Common use of PCI Compliance Clause in Contracts

PCI Compliance. You agree to take all steps and perform all acts required by the data security vendor (“DSV”) retained by Processor or Bank necessary to validate your f u l l compliance with the Data Security Regulations. Compliance with the requirements of the program established by the DSV (which program may be identified as “365 PCI & Compliance Regulatory”, “Easy Breach PCI Protection” or such other branding designation identified by Processor, DSV or otherwise in this Agreement) will require at least the accurate completion of a self-assessment questionnaire and may require, at Processor’s or Bank’s sole discretion, a vulnerability scan and/or the satisfaction of other requirements imposed by the Operating Regulations or the Data Security Regulations. Under certain circumstances as set forth in the Data Security Regulations, you may be required to re-validate y ou r compliance. If re-validation becomes necessary, You agree that You will take all steps deemed necessary by the DSV to re-validate your compliance with the Data Security Regulations. In return for, among other things, the services performed by the DSV, You agree to pay to Processor the PCI Compliance Fee contained in the fee schedule that is part of this A greement. To the extent that Processor’s losses are covered and paid to Processor by insurance obtained by DSV, Processor will waive up to $100,000 in damages related to mandatory forensic audits, card replacement costs, and fines levied by Card Networks. For more information regarding terms, exclusions and limits of insurance program obtained by DSV for the benefit of Processor, please refer to xxx.xxxxxxxxxxxxxxxxxx.xxx/xxxxxxxxx. This waiver only applies while You are (i) fully compliant with PCI DSS, (ii) fully compliant with the requirements of DSV program, and (iii) You are a Merchant of Processor.

PCI Compliance. You agree to take all steps and perform all acts required by the data security vendor (“DSV”) retained by Processor or Bank necessary to validate your f u l l you full compliance with the Data Security Regulations. Compliance with the requirements requirement of the program established by the DSV (which program may be identified as “365 PCI PCT & Compliance Regulatory”, ,” “Easy Breach PCI Protection” or such other branding designation identified by Processor, DSV or otherwise in this Agreement) will require at least the accurate completion of a self-self- assessment questionnaire and may require, at Processor’s or Bank’s sole discretion, a vulnerability scan and/or the satisfaction of other requirements imposed by the Operating Regulations or the Data Security Regulations. Under certain circumstances as set forth for in the Data Date Security Regulations, you You may be required to re-validate y ou r your compliance. If re-validation becomes necessary, You agree that You will take all steps deemed necessary by the DSV to re-validate your compliance with the Data Security Regulations. In return for, among other things, the services performed by the DSV, You agree to pay to Processor the PCI Compliance Fee contained in the fee schedule scheduled that is part of this A greementAgreement. To the extent that Processor’s losses are covered and paid to Processor by insurance obtained by DSV, Processor will waive up to $100,000 in damages related to mandatory forensic audits, card replacement costs, and fines levied by Card Networks. For more information regarding terms, exclusions and limits of insurance program obtained by DSV for the benefit of Processor, please refer to xxx.xxxxxxxxxxxxxxxxxx.xxx/xxxxxxxxx. This waiver only applies while You are (i) fully compliant with PCI DSS, (ii) fully compliant with the requirements of DSV program, and (iii) You are a Merchant of Processor.and

PCI Compliance. You agree to take all steps and perform all acts required by the data security vendor (“DSV”) retained by Processor 2AP or Bank necessary to validate your f u l l compliance with the Data Security Regulations. Compliance with the requirements of the the program established by the DSV (which program may be identified as “365 PCI & Compliance Regulatory”, “Easy Breach PCI Protection” or such other branding designation identified by Processor2AP, DSV or otherwise in this Agreement) will require at least the accurate completion of a self-self- assessment questionnaire and may require, at Processor’s or Bank’s sole discretion, require a vulnerability scan and/or the satisfaction of other requirements imposed by the Operating Regulations or the Data Security Regulations. Under certain circumstances as set forth in the Data Security Regulations, you may be required to re-validate y ou r your compliance. If re-validation becomes necessary, You ; you agree that You you will take all steps deemed necessary by the DSV to re-re- validate your compliance with the Data Security Regulations. In return for, among other things, for the services performed by the DSV, You you agree to pay to Processor 2AP the PCI Compliance Fee contained in the fee schedule that is part of this A greementagreement. To the extent that ProcessorIntegrity Payment System’s losses are covered and paid to Processor by insurance obtained by DSV, Processor 2AP will waive up to $100,000 in damages related to mandatory forensic audits, card replacement costs, costs and fines levied by Card Networks. For more information regarding terms, exclusions and limits of insurance program obtained by DSV for the benefit of ProcessorIntegrity Payment Systems, please refer to xxx.xxxxxxxxxxxxxxxxxx.xxx/xxxxxxxxxwxx.xxxxxxxxxxxxxxxxxx.xxx/xxxxxxxxx. This waiver only applies while You you are (i) fully compliant with PCI DSS, (ii) fully compliant with the requirements of DSV program, and (iii) You you are a Merchant merchant of ProcessorIntegrity Payment Systems.

PCI Compliance. You agree to take all steps and perform all acts required by the data security vendor (“DSV”) retained by Processor or Bank necessary to validate your f u l l you full compliance with the Data Security Regulations. Compliance with the requirements requirement of the program established by the DSV (which program may be identified as “365 PCI & Compliance Regulatory”, “Easy Breach PCI Protection” or such other branding designation identified by Processor, DSV or otherwise in this Agreementor) will require at least the accurate completion of a self-assessment self‐assessment questionnaire and may require, at Processor’s or Bank’s sole discretion, a vulnerability scan and/or the satisfaction of other requirements imposed by the Operating Regulations or the Data Security Regulations. Under certain circumstances as set forth for in the Data Date Security Regulations, you You may be required to re-validate y ou r re‐validate your compliance. If re-validation re‐validation becomes necessary, You agree that You will take all steps deemed necessary by the DSV to re-validate re‐validate your compliance with the Data Security Regulations. In return for, among other things, the services performed by the DSV, You agree to pay to Processor the PCI Compliance Fee contained in the fee schedule scheduled that is part of this A greementAgreement. To the extent that Processor’s losses are covered and paid to Processor by insurance obtained by DSV, Processor will waive up to $100,000 in damages related to mandatory forensic audits, card replacement costs, and fines levied by Card Networks. For more information regarding terms, exclusions and limits of insurance program obtained by DSV for the benefit of Processor, please refer to xxx.xxxxxxxxxxxxxxxxxx.xxx/xxxxxxxxx. tohttps://xxxxxxxxxxxxxxxxxx.xxx/xxxxxxxxxxxxxx/. This waiver only applies while You are (i) fully compliant with PCI DSS, (ii) fully compliant with the requirements of DSV program, and (iii) You are a Merchant of Processor.

PCI Compliance. You agree to take all steps and perform all acts required by the data security vendor (“DSV”) retained by Processor or Bank necessary to validate your f u l l you full compliance with the Data Security Regulations. Compliance with the requirements requirement of the program established by the DSV (which program may be identified as “365 PCI & Compliance Regulatory”, “Easy Breach PCI Protection” or such other branding designation identified by Processor, DSV or otherwise in this Agreementor) will require at least the accurate completion of a self-assessment questionnaire and may require, at Processor’s or Bank’s sole discretion, a vulnerability scan and/or the satisfaction of other requirements imposed by the Operating Regulations or the Data Security Regulations. Under certain circumstances as set forth for in the Data Date Security Regulations, you You may be required to re-validate y ou r your compliance. If re-validation becomes necessary, You agree that You will take all steps deemed necessary by the DSV to re-validate your compliance with the Data Security Regulations. In return for, among other things, the services performed by the DSV, You agree to pay to Processor the PCI Compliance Fee contained in the fee schedule scheduled that is part of this A greementAgreement. To the extent that Processor’s losses are covered and paid to Processor by insurance obtained by DSV, Processor will waive up to $100,000 in damages related to mandatory forensic audits, card replacement costs, and fines levied by Card Networks. For more information regarding terms, exclusions and limits of insurance program obtained by DSV for the benefit of Processor, please refer to xxx.xxxxxxxxxxxxxxxxxx.xxx/xxxxxxxxx. tohttps://xxxxxxxxxxxxxxxxxx.xxx/xxxxxxxxxxxxxx/. This waiver only applies while You are (i) fully compliant with PCI DSS, (ii) fully compliant with the requirements of DSV program, and (iii) You are a Merchant of Processor.

PCI Compliance. You agree to take all steps and perform all acts required by the data security vendor (“DSV”) retained by Processor or Bank necessary to validate your f u l l full compliance with the Data Security Regulations. Compliance with the requirements of the program established by the DSV (which program may be identified as “365 PCI & Compliance Regulatory”, “Easy Breach PCI Protection” or such other branding designation identified by Processor, DSV or otherwise in this Agreement) will require at least the accurate completion of a self-assessment questionnaire and may require, at Processor’s or Bank’s sole discretion, a vulnerability scan and/or the satisfaction of other requirements imposed by the Operating Regulations or the Data Security Regulations. Under certain circumstances as set forth in the Data Security Regulations, you may be required to re-re- validate y ou you r compliance. If re-validation becomes necessary, You agree that You will take all steps deemed necessary by the DSV to re-validate your compliance with the Data Security Regulations. In return for, among other things, the services performed by the DSV, You agree to pay to Processor the PCI Compliance Fee contained in the fee schedule that is part of this A greementAgreement. To the extent that Processor’s losses are covered and paid to Processor by insurance obtained by DSV, Processor will waive up to $100,000 in damages related to mandatory forensic audits, card replacement costs, and fines levied by Card Networks. For more information regarding terms, exclusions and limits of insurance program obtained by DSV for the benefit of Processor, please refer to xxx.xxxxxxxxxxxxxxxxxx.xxx/xxxxxxxxx. This waiver only applies while You are (i) fully compliant with PCI DSS, (ii) fully compliant with the requirements of DSV program, and (iii) You are a Merchant of Processor.,