Merchant Saved Payment Method Terms & Conditions

These Terms and Conditions are effective August 10^th, 2025.

These Merchant Saved Payment Method Disclaimer and Terms & Conditions ("Saved Payment Method Terms") govern your use of the Saved Payment Method service, which is provided by Stripe ("Saved Payment Method Service") and offered through the Cin7 Americas, Inc. (“Cin7,” ‘we,” or “our”) Core and Omni platforms (together, the “Cin7 Platform”). In addition to all other Cin7 terms and conditions to which you are subject (collectively, the “Cin7 Terms”) and without limiting any of our rights under the Cin7 Terms, by enabling and using the Saved Payment Method Service, you agree to be bound by these Saved Payment Method Terms in connection with your use of the Saved Payment Method Service and that you have the authority to agree to and act on behalf of any entity for whom you are using the Saved Payment Method Service and all references to “you” or “your” in these Saved Payment Method Terms will be references to such third party.

1. Merchant Responsibilities and Obligations

1.1 Compliance with Laws, Regulations, Standards, and Other Requirements 

You are responsible for:
a) Complying with all applicable laws, regulations, and rules related to storing, processing, and transmitting customer payment method information, including but not limited to the Payment Card Industry Data Security Standards (“PCI-DSS”).
b) Maintaining PCI-DSS compliance at all times while storing customer payment method information. This includes implementing and maintaining all required security measures to protect cardholder data.
c) Complying with all applicable privacy laws and regulations regarding the collection, use, storage, and protection of customer information, including payment method information.
d) Complying with all Stripe terms, policies, and requirements applicable to the Saved Payment Method Services, as may be modified by Stripe from time to time (collectively, the “Stripe Terms”).
e) Complying with all other Cin7 Terms, as may be modified by Cin7 from time to time.

1.2 Authorization and Consent

You must:
a) Obtain explicit consent from customers before storing their payment method information. This consent must be clear, informed, and documented.
b) Provide customers with clear information about how their payment method information will be stored, used, and protected.
c) Maintain records of customer consent for storing payment method information for the duration of storage and as required by applicable laws, rules, and regulations.
d) Honor customer requests to remove their payment method information from your files promptly.

1.3 Transaction Processing

You are responsible for:
a) All transactions initiated using stored payment method information and for verifying that the person authorizing the transaction is the legitimate cardholder or their authorized representative.
b) Implementing appropriate authentication measures to verify the identity of customers when processing transactions using stored payment method information.
c) Ensuring that transactions are only processed for legitimate business purposes and in accordance with the terms agreed upon with your customers.
d) Maintaining accurate records of all transactions processed using stored payment method information.

1.4 Security Requirements

You must:
a) Implement and maintain appropriate technical, physical, and administrative safeguards to protect stored payment method information from unauthorized access, use, disclosure, or theft.
b) Regularly monitor and test your systems and processes to ensure the security of stored payment method information.
c) Immediately notify Cin7 and Stripe of any actual or suspected security breach that may affect stored payment method information.
d) Cooperate fully with any investigation related to a security breach involving stored payment method information.
e) Limit access to stored payment method information to only those employees who have a legitimate business need to access such information.

2. Liability and Indemnification

2.1 Merchant Liability

You acknowledge and agree that:
a) You are fully liable for any unauthorized use, disclosure, or theft of stored payment method information.
b) You are responsible for any fines, penalties, or assessments imposed by card networks, regulatory authorities, or other third parties resulting from your use of the Saved Payment Method Service.
c) You are liable for any chargebacks, disputes, or claims related to transactions processed using stored payment method information.

2.2 Indemnification

You agree to indemnify, defend, and hold harmless Cin7, Stripe, and its and our respective officers, directors, employees, and agents from and against any and all claims, liabilities, damages, losses, costs, expenses, fines, or fees (including reasonable attorneys' fees) arising from or relating to:
a) Your use of the Saved Payment Method Service.
b) Your violation of these Saved Payment Method Terms or any applicable laws or regulations.
c) Any unauthorized access to, use of, or disclosure of stored payment method information in connection with your use of the Saved Payment Method Service.
d) Any transaction processed using payment stored method information in connection with your use of the Saved Payment Method Service.

3. Limitations and Restrictions

3.1 Prohibited Activities

You shall not:
a) Store payment method security codes (CVV/CVC) or PIN data, even temporarily.
b) Store complete magnetic stripe or chip data from payment cards.
c) Use stored payment method information for any purpose other than processing legitimate transactions authorized by the cardholder.
d) Share, sell, or transfer stored payment method information to any third party without explicit authorization from both the cardholder and Cin7.
e) Subject to 3.1(a), store payment method information longer than necessary for legitimate business purposes.

3.2 Service Limitations

You acknowledge that:
a) The Saved Payment Method Service is provided through Stripe, and its availability and functionality are subject to Stripe's Terms.
b) We reserve the right to modify, suspend, or terminate the Saved Payment Method Service at any time, with or without notice.
c) We may impose transaction limits or other restrictions on your use of the Saved Payment Method Service based on risk assessments, compliance requirements, or other factors.

4. Data Breach Response

In the event of a data breach involving stored payment method information, you must:
a) Immediately notify us and Stripe of the breach.
b) Take all necessary steps to contain and mitigate the breach.
c) Cooperate fully with any investigation conducted by us, Stripe, card networks, or regulatory authorities.
d) Provide all information requested by us, Stripe, card networks, or regulatory authorities regarding the breach.
e) Cooperate fully with any remediation efforts conducted by us or Stripe.
f) Bear all costs associated with the breach, including but not limited to investigation costs, notification costs, card replacement costs, fraud losses, and any fines or penalties imposed by card networks or regulatory authorities.

5. Termination

We may terminate your access to the Saved Payment Method Service immediately and without notice, with or without cause, including for the following reasons:
a) You violate these Saved Payment Method Terms or any applicable laws or regulations.
b) We reasonably believe that your use of the Saved Payment Method Service poses a security risk.
c) Stripe terminates or suspends your access to its services.
d) We terminate our relationship with Stripe or Stripe discontinues the Saved Payment Method Service.
e) Your subscription to the Cin7 Platform terminates for any reason.

6. Disclaimer of Warranties; Limitation of Liability

THE SAVED PAYMENT METHOD SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT ANY WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED AND YOUR USE OF THE SAVED PAYMENT METHOD SERVICE IS AT YOUR SOLE RISK. TO THE FULLEST EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES WITH RESPECT TO THE SAVED PAYMENT METHOD SERVICE, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR COURSE OF PERFORMANCE.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT SHALL CIN7 BE LIABLE OR RESPONSIBLE TO YOU (OR ANY OTHER PERSON) IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES OR LOSS (INCLUDING BUT NOT LIMITED TO LOSS OR CORRUPTION OF INFORMATION, LOSS OR CORRUPTION OF DATA, THE COST OF RECOVERING SUCH DATA OR INFORMATION AND ANY LOSS OF BUSINESS PROFITS, SAVINGS, GOODWILL, REPUTATIONAL DAMAGE, REFUNDS OR CHARGEBACKS INCURRED, BUSINESS OR ANTICIPATED BUSINESS) OR DAMAGE ARISING OUT OF OR IN CONNECTION WITH ANY USE OF, OR RELIANCE ON, OR INABILITY TO USE OR RELY ON THE SAVED PAYMENT METHOD SERVICE. THE MAXIMUM AGGREGATE LIABILITY OF CIN7 TO YOU FOR ANY REASON RELATING TO THE SAVED PAYMENT METHOD SERVICE WILL BE LIMITED TO U.S. $100.

7. Acknowledgment

You acknowledge that you understand the risks associated with the Saved Payment Method Service and accept full responsibility for implementing appropriate security measures in connection with the Saved Payment Method Service. In the event of a conflict between these Saved Payment Method Terms and any other Cin7 Terms, these Saved Payment Method Terms govern. As between you and Stripe, the Stripe Terms govern.