NOW IT IS HEREBY AGREED AS FOLLOWS: -

1. DEFINITIONS AND INTERPRETATION

   1. In this Agreement, unless the context otherwise requires, the following terms shall have the following meanings:

      Acquirer	means an institution that I-SERVE is working with to process the Payment Card, E-Wallet and/or FPX transactions on behalf of the Merchant which enables the Merchant to accept Payment Card, E-Wallet and/or FPX as mode of payments by their customers;
      ADC Event	means account data compromise event, which is an occurrence that results, directly or indirectly, in the unauthorised access to or disclosure of Payment Card data or the unauthorised manipulation of Payment Card data controls, such as Payment Card account usage and spending limits and as further ascribed in Schedule 4 herein;
      Agreement	means this Merchant Services Agreement, including the recitals, schedules, annexures or appendices hereto, the Merchant Application Form, Letter of Acceptance, and such other terms and conditions in whatever form which are either expressly incorporated as part of the Agreement or by reference;.
      AMLA	means Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001;
      Approval Code	means a reference code in alphabetical and/or numerical format generated upon approval of a Transaction;
      BNM	means Bank Negara Malaysia which was established under the Central Bank of Malaysia Act 1958;
      Business Day	means any day (excluding Saturdays, Sundays and public holidays) on which banks in Selangor, Malaysia is open for business;
      Card Security Code	means the 3-digit numerical code being a unique check value generated using a secure cryptographic process that is displayed on the signature panel of the Payment Card;
      Chargeback	means a claim for refund from I-SERVE or any refusal of any payment to I-SERVE by a Payment Card issuer in relation to a Payment Card Transaction for whatever reason;
      Confidential Information	means:   information or material proprietary of the Disclosing Party of which the Receiving Party may obtain knowledge or access, including information which may have been disclosed by the Disclosing Party to the Receiving Party prior to the execution of this Confidentiality Undertaking;   including but not limited to, the following types of information and other information of a similar nature, whether or not set forth in writing; discoveries, ideas, concepts, papers, software in various stages of development, design, drawings, specifications, techniques, models, prototypes, data, source code, object code, documentation, manuals, diagrams, flow charts, schematics, research, process, procedures, functions, “know-how”, marking techniques and materials, marketing and development plans, customer names and other information related to customers, price list, pricing policies, financial information and business plan, information embodied in electronic devices, of all types including, but not limited to, memory devices and audio devices disks, tapes and cassettes, information in machine recognisable form including, but not limited to, electronic communications of all types, including but not limited to radio, wireless, television, satellite, cable, fibre optics and telephone, information in other forms and information in other forms developed in the future; including any information described as proprietary or designated as Confidential Information, whether or not owned or developed by the Disclosing Party, and whether or not copyrighted or information disclosed to the Disclosing Party by any third party which information the Disclosing Party is obligated to treat as confidential or proprietary information. Confidential Information shall also include all internal information of the Disclosing Party of which the Receiving Party, their employees or representatives become aware during the performance of their duties. This shall apply in particular to all internal information including but not limited to any kind of business, commercial or technical information. It shall also include Confidential Information given orally by the Disclosing Party to the Receiving Party; including (but is not limited to) the terms and conditions of this Confidentiality Undertaking, including the identity of the Parties hereto, and the fact that the Parties hereto are negotiating and/or discussing in connection with the Proposed Transaction, and the status of the said negotiations and/or discussions; and including circumstances wherein the Disclosing Party orally discloses Confidential Information to the Receiving Party.
      Customer	means the individual or entity who use a Payment Card, E-Wallet and/or FPX as a mode of payment for the purchases of Goods from the Merchant;
      Dynamic QR Code	means a unique and changeable QR Code produced by the Merchant which has the Merchant’s account details and Transaction information (including the Transaction Charges) embedded within the QR Code which can only be scanned once;
      E-Wallet	means electronic wallet, which is a payment instrument that stores monetary value that is paid in advance by the user to the issuer of E-Wallet. The E-Wallet can be used to make payments for purchases of Goods to the Merchant who accepts the EWallet as a mode of payment;
      Easy Payment Plan	means any Transaction Charges which can be paid by the Customer by way of interest free instalments as designated by i-SERVE from time to time;
      Effective Date	means the date of the first Letter of Acceptance;
      Excessive Chargeback Program	means a set of programs in relation to Payment Card Transaction which is provided by the Payment Networks for its members to closely monitor, on an ongoing basis: its chargeback performance at the Merchant level; and to promptly determine when the Merchant has exceeded or is likely to exceed monthly chargeback thresholds.
      Floor Limit	means the amount of a Transaction Charges or series of Transaction Charges by one Customer in one day at any outlet that if the Merchant operates in excess of which, the Merchant must seek specific authorisation from I-SERVE prior to completing the relevant Transaction;
      FPX	means Financial Process Exchange, which is an exchange infrastructure and application platform offered by Payment Network Malaysia Sdn. Bhd. It is a secure online payment gateway system that allows consumers to make real time online payments by using their existing current or savings account maintained with the participating banks;
      FSA	means Financial Services Act 2013.
      Goods	means merchandise and/or services sold by the Merchant to the Customers;
      Government Agency	means any government or any governmental, semi- governmental, administrative, fiscal or judicial body, department, commission, authority, tribunal, agency or entity whether in Malaysia or otherwise.
      Intellectual Property	means all intellectual property and proprietary rights, including all present and future rights conferred by statutes, common law or equity in or in relation to the following: trademarks (including trade dress), service marks, logos or trade names, whether registered or unregistered, together with the goodwill associated with any of the foregoing, and all registrations, renewals and applications for registration thereof; those rights existing under the copyright laws for those works subject to the copyright laws and copyright registrations and applications for registration thereof, including all renewals and extensions thereof; rights in trade secrets, confidential business information and other proprietary information (including concepts, ideas, designs, processes, procedures, techniques, technical information, specifications, operating and maintenance manuals, drawings, models, tools, algorithms, Software architectures, methods, know-how, technical data and databases, discoveries, inventions, research and development, formulas, modifications, extensions, improvements and other proprietary content); rights in computer software programs, including but not limited to application software, system software, firmware, middleware and mobile digital applications, including all source code, object code, and documentation related thereto, in any and all forms and media; rights in domain names, domain name registrations and web pages; and all other intellectual property rights in any and all jurisdictions throughout the world.
      i-Serve Brand	means any trademark or name owned or used by i-Serve.
      i-Serve System	means any i-Serve’s electronic or web-based system which i- Serve grants access to the Merchant for the purpose of the Services or that i-Serve uses to issue notices to the Merchant.
      Instalments	means the minimum and maximum number of instalments to be offered under the Easy Payment Plan.
      Letter of Acceptance	means the letter issued by i-Serve on the acceptance of the Merchant’s application to be i-Serve’s merchant or to confirm i- Serve’s agreement to provide the Services to the Merchant.
      Marks	means the names, logos, trade names, logotypes, trademarks, service marks, trade designations, and other designations, symbols, and marks, including but not limited to any one of the Acquirers’ or Card Schemes’ brand mark and name mark, that any one of the Acquirers or Card Schemes or its affiliates or subsidiaries own, manage, license, or otherwise control and make available for use by i-Serve and other authorised entities.
      Merchant	means a person or entity as specified in the Merchant Application Form;
      Merchant Application Form	means the application form duly completed by the Merchant to be i-Serve’s merchant;
      Merchant Discount	means the fee that is deductible and payable by the Merchant to I-Serve for the Services and is calculated in the manner and at the rate specified in the Letter of Acceptance or at such other rate as notified by I-SERVE to the Merchant from time to time;
      MID	means unique identification number assigned to the Merchant by I-SERVE;
      MOTO	means Mail or Telephone Order, whereby the Transaction involving an order for the purchase of Goods by a Customer via mail, email, telephone or facsimile to the Merchant
      MOTO Programme	means a programme that the Merchant participates in that allows Customer to purchase the Goods via MOTO;
      NFC	means near field communication, which is a wireless technology that allows contactless exchange of data between the devices
      PA-DSS	means Payment Application Data Security Standard, which is a set of comprehensive security requirements developed by PCI SSC to encourage and enhance Payment Card Customer data security and facilitate the broad adoption of consistent data security measures globally;
      Payment Card	means a valid card either credit, debit, prepaid, charge or virtual card or any other payment instrument bearing the symbols and programme marks together with other emblems, slogans, insignia and copyrights as adopted by Payment Networks;
      Payment Networks Programme	means a valid card either credit, debit, prepaid, charge or virtual card or any other payment instrument bearing the symbols and programme marks together with other emblems, slogans, insignia and copyrights as adopted by Payment Networks;
      PCI DSS	means Payment Card Industry Data Security Standard, which is a set of comprehensive requirements developed by PCI SSC to encourage and enhance Payment Card Customer data security and facilitate the broad adoption of consistent data security measures globally;
      PCI SSC	means Payment Card Industry Security Standards Council, a council that is responsible for the development, management, education and awareness of the PCI security standards including PA-DSS and PCI DSS;
      PDPA	means Personal Data Protection Act 2010;
      Personal Data	means any information that relates directly or indirectly to an individual who can be identified from that information or from other information in the Merchant’s possession including but not limited to a Personnel of i-Serve.
      Personnel	means     employees,     agents,     principals,               secondees      and contractors who are individuals.
      PIN	means a personal identification number issued to a Customer for a payment instrument issued by the Payment Networks or personally selected by a Customer for the purpose of effecting payment for Transaction at Merchant’s payment terminal e.g. POS Terminal with PIN verification capability;
      PIN Pad	means a device that enables the Customer to enter a PIN at a payment terminal;
      POS Terminal	l means Point of Sale Terminal, which is a device electronically activated to read and record the data of each Transaction located at the Merchant’s outlet;
      QR Code	means quick response code, which is a type of matrix barcode or two-dimensional barcode that contains information about an item to which it is attached. There are two (2) types of QR Codes i.e. Static QR Code and Dynamic QR Code;
      Recurring Payment	means a Customer’s periodic Transaction Charges payable to the Merchant, of which the same are being billed directly to the Customer’s Payment Card account as authorised in the Standing Instruction;
      RM	means Ringgit Malaysia which is the lawful currency of Malaysia;
      Sales Slip	means a document in the form provided by I-SERVE or any Acquirers or Payment Networks from time to time to the Merchant for the purpose of recording, confirming and evidencing Goods purchased by the Customer through the use of Payment Card, EWallet and/or FPX to be charged or debited to the Customer’s Payment Card, E-Wallet and/or current or savings account;
      Service Fees	means all fees, excluding Merchant Discount, payable by the Merchant to I-SERVE in relation to the Services as specified in the Letter of Acceptance or imposed by I-SERVE from time to time;
      Services	means payment processing services provided by I-SERVE to the Merchant including, but not limited to, UPay, UPayMe and Zapp for the processing of Transactions as well as for enabling acceptance of the Payment Card, E-Wallet and/or FPX;
      Settlement Amount	means the amount payable by I-SERVE to the Merchant under the Agreement for each successful Transaction based on the Transaction Charges less Merchant Discount or any other fees or charges as notified by I-SERVE from time to time;
      Settlement Processing	means the process carried out by the Merchant for purposes of transmitting data of Transaction Charges to I-SERVE to enable ISERVE to remit the Settlement Amount to the Merchant;
      Split Sale	means a Payment Card Transaction where upon the authorisation was declined, the Merchant split the transaction into two (2) or more transactions using the same Payment Card to obtain authorisation approvals from I-SERVE;
      Standards	means any bylaws, rules, policies operating regulations and procedures of the Acquirers, Payment Networks and I-SERVE or any code of practice, guidelines or standards issued by relevant regulators or industry bodies, whether or not having the force of law, including but not limited to any manuals, guidelines, bulletins, standards issued by the PCI SSC and any other data security standards as may be issued or amended from time to time;
      Standing Instruction	means an instruction given by Customer that authorises the direct billing of the Customer’s periodic Transaction Charges incurred to the Merchant;
      Static QR Code	means a fixed and unchangeable QR Code provided by ISERVE, the Acquirers or Payment Networks to the Merchant which only has the Merchant’s account details embedded within the QR Code, and can be scanned repeatedly;
      Subsidiary	has a meaning assigned to under Section 4 of the Companies Act 2016;
      Term	means the duration of the Agreement as specified in Clause 3;
      TID	means a unique identification number assigned to a payment terminal that is registered under the Merchant;
      Transaction	means any type of sales transaction effected through the use of the Payment Card, E-Wallet and/or FPX for the purchase of Goods by the Customer from the Merchant;
      Transaction Charges	means the amount charged to the Payment Card, E-Wallet and/or current or savings (via FPX) account for Goods purchased by the Customer from the Merchant;
      UPay	means any online payment processing services including, but not limited to, e-commerce Transaction, that I-SERVE is providing to its Merchant;
      UPayMe	means an online payment portal services provided by I-SERVE to its Merchant for the payment processing services;
      Zapp	means the E-Wallet services provided by I-SERVE to its users for the purpose of making payment for purchases of Goods, to the Merchant who accepts Zapp as a mode of payment;

   2. Words bearing the singular in this Agreement shall include the plural and vice versa.
   3. Titles and headings in this Agreement are used for convenience and ease of reference only, and in no way define, limit, extend or describe the scope and intent of this Agreement or of its provision.

2. APPOINTMENT

   The Merchant hereby appoints I-SERVE for the provision of the Services in accordance with the terms of this Agreement for the duration of the term as defined in Clause 3 below and I-SERVE agrees to accept the appointment of the Merchant for the provision of the Services to the Merchant.

3. TERM

   This Agreement will take effect from the Effective Date and shall continue to be valid until terminated in accordance with the terms and conditions of the Agreement.

4. MERCHANT’S OBLIGATIONS

   Subject to the provisions of this Agreement, the Merchant shall perform the following in accordance with the terms of this Agreement:

   1. to prepare and submit all necessary supporting documents or particulars designated in the Merchant Application Form and any other information as may be required by I-SERVE from time to time.
   2. shall inform I-SERVE on any change on the Merchant’s name, address, product and services, sales model and/or channel, style, constitution or composition whether by retirement, expulsion, death or admission of any partner or parties, amalgamation, reconstruction or otherwise.
   3. shall make payment for the Service Fees prescribed in the Merchant Application Form for using the Services provided by I-SERVE.
   4. at all times observe and comply with the guidelines and procedures on the acceptance of the Payment Card, E-Wallet and/or FPX as provided by I-SERVE and those from the Acquirers and Payment Networks, at any time during the term of this Agreement;
   5. accept all Payment Cards, E-Wallet and/or FPX as a payment method for the Customer’s purchase of the Goods;
   6. not require any Customer to pay any part of the Merchant Discount whether through an increase in price or otherwise or to pay any other charge or to require any security from or otherwise impose any condition on a Customer in connection with any Transactions;
   7. submit to I-SERVE records of all Transactions performed by the Merchant;
   8. not impose or require Customers to pay any surcharge, commission or discount whether through any increase in price or otherwise, or any other terms and conditions whatsoever on any of the Customers desirous of using the Payment Card, E-Wallet and/or FPX as opposed to any other method of payment, unless prescribed by the laws and the Standards;
   9. not impose a minimum Transaction Charges for the acceptance of an otherwise valid Payment Card, E-Wallet and/or FPX from Customer as a method of payment;
   10. include in the value of the Sales Slips any tax applicable to be collected and shall not collect the tax applicable separately in cash;
   11. observe and perform all obligations under the Merchant’s contract with the Customers including but not limited to the nature, quality and delivery of Goods sold to the Customers;
   12. not sell, purchase, provide or exchange Payment Card, E-Wallet and/or current or savings account number, Transaction, or personal information of or about a Customer to anyone other than to I-SERVE, the Acquirers, the Payment Networks, or as required by the relevant authority. This provision applies to Payment Card imprints, TIDs (if relevant), carbon copies, mailing lists, tapes, database files, and all other media created or obtained as a result of a Transaction;
   13. provide the full description of the Goods available to the Customer including the cost of the Goods and the delivery or shipping charges in RM and the equivalent in such other foreign currency or currencies acceptable by I-SERVE and description of any guarantees and warranties granted by the supplier or manufacturer for such Goods;
   14. ensure that the Goods comply with all laws applicable to the Merchant, I-SERVE, the Acquirers, the Payment Networks, the Customer, the Payment Cards and the Standards;
   15. ensure the sales of Goods, including image and descriptions, are not:

       (i) patently offensive, i.e. containing pornographic material or any vulgar and other content prohibited by the Malaysian Communications and Multimedia Content Code;

       (ii) lacks serious artistic value;

       (iii) counterfeit/fake Goods or those otherwise infringing the intellectual property rights of others; or

       (iv) any other material thatI-SERVE, the Acquirers or Payment Networks deem unacceptable to sell in connection with the I-SERVE Brand or Marks;

   16. for non face-to-face Transaction, ensure that the Goods purchased are rendered to the Customers within the duration as stated or committed by the Merchant.
   17. not to perform or accept any Transactions in any other locations outside Malaysia without I-SERVE’s prior written approval;
   18. not to move any POS Terminal from the location approved by I-SERVE without ISERVE’s prior written consent;
   19. use any payment terminal beyond the scope of this Agreement; and
   20. attend any training instructed by I-SERVE from time to time.

5. MERCHANT’S COVENANTS, REPRESENTATIONS AND WARRANTIES

   1. The Merchant hereby irrevocably and unconditionally covenants, represents and warrants as follow:
   1. if the Merchant is a company or corporation, it is a company or corporation duly incorporated and validly existing under the laws of Malaysia and has full power and authority to enter into this Agreement and the execution, delivery and performance of this Agreement are within its corporate power, have been duly authorised by all necessary corporate action, do not contravene its memorandum and articles of association and do not violate any law or regulation or any judgement, order or decree of any governmental authority, or any contract or undertaking binding on or affecting it;
   2. if the Merchant is a natural person, he has full power and authority to enter into this Agreement;
   3. this Agreement constitutes the legal, valid and binding obligations of the Merchant in accordance with their respective terms;
   4. to obtain, fulfil or perform at its own cost and expense for necessary license, authorisations, consents and approvals for own proper facility, equipment, inventory, agreement, personnel and other capabilities to conduct business;
   5. all information furnished by the Merchant in connection with this Agreement, does not contain any untrue statement or omit to state any fact the omission of which makes any statements made therein in the light of the circumstances under which they are made, misleading, and are made on reasonable grounds after due and careful inquiry and the Merchant is not aware of any material facts or circumstances that have not been disclosed to I-SERVE which might, if disclosed, adversely affect the decision of a person considering whether or not to enter into this Agreement;
   6. there is no violation or contravention of any laws, directives, court orders, judgments and arbitration awards have been committed by the Merchant;
   7. shall have legal or legitimate rights to sell and market such Goods offered and posted in the Merchant’s website and/or platform or face to face businesses;
   8. at all times, comply with the requirements prescribed in the Standards in relation to all other matters not specifically provided in the Agreement, including but not limited to:

      (i) the data protection programme;

      (ii) the fraud control rules and maintaining a total chargeback-to-sales volume ratio below the thresholds set by I-SERVE, the Acquirers or Payment Networks;

   9. upon request by I-SERVE, to furnish originals of bills/receipts or other supporting documents in relation to or in connection with the Services;
   10. permit and accept payment by the Customers using any of the Payment Cards, EWallet and/or FPX in accordance with the terms and conditions of the Agreement and the Standards;
   11. honour without discrimination the Payment Cards, E-Wallet and/or FPX when properly presented to the Merchant as means of payment from the Customer;
   12. not submit to i-Serve any Transaction that:

       (i) the Merchant knows or should have known to be fraudulent, counterfeit, suspicious, wrongful or not authorised by the Customer;

       (ii) the Merchant knows or should have known to be authorised by a Customer colluding with the Merchant for a fraudulent, counterfeit, suspicious or wrongful purpose; or

       (iii) represents the refinancing or transfer of an existing Customer obligation that is deemed to be uncollectible or arises from the dishonour of a Customer’s personal cheque.

   13. shall not offer any Goods at a price lower than that which the Merchant intends to sell such Goods, or from using promotional tactics which are not commercially reasonable or acceptable;
   14. shall not provide or disclose any information in relation to or in connection with the Transactions to any unauthorised third party;
   15. shall not gain or attempt to gain, directly or indirectly unauthorised access to the provided Services for, inter alia, the purpose of obtaining the customers information of other merchants of I-SERVE;
   16. shall not use the provided Services to conduct any fraudulent, immoral or illegal activities or such activities that may infringe the intellectual property rights of third parties;
   17. shall not use the information of the Customers, including, without limitation, the mobile telephone number of the Customers, for any purposes or reasons other than to obtain I-SERVE’s confirmation to carry out the Transaction;
   18. shall not use any intellectual property belonging to I-SERVE, including, without limitation, trademarks, trade names or patents, whether registered or not, without the prior written consent of I-SERVE other than such usage permitted under this Agreement;
   19. that the Merchant shall not at any time represent to any third party as an agent of I-SERVE.
   20. ensure that the Customer understands who is responsible for the Transactions, including delivery of the Goods, and for customer service and dispute resolution, all in accordance with the terms applicable to the Transactions;
   21. has sufficient safeguards in place to:

       (i) protect Customer and Transactions information permitted by the regulatory guidelines to be captured from authorised disclosure or use;

       (ii) comply with all applicable laws; and

       (iii) ensure each Transaction submitted by the Merchant reflects a genuine transaction between the Merchant and the Customer;

   22. be financially liable for all Transactions and liable for all acts, omissions, Customer disputes, and other Customer service-related issued caused by the Merchant;
   23. be responsible and financially liable for each Transaction entered into interchange, or for any disputed Transaction, or credit;
   24. not transfer or attempt to transfer any of the Merchant financial liability by way of asking or requiring Customers to waive their rights to make a claim;
   25. not processing any Transactions or any activities that is illegal or is deemed by ISERVE, the Acquirers or Payment Networks in its sole discretion, to damage or have the potential to damage the goodwill of I-SERVE, the Acquirers or Payment Networks or reflect negatively on the Marks;
   26. provide I-SERVE, the Acquirers and Payment Networks with the necessary information, documents and records of the Transaction or Customer and assistance required or requested by anyone of them to maintain compliance with the Standards and laws immediately upon request by I-SERVE, the Acquirers and Payment Networks at any reasonable time;

   (aa) be responsible for staying apprised of all applicable changes to the Standards and this Agreement and maintaining compliance with the Standards and this Agreement. Standards may be available on websites of the Acquirers or Payment Networks;

   (bb) shall not take any action that could interfere with or prevent I-SERVE, the Acquirers or Payment Networks from exercising its rights under this Agreement or the Standards;

   (cc) undertake that none of the Goods shall relate to timeshare, membership, telemarketing, unlicensed investment scheme, unlicensed multi-level marketing scheme as stipulated in the Standards;

   (dd) in addition to the above provisions, the Merchant must perform the following, if the Goods provided by the Merchant is categorised as high risk business by I-SERVE, the Acquirers and Payment Networks:

   (i) ensure that the Transactions are not fraudulent, counterfeit, suspicious or wrongful;

   (ii) if the Transaction is fraudulent, counterfeit, suspicious or wrongful, the Merchant will be liable for any loss suffered by i-Serve or the Card Schemes arising from such fraudulent, counterfeit, suspicious or wrongful Transaction;

   (iii) if the Merchant suspects any Transactions to be a fraudulent, counterfeit, suspicious or wrongful transaction or if such the Transaction Charges for such Transaction involve a material transaction value (which amount shall be informed by I-SERVE to the Merchant from time to time), the Merchant must perform card verification with the Customer and to submit the relevant verification document to I-SERVE within three (3) Business Days after the date of the Transaction, failing which, the Merchant shall reverse the Transaction; and

   (iv) resolve directly with the Customer any claims or complaints made by the Customer in respect of any purchase of the Goods.

   (ee) shall ensure not to processes more than United State Dollars One Million (USD 1,000,000.00) annually (based upon the date its account is approved) for any cards and does not enter into a merchant agreement directly with the Bank

   (ff) shall ensure that it does not involve or engage in the types of business or activities listed in the Appendix A, or the products sold to the Merchant’s users shall not contain articles which are prohibited or restricted under any and all applicable laws and regulations, including products listed in the Appendix A, which may be updated by I-SERVE from time to time.

   (gg) When a Payment Card, E-Wallet and/or FPX is presented to the Merchant for payment, in accepting such payment via the use of the Payment Card, E-Wallet and/or FPX, the Merchant must comply with the acceptance procedure prescribed by the Standards, the Agreement or any other requirements notified by I-SERVE, the Acquirers or Payment Networks from time to time.

   2. In the event if the Merchant has breached its obligations, warranties, undertaking or covenant as stipulated in this Agreement, I-SERVE shall be entitled to suspend the Merchant from carrying any further Transactions or terminate this Agreement in accordance with the provisions of this Agreement.

6. COLLATERAL

   1. I-SERVE may, at its absolute discretion, require the Merchant to place a Collateral in a manner that I-SERVE deems fit by way of a written notice, as security for the due and proper performance and completion of all obligations of the Merchant under this Agreement.
   2. If the Merchant fails to remit the Collateral within the timeline prescribed in the written notice, I-SERVE may without prejudice to any of its other rights and remedies and without any liabilities to the Merchant, suspend or terminate this Agreement by providing written notice to the Merchant. In the event of such termination by I-SERVE, neither Party shall have any claim against the other except for any prior breaches.
   3. If the Merchant fails to properly perform and complete its obligations under this Agreement and I-SERVE suffers loss or damage arising from such failure, I-SERVE may deduct any or all such loss or damage from the Collateral.
   4. In the event I-SERVE performs any deduction under Clause 6.3 above, the Merchant shall top up any shortfall within five (5) days of written notice by I-SERVE, failing which I-SERVE may suspend or terminate this Agreement immediately upon written notice.
   5. The Collateral does not relieve the Merchant from its obligations to pay any amounts due to I-SERVE nor does it constitute a waiver of I-SERVE’s rights under this Agreement.
   6. If the Collateral is insufficient to meet the payment of any or all of the loss or damage suffered by I-SERVE, the balance remaining shall be a debt due and owing from the Merchant to I-SERVE.
   7. I-SERVE shall be entitled to revise the Collateral amount from time to time by giving fourteen (14) days’ written notice to the Merchant.
   8. Subject to the Merchant duly performed and observed all its obligations under this Agreement, the Collateral shall be refunded free of interest to the Merchant:
      1. anytime during the Term of this Agreement, at the absolute discretion of I-SERVE; or
      2. upon the termination of this Agreement.

7. PAYMENT OF SETTLEMENT

   During the term of this Agreement and in consideration of the Merchant performing its obligations under this Agreement, I-SERVE shall pay the Settlement Amount to the Merchant as stipulated under Schedule 1 of this Agreement.

8. RIGHTS TO SET-OFF AND DEDUCT BY I-SERVE

   Any fees, charges or any other damages, losses, and expenses which are recoverable by I-SERVE from the Merchant, may be deducted from any money then due to the Merchant under the Agreement either by I-SERVE earmarking or deducting the Merchant’s account maintained with I-SERVE. If the money is insufficient for that purpose, the balance remaining unpaid shall be a debt due from the Merchant to ISERVE and may be recovered from the Merchant by I-SERVE in any court of competent jurisdiction.

9. SERVICE FEES

   1. All Service Fees shall be made in RM and no Service Fees shall be made in cash and/or cheque.
   2. All Service Fees shall be payable by the Merchant in accordance with the timelines specified in the Merchant Application Form or Letter of Acceptance or any written notice provided by I-SERVE. The Service Fees are subject to change from time to time at ISERVE’s discretion as may be notified by I-SERVE to the Merchant and will be effective on the date of the notice or the later date specified on the notice.
   3. I-SERVE shall deduct the Service Fees from the Settlement Amount due to the Merchant or from any accounts that the Merchant maintains with I-SERVE, in accordance with the Service Fees payment due date specified in the Merchant Application Form or Letter of Acceptance.
   4. If the Settlement Amount is insufficient for I-SERVE to deduct the Service Fees, the Merchant shall, upon demand, remit the payment for the unpaid Service Fees to ISERVE immediately.
   5. There shall be no refund of any Service Fees paid by the Merchant if the Agreement is terminated for any reason whatsoever.
   6. All Service Fees are excluding all taxes and I-SERVE shall be entitled to add any applicable taxes to the Service Fees and Merchant shall bear all such taxes.

10. DISPUTED TRANSACTIONS

    1. i-Serve shall not be responsible and liable to:
       1. the Customers, in any manner whatsoever for any goods, products or services purchased from the Merchant; and
       2. the Merchant, in the event a Customer disputes a Transaction.
    2. For the avoidance of doubt, the Transaction shall at all times be between the Merchant and the Customer and in no event shall I-SERVE be a party in any resulting dispute over any aspect thereof, including, but not limited to, issues relating to merchantability, fitness for use, quality, quantity or delivery.
    3. In the event of any fraudulent Transactions alleged by a Customer, I-SERVE shall not be under any obligation or responsibility to investigate any disputes on the Transactions between the Merchant and a Customer, whereby all disputes on the Transaction shall be resolved between the Merchant and the Customer.

    4. For FPX Transactions

       1. The Customer may submit request for refund to the Merchant within sixty (60) days of the date of the disputed Transaction based on the following reasons:

          (i) Goods purchased were not provided or rendered due to the Merchant’s nonperformance or insolvency;

          (ii) Goods purchased were damaged or defective;

          (iii) Goods purchased were not as described or as advertised by the Merchant;

          (iv) Goods purchased were not genuine or were counterfeit or fake; and/or

          (v) the Customer’s bank account was erroneously debited multiple times for a single purchase or charged an incorrect amount by the Merchant

       2. Upon receiving a request for refund, the Merchant shall respond to all requests for refunds within seven (7) Business Days of receipt. The Merchant shall ensure that the refund claims are addressed within the seven (7) Business Days timeframe.
       3. The Merchant may provide concrete evidence to contest the refund claim. Evidence may include proof of delivery, certification from suppliers on the authenticity of Goods or other documentation to demonstrate the Merchant’s performance of its obligations.
       4. If the Merchant fails to furnish the evidence within the timeframe specified in Clause 10.4(b) above or the evidence does not conclusively refute the Customer’s claim, the Merchant is required to refund the purchase proceeds to the Customer within three (3) Business Days.
       5. If the Merchant is not able to adequately refute a refund claim in accordance with Clause 10.4(c) above and/or fails to refund the purchase proceeds to the Customer in accordance with Clause 10.4(d) above, I-SERVE shall have the right to recover the disputed sum from the Merchant under Clause 8 of this Agreement.

11. ACCESS TO I-SERVE SYSTEM

    1. I-SERVE will, to the extent that is necessary for the Merchant to fulfill the Merchant’s obligation under the Agreement, grant access to the applicable I-SERVE System for the purpose of the Agreement.
    2. The Merchant shall comply with all guidelines issued and all directions given by I-SERVE from time to time in relation to access and use of I-SERVE System, including interface protocols and virus checking procedures.
    3. Required equipment, software and services:
       1. The Merchant shall obtain and maintain all equipment, software and services necessary to access and use I-SERVE System, as specified by I-SERVE from time to time
       2. If, for any reason, the Merchant is unable to access or use I-SERVE System, the Merchant shall use other means approved by I-SERVE to perform the relevant business process.
    4. If I-SERVE issues a login identity and password to the Merchant for the use of or access to I-SERVE System, the Merchant shall be solely responsible to:
       1. ensure that the login identity and password is only accessible by the Merchant’s authorised Personnel; and
       2. notify I-SERVE immediately if the Merchant becomes aware that the login identity or password have become or may become known by unauthorised person.
    5. I-SERVE may undertake scheduled or unscheduled maintenance of the I-SERVE System from time to time and I-SERVE will use reasonable endeavour to notify the Merchant of the same. I-SERVE shall not be liable for any losses incurred by the Merchant arising from I-SERVE’s performance of such maintenance.
    6. I-SERVE may, at its absolute discretion, require the Merchant to cease accessing ISERVE System immediately.

12. PROPRIETARY RIGHTS

    1. I-SERVE hereby grants to the Merchant, for the term of this Agreement, a personal nonassignable non-exclusive license to use the Marks in connection only with its provision of the Services in accordance with such manner of use as may be stipulated or permitted by I-SERVE from time to time and the Merchant agrees that it shall derive no title or interest in the Marks or any part thereof and shall not attain any goodwill in respect thereof.
    2. The Merchant undertakes to put up and display such signs and to distribute such materials at its premises relating to the Services, whether or not such materials contain the Marks, as may be reasonably required by I-SERVE from time to time but not to otherwise do so without the prior written consent of I-SERVE.
    3. The Merchant hereby authorises and consents to I-SERVE making reference to, using and reproducing the Merchant’s name, trademarks, logos, signs, acronyms and other insignia in any material or medium for the advertisement, publicity and promotion of the Services provided that I-SERVE shall not thereby or otherwise derive any title, interest, claim, right or goodwill in the same.

13. CONFIDENTIALITY

    1. All information disclosed or communicated by I-SERVE to Merchant or obtained by the Merchant from I-SERVE in connection with or in the course of its use of the Services, whether intended or by accident, shall be treated as Confidential Information unless the information:
       1. is or becomes publicly available through no fault of the Merchant;
       2. which the Merchant can prove was in its possession or known to it prior to its receipt from I-SERVE;
       3. is or was rightfully received by the Merchant from a third party without a duty of confidentiality being owed by the Merchant to the third party, except where the Merchant has knowledge that the third party has obtained that information either directly or indirectly as a result of a breach of any duty of confidence owed to ISERVE; or
       4. was independently developed by the Merchant without the use of the Confidential Information.
    2. Notwithstanding anything in this Agreement stating to the contrary, the obligation of the Parties under Clause 13 shall remain in full force and shall survive the termination or expiry of this Agreement.

14. INTELLECTUAL PROPERTY RIGHTS

    1. The Merchant acknowledges that the copyright, designs, trademarks and other Intellectual Property Rights comprised in the information, text, graphics, scripts, software, technology, music, sound, photograph, logos, widgets, documents and/or any materials provided by I-SERVE (“I-SERVE’s IPR”) are the sole and exclusive property of I-SERVE and/or its licensors.
    2. The Merchant may utilise the I-SERVE’s IPR strictly in accordance with the instruction and guidelines of I-SERVE issued and/or communicated by I-SERVE from time to time and solely for the activities contemplated in this Agreement only.
    3. The Merchant further agrees and undertakes that save as expressly permitted in this Agreement it shall not without I-SERVE’s prior written consent:
       1. reproduce, copy, reverse compile, adapt, modify, distribute, commercially exploit, display, broadcast, hyperlink or transmit in any manner or by any means or store in an information retrieval system any part of I-SERVE’s IPR; and
       2. create or use derivative works from I-SERVE’s IPR.
    4. If the Merchant uses any of I-SERVE’s intellectual property rights in breach of this Agreement, I-SERVE may immediately terminate or revoke such rights, in all or in part in its sole discretion without giving any prior notice and this shall not prejudice I-SERVE’s right to take any action against the Merchant for any damages suffered either directly or indirectly arising from the breach committed by the Merchant and/or its Personnel thereof.
    5. The obligation with regards to the Intellectual Property herein shall continue notwithstanding the termination or expiry of this Agreement.

15. COMPLIANCE WITH PERSONAL DATA PROTECTION ACT 2010 (“PDPA”)

    1. The Parties shall recognise that in the course of carrying out the covenants or obligations of this Agreement, a Party may have access to the Confidential Information belonging or pertaining to the customers, agents or employees (hereinafter referred to as “the Personal Data”) and in this respect, the Recipient Party hereby undertakes that:
       1. it shall not, at any time, use or copy the Personal Data for any reason other than for the purposes of carrying out the covenants or obligations under this Agreement; and
       2. it shall comply with all applicable laws pertaining to confidentiality and the privacy of Personal Data including the PDPA of Malaysia.
    2. The Recipient Party agrees to fully indemnify and hold the Disclosing Party harmless from and against any claim, loss or expense that the Disclosing Party may suffer as a result of the failure on the part of the Recipient Party or its personnel to comply with the requirements as to confidentiality herein.
    3. This indemnity shall survive the termination of the Agreement. For the avoidance of doubt, entities within the Disclosing Party group shall have the full benefit of and protection under this Clause through the Disclosing Party and the definition of Confidential Information including customer information shall cover the entities within the Disclosing Party group, where applicable. The obligations herein shall survive expiration or termination of this Agreement.
    4. For the avoidance of doubt, in respect of Personal Data received from the Merchant, ISERVE shall be entitled to assume that the Merchant shall have duly procured all necessary consents from the customers, agents, or employees or otherwise the individual to whom the Personal Data belongs in performing the Services or for the purposes of carrying out the covenants or obligations under this Agreement.

16. LIABILITY

    1. The Merchant shall not hold I-SERVE and its holding company, affiliates, subsidiaries, employees and/or its suppliers liable in any way for any losses or liabilities; and shall indemnify I-SERVE against any claims for matters caused by, directly or indirectly, by the Merchant or any third parties relate to the Merchant in connection with the use of or access to the Service.
    2. If at any event, I-SERVE, its employees, agents or licensees are found liable to the Merchant, such liability is limited to the actual amount of direct damages, For the avoidance of doubt, I-SERVE shall not be liable for any indirect, incidental or consequential loss or damage of any kind, including damages for lost advantage, loss of data or loss of profit.
    3. I-SERVE shall not be held liable for any losses or liabilities suffered by the Merchant, arising directly or indirectly, incidental or antecedent pursuant to any transactions between the Merchant and its customers and/or arising from any whatsoever circumstances due to the performance of the terms in this Agreement.

17. INDEMNITY

    1. The Merchant hereby indemnifies and shall keep I-SERVE indemnified in respect of its employees, and servants from and against any claims, suits, demands, losses, liabilities, expenses, costs or actions whatsoever arising under any laws of Malaysia to which ISERVE, its employees, or servants may suffer due to, arising out of or in course of or by reason of the carrying out of the terms of this Agreement or resulting from any breach of this Agreement by the Merchant, including, without limitation:
       1. any act, neglect or default of the Merchant or its agents, employees, licensees or customers;
       2. any event of fraud committed by the Merchant or its agents, employees or licensees; or
       3. breaches resulting in any successful claim by any third-party alleging libel or slander in respect of any matter arising from the Merchant carrying out the Transactions
    2. The Merchant shall indemnify I-SERVE for:
       1. any fines being imposed by the Acquirers or Payment Networks as a result of any breach of this Agreement by the Merchant or the Merchant’s failure to comply with the Standards; and
       2. any investigation and management costs in the event the Merchant’s activities resulted in chargeback or other risk which I-SERVE has to take actions to prevent or minimise loss.

18. DATA SECURITY AND PROTECTIONS

    1. The Merchant shall comply with the Standards when handling the Customer’s information, including but not limited to PCI DSS and PA-DSS for Payment Card Transactions.
    2. Any compliance exercise (including but not limited to self-assessment questionnaire, onsite reviews by qualified security assessor, or network scans by approved scanning vendor and compliance status reports) as and when deemed necessary for the Merchant by I-SERVE, the Acquirers or Payment Networks will be undertaken accordingly and paid fully by the Merchant.
    3. The Merchant must ensure that:
       1. a terminal or other device at the Merchant’s outlet does not display, replicate, or store any Payment Card-read data except Payment Card number (to be protected in accordance to PCI DSS requirements), expiration date, service code or Customer’s name;
       2. before discarding any media containing Payment Card, Customer or Transaction data, including such data as Card Security Code and Payment Card number, the Merchant must:

          (i) render the data unreadable; by ensuring that it is irretrievably and permanently destroyed;

          (ii) delete all such data from all its systems including its archival systems; and

          (iii) undertake the necessary verification of such destruction and deletion;

       3. access to Payment Card, Customer or the Transaction data stored in computers and terminals is limited and controlled by establishing data protection procedures that include, but are not limited to, a password system for computer remote terminal access, control over dial-up lines, and any other means of access.
    4. In the event of any breach in security which results in unauthorised use of the confidential information maintained by the Merchant, the Merchant must disclose such event to I-SERVE immediately.

19. ANTI-MONEY LAUNDERING

    1. The Merchant shall:
       1. ensure that all monies involved in any Transactions and in this Agreement shall come from a lawful source of activity and not unlawful activities as defined under AMLA;
       2. provide notice to I-SERVE if any Transaction was made on behalf of the Customer;
       3. upon receipt of I-SERVE’s request, provide verification of the identity of the beneficiary and such other information as I-SERVE may require including but not limited to certified true copies of any authorisation to act or documents that may be required for the purpose of verifying the information provided by the Merchant. Copies of such information may be retained by I-SERVE;
       4. declare and certify that the necessary “know your customer” checks have been conducted including but not limited to the identity, existence, address and nature of the business of the beneficiary and that the monies, funds or collateral are from a lawful source of activity and not unlawful activity as defined under AMLA;
       5. disclose and furnish to I-SERVE any information required or deemed necessary and to the satisfaction of I-SERVE within the period specified by I-SERVE in its request, whether or not for purposes of complying with the Standards; and
       6. not use the payment made via Transactions for money laundering or violate any laws relating to money laundering as defined under AMLA.
    2. In no event shall I-SERVE be liable for any direct, indirect, consequential or any losses whatsoever or howsoever arising or by reason of I-SERVE’s exercise of its duties under the laws for the time being in force, in particular but not limited to its statutory duties under AMLA.

20. SUSPENSION AND TERMINATION

    1. This Agreement shall become effective upon the execution of I-SERVE’s Merchant Application Form by the Merchant and shall remain in force and effect until terminated in accordance with the terms of this Agreement.
    2. Either Party to this Agreement may elect to terminate any or all of the Merchant’s MID or TID or this Agreement by giving one (1) month’s prior notice in writing to the other Party of its intention to do so without giving any reason.
    3. Without prejudice to the rights contained in this Agreement, I-SERVE may, in its absolute discretion and without affecting the accrued rights and obligations of the Parties as at the date of suspension or termination (as the case may be), suspend or terminate any or all of the Merchant's MID or TID or the Agreement immediately by giving notice in writing to the Merchant on the occurrence of any of the following events:
       1. in the event that suspension of the Agreement is necessitated by any directive or regulation from any Acquirers or Payment Networks or BNM or any authority having jurisdiction over the matters under the Agreement or due to any adverse findings by such authorities;
       2. the Merchant has breached any of the terms and conditions of this Agreement;
       3. the Merchant has breached this Agreement (other than by a breach in any material respect of any of the Merchant’s obligations under the Agreement) and, in ISERVE’s reasonable opinion, the breach:

          (i) cannot be rectified; or

          (ii) is capable of being rectified and shall remain unrectified by the Merchant for a period of fourteen (14) days after being notified to do so;

       4. the Merchant cease, or threatens to cease, to carry on business;
       5. a judgment in any amount is obtained against the Merchant, or any distress, attachment, execution or other process of a Government Agency is issued against, levied or enforced on any of the Merchant’s asset;
       6. a receiver, receiver and manager, administrator, trustee or similar official is appointed over any of the Merchant’s assets or undertakings, an application or order is made for the Merchant’s winding up or dissolution, or a resolution is passed or any steps are taken to pass a resolution for the Merchant’s winding up or dissolution, except for the purpose of an amalgamation or reconstruction which has I-SERVE’s prior consent;
       7. the Merchant suspend payment of the Merchant’s debts generally, or is or becomes unable to pay its debts when they are due, or is or becomes unable to pay the Merchant’s debts;
       8. the Merchant enters into, or resolves to enter into, any arrangement, composition or compromise with, or assignment for the benefit of, the Merchant’s creditors or any class of them;
       9. the Merchant is convicted of a criminal offence;
       10. the Merchant is fraudulent in connection with the Agreement;
       11. the Merchant becomes a Subsidiary of another corporation other than with the prior written approval of I-SERVE;
       12. there have been material misrepresentations by or concerning the Merchant or any of the information provided by the Merchant in the Merchant Application Form or otherwise to I-SERVE is or becomes incorrect, or false or misleading in a material respect;
       13. the Merchant’s details and other information disclosed in the Merchant Application Form materially changes, including, but not limited to, a change to the nature and type of business conducted by the Merchant;
       14. the Merchant, in the reasonable opinion of I-SERVE, brought I-SERVE into disrepute;
       15. the Merchant or the Merchant’s employees or agents have acted fraudulently or have otherwise misused the Services provided by I-SERVE;
       16. the Merchant is known or suspected to be involved in any fraudulent or any unlawful activity whether or not related to the Merchant’s business;
       17. upon receipt of a written request from the Acquirers or Payment Networks that any of the Merchant’s activity is deemed to be in violation of the Standards; or
       18. if the Merchant fails to remit the Service Fees within the timelines prescribed by ISERVE.
    4. In the event of termination of this Agreement for whatever reason, the following provisions shall apply:
       1. the Merchant must immediately submit all pending transactions to be performed under the Service to I-SERVE for processing purpose;
       2. the Merchant shall immediately cease use of the confidential information and return to I-SERVE all such confidential information in the Merchant’s possession or control;
       3. the Merchant agrees and undertakes to return to I-SERVE immediately all materials, books, records or otherwise pertaining to the provision of the Services, and shall not thereafter use the I-SERVE Brand and Marks or any part or derivatives thereof; and
       4. the Merchant agrees and undertakes to permit I-SERVE, and I-SERVE shall have the right of access to the Merchant’s premises to disconnect, retrieve and remove any equipment relating to the provision of the Services which is not owned by the Merchant and any material bearing the I-SERVE Brand and Marks or derivatives thereof and at the request of I-SERVE, the Merchant will at its own expense assist I-SERVE in this respect.
    5. In the event that I-SERVE terminates this Agreement in accordance with the terms hereof, the Merchant acknowledges and agrees that no reason whatsoever needs to be communicated to the Merchant for such termination and I-SERVE shall not be liable in any way for any loss or damage incurred or suffered by any Party due to such termination.

21. TAXES

    1. All taxes and other charges imposed or to be imposed by the governments or such competent authorities in respect of the provision of Services or in connection with this Agreement shall be borne by the Merchant and the Merchant shall reimburse and indemnify I-SERVE for the payment of the same in respect of the provision of Services or in connection with this Agreement.
    2. If as a result of the introduction of new laws, by-laws or regulations or the amendment of the existing laws, by-laws rules or regulations including, but not limited to, Sales and Service Tax (“SST”) which may be levied by the Government of Malaysia, the Parties hereto shall comply with the new laws and pay the tax imposed at such rate as may be determined by the Government of Malaysia.
    3. If I-SERVE is required by law to deduct or withhold taxes from any payment to the Merchant under this Agreement, then I-SERVE may make those deductions or withholdings (or both) to the relevant Government Agency and reduce its payment to the Merchant by such amount of deduction or withholding accordingly. I-SERVE shall have no obligation to pay an additional amount to the Merchant in relation to the amount deducted or withheld.

22. COSTS AND EXPENSES

    1. Each Party must pay its own costs and expenses in respect of the negotiation, preparation, execution and delivery of the Agreement. The stamp duty of the Agreement shall be borne by the Merchant.
    2. Any action to be taken by the Merchant in performing the Merchant’s obligations under the Agreement must be taken at the Merchant’s own cost and expense, unless otherwise expressly provided in the Agreement.

23. NON-EXCLUSIVITY

    The Merchant acknowledge and agree that the Merchant’s appointment under the Agreement is non-exclusive and that I-SERVE may appoint other persons to conduct and may itself conduct the activities under the Agreement.

24. STATUS OF MERCHANT

    Nothing contained in this Agreement shall constitute or to be deemed to constitute a partnership between the Parties and one of the Parties shall have any authority to bind or commit the other save as authorised by this Agreement.

25. PROHIBITION AND ENFORCEABILITY

    1. Any provision of, or the application of any provision of, the Agreement or any right which is prohibited in any jurisdiction is, in that jurisdiction, ineffective only to the extent of that prohibition.
    2. Any provision of, or the application of any provision of, the Agreement, which is void, illegal or unenforceable in any jurisdiction does not affect the validity, legality or enforceability of that provision in any other jurisdiction or of the remaining provisions in that or any other jurisdiction.
    3. Where any clause is void, illegal or unenforceable, it may be severed without affecting the enforceability of the other provisions in the Agreement.

26. AUDIT

    1. I-SERVE, Acquirers and Payment Networks shall have the right and the Merchant grants I-SERVE, the Acquirers and Payment Networks and their respective Personnel (including I-SERVE’s internal and external auditors and advisors) full access at all reasonable times and upon prior reasonable notice for the following event:
       1. the Merchant’s Personnel for the purposes of obtaining information in relation to the Agreement; and
       2. the Merchant’s premises, systems, database, accounts, documents and records relating to the Merchant’s operating practices and procedures to the extent relevant to the Agreement including in the supply of the Goods by the Merchant;
    2. In cases of audits initiated by any Government Agencies or entities having authority over I-SERVE (e.g. BNM and the Payment Networks), the Merchant must grant I-SERVE and such Government Agencies and their respective Personnel (including internal and external auditors and advisors) full and timely access to relevant accounts, documents, system logs and records in order to allow I-SERVE to meet the deadlines set by such authorities or entities.
    3. For the purposes of complying with the terms of the Agreement, the Merchant must promptly and efficiently provide I-SERVE, the Acquirers and Payment Networks and their respective Personnel (including I-SERVE’s internal and external auditors and advisors), any assistance which are reasonably required and shall also assist I-SERVE to meet I-SERVE’s internal and external audit and compliance requirements which may be more stringent than the regulatory requirements. The internal and external auditors shall have the right to copy and retain copies of any relevant records solely for the purposes of conducting the audit.
    4. I-SERVE may disclose the results of any audit and investigation (including any remedial action) undertaken under this Clause 26.
    5. The Merchant shall be responsible for all costs incurred in relation to any audit and investigation (including any remedial action) undertaken under this Clause 26.
    6. If the audit establishes any deficiencies, the Merchant shall:
       1. promptly take any remedial action as required by I-SERVE, the Acquirers or Payment Networks to rectify any particular problems or weaknesses arising out of the findings of the audit; and
       2. provide to I-SERVE, the Acquirers or Payment Networks all documentation related to resolution of such deficiencies and the corrective actions implemented to prevent reoccurrence of the deficiencies.
    7. If any of the Acquirers or Payment Networks requests an audit to be conducted under this Clause 26, the Merchant shall notify I-SERVE in writing and provide I-SERVE copies of any audit reports or findings including those relating to any remedial action undertaken by the Merchant which are furnished to the Acquirer or Payment Network.

27. NOTICES

    1. A notice or other communication including, but not limited to, a request, demand, consent, approval, authority, acceptance or directions, to or by a Party under the Agreement must be in legible writing and in English and sent to the address specified in the Merchant Application Form or as specified to the sender by any Party by notice.
    2. If sent to I-SERVE, it must be sent to the following address or e-mail address, or such other address or e-mail address as I-SERVE may specify in writing from time to time:

       Address:	No. 2-2 & 2-3, Jalan USJ 9/5P, Subang Business Centre, 47620 UEP Subang Jaya, Selangor, Malaysia
       Telephone Number:	+603-7661 6211
       E-mail Address:	merchantsalessupport@i-serve.com.my

    3. A notice shall be deemed to have been given, served or delivered by the sender and received by the addressee:
       1. if by personal delivery, at the time of delivery;
       2. if sent by registered post, courier, within five (5) Business Days of dispatch or posting;
       3. if by mail, three (3) Business Days after posting; or
       4. if by e-mail, on the day of sending the e-mail, but if the e-mail is sent on a day which is not a Business Day or is after 4.00pm (addressee’s time), it is regarded as sent at 9.00 am on the following Business Day.
    4. I-SERVE may also send the notice to Merchant via I-SERVE System or any like or replacement system and it is the Merchant’s responsibility to check I-SERVE System regularly for any notices or communications from I-SERVE. If notices are posted by ISERVE on I-SERVE System, they are regarded as being given by I-SERVE and received by the Merchant at 9.00am on the Business Day following the day such notices are posted on I-SERVE System.
    5. In this Clause 27, a reference to an addressee includes a reference to an addressee’s Personnel.

28. WAIVER

    1. Any waiver of any rights under this Agreement shall not be valid unless in writing and signed by a duly authorised representative of each Party.
    2. Waiver by either Party of any breach of the terms and conditions of this Agreement to be performed by the other Party shall not be construed as waiver of any breach of the same or any other terms or conditions.
    3. Failure or neglect of I-SERVE to enforce at any time any of the provisions hereof shall not be construed nor shall be deemed to be a waiver of such I-SERVE’s rights hereunder nor in any way affect the validity of the whole or any part of this Agreement nor prejudice I-SERVE’s rights to take subsequent action.

29. FORCE MAJEURE

    1. Neither Parties shall be liable for any cost or otherwise, for any delay and/or failure in the execution of their respective obligations hereunder if such cost, delay or failure is due to Force Majeure, which for the purpose of this Agreement shall mean any unforeseeable event or cause not within the control of the Party affected which that Party is unable to prevent, avoid or remove.
    2. The events falling within Force Majeure include but are not limited to:
       1. war (whether declared or not), hostilities, invasion, armed conflict act of foreign enemy, riot, insurrection, strike, revolution or usurped power; or
       2. acts of terrorism, sabotage or criminal damage; or
       3. nuclear explosion, radioactive or chemical contamination or ionizing radiation; or
       4. natural catastrophes including but not limited to earthquake, floods and exceptionally inclement weather and subterranean spontaneous combustion; or
       5. pressure waves caused by aircraft or other aerial devices travelling at sonic or supersonic speeds; or
       6. epidemic, pandemic or quarantine.
    3. If either Party is prevented or delayed in the performance of any obligation under this Agreement by events or Force Majeure, the affected Party shall give written notice thereof to the other Party within seven (7) days of the happening of such event, specifying the details constituting Force Majeure and the anticipated period during which such prevention, interruption or delay may continue.
    4. Where possible the parties shall diligently mitigate or remove the effects of Force Majeure. Either Party upon receipt of the notice of Force Majeure shall confer promptly with the other and agree upon a course of action to remove or alleviate such effect and shall seek reasonable methods of resuming full performance of its obligation and achieving the objective under this Agreement.

30. VARIATION

    1. This Agreement may be modified, added to, deleted, varied or amended by I-SERVE from time to time by giving twenty-one (21) days’ notice to the Merchant.
    2. Such amendment will be effective and binding on the Merchant from the date specified in the notice which may be given to the Merchant by posting on the I-SERVE System or otherwise provided in Clause 27.
    3. The Merchant will be deemed to have accepted and agreed to such amendments if the Merchant continue to use the Services after the effective date of the amendments.

31. ENTIRE AGREEMENT AND AMENDMENTS

    1. This Agreement and its Schedules constitute the entire agreement between i-Serve and the Merchant, and supersedes any prior or contemporaneous communications, representations, or agreements between the Parties, whether oral or written, regarding the subject matter of this Agreement. The terms and conditions of this Agreement may not be changed and if there is any conflict between the terms contained in this Agreement and the prior agreement, the terms contained herein shall prevail.
    2. In the event of any inconsistency between any provision of this Agreement and the Standards, the Standards will govern.

32. ASSIGNMENT AND NOVATION

    1. I-Serve may assign the Agreement or its rights and novate its obligations under the Agreement:
       1. to a related corporation as defined in the Companies Act 2016;
       2. to a third person as part of a restructure of i-Serve’s business; or
       3. to its financiers as security for any credit facilities granted to i-Serve.
    2. I-SERVE will notify the Merchant if it makes such an assignment or novation. The Merchant shall do all that is reasonably necessary as requested by I-SERVE to effect any such novation (or assignment).
    3. The Merchant shall not assign any of the Merchant’s rights or obligations under the Agreement without I-SERVE’s prior written consent.

33. SUCCESSORS IN TITLE

    This Agreement shall be binding upon the respective successors in title and permitted assigns of the Parties.

34. TIME

    Time is of the essence of this Agreement.

35. GOVERNING LAW

    This Agreement is governed by, and shall be construed in accordance with, the laws of Malaysia, and the Parties hereby agree to submit to the jurisdiction of the Court of Malaysia.

1. The payment of Settlement Amount shall be made via:
   1. telegraphic transfer to a deposit account specified by the Merchant maintained with any bank licensed by BNM in Malaysia; or
   2. any other payment methods as i-Serve deems fit.
2. The payment timeline of Settlement Amount may be amended by I-SERVE from time to time and such amendments will be notified to the Merchant before the effective date of such amendments which shall be on the date of the notice or the later date specified in the notice.

3. Dispute of Settlement Amount

   1. If the Merchant disputes the Settlement Amount in whole or in part, the Merchant shall inform I-SERVE within three (3) Business Days from the date of the Merchant’s receipt of the Settlement Amount. If the Merchant fails to notify I-SERVE within the specified period, the Settlement Amount shall be deemed final and conclusive. The Merchant may notify I-SERVE via its call centre or written notice.
   2. Upon I-SERVE’s receipt of the Merchant’s notice under Item 3.1 of Schedule 1 above, I-SERVE shall acknowledge receipt of the dispute within two (2) Business Days or such period where I-SERVE could reasonably do so from the date of receipt of such dispute.
   3. The Parties shall use their best endeavors to resolve the dispute within fourteen (14) Business Days from the date of I-SERVE’s receipt of the notice of dispute.
   4. I-SERVE shall inform Merchant if a longer time is required to address the dispute by providing appropriate rationale.
   5. Once the dispute is resolved, i-Serve shall:
      1. remit the outstanding Settlement Amount due (if any) to the Merchant within two (2) Business Days from the date of the settlement of dispute; or
      2. issue a credit note to the Merchant if the Settlement Amount paid is in excess of the actual Settlement Amount due to the Merchant, and the amount in the credit note will be deducted from the next Settlement Amount due to the Merchant.
   6. If the Parties are unable to resolve the dispute within the agreed timeline, the dispute shall be resolved in accordance with Clause 35 herein.

4. Merchant Discount

   1. The Merchant must pay the Merchant Discount (excluding any taxes) to I-SERVE. ISERVE shall be entitled to add any applicable taxes to the Merchant Discount and all taxes shall be borne by the Merchant. The Merchant Discount shall be calculated based on the Merchant Discount rate specified in the Letter of Acceptance (“MDR”).
   2. The MDR may be amended by I-SERVE from time to time and such amendments will be notified to the Merchant before the effective date of such amendments which shall be on the date of the notice or the later date specified in the notice.
5. The Merchant shall claim the Settlement Amount from i-Serve by way of Settlement Processing within three (3) Business Days from the date of the Transaction.
6. All payments by i-Serve in respect of the Transactions shall be made in RM.

7. Foreign Currency

   1. I-SERVE will notify the Merchant from time to time which foreign currencies are approved for the Transactions.
   2. If the Transaction is recorded in an approved foreign currency, then, unless I-SERVE agree otherwise, I-SERVE will process in RM (using an exchange rate determined by ISERVE at its absolute discretion) any event relating to that Transaction (such as paying for the original Transaction, making a Chargeback or a refund in respect of that Transaction).
   3. Charges to any exchange rate determined by I-SERVE may be effected at any time without notice to the Merchant.

8. Non-Payment to Merchant

   1. I-SERVE may at its absolute discretion, decline to pay the Merchant the Settlement Amount for any Transaction completed, if any of the following events occur:
      1. if the Goods are returned, whether or not any refund form is received by I-SERVE;
      2. if the Transaction is completed without obtaining an Approval Code;
      3. if the Transaction is found to be a Split Sale;
      4. for Transaction where the Approval Code does not correspond with I-SERVE’s record of the relevant Approval Code issued or fails to correspond with the valid Approval Code obtained through any Acquirers or Payment Networks’ records;
      5. for Transaction where the authorisation or approval request was declined by ISERVE;
      6. if the Sales Slip or MOTO form is drawn improperly or without authority;
      7. if the Sales Slip or MOTO form is illegible or incomplete;
      8. if the Sales Slip or MOTO form was prepared using a forged Payment Card or by other fraudulent means;
      9. the copy of Sales Slip presented by the Merchant to I-SERVE differs from Customer’s Sales Slip copy;
      10. the Customer disputes the sales, quality or delivery of Goods purchased via the Transaction or denies liability for any reason whatsoever;
      11. the Customer’s signature on the Sales Slip or MOTO form is missing or differs from the signature appearing on the Customer’s Payment Card;
      12. for Transaction with signature where there is no signature appearing on the Customer’s Payment Card;
      13. the Payment Card has expired or is invalid for any reason whatsoever;
      14. the Transaction involved is a cash payment, disbursement or refund;
      15. duplicate Transactions;
      16. the Transaction was drawn by, or depository credit given to the Merchant in circumstances constituting a breach of any terms, conditions, representations, warranties or of the Merchant’s obligation;
      17. the Sales Slip does not bear an imprint of the embossed legends of the Payment Card but is handwritten;
      18. where the Customer has refused the payment or where an authorised electronic printer is present, the Transaction information is not electronically printed but handwritten;
      19. sales of Goods or the use of a Payment Card is in violation of law, the Standards, rules or regulations of any Government Agency, local or otherwise even if ISERVE is aware of any discrepancy at the time when payment was made;
      20. the Transaction Charges presented to I-SERVE for payment exceeds the amount of the same Transaction that is authorised by I-SERVE;
      21. the frequency of presenting the MOTO form for the Merchant’s payment exceeds the number of instalments specified in the MOTO form;
      22. the Settlement Processing of Transaction is made more than three (3) Business Days from the date of Transaction;
      23. perform any Transactions in any other locations outside Malaysia without i-Serve’s prior written approval;
      24. the Agreement is terminated by i-Serve for any reason whatsoever; or
      25. for any other reasons i-Serve deems fit.
   2. I-SERVE may withhold payment for any of the following Transactions until I-SERVE has examined and verified the affected Sales Slip or refund form (if any) issued by the Merchant together with the Merchant’s copy of all other documents required by I-SERVE at its sole discretion, evidencing the Transactions and for a period of up to six (6) months from the date of Transaction:
      1. any irregularities in any Transaction;
      2. if i-Serve has reasons to believe that the Transaction is fraudulent or illegal; or
      3. for any Transaction listed in Item 8.1 of Schedule 1 above.
   3. Despite Item 8.2 of Schedule 1 above:
      1. I-Serve may continue to withhold the Settlement Amount if:

         (i) there are on-going investigations conducted by law enforcement agencies or any Government Agencies;

         (ii) I-Serve’s investigation reveals that the Transaction is fraudulent or illegal and i-Serve has reported the Transaction to the relevant law enforcement agency or Government Agencies for its further action; or

         (iii) required by the Acquirer or Payment Network to facilitate the refund of the Transaction Charges for any Chargeback which is initiated by the Payment Card, E-Wallet and/or FPX issuer; and

      2. if in i-Serve’s opinion the Transactions are not valid, no payment shall be made by i-Serve.

9. Chargeback

   1. I-Serve shall process the Chargeback which complies with the Standards and the Agreement.
   2. The Merchant shall reimburse I-SERVE for any payment made to the Merchant for any Chargeback Claim arising out of any breach or violation by the Merchant of the terms and conditions of this Agreement..
   3. The clause in Item 9.2 of Schedule 1 above shall survive the termination of the Agreement.
   4. Subject to Item 9.3 of Schedule 1 above, I-SERVE may withhold amounts payable to the Merchant for Chargeback reserves or similar purposes.
   5. I-SERVE shall, on an ongoing basis, closely monitor the Chargeback performance by the Merchant pursuant to the Standards including but not limited to the Excessive Chargeback Program.
   6. I-SERVE shall notify the Merchant if chargeback has or in danger of exceeding any threshold set by I-SERVE, the Acquirers or Payment Networks. The Merchant must take immediate action to rectify the failures in the Merchant’s processes which resulted in the excessive chargeback.
   7. The Merchant shall indemnify I-SERVE for any fines being imposed by the Acquirers or Payment Networks on any excessive chargeback as a result of the Merchant’s failure in the Merchant’s processes.

1. Payment Card and FPX Acceptance

   1. The Merchant must not:
      1. in any way indicate a greater preference for any method of accepting payment for the Goods other than a Payment Card, E-Wallet and/or FPX; or
      2. solicit or promote any such method more actively than a Payment Card, E-Wallet and/or FPX.

2. Floor Limit

   1. I-SERVE may designate a Floor Limit by way of a written notice for every Transaction conducted by the Merchant. In the absence of any such notice, the Floor Limit shall be zero.
   2. The Floor Limit may be varied by I-SERVE from time to time by way of notice to the Merchant.
   3. The Merchant must ensure that:
      1. the Transaction Charges for any Transaction by any Customer shall not exceed the Floor Limit; and
      2. the Merchant does not perform any Split Sales for any Payment Card Transaction performed by a Customer to circumvent the Floor Limit.
   4. If a Customer wishes to make a Transaction for which the Transaction Charges exceed the Floor Limit, the Merchant must:
      1. obtain I-SERVE’s prior written approval manually or electronically before accepting the Transaction; and
      2. print legibly the Approval Code evidencing on the Sales Slip before completing the Transaction.

3. Completion of Transactions

   1. For each Transaction completed by the Merchant, the Merchant must ensure that:
      1. the Transaction request submitted are in accordance with procedures notified by I-SERVE to the Merchant from time to time;
      2. the following conditions are observed for Payment Card Transaction completed at the Merchant’s outlet:

         (i) the Payment Card is presented with its validity period as expressed on the face of the Payment Card;

         (ii) there is no apparent alteration or mutilation on the Payment Card;

         (iii) the Payment Card bears genuine programme marks or any security or distinctive features; and

         (iv) the signature on the Sales Slip, if applicable, appears to be the same as that on the signature panel of the Payment Card upon reasonable examination.

   2. Transactions processed via POS Terminal
      1. The Merchant must obtain an Approval Code from I-SERVE for each Transaction processed via POS Terminal.
      2. Upon receipt of Approval Code, the Merchant must check to ensure that the Sales Slip, which shall be printed through the electronic printer, is printed with the following particulars:

         (i) the Merchant’s name, address and MID;

         (ii) POS Terminal identification number;

         (iii) Customer’s card number;

         (iv) batch number;

         (v) date and time of Transaction;

         (vi) Transaction Charges; and

         (vii) Approval Code.

      3. Transaction where signature is required To complete the Transaction, the Merchant must:

         (i) obtain the signature of the Customer on the designated place of the Sales Slip;

         (ii) compare the Customer’s signature on the Sales Slip and the signature on the Customer’s Payment Card to ensure that both signatures are identical; and

         (iii) decline the Transaction if the Merchant is unable to confirm that the signatures are identical or if the signature differs.

      4. Transactions that require PIN
         The Merchant must ensure that the Customer key-in the PIN via PIN Pad to authorise the completion of a Transaction.
      5. For NFC Transactions

         (i) The Merchant must request the Customer to place the Payment Card in front of the reader and wait for the transaction authorisation.

         (ii) No signature or PIN is required for transaction amount up to RM250.00 (or any other amount as defined by any Payment Networks, BNM or any Government Agency or relevant authority having jurisdiction over the matters).

   3. For QR Code Transactions

      The Merchant must either:
      1. scan the QR code via Customer’s mobile device with the correct Transaction Charges processed for approval; or
      2. allow Customer to scan its QR code via the Customer’s mobile device with the correct Transaction Charges processed for approval.

   4. For FPX Transactions

      The Merchant shall ensure each Transaction that is sent to FPX for processing has a unique payment reference number.
   5. If the Transaction request for any Approval Code is declined or refused, the Merchant must not complete the Transaction or attempt to split into two or more Sales Slip to effect the same Transaction, or accept the same Payment Card for any other transactions.

   6. the Merchant must not complete the Transaction if the Payment Card presented:

      1. has expired;
      2. has been altered, defaced or reprinted in any manner (for transaction where the physical Payment Card is presented);
      3. does not bear the signature of the Customer (for transaction where signature is required); or
      4. does not have the security features as advised by U Mobile from time to time.
   7. The Customer’s copy of the completed Sales Slip, if applicable, shall be given to the Customer upon completion of every Transaction.
   8. All Transactions shall be drawn in RM only. Any breach of this term resulting in currency exchange differences shall be borne by the Merchant.

4. Refund or Return of Goods

   1. If a Customer returns the Goods purchased, and the Merchant accepts the return of such Goods or if for any reason a Customer is entitled to have the Transaction Charges reduced or refunded, then the Merchant must either:
      1. legibly complete a refund form bearing the following details and submit the completed refund form to I-SERVE:

         (i) the nature of the Transaction;

         (ii) the Transaction Charges in RM;

         (iii) the date the Merchant process the refund of Transaction Charges; or

         (iv) perform the refund transaction via Settlement Processing.

   2. The Merchant must promptly present each refund form completed pursuant to Item 4.1 of Schedule 2 above to I-SERVE.
   3. Upon receipt of the refund form or refund Transaction via Settlement Processing, the Merchant must reimburse I-SERVE of the Transaction amount notified.
   4. The Merchant must not perform any refund directly to a Customer in any manner for Payment Card Transaction.
   5. The Merchant must not provide refunds to Customer for Transaction for Goods where at the time the Transaction took place, sufficient disclosure was provided to the Customer that:
      1. the Goods are non-refundable or cannot be exchanged;
      2. the Merchant only accepts Goods in immediate exchange for similar Goods with the price equivalent to the original Transaction Charges;
      3. the Merchant accepts return of Goods, and in return the Merchant will provide a credit voucher to the Customer for the value of the Goods returned. Such credit voucher may be used by the Customer for purchases at the Merchant; or
      4. subject to applicable laws and as agreed by the Customer, the Transaction Charges cannot be refunded, for example for Transactions involving delivery charges or insurance charges.

5. Transaction Records

   1. The Merchant must retain the Sales Slip or refund form issued by the Merchant together with the Merchant’s copy of all other documents evidencing the Transactions for a period of at least eighteen (18) months from the date of Transaction.
   2. The Merchant must allow I-SERVE, the Acquirers or Payment Networks to examine the documents specified in Item 5.1 of Schedule 2 above within seven (7) days from the date of I-SERVE, the Acquirer or Payment Network’s request.
   3. If the Merchant fail to produce legible and complete copy of the Sales Slips within seven (7) days upon I-SERVE’s request, I-SERVE reserves the right to be reimbursed for the affected Transaction amount by deducting from subsequent Transactions submitted to I-SERVE for payment.

6. Direct Mailing Promotion

   1. I-SERVE may at its sole discretion, assist the Merchant in a direct mailing promotion in the following manner:
      1. identify Cardholders according to the Merchant’s requirement;
      2. print labels bearing the name and address of a selected Customer in respect of each item of promotional material supplied by the Merchant; and
      3. manage the posting of the promotional material available to selected Customer or if there is insufficient promotional material.
   2. If at any time I-SERVE, disapprove or disagree, for any reason whatsoever, any aspects of the Merchant’s proposed direct mailing promotion, I-SERVE shall be entitled to withdraw its assistance without incurring any liability to the Merchant.
   3. If I-SERVE agrees to assist the Merchant in any direct mailing promotion, the Merchant shall supply to I-SERVE, the relevant promotional material in the form agreed by the Parties. These promotional materials must be ready for posting by mail (except for the recipients’ address and postal stamp).
   4. I-SERVE’s fee or the method of calculating I-SERVE’s (including reimbursement for all expenses incurred by I-SERVE, including all postal charges) for assisting in any direct mailing promotion shall be agreed with the Merchant in advance.
   5. I-SERVE shall not be liable in any way for the promotional materials provided by the Merchant, and the Merchant must indemnify I-SERVE in respect of any claim arising out of the promotional materials supplied by the Merchant.

7. Complaint by Cardholders

   1. I-SERVE shall not be responsible to Customers in any way for any Goods sold by the Merchant.
   2. The Merchant must in good faith, satisfy any claims or complaints made by Customers concerning any Goods purchased from the Merchant via the Payment Card, E-Wallet and/or FPX.
   3. The Merchant must indemnify I-SERVE against any and all claims made against ISERVE arising out of or in relation to the Goods purchased from the Merchant via the Payment Card, E-Wallet and/or FPX including all losses, costs and expenses (including legal fees) incurred by I-SERVE in connection with such claims.

1. POS Terminal Merchant

   1. I-SERVE may provide POS Terminals to the Merchant to be installed at the Merchant’s outlets.
   2. If I-SERVE install POS Terminal at the Merchant’s outlets, the POS Terminal fee shall be paid by the Merchant to I-SERVE.
   3. The Merchant may use one (1) or more POS Terminals. However, the Merchant must not use the POS Terminal for any third parties.
   4. The Merchant must use the POS Terminal with care and in accordance with the relevant equipment user guide.
   5. I-SERVE or I-SERVE’s appointed terminal vendor or any third party may provide training for the Merchant’s Personnel who will operate the POS Terminal and shall at their discretion provide POS Terminal instruction manual and specifications as I-SERVE may deem necessary for its efficient operation
   6. The POS Terminal training will include all aspects of the Payment Card, E-Wallet and/or FPX acceptance procedure, reconciliation, Settlement Processing and operation of the POS Terminal.
   7. The cost for all subsequent POS Terminal trainings provided based on the Merchant’s request shall be determined by I-SERVE and borne by the Merchant.
   8. The Merchant must:
      1. without limiting any other provisions in the Agreement, allow I-SERVE or its authorised agents or sub-contractors to access the Merchant’s premises to install, repair, service, swap or retrieve the POS Terminal; and
      2. process all Transactions through the POS Terminal in accordance with the Standards and operating instructions supplied by I-SERVE from time to time.
   9. I-SERVE may replace or request the POS Terminal to be returned at any time for any reason as I-SERVE deems fit.
   10. The provisions in this Item 1 of Schedule 3 apply to any imprinters which may be provided by I-SERVE to the Merchant.

2. E-Commerce Merchant

   1. The Merchant must bear the cost for the setting-up, maintenance, upgrading, security and integrity of the Merchant’s computer system, and related costs.
   2. The Merchant must keep all systems and media containing any information or data (whether physical or electronic) relating to Customers, their Payment Card, E-Wallet and/or FPX accounts and Transactions in a secure manner subject to the confidentiality, privacy and data security and protection clause in the Agreement to prevent access by or disclosure to anyone other than the Merchant’s Personnel or I-SERVE.
   3. If information or transaction data stored in any part of the Merchant’s system is lost, damaged, stolen, tampered with or otherwise compromised, the Merchant must report and give written notice of such loss, damage, theft or compromise to I-SERVE immediately. Upon I-SERVE’s receipt of the Merchant’s notice, the Merchant shall, in consultation with I-SERVE, take immediate steps to remedy the situation and prevent its recurrence.
   4. If the Merchant upgrade or change the version or type of its software or hardware or any other part of its system, the Merchant must inform I-SERVE of such change prior to its implementation and conduct testing with I-SERVE’s system soonest possible. ISERVE shall not be liable for any loss or damage suffered by any party or for any incompatibility between the Merchant’s system and I-SERVE’s system due to such changes made by the Merchant.
   5. I-SERVE shall not be liable in any way, for any claims, liabilities, expenses, costs, loss or damage of whatever nature brought against, suffered or incurred by or caused to any party whosoever due to or arising out of or in connection with the Agreement or any breach or compromise of the security or integrity, or malfunction, of any encryption and identification software, any electronic code keys, any equipment provided to any party or the Merchant’s system.
   6. Website requirements:
      1. The Merchant must promptly inform I-SERVE of any security breach, suspected fraudulent card account numbers or any suspicious activities that may be connected with attempts to commit a security breach or to use fraudulent card account numbers the Merchant’s security system or at the Merchant’s website.
      2. The Merchant must ensure the Merchant’s website and its content comply with all applicable law and do not infringe any third party’s intellectual property rights.

3. Merchant Allowing Recurring Payment by Cardholder

   1. The Merchant must honour all valid Payment Cards when presented for the purchase of Goods via the Recurring Payment service if:
      1. the Transaction is made prior to the Payment Card’s expiration date; and
      2. the Merchant has obtained the duly filled and signed Standing Instruction form from the Customer for the Recurring Payment.
   2. The Merchant must ensure that the list of Recurring Payment Transactions:
      1. is accurate, complete and free from errors; and
      2. is submitted in an agreed format and transmission channel on a periodical basis as agreed by the Parties.

   3. The Merchant must:

      1. submit to I-SERVE replacement list of Recurring Payment Transactions if the initial list submitted is faulty, corrupted, missing or unreadable; and
      2. be responsible for any unauthorised entries, errors or omissions in the list and to indemnify I-SERVE against all actions, proceedings, claims, demands and losses whatsoever arising from I-SERVE reliance on the list.
   4. Upon receipt of the list of Recurring Payment Transactions from the, I-SERVE will debit the Customer’s Payment Card account for the amount as specified in the list.
   5. If I-SERVE is unable to debit the Customer’s Payment Card account for any reason whatsoever:
      1. I-Serve shall notify the Merchant;
      2. the Merchant must notify the Customer of the unsuccessful debit; and
      3. the Merchant must resolve the payment issue directly with the Customer.

4. Merchant Provides MOTO Service

   1. The Merchant who participates in the MOTO Programme shall deliver the Goods as set out in this MOTO Programme to Customers subject to the terms and conditions of this Item 4 of Schedule 3 and to terms and conditions of the Agreement which shall apply unless otherwise provided for in this clause.
   2. The Merchant must honour all valid Payment Cards when presented for the purchase of Goods via the MOTO Programme provided always that:
      1. the Transaction made is prior to the Payment Card expiration date and the Merchant has received the Approval Code from I-SERVE for the Transaction; and
      2. the Merchant has obtained the proper authorisation via the MOTO form from the Customer for the MOTO.
   3. The MOTO form shall contain the following information:
      1. type of Payment Card;
      2. Customer’s full name or Customer’s name on the Payment Card;
      3. Payment Card number;
      4. Payment Card expiry date;
      5. Transaction Charges in RM;
      6. Transaction date;
      7. The Merchant’s name and address;
      8. brief description of the Goods supplied;
      9. Customer’s postal address and telephone number;
      10. method of delivery of the Goods; and
      11. Customer’s signature.
   4. Pursuant to Item 4.3 of Schedule 3 above, any MOTO forms that are incomplete or have been altered shall be invalid and may not be accepted by I-SERVE.
   5. The cost of producing all MOTO forms or other marketing material and of altering the same in relation to any mailing programmes shall be borne by the Merchant.
   6. The Merchant shall process the MOTO (if applicable) in the following manner:
      1. the Merchant must complete and submit the MOTO form for every valid MOTO received to I-SERVE;
      2. I-SERVE shall obtain the Approval Codes for the respective Transactions and return the MOTO form to the Merchant for fulfilment. The Merchant must fulfil the orders placed via the MOTO form;
      3. where Customer has opted to pay by instalments, the Merchant must complete and submit to I-SERVE the authorisation/payment form in respect of every instalment that is due; and
      4. I-SERVE shall obtain the Approval Codes for the respective instalments and return the authorisation/payment form to the Merchant. The Merchant must complete and submit to I-SERVE for payment within three (3) days on receipt of the MOTO form.
   7. The Merchant must provide a fourteen (14) day trial period during which time the Customer may reject any Goods ordered through the MOTO Programme where full refund of the Transaction Charges must be provided to the Customer.

5. Merchant Provides Easy Payment Plan

   1. The Easy Payment Plan is only valid for payment made via a specific Payment Card as informed by I-SERVE from time to time.
   2. I-SERVE shall prescribe the minimum purchase amount to be entitled for the Easy Payment Plan and the Instalments.
   3. I-SERVE may withhold payment of any amount that are not within the stipulated Instalments as specified in Item 5.2 of Schedule 3 above until I-SERVE has examined the supporting document and verified with the Customer concerned. If in I-SERVE’s opinion, the Transaction is invalid, I-SERVE shall make no payment for such Transaction.
   4. I-SERVE may at its absolute discretion and without any liability, with or without giving prior notice to the Merchant, restrict, limit or increase the Instalments.
   5. The Merchant must disclose in writing, electronically or by another method to the Customer the terms of the Easy Payment Plan, including all cost associated with the purchase of the Goods.
   6. The Merchant shall resolve all disputes or differences on the quality or quantity of the Goods with the Customers who opt for the Easy Payment Plan directly. I-SERVE shall not be concerned with or held liable for any inadequate, defective or damaged Goods or other disputes between the Customer and the Merchant.

6. Merchant’s QR Code

   1. The Merchant must only use the Static QR Code to perform the Transaction for the Merchant’s own sales and not share or duplicate the Static QR Code for use by any other third party.
   2. If the Merchant believes that the Static QR Code has been tampered with or damaged, the Merchant must immediately notify I-SERVE for replacement.

1. The Merchant whose system or environment was compromised or vulnerable to compromise (at the time that the ADC Event or potential ADC Event occurred) is fully responsible for resolving all outstanding issues and liabilities to the satisfaction of ISERVE, the Acquirers or Payment Networks.
2. The Merchant is deemed to be aware of an ADC Event or potential ADC Event under circumstances that include, but not limited to, any of the following:
   1. When The Merchant:
      1. first knew or, in the exercise of reasonable security practices should have knownof an ADC event or a potential ADC event;
      2. is informed, through any source, of the installation or existence of any malware in any of the Merchant’s systems or environments, no matter where such malware is located or how it was introduced;
      3. receives notification from I-SERVE, the Acquirers or Payment Networks, or any other source that the Merchant has experienced an ADC event or a potential ADC event; or
      4. discovers or, in the exercise of reasonable diligence, should have discovered a security breach or unauthorised penetration of the Merchant’s own system or environment.
3. The Merchant must notify I-SERVE, the Acquirers or Payment Networks immediately when the Merchant becomes aware of an ADC Event or potential ADC Event in or affecting any of the Merchant’s system or environment.
4. In the event the Merchant becomes aware of an ADC Event or potential ADC Event in any of the Merchant’s systems or environments, the Merchant must, unless otherwise directed by I-SERVE, the Acquirers or Payment Networks, take the following actions:

   Timeline	Action to be taken by the Merchant
   Immediately	Commence a thorough investigation into the ADC Event or potential ADC Event.
   Immediately, and no later than within twenty-four (24) hours	Identify, contain, and mitigate the ADC Event or potential ADC Event, secure Payment Card data and preserve all information, in all media, concerning the ADC Event or potential ADC Event, including: preserve and safeguard all potential evidence pertinent to a forensic examination of an ADC Event or potential ADC Event; isolate compromised systems and media from the network; preserve all intrusion detection systems, intrusion prevention system logs, all firewall, web, database and event logs; document all incident response actions; and refrain from restarting or rebooting any compromised or potentially compromised system or taking equivalent or other action that would have the effect of eliminating or destroying information that could potentially provide evidence of an ADC Event or potential ADC Event.
   Within twenty-four (24) hours, and on an ongoing basis thereafter	Submit to I-SERVE all known or suspected facts concerning the ADC Event or potential ADC Event, including, by way of example and not limitation, known or suspected facts as to the cause and source of the ADC Event or potential ADC Event.
   Within twenty-four (24) hours and continuing throughout the investigation and thereafter	Provide to I-SERVE, the Acquirers or Payment Networks, in the required format, all Payment Card numbers associated with Payment Card data that were actually or potentially accessed or disclosed in connection with the ADC Event or potential ADC Event and any additional information requested by I-SERVE, the Acquirers or Payment Networks; This obligation applies regardless of how or why such Payment Card numbers were received, processed, or stored, including, by way of example and not limitation, in connection with or relating to a credit, debit (signature or PIN-based) proprietary, or any other kind of Transaction, incentive, or reward program.
   Within seventytwo (72) hours	Engage the services of a PCI SSC Forensic Investigator (PFI) to conduct an independent forensic investigation to assess the cause, scope, magnitude, duration, and effects of the ADC Event or potential ADC Event; The PFI engaged to conduct the investigation must not have provided the last PCI compliance report concerning the system or environment to be examined; Prior to the commencement of such PFI’s investigation, the Merchant must notify I-SERVE, the Acquirers or Payment Networks of the proposed scope and nature of the investigation and obtain preliminary approval of such proposal by I-SERVE, the Acquirers or Payment Networks or, if such preliminary approval is not obtained, of a modified proposal acceptable to I-SERVE, the Acquirers or Payment Networks.
   Within two (2) business days from the date on which the PFI was engaged	Identify to I-SERVE, the Acquirers or Payment Networks the engaged PFI and confirm that such PFI has commenced its investigation.
   Within five (5) Business Days from the commencement of the forensic investigation	Ensure that the PFI submits to I-SERVE, the Acquirers or Payment Networks a preliminary forensic report detailing all investigative findings to date.
   Within twenty (20) Business Days from the commencement of the forensic investigation	Provide to I-SERVE, the Acquirers or Payment Networks a final forensic report detailing all findings, conclusions and recommendations of the PFI; Continue to address any outstanding exposure, and implement all recommendations until the ADC Event or potential ADC Event is resolved to the satisfaction of ISERVE, the Acquirers or Payment Networks.

5. In connection with the independent forensic investigation and preparation of the final forensic report, the Merchant must not engage in or enter into any conduct, agreement, or understanding that would impair the completeness, accuracy, or objectivity of any aspect of the forensic investigation or final forensic report.
6. The Merchant must not engage in any conduct that could or would influence, or undermine the independence of, the PFI or undermine the reliability or integrity of the forensic investigation or final forensic report. By way of example, and not limitation, the Merchant must not take any action or fail to take any action that would have the effect of:
   1. precluding, prohibiting, or inhibiting the PFI from communicating directly with ISERVE, the Acquirers or Payment Networks;
   2. substantively edit or otherwise alter the forensic report; or
   3. directing the PFI to withhold information from I-SERVE, the Acquirers or Payment Networks.
7. Notwithstanding Item 4 of Schedule 4 above, I-SERVE, the Acquirers or Payment Networks may engage a PFI on behalf of the Merchant in order to expedite the investigation. The Merchant on whose behalf the PFI is so engaged will be responsible for all costs associated with the investigation.

8. Ongoing Procedures for ADC Events and Potential ADC Events

   1. From the time that the Merchant becomes aware of an ADC Event or potential ADC Event until the investigation is concluded to the satisfaction of I-SERVE, the Acquirers or Payment Networks, the Merchant must:
      1. provide weekly written status reports containing current, accurate, and updated information concerning the ADC Event or potential ADC Event, the steps being taken to investigate and remediate same, and such other information as I-SERVE, the Acquirers or Payment Networks may request.
      2. preserve all files, data, and other information pertinent to the ADC Event or potential ADC Event, and refrain from taking any actions (e.g., rebooting) that could result in the alteration or loss of any such files, forensic data sources, including firewall and event log files, or other information.
      3. respond fully and promptly, in the manner prescribed by I-SERVE, the Acquirers or Payment Networks, to any questions or other requests (including follow-up requests) from I-SERVE, the Acquirers or Payment Networks with regard to the ADC Event or potential ADC Event and the steps being taken to investigate and remediate same
      4. authorise and require the PFI to respond fully, directly, and promptly to any written or oral questions or other requests from I-SERVE, the Acquirer or Payment Networks, and to so respond in the manner prescribed by I-SERVE, the Acquirer or Payment Networks, with regard to the ADC Event or potential ADC Event, including the steps being taken to investigate and remediate same
      5. consent to, and cooperate with, any effort by I-SERVE, the Acquirers or Payment Networks to engage and direct a PFI to perform an investigation and prepare a forensic report concerning the ADC Event or potential ADC Event, in the event that the Merchant fails to satisfy any of the foregoing responsibilities.
      6. ensure that the compromised entity develops a remediation action plan, including implementation and milestone dates related to findings, corrective measures, and recommendations identified by the PFI and set forth in the final forensic report.
      7. monitor and validate that the compromised entity has fully implemented the remediation action plan, recommendations, and corrective measures.

9. Forensic Report

   1. The Merchant must ensure that the PFI retains and safeguards all draft forensic report(s) pertaining to the ADC Event or potential ADC Event and, upon request of I-SERVE, the Acquirers or Payment Networks, immediately provides to I-SERVE, the Acquirers or Payment Networks any such draft.
   2. The final forensic report must include the following, unless otherwise directed in writing by I-SERVE, the Acquirers or Payment Networks:
      1. a statement of the scope of the forensic investigation, including sources of evidence and information used by the PFI;
      2. a network diagram, including all systems and network components within the scope of the forensic investigation. As part of this analysis, all system hardware and software versions, including POS applications and versions of applications, and hardware used by the compromised entity within the past twelve (12) months, must be identified;
      3. a Payment Card Transaction flow depicting all Points of Interaction (POIs) associated with the transmission, processing, and storage of Payment Card data and network diagrams;
      4. a written analysis explaining the method(s) used to breach the subject entity’s network or environment as well as method(s) used to access and exfiltrate Payment Card data;
      5. a written analysis explaining how the security breach was contained and the steps (and relevant dates of the steps) taken to ensure that Payment Card data are no longer at risk of compromise;
      6. an explanation of investigative methodology as well as identification of forensic data sources used to determine final report findings;
      7. a determination and characterisation of Payment Card data at-risk of compromise, including the number of Payment Cards and at-risk data elements;
      8. the location and number of Payment Cards where restricted Payment Card data, whether encrypted or unencrypted, was or may have been stored by the entity that was the subject of the forensic investigation. This includes restricted Payment Card data that was or may have been stored in unallocated disk space, backup media, and malicious software output files.

1. Direct Marketing - Travel-Related Arrangement Services
2. Direct Marketing - Outbound Telemarketing Merchants
3. Outbound telemarketers
4. Direct Marketing - Continuity / Subscription Merchants
5. Direct Marketing - Other Direct Marketers - not elsewhere classified
6. Direct Marketing - Inbound Telemarketing Merchants
7. Multi-level marketing businesses, Unlicensed Multi-level marketing
8. Rebate-based business and up-selling merchants
9. Pyramid or Ponzi scheme, matrix program and other "get rich quick" schemes
10. Telemarketing
11. Time sharing
12. Gold bar
13. Investment scheme
14. Buyers’ Club / Membership clubs
15. Key-entry Telecom Merchant providing single local and long-distance phone calls using a central access number in a non–face-to-face environment using key entry
16. Telecommunication Services including but not limited to prepaid phone services and recurring phone services
17. File sharing services
18. Illegal downloads of movies, music, computer and video games or software
19. Items or downloads infringe or violate copyright, trademark, right of publicity or privacy or any other proprietary right under the laws of any jurisdiction
20. Counterfeit designer/luxury goods
21. Stolen goods including digital and virtual goods
22. Drugs, Drug Proprietors, and Druggists Sundries
23. Drug Stores, Pharmacies
24. Drugs, drug paraphernalia and drug test circumvention aids
25. Miracle Cures
26. Internet pharmacies / Internet pharmacy referral site
27. Counterfeit pharmaceutical products
28. Cigar Stores and Stands
29. Tobacco / Cigar / Electronic Cigarette / Nicotine content products
30. Counterfeit tobacco products (e.g. cigarettes, cigars)
31. Alcohol
32. Video Entertainment Rental Stores
33. Gambling transaction, gaming and/or any other activity with an entry fee and a prize, includes casino games, sports betting, horse, dog or greyhound racing, lottery tickets, other ventures that facilitate gambling, games of skill (whether or not it is legally defined as a lottery), sweepstakes and non-sports intrastate internet
34. Credit Counseling / Credit repair services
35. Credit repair or debt settlement services, credit transactions or insurance activities
36. Credit protection / Identity thief protection
37. Associated with purchases of annuities or lottery contracts, lay-away systems, off-shore banking or transactions to finance or refinance debts funded by a credit card
38. Associated with the sale of traveler's checks or money orders
39. Check cashing businesses
40. Currency and forex
41. Firearms / weapons
42. Fireworks and hazardous materials
43. Pornography and adult content
44. Sexually oriented materials or services
45. Items that are considered obscene
46. Human remains and body parts
47. Sale of a good or service, including an image, which is patently offensive and lacks serious artistic value (such as images of non-consensual sexual behavior, sexual exploitation of a minor, non-consensual mutilation of a person or body part, and bestiality)
48. Payment aggregator
49. Items promote hatred, racism, religious persecution or contain offensive content
50. Items encouraging illegal activity
51. Involve the sales of products or services identified by government agencies to have a high likelihood of being fraudulent.