Legal

TERMS OF USE

Last Updated:  March 30, 2021

These Terms of Use constitute a contract by and between OnePay Global LLC (“OnePay”) and any person or entity who uses our products and/or services, including our payment services and our payment processing services (collectively “Services”), or who agrees to use our Services (“you”) (each a “Party” and collectively the “Parties”).  You may agree to use OnePay’s Services when you sign up to use the Services through our Website or when you sign a separate agreement regarding the Services.  These Terms of Use govern your use of OnePay’s Services, unless you sign a separate agreement regarding the Services, and is effective when you begin using the Services or when you agree to use the Services, whichever is earlier (“Effective Date”).  If the Parties sign a separate agreement regarding the Services, the separate agreement will control.

By using the Services or agreeing to use the Services, you agree to these Terms of Use, and you agree that they cannot be modified in any way, except as set forth below.  IF YOU DO NOT AGREE TO THESE TERMS OF USE, YOU MAY NOT USE THE SERVICES.

OnePay may modify these Terms of Use, including any of the policies and agreements associated with these Terms of Use, at any time, with or without notice.  Any changes to these Terms of Use, including any of the policies and agreements associated with these Terms of Use, will be effective immediately upon being posted.  By continuing to use the Services after such changes are posted, you agree to such changes.  IF YOU DO NOT AGREE TO SUCH CHANGES, YOU MAY NOT CONTINUE TO USE THE SERVICES.

If you are agreeing to these Terms of Use on behalf of an entity, you represent that you have the authority to bind the entity and that the entity agrees to these Terms of Use.  IF YOU DO NOT HAVE THE AUTHORITY TO ENTER INTO THESE TERMS OF USE ON BEHALF OF THE ENTITY OR THE ENTITY DOES NOT AGREE TO THESE TERMS OF USE, NEITHER YOU NOR THE ENTITY MAY USE THE SERVICES.

INCORPORATED DOCUMENTS

You agree to the following policies as of the Effective Date.  These policies are incorporated by reference into these Terms of Use (either directly or through our Privacy Policy).

• Cookies Policy
• E-Business Policy
• GDPR Policy
• Government Disclosures Policy
• Hardware Policy
• Payment Processing Terms of Use
• Privacy Policy

IF YOU DO NOT AGREE TO ANY OF THESE POLICIES, YOU MAY NOT USE THE SERVICES.

RELATED AGREEMENTS

You agree to the following related agreements as of the Effective Date (provided they are applicable).

• Business Associate Agreement (provided you are a “covered entity” under applicable law)
• Service Level Agreement

IF YOU DO NOT AGREE TO ANY OF THESE AGREEMENTS (PROVIDED THEY ARE APPLICABLE), YOU MAY NOT USE THE SERVICES.

SERVICES

The Services include the OnePay platform, any mobile app associated with the platform, any documentation regarding the platform, and any related products and/or services.  The Services may include our payment processing services if you use such services to enable your customers to make payments to you.  The term of use applicable to our payment processing services are set forth in our Payment Processing Terms, which are incorporated by reference into these Terms of Use.  The Services may also include our website (“Website”), where applicable below.

OnePay may modify any aspect of the Services at any time, with or without notice.  OnePay makes no representations as to whether any information regarding any aspect of the Services is current and undertakes no obligation to update such information.

LICENSE

To enable you to use the Services, OnePay grants you a non-exclusive, non-transferrable, non-sublicensable, revocable license to use the Services (“License”), subject to:  (a) the creation of an account enabling you to access the Services (“Account”); (b) your payment of the fees for the use of the Services (“Fees”); and (c) your compliance with these Terms of Use or a separate agreement regarding the Services.

You agree that the License does not grant you any other rights in the Services, including any intellectual property rights, and does not include any right to copy, distribute, modify, or otherwise use the Services in any way outside the scope of the License.  Nor does the License include any right to make derivative works based on the Services.  Nor does the License include any right to use the Services after the termination of the License.  Nor does the License include any right to access, evaluate, or otherwise use the source code, object code, or other code associated with the Services, unless the Parties otherwise agree in writing.

You agree that the License applies only to:  (a) you (including any persons who you authorize to manage the Services); and/or (b) any persons who you require to use the Services (“End Users”).

TERM

The term of the License starts on the Effective Date and ends when your Account is terminated by either OnePay or you.

TERMINATION

You may terminate your License to use the Services by closing your Account at any time, with or without notice, and for any reason, subject to your payment of any Fees that may be due for your use of the Services.

OnePay may terminate your License to use the Services by closing your Account at any time, with or without notice, and for any reason, including:  (a) your misuse of the Services; (b) prevention of any attempted, threatened, or suspected misuse of the Services; (c) compliance with any valid governmental demand; or (4) non-payment of any Fees that may be due for your use of the Services.  OnePay may notify you that your License has been terminated, but we are not required to provide such notification.

Upon the expiration or termination of the License for any reason, the Parties’ rights and obligations will survive with respect to the Fees, Confidential Information, Intellectual Property, Limitations on Liability, Indemnification, and General provisions of these Terms of Use.

SUSPENSION

OnePay may suspend your License to use the Services for the same reasons that it may terminate the License.  OnePay may also suspend your License in order to perform maintenance on the Services or any computer systems associated with the Services.  OnePay may suspend your License for as long as necessary to address the reasons for the suspension.  OnePay may notify you that your License has been suspended, but we are not required to provide such notification.

FEES

If applicable, you agree to pay the Fees for the use of the Services set forth on our Website or in a separate agreement regarding the Services.  OnePay reserves the right to change the Fees at any time and may terminate or suspend your Account for nonpayment of any Fees that may be due for your use of the Services.

You will be asked to provide OnePay with a credit card number or with sufficient information for OnePay to invoice you for the Fees when an Account is created.  Your credit card will be charged for the Fees or OnePay will send you invoices for the Fees on a monthly basis.  The first charge will be on or about the date the Account is created, and subsequent charges will be on or about the first day of each following month.  Your credit card may be charged or you may be invoiced for any hardware that you purchase through OnePay for use in connection with Services.

If you pay the Fees by credit card, you are responsible for ensuring that a valid credit card number is associated with your Account at all times.  Your Account may be terminated or suspended at any time if any monthly credit card payment is declined.  If a monthly credit card payment is declined for any reason, OnePay will endeavor to contact you, but we are not required to provide such notification.

If you fail to pay any invoice within forty-five (45) days, the invoice will accrue interest after that date until paid in full at the rate of one percent (1.5%) per month, compounded monthly and computed on a per diem basis.

Invoices for the first and last months of access to the Services will not be prorated, regardless of the date on which your Account is opened or closed, and regardless of who closes the Account, unless the Parties otherwise agree in writing.

You will pay all applicable sales and other taxes related to the purchase of the Services or provide OnePay with a valid certificate of exemption excusing you from paying such taxes.

SUPPORT SERVICES

OnePay will provide you with reasonable support regarding the use of the Services (“Help Desk Support”) and connectivity to OnePay’s computer network (“Network Support”) (collectively “Support Services”).  OnePay will provide Support Services during normal business hours.

SERVICE LEVELS

OnePay will provide the service levels set forth OnePay’s Service Level Agreement, which is incorporated by reference into these Terms of Use.

PERSONAL INFORMATION

You will need to provide OnePay with certain personal information (including the personal information of any persons who you authorize to manage the Services) when an Account is created and/or modified.  OnePay’s collection and use of such information is subject to OnePay’s Privacy Policy, which is incorporated by reference into these Terms of Use.  OnePay’s collection and use of the personal information of End Users is also subject to our Privacy Policy.

CONFIDENTIAL INFORMATION

The Parties may exchange certain non-public business information (“Confidential Information”) during the course of their relationship.  Either Party may disclose or receive Confidential Information under these Terms of Use (each a “Disclosing Party” or a “Receiving Party”).  The Parties agree that the Disclosing Party owns all right, title, and interest in and to any Confidential Information that it discloses to the Receiving Party.

Confidential information may include information regarding:  (a) the intellectual property associated with the Parties’ products and services (“Intellectual Property”); (b) the Parties’ products and services; and (c) the Parties.  Confidential Information includes information in the above categories:  (a) whether or not the information is marked confidential; (b) whether or not the information is disclosed in written form or verbally; and (c) whether or not the information is disclosed before or after the Effective Date of this Agreement.  Confidential Information does not include information:  (a) that was public knowledge at the time of disclosure or becomes public knowledge after the time of disclosure through no action of the Receiving Party; (b) that was otherwise known to the Receiving Party at the time of disclosure; or (c) that is subsequently obtained from a third party under no confidentiality obligation to the Disclosing Party, unless the information reasonably should be considered confidential.

The Receiving Party will use the highest degree of care in protecting the Disclosing Party’s Confidential Information and will only disclose such information to:  (a) the Receiving Party’s employees, independent contractors, service providers, and other persons and entities associated with the Receiving Party who have a need to know such information in order to perform their duties and who have signed agreements requiring them to protect third-party confidential information; and (b) persons and entities who the Disclosing Party agrees may have access to such information, provided the Disclosing Party agrees in writing.  The Receiving Party is responsible for any violation of the confidentiality provisions of these Terms of Use by any persons or entities who receive any Confidential Information from the Receiving Party.

If the Receiving Party receives a valid government demand for the Disclosing Party’s Confidential Information, such as a court order, search warrant, or subpoena, the Receiving Party will promptly inform the Disclosing Party (unless such notice is prohibited), and upon the Disclosing Party’s request, the Receiving Party will provide reasonable assistance in maintaining the confidentiality of the information.  If the Receiving Party discloses any of the Disclosing Party’s Confidential Information, it will only disclose the information strictly required by the government demand.

Upon the expiration or termination of the Parties’ relationship, or upon the Disclosing Party’s request, the Receiving Party, at its own expense, will promptly return all of the Disclosing Party’s Confidential Information.  Alternatively, if the Disclosing Party agrees, the Receiving Party may provide the Disclosing Party with written assurance of the destruction of such Confidential Information.

You understand that OnePay does not wish to receive any Confidential Information that is not necessary for OnePay to perform its obligations under this Agreement.  OnePay will not treat such information as confidential, unless the Parties otherwise agree in writing.

INTELLECTUAL PROPERTY

OnePay owns the Services and all right, title, and interest in and to any Intellectual Property relating to the Services, whether created by or on behalf of OnePay, including:  (a) all inventions, improvements, designs, configurations, symbols, names, slogans, literary works, artistic works, derivative works, and all ideas, discoveries, creations, and know-how of any kind relating to the Services; and (b) all patent, trademark, copyright, trade secret, and other intellectual property rights relating to the Services in any country in the world.  OnePay owns such Intellectual Property, whether or not expressly specified in these Terms of Use, and whether or not created before, during, or after the Effective Date.  No license or other right in such Intellectual Property is granted by these Terms of Use, except as expressly provided in these Terms of Use.  Any violation of OnePay’s Intellectual Property rights may subject you to civil or criminal liability.

PATENTS

OnePay’s patent rights include the subject matter described in OnePay’s patents and pending patent applications.  You may not make, use, offer, or sell any products or services covered by our patent rights without our prior written permission.  All patent rights in third-party products or services used in connection with the Services are the property of their respective owners.

TRADEMARKS

OnePay’s trademark rights include all trademarks identifying OnePay and/or the Services.  You may not use any of OnePay’s trademarks without prior written permission, except as provided in these Terms of Use.  All other trademarks used in connection with the Services are the property of their respective owners.

COPYRIGHTS

OnePay’s copyrights include all text, graphics, photographs, and/or videos associated with the Services, as well as the design, structure, arrangement, and “look and feel” of all text, graphics, photographs, and/or videos, and all source code, object code, and other code associated with the Services (“Content”).  You may not reproduce, distribute, or display any Content without OnePay’s prior written permission, except as provided in these Terms of Use.  You may not link any Content to any other website without OnePay’s prior written permission.

CONTENT

You may use excerpts of the text appearing on the Website when referring to OnePay or the Services, provided that you acknowledge that OnePay is the source of such text and do not use such text to compete with OnePay.  You may use the trademarks appearing on the Website when referring to OnePay or the Services, provided that you acknowledge OnePay’s ownership of the trademarks, do not use such trademarks to compete with OnePay, and do not use any images of the trademarks without OnePay’s prior written permission.

If you provide OnePay with any comments or suggestions concerning the Services, OnePay owns such comments or suggestions and may use them for any and all commercial or non-commercial purposes with no monetary or other obligation to you.

PUBLICITY

During the Term and for an additional thirty (30) days, OnePay may indicate on the Website and in other advertising and promotional materials that you use the Services, and we may use your name and logo in doing so, if applicable.  You may indicate on your website and in other advertising and promotional materials that you use the Services, and you may use our name and logo in doing so.  You may not make any other statements regarding your use of the Services, including in press releases, unless the Parties otherwise agree in writing.  You may not remove OnePay’s name, logo, or intellectual property notices from our products, services, or documentation, unless the Parties otherwise agree in writing.

HARDWARE

Your use of any hardware that you obtain from OnePay for use in connection with the Services is governed by OnePay’s Hardware Policy, which is incorporated by reference into these Terms of Use.

Upon the termination of your Account, you will promptly return any hardware that OnePay has provided to you, unless the Parties otherwise agree in writing.  You are responsible for paying for the return of the hardware, unless the Parties otherwise agree in writing.

You may return and receive a full refund for any products purchased through OnePay (“Products”) if you purchase the Products within thirty (30) days of creating an Account and cancel your Account during the same period pursuant to OnePay’s Hardware Policy.  You may not return and receive a full refund for Products purchased through OnePay if you purchase the products more than thirty (30) days after opening an Account, except as set forth in OnePay’s Hardware Policy.

OBLIGATIONS

GENERAL OBLIGATIONS

You will only use the Services in accordance with these Terms of Use or a separate agreement regarding the Services and any documentation regarding the Services provided to you.

You will only use the Services in accordance with applicable law, including applicable privacy law, export control law, and government contract law, and will not use the Services to enable any illegal or improper activity.

You are responsible for any use or misuse of the Services by your employees, contractors, and agents.

You are responsible for any use or misuse of the Services by any third parties who provide products and/or services to you in connection with the Services, such as computer products and data processing services (“Third-Party Products/Services”).  Your use of Third-Party Products/Services is governed solely by the terms and conditions applicable to such Third-Party Products/Services, as agreed to between you and the third party.

OnePay’s contractual relationship is with you, not with any End Users of the Services, and you are responsible for any use or misuse of the Services by such End Users.  You will take reasonable steps to ensure that End Users use the Services in compliance with these Terms of Use.  In addition, you will ensure that End Users consent to OnePay’s collection and use of their personal information prior to enabling any End User to use the Services.

ACCOUNT OBLIGATIONS

To use the Services, you will need to open an Account or OnePay will need to open an Account on your behalf.  You agree that you will maintain the security of your Account by protecting against unauthorized access to your login credentials and the information in your Account, and by not voluntarily allowing anyone else to use your credentials or the information in your Account.

You also agree to maintain the accuracy of your Account by updating any changes to the information in your Account as soon as possible.

You also agree that you will not knowingly provide OnePay with any false or misleading information in connection with your Account.

You also agree that you will only access the Services through your Account and not through anyone else’s Account.

You agree that you are responsible for maintaining the security of your Account information and for any and all activity that occurs under your Account.  You agree to notify OnePay immediately of any unauthorized use of your Account or any other breach of the security of your Account information.

OTHER OBLIGATIONS

You will not make any false or misleading statements about the OnePay , the Services, or any products used in connection with the Services that would damage OnePay , including any statements that may constitute defamation, false advertising, unfair competition, or tortious interference with business relationships.  You agree that, if you perform any tests or evaluations of the Services or any products used in connection with the Services, you will share the results of the tests or evaluations with us before publicizing or providing them to others.

PROHIBITIONS

You agree that you will not use the Services or any computer systems associated with the Services without OnePay’s prior written permission, except as provided by these Terms of Use or by another agreement to use the Services.  You agree that you will not gain or attempt to gain unauthorized access to the Services or any computer systems associated with the Services by any improper means, including by hacking or attempting to hack into the Services or any systems associated with the Services.  You agree that you will not interfere or attempt to interfere with the proper working of the Services or any systems associated with the Services.

You agree that you will not use or attempt to use anyone else’s information, including anyone else’s account information, in order to gain or attempt to gain access to the Services or any computer systems associated with the Services.

You agree that, if OnePay provides you with any products for use in connection with the Services, of if you use any third-party products in connection with the Services, you will only use the products as permitted by OnePay or the third party, and will not use them for any improper purpose.

DISCLAIMERS

THE SERVICES ARE PROVIDED ON AN “AS-IS” BASIS.

ONEPAY DISCLAIMS ANY AND ALL WARRANTIES IN CONNECTION WITH THE SERVICES, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, SATISFACTORY QUALITY, OR NON-INFRINGEMENT.

ONEPAY DISCLAIMS ANY AND ALL WARRANTIES THAT YOUR USE OF THE SERVICES WILL PROVIDE SPECIFIC RESULTS, THAT THE SERVICES WILL BE ERROR-FREE, THAT THE SERVICES WILL BE COMPATIBLE WITH ALL COMPUTER SYSTEMS OR SOFTWARE, THAT ACCESS TO THE SERVICES WILL BE UNINTERRUPTED, OR THAT THE SERVICES WILL BE FREE OF VIRUSES OR OTHER ATTACKS BY THIRD PARTIES.

OnePay disclaims any and all warranties regarding any products that you obtain from OnePay for use in connection with the Services, except as set forth in OnePay’s Hardware Policy, which is incorporated by reference into these Terms of Use.

OnePay disclaims any and all warranties regarding any advertising, promotional, or marketing materials associated with the Services or any products used in connection with the Services, whether such materials appear on our Website or in other publications.  This includes any statements or claims made in such materials regarding the capabilities or performance of the Services or any products used in connection with the Services.  This also includes any visual representations of the Services or any products used in connection with the Services.  Such visual representations may or may not reflect the actual appearance, features, or functionality of the Services or any products used in connection with the Services.  Only the actual Services and the actual products used connection with the Services, and any user documentation provided to you with such Services and the products used in connection with the Services, reflect their actual capabilities, performance, and features.

OnePay disclaims any and all warranties regarding any products/services that you obtain from third parties for use in connection with the Services.  Third-party products/services used in connection with the Services that are not provided to you by OnePay are not under OnePay’s control, and OnePay is not responsible such products/services.

OnePay disclaims any and all warranties regarding your use of any third-party websites that may be linked to the Website (“Linked Websites”).  Linked Websites are not under OnePay’s control, and OnePay is not responsible for the content on such Linked Websites.

LIMITATIONS ON LIABILITY

YOU AGREE THAT ONEPAY WILL NOT BE LIABLE TO YOU FOR ANY LOSSES OR DAMAGES ALLEGEDLY ARISING FROM OR RELATED TO YOUR USE OF THE SERVICES, UNLESS SUCH LIABILITY IS FOUND TO HAVE BEEN CAUSED BY OUR GROSS NEGLIGENCE, WILLFUL MISCONDUCT, OR INTENTIONAL VIOLATION OF APPLICABLE LAW.

YOU FURTHER AGREE THAT IN NO EVENT WILL ONEPAY BE LIABLE TO YOU FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR PUNITIVE DAMAGES, ANY ACCOUNTING OF PROFITS, OR ANY LOST PROFITS, UNDER ANY THEORY OF LIABILITY, INCLUDING BREACH OF CONTRACT, NEGLIGENCE, OR OTHERWISE, REGARDLESS OF WHETHER ONEPAY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

YOU FURTHER AGREE THAT YOUR SOLE REMEDY FOR ANY DISSATISFACTION WITH THE SERVICES IS TO STOP USING THE SERVICES.

YOU FURTHER AGREE THAT, IF THE PRECEDING LIMITATIONS ON LIABILITY ARE FOUND NOT TO APPLY TO YOUR CLAIM, OUR LIABILITY AND THE LIABILITY OF OUR PARENT, SUBSIDIARIES, OFFICERS, DIRECTORS, EMPLOYEES, AND AGENTS TO YOU OR ANY THIRD PARTIES IN ANY CIRCUMSTANCES IS LIMITED TO THE LESSER OF (A) THE AMOUNT YOU PAY TO US IN THE 30 DAYS PRIOR TO THE ACTION GIVING RISE TO SUCH LIABILITY OR (B) $100.

The Parties agree that these limitations on liability apply to all disputes between the Parties, regardless of whether the disputes are resolved through negotiations or in litigation or other legal proceedings, including mediation or arbitration, or in any other manner.  These limitations on liability are part of the basis of the bargain between the Parties, and without these limitations, OnePay would not be able to provide access to the Services on the same terms or at the same price it currently provides such access.

INDEMNIFICATION

You agree to indemnify and hold OnePay harmless, including any of OnePay’s owners, directors, officers, employees, and agents, against any and all out-of-pocket losses, liabilities, judgments, awards, costs (including legal fees and expenses) arising from or related to any third-party claims that your misuse of the Services harmed such third party, or arising from or related to your breach of the Confidential Information, Intellectual Property, Obligations, and Prohibitions provisions of these Terms of Use.

GENERAL

DISPUTE RESOLUTION

In the event of any dispute arising from or related to these Terms of Use, the Parties will attempt to resolve the dispute promptly and in good faith.  If the Parties are unable to resolve any such dispute within a reasonable time (not to exceed ninety (90) days), the dispute may be resolved through legal proceedings.

The Parties agree that any such proceedings must be brought within one (1) year after the cause of action arises, or such proceedings will be barred.

GOVERNING LAW AND JURISDICTION

The Parties agree that any legal proceedings between the Parties will be governed by the laws of the State of Maryland, without regard to any conflict of law rules, and applicable federal law.  The Parties further agree that any such proceedings will be brought in state court in Montgomery County, Maryland, except that proceedings regarding the Confidential Information and Intellectual Property provisions of these Terms of Use may be brought in federal court in the State of Maryland.  The parties expressly waive any objection to personal jurisdiction and venue in these forums.

INJUNCTIVE RELIEF

You agree that your actual, attempted, or threatened violation of these Terms of Use will cause irreparable harm to OnePay and that we may seek any injunctive or equitable relief we deem appropriate in such circumstances.  These remedies are in addition to any other remedies we may have at law or in equity.

JURY TRIAL

You agree that, in the event of any legal proceedings between the Parties, you waive your right to a jury trial.

ATTORNEYS’ FEES AND COSTS

You agree that, in the event OnePay prevails in any legal proceedings arising from or related to your violation of these Terms of Use, or any actual, attempted, or threatened violation of these Terms of Use, OnePay will be awarded its attorneys’ fees and costs in addition to any other relief to which OnePay is entitled.

ENTIRE AGREEMENT

These Terms of Use constitute the entire agreement of the Parties regarding the Services and supersede any prior agreements, understandings, or representations regarding the Services.  These Terms of Use cannot be modified, amended, or changed in any way, unless the Parties otherwise agree in writing.

SEVERABILITY

You agree that, if a court holds any portion of these Terms of Use to be unenforceable for any reason, such portion will be enforced to the maximum extent possible and the remainder of these Terms of Use will be enforceable as written.

WAIVER

You agree that OnePay’s failure to insist upon or enforce strict performance of any of the provisions of these Terms of Use or to exercise any rights or remedies under these Terms of Use will not be construed as a waiver of its right to assert or rely upon any such provision, right, or remedy in that or any other instance.

ASSIGNMENT

Neither Party may assign, transfer, or otherwise dispose of its rights and obligations under these Terms of Use, unless the Parties otherwise agrees in writing, except as part of a merger, acquisition, or disposition of all or substantially all of the assigning Party’s equity or assets.

FORCE MAJEURE

Neither Party will be held responsible for any delay or failure in performance of this Agreement caused in whole or in part by any act or omission or other cause beyond such Party’s control, including fire, flood, storm, accident, terrorist attack, cyber attack, delay of supplier, or compliance with any law, rule, regulation, or government demand.  If any such event occurs, the period for performing the particular obligations prevented by such event (other than your obligation to pay any Fees that may be due for your use of the Services) will be deemed extended by the length of time such event continues.

COMMUNICATIONS

Questions, complaints, or other communications regarding any aspect of these Terms of Use should be addressed to OnePay at info@onepay.com.

Questions regarding support for the Services should be addressed to OnePay at support@onepay.com or by using the Contact Us [https://www.onepay.com/contact/] form on our Website.

PRIVACY POLICY

Last Updated: August 26, 2020

This Privacy Policy governs OnePay’s collection and use of your personal information for the purpose of providing you with the Services, and is incorporated by reference into OnePay’s Terms of Use.

The capitalized terms that appear in this Privacy Policy have the same meanings as in OnePay’s Terms of Use, unless they are defined in this policy.

By using the Services, you agree to this Privacy Policy.  IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU MAY NOT USE THE SERVICES.

SCOPE OF POLICY

This Privacy Policy describes how OnePay collects, uses, and protects personal information that can be used to identify an individual (“Personally Identifiable Information”).  Personally Identifiable Information may include names, addresses, telephone numbers, email addresses, birth dates, and similar types of information.  Personally Identifiable Information may also include demographic information, employment information, financial information, and similar types of information.  This Privacy Policy incorporates One Pay’s GDRP Policy to the extent OnePay collects and uses the Personally Identifiable Information of persons residing in the European Union and other jurisdictions that have adopted the EU’s Data Protection Regulation (“GDPR”).

This Privacy Policy does not describe our practices regarding other types of information.  Nor does this Privacy Policy describe the practices of other companies with respect to your information.  We do not control and are not responsible for the practices of such companies.

The capitalized terms that appear in this Privacy Policy have the same meanings as in OnePay’s Terms of Use, unless they are defined in this policy.

CHANGES TO PRIVACY POLICY

OnePay may modify this Privacy Policy, including any of the policies associated with this Privacy Policy, at any time, with or without notice.  Any changes to this Privacy Policy will be effective immediately upon being posted on our Website, and you are responsible for periodically checking our Website to determine if any such changes have been made.  By continuing to use the Services after such changes are posted, you agree to such changes.  If you do not agree to such changes, you may not continue to use the Services.

PURPOSE OF PROCESSING

The purpose of Processing Data Subjects’ Personally Identifiable Information is to provide the Services set forth on our Website.  This may include:

• Operating, evaluating, maintaining, improving, and providing the features and functionality of our products and services
• Fulfilling a payment or return transaction initiated by you
• Delivering electronic receipts to consumers who request them via email or text message
• Managing our relationship with you or your company
• Carrying out our obligations, and exercising our rights, under our agreement with you or your company
• Communicating with you regarding your account with us, if you have one, including by sending you service-related emails or messages (e.g., messages regarding account verification, changes or updates to the functionality of our products or services, technical and security notices and alerts, and support and administrative messages)
• Facilitating communications between merchants’ customers and merchants regarding marketing messages and preferences
• Personalizing the manner in which we provide our products and services
• Maintaining records for merchants regarding their interactions with us
• Maintaining records for merchants of their customers’ purchase activity and history
• Checking for fraud or money laundering and/or managing either our or merchants’ risk
• Administering and protecting our business
• Providing support and maintenance for our products and services, including responding to your service-related requests, questions, and feedback
• Developing or improving our products and services
• Developing and creating analytics and related reporting
• Providing information about other products or services we offer or other products or services third parties may offer
• Complying with applicable law, regulations, or rules, or lawful requests for information, such as government investigations and subpoenas
• Prevention of illegal or improper activity or harm to our interests

COLLECTION OF PERSONAL INFORMATION

We may collect certain types of Personally Identifiable Information when you create or update your Account, or when we create an Account on your behalf, such as your name, address, and email address.  We may also collect certain types of Personally Identifiable Information when you use the Services, such as fingerprint scans.  The purpose of colleting such information is to permit you to use the Services.

Specific types of information we may collect include the following.

When you make a payment, we collect information about the transaction, which may include personal data. Information about transactions includes the payment card used, name associated with the payment card, electronic signature, name and location of the merchant at which the transaction occurred, date and time of the transaction, transaction amount, and information about the goods or services purchased in the transaction.

When you make a payment, merchants may provide us with information about you.  This information may include uploaded email addresses, phone numbers, and purchase history.

When you access our website or use our mobile application, we, our service providers, and our partners may automatically collect information about you, your computer or mobile device, and activity on our websites or mobile applications. Typically, this information includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier, browser type, screen resolution, IP address, the website you visited before browsing to our website, general location information such as city, state or geographic area; and information about your use of and actions on or in our websites or mobile applications, such as pages or screens you accessed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access. Certain products or services that we provide or which merchants may incorporate into their websites or mobile applications may automatically collect additional information.

Providing us with your Personally Identifiable Information is entirely voluntary.  If you do not wish to consent to the collection and use of your Personally Identifiable Information, you are not required to do so.  If you provide you consent to the collection and use of your Personally Identifiable Information, whether expressly or by using the Services, you may withdraw you consent at any time.  To withdraw your consent, you may send us a request at support@onepay.com.  However, if you do not consent to the collection and use of your Personally Identifiable Information, or if you withdraw you consent, you will not be able to use the Services, and if you do not wish to provide certain types of information, your use of the Services may be adversely affected and you may not receive certain communications.

COLLECTION OF OTHER TYPES OF INFORMATION

We may collect “aggregate data” when you use the Services.  Aggregate data is data about your use of the Services.  Aggregate data may include your computer’s IP address, referring website addresses, and the time you accessed the Website.  This Privacy Policy does not limit our use of aggregate data since Personally Identifiable Information is not contained in such data or has been removed from such data.  We may share aggregate data with third parties for various purposes, including to help us improve the Services and for marketing purposes.

We may also collect information about your use of the Services by using cookies pursuant to OnePay’s Cookies Policy, which is incorporated by reference into this Privacy Policy.

ACCESS TO PERSONAL INFORMATION

You may access or request access to the Personally Identifiable Information in your Account at any time through the OnePay platform or by sending a request to:  support@onepay.com.

If you terminate your use of the Services, or if OnePay terminates your use to the Services, any request to access your Personally Identifiable Information must be made within thirty (30) days of termination.  If you do not request such access within this time frame, or if your access to the Services is terminated due to your actual, attempted, threatened, or suspected violation of OnePay’s Terms of Use, OnePay will have no obligation to maintain such information, and such information may no longer be retrievable.  You may access the Personally Identifiable Information in your Account through the platform or by sending a request to:  support@onepay.com.

OnePay reserves the right to decline commercially unreasonable request to access the Personally Identifiable Information in your Account.

UPDATES TO PERSONAL INFORMATION

You may update the Personally Identifiable Information in your Account at any time through the OnePay platform or by sending a request to:  support@onepay.com.

OnePay reserves the right to decline commercially unreasonable request to update the Personally Identifiable Information in your Account.

You agree to promptly update the Personally Identifiable Information in your Account if such information changes, particularly your name, address, telephone number, and email address.

USE OF PERSONAL INFORMATION

Your privacy is important to us.  OnePay actively seeks to maintain your privacy as set forth in this Privacy Policy.  We will not sell, license, share, or disclose your Personally Identifiable Information, except as set forth in this Privacy Policy or with your consent, and we will use such information only as set forth in this policy.

OnePay may use your Personally Identifiable Information to permit you to use the Services and for related purposes, including to communicate with you about the Services and to facilitate the operation of OnePay’s business.  For example, we may send you communications to confirm the creation of your Account, changes made to your Account, and purchases made through your Account; to provide you with information about the use of the Services; to respond to your requests for customer support; to respond to your questions, comments, or complaints; to request feedback about the Services; and to send you information about updates, improvements, and/or other modifications to Services and our policies.

You may opt-out of receiving some or all types of electronic communications when you create an Account, by modifying your Account preferences, or by sending a request to support@onepay.com.  However, if you do not consent to the receipt of any types of communications, you will not be able to use the Services, and if you do not consent to the receipt of certain types of communications, you may not receive important communications and your use of the Services may be adversely affected.

DISCLOSURES OF PERSONAL INFORMATION

We may also disclose your Personally Identifiable Information to certain third parties under the following circumstances.

DISCLOSURES TO PRODUCT/SERVICE PROVIDERS

OnePay may disclose certain Personally Identifiable Information to product and/or service providers who assist us in providing Services.  For example, we may share Personally Identifiable Information with companies in the transaction processing chain in connection with processing a payment transaction, such as merchants, banks or other card issuers, card associations, debit network operators and their members.  The Personally Identifiable Information disclosed to such companies will be limited to information sufficient to provide the Services, to support the Services, to enhance the Services, or to verify or supplement the information in your account.

We may also disclose certain Personally Identifiable Information to affiliated companies whose products or services may be used in connection with the Services. The Personally Identifiable Information disclosed to such affiliated companies will be limited to information sufficient to contact you electronically about their services, and will be used only for the purpose of providing you with information about such services. Your Personally Identifiable Information will not be sold to such affiliated companies. You may opt-out of the disclosure of your Personally Identifiable Information to such affiliated companies at any time by contacting us at  support@onepay.com.

DISCLOSURES TO OTHER ENTITIES

OnePay may disclose Personally Identifiable Information to third parties: (a) to comply with a valid legal demands for such information; (b) to protect OnePay or any of its owners, directors, officers, employees, agents, customers, or anyone else; (c) to enable OnePay to investigate actual, attempted, threatened, or suspected violations of our Terms of Use or other agreements, or to enforce our Terms of Use or other agreements; or (d) pursuant to any acquisition, merger, or sale of all or substantially all of our business (“Change of Control”).  In the event that Personally Identifiable Information is disclosed to a third party pursuant to a Change of Control, you will receive notice of the transfer.

GOVERNMENT DISCLOSURES

The disclosure of Personally Identifiable Information to third parties to comply with valid legal demands for such information is governed by OnePay’s Government Disclosures Policy.

RETENTION AND DESTRUCTION OF PERSONAL INFORMATION

This Privacy Policy does not require us to destroy any Personally Identifiable Information, unless you request its destruction, and unless otherwise provided in this Privacy Policy.  In the absence of a request to destroyed your Personally Identifiable Information, we may use such information for as long as necessary based on the reasons why we collected the information and purposes for which the information is collected. In general, we may retain such information for the duration of your involvement/engagement with us and for as long as reasonably necessary afterwards.  However, we may maintain different retention periods for different types of information. There are also certain types of information which are required to be retained for a certain period by law.

SECURITY

OnePay and the third-party product/service providers who assist OnePay in processing Personally Identifiable Information take reasonable steps to prevent destruction, alteration, disclosure, misuse, and unauthorized access to your Personally Identifiable Information.

Sensitive information, including your login information, is protected through encryption during transmission over the Internet.  Servers and other devices used for processing your information at OnePay and third-party vendors are kept in controlled environments where access to your information is limited to authorized persons.

OnePay’s security policies and practices comply with HITRUST, ISO 270001, and PCI-DSS standards, and we are certified as compliant by the governing bodies for each of those standards.

CONFIDENTIALITY OF COMMUNICATIONS

You agree that, aside from any Personally Identifiable Information contained in your communications with OnePay, your communications with OnePay are not confidential.  Such communications, including any communications containing any ideas, concepts, or suggestions regarding the Services, improvements to the Services, or new Services, may be used by OnePay for any purpose.

CHILDREN

We do not knowingly collect personally identifiable information from children under the age of 13 without parental consent.  If we learn that we have collected the personally identifiable information of a child under the age of 13 without parental consent, we will take steps to delete the information as soon as possible.

CALIFORNIA USERS

If you reside in California, CERTIFY’s collection and use of your Personally Identifiable Information is subject to the California Consumer Privacy Act (“CCPA”).  Under the CCPA, you may ask us what information we have about you (which we note is set forth above), you may ask us what we do with that information (which we note is set forth above), and you may request that we not sell your information (which we do not as stated above) by contacting us at the below email address.  In addition, you may request that we delete any information we have about you by contacting us at the below email address.  We may not discriminate against you in any way for exercising any of the above rights.  This section of our Privacy Policy supplements our CCPA Collection Notice, which contains additional information for California residents regarding their rights under the California Consumer Protection Act, and which is incorporated by reference into this Privacy Policy.

INTERNATIONAL USERS

If you reside in the European Union or another jurisdiction that has adopted the EU’s General Data Protection Regulation (“GDPR”), CERTIFY’s collection and use of your Personally Identifiable Information is subject to the GDRP.  CERTIFY’s obligations under the GDPR are set forth in the CERTIFY’s GDPR Policy, which is incorporated by reference into this Privacy Policy.

COMMUNICATIONS

Questions, complaints, and other communications regarding any aspect of this Privacy Policy should be addressed to OnePay at info@onepay.com.

Questions, complaints, and other communications regarding any aspect of OnePay’s GDPR Policy should be addressed to OnePay as set forth in our GDPR Policy.

CCPA COLLECTION  NOTICE

Last Updated: August 26, 2020

This CCPA Collection Notice (“Collection Notice”) applies to California residents and provides information about the categories of Personally Identifiable Information that we collect from California residents, the purposes for which we use the information, the sources of the information, and the categories of third parties to whom we disclose the information for business purposes as required by the California Consumer Privacy Act (“CCPA”).  This Collection Notice supplements our Privacy Policy, which contains additional information for California residents regarding their rights under the CCPA, and which is incorporated by reference into our Privacy Policy.

Types of Personal Information Collected

We will not sell, license, share, or disclose your Personally Identifiable Information, except as set forth in this Collection Notice and our Privacy Policy, or with your consent, and we will use such information only as set forth this Collection Notice or our Privacy Policy.

Personally Identifiable Information may include names, addresses, telephone numbers, email addresses, birth dates, and similar types of information.  Personally Identifiable Information may also include demographic information, employment information, financial information, and similar types of information.  Personally identifiable information may also include biometric information about you, such as fingerprint, face, or temperature scans.

Use of Personal Information of Collected

We may use your Personally Identifiable Information to provide the Services and for related purposes, including to communicate with you about the Services and to facilitate the operation of our business.

Do Not Sell My Personal Information

 Under the CCPA, a business does not “sell” Personally Identifiable Information when a consumer uses or directs the business to intentionally disclose the information.  Thus, when you use the Service for the purpose of intentionally disclosing your Personally Identifiable Information to the entity on whose behalf the Services are provided, we are not selling your Personally Identifiable Information for purposes of the CCPA.  If you believe that disclosing your Personally Identifiable Information to such entity constitutes selling the Services, you may request that we not sell your information by contacting us at info@onepay.com.  However, using your Personally Identifiable Information is necessary to provide the Services, and if you indicate that you do not want us to use your Personally Identifiable Information to provide such Services, you will not be able to use the Services.

 Sources of Personal Information Collected

The sources of the Personally Identifiable Information we collect are you and/or the entity on whose behalf the Services are provided.

Disclosure of Personal Information Collected

We may disclose certain Personally Identifiable Information to product and/or service providers who assist us in providing Services.  The Personally Identifiable Information disclosed to such companies will be limited to information sufficient to provide the Services, to support the Services, to enhance the Services, or to verify or supplement the information in your account. 

We may disclose Personally Identifiable Information to third parties: (a) to comply with a valid legal demands for such information; (b) to protect our company or any of its owners, directors, officers, employees, agents, customers, or anyone else; (c) to enable us to investigate actual, attempted, threatened, or suspected violations of our Terms of Use or other agreements, or to enforce our Terms of Use or other agreements; or (d) pursuant to any acquisition, merger, or sale of all or substantially all of our business.

The disclosure of Personally Identifiable Information to third parties to comply with valid legal demands for such information is governed by our Government Disclosures Policy.

COOKIES POLICY

Last Updated:  April 16, 2019

This Cookies Policy governs our use of cookies in providing the Services, and is incorporated by reference into OnePay’s Privacy Policy.

The capitalized terms that appear in this Cookies Policy have the same meanings as in OnePay’s Terms of Use and Privacy Policy, unless they are defined in this policy.

By using the Services, you agree to this Cookies Policy.  IF YOU DO NOT AGREE TO THIS COOKIES POLICY, YOU MAY NOT USE THE SERVICES.

Cookies are small packets of data that are sent by websites to a user’s computer, that are stored on the user’s computer, and that are later accessed by the websites.  We may use cookies to record your preferences in using the Services, to enable you to purchase the Services, to personalize your use of the Services, and for similar purposes designed to improve your use of the Services.  We use cookies only as necessary to improve your use of the Services, and we do not use cookies to collect your Personally Identifiable Information.

OnePay’s Privacy Policy does not limit our use of cookies because the cookies used in connection with the Services do not collect your Personally Identifiable Information.

You may disable our ability to use cookies in connection with your use of the Services by changing the relevant setting of your computer’s web browser or your mobile device’s operating system.  However, cookies are used throughout the Services, and disabling them may prevent you from using certain aspects of the Services.

Questions, complaints, or other communications regarding any aspect of this Cookies Policy should be directed to OnePay at info@onepay.com.

DEVELOPER TERMS OF USE

Last Updated:  April 16, 2019

These Developer Terms of Use constitute a contract by and between OnePay Global LLC (“OnePay”) and any software developer (“Developer” or “you”) (each a “Party” and collectively the “Parties”) who uses OnePay’s software development tools (“Developer Tools”) to integrate the OnePay platform into Developer’s products and/or services (“Products and/or Services”).  This Agreement governs Developer’s use of the Developer Tools, and is effective when the tools are delivered to you (“Effective Date”).

The capitalized terms that appear in these Developer Terms of Use have the meanings as in OnePay’s Terms of Use, unless they are defined in these Developer Terms of Use.

By using the Developer Tools, you agree to be bound by these Developer Terms of Use.  IF YOU DO NOT AGREE TO THESE DEVELOPER TERMS OF USE, YOU MAY NOT USE THE DEVELOPER TOOLS.

If you are agreeing to these Developer Terms of Use on behalf of an entity, you represent that you have the authority to bind the entity and that the entity agrees to these Developer Terms of Use.  IF YOU DO NOT HAVE THE AUTHORITY TO ENTER INTO THESE DEVELOPER TERMS OF USE ON BEHALF OF THE ENTITY OR THE ENTITY DOES NOT AGREE TO THESE DEVELOPER TERMS OF USE, NEITHER YOU NOR THE ENTITY MAY USE THE DEVELOPER TOOLS.

OnePay may modify these Developer Terms of Use at any time, with or without notice.  Any changes to these Terms of Use will be effective immediately upon being posted.  By continuing to use the Services after such changes are posted, you agree to such changes.  IF YOU DO NOT AGREE TO SUCH CHANGES, YOU MAY NOT CONTINUE TO USE THE DEVELOPER TOOLS.

DEVELOPER TOOLS

The Developer Tools include OnePay’s software development kits (SDKs), application programming interfaces (“APIs”), programs, utilities, plug-ins, sample code, and other tools, as well as any documentation relating to such tools.

OnePay may modify the current version of the Developer Tools, replace the current version of the Developer Tools with a new version, discontinue support for any previous version of the Developer Tools, and impose conditions on your use of the Developer Tools (or any feature of the Developer Tools) at any time.  OnePay will make reasonable efforts to notify you of any such actions, but we are not required to provide such notification.

LICENSE

To enable you to use the Developer Tools, OnePay grants you a non-exclusive, non-assignable, non-sublicensable, revocable license to use the Developer Tools (“License”), subject to your compliance with these Developer Terms of Use.

You agree that the License does not grant you any other rights in the Developer Tools, and does not include any right to copy, disclose, distribute, modify, assign, or sublicense the Developer Tools, including to any person or entity related to you in any way, or otherwise to use the Developer Tools in any way outside the scope of this Agreement.  Nor does the License include any right to make derivative works based on the Developer Tools.  Nor does the License include any right to use the Developer Tools after the termination of the License for any reason.  Nor does the License include any right to access, evaluate, or otherwise use the source code, object code, or other code associated with the Developer Tools, unless the Parties otherwise agree in writing.

TERM

The term of the License starts on the Effective Date and ends when the License is terminated by OnePay or you.

TERMINATION

Either Party may terminate these Developer Terms of Use at any time, with or without notice, and for any reason.

SUSPENSION

OnePay may suspend your License to use the Developer Tools at any time, without or with notice, and for any reasons, including any non-compliance with these Developer Terms of Use.

USE OF DEVELOPER TOOLS

You agree that you will only use the Developer Tools in accordance with these Developer Terms of Use.

You agree that you will only use the Developer Tools in accordance with applicable law, including applicable privacy law, export control law, and government contract law, and will not use the Developer Tools to enable any illegal or improper activity.

You agree that you are responsible for any use or misuse of the Developer Tools by your employees, contractors, and agents.

You agree that you will only access the Developer Tools in accordance with the instructions and other requirements specified in the documentation for such tools, or as otherwise specified by OnePay from time to time.

You agree that your use of the Developer Tools may be subject to certain limitations as set forth in the documentation for the tools and elsewhere, and that you will not circumvent or attempt to circumvent such limitations.  You agree that, if OnePay assigns you developer credentials of any kind, you will use them with the Developer Tools, and that you will not circumvent or attempt to circumvent the use of such credentials.  If OnePay believes that you have circumvented or attempted to circumvent such limitations or the use of such credentials, your right to use the Developer Tools may be temporarily or permanently revoked.

You agree that you will not license, assign, distribute, or otherwise provide the Developer Tools to any third party without OnePay’s prior written consent.

USE OF PRODUCTS AND/OR SERVICES

You agree that you are solely responsible for the Products and/or Services and that OnePay has no responsibility for such Products and/or Services.  Nothwithstanding, you agree to the following provisions regarding your use of the Products and/or Services given your use of the Developer Tools to integrate the OnePay platform into the Products and/or Services.

You agree that you will only use the Products and/or Services in accordance with applicable law, including applicable privacy law, export control law, and government contract law, and will not use the Products and/or Services to enable any illegal or improper activity.

You agree that you are responsible for any use or misuse of the Products and/or Services by your employees, contractors, and agents.

You agree that the Products and/or Services will at all times remain compliant with relevant industry standards, and that at our request, you will provide us with documentation evidencing your compliance with such standards.

You agree that, if the Products and/or Services include the use of the OnePay platform and are provided to the Developer’s customers for a fee, the fees you charge for the Products and/or Services as a whole and for the platform will be identified separately.

USE OF TRADEMARKS

Developer may use OnePay’s trademarks to indicate that the OnePay platform is integrated or being integrated into the Products and/or Services.  OnePay may use Developer’s trademarks for the same purpose.  The Parties may not use each other’s trademarks for any other purposes and will use the trademarks only to the extent necessary to fulfil the above purposes.

OnePay may limit or revoke your ability to use OnePay’s trademarks at any time.

OnePay may change its trademarks from time to time, and in the event this occurs, you will use OnePay’s then-current versions of the marks.

PUBLICITY

The Parties may publicize that the OnePay platform is integrated or being integrated into the Products and/or Services, including on their websites, in press releases, and the like.  Developer may not make any other public statements regarding its relationship with OnePay, unless the Parties otherwise agree in writing.

CONFIDENTIAL INFORMATION

The Parties may exchange certain non-public business information (“Confidential Information”) during the course of their relationship.  Either Party may disclose or receive Confidential Information under these Terms of Use (each a “Disclosing Party” or a “Receiving Party”).  The Parties agree that the Disclosing Party owns all right, title, and interest in and to any Confidential Information that it discloses to the Receiving Party.

Confidential information may include information regarding:  (a) the intellectual property associated with the Parties’ products and services (“Intellectual Property”); (b) the Parties’ products and services; and (c) the Parties.  Confidential Information includes information in the above categories:  (a) whether or not the information is marked confidential; (b) whether or not the information is disclosed in written form or verbally; and (c) whether or not the information is disclosed before or after the Effective Date of this Agreement.  Confidential Information does not include information:  (a) that was public knowledge at the time of disclosure or becomes public knowledge after the time of disclosure through no action of the Receiving Party; (b) that was otherwise known to the Receiving Party at the time of disclosure; or (c) that is subsequently obtained from a third party under no confidentiality obligation to the Disclosing Party, unless the information reasonably should be considered confidential.

The Receiving Party will use the highest degree of care in protecting the Disclosing Party’s Confidential Information and will only disclose such information to:  (a) the Receiving Party’s employees, independent contractors, service providers, and other persons and entities associated with the Receiving Party who have a need to know such information in order to perform their duties and who have signed agreements requiring them to protect third-party confidential information; and (b) persons and entities who the Disclosing Party agrees may have access to such information, provided the Disclosing Party agrees in writing.  The Receiving Party is responsible for any violation of the confidentiality provisions of these Terms of Use by any persons or entities who receive any Confidential Information from the Receiving Party.

If the Receiving Party receives a valid government demand for the Disclosing Party’s Confidential Information, such as a court order, search warrant, or subpoena, the Receiving Party will promptly inform the Disclosing Party (unless such notice is prohibited), and upon the Disclosing Party’s request, the Receiving Party will provide reasonable assistance in maintaining the confidentiality of the information.  If the Receiving Party discloses any of the Disclosing Party’s Confidential Information, it will only disclose the information strictly required by the government demand.

Upon the expiration or termination of the Parties’ relationship, or upon the Disclosing Party’s request, the Receiving Party, at its own expense, will promptly return all of the Disclosing Party’s Confidential Information.  Alternatively, if the Disclosing Party agrees, the Receiving Party may provide the Disclosing Party with written assurance of the destruction of such Confidential Information.

You understand that OnePay does not wish to receive any Confidential Information that is not necessary for OnePay to perform its obligations under this Agreement, and unless the Parties otherwise agree in writing, OnePay will not treat such information as confidential.

INTELLECTUAL PROPERTY

You agree that OnePay owns all right, title, and interest in and to the Developer Tools and the Products and/or Services, including all Intellectual Property associated with the Developer Tools and the Products and/or Services, and you agree not to do anything inconsistent with such ownership.  No license or other right in such Intellectual Property is granted by these Developer Terms of Use, except as expressly provided in these Developer Terms of Use.

OnePay agrees that Developer owns all right, title, and interest in and to Developer’s Products and/or Services, including all intellectual property associated with the Products and/or Services.

The Parties agree that, if they jointly develop any products and/or services, they will enter into good faith negotiations regarding the ownership of any Intellectual Property that may be associated with such products and/or services according to their respective contributions to the products and/or services.

If Developer provides OnePay with any comments or suggestions concerning the Developer Tools and/or the Services, Developer agrees that OnePay owns such comments or suggestions and may use them for any and all commercial or non-commercial purposes with no monetary or other obligation to Developer.

DISCLAIMERS

THE DEVELOPER TOOLS ARE PROVIDED ON AN “AS IS” BASIS, WITHOUT ANY REPRESENTATIONS OR WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY.  WITHOUT LIMITING THE FOREGOING, ONEPAY SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.

ONEPAY DOES NOT WARRANT OR GUARANTEE THAT THE DEVELOPER TOOLS ARE ACCURATE, RELIABLE OR CORRECT; THAT THE DEVELOPER TOOLS WILL MEET YOUR REQUIREMENTS; THAT THE DEVELOPER TOOLS WILL BE AVAILABLE AT ANY PARTICULAR TIME OR LOCATION, UNINTERRUPTED, ERROR-FREE, WITHOUT DEFECT, OR SECURE; THAT ANY DEFECTS OR ERRORS WILL BE CORRECTED; OR THAT THE DEVELOPER TOOLS ARE FREE OF THIRD-PARTY VIRUSES OR OTHER MALICIOUS CODE.

ONEPAY DOES NOT WARRANT, ENDORSE, GUARANTEE, OR ASSUME ANY RESPONSIBILITY FOR THE PRODUCTS AND/OR SERVICES, WHETHER OR NOT THE ONEPAY PLATFORM HAS BEEN INTEGRATED INTO THE PRODUCTS AND/OR SERVICES, OR FOR ANY PRODUCTS AND/OR SERVICES ADVERTISED OR OFFERED BY ANY THIRD PARTY.

LIMITATIONS ON LIABILITY

YOU AGREE THAT ONEPAY WILL NOT BE LIABLE TO YOU FOR ANY LOSSES OR DAMAGES ALLEGEDLY CAUSED BY THE DEVELOPER TOOLS, UNLESS SUCH LIABILITY IS FOUND TO HAVE BEEN CAUSED BY OUR GROSS NEGLIGENCE, WILLFUL MISCONDUCT, OR INTENTIONAL VIOLATION OF APPLICABLE LAW, ARISING FROM OR RELATED TO YOUR USE OF THE DEVELOPER TOOLS, YOUR INABILITY TO USE THE DEVELOPER TOOLS, OR THE UNAVAILABILITY OF THE DEVELOPER TOOLS.  NOR WILL ONEPAY BE LIABLE TO YOU FOR ANY LOSSES OR DAMAGES ALLEGEDLY CAUSED BY ANY ERRORS, MISTAKES, OR INACCURACIES IN THE DEVELOPER TOOLS.  NOR WILL ONEPAY BE LIABLE TO YOU FOR ANY LOSSES OR DAMAGES ALLEGEDLY CAUSED BY ANY HACKING, TAMPERING, OR OTHER UNAUTHORIZED ACCESS OR USE OF THE DEVELOPER TOOLS.

YOU FURTHER AGREE THAT IN NO EVENT WILL ONEPAY BE LIABLE TO YOU FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR PUNITIVE DAMAGES, ANY ACCOUNTING OF PROFITS, OR ANY LOST PROFITS, UNDER ANY THEORY OF LIABILITY, INCLUDING BREACH OF CONTRACT, NEGLIGENCE, OR OTHERWISE, REGARDLESS OF WHETHER ONEPAY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

YOU FURTHER AGREE THAT YOUR SOLE REMEDY FOR YOUR DISSATISFACTION WITH THE DEVELOPER TOOLS IS TO STOP USING THE DEVELOPER TOOLS.

INDEMNIFICATION

You agree to indemnify and hold harmless OnePay and its affiliates, and their directors, officers, employees, and agents against all claims by third parties resulting in any liabilities, judgments, awards, or costs (including legal fees and expenses) arising from or related to your misuse of the Developer Tools.

GENERAL

DISPUTE RESOLUTION

The Parties will attempt, promptly and in good faith, to resolve any dispute they may have regarding any issue.  If the Parties are unable to resolve any such dispute within a reasonable time (not to exceed ninety (90) days), the dispute may be resolved through legal proceedings.

The Parties agree that such proceedings must be brought within one (1) year after the cause of action arises, or such proceedings will be barred.

GOVERNING LAW AND JURISDICTION

The Parties agree that any such proceedings will be governed by the laws of the State of Maryland and will be brought in state court in Montgomery County, Maryland, except that proceedings regarding the Confidential Information and Intellectual Property provisions of these Developer Terms of Use may be brought in federal court in the State of Maryland.  The Parties expressly waive any objection to personal jurisdiction and venue in these forums.

INJUNCTIVE RELIEF

You agree that your actual, attempted, or threatened violation of these Developer Terms of Use will cause irreparable harm to OnePay for which there is no adequate remedy at law and that OnePay may seek any injunctive or equitable relief it deems appropriate in such circumstances. These remedies are in addition to any other remedies OnePay may have at law or in equity.

JURY TRIAL

You agree that, in the event of any legal proceedings between the Parties, you waive your right to a jury trial.

ATTORNEYS’ FEES AND COSTS

You agree that, in the event OnePay prevails in any legal proceeding arising from or related to your use of the Services, or any actual, attempted, or threatened violation of these Developer Terms of Use, OnePay will be awarded its attorneys’ fees and costs in addition to any other relief to which OnePay is entitled.

ENTIRE AGREEMENT

These Developer Terms of Use constitute the entire agreement between OnePay and you regarding the Services and may not be modified in any way, unless the Parties otherwise agree in writing.

SEVERABILITY

You agree that, if a court holds any portion of these Developer Terms of Use to be unenforceable for any reason, such portion will be enforced to the maximum extent possible and the remainder of these Developer Terms of Use will be enforceable as written.

WAIVER

You agree that OnePay’s failure to insist upon or enforce strict performance of any of the provisions of these Developer Terms of Use or to exercise any rights or remedies under these Developer Terms of Use will not be construed as a waiver of its right to assert or rely upon any such provision, right, or remedy in that or any other instance.

ASSIGNMENT

OnePay may assign, transfer, or otherwise dispose of its rights and obligations under these Developer Terms of Use, in whole or in part, at any time, with or without notice. You may not assign, transfer, or otherwise dispose of your rights and obligations under these Developer Terms of Use without OnePay’s prior written consent.

COMMUNICATIONS

Questions, complaints, or other communications regarding any aspect of these Developer Terms of Use should be addressed to OnePay at info@onepay.com.

E-BUSINESS POLICY

Last Updated:  April 16, 2019

This E-Business Policy governs the use of electronic signatures and other electronic indications of the Parties’ consent, and is incorporated by reference into OnePay’s Terms of Use.

The capitalized terms that appear in this E-Business Policy have the same meanings as in OnePay’s Terms of Use and Privacy Policy, unless they are defined in this policy.

By using the Services, you agree to this E-Business Policy.  IF YOU DO NOT AGREE TO THIS E-BUSINESS POLICY, YOU MAY NOT USE THE SERVICES.

OnePay may need to obtain your electronic signature or some other electronic indication of your consent in certain circumstances.  For example, your signature may be needed when you sign an agreement to use the Services, or you may need to provide some other electronic indication of your consent, such as clicking on a checkbox or an icon, when you signed up to use the Services, create an Account to use the Services, pay the Fees for the use of the Services, or indicate that you wish to receive or not receive certain communications.  You agree that your electronic signature or other electronic indication of your consent is valid and binding in such circumstances.

Questions, complaints, and other communications regarding any aspect of this E-Business Policy should be directed to OnePay at info@onepay.com.

GDPR POLICY

Effective Date:  April 16, 2019

This GDPR Policy governs OnePay’s collection and use (“Processing”) of the Personally Identifiable Information of persons residing in the European Union and other jurisdictions that have adopted the EU’s Data Protection Regulation (“GDPR”), and is incorporated by reference into OnePay’s Privacy Policy.

The capitalized terms that appear in this GDPR Policy have the same meanings as in OnePay’s Terms of Use and Privacy Policy, unless they are defined in this policy.  The capitalized terms that are defined in this policy have the same meanings as in the GDPR.  Please click here [http://data.europa.eu/eli/reg/2016/679/2016-05-04]  for the text of the GDPR.

By using the Services, you agree to this GDPR Policy.  IF YOU DO NOT AGREE TO THIS GDPR POLICY, YOU MAY NOT USE THE SERVICES.

SCOPE OF POLICY

This GDPR Policy protects the Personally Identifiable Information of residents of countries that have adopted the GDPR (“Data Subjects”).

When Processing the Personally Identifiable Information of such persons, OnePay will abide by the requirements of the GDPR, whether we are considered an entity that determines the purposes and means of the Processing of Data Subjects’ Personally Identifiable Information (“Data Controller”) and/or an entity that process the information (“Data Processor”).

When Processing the Personally Identifiable Information of the customers of an entity, the entity agrees that it will have the responsibilities of the Data Controller and that OnePay will have the responsibilities of the Data Processor under the GDPR.  Thus, the entity agrees that it will be responsible for its customers’ information, and that OnePay will not have any responsibilities for the information, except in connection with the processing of the information.

When processing the Personally Identifiable Information of the customers of an entity, the entity may require that OnePay use certain third-party Data Processors to provide the Services.  In such situations, the entity agrees that it authorizes OnePay to share its customers’ data with such third-Party Data Processors.  The entity also agrees that it will be responsible for providing any and all instructions to such third-party Data Processors regarding its customers’ information.  The entity agrees that the third-party Data Processors will not be considered subcontractors of OnePay.

CONSENT TO PROCESSING

Data Subjects who create an Account to use the Services or sign a separate agreement to use the Services will be asked to affirmatively consent to the Processing of their Personally Identifiable Information and the receipt of electronic communications pursuant to OnePay’s Privacy Policy.  Data Subjects are not required to provide their consent.  However, if Data Subjects do not consent to the Processing of their Personally Identifiable Information, they will not be able to use the Services, and if they do not wish to provide certain types of information, their use of the Services may be adversely affected and they may not receive certain communications.

PURPOSE OF PROCESSING

The purpose of Processing Data Subjects’ Personally Identifiable Information is to provide the Services set forth on our Website.

LEGAL BASIS FOR PROCESSING

The legal bases for the Processing of Data Subjects’ Personally Identifiable Information may include one or more of the following:

• The Data Subject’s consent, which may be provided when the Data Subject creates an Account to use the Services.
• Entry into a separate agreement with OnePay requiring the collection and use of such information.
• OnePay’s legal obligations (other than its contractual obligations to the Data Subject), such as when OnePay is required to respond to governmental demands for such information.
• OnePay’s legitimate interest in collecting and using such information, such as when we use the Data Subject’s information to improve the Services.

RIGHTS OF DATA SUBJECTS

Data Subjects have the following rights under the GDPR.

• The right to be informed about OnePay’s policies regarding their Personally Identifiable Information, including with respect to the purposes of Processing the information, the legal basis for the Processing, the recipients of the information, where the Processing of the information takes place, and contacting OnePay.
• The right to access their information.
• The right to the correction of their information.
• The right to the deletion of their information (i.e., the “right to be forgotten”), including if the information is no longer required for the purpose for which it was collected, if they withdraw their consent for the Processing of their information, if they request the deletion of their information, and if the Processing of the information has been unlawful.
• The right to restrict the Processing of their information, including if they contest the accuracy of the information or if the Processing of the information is unlawful.
• The right to receive a copy of the information that they provided to OnePay in a structured, commonly used, and machine-readable format and to transmit the information to another entity.
• The right to object to the Processing of their information, including if the legal bases for the Processing no longer apply, or if the information is used for direct marketing purposes or profiling related to direct marketing purposes.
• The right not to be subject to decisions based solely on automated decision-making processes.

To exercise any of these rights, Data Subjects may contact OnePay as provided below.

DATA PROCESSING

OnePay may process Data Subjects’ Personally Identifiable Information or use third-party Data Processors to process such information.  OnePay operates internationally, and such information may be processed in the United Sates or the European Union.  OnePay’s servers are located in the United Sates, and the servers of third-party Data Processors may be located in the United States or the European Union.

When we process Data Subjects’ Personally Identifiable Information, whether the information is processed in the United States or the European Union, we will take commercially reasonable steps to safeguard the privacy of the information.  This includes following the security policies and procedures set forth in OnePay’s Privacy Policy and/or obtaining reasonable commitments from third-party Data Processors regarding the protection of such information.

When we process the Personally Identifiable Information of the customers of an entity, we will provide such entities with copies of our security policies regarding the processing of such information upon request.

DATA TRANSFERS

When Data Subjects’ Personally Identifiable Information is transferred outside of the European Union, we will use standard contractual clauses approved by the European Union, adopt other means under European Union law for ensuring adequate safeguards regarding the disclosure of such information, or obtain your consent to the use or disclosure of such information.  If Data Subjects would like a copy of our standard contractual clauses or more information on the appropriate safeguards we have implemented with third Data Processors to protect their information, please contact OnePay as provided below.

COMMUNICATIONS

Questions, complaints, and other communications regarding any aspect of this GDPR Policy should be addressed to OnePay at info@onepay.com.

Data Subjects who wish to direct their questions, complaints, or other communications to the person at OnePay who monitors compliance with the GDPR (“Data Protection Officer”), including with regard to all issues related to the Processing of their Personally Identifiable Information and the exercise of their rights under the GDPR, should contact OnePay as follows.  Data Subjects who are not satisfied with the Data Protection Officer’s responses and who wish to obtain the contact information of the entity authorized to act on OnePay’s behalf in the European Union (“Representative”), or the entities responsible for overseeing compliance with the GDPR in the countries where OnePay provides the Services (“Supervisory Authority”), should also contact OnePay as follows.

Mr. James Gorman

Chief Information Security Officer

OnePay Global LLC

1201 Seven Locks Road, Suite 214

Potomac, Maryland 20854

(650) 206-5924

info@onepay.com

GOVERNMENT DISCLOSURES POLICY

Last Updated:  April 16, 2019

This Government Disclosures Policy governs the compelled disclosure of your Personally Identifiable Information pursuant to valid governmental demands for such information, such as court orders, search warrants, subpoenas (including investigative, criminal, and civil subpoenas), and similar demands, and is incorporated by reference into OnePay’s Privacy Policy.

The capitalized terms that appear in this Government Disclosures Policy have the same meanings as in OnePay’s Terms of Use and Privacy Policy, unless they are defined in this policy.

By using the Services, you agree to this Government Disclosures Policy.  IF YOU DO NOT AGREE TO THIS GOVERNMENT DISCLOSURES POLICY, YOU MAY NOT USE THE SERVICES.

Upon receipt of legal demands for your information, we will investigate the demands, and if we determine in our sole discretion that they are valid, we will search for and disclose the information that is specified and that we are reasonably able to locate and provide.  We are unable to process overly broad or vague demands, and we will not disclose information that is not specifically demanded, except in response to follow-up demands.

We may contact you if we are compelled to disclose your information pursuant to valid legal demands for such information, but we are not required to do so, and in some instances, we may be legally prohibited from doing so.

The following limitations on liability are in addition to the limitations on liability set forth in OnePay’s Terms of Use.  If there is any conflict between those limitations and the below limitations, the below limitations will control, and the remaining limitations will continue in full force and effect.

YOU AGREE THAT ONEPAY WILL NOT BE LIABLE TO YOU UNDER ANY THEORY OF LIABILITY FOR ANY DAMAGES OF ANY TYPE IF WE ARE COMPELLED TO DISCLOSE ANY OF YOUR INFORMATION PURSUANT TO VALID LEGAL DEMANDS FOR SUCH INFORMATION.

Questions, complaints, and other communications regarding any aspect of this Government Disclosures Policy, including third-party demands for Personally Identifiable Information, should be directed to OnePay at legal@onepay.com.

HARDWARE POLICY

Last Updated:  April 16, 2019

This Hardware Policy applies to all products purchased through OnePay (“Products”), including through our Website or sales representatives, and is incorporated by reference into OnePay’s Terms of Use.  Such Products may include such as biometric readers, hardware tokens, and other hardware used in connection with the Services.

The capitalized terms that appear in this policy have the same meanings as in OnePay’s Terms of Use, unless they are defined in this policy.

By purchasing the Products, you agree to this Hardware Policy.  IF YOU DO NOT AGREE TO THE THIS HARDWARE POLICY, YOU MAY NOT USE THE SERVICES.

USE OF PRODUCTS

Your use of the Products is governed by OnePay’s Terms of Use.

RETURN OF PRODUCTS

CANCELLATION

You may return and receive a full refund for Products purchased through OnePay if you purchase the Products within thirty (30) days of opening an Account and cancel your Account at any time during the same period, so long as the Products are in their original condition and packaging and you enclose the original packaging slip. You may not return and receive a full refund for Products purchased through OnePay if you purchase the products more than thirty (30) days after opening an Account, except pursuant to the following Limited Warranty.  Refunds will be applied to the original purchase method.  Only Products purchased directly from OnePay can be returned to OnePay.  Any products you purchase from a third party must be returned in accordance with the third party’s policies.

DEFECTIVE PRODUCTS

You may return defective Products purchased through OnePay and receive replacement Products pursuant to the following Limited Warranty.

LIMITED WARRANTY

OnePay warrants the Products against defects in materials and workmanship under normal use for a period of six (6) months from the date the Products are delivered to you, and will replace defective Products at no cost to you, so long as you return the defective Products pursuant to the instructions that will be provided to you, along with all accessories, cords, cables, parts, and documentation included, within fourteen (14) days of receiving replacement Products.  When you initiate a return pursuant to this Limited Warranty, you will be asked to provide a credit card number to OnePay.  In the event you fail to return the Products to OnePay as set forth above, OnePay reserves the right to charge either your credit card.  To initiate a return pursuant to this Limited Warranty, please contact support@onepay.com.

EXCLUSIONS

This Limited Warranty does not apply to any products you purchase from a third party.  Any products you purchase from a third party are subject to the warranties of the third party.

This Limited Warranty does not apply outside the warranty period set forth in this Hardware Policy.  If you encounter any defects in the Products outside the warranty period, you must contact the manufacturer of the Products to determine if any additional warranty applies.

This Limited Warranty does not apply to any OnePay software or other software, even if provided with the Products.  Nor does this Limited Warranty apply to any accessories, replacement parts, or consumable products used in connection with the Products, including batteries, even if provided with the Products.

This Limited Warranty does not apply if the defects in the Products are caused by misuse, repair, or alternation of the Products; any accident involving the Products; and any damage to the products caused by events beyond our control, such as fire damage, flood damage, storm damage, power surges, and the like (“force majeure”); and similar causes.

This Limited Warranty is only available to original purchasers of the Products.  This warranty is not available if you sell or transfer the Products to anyone else.

This Limited Warranty cannot be modified in any way.  No OnePay employee, reseller, or another other person is authorized to extend or otherwise modify this Limited Warranty in any way.

DISCLAIMERS

The following disclaimers are in addition to the disclaimers set forth in OnePay’s Terms of Use.  If there is any conflict between those disclaimers and the below disclaimers, the below disclaimers will control, and the remaining disclaimers will continue in full force and effect.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THIS LIMITED WARRANTY IS PROVIDED IN LIEU OF ANY OTHER WARRANTY, WHETHER EXPRESS OR IMPLIED, WRITTEN OR ORAL, WITH RESPECT TO THE PRODUCTS.  ONEPAY DISCLAIMS ANY AND ALL WARRANTIES IN CONNECTION WITH THE PRODUCTS, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, SATISFACTORY QUALITY, OR NON-INFRINGEMENT.  ONEPAY ALSO DISCLAIMS ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, THAT THE PRODUCTS ARE FREE OF HIDDEN OR LATENT DEFECTS.  TO THE EXTENT SUCH WARRANTIES CANNOT BE DISCLAIMED, ONEPAY LIMITS THE DURATION AND REMEDIES OF SUCH WARRANTIES TO THE DURATION AND REMEDIES OF THIS LIMITED WARRANTY.

LIMITATIONS ON LIABILITY

The following limitations on liability are in addition to the limitations on liability set forth in OnePay’s Terms of Use.  If there is any conflict between those limitations and the below limitations, the below limitations will control, and the remaining limitations will continue in full force and effect.

YOU AGREE THAT ONEPAY WILL NOT BE LIABLE TO YOU FOR ANY LOSSES OR DAMAGES ALLEGEDLY CAUSED BY THE PRODUCTS, INCLUDING ANY PERSONAL INJURIES ALLEGEDLY CAUSED BY THE PRODUCTS.  YOU FURTHER AGREE THAT REPLACEMENT OF DEFECTIVE PRODUCTS IS YOUR SOLE AND EXCLUSIVE REMEDY UNDER THIS LIMITED WARRANTY.

COMMUNICATIONS

Questions, complaints, and other communications regarding the operation of the Products or defects in the Products should be directed to OnePay at support@onepay.com.

Questions, complaints, and other communications regarding any other aspect of this Hardware Policy should be directed to OnePay at info@onepay.com.

BUSINESS ASSOCIATE AGREEMENT

Last Updated:  April 16, 2019

This Business Associate Agreement (“Agreement”) constitutes a contract by and between OnePay Global LLC (“OnePay” or “Business Associate”) and any health care provider, health plan, or health care clearinghouse (“Covered Entity”) (each a “Party” and collectively the “Parties”) who signs up to use CERTIFY’s Services through our Website, who signs a separate agreement regarding the Services, or who provides OnePay with any protected health information (“PHI”) for any purpose.  This Agreement governs Business Associate’s processing, storage, and/or use of any PHI provided to Business Associate by Covered Entity, unless the Parties sign a separate Business Associate Agreement, and is effective as of the date the Covered Entity signs up to use CERTIFY’s Services or signs a separate agreement to use the Services (“Effective Date”).  If the Parties sign a separate Business Associate Agreement, the separate agreement will control. 

The capitalized terms that appear in this Agreement have the same meanings as in OnePay’s Terms of Use, unless they are defined in this Agreement.  The capitalized terms that are defined in this Agreement have the same meanings as used in the Health Insurance Portability and Accountability Act (“HIPAA”), the Health Information Technology for Economic and Clinical Health Act (“HITECH”), and any regulations relating to those acts (“HIPAA Rules”).  Please click here [www.hhs.gov/hipaa] for the text of these laws and regulations.

1.OBLIGATIONS OF BUSINESS ASSOCIATE

• Prohibited Use and Disclosure.  Business Associate will not use or disclose PHI in any manner that is not permitted by this Agreement, or a related agreement, or as required by law.
• RequiredSafeguards To Protect PHI.  Business Associate will use appropriate safeguards, and comply with the HIPAA Rules (specifically, the Security Rule, 45 C.F.R. Part 164, Subpart C) with respect to electronic PHI, to prevent the use or disclosure of PHI other than as provided by this Agreement. 
• Reportingto Covered Entity.  Business Associate will immediately report to Covered Entity any use or disclosure of PHI not provided for by this Agreement, including any breach of unsecured PHI, as required by the HIPAA Rules (specifically, the Breach Notification Rule, 45 C.F.R. Part 164, Subpart D). 
• AgreementsWith Subcontractors. Business Associate will enter into an agreement with any subcontractor of Business Associate that creates, receives, maintains, or transmits PHI on behalf of Business Associate, as required by the HIPAA Rules (specifically, 45 CFR 164.502(e)(1)(ii) and 164.308(b)(2)).  The agreement will require the subcontractor to be bound by the same restrictions, conditions, and requirements that apply to Business Associate with respect to such PHI. 
• Accessto PHI.  Covered Entity may provide PHI to Business Associate by any means, including on disk or other media, via bulk uploads or FTP transfers, or by giving Business Associate access to Covered Entity or third-party systems, and if such PHI cannot be directly uploaded to Business Associate’s systems, Business Associate may transport PHI to such systems using HL7, API, and/or screen-scraping technologies.  Business Associate will make PHI about an individual in a designated record set available to Covered Entity upon request for so long as such information is maintained by Business Associate in the designated record set, as required by the HIPAA Rules (specifically, 45 C.F.R. § 164.524).  Business Associate will make such PHI available to Covered Entity within 15 days in order to allow Covered Entity to meet its obligations under the HIPAA Rules. 
• Amendmentof PHI.  Business Associate will amend PHI or a record about the individual in a designated record set upon request by Covered Entity for so long as the PHI is maintained in the designated record set, as required by the HIPAA Rules (specifically, 45 C.F.R. § 164.526).  Business Associate will amend such information within 15 days in order to allow Covered Entity to meet its obligations under the HIPAA Rules. 
• Documentationand Accounting of Disclosures. Business Associate will document and make available to Covered Entity the information required to provide an accounting of disclosures of PHI as necessary to permit Covered Entity to respond to a request for an accounting of such disclosures, as required by the HIPAA Rules (specifically, 45 C.F.R. § 164.528).  Business Associate will make such information available to Covered Entity within 30 days in order to allow Covered Entity to meet its obligations under the HIPAA Rules. 
• Other Obligations. To the extent that Business Associate is to carry out one or more of Covered Entity’s obligations under the HIPAA Rules, Business Associate will comply with the requirements that apply to Covered Entityin the performance of such obligations, as required by the HIPAA Rules (specifically, the Privacy Rule, 45 C.F.R. Part 164, Subpart E). 
• Availability of Books and Records.  Business Associate will make its internal practices, books, and records available to the Secretary of the Department of Health and Human Services for purposes of determining compliance with the HIPAA Rule
• De-Identification of PHI.  Business Associate will not de-identify PHI unless otherwise permitted in writing by Covered Entity.

2.PERMISSIBLE USE AND DISCLOSURE OF PHI

• Ownership of PHI.  Business Associate agrees that it does not own any PHI provided to Business Associate by Covered Entity, and does not have any rights in such PHI, except the limited right to use and disclose the PHI as provided by this Agreement.
• Permissible Use of PHI.   Business Associate may use or disclose PHI only as permitted by this Agreement or a related agreement, or as required by law.
• Permissible Disclosure of PHI.  Business Associate may not use or disclose PHI in a manner that would violate the HIPAA Rules (specifically, the Privacy Rule, 45 C.F.R. Part 164, Subpart E) if done by OnePay, except that:  (a) Business Associate may use PHI for its own proper management and administration, or to carry out its legal responsibilities; and (b) Business Associate may discloses PHI to a third party for its own proper management and administration, or to carry out its legal responsibilities, provided that:  (i) the disclosures are required by law, or (ii) Business Associate obtains reasonable assurances from the third party that the PHI will remain confidential and will be used or further disclosed only as required by law or for the purposes for which it was disclosed to the third party, and that the third party will notify Business Associate of any instances in which the confidentiality of the PHI has been breached.
• “Minimum Necessary” Requirement.  Business Associate agrees that any use and disclosure or requests for PHI by Business Associate will be consistent with Covered Entity’s minimum necessary use and disclosure policies, except where such use or disclosure is required by law.  Such policies require that use and disclosure of PHI be limited to persons who need access to the information to carry out their job duties, namely, persons involved in the development, implementation, and maintenance of Covered Entity’s software, and that such persons only use or disclose such PHI as necessary to carry out such duties, namely, patient biometrics and related information sufficient to identify the subject of the biometrics.
• Data Aggregation Services.  Business Associate may provide data aggregation services relating to the health care operations of Covered Entities.

3.TERM AND TERMINATION

• Term.  The term of this Agreement starts on the Effective Date and ends on the date that any related agreement between Covered Entityand Business Associate is terminated, or on the date that Covered Entity or Business Associate terminates this Agreement, as set forth below, whichever is sooner.  
• Termination.  This Agreement may be terminated: (1) immediately if either Covered Entity or Business Associate determines that the other Party has violated its HIPAA obligations; or (2) at Covered Entity’s or Business Associate’s discretion if either Party has given the other Party a reasonable time to cure the breach or end the violation, and the other Party has not cured the breach or ended the violation within such time.  
• Obligations After Termination.  Upon the termination of this Agreement for any reason, including the termination of any related agreement between Covered Entityand Business Associate, Business Associate will, at Covered Entity’s discretion, return or destroy all PHI received from Covered Entity that Business Associate maintains in any form.  Business Associate will retain no copies of such PHI.  This provision applies to all PHI in the possession of Business Associate and any subcontractors of Business Associate.  The obligations of Business Associate under this section will survive the termination of this Agreement. 

4.LIMITATIONS ON LIABILITY

THE PARTIES AGREE THAT THEY WILL NOT BE LIABLE TO EACH OTHER FOR ANY DAMAGES, UNLESS SUCH LIABILITY IS FOUND TO HAVE BEEN CAUSED BY GROSS NEGLIGENCE OR INTENTIONAL MISCONDUCT, ARISING FROM OR RELATED TO THIS AGREEMENT.  THE PARTIES AGREE THAT THIS LIMITATION ON LIABILITY APPLIES TO ANY DIRECT, INDIRECT, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR PUNITIVE DAMAGES, ANY ACCOUNTING OF PROFITS, OR ANY LOST PROFITS, UNDER ANY THEORY OF LIABILITY, INCLUDING BREACH OF CONTRACT, NEGLIGENCE, OR OTHERWISE, REGARDLESS OF WHETHER THE OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

5.GENERAL

• GoverningLaw and Jurisdiction.  In the event of any legal proceedings arising from or related to this Agreement, any such proceedings will be governed by the laws of the State of Maryland, without regard to any conflict of law rules, and applicable federal law.  Any such proceedings initiated by OnePay will be brought in state or federal court in the jurisdiction where you are primarily located, and any such proceedings initiated by you will be brought in state court in Montgomery County, Maryland or in federal court in the State of Maryland.  The Parties expressly waive any challenges to personal jurisdiction and venue in any other forums. 
• Injunctive Relief.  The Parties agree that their failure to meet their obligations under HIPAA, HITECH, and the HIPAA Rules may result in irreparable harm, and in such event, either Party will be entitled to institute proceedings in any court of competent jurisdiction to obtain injunctiverelief. 
• Mitigation of Breach.  Business Associate will cooperate with Covered Entity’s investigation, analysis, notification, and mitigation activities in the event of any use or disclosure of PHI not permitted by this Agreement.  If Business Associate undertakes any notification or mitigation activities in connection with such unpermitted use or disclosure, Business Associate will bear the cost of such activities.  If Covered Entityundertakes such activities at Business Associate’s request, or because Business Associate declines to undertake such activities, Business Associate will reimburse Covered Entity for the cost of such activities. 
• Compelled Disclosure of PHI.  In the event Business Associate receives a court order, subpoena, or similar requirement to disclose PHI to a third party, Business Associate will promptly notify Covered Entity, and in any event, will provide Covered Entitywith a copy of the requirement within five (5) days of receipt.  Covered Entity will have the right to review Business Associate’s response, including the PHI to be disclosed, prior to transmittal to any third party. 
• Intended Beneficiaries.  Business Associate agrees that any third-party Covered Entity that provides PHI to Covered Entityis an intended beneficiary of this Agreement, and is entitled to the same rights as Covered Entity under this Agreement.  No other persons or entities are intended beneficiaries of this Agreement. 
• Regulatory References.  Any reference in this Agreement to HIPAA, HITECH, or the HIPAA Rulesmeans the statutes or the regulations currently in effect. 
• Amendment.  The parties will consider this Agreement to be amended as necessary to comply with the current versions of HIPAA, HITECH, and the HIPAA Rules.
• Interpretation.  Any ambiguity in this Agreement or conflict with a related agreement will be interpreted to permit compliance with HIPAA, HITECH, and the HIPAA Rules.

NON-DISCLOSURE AGREEMENT

Last Updated:  April 16, 2019

This Non-Disclosure Agreement (“Agreement”) constitutes a contract regarding the treatment of non-public business information (“Confidential Information”) between OnePay Global LLC (“OnePay”) and any person or entity who exchanges Confidential Information with OnePay (“you”) (each a “Party” and collectively the “Parties”).  Either Party may disclose or receive Confidential Information under this Agreement (each a “Disclosing Party” or a “Receiving Party”).  This Agreement governs the Parties’ obligations regarding Confidential Information, unless the Parties sign a separate non-disclosure agreement or a separate agreement regarding the Services that addresses such obligations, and is effective when the Parties begin to exchange such information (“Effective Date”).  If the Parties sign a separate agreement regarding such obligations, the separate agreement will control.

The capitalized terms that appear in this Agreement have the same meanings as in OnePay’s Terms of Use, unless they are defined in this Agreement.

By exchanging Confidential Information with OnePay, you agree to this Agreement.  IF YOU DO NOT AGREE TO THIS AGREEMENT, YOU MAY NOT EXCHANGE ANY CONFIDENTIAL INFORMATION WITH ONEPAY.

CONFIDENTIAL INFORMATION

• Definition. Confidential Information includes information regarding:  (a) the intellectual property associated with the Parties’ products and services (“Intellectual Property”); (b) the Parties’ products and services, including all software, source code, object code, and other code; all devices, components, and other technology relating to such products and services; and all information relating to such products and services, including all flowcharts, engineering diagrams, and other design drawings, all research, development, and testing data, all product performance statistics, evaluations, and other analyses; and (c) the Parties, including the Parties’ business plans, policies, procedures, administration, management, operations, sales, revenues, and profits; the marketing, advertising, and promotion of the Parties’ products and services; the Parties’ existing and potential customers, manufacturers, distributors, owners, investors, directors, officers, employees, independent contractors, agents, and other personnel; and the Parties’ contracts, licenses, and other agreements.
• Scope: Confidential Information includes information in the above categories:  (a) whether or not the information is marked confidential; (b) whether or not the information is disclosed in written form or verbally; and (c) whether or not the information is disclosed before or after the Effective Date of this Agreement.
• Exclusions. Confidential Information does not include information:  (a) that was public knowledge at the time of disclosure or becomes public knowledge after the time of disclosure through no action of the Receiving Party; (b) that was otherwise known to the Receiving Party at the time of disclosure; or (c) that is subsequently obtained from a third party under no confidentiality obligation to the Disclosing Party, unless the information reasonably should be considered confidential.
• Ownership. The Parties agree that the Disclosing Party owns all right, title, and interest in and to all Confidential Information that it discloses to the Receiving Party.  The Parties further agree that no license in any Confidential Information is granted to the Receiving Party as a result of this Agreement.
• Non-Disclosure. The Receiving Party will use the highest degree of care in protecting the Disclosing Party’s Confidential Information and will not, during or after the Term of this Agreement, directly or indirectly:  (a) disclose any of the Disclosing Party’s Confidential Information to any person or entity, except as provided below; (b) use the Disclosing Party’s Confidential Information in any way contrary to the Disclosing Party’s interests; or (c) claim any rights in the Disclosing Party’s Confidential Information.  The Disclosing Party’s Confidential Information will only be disclosed to:  (a) the Receiving Party’s employees, independent contractors, service providers, and other persons and entities associated with the Receiving Party who have a need to know such information in order to perform their duties and who have signed agreements requiring them to protect third-party confidential information; and (b) persons and entities who the Disclosing Party agrees may have access to such information, provided the Disclosing Party agrees in writing.
• Responsibility for Disclosures. The Receiving Party is responsible for any violation of this Agreement by any persons or entities who receive any Confidential Information from the Receiving Party.
• Government Disclosures. If the Receiving Party receives a valid government demand for the Disclosing Party’s Confidential Information, such as a court order, search warrant, or subpoena, the Receiving Party will promptly inform the Disclosing Party (unless such notice is prohibited), and upon the Disclosing Party’s request, the Receiving Party will provide reasonable assistance in maintaining the confidentiality of the information.  If the Receiving Party discloses any of the Disclosing Party’s Confidential Information, it will only disclose the information strictly required by the government demand.
• Disclaimer of Warranties. The Parties agree that all Confidential Information is provided without any express or implied warranty of any kind, including any warranty of merchantability or any warranty of fitness for a particular purpose.
• Other Actions. The exchange of Confidential Information under this Agreement does not commit the Parties to continue to exchange such information, to exchange any particular information, to enter into any other agreements, or to take any other actions.

2. INTELLECTUAL PROPERTY
   • Definition. The Parties’ Intellectual Property includes:  (a) all ideas, concepts, know-how, inventions, improvements, and other creations relating to the Parties’ products and services; (b) all forms of intellectual property relating to the Parties’ products and services in any country in the world, including all patents, design patents, trademarks, domain names, copyrights, and trade secrets; and (c) all information relating to the Parties’ Intellectual Property.
   • Ownership. The Parties agree that the Disclosing is the exclusive owner of all right, title, and interest in and to all Intellectual Property disclosed to the Receiving Party or available to the Receiving Party.  The Parties further agree that no license in any Intellectual Property is granted to the Receiving Party as a result of this Agreement.
3. TERM AND TERMINATION
   • Term. The term of this Agreement starts when the Parties begin to exchange confidential information and ends one (1) year later (the “Term”), unless the Parties continue to exchange confidential information, or unless this Agreement is superseded by another agreement.
   • Termination. Either party may terminate this Agreement at any time, with or without cause, by sending written notice of termination to the other party.
   • Post-Agreement Obligations. Upon the expiration or termination of this Agreement, or upon the Disclosing Party’s request, whichever is earlier, the Receiving Party, at its own expense, will promptly return all of the Disclosing Party’s Confidential Information.  Alternatively, if the Disclosing Party agrees, the Receiving Party may provide the Disclosing Party with written assurance of the destruction of such Confidential Information.
   • Survival. The Parties’ confidentiality obligations will survive the expiration or termination of this Agreement.
4. GENERAL
   • Governing Law and Jurisdiction. In the event of any legal proceedings arising from or related to this Agreement, you agree that any such proceedings will be governed by the laws of the State of Maryland, without regard to any conflict of law rules, and applicable federal law.  You further agree that any such proceedings initiated by CERTIFY will be brought in state or federal court in the jurisdiction where you are primarily located, and any claims by you will be brought in state court in Montgomery County, Maryland or in federal court in the State of Maryland, except that, if you are located outside the United States, any such proceedings initiated by either Party will be brought in state court in Montgomery County, Maryland or in federal court in the State of Maryland.  The Parties expressly waive any challenges to personal jurisdiction and venue in these forums.
   • Injunctive Relief. You agree that your actual, attempted, or threatened violation of this Agreement will cause irreparable harm to OnePay for which there is no adequate remedy at law and that OnePay may seek any injunctive or equitable relief it deems appropriate in such circumstances. These remedies are in addition to any other remedies OnePay may have at law or in equity.
   • Jury Trial. You agree that, in the event of any legal proceedings between the Parties, you waive your right to a jury trial.
   • Attorneys’ Fees and Costs. You agree that, in the event OnePay prevails in any legal proceeding arising from or related to this Agreement, or any actual, attempted, or threatened violation of this Agreement, OnePay will be awarded its attorneys’ fees and costs in addition to any other relief to which OnePay is entitled.
   • Entire Agreement. This Agreement constitutes the entire agreement of the Parties regarding the exchange of Confidential Information, and supersedes any prior agreements, understandings, or representations regarding such information.  This Agreement cannot be modified in any way, unless the Parties otherwise agree in writing.
   • Severability. You agree that, if a court holds any portion of this Agreement to be unenforceable for any reason, such portion will be enforced to the maximum extent possible and the remainder of this Agreement will be enforceable as written.
   • Waiver. You agree that a Party’s failure to insist upon or enforce strict performance of any of the provisions of this Agreement or to exercise any rights or remedies under this Agreement will not be construed as a waiver of its right to assert or rely upon any such provision, right, or remedy in that or any other instance.
   • Assignment. Neither Party may assign, transfer, or otherwise dispose of its rights and obligations under this Agreement, unless the Parties otherwise agree in writing, except as part of a merger, acquisition, or disposition of all or substantially all of the assigning Party’s equity or assets.

SERVICE LEVEL AGREEMENT

Last Updated:  April 16, 2019

This Service Level Agreement (“Agreement”) constitutes a contract between OnePay Global LLC (“OnePay”) and any person or entity who signs up to use OnePay’s Services through our Website or who signs a separate agreement regarding the Services (“you”) (each a “Party” and collectively the “Parties”).  This Agreement governs OnePay’s commitments regarding the availability of the Services, unless the Parties sign a separate agreement regarding the availability of the Services, and is effective as of the Effective Date.  If the Parties sign a separate agreement regarding the availability of the Services, the separate agreement will control.

The capitalized terms that appear in this Agreement have the same meanings as in OnePay’s Terms of Use, unless they are defined in this Agreement.

By using the Services, you agree to this Agreement.  IF YOU DO NOT AGREE TO THIS AGREEMENT, YOU MAY NOT USE THE SERVICES.

1. SERVICE LEVEL

During the Term of the License to use the Services, OnePay agrees to make the Services available to you at least 99.9% of the time in any calendar month (“Service Level”).

2. SERVICE CREDIT

If we do not meet the Service Level in any calendar month, and if you meet your obligations under this Agreement, you will be eligible to receive a credit on your next monthly invoice.  The credit will be equal to the value of accessing the Services for the number of days set forth in the below table (“Service Credit”).

Your Service Credit may not be exchanged for or converted into monetary amounts.

The following definitions will apply for purposes of calculating any Service Credit you may be eligible to receive.

• “Downtime” means when there is more than a five percent (5%) user error rate.  For both individuals and entities that use the Services, Downtime is measured based on OnePay’s server-side error rate.  For entities that use the Services, Downtime is measured across all of the users who may access the Services.
• “Monthly Uptime Percentage” means the total number of minutes in a calendar month minus the number of minutes of Downtime incurred in a calendar month, divided by the total number of minutes in a calendar month.

The following formula will be used to calculate your Service Credit:

The maximum Service Credit you are eligible to receive in a calendar month may not exceed the value of fifteen (15) days of access to the Services under any circumstances.

3. REQUESTS FOR SERVICE CREDIT

To receive a Service Credit, you must notify OnePay within thirty (30) days of the time you become eligible to receive the credit.  If you fail to comply with this requirement, you will forfeit your right to receive a Service Credit.  To determine whether the Services are available, you may contact OnePay at support@onepay.com.

4. EXCLUSIONS

This Agreement does not apply to any software we provide that expressly excludes our Service Level Agreement.  Nor does this Agreement apply to any Downtime caused by events beyond our control as set forth in the Force Majeure provisions of this Agreement, problems with your computer systems, problems with third-party data processors or other service providers used in connection with your computer systems, or your misuse of the Services.

5. LIMITATIONS ON LIABILITY

The following limitations on liability are in addition to the limitations on liability set forth in OnePay’s Terms of Use.  If there is any conflict between those limitations and the below limitations, the below limitations will control, and the remaining limitations will continue in full force and effect.

YOU AGREE THAT THE ABOVE SERVICE CREDIT CONSTITUTES YOUR SOLE REMEDY FOR ANY FAILURE TO MEET THE ABOVE SERVICE LEVEL.

6. GENERAL
   • Governing Law and Jurisdiction. In the event of any legal proceedings arising from or related to this Agreement, you agree that such proceedings will be governed by the laws of the State of Maryland, without regard to any conflict of law rules, and will be brought in state court in Montgomery County, Maryland.  The Parties expressly waive any challenges to personal jurisdiction and venue in these forums.
   • Injunctive Relief. You agree that your actual, attempted, or threatened violation of this Agreement will cause irreparable harm to OnePay for which there is no adequate remedy at law and that OnePay may seek any injunctive or equitable relief it deems appropriate in such circumstances. These remedies are in addition to any other remedies OnePay may have at law or in equity.
   • Jury Trial. You agree that, in the event of any litigation between the Parties, you waive your right to a jury trial.
   • Attorneys’ Fees and Costs. You agree that, in the event OnePay prevails in any legal proceeding arising from or related to this Agreement, or any actual, attempted, or threatened violation of this Agreement, OnePay will be awarded its attorneys’ fees and costs in addition to any other relief to which OnePay is entitled.
   • Entire Agreement. This Agreement constitutes the entire agreement of the Parties regarding the Services, and supersedes any prior agreements, understandings, or representations regarding the Services.  This Agreement cannot be modified, amended, or changed in any way, unless the Parties otherwise agree in writing.
   • Severability. You agree that, if a court holds any portion of this Agreement to be unenforceable for any reason, such portion will be enforced to the maximum extent possible and the remainder of this Agreement will be enforceable as written.
   • Waiver. You agree that a Party’s failure to insist upon or enforce strict performance of any of the provisions of this Agreement or to exercise any rights or remedies under this Agreement will not be construed as a waiver of its right to assert or rely upon any such provision, right, or remedy in that or any other instance.
   • Assignment. Neither Party may assign, transfer, or otherwise dispose of its rights and obligations under this Agreement, unless the Parties otherwise agree in writing, except as part of a merger, acquisition, or disposition of all or substantially all of the assigning Party’s equity or assets.
   • Force Majeure. Neither Party will be held responsible for any delay or failure in performance of this Agreement, including any failure to meet the above Services Level, caused in whole or in part by any act or omission or other cause beyond such Party’s control, including fire, flood, storm, accident, terrorist attack, cyber attack, delay of supplier, or compliance with any law, rule, regulation, or government demand.  If any such event occurs, the period for performing the particular obligations prevented by such event will be deemed extended by the length of time such event continues.