to the Services. User hereby accepts responsibility for, and shall be liable for, all access to the Services other than access by Fortis. User shall be responsible for maintaining the confidentiality of the User-generated passwords provided that Fortis shall be responsible for protecting the confidentiality and unauthorized use of user passwords by its personnel and any persons or entities to whom it has provided access to the same. Fortis shall suspend in a reasonable time access rights for any User generated password in the event that User informs Fortis in writing of potentially improper access to or use of such User password.
1.8. Third Party Service Partners. User acknowledges that Fortis may engage the services of certain third-party service providers in its provision of Services, including but not limited to the Canadian Banking Partner and other third-parties. User shall reasonably cooperate with any such third party in connection with the provision of the Services. These third-party services partners are or may be providing some of the services specified in this Agreement and shall be an intended third-party beneficiary of this Agreement between Fortis and User. Each third-party services partner shall have the right to enforce directly against User the terms of this Agreement which relate to the provision of the third-party services partner’s processing services to User and the ownership and protection of the intellectual property rights of the third-party services partner and its licensors in and to its processing services. User acknowledges that the third-party services partners shall have no responsibility or liability with regard to Fortis’ obligations to User under this Agreement. User acknowledges and agrees that Fortis has the right to pass through to User any fees or other costs imposed by any third-party services partner in connection with the provision of Services to User. In addition to the foregoing, User expressly consents and acknowledges that any and all retained amounts (i) imposed by a third-party (including ISVs or other partners’ software for whom Fortis’ Services are integrated into), and (ii) that User has consented to in writing with such third-party, can be paid by Fortis directly to such third-party on User’s behalf from funds that would otherwise be due to User in relation to its use of the Services.
1.9. Maintenance. Fortis may in its reasonable judgment modify the Hosted Service, Surcharge Service, or the Licensed Software to improve operation, supportability, and reliability, or to meet legal requirements. Fortis does not warrant that the operation of the Services or the Licensed Software will be uninterrupted or error free.
1.10. Fortis Responsibilities. Fortis shall (a) be solely responsible for its employees’ and agents’ compliance with this Agreement and for their actions, (b) use or disclose User Data only in connection with a Transaction, except as otherwise required by court order, government agency request, subpoena or order, (c) use commercially reasonable efforts to prevent unauthorized access to or use of the Services or the Licensed Software, and notify User in a reasonable timely manner of any such unauthorized access or use of which Fortis becomes aware and take such steps as may be necessary to prevent additional unauthorized access or use, and (v) provide the Services and the Licensed Software in accordance with all applicable laws, Data Laws, and government regulations, including but not limited to rules, standards and guidelines promulgated by the Networks.
1.11. Set-Up and Delivery of ACH Service. (a) Fortis shall provide the Services either directly or through a Reseller, Network member, or Canadian Banking Partner, who has contracted for the delivery of Services with User. User shall utilize and access the Services in accordance with the terms of this Agreement and the practices and procedures established by Fortis for the Services, which have been communicated in writing to User. As part of the User set-up and boarding process: Fortis will provide User with an administrative and gateway username and password (“Password”) to access the Services, which are hosted on Fortis’ processing system. User will designate an Administrator who shall be the sole individual vested with the authority to determine who will be authorized to use the Services; establish separate passwords for each user; and establish limits on each user’s authority to access information and conduct transactions. User is responsible for the actions of its Administrator, the authority the Administrator gives others to act on User’s behalf, and the actions of the persons designated by the Administrator to use the Services. User shall take reasonable security procedures and practices to safeguard the confidentiality of the passwords; limit access to its passwords solely to persons who have a need to know such information; closely and regularly monitor the activities of employees who access the Services; and prohibit its employees and agents from initiating entries in the Services without proper authorization and supervision and adequate security controls. (b) Prior to submitting an Entry to Fortis for processing, User shall secure all authorizations and approvals from its client and deliver any notifications pertaining to that Entry that are required by the applicable Network Rules and/or applicable laws and regulations. User shall be responsible for the accuracy and propriety of all Entries submitted to Fortis for processing. (c) User acknowledges that Fortis has specific processing deadlines imposed by its ODFI, Canadian Banking Partner, and the ACH Operator for ACH Transactions. Files received by the applicable deadline will be transmitted that day for settlement on the effective entry day. Files received after the applicable deadline will be processed at a later time in accordance with the applicable Network Rules. (d) In the event of any conflicts in the instructions received by Fortis regarding User or any Entries relating to them, Fortis may at its option and with or without notice, hold or interplead, comply with the legal process or other order, or otherwise limit access by User or by Fortis to the funds, Entries or proceeds thereof. (e) Fortis or a Reseller may make available to User, end-user training and/or Courseware to assist User in understanding and using the Services and the Fortis processing system. The Courseware is a proprietary product of Fortis and its licensors and is provided to User for its sole internal use. Fortis and its licensors reserve all ownership rights in and to the Courseware materials. For training classes performed by Fortis or the Reseller at User’s site, User shall pay the applicable onsite training class fee quoted by Fortis or the Reseller and the reimbursable out-of-pocket travel expenses of the Fortis or Reseller trainer who travels to and from User’s location to deliver the training session. For on-line classes and e-Learning modules provided by Fortis or the Reseller, User shall pay the training class fee specified in the online class registration site. If Fortis or the Reseller offers a Courseware license which permits the User to perform its own internal training classes for the personnel of User and its clients, User shall pay the annual Courseware license fee quoted by Fortis or the Reseller for use of the Courseware modules licensed by User for this purpose.
1.12 Surcharge Service. If requested by User, Fortis may make available the Surcharge Service as part of the Hosted Service. The Surcharge Service shall be offered at a fee to User to be set by Fortis in its sole discretion. The Surcharge Service shall be configured by Fortis to allow User to charge its customers a fee of up to 3% of the value of the transaction (or such lower threshold as may be required by Regulation) on credit card transactions only. Fortis reserves the right to modify and/or discontinue the availability of the Surcharge Service, including without advance notice, if required by Regulation. If User chooses to implement a Surcharge Service, it must comply with all of the following requirements: (a) User must not circumvent, or attempt to circumvent, limitations within the Hosted Service on the assessment of surcharges, including attempting to evade or increase any limit on the amount of the surcharge; (b) User must not assess any Surcharge on any payment card other than a credit card, even if the cardholder chooses to run a non-credit card as a credit card; (c) User must display signage at both the point of entry and point of transaction that clearly and conspicuously states the amount of the surcharge, that the surcharge will be assessed only on credit card transactions, that the User is the one assessing the fee, and that the surcharge is no greater than the cost of accepting the credit card. FORTIS DOES NOT MAKE ANY REPRESENTATION OR WARRANTY AS TO THE LEGALITY OR COMPLIANCE OF THE SURCHARGE SERVICE. USER USES THE SURCHARGE SERVICE AT USER’S OWN RISK AND SUBJECT TO SECTION 6 OF THIS AGREEMENT.
2. Lawful; Permitted Use
(a) User agrees not to misuse the Services. More specifically, User and its end users shall not, at any time, conduct its business in any manner that directly or indirectly offers, sells, leases, licenses or displays, delivers, advertises, recommends, or promotes any product(s), service(s), data, information, image(s), text and/or any content which: (i) is unlawful or violates any applicable local, provincial, federal, national or international law, statute, ordinance, or regulation including, without limitation, Credit Card Association rules, policies or rules of any Canadian Banking Partner, consumer protection law, unlawful Internet tobacco sales, unfair competition, antidiscrimination or false advertising; (ii) is threatening, abusive, harassing, defamatory, obscene, libelous, slanderous, deceptive, fraudulent, invasive of another’s privacy, tortuous, or otherwise violate Fortis’ rules or policies; (iii) contains harmful content, including, without limitation, software viruses, Trojan horses, worms, time bombs, cancel bots, spy-ware, or any other files, software programs, or technology that is designed or intended to disrupt, damage, surreptitiously intercept or expropriate the Services or any system, program, data or personal information or limit the functioning of any software, hardware, or equipment or to damage or obtain unauthorized access to any data or other information of any third party; (iv) is associated with any form of restricted internet gambling or lottery type services not affiliated with a provincial-run lottery service; (v) is associated with electronic cigarettes (i.e., “e-cigarettes”) or any similar product; (vi) is associated with the sale of firearms; or (vii) is associated with the sale of any drug or controlled substance that Fortis believes to be or may become harmful, unlawful, or prohibited. Fortis requires sellers of prescription drugs to abide by all laws applicable to both the buyer and seller and we may require you to provide evidence of compliance with these requirements. The foregoing list is a non-exhaustive list of prohibited goods and services.
(b) Internet Abuse. User and its end users are prohibited from engaging in any form of Internet abuse, including but not limited to: (a) distributing, publishing, or sending any kind of unsolicited or unwelcome email to any number of network users (commonly referred to as “junk mail” or “spam”), including, without limitation, mass promotions, unauthorized or unsolicited commercial advertising, and informational announcements, anywhere on the Internet; (b) posting a single article or substantially similar articles to an excessive number of newsgroups or mailing lists; (c) repeated or deliberate posting of articles that are off-topic according to the charter of the newsgroup or mail list where such articles are posted; (d) posting commercial advertising in a conference or newsgroup, unless it is specifically permitted to be posted within that group; or (e) violating Canada’s Anti-Spam Legislation. (c) Without limitation, Fortis reserves the right to report any activity (including the disclosure of appropriate data or User information) that it suspects may violate any law or regulation to appropriate law enforcement officials, regulators, or other appropriate third parties. Fortis also may cooperate with appropriate law enforcement agencies to assist in the investigation and prosecution of any illegal conduct. If you want to report any violations of these guidelines, please contact a Fortis representative. (d) Access to and use of password protected and/or secure areas of the Services is restricted to authorized users only. Unauthorized individuals attempting to access these areas of the Services may be subject to prosecution. (e) Information collected by the Services will be treated in accordance with Fortis’ Privacy Policy located at www.Fortis.com, which is incorporated herein by reference.
3. Term and Termination.
3.1. Term. The term of the Services (and the license of the Licensed Software) shall commence on the Effective Date and continue in full force and effect until terminated as provided in Section 3.2 below.
3.2. Termination.
3.2.1. Fortis may terminate this Agreement, the Services, and/or User’s access to the Services in its sole discretion, at any time, for any reason, with or without cause.
3.2.2 Following the three year anniversary of the Effective Date, User may terminate this Agreement for convenience on 90 days’ written notice to Fortis. Prior to the three-year anniversary of the Effective Date, User may terminate only for Cause, with such termination to be memorialized in a written notice. “Cause” shall mean (1) Fortis’s ceasing to operate as a going concern; (2) Fortis’s violation of any state, federal or provincial law that has a material adverse effects User’s business.
3.3. Survival. Sections 4, 6.1, 6.2, 6.3, 6.4, 7, 9.5, 9.8, 9.9 and 9.11 shall survive expiration or termination of this Agreement for any reason.
3.4. Effect of Termination. In the event of any termination of this Agreement, User shall immediately cease use of the Services and the Licensed Software, permanently delete or uninstall the Licensed Software, and destroy all copies of the Licensed Software and documentation in its possession. Upon request by User, made within 3 calendar days after the effective date of termination of this Agreement, Fortis will make available to User a download of all User Data then-held by Fortis. After such 3-day period, Fortis shall have no obligation to maintain or provide any User Data and shall thereafter, unless legally prohibited, delete all User Data in its systems or otherwise in its possession or under its control. User retains no rights in the User Data.
4. No Promotion. Neither party shall, without the prior written consent of the other party, use in advertising, publicity, or otherwise, the name of such other party or any officer, director, employee, consultant or agent of such party, nor any trade name, trademark, trade device, service mark, symbol or any abbreviation, contraction or simulation thereof owned by either of the foregoing.
5. Representations and Warranties
5.1. Representations and Warranties. User represents and warrants that: (a) it has the full corporate right, power and authority to enter into this Agreement and to perform its obligations under this Agreement and that the person signing this Agreement on its behalf has all necessary power and authority to do so; (b) Entering into this Agreement and the performance by it of its obligations hereunder, do not and shall not violate, conflict with, or result in a material default under any other agreement, contract, or judgment to which it is a party or by which it is otherwise bound; (c) this Agreement constitutes a valid and binding obligation on User and is enforceable in accordance with its terms; (c) User is authorized to process and use User Data in each respect for which Fortis’ Software and/or Services are to be used, including, but not limited to, consumers’ telephone numbers; and (d) with respect to consumers’ telephone numbers constituting User Data: (i) such numbers will only be provided to Fortis where prior express consent for the intended use has been given by the individual associated with the telephone number, or the individual’s duly authorized agent; (ii) any withdrawn consent for such use will be promptly relayed and updated by User in the Fortis Software; and (iii) User will not cause such telephone numbers to be used through the Fortis Software and/or Services for any purpose other than providing services in the furtherance of processing or confirming the associated consumer’s Transaction(s).
5.2. PCI Data Security Warranty. Fortis represents and warrants that the data center and any back-up or alternative facility used by Fortis to provide the Services is and shall remain, during the term of this Agreement, compliant with applicable PCI data security standards for hosting facilities supporting consumer and business financial transactions. (a) Data Protection. Fortis acknowledges and agrees that the Hosted Services will capture certain User Data. Fortis shall not disclose User Data to other third parties or use the User Data except to the extent the use or disclosure of User Data is necessary in (i) providing Hosted Services; (ii) maintaining records for internal tracking, reporting and support purposes; or (iii) upon prior notice to User, complying with industry requirements, a court or governmental agency request or subpoena, or to defend Fortis’ rights in a legal dispute. (b) Data Security. Fortis shall be responsible for the security of User Data residing on servers operated, controlled or owned by Fortis or a third party designated by Fortis. Fortis agrees to use commercially reasonable efforts, at its sole cost and expense, to maintain the security of its systems, including creating firewalls to protect against unauthorized access and any other data privacy requirements as set forth in applicable laws, rules or regulations or in the PCI-DSS (“Data Privacy Requirements”). Fortis shall reasonably notify User of any actual or suspected security breach involving User Data. Fortis shall at all times comply with all Data Privacy Requirements, as amended from time to time. (c) Compliance. Fortis acknowledges that it processes, transmits, and/or stores User Data in the performance of the Services, and is therefore considered a “Service Provider” under Requirement 12.8 of the PCI-DSS. (d) Fortis agrees that it is responsible for the security of User Data that it possesses, including the functions relating to storing, processing, and transmitting of User Data. (e) Fortis affirms that, as of the effective date of this Agreement, it has complied with all applicable requirements to be considered PCI DSS compliant, and has performed the necessary steps to validate its compliance with the PCI DSS. (f) Fortis agrees to supply the current status of Fortis’ PCI DSS compliance status, and evidence of its most recent validation of compliance upon request by User but not more than once per year. (g) Fortis acknowledges that any indemnification provided for under this Agreement applies to the failure of Fortis to be and to remain PCI DSS compliant.
5.3. Other items. (a) all Entries submitted to Fortis for processing will comply with applicable laws, regulations and Network Rules pertaining to the Entries; (b) User will comply with all laws, regulations and Network Rules applicable to User’s activities covered by this Agreement; (iii) Fortis warrants to User that its Services will be performed in a professional and timely manner consistent with credit card processing industry standards and/or ACH transaction processing industry standards and in accordance with the applicable Network Rules and applicable laws and regulations and any written Fortis policies and procedures communicated by Fortis to User. In the event that User discovers an error in the Services or Software which has been caused by Fortis, if User has contracted directly with Fortis for the Services, User shall immediately notify Fortis of the existence and details of the error; if User has contracted with a Reseller for the Services, then User shall provide this notification to Reseller. Fortis shall apply commercially reasonable efforts to correct the error within a reasonable time after Fortis’ receipt of notification of the error.
6. Indemnification; Disclaimer of Warranties; Limitation of Liability; Insurance.
6.1. Indemnification. User agrees to defend, indemnify and hold Fortis and its officers, directors, managers, employees, agents and representatives harmless from and against any and all third party claims, actions, damages, obligations, losses, liabilities, costs and expenses (including reasonable attorneys’ fees, costs of collection, and other costs of defense) arising from or related to (a) any breach or non-compliance of this Agreement; (b) User’s negligence, fraud, or willful misconduct or by any of User’s employees, agents or individuals with “user accounts”; (c) use of the Services or the Licensed Software or user documentation except as set forth in Section 1.1 (subject to the limitations in Section 1.2); (d) violations of or failure to comply with the Network Rules or applicable federal, provincial, international or local laws, regulations, rules or ordinances; provided that User’s indemnification obligations shall not apply to the extent arising from claims for which Fortis is obligated to indemnify User, and provided further that Fortis (i) notifies User in writing in a reasonably timely manner of any such claim or suit; (ii) gives User full information and assistance in settling and/or defending the claim or suit; and (iii) gives User full authority and control of the defense and/or settlement of any such claim or suit; (e) return of an Entry due to incorrect or incomplete data or information provided by User in the submission of the Entry to Fortis, a closed User account, or insufficient funds in the User account; (f) fraudulent activity, wrongful or unauthorized use of the Services, or submission of fraudulent or illegal Entries by User or a third party who has gained access to the Services through the use of User’s password; or (g) infringement of any intellectual property or other legal right of any person or entity. In the event User cause fines and/or penalties to be charged to Fortis by the Credit Card Associations or any other entity, User agrees to reimburse Fortis immediately for said fines and/or penalties.
6.2. Warranty. Fortis warrants that it owns all rights, title, and interest in and to the Software and Software Products that it has the right to grant the licenses granted hereunder. This warranty coverage shall include all Software Maintenance performed and any enhancements or fixes to the Software by Fortis. Fortis does not warrant that User’s use of the Software will be uninterrupted or error free. Fortis warrants that it shall correct or replace, at no additional charge to User, any part of the Software found to be defective.
6.3. DISCLAIMER OF WARRANTIES. EXCEPT AS SET FORTH HEREIN, THE SERVICES AND THE LICENSED SOFTWARE ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS WITHOUT ANY REPRESENTATIONS OR WARRANTIES AND YOU AGREE TO USE THEM AT YOUR SOLE RISK. EXCEPT FOR THE WARRANTY PROVIDED IN SECTION 5.2 AND TO THE FULLEST EXTENT PERMISSIBLE BY LAW, NEITHER FORTIS NOR ITS LICENSORS MAKE ANY WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, REGARDING THE SERVICES AND THE LICENSED SOFTWARE, SUPPORT OR THE FAILURE OF ANY CONNECTION OR COMMUNICATION SERVICE TO PROVIDE OR MAINTAIN ACCESS TO THE SERVICES OR THE LICENSED SOFTWARE. EXCEPT FOR THE WARRANTY PROVIDED IN SECTION 5.2, FORTIS AND ITS LICENSORS SPECIFICALLY DISCLAIM AND USER HEREBY WAIVES ALL EXPRESS OR IMPLIED WARRANTIES OF NON-INFRINGEMENT, USERABILITY AND FITNESS FOR A PARTICULAR PURPOSE, QUALITY, ACCURACY, SECURITY, PERFORMANCE, OPERATION OF THE SERVICES OR THE LICENSED SOFTWARE AND ANY PARTICULAR APPLICATION OR USE OF THE SERVICES OR THE LICENSED SOFTWARE (WHETHER OR NOT KNOWN).
6.4. LIMITATION OF LIABILITY. USER AGREES THAT NEITHER FORTIS NOR ANY OF ITS OFFICERS, DIRECTORS, MANAGERS, EMPLOYEES, AGENTS OR REPRESENTATIVES SHALL BE LIABLE FOR ANY CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, PUNITIVE, INDIRECT, DIRECT OR SPECIAL DAMAGES OF ANY NATURE ARISING FROM BREACH OF WARRANTY, BREACH OF CONTRACT, NEGLIGENCE OR UNDER ANY OTHER LEGAL THEORY, WHETHER IN TORT OR CONTRACT, EVEN IF SUCH PARTY HAS BEEN APPRISED OF THE LIKELIHOOD OF SUCH DAMAGES OCCURRING, INCLUDING DAMAGES FROM INTERRUPTION OF BUSINESS, LOSS OF INCOME, PROFITS OR OPPORTUNITIES, LOSS OF USE OF THE SERVICES, LOSS OF DATA, COST OF RECREATING DATA, COST OF CAPITAL, OR COST OF SUBSTITUTE PROCUREMENT, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR IF SUCH DAMAGES ARE FORESEEABLE. IN NO EVENT SHALL FORTIS OR ANY OF ITS OFFICERS, DIRECTORS, MANAGERS, EMPLOYEES, AGENTS OR REPRESENTATIVES BE LIABLE FOR ANY DIRECT DAMAGES OR INDEMNITY OBLIGATIONS UNDER SECTION 6.1 IN EXCESS OF FEES PAID BY USER UNDER THIS AGREEMENT FOR THE TWELVE (12) MONTH PERIOD PRECEDING THE EVENT GIVING RISE TO THE CLAIM OR $100 (WHICHEVER IS LESSER). THE FOREGOING LIMITATIONS ON LIABILITY SHALL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW. THE LIABILITY LIMITS ARE REFLECTED IN THE SOFTWARE PRICE AND ARE ESSENTIAL ELEMENTS OF THE BARGAIN BETWEEN THE PARTIES, WITHOUT WHICH FORTIS WOULD NOT HAVE PROVIDED THE SERVICE OR ENTERED INTO THIS AGREEMENT.
7. Confidential Information
7.1. Confidential Information. User acknowledges that, during the term of this Agreement, it may receive information from Fortis that Fortis regards as highly confidential and proprietary, including but not limited to information concerning its business and operations (“Confidential Information”). Confidential Information of Fortis includes all non-public information of Fortis and its Affiliates, whether disclosed in written, oral or electronic form, including information regarding (a) the Services and the Licensed Software and other software of Fortis and its Affiliates, including benchmark results, manuals, program listings, databases, data structures, flow charts, logic diagrams, documentation and specifications, (b) concepts, techniques, ideas, and know- how embodied and expressed in the Services and the Licensed Software and other software of Fortis and its Affiliates, and (c) information relating to Fortis’ business plans, pricing, accounting, finance, employees, contractors, customers and suppliers. Confidential Information shall not include (A) information already lawfully known to one party at the time of disclosure by the other, (B) information generally known to the public other than as a result of disclosure in violation of this Section 7, or (C) information lawfully obtained from any third party that has no duty or obligation of confidentiality with respect to such information.
7.2. Non-Disclosure and Non-Use Obligations. User acknowledges that the Confidential Information of Fortis embodies valuable confidential and proprietary information of Fortis and/or its licensors, the development of which required the expenditure of considerable time and money by Fortis and/or its licensors. User shall treat all Fortis Confidential Information in confidence and shall not use, copy, or disclose, nor permit any of its personnel or any other party to use, copy, or disclose the same, for any purpose that is not specifically authorized under this Agreement. User shall use at least the same degree of care in handling Confidential Information of Fortis as it uses with regard to its own confidential information, but no less than reasonable care. User shall advise its employees who may be exposed to Confidential Information of Fortis of their obligations to keep that information confidential, and shall require all contractors permitted access to such Confidential Information to execute confidentiality agreements at least as protective of the Confidential Information as this Section 7.
7.3. Exceptions. Notwithstanding Section 7.2, User may disclose Fortis’ Confidential Information only to the extent required by law or by order of a court or governmental agency; provided, however, that User shall first give Fortis prompt notice and shall cooperate with Fortis if it wishes to obtain a protective order or otherwise protect the confidentiality of such Confidential Information. Notwithstanding anything contained in this Agreement to the contrary, Fortis may share Confidential Information of User with resellers, referral partners, ISOs, merchant aggregators, banks and other third parties through which (or the reason for which) Fortis provides the Services to users that have executed agreements with Fortis containing the same or similar confidentiality provisions as set forth in this Agreement.
7.4. Return of Confidential Information. Upon expiration or termination of this Agreement for any reason, each party shall promptly return to the other party (or destroy if returning such information is impossible) all Confidential Information of such other party and any copies of documents, papers or other material which may contain or be derived from any such Confidential Information that is in its possession, and shall certify the same in writing at the request of such other party.
7.5. Intellectual Property Rights. User acknowledges that the Software and their systems, together with all documentation used by Fortis to provide the Services, are proprietary to Fortis and that User shall not use, copy or disclose the same, for any purpose that is not specifically authorized under this Agreement, or permit its personnel to do so. All the text, images, marks, logos and other content of the Systems (“Site Content”) are proprietary to Fortis or to third parties from whom Fortis has obtained permission. Fortis authorizes User to view, download, and print the Site Content provided that: (a) User may only do so for its own personal and non-commercial use; (b) may not copy, publish or redistribute any Site Content; (c) may not modify Site Content; (d) may not remove any copyright, trademark, or other proprietary notices that have been placed in the Site Content by Fortis. Except as expressly permitted above, reproduction or redistribution of the Site Content, or any portion of the Site Content, is strictly prohibited without the prior written permission of Fortis. To request permission User may contact Fortis at admin@Fortis.com. User represents and warrant that its use of Site Content will be consistent with this license and will not infringe or violate the rights of any other party or breach any contract or legal duty to any other parties.
7.6 Links to Third-Party Sites Not Endorsements. The Services contain links to third-party web sites. The linked sites are not under the control of Fortis, and Fortis is not responsible for the contents or policies of any linked site. Fortis provides these links as a convenience only, and a link does not imply endorsement of, sponsorship of, or affiliation with the linked site by Fortis. Links to Users or advertisers are owned and operated by independent retailers or service providers, and therefore, Fortis cannot ensure that you will be satisfied with their products, services or practices. User
7.7 User-Created Content & Data. If User or one of its end users upload, submit, store, send or receive content to or through Fortis’ Services , you give Fortis (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content. The rights you grant in this license are for the limited purpose of operating, promoting, and improving Fortis’ Services, and to develop new ones. This license continues even if User stops using Fortis’ Services. Some Services may offer User ways to access and remove content that has been provided to that Service.
7.8. HIPAA and Other Laws and Regulations. In accordance with data privacy laws and regulations applicable to this Agreement, which may include but not be limited to the Gramm-Leach-Bliley Act (“GLBA”), Payment Card Industry (PCI) Security Standards and the Health Insurance Portability and Accountability Act (“HIPAA”), Fortis Platform shall not disclose or permit access to or use of the non-public personal information of Parties or its clients made available by Parties to Fortis Platform for any purposes other than those specifically required to fulfill Fortis Platform’s contractual obligations with Parties. To the extent that HIPAA applies, diagnostic and treatment information shall not be used to process a payment transaction, and covered entities shall limit the exchange of Protected Healthcare Information (“PHI”) to the minimum necessary to accomplish the intended purpose of the use, disclosure or request, consistent with 45 CFR § 164.502(b). (a) If Parties is a Covered Entity: (i) it shall notify Fortis Platform of any limitation(s) in the notice of privacy practices of covered entity under 45 CFR 164.520, to the extent that such limitation may affect Fortis Platform’s use or disclosure of protected health information. (ii) it shall notify Fortis Platform of any changes in, or revocation of, the permission by an individual to use or disclose his or her protected health information, to the extent that such changes may affect business associate’s use or disclosure of protected health information. (iii) It shall notify Fortis Platform of any restriction on the use or disclosure of protected health information that Covered Entity has agreed to or is required to abide by under 45 CFR 164.522, to the extent that such restriction may affect Fortis Platform’s use or disclosure of protected health information. (iv) It shall not request Fortis Platform to use or disclose protected health information in any manner that would not be permissible under Subpart E of 45 CFR Part 164 if done by Covered Entity.
8. Title. Nothing contained in this Agreement shall directly or indirectly be construed to assign or grant to User any right, title or interest in and to the trademarks, copyrights, patents or trade secrets of Fortis or any ownership rights in or to the Services and the Licensed Software and any intellectual property rights embodied in or associated with the Licensed Software, including any documentation. There is no implied licenses under this Agreement and any rights not expressly granted to User hereunder are reserved by Fortis.
9. General
9.1. Entire Agreement. This Agreement contains the entire agreement of the parties with respect to its subject matter and supersedes all existing and all other oral, written or other communications between the parties concerning this subject matter. The parties agree that all previous licenses for Fortis-owned software products granted by Fortis (or its predecessor) to User, if any, are hereby terminated and replaced by this Agreement. Fortis may amend the terms of this Agreement by providing notice to User by email or by posting notice of the change to its platform and User’s continued use of Licensed Software will constitute its acceptance of such amendment.
9.2. Force Majeure. Neither party (including Fortis, any ODFI, any Canadian Banking Partner, or any of their respective affiliates) shall be liable for any performance delays or failure to perform its obligations under this Agreement (except obligations to make payments) or any failure of the Hosted Service or the Licensed Software, or failures of any ODFI, Canadian Banking Partner, ACH, Payments Canada, or Federal Reserve Bank, or other applicable Network system network because of circumstances beyond the control of such party, which such circumstances shall include natural disaster, terrorism, riot, sabotage, labor disputes, war, any acts or omissions of any government or governmental authority, declarations of governments, laws, and court orders (other than with respect to claims covered by Fortis’ indemnification obligations or otherwise due to Fortis or User actions). In the event of the occurrence of such circumstances, the party affected by the force majeure condition shall promptly notify the other party of the situation. For the avoidance of doubt, force majeure shall not apply to any obligation to make any payments hereunder.
9.3. Independent Contractors. All work performed by Fortis in connection with the Services or Licensed Software described in this Agreement shall be performed by Fortis as an independent contractor and not as the agent or employee of User. This Agreement will not be construed as creating a partnership, joint venture or agency relationship between the parties.
9.4. Notices. All notices, demands, or other communications herein provided to be given or that may be given by any party to the other shall be deemed to have been duly given when made in writing and delivered in person, or upon receipt, if deposited in the United States mail, postage prepaid, certified mail, return receipt requested, or via overnight courier, as follows: If to Fortis: Address: 43155 Main St. Suite 2310C, Novi, MI 48374. Attn: Legal, Fortis. If to User the name and address provided during the enrollment/boarding process, or to such address as the parties may provide to each other in writing from time to time.
9.5. Severability. If any provision of this Agreement (or any portion thereof) is invalid, illegal or unenforceable, the validity, legality and enforceability of the remainder of this Agreement shall not be affected or impaired.
9.6. No Waiver. The failure by either Fortis or User to insist upon strict performance of any of the provisions contained in this Agreement shall in no way constitute a waiver of its rights as set forth in this Agreement, at law or in equity, or a waiver of any other provisions or subsequent default by the other party in the performance or compliance with any of the terms and conditions set forth in this Agreement.
9.7. Governing Law and Venue. This Agreement is deemed entered into in Michigan and shall be governed and construed in all respects by the laws of the State of Michigan, without giving effect to principles of conflict of law of any jurisdiction, and without regard to the United Nations Convention on Contracts for the International Sale of Goods. If either party initiates litigation in relation to this Agreement, the suit must be filed in the State or Federal Courts located in Michigan.
9.8. Transfer. In the event of a merger, acquisition, sale, or other transfer of ownership of Fortis, User’s business, or of User’s Reseller – User’s data, and User’s Customer’s personal data may be made available to any legal successors of Fortis, User’s business or of User’s Reseller. User must complete Fortis’ transfer of ownership form.
10. Definitions. When used in this Agreement, the words or phrases below shall have the following meanings:
10.1. “Affiliate” means, with respect to a party hereto, any subsidiary, parent or other affiliate controlled by such party and any entity directly or indirectly controlled by, under common control with, or controlling such party. For the purposes of this Section, “control” means the possession, directly or indirectly, of the power to direct the management and policies of an entity, whether through the ownership of voting securities, by contract, or otherwise.
10.2. “Canadian Banking Partner” means a Canadian financial institution chosen by Fortis from time to time, who facilitates the Services.
10.3. “Card Network” means American Express, Discover Financial Services, MasterCard International Inc., Maestro International Inc., Visa U.S.A. Inc., Visa, Inc., Visa International Inc., and any other credit or debit card issuing company.
10.4. “Courseware” means the end user training courseware and materials relating to the use and operation of the Services and Fortis’ Software that Fortis or a Reseller may provide through classroom training, online training or e-Learning delivery to User.
10.5. “Data Laws” means all Canadian federal and provincial privacy legislation and industry standards applicable to Fortis and You concerning or in any way relating to privacy, data protection, confidentiality or information security, Canadian Anti-Spam Legislation, and any applicable provincial privacy legislation in respect of any Personal Information that is collected, used, or disclosed by a party.
10.6. “Effective Date” shall be the earlier of when User clicks “I Agree” to accept these terms, or User’s first use of any aspect of the Service.
10.7 “Entry” means a transaction submitted by User to Fortis for processing by the Services.
10.8. “Hosted Service” means the online web-based service provided by Fortis to User via a designated website as described in such documentation as may be provided by Fortis from time to time.
10.9. “Network” means Card Networks, NACHA, Payments Canada, any Canadian Banking Partner and all other applicable credit card issuers or networks having proprietary rights to and clearing and oversight responsibilities with respect to any payment instrument used to effect, payment- related transactions for which Services are provided pursuant to this Agreement.
10.10. “Network Rules” means the by-laws, regulations and requirements that are promulgated by any Network, and includes the Payment Canada Rules and rules or policies of any Canadian Banking Partner.
10.11. “Originating Depository Financial Institution” or “ODFI”: In an ACH Transaction, the financial institution which receives the Entry from Fortis and transmits the Entry to its ACH Operator for transmittal to a Receiving Depository Financial Institution for debit or credit to the User’s account, as these terms are further defined in the applicable Network Rules.
10.12. “Payments Canada Rules” means any by-laws, rules, standards and procedure documents made by Payments Canada (formerly Canadian Payments Association).
10.13. “Reseller” means a third-party reseller, such as an ISO reseller or Value Added Reseller, appointed and authorized by Fortis to resell and/or deliver the Services and Courseware to User.
10.14. “Services” means the Credit Card Gateway, ACH processing services, Surcharge Service, and/or Hosted Services provided by Fortis to User under this Agreement, as the foregoing may be updated from time to time. The Services are provided via Software.
10.15. “Software” means Software programs and associated documentation and materials that Fortis provides to User for use with the Services. Software may include but not limited to (a) web based system (b) Application Programming interface (API) (c) mobile application.
10.16 “Surcharge Service” means a functionality offered by Fortis through the Hosted Services that enables Users to charge customers an additional fee for the use of a credit card only.
10.17. “Transaction” means any billable occurrence completed or submitted under User’s account, including but not limited to sale, void, refund, credit, offline force, capture authorization, validate, update or settlement, regardless of whether approved or declined.
10.18. “User” means the individual or entity stated on the confirmation to this Agreement including its employer, employees, agents, representatives, customers or individuals with “user accounts” utilizing the Services provided to User or User’s customers pursuant to this Agreement.
10.19. “User Data” means all electronic data or information submitted by User to the Hosted Service, including but not limited to all personal and identifiable information relating to customers of User, cardholder account numbers and transactional information.
10.20. “User Facilities” means the User premises and all equipment, systems, networks, and phone lines or other means used for the transmission of voice or data over networks, and all software programs and data used or stored on such equipment and systems, in any case that is owned or leased by User.
BY CLICKING THE “I AGREE” BUTTON, OR CHECKING THE APPROPRIATE BOX, OR SIGNING THIS AGREEMENT, OR USING, DOWNLOADING, INSTALLING, OR CONTINUING TO USE THE SERVICES OR LICENSED SOFTWARE (THE “CONFIRMATION”), I ACKNOWLEDGE AND AGREE THAT (I) MY USE OR PROVISION OF THE SERVICES AND LICENSED SOFTWARE DESCRIBED IN THIS AGREEMENT, AS APPLICABLE, WILL BE GOVERNED BY THE TERMS AND CONDITIONS CONTAINED IN THIS AGREEMENT, (II) I ACCEPT ALL OF THE TERMS OF THIS AGREEMENT, (III) I AM 18 YEARS OF AGE OR OLDER AND HAVE THE LEGAL AUTHORITY TO ENTER INTO THIS AGREEMENT, AND (IV) IF I AM USING THE SERVICES ON BEHALF OF USER, I REPRESENT THAT I AM AUTHORIZED TO ACCEPT THESE TERMS ON USER’S BEHALF.