Contact our Team


Confirm your details, and one of our friendly local team will get in contact to discuss your requirements.

Terms & Conditions.

Please take the time to read the terms & conditions applicable to your product below. You should read the entire terms and conditions carefully, as they form part of a legally binding agreement between you, the merchant, and Bambora.

Online Payments (Payment Facilitation)

Updated: June 26, 2019

This agreement applies to all users of the Bambora Online payment service who have been approved to accept Visa and MasterCard transactions. This agreement is made between (1) You, the merchant; (2) National Australia Bank Limited (NAB); and (3) Bambora Online Pty Ltd (Bambora).


1.1 Unless the contrary intention appears, the following words have these meanings in this Agreement:

Banking Day means a day on which banks are open for general banking business in Melbourne Australia except for Saturdays, Sundays and National Public Holidays in Australia.

Bambora Online refers to Bambora Online Pty Ltd, ABN 86 095 635 680.

Card Schemes means, unless otherwise agreed by the parties, Visa and MasterCard.

Card Scheme Rules means the rules and regulations which regulate participants in the Card Schemes.

Cardholder means the Person in whose name the Card has been issued.

Chargeback is the reversal of a sales transaction.

Card means a card that has been designated by the issuer as a Visa or MasterCard card or a card issued by any other card scheme which you have agreed to accept and We have agreed to process.

Data Breach means any occurrence which results in the unauthorised access by a third party to confidential data relating to card transactions stored by Your business or any entity engaged by you to provide storage or transmission services in respect of that data.

Data Security Standards means the Payment Card Industry Data Security Standards (“PCIDSS”) mandated by the Card Schemes for the protection of Cardholder details and transaction information, and any additional or replacement standards of which You are advised from time to time.

NAB refers to the National Australia Bank Limited, ABN 12 004 044 937.

Payment Service means the service provided by Bambora.

Person includes an individual, firm, body corporate, unincorporated body or association, partnership, joint venture and any government agency or authority.

Personal Information refers to information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion, which is received by You from any source as a consequence of the performance of the rights and obligations under this Agreement.

PIN means the personal identification number allocated by NAB, a card issuer or personally selected by the account holder.

Privacy Law means all legislation and principles relating to the collection, use, disclosure, storage and granting of access rights to Personal Information.

Related Body Corporate has the meaning given to it in the Corporations Act, 2001 (Cth).

Relevant Law means any:

(a) statute, ordinance, code or other law including regulations and other instruments under them that are relevant to the obligations and rights of this Agreement; and

(b) any code of practice, guidelines or standards issued by relevant regulators or industry bodies, including any card scheme rules relevant to this Agreement.

Transaction Receipt means a document used to evidence a transaction.

We, Us and Our means, collectively, NAB and Bambora.

You and Your means the Person to whom the Payment Service is provided by Us


2.1 You acknowledge that:

(a) the operation of this Agreement is conditional on NAB approving an application for Bambora to provide the Payment Services to You; and

(b) in relation to information provided by You to Bambora in connection with Your application:

(i) Bambora may provide that information to NAB;

(ii) We may rely on such information as being complete, accurate and not misleading or deceptive; and

(iii) NAB is not obliged to verify the completeness or accuracy of the information it receives from Bambora; and

(c) We may obtain from any Card Scheme or a person who is involved in any Card Scheme, any credit reporting agency or any other person, information about Your merchant history or Personal Information about You, a Related Body Corporate, Your officers, employees or agents for any purpose relating to the operation of those Card Schemes and We can use any such information to assess an application from Us under clause 2.1 (a);

(d) We can disclose information about Your merchant history, a data breach and relevant Personal Information in the following circumstances:

(i) to any Card Scheme or to any person who is involved in any Card Scheme, information about You for any purpose related to the operation of those schemes, card fraud detection agencies (including information about termination of merchant solutions and reason(s) for termination of NAB merchant solutions; and

(ii) where the law requires or permits Us to do so; and

(iii) where We have reasonable grounds to believe that either you are involved in dishonest or criminal activity, are a victim of such activity, may have information relevant to an inquiry into such activity or have experienced a data breach, to any state or federal law enforcement or regulatory agency whether or not We have been requested by that agency to provide such information; and

(e) We can disclose Your information to any related entities of ours and to any outsourced service providers engaged by Us (for example, mail houses, debt collection agencies (where necessary) or data analytics providers); and

(f) the decision whether to approve Your application is at NAB’s sole discretion and the reason for any decision which is made may not be given to You;

(g) an approval by NAB is specific to Bambora providing payment services to you and does not in any way constitute a representation by NAB that you will able to use the services of another payment service provider or of NAB directly should you cease using Bambora’s payment services for any reason; and

(h) any information obtained by NAB during its assessment of an application under clause 2(a) is and remains confidential to NAB and will not be shared with You. NAB is bound by Card Scheme Rules and all correspondence and discussions between Card Schemes and NAB are confidential as between NAB and the Card Schemes.

2.2 You represent and warrant that:

(a) any information You provide to Bambora in connection with an application for Bambora to provide the Services is complete, accurate and not misleading or deceptive; and

(b) if You have disclosed Personal Information to Bambora in connection with the application under clause 2.1(a), You have obtained the relevant individual’s prior consent to the disclosure and otherwise complied with Your obligations under Privacy Law; and

(c) You are able to satisfy Your obligations and responsibilities under this Agreement.

2.3 You acknowledge and agree that:

(a) Bambora and NAB are authorised to obtain from third parties financial and credit information relating to You in connection with our decision to approve Your application and in respect of our continuing evaluation of Your financial and credit worthiness; and

(b) any information collected by Bambora may be disclosed by Us to NAB.

2.4 The Parties agree that no Party is or will be bound by this Agreement unless and until NAB has confirmed its approval for Bambora to provide the Payment Services to You.

3.1 You:

(a) must immediately notify Bambora of any change to Your financial position which may affect Your ability to perform Your obligations under this Agreement; and

(b) must provide Bambora with ten (10) Banking Days’ prior written notice of any change in Your place of business, internet address, website name, email address or telephone number, must not carry on business in a place which has not been approved by Bambora and must not move Your place of business without our prior written consent; and

(c) must not change Your business name or ownership of Your business without giving Bambora ten (10) Banking Days’ notice prior notice and not substantially change the type of goods and services You sell without Our prior written consent; and

(d) only submit a sales transaction where You are the supplier of the goods and/or services; and

(e) not submit transactions on behalf of a third party. For the avoidance of doubt, this includes submitting transactions for goods or services sold on another Person’s website; and

(f) must allow the employees, contractors or agents of Us or those of any Card Scheme reasonable access to Your premises during normal business hours to check Your compliance with this Agreement, the Data Security Standards or for the purposes of the relevant Card Scheme Rules; and

(g) must provide Bambora and NAB with all information and assistance reasonably required to perform their obligations and to deal with any queries in relation to the Payment Service; and

(h) must comply with all applicable Card Scheme Rules and Relevant Laws and contractual requirements in accepting card payments and performing Your obligations under this Agreement; and

(i) will observe and implement the fraud prevention procedures set out in the manuals, guides or directions provided to You, unless otherwise mutually agreed to by the parties.

3. Data Security Standards

3.2 This clause applies to You if You collect payment data directly from a cardholder or store any cardholder data. In addition to the other provisions of this agreement, You acknowledge and agree:

(a) You must protect stored cardholder data, regardless of the method used to store such data. Data storage also includes physical storage and security of cardholder data. Some examples of other data storage which must be secured include an access or excel database and hard copy files. Storage should be kept to the minimum required for business, legal, and/or regulatory purposes; and

(b) You must not store the personal identification number (PIN) or sensitive authentication data after authorization (even if encrypted); and

(c) if Bambora or NAB tell You that You must comply with the Data Security Standards, You must, at Your cost, successfully complete the protocols for the Data Security Standard within the time frame stipulated by Bambora or the Card Schemes, implement processes and procedures that enable You to meet the Data Security Standards, and follow those processes and procedures. You acknowledge and agree that if you fail to do so:

(i) Bambora or NAB may terminate the merchant services; and

(ii) You are liable for any fine imposed upon NAB by the Card Schemes as a result of Your failure to comply; and

(iii) You are liable for any fines which the Card Schemes levy in the event that You suffer a card data compromise incident, and have not complied with the PCIDSS Accreditation program; and

(d) NAB is obliged to report all Data Breach events to Card Schemes, law enforcement agencies and/or Australian regulators. You grant irrevocable and enduring consent for NAB to release details of any such Data Breach to the aforementioned bodies;

(e) You must immediately notify Us if you become aware of any Data Breach or a suspected, potential, anticipated or attempted Data Breach relating to cardholder data held by You or on Your behalf; and

(f) If You have suffered a Data Breach or if We become aware of, or suspect, any such Data Breach:

(i) You must give NAB and its agents full access to Your systems and databases to facilitate a forensic analysis to ascertain:

(A) what card data has been compromised; and

(B) what weaknesses in the system permitted the unauthorised access to the database; and

(C) whether card data was created, deleted, altered, copied or manipulated in any manner; and

(ii) all costs of the forensic analysis must be paid by You; and

(iii) in order to continue processing card transactions, You must undergo a full Payment Card Industry Data Security Standard (“PCIDSS”) accreditation. All costs of this accreditation exercise must be paid by You.

Your duties to Cardholders

3.3 Subject to the other provisions of this Agreement, You:

(a) must accept any valid and acceptable Card in a transaction; and

(b) must only send Bambora a sales transaction when You have committed to provide the goods and services to the customer; and

(c) must not accept a Card in a credit card transaction for the purpose of giving a Cardholder cash; and

(d) must perform all obligations (including supplying all goods and/or services) to the cardholder in connection with the sale; and

(e) must not sell, purchase, provide or exchange any information or document relating to a Cardholder’s account number, or Card number, or a transaction, to any Person other than:

(i) Bambora;

(ii) NAB; and

(iii) the card issuer; or

(iv) as required by law; and

(f) must destroy any document that is no longer required to be retained by applicable law or card scheme rules, in a manner which makes the information unreadable; and

(g) must take reasonable steps to ensure that the information and documents mentioned in (e) are protected from misuse and loss and from unauthorised access, modification or disclosure; and

(h) must not make any representation in connection with any goods or services which may bind Bambora, NAB or any Card Scheme; and

(i) must not indicate or imply that We or any Card Scheme endorse any goods or services or refer to a nominated Card in stating eligibility for goods, services, or any membership; and

(j) must not accept a Card or a transaction which is of a type You have been previously advised is not acceptable; and

(k) must prominently and unequivocally inform the Cardholder of Your identity at all points of Cardholder interaction (including on any relevant web site, promotional material and invoice) so that the Cardholder can readily distinguish You from Bambora, any supplier of goods or services to You, or any other third party; and

(l) must provide notice to any Cardholder with whom You enter into a transaction that You are responsible for that transaction, including for any goods or services provided, any payment transaction, related service enquiries, dispute resolution, and performance of the terms and conditions of the transaction; and

(m) must not unfairly distinguish between issuers of a Card when accepting a transaction; and

(n) must not refuse to complete a transaction solely because a Cardholder refuses to provide additional identification information in circumstances where We do not require You to obtain it; and

(o) if You collect or store Cardholder information, You must comply with any Data Security Standards notified to You; and

(p) You may must not transfer or attempt to transfer financial liability under this Agreement by asking or requiring a Cardholder to waive his or her dispute rights.

Recurring transactions

3.4 You may only process a transaction as a recurring transaction if:

(a) You have obtained cardholder permission (either electronically or in hardcopy) to periodically charge for a recurring service; and

(b) You retain this permission for the duration of the recurring services and make it available to Us on request; and

(c) You provide a simple and accessible online cancellation procedure, if the cardholder request for the goods or services was initially accepted online.


3.5 You agree to indemnify and hold NAB harmless from and against any fines imposed on NAB by a Card Scheme because of Your conduct in relation to the merchant services, including any fines imposed as a result of an unacceptable rate of chargebacks.


4.1 Unless You are otherwise notified in writing, You must, before You accept any electronic commerce transaction over the Internet, establish and maintain at Your own expense a web site that complies with the requirements of clause 4.2.

4.2 The web site must clearly display the following information:

(a) Your business name (and Australian Business Number as applicable); and

(b) the address of Your approved place of business; and

(c) Your business contact details, including telephone numbers and an email address; and

(d) a complete description of the goods and services available for purchase on Your web site with the price advertised in Australian dollars or, if We have agreed that You can process transactions in another currency, that currency; and

(e) details of Your return and refund policy, including how a transaction can be cancelled by a Cardholder; and

(f) details of Your delivery times for goods and services. Delivery times are to be appropriate for the type of business carried on by You. If the delivery is to be delayed, the Cardholder must be notified of the delay and an option provided to them to obtain a refund; and

(g) details of any Australian export restrictions (if applicable); and

(h) details of Your privacy policy and how You intend to deal with, or share, Personal Information obtained from and about the Cardholder; and

(i) a description of the measures You have to maintain the security of:

(i) Cardholders’ account data; and

(ii) any other information which, by notice, We or NAB require You to display from time to time; and

(j) any other information required for the purpose of complying with card scheme rules.

4.3 You must provide Us reasonable access to view, monitor and audit the pages of Your web site.

4.4 Your web site payments page must be protected by Secure Sockets Layer or any other

form of security method approved in writing by Us.

4.5 You must:

(a) maintain a relationship with an internet service provider at Your own expense for the purposes of maintaining the website for customers and facilitating electronic communications; and

(b) ensure that Your business name corresponds with the name of Your website and the name that will appear on cardholder statements and as advised on the transaction receipt.

4.6 Prior to commencing live operation of the merchant service on Your website, You must successfully complete and satisfy all test scripts supplied by Bambora and undertake Your own testing in the test mode to ensure:

(a) transactions are accessible by You through the internet payments merchant reporting module; and

(b) any reporting requirements You have are working to Your satisfaction; and

(c) when We are satisfied all of Our operational requirements are met, We will convert You to live operation.

4.7 You agree that We may, at our discretion, periodically have a card scheme endorsed third party review Your website to ensure compliance with any relevant laws.

4.8 You agree that We may, using a card scheme endorsed and certified third party, periodically perform information security or “vulnerability” scans on Your website and/or servers to ensure that You are complying with the Data Security Standards.

4.9 If you wish to undertake any substantial changes to Your website, You must give Us at least ten (10) Banking Days’ notice. You must undertake and satisfy testing in accordance with the procedure set out in clause 4.6 prior to any such changes going into live operation. We shall not be obliged to continue the live operation of the merchant service until We are satisfied that all of Our operational requirements are met and it is acceptable to continue with the merchant service.

4.10 Your website payments page must request that the cardholder provides the card CVC2 or CVV2 (as relevant) when entering the card details for the transaction.

4.11 We may require you to make alterations to Your card acceptance policies and procedures to ensure You remain in compliance with the card scheme rules, including alterations to Your website.


5.1 You must:

(a) use reasonable care to detect forged or unauthorised signatures or the unauthorised use or forgery of a Card; and

(b) notify Bambora if You become aware of or suspect fraud on the part of a Cardholder; and

(c) not deliberately reduce the value of any one transaction by:

(i) splitting a transaction into two or more transactions; or

(ii) allowing a Cardholder to purchase items separately; and

(d) establish a fair policy for dealing with refunds and disputes about transactions and include information about that policy on Transaction Receipts as required by Bambora; and

(e) only submit a transaction as a refund to a Cardholder if it is a genuine refund of a previous sale transaction. The refund must be processed to the same card that was used in the original sales transaction and be for the original sale amount; and

(f) give refunds for transactions by means of credit and not in cash or cheque; and

(g) not process a refund transaction as a way of transferring funds between Your accounts; and

(h) if a transaction for a sale does not cover the full amount of the sale:

(i) in the situation in which the Card is used to make a deposit or pay an instalment You may accept the Card in payment of all or part of the outstanding balance; and

(ii) in any other circumstance You must obtain the balance due at the time the sale is completed in cash; and

(i) not state or set a minimum or maximum amount for a Card transaction without our prior written consent; and

(j) not ask a Cardholder to reveal their PIN or any other secret identifier; and

(k) contact Bambora for instructions if the identification of a Cardholder or the validity of the Card is uncertain; and

(l) not knowingly submit for processing any transaction that is illegal or that You should have known is illegal.

5.2 For remote transactions, You must:

(a) take reasonable steps to verify the identity of the Person You are dealing with, in order to confirm that they are the genuine Cardholder; and

(b) record reasonable identification details of the Person You are dealing with, as well as the commencement and expiry dates of the Card.


Amount of surcharge

6.1 Where You elect to charge a cardholder a surcharge in respect of a transaction, You must not impose a surcharge in excess of the reasonable cost of card acceptance.

6.2 Upon request by Us or any card schemes, You must produce supporting information to substantiate Your costs of card acceptance. Where the card scheme dictates the format of the required substantiation, eg. through use of a “reasonable cost of acceptance calculator”, You must provide details of Your costs in the required format.

6.3 Where required by a card scheme, You must submit, at Your cost, to an audit of Your costs of card acceptance by an independent auditor approved by the card scheme requiring the audit. The audit must be completed and results reported back to the relevant card scheme within the timeframe specified by the card scheme.

6.4 Where, following an investigation into Your surcharging and cost of card acceptance, We or a card scheme determine that the amount that You are surcharging exceeds the reasonable costs of card acceptance, We may by 30 days notice to You require You to reduce Your surcharge level to an amount that does not exceed the reasonable costs of card acceptance.

6.5 Without limiting any other rights that We may have under this agreement, We may, by notice to You, terminate this agreement if, following receipt of notice under clause [5], You fail to reduce Your surcharge level to an amount that does not exceed the reasonable costs of card acceptance.

6.6 You acknowledge that excessive surcharging by You could expose NAB to fines from card schemes. You agree to indemnify NAB against any fines imposed by card schemes in relation to Your surcharging practices.

6.7 You acknowledge that card issuers may from time to time change the classification of a credit card (ie. standard or premium) and, as a result, when applying a surcharge rate to a cardholder, it cannot be guaranteed that the classification of the card (ie. standard or premium) on which You have based the surcharge will be same as the classification on which You are charged Your merchant service fee in relation to the same transaction.

Disclosure of surcharge

6.8 You must clearly disclose to the cardholder before the transaction is completed any surcharge that You will charge for completing the transaction, and do it in such a way that allows the transaction to be cancelled without the cardholder occurring any cost.

6.9 You must display on the payment page on Your website a notice stating:

(a) that You charge a surcharge; and

(b) the exact amount or percentage of the surcharge.

6.10 You must not represent or otherwise imply that the surcharge is levied by a card scheme or by Us or any other financial institution.

6.11 Definitions

“Surcharge” means any fee charged by a merchant to a cardholder that is added to a

transaction for the acceptance of a card.

Costs that form Your “reasonable costs of card acceptance” will be determined having regard to the Reserve Bank of Australia’s Guidance Note: Interpretation of Surcharging Standards, as amended or replaced from time to time


7.1 Unless We have agreed that We will provide the transaction receipt to the cardholder, You must give the Cardholder a copy of the Transaction Receipt for each transaction, but You must not charge a fee for doing so.

7.2 If You are notified that You must prepare the Transaction Receipt, You must ensure the information contained in the Transaction Receipt:

(a) is identical with the information on any other copy; and

(b) legibly includes the information notified to You.

7.3 You must provide Bambora with the Transaction Receipt and any other required evidence of the transaction within seven (7) days if You are asked by Bambora to provide it.

7.4 If You wish to change Your Internet or email address, or telephone number appearing on the Transaction Receipt, You must notify Bambora in writing at least fifteen (15) Banking Days prior to the change taking effect.


8.1 A transaction is not valid if:

(a) the transaction is illegal as per applicable laws; or

(b) if applicable, the signature on the voucher, Transaction Receipt or authority is forged or unauthorised; or

(c) the transaction is before or after any validity period indicated on the relevant Card; or

(d) You have been told not to accept the Card; or

(e) the transaction is not authorised by the Cardholder; or

(f) the particulars on the copy of the voucher or Transaction Receipt given to the Cardholder are not identical with the particulars on any other copy; or

(g) the price charged for the goods or services is inflated to include an undisclosed surcharge for card payments; or

(h) another person has provided or is to provide the goods or services the subject of the transaction to a Cardholder; or

(i) You did not actually supply the goods or services to a genuine Cardholder as required by the terms of the transaction, or have indicated Your intention not to do so; or

(j) the transaction did not relate to the actual sale of goods or services to a genuine Cardholder; or

(k) the transaction is offered, recorded or billed in a currency We have not authorised You to accept; or

(l) this Agreement was terminated before the date of the transaction; or

(m) You have not complied with Your obligations in clause 3.3; or

(n) it is a credit transaction in which:

(i) the amount of the transaction or transactions on the same occasion is more than

any applicable limit notified to You; or

(ii) You collected or refinanced an existing debt including, without limitation, the

collection of a dishonoured cheque or payment for previous card charges; or

(iii) You provide a Cardholder with cash; or

(o) it occurs during a period in which Your rights under this Agreement were suspended under or after this Agreement was terminated; or

(p) You cannot give a Transaction Receipt as required by clause 7 provided for herein; or

(q) for any other reason, the Cardholder is entitled under the Card Scheme Rules to a chargeback of the transaction.

8.2 A transaction for a sale or refund is not acceptable if:

(a) the Cardholder disputes liability for the transaction for any reason or makes a claim for set-off or a counterclaim; or

(b) it is of a class which NAB or Bambora decide, in their discretion, is not acceptable.

8.3 You acknowledge and agree that NAB or Bambora may:

(a) refuse to accept a transaction if it is invalid or unacceptable, or may charge it back to You if it has already been processed, even if We have given You an authorisation; and

(b) reverse a sales transaction as a chargeback, and debit Your account for the amount of the chargeback, for any of the reasons in clauses 8.1 and 8.2 and any other reason We notify You of from time to time; and

(c) without limiting the above, delay, block, freeze or refuse to accept any transaction where NAB or Bambora has reasonable grounds to believe that the transaction breaches Australian law or sanctions or the laws or sanctions of any other country.


9.1 NAB will provide settlement to Bambora on each business day for the gross amount of all funds received from the card schemes in respect of transactions processed under this agreement, less any chargebacks or refunds.

9.2 Bambora is responsible for disbursing to You, in accordance with Your funding, reserve and payment arrangements with Bambora, any settlement amounts received from NAB in respect of transactions processed under this agreement.

9.3 You agree to direct any queries regarding settlement to Bambora.

9.4 Unless We agree otherwise, You must nominate an account with an Australian registered bank for recording transactions in Australian dollars.

9.5 If We agree that you may process transactions in an approved foreign currency then, unless We agree otherwise, You must, if We so require, also have an account with an Australian registered bank for recording transactions in that foreign currency which account can be used for the purposes referred to in clauses 9.6 and 9.7.

9.6 Subject to clause 9.8, Bambora will pay to the account You nominated in clause 9.4 or 9.5 (as applicable) the full amount of all valid and acceptable sales and cash transactions processed by You in the applicable currency, which shall be Australian dollars unless We agree otherwise.

9.7 Bambora will debit Your nominated account with the full amount of all:

(a) valid and acceptable refund transactions processed by You; and

(b) chargebacks, in the applicable currency, which shall be Australian dollars unless We agree otherwise.

9.8 Bambora reserves the right to withhold payment to Your nominated account of any amount for such period as it considers necessary, where Bambora has reasonable grounds to suspect You have processed transactions otherwise than in accordance with this agreement.

9.9 Where Bambora exercises its rights under clause 9.8, Bambora will notify You in writing of any action taken within two (2) Banking Days of such action being taken.

9.10 Bambora must give You access to information each month showing the full amount of all transactions processed by Bambora during the previous month. You may raise any issue

that You have concerning an amount paid, or not paid to You, within three (3) months of the date of payment, or of the date the payment was due. Bambora may charge You a fee for investigating any such issue.

9.11 If You intend to advertise and bill transactions in a foreign currency then, unless We agree otherwise, that foreign currency must be an approved foreign currency and You must obtain Our prior written consent, which may be subject to conditions including, without Australian limitation, a requirement to enter into a new agreement.

9.12 We will notify You from time to time which foreign currencies are approved foreign currencies.

9.13 If a transaction is recorded in an approved foreign currency then, unless We agree otherwise, We will process in Australian dollars (using an exchange rate determined by Us) any event relating to that transaction (such as paying for the original transaction, making a chargeback or a refund in respect of that transaction).

9.14 You acknowledge that You will bear any additional costs, losses or benefits incurred as a result of movements in the exchange rate of an approved foreign currency between the time of the transaction and the time We convert the approved foreign currency to Australian dollars for posting to Your account.

9.15 You acknowledge that for transactions that are refunded or charged back, You will bear any additional costs, losses or benefits incurred as a result of movements in the exchange rate of an approved foreign currency between the time of the transaction and the time of the refund or chargeback.

9.16 You must provide Bambora with an authority and request in a form and subject to terms and conditions Bambora requires to direct debit Your nominated account with any amounts owing to Bambora under this agreement, and any fees owed to Bambora in connection with the payment services.


10.1 You acknowledge and agree that:

(a) the card scheme logos, names and holograms (“the Marks”) are owned solely and exclusively by the relevant card scheme; and

(b) You will not contest the ownership of the Marks for any reason; and

(c) the card schemes may at any time, immediately and without notice, prohibit You from using any of the Marks for any reason; and

(d) You may only use advertising and promotional material for the cards or which show a card scheme mark in the manner NAB approves, unless You have received authorization from the card schemes through other means.

10.2 You acknowledge that all intellectual property rights subsisting in the materials provided by Us or developed by or for Us, pursuant to, for the purpose of or in connection with this agreement, vest in NAB or Bambora (as applicable) and is NAB’s or Bambora’s property (as applicable) including, but not limited to:

(a) any lists of cardholder data (whether personalised or not) and the promotional material we supply you;

(b) any trademark, business name, trading style or get up;

(c) any computer program; and

(d) any report, file, script, inventory, database, record or information required to be created, maintained or provided to you pursuant to, for the purpose of or in connection with this agreement.

10.3 You must not without Our consent:

(a) use or alter any trade marks, business names, trading styles or get ups belonging to NAB, Bambora or the card schemes whether as part of your corporate or business name or on or in relation to any goods or services;

(b) reproduce or modify any of Our computer programs; or

(c) merge or use any report, file, script, inventory, database, record or information referred to in clause 10.2(d) in or with any other information which is held by You and which is not obtained or generated by You in connection with or in relation to the performance of this agreement.


11.1 You represent and warrant that:

(a) by entering into this Agreement You are not currently and will not be in breach of any Relevant Law or any obligation owed to any Person; and

(b) where applicable, You are duly authorised to enter into this Agreement and the obligations under this Agreement are valid, binding and enforceable in accordance with its terms; and

(c) if You are an incorporated body, You validly exist under the laws of Your place of incorporation and have the power and authority to carry on Your business as that business is now being conducted and using any name under which that business is being conducted; and

(d) if You, a Related Body Corporate or any officer, employee or agent of You or a Related Body Corporate has at any time been listed on a database of terminated merchants maintained by any Card Scheme or have otherwise had merchant services terminated by another acquiring bank, You have disclosed that fact to Bambora.

11.2 The representations and warranties set out in this clause will be deemed to be repeated each day after the date You enter into this Agreement.


Neither Bambora nor NAB make any warranties in respect of any of the services to provided under this agreement. To the maximum extent permitted by law, any and all implied warranties and guarantees are excluded. In respect of any warranty or guarantee which is unable to be excluded under any relevant law, our liability in respect of a breach of that warranty or guarantee is limited to the re-supply of the goods or services or the payment of the cost of having the goods or services supplied again.


To the maximum extent permitted by applicable law We are not liable to You or to any person for any act or omission (including negligence) of ours that results in any direct or indirect loss (including loss of profits), damage, injury or inconvenience You suffer because of any service failure, including any unavailability of the service, any delays or any errors. Under no circumstances will be liable to You for any lost sales, revenue or profit or loss of custom due to any service failure which results in You being unable to promptly accept payments from Your customers.


14.1 NAB or Bambora may suspend or terminate this Agreement or suspend then terminate this Agreement or any part of it at any time if:

(a) You are in breach of Your obligations under or arising out of this Agreement; or

(b) if in Bambora’s or NAB’s reasonable opinion, the processing of Your transactions exposes Bambora or NAB to an unacceptable level of risk; or

(c) You are or have engaged in conduct which exposes Bambora or NAB to potential fines or penalties imposed under Relevant Law; or

(d) Your business or Equipment is or has been targeted by a person engaged in fraudulent or dishonest activity whether with or without Your knowledge; or

(e) You or any service provider (other than Bambora or NAB) that You use in connection with Your merchant services has suffered a data breach

(e) a direction is made by a card scheme or under Relevant Law that the Payment Service be suspended or terminated; or

(f) You have experienced an adverse change in financial circumstances; or

(g) We have concerns about Your solvency or if You come insolvent or are subject to any form of insolvency administration or a resolution is passed or an order is made for winding up; or

(h) You have a significant adverse credit event recorded against You.

14.2 This Agreement will terminate automatically and immediately if:

(a) Bambora’s registration as a member service provider or independent sales organisation with any card scheme is cancelled;

(b) Bambora’s agreement with NAB for the provision of merchant services is terminated for any reason; or

(c) any other agreement that You have with Bambora in respect of Bambora’s payment processing services is terminated for any reason.

14.3 You authorise NAB to disclose to any Card Scheme advice of termination of this Agreement and the reasons for the termination. You acknowledge that the information concerning termination of this Agreement then becomes available to any member of the Card Schemes. This information, available to any member of the Card Schemes, may be used in assessing subsequent applications for merchant facilities.

14.4 The suspension, expiration or termination of this agreement does not affect any of Your, or Our rights and obligations which arose before it ended or was suspended including, without limitation, in relation to Our right to chargeback transactions and to recover accrued fees, charges, penalties, fines and costs.

14.5 When any part of the agreement ends, or otherwise at our request, you must return Australian Application Form Confidential Page 14 of 15 to Us any materials provided by Us and You must remove any card scheme logo or any materials We have provided You with from any of Your business premises or websites and if any materials are held electronically by You or on Your behalf, You all must cease to use this material immediately, and, if We request, delete that material as soon as reasonably practicable

14.6 When any part of this agreement ends You must immediately pay Bambora any outstanding fees, charges and costs due under this agreement.

14.7 This clause 14 survives termination of this Agreement.


15.1 You may not assign or charge Your rights under this Agreement without our prior written consent.

15.2 Each of Us may, in Our sole discretion, assign, novate or transfer Our rights or obligations arising out of this Agreement by giving notice to the You.


You acknowledge that We may only provide services to You under this Agreement where You:

(a) have a permanent establishment in Australia through which transactions are completed;

(b) are registered to do business in Australia;

(c) have a local address in Australia for correspondence and acceptance of judicial process, other than a post-office box or mail-forwarding address; and

(d) pay taxes in Australia (where required) in relation to the sales activity; and

(e) satisfy any other domesticity requirements imposed by card schemes from time to time.

In addition to any other right to terminate or suspend the services, We may immediately cease to accept transactions under this Agreement where You fail to satisfy the above requirements.


This agreement is governed by the laws of the State of Victoria. Each party submits to the jurisdiction of the courts of that State of Victoria and any courts of appeal from them.


We may vary this agreement on 30 days’ written notice to You.


19.1 You acknowledge that NAB or Bambora may deliver notices to You in any of the ways listed in clause 19.2.

19.2 A notice must be in writing and is taken to be received:

(a) if delivered personally, at the time of delivery;

(b) if sent by pre-paid post, on the third day after the posting;

(c) if sent by facsimile transmission, on the date the transmitting machine records transmission of the complete document;

(d) when the party sending the notice is the NAB or Bambora, if sent by email, at the time when the email enters Your information system.

19.3 The address, facsimile number or email address to be used for notices is the last address, facsimile number or email address advised by a party. You must inform Bambora immediately of any change of Your address, facsimile number or email address.


20.1 You must indemnify Us for all losses and liabilities We incur (including claims against Bambora by NAB) because:

(a) You did not observe any of Your obligations under this agreement;

(b) We could not exercise all or any part of Our rights under this agreement;

(c) of any dispute between You and a customer over a transaction;

(d) of any wilful default, breach, negligence, fraud, act or omission by You or any of Your agents or representatives relating to this agreement;

(e) of any infringement by You or Your agents or representatives of another person’s intellectual property rights;

(f) any warranty that You made under this agreement is untrue;

(g) of any use of equipment owned by Us or others, by You, Your employees, contractors, agents or invitees including, without limitation, in relation to transactions involving nominated cards and those involving non-standard cards or loyalty programmes;

(h) of any event relating to a transaction in a foreign currency;

(i) We exercised any of Our rights under this agreement; or

(j) You have taken legal action against Us resulting in a costs order in Our favour or We have incurred legal costs against You in enforcing Our rights under this agreement on a solicitor and client basis or recovering any amounts You owe Us.

20.2 It is not necessary for Us to incur expense or make payment before enforcing a right of indemnity conferred by this agreement.

20.3 These indemnities survive termination of this agreement.

20.4 Bambora and NAB may at any time without notice to You set off any Liability owed by Bambora or and NAB (as the case may be), to You on any account against any Liability owed by You to Bambora or the NAB (as the case may be) under or in connection with this agreement. For the purpose of this clause, “Liability” means any debt or monetary liability, irrespective of whether the debt or monetary liability is future or present, actual or contingent.


You cannot infer from the fact that a Cardholder has been issued with a nominated Card, or that a transaction has been processed or an authorisation has been given (either by telephone or electronically), that We have guaranteed, endorsed or made representations about:

(a) the Cardholder’s creditworthiness;

(b) the correct identity of the Cardholder;

(c) that the transaction is valid and acceptable;

(d) that You have complied with Your obligations under this agreement; or

(e) the transaction will not be charged back or reversed, and You waive any right to claim that we do.


22.1 You authorise Us to collect from, and disclose to, any person any information in connection with this agreement or in relation to Us providing the payment services to You, even where such information is subsequently shown to be inaccurate. You authorise any person to provide any information about You to Us which We may require in connection with this agreement. These authorisations survive the termination of this agreement.

22.2 You authorise Us to disclose to any card scheme advice of termination of this agreement and merchant services and the reasons (if any) for the termination. You acknowledge that the information concerning termination of this agreement and merchant services then becomes available to any member of the card schemes. This information, available to any member of the card schemes, may be used in assessing subsequent applications for merchant facilities.

22.3 You agree that We may disclose to any person the fact that all or part of this agreement or the merchant services has been terminated or suspended. You authorise Us to disclose information concerning the termination to any credit provider for the purpose of notifying that credit provider of that termination and the reason for it occurring. Termination and subsequent listing of the termination may affect Your ability to obtain merchant facilities with another acquirer.

22.4 You:

(a) must keep any confidential information confidential;

(b) may use the confidential information but only in relation to this agreement;

(c) may disclose the confidential information to enable You to perform Your obligations under this agreement but only to Your permitted personnel to the extent that they have a need to know;

(d) must not copy the confidential information or any part of it other than as strictly necessary for the purposes of this agreement and must mark if required by Us any such copy as Our confidential information;

(e) must implement security practices against any unauthorised copying, use, disclosure (whether that disclosure is oral, in writing or in any other form), access and damage or destruction;

(f) must immediately notify Us if You suspect or become aware of any unauthorised copying, use, disclosure, access, damage or destruction in any form and to any extent; and

(g) must comply with any of Our reasonable directions in relation to the confidential information.

22.5 On termination or expiry of this agreement, or earlier on reasonable request by Us, You must promptly return to Us or (if We request) destroy or delete any or all copies of confidential information and, in any event, Your right to use, copy and disclose that confidential information ceases on such termination or, if earlier, delivery of Our request.

22.6 Your obligations under this clause continue indefinitely in relation to confidential information, even if that confidential information is returned to Us, destroyed or deleted, or this agreement expires or is terminated.

22.7 This clause does not apply to the extent that You are obliged by law to disclose the confidential information. If You are so obliged to disclose any confidential information, You must before doing so:

(a) notify Us and provide details of the proposed disclosure;

(b) give Us a reasonable opportunity to take any steps We consider necessary to protect the confidentiality of that information;

(c) provide any assistance reasonably required by Us to protect the confidentiality of that information; and

(d) notify the third person that the information is Our confidential information.

22.8 You acknowledge and agree that:

(a) We may obtain from any of Our agents or contractors, any card scheme or a person who is involved in any card scheme, information about Your merchant history or personal information about You, a related body corporate, Your officers, employees or agents for any purpose relating to the operation of those card schemes. This could include, for example, information relating to previous services that are substantially similar to the merchant services or any part of them;

(b) We can use information about Your merchant history and personal information about You, a related body corporate, Your owners/shareholders, officers, employees or agents, including information about You collected from third parties to assess and process Your merchant application and use in relation to the ongoing provision, suspension or termination of the merchant services, or Our other rights and obligations under this agreement;

(c) We can disclose information about Your merchant history and relevant personal information in the following circumstances:

(i) to any of Our agents or contractors, any card scheme or to any person who is involved in any card scheme, information about You for any purpose related to the operation of those schemes, card fraud detection agencies (including information about termination or suspension of merchant services and reason(s) for termination or suspension of merchant services); and

(ii) where the law requires or permits Us to do so;

(d) We are bound by card scheme rules and obligations; and

(e) all correspondence and discussions between card schemes and Us are private and confidential as between Us and the card schemes and You are not entitled to participate in or otherwise request a copy of such correspondence.


If any provision of this agreement is held to be unenforceable or invalid for any reason, then:

(a) that provision is deemed to be modified to the extent required to remedy the unenforceability or invalidity; or

(b) if it is not possible to remedy the unenforceability or invalidity, that provision is to be severed from this agreement, and this agreement will otherwise remain in full force.

Schedule 1

Fees and Charges

General Principles

1. You shall pay to us the following: (a) the Fees set out in this schedule 1, including fees for additional services outside the standard merchant services; (b) any applicable taxes that are your responsibility, unless you provide us with a tax exemption certificate; and (c) any other amounts that you owe to us resulting from your receipt of the merchant services.

2. You authorise us to debit your Bank Account for fees payable to us and you waive the right to receive advance notice for these debits. Alternatively, if we are unable to debit owed amounts, we reserve the right to invoice you for any such amounts, which amount shall be due and payable seven (7) days after the invoice date or on such earlier date as may be specified.

3. An email will be delivered to you providing notice that a statement is available online to review. You will review the statement no less frequently than every thirty (30) days. You will notify us in writing within thirty (30) days of the statement of any errors or omissions in the statement. After expiration of the thirty (30) days charges related to the transaction report shall be considered valid and you shall be deemed to have acknowledged the correctness of that invoice and to have waived the right to dispute that invoice.

4. In case of late payment, we have the right to charge a late payment service fee on any overdue amounts calculated on a pro-rata daily basis from the due date of payment at a rate equivalent to the Official Cash Rate (OCR) as published by the Reserve Bank of Australia plus five (5) percentage points or the maximum permitted by law in your jurisdiction (whichever is the lesser), until we have received full payment. In connection with the collection or enforcement of debt arising from unpaid amounts only, we shall be entitled to recover our reasonable attorney’s fees and costs associated therewith. Otherwise, no attorney’s fees or costs may be recoverable under this Agreement unless expressly so stated, nor under any other theory of law, including tort.

5. We shall have the right to adjust the fees at any time. Such changes may result from, but are not limited to, changes of card scheme rules and interchange fees, changes of international banking regulations, currency restrictions, or fee changes by a partner bank. You agree that we may pass these increased charges through to you by increasing the fees. We will use reasonable efforts to inform you of any such fee changes at least thirty (30) calendar days prior to the fee changes taking effect, unless we have been notified by the third party of the changes within a shorter timeframe or are required to pay such charges in a shorter timeframe.

6. We reserve the right to adjust the fees in the event of any changes to or deviations from the expected card, country and currency splits including payment volumes and values. We reserve the right to immediately pass-through such cost increases to you and you shall be liable for such cost increases immediately.

7. We reserve the right to upgrade, modify, develop or alter any part of the merchant services and our when required by us, our partner bank(s) and / or legislation. If such changes require you to act, you shall immediately integrate said alterations or modifications and will in all cases have the alterations or modifications finalised upon the effective date such alterations and / or modifications are to become live. We will not charge you for any such alterations or modifications if not agreed to in writing. You shall bear your own costs and expenses in relation to the integration of the alterations or modifications into its system.

8. All transactions are to be processed in Australian dollars. Credit Card transactions are processed online real time. You will be credited (to Your nominated settlement account) with the value of credit card transactions less our fees (net settlement) within 3 banking days of processing.

9. Processing Times – Credit Card

(a) Transactions that occur before 10.00pm AEST each banking day are processed on that business banking day.

(b) Transactions that occur after 10.00pm AEST on a banking day are processed on the next business banking day.

(c) Transactions that occur on non-banking days (weekends, public holidays, and bank holidays) are processed on the next banking day.

Bambora Fees

1. Merchant Service Fee (MSF): as per agreement between You and Us

2. Chargeback Fees: $30.00 per chargeback processed, plus any associated scheme costs

General Payment Processing (Gateway)

1. Parties

This Agreement is made between Bambora Online Pty Ltd ABN 86 095 635 680 (registered at 22-30 Chifley Drive, Preston, VIC 3072) and the party identified in the Business Details section of this document.

2. Definitions

Account means the bank account or credit card nominated by You for acceptance of debit entries under this Agreement and for related purposes.

Agreement means these terms and conditions, the Direct Debit Service Agreement, the Fees and Charges Schedule and all other attached schedules.

Confidential Information means information that is marked “Confidential” or “Proprietary” or that a reasonable person would treat as such.

DDR means Direct Debit Request.

Merchant Service Fee means the percentage fee charged per transaction for the operation of the credit card facility.

Person includes a company or corporation.

Rules means the card scheme rules set by MasterCard, Visa and Bankcard from time to time.

Service(s) means the Payments Processing Service defined in this document under the heading of Service Description.

Transaction means a line item that appears in Our transaction history database.

Users means Your customers.

We, Us, Our means Bambora Online Pty Ltd (ABN 86 095 635 680).

You, Your means the business identified in the Business

Details section of this document.

GST Act means a New Tax System (Goods and Services Tax) Act 1999 (Cth).

Business Day means a day other than a Saturday, Sunday or public holiday in New South Wales or Victoria.

Commissioner means the Office of the Australian Information Commissioner.

Data Breach means an incident involving:

(a) the unauthorised access to, or unauthorised disclosure of Personal Information; or

(b) the loss of Personal Information where unauthorised access to, or unauthorised disclosure of that Personal Information is likely to occur.

Data Breach Statement means a statement prepared in accordance with section 26WK of the Privacy Act 1988 (Cth). Eligible Data Breach has the meaning given to that term in section 26WE of the Privacy Act 1988 (Cth) having regard to the exceptions contained in section 26WF.

Personal Information means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion, which is received by Us from any source as a consequence of the performance of Our rights and obligations under this Agreement.

Privacy Act means the Privacy Act 1988 (Cth).

Privacy Law means any law to which We or You are subject, in Australia or otherwise, which relate to the collection, use, disclosure, storage or granting of access rights to the Personal Information, including the Privacy Act.

3. Contractual Relationships

By signing this Agreement for the Payments Processing Service You agree to accept these Terms and Conditions and all attached schedules associated with the provision of the Services.

4. Contract Term

The initial term is for a period of 3 years, unless terminated earlier in accordance with this Agreement. The term will commence upon processing of the first live transaction. After the initial term this Agreement will be extended automatically for additional terms of 1 year, unless terminated earlier in accordance with this Agreement.

5. Payments Processing Service

Provided that You and / or the Users are able to connect to the Service, We make available to You the Services described in this document under the heading of Service Description for the processing of payment transactions in Australian dollars (AUD) to be settled by an Australian-domiciled acquirer.

6. Service Levels

We provide a highly available, reliable and comprehensive Payments Processing Service. The standard service levels are:

  • Service Availability: 24 hrs/day; 7 days/week; 365 days/year.
  • Help Desk Support: 9am to 5pm AEST.
  • After hours, online, automated or onsite support: Available via additional arrangement.
  • Uptime: 99%

7. Declines

From time to time transactions will be declined. Declined transactions will be reported to You as an exception. Declines are to be followed up by You with the payer directly.

8. Enquiries and Statements

An online enquiries facility is provided at www.ippayments.com.au/crm (or other designated location as updated from time to time) for review of all transactions processed.

At the end of each month all transactions, fees and charges are summarised in an invoice. This invoice will be emailed to You.

Where enquires are not resolved online You can contact Us by email at support.apac@bambora.com or call Us on 1300 721 163.

9. Reporting Errors

We are not responsible for any communication errors, including without limitation errors in reporting authorisations or declines, arising from or related to errors by the Bank or Charge Card Company and are communicated by Us to You. To the fullest extent permitted by law, all liability by Us for such errors is expressly excluded. Any claims with respect to such errors shall be raised directly with the Bank or Charge Card Company by You or the User.

10. Password Security

You must ensure that Your Service user name and password are kept secure and not disclosed to anyone. If You suspect that the security of Your user name and password has been breached then You must ensure that:

  • Your password is changed on the Bambora website.
  • We are promptly notified of the suspected breach.

11. Variations and Amendment of Terms and Conditions

We may propose variations and/or amendments to any of the provisions of this Agreement (including any operating reference or user guide), including fees and charges, on giving You 14 days notice. The proposed variation or amendment shall be published on Our website at www.bambora.com/en/au/terms-co... and You will also be informed of any such proposal by email.

You shall be deemed to have accepted any proposed variation or amendment notified to You unless You provide Us with written notice, within 10 days of the transmission of the email informing You of the proposed amendment or variation, that You do not accept the variation or amendment. If You choose not to accept the proposed variation or amendment, this Agreement will be deemed terminated by mutual consent with effect 14 days from the date of publication on Our website notice of the proposed amendment or variation.

12. Termination

12.1 A party may terminate this Agreement immediately by notice in writing to the other party in the event that the other party:

12.1.1 fails to observe, discharge or perform any provision of this Agreement (Default) and then fails to remedy that Default within twenty-one (21) days after written notice specifying the particulars of the Default has been given to it;

12.1.2 commits any act of insolvency;

12.1.3 is presented with a creditors’ petition, or a resolution is passed by its shareholders or directors, for the winding up of that other party; or

12.1.4 it enters into a compromise or arrangement with creditors or a receiver, administrator or official manager is appointed in respect of its business or assets.

12.2 A party may terminate this Agreement with effect from the end of the initial term (or with effect from the end of any extended term) by giving the other party not less than one hundred and eighty (180) days notice in writing prior to the end of the initial term (or prior to the end of any extended term, as the case may be).

12.3 The termination or expiry of this Agreement (howsoever caused or arising) does not affect any of Your or Our rights, remedies and obligations that arose on or before it terminated or expired (as the case may be).

12.4 If a notice of termination is given to You pursuant to clause 12.1, We may, in addition to terminating this Agreement:

12.4.1 retain any moneys paid (apart from monies due to Users as a result of selling a product or service);

12.4.2 charge a reasonable sum for work performed in respect of work for which no such amount has been previously charged;

12.4.3 retake possession of all Our property in Your possession;

12.4.4 be regarded as discharged from any further obligations under this Agreement; and

12.4.5 pursue any additional or alternative remedies provided by law.

13. Charges and Payment

You must pay the fees under the terms specified in this Agreement. You must pay the fees within 7 days after the date of Our invoice.

If You request additional services or a variation to the existing Service (other than ‘bug fixes’), then You agree to pay Us at Our standard rate of $2500 per day (plus agreed expenses and GST) for the provision of the additional service.

We will invoice You for all development work. Invoices will

be electronically presented. Payments of invoices are to be via DDR, EFT or company cheque.

If fees remain unpaid for a period of 14 days We have the right to suspend or withdraw the service.

Where We have engaged an agent to collect overdue fees We have the right to also collect interest on over due fees and recover all costs incurred collecting these fees.

Your and Your Users bank fees and charges remain the responsibility of You and the User.

14. GST

The provisions of this clause apply only where a supply under this Agreement constitutes a taxable supply under the GST Act.

Except as otherwise provided by this clause, all consideration payable under this Agreement in relation to any supply is exclusive of GST.

We must provide to You a valid tax invoice at or prior to the time of payment of any GST Amount.

To the extent that any adjustment occurs in relation to a taxable supply, We must issue an Adjustment Note to the You within 7 days of becoming aware of the adjustment, and any payment necessary to give effect to such adjustment must be made within 7 days after the date of receipt of the adjustment Note.

15. Intellectual Property

You agree that all Intellectual Property Rights in any specifications, works, items, software, materials or information of whatever nature produced or developed

by Us or under Our direction pursuant to or in the course of providing the Service shall remain Our sole and complete property.

You grant to us a licence for the limited use of Your logos and trademarks as contemplated by this Agreement for the purpose of building a branded service.

16. Exclusivity

Unless otherwise agreed, You will not for the duration of this agreement, process payments via a product or service which is or could be an alternative to or competitive with the Services.

17. Confidentiality

Both parties must keep confidential, maintain proper and secure custody of and not use or reproduce in any form the Confidential Information unless with the other party’s prior written consent or as required by law.

Each party must immediately in accordance with the other party’s request deliver to the requesting party or destroy all Confidential Information and all changes to, reproductions of, extracts from and notes regarding the Confidential Information, in any form.

18. Exclusion of Implied Terms

Subject to clause 19.1, the parties intend and agree that all conditions, warranties, representations, indemnities and guarantees with respect to the Services (or any other goods or services that may be supplied or performed by Us under this Agreement), that but for this clause would otherwise be implied by statute, law, equity, trade custom, prior dealings between the parties or otherwise are not included in this Agreement and are hereby expressly excluded.

19. Exclusion of Liability

19.1 Nothing contained in this Agreement excludes, restricts, limits or modifies any:

19.1.1 condition, warranty, guarantee or obligation in relation to the Services where pursuant to an applicable law to do so is unlawful or void; or

19.1.2 right, or the exercise of any right, conferred by an applicable law where pursuant to that law to do so is unlawful or void; or

19.1.3 liability for an act or omission (including fraud or deceit) where pursuant to applicable law to do so is unlawful or void; or

19.1.4 liability for death or personal injury.

19.2 Subject to clause 19.1, We hereby exclude any liability to You or to any User or to any third party under or in connection with this Agreement or in respect of the performance, part-performance or non-performance of the Services for:

19.2.7 reliance costs or expenses suffered or incurred;

19.2.8 liability to any third party; or

19.2.9 incidental, consequential, special, exemplary or punitive damages of any nature.

20. Limitation of Liability

Except to the extent otherwise excluded, limited or provided for elsewhere in this Agreement, Our sole liability to You for any and all breaches of any term or terms of this Agreement, whether express or implied, shall be limited to:

20.1 the supplying of the Services again; or

20.2 the payment of the cost of having the Services supplied again, as We may elect.

21. No representation or reliance

21.1 Each party acknowledges and confirms that no other party (nor any person acting on a party’s behalf) has made any representation or other inducement to it to enter into this Agreement, except for representations or inducements expressly set out in this Agreement.

21.2 Each party acknowledges and confirms that it does not enter into this Agreement in reliance on any representation or other inducement by or on behalf of any other party, except for representations or inducements expressly set out in this Agreement.

21.3 Without limiting the generality of clauses 21.1 and 21.2, You acknowledge that:

21.3.1 no promise, representation, warranty or undertaking has been made or given by Us or any person on Our behalf in relation to the capacity, uses or benefits to be derived from, or any other consequences of or benefits to be obtained from the Services, or any other goods or services provided under this Agreement, except as expressly set out in this Agreement; and

21.3.2 You relied on Your own skill and judgement when You decided to procure the Services from Us and to enter into this Agreement.

22. Force Majeure

In the event that either party shall be prevented from performing any of its obligations due under the terms of this agreement by an act of God, by acts of war, terrorism, riot, or civil commotion, by an act of the government (State, Federal or municipal), by strikes, fire, flood, or by the occurrence of any other event beyond the control of the Parties hereto, that party shall be excused from any further performance of the obligations and undertakings set forth under the terms of this agreement.

23. Severability

23.1 If any term or clause or any part of any term or clause of this Agreement is prohibited, void, invalid or otherwise unenforceable in any jurisdiction, the term or clause, or the relevant part of the term or clause, will be deemed as to that jurisdiction to be severed to the extent that it is prohibited, void, invalid or unenforceable in that jurisdiction but the remainder of that term or clause (and the whole of this Agreement in any other jurisdiction) will remain in full force and effect.

23.2 In the event of any deemed severance pursuant to clause 23.1, the parties shall use all reasonable endeavours to agree within a reasonable time upon any lawful and enforceable variations to this Agreement that may be necessary in order to achieve, to the greatest extent possible, the same commercial effect as would have been achieved by the clause, or the part of the clause, in question.

24. Privacy

24.1 You and We must each:

24.1.1 comply with the Privacy Act and any other applicable Privacy Law;

24.1.2 only use, handle and disclose Personal Information in accordance with the Privacy Act; and

24.1.3 take all reasonable steps to protect Personal Information against misuse, loss, interference, and unauthorised access, modification or disclosure.

24.2 If an actual or suspected Data Breach occurs in respect of Personal Information held by Us, We will notify You of the occurrence of that Data Breach within 2 Business Days after We become aware of that occurrence.

24.3 Upon becoming aware of an actual or suspected Data Breach, We will:

24.3.1 take such steps as are reasonable in the circumstances to contain any Data Breach and minimise the probability of future incidents of the same type; and

24.3.2 commence investigating the actual or suspected Data Breach as a matter of priority.

24.4 For each Data Breach notified to You under clause 24.2, We will provide you within 2 Business Days after the initial notification and on an ongoing basis until all identified remediation activities have been completed, a report containing the following information (or as much as is then known by Us at the time of the relevant report) (“Data Breach Report”):

24.4.1 the source of the breach or the compromise;

24.4.2 the nature and type of the information compromised or subject to unauthorised access;

24.4.3 the individuals whose Personal Information has been impacted by the Data Breach;

24.4.4 the steps taken to stop the unauthorised access to or disclosure of the Personal Information;

24.4.5 the steps taken to prevent any future compromises of the same or a similar type; and

24.4.6 the steps taken to recover or rectify any compromised Personal Information.

24.5 Within 5 Business Days after We provide the initial Data Breach Report and after each material update to the Data Breach Report, You and We must meet (in person or via teleconference) in good faith to:

24.5.1 assess whether based on the information available there are reasonable grounds to believe that the Data Breach amounts to an Eligible Data Breach; and

24.5.2 consider what, if any, additional information is required to make such an assessment.

24.6 We must, using all reasonable efforts and as soon as reasonably achievable, provide any additional information required to make an assessment under clause 24.5.

24.7 You and We must take all reasonable steps to ensure that the assessment of whether there are reasonable grounds to believe that the relevant incident amounts to an Eligible Data Breach is completed within 30 days of Your or Us first becoming aware of the Data Breach.

24.8 If upon the completion of the assessment undertaken under clause24.5, You and We mutually agree that there has been an Eligible Data Breach, You and We will as soon as reasonable practicable prepare and jointly lodge a Data Breach Statement in a form agreed by both parties with the Commissioner.

24.9 If You and We do not mutually agree that there are reasonable grounds to believe that there has been an Eligible Data Breach, or acting reasonably are unable to agree on the form of the joint Data Breach Statement prepared in accordance with clause 24.8, then either You and We may independently prepare and lodge a Data Breach Statement with the Commissioner, provided however that the party that does so first consults with and takes into account the reasonable requirements of the other party with respect to the content of the Data Breach Statement.

24.10 If the parties have jointly prepared and lodged with the Commissioner a Data Breach Statement in accordance with clause 24.8 that is notifiable to individuals, You will as soon as reasonably practicable after the completion of the preparation of the Data Breach Statement notify the contents of the statement to the individuals to whom the relevant information relates or who are at risk from the Eligible Data Breach (as the case may be) in accordance with Privacy Law.

24.11 We will bear all reasonable costs associated with the notification of a Data Breach Statement under clause 24.10 arising from a Data Breach directly caused or contributed to by negligent or wrongful acts or omissions on Our part.

25. Governing Law

This Agreement will be governed by and construed according to the law of NSW, Australia. The parties irrevocably and unconditionally submit to the non-exclusive jurisdiction of the courts and tribunals of that State and waive any right to object to proceedings being brought in those courts or tribunals.

26. Entire Contract

To the extent permitted by law, in relation to its subject matter, the parties intend and agree that this Agreement:

26.1 embodies and constitutes the entire legal and contractual relationship of the parties, including the entire terms agreed by the parties; and

26.2 supersedes, replaces and terminates by mutual consent any prior written or oral representations, negotiations, understandings.