Terms and Conditions

Last updated: February 02, 2024

privacy illustration

Boya Terms and Conditions

v1.5-02/02/2024

Please read these terms and conditions (“Boya Terms”, “Terms” or “Agreement”) and the attached Wallet as a Service and Card as a Service Agreement (“WaaS & CaaS Agreement”) ("Appendix 1”) carefully. By clicking “accept,” you, an entity (“Customer” or “you”), are agreeing to, and will be contractually bound by these Terms. If you do not agree to be bound by these Terms, do not click “accept” and you may not or access our Services (as defined below). As used in this Agreement, Boya Limited1 . (“Boya” or “we”) and Customer may be individually referred to as a “Party” and collectively referred to as the “Parties.”

1. DEFINITIONS AND INTERPRETATION

1.1.  In this Agreement, unless the context otherwise requires, the following words and expressions shall have the following meanings:

1.1.1.Affiliate means an entity that, directly or indirectly, controls, is under the control of, or is under common control with a party, where control means having more than fifty percent (50%) of the voting shares or other ownership interest, the majority of the voting rights of such entity, the ability to ensure that the activities and business of that entity are conducted in accordance with the controlling entity’s wishes or the right to receive the majority of the income of that entity onany distribution by it of all of its income or the majority of its assets on a winding up of that entity;

1.1.2.Authorised User means an employee of the Customer who is authorised to use the Boya App in connection with the Corporate Account and includes the Administrator;

1.1.3.Administrator means an individual authorised to set up the Corporate Account on behalf the Business and is the designated representative of the Business through the Boya Dashboard;

1.1.4.Beneficial owner means the individual who ultimately owns or exercises effective control over a legal person (such as a company)

1.1.5.Boya App means the Boya mobile or and/or web app (including software, servers, and associated user interface) through which Boya shall offer the Services;

1.1.6.Boya Dashboard means a page on the Boya website or Boya APP through which the Business can view its Boya Account and through which certain Transactions can be completed;

1.1.7.Business Day means a day (other than a Saturday, Sunday or public holiday) on which banking and financial institutions are generally open for the conduct of business in Kenya;

1.1.8.Card means a PEC or a VEC;

1.1.9.Confidential Information means, without limitation, all information, software, data, manuals, concepts relating to marketing methods, products, developments, business and financial affairs and trade secrets, and other information of value to a party and not generally known, (whether or not designated as “confidential information” by any Party and whether written, oral or in electronic form) and any other information clearly designated by a Party as “confidential information” or that is evidently confidential by its nature or the nature of its disclosure, and includes the terms of this Agreement;

1.1.10. Corporate Account means the Business’ account hosted on the Boya App through which certain Transactions are completed and which is visible to the Business on the Boya Dashboard;

1.1.11. Customer Data means information or documentation provided by Customer to Boya, and which includes Financial Data and any Personal Data provided by Customer, Administrators, and Authorised Users.

1.1.12. Dashboard Data means the Services information that the Customer has accepted and agreed to utilise including expense reports, balance statements, employee data, card data, account settings and such other information that may be availed from time to time at Boya’s discretion;

1.1.13. EFTPOS means Electronic Funds Transfer at Point Of Sale;

1.1.14. Financial Data means Customer’s bank balance, transaction, and account information accessibleto Boya through Linked Accounts or Third-Party Services.

1.1.15. Financial Institutions means those financial services institutions that have arrangements with Boya to facilitate provision of the Services, including, without limitation, banking institutions andpayment network partners (such as VISA or Mastercard);

1.1.16. Force Majeure Event means any event happening which is beyond the reasonable control of theparties and which negatively affects a Party’s performance of its obligations under this Agreement and includes civil commotion, pandemic, war, an act of God and network failure which has not been occasioned by the fault of either party to this Agreement;

1.1.17. Intellectual Property Rights means all Intellectual Property owned by Boya;

1.1.18. Intellectual Property means patents, utility models, rights to inventions, copyright and neighbouring and related rights, moral rights, trademarks and service marks, business names and domain names, rights in get-up and trade dress, goodwill and the right to sue for passing offor unfair competition, rights in designs, rights in computer software, database rights, topography rights, rights to use and protect the confidentiality of Confidential Information (including know-how and trade secrets), and all other intellectual property rights, in each case whether registered or unregistered and including all applications and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and  all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world;

1.1.19. KYC means know your customer;

1.1.20. Linked Account means any account that is held with a Financial Institution and is linked to or authorized for Transactions through your Corporate Account.

1.1.21. Marks means the trademarks, service marks, trade names, logos, slogans and other identifying symbols of Boya;

1.1.22. Non-aggregated transaction data means individual pieces of transaction data; such as data about specific transactions by a customer, including the date, amount transacted and the target of the transaction.

1.1.23. Notice means any physical or electronic communication, or legal notices related to these Terms that are provided to Customer, Authorised Users, or Administrators through text or sms, email, your Corporate Account, or by other means.

1.1.24. PEC means a physical expense card linked to the Boya App and issued to an Authorised User;

1.1.25. PIN means the password, login ID, electronic identification signature or codes given to or chosenby an Authorised User to confirm their identity when using the PEC or the VEC or when accessing or using the Boya Dashboard;

1.1.26. Personal Data means any information in connection with this Agreement that can reasonably beused to identify an individual, or that may otherwise be considered personal data;

1.1.27. Prohibited Person means any person who, either by law or by exclusion by the Customer, is not allowed to access or use the Services;

1.1.28. Services means access to the Boya app, Boya Dashboard and the Cards to help Customers manage their spend more efficiently and other services as shall be determined by Boya from time to time;

1.1.29. Sponsor Bank means any bank partner of Boya who facilitates acceptance of funds into the Corporate Account;

1.1.30. Third-Party Services means services and data provided by third parties connected to or provided through the Services. Third-Party Services include accounting or expense management platforms, payment processors and e-commerce platforms, and applications used to monitor Linked Accounts.

1.1.31. Third Party Provider means shall mean third party service providers; including KYC verification service providers, publishers, resellers, contractors, agents, card-issuing entities, Sponsor Banks and Financial Institutions used by Boya during the course of this Agreement.

1.1.32. Transactions include transfer of funds into the Corporate Account through a Linked Account and transfer of funds out of the Corporate Account through the Cards.

1.1.33. Updates means any modification and or improvement made to the operation of the Boya App, Boya Dashboard, Boya website or Corporate Account including but not limited to bugfixes, modification on the user interface and security upgrades; and

1.1.34. VEC means a virtual expense card linked to the Boya App and issued to an Authorised User.

1.2. Interpretation

The following principles of interpretation shall apply to this Agreement:

1.2.1. any reference to a section, clause and sub-clause shall, unless otherwise provided, be construed as references to the sections, clauses or sub-clause of this Agreement;

1.2.2.any reference to any statute or statutory provision shall, save as otherwise expressed in this Agreement, be construed as a reference to that statute or provision as it is amended consolidated extended or re-enacted from time to time and any orders regulations instruments or other subordinate legislation made from time to time under any statute provided that any such amendment consolidation extension or re-enactment does not have retrospective effect;

1.2.3.any words following the terms including, include, in particular, for example or any similar expression shall be construed as illustrative and shall not limit the sense of the words, description, definition, phrase or term preceding those terms;

1.2.4.headings are only for ease ofreference and shall not affectthe interpretationofthis agreement;

1.2.5.references to a person includes a natural person, corporate or unincorporated body where context allows;

1.2.6.references to indemnifying any person against any circumstance includes indemnifying and keeping him harmless from all actions claims and proceedings from time to time made against that person and all loss or damage and all payments costs and expenses made or incurred by that person as a consequence of or which would not have arisen but for that circumstance;

1.2.7.references to this Agreement means this Agreement and shall include any amendments made tothis Agreement and any agreement which is supplemental to this Agreement;

1.2.8.the expression person includes a natural person body corporate state agency governmental authority or firm;

1.2.9.where any obligation pursuant to this Agreement is expressed to be undertaken or assumed by any party, such obligation shall be construed as requiring the party concerned to exercise all rights and powers of control over the affairs of any other person which that party is able to exercise (whether directly or indirectly) in order to secure performance of that obligation; and

1.2.10. words importing the singular shall include the plural and vice versa;

2. THE SERVICES

2.1. Registration and Acceptance of these Terms

2.1.1.If a Customer meets all of the criteria indicated on the Boya Dashboard at the time of registration, the Customer may register for the Services by providing the information required and accepting these Terms.

2.1.2.The Services are intended exclusively for business entities and are not intended for individual consumers.

2.1.3.Boya may, at its sole discretion, refuse to allow any person to register for the Services, without providing reasons.

2.1.4.The acceptance of these Termsis materialized by a box ticked on the Boya Dashboard.

2.1.5.By accepting these Terms, the Customer expressly acknowledges that they have carefully read the Terms, that they have understood them and that they accept them in their entirety and without reservation.

2.1.6.The Customer undertakes to bring these Terms to the attention of all Authorised Users and to ensure that all Authorised Users comply with the provisions of these Terms.

2.1.7.The Customer agrees that submitting an application for a Corporate Account and ticking consentto these Terms constitutes its electronic signature. The Customer also agrees that its electronic consent has and will have the same legal effect as a physical signature. The Customer consents to Boya providing Notices and account statements to it electronically and understand that this consent has the same legal effect as would a physical signature.

2.1.8.The Customer understands and agrees that while Boya may partner with third parties to provide the Services, the business relationship exists solely between Boya and the Customer; and no business relationship shall exist between the customer and any of Boya’s partners, including Sponsor Banks except where expressly acknowledged by Boya’s partners.

2.2. Provision of Customer Data

2.2.1.The Customer must provide Customer Data to apply for and maintain a Corporate Account and any Services. Customer Data may include registered business name, business address, ownership details, contact information including email and phone number, tax identification number, the nature of the business, financial information, details for your Linked Accounts, and other business information (KYC Information) that Boya may require or request from time to time.

2.2.2.The Customer must also provide certain Personal Data including the names, contact information, personal addresses, social security numbers, and dates of birth of Administrators, Authorised Users, directors, shareholders and beneficial owners. We may also require that you provide certain documentary information used to verify Customer Data  and Personal Data including corporate registration certificate, proof of address, or personal identification.

2.2.3.The Customer must connect at least one Linked Account. The Customer authorizes us to verify that the account details provided for the Linked Account are correct and the Linked Account belongs to the Customer.

2.2.4.The Customer agrees to provide the required information to open and maintain its Corporate Account and agrees to keep such information current. This information may be shared with Third Party Providers for verification purposes. The Customer may be required to verify information previously provided or provide additional information in the course of applying for or receiving certain Services.

2.2.5.The Customer acknowledges that it has obtained or will obtain appropriate consent and authorization of any person whose Personal Data it provides before sharing such data with Boya.

2.2.6.Boya may periodically request more data from the customer in order to fulfil its KYC obligations.

2.3. Verification of information

2.3.1.Boya and its Third Party Providers rely on the accuracy of the information provided by the Customer when opening and maintaining its Corporate Account. Customer acknowledges and agrees that we may use and provide Customer Data and Personal Data to Third Party Providers to verify the information provided and to determine Customer’s eligibility for the Services.

2.3.2.We may approve or deny your application or grant you provisional access to the Services or your Corporate Account while your application is pending additional review. We may deny your application, interrupt provision of the Services to you, or suspend or close your Corporate Account where the information you provided is incomplete, inaccurate, or out of date.

2.3.3.The Customer is aware that failure to comply with request(s) of documentation before accepting these Terms or during the relationship may result either in the impossibility for Boya to provide the Services or the termination by Boya of the Services.

2.3.4.In the event of a change affecting the KYC Information, such as a change of beneficial owner, the Customer must inform Boya thereof as soon as possible.

2.3.5.The Customer agrees that the information and documents sent by Boya in the context of the implementation of this clause 2.3 may be retained by Boya and/or its Third Party Provider, for the duration and under the conditions allowed by the Data Protection Act of 2019. Where Boya no longer needs to retain such information and documents, we shall delete, erase,  anonymise or pseudonymize it at the end of the period in which we required to retain it.

2.4. Access to the Services

2.4.1.The term “Customer” shall be interpreted as referring (i) to the Customer itself or (ii) to the Customer acting through an Administrator or Authorised User. Any act, decision, instruction or request entered by an Administrator or Authorised User on the Boya App will be considered as an act, decision, instruction or request by the Customer.

2.4.2.Access to the Services by the Authorised Users requires their registration on the Boya App. The Customer undertakes to ensure that Authorised Users register on the Boya App and use the Services in compliance with these Terms.

2.4.3.You must specify at least one Administrator to manage your Corporate Account when submitting your application. Administrators must have, and Customer represents that any individual designated as an Administrator has, the requisite organizational power and authority to conductbusiness and manage the Corporate Account. In the event that an individual designated as an Administrator no longer has such requisite organizational power and authority, Company must notify us promptly and designate another Administratorforthe Corporate Account.

2.4.4.Administrators may: add, remove, or manage additional Administrators and Authorised Users; view Transactions; view and run reports and download Dashboard Data; provide or update Customer Data; connect Customer’s bank account or M-Pesa account; consent to any new or updated terms or conditions contained in this Agreement or other agreements or policies incorporated in this Agreement, consent to supplemental agreements, or consent to any additional terms; and take actions specified in these Terms and perform other tasks on Company’s behalf. Administrators must not authorize the use of Customer’s Corporate Account or the Services by any Prohibited Person as defined in Section 1.1.26.

2.4.5.Administrators must monitor Customer’s Corporate Account activity and statements. Administrators will be able to authorize and assign Authorised Users certain permission levels and authorizations.

2.4.6.Authorised Users may transact and use the Services only for valid, lawful, bona fide business purposes on Customer’s behalf. Authorised Users may not use the Services for personal, family, or household purposes. Authorised Users must accept and comply with the Individual User Terms.

2.4.7.The Administrator may perform any act to manage the Corporate Account including in particular:

2.4.7.1. invite other people to become Administrators and authorise them to perform certain actions on the Boya App;

2.4.7.2. invite Authorised Users to use the Boya App

2.4.7.3. request the issuance of Cards;

2.4.7.4. assign an expenditure or withdrawal limit to each Card, within the limit of the maximum amounts authorised by Boya;

2.4.7.5. request the execution of outgoing transfers;

2.4.7.6. fund the Corporate Account.

2.4.8.The Administrator may delegate powers to an Authorised User on the Boya App and Boya Dashboard. The Administrator will be required to select one of the predefined profiles proposedby Boya that they wish to delegate or the terminology assigned to each profile (“Administrator”,“Director”, “Authorised User”, etc.).

2.5. Funding of a Corporate Account

2.5.1.The Customer must ensure that its Corporate Account at all times has a sufficient balance available to enable (i) the execution of the Transactions requested by the Customer and (ii) the deduction by Boya of any Fees chargeable for the Services.

2.5.2.The Customer may fund a Corporate Account by way of a bank transfer, through M-Pesa or suchother means as shall be determined by Boya from time to time.

2.5.3.The Customer expressly acknowledges and agrees that the Corporate Account will never be used as a deposit account. The purpose of the Corporate Account is to enable the Customer to track Customer’s spend by facilitating Authorised Users to use Cards, manage expenses, view and download Dashboard Data and allowing control of such Cards through the Boya App and Boya Dashboard.

2.5.4.The Customer must ensure that the Account only has a sufficient and available balance representing an amount consistent with the Customer’s average monthly spend, according to a projected or actual amount recorded over the last 3 months preceding any funding of the Customer's Account. In the event that the balance of said Corporate Account exceeds 12 (twelve) times the amount of average, projected or actual monthly expenses over the last 3 (three) months (the "Average"), Boya will inform the Customer and the Customer will have to transfer the portion of the balance exceeding the Average to the Customer’s Linked Account. If the Customer does not transfer the balance exceeding the Average within 7 days of being informed by Boya, the excess amount paid by the Customer will be returned to the Linked Account.

2.6. History of Transactions

The history of Transactions carried out on the Corporate Account may be consulted at any time by logging in to the Boya Dashboard. It is recommended that the Customer regularly check the history in order to be able to detect an unauthorised or poorly executed Transaction.

2.7. Use of Cards

2.7.1.A Card is issued at the Customer's request. This request must be made through the Boya Dashboard.

2.7.2.PECs shall be sent directly to the Customer at the address indicated on the Card order form completed via the Boya Dashboard. When the Card is sent to the Customer, it is the Customer's responsibility to give it to the Authorised User concerned.

2.7.3.In order to activate the Card assigned to them, the Authorised User must connect to the Boya App and follow the instructions provided to them. The Card may not be used if it is not activatedby the User within the allotted time. In the case of a PEC, the Authorised User must sign the back of the Card as soon as they receive it.

2.7.4.A Card allows its User to carry out purchases of goods or services (local or remote) at EFTPOS terminals and to M-Pesa paybills or till numbers.

2.7.5.Transactions made with a Card are debited from the Corporate Account associated with the Card.

2.7.6.The number of successive attempts to enter the PIN is limited to three (3) on EFTPOS terminals. The third unsuccessful attempt causes the invalidation of the Card. In this case, the Customer or Authorised User shall contact Boya customer service on [email protected]

2.7.7.The maximum limits for use of Cards shall be set out on the Boya Dashboard. The Administrator maymodify the Authorised Users’ limitsforthe use of Cards within these limits.

2.7.8.Customer will not allow any unauthorized person to use the Services. The Administrator will immediately disable Authorised User access to the Services or limit permissions where it knows or suspects there has been loss, theft, misappropriation or fraudulent use of a Card, or the misappropriation or any fraudulent use of the Boya App allowing access to it and the Customer will promptly notify Boya after taking such action.

2.7.9.If a Card reported as lost is subsequently found by the Authorised User, it must not be used. TheCustomer orthe User must contact Boya’s customerservice to find out whatstepsto take.

2.7.10. Boya or the Sponsor Bank reserves the option to block, at their own initiative, one or more Card(s) for reasons relating in particular to the security of the Card(s). The Customer and/or the Authorised User may at any time request the unblocking of the Card by contacting Boya’s customer service. However, the decision to unblock is at the sole discretion of Boya or the Sponsor Bank.

2.8. Access, Safeguards and Credentials

2.8.1.Customer will keep their Corporate Account secure and only provide access to individuals that they have authorized to use the Services. Customer will take all reasonable steps to safeguard the privacy, confidentiality, and security of Authorised User credentials. Customer will closely and regularly monitor the activities of Authorised Users who access the Services, and will use all reasonable means to protect Cards, checks, mobile devices, web browsers, and anything else used to access or utilize the Services.

2.8.2.Customer will ensure that each Authorised User has their own unique set of login credentials, keeps those login credentials secure, does not share those login credentials with any other person or third party, and does not reuse login credentials for other services.

2.8.3.As soon as the Customer becomes aware of a security breach or fraudulent access to its Corporate Account or if the Corporate Account has been compromised or misused or where it knows or believes the Administrator’s login credentials are compromised or lost, the Customer must inform Boya without delay for the purpose of blocking the Corporate Account and/or access to the Boya Dashboard or the Boya App, indicating the reasons why the blocking is requested.

2.8.4.This blocking request must be made:

2.8.4.1. by email to [email protected]; or

2.8.4.2. by using the chat function on the Boya Dashboard.

2.8.5.Boya cannot be held liable for the consequences of a blocking request that does not come from the Customer or a duly Authorised User.

2.8.6.The Customer shall be responsible and liable for any actions or failure to act on the part of Administrators, where the Corporate Account is compromised. Possible scenarios of compromise may include; but are not limited to:

2.8.6.1. Compromise of the Customer’s web account; or

2.8.6.2. Compromise of an employee’s mobile app account; or

2.8.6.3. Where the Customer’s virtual card details are disclosed to unauthorised persons; or

2.8.6.4. Where the Customer’s physical card is stolen.

2.9. Security

2.9.1.You are responsible for assessing the security requirements of your business and selecting and implementing security procedures appropriate to mitigate your exposure to potential security incidents. This responsibility includes selecting appropriate administrative, procedural, and technical controls that are appropriate to protect the Corporate Account.

2.9.2.Customer is solely responsible for all transactions initiated through the Services using login credentials and for all transactions initiated in Customer’s name that are authenticated using the login credentials.

2.9.3.You will be bound by any Transaction, even if it is not authorized, if the Transaction is initiated under your login credentials or processed in accordance with your instructions.

2.9.4.We may help you resolve unauthorized transactions, but you acknowledge and understand that you are responsible for any financial loss caused by Administrators, Authorised Users, or other persons given access to the Services or your Corporate Account, and any financial for loss due to compromised login credentials or due to any unauthorized use or modification of your Corporate Account orthe Services. Boya is notliable orresponsible to you, and youwaive any right to bring a claim against us, for any such losses.

2.9.5.We may suspend or terminate access to your Corporate Account or the Services at any time and for any reason, in our sole and absolute discretion, without prior Notice. Some of the reasons we may suspend access to your Corporate Account include: if we believe your Corporate Account has been compromised; if we believe that not doing so may pose a risk to you, Boya, or any third parties; if Customer data or personal data is incomplete, inaccurate, or out of date; if we believeyou have violated these Terms or the law; or if we are required to do so by a Third-Party Provider or by law. Where Boya decides to terminate your account, we shall communicate this decision to you and reverse your funds in within 90 days of the termination. The reversal of funds shall be subject to any legal obligations that Boya may have in relation to the Customer’s account.

3. CUSTOMER OBLIGATIONS AND RESPONSIBILITIES

3.1. General

Subject to the terms of this Agreement, the Customer shall:

3.1.1.appoint the Administrator and update Boya with all information of the Administrator as necessary to ensure that the information is current, accurate and complete;

3.1.2.keep all administrative login credentials for the Boya App or Boya Dashboard confidential acknowledging that it shall be responsible for all the activity taking place in the Boya App or Boya Dashboard under such credentials;

3.1.3.only permit an Administrator and directors of the Customer to accessthe Boya Dashboard;

3.1.4.keep and maintain an accurate list of current Authorised Users and Administrators authorised to use Cards;

3.1.5.train Authorised Users on how to access and use the Boya App;

3.1.6.process Dashboard Data for administrative purposes, to manage access control and for activity review purposes;

3.1.7.comply with all applicable laws including but not limited to the Proceeds of Crime and Anti- Money Laundering Act (No 9 of 2009), the Prevention of Terrorism Act (No 30 of 2012), the Prevention of Organised Crime Act (No 121 of 1998), the Anti-Corruption and Economic Crimes Act (No 3 of 2003), the Data Protection Act, (No 24 of 2019, Laws of Kenya) and the EmploymentAct (No 11 of 2007, Laws of Kenya);

3.1.8.implement appropriate technical and organizational measures to protect Dashboard Data against unauthorised or unlawful processing and against unauthorised loss, destruction, damage, alteration, or disclosure, as well as any breach of the Customer ’s security measures (Information Security Incident)

3.1.9.promptly notify Boya if Customer learns or has reason to believe that an Information Security Incident has occurred in relation to Dashboard Data. This notification should include at least: the nature of the breach of security measures; the potentially compromised personal data and data subjects; the duration and expected consequences of the Information Security Incident; and any mitigation or remediation measures taken or planned in response to the Information Security Incident;

3.1.10. protect all Intellectual Property Rights of Boya which the Customer has access to; and

3.1.11. use the Corporate Account and Dashboard solely as set forth in this Agreement;

3.1.12. ensure that Users are aware of and agree to abide by the terms of these Terms, the Privacy Policy and all applicable law in connection with their use of the Services;

3.1.13. obtain appropriate consent and authorization to provide Authorised Users’ personal information, and ensuring that Authorised Users are aware of and have reviewed the Privacy Policy and understand how we process their personal information;

3.1.14. ensure that Authorised Users are aware of, accept, and comply with the Individual User Terms

3.1.15. ensure that Authorised Users use the Services only for valid, lawful business purposes and not for any personal, family, or household use;

3.1.16. be liable for any breach or violation by its Authorised Users of these Terms or any of the agreements, terms, and policies incorporated by reference.

3.1.17. be responsible for ensuring that Administrators, Authorised Users, and any other persons affiliated with Company communicate respectfully and refrain from using any form of disrespectful, harassing, abusive, or hate speech with Boya team members. If Boya receives reports of any such behavior by representatives of your Company towards our team, we may contact your Administrator, suspend access to Customer’s Corporate Account and the Services, or close your Corporate Account.

3.2. Supply and update of information

3.2.1.The Customer undertakes to provide Boya with all the information and/or documents necessary for the proper performance of the Services and, more generally, to actively  cooperate with Boyafor the proper performance hereof. If the Customer does not comply with this obligation, Boya reserves the right to suspend the Services until the required information or documents are obtained.

3.2.2.The Customer guarantees to Boya that all information and documents that it provides to Boya, including those provided on the Boya App and Boya Dashboard and those concerning each Authorised User, are accurate, up-to-date and true on the day they are communicated to Boya and are not vitiated by any misleading nature or likely to mislead.

3.2.3.If the information and/or documents provided become inaccurate or obsolete during the term of the Agreement, the Customer undertakesto update them and/orsend an updated version of the documents concerned to Boya as soon as possible.

3.2.4.It is the Customer's responsibility to formally notify Boya of any change in the information concerning it. Boya is not liable for any damage that may result from an inaccuracy or change about which it has not been notified.

3.3. Compliance with regulations

3.3.1.The Customer undertakes, for itself and for each of the Administrators and Authorised Users, to (i) comply with these the Terms, (ii) comply with the laws and regulations in force and not to infringe the rights of third parties or public order and (ii) only perform activities that comply with the applicable laws and regulations.

3.3.2.The Customer shall indemnify Boya and shall pay any fine, financial penalty or damages incurredby Boya resulting from an activity of the Customer that would be illegal, unlawful or unethical.

3.4. Use of the Boya App and Boya Dashboard and Services

The Customer undertakes, for itself and for each User:

3.4.1.not breach or attempt to breach, scan or test the vulnerability of the security system and related systems of the Boya App and Boya Dashboard;

3.4.2.not to access or attempt to access any data that is not intended for the Customer;

3.4.3.to refrain from interfering with the normal functioning of the Boya App and Boya Dashboard or performing any action that could cause the interruption or deterioration of one or more Services;

3.4.4.not to upload to the Services, display, send by email or otherwise transmit any material containing software viruses or other computer codes, files or programs designed to interrupt, destroy or limit the functionality of the Boya App and Boya Dashboard; and

3.4.5.not attempt to interfere with the Services of any other customer or user, host or network, including, but not limited to, exposing the Services to a virus, creating a server overload, flooding the server, flooding the messaging services.

3.4.6.The Customer acknowledges having read about the characteristics and constraints, in particular technical, of all the Services. The Customer is solely responsible for its use of the Services.

3.4.7.The Customer is informed and accepts that the use of the Services requires an internet connection and that the quality of the Services depends directly on this connection as well as on computer hardware and/or third-party software, for which the Customer is solely responsible.

3.5. Personal use of the Boya App and Boya Dashboard and Services

3.5.1.The Customer undertakes to use the Boya App and Boya Dashboard and the Services on a strictly personal basis, and not to allow any third party to use them on its own behalf, except to bear full liability for such use. Authorised Users may only use the Boya App and Boya Dashboard and Services in the name and on behalf of the Customer.

4. Boya Obligations

4.1. Subject to the Customer abiding by these Terms, Boya agreesto:

4.1.1.provide the Services to the Customer;

4.1.2.provide technical advice and assistance to the Customer as may be reasonably necessary for the use of the Services;

4.1.3.train the relevant members of the Customer ’s team on how to use the Boya App and Boya Dashboard, including the requisition for Cards, activation of Cards, setting limits, and monitoringexpenditure; and

4.1.4.take all reasonable steps to ensure that any system malfunctions to the Boya App or Boya Dashboard are rectified in the shortest time possible.

4.2. While Boya strives to provide Customers with services of the highest quality, we cannot guarantee that the Services will be completely free of errors or defects or be available on an uninterrupted basis. In addition, the Services are standard and are therefore notoffered solely for a given Customer, depending on its own personal constraints, or to specificallymeet its needs and expectations.

4.3. Boya undertakesto:

4.3.1.do its best to ensure the security of the Boya App and Boya Dashboard;

4.3.2.inform the Customer of any reasonably foreseeable difficulty, in particular with regard to the implementation of the Services or the proper functioning of the Boya App and Boya Dashboard;

4.3.3.notify Customers in good time when carrying out Updates to the Boya App and Boya  Dashboard;and

4.3.4.regularly carry out checks to verify the functioning and accessibility of the Boya App and Boya Dashboard.

4.4. Boya reserves the right to at any time modify the technical means of access to the Services and/or to the Boya App and Boya Dashboard based, in particular, on the evolution of the technology or its service offer. It is the Customer's responsibility to ensure that the software or telecommunications tools or hardware at its disposal are adapted to these developments.

5.Partnerships

5.1. In order to provide the Services in a manner that meets the expectations of both Customers and the Regulator, Boya may partner with banks, mobile money service providers, card schemes and other third parties.

5.2. Where any partnership has a direct impact on the Customers’ use of the Services, Boya shall include the terms of the partnership as an addendum to these Terms and Conditions; or notify the Customer of the partnership for purposes of obtaining the Customer’s acceptance to continue to use the Services

6. Fees

6.1. We may charge a fee for some Services, including periodic fees, Card transaction fees, usage fees, service fees, card processing fees and fees applicable to certain transactions. We will also disclose feesto you when opening your Corporate Account, when you start using a new Service, or through our website. We may update, add, or change fees upon reasonable notice.

6.2. Any accrued or incurred Fees shall be directly debited from the Corporate Account.

6.3. Where there is a dispute on the Fees, the parties shall hold a meeting within seven (7) Business Days upon request of the disputing party to compare statistics and other pertinent information necessary to reach an amicable conclusion. Such a meeting may be held by way of a telephone, video conference or other suitable means of communication provided that the representatives of Boya and the Customer can communicate effectively. In the event the meeting does not resolve the dispute, either Party shall be free to initiate the mechanism in clause 30.

7. Rewards

Boya may determine when, how, and under what conditions you or your authorised Users may qualify for, accrue, redeem and retain rewards, and Boya may modify these conditions with or without notice to you. Certain Services may not be eligible for rewards. Rewards may be subject to caps, revocation, or forfeiture as set forth in the Rewards Terms. All rewards offered are subject to the Rewards Terms.

8. Changes to the Services and Notices

8.1. We may add Services or modify existing Services at any time. Some of these Services will be subject to additional terms. You acknowledge and understand that in order to use certain Services, you must agree to the additional terms that we will provide, and which will be incorporated by reference and form a part of these Terms.

8.2. We do not guarantee that each of the Services will always be offered to you, that they will be available to you, or that you will qualify or be able to utilize any particular Service. Services will change from time to time, and certain Services may be discontinued or others may be added. Where there is a change, addition or discontinuation of our Services, we shall notify you of the same within 120 days of the change.

8.3. We will provide Notices regarding certain activity and alerts to your Corporate Account electronically through your Corporate Account, email, push notification, or via text or SMS to the contact information provided to us by Administrators and Authorised Users.

8.4. Notices regarding Transactions, legal terms, and any other important Notices related to your Company’s Corporate Account will be sent to your Administrators through your authorised email and are considered received 24 hours after they are sent. You understand that you may not use the Services unless you consent to receive Notices electronically. You may only withdraw consent to receive Notices electronically by closing your Corporate Account.

8.5. We may send Notices to Authorised Users’ mobile phones through push notifications, text or sms messages to the mobile phone numbers provided to us by Administrators or Authorised Users. These Notices may include alerts about Services or Transactions and may allow Administrators and Authorised Users to respond with information about Transactions or Company’s Corporate Account. You authorize Administrators to take any available actions, subject to limitations based on permissions and authorization. Administrators and Authorised Users may elect to not receive certain Notices via text or sms, but this will limit the use of certain Services and may increase the financial risks to Company including losses caused by lost orstolen login credentials.

8.6. We may send text or sms messages to Administrators and Authorised Users in connection with use of login credentials (such as through multi-factor authorization), to allow us to verify their identity, to provide other information about your Corporate and for other purposes that we identify and that are available through your Corporate Account.

8.7. Administrators and Authorised Users are required to maintain updated web browsers, computers, and mobile device operating systems to receive Notices correctly. Administrators and Authorised Users are responsible for all costs imposed by their respective Internet or mobile service providers for sending or receiving Notices electronically.

9.Updates to Company Information

9.1. You will keep Customer Data and each Authorised User’s personal data current, complete, and accurate in your Corporate Account at all times whether we provide you with full or provisional access.

9.2. At any time during your use of the Services, we may require additional information from you, including Customer Data (such as copies of government-issued identification, business licenses, or other information related to your business) and personal data (such as copies of governmentissued personal identification and proof of address) to verify beneficial owners, validate information you provided, verify the identity of Administrators or Authorised Users, andassess Customer’s financial condition and business risks.

9.3. Company must be duly organized and in good standing under the laws of its jurisdiction of organization throughout the term of their use of these Services.

9.4. You will promptly notify usin writing if any of the following occur: 9.4.1.the nature of your business changes significantly;

9.4.2.there is any change of beneficial owners;

9.4.3.there is any material change in the control or ownership of your business (whether direct or indirect) or you transfer or sell 25% or more of your total assets;

9.4.4.there is any planned or anticipated liquidation, or voluntary bankruptcy or insolvency proceeding

9.4.5.you are the subject of an inquiry, proceeding, investigation, or enforcement action promulgated by any regulatory authority;

9.4.6.you are party to a litigation in which claims are asserted that would, if sustained in a legal proceeding or alternative dispute resolution forum, result in a material impact to Customer’s financial condition;

9.4.7.you receive a judgment, writ or warrant of attachment or execution, lien, or levy against 25% or more of your total assets; and

9.4.8.you begin engaging in any illegal activities.

10.Content

10.1.The information we provide on our website and in our other communications is meant to inform you. We may modify or update such information without prior notice. We advise you to doublecheck and verify any information you receive from us before making any decisions based on it. You remain solely responsible for any and decisions that you make based on the information provided on our website and in other communications from us.

10.2.Information we provide on our website and in other communications to you may contain thirdparty content or links to third-party sites and applications. We do not control any such third-party content, sites, or applications, and we are not responsible or liable for the availability, accuracy, completeness, or reliability of third-party content or for damages, losses, failures, or problems caused by, related to, or arising from such third-party content or the products or practices of third parties.

11. PROCESSING OF COMPLAINTS

11.1.Any claim related to the provision of the Services must be sent by the Customer to Boya 's customer service:

11.1.1. either by email to the following address:[email protected]; or

11.1.2. by mail to the address of Boya ’s registered address at P.O. Box 245111-00502, Nairobi, Kenya; or

11.1.3. by using the chat function on the Boya App or Boya Dashboard.

12.TELEPHONE RECORDINGS

Telephone conversations with Boya staff may be recorded by Boya or any company appointed for this purpose, in order to improve the quality of the Services for the Customer.

13.INTELLECTUAL PROPERTY

13.1.Boya and its Affiliates are and shall remain the owners of all right, title and interest in all the Intellectual Property Rights connected to or arising from this Agreement and all data generated or provided pursuant to this Agreement.

13.2.The Customer shall give notice to Boya of any Intellectual Property Rights infringement as soon as reasonably practicable on becoming aware of it.

13.3.The Customer agreesthat no intellectual property right is transferred to the Customer concerning any of the elements of the Services and the Boya App or Boya Dashboard made available to it under these Terms, including software, structures, infrastructure, source codes, databases, know-how, user interface, photos, brand, interactive elements or any content of any kind (texts, images, visuals, music, logos, brands, database, etc.) operated by Boya and the technical documentation that may be provided by Boya to the Customer.

13.4.Subject to the payment of the https://calendly.com/alphas-x/boya-interviews due to Boya and the stipulations and limits provided for in these Terms, Boya grantsthe Customer a personal, nonexclusive and non-transferable licence to use the Boya App and Boya Dashboard and Services for its own purposes only. This right is granted for the duration of provision of the Services.

13.5.The Customershall refrain from carrying out:

13.5.1. any adaptation, modification, duplication, decomplication, disassembly or reproduction of  the Services, the Boya App and Boya Dashboard, regardless of its nature, extracting it in whole or in part and, in general, is prohibited from any act that would infringe the rights of Boya and/or its suppliers;

13.5.2. any reproduction of the Boya App and Boya Dashboard, by any means whatsoever and on any medium whatsoever;

13.5.3. any form of use of the Boya App and Boya Dashboard and associated documentation, in any manner whatsoever, for the purposes of design, production, distribution or marketing of similar,equivalent or substitute software;

13.5.4. any adaptation, modification, transformation, translation, or arrangement of the Boya App and Boya Dashboard for any reason whatsoever, in particular with a view to the creation of derivative or entirely new software, including to correct errors;

13.5.5. any direct or indirect transcription, or any translation of the Boya App and Boya Dashboard into other languages;

13.5.6. any modification or circumvention of the protection code such as, in particular, access codes or usernames; and/or

13.5.7. any deletion, partial or total modification of existing notices relating to copyright, trademark rights and more generally intellectual property rights, affixed to the Boya App and Boya Dashboard;

13.5.8. decompiling, disassembling, reverse engineering or otherwise attempting to derive the source code or underlying technology, methodologies or algorithms of the Boya App and Boya Dashboard; or

13.5.9. sublicense, lease, rent, sell, give, or otherwise transfer or provide the Boya App and Boya Dashboard (or part of it) to any third party.

13.6.The Customer authorises Boya to mention its name and logo as a commercial reference and for the promotion of its activities on any medium and worldwide.

14.PROHIBITED USAGE & CONDUCT

14.1.Your Corporate Account and the Services may not be (a) used for any purpose that is unlawful or prohibited by these Terms, (b) used for any personal, family, or household use, (c) used for any transaction involving any illegal activities, (d) provided to or used for any transaction involving a Prohibited Person (e) used by third parties unaffiliated with Customer, or (f) used for any purpose not related to the business of Customer.

14.2.Customer agrees to not use the Services to:

14.2.1. Conduct any business that is unlawful, harmful, threatening, abusive, harassing, tortuous, defamatory, vulgar, obscene, libelous, invasive of another’s privacy, hateful, or racially, ethnically or otherwise objectionable;

14.2.2. Impersonate any person or entity, including, but not limited to, a Boya official, fellow user, or falsely utter or otherwise misrepresent your affiliation with a person or entity;

14.2.3. Forge headers or otherwise manipulate identifiers in order to disguise the origin of any content transmitted through the Service;

14.2.4. Conduct any business that causes or permits the uploading, posting, emailing, transmission or otherwise making available any content or information that you do not have a right to make available under any law or under contractual or fiduciary relationships (such as inside information, proprietary and confidential information learned or disclosed as part of employment relationships or under nondisclosure agreements);

14.2.5. Conduct any business that infringes any patent, trademark, trade secret, copyright or other proprietary rights (“Rights”) of any party;

14.2.6. Conduct any business whether unsolicited or not, relating to or remotely connected to SPAM, junk mail, pyramid schemes, pornography, gambling or any other form of solicitation;

14.2.7. Conduct any business that causes or permits the uploading, posting, emailing, transmission or otherwise making any material that contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment;

14.2.8. Conduct any business that interferes with or disrupts the Service or servers or networks connected to the Service, or disobeys any requirements, procedures, policies or regulations of networks connected to the Service;

14.2.9. Conduct any business that intentionally or unintentionally violates any applicable local, or international law, including, but not limited to, laws and regulations promulgated by any regulations having the force of law;

14.2.10. Collect orstore personal data about other users without their express authority.

14.3.We will not approve and may terminate Corporate Accounts that we know or believe are engaged in any illegal activities or otherwise do not comply with these restrictions.

14.4.You agree to indemnify Boya against all legal action brought against it and pay all Fines assessed against Boya arising from your violation of the restrictions and requirements of thissection or any use of the Services in connection with any illegal activities.

15.Consent to Collection, Use and Processing of Data

15.1.We process Personal Data in accordance with the Boya Privacy Policy. You acknowledge, understand, and agree that we will collect, process, and share Customer Data and Personal Data to provide the Services in accordance with these Terms and the Privacy Policy.

15.2.Boya and/or its Third Party Providers may collect certain Customer data, Customer data, Transaction data related to purchases made from the Customer with registered Cards.

15.3.To facilitate the collection and use of data:

15.3.1. the Customer, its employees, and/or appointed agents authorize Boya and its Third Party Providers to use the Customer data, Customer data, Transaction data as allowed by the Data Protection Act; and as contemplated by and infurtherance ofthe objectives ofthis Agreement and to provide the Services, including for determining the qualification of Customer transactions for identifying and tracking participating Customer members activity;

15.3.2. Customer authorizes Boya to list Customer as a participating Customer on the Boya App;

15.3.3. Customer permits the monitoring, collection, use, disclosure and sharing of Customer data, Customer data, Transaction data and related Card Data (defined below) for the purpose of enabling the Services;

15.4.Boya agrees that it will only use Customer data, Customer data, Transaction data provided to it in connection with this Agreement for purposes of fulfilling its obligations to the Customer(s) and the Customer in connection with the execution of this Agreement.

15.5.Customer consents to the access and processing of Customer data, Transaction data collected in connection with the Services, and acknowledges and agrees that Boya and its Third Party Providers may use such data for purposes of generating anonymous, aggregated, statistical models and compilations, trend analyses, program performance analyses, benchmarking, the development of case studies and for internal business purposes so long as such data is not publicly attributable to and no reference is made to the Customer, and that such data may be otherwise used by Boya and its Third Party Providers in accordance with its Card terms and conditions.

15.6.The terms and conditions of the Boya Privacy Policy shall apply to this Agreement.

16.Customer Data Rights

16.1.If Customer is provided with any non-aggregated Transaction data relating to the use of Cards (Card Data), Customer shall use such data solely for purposes of completing or validating Transactions and not for any marketing, modelling or for any other purposes, and to retain such data only for so long as it has a legitimate business need to retain them for such purposes.

16.2.Customer acknowledges and agrees that neither Boya nor its Third Party Providers make any representations or warranties as to the accuracy or availability of Card Data, and that the foregoing data rights are subject to change if the corresponding rights derived from the Financial Institutions or Sponsor Banks are hereafter restricted or modified.

16.3.Where, for any reason, a data provider no longer provides Transaction Data to Boya, we reserve the right to limit or discontinue the Services under this Agreement to the extent in which they are impacted by such loss of data.  

16.4.Customershall at all times comply with all applicable data protection laws

17. SUSPENSION

17.1.Boya may, with reasonable notice where practicable, suspend the availability of the Service to the Customer wholly or partially for any valid reason, including without limitation, where (i) the Customer breaches these Terms, (ii) the Service is used in a manner contrary to the representations made to Boya by the Customer or in a manner inconsistent with the conditions of any approval granted to the Customer; (iii) investigations are contemplated or ongoing and Boya reasonably believes that suspension of the service is likely to facilitate the investigations; (iv) any approval for the Service granted to the Customer issubsequently revoked or expires.

17.2.In the event of suspension, Boya shall give the Customer reasonable notice (Suspension Notice) to remedy the cause of the suspension failure to which Boya shall be at liberty to terminate this Agreement.

17.3.Upon the issuance of a Suspension notice, Boya shall facilitate the settlement of all accumulated payments in the Boya Account subject to any legal obligations that Boya may have in relation to the Customer’s account.

17.4.Upon conclusion of investigations, Boya may either reinstate the Services or terminate the Services in accordance with the provisions of clause 18.

18. TAXES

Boya operates solely as a service provider and is not a tax agent for revenue authorities. Any tax obligations that may arise from the Customer’s use of the Services shall be the sole responsibility of the Customer; and the Customer shall be solely accountable for any outcome or implication of using the Services in relation to their tax obligations. The Customer shall indemnify Boya against any consequences of or in connection with their failure to fulfil their tax obligations.

19. TERMINATION

19.1.This Agreement is in effect from the date Customer clicks to accept until:

19.1.1. either Party providessixty (60) days written notice of termination,

19.1.2. automatically if Customer materially breaches this Agreement and fails to cure within thirty (30) days after notice of said breach;

19.1.3. without notice to Customer if Customer enters receivership, administration, insolvency or bankruptcy, or initiates insolvency or bankruptcy proceedings;

19.1.4. without notice to Customer if Boya, in its sole discretion, determines that Customer’s actions and practicesrelating to Boya are commercially unreasonable towards Boya,the Boya App, other Boya Customers or Customers; or

19.1.5. on the occurrence of a Force Majeure Event.

19.2.For the purposes of clause 18.1.2 material breach means a breach that is serious and has an effect, substantial or otherwise on the performance of this Agreement in the reasonable opinion of Boya.

19.3.In addition to clause 18.1, Boya does not permit Customers to accept Cards for products or services that are deemed illegal under applicable law. If, in Boya’s sole discretion, the products or services offered by Customer are deemed illegal, Boya may immediately suspend the Services and thereafter, at its sole discretion terminate this Agreement pursuant to clause 18.1.2.

19.4.The expiration or termination of this Agreement shall be without prejudice to all accrued rights and obligations of the Parties under this Agreement and to all obligations under this Agreement expressed to continue or take effect after expiration or termination.

19.5.This clause shallsurvive the termination of this Agreement.

20. Amendment Of These Terms

20.1.Boya reserves the right to at any time amend all or part of these Terms.

20.2.Any proposed amendment of these Terms will be sent by Boya to the Customer, on the Boya App and Boya Dashboard and/or by email, no laterthan one (1) month before the date proposed for its entry into force. The Customer shall be deemed to have accepted the proposed amendment if it has not notified Boya, before the proposed effective date of these amendment, that it has not accepted them.

20.3.If a change is not acceptable to Customer, Customer can terminate this Agreement by providing notice of termination to Boya within thirty (30) days from the date of the change. Notice of termination must be in writing.

20.4.Boya may not under any circumstances be held liable for any damage, in any respect whatsoever, in connection with the modification of the Terms if the Customer refrains from terminating the Terms and continues to use the Services after the effective date of the modifications

21. Warranties and Representations

21.1.By registering for the Services, the natural person submitting the application represents and warrants in an individual capacity and as an authorized representative of the Customer that:

21.1.1. Customer has the authority to enter into this agreement and to fully perform its obligations hereunder,

21.1.2. this Agreement does not and will not conflict with any of Customer’s obligations to any third parties

21.1.3. Customer complies and will comply with all applicable laws and regulations.

21.1.4. Customer is a business entity that is organized, registered, and located in Kenya;

21.1.5. Customer is validly existing and in good standing in its jurisdiction of organization;

21.1.6. Customer is not engaged in any illegal activities;

21.1.7. The natural person who registers the Customer for the Services is authorized to provide information about the Customer, submit the application on behalf of the Customer, enter into binding agreements on behalf of the Customer, and manage the Customer’s Corporate Account

21.1.8. The natural person who applies for a Corporate Account on Customer’s behalf is not and is not affiliated with a Prohibited Person. For the purpose of this clause, a Prohibited Person is any individual or organization that is subject to sanctions in any country in the world, or is subject to any law, regulation, or other list of any government agency that prohibits or limits Boya from providing a Corporate Account or Services to such person or from otherwise conducting business with the person.

21.1.9. All information you provide to us is and will be current, accurate, and complete

21.1.10. Customer will use its Corporate Account exclusively for business purposes and not for any personal, family, or household use.

21.1.11. Customer has reviewed these Terms and the terms, agreements, or policies incorporated by reference

22. Limitation of Liability and Indemnity

22.1.The Customer understands and acknowledges that Boya operates solely as a financial technology company, and is not a financial institution, a credit reporting institution or a bank. The responsibilities of Boya are limited to the provision of the Services; and Boya shall not be held liable for any loss, damage or claims arising from or in relation with the use of the Services.

22.2.The Customer acknowledges that Boya’s acceptance of the Customer as a Customer shall not be interpreted as an advice or opinion as to the legality of the Services and/or of the Customer’s intended use of the Services and the Customer shall indemnify and hold Boya harmless from any loss resulting from the use of the Services in any other intended manner other than as set out in this Agreement.

22.3.Boya and its Third Party Providers provide their respective services “as is.” Boya and its Third Party Providers disclaim any and all promises, representations, and warranties, express or implied, with respect to this agreement and any other data, information, or other material furnished to customer hereunder and warranties of non-infringement, title, customerability, or fitness for a particular purpose or use. Neither Boya nor any of its Third Party Providers warrant that the Boya app or site, any internet connections, or third party connectivity, will operate uninterrupted or error-free. Boya and its third party providers disclaim any and all liability arising from the  transmission of information over the internet, or any impairment or disruption of the internet. If and to the extent that the services provided hereunder are delayed, suspended or terminated for reasons beyond Boya’s or its Third Party Provider’s reasonable control, including the inability or unwillingness of third parties to provide supportive services, Boya and its Third Party Providers hereby disclaim any and all liabilities associated therewith.

22.4.In no event shall Boya or its Third Party Providers be liable to Customer or to any third party for any loss of profits, business interruption, loss of business data or other intangible losses; any incidental, special, exemplary, or consequential damages; or any claims or demands brought against Customer, even if Boya has been advised of the possibility of such damages.

22.5.Boya shall not be held liable for any fraudulent or unauthorised transactions conducted using a Card.

22.6.Without prejudice to the foregoing, the Customer shall indemnify and keep Boya indemnified from, defend Boya against, and pay any final judgment awarded against Boya, resulting from third party claims arising from the use of the Services leading to loss or damage (including consequential loss or damage) where the proximate cause of such loss or damage is attributable to the Customer’s negligence, recklessness, indifference, delay or failure.

22.7.Boya shall not be liable to the Customer or any other person where:

22.7.1. the amount sought to be utilised by an Authorised User is below the minimum or above the maximum limits for transactions as prescribed on the Boya Dashboard;

22.7.2. the Customer or the Authorised Users has entered incorrect details and the payment is made to the wrong Authorised User or wrong merchant respectively;

22.7.3. the Customers’ hardware,software orinternet providers’service is not functioning properly;

22.7.4. the Transaction issuspicious or fraudulent resulting in lossesto a third party;

22.7.5. the transaction detailsreceived do not contain the correct information;

22.7.6. the Customer’s receipt of funds is intercepted by legal process or other encumbrance restrictingthe transfer; or

22.7.7. unforeseen circumstances prevent the execution of a Transaction despite any reasonable precautions taken by Boya.

22.8.Customer shall defend, indemnify and hold harmless Boya and its Third Party Providers, and their respective affiliates, directors, officers, employees, agents, successors, heirs and assigns (collectively, the “Indemnitees”), from and against any and all losses, costs, taxes, liabilities, damages, fines, injuries, interest or expenses (including reasonable attorneys’ fees and costs of investigation and defence) suffered or incurred by any Indemnitee (collectively, “Losses”) to the extent such Losses are attributable to any Customer or third party claims, actions or proceedings (collectively, “Third Party Claims”) arising from, based upon or related to: (a) a claim that any Customer Trademark infringes or otherwise violates any third party intellectual property or other proprietary rights or privacy rights or otherwise violates law; (b) any violation of law (including applicable data protection laws) or breach of any covenant, representation or warranty hereunder by Customer; (c) any fraudulent or unauthorised transactions conducted using a Card (including payment defaults); (d) any violation of applicable data protection laws, and (e) any Customer tax liability arising from this Agreement. Customer shall pay any judgments, settlement amounts, reasonable legal fees and other costs and expenses of litigation incurred by an Indemnitee of such Third Party Claims. The foregoing indemnity obligation shall survive any termination or expiration of this Agreement.

22.9.Notwithstanding any provision set out in this Agreement, Boya’s total liability for any cause of action, claim, damages, fees, costs or expenses, excluding claims under this section (Indemnification), shall be limited to the amount of any fees paid by Customer to Boya under this Agreement during the six (6) months immediately preceding the date on which the claim at issue accrued.

23. Confidentiality Obligations

23.1.The Parties, to the extent of their contractual and lawful right to do so, will exchange proprietary or confidential information as reasonably necessary for each to perform its obligations under this Agreement. All information relating to this Agreement provided by either party (the Disclosing Party) to the other (the Receiving Party), whether oral or written, and when identified as confidential or proprietary in writing, is hereby deemed to be confidential and proprietary information.

23.2.The Receiving Party undertakesthat it shall:

23.2.1. keep the Confidential Information secret and confidential;

23.2.2. not use or exploit the Confidential Information in any way, except for the purposes of the Agreement,

23.2.3. not directly or indirectly disclose or make available any Confidential Information in whole or in part except as expressly permitted in this Agreement;

23.2.4. not make a copy of, reduce in writing, reproduce, transform, store or otherwise record the Confidential Information in an externally accessible computer or electronic information retrievalsystem or transmit it in any form or by any means outside its usual place of business;

23.2.5. apply the same security measures and degree of care to the Confidential Information as the Receiving Party applies to its own confidential information, which the Receiving Party warrants as providing adequate protection from unauthorised disclosure, copying or use; and

23.2.6. ensure that any document or other records containing Confidential Information kept at its registered address is not removed from the registered address through physical or electronic means.

23.3.The Receiving Party shall establish and maintain adequate security measures (including any reasonable security measures proposed by the Disclosing Party from time to time) to safeguard the Confidential Information from unauthorised access or use.

23.4.A Receiving Party will not be liable for disclosure of Confidential Information, or part thereof, if the Receiving Party can demonstrate that such Confidential Information:

23.4.1. was in the public domain at the time it was received or subsequently entered the public domain through no fault of the Receiving Party;

23.4.2. was known to or was in the possession of the Receiving Party at the time of receipt; and

23.4.3. became known to the Receiving Party from a source other than the Disclosing Party without breach of an obligation of confidentiality.

23.5.It is hereby acknowledged and agreed that Boya may preserve the Customer’s Confidential Information and may also disclose the Customer’s Confidential Information if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal process; (b) enforce the terms of this Agreement; (c) respond to claims that the Customer’s use of the Boya Service violates the rights of third-parties; or (d) protect the rights, property, or personal safety of Boya, its subscribers and the public.

23.6.Customer shall not make available to any third party any Confidential Information (including without limitation, Customer names, phone numbers, transaction data, etc.) unless compelled by law to do so.

23.7.In the event of any legal action or proceeding or asserted legal requirement for disclosure of Confidential Information furnished hereunder, the Receiving Party will promptly notify the Disclosing Party and, upon the request and at the expense of the Disclosing Party, will co-operate, to the extent permitted by law with the Disclosing Party in lawfully contesting such disclosure. Except in connection with any failure to discharge its responsibilities under the preceding sentence, the Receiving Party will not be liable for any disclosure pursuant to any court order or other lawful and proper demand by any competent authority.

23.8.Confidential Information willremain the property of the Disclosing Party and will, at the Disclosing Party's request and after it is no longer needed for the purposes of this Agreement, promptly be returned thereto or destroyed,together with all copiesmade by the Receiving Party and by anyone to whom such Confidential Information has been made available by the Receiving Party in accordance with the provisions of this clause 22.

23.9.The Disclosing Party may request at any time by notice in writing that the Receiving Party (to the extent practicable):

23.9.1. destroys or returns to the Discloser all documents, materials and any copies containing, incorporating or connected to the Disclosing Party’s Confidential Information; and or

23.9.2. erases all the Confidential Information from its computer and communications systems  and devices used by it, or which is stored in electronic form.

23.10. The Receiving Party shall certify the Disclosing Party, in writing, that it has complied with the requirements of clause 22.9 of this agreement upon completing the destruction, return and or erasure of the Confidential Information.

23.11. If the certification by the Receiving Party under clause 22.10 is not conclusive proof of destruction and the Disclosing Party may seek additional evidence of the Receiving Party’s compliance with clause 22.9of this Agreement.

23.12. The obligations under this clause 22 shallsurvive termination of this Agreement.

24. Non-compete and non-solicitation

24.1.The Customer undertakes that it will not (either on its own behalf or for or with any other person, whether directly or indirectly) without the express written consent of Boya, undertake competing business to that of Boya at any time during the term of this Agreement or for twelve (12) months after the termination of this Agreement howsoever terminated.

24.2.The Customer undertakes that it will not (either on its own behalf or for or with any other person, whether directly or indirectly) without the express written consent of Boya, employ or otherwise engage any person who is or was the other party’s employee, director, officer, agent, consultant or associate at any time during the term of this Agreement or for twelve (12) months after the termination of this Agreement howsoever terminated

25. Independent Development

Boya retains the rights to develop, acquire, licence, promote or distribute products or technologies that perform the similar functions as the Services

26. Further Assurance

26.1.The Customer shall at any time if and when reasonably required by Boya to do such action as may be required to give full effect to this Agreement.

26.2.Boya shall be entitled to place reliance upon and to act on any notice, confirmation, certificate, information or correspondence received (whether in writing or electronic form) from Customer in connection with this Agreement and Boya shall not be under any obligation or duty to consider the genuineness authenticity or correctness of any such notice, confirmation, certificate, information or correspondence.

27. Force Majeure

27.1.Where a party to this Agreement is prevented, hindered or delayed in performing any of its obligations under this Agreement by a Force Majeure Event, the affected Party shall not be in breach of this Agreement or otherwise liable for any such failure or delay in the performance of its obligations.

27.2.As soon and reasonably practicable after the start of a Force Majeure Event the affected party shall:

27.2.1. notify the other party in writing of the Force Majeure Event, the date on which it started, its likely or potential duration, and the effect of the Force Majeure Event on its ability to perform any of its obligations under the agreement; and

27.2.2. use all reasonable endeavours to mitigate the effect of the Force Majeure Event on the performance of its obligations.

27.3.Upon notification of the Force Majeure Event, the corresponding party shall suspend the performance of this Agreement until the Force Majeure Event ceases. 27.4.Either party may terminate this Agreement in the event that the Force Majeure Event lasts for more than sixty (60) days from the date of notification

28. Notices

28.1.All notices or other communications to be given under this Agreement shall be made in writing, and sent by letter, e-mail transmission (save as otherwise stated).

28.2.Any notice or communication given under this Agreement shall, in the absence of earlier receipt, be deemed to have been duly given as follows:

28.2.1. in the case of personal delivery, when delivered;

28.2.2. in the case of e-mail, when a delivery-receipt has been received by the sender in respect of the email address notified or an acknowledgement of the e-mail by the recipient sent to the sender; or

28.2.3. in the case of a post, five (5) Business Days after being deposited in the post, postage prepaid bythe quickest mail available and by registered mail if available to such party at its address specified in clause 27.3, or at such other address as such party may hereafter specify for such purpose to the other by, notice in accordance with this clause 27.

28.3.The addresses referred to in clause 27.2 are: in the case of a notice given to Boya: BOYA LIMITED P.O. BOX 245111-00502 KAREN, NAIROBI Email:  [email protected] Attention: BoyaIn the case of a notice given to Customer, the address provided by the Customer when registering for these Services or as updated from time to time.

28.4.If, in accordance with the above provisions, any such notice or other communication would otherwise be deemed to be given or made outside normal working hours in the place of service of the notice or other communication it shall be deemed to be given or made at the start of normal working hours on the next usual working day.

29. Independent Contractor/No Partnership

Nothing in this Agreement is intended to or shall be deemed to establish any partnership or joint venture between any of the parties, constitute any party as an agent for the other party or authorise any party to make or enter into any commitments for or on behalf of any other party

30. General

30.1.The Customer shall not be at liberty to assign, delegate, sub-contract or otherwise transfer any or all of its rights and obligations under this Agreement without the consent of Boya. Boya shall be entitled to Assign this Agreement to any party and shall provide Customer with written notice to this effect.

30.2.This Agreement (together with any documents referred to in this Agreement) constitutes the whole agreement between the parties relating to the matters contemplated herein and no party hasrelied on any representation made by any other party which is not a term of this Agreement.

30.3.No agent or representative of any party has authority to make, and the parties shall not be bound by or be liable for, any statement, representation, promise or agreement not set forth herein.

30.4.Failure by any of the parties to exercise any rights under this Agreement in any one or more instances will not constitute a waiver of such rights in any other instance. Waiver by any of the parties of any default under this Agreement will not be deemed a waiver of any other default.

30.5.If any provision of this Agreement shall be held to be illegal void invalid or unenforceable under the laws of any jurisdiction, the legality validity and enforceability of the other provisions of this Agreement shall not be affected and the legality, validity and enforceability of the whole of the Agreement in any other jurisdiction shall not be affected.

30.6.Any action required or permitted to be taken, and any document required or permitted to be executed, under this Agreement by any party may be taken or executed by the authorised representatives of such party.

31. Dispute Resolution

31.1.Each party shall settle amicably any dispute arising out of or in connection with this Agreement or in its validity, interpretation or termination.

31.2.Save as herein otherwise specifically provided, any dispute (including as to the interpretation validity enforceability or termination of these Boya Terms and Conditions) between the parties as to matters arising under or pursuant to this Agreement as aforesaid which cannot be settled amicably thirty (30) days after receipt by one party of the other party’s request for such amicable settlement may be submitted by either party to arbitration in accordance with the provisions of clauses 31.3 to 31.8 (both inclusive).

31.3.If the parties so agree, the dispute shall be referred to a single arbitrator or if they are unable to agree upon the person to be appointed as arbitrator within ten (10) days from the date of the notice requesting arbitration, the arbitratorshall, at the request of either party, be appointed by the Chairman of the Chartered Institute of Arbitrators of the United Kingdom, Nairobi Branch or failing him by the President of the Law Society of Kenya. The venue and seat of the arbitration shall be Nairobi.

31.4.Arbitration proceedings shall be conducted in accordance with the rules or procedures for arbitration of the Chartered Institute of Arbitrators of the United Kingdom, Kenya Branch.

31.5.If for any reason an arbitrator is unable to perform his function, a substitute shall be appointed in the same manner as the original arbitrator.

31.6.The decision of the arbitrator shall be final and binding on the parties.

31.7.The fees and expenses of the arbitratorshall be borne by the parties in equal shares.

31.8.Notwithstanding the above provisions of this clause 31, a party is entitled to seek preliminary injunctive relief or interim or conservatory measures from any court of competent jurisdiction pending the final decision or award of the arbitrators.

31.9. Where Boya has partnered with a third party to provide a part of the Services and those Services are governed by separate terms and conditions, the dispute resolution method in those terms and conditions shall apply to disputes arising in relation to those Services.

32. Governing Law

This Agreement and any dispute or claim, including non-contractual disputes or claims arising out of or in connection with it or its subject matter or formation shall be governed by and construed in accordance with the laws of Kenya.

BOYA LIMITED

SERVICE LEVEL AGREEMENT

AUGUST 2023

1. INTRODUCTION

This Service Level Agreement is entered into between Boya Limited (hereinafter referred to as “Boya” or “we”) and the Customer for the provision of financial technology services (hereinafter referred to as “Services”) as outlined below. This SLA shall be read together with Boya’s Terms and Conditions.

2. DEFINITIONS

Where used in this Agreement, the following words shall have the meanings assigned to them in this section:

2.1. “Downtime” means any period of time during which the services are unavailable to the Customer.

2.2. “Boya Platform” means both the Boya mobile application and the web platform.

2.3. “Issue” means an unscheduled or unanticipated event that has an adverse effect on the services.

2.4. “Response” means Boya’s acknowledgement of an issue, beginning from as soon as Boya is notified of the issue.

2.5. “Resolution” means Boya’s settlement of an issue.

2.6. “SLA” means this Service Level Agreement.

3. PURPOSE AND SCOPE

3.1. The purpose of this SLA is to outline the services offered by Boya Limited and set the guarantees that Boya makes to the Customer in relation to the provision of financial technology services.

3.2. The scope of this SLA shall be limited to the services provided by Boya; which are aimed at enabling customers to manage their spend more efficiently, and which are listed below:

3.2.1. Access to the Boya mobile application;

3.2.2. Access to the Boya web Dashboard;

3.2.3. Provision of virtual and physical cards; and

3.2.4. Any other Services as shall be determined by Boya from time to time.

3.3. This SLA shall not apply to any matter that is outside its scope as delineated in Section 3.2 above; including the following:

3.3.1. Service failures within banks;

3.3.2. Service failure of Mobile money operators and all associated services; and

3.3.3. Any circumstances in which external factors are the cause of a service interruption.

4. CONDITIONS OF SERVICE AVAILABILITY

4.1. The services detailed in this SLA will be provided round the clock, but customer support representatives shall be available only during working hours {8 am- 8 pm}. These working hours shall be based on East African Time (EAT) or GMT+3. However, incidences falling under Critical and Major severity levels as outlined in (5) below may be resolved even when they occur outside the stipulated working hours.

4.2. Boya’s offices will be and remain closed on all weekends and Kenyan public holidays.

5. RESPONSE AND RESOLUTION OF ISSUES

5.1. Boya shall apply the standard below to respond to and resolve any issues on its platform.

5.2. Whenever we resolve a Severity 1 or 2 issue, we shall email you an incident report.

6. DISRUPTIONS AND/OR DOWNTIME

6.1. Whenever there is an actual or prospective disruption or downtime on any of the services provided by Boya, we will notify you via our official email ([email protected]). It is also through this email that we will inform you of any updates to the platform or changes in our services.

6.2. Boya will run maintenance on a regular basis. Except where there is an emergency, we will inform you of any service disruptions that may result from the maintenance at least 12 hours before the start of maintenance.

7. DATA SECURITY

7.1. Boya backs up its customers’ data on a regular basis. Further, Boya has implemented reasonable security measures to protect Customer data from unauthorised access or disclosure. 7.2. Boya is compliant with all applicable data protection laws and regulations in Kenya and is registered as a Data Controller by the Office of the Data Protection Commissioner in Kenya.

8. CUSTOMER RESPONSIBILITIES

8.1. In order for Boya to provide its services correctly, every customer will be required to do the following:

8.1.1. To communicate to Boya, in a cordial manner, when an issue with the platform arises. Customers can communicate to Boya through the Boya app, Call the Boya support line, or via email ([email protected]).

8.1.2. To provide all information required and assistance related to service performance.

8.1.3. To inform Boya about any changes to their business that may necessitate a review or amendment of this SLA.

9. TERM

This SLA shall remain in effect for as long as the Customer is a client of Boya Limited.

10. GOVERNING LAW

This SLA is governed by the laws of Kenya. Any dispute arising in connection with this SLA shall be subject to the dispute resolution mechanism chosen by Boya in its Terms and Conditions; and ultimately the jurisdiction of Kenyan courts.

11. AMENDMENT OF THIS SLA

Boya reserves the right to amend this SLA at any time. After each amendment, we will inform you of the changes made and post the updated SLA on our website.

APPENDIX 1

WaaS & CaaS Customer Terms and Conditions

1. The Agreement

1.1 This Agreement sets out the complete Terms and Conditions (hereinafter called "these Terms and Conditions") which shall be applicable to the E- Wallet (as hereinafter defined) opened by you (as hereinafter defined) with the Bank (as hereinafter defined).

1.2 These Terms and Conditions (“Condition of Use”) are applicable and become effective once you opt in to the E- Wallet Service using the Boya platform.

2. Definitions and Interpretation

2.1. “AML" – means anti-money laundering.

2.2. “Bank”- means Diamond Trust Bank Limited incorporated in Kenya as a limited liability company under the Companies Act (Chapter 486 of the Laws of Kenya) and duly licensed as a bank under the Banking Act (Chapter 488 of the Laws of Kenya) and includes subsidiaries of the Bank as may from time to time be specified by the Bank to you;

2.3. “Card” – Means a payment instrument either Virtual/Digital Card or Physical card that is mapped to the E-Wallet and denominated in Cash.

2.4. “Card Holder”- Means a customer who is issued with a Card and is responsible for all transactions and liability on the Card.

2.5. “Customer” - means the person in whose name the E-Wallet Account and/or Card with the Bank is existing.

2.6. “e-Money” - means the electronic monetary value depicted in your E-Wallet Account representing an equal amount of cash.

2.7. “Equipment” – includes your mobile phone handset, website portal and any other Equipment which when used together enables you to access the Boya services

2.8. “E-Wallet”- Means a store of value that is housed within the Bank to hold the corresponding e-value of the amount a customer has assigned to their wallet.

2.9. “IPRS” - means the Integrated Population Registration System.

2.10. "KRA" – means the Kenya Revenue Authority.

2.11. “Personal Information”- means personal identifiable information as prescribed in the Data Protection Act which includes but is not limited to name, address, phone number, identification number and location data.

2.12. "Privacy Policy" – means the Bank's Privacy Policy (available on the DTB website) and Boya Privacy Policy that sets out the basis on which any personal data that Boya collected from You, or that You provide to Boya or the Bank through Boya will be stored and processed by Boya or the Bank

2.13. “Request” - means a request or instruction received by the Bank from you or purportedly from you through the Boya System and upon which the Bank is authorized to act;

2.14. “Services” - shall include any form of banking services or products that the Bank and Boya may offer you pursuant to this Agreement and as you may from time to time subscribe to and “Service” shall be construed accordingly.

2.15. “You” “you” or "your" - means the Customer and includes the personal representatives of the Customer.

3. Acceptance Of The Terms And Conditions

3.1 Before applying to open the E-Wallet via the Boya System you should carefully read and understand these Terms and Conditions which will govern the use and operation of the E-Wallet

3.2 If you do not agree with these Terms and Conditions, please click “Decline” on the available Menu.

3.3 You will be deemed to have read, understood and accepted these Terms and Conditions:

3.3.1 upon clicking on the “Accept” option on the requesting you to confirm that you have read, understood and agreed to abide with these Terms and Conditions; and/or

3.3.2 by using or continuing to use and operate the E-Wallet.

3.4 By applying to open the E-Wallet with the Bank, you agree to comply with and be bound by these Terms and Conditions for the time being and from time to time in force governing the operation of the EWallet and you affirm that these Terms and Conditions herein are without prejudice to any right that the Bank may have with respect to the E-Wallet in law or otherwise.

3.5 These Terms and Conditions including the Privacy terms may be amended or varied by the Bank from time to time and the Bank will issue you with a thirty (30) days’ notice prior to the change through Boya .Continued use of your E-Wallet after this notice period constitutes your agreement to be bound by the terms of any such amendment or variation.

3.6 You acknowledge and accept that the Bank offers the E-Wallet only electronically and you agree to do business with the Bank and to operate the E-Wallet only by electronic means via the Boya System. Any query and complaint you may have relating to the Services shall be addressed to the Bank through the Customer Care Centre of Boya .For the avoidance of doubt, you acknowledge and accept that you will not be allowed or entitled to receive or demand the Services pertaining to Boya at any branch or branches of the Bank unless otherwise advised by the Bank in its sole discretion. You further acknowledge and accept that the Customer Care Centre of Boya is not a branch of the Bank or the Bank’s Agent for purposes of conducting banking business or transactions and that it will not act as such.

4. Account Opening

4.1 You may open an E-Wallet Account solely by way of an electronic application provided to you by Boya

4.2 The Bank may request Boya for your personal information held by Boya pursuant to the agreement between you and Boya for the provision of Boya products and services .This information will include your phone number, name, date of birth, ID or Passport Number, KRA Pin and such other information that will enable the Bank to identify you and comply with the regulatory “Know Your Customer” requirements.

4.3 The Bank may request Boya for information relating to your use of Boya System as the Bank shall require for purposes of providing you the Services.

4.4 The Bank through Boya may seek your consent to approve the disclosure of the Personal Information and to the -aforesaid use of the Personal Information by the Bank.

4.5 The bank will employ a range of technologies and internal policy framework to protect the information and data maintained on our systems from loss, unauthorized access, disclosure, alteration, or destruction and has at all times taken and takes all steps reasonably necessary to ensure the confidentiality and integrity of such Personal Information and information and the way it is processed. These policies and standards are periodically updated to keep them up to date with regulations and market developments.

4.6 You hereby further acknowledge and authorize the Bank to verify your Personal Information received from Boya against the information received from the Government of Kenya repositories (including but not limited to IPRS, KRA) and from other bodies for AML screening.

4.7 The Bank reserves the right to request for further information from you either directly or through Boya pertaining to your application for Boya services at any time. Failure to provide such information within the time required by the Bank may result in the Bank declining to accept your application for an EWallet account 4.8 The bank Under the provisions of Kenyan laws concerning the participation of financial institutions in combating money-laundering and the financing of terrorist activities, will be required to ascertain from every customer the source, purpose and destination of the transaction or E-Wallet

4.9 You hereby expressly consent and authorize the Bank to use your feedback, suggestions, ideas, your Personal Information or information or data relating to your E-Wallet Account in any way, including in future modifications of the Service, other products or services, advertising, or marketing materials.

4.10 The Bank reserves the right to decline your application for an E-Wallet Account or to revoke the same at any stage at the Bank’s sole discretion and without assigning any reason or giving any notice thereto.

4.11 The Bank will adhere to the Privacy Clause herein to undertake its obligations herein.

5. Type of Account

5.1 E-Wallet

As a holder of an E-Wallet Account, you will be entitled and subject to these Terms and Conditions.

5.2 Usage of the E-Wallet

5.2.1 After your account has been opened and activated, you will be able to initiate the following Transactions:

5.2.1.1 Load E-Money into the E-Wallet through the different payment options availed by Boya

5.2.1.2 Send money from your E-Wallet to other Users through the different payment options availed by Boya

5.2.1.3 any other transactions that may be introduced by Boya through the Bank from time to time. You are responsible for all transactions given to the Bank in relation to your E-Wallet Account

5.2.1.4 Transactions done on the E-Wallet provided that they have been fully authenticated by Boya and the customer shall be processed by the Bank without further checks

5.2.1.5 Transaction limits as prescribed by the Bank shall apply each time you transact on your E-Wallet account

5.2.1.6 Your Transaction requests will not be completed:

5.2.1.6.1 If you have insufficient funds in your E-Wallet to complete a transaction

5.2.1.6.2 If you have reached the maximum Account balance limit as prescribed by Bank

5.2.1.6.3 If you have reached the daily limit prescribed by the Bank

5.2.1.6.4 If your E-Wallet account has been temporarily suspended or permanently frozen on valid grounds

5.2.1.6.5 if there are any other compelling reasons such as temporary system delay or outage

5.2.1.6.6 if the E-Money in your E-Wallet Account is not enough to carry out your Transaction request in full, the Transaction will not be completed and no E-Money will be debited from your E-Wallet account

5.2.1.6.7 if the transactions being done are for payment of any illegal or unregulated activities

5.2.1.6.8 or for any other reason as may be deemed necessary by the Bank

5.2.1.7 Upon successful completion of your Transaction, the Bank will immediately effect the payment and send a notification to Boya. Boya will then send a notification through the available means to you as to the completed status of your transaction.

5.2.1.8 Where the Bank is unable to complete a transaction, Boya will be notified by the Bank as to the reasons for not completing the transaction. Boya will then notify you of the same through the available channels.

5.2.1.9 A transaction once received by the Bank will be deemed your transaction and the Bank will process without any further authentication or checks.

5.2.1.10 A transaction once completed is final and irrevocable. As such, the Bank shall not be under any compulsion to reverse any Transaction.

5.3 Card

5.3.1 Upon a request from You through Boya , the Bank may issue You with a Card.

5.3.2 The Card issued may be linked to the E-Wallet for the storage of value.

5.3.3 The Card may either be a physical card , digital or a virtual card.

5.3.4 The Bank shall be entitled to debit your E-Wallet Account with the amount of all card transactions arising from the use of the card and you confirm reading and agreeing to the charges for any card transaction.

5.3.5 The Bank reserves the right to request further information pertaining to transactions you undertake in line with applicable regulations at any time failure to which may result in limitation on usage of the Card including suspension or termination of the account

5.4 Usage of the Card

5.4.1 You will be able to use the funds in your E-Wallet Account to transact using your card.

5.4.2 You shall be responsible for ensuring correctness and accuracy of all purchases made with the Card. Any loss due to negligence of usage of the Card will not be covered by the Bank

5.4.3 You are responsible for all authorized transactions on the Card.

5.4.4 You are responsible for monitoring your E-Wallet account balances and ensuring that there are always enough funds to pay for Card Purchases. If you attempt to spend more than the Card’s available balance your transaction will be declined.

5.4.5 You agree that online Card Payments are subject to all laws and regulations including any exchange rate control regulations.

5.4.6 In case a Card Payment is not successfully completed, the Bank reserves the right to later debit from your E-Wallet, the equivalent of any amount transacted by you (including fees) in exchange of unpaid goods or services purchased.

5.4.7 The Bank reserves the right to deduct from a Customer E-Wallet a reasonable service charge and any expenses incurred, including without limitation reasonable legal fees, due to legal action involving the Card.

5.4.8 You must not use the Card:

5.4.8.1 After this agreement has been terminated or

5.4.8.2 For any unlawful purpose including the purchase of goods and/or services prohibited under Kenyan law

5.5 Card Holders Claims

5.5.1 Your E-Wallet shall only be credited with a refund in respect of a card transaction if the Bank receives a refund voucher or other refund verification acceptable to it.

5.5.2 No claim by You against a third party may be the subject of a defence or counter claim against the Bank

5.5.3 You shall not be entitled to any interest on any credit in your E-Wallet

6. Irrevocable Authority of the Bank

6.1 You hereby irrevocably authorize the Bank to act on all Requests received by the Bank from you (or purportedly from you) through the Boya System or via Your Card and to hold you liable in respect thereof, notwithstanding that any such requests are not authorized by you or are not in accordance with any existing mandates given by you.

6.2 If you request the Bank to cancel any transaction or instruction after a Request has been received by the Bank from you, the Bank may at its absolute discretion cancel such transaction or instruction but shall have no obligation to do so.

6.3 The Bank is authorized to effect such orders in respect of your E-Wallet/Card Account as may be required by any court order or competent authority or agency under the applicable laws.

6.4 In the event of any conflict between any terms of any Request received by the Bank from you and these Terms and Conditions, these Terms and Conditions shall prevail.

7. Intellectual Property

You acknowledge that the intellectual property rights in regards to the E-Wallet (and any amendments, upgrades or enhancements thereto from time to time) and all associated documentation that the Bank provides to you through the E-Wallet or otherwise are vested either in the Bank or in other persons from whom the Bank has a right to use and to sub-license the E-Wallet and/or the said documentation. You shall not infringe any such intellectual property rights. You shall not duplicate, reproduce or in any way tamper with the E-Wallet and associated documentation without the prior written consent of the Bank.

8. Liability

8.1 In the event that you do not use your E-Wallet/Card in accordance with these conditions of Use, or we find that you are using the Card fraudulently, we reserve the right to charge you for any reasonable costs or loss we incur in taking action to stop you from wrongfully using your Card/E-Wallet.

8.2 The Bank shall not be responsible for any loss suffered by the Customer should the Service be interfered with or be unavailable by reason of (a) any industrial action, (b) the failure of any of the facilities, or (c) any other circumstances whatsoever not reasonably within the Bank’s control including, without limitation, computer related viruses, force majeure or error, interruption, terrorist or any enemy action, equipment failure, loss of power, adverse weather or atmospheric conditions, and failure of any public or private telecommunications system.

8.3 The Bank will not be liable for any losses or damage suffered by you as a result of or in connection with:

8.3.1 failure, malfunction, interruption or unavailability of the System, your Equipment, the Network, and the Boya system.

8.3.2 The transaction amount sought by the customer is below the minimum or above the maximum limits as communicated by the Bank from time to time;

8.3.3 The customer has entered incorrect details and a payment is made to the wrong beneficiary.

8.3.4 The transaction is suspicious or fraudulent resulting in losses to a third-party;

8.3.5 the money in the customers E-Wallet Account or receipt of funds is intercepted by legal process or other encumbrance restricting payments or transfers thereof/or;

8.3.6 Unforeseen circumstances prevent the execution of a transaction despite any reasonable precautions taken by the Bank.

8.3.7 your failure to give proper or complete instructions for payments or transfers relating to your E-Wallet Account;

8.3.8 any losses caused as a result of or in connection with any laws or regulations of countries where transactions are settled or cleared and/or any exchange control restrictions or other governmental regulations (for example anti money laundering regulations) which are imposed from time to time unless caused by the Bank’s breach of such laws and regulations;

8.4 any damages or losses arising from unauthorized access to the Service by a third party using the Customer’s authentication credentials , unless prior notification from the Customer has been received by the Bank through Boya stating that no further access to the relevant Service shall be granted to any person, using such authentication credentials which notification shall have effect either from the date of receipt of such notification or such later date as may be specified in such notification; or

8.5 Customer’s failure to comply with these Terms and Conditions and any document or information provided by the Bank concerning the use of the System and the Services.

8.6 If for any reason other than a reason mentioned in subparagraphs 8.1 or 8.2, the Services are interfered with or unavailable, the Bank’s sole liability under this Agreement in respect thereof shall be to re-establish the Services as soon as reasonably practicable.

8.7 The Bank shall not be liable to the Customer for any interference with or unavailability of the Electronic Banking Services, howsoever caused

8.8 Under no circumstances shall the Bank be liable to you for any loss of profit or anticipated savings or for any indirect or consequential loss or damage of whatever kind, howsoever caused, arising out of or in connection with the Services even where the possibility of such loss or damage is notified to the Bank.

8.9 The Bank shall not be liable in any way if a third party does not honor the card

8.10 The Bank may restrict or refuse to authorize any use of the Card/E-Wallet in any legal jurisdiction if using the Card/ E-Wallet is causing or could cause a breach of the Condition of use of if the Bank suspects criminal or fraudulent use of the Card E-Wallet

8.11 All warranties and obligations implied by law are hereby excluded to the fullest extent permitted by law.

8.12 The Bank shall not be liable to you in case :

8.12.1 any of your instructions are not clear;

8.12.2 you provide incorrect information while transacting using your Card/ E-Wallet ;

8.12.3 Any currency exchange rate inflation that will affect your purchases.

9. Indemnity

9.1 In consideration of the Bank complying with your instructions or Requests in relation the E-Wallet Account, you undertake to indemnify the Bank and hold it harmless against any loss, charge, damage, expense, fee or claim which the Bank suffers or incurs or sustains thereby and you absolve the Bank from all liability for loss or damage which you may sustain from the Bank acting on your instructions or requests or in accordance with these Terms and Conditions.

9.2 The indemnity in clause 9.1 shall also cover the following:

9.2.1 All demands, claims, actions, losses and damages of whatever nature which may be brought against the Bank or which it may suffer or incur arising from its acting or not acting on any Request  or arising from the malfunction or failure or unavailability of any hardware, software, or equipment, the loss or destruction of any data, power failures, corruption of storage media, natural phenomena, riots, acts of vandalism, sabotage, terrorism, any other event beyond the Bank’s control interruption, or distortion of communication links or arising from reliance on any person or any incorrect, illegible, incomplete or inaccurate information or data contained in any Request received by the Bank.

9.2.2 Any loss or damage that may arise from the customer’s use, misuse, abuse or possession of any third-party software, including without limitation, any operating system, browser software or any other software packages or programs.

9.2.3 Any unauthorized access to the customers E-Wallet Account/Card or any breach of security or any destruction or accessing of your data or any destruction or theft of or damage to any of your Equipment.

9.2.4 Any loss or damage occasioned by the failure by the customer to adhere to these Terms and Conditions and/or by supplying of incorrect information or loss or damage occasioned by the failure or unavailability of third party facilities or systems or the inability of a third party to process a transaction or any loss which may be incurred by the Bank as a consequence of any breach by these Terms and Conditions.

9.2.5 Any damages and costs payable to the Bank in respect of any claims against the Bank for recompense for loss where the particular circumstance is within the customer’s control.

10. Variation And Termination Of Relationship

10.1 The Bank may at any time, upon notice to you through Boya ,terminate or vary its business relationship with the customer and close the customer’s E-Wallet Account/Card and in particular but without prejudice to the generality of the foregoing the Bank may cancel credits which it has granted within such time as the Bank may determine.

10.2 Without prejudice to the Bank rights under clause 10.1, the Bank may at its sole discretion suspend or close your E-Wallet Account/Card:

10.2.1 if you use the E-Wallet Account/Card for unauthorized purposes or where the Bank detects any abuse/misuse, breach of content, fraud or attempted fraud relating to your use of the Services;

10.2.2 if your agreement with Boya is terminated for whatever reason;

10.2.3 if the Bank is required or requested to comply with an order or instruction of or a recommendation from the government, court, regulator or other competent authority;

10.2.4 if the Bank reasonably suspects or believes that you are in breach of these Terms and Conditions or other terms and conditions relating to the services

10.2.5 where such a suspension or variation is necessary as a consequence of technical problems or for reasons of safety;

10.2.6 where you remain inactive for any period of time determined by the Bank in its reasonable discretion; or

10.2.7 If the Bank decides to suspend or cease the provision of the Services for commercial reasons or for any other reason as it may determine in its absolute discretion.

10.2.8 If You decline to provide any additional KYC information that is required or requested by the Bank upon reasonable notice

10.3 The Bank may at any time, without notice to you, terminate its business relationship with you and in particular but without prejudice to the generality of the foregoing, the Bank may cancel credits which it has granted within such time as the Bank may determine. The Bank may further terminate or freeze any E-Wallet account/Card in your name without prior notice to you if:

10.3.1 at any time and with immediate effect, if the Bank is no longer authorised to issue electronic money due to a decision by the competent authorities or an amendment to the applicable regulations and if it is not replaced by another electronic money Bank or regulated financial institution with capacity to run this solution;

10.3.2 at any time, within one month in the case of a serious failure by one or other of the Parties to fulfil its obligations, thirty (30) days after formal notice by registered letter with acknowledgement of receipt that remains unanswered.

10.3.3 at any time and without formal notice in the event of Boya /Customer’s non-compliance with the regulations governing the prevention of money-laundering and the financing of terrorism.

10.4 The Bank will conduct due diligence and vigilance on E-Wallet accounts and Card transactions at any given time and without notice to You, in a bid to ensure that there are no activities ongoing therein that are contrary to this clause.

10.5 The Bank retains the right to refuse to open an E-Wallet account or to process a transaction where it is suspected that You are or the transaction is criminal, fraudulent, or in contravention of the provisions of this clause.

10.6 You may close your E-Wallet Account at any time through Boya

10.7 The Wallets that are still active shall be kept open until their expiry or, in the absence of an expiry date, until the Bank receives the agreement of each Customer holding electronic money to close down their Wallet together with instructions to transfer the funds less any applicable fees. The Bank must be given release from any claim by Customers holding electronic money and their consent to its successor.

10.8 Termination shall however not affect any accrued rights and liabilities of either party.

11. Privacy

11.1 Collection of information and Processing of Personal Data. You consent to the bank collecting your Personal Data from you or Boya and where the bank is required by law to collect certain personal information and are legally obligated to deny the customer the service if such information is not availed. Apart from the legal obligation mentioned above, the customer consents to the bank processing your Personal Data: 11.1.1 To provide you with a quality Service delivery, without which, we shall not be able to provide you with quality service;

11.1.2 To carry our statistical and other analyses to identify potential market trends, evaluate and improve our services;

11.1.3 For marketing purposes where you have consented to marketing; and for other purposes as set out in the Privacy Policy.

11.1.4 To seek additional information through the Data provided by You to enhance our KYC information.

11.2 Privacy

11.2.1 The bank is committed to respecting and protecting the privacy of the information we collect from the customer. The customer shall have the right to:

11.2.1.1 Request access to your Personal Data, request correction and erasure of your Personal Data, object to processing of your Personal Data, request restriction of processing of your Personal Data, request the transfer of your Personal Data to you  or a third party, withdraw consent at any time where we are relying on consent to process your Personal Data.

11.2.1.2 You agree and confirm that the above rights over your Personal Data are to be enjoyed subject to the Banks & Boya Privacy Policy, as updated from time to time, which explains how we treat your personal information, who we share your information with, and measures taken protect your privacy when you use the Boya Services. This can be found on DTB Data Privacy Policy on the DTB website and Boya Data Privacy Statement.

12. Notices

12.1 If you wish to Contact the Bank in writing or if any condition in this agreement requires You to give the Bank Notice, You can send this to Boya via the available communication channels .

12.2 If the Bank will have to Contact You or give you notice in writing, the Bank will do so through Boya

13. Disputes

13.1 You may contact the Boya Customer Care Center to report any disputes, claims or E-Wallet Account/Card discrepancies.

13.2 The Boya Customer Care Center representatives may reach out to the Bank’s representatives to assist in resolving disputes, queries, claims of E-Wallet Account/Card discrepancies.

13.3 Any dispute arising out of or in connection with this Agreement that is not resolved by both the Bank Representatives and Boya Customer Care Centre representatives shall be referred to a Kenyan court of competent jurisdiction.

13.4 To the extent permissible by Law, the determination of the court shall be final, conclusive and binding upon the parties hereto. This Agreement shall be governed by and construed in accordance with the laws of the Republic of Kenya.