Terms and Conditions
Belvo’s Terms and Conditions are part of a potential agreement between Belvo (“Belvo”, “we”, “our”) and you (“the Client”, “Client”, “you”), who wishes to use Belvo Services. The Terms and Conditions listed below, are the fundamental provisions that will govern the relationship between Belvo and the Client (collectively referred to as “Parties”), however, it does not contain all the legal provisions applicable to the relationship between the Parties. In order to subscribe to our services these Terms and Conditions will be complemented by the Service Order and Subscription Agreement, which include the Price Schedule and Term for the Contract. If you would like more information about this, send us a note to firstname.lastname@example.org.
Section 1: About Belvo
Section 2: Definitions
Section 3: Scope of Terms and Conditions
Section 4: Services
Section 5: Trial period
Section 6: Amount and method of payment
Section 7: Intellectual property rights
Section 8 : Client obligations
Section 9: Warranties and responsibilities
Section 10: Reports and audits
Section 11: Protection of personal data
Section 12: Term and termination
Section 13: Confidentiality
Section 14: Notices
Section 15: Assignment
Section 16: Modification, without waiver
Section 17: Severability
Section 18: Force majeure
Section 19: Hierarchy
Section 20: Monitoring
Section 21: Applicable law and jurisdiction
ANNEX I: Services provided by Belvo
ANNEX II: Agreement for the treatment and transfer of personal data
Other relevant policies that should be read alongside these Terms and Conditions:
Section 1: About Belvo
WHO WE ARE
For the purposes of these Terms and Conditions, when we refer to Belvo, we may be referring to:
- Belvo Technologies, SAPI de CV, a Mexican company duly incorporated and validly existing under the laws of Mexico, with address at Av. Pdte. Masaryk 61, Polanco V Secc, Miguel Hidalgo, 11550 Mexico City, CDMX, Mexico, registered in the Federal Register of Taxpayers under the code BTE1912023D6;
- Belvo Tecnologias, LTDA, a Brazilian company duly incorporated and validly existing under the laws of Brazil, with registered address at Rua Capitão Antônio Rosa, 409, Belvo, São Paulo – SP, Brazil, registered with CNPJ 37.869.837/0001-81.
The Belvo company that enters into the respective contract with the Client will be defined in the Subscription Agreement executed by the Parties with the complete Terms and Conditions, including the Service Order.
WHAT SERVICES WE OFFER
Belvo is a technology company whose main activity is the development and maintenance of a software platform (the “Platform”) and a tool designed to connect consumers, financial institutions and developers (the “Tool”), and to provide this technology to developer partners and Clients (“Client”) so that they can offer End Users, on demand, a wide range of services and tailor-made solutions in the financial area (the “End Users”). The Client wishes to make the Tool accessible to End Users through its Site or Application, in order to extract, systematize and access the financial data of its End Users. These Terms and Conditions (the “Agreement” or the “Services Agreement”) will govern the license to use an application programming interface (the “API”) by Belvo to the Client, from which the Tool can be integrated and accessed by the End Users through the Site or the Client’s application.
Section 2: Definitions
2.1. The terms below will have the following meanings in these Terms and Conditions:
“Account Information” means, in relation to an End User, information about one or more bank, financial or payment accounts held by that End User with a bank, financial or payment services provider, tax authorities, Gig Economy application and other sources of financial data, including (but not limited to) the entities set out in Annex I.
“Agreement” means these Terms and Conditions, as well as each of its annexes, the Service Order and the Subscription Agreement , which might be executed between the Client and Belvo.
“API” means the application programming interface provided by Belvo for the purpose of allowing the Tool to be integrated and accessed by End Users through the Client’s website or application.
“Applicable data protection legislation” means any federal, state or municipal, as well as, the normative instructions and applicable industry regulations that protect the right of people to privacy and protection of Personal Data, as modified or replaced from time to time, including, but not limited to (i) the Federal Law on Protection of Personal Data Held by Private Parties and the General Law on Protection of Personal Data in Possession of Obligated Subjects (Mexico), (ii) Organic Law 1581 of 2012 for the way in which they dictate the general provisions for the protection of personal data (Colombia), (iii) the General Law of Protection of Personal Data (Brazil) and (iv) the General Data Protection Regulation (EU) 2016/679) (Europe).
“Confidential information” means all scientific, technical, technological, regulatory, marketing, financial, legal and commercial information or data, as well as commercial secrets, communicated in written, oral, graphic, electronic or visual form, provided by a Party to another Party under these Terms and Conditions. By way of example only, but not restrictively, Belvo’s Confidential Information includes Belvo’s Intellectual Property Rights and any invention disclosed by Belvo to Client, and Client’s Confidential Information includes any information to which Belvo or the designated auditor may be accessed by Belvo in accordance with clause 10.
“Disclosing Party” means the Party that discloses Confidential Information to the other Party (“Recipient”) under these Terms and Conditions.
“Documentation” means the API and Software Development Kit (“SDKs”) integration user guides, as amended by Belvo from time to time.
“End User” means the Client’s end users.
“Intellectual property rights” means all industrial and / or intellectual property rights of any kind in the world, whether registered or not, such as copyrights, trademarks, service marks, trade secrets, trade names, software, domain names, moral rights, database rights, design rights, patents and other goodwill rights, know-how rights, trade secrets and other confidential information, as well as other proprietary rights that are recognized by the Laws and must include all re-exams, re-edits, extensions and any other post-issue counterparts to any of the previous ones, and orders or records for any of the previous ones, including provisionals, new versions, developments, divisions, substitutions and continuations ( in whole or in part).
“Link Creation” A Link is a set of credentials associated to an End User’s access to an institution with which said End User holds an account containing the End User’s financial information. For example, the username and password used to log in to an online banking platform. A link registration is required before accessing information from that specific end user.
“Platform” includes any data, images, text and content, including but not limited to any Software, application program interfaces, tools or other information or materials provided, made available and / or integrated into Client’s software by Belvo and accessible by the Client through the Belvo website / application, API or SDK and through which the Services are provided.
“Receiving Party” means the Party that receives the Confidential Information from the other Party (“Disclosing Party”) under these Terms and Conditions.
“SDK” means the Belvo software development kit that enables the creation of applications for a given software package, software framework, hardware platform, computer system, operating system, or similar development platform.
“Service Order” means the document attached to the Subscription Agreement with the details of the market in which the Services will be provided, the term of the Subscription Agreement and the applicable Pricing for the provision of the Services.
“Services” means the services that Belvo will provide, in accordance with the terms set forth in these Terms and Conditions, as described in Annex I.
“Software” means all software included on the Platform and used to provide the Services, including those improvements made or future and their extensions.
“Subscription Agreement” means the contract signed by the Parties, made available to the Client in case he wishes to obtain the Services, and which contains the Service Order and any other negotiated term for the provision of the Services.
“Tool” means the tool provided by Belvo that allows End Users to access and share Account Information with the Client.
“Trademark” means any word, name, symbol, color, designation or device or any combination thereof that functions as an identifier of origin, including any trademark, trademark, service mark, trade name, logo, trademark of design or domain name, registered or not.
Section 3: Scope of the Terms and Conditions
3.1 These Terms and Conditions establish the conditions that should govern the use of the Platform and the Services provided by Belvo to the Client.
3.2 Any Belvo Intellectual Property Rights that are not expressly granted and/or assigned in this document are reserved and owned by Belvo, expressly excluded from the scope of the Agreement.
3.3 Nothing in these Terms and Conditions shall be deemed to grant the Client any right to use the “Belvo” Trademark, its corporate logo or any other Trademark owned by Belvo.
Section 4: Services
4.1 Subject to the provisions of these Terms and Conditions, Belvo will provide the Client with the services listed below and defined in Annex I hereof:
- Make the Platform available to the Client through an integration process to be carried out by the Client with support from Belvo.
- Establish the connection through the Platform to extract, systematize and access the bank and financial data of the End Users.
- Provide maintenance of the technology that allows the Client to access the Platform and its updates, modifications, new versions, improvements or new functionalities, (the last two may be subject to new charges, in which case the Client will be notified in advance), implemented by Belvo from time to time.
4.2 The Client acknowledges that the provision of the Services by Belvo is subject to the Client’s information and collaboration (in particular during the integration of the Platform) and, based on this, agrees to provide Belvo with this information and to facilitate the future collaboration that is considered essential for the provision of the Services in accordance with these Terms and Conditions.
4.3 Belvo will make the Documentation available to the Client. The Client must comply with the Documentation for the integration and use of the API.
4.4 The Client must keep all user IDs, passwords and other access codes related to the Belvo API confidential and protected from all unauthorized persons, in accordance with the provisions set forth in these Terms and Conditions
Section 5: Test period
5.1 Prior to integration with Belvo and execution of the Subscription Agreement , the Client may register for an account to test services and Belvo platform; in that case, the Client will be entitled to a free trial environment without a maximum term. Additionally, Client will be entitled to 50 Link Creations in the production environment.
5.2 The terms and conditions set forth herein, with the exception of Section 5, apply to the Client using the Belvo Services and Platform prior to joining and signing the Subscription Agreement for the use of the Belvo Services and Platform.
Section 6: Consideration and payment method
6.1 In consideration for the use of the Services provided by Belvo, the Client will pay the amount defined in the Service Order attached to the Subscription Agreement.
6.2 The amounts owed by the Client for the Services provided by Belvo will be calculated monthly in accordance with the service plan contracted by the Client, unless otherwise specified in the Service Order.
6.3 As compensation for the provision of the Services, Belvo will issue a monthly invoice detailing the services provided to the Client in that month, which must be paid by bank transfer by the Client, within the period indicated in the following paragraph. Invoices can be issued by Belvo in electronic format and can be sent by email to the Client.
6.4 Payments must be made by transfer to Belvo’s bank account within the first five (5) days of each month, or as determined in the Service Order Form.
6.5 Belvo will have the right to suspend the fulfillment of all or part of its obligations if the Client does not fulfill its payment obligations and has not remedied the breach within five (5) days after notification from Belvo.
6.6 Each Party will be responsible for paying the applicable taxes, in accordance with the tax legislation.
Section 7: Intellectual Property Rights
7.1 You acknowledge through these Terms and Conditions that all intellectual property rights related to the Platform and other intellectual property rights are owned by Belvo and that it has the exclusive ownership of all improvements, changes, modifications, corrections, patches, solutions and other additions to them.
7.2 Likewise, the Client acknowledges and accepts that the brand, the name and all Intellectual Property in and for the Platform is the property of Belvo, and that nothing in these Terms and Conditions should be understood as an assignment, or is intended to operate or assign any right, title or interest in or to the Platform, except with respect to the use of the Platform by the Client in accordance with the terms and conditions established in these Terms and Conditions.
7.3 The rights granted to the Client under these Terms and Conditions are limited to specific provisions based on the scope defined herein. All rights not expressly granted to the Client in these Terms and Conditions must be understood as property of Belvo.
7.4 The Client must not, directly or indirectly, (i) reverse engineer, decompile, disassemble or attempt to discover the source code or the ideas or algorithms underlying any relevant element of the Platform; (ii) modify, translate or create derivative and / or based works on the Software; (iii) rent, lease, distribute, sell, resell, assign or transfer the rights of use of the relevant elements of the Platform; (iv) use the Platform for purposes not related to the provision of services to End Users; (v) remove or change any proprietary notices on the Platform or any reference to Belvo’s brand or name and you must not rename or rename any relevant item on the Platform without the prior written consent of Belvo and upon payment of additional charges that Belvo may determine; (vi) publish or disclose any evaluation of the Platform to third parties without the prior written consent of Belvo; or (vii) create a link to the Belvo website, the Platform or frame or mirror any content or access from the Platform, or (viii) otherwise replicate or attempt to replicate the functionality or appearance of the Platform.
7.5 Belvo is the sole owner of any systemic learning that has occurred within the Platform through parameterized or neural artificial intelligence, without implying any violation of the Client’s intellectual property, which is and will continue to be the owner of its own data and information.
Section 8: Client obligations
8.1 In addition to other obligations set in these Terms and Conditions, the Client agrees to comply with the following obligations:
- Client is solely responsible for the use of the Services in accordance with the regulations that are applicable to the Client, not limited to Open Banking regulations, in the jurisdictions where Belvo is providing the Services. Including, the applicable data protection legislation, with respect to the use and treatment of the data provided by the End Users when using the Platform, in accordance with the Agreement Data Processing signed between the Parties;
- Client is responsible for obtaining and maintaining, as well as ensuring the adequacy of the license, of all hardware, software and communication equipment necessary to access the Belvo website and the Platform, in addition to, carrying it out all necessary security acts in accordance with market standards for the safe operation of the device used to access the Platform, for example, but not limited to the use of antivirus software and reasonable physical, logical and administrative measures for secure access to the Platform;
- Client will be solely responsible for its actions and the actions of its End Users during the use of the Platform and the content of the Belvo website, and for all actions carried out using their username, password, encryption keys and others identification elements;
- Client must not share his credentials to access Belvo and its Services with third parties, nor must he transfer in any way, the data collected about End Users to third parties nor shall the Client resell Belvo Services without Belvo’s express consent;
- Client shall not use the Platform for illegal purposes; nor shall the Client send, publish, promote or transmit, through the Platform, any illegal, hostile, defamatory, abusive, threatening, harmful, vulgar, obscene, hateful, racial, ethnic or any other objectionable material of any kind or nature, responsible of any damage, corruption or breach derived from the breach of the provisions of this clause before you, before Belvo or before third parties;
- Client shall not access information, resources or other tools developed by Belvo that the Client is not expressly authorized to access;
- Client shall immediately notify Belvo of any misuse of the Platform by the End User, as well as any current or potential security breach or unauthorized access to the Platform or Account Information;
- Client shall comply with all regulations, policies and procedures of the networks connected to the Platform, in particular the applicable regulations on Protection of Personal Data;
- Client warrants that any End User will be aware of the terms of these Terms and Conditions.
- Make payments according to the terms and deadlines described in the Service Order;
- Designate qualified and trained employees for the operation of the Platform and for communication with Belvo, providing, whenever there is any incident related to the Platform, documentation, records, reports and other information that informs the circumstances in which the incident occurred;
- Orient its employees that, in the event of an alleged malfunction or unexpected behavior of the Platform, they must seek the support of Belvo and may not attempt any repairs themselves;
- Provide Belvo with timely access to your information and personnel, providing not only the availability of all documentation, but also providing all the information that may be requested by Belvo in accordance with the object of these Terms and Conditions;
- Obtain, at your exclusive expense, the appropriate licenses and / or authorizations and other documents that are necessary for the faithful fulfillment of the object of these Terms and Conditions;
Section 9: Warranties and Responsibilities
9.1 Each party warrants as of the date of this Agreement that: a) it has full capacity and authority to enter into and fulfill its obligations under this Agreement; b) this Agreement is entered into by a duly authorized representative with sufficient powers, who, for the avoidance of doubt, is effective from accepting the terms of this Agreement on the Belvo website and / or by signing the Subscription Agreement .
9.2 Unless otherwise expressly stated in these Terms and Conditions, the Platform is guaranteed to the Client to the extent and in accordance with the conditions established herein.
9.3 The Platform is provided in accordance with these Terms and Conditions “as is”, without warranty of any kind, either express or implied, including, but not limited to, warranties that the Software is free from defects, marketable, fit for a specific purpose, non-infringing, able to integrate with the Client’s system, non-interference and accuracy of information content. The Platform may undergo constant improvements and updates, and Belvo is not obliged to maintain a certain structure or operational design, if not for its own convenience. In addition, Belvo may make customizations on the Platform for the purpose of making exclusive customizations to meet specific needs
9.4 In no event will Belvo be liable for any consequential, indirect, exemplary, special or incidental damages, including loss of profits or income, arising out of or related to these Terms and Conditions. The total cumulative responsibility of Belvo in relation to these Terms and Conditions, whether by contract or illegal act or otherwise, must not exceed the amount actually received by the Client as consideration for the Services established in Clause 4 in the last six (6) months.
9.5 This disclaimer of warranty is an essential part of these Terms and Conditions, and the use of the Platform is not authorized here, if this disclaimer is not accepted and observed.
9.6 Belvo is not responsible for the purposes for which the Client uses the Services. If at any time Belvo becomes aware that the Client is using the Services for any illegal purpose, or if requested by any authority, Belvo has the right to terminate these Terms and Conditions, the Service Order and the Subscription Agreement immediately and without any liability to Belvo.
9.7 The Client acknowledges that Belvo has no responsibility to the Client and/or third parties regarding the commercial profitability of the Platform, as well as its suitability for a particular business or purpose. Even with all reasonable precautions, Belvo does not guarantee the absolute veracity and accuracy of the data contained in the sources used to feed the Platform.
9.8 The Client expressly accepts that Belvo is not liable in the event that the Client or the End User suffers any damage due to the information obtained from the Platform and is aware that the business and management decisions made by the Client should not be based entirely depending on the Platform.
9.9 In no event will Belvo be responsible for:
- Services whose execution is the responsibility of the Client or a third party that Client may contract;
- Services whose execution is the responsibility of a third party, provided that this is known to the Client, excluding any fault or intent from Belvo;
- Failures in the hardware and software that are owned or managed by the Client, that may impact, prevent or degrade the use of the Platform;
- Any damage resulting from the Client’s failure to comply with its obligations;
- Indirect or intangible losses, including, but not limited to, loss of profits.
9.10 Belvo has no obligation to inspect the content, or, in any way, to control the veracity or legality of the data inserted in the Platform, therefore, Belvo cannot be held responsible for any information, including illegal, immoral or unethical, perhaps contained in the Platform, which originate from the Client or the End User, being the End User and/or the Client exclusively responsible for answering to any third-party complaints or legal demands in this regard.
9.11 The Client is fully responsible for each and every one of the acts, deeds or omissions of its partners, employees, agents, sub-licensees or subcontractors involved or not involved in the administration and use of the Platform, which causes or may cause losses and / or damage to Belvo and others or violate any of the terms of these Terms and Conditions or other documents related to them.
9.12 Belvo will provide to the Client support services by opening tickets through the website https://support.belvo.com/hc/en-us/requests/new or other support interfaces introduced over time (“Calls”). The response time will vary according to the complexity of the Call.
9.13 Belvo will use its best efforts and resources to keep the Platform available for as long as possible in functioning properly, however, it is not responsible for events outside its sphere of interference or predictability that go beyond its efforts, or that the Client causes, in addition to preventive routines, such as:
- Causes that compromise the telecommunications services or electricity used by the Client, acts of a third party or other component that directly affect the operation of the Platform;
- Fortuitous event or force majeure;
- Necessary interruptions for technical adjustments or maintenance;
- Suspension of the provision of the contracted services as determined by the competent authorities, or for breach of the clauses of these Terms and Conditions or Service Order.
- When the platform of a banking institution is defective and Belvo is unable to connect to it. In this situation, there is no action that Belvo can take;
- When a banking institution suddenly changes its website / API, causing a sudden malfunction of the Platform with it. In this case, Belvo may have to build a new integration, which will require an effort of several days.
9.14 Belvo will not have the obligation to inform the Client in advance of the necessary interruptions in case of emergency, thus understanding those that put the regular operation of the Platform at risk and those determined by its security against detected vulnerabilities, which will be maintained for the time needed to repair them.
Section 10: Reports and audits
10.1 The Client must maintain complete and accurate records and accounts related to the use of the Services, calculating the use of the Services in sufficient detail to allow Belvo to confirm the accuracy of all fees due under this instrument for at least three (3) full calendar years after the end of the calendar year to which these records and accounts belong. This obligation will continue to apply during the term of the Agreement and until the third anniversary of the expiration or termination of the Agreement.
10.2 Belvo shall have the right, once a month, to directly audit or cause an independent accountant reasonably acceptable to the Client to audit the Client’s records and accounts maintained to confirm the payment traffic of the Services and the applicable fees for a period covering the preceding three (3) full calendar years. Such audits may be exercised during normal business hours upon reasonable prior written notice to the Client. The auditor shall disclose to Belvo only such information as is reasonably necessary to provide Belvo with information regarding any actual or potential discrepancies between amounts reported and actually paid and amounts payable under this Agreement.
10.3 In the event that the audit results reveal an underpayment by the Client, you must pay the amount of such underpayment to Belvo within fifteen (15) days of receipt of the audit report. In the event that the audit results reveal an overpayment by the Client, the Client will deduct the amount of such overpayment from the future Royalties payment under these Terms and Conditions.
10.4 Belvo shall bear the full cost of such audit unless such audit discloses an underpayment by the Client of more than ten per cent (10%) of the amount due for any calendar year, in which case, the Client shall bear the costs of the review or audit.
Section 11: Protection of personal data
11.1 The Parties agree to process information related to the identified or identifiable natural person (“personal data”) provided as a result of the relationship between the Parties only for the purposes established in these Terms and Conditions, in the Subscription Agreement , in the Service Order and its eventual attachments, in accordance with the Applicable Data Protection Legislation and Annex II of these Terms and Conditions.
11.2 The Parties acknowledge that, in order to comply with these Terms and Conditions, the Subscription Agreement, the Service Order and any addendum and annexes thereto, the Client must transfer certain personal data to Belvo or allow Belvo to access such personal data.
11.3 The Parties acknowledge that, for the purposes of the applicable Data Protection Legislation, the Client acts as the Data Controller (where the Data Controller has the meaning defined in the applicable Data Protection Legislation) and Belvo acts as the Data Controller (where Data Controller has the meaning defined in the applicable Data Protection Legislation). When required, the Client and Belvo will establish the categories of data subject, data processing objectives, categories of personal data and sensitive data (if applicable) (with personal data, data subject, sensitive data and data processing having the meanings defined in the Applicable Data Protection Legislation).
11.4 The interested parties (End Users) can exercise their rights of access, rectification, cancellation and opposition to the Client. In no event will Belvo respond directly to such requests, complaints or correspondence without the Client’s prior written consent, unless and to the extent required by Applicable Data Protection Legislation or other applicable law. In writing to the addresses included in the Subscription Agreement as the address of each party. The Parties declare that, if the Interested Parties are not satisfied with the exercise of their rights, they can file a claim with the competent data protection authority.
Section 12: Term and Termination
12.1 These Terms and Conditions will enter into force upon its acceptance by subscribing to Belvo Services at Belvo website or after the execution of the Subscription Agreement whichever occurs first, and will remain in effect until terminated in accordance with the following clauses.
12.2 The term for these Terms and Conditions is defined in the Service Order, or if the parties do not execute a Service Order with the Subscription Agreement, these Terms and Conditions shall have an indefinite term for as long as the Client use Belvo Services available for free on Belvo website, such as the ones available here.
12.3 Unless one of the Parties gives written notice to the other party sixty (60) days before the expiration of the Initial Term or any Renewal Term, this Agreement will renew automatically from year to year (each such year-to-year renewal term a “Renewal Term”).
12.4 In the event of automatic renewal, the Parties shall negotiate in good faith an adjustment to the rates agreed in the Service Order for the Services to be provided by Belvo.
12.5 Each Party shall have the right to terminate these Terms and Conditions, Subscription Agreement and/or Service Order by written notice to the other Party, if that other Party substantially breaches any of the terms, obligations, conditions and commitments entered into between the Parties and has not remedied said non-compliance within thirty (30) days following receipt of the notification issued by the Party that is in compliance (by registered letter, burofax or by notification of the Public Notary) requesting an interim default. Any termination will become effective at the end of the aforementioned period, provided that (i) the non-performing Party has not remedied its non-compliance before the end of that period and (ii) the non-non-performing Party has provided subsequent notice of termination.
12.6 Belvo may terminate the Agreement between the Parties immediately, in the event provided in Clause 9.6.
Section 13: Confidentiality
13.1 The Parties acknowledge that each Party will have access to Confidential Information of the other Party. The Receiving Party shall not disseminate Confidential Information of the Disclosing Party and shall keep such information under strict confidentiality and secrecy. Notwithstanding the foregoing, the Receiving Party may share the Disclosing Party’s Confidential Information with those of its officers, directors, employees, consultants and other representatives that have a need to know such information for the purposes expressly authorized by this Agreement, have been advised by the Receiving Party of the Receiving Party’s confidentiality obligations under this Agreement, and are contractually or legally bound by obligations of nondisclosure and nonuse at least as stringent as those contained herein.
13.2 The restrictions on disclosure and use by the Receiving Party of the Disclosing Party’s Confidential Information do not apply to information that is publicly known, or that becomes public knowledge without violating these Terms and Conditions, or that already was known to the Receiving Party at the time it was received by the Disclosing Party’s information, as evidenced by its pre-existing written records, disclosed to the Receiving Party by third parties, or independently developed by the Receiving Party. The Receiving Party may disclose Confidential Information if such disclosure is required in accordance with a court or administrative order, but must adequately inform the Disclosing Party prior to disclosure and reasonably provide the Disclosing Party with any necessary assistance in seeking an order to disclose. appropriate protection or other remedy, and you must continue to comply with your confidentiality obligations set forth in this document.
13.3 In addition, the Receiving Party may disclose Confidential Information if, and to the extent, such disclosure is reasonably necessary in the following situations:
- Exercise of the Receiving Party’s rights under these Terms and Conditions;
- If required by Law;
- Process or defend a dispute as permitted by these Terms and Conditions.
13.4 Unless otherwise provided in these Terms and Conditions, each Party agrees not to disclose to third parties the terms or the existence of the relationship between the Parties without the prior written consent of the other Party.
13.5 The obligations assumed under this clause will continue to be enforceable and binding between the Parties during the duration of the relationship between the Parties and as long as the Confidential Information remains secret and confidential.
Section 14: Notices
14.1 All notices to a Party under these Terms and Conditions will be processed in writing and sent to the addresses specified in the title of the Subscription Agreement , and will be deemed to have been delivered when received, if delivered in person; when the receipt is confirmed electronically, if it is transmitted by fax or email; the day after shipment, if shipped for overnight delivery by a recognized next day delivery service; and after receipt, if sent by certified or registered mail, return receipt requested.
Section 15: Assignment
15. 1 The Client must not assign or transfer in any way these Terms and Conditions or any of its rights and obligations under the existing relationship with Belvo, without the prior written consent of Belvo. Any assignment or transfer that violates this Section 14.1 will be void. Belvo may assign these Terms and Conditions without the Client’s consent in the following cases: (a) in connection with a merger, acquisition or sale of all or practically all of our assets; or (b) to any other company within the Belvo Corporate Group. Subject to the foregoing, these Terms and Conditions shall be binding and revert to the benefit of the Parties and their respective permitted successors and assigns.
Section 16: Modification, no waiver
16.1 These Terms and Conditions may change from time to time, in which case, the Client will be previously notified via email, and its continuous use of Belvo’s services after the notification shall consist of its acceptance of the new terms.
16.2 Unless otherwise specified in this document, the Service Order, the Subscription Agreement, or these Terms and Conditions only can be modified by means of a written document that refers to them and is duly signed by persons authorized to sign agreements on behalf of Belvo and the client. No term or provision of this document will be deemed waived and no violation will be excused, unless such waiver or consent is in writing and signed by the party who claimed to have waived or consented. Any consent of either Party, waiver or breach of the other, express or implied, will not constitute consent, waiver or excuse for any other different or subsequent breach.
Section 17: Severability
17.1 If any provision or subpart of these Terms and Conditions is deemed void or unenforceable, it will in no way affect the validity of the enforceability of any other provision of these Terms and Conditions.
Section 18: Force Majeure
18.1 Neither Party will be liable for its inability to perform with any of the obligations assumed under these Terms and Conditions, provided that such inability is due to causes beyond its reasonable control, such as, but not restricted to, fire, floods, strikes, labor disputes or other industrial disturbances, restrictions, unavailability of fuel or power supply, accidents, war (declared or not), embargo, isolation, riot, insurrection or change of government.
Section 19: Hierarchy
19.1 In the event of a conflict between the provisions of these Terms and Conditions and the provisions of the Subscription Agreement and the Service Order, the provisions of the Subscription Agreement and / or the Service Order shall prevail.
Section 20: Monitoring
20.1 In order to ensure compliance with the use of the Platform, the Client is aware and agrees that Belvo may monitor the use of the Platform and the logical environment in which the Platform is inserted locally or remotely using ( i) software or hardware that will make up the Platform; and (ii) other software or hardware that may be adopted for the duration of the relationship between the Parties, at Belvo’s discretion.
Section 21: Applicable Law and Jurisdiction
21.1 These Terms and Conditions shall be governed by and construed in accordance with the laws of Brazil or Mexico, depending on which is stated in the Subscription Agreement. Once jurisdiction is determined, the court identified in the Subscription Agreement will have jurisdiction to hear and resolve any dispute arising from these Terms and Conditions, and Client and Belvo expressly waive any other jurisdiction that may be considered competent under international treaties or applicable law. If Client does not sign the Subscription Agreement, these Terms and Conditions shall be governed by and construed in accordance with the laws of Mexico.
ANNEX I: SERVICES PROVIDED BY BELVO
1. The Services provided by Belvo generally include access to End User Account Information, according to the availability of markets, institutions and the type of data published in this link. However, access to specific markets may be limited according to the Subscription Agreement and/or Service Order. This access will be provided as explained below:
|a. Make the Platform available to the Client through an integration process to be carried out by the Client with Belvo’s support||i. Documentation and a starting guide shall be provided so that the Client can seamlessly integrate with the Platform and take the necessary steps to make it compatible with its own infrastructure|
ii. In addition to Documentation, Belvo shall provide SDKs and Widgets to ensure that the integration process is smooth. SDKs are to be provided in a series of programming languages and Widgets are intended to be placed inside the Client’s app or website so as to allow an easy communication between a Client’s End User and Belvo
iii. Belvo shall also provide integration examples and sandbox environment so that the Client can run a test integration with simulated data prior to doing so directly in production
|b. Connection through the Platform to extract, systematize and access to the End Users’ bank and financial data||i. Once connected to the Belvo API, the Client will be able to extract data and synchronise it on a recurring basis if it’s necessary for its particular use case|
ii. The Client shall make a request to the Belvo API with an End User’s credentials set, captured via the Tool on its interface – all of which is encrypted with the highest degree of security – and Belvo shall return all relevant data in a systematic and homogeneous format, regardless of the data source that is being checked
iii. This data can then be used by the Client according to its own internal requirements
|c. Data Interpretation and enrichment||i. Belvo upon collection of the End User’s data will analyse and share with the Client the End Users’ data with the following inputs: |
1. What type of category it believes the transactions belongs (such as, but not limited to, “Deposits”; “Home & Life”; “Food & Groceries”;”Online Platforms & Leisure” ;”Transport & Travel”;”Personal Shopping” “Taxes”; “Withdrawal & ATM”;”Credits & Loans”; “Bills & Utilities”; “Investments & Savings”; “Fees & Charges”; “Income & Payments”;”Transfers”).
2. What transaction(s) it believes to belong to the End User’s income
|d. Maintenance of the technology that allows Client to access the Platform and its updates, modifications, new features, new functionalities, upgrades or new versions implemented by Belvo from time to time.||i. Belvo shall conduct proper maintenance of the Platform and shall update and add data sources on a recurring basis|
ii. Enhancements will be made from time to time and the Client will be notified via an appropriate channel
iii. Belvo shall use reasonable endeavours, but shall not be under an obligation, to commit to uptime of 99% for the Service, except for Permitted Down Time, and unless a reduction in service level percentage occurs as a result of a third party’s negligence, a Force Majeure event or if the Institutions from which Belvo collects the End User’s data is down weather for maintenance or any other reason outside of Belvo’’ control. Uptime refers to services being available online
iv. Permitted Down Time shall be limited to the suspension of the Service necessary:
1. To enable us or our Agents to comply with an order or request from the Government, any competent regulatory body or other competent administrative authority; or
2. To enable us or our Agents to carry out work relating to the maintenance or upgrade of the Service
2. Account Information may include, but not be limited to, the following Financial and Personal Information:
- Personal information:
- Date Of Birth;
- Full Address(Es);
- Email Address;
- Phone Number;
- Bank account information:
- Account type (E.g. Current, Saving, Investment, Credit Card);
- Account name;
- Account number (both local and international);
- Account balance information:
- Current balance;
- Available balance (credit cards);
- Interest rate;
- Payment due date (credit cards);
- Next closing date (credit cards);
- Minimum payment due (credit cards);
- Meta data (arbitrary data that banks associate with a transaction).
- Additional data which Belvo may collect in the future:
- Loans data;
- Insurance data;
- Investments data;
- Fiscal and third-party providers (E.g. Utilities) information;
- Pension data.
- Fiscal Information
- Tax returns;
- Tax status.
Client is entitled to connect to Belvo’s Beta Program without any cost for testing new features, extensions, software, materials, etc of Belvo Services still under development, in which case Client agrees and acknowledges to the following:
- Only an onboarded Client with an executed Subscription Agreement may connect to Belvo’s Beta Program;
- Client’s participation on Belvo’s Beta Program is strictly voluntary;
- Client agrees to report any flaws, errors or imperfections discovered in any software or other materials where Client has been granted access to the Beta Program. Client understands that prompt and accurate reporting is the purpose of the Beta Program and undertakes to use best efforts to provide frequent reports on all aspects of the product both positive and negative and acknowledges that any improvements, modifications and changes arising from or in connection with Client’s contribution to the Project, remain or become the exclusive property of Belvo;
- Any software, extension, or other materials provided under the Beta Program shall not create any obligation for Belvo to continue to develop, productize, support, repair, offer for sale or in any other way continue to provide or develop the feature either to Client or to any other party. Should a commercial version be made available, it may have features or functionality that are different from those found in the Beta version;
- Any software, extension or material provided under the Beta Program is provided “as is” without express or implied warranty of any kind. In no event shall Belvo be held liable for any damages whatsoever arising out of the use or inability to use any software, extension or material provided under the Beta Program;
- The terms of this Agreement shall apply to the Beta Program testing, except if otherwise stated in this section.
ANNEX II: AGREEMENT FOR THE TREATMENT AND TRANSFER OF PERSONAL DATA
For the purposes of this Agreement, the following definitions shall apply:
Applicable Data Protection Legislation: Mexican’s Federal Legislation on Data Protection and its Regulations; Colombian’s Statutory Legislation 1581 of 2012 on Data Protection, or the Brazilian’s General Data Protection Legislation, as applicable.
Controller: Is anyone, of a private nature, which rules on the processing of personal data, in this case the Client.
Database: the ordered set of personal data relating to an identified or identifiable person.
Data subject: identified or identifiable natural person to whom the personal data refer.
Data Subject Rights: The rights of access, rectification, cancellation and opposition provided for in the Applicable Data Protection Legislation.
Personal data: Any information relating to an identified or identifiable individual.
Personal data protection: National Data Protection Authority in Mexico, Colombia or Brazil, as applicable.
Services: the services contractually agreed between the Controller and the Processor, also detailed in Annex I of the Subscription Agreement .
Subcontracting: It is the provision of services requested by the Processor and which involves the processing and communication of Controller’s personal data.
Sub-Processor: any Processor contracted by the Processor or any other sub-Processor of the Processor who agrees to receive from the Processor or any other sub-Processor the Personal Data of the Processor exclusively intended for Personal Data Processing activities that must be performed on behalf of the Controller, in accordance with Controller’s instruction and in accordance with the terms of this Agreement and the terms and conditions of the “Sub-Agreement” in writing that is to be entered into.
Violation of Security: at any stage of the Processing of Personal Data:
- Theft, loss or unauthorized copying of personal data or Databases;
- The unauthorized damage, alteration or modification of Personal Data or Databases;
- The unauthorized loss or destruction of Personal Data or Databases;
- Unauthorized use, access or treatment of Personal Data or Databases.
2) DETAILS OF THE REFERENCE FOR THE PROCESSING OF PERSONAL DATA
The categories of Data Subjects and Personal Data that will be processed by the Controller are specified in the document attached to this Agreement, identified as Annex II-A, which is an integral part of this instrument.
3) OBJECT AND PROCESSING OF PERSONAL DATA
The purpose of this Agreement is to regulate the relationship between the Controller and Processor in the processing of personal data, which results from this Service Provision Agreement entered into between the Parties of which this ANNEX is an integral part.
The Processor acknowledges that all rights, obligations and interests in the Personal Data correspond to the Controller, with the exception of the rights, obligations and interests established to the Processor in the Applicable Data Protection Legislation.
4) CONTROLLER’S OBLIGATIONS
The Controller agrees, undertakes and warrants that:
- The Processing of Personal Data, including its Remission, is carried out and will be carried out in accordance with the provisions of the Applicable Data Protection Legislation and that does not violate the applicable provisions of said provisions;
- Has instructed the Processor to process on behalf of the controller, the Personal Data referred to in Annex II-A of this Agreement and will continue to instruct the Processor on such treatment during the term of this Agreement, according to the Applicable Data Protection Legislation;
- If the Personal Data communications involve sensitive personal data, the controller will get express written consent from the Data Subject for the Treatment of Personal Data in accordance with the provisions of the Applicable Data Protection Legislation;
- A copy of this Agreement shall be made available to the corresponding Personal Data Protection Authority if such authority so requires, in accordance with the applicable provisions of the Applicable Data Protection Legislation, with the exception of any technical or commercial information contained in Annex II-B of this Agreement, which must be extracted and summarized for the knowledge of that authority.
5) PROCESSOR’S OBLIGATIONS
The Processor agrees, undertakes and warrants that:
- It will process Personal Data exclusively on behalf of the Controller and in accordance with its instructions;
- It will inform the Controller if, for any reason, it cannot process Personal Data in accordance with the instructions of the Controller or the provisions of this Agreement, in which case the Controller may suspend the communication and/or Processing of Personal Data or terminate the Agreement in advance;
- There are no sectoral or special provisions applicable to the Processor that prevent compliance with the instructions received from the Controller and obligations under this Agreement, in case of changes or waivers that result in the breach of obligations determined in this Agreement, the Processor shall immediately notify the Controller, who will have the right to suspend the communication and/or Processing of Personal Data or terminate this Agreement in advance;
- Implemented the Security Measures specified in Annex II-B, before carrying out the Personal Data Processing object of this Agreement;
- It will immediately notify the Controller in the following cases:
- If required by a competent authority to communicate or disclose the Personal Data subject to Processing, unless such notification constitutes a violation of a legal provision regarding the confidentiality of an investigation;
- If a Security Violation occurs regarding Personal Data processed on behalf of the Controller;
- If the Processor receives a request of exercise for Data Subject Rights, sent directly by a Data Subject, the Processor must notify the Controller and refrain from processing said request, unless expressly indicated otherwise by the Controller in writing.
- Provide the Controller, within 5 (five) working days, any requirement of the competent authority related to the Processing of Personal Data object of this Agreement and, in particular, those related to the Security Measures adopted for its Treatment;
- The Processor will provide the corresponding Personal Data Protection Authority with a copy of this Agreement if such an authority so requires, in accordance with the applicable provisions of the Applicable Data Protection Legislation, with the exception of any technical or commercial information contained in Annex II -B of this Agreement, which must be extracted and summarized for the knowledge of that authority;
- In the case of hiring a SubProcessor, the Processor must comply with the provisions of Clause Six of this Subscription Agreement.
6) CONTRACTING SUB-PROCESSORS
The Processor may hire individuals or legal entities as Sub-Processors, provided that theSub-Processors chosen comply with the same obligations regarding the protection of Personal Data established for the Processor under the terms of this Agreement.
In such cases, the Processor must enter into a Personal Data Processing Agreement with each of the corresponding Sub-Processors. These Personal Data Processing contracts must be in writing and contain, at a minimum, the same obligations in relation to the protection of Personal Data established between the Parties
7) SECURITY MEASURES
The Processor must implement all appropriate Security Measures to protect Personal Data.
8) DATA RESPONSIBILITY
The Controller is responsible for any third party data, including Personal Data, that it shares with the Processor, under this Agreement, in any capacity.
9) PERSONAL DATA SECURITY VIOLATIONS
The Processor must notify the Controller of any Security Violation related to the Personal Data object of this Agreement, which may occur at any stage of the Treatment under its responsibility or under the responsibility of a Sub-Processor, if applicable.
For such purposes, and in order for the Controller to have the information and documentation necessary to act in accordance with the provisions of the Applicable Data Protection Legislation, if the Processor suffers a Security Violation related to said Personal Data, the Processor must communicate the Controller as soon as it has its technical proof, passing on to it, at least, the following information:
- Nature of the incident (including information on the circumstances in which it occurred);
- Compromised personal data;
- The corrective actions that the Processor would have taken immediately, after having confirmed the occurrence of the breach of security of personal data;
- Any information that allows the Controller to communicate the Data Subject the measures they can take to protect their interests;
- The means by which the Controller can obtain more information about the security breach, in order to inform the holders of any relevant information in this regard.
10) OBLIGATIONS APPLICABLE TO TERMINATION OF SERVICES
The Parties agree that, upon termination of the Services regulated by the Agreement and related to this Agreement, the Controller may instruct the Processor (and the Sub-Processors, if applicable) to, at its discretion:
- Return all Personal Data to the Controller, including any type copy and Personal Data were processed as a result of the Services; or
- Destroy all Personal Data, including any copies and/or Personal Data processed as a result of the provision of services. In this case, require a certificate from the Processor, specifying the method of destruction used and, if applicable, the identity of the service provider responsible for the destruction.
In both cases, the Processor will only be able to keep a copy of the Personal Data indispensable for compliance with the legal or regulatory provisions in force that require such preservation by the Processor, for the purposes expressly provided for in said legislation. In these cases, the Processor guarantees to the Controller the blocking and confidentiality of the Personal Data stored, and that it refrains from using them for any type of further processing.
11) DAMAGE AND INDEMNITY
In the event of damage or loss sustained by either Party as a result of any breach of legal or contractual obligations related to the protection of Personal Data, including administrative penalties and convictions in judicial or arbitration proceedings, the innocent Party shall be compensated for the full amount of the losses and damages, costs, attorneys’ fees and other expenses arising from such non-compliance.
If either Party is sued by any person, authority or entity, public or private, due to an incident provenly caused by the other Party or by third parties appointed by it to perform services, or even due to non-compliance with obligations established in the Applicable Data Protection Legislation and other pertinent regulations, the innocent Party is guaranteed the right to denounce the dispute, return action and other measures necessary to ensure its rights.
DETAILS OF TRANSMISSION AND PROCESSING OF PERSONAL DATA
1. Data Subject’s Personal Data
The Personal Data sent to the controller and/or to be subject to treatment for the provision of services are related to the (s) following (s) category (s) (s) of Data Subjects:
- End Users.
2. Personal Data Category
The Data that the Processor will process on behalf of the Controller to provide the Services include:
- Identification and contact details;
- Bank, financial and equity data;
- Financial transaction data;
- Tax data;
- Data and navigation devices.
LIST AND DESCRIPTION OF THE SECURITY MEASURES ADOPTED BY BELVO FOR THE PROTECTION OF PERSONAL DATA
1. Information security programs
Belvo maintains security policies and procedures that are applied internally. These policies and procedures are designed to: a) help manage Personal Data against accidental or illegal loss, access or disclosure; b) identify unauthorized or insecure access to Belvo’s infrastructure; c) minimize security risks through regular security tests and assessments.
2. Best practices
Belvo seeks to comply with the best security practices and industry standards. This includes secure encryption practices, secure architecture practices, perimeter and network protection, intrusion detection, alert and continuous monitoring. For more details, please visit https://belvo.com/security/.
The Controller authorizes the Processor to Transfer End User Data and to process such data in the following countries: United States of America.
Date of last update: February 22, 2021