• Our Solution
  • Latin America
  • Resources
  • About Us
  • Get Started
  • Log in
  • ‹

    Our Solution

    A localized solution that covers all the bases for doing business in Latin America.

    Explore our solution

    Payments

    • Payment Processing
    • Payment Methods
    • Installments
    • Industries
    • Recurring Payments

    Beyond Payments

    • Fraud Prevention
    • Consumer Services
    • Merchant Services
    • Localization Consulting
    • EBANX Dashboard

    Integrations

    • EBANX API
    • EBANX for Shopify
    • EBANX for WooCommerce
    • EBANX for Magento
    • All Integrations
    • Documentation
  • ‹

    Latin America

    An attractive market for companies worldwide that adapt to the region and overcome the local challenges.

    Discover Latin America

    Markets

    • Brazil
    • Mexico
    • Chile

     

    • Argentina
    • Colombia
    • Peru

     

    • Bolivia
    • Ecuador
    • Uruguay
  • ‹

    Resources

    Get access to data and insights from the EBANX content hub.

    View Resources

    • Payments Explained
    • Access the complete glossary of the payments industry.

    • Latin America Explained
    • Find the best B2B content on payments and the Latin American market.

    • LABS
    • Read the latest news of the Latin American market.

    • EBANX Blog
    • Get the latest insights and trends about the payments landscape to grow your business.

  • ‹

    About us

    We created a technological payment solution that connects Latin American consumers to huge companies from all over the world.

    Discover our history

    We are EBANX

    • Press Room
    • EBANX in the news.

     

    • Careers
    • Join our team.

     

    • Partners
    • A powerful regional partnership.

     

    • Contact Us
    • Start your journey with EBANX.

             

Legal Terms for Merchants

  • LEGAL TERMS FOR MERCHANTS
  • Small Merchants Terms & Conditions for Payment Processing
  • Description of EBANX Payment Methods
  • DATA PROCESSING AGREEMENT
  • Cross-border Payments
  • Payout Merchants
  • LEGAL TERMS FOR CUSTOMERS
  • Privacy Policy
  • COMPLIANCE
  • EBANX Values
  • Restricted and Prohibited Products and Services
  • Compliance Documents
  • OTHER POLICIES
  • Cookie Policy
  • Security Vulnerability Documents
  • Information Security Policy
  • Information Security for Third Parties

Data Processing Agreement for Payout Merchants

Updated on July 13, 2020

This Data Processing Agreement ("Agreement") forms part of the Payout Agreement between EBANX and the Merchant (together as the “Parties”).

Whereas

(A) The Merchant acts as a Data Controller.
(B) The Merchant wishes to contract international transactions to the Territories (“Services”), which imply the processing of personal data specified in Schedule A.
(C) The Parties seek to implement a data processing agreement that complies with the requirements of the current legal framework in relation to data processing. 
(D)The Parties wish to lay down their rights and obligations.

It is agreed as follows:

Definitions and Interpretations

Unless otherwise defined herein or in the Payout Agreement, capitalized terms and expressions used in this Agreement shall have the following meaning:

  1. Applicable Laws means the data protection laws applicable to the Payout Agreement or to the Payee in the Territories;

  2. Data Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Applicable Laws; specifically to the Payout Agreement means the Merchant, pursuant to or in connection with the Payout Agreement;

  3. Data Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Data Controller; specifically, to the Payout Agreement means EBANX, pursuant to or in connection with the Payout Agreement;

  4. Data Transfer means:

    1. a transfer of Payee Personal Data from the Merchant to EBANX; or

    2. an onward transfer of Payee Personal Data from EBANX to a Subprocessor, or between companies of EBANX;
  5. Personal Data means any information relating to an identified or identifiable natural person, who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an identification number, location data, an online identifier or to one or more factors specific to the physical, psychological, genetic, mental, economic, cultural or social identity of that natural person; specifically to the Payout Agreement, means any Personal Data processed by EBANX or Subprocessors on behalf of Merchant pursuant to or in connection with the Payout Agreement;

  6. Personal Data Breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed;

  7. Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

  8. Subprocessor means any person appointed by or on behalf of EBANX to process Personal Data on behalf of the Merchant in connection with the Agreement;

  9. Supervisory Authority means an independent public authority which is concerned by the processing of Personal Data because of Applicable Laws.

 

Processing of Merchant Personal Data

Merchant shall:

  1. ensure the collection of Personal Data according to the Applicable Laws, taking into account the nature, scope, context and purposes of the Processing;
  2. allow EBANX to process Personal Data for the provision of the Services or on the relevant Merchant’s documented instructions, as provided in the Payout Agreement, in this Agreement or in any other relevant document.
  3. collect by itself or request EBANX to collect Personal Data from Payee in the Territories on Merchant’s behalf in order to remit funds to Payee, pursuant to Merchant’s instructions, the Payout Agreement and Applicable Legislation.

EBANX shall:

      1. comply with all Applicable Laws in the processing of Personal Data in the Territories; and
      2. not process Personal Data for a purpose other than the provision of the Services or on the relevant Merchant’s documented instructions;

 

EBANX's Personnel

EBANX shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Subprocessor who may have access to Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Personal Data, as strictly necessary for the purposes of the Payout Agreement, and to comply with Applicable Laws in the context of that individual's duties to the Subprocessor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.

 

Security

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, EBANX shall implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk.

In assessing the appropriate level of security, EBANX shall take into account the risks that are presented by the processing of Personal Data, in particular from a Personal Data Breach.

 

Subprocessing

EBANX shall not appoint (or disclose any Personal Data to) any Subprocessor unless required or authorized by the Merchant or necessary for the provision of the Services.

 

Data Subject Rights

Taking into account the nature of the processing, EBANX shall assist the Merchant by implementing appropriate technical and organizational measures, insofar as possible, for the fulfilment of the Merchant obligations to respond to requests to exercise Data Subject rights under the Applicable Laws.

EBANX shall ensure that it does not respond to that request except as required by Applicable Laws to which EBANX is subject or on the documented instructions of Merchant.

Whether EBANX cannot fulfil Merchant’s obligation to respond to request to exercise Data Subject rights under the Applicable Laws, EBANX shall promptly notify Merchant if it receives a request from a Data Subject in respect of Personal Data.

 

Personal Data Breach

EBANX shall notify Merchant without undue delay upon EBANX becoming aware of a Personal Data Breach affecting Personal Data, providing Merchant with sufficient information to allow Merchant to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Applicable Laws.

EBANX shall cooperate with the Merchant and take reasonable commercial steps as are directed by Merchant to assist in the investigation, mitigation and remediation of each Personal Data Breach.

 

Data Protection Impact Assessment and Prior Consultation

EBANX shall provide reasonable assistance to the Merchant with any data protection impact assessments, insofar as possible, and prior consultations with Supervising Authorities, which Merchant reasonably considers to be required whether the processing would result in high risk in the absence of measures taken by EBANX to mitigate the risk, in each case solely in relation to processing of Personal Data by EBANX.

 

Deletion or Return of Merchant Personal Data

In the event of cessation of the Services involving the processing of Personal Data, EBANX shall, within 15 business days, delete and procure the deletion of all copies of Personal Data.

Clause 9.1 does not apply if EBANX shall continue the processing of Personal Data to comply with purposes for which they were collected or for compliance with a legal or regulatory obligation under Applicable Laws. In this case, EBANX shall delete and procure the deletion of all copies of Personal Data within 15 business days after the cessation of such grounding.

Data Transfers

EBANX shall ensure that Personal Data internationally transferred due to the provision of the Services is adequately protected. To achieve this, EBANX shall transfer Personal Data to countries or international organizations that ensure adequate level of protection or rely on standard contractual clauses for the transfer of personal data.

 

General Terms

Unless otherwise stated in the Payout Agreement, to the extent that the terms of this Agreement and the Payout Agreement conflict, the terms of the Payout Agreement shall prevail.

 

Schedule A

 

Data Controller

Merchant is the Data Controller.

Data Processor

The Data Processor is any company of EBANX Group (as defined in the Merchant Agreement) responsible for facilitating international transactions to Payees located in the Territories.


Data Subjects

Data Subjects are the Payee as provided in the Payout Agreement.


Categories of Data and Processing Operations

The following categories of Personal Data may be processed by EBANX on behalf of Merchant, depending on the processing purpose: (1) full name; (2) email; (3) Tax ID Number (4) ID data; (5) address; (6) date of birth; (7) telephone number; (8) scanned documents; (9) biometric photograph; (10) bank details; (11) proof of address; (12) proof of payments.


Processing Operations

Personal Data may be processed for the following purposes:

  • to provide the Services, including, but not limited to the following activities: (1) collection Personal Data in the Territories in order to remit funds to Payee, pursuant to Merchant’s instructions (2) confirmation and validation of Payee’s identity and payment information (3) due diligence and background check performance to ensure the source and reason for the remittance of funds in accordance to international practices set forth in the Anti-Money Laundering laws and regulations;
  • to monitor, prevent and detect frauds, to verify payment’s authenticity and to prevent harm to Merchant, EBANX and/or third parties;
  • to respond to Customer and Merchant support request; iv. to comply with legal or regulatory obligations applicable to the processing of Personal Data to which EBANX is subject;
  • to produce and distribute promotional marketing actions, unless otherwise agreed in the Payout Agreement;
  • to analyze, develop and improve EBANX’s products and services;
  • otherwise to fulfill the obligations set out in the Payout Agreement.

EBANX's top products and services for global companies

  • Payment Processing
  • OXXO in Mexico
  • EBANX for Shopify
  • Boleto in Brazil
  • Mexican Market
  • EBANX Payment Page
  • Brazilian Market
  • Pricing
Solutions
  • Payment Processing
  • Payment Methods
  • Credit and Debit Cards
  • Installments
  • Voucher Payments
  • Online Alternatives Methods
  • EBANX Shield
  • Localization Strategies
  • Consumer Services
  • Recurring Payments
Markets
  • Latin America
  • Brazil
  • Mexico
  • Argentina
  • Chile
  • Colombia
  • Peru
  • Ecuador
  • Bolivia
  • Uruguay
Integrations
  • How to Integrate
  • EBANX Payment Page
  • Direct API
  • Payment by Link
  • Payment Gateway for Magento
  • Payment Gateway for WooCommerce
  • Payment Gateway for Shopify
Resources
  • LABS
  • Payments Explained
  • Latin America Explained
  • EBANX Blog
More
  • About EBANX
  • Pricing
  • Get in Touch
  • Partners
  • Press Room
  • Events
  • Legal Terms
  • Sitemap
USEFUL LINKS

Latin America

  • Payments in Latin America
  • Cross-border Payments in Latin America
  • Payment Processing in Latin America
  • Payment Gateway in Latin America
  • Latin American Market

Brazil

  • Payments in Brazil
  • Payment Methods in Brazil
  • Boleto Bancário in Brazil
  • Debit and Credit Cards in Brazil
  • Payment Processing Brazil
  • Payment Gateway Brazil

Mexico

  • Payments in Mexico
  • Payment Methods in Mexico
  • OXXO Payment Method
  • Debit and Credit Cards in Mexico
  • Payment Processing Mexico
  • Payment Gateway Mexico
EBANX
  • English
  • Español
  • Português
  • Français
  • Deutsch
  • Italiano
  • 中文
  • 한국어
  • 日本語
Stay Connected
  • Visit our LinkedIn  
  • Visit our YouTube Channel  
  • Visit our Instagram  

Users are advised to read the Privacy Policy CAREFULLY. View service restrictions on the compliance page.

The brand "EBANX" and the domain "ebanx.com" represent a group of several products and companies in Brazil and other countries. Some of these products may only be available for specific industries or countries, contact EBANX team to get further information.