ChronoPay - Internet Payment Service Provider: accept online payments with credit cards and debit cards

LEGAL. PSPS

28.07.2003. A brief legal overview of third party billing services as it relates to Dutch banking law, EU and Dutch IT law, Privacy and Digital Signatures Act (DSA).

LEGAL

ChronoPay acts as a billing services provider in the Netherlands and the entire EU with respect to goods and services (content).

Goods
Merchants will require special software if using ChronoPay’s IPSP services to sell tangible goods. ChronoPay intends to make this software available to merchants for a pre-determined fee. ChronoPay’s service, as it relates to the sale of tangible goods is limited to transferring payment transactions passed to it by merchants via its special software - either in real time or collectively after a certain period of time (’batch’) - to the acquirer in the name of the merchant and for the account (the merchant account) of the merchant. The acquirer will transfer the funds requested directly to the merchant. ChronoPay will collect its processing fees from the merchant, via a regularly scheduled invoice.

Content
Special software is also required when using ChronoPay’s IPSP services to sell Web services and/or content. ChronoPay will provide this software for a pre-determined fee. ChronoPay collects are online payments and deducts its processing fees prior to making payment to its merchants. ChronoPay’s service, as it relates to the sale of services and/or content consists of transferring payment transactions passed to it by merchants via its special software, in real time to the acquirer in the name of the merchant and for the account (the merchant account) of ChronoPay. The acquirer will transfer the requested funds directly to ChronoPay’s bank account. ChronoPay will transfer the funds (minus its processing fees) to the merchant.

BANKING LAW

Regulatory implications (banking law)

The Act on the Supervision of the Credit System 1992 governs banking supervision. With respect to the funds ChronoPay receives from credit card companies, the following is of importance. Pursuant to article 82 of the Act on the Supervision of the Credit System 1992 (’ASCS 1992’) it is prohibited for any natural person or legal entity to invite, receive or have, in the course of his or its occupation or business, repayable funds on demand or subject to notice being given from the public. In this respect it is also prohibited to act as an intermediary for the purpose of inviting or receiving from the public such repayable funds on demand or subject to notice being given.

The activity of ChronoPay of receiving funds from credit card companies and forwarding such funds to merchants can be regarded as (only) passing on funds based on (fulfilling) a trade agreement of third parties and can not be regarded to be repayable funds as set out above. Therefore, ChronoPay does not receive repayable funds from third parties, which implies that ChronoPay would not (otherwise) fall within the scope of the ASCS 1992.

Acting in breach of the ASCS 1992 is regarded as an economic offence, which implies that - next to administrative sanctions that may be imposed by the Dutch Central Bank ('DCB') - criminal charges may be imposed.

Netting ChronoPay will deduct from the amount payable to the merchant its fee for the services provided to such merchant. Such netting should be agreed upon by the merchant and ChronoPay. This is provided for in (conditions of) the agreement that will be entered into with the merchant.

EU IT LAW

Regulatory implications (IT law)

In addition to legislation which was originally written for the physical world (brick and mortar), there is also a steadily increasing number of statutory regulations specifically intended for the online environment. ChronoPay intends to abide by any and all such regulations, to include those specified in the Dutch Distance Contracts Act (’Wet inzake overeenkomsten op afstand’) and the European Directive on Electronic Commerce. These regulations include e.g. information requirements and obligations regarding general terms and conditions. The information requirements can, for example, be translated directly into requirements with which ChronoPay’s website has to comply. Examples of information that that must be provided in good time prior to the conclusion of any distance (purchase) contract include the identity of ChronoPay, characteristics of the product/services, the payment method. etc.

The Distance Contracts Act contains rules to protect consumers when they enter into a distance contract. Since ChronoPay does not enter into contracts with consumers, the Distance Contracts Act strictly speaking, does not apply. The Distance Contracts Act may be relevant for the interpretation of the open norms as set out in the European Directive on Electronic Commerce. The Directive on Electronic Commerce does not confine itself to communication and transactions with consumers, but in principle covers all types of e-business relations. The E-Commerce Directive is expected to be transposed into Dutch law in 2003.

PRIVACY

ChronoPay will collect personal data from the merchant's customers. This personal data includes name and address details, e-mail, credit card numbers, information regarding the purchased goods and content etc. The collection of personal data will be regarded as processing of personal data under the Personal Data Protection Act ('Wet Bescherming Persoonsgegevens'). In order to lawfully collect and process personal data in accordance with the Act, there are several obligations that must be met. For example, personal data may not be further processed in a manner that is inconsistent with the purposes for which they are initially collected. This means e.g. that ChronoPay may not make any further use of personal data that is received from the merchants. In summary, ChronoPay will make adequate arrangements when processing personal data in order to avoid liability.

DIGITAL SIGNATURES ACT

The Dutch Digital Signatures Act may also be relevant for ChronoPay's business. The purpose of the Dutch Digital Signatures Act is among other things to facilitate the use of electronic signatures and to regulate their legal recognition. The Dutch Digital Signatures Act prescribes that an electronic signature will have the same legal effect as a traditional handwritten signature on a paper carrier, provided that the method of authentication is sufficiently reliable in respect of the purposes for which the electronic data is used and in view of all other circumstances.