|
monitor, clean up, remove, contain, treat, detoxify or neutralize Pollutants, or in any way respond to or assess the effects of
<br />Pollutants;
<br />K. any Data Security Event that was not properly reported to TMS during the Notice Period;
<br />L. any Data Security Event occurring before the effective date of this CCAP between TMS and MERCHANT, or after the
<br />termination of CCAP;
<br />M. any expenses incurred for, or as a result of, regularly scheduled, recurring or routine security assessments, regulatory
<br />examinations, inquiries or compliance activities;
<br />N. any: (1) gaining of a profit or advantage to which the TMS or MERCHANT is not legally entitled, or (2) MERCHANT's expenses
<br />or charges (other than Security Event Expenses), including employee compensation and benefits, overhead, over-charges or cost
<br />over-runs;
<br />0. any Data Security Event first discovered by MERCHANT after the effective date and time of the expiration, cancellation or non-
<br />renewal of this CCAP regardless of when the Data Security Event actually occurred;
<br />P. any Security Event Expenses arising out of or resulting, directly or indirectly, from the infringement of copyright, patent,
<br />trademark, trade secret or other intellectual property rights; or
<br />Q. any Security Event Expenses alleging, arising out of or resulting, directly or indirectly, from any discrimination against any
<br />person or entity on any basis, including but not limited to: race, creed, color, religion, ethnic background, national origin, age, handicap,
<br />disability, sex, sexual orientation or pregnancy.
<br />R. any fines or assessment levied against MERCHANT that are not the direct result of a Data Security Event;
<br />S. any Data Security Event arising out of any software not under license to MERCHANT; provided, however, this exclusion shall
<br />not apply to a Data Security Event arising out of a virus, Trojan horse or other software used by a third party to obtain fraudulent
<br />access to data on MERCHANT's computer system or to collect data in transit to or from MERCHANT's computer system; or
<br />T. any Data Security Event arising out of a breach in a computer system in which MERCHANT shares a common database(s),
<br />operating system(s) and/or software application(s) on a single piece of equipment at a single location with one or more legal entities
<br />who share no legal relationship to one another.
<br />VI. LIMITS TO SCOPE OF PAYMENTS
<br />A. The following limits on payment amounts shall apply under this CCAP:
<br />Annual Data Security Event Limit: $ 1,000,000
<br />Annual Per Merchant Limit: $ 1,000,000
<br />Annual Per MID Limit: $ 100,000
<br />B. On an annual basis, the most TMS will pay for the total of all Security Event Expenses and Post Event Services Expenses
<br />arising out of or related to any single Data Security Event during the term of the Program and reported to TMS within the Notice
<br />Period is the Annual Data Security Event Limit noted above, regardless of the number of merchants or MIDs involved with or impacted
<br />by such Data Security Event.
<br />C. On an annual basis, the most TMS shall pay for the total of all Security Event Expenses and Post Event Services Expenses
<br />arising out of or related to MERCHANT is the Annual Per Merchant Limit noted above, regardless of the number of Data Security
<br />Events first discovered by MERCHANT during the term of the Program and reported to TMS within the Notice Period.
<br />D. On an annual basis, the most TMS shall pay for the total of all Security Event Expenses and Post Event Services Expenses
<br />arising out of or related to any MID is the Annual Per MID Limit noted above, regardless of the number of Data Security Events first
<br />discovered by MERCHANT during the term of this CCAP and reported to TMS within the Notice Period and subject to the Annual Per
<br />Merchant Limit set forth in Section VI (A) above.
<br />E. All Security Event Expenses and Post Event Service Expenses resulting from the same, continuous, related or repeated
<br />Data Security Events shall be subject to the terms, conditions, exclusions and above payment of this CCAP as in effect at the time the
<br />first such Data Security Event is first discovered by MERCHANT.
<br />VIII. OTHER PROVISIONS AFFECTING SCOPE OF ASSISTANCE
<br />A. Coverage Territory
<br />Subject to its terms, conditions and exclusions, this CCAP applies to a Data Security Event occurring, and Security Event Expenses
<br />incurred, anywhere in the world during the term of the CCAP.
<br />B. Term and Termination of the CCAP
<br />The Initial Term of this CCAP shall commence on the latter of: (i) August 1, 2011; or (ii) the EFFECTIVE DATE of the Merchant
<br />Transaction Processing Agreement, and shall continue to be in effect unless terminated as set out below.
<br />This CCAP shall be deemed terminated immediately: (i) in the event MERCHANT and TMS cease to be parties to a Merchant
<br />Transaction Processing Agreement; (ii) if TMS elects, in its sole determination, to discontinue offering the CCAP in whole or in part for
<br />201108 MTPA Terms and Conditions Page 26 of 35 CONFIDENTIAL
|