Terms and Conditions for the Account Information Services

Dated 5th December 2022

These terms and conditions govern the provision of account information services, aggregating account information from financial institutions, in accordance with an end user instructions (the “Services'') currently provided by SIA “Nordigen Solutions” (registration no.40103982535), a limited liability company registered under laws of the Republic of Latvia (hereinafter referred to as Nordigen) to you (hereinafter - You or Partner). Nordigen SIA was acquired by GoCardless (as defined below) in July 2022. As a result of such acquisition, the parties are currently going through an integration period. Throughout this integration period, the Services shall be provided by Nordigen and GoCardless S.A.S, with company number 834422180 and registered address 7 Rue de Madrid, 75008 Paris, France for all services provided to Partners located in the European Economic Area and by GoCardless Ltd with company number 07495895 and registered address Sutton Yard, 65 Goswell Road, London, England, EC1V 7EN for the provision of services provided to Partners located in the United Kingdom and the rest of the world (with the exception of the European Economic Area) (hereinafter jointly and independently referred to as “GoCardless”). From 1 April 2023, the Services shall be provided solely by GoCardless and Norgiden shall no longer be a party of these Terms and Conditions. Nordigen and GoCardless shall jointly and severally be defined as the Service Provider.

In order to access and use the Services it is required to register and create a user account on the Service Provider’s website. By registering to access and use the Services, You:

  • Are entering into this Agreement on behalf of yourself or the legal entity (company) You represent;
  • Agree to be bound by the terms and conditions of this Agreement;
  • Confirm that You are at least 18 years old or You have reached the legal age in the jurisdiction where You reside;
  • Are using the Services for legitimate interests;
  • Confirm that You have the legal capacity to enter into this Agreement;and
  • Confirm that You have read and acknowledged the terms and conditions of this Agreement.

These terms and conditions along with other terms (Privacy Policy) that are accepted in order to access and use the Services constitute a legal and binding agreement (hereinafter referred to as Agreement) between You or the legal entity You represent and the Service Provider.

If You do not agree to the terms and conditions of this Agreement, You cannot access and use the Services.

When providing the Services, Nordigen is a licensed payment institution that provides only account information services, supervised by the Latvian financial supervisory authority – Financial and Capital Market Commission and registered in the register of licensed institutions of the Financial and Capital Market Commission. Nordigen’s contact details can be found on our website - https://nordigen.com/en/company/contact-us/. GoCardless Ltd is a licensed payment institution supervised by the the Financial Conduct Authority of the United Kingdom and GoCardless S.A.S is also a licensed payment institution supervised by the French Autorité de Contrôle Prudentiel et de Résolution (the “ACPR”). Further details about GoCardless can be found at www.gocardless.com. GoCardless can be contacted by sending an email to help@gocardless.com.

1. THE SERVICES

1.1. The Services enable the Partner to:

  • access and view information relating to its payment accounts (hereinafter Account Information); and
  • access the Service Provider’s open banking API according to the API documentation to retrieve Partner’s end user Account Information for the purpose of providing its services to the end users.

1.2. Each end user of the Partner’s services will be presented with a clear and visible consent screen which will enable the end user to acknowledge and agree that the end user’s Account Information will be retrieved by the Service Provider and provided to the Partner prior to performing the Services. The Service Provider and Partner agree to ensure that the consent screen at all times will include clear and visible links to the Service Provider’s end-user terms and conditions and the Service Provider’s end-user privacy policy (agreement between the Service Provider and end-user). Partner throughout its use of Services is obliged to clearly indicate that the Services are performed by the Service Provider in a manner which is not misleading to the Partner’s end users and may also use the Service Provider’s trademark and logo solely for this purpose. The Service Provider shall have the right to provide Partner with additional binding instructions to use the Services and Partner undertakes to comply with such instructions immediately.

1.3. Provision of the Services is a subject to API connections established and maintained between financial institutions and the Service Provider. The Service Provider shall keep an updated list of established connections available on its website. Partner acknowledges that provision of Services is dependent on financial institutions in respect of initial access to Account Information, therefore, the Service Provider cannot guarantee the availability of or quality of such elements of the Services that are outside of the Service Provider’s control.

1.4. The Services may include additional API services e.g. data cleansing, transaction categorization, data enrichment and similar, which are performed after retrieval of Account Information. You may choose to enable additional services at Your sole discretion. Additional services may be subject to fees which will be presented or communicated to You prior to enabling a specific service.

2. INFORMATION HANDLING

2.1. When performing Services, the Service Provider and Partner shall be considered as separate data controllers in terms of European Union General Data Protection Regulation No 2016/679 (hereinafter - GDPR ). Once the Account Information is transferred to Partner, Partner acts as an independent data controller. The Service Provider confirms that where data processed and stored by the Service Provider is personal data according to the GDPR, the Service Provider will process such personal data in accordance with GDPR and the applicable personal data protection laws. Partner undertakes to collect, use or otherwise process personal data contained in Account Information in accordance with the GDPR and/or other applicable data protection laws.

2.2. To provide Services, the Service Provider will collect and process certain personal data from Partners and about Partners. The Service Provider will process such data according to practices described in the Privacy Policy. By entering into Agreement, You accept and agree to the terms and conditions of the Privacy Policy and that the Service Provider may process Your data for the purpose of providing the Services and other purposes stated in the Privacy Policy.

2.3. The Service Provider shall immediately notify the Partner upon becoming aware that Account Information has been disclosed to an unauthorised third party due to an incident.

3. PAYMENTS

The Services are, or may in the future be, subject to payment of fees. Where this is the case, such fees will be presented to the Partner in the process of registering or using the Services. Fees and accompanying payment terms presented are deemed part of this Agreement. The relevant charges may be payable in advance, in arrears, per usage, or as otherwise described by the Service Provider. By accessing and using the Services, Partner agrees to the applicable fees at the Service Provider’s prices indicated by the Service Provider and authorizes the Service Provider to charge the Partner in accordance with the Service Provider’s payment terms by issuing an invoice or by integrated payment solutions. Any fees paid hereunder are non-refundable.

4. LIABILITY AND WARRANTIES

4.1. The Services are provided on an "as is" and “as available” basis, without warranties of any kind. The Service Provider shall not accept any liability or responsibility for any use of or reliance on the Services, the content of the Services, outputs from the Services. The Service Provider shall not be liable for any disruptions or delay in the provision of the Services. Partner is aware that the Service Provider does not have any control over the data maintained by financial institutions and account servicing payment service providers and acknowledges that the Service Provider makes no warranty in respect of the data quality of the Account Information, nor of it being accurate or complete.

4.2. Partner acknowledges and agrees it is solely responsible for the provision of its own services, and undertakes to ensure that Partner and Partner services are provided in compliance with applicable laws and regulations at all times. The Service Provider does not undertake any liability towards stability or availability of Partner services.

4.3.Partner shall not commit actions that would endanger the safety of the Services. If Partner commits any acts or omissions that endanger the safety of the Services, Account Information and/or personal data that is part of Account Information, Partner shall be responsible and liable for such acts and omissions and any and all losses and damages thereby caused to the Service Provider. If the Service Provider has any indication of a security breach or any suspicious or unusual activity, it has the right to unilaterally shut down the Services until clarifying the circumstances. The Service Provider shall inform Partner of any such events as well as of restoring the Services without undue delay and will immediately carry out all necessary actions in accordance with Privacy Policy and applicable laws to ensure the safety of personal data in possession of the Service Provider.

4.4. The Service Provider expressly disclaims any liability, in respect of any damage, expense or other loss arising from accessing and using the Services, including any decisions or outcomes of decisions that Partner makes or may make based on the result of using the Services or any information provided to Partner by the Service Provider. Under no circumstances shall the Service Provider be liable for loss of profit or any other indirect damages or loss, including any liability of the other party to compensate a third party. Notwithstanding anything to the contrary herein the Service Provider’s aggregate liability hereunder shall always be limited to a total sum equal to the fees paid by Partner during the calendar year of the damaging event. Any claims for damages under this Agreement shall be submitted not later than three months after the Partner becomes aware of the basis for the claim, however never later than six months from the expiration or termination of Partner’s use of the Services.

4.5. Partner shall indemnify and hold the Service Provider harmless from all claims and all direct, indirect or consequential liabilities (including loss of profits, loss of business, depletion of goodwill and similar losses), costs, proceedings, claims, damages and expenses (including legal and other professional fees and expenses) awarded against, or incurred or paid by, the Service Provider, or any of its affiliates, as a result of or in connection with Partner’s failure to comply with the requirements of any of the terms of this Agreement and/or applicable laws.

4.6. The Service Provider shall take reasonable effort to settle any interruptions in the Services. In case of any planned technical works that may cause interruption in the Services, the Service Provider will alert the Partner via email before commencement of the planned technical works. In case of unexpected interruptions due to financial institution APIs the Service Provider will alert the Partner via email upon becoming aware of any interruptions.

5. INTELLECTUAL PROPERTY AND LICENSE GRANT

5.1. "Intellectual property rights" shall mean all past, present or future rights, including but not limited to copyrights, moral rights, trademarks (trade names and service marks), inventions, patents (including patent applications), trade secrets, know-how, database, any other right in intellectual property of every kind and nature and also right in or relating to registrations, renewals, extensions, combinations, divisions, and reissues of and applications to register any of the rights referred to above as recognised in any country or jurisdiction in the world.

5.2. Partner acknowledges and agrees that the Service Provider hereby retains all right, title and interest in and to all intellectual property objects related to the Services and any improvements or upgrades to the Services developed from or derived from Account Information.

5.3. The Service Provider hereby grants to the Partner a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to use the Services, and the outputs obtained in result of using the Services during the term of this Agreement and according to terms of this Agreement.

5.4. Partner shall use the Services only for the purposes that are permitted by the Service Provider and as described in this Agreement. Partner agrees that it shall not, either directly or indirectly (except as expressly permitted in this Agreement):

  • engineer, disassemble, decompile or otherwise attempt to derive source code from the Services (to the extent such restriction is permitted by applicable laws);
  • modify, adapt, translate, or create derivative works based on the Services;
  • reproduce any portion of the Services;
  • use the Services to store or transmit infringing or otherwise unlawful or tortious material, malicious code, worms, viruses, Trojan horses, or any other malware, disruptive or harmful software;
  • interfere with or disrupt the integrity or performance of the Services or third-party data contained therein;
  • attempt to gain unauthorised access, breach, override or otherwise circumvent any authentication or security mechanisms to the Services as well as other the Service Provider’s intellectual property or its related systems or networks;
  • permit direct or indirect access to the Services and other intellectual property or content in a way that circumvents any restrictions built into the Services; and
  • disseminate, market, license, sub-license, sell, resell, lease, transfer, assign, distribute, timeshare, let, rent, give somebody the loan of, or sub-authorize any element of the Services except as expressly permitted by the Service Provider.

5.5. Partner acknowledges that the Services may contain third-party intellectual property, which is not owned by the Service Provider, and may be subject to additional restrictions imposed by the third-party intellectual property licensor. Partner agrees to abide by such additional restrictions.

6. AGREEMENT TERM AND TERMINATION

6.1. This Agreement comes into force when You accept the terms and conditions herein and shall remain in force until the Agreement is terminated or the Partner's account is deleted.

6.2. Partner acknowledges that the Service Provider has the right to terminate or suspend this Agreement and/or Partner's access to all or any part of the Services at any time, with or without cause, with or without notice, effective immediately. You may terminate the Agreement or delete the Partner’s account at any time by following the instructions on the Service Provider’s website.

6.3. All provisions of the Agreement, which by their nature should survive termination, shall survive, including but not limited to, confidentiality, ownership provisions, warranty disclaimers, indemnity and limitations of liability.

6.4. In case of inactivity for more than three months the Service Provider may delete Your account at its sole discretion.

7. CONFIDENTIALITY

7.1. Partner undertakes not to disclose the Account Information, any personal data or any other confidential information which it has obtained from the Service Provider in connection with the Services to any third person unless otherwise set forth in this Agreement and/or Privacy Policy. Partner agrees that all information exchanged in connection with the Services shall be processed in accordance with applicable laws and regulations, this Agreement and Privacy Policy. Confidential information includes any data and/or information that is proprietary to Partner and the Service Provider and not generally known to the public, regardless of the medium in which it has been recorded or preserved, whether oral, written or otherwise, whenever and however, disclosed by a party to the other party or which has become known to party in any other manner pursuant to or in connection with this Agreement. The Service Provider shall ensure that Account Information and confidential information shall be disclosed only to those employees of the Service Provider who are covered by a confidentiality obligation. The Service Provider shall ensure that its employees, who carry out data processing, use the data only to the extent necessary for the performance of the Services, this Agreement and Privacy Policy.

7.2. Disclosure will not be considered as a breach of the Agreement only in the following cases:

7.2.1. Confidential information is disclosed by a party after this confidential information has become publicly known or available regardless of parties (i.e. not as a result of a relevant party);

7.2.2. Confidential information is disclosed in order to comply with applicable law or court order, in which case, if possible, with prior written confirmation of the other party;

7.2.3. Confidential information is disclosed by Partner to other entities in the same group with the Partner, if such entities are bound by the obligation to observe the confidentiality of the information; or

7.2.4. Confidential information is disclosed to the sub-contractor and/or sub-processor of the Service Provider engaged by the Service Provider.

7.3.The Service Provider, for marketing purposes, discloses publically or to third parties that You use the Services.

7.4. Parties undertake to respect the confidentiality rules set forth in this Agreement, while this Agreement is in force, as well as in case of terminating this Agreement without any time limit after the termination.

8. OTHER RULES

8.1. Partner agrees that this Agreement shall be governed by and has been concluded in accordance with the laws of Latvia. From 1 April 2023, the applicable law shall be English and Welsh Law and the courts shall be those of England and Wales.

8.2. If a dispute arises between Parties in connection with (execution of) this Agreement, Parties shall make every effort to resolve them through amical and good faith negotiations. Written answers to any claims from the Partner shall be provided within 30 (thirty) days as of receiving the claim. If it proves impossible to resolve the dispute through negotiations, Parties shall settle the dispute in the courts of Latvia in accordance with the laws of Latvia. Relations between Parties, which are not stated in this Agreement, shall be regulated in accordance with the laws of Latvia. If any part of this Agreement (partly or in whole) is held to be invalid or unenforceable, such determination shall not invalidate any other provision of Agreement unless the deletion of such provision(s) would result in such a material change so as to cause the actions and transactions contemplated herein to be manifestly unreasonable. For the avoidance of doubt, from 1 April 2023, the applicable law shall be English and Welsh Law and the courts shall be those of England and Wales.

8.3. A failure by the Service Provider at any time or times to require performance of any provisions of this Agreement shall in no manner affect the Service Provider’s right to enforce the same, and the waiver by the Service Provider of any breach of any provision of this Agreement shall not be construed to be a waiver by the Service Provider of any other subsequent breach or waiver by the Service Provider of any breach of any other provision hereof.

8.4. This Agreement and the rights and obligations specified herein shall not be assignable by Partner except with the Service Provider prior written consent.

8.5. The Service Provider has the right to change the terms and conditions of this Agreement solely at any time. In case of amending the terms and conditions of this Agreement, the Service Provider will notify Partner via the Service Provider’s website, via email or other means of electronic communication. Partner may be asked to accept any changes made, but it is Partner’s responsibility to check the terms of this Agreement periodically. Partner’s continued use of the Services following notification of any changes to the terms of this Agreement shall constitute acceptance of those changes. If Partner does not accept the changed terms and conditions of this Agreement, the Service Provider has the right to terminate this Agreement and close Partner’s account.