Terms & Conditions of Service

1.Acceptance of these Terms

These Terms & Conditions of Service (the Terms) form a binding legal agreement between swyftec (the operator of the swyftec platform and the swyftpay payment and settlement services; the Provider, we, us, or swyftec) and the entity or sole trader on whose behalf an account is created to receive the Services (the Vendor, you, or your). The legal entity providing the Services and its registration details are set out in Section 22.

By accessing, registering for, or using any part of the Services, you confirm that you have read, understood and agreed to be bound by these Terms, the swyftec Privacy Statement, the Prohibited & Restricted Businesses list, the Acceptable Use Policy and any product-specific terms incorporated by reference (together, the Agreement). If you do not agree, you must not access or use the Services.

If you are accepting these Terms on behalf of a legal entity, you represent and warrant that you have the authority to bind that entity to the Agreement. Each affiliate or related entity wishing to use the Services must register a separate account and accept these Terms in its own right.

The Agreement is effective on the date you first access or use the Services (the Effective Date) and continues until terminated in accordance with Section 16 (the Term).

2.Definitions

Capitalised terms not otherwise defined inline have the meanings set out below.

Acquirer

A licensed financial institution authorised by a Card Network or Payment Method Provider to process Transactions on the Vendor's behalf.

Applicable Law

Any law, statute, regulation, rule, ordinance, regulatory technical standard or binding regulator guidance applicable to a party or to the provision or use of the Services, including (without limitation) the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR), the Irish Data Protection Act 2018, the revised Payment Services Directive (Directive (EU) 2015/2366) (PSD2), the Digital Operational Resilience Act (Regulation (EU) 2022/2554) (DORA), the Markets in Crypto-Assets Regulation (Regulation (EU) 2023/1114), and the Payment Card Industry Data Security Standard (PCI DSS).

Card Network

Visa, Mastercard, American Express, Discover and any other card network or scheme accepted by the Provider from time to time.

Card Network Rules

The operating rules, regulations, by-laws and standards published by each Card Network, as updated.

Customer

A person, business or entity that initiates a Transaction with the Vendor through the Services.

Documentation

The technical and operational documentation made available by the Provider for the Services, including the swyftec developer documentation and API references, as updated.

Privacy Statement

The swyftec privacy notice published at privacy.swyftec.com, as amended.

Reserve

Funds held and controlled by the Provider as collateral against actual or potential liabilities the Vendor incurs under the Agreement.

Services

The swyftec business management platform, the swyftpay payment acceptance and settlement services, the swyftec point-of-sale, kiosk and mobile applications, related APIs, dashboards and any other services made available by the Provider under the Agreement.

Settlement Account

The Vendor's nominated bank account into which Settlement Funds are remitted.

Settlement Funds

The proceeds of cleared Transactions due to the Vendor, less applicable fees, refunds, chargebacks, reversals and Reserves.

Transaction

An authorisation, capture, sale, refund, dispute or chargeback processed via the Services.

Vendor Content

All data, materials, products, descriptions, branding and any other content the Vendor uploads, transmits, displays or otherwise makes available through the Services.

3.Eligibility & Account Registration

3.1 Eligibility

The Services are made available exclusively to businesses, sole traders and other lawfully constituted entities. To use the Services, you must (a) be at least eighteen (18) years of age (or the age of majority in your jurisdiction); (b) be lawfully able to enter into a binding contract; (c) be lawfully established and registered in a jurisdiction where the Services are offered; and (d) not be on any sanctions list maintained by the European Union, the United Nations, the United Kingdom, the United States Office of Foreign Assets Control (OFAC) or any other authority recognised by the Provider.

3.2 Account information

You must provide accurate, current and complete information at the time of registration and keep that information up to date for the duration of the Term. You must promptly notify the Provider of any change to your legal name, registered address, beneficial ownership, control structure, business activities, regulatory status or contact details.

3.3 Underwriting and verification

The Provider may, at any time and at its sole discretion, conduct identity verification (KYC), business verification (KYB), beneficial ownership checks, anti-money-laundering (AML) screening, sanctions screening, credit checks and fraud risk assessments in respect of you, your principals, beneficial owners and authorised representatives. You authorise the Provider to obtain, verify and exchange information about you with credit bureaus, regulators, financial institutions and third-party verification services.

3.4 Acceptance discretion

The Provider has sole discretion in deciding whether to accept any registration, to maintain any account, or to enable any feature of the Services in respect of any Vendor. The Provider is not obliged to provide reasons for declining or revoking access.

3.5 Account credentials

You are solely responsible for maintaining the confidentiality of all credentials, API keys, tokens and authentication factors associated with your account, and for all activity that occurs under your account, whether or not authorised. You must promptly notify the Provider on becoming aware of any actual or suspected unauthorised access, security incident or compromise.

4.Description of the Services

The Services comprise software-as-a-service business management tooling, payment acceptance, processing and settlement, point-of-sale, kiosk and mobile-first applications, developer APIs and related capabilities. Specific Services may be subject to additional product-specific terms incorporated into the Agreement.

The Provider may add, remove, modify, replace, deprecate or change the features, integrations, payment methods, supported jurisdictions, supported devices and underlying providers of any Service at any time. Where reasonably practicable, the Provider will give advance notice of material changes that adversely affect existing functionality you rely upon.

The Provider may rely on third-party Acquirers, Card Networks, payment-method providers, banking partners, cloud infrastructure providers and other suppliers to deliver the Services. The Vendor acknowledges that the Provider does not control such third parties and that delays, failures, settlement timing, chargeback rules and other operational matters originating with those third parties are not within the Provider's control.

Beta, preview, experimental or early-access features may be made available from time to time. Such features are provided "as is" and "with all faults", may be feature-incomplete or unstable, are excluded from any service-level commitment, and may be modified, withdrawn or made generally available at the Provider's sole discretion.

swyftec is a technology and payment services provider. swyftec is not a bank, does not accept deposits, and does not act as a fiduciary, financial adviser, broker or insurer in relation to the Vendor or its Customers, except where expressly stated in writing or where required by Applicable Law.

5.Vendor Obligations & Conduct

5.1 Lawful and ethical operation

The Vendor is and remains solely responsible for the lawful, ethical and proper conduct of its business. The Vendor must use the Services only to operate a legitimate, lawfully registered business that complies in all respects with Applicable Law in every jurisdiction in which the Vendor operates, sells, advertises, markets or accepts payments. The Provider does not assess, validate or endorse the Vendor's business model, the legality of its goods or services, its tax position, or the accuracy of its representations to Customers.

5.2 No reliance on the Provider

The Provider supplies infrastructure and tooling. The Vendor is solely responsible for: (a) the goods, services, content, descriptions, prices, taxes, returns, warranties and after-sales support it offers to Customers; (b) all communications, contracts and disputes with Customers; (c) the accuracy and completeness of all Vendor Content; (d) compliance with consumer-protection law, advertising law, distance-selling law, sectoral regulation and licensing requirements applicable to the Vendor's business; and (e) the conduct of its employees, agents, contractors and representatives.

5.3 General use restrictions

The Vendor must not, and must not permit any person to:

1. use the Services in violation of any Applicable Law, Card Network Rule, payment-method rule or third-party right;
2. use the Services to facilitate, conceal, advance or benefit from criminal activity, fraud, tax evasion, sanctions evasion, money laundering or the financing of terrorism;
3. provide to the Provider any false, misleading, inaccurate or incomplete information about the Vendor's identity, ownership, control, business, products or transactions;
4. process Transactions on behalf of, or for the benefit of, any undisclosed third party, or for goods or services other than those disclosed in the account application;
5. use the Services principally as a virtual terminal, for card testing, or for transactions where there is no bona fide good or service supplied;
6. circumvent, attempt to circumvent or evade Card Network chargeback monitoring programmes, fraud monitoring programmes or any other risk control;
7. reverse-engineer, decompile, disassemble, scrape, mirror, frame or otherwise attempt to derive the source code, structure, ideas or algorithms of the Services, except to the extent permitted by mandatory law;
8. introduce or transmit any malware, virus, worm, trojan, ransomware, exploit or other harmful code, or perform any denial-of-service, intrusion, penetration test or vulnerability test against the Services without the Provider's prior written consent;
9. resell, sublicense, lease, lend, time-share or otherwise commercially exploit the Services or make the Services available as a stand-alone hosted offering for third parties, except as expressly permitted by the Provider in writing; or
10. use the Services in any manner that the Provider determines (acting reasonably) may degrade or threaten the security, stability, integrity or reputation of the Services, the Provider, any Card Network, any Acquirer or any other Vendor.

5.4 Vendor Content

The Vendor retains all right, title and interest in Vendor Content. The Vendor grants the Provider a limited, non-exclusive, worldwide, royalty-free, sublicensable licence to host, copy, transmit, display, process and otherwise use Vendor Content solely as necessary to provide, secure, maintain and improve the Services and to comply with Applicable Law.

5.5 Cooperation

The Vendor must provide all information, documentation and cooperation reasonably requested by the Provider, an Acquirer, a Card Network, a regulator or a court, including in connection with audits, investigations, sanctions screening, AML obligations, disputes, chargebacks and DORA-related supervisory requests.

6.Prohibited & Restricted Businesses

The Services may not be used for the following businesses, products, services or activities, regardless of legality in any particular jurisdiction. This list is representative and not exhaustive; the Provider may update it at any time.

6.1 Sanctions and embargoes

• Persons resident in, located in or citizens of jurisdictions subject to comprehensive sanctions imposed by the EU, the UN, the UK, the US (OFAC) or other authorities recognised by the Provider, including (without limitation) Cuba, Iran, North Korea, Syria and the Crimea, Donetsk and Luhansk regions of Ukraine;
• Persons or entities listed on any restricted-party or sanctions list maintained by the EU, UN, UK or US authorities;
• Goods or services prohibited for export to or import from any sanctioned destination.

6.2 Illegal activity

• Any activity that is unlawful in the Vendor's jurisdiction or in any jurisdiction where Customers are located;
• Counterfeit, stolen or unauthorised goods; intellectual-property infringement;
• Illegal drugs, substances designed to mimic illegal drugs, drug paraphernalia and equipment intended for the manufacture or use of illegal drugs;
• Human trafficking, forced labour, child labour and any business engaging in, encouraging or celebrating unlawful violence or physical harm.

6.3 High-risk and restricted categories

The following categories are prohibited unless expressly approved in writing by the Provider, subject to additional conditions and continuing eligibility review:

• Adult content, adult services, escort and dating services with sexual content, and pornography;
• Gambling, online gaming for monetary or material prize, sports forecasting, lotteries, sweepstakes and contests;
• Firearms, ammunition, weapons and weapon accessories;
• Tobacco, e-cigarettes, vaping products and related accessories;
• Cannabis, CBD, kratom, kava and similar regulated substances;
• Pharmaceuticals (including online pharmacies), nutraceuticals, supplements and substances making medical or therapeutic claims;
• Crypto-assets, digital tokens, NFTs, mining services and crypto on-/off-ramping (subject to MiCA-aligned approval);
• Multi-level marketing, pyramid schemes, get-rich-quick schemes, payday lending and unsecured consumer credit;
• Telemarketing, cold-calling sales, telesales of subscription products, and businesses with high chargeback risk profiles;
• Debt collection, credit repair, debt relief, bankruptcy services, bail bonds and identity-protection services;
• Money services businesses, money transmission, currency exchange and stored-value issuance, except where the Vendor holds the requisite licence and the Provider has expressly approved the activity;
• Travel agencies, timeshares, vacation clubs and businesses where significant time may elapse between charge and delivery;
• Any business that the Provider, an Acquirer, a Card Network or a regulator considers unfair, deceptive or predatory toward consumers.

6.4 Provider discretion

The Provider may, at any time and at its sole discretion, classify a Vendor or a Vendor's activity as prohibited or restricted, and may suspend, restrict or terminate the Services accordingly under Section 16, without liability for any resulting loss or damage.

7.Payment, Settlement & Reserves

7.1 Acceptance and authorisation

The Provider will use commercially reasonable efforts to authorise, capture, clear and settle Transactions submitted through the Services in accordance with Card Network Rules, payment-method rules, Acquirer requirements and Applicable Law. The Provider does not guarantee that any Transaction will be successfully authorised, captured, cleared or settled.

7.2 Settlement

Subject to these Terms, the Provider will arrange settlement of cleared Transactions, less applicable fees, refunds, chargebacks, reversals, fines, assessments and Reserves, to the Vendor's Settlement Account. Settlement timing depends on the Card Network, Acquirer, banking partner, payment method, Vendor risk profile and Applicable Law and is not guaranteed.

7.3 Third-party settlement risk

The Vendor acknowledges that the Provider does not control whether, when or in what amount third-party Acquirers, Card Networks, banking partners or Issuing Banks settle funds, and that the Provider has no liability where any such third party fails to settle, settles incorrectly, settles late, withholds funds, freezes funds or remits incorrect amounts. The Provider will pass on Settlement Funds when and to the extent it actually receives them from the relevant third party.

7.4 Reserves

The Provider may, at any time and at its sole discretion, establish, increase, maintain or release a Reserve. A Reserve may be funded from Settlement Funds, may be held for any period reasonably required to cover actual or anticipated chargebacks, refunds, fines, assessments and other liabilities, and may be retained for up to one hundred and eighty (180) days following termination, or longer where required by an Acquirer, Card Network, regulator or Applicable Law.

7.5 Set-off and recovery

The Provider may set off, deduct, debit, withhold or reverse any amount the Vendor owes to the Provider, an Acquirer or a Card Network from any Settlement Funds, Reserve or other funds the Provider holds for the Vendor. Where Settlement Funds are insufficient, the Vendor remains directly liable to the Provider for any shortfall, which is payable on demand.

7.6 Negative balances

The Vendor must maintain a non-negative balance with the Provider at all times. The Provider may take all lawful steps to recover any negative balance, including by debiting the Settlement Account, the Vendor's nominated payment method, or by initiating collection or legal proceedings.

7.7 No interest

Unless required by Applicable Law, no interest is payable to the Vendor on Settlement Funds, Reserves or any other amounts held by the Provider.

8.Fees, Refunds & Chargebacks

8.1 Fees

The Vendor will pay the fees set out in the applicable pricing schedule, order form or in-product disclosure (the Fees). Fees may include transaction fees, monthly subscription fees, hardware fees, dispute fees, chargeback fees, scheme assessments, currency-conversion margins and any pass-through costs imposed by an Acquirer or Card Network.

8.2 Changes to fees

The Provider may revise the Fees with at least thirty (30) days' prior notice. Changes mandated by an Acquirer, Card Network, regulator or Applicable Law may take effect immediately. If you do not accept a fee change, your sole remedy is to terminate the Agreement before the change takes effect; continued use of the Services constitutes acceptance.

8.3 Refunds

The Vendor is solely responsible for handling refunds, returns and cancellations in accordance with Applicable Law (including consumer-protection and distance-selling rules) and its published refund policy. The Vendor must not refund a Customer using cash or any method outside the Services where the original Transaction was processed through the Services, except where required by law.

8.4 Chargebacks and disputes

The Vendor is solely liable for all chargebacks, disputes, reversals, refunds, fines, assessments and penalties relating to Transactions, including those arising from fraud, customer dissatisfaction, non-delivery, mis-description or non-compliance with Card Network Rules. The Provider may debit, deduct or recover any such amount from the Vendor in accordance with Section 7.

8.5 Taxes

Fees are exclusive of value-added tax (VAT) and any other applicable indirect taxes, which the Vendor will pay at the prevailing rate. The Vendor is solely responsible for determining, collecting, reporting and remitting all taxes (including VAT, sales tax, withholding tax and digital-services taxes) arising from its business and its Transactions.

9.Compliance, AML, KYC/KYB

9.1 Card Network Rules and PCI DSS

The Vendor must comply with all applicable Card Network Rules, payment-method rules and PCI DSS requirements relevant to the Vendor's scope, environment and integration. The Vendor must not store, transmit or process card-account data other than as expressly permitted by the Documentation and PCI DSS.

9.2 AML, sanctions and counter-terrorism financing

The Vendor must comply with all Applicable Law relating to anti-money laundering, counter-terrorism financing and economic and trade sanctions, including Directive (EU) 2015/849 (as amended), the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 of Ireland and equivalent laws of the jurisdictions in which it operates. The Vendor must promptly notify the Provider of any actual or suspected breach.

9.3 Information requests

The Vendor must, on request, provide the Provider, an Acquirer, a Card Network, a regulator or a court with information, documentation, records and access reasonably required to demonstrate the Vendor's compliance with the Agreement and Applicable Law, including audits and on-site inspections where lawfully required.

9.4 Reporting obligations

The Vendor must promptly notify the Provider of: (a) any change to its business activities or product mix; (b) any material adverse change to its financial position; (c) any insolvency event, regulatory enforcement action, criminal investigation or material litigation; (d) any actual or suspected security incident, data breach or fraud event affecting the Services; and (e) any change of control of the Vendor.

10.Data Protection & Privacy

10.1 Privacy Statement

The Provider's collection, use, retention and disclosure of personal data is described in the swyftec Privacy Statement at privacy.swyftec.com, which forms part of the Agreement. The Vendor must read and ensure its representatives, employees and Customers are informed of the Privacy Statement where relevant.

10.2 Roles under GDPR

In relation to personal data processed in connection with the Services:

• where the Provider determines the purposes and means of processing (for example, fraud prevention, AML compliance, account administration), it acts as an independent controller;
• where the Provider processes personal data on the Vendor's behalf and on the Vendor's documented instructions (for example, hosting Vendor Content), it acts as a processor, subject to the swyftec Data Processing Addendum (DPA) incorporated by reference;
• each party will comply with its obligations under GDPR, the Irish Data Protection Act 2018 and other Applicable Law.

10.3 Vendor responsibilities

The Vendor warrants that it has and will maintain all necessary lawful bases, transparency notices, consents and authorisations to enable the lawful processing of personal data through the Services. The Vendor will respond to data-subject requests, security incidents and regulator inquiries relating to its own processing in accordance with Applicable Law.

10.4 International transfers

Where personal data is transferred outside the European Economic Area, such transfers will be safeguarded by an Article 46 GDPR transfer mechanism, including the European Commission's Standard Contractual Clauses where appropriate.

11.Confidentiality

Each party (the Receiving Party) will treat as confidential all non-public information disclosed by the other party (the Disclosing Party) that is identified as confidential or that should reasonably be understood to be confidential (Confidential Information). The Receiving Party will: (a) use Confidential Information only as necessary to perform the Agreement; (b) protect it with at least the standard of care it uses for its own confidential information of like importance, and in any event no less than reasonable care; and (c) limit access to personnel, advisers and contractors with a need to know who are bound by equivalent obligations.

Confidential Information does not include information that is or becomes publicly available without breach, was already known to the Receiving Party without confidentiality obligation, is independently developed, or is rightfully received from a third party without confidentiality obligation.

The Receiving Party may disclose Confidential Information where required by Applicable Law, regulatory authority or order of a court of competent jurisdiction, provided that, where lawful, it gives the Disclosing Party prompt notice and uses reasonable efforts to limit such disclosure.

12.Intellectual Property

12.1 Provider IP

As between the parties, the Provider and its licensors own all right, title and interest in and to the Services, the Documentation, the swyftec and swyftpay names, logos, trade marks and domain names, the underlying software, APIs, designs, know-how and any improvements or derivative works thereof (the Provider IP). The Agreement does not transfer any ownership of the Provider IP.

12.2 Limited licence

Subject to the Agreement, the Provider grants the Vendor a limited, worldwide, non-exclusive, non-transferable, non-sublicensable, revocable licence during the Term to access and use the Services and Documentation solely for the Vendor's internal business purposes.

12.3 Feedback

If the Vendor provides feedback, suggestions, ideas or recommendations regarding the Services, the Vendor grants the Provider a perpetual, irrevocable, worldwide, royalty-free, sublicensable licence to use, reproduce, modify, distribute and otherwise exploit such feedback for any purpose, without obligation of any kind to the Vendor.

12.4 Vendor IP

The Vendor retains all right, title and interest in Vendor Content. The Vendor warrants that the use of Vendor Content via the Services will not infringe any third-party right.

13.Service Availability & No Warranty

Subject to and without limiting the foregoing, the Provider may publish a separate service-level objective document for specific Services. Any service-level commitment is governed exclusively by that document and supersedes any inconsistent oral or written statement.

14.Limitation of Liability

14.1 Cap on liability

To the maximum extent permitted by Applicable Law, the aggregate liability of the Provider, its affiliates, officers, directors, employees, agents, suppliers and licensors arising out of or relating to the Agreement or the Services, whether in contract, tort (including negligence), breach of statutory duty, misrepresentation, restitution or otherwise, is limited to the total Fees actually paid by the Vendor to the Provider for the Services giving rise to the claim during the twelve (12) months immediately preceding the event first giving rise to the liability.

14.2 Excluded losses

To the maximum extent permitted by Applicable Law, neither the Provider nor any of its affiliates, suppliers, Acquirers, Card Networks or licensors will be liable for any:

• indirect, incidental, special, consequential, exemplary or punitive damages;
• loss of profits, revenue, anticipated savings, business, contracts, opportunity or goodwill;
• business interruption, downtime, loss of use or loss of management or staff time;
• loss, corruption or unavailability of data, transactions, settlement information, recordings or back-ups;
• loss arising from third-party Acquirers, Card Networks, banking partners, payment-method providers or other third parties; or
• loss arising from the Vendor's inability to access, use or settle Transactions during a service interruption, maintenance window, suspension or termination,

even if the Provider has been advised of, or could have foreseen, the possibility of such damages, and even if a remedy fails of its essential purpose.

14.3 Exclusions from the cap

Nothing in this Section 14 limits or excludes liability for: (a) death or personal injury caused by a party's negligence; (b) fraud or fraudulent misrepresentation; (c) the Vendor's payment obligations under Sections 7 and 8; (d) the Vendor's indemnification obligations under Section 15; (e) infringement by either party of the other party's intellectual-property rights; or (f) any liability that cannot be limited or excluded under Applicable Law.

14.4 Allocation of risk

The Vendor acknowledges that the Fees reflect the allocation of risk set out in the Agreement, and that the Provider would not enter into the Agreement without these limitations and exclusions.

15.Indemnification by the Vendor

The Vendor will defend, indemnify and hold harmless the Provider, its affiliates and their respective officers, directors, employees, agents, suppliers and licensors (each a Provider Indemnitee) from and against any and all claims, demands, actions, proceedings, losses, damages, fines, penalties, assessments, costs and expenses (including reasonable legal fees) arising out of or relating to:

1. the Vendor's use of the Services or its operation of its business;
2. the Vendor's breach of the Agreement or any Applicable Law;
3. any Vendor Content, product, service or representation made by the Vendor to a Customer or any other third party;
4. any Transaction, refund, chargeback, dispute or settlement event;
5. any allegation that the Vendor's products, services, content, branding, marketing, advertising or trade marks infringe or misappropriate any third-party right;
6. any tax, levy or charge for which the Vendor is responsible;
7. any fine, penalty, assessment or charge imposed by an Acquirer, Card Network, regulator or court arising from the Vendor's acts or omissions; and
8. any negligent, fraudulent or wilful act or omission of the Vendor, its personnel, agents or contractors.

The Provider Indemnitee will: (a) promptly notify the Vendor of any indemnifiable claim; (b) allow the Vendor to control the defence and settlement of the claim, provided the Vendor does not settle in a way that imposes liability on or admits fault by a Provider Indemnitee without prior written consent; and (c) provide reasonable cooperation, at the Vendor's expense.

16.Suspension & Termination

16.1 By the Vendor

The Vendor may terminate the Agreement at any time by closing its account through the swyftec dashboard and ceasing use of the Services. Termination does not affect any liability accrued before termination, any payment obligation, or any provision intended by its nature to survive termination.

16.2 By the Provider for cause

The Provider may suspend or terminate the Agreement, any Service, any feature or any account, in whole or in part, immediately and without prior notice where the Provider determines (acting reasonably) that:

• the Vendor has breached the Agreement or any incorporated policy, including the Prohibited & Restricted Businesses list;
• continued provision of the Services may expose the Provider, an Acquirer, a Card Network, a banking partner, another Vendor or a Customer to legal, regulatory, financial or reputational risk;
• the Vendor's use of the Services presents an unacceptable level of fraud, chargeback, credit, security or compliance risk;
• the Vendor has provided false, misleading, inaccurate or incomplete information;
• the Vendor has become insolvent, entered administration, examinership or liquidation, or made an arrangement with creditors; or
• required by an Acquirer, Card Network, banking partner, regulator, court, or by Applicable Law.

16.3 Termination for convenience

The Provider may terminate the Agreement or any Service for convenience on at least thirty (30) days' prior notice, except where shorter notice is required by Applicable Law, an Acquirer, a Card Network or to address a risk under Section 16.2.

16.4 Effect of termination

On termination: (a) the Vendor's right to access and use the Services ends immediately; (b) the Provider may close, suspend or restrict the Vendor's account; (c) the Vendor must promptly pay all outstanding Fees and other amounts due; (d) the Provider may continue to hold a Reserve in accordance with Section 7; and (e) the Provider may retain or delete Vendor data in accordance with the Privacy Statement and Applicable Law.

16.5 Survival

Sections 2, 5.4, 7, 8, 10, 11, 12, 13, 14, 15, 16.4, 16.5, 17, 19, 20 and 21, and any other provision intended by its nature to survive, will survive termination of the Agreement.

17.Force Majeure

Neither party will be liable for any failure or delay in performance under the Agreement (other than payment obligations) caused by an event beyond that party's reasonable control, including (without limitation) acts of God, severe weather, fire, flood, earthquake, pandemic, epidemic, war, armed conflict, civil unrest, terrorism, cyber-attack, sabotage, strike, labour dispute, embargo, sanctions, action or inaction of a government, regulator or authority, failure or interruption of internet, telecommunications, electricity, hosting infrastructure or third-party services (including Acquirers, Card Networks and banking partners). The affected party will use commercially reasonable efforts to resume performance as soon as practicable.

18.Operational Resilience & Cooperation

18.1 DORA awareness

The Provider operates information and communication technology (ICT) services that may be used by financial entities subject to the Digital Operational Resilience Act (Regulation (EU) 2022/2554) (DORA). Where the Vendor is a financial entity within the scope of DORA, the parties will agree such additional contractual provisions as are required under Article 30 of DORA in a separate addendum, which will supplement and prevail over these Terms in case of conflict.

18.2 Information and audit

Subject to confidentiality and security requirements, the Provider will provide the Vendor with information reasonably required to demonstrate the operational resilience of the Services and will cooperate with reasonable audit and supervisory requests as required by DORA, the European Banking Authority's outsourcing guidelines, the Central Bank of Ireland's Cross-Industry Guidance on Outsourcing and equivalent Applicable Law.

18.3 Vendor responsibility

The Vendor remains responsible for its own ICT risk-management framework and for ensuring that its use of the Services is consistent with its own regulatory obligations. The Provider does not assume the Vendor's regulatory obligations.

19.Modifications & Versioning

19.1 Right to amend

The Provider may amend these Terms from time to time. Each version of these Terms is uniquely identified by a semantic version number (in the form MAJOR.MINOR.PATCH) and an effective date, and earlier versions will be archived and available on request.

19.2 Notice and acceptance

The Provider will publish the amended Terms on the swyftec website and, for material changes, will give at least thirty (30) days' prior notice by email, in-product notification or such other reasonable means. Changes required by Applicable Law, an Acquirer, a Card Network or to address a security or risk concern may take effect immediately. Continued use of the Services after the effective date of an amendment constitutes acceptance of the amended Terms. If the Vendor does not accept an amendment, its sole remedy is to terminate the Agreement before the amendment takes effect.

19.3 Order of precedence

Where there is conflict between documents forming part of the Agreement, the order of precedence is: (a) any individually negotiated written agreement signed by both parties; (b) product-specific terms and addenda; (c) these master Terms; (d) the Privacy Statement; and (e) the Documentation.

20.Governing Law & Disputes

20.1 Governing law

The Agreement and any dispute or claim arising out of or in connection with it (including non-contractual disputes or claims) is governed by and construed in accordance with the laws of the Republic of Ireland.

20.2 Jurisdiction

The parties irrevocably submit to the exclusive jurisdiction of the courts of Ireland to settle any dispute or claim arising out of or in connection with the Agreement, except that the Provider may bring proceedings in any jurisdiction where the Vendor is established or has assets to enforce its intellectual-property rights or recover amounts due.

20.3 Mandatory consumer rights

Nothing in the Agreement affects mandatory rights of any party (including consumer rights, where applicable) that cannot be waived under Applicable Law, including statutory rights under Irish or EU law.

20.4 Informal resolution

Before commencing any proceeding, the parties will attempt in good faith to resolve any dispute through written notice and good-faith negotiation between senior representatives for at least thirty (30) days, except where urgent injunctive relief is required.

21.General Provisions

21.1 Entire agreement

The Agreement constitutes the entire agreement between the parties in relation to its subject matter and supersedes all prior or contemporaneous communications, representations and agreements, whether oral or written.

21.2 Severability

If any provision of the Agreement is held invalid, illegal or unenforceable, that provision will be modified to the minimum extent necessary to make it valid, legal and enforceable, or, if that is not possible, severed from the Agreement; the remaining provisions will continue in full force.

21.3 No waiver

A failure or delay by either party in exercising any right or remedy under the Agreement does not constitute a waiver of that right or remedy.

21.4 Assignment

The Vendor may not assign, transfer, charge or sub-contract the Agreement, in whole or in part, without the Provider's prior written consent. The Provider may assign or transfer the Agreement (including by way of merger, sale of assets or change of control) without consent, provided it gives notice to the Vendor.

21.5 Independent contractors

The parties are independent contractors. Nothing in the Agreement creates a partnership, joint venture, agency, employment or fiduciary relationship between them.

21.6 Notices

Notices to the Provider must be sent to info@swyftec.com; notices to the Vendor will be sent to the contact details associated with the Vendor's account. Notice is deemed given on receipt or, for email, on transmission unless the sender receives a non-delivery notice.

21.7 Third-party rights

A person who is not a party to the Agreement has no right to enforce any of its terms, except that affiliates of the Provider, Acquirers, Card Networks and banking partners may enforce any provision expressly intended for their benefit.

21.8 Language

The English-language version of the Agreement is the binding version. Any translation is provided for convenience only.

21.9 Headings

Headings are for reference only and do not affect interpretation.

22.Contact & Legal Entity

Questions about these Terms or the Services may be directed to:

swyftec
General & legal enquiries, privacy / data protection: info@swyftec.com
Technical support: support@swyftec.com
Privacy notice: privacy.swyftec.com

22.1 Operating entity

The Services are provided by the legal entity identified below. Entity details are subject to update; the most recent version of these Terms will reflect the current operating entity.

Operating entity: [Operating Entity Name]
Jurisdiction of incorporation: Republic of Ireland
Company registration number: [CRO No.]
VAT registration number: [VAT No.]
Registered office: [Registered Address Line 1, Line 2, Eircode]

A.Annex A — Version History

Each amendment to these Terms is recorded below. Earlier versions remain available on request.