User Agreement
In the context of the execution of this Agreement, Personal Data are processed. Keenli Solutions Inc. processes Personal Data i) in the context of its Payment Services; ii) in connection with statutory obligations; iii) to ensure the safety and integrity of the financial sector, for example by identifying, investigating, preventing and actively countering (attempted) criminal/illegal conduct; and iv) to analyse, develop and improve our services and products. In our Privacy Statement we explain in more detail how and for what purposes we collect, use, retain, disclose and safeguard the Personal Data Keenli Solutions Inc. processes of you and your Customers.
With respect to the processing of Personal Data, both Parties are controllers within the meaning of the EU General Data Protection Regulation, insofar as they independently determine the purposes and means of the processing. To that end, each Party is solely responsible for the Personal Data which it processes and ensures compliance with Data Protection Laws. If required, Parties will inform each other of the security measures taken.
You undertake that you comply with all requirements set by applicable Data Protection Laws for the processing of Personal Data as presented to the Payment Module by you as the Organisation or by your Customers. Should you fail to comply with these obligations, or in the event that an Intermediary or a Financial Institution, court or government institution so requests or requires of Keenli Solutions Inc., Keenli Solutions Inc. will be entitled to suspend its obligations with respect to you.
If applicable to you, you must comply with the rules as set out in the relevant parts of the Payment Card Industry Data Security Standards (PCI-DSS) and the Payment Application Data Security Standards (PA-DSS). If, in spite of this, an “Account Data Compromise” (ADC) occurs nevertheless, and it occurs through your actions, you will be liable for this. In the event that Keenli Solutions Inc. and/or an Intermediary conducts an investigation as a result of an ADC, and costs are involved in this investigation, you hereby accept these costs, fines and penalties in advance, only, however, insofar as Keenli Solutions Inc. has shared the amount, or an indication, of these costs beforehand with you. You can find information on PCI-DSS on the website of the PCI Council.
If Keenli Solutions Inc. considers it necessary to verify whether you meet the aforementioned PCI standards, you must immediately provide the documents from which this is clearly and unambiguously evident. You declare that you will only use suppliers that meet the PCI standards when it comes to the storage and transmission of payment data, particularly concerning, but not limited to, the card number (referred to as the Primary Account Number or PAN), the expiration dates of cards and the CVV2 code. You are advised not to store any such data at all, and you are aware that it is strictly prohibited at all times to store the CVV2 code in any form.
In your contract with your Customer, or in the general terms and conditions applicable to the relationship with your Customer, you must state that you use Keenli Solutions Inc. for the processing of Transactions, and that Personal Data of your Customer are shared with Keenli Solutions Inc. and its affiliates in this context. If applicable, you must ensure that your Customer, directly or indirectly, gives Keenli Solutions Inc. and its affiliates all required (explicit) consents as referred in applicable Data Protection Laws.
Keenli Solutions Inc. is responsible for the protection of Personal Data in its possession, and will take all administrative, technical and physical measures reasonable from a commercial point of view to protect your Personal Data and payment data against unauthorised access or unintended loss or alteration. Notwithstanding the above, Keenli Solutions Inc. cannot guarantee that unauthorised third parties will never be able to breach or circumvent the security measures taken by Keenli Solutions Inc. and use the Personal Data and/or payment data for malafide purposes. You accept this risk if you provide us with your own and your Customers’ Personal Data. You are fully responsible for the protection of the Personal Data you process via your Website(s), your app, or you otherwise have in your possession.
In the event of a (suspected) data breach at your Organisation, in which payment data may be involved, you must notify Keenli Solutions Inc. of this data breach without delay, and under no circumstances later than two days (48 hours) after discovery of the data breach. Keenli Solutions Inc. or another Financial Institution may request additional information on this data breach, in which case you must provide such information without delay.
Each Party undertakes to take all necessary steps to keep Personal Data confidential. Keenli Solutions Inc. makes Personal Data available to third parties solely i) in the context of the Payment Services; and ii) where legally required. In other situations, Parties refrain from making any Personal Data available to any third party without the prior written consent of the other Party except for Keenli Solutions Inc. where necessary to perform the services.
In addition, in case Keenli Solutions Inc. receives complaints or questions from your Customers about you, Keenli Solutions Inc. can share your contact information with your Customers.