Belvo

General Conditions of Service Usage

Last Update on June 27th 2024:

Belvo’s General Conditions of Service Usage (“General Conditions” or “Agreement“) describe the rights and obligations that you (“Client“) have in contracting the services contained in our software platform (“Platform” or “Services” or “Software”).

Each of the parties, Belvo and Client, will be referred to as “Party” for the purposes of this Agreement. Together, Belvo and the Client will be referred to as “Parties”.

By contracting any of the Platform Services, you will be entering into a binding contract with Belvo. Your Agreement includes these General Conditions of Service Usage, the annexes and/or policies mentioned in this document and the agreements entered into between the Parties.

Belvo may, at any time, change the terms of the Agreement, its annexes and/or policies, with a view to improving and improving the services provided.

  1. Definitions
    1. Without prejudice to the other definitions inserted throughout this Agreement, the expressions below will have the definitions established below, in the plural or singular:

Service Level Agreement (“SLA”): level of service offered by Belvo to the Client regarding the service and support to users, as well as the maintenance and availability of the Platform;

API: application programming interface provided by Belvo whose purpose is to allow the Platform to be integrated and accessed by an End User through the Client’s website or application.

Belvo: Belvo Tecnologias Ltda., CNPJ 37.869.837/0001-81; BELVO INSTITUIÇÃO DE PAGAMENTO LTDA., CNPJ No. 43.215.815/0001-09; and other affiliated companies.

Client: qualified company in the Service Order.

Personal data: means any information related to an identified or identifiable natural person that is collected as a result of the obligations of the Parties in the context of this Agreement, as well as information related to a natural person that is shared or made available to another Party under the terms of this Agreement.

Transactional Data: means any financial data and transaction data carried out by End Users that are shared between the Parties within the scope of Open Finance and/or the use of Belvo’s APIs.

Documentation: means the API integration and Software Development Kit (SDKs) user guides provided by Belvo and which are available at:https://developers.belvo.com/

Open Finance: means the Open Financial System, a standardized data and service sharing system through the opening and integration of systems, by financial institutions, payment institutions and other institutions authorized to operate by the Central Bank, under the terms of Joint Resolution 1 and regulations subsequent.

Order of Service: document signed by the Parties, which contains the details of the Software, Services, and other information relevant to the provision of Services by Belvo.

Representatives: all persons belonging to the economic group of the Parties, their partners, administrators, directors, advisors, partners, attorneys-in-fact, advisors, consultants, employees, agents, subcontractors or any third parties directly or indirectly related to the Parties, as well as any person, natural or legal , including those that, directly or indirectly, exercise control over such legal entity, as well as its controlling, controlled, affiliated, interlinked and companies under common control, pursuant to Law No. 6,404/1976, as amended.

Final user:  any natural or legal person who maintains a relationship with the Client and is benefited by the Services.

  1. Object
    1. The Services contracted by the Client are described in the Service Order.
    2. The Service is provided as it is available, and may undergo constant improvements and updates, such improvements and updates will be made available to the Client at no additional cost.
    3. Belvo may develop new services during the term of the Agreement. Such services may be contracted by the Client, upon a new written agreement.
    4. Any customization must be expressly provided in the Service Order or in a specific instrument.
  1. Belvo’s obligations
    1. Guarantee the quality of the Services, in accordance with the provisions of the Agreement and its Annexes.
    2. Provide technical support and maintenance services related to the Service, within the agreed terms and conditions.
    3. Keep the Services compliant with regulation, as applicable.
  1. Client Obligations
    1. Make the payment of the amounts due to Belvo, according to the term and conditions established in the Agreement and in the Service Order;
    2. Remain solely responsible for the use you make of the Services.
    3. Maintain, in accordance with best market practices, an information security, data protection and compliance structure;
    4. Obtain, at its exclusive expense, the appropriate licenses, certificates and/or authorizations and other regulatory, legal, technical and security documents that may be necessary for the faithful fulfillment of the purpose of this Agreement.
    5. Remain solely responsible for your actions and the actions of your End User while using the Belvo Platform;
    6. Not share your credentials to access the Services;
    7. Not to use the Platform for illegal purposes, being liable for any damage or failure resulting from non-compliance with the provisions of this clause before you, Belvo or third parties;
    8. Not to access information, resources or other tools developed by Belvo that the Client is not expressly authorized to access.
    9. In the event of a failure or incident in the Services, cooperate with Belvo, whenever possible, providing information that helps Belvo to understand the circumstances in which such failure and/or incident occurred.
    10. You will not translate, modify, decompile, decompose and/or reverse engineer the Services;
    11. Notify of any misuse of the Services, as well as any breach of security or unauthorized access.
    12. Guide your employees to seek support from Belvo if they identify any unexpected behavior or malfunction. It is prohibited for third parties not authorized by Belvo to interfere with the Services.
    13. In order to promote a fair use policy and promote stability, if the Client generates a recurring link, it must not be removed or manipulated in any way, for a minimum period of 90 (ninety) calendar days from its creation
  1. Price and Payment
    1. The price for the services rendered is established in the Service Order.
    2. Payment of the price must be made monthly, by transfer to the account designated by Belvo, by the fifth business day of each month, from the issuance of the respective invoice(s) or invoice(s) s) sent by Belvo.
    3. Annually, prices will be corrected by the IPCA-IBGE, without the need for an amendment or prior communication.
    4. If this index is extinguished or ceases to be used, the index that will be instituted by the authorities to replace it will be adopted and, in its absence, another form of adjustment will be determined by mutual agreement between the Parties.
    5. In case of delay in payments, the Client will pay (i) a late fee of 2% (two percent) on the total amount due; (ii) arrears interest of 1% (one percent) per month and; (iii) monetary restatement by the IPCA-IBGE until the effective payment date.
    6. Each Party will be responsible for paying the applicable taxes, in accordance with the tax legislation.
  1. Term and Termination
    1. The Agreement will begin on the date of signature of the Service Order and will remain in force for 12 (twelve) months, unless terminated earlier by either Party, upon written notice at least 60 (sixty) days in advance.
      1. After the end of the initial period, the contract will be automatically renewed for equal periods.
    2. This Agreement may be terminated for just cause, regardless of prior notice, in the following cases:
      1. By Belvo, in the event of unjustified delay in payments by the Client for a period exceeding 30 (thirty) days, counted from the due date;
      2. In the event of default by either Party of any obligation set forth in this Agreement, after the expiration of a period of 30 (thirty) days without the non-compliance having been remedied, counting from the notification sent by the other Party informing the non-compliance;
      3. In case of request, decree or homologation of intervention, temporary special administration regime, bankruptcy, dissolution, liquidation, extinguishment or judicial or extrajudicial recovery of any of the Parties;
      4. Practice of activities considered illegal by one of the Parties;
      5. Practice of activities that may cause reputational damage to one of the Parties;
      6. If the authorizations, concessions, permits and licenses necessary for the regular exercise of the Client’s activities or for the provision of the Services are not renewed or canceled, revoked or suspended;
    3. In the event of termination of this Agreement by Belvo, the Client will pay the full amount due.
      1. The termination of this Agreement shall not, under any circumstances, exempt the Client from its obligation to pay amounts due to Belvo for the period prior to the date of effective termination of this Agreement.
      2. In the event of termination of this Agreement by the Client, any amounts owed by Belvo will be subject to the limitations established in this Agreement.
    4. The Client is aware and agrees that any inaccuracies, inaccuracies, errors, failures and/or other discrepancies related to the results generated from the use of the Services will not constitute, under any circumstances, a hypothesis for the early termination of the Agreement.
    5. All provisions of intellectual property, remuneration and limitations of liability will remain in effect even after the termination of this Agreement and the documents linked thereto.
  1. Warranties and Limitation of Liability
    1. Client represents and warrants that it has reviewed and agreed to all applicable terms, policies and attachments to the Services
    2. The Client acknowledges that access to the Services does not imply the right to reproduce, sell, license, rent or transfer them in any other way.
    3. Client expressly agrees and accepts that use of the Service by itself and its End Users is at its sole risk and responsibility.
    4. The Services are used “as is”, “with all faults and defects”, “as available” and without warranties of any kind, either express or implied.
    5. The Client acknowledges that Belvo does not guarantee the uninterrupted availability of the Service, nor the absence of any technical and/or operational problems, including failures, loss of information, suspensions, interruptions and other performance problems.
    6. Belvo does not guarantee that its systems and servers cannot be attacked, invaded, modified or damaged in any way by third parties.
    7. Belvo will not be liable for any damages suffered by the Client, End Users and/or third parties resulting from the inappropriate use of the Service, nor for security incidents caused exclusively by the Client, as a result of misuse, malpractice or non-compliance with the instructions and Belvo documentation.
    8. Belvo will not be liable for damages, including lost profits or financial losses, that may arise as a result of the provision of the Service, in relation to the Client, End Users and/or any third party.
    9. The Party that suffers judicial or administrative claims arising from third parties of the other party will receive reimbursement of expenses and the party causing the damage will be responsible for the required obligations, exempting the injured party from any liability or losses.
  1. Combating Corruption and Money Laundering
    1. The Parties declare, by themselves and their Representatives, that they act in accordance with all laws and regulations related to combating and preventing corruption and money laundering.
    2. The Parties declare to be aware that they have not performed, do not perform and will not perform any acts or practices that, directly or indirectly, involve offering, promises, bribery, extortion, authorization, solicitation, acceptance, payment, delivery or any other act related to pecuniary advantage undue or any other illegal favoritism in violation of the aforementioned and applicable legislation, including those relating to corruption and money laundering.
    3. The Parties declare that they are not involved with any allegation of money laundering, financial crime, financing of illicit activities or acts against public administration, corruption, fraud in bids or bribery.
    4. The Parties declare that, directly or indirectly, they will not receive, transfer, maintain, use or hide resources arising from any illegal activity, as well as they will not hire as an employee or in any way maintain a professional relationship with individuals or legal entities involved in activities criminals, especially people investigated for the offenses provided for in anti-corruption, money laundering, drug trafficking and terrorism laws.
  1. Intellectual property
    1. Belvo’s intellectual property rights (including customizations requested or not by the Client) and other intellectual materials that compose them, are the exclusive property of Belvo.
      1. The Client has no authorization to act on behalf of Belvo or promote any registration with the competent authority.
    2. Client may not license, resell, copy, modify, distribute, transfer, reverse engineer the Services without Belvo’s written consent.
    3. Belvo is the sole holder and owner of any systemic learning (“machine learning”) that occurs within the scope of the Services by means of artificial intelligence (or any other technology), without this implying any violation of the Client’s intellectual property.
    4. Each Party shall respect all Intellectual Property of the other Party.
    5. Belvo may, at its discretion, include the brand and name of its Clients in its sales materials for prospecting potential clients (folder, website, slides and commercial presentations).
      1. The Client expressly authorizes Belvo to publicize the partnership in any media, including, but not limited to, the written press, digital press, television, radio and social networks. The disclosure may include the Client’s name, brand, logo, and other pertinent information. This authorization is granted at no cost to Belvo and for an indefinite period of time, and may be revoked by the Client upon prior notice.
    6. Belvo hereby authorizes the Client to use its brand in the Services interface.
  1. Confidentiality
    1. Each Party may disclose confidential information to the other Party. Confidential information will be limited to technical, commercial, financial, business and other sensitive information that is not public knowledge and that has been identified as confidential by the disclosing party.
    2. Each Party agrees to keep the other Party’s confidential information confidential and not to disclose it to third parties without the prior written consent of the other party, except to the extent necessary for the performance of this Agreement.
    3.  This confidentiality obligation does not apply to information that: (a) is or becomes publicly available; (b) was obtained from a third party without breach of confidentiality obligations; (c) has been independently developed by the receiving party; or (d) are required by law, regulation or authority.
    4. This confidentiality obligation will remain in effect during the term of this Agreement and for a period of 2 (two) years after the termination of this Agreement.
    5. Upon termination of this Agreement, each Party shall return or destroy all confidential information of the other Party.
  1. Protection, Security and Data Processing
    1. The Parties, by common agreement, undertake to comply with the duties and obligations regarding the protection of personal data and undertake to treat the Personal Data collected and/or shared under this Agreement in accordance with the applicable legislation in force, including, but not limited to the General Data Protection Law (“LGPD”). The Parties shall ensure that their employees, agents and subcontractors comply with data protection legislation.
    2. For the purposes of this Agreement, the Client may share with Belvo: (i) Personal Data of the Client’s Representatives, observing that such Personal Data of the Client’s Representatives will be processed by Belvo with the purpose of generating access credentials and enabling the handling of the Software by the Client’s Representatives; (ii) Personal Data of end users, for purposes related to the provision of services contracted herein.
      1. The Client is already aware of and agrees that Belvo will process the information obtained as a result of the services provided, for the purpose of evaluating, developing, modifying, updating and improving the Platform and its services.
    3. The Client ensures that the Personal Data provided to Belvo is obtained in accordance with the LGPD, as well as other legislation governing the processing of personal data, taking all necessary measures such as ensuring the transparency of processes in its privacy policy and other documents applicable, and obtaining consent from End Users, where applicable, to ensure that Belvo has the right to process such Personal Data.
    4. It is an integral part of this Agreement, the Belvo’s Privacy Policy, which will provide for how Belvo handles Personal Data on its Platform, with the Client declaring to be aware of the content of said document.
    5. A Belvo shall, provided that by legal determination, record all activities carried out in its systems/environments (“Records”) at least while this Agreement is in force, including any activity related to Personal Data processed under the Client’s determination, in order to allow the identification of who performed them. Such Records may contain:

(i) Action;

(ii) Identification of system users;

(iii) IP data at the time of action;

(iv) Date/time of the action, with reference to UTC (Universal Time Coordinated), with its system clocks synchronized with Brazilian legal time and in accordance with the NTP protocol (ntp.br) for clock synchronization; It is

(v) Session ID of the connection used.

  1. The Records may be used for the purpose of: (i) identifying and serving the Client and fulfilling the obligations of the Agreement; (ii) improve the Software; (iii) safeguard rights and obligations related to the use of the Software and (iv) comply with court order and/or administrative authority.
  2. As part of the provision of services, the security measures adopted by Belvo for transmission and storage can be consulted at: https://belvo.com/security/, also with the application of the following definitions listed below:

7.1. Transactional Data Retention Requirements – How many days does Belvo keep the data?
7.1.1. Indeterminate standard for recurring links (the Client can tell you how long it best suits your needs) and 12 months for single links – for as long as the contract is in force.
7.1.2. We keep the data for as long as the contract is active, or sufficient to meet regulatory and legal purposes.
7.1.3. At Belvo, the Clients’ data is separated into different categories and thus the data retention matrix is defined, which are:
a) Data provided by the Client and data of the Data Subject: 365 days or up to 30 days after the termination of the contract.
b) Encrypted credentials of the end user:
b.1) From 1 to 365 days after the creation of the link for recurring links according to the storage credentials parameter defined by the Client.
b.2) 15 minutes for single links when MFA token is required.c) Data derived from the Customer: From 1 to 365 days after the last time the User’s account was accessed (according to the save_data and stale_in parameters set by the Customer).
7.1.4. Raw scraping data: 7 days according to Belvo’s Data Management Policy.


7.2. Credential management (storage pattern, for how many days, etc.)
7.2.1. For transactional data, whether it’s Customer Provided Data & Cardholder Data, we have the default of 365 days (after data collection) or 30 days after contract termination.
7.2.2. Any credentials collected by Belvo are encrypted in our database, for this we distinguish between single, recurrent links and customer derived data:
a) Single links: 15-minute retention for accesses in which the MFA token is requested (if there is no MFA, we do not store it).
b) Recurrent links: storage can be from 1 to 365 days. c) Customer Derived Data: this data is the result of the service provided by Belvo (i.e., open finance data and related) its retention period is from 1 to 365 days since the User’s account was last accessed, as defined by the Customer.


7.3. Data Deletion
7.3.1. What needs to happen when we end the contract with the Client, what kind of proof is needed to be shared?
7.3.2. It is made 30 calendar days after the end of the contract or 30 days after the customer’s request, according to Belvo’s policy.
7.3.3. Only the Client provided data (end-user credentials, CPF, CURP) are excluded. Derived data (bank data, employment data).
7.3.4. Belvo uses the technique of crypto shredding for the deletion of data. Your data is encrypted with a specific cryptographic key. When we delete the data, the cryptographic key is also deleted. In this way, even if the encrypted data remains in our database, Belvo can no longer access it, because the key that decrypts it no longer exists. This is an internationally recognized safe technique (according to NIST SP 800-88).
7.3.5. Belvo sends the necessary proof to the Customer through screenshots demonstrating that the command for the deletion of the CMK (customer managed key) was sent and executed.


7.4. SLAs for API Incidents, Uptime, and Performance
7.4.1. As per Annex I of the Terms and Conditions.


7.5. Notifications we need to send in the event of a security breach.
7.5.1. Belvo Standard of 72 hours, or as defined by the Customer in the Agreement upon the point of contact and means of communication to be informed herein.

  1. General Provisions
    1. This Agreement does not create any form of partnership, association, joint venture, agency, consortium, or joint and several liability between the Parties.
    2. This Agreement does not create, directly or indirectly, any employment relationship, obligation or liability between the Parties in relation to the professionals of the other Party.
      1. Each Party is solely responsible for all charges arising from current legislation on its own employees.
    3. Aiming at improving and improving the services provided, Belvo may, at any time, change the terms of the Agreement, its annexes and/or policies, without the need for prior notice or written agreement.
    4. Upon substantiated justification, Belvo may audit the Client, with the purpose of verifying whether the Services are being used in compliance with the Agreement and the law.
      1. Audits must be scheduled in advance and carried out with the collaboration of the Client. Audit costs must be paid by the Client if it is found that the Client has used the Service in violation of the Agreement and the law.
    5. The tolerance of the Parties for any breach of obligations assumed in this Agreement will not be considered novation, waiver or withdrawal of any right, constituting mere liberality, not preventing the tolerant Party from demanding the faithful fulfillment of the Agreement from the other party, at any time.
    6. The provisions of this Agreement prevail over any other previous agreements between the Parties, referring to the conditions established therein.
    7. The contract is governed by the laws of the Federative Republic of Brazil.
    8. The Parties elect the jurisdiction of the Judicial District of São Paulo, in the State of São Paulo.

ANNEX I

SERVICE LEVEL AGREEMENT

  1. Service Levels
    1. Belvo will do its best to keep the Services working properly and correct any issues that may occur.
    2. Outages will be classified in priority level as follows:
PriorityDefinitionVolume
(affected users)
P1 – HighAn incident that significantly affects a segment of End Users. Includes, but is not limited to:
– An incident that has an immediate and moderate level of impact on Belvo Clients
– An incident affecting key features* and functionality, resulting in critical restriction of use of the Service by a significant number of End Users
– A significant degradation in software response time or functional performance [Example: API calls go from x seconds to x seconds over a period of hours]
– A software error that results in significant data content or data quality issues for most end users
More than 10% of end users
Full impact on core functionality
P2 – NormalAn error that results in the partial loss of a feature, functionality or capability that includes, but is not limited to:
– An incident that has a medium to low level of impact on end users
– A software error that affects a minor** feature and/or function of the Service and typically affects all or most Users
**Examples of minor features: Changing preferences, UI display, in general all non-process features stop to perform critical system functions
More than 10% of end users
Partial impact on features
P3 – LowA partial failure that results in loss of service capacity, features or functionality affecting End Users which includes, but is not limited to:
– An incident that has a medium to low level of impact on End Users
– A software error that affects a minor feature and/or function of the service and typically affects a single or low number of end users
Less than 10% of end users
  1. Belvo will start counting the response time as soon as the Client makes the request through the official service channel (“Opening a Call”).
  2. The Service Desk will be available at the days and times specified below to provide updates and respond to support requests:
PriorityVolume
(affected users)
initial response
(business hours)
Updates
(business hours)
P1 – HighMore than 10% of end usersFull impact on core functionality24 hoursevery 24 hours
P2 – NormalMore than 10% of end usersPartial impact on features24 hoursWeekly
P3 – LowLess than 10% of end users24 hoursWeekly
general questions2 days
  1. If the unavailability of the Services is caused by events that are beyond Belvo’s reasonable control, Belvo will not consider this to be a failure of the Services.
    1. Causes due to factors beyond Belvo’s reasonable control, including any acts of God, Internet access issues or related issues, provided Belvo has taken reasonable and customary precautions to avoid such factors; (ii) results from any act or omission by the Client; (iii) results from Client equipment, software or other technology and/or third party equipment, software or other technology outside the control of the Provider and its employees/partners; or (iii) failures of banking, telecommunications, tax and/or government systems and other errors or failures that may occur on these platforms.
  2. “Business Hours” means Belvo’s business hours, from 9:00 am to 6:00 pm, Monday through Friday, except national holidays, according to the São Paulo time zone (GMT-3).
  3. Communication with Belvo by means other than Belvo’s official service channel, including, without limitation, email or WhatsApp and reports from End Users do not constitute an Opening of a Ticket and, consequently, the count will not start of the deadlines indicated in this Annex.
  4. Belvo will not be liable for any failures, temporary or permanent unavailability or instabilities in the Services, if such failures are attributable to the integration of the Service with the Client and/or third parties.

​​

ANNEX II

SPECIAL CONDITIONS

Open Finance Data Aggregation (“Anexo OFDA”)

OFDA Annex only is applicable if the Client has contracted the Open Finance Data Aggregation Service.

The Open Finance Data Aggregation service is provided by: BELVO INSTITUIÇÃO DE PAGAMENTO LTDA.

  1. Object
    1. The purpose of this Agreement is to regulate the contracting of the Data Aggregation service within the scope of Open Finance, through integration via Belvo’s APIs (“OFDA Service”).
  2. Client’s additional obligations
    1. Remain solely responsible for the use you make of the OFDA Service and the information shared and/or obtained through this Service.
    2. Observing and respecting the user experience definitions provided for in the regulation applicable to Open Finance, not making any changes that have not been agreed, in writing, with Belvo.
      1. In the event of breach of this clause by the Client, the limitations of liability provided for in this agreement will not apply and the Client will be responsible for indemnifying Belvo for all damages, of whatever nature, that Belvo may suffer.
    3. Implement in the first levels of its main channels with the End User, to be determined jointly with Belvo, an Open Finance environment, in order to allow quick and easy access to the “Consent Management” functionality, according to the requirements from the Open Finance User Experience Guide.
    4. Inform Belvo immediately if you apply for authorization with the Central Bank of Brazil to become a financial institution, payment institution or any other type of institution subject to regulation by the Central Bank of Brazil.
  3. Limitation of Responsibility
    1. The Client is solely responsible for the services provided to its end users, even if these services are related to the OFDA Service.
      1. The Client shall hold Belvo harmless from any damage, error or liability arising from the provision of these services.
    2. If Belvo is sued in court or out of court by End Users for any reason related to the services provided by the Client, the Client agrees to (i) indemnify Belvo for all damages, costs and expenses actually incurred in defending its rights and interests; and (ii) make all necessary efforts to assume its responsibility and replace Belvo as a defendant in any legal or administrative claim initiated by end users.
    3. The Parties agree that, if Belvo is operating in a contingent scenario due to situations beyond its control, such as interruption in Open Finance services, as well as failure of third-party servers, delays in transaction response times, system failures banking and other errors or failures that may occur during, Belvo will be exempt from meeting the agreed service levels while such events last.

ANNEX III
SPECIAL CONDITIONS

PIX via Open Finance
The PIX via Open Finance Annex is only applicable if the Client has contracted the Service in any of its three modalities provided by Belvo: PIX Payment Initiation, Recurrent PIX and Scheduled PIX (“PIX via Open Finance”).

PIX via Open Finance is provided by: BELVO TECNOLOGIAS LTDA and its Partner or by BELVO INSTITUIÇÃO DE PAGAMENTO LTDA, at the discretion of BELVO

  1. Object
    1.1. The purpose of this Agreement is to regulate the contracting of the PIX service in any of its three modalities provided by Belvo within the scope of Open Finance.
  2. Definition and Modalities
    2.1. PIX via Open Finance is a feature that combines the PIX instant payment system with the Open Finance framework, allowing payments to be made in an even more integrated and automated way.

2.2. Belvo provides the PIX Service and uses Open Finance standards to direct users to the payment screen of their banking institutions, where they can validate the transaction details and confirm the payment via 3 (three) modalities:

2.2.1. PIX Payment Initiation: is a feature that facilitates the creation of a PIX transaction between the payer and the account indicated by the customer. This service can be started via API’s or through the Belvo payment link, and is supported by webhooks that allow customers to have access to the payment status.

2.2.2. Recurrent PIX: This feature allows the authorization of multiple payments with a single short-term consent. It enables payments similar to Direct Debit. The feature is especially useful for subscription payments, monthly payments, or any other type of recurring charge, because with a single approval the Recipient will be able to capture multiple payments. It has a short-term consent, as the payment cannot be changed after it has been created, including date and amount. It holds a fixed amount, all settlements using the scheduled Recurrent PIX will need to have the same value.

2.2.3. Scheduled PIX: is a feature that allows users to schedule transactions to be carried out on a specific future date. This feature is useful for organizing and planning payments, such as recurring bills or upcoming financial commitments, ensuring that the transaction is carried out on the desired date without the need for manual intervention at the time of execution. This feature may be relevant for lump sum loans and businesses with a Buy Now, Pay Later model.

  1. Additional Obligations of the Client
    3.1. Implement risk and compliance processes aimed at preventing payment initiations from being used as instruments to carry out illicit activities, including but not limited to (i) money laundering; (ii) terrorist financing; and (iii) corruption (“Compliance Processes”).
    3.1.1. Provide any information or documentation relating to End Users that has been collected during the Compliance Processes.
    3.2. Observe and respect the user experience definitions provided for in the regulations applicable to Open Finance, not making any modification that has not been agreed in writing with Belvo.
    3.2.1. In the event of non-compliance with this clause by the Client, the limitations of liability provided for in this contract shall not apply and the Client shall be liable to compensate Belvo for all damages, of whatever nature, that Belvo may suffer.
  2. Obtain, at its sole expense, the appropriate licenses, certificates and/or authorizations and other regulatory, legal, technical and security documents that may be necessary for the faithful achievement of the object of this Agreement.
  3. The Client shall submit, when requested by Belvo, information and documents relating to the verification of compliance with the requirements described in the regulations applicable to Instant Payment Transactions, within 5 (five) working days, under penalty of suspension of the Services, without prejudice to any applicable legal measures. This information includes, but is not limited to, that related to the prevention of money laundering and terrorist financing.
  4. The PIX brand is the exclusive property of the Central Bank of Brazil, which grants a temporary, non-exclusive and non-transferable license of use to the Customer. Customer understands and agrees that:
    6.1. the use of the PIX trademark must be in accordance with the Regulations and the Trademark Use Manual available on the BACEN website;
    6.2. it is forbidden (a) to use the PIX brand for products not related to the Arrangement; (b) register or attempt to register a corporate name, trade name, logo or any internet domain name containing reference to the PIX trademark and question the ownership of the PIX trademark;
    6.3. the PIX brand may not be used in a smaller dimension than the brands, symbols or logos of other payment instruments accepted by the Client;
    6.4. it is forbidden to convey the impression that PIX has more restricted or less advantageous acceptance than the other accepted instruments;
    6.5. if the improper use of the PIX trademark is found, Belvo will notify the Central Bank of Brazil and may suspend the service or require that the use be interrupted;
  5. Limitation of Liability
    7.1. Customer is solely responsible for the services provided to its end users, even if those services are related to the Service.
    7.1.1. The Client shall hold Belvo harmless from any damage, error or liability arising from the provision of these services.
    7.1.2. If Belvo is sued by End Users for any reason related to the services provided by the Customer, the Customer agrees to (i) indemnify Belvo for all damages, costs and expenses actually incurred to defend its rights and interests; and (ii) make all necessary efforts to assume its responsibility and replace Belvo as the passive pole of any judicial or administrative claim initiated by end users.
    7.2. The Parties agree that, in the event that Belvo is operating in a contingent scenario due to situations beyond its control, such as interruption in SPI, DICT, PIX or Open Finance services, as well as failure of third-party servers, delays in transaction response times, failures in banking systems and other errors or failures that may occur during, Belvo will be exempt from complying with the agreed service levels for as long as such events last.
  6. Partner
    8.1. For the provision of the OFPI Service, Belvo may rely on a partner institution, which will play a critical role in the provision of the service, either at the infrastructure level or acting as the regulated institution able to carry out payment initiation operations (“Partner”).
    8.2. Belvo, without the need for prior notice and/or authorization and at its sole discretion, may change the Partner.
    8.3. Belvo and the Partner may refuse to initiate a payment transaction when evidence of fraud and/or illegality in the transaction is found, according to internal criteria.
    8.3.1. Belvo does not need to justify to the Client the reasons that led to the refusal of the transaction.

ANNEX IV

SPECIAL CONDITIONS

Instituto Mexicano del Seguro Social  e Instituto de Seguridad  (“IMSS”) and Instituto de Seguridad y Servicios Sociales de los Trabajadores del Estado (“ISSSTE”)

The current  Annex only is applicable if the Client has contracted the IMSS and/or ISSSTE service.

The IMSS and ISSSTE service is provided by: Belvo Technologies S.A.P.I de C.V 

  1. Object
    1. The purpose of this Agreement is to regulate the contracting of the consultation service to the  IMSS e ISSSTE .
  1. Parties additional obligations
    1. The Parties must observe at all times their obligations in accordance with the all the applicable Data Protection laws, the corresponding Privacy Policy, the Service Order and its Annexes, as well as what is established in this Annex and the General Conditions.
    2. In the event that the Client was the one to obtain the consent of the End Users for the processing of their personal data, as agreed by the Parties, the Client must guarantee to Belvo that the consent was legitimately collected and that the Client has the necessary consent for the execution of the Service Order.
      1. The Parties agree that the Client undertakes to indemnify and hold Belvo harmless, as well as its related companies, from any claim, complaint, action or procedure initiated by third parties or authorities derived from the Client’s breach of what is set in this section
  1. Limitation of Responsibility
    1. If applicable, the Client is solely responsible for the services provided to its End-Users.
      1. The Client will exempt Belvo from any damage, error or responsibility derived from the provision of these services due to causes directly or indirectly attributable to it.
      2. If End-Users sue Belvo in court or out of court for any reason related to the services provided by Client to End-Users, Client agrees to (i) indemnify Belvo for all damages, costs and expenses actually incurred in the defense of their rights and interests; and (ii) make all necessary efforts to assume its responsibility and replace Belvo as a defendant in any judicial or administrative claim initiated by End-Users.
    2. The Parties agree that, if Belvo is operating in a contingent scenario due to situations beyond its control, such as interruption in Services as well as failures in third-party servers, response delays, failures in the IMSS and/or ISSSTE systems and other errors or failures that may occur during, Belvo will be exempt from meeting the agreed service levels for the duration of such events.

Belvo’s Terms and Conditions are part of a potential agreement between Belvo (“Belvo”, “we”, “our”) and you (“the Client”, “Client”, “you”), who wishes to use Belvo Services. The Terms and Conditions listed below, are the fundamental provisions that will govern the relationship between Belvo and the Client (collectively referred to as “Parties”), however, it does not contain all the legal provisions applicable to the relationship between the Parties. In order to subscribe to our services these Terms and Conditions will be complemented by the Service Order and Subscription Agreement, which include the Price Schedule and Term for the Contract. If you would like more information about this, send us a note to legal@belvo.com

ANNEX V
FICO Score (“FICO Score Annex”)

The OFPI Annex is only applicable if the Customer has contracted the FICO Score or FICO Score EYOD services.

The FICO Score service is provided by BELVO TECNOLOGIAS LTDA.

  1. Object
    9.1. The purpose of this Agreement is to regulate the contracting of the FICO Score and FICO Score EYOD Service services, which use the Open Finance system (“FICO Score Service”).
  2. Additional Obligations of the Client
    10.1. Implement risk and compliance processes aimed at preventing payment initiations from being used as instruments to carry out illicit activities, including but not limited to (i) money laundering; (ii) terrorist financing; and (iii) corruption (“Compliance Processes”).
    10.1.1. Provide any information or documentation relating to End Users that has been collected during the Compliance Processes.
    10.2. Observe and respect the user experience definitions provided for in the regulations applicable to Open Finance, not making any modification that has not been agreed in writing with Belvo.
    10.2.1. In the event of non-compliance with this clause by the Client, the limitations of liability provided for in this contract shall not apply and the Client shall be liable to compensate Belvo for all damages, of whatever nature, that Belvo may suffer.
  3. Limitation of Liability
    11.1. Customer is solely responsible for the services provided to its end users, even if those services are related to the FICO Score Service.
    11.1.1. The Client shall hold Belvo harmless from any damage, error or liability arising from the provision of these services.
    11.1.2. If Belvo is sued by End Users for any reason related to the services provided by the Customer, the Customer agrees to (i) indemnify Belvo for all damages, costs and expenses actually incurred to defend its rights and interests; and (ii) make all necessary efforts to assume its responsibility and replace Belvo as the passive pole of any judicial or administrative claim initiated by end users.
    11.2. The Parties agree that, in the event that Belvo is operating in a contingent scenario due to situations beyond its control, such as interruption in SPI, DICT, PIX or Open Finance services, as well as failure of third-party servers, delays in transaction response times, failures in banking systems and other errors or failures that may occur during, Belvo will be exempt from complying with the agreed service levels for as long as such events last.
  4. Partner
    12.1. For the provision of the FICO Score Service, Belvo may rely on a partner institution, which will play a critical role in the provision of the service, either at the infrastructure level or acting as the regulated institution able to carry out payment initiation operations (“Partner”).
    12.2. Belvo, without the need for prior notice and/or authorization and at its sole discretion, may change the Partner.
    12.3. Belvo and the Partner may refuse to initiate a payment transaction when evidence of fraud and/or illegality in the transaction is found, according to internal criteria.
    12.3.1. Belvo does not need to justify to the Client the reasons that led to the refusal of the transaction.

ANNEX VI
SPECIAL CONDITIONS
Labour Data (“Labour Data Annex”)

The Labor Data Appendix is only applicable if the Client has contracted the Labor Data Service.

The Labor Data service is provided by BELVO TECNOLOGIAS LTDA.

  1. Object
    1.1. The purpose of this Agreement is to regulate the contracting of the Labor Data service (“Labor Data Service”).
  2. Definition
    2.1. Income verification with employment data is a feature that allows, with the user’s consent, the collection of labor data such as wages, employers, and occupations performed during the entire period of work as a registered employee of a company.
  3. Additional Obligations of the Client
    3.1. Implement risk and compliance processes aimed at preventing payment initiations from being used as instruments to carry out illicit activities, including but not limited to (i) money laundering; (ii) terrorist financing; and (iii) corruption (“Compliance Processes”).
    3.1.1. Provide any information or documentation relating to End Users that has been collected during the Compliance Processes.
    3.2. Observe and respect the user experience definitions provided for in the regulations applicable to Open Finance, not making any modification that has not been agreed in writing with Belvo.
    3.2.1. In the event of non-compliance with this clause by the Client, the limitations of liability provided for in this contract shall not apply and the Client shall be liable to compensate Belvo for all damages, of whatever nature, that Belvo may suffer.
  4. Limitation of Liability
    4.1. Customer is solely responsible for the services provided to its end users, even if those services are related to the Labor Data Service.
    4.1.1. The Client shall hold Belvo harmless from any damage, error or liability arising from the provision of these services.
    4.1.2. If Belvo is sued by End Users for any reason related to the services provided by the Customer, the Customer agrees to (i) indemnify Belvo for all damages, costs and expenses actually incurred to defend its rights and interests; and (ii) make all necessary efforts to assume its responsibility and replace Belvo as the passive pole of any judicial or administrative claim initiated by end users.

4.2. The Parties agree that, in the event that Belvo is operating in a contingent scenario due to situations beyond its control, such as third-party server failures, delays in transaction response times, failures in banking systems and other errors or failures that may occur during, Belvo will be exempt from meeting the agreed service levels for as long as such events persist.