Let's Talk
Featured Partners

Celeris: Awarded MPE’s Best Payment Orchestration Platform of 2024

Learn how we built businesses for others

Verifi a visa solution

Verifi specializes in dispute management, aiding sellers in revenue retention and cost reduction from banks.

Ethoca

Ethoca provides award-winning fraud prevention, dispute resolution solutions and empowering global businesses with collaboration-based intelligence.

PayPal

PayPal is the faster, safer way to send and receive money or make an online payment. Get started and create a merchant account to accept payments.

Cybersource

Cybersource crafts innovative commerce solutions, delighting customers and driving global growth with creative experiences.

p4

by | Sep 19, 2024


7. Customer Data Incident Management and Notification

CP maintains security incident management policies and procedures and shall notify Client without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data,
including Personal Data, transmitted, stored or otherwise Processed by CP or its Sub-processors of which CP becomes aware (a “Customer Data Incident”).

CP shall make reasonable efforts to identify the cause of such Customer Data Incident and take necessary steps to remediate the cause of the incident to the extent the remediation is within CP’s reasonable control. These obligations shall not apply
to incidents caused by Client or Client’s Users.

8. Return and Deletion of Customer Data

CP shall return Customer Data to Client and, to the extent allowed by applicable law, delete Customer Data in accordance with the procedures and timeframes specified in the Security, Privacy and Architecture Documentation.

9. Limitation of Liability

Each party’s and all of its affiliates’ liability, taken together in the aggregate, arising out of or related to this DPA, whether in contract, tort or under any other theory of liability, is subject to the ‘Limitation of Liability’ section of the
Agreement, and any reference in such section to the liability of a party means the aggregate liability of that party and all of its affiliates (including for CP the Connfido Group) under the Agreement and this DPA. For the avoidance of doubt,
CP’s and Connfido Group’s total liability for all claims from the Client and all of its affiliates arising out of or related to the CP’s Merchant Service Agreement and this DPA shall apply in the aggregate for all claims under both the CP’s Merchant
Service Agreement and this DPA established under the Agreement.

The maximum liability of CP under this Agreement shall not exceed in the aggregate an amount equal to the Fees paid by or on behalf of Client to CP for providing Services during the last two (2) months prior to the claim arising. Also, for the avoidance
of doubt, each reference to the DPA in this DPA means this DPA including its Annexes and Appendices.

10. Legal

This Agreement shall be governed by and construed in accordance with the laws of The Netherlands. The Parties agree that the courts of Amsterdam have jurisdiction to settle any disputes in connection with this Agreement and submit to the jurisdiction
of such courts.

11. European Specific Provisions

11.1 GDPR

CP will Process Personal Data in accordance with GDPR requirements directly applicable to CP’s provision of its Services.

11.2 Data Protection Impact Assessment

Upon Client’s request, CP shall provide Client with reasonable cooperation and assistance needed to fulfil Client’s obligation under the GDPR to carry out a data protection impact assessment related to Client’s use of the Services, to the extent Client
does not otherwise have access to the relevant information, and to the extent such information is available to CP. CP shall provide reasonable assistance to Client in thecooperation or prior consultation with the Supervisory Authority in the performance
of its tasks relating to Section 11.2 of this DPA, to the extent required under the GDPR.