MERCHANT AGREEMENT

In consideration of the mutual promises and covenants contained in this Merchant Agreement (“Agreement”), and the agreement of Merchant to participate in the card processing services program established by Bank, the parties agree as follows:

1. Parties. The parties to this Agreement are ESQUIRE BANK, N.A., a federally chartered bank whose address is 100 Jericho Quadrangle, Suite 100, Jericho, New York 11753
(“Bank”), Merchant Industry LLC, a NY whose address is 36-36 33rd Street Ste 206, Long Island City NY 11106 (“ISO”), and the Merchant set forth on the Merchant Application form to which this Agreement is attached (“Merchant”).

2. Definitions. For the purposes of this Agreement and the Schedules referred to herein, the following definitions apply unless the context otherwiserequires:
Address Verification” means a service that allows Merchant to verify the home address of Cardholders with the relevant Issuer.
Affiliate” means, in relation to a party, another person or entity that directly or indirectly owns or controls, is owned or controlled by, or is under common ownership or common
control with, the party, or an party’s principal partners, shareholders, or owners of some other ownership interest.
Applicable Law” means: (i) all applicable federal, state and local laws, rules and regulations; and (ii) the Rules; and (iii) any executive orders or rules, orders or regulations imposed by any governmental entity from time to time or at any time.. “Application” means the forms completed and information provided by Merchant when applying for the services provided hereunder.
Association(s)”meansVISAU.S.A.,Inc.(“Visa”),MasterCardInternationalIncorporated (“MasterCard”),DiscoverFinancialServicesLLC(“Discover”),andAmericanExpress(“AMEX“)
Authorization”means an affirmative response, by or on behalf of an Issuer to a request to effect a Transaction, that a Transaction is within the relevant Cardholder’s available credit limit and that the Cardholder has not reported the Card lost or stolen. All Transactions requiring Authorization by the Associations must be authorized.
Authorization Center” means the facility or facilities designated from time to time by Bank or ISO to which Merchant shall submit all requests for Authorization.
Business Day” means any day other than: (i) a Saturday or Sunday; or (ii) a day on which banking institutions in New York are authorized by law or executive order to be closed
(and on which Bank is in fact closed).
Card(s)” means either a Visa, MasterCard, AMEX or Discover credit card, debit card (or other similar card that requires a PIN for identification purposes), or pre-paid, stored-value or gift card.
Cardholder” means a person authorized to use a Card.
Chargeback” means a Transaction that Bank returns to Merchant pursuant to this Agreement.
Forced Sale” means a sales Transaction processed without an approved electronic Authorization number being obtained for the full amount of the sales Transaction at the time the Transaction is processed.
Full Recourse Transactions” means mail orders, telephone orders, e-commerce (Internet) orders, Pre-Authorized Recurring Order Transactions, and other “card not present” sales.
ISO” has the definition that appears in the preamble hereof.
Issuer” means a member of an Association that enters into a contractual relationship with a Cardholder for the issuance of one or more Cards.
Merchant” has the definition that appears in the preamble hereof.
Merchant Statement” means an itemized monthly statement of all charges and credits to the Operating Account (as that term is defined in Section 5 of this Agreement).
Monthly Chargeback Violation,” for any given calendar month, means that more than five Chargebacks have been processed in that month and that the Transaction Chargeback
Ratio for that month is equal to or greater than 1%.
Mid-Qualified Transactions” means any Transaction categorized as such by the processor designated by Bank to settle Transactions with the Associations
Non-Qualified Transactions” means: (i) any Transaction submitted for processing more than 48 hours past the time the Authorization occurred; (ii) any Transaction missing required data; and (iii) any Transaction categorized as such by the processor designated by Bank to settle Transactions with the Associations.
Normal Transaction” means a Transaction in which the Card is swiped through or dipped in a terminal, register or other device, capturing the Card information encoded on the
Card’s magnetic strip.
Pre-Authorized Recurring Order Transaction” means a Transaction that has been pre-authorized by the Cardholder and for which the goods or services are to be delivered or
performed in the future by Merchant without having to obtain approval from the Cardholder each time.
Qualified Transactions” means any Transaction categorized as such by the processor designated by Bank to settle Transactions with the Associations.
Rules” means all rules, regulations, by-laws, standards and procedures adopted and/or amended from time to time by the Associations (including, without limitation, the Payment Card Industry Data Security Standard), Bank and each relevant Issuer.
Servicers” means Bank and ISO, collectively; “Servicer” means either Bank or ISO..
“Services” means the transaction processing services described on the attached Schedule A, as the same may be amended from time to time by Bank, in its sole discretion.
Transaction” means the actual or attempted acceptance of a Card or information embossed on the Card (when in physical form) for payment for goods sold and/or leased or
services provided to Cardholders by Merchant and receipt of payment from Bank, whether the Transaction is approved, declined, or processed as a Forced Sale. The term
Transaction” also includes credits, errors, returns and adjustments.
Transaction Chargeback Ratio,” for any given calendar month, means the number of Chargebacks processed in that month divided by the total number of Transactions processed in that month.

3. Services Provided to Merchant. During the term of this Agreement, subject to the terms and conditions of this Agreement: (i) ISO shall use commercially reasonable efforts to
provide technical documentation as needed, and technical support and customer support (including, without limitation, Authorization, settlement and Chargeback processing and reporting), twenty-four hours each day, seven days each week, in order to allow Merchant to accept and process Transactions; and (ii) Bank shall provide the Services to Merchant.

4. Term. This Agreement shall become effective when all parties sign the Merchant Application form to which this Agreement is attached (or in connection with which this Agreement is provided) and, unless sooner terminated, shall remain in effect for an initial termof four (4) years (the “Initial Term”). Bank and ISO shall be deemed to have signed this Agreement
(i) if it is already signed by Merchant and its guarantors; and (ii) the first Transaction is processed hereunder and settled to Merchant pursuant hereto. After the Initial Term, the term of this Agreement shall renew automatically for additional and successive terms of three (3) years each (each a “Renewal Term”). The term of this Agreement shall be the InitialTerm together with all Renewal Terms, if any. Any party can terminate this Agreement at the end of the then current term by providing written notice of termination to the other parties at least 90 days prior to the end of the then-current term. All existing obligations, warranties, indemnities and agreements with respect to Transactions entered into before such termination shall remain in full force and effect, and, regardless of any such termination, Merchant shall remain liable for all obligations to Cardholders, Bank and ISO that are incurred while this Agreement is in effect. In the event that Merchant terminates this Agreement Merchant shall be liable to pay to ISO an EARLY TERMINATION FEE. The EARLY TERMINATION FEE shall be equivalent to the greater of (a) $750; or (b) number of whole months remaining in the term hereof at the time of termination multiplied by the amount of FEES paid or payable by the Merchant during the month preceding that during which this AGREEMENT was terminated. Merchant agrees that this fee is not a penalty, but rather a reasonable estimation of the actual damages that would be suffered in the event of failure to receive the processing business for the then current term. Merchant agrees that the EARLY TERMINATION FEE shall also be due if Merchant discontinues submitting Transactions for processing during the Initial Term or any Renewal Term of the Agreement. The amount of the EARLY TERMINATION FEE may be deducted from settlements payable to the Merchant under this Agreement.

5. Merchant Operating Account. Prior to accepting any Cards, Merchant shall establish a demand deposit account at Bank, or at a financial institution approved by Bank (the
“Operating Account”), through which fees, charges and credits due to Merchant in accordance with this Agreement may be processed. Merchant authorizes Bank to debit all amounts Merchant owes Bank hereunder or any other agreement entered into between Merchant and Bank from the Operating Account, whethe r maintained at Bank or another financial institution, at times deemed appropriate by Bank, through the ACH Banking Network or by a manual debit of the Operating Account. Merchant waives any and all claims for loss or damage arising out of any such charges or debits to the Operating Account.

6. Reserve Account. Upon, or at any time after, execution of this Agreement, Bank may establish a reserve account at Bank (the “Reserve Account”) in such amount as Bank from  time to time may determine in its sole discretion. Bank may fund the Reserve Account by deducting amounts from payments due to Merchant, by effecting a charge against Merchant’s Operating Account or against any of Merchant’s accounts at Bank, or by demanding payment from Merchant (which payment Merchant shall make within ten (10) days after receipt of any such demand). The Reserve Account will be maintained for a minimum of nine months after the date on which this Agreement terminates or until such time as Servicers determine that the release of the funds to Merchant is prudent, in the best interest of Servicers, and commercially reasonable, and that Merchant’s account with Bank under this Agreement and any other agreement entered into between Merchant and either Servicer is fully resolved. Merchant and ISO acknowledge and agree that only Bank, and not ISO, may authorize or effect any release of funds from the Reserve Account (provided that ISO is in agreement with such release, if such release is to be made to any entity other than Bank). Bank may withdraw funds from the Reserve Account at any time to offset any indebtedness of Merchant to Bank that may arise out of or relate to the obligations of Merchant under this Agreement (including, but not limited to, Chargebacks and fees) or to offset any other indebtedness of Merchant to either Servicer under any other agreement entered into between Merchant and either Servicer. Upon expiration of this nine-month period, in so far as both Servicers believe that they are no longer at risk on account of prior Merchant activity hereunder, any balance remaining in the Reserve Account will be paid to Merchant. Bank will inform Merchant in writing of any charges debited to the Reserve Account during this nine-month period. Notwithstanding the foregoing, subject to ISO consent, Bank, in its discretion, may release funds from the Reserve Account to Merchant prior to the expiration of such nine-month period based on its assessment of the risksassociated with effecting such release.

7. Fees. Merchant shall pay to Bank all fees specified on Schedule A, as amended by Servicers from time to time. For each Transaction, Bank will charge Merchant as follows:
(a) An amount (“Merchant Discount Fees”) equal to a specified percentage of the total cash price of each sales and cash withdrawal Transaction (“Merchant Discount Rate”);
(b) A specified amount per Transaction (“Transaction Fee”); and
(c) A specified amount per Authorization (“Authorization Fee”).
The Merchant Discount Rate, Authorization Fees and Transaction Fees are set forth on Schedule A. Different Merchant Discount Rates may apply to Qualified, Mid-Qualified and Non-Qualified Transactions, as shown on Schedule A. Merchant agrees that Bank will, and authorizes Bank to, deduct Merchant Discount Fees from the Operating Account or Reserve Account on a daily basis unless a monthly basis is specified on Schedule A. Merchant also agrees to pay to Servicers the amount of any fees, charges or penalties assessed against either Servicer by any Association or Issuer for Merchant’s violation of any Applicable Law. Merchant shall pay Bank for any other services provided to Merchant by Servicers and for all other fees shown on Schedule A, including, but not limited to, monthly minimum fees, Chargeback fees and customer service fees.
If Merchant chooses Swipe 4 Free on the Application, then: if the Merchant selects to participate in package A, (i) the Merchant Discount Fees shall be 3.8462%, payable daily; if the Merchant selects to participate in package B, the Merchant Discount Fees shall be 3.3817% payable daily and if the Merchant selects to participate in package C, the Merchant Discount Fees shall be 3.637% payable daily; (ii) there shall be no Transaction Fee or Authorization Fee; (iii) PCI Fee shall be an annual charge, as indicated below in the PCI Service Agreement; and (iv) other fees, such as those related to Chargeback are all as indicated in Schedule A .

8. Billing. All amounts Merchant owes to Bank, for any reason, may be charged to the Operating Account or Reserve Account, recouped by adjustment to any credits due to
Merchant, or set off against any account or property Bank holds for or on behalf of Merchant.

9. Processing Transactions.
(a) Merchant shall obtain Authorizations and process Transactions using such equipment and software as may be approved from time to time by Bank, in its sole discretion (the
Equipment”). Merchant shall validate Cards and Cardholders in face-to-face transactions as required by Applicable Law.
(b) Merchant shall obtain Authorizations for Transactions in a manner required by Applicable Law and in the manner, and following the processes and procedures, determined from time to time by Bank, in its sole discretion, and communicated to Merchant by either Bank or ISO.
(c) Merchant shall submit, in the manner determined from time to time by Bank, such information to Bank or Bank’s designee in connection with Transaction processing as Bank
from time to time may determine.
(d) Merchant shall not submit a Transaction to Bank (electronically or otherwise) until Merchant has performed its obligations to the Cardholder in connection with the Transaction or obtained Cardholder’s consent for a Pre-Authorized Recurring Order Transaction.
(e) Merchant shall not transmit any Transaction to Bank that Merchant knows or should have known to be illegal, fraudulent or not authorized by the Cardholder.
(f) Merchant shall not process a Transaction that does not result from an act between a Cardholder and Merchant.
(g) Merchant shall not request or use any Card number for any purpose other than as payment for its goods or services.
(h) Merchant may transmit a Transaction that effects a prepayment of services or full prepayment of custom-ordered merchandise, manufactured to a Cardholder’s specifications, if Merchant advises Cardholder of the immediate billing at the time of the Transaction and within time limits established by the Associations.

10. Prohibited Transactions. Merchant shall not do any of the following:
(a) Establish a minimum on debit cards or greater than $10.00 on credit cards or a maximum dollar Transaction amount;
(b) Obtain multiple Authorizations for amounts less than the total sale amount;
(c) Obtain Authorization for the purpose of setting aside the Cardholder’s credit line for use in future sales;
(d) Extend credit for or defer the time of payment of the total cash price in any Transaction;
(e) Honor a Card except in a Transaction where a total cash price is due and payable;
(f) Make any special charge to or extract any special agreement or security from any Cardholder in connection with any Transaction;
(g) Transmit or accept payment for any Transaction that was not originated directly between Merchant and a Cardholder for the sale or lease of goods or the performance of services by the Merchant itself and of the type indicated in the Merchant Application form to which this Agreement is attached;
(h) Honor or accept a Card as payment for any legal services or expenses arising out of or related to: (i) any domestic relations matter where such services or expenses are furnished to a person whose name is not embossed on a Card; or (ii) any bankruptcy, insolvency, compromise, composition or other process affecting Cardholder’s creditors;
(i) Use Merchant’s own Card, or one to which Merchant has access, to process a Transaction for the purpose of obtaining credit for Merchant’s own benefit;
(j) Re-process any Transaction that was previously charged back to Bank and subsequently returned to Merchant, irrespective of Cardholder approval;
(k) Initiate a Transaction credit without a preceding debit at least equal to the credit;
(l) Initiate a Transaction credit without a balance in the Operating Account at least equal to the credit;
(m) Use the Equipment or any data received thereon for any other purpose other than for determining whether or not Merchant should accept checks or Cards in connection with a current sale or lease of goods or services;
(n) Use the Equipment or any data received thereon for credit inquiry purposes or any other purpose not authorized by this Agreement;
(o) Draw or convey any inference concerning a person’s creditworthiness, credit standing, credit capacity, character, general reputation, personal characteristics or mode of living when any Card or check is processed asnon-accepted;
(p) Disclose any information obtained through the Equipment to any person except for necessary disclosures to affected Cardholders, Bank and/or the Issuer;
(q) Disburse funds in the form of travelers cheques, if the sole purpose is to allow the Cardholder to make a cash purchase of goods or services from Merchant;
(r) Disburse funds in the form of cash;
(s) Accept a Card to collect or refinance an existing debt (whether originally owed to Merchant or otherwise) that is considered uncollectible (for example, payments to a collection agency or attempts to recover funds for a dishonored check) except to the extent specifically permitted by Applicable Law;
(t) Issue a Transaction credit in respect of goods or services acquired in a cash transaction which are returned;
(u) Make any cash refund to a Cardholder who has made a purchase with a credit Card (all Transaction credits shall be issued to the same credit Card account number used in the sale);
(v) Require a Cardholder to complete a postcard or similar device that includes the Cardholder’s account number, Card expiration date, signature or any other Card account data in plain view when mailed;;
(w) Accept a Card for the purchase of Scrip (as defined by applicable VISA regulations), except to the extent specifically permitted by Applicable Law;
(x) Accept any payment directly from a Cardholder for previous Card charges incurred and processed by Merchant;
(y) Require, through an increase in price or otherwise, any Cardholder to pay any surcharge in connection with any Transaction or to pay any part of any charge imposed on
Merchant by Bank except, in either case, as expressly permitted by, and under terms and conditions that comply in full with, Applicable Law;
(z) Provide cash to a Visa cardholder unless Merchant is either (i) participating in Visa Cash-Back Services or (ii) a hotel or cruise line;
(aa) Cause any Cardholder to waive its right to dispute a Transaction;
(bb)Request the Card Verification Value 2 data (as defined by Visa) on any paper order form;
(cc) Request a Cardholder account number for any purpose that is not related to payment for goods or services; or
(dd) Add any tax to Transactions, unless applicable law expressly requires that a merchant be permitted to impose a tax, and only if such tax is included in the Transaction amount and not collected separately..

11. Prohibition of Furnishing Account Information; Use of Third Parties. Merchant shall not, without the Cardholder’s consent, sell, purchase, provide or exchange any Card
information in the form of Transaction documents, carbon copies of imprinted Transaction documents, mailing lists, tapes, journal rolls or other media obtained through the use of a Card to any third party. Merchant may use third parties that do not have a direct agreement with Bank as Merchant’s agent for the direct delivery of Transactions for clearing and settlement if:
(a) Merchant advises Bank that it will use a third-party processor in this capacity, identifying the third party so selected by Merchant;
(b) Merchant agrees that Bank will reimburse Merchant only for the Visa Transactions delivered by that third-party processor to VisaNet; and
(c) Merchant assumes responsibility for any failure by its third-party processor to comply with Applicable Law.
Merchant shall notify Bank of the identity of any third party performing services to Merchant in connection with which such third party has access to any Card information.

12. Daily Reconciliation of Transactions.
(a) Electronically Transmitted Transactions. Bank shall control and disburse all Transaction-related settlement funds to Merchant. Transactions with respect to which Bank receives payment from or through the Associations will be settled on a daily basis, and, except as otherwise expressly provided or permitted pursuant to the terms of this Agreement, Bank shall deliver payment to Merchant in connection with such Transactions by effecting a credit to the Operating Account equal to the reconciled and paid summary Transaction total of all of Merchant’s total paid summary Transactions since the previous credit. Notwithstanding the foregoing, Bank may, in its sole discretion, effect a credit to the Operating Account in connection with any Transaction prior to the point in time Bank receives payment in connection therewith from or through the Associations. In either case, Bank may, if necessary or appropriate, reduce any credit made to the Operating Account by, and/or Bank may require that Merchant pay to Bank an amount equal to: (i) the sum of all Cardholder charges denied, refused or charged back; (ii) all refunds processed on account of Cardholders during said time period; (iii) the amounts, fees and charges, including (but not limited to) Chargebacks, Merchant owes Bank hereunder or under any other agreement entered into between Bank and Merchant; (iv) all taxes, penalties, charges, fees and other items incurred by Bank that are reimbursable pursuant to this Agreement; (v) all applicable rates, fees and charges described on Schedule A; (vi) any amount Bank previously credited to the Operating Account that Bank determines, in good faith, was incorrectly so credited; (vii) any amount Bank determines, in its sole discretion, represents unacceptable risk to the relevant Cardholder or Bank; and (viii) any liabilities of Merchant to ISO relating to Transactions processed pursuant to the terms of this Agreement. Any application of funds associated with the settlement of Transactions that differs from the foregoing must be agreed to, in writing, by Bank and Merchant and may not, in any respect, violate Applicable Law.
(b) Reconciliation of Transactions. Merchant shall reconcile each settled Transaction within fifteen (15) days after the date on which such Transaction is submitted to Bank for
payment, and shall notify Bank and ISO immediately of any discrepancies or errors Merchant notes as a result of such reconciliation. Neither Bank nor ISO shall have any
responsibility or liability for Transaction-related errors or omissions that are brought to their attention more than thirty (30) days after the date on which the Transaction to which such error or omission relates is first presented to Bank for settlement.
(c) Provisional Credit. Any credits to the Operating Account are provisional only and subject to revocation by Bank until such time that the Transaction is final and no longer subject to Chargeback by the Issuer, Cardholder or Associations. Bank may withhold payment for a Transaction to Merchant, for any reason, until such time as the Transaction has been verified as legitimate by the relevant Issuer, or Servicers receive adequate supporting documentation from Merchant to authenticate the Transaction and mitigate Chargeback risk.

13. Adjustments and Returns. Merchant will maintain a fair customer complaint, exchange and return policy and make adjustments with respect to goods and services sold and/or leased to its customers whenever appropriate. If Merchant limits its acceptance of returned merchandise, or if Merchant is an Electronic Commerce Merchant, Merchant will ensure that its return policy are clearly set forth on the Transaction receipt or on Merchant’s website, as required by Applicable Law. If goods are returned, or services are terminated or  canceled, or any price is adjusted, Merchant will prepare and transmit a credit or return Transaction, either electronically or by paper, for the amount of the adjustment as a deduction from the total amount of Transactions transmitted that day. If the amount of credit or return Transactions exceeds the amount of sales Transactions, Merchant shall pay the excess to Bank. Merchant shall make no cash refunds on credit Transactions and shall handle all credit adjustments as provided in this Section 14. If no refund or return will be given, Merchant must advise Cardholder in writing, at the time of the Transaction, that the sale is a “final sale” and “no returns” are permitted. Merchant must advise Cardholder in writing of any policy of Merchant that provides for no-cash refunds and in-store credit only. Merchant shall follow Association reservation/no-show policies, and shall notify Cardholders in writing of this policy on all advance reservations. Merchant also shall notify Cardholders at the time of the reservation of the exact number of days required for reservation deposit refunds.

14. Chargebacks. The acceptance by Bank of any Transaction processed in accordance with the terms of this Agreement shall be without recourse to Merchant, except for:
(i) Full Recourse Transactions; (ii) as otherwise indicated in this Agreement; and (iii) under any of the following circumstances:
(a) No specific prior Authorization for the Transaction was obtained from the Authorization Center, the approval number does not appear in the electronic transmittal that ismaintained by Bank, or the Transaction was submitted to the Bank or ISO thirty (30) days or more after the date on which the goods and/or services to which the Transaction relates were purchased or leased by the relevant Cardholder;
(b) The Transaction was based on a pre-authorization form, the Card on which the Authorization was based was canceled and Merchant was so notified prior to the Transaction;
(c) The Card giving rise to the Transaction was canceled and prior to, or at the time of, the Transaction, and Merchant received notice of the cancellation through the electronic
terminal, in writing or otherwise;
(d) The Card expired prior to the date of the Transaction or the date of the Transaction was prior to the validation date, if any, indicated on the Card;
(e) The Transaction information required by this Agreement was not submitted to Bank, or the procedures required by this Agreement to be followed in connection with processing a Transaction were not followed;
(f) Bank or Issuer receives a complaint from or on behalf of a Cardholder stating that there is an unresolved dispute or defense to a charge (whether or not valid) between Merchant and Cardholder;
(g) The Cardholder makes a written complaint to Bank or Issuer that the Cardholder did not make or authorize the Transaction;
(h) A setoff or counterclaim of any kind exists in favor of any Cardholder against Merchant that may be asserted in defense of an action to enforce payment against the Cardholder in the Transaction;
(i) The Transaction was made at or by a merchant, or other person or entity, other than Merchant;
(j) The Transaction otherwise violates the terms of this Agreement or any Applicable Law;
(k) A Transaction is charged back by an Issuer; or
(l) Any representation or warranty made by Merchant in connection with the Transaction is false or inaccurate in any respect.

In any such case, Bank shall not be obligated to accept a Transaction for credit to the Operating Account. If Bank has credited the Operating Account or Reserve Account for such a Transaction, Bank may return the Transaction to the Merchant, and Merchant shall pay Bank the amount of the Transaction. Merchant agrees that it is solely responsible for all Chargebacks, and that Bank, without prior notice to Merchant, may: (i) charge the amount of the Transaction to the Operating Account or Reserve Account; (ii) recoup the amount of the Transaction by adjustment of the credits due to Merchant; and/or (iii) set off the amount of the Transaction against any account or property Bank holds for or on behalf of Merchant. If Merchant disagrees with Bank’s decision to charge back a Transaction, Merchant must so notify Bank in writing within 10 days of the Chargeback, and provide documentation that the dispute has been resolved to Cardholder’s satisfaction or proof that a credit has been issued. Without limiting the generality of any other provision of this Agreement, if Bank or ISO, if ISO has indemnified Bank, takes legal action against Merchant for any Chargebacks or any amounts due Bank or ISO hereunder, Merchant shall pay the costs and attorneys’ fees incurred by Bank and/or ISO, whether suit is commenced or not.
In addition to any other remedy available to Bank, upon the occurrence of a Monthly Chargeback Violation, Merchant must pay to Bank a fee that is calculated as follows (where X in the table below is the Transaction Chargeback Ratio for the relevant calendar month and Y is the number of Chargebacks processed during the relevant calendar month):

MI_Terms-and-Conditions-Table_4

15. Merchant Statement. At least once each month, Bank shall provide a statement (the “Merchant Statement”) to Merchant. All information appearing on the Merchant Statement shall be deemed accurate and affirmed by Merchant unless Merchant objects by written notice specifying the particular item in dispute within 30 days of the date of the Merchant Statement.

16. Retention of Information. Merchant shall retain the information required to be submitted in connection with a Transaction or to be maintained in connection with a complaint
for seven years from the date of the Transaction or the complaint. At the request of Bank,Merchant shall provide such information to Bank or ISO, as directed by Bank or ISO, within five (5) days of receipt of a request from Bank. Failure to meet such time frame or non-delivery of any item or delivery of an illegible copy of an item requested by an Issuer shall, among other things, constitute a waiver by Merchant of any claims and may result in an irrevocable Chargeback for the full amount of the Transaction.

17. Recovery of Cards. Merchant will use its best efforts to reasonably and peaceably recover and retain any Card with respect to which Merchant receives notification of
cancellation, restrictions, theft or counterfeiting. This notice may be given: (i) electronically through the Equipment; (ii) by the Authorization Center through any means; or (iii) by
listing on any canceled Card or restricted Card list. Merchant shall also take reasonable steps to recover a Card that it has reasonable grounds to believe is counterfeit, fraudulent or stolen.

18. Confidentiality. Merchant shall treat all information received in connection with this Agreement as confidential including, but not limited to, the terms of this Agreement. Merchant shall prevent the disclosure of this information except for necessary disclosures to affected Cardholders, to Bank, to ISO and to Issuers.

19. Compliance with Applicable Law.
a. General. Merchant represents and warrants that it has obtained all necessary regulatory approvals, certificates and licenses, and that it is in compliance with all Applicable Law, in connection with the operation of its business. Merchant represents and warrants that it understands the importance of complying with Applicable Law in connection with any and all actions it takes in connection with Transactions (including, without limitation, complying with requirements relating to Transaction information, storage and disclosure), and covenants at all times to comply in full with all Applicable Law. Merchant further acknowledges and agrees that it is responsible for the actions of all of its employees while in Merchant’s employ. Merchant is also responsible for the acts and omissions of its agents and Affiliates.

b. Data Security Rules. Without limiting the generality of the foregoing or any other provision of this Agreement, Merchant understands that it and all of its employees,
agents, representatives and third party service providers must comply with the Rules, including without limitation, those relating to Cardholder information security issues, non-disclosure of Cardholder information and Transaction documents, retention and storage of Cardholder and Transaction information and other security procedures adopted by the Associations. Merchant hereby confirms its agreement to abide by and fully comply with such Rules, including, without limitation, the Rules and procedures described below:

i. Visa Cardholder Information Security Program and MasterCard Site Data Protection Program. Visa and MasterCard have implemented programs to protect
Cardholder data. The Visa Cardholder Information Security Program (“CISP”) and MasterCard Site Data Protection Program (“SDP”) apply to Merchant if Merchant processes or stores Cardholder data as a result of Internet or mail/telephone acceptance of Visa or MasterCard Card account information. A copy of the complete Visa Cardholder Information Security Standards manual and a Self-Assessment Worksheet can be obtained online at www.visa.com/cisp or from Bank, and a copy of the SDP provisions can be obtained from Bank. Visa and MasterCard may impose restrictions, fines, or prohibit Merchant from participating in Visa or MasterCard programs if it is determined that Merchant is non-compliant. Merchant may be required to comply with an audit to verify compliance with security procedures. The following list describes some of the current CISP and SDP program requirements, with all of which Merchant may be required to comply, if applicable to Merchant. (A) install and maintain a working network firewall to protect data accessible via the Internet; (B) keep security patches up-to-date; (C) encrypt stored data; (D) encrypt data sent across networks; (E) use and regularly update anti-virus software; (F) restrict access to data by business “need to know”; (G) assign a unique ID to each person with computer access to data; (H) don’t use vendor-supplied defaults for system passwords and other security parameters; (I) track access to data by unique ID; (J) maintain a policy that addresses information security for employees and contractors; and (K) restrict physical access to Cardholder information. Merchant must also comply with the requirements of Section 10.3 of the Visa Rules in connection with suspected or confirmed losses, thefts, compromises of information, and fraud or laundering associated with information. Please also note that this is not intended to be a complete list, and Merchant remains solely responsible for understanding and complying in full with all of the applicable CISP and SDP requirements.

ii. Transaction Information. Merchant acknowledges that the sale or disclosure of databases containing Cardholder account numbers, personal information,
or other Transaction information to third parties is strictly prohibited by the Rules. Unless Merchant obtains consents from Servicers, and each applicable Association, issuing bank and Cardholder, Merchant must not use, disclose, sell or disseminate any Cardholder information obtained in connection with a Transaction (including without limitation, the names, addresses and Card account numbers of Cardholders, copies of imprinted sales drafts and/or credit records, mailing lists, tapes or other media obtained in connection with a sales draft and/or credit record) except for purposes of authorizing, completing and settling Transactions and resolving any Chargebacks, retrieval requests or similar issues involving Transactions, other than pursuant to a court or governmental agency request, subpoena or order. Merchant shall use proper controls for, limit access to, and render unreadableprior to discarding all records containing Cardholder account numbers and Card imprints.

Merchant may not retain or store magnetic stripe data after a Transaction has been authorized. If Merchant stores any electronically captured signature of a Cardholder, Merchant may not reproduce such signature except upon the specific request of Bank. Merchant shall store all media containing Cardholder names, Cardholder account information, and other personal information, as well as Card imprints (such as sales drafts and credit records, auto rental agreements, and carbons) in an area limited to
selected personnel and, prior to discarding any such information, destroy it in a manner that renders the data unreadable. Merchant further warrants and agrees that in the event of its failure, including bankruptcy, insolvency, or other suspension of business operations, it will not sell, transfer or disclose any materials that contain Cardholder account numbers, personal information, or Transaction information to third parties, and shall return the information to Bank and provide acceptable proof of destruction to Bank.

22. Taxes. Each party hereto shall report its income and pay its own taxes to any applicable jurisdiction. If either Bank or ISO is required to pay any taxes, interests, fines or penalties owed by Merchant, said amount shall become immediately due and payable by Merchant to Bank or ISO. If excise, sale or use taxes are imposed on Transactions, Merchant shall be responsible for the collection and payment thereof. Merchant shall not add any tax to any Transaction unless Applicable Law expressly provides that Merchant is permitted to impose a tax, and any such tax amount, if so allowed, shall be included in the Transaction amount and not collected separately. Bank or ISO shall be entitled to recover from Merchant any of said taxes paid by it on behalf of Merchant immediately after payment.

23. Limitation of Liability. In addition to all other limitations on the liability of Bank and ISO contained in this Agreement, neither Bank nor ISO shall be liable to Merchant or Merchant’s customers or any other person for any of the following:
(a) Any loss or liability resulting from the denial of credit to any person or Merchant’s retention of any Card or any attempt to do so;
(b) Any loss caused by a Transaction downgrade resulting from defective or faulty Equipment, even if such Equipment is owned by Bank or ISO;
(c) The unavailability of Services caused by the termination of contracts with computer hardware vendors, processors or installers, whether terminated by Bank, ISO or any other person for any reason; or
(d) Interruption or termination of any Services caused by any reason except for failure of ISO to repair or replace Equipment at Merchant’s expense (in which case, any resulting liability shall be for the sole account of ISO). At no time will ISO’s liability exceed the amount of fees collected or reasonably expected to be collected from Merchant for this delay period.
NEITHER BANK NOR ISO SHALL BE LIABLE FOR ANY LOST PROFITS, PUNITIVE, INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES TO MERCHANT OR TO ANY THIRD PARTY IN CONNECTION WITH OR ARISING OUT OF THIS AGREEMENT OR ANY OF THE SERVICES TO BE PERFORMED BY BANK OR ISO PURSUANT TO THIS AGREEMENT. MERCHANT ACKNOWLEDGES THAT NEITHER BANK NOR ISO HAVE PROVIDED ANY WARRANTIES, EITHER EXPRESS OR IMPLIED, WRITTEN OR ORAL,
INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO A NY EQUIPMENT OR SERVICES AND THAT NEITHER BANK NOR ISO HAS ANY LIABILITY WITH RESPECT TO ANY EQUIPMENT. NEITHER BANK NOR ISO MAKE ANY REPRESENTATIONS OR WARRANTIES,EXPRESS OR IMPLIED, REGARDING THE SERVICES THEY EACH PROVIDE HEREUNDER. IF THERE ARE ERRORS,OMISSIONS, INTERRUPTIONS OR DELAYS RESULTING FROM BANK’S OR ISO’S PERFORMANCE OR ANY FAILURE TO PERFORM, BANK’S AND ISO’S LIABILITY SHALL BE LIMITED
TO CORRECTING SUCH ERRORS, IF COMMERCIALLY REASONABLE. WITH THE EXCEPTION OF THE OBLIGATION OF BANK TO SETTLE THE FACE VALUE OF VALID TRANSACTIONS TO MERCHANT, SUBJECT TO THE TERMS HEREOF, THE AGGREGATE MAXIMUM LIABILITY OF EITHER BANK OR ISO (COLLECTIVELY OR INDIVIDUALLY) UNDER THIS AGREEMENT SHALL NOT EXCEED THE AMOUNTOF FEES ACTUALLY PAID BY MERCHANT FOR THE SERVICES PROCURED HEREUNDER DURING THE THREE (3) MONTHS PRIOR TO THE EVENT GIVING RISE TOLIABILITY.

MERCHANT SHALL NOT MAKE ANY CLAIM AGAINST BANK OR ISO ON ACCOUNT OF THE TERMINATION OF THIS AGREEMENT BY EITHER OF THEM OR EITHER OF THEIR CEASING TO PROCESS TRANSACTIONS HEREUNDER OR SUSPEND PROCESSING HEREUNDER.

25. Indemnification. Merchant agrees to indemnify and hold Bank and ISO harmless from any and all losses, claims, damages, liabilities and expenses, including attorneys’ fees and costs (whether or not an attorney is an employee of Bank or Bank’s affiliates, ISO or affiliates of ISO) arising out of any of the following:
(a) Merchant’s failure to comply with this Agreement;
(b) Any act or omission of Merchant or its Affiliates;
(c) Merchant’s failure to comply with any Equipment’s user’s guide;
(d) Merchant’s failure to comply with any Applicable Law, including without limitation, for Merchant’s compliance with a Covid-19 surcharge, cash discount program or any other actions of Merchants as it relates to compliance with Applicable Law.;
(e) Any dispute concerning the quality, condition or delivery of any merchandise or the quality of performance of any service;
(f) The fraud or dishonesty of Merchant or Merchant’s employees, licensees, successors, agents and/or assigns;
(g) Merchant’s selection of an Internet service provider or other telecommunication servicesprovider;
(h) The theft of or damage or destruction to anyEquipment;
(i) Full Recourse Transactions, unauthorized Transactions and prohibited Transactions; or
(j) All internal and third party (e.g. collection agency, attorney) fees associated with ISO or Bank collecting any amounts owing to either of them hereunder.

Without prejudice to the rights of Bank, but only with Bank’s express prior written consent in each instance, ISO may enforce any of the rights of Bank under this Agreement.

26. Credit Investigation and Bank Auditing. Bank may audit, from time to time, Merchant’s compliance with the terms of this Agreement. Merchant shall provide all information requested by Bank to complete Bank’s audit. Merchant authorizes parties contacted by Bank to release the credit information requested by Bank, and Merchant agrees to provide a separate authorization for release of credit information, if requested by Bank. Merchant shall deliver to Bank such information as Bank may reasonably request from time to time, including without limitation, financial statements and information pertaining to Merchant’s financial condition. Such information shall be true, complete and accurate. Without limiting the generality of the foregoing, Merchant shall provide to Bank and ISO its balance sheet and income statements not less frequently than every three calendar months during the term of this Agreement.

27. Termination of Agreement by Bank and ISO. Bank or ISO may terminate this Agreement upon at least 30 days’ prior written notice to the other parties. In addition, Bank or ISO may terminate this Agreement immediately upon written notice to Merchant upon the occurrence of any of the following (each, an “Event of Default”):
(a) Any information concerning Merchant obtained by Bank is unsatisfactory to Bank, in Bank’s sole discretion.
(b) Any act of fraud or dishonesty is committed by Merchant, its employees or agents, or Bank believes in good faith that Merchant, its employees or agents have committed, are committing or are planning to commit any acts of fraud ormisrepresentation.
(c) Chargebacks are excessive, in the opinion of Bank or ISO.
(d) There is a breach of any representation or warranty made by Merchant hereunder, or Merchant defaults in the performance of any of its obligations under this Agreement.
(e) A petition under any bankruptcy or insolvency law is filed by or against Merchant or one of its Affiliates.
(f) Bank or ISO determines that the continuation of this Agreement may create harm or the loss of goodwill to Bank, ISO or any Association.
(g) Merchant fails to maintain sufficient funds in the Operating Account to cover the amounts due by Merchanthereunder.
(h) Merchant’s percentage of error Transactions or retrieval requests is excessive in the opinion of Bank or ISO.
(i) Any insurance policy obtained by Bank, ISO or Merchant relating to Transactions and/or Chargebacks is cancelled or terminated for any reason.
(j) Merchant fails to provide financial statements suitable to Bank and ISO on request.
(k) Bank determines that ISO does not or cannot perform its duties under this Agreement and Bank determines that it is not feasible to provide the Services contemplated by this
Agreement to Merchant. Bank is not obligated to provide replacement Services if ISO does not or cannot perform. (As between Bank and ISO, this provision shall not be exercised by Bank other than pursuant to the notice, breach and cure provisions of the sponsorship agreement between them);
(l) Any Association recommends or demands that this Agreement be terminated; or
(m) The Application contains any incorrect, incomplete or misleading information concerning the Merchant, its Affiliates or guarantors.

Bank or ISO may, in their sole discretion, selectively terminate one or more of Merchant’s approved locations without terminating this entire Agreement.

In the event of termination, all obligations of Merchant incurred or existing under this Agreement prior to termination shall survive the termination. Merchant’s obligations with respect to any Transaction shall be deemed incurred and existing on the date of such Transaction.

In the event Bank terminates this Agreement following any Event of Default, Merchant: (i) agrees that Bank may place Merchant on each Association’s “Terminated Merchant File” (or any other list or file serving a similar purpose); and (ii) agrees to indemnify and hold Bank and ISO harmless from and against any and all costs, expenses and liabilities incurred by Bank and/or ISO in connection with or arising out of such Eventof Default.

Following any bankruptcy filing against or by Merchant, Bank reserves the right to suspend or discontinue the provision of Services. Merchant must notify Bank in writing no later than five (5) days following any bankruptcy filing by or against Merchant.

Credits to the Operating Account and other payments to Merchant are provisional.

The parties acknowledge and agree that Bank is extending financial accommodations to Merchant within the meaning of 11 U.S.C.365 (c) (2) of the Bankruptcy Code as amended from time to time. The right of Merchant to receive any amounts due or to become due from Bank is expressly subject and subordinate to the Chargebacks , recoupment, setoff, lien, and/or security interest rights that are being applied to claims that are liquidated, unliquidated, fixed contingent, matured or unmatured.

28. Termination of Agreement by Merchant. Merchant may terminate this Agreement upon at least 30 days’ prior written notice to the other parties if Bank amends Schedule A pursuant to Section 31 to increase the rates, fees or charges Merchant pays hereunder, except for fees or rates that result from a pass through from an Association or another third party assisting in the performance by Bank or ISO hereunder.

29. Setoff and Security. In addition to any other legal or equitable remedy available to it in accordance with this Agreement or by law, Bank and ISO may set off any amounts due to it against any property of Merchant in its possession or under its control. As security for the performance by Merchant of all of its obligations under this Agreement, Merchant hereby grants to Bank a security interest in: (i) the funds held in the Operating Account and in the Reserve Account; and (ii) any inventory with respect to which a Transaction has occurred but has not yet been fulfilled (the “First Priority Security Interest”). Merchant will execute and deliver to Bank such documents, in form satisfactory to Bank, as Bank may reasonably request in order to perfect the First Priority Security Interest in the Operating Account, Reserve Account and such inventory, and will pay all costs and expenses associated with filing the same or this Agreement in all public filing offices, where filing is deemed by Bank to be necessary or desirable. Bank is authorized to file financing statements relating to the Operating Account, the Reserve Account and such inventory without ISO where authorized by law. Merchant appoints Bank as its attorney-in-fact to execute such documents as are necessary or desirable to accomplish perfection of any security interests. This appointment is coupled with an interest and shall be irrevocable as long as Merchant owes any amount to Bank. As security for the performance by Merchant of all of its obligations under this Agreement, Merchant hereby grants to ISO a security interest in: (i) the funds held in the Operating Account and in the Reserve Account; and (ii) any inventory with respect to which a Transaction has occurred but has not yet been fulfilled (the “Second Priority Security Interest”). Merchant will execute and deliver to ISO such documents, in form satisfactory to ISO, as ISO may reasonably request in order to perfect the Second Priority Security Interest in the Operating Account, Reserve Account and such inventory, and will pay all costs and expenses associated with filing the same or this Agreement in all public filing offices, where filing is deemed by ISO to be necessary or desirable. ISO is authorized to file financing statements relating to the Operating Account, the Reserve Account and such inventory without Bank where authorized by law. Merchant appoints ISO as its attorney-in-fact to execute such documents as are necessary or desirable to accomplish perfection of any security interests. This appointment is coupled with an interest and shall be irrevocable as long as Merchant owes any amount to ISO. Notwithstanding anything to the contrary in this Section 29: (i) ISO agrees that the Second Priority Security Interest is and will at all times remain subject and second in priority to the First Priority Security Interest; (ii) any and all documents filed by ISO or Merchant to perfect the Second Priority Security Interest will be prepared in a manner that ensures the priority and superiority of the First Priority Security Interest; and (iii) ISO will immediately file any and all documents and statements reasonably requested by Bank in order to ensure the priority of the First Priority Security Interest relative to the Second Priority Security Interest.

30. Exclusivity. Merchant shall submit all Transactions made during the term hereof solely to Bank for processing. If Merchant fails to comply with this provision,Merchant agrees to pay Bank, within 10 days of the date of non-compliance, a liquidated damages sum to be determined by computing the projected gross dollar volume of Transactions processed by Bank on behalf of the Merchant for the remainder of the term hereof and multiplying that number by 1%. Merchant and Bank agree that the damages suffered by Bank as a result of such non-compliance would be extremely difficult to calculate with precision. For that reason, the parties hereto agree that the liquidated damages should be computed as set forth above. Any exceptions to this exclusive arrangement must be approved by Bank and ISO in advance in writing. Merchant shall not create a new Affiliate for the purpose of circumventing this provision, as reasonably determined by ISO.

31. Amendments to this Agreement. From time to time Bank may amend this Agreement as follows:
(a) Bankmay amend or delete Cards or Services listed in Schedule A by notifying Merchant in writing of any such amendment. All provisions of this Agreement shall apply to Cards or Services added to this Agreement. Bank shall notify Merchant of the fees to be charged for processing the additional Cards and Services. Acceptance by Merchant of a new approved Card as payment for a Transaction or use of a new Service after Bank has sentMerchant notice of an amendment shall constitute Merchant’s agreement to the amendment and the fees or charges related to these additions.
(b) From time to time, Bank may change all rates, fees and charges set forth on Schedule A. Bank will provide written notice to Merchant of all such amendments. Bank may change the rates, fees and charges without prior written notice if Merchant’s sales volume or average Transaction amount does not meet Merchant’s projections contained in the Merchant Application form to which this Agreement is attached or if the risk factors associated with processing Transactions increase. If notice is required, Bank will give written notice on the Merchant Statement. All new rates, fees and charges will become effective for the month immediately following the month in which the notice appeared on the Merchant Statementunless Merchant terminates this Agreement in accordance with Section 28.
(c) Bank may amend this Agreement in any manner other than as described in Section 31(a) or 31(b) above simply by providing written notice of such amendment to Merchant, and such amendment shall become effective on the latter of: (i) the date on which such written notice is received by Merchant; or (ii) a date specified by Bank in such written notice.

32. Assignment. This Agreement may not be assigned by Merchant without the prior written consent of Bank. Bank may assign this Agreement without limitation. Subject and pursuant to the sponsorship agreement between Bank and ISO, ISO may assign this Agreement and cause Bank to assign this Agreement. Assignment of this Agreement by Bank or ISO shall relieve the assignor of any further obligations under thisAgreement.

33. Financial Accommodations. Bank, ISO and Merchant intend this Agreement to be construed as a contract to extend financial accommodations for the benefit of Merchant.

34. Waiver. To the extent that Merchant becomes a debtor under any chapter of title 11 of the United States Code and such event does not result in the termination of this Agreement, Merchant hereby unconditionally and absolutely waives any right or ability that Merchant may otherwise have had to oppose, defend against or otherwise challenge any motion filed by Bank for relief from the automatic stay of 11 U.S.C. § 362(a) to enforce any of Bank’s rights or claims under this Agreement.

35. Cooperation. In their dealings with one another, each party agrees to act reasonably and in good faith and to fully cooperate with each other in order to facilitate and accomplish the transactions contemplated hereby.

36. Entire Agreement. This Agreement, together with the Schedules attached hereto, supersedes any other agreement, whether written or oral, that may have been made or entered into by any party (or by any officer or officers of any party) relating to the matters covered herein and constitutes the entire agreement of the parties hereto. The Parties agree that this Agreement may be completed in electronic or paper form, at the discretion of Servicers.

37. Severability. If any provisions of this Agreement shall be held, or deemed to be, or shall in fact be, inoperative or unenforceable as applied in any particular situation, such circumstance shall not have the effect of rendering any other provision or provisions herein contained invalid, inoperative or unenforceable to any extent whatsoever. The invalidity of any one or more phrases, sentences, clauses or sections herein contained shall not affect the remaining portions of this Agreement or any part hereof.

38. Notices. Except for notices provided by Bank to Merchant on the Merchant Statement, all notices, requests, demands or other instruments which may or are required to be given by any party hereunder shall be in writing and each shall be deemed to have been properly given when: (i) served personally on an officer of the party to whom such notice is to be given, (ii) upon expiration of a period of three (3) business days from and after the date of mailing thereof when mailed postage prepaid by registered or certified mail, requesting return receipt, or (iii) upon delivery by a nationally recognized overnight delivery service, addressed as follows:

If to BANK: 100 Jericho Quadrangle, Suite 100, Jericho, New York 11753
If to ISO: Merchant Industry, LLC, 36-36 33rd Street Ste 206, Long Island City NY 11106, Attention: Legal Department
If to MERCHANT:
                       Address listed on the application to which this Agreement is attached.

Any party may change the address to which subsequent notices are to be sent by notice to the others given as aforesaid.

39. Governing Law.
a. Merchant, ISO or Bank may elect to resolve any dispute hereunder (each a “Claim”) by individual, binding arbitration. If arbitration is chosen by any party, no party will have the right to litigate that Claim in court or have a jury trial on that Claim. Further, no party will have the right to participate in a representative capacity or as a member of any class pertaining or be a named party to a class-action with respect to any Claim for which any party elects arbitration. Except as set forth below, the arbitrator’s decision will be final and binding. Other rights a party would have in court may also not be available in arbitration.
b. Claims will be referred to either JAMS or AAA, as selected by the party electing arbitration. Claims will be resolved pursuant to this Agreement and the selected organization’s rules in effect when the Claim is filed, except where those rules conflict with this Agreement. Contact JAMS or AAA to begin an arbitration or for other information. Claims may be referred to another arbitration organization if all parties agree in writing, or to an arbitrator appointed pursuant to Section 5 of the Federal Arbitration Act, 9 U.S.C. §§ 1-16 (FAA). Any arbitration hearing shall take place in New York, New York unless all parties agree to an alternate venue.
c. Limitations on Arbitration. If any party elects to resolve a Claim by arbitration, that Claim will be arbitrated on an individual basis. There will be no right or authority for any Claims to be arbitrated on a class action basis or on bases involving Claims brought in a purported representative capacity on behalf of the general public, other merchants or other persons or entities similarly situated. The arbitrator’s authority is limited to Claims between Merchant and ISO or Bank, or both of them. Claims may not be joined or consolidated unless all parties to this agreement agree in writing. An arbitration award and any judgment confirming it will apply only to the specific case brought and cannot be used in any other case except to enforce the award as between Merchant and ISO or Bank, or both of them. This prohibition is intended to, and does, preclude Merchant from participating in any action by any trade association or other organization against ISO or Bank, or both of them. Notwithstanding any other provision and without waiving the right to appeal such decision, if any portion of these arbitration clauses are deemed invalid or unenforceable, then the entire arbitration
provision (other than this sentence) will not apply.
d. Any party may elect to arbitrate any Claim that has been filed in court at any time before trial has begun or final judgment has been entered on the Claim. Any party may choose to delay enforcing or to not exercise rights under this arbitration provision, including the right to elect to arbitrate a Claim, without waiving the right to exercise or enforce those rights on any other occasion.
e. The arbitrator shall have the power and authority to award any relief that would have been available in court, including equitable relief (e.g., injunction, specific performance) and cumulative with all other remedies, shall grant specific performance whenever possible. The arbitrator shall have no power or authority to alter the Agreement or any of its separate provisions, including this section, nor to determine any matter or make any award except as provided in this section.
f. Any party may seek equitable relief in aid of arbitration prior to arbitration on the merits to preserve the status quo pending completion of such process. This section shall be enforced by any court of competent jurisdiction, and the party seeking enforcement shall be entitled to an award of all reasonable attorneys’ fees and costs, including legal fees, to be paid by the party against whom enforcement isordered.
g. ISO or Bank shall not elect to use arbitration under this section for any Claim Merchant properly files in a small claims court so long as the Claim seeks individual relief only and is pending only in that court.
h. This arbitration section is made pursuant to a transaction involving interstate commerce and is governed by the FAA. The arbitrator shall apply New York law and applicable statutes of limitations and shall honor claims of privilege recognized by law. The arbitrator shall apply the rules of the arbitration organization selected, as applicable to matters relating to evidence and discovery, not the federal or any state rules of civil procedure or rules of evidence, provided that any party may request that the arbitrator to expand the scope of discovery by doing so in writing and copying any other parties, who shall have fifteen (15) days to make objections, and the
arbitrator shall notify the parties of his/her decision within twenty (20) days of any objecting party’s submission. If a Claim is for $10,000 or less, any party may choose whether the arbitration will be conducted solely on the basis of documents submitted to the arbitrator, through a telephonic hearing, or by an in-person hearing as established by the rules of the selected arbitration organization. At the timely request of a party, the arbitrator shall provide a written and reasoned opinion explaining his/her award. The arbitrator’s decision shall be final and binding, except for any rights of appeal provided by the FAA. If a Claim is for $100,000 or more, or includes a
request for injunctive relief, (a) any party to this Agreement shall be entitled to reasonable document and deposition discovery, including (x) reasonable discovery of electronically stored information, as approved by the arbitrator, who shall consider, inter alia, whether the discovery sought fromone party is proportional to the discovery received by another party, and (y) no less than five depositions per party; and (b) within sixty (60) days of the initial award, either party can file a notice of appeal to a three-arbitrator panel administered by the selected arbitration organization, which shall reconsider de novo any aspect requested of that award and whose decision
shall be final and binding. If more than sixty (60) days after the written arbitration decision is issued the losing party fails to satisfy or comply with an award or file a notice of appeal, if applicable, the prevailing party shall have the right to seek judicial confirmation of the award in any state or federal court where Merchant’s headquarters or Merchant’s assets are located.

40. Captions. Captions in this Agreement are for convenience of reference only and are not to be considered as defining or limiting in any way the scope or intent of the provisions of this Agreement.

41. No Waiver. Any delay, waiver or omission byBank to exercise any right or power arising fromany breach or default of the other party in any of the terms, provisions or covenants of this Agreement shall not be construed to be a waiver of any subsequent breach or default of the same or any other terms, provisions or covenants on the part of the other party. All remedies afforded by this Agreement for a breach hereof shall becumulative.

42. Force Majeure. The parties shall be excused from performing any of their respective obligations under this Agreement which are prevented or delayed by any occurrence not
within their respective control including but not limited to strikes or other labor matters, destruction of or damage to any building, natural disasters, accidents, riots or any regulation, rule, law, ordinance or order of any federal, state or local governmentauthority.

43. Cooperation. Merchant covenants and agrees that, if it is undergoing forensic investigation at the time this Agreement is signed, Merchant will fully cooperate with the investigation until it is completed.

44. Limited Acceptance. Visa Rules allow Merchant to become a Limited Acceptance Merchant as part of its use of Bank’s Services. A “Limited Acceptance Merchant,” as defined by Visa, is a merchant that accepts either, but not both, of the following:
         ● Visa Credit and Business Category Cards
         ● Visa Debit Category Cards
Merchant has elected to become a Limited Acceptance Merchant by choosing to accept ONLY (please mark the applicable card category below):
         □ Visa Credit and Business Category Cards
         □ Visa Debit Category Cards
Merchant’s failure to select one of the Limited Acceptance Categories above means that Merchant has elected to accept BOTH Visa Credit and Business Category Cards and Visa Debit Category Cards.

IfMerchant elects to be a Limited Acceptance Merchant, Merchantmust properly display the Visa-approved signage that represents the Limited Acceptance Category thatMerchant has selected above.

45. Special Merchant Categories.
(a) If Merchant is a Health Care Merchant (as defined by the Visa Core Rules and Visa Product and Service Rules (the “Visa Core Rules”)), Merchant acknowledges that it must comply with the provisions of Section 5.9.12 of the Visa Core Rules.

(b) If Merchant is a T&E Merchant (as defined by the Visa Core Rules), Merchant acknowledges that it must comply with all of the provisions of the Visa Core Rules relating to T&E Merchants, including Sections 5.9.6, 5.10.4.1, 7.3.12, and 11.1.3.2. Merchant further agrees that, if it is an International Airline Program Merchant (as defined by the Visa Core Rules), the terms of the attached International Airline Program Merchant Addendum apply.

(c) If Merchant receives BIN information from Bank, Merchant agrees that: (i) such information may be used solely for purposes of identifying Visa card product types at the point of sale; (ii)Merchantmay not, and will not, disclose such information to any third party; and (iii)Merchant will treat such information as proprietary and confidential information belonging to Visa and with the same degree and case as information labeled “Visa Confidential.”

(d) If Merchant is an Electronic Commerce Merchant (as defined by the Visa Core Rules and Visa Product and Service Rules (2014)—the “VCR”), the following terms apply (references following each requirement indicate whether the requirement is located in the VCR or the Visa Acquirer Risk Program Standards Guide (2010) (VPSG); capitalized terms that are not otherwise defined in this Agreement are used as defined in the VCR):

i. Merchant must display its consumer data privacy policy on its website. (VPSG)

ii. Merchant must display the security method it uses for the transmission of payment data on its website. (VPSG)

iii. Merchant must offer Cardholders a secure transaction method and a data protection method, such as Secure Sockets Layer (SSL), 3-D Secure and/or Verified by Visa. (VPSG; VCR Section 1.5.6.2)

iv. For Non-Secure Transactions and Non-Authenticated Security Transactions, Merchant must attempt to obtain a Visa Card expiration date and submit it as part of
the Authorization Request. (VCR Section 5.8.4.1)

v. Merchant’s website must contain all of the following:
(A) Customer service contact, including email address or telephone number.
(B) The address, including the country, of Merchant’s permanent establishment, either:
(1) On the same screen view as the checkout screen used to present the final Transaction amount; or
(2) Within the sequence of web pages the Cardholder accesses during the checkout process.
(C) Policy for delivery of multiple shipments.
(D) Security capabilities and policy for transmission of payment card details.
(E) In addition, on an Online Gambling Merchant’s homepage or payment page, all of the following:
(1) The statement “Internet gambling may be illegal in the jurisdiction in which you are located; if so, you are not authorized to use your payment card to
complete this transaction”;
(2) A statement of the Cardholder’s responsibility to know the laws concerning online gambling in the Cardholder’s country;
(3) A statement prohibiting the participation of minors;
(4) A complete description of the rules of play, cancellation policies, and pay-outpolicies;
(5) A statement recommending that the Cardholder retain a copy of Transaction records and Merchant policies and rules; and
(6) An Acquirer numeric identifier specified by Visa.
(VCR Section 5.9.3.1)

vi. Merchant must not display the full Account Number to the Cardholder online. (VCR Section 5.9.3.2)

vii. If Merchant is a Verified by Visa Merchant, Merchant acknowledges that its Electronic Commerce Transactions are not eligible for Chargeback protection from Chargeback reason codes 75 (Transaction Not Recognized) and 83 (Fraud-Card-Absent Environment) ifeither:

(A) The Merchant is classified with one of the following MCCs:
(1) MCC 4829 (Wire Transfer Money Orders);
(2) MCC 5967 (Direct Marketing – Inbound Teleservices Merchant);
(3) MCC 6051 (Non-Financial Institutions – Foreign Currency, Money Orders [not Wire Transfer], Travelers’ Cheques); or
(4) MCC 7995 (Betting, including Lottery Tickets, Casino Gaming Chips, Off-Track Betting, and Wagers at Race Tracks); or
(B) Merchant has been identified in the Merchant Chargeback Monitoring Program or Risk Identification Service Online. Merchant remains ineligible while it is in either program, and for an additional 4 months after exiting the program. This condition also applies if Merchant enabled Verified by Visa while identified in either program. (VCR Section
5.9.3.5)

viii. Merchant must include the following in its transaction receipts:
(A) Customer service contact;
(B) Merchant country; and
(C) Conditions of sale, including return and cancellation policy.
(VCR Section 5.10.3.3)

ix. In an Authorization Request, Merchant must not transmit Authentication Data specific to one Transaction with another Transaction, except when either:
(A) 2 Transactions are related due to delayed delivery; or
(B) All items of an order cannot be shipped at the same time.
(VCR Section 10.15.3.2)

(e) If Merchant limits its acceptance of returned merchandise or is an Electronic Commerce Merchant, Merchant must ensure that its return policies are clearly indicated to a Cardholder on the Transaction Receipt or on Merchant’s website, as follows (VCRSection 5.4.2.4):

MI_Terms-and-Conditions-Table_7

46. Participation in PayPal In-Store Checkout
Unless Merchant otherwise specifically indicates to Bank that Merchant does not wish to accept any PayPal Payment Method as a method of payment for goods services at Merchant’s point(s) of sale, the following terms and provisions will apply. If Merchant elects American Express Card Acceptance and does opt out of the application of this Section 46, the application of Section 46 and this Section 47 will be deemed to be cumulative and not in the alternative.

(a) Merchant acknowledges and agrees that all of its actions associated with the acceptance by Merchant of a PayPal Method as the method of payment for goods or services at a point of sale, and in connection with processing any sale, credit, chargeback, representment, reversal or correction or settlement activity associated with any such transaction is subject to the terms and conditions of the Program Documents, as that term is defined in the PayPal Operating Regulations for In-Store Checkout (as the same may be amended or replaced from time to time, the “PayPal Operating Regulations”). Merchant will comply in full, at all times, will all relevant provisions of the Program Documents, a copy of which Merchant acknowledges and agrees it has received and reviewed. Capitalized and italicized terms used in this Section 47 that are not otherwise defined are used as defined in the PayPal Operating Regulations.

(b) The definition of “Card(s)”, as used throughout this Agreement, is changed to read as follows:
“Card(s)” means any of the following: (i) a Visa, MasterCard or Discover credit card, debit card (or other similar card that requires a PIN for identification purposes), or pre-paid, stored-value or gift card; and (ii) any PayPal Payment Method.

(c) The definition of “Issuer”, as used throughout this Agreement, is changed to read as follows:
“Issuer” means a member of an Association that enters into a contractual relationship with a Cardholder for the issuance of one or more Cards and PayPal, Inc. (“PayPal”), in connection with any PayPal Payment Method.

(d) Merchant will comply in full with the Program Documents in connection with all of its activities associated with PayPal Acceptance and associated Transaction processing and Settlement of Transactions.

(e) Merchant acknowledges and agrees that Acquirer may disclose Transaction Data and Merchant information to PayPal, regulatory authorities and other entities to which PayPal is required to provide such information for the purposes deemed necessary and related to performing Transactions or to comply with Applicable Law, including, by way of example and without limitation:

(i) Detailed information about the Transactions conducted by Merchant, including Transaction Data required by the Program Documents, to be delivered to PayPal in connection with Authorization Requests, Transaction Data, and Dispute responses;
(ii) Merchant information and detail about the transactions accepted by Merchant, including the Merchant Category Code assigned by Bank to Merchant;
(iii) Collective and detailed information about Merchant’s Transactions, Disputes and other information reasonably required by PayPal during any investigation of Merchant;
(iv) Information regarding the aggregate number, type, and kind of Transactionsaccepted by Merchant, in the Authorized Jurisdiction; and
(v) Business and registration information provided by Merchant and/or its principals in connection with any application submitted by Merchant to Bank.
(f) Merchant acknowledges and agrees that each of the following is strictly and expresslyprohibited:
(i) Any use, storage, or disclosure by Merchant of PayPal’s confidential information, any PayPal Account Holder Data or Transaction Data, other than as necessary to complete a Transaction.
(ii) The retention or storage of PayPal Account Numbers, Track Data or TransactionData.
(iii) Any use of any PayPal Account Holder’s personal information for marketing and/or other purposes without explicit consent from the PayPal Account Holder.

(g) Bank may terminate Merchant’s PayPal Acceptance and/or this Agreement for any of the reasons set forth in the PayPal Operating Regulations or for any violation by Merchant of the terms that Bank is required to enforce against Merchant in the PayPal Operating Regulations. PayPal may directly contact Merchant if Merchant is terminated by Bank for any reason, including investigating compliance by Merchant with the Security Requirements set forth in Section 13 of the PayPal Operating Regulations.

(h) “PayPal Marks” mean the brands, emblems, trademarks, and/or logos that identify PayPal Acceptance. The PayPal Marks are described in Appendix A of the PayPal Operating Regulations. Merchantmay use the PayPalMarks only to promote PayPal products, offers, services, processing and/or acceptance.Merchant use of the PayPalMarks is restricted to the display of decals, signage, advertising, and marketing materials provided or approved by PayPal in writing pursuant to the process set forth in the PayPal Operating Regulations. Merchant shall not use the PayPal Marks in such a way that PayPal Account Holders could believe that the products or services offered by Merchant are sponsored or guaranteed by the owners of the PayPal Marks. Merchant recognizes that it has no ownership rights in the PayPal Marks. Merchant shall not assign to any third party any of the rights to use the PayPal Marks. Merchant is prohibited from using the PayPal Marks, not permitted above, unless expressly authorized in writing by PayPal.

47. ISO PRODUCTS AND SERVICES
Important Note: MERCHANT acknowledges and agrees that BANK and its affiliates have no obligation or liability whatsoever for: (1) the ISO Products and Services, (2) any actions or omissions of ISO with respect to the ISO Products and Services, or (3) any claims or disputes arising out of the foregoing.

48. EQUIPMENT AGREEMENT
Important Note: ESQUIRE BANK is not a party to the following agreement (i.e. Section 48). MERCHANT acknowledges and agrees that ESQUIRE BANK and its affiliates are in no way responsible for the actions, inactions, performance or nonperformance ofMerchant Industry, LLC, or for disputes or resolving disputes of any kind arising fromthe agreement set out below:
This is an equipment agreement is between MERCHANT and ISO (“Equipment Agreement”). MERCHANT agrees that it will not acquire any title or any other proprietary right to any leased equipment including without limitation, point of sale terminals provided to MERCHANT hereunder; (as identified by ISO, collectively, “Equipment”) unless such rights (“Right ofUse”) are specifically granted to MERCHANT by the ISO or its designees in writing. The “Right of Use” includes the right to use the Terminal in order to capture electronic payment transactions for processing under the merchant transaction processing agreement between MERCHANT, ISO and to which ISO’s acquiring bank may be a party (the “Merchant Processing Agreement”). If MERCHANT has opted in to the “Free Terminal Program”, then under this Equipment Agreement, ISO hereby leases free of charge to MERCHANT a single, individual, ISO approved piece of Equipment for the initial term of the Merchant Processing Agreement and any renewals of such term. MERCHANT may terminate this Equipment Agreement at the end of the term of this Equipment Agreement by providing ISO with written notice thirty (30) days prior to the end of the current term hereof. MERCHANT can also terminate this Equipment Agreement during the first thirty (30) days of the term of this Equipment Agreement provided that MERCHANT returns the Equipment to ISO: (i)within such thirty (30) days; (ii) without damage; (iii) via a national courier (such as Fedex or UPS); (iv) with a tracking number; (v) with insurance; and (vi) with signature required by ISO on receipt. If MERCHANT returns Equipment to ISO after the first thirty (30) days of the term of this Equipment Agreement or Equipment that is damaged, or fails to deliver Equipment as per the delivery requirements set out in (iii) through (vi) above, or MERCHANT returns the Equipment when they are also in breach of the Merchant Processing Agreement or have terminated the Merchant Processing Agreement prior to the end of the term thereof, then MERCHANT shall pay ISO a $495 Equipment fee. If MERCHANT fails to return Equipment to ISO at the end of the term of this Equipment Agreement, then MERCHANT shall be liable for the market value of the unreturned Equipment as reasonably determined by ISO and not to be less than $495. MERCHANT will protect Equipment from loss, theft, damage or any legal encumbrance and will allow ISO and its designated representative reasonable access to MERCHANT’S premises for its repair, removal, modification, installation and relocation. MERCHANT Equipment provided by ISO is embedded with proprietary technology. MERCHANT shall not obtain title, copyrights or any other proprietary right to any software installed in or used in conjunction with the Equipment (“Software”) all of which shall be that of the ISO or its designee. MERCHANT shall not disclose such Software to any party, convey, copy, license, sublicense, modify, translate, reverse engineer, decompile, disassemble, tamper with, or create any derivative work based on such Software. MERCHANT may use Software only for the purpose of using Equipment to process transactions under the Merchant Processing Agreement. MERCHANT may use the Equipment only as per the specific instructions that have been delivered to the MERCHANT in respect thereof, such as they may be from time to time. Merchant’s use of such software shall be limited to that expressly authorized by ISO. MERCHANT will promptly notify ISO of any Equipment malfunction. MERCHANT is responsible for all repair costs including shipping related thereto or replacement, if necessary, for the fees aforementioned. MERCHANT shall facilitate and cooperate with any and all Software updates that may need to be installed on Equipment as determined by ISO, such as participation in a dial in downline load procedure. With Equipment leased to MERCHANT by ISO, MERCHANT will not be liable for normal wear and tear, provided, however, that MERCHANT will be liable to ISO in the event that any Equipment is lost, destroyed, stolen or rendered inoperative. MERCHANT will indemnify ISO against any loss arising out of damage to or destruction of any Equipment, or other default under this Equipment Agreement. MERCHANT also agrees to hold harmless and indemnify ISO for any costs, expenses, and judgments ISO may suffer, including reasonable attorney’s fees, as a result of MERCHANT’S use of Equipment provided hereunder. All amounts owing to ISO hereunder may be collected by ACH debit pursuant to the general ACH consent executed by the MERCHANT in favor of the ISO concurrently with this Equipment Agreement, but if ISO cannot collect via ACH, MERCHANT shall pay the amounts owing within five (5) days of a demand. ISO shall not be liable under this Equipment Agreement for any amount in excess of $50 or greater than that paid to ISO by MERCHANT under this Equipment Agreement. Under no circumstances shall ISO be liable for any indirect, consequential, or punitive damages hereunder.

49. PCI SERVICES AGREEMENT
Important Note: ESQUIRE BANK is not a party to the following agreement (i.e. Section 49). MERCHANT acknowledges and agrees that ESQUIRE BANK and its affiliates are in no way responsible for the actions, inactions, performance or nonperformance ofMerchant Industry, LLC, or for disputes orresolving disputes of any kind arising fromthis agreement.

ISO (also referred to as “us”, “we”, “our”) are pleased to offer MERCHANT (also referred to a “you” or “your”) certain services that will assist you in learning how to be PCI compliant. This agreement (the “PCI Agreement”) sets out the terms by which we offer those services to you (the “Services”). Please read this PCI Agreement carefully as it constitutes an agreement between you and us, the ISO. The Payment Security Council (the “PCI”) (whose web site is here www.pcisecuritystandards.org, the “PCI Services”) publishes a variety of standards that apply to suppliers and users of payment services in the United States. Certain payment processing banks and other suppliers require merchants to comply with certain standards published by PCI as well as other industry rules, regulations and security standards. We urge you to read the agreements applicable to the services that you procure from banks in order to ascertain which of these rules, regulations and security standards apply to you. We offer no opinion as to which PCI standards or other rules apply to you specifically, that determination is your sole and absolute responsibility which can be completed by a careful reading of the various agreements to which you may be a party to procure payment and other services. The PCI publishes a Data Security Standard Self-Assessment Questionnaire (the “PCI Questionnaire”) that is a validation tool intended to assist merchants and service providers inself-evaluating their compliance with a PCI standard known as the PCI DSS.

For a fee of $119.99 per year, or as otherwise set forth on the Merchant Application (the “PCI Fees”), we are pleased to: (i) have a third party PCI compliance company provide you with a PCI Questionnaire; and (ii) pay, as an indemnity, up to a maximum of $50,000.00 of any PCI non-compliance fines for which MERCHANT is liable subject to this Agreement (“Indemnity”), including but not limited to the PCI Payment Conditions below. If MERCHANT does not: (i) pay the PCI Fees; (ii) complete the PCI Questionnaire; or (iii) or, as a substitute for the Services and the PCI Fees, retain the services of a qualified third party PCI compliance service, within the first six (6) months of entering into a Merchant Processing Agreement with ISO and its acquiring bank, then, in addition to other amounts payable by MERCHANT, MERCHANT shall pay to ISO a non-compliance fee as set forth on the Merchant Application. We will collect the fees payable to the Service through the monthly processing statement in your merchant account, and this PCI Agreement serves as an express consent for us to levy such fees. If you decline to complete a PCI Questionnaire, you may be charged additional fees for non-compliance, as provided for in your merchant services agreement. This is not an addendum or part of your merchant services agreement. Instead, it is a separate agreement relating to the Services. An additional fee of $1.99 per month shall be added to the PCI Fees if you select to have the Indemnity.

YOU SHALL PROVIDE ONLY TRUTHFUL INFORMATION IN THE PCI QUESTIONNAIRE. THE PCI QUESTIONNAIRE IS PROVIDED TO YOU FOR GENERAL INFORMATION PURPOSES ONLY AND YOU MUST NOT RELY ON IT FOR ASSESSING YOUR OWN COMPLIANCE WITH THE PCI DSS WHICH ASSESSMENT CAN BE MADE ONLY BY A QUALIFIED SECURITY ASSESSOR AS SUCH TERM IS DEFINED ON THE PCI SERVICES. WE ARE NOT A QUALIFIED SECURITY ASSESSOR, NOR DO WE HAVE EXPERTISE IN RESPECT OF ASSESSING PCI DSS COMPLIANCE. OUR MAXIMUM AGGREGATE LIABILITY IN RESPECT OF THE PCI SERVICES UNDER THIS AGREEMENT SHALL BE THE AMOUNT YOU HAVE PAID US TO USE IT. PLEASE BE INFORMED THAT THE CONSEQUENCES OF BEING NON-COMPLIANT WITH THE PCI DSS INCLUDE RISK OF GRIEVOUS HARM TO YOUR BUSINESS AS WELL AS SUBSTANTIAL FINES FROM PROCESSORS, BANKS AND PAYMENT BRANDS THAT MAY REACH INTO THE HUNDREDS OF THOUSANDS OF DOLLARS. WE ASSUME NO LIABILITY FOR SUCH LOSSES OR FINES ALL OF WHICH SHALL REMAIN YOUR RESPONSIBILITY.

All amounts owing to ISO hereunder may be collected by ACH debit pursuant to the general ACH consent executed by the MERCHANT in favor of the ISO concurrently with this PCI Agreement.

PCI Payment Conditions

In consideration of the PCI Fees and in reliance upon the statements in the PCI Questionnaire and this PCI Agreement ISO agrees as follows:
I. SECURITY PAYMENT UNDERTAKING
1. ISO shall pay on behalf of the MERCHANT all reasonable Security event expenses resulting from a data security event first discovered by the MERCHANT during the PCI Agreement period and reported to ISO within the notice period up to a maximum of$50,000.00.

II. DEFINITIONS
The following definitions shall apply to this PCI Agreement:
• “Bank card”means a financial transaction card, including a debit card, credit card or prepaid card, issued by a card association or a financial institution as a member of a card association.
• “Cardholder” means a natural person or entity to which a bank card has been issued.
• “Cardholder Information” means the data contained on a bank card, or otherwise provided to MERCHANT, that is required by the card association or a payment
processor in order to process, approve and/or settle a bank card transaction.
• “Card association” means each of Visa International, MasterCard Worldwide, Discover Financial Services, JCB, American Express and any similar credit or debit card
association that is a participating organization of the PCI Security Standards Council.
• “Card association assessment” means a monetary assessment, fee, fine or penalty levied against the MERCHANT by a card association as the result of (i) a data security event or (ii) a security assessment conducted as the result of a data security event. The card association assessment shall not exceed the maximum monetary assessment, fee, fine or penalty permitted upon the occurrence of a data security event by the applicable rules or agreement in effect as of the inception date of the PCI Agreement period for
such card association.
• “Card replacement expenses” means the costs that the MERCHANT is required to pay by the card association to replace compromised bank cards as the result of (i) a data security event or (ii) a security assessment conducted as the result of a data security event.
• “Data security event” means the actual or suspected unauthorized access to or use of cardholder information, arising out of a MERCHANT’s possession of or access to such cardholder information, which has been reported (a) to a card association by such MERCHANT, or (b) to such MERCHANT by a card association. All security event expenses resulting from the same, continuous, related or repeated event or which arise from the same, related or common nexus of facts, will be deemed to arise out of the first such data security event.
• “Forensic audit expenses” means the costs of a security assessment conducted by a qualified security assessor approved by a card association or the PCI Security Standards Council to determine the cause and extent of a data security event.
• “Notice period”means the sixty (60) day period of time the MERCHANT shall have to notify us that a data security event has occurred. The notice period shall commence immediately upon first discovery of the data security event by theMERCHANT.
• “PCI Agreement” period means the period commencing on the Effective Date.
• “Pollutants”means, but are not limited to, any solid, liquid, gaseous, biological, radiological or thermal irritant or contaminant, including smoke, vapor, dust, fibers, mold, spores, fungi, germs, soot, fumes, asbestos, acids, alkalis, chemicals and waste. “Waste” includes, but is not limited to, materials to be recycled, reconditioned or reclaimed and nuclear materials.
• “Post event services expenses” means reasonable fees and expenses incurred by the MERCHANT with our prior written consent, for any service specifically approved by us in writing, including without limitation, identity theft education and assistance and credit file monitoring. Such services must be provided by or on behalf of the MERCHANT within one (1) year following discovery of a data security event covered under this PCI Agreement to a cardholder whose cardholder information is the subject of that data security event for the primary purpose of mitigating the effects of such data security event.
• “Security event expenses” means card association assessments, forensic audit expenses, card replacement expenses and post event services expenses that the MERCHANT is obligated to pay, pursuant to a service agreement, in connection with a data security event.
• “Service agreement” means an agreement pursuant to which the MERCHANT provides products or services to a merchant.

III. DUTIES IN THE EVENT OF A DATA SECURITY EVENT
Before indemnity obligations will apply under this PCI Agreement, the MERCHANT shall notify us in writing as soon as practicable within the notice period of an actual or alleged data security event first discovered by the MERCHANT during the PCI Agreement period. Notice must include:
1. The name of the merchant;
2. A description of the data security event;
3. The number of cardholders affected by the data security event; and
4. A copy of allnotices and correspondence from the MERCHANT or a card association concerning the data security event.
Under all circumstances, the MERCHANT shall not admit any liability, assume any financial obligation, pay any money, or incur any expense in connection with any data security event without our prior written consent. If the MERCHANT does, it will be at the MERCHANT’s own expense. The MERCHANT shall take reasonable steps within its power to mitigate the loss arising out of a data security event, including without limitation, following the procedures required by a card associations in the event of a data security event. In all events, no MERCHANT shall take any action, or fail to take any action, without our prior written consent, which prejudices our rights under this PCI Agreement.

IV. ADDITIONAL OBLIGATIONS
The MERCHANT shall also allow us (or our designee) to examine and audit all of its records that relate to this PCI Agreement. We may conduct the audits during regular business hours during the PCI Agreement period and within three (3) years after the PCI Agreement period ends; and the MERCHANT shall also be responsible for the giving and receiving of any notice under this PCI Agreement, including, but not limited to, notice of a data security event.

V. EXCLUSIONS
Payment by ISO under this PCI Agreement shall not apply to:
A. any security event expenses arising out of or resulting from a claim, suit, action or proceeding against the MERCHANT that is brought by or on behalf of any federal, state or local government agency;
B. any data security event relating to a MERCHANT which has experienced a prior data security event unless such MERCHANT was later certified as PCI compliant by a qualified security assessor;
C. any data security event arising out of a MERCHANT allowing any party (other than its employees) to hold or access cardholder information; provided, however, this exclusion shall not apply to any data security event during the electronic transfer of cardholder information between a MERCHANT and a payment gateway or point of sale (POS) service provider.
D. any data security event involving: (i) a MERCHANT categorized by any card association as “Level 1” or (ii) a MERCHANT that processed more than six million (6,000,000) bank card transactions during the twelve month period prior to the PCI Agreement period;
E. any expenses, other than security event expenses, incurred by the MERCHANT, arising out of or resulting, directly or indirectly, from a data security event, including without limitation, expenses incurred to bring a MERCHANT into compliance with the PCI Data Security Standard or any similar security standard;
F. any security event expenses arising out of or resulting, directly or indirectly, from physical injury, sickness, disease, disability, shock or mental anguish sustained by any person, including without limitation, required care, loss of services or death at any time resulting therefrom;
G. any security event expenses arising out of or resulting, directly or indirectly, from any of the following:
1. fire, smoke, explosion, lightning, wind, water, flood, earthquake, volcanic eruption, tidal wave, landslide, hail, an act ofGod or any other physical event, however caused;
2. strikes or similar labor action, war, invasion, act of foreign enemy, hostilities or warlike operations (whether declared or not), civil war, mutiny, civil commotion assuming
the proportions of or amounting to a popular rising, military rising, insurrection, rebellion, revolution, military or usurped power, or any action taken to hinder or defend against these actions; or
3. electrical or mechanical failures, including any electrical power interruption, surge, brownout or blackout; a failure of telephone lines, data transmission lines, satellites or other infrastructure comprising or supporting the Internet;
H. any security event expenses arising out of or resulting, directly or indirectly, from the presence of or the actual, alleged or threatened discharge, dispersal, release or escape of pollutants (including nuclear materials), or any direction or request to test for, monitor, clean up, remove, contain, treat, detoxify or neutralize pollutants, or in any way respond to or assess the effects of pollutants;
I. any data security event that was not properly reported to us during the notice period;
J. any data security event occurring before the effective date of the service agreement or after the termination of such service agreement;
K. any expenses incurred for, or as a result of, regularly scheduled, recurring or routine security assessments, regulatory examinations, inquiries or compliance activities;
or
L. any data security event that first occurred prior to the effective date set forth in the PCI Agreement.

50. NON-DISPARAGEMENT.
For the term of this Agreement and for two (2) years thereafter, none of Merchant or any of its Affiliates shall make any statements, comments, or take any actions whatsoever which would in any way disparage the ISO or Bank, their Affiliates, officers, directors, employees, agents or referral sources whether in social media or by any other means.

51. COUNTERPARTS.
This Agreement may be executed in one or more counterparts, each of which will be deemed an original and all of which will be deemed to be one instrument. Signatures to this Agreement may be transmitted by electronic means (facsimile, email or otherwise) and such transmission shall be deemed an original.

52. PERSONAL GUARANTEE.
The individual(s) signing this Agreement on behalf of the Merchant (each a “Guarantor”), on behalf of Merchant, personally, individually, jointly and severally guarantees to Bank and ISO the prompt payment in full by Merchant of all sums and amounts payable under this Agreement and the prompt and complete performance by Merchant of all other obligations thereunder. Neither Bank nor ISO shall not be required to first proceed against Merchant or enforce any other remedy before proceeding against the undersigned
individual. This is a continuing guarantee and shall not be discharged or affected by the death or the undersigned and shall bind the heirs, administrators, representatives and assigns and be enforced by or for the benefit of any successor of Bank or ISO. The term of the guarantee shall be for the duration of this Agreement and any addendum thereto and shall guarantee all obligations which may arise or occur in connection with Merchant’s activities during the term or following thereof and enforcement may be sought subsequent to any termination.

53. FAIR CREDIT REPORTING ACT CONSUMER DISCLOSURE AND GENERAL AUTHORIZATION
In connection with Merchant procuring services from Bank and ISO, each Guarantor understands that a consumer report as defined in the Federal Fair Credit Reporting Act as amended (“FCRA”), 15 U.S.C. 1681 and following, may be obtained by the Bank or ISO from a consumer reporting agency (“CRA”). Merchant (which term shall include its Guarantors in this consent) understands that this report may include information with respect to public record information, criminal records, motor vehicle operation history, education records, names and dates of previous employers, reason for termination of employment and work experience, and/or credit worthiness, capacity and standing, character, general reputation, personal characteristics, or mode of living, such information may be used to evaluate whether Merchant is an appropriate candidate for transacting with Bank and ISO and this determination may be adverse to Merchant. The information obtained will not be provided to any parties other than to designated authorized representatives of the Bank or ISO. Merchant further understands that the CRA may not give out information aboutMerchant to the Bank or ISO withoutMerchant’s written consent.Merchant hereby authorizes the Bank and ISO now, or at any time while it is party to an agreement with the Bank and ISO or otherwise engaged by the Bank or ISO, to obtain a consumer report on Merchant. This authorization does not include the release of Merchant’s medical information. A copy, fax or scan of this consent shall be considered as effective and valid as the original. Merchant understands that in the event any adverse action is taken against Merchant based in whole or in part on the consumer report, Merchant shall be provided with the name of the CRA and a copy of the report as well as a description of Merchant’s rights under the FCRA. On request, California, Minnesota, and Oklahoma residents, can obtain a copy of any consumer credit report requested by the Bank or ISO. On request, New York residents, can be informed if a consumer credit report has been requested on Merchant by the Bank or ISO as well as the name of the agency providing the report. Merchant and its guarantors have read and understand the above and authorize Bank and ISO to perform the above investigations.

1. Participation intheAmericanExpressOptBlue®Program
By checking the “Accept” checkbox next to AMERICAN EXPRESS OptBlue® on [the
application], Merchant has elected to participate in the American Express OptBlue
program (“American Express Card Acceptance”). The following terms and conditions
apply to Merchant’s participation in American Express Card Acceptance.

(a) The definition of “Association(s)” is changed to read as follows:
Association(s)” means VISA U.S.A., Inc. (“Visa”), MasterCard International
Incorporated (“MasterCard”), Discover Financial Services LLC (“Discover”) and
American Express Travel Related Services Company, Inc. (“American Express”).

(b) The definition of “Card(s)” is changed to read as follows:
“Card(s)”means either a Visa,MasterCard, Discover or American Express credit
card, debit card (or other similar card that requires a PIN for identification purposes), or
pre-paid, stored-value or gift card.

(c) ) The definition of “Issuer”is changed to read as follows:
“Issuer” means American Express or a member of an Association that enters
into a contractual relationship with a Cardholder for the issuance of one or more
Cards

(d) Merchant authorizes Bank and/or its affiliates to submit American Express
Transactions to, and receive settlement on such Transactions from, American Express
on behalf of Merchant.

(e) Merchant agrees that Bank may disclose to American Express information
regarding Merchant and Transactions to American Express, and that American Express
may use such information: (i) to perform its responsibilities in connection with American
Express Card Acceptance; (ii) to promote American Express; (iii) to perform analytics and
create reports; and (iv) for any other lawful business purposes, including commercial
marketing communications purposes within the parameters of American Express Card
Acceptance, and important transactional or relationship communications from American
Express. American Express may use the information about Merchant obtained in this
Agreement at
the time of setup to screen and/or monitor Merchant in connection with American
Express marketing and administrative purposes. Merchant agrees it may receive
messages from American Express, including important information about American
Express products, services, and resources available to its business. These messages
may be sent to the mailing address, phone numbers, email addresses or fax numbers
of Merchant. Merchant may be contacted at its wireless telephone number and the
communications sent may include autodialed short message service (SMS or “text”)
messages or automated or prerecorded calls. Merchant agrees that it may be sent fax
communications.

(f) Merchant may opt-out of receiving future commercial marketing
communications from American Express by contacting ISO; however, Merchant
may continue to receive marketing communications while American Express
updates its records to reflect this choice. Opting out of commercial marketing
communications will not preclude Merchant from receiving important
transactional or relationship messages from American Express.

(g) Merchant acknowledges that it may be converted from the Opt-Blue to a direct Card Acceptance relationship with American Express if and when it becomes a High Charge Volume Merchant in accordance with AXP rules for “High CV Merchant Conversions”. High CV Merchant is a OptBlue Merchant with either (i) greater than USA $1,000,000 in Charge Volume in a rolling Twelve (12) month period or (ii) greater than USD $100,000 in Charge Volume in any three (3) consecutive months. For clarification, if an OptBlue Merchant has multiple Establishments under the same tax identification number (TIN), the Charge Volume from all Establishments shall be summed together when determining whether the Program Merchant has exceeded the thresholds above in America Express’ sole discretion. This acknowledgement is accepted by merchant signature on application and include express agreement that, upon conversion, (i) the Merchant will be bound by American Express’ then-current Card Acceptance Agreement; and (ii) American Express will set pricing and other fees payable by the merchant for Card Acceptance.

(h) OptBlue accepting Merchants shall not assign to any third party any payments due to it under their respective Merchant Agreements, and all indebtedness arising from Charges will be for bonafide sales of goods and services (or both) at its Establishments and free of liens, claims, and encumbrances other than ordinary sales taxes; provided, however, that the Merchant may sell and assign future Transaction receivables to Participant or its affiliated entities, without consent of American Express.

(i) American Express retains a third-party beneficiary provision, conferring on American Express third-party beneficiary rights but not obligations, to this Merchant Agreement which fully provides American Express with the ability to enforce the terms of the Merchant Agreement against the Program merchant at its own option.

(j) American Express Opt-Out. Merchant may opt out of accepting American Express at any time without directly or indirectly affecting its rights to accept other Cards.

(k) ) Bank and ISO have the right to terminate Merchant’s participation in American Express Card Acceptance immediately upon written notice to Merchant:
(i) if Merchant breaches any of the provisions of this Section 46 or any other terms of this Agreement applicable to American Express Card Acceptance; or (ii) for cause or fraudulent or other activity, or upon American Express’s request. In the event Merchant’s participation in American Express Card Acceptance is terminated for any reason, Merchant must immediately remove all American Express branding and marks from Merchant’s website and wherever else they are displayed; or (iii) Cards if it breaches any of the provisions in this Section 3.2, “General Requirements” or the American Express Merchant Operating Guide, which is found at www.americanexpress.com/merchnatopguide.

(l) Merchant’s refund policies for American Express-related Transactions must be at least as favorable as its refund policy for purchase with any other Card, and the refund policy must be disclosed to Card members at the time of purchase and in compliance with Applicable Law. Merchant may not bill or attempt to collect from any cardholder for any American Express-related Transaction unless a Chargeback has been exercised, Merchant has fully paid for such Chargeback, and it otherwise has the right to do so.

(m) Merchant must accept American Express as payment for goods and services (other than those goods and services prohibited by this Agreement, the MOG (as that term is defined below or Applicable Law) sold, or (if applicable) for charitable contributions made at all of its business locations and websites, except as expressly permitted by state statute. Merchant is jointly and severally liable for the obligations of Merchant’s business locations and websites under this Agreement.

(n) Merchant or American Express may elect to resolve any claim against each other, or against Bank or ISO with respect to American Express-related Transactions, by individual, binding arbitration, decided by a neutral arbitrator, in accordance with the MOG.

(o) Merchant will comply in full with American Express’s Merchant Operating Guide (as the same may be amended from time to time) (the “MOG”). The current MOG can be found at www.americanexpress.com/merchantopguide. For the sake of clarity, the term “Rules” specifically includes the MOG.

(p) American Express has the right to modify the terms of this Section 46 and any other provision of this Agreement that relates to American Express Card Acceptance and to terminate Merchant’s acceptance of American Express-related Transactions and to require an investigation of Merchant’s activities with respect to American Express-related transactions.

(q) A copy of the American Express Data Security Requirements can be obtained online at www.americanexpress.com/dsr. Merchant will abide by and fully comply with applicable American Express requirements.