E-WALLET DATA PROCESSING AGREEMENT

This E-Wallet Data Processing Agreement („Agreement”) is entered into between Payana Solutions LDA („Payana,” „Cards4ads,” „we,” „us,” „our”) and the Beneficiary, as the Client or Customer, collectively referred to as the „Parties,” and sets out the specific rules and obligations regarding the processing of personal data submitted by the Beneficiary to Payana as a data controller, in accordance with applicable data protection laws and regulations, including the General Data Protection Regulation (GDPR), the UK Data Protection Act, and the California Consumer Privacy Act (CCPA).

1. Definitions
2. „Personal Data” means any information relating to an identified or identifiable natural person („Data Subject”).
3. „Processing” means any operation or set of operations performed on Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
4. Purpose and Lawfulness of Processing
5. Payana will process the Personal Data provided by the Beneficiary for the purpose of providing e-wallet services, including payment processing, acquiring services, payout services, and related activities.
6. The processing of Personal Data is necessary for the performance of the contract between Payana and the Beneficiary, compliance with legal obligations, protection of vital interests, consent, and legitimate interests pursued by Payana or third parties.
7. Categories of Personal Data

Payana may process the following categories of Personal Data, as provided by the Beneficiary or obtained during the use of the e-wallet services:

1. Identity and contact details. b. Financial information. c. Transaction information. d. Any other information necessary for the provision of e-wallet services and fulfillment of contractual obligations.
2. Data Retention

Payana will retain the Personal Data for as long as necessary to fulfill the purposes for which it was collected, as well as to comply with legal, accounting, or reporting requirements.

5. Data Subject Rights

As Data Subjects, Beneficiaries have certain rights under the applicable data protection laws, including but not limited to:

1. The right to access and rectify Personal Data. b. The right to erase Personal Data under certain circumstances. c. The right to restrict the processing of Personal Data. d. The right to object to the processing of Personal Data. e. The right to data portability, where applicable. f. The right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
2. Security Measures

Payana will implement appropriate technical and organizational measures to ensure the security, confidentiality, and integrity of the Personal Data, in accordance with the requirements of applicable data protection laws and regulations.

7. Subprocessing and Third-Party Services

Payana may engage subprocessors to assist in the processing of Personal Data. Payana will ensure that any subprocessor it engages provides sufficient guarantees to implement appropriate technical and organizational measures to meet the requirements of applicable data protection laws.

8. Data Transfers

Payana may transfer Personal Data to countries outside the Beneficiary’s jurisdiction, including countries that may have different data protection laws. Payana will ensure that any such international transfers comply with the applicable data protection laws and regulations.

9. Data Breach Notification

In the event of a personal data breach, Payana will notify the Beneficiary and the relevant supervisory authority in accordance

BY ACCEPTING THESE TERMS, you, the user, are entering into this agreement with:

Payana Solutions LDA (hereinafter referred to as „Payana”), whose registered office is located at Edifício Infante, Avenida D. João II, n.º 35, 11.º A/D 1990-083 Lisboa, Portugal.