Open connection interface – public technical interface for connection maintenance between payment service providers, payment initiation service providers, account information service providers and other payment service providers managing accounts, payers, and recipients.
Payment Initiation Service provider, Account Information Service Provider, Paysera – Paysera LT, UAB, legal entity code: 300060819, official address: Pilaitės pr. 16, Vilnius, LT-04352, e-mail address: firstname.lastname@example.org, phone: +370 52071558. Electronic Money Institution Licence No. 1, issued on September 27, 2012; the issuing and supervisory body is the Bank of Lithuania; identification code 188607684, address: Žirmūnų g. 151, Vilnius, e-mail address email@example.com, phone No. (8 5) 268 0501; data about Paysera LT, UAB is collected and stored in the Register of Legal Entities of the Republic of Lithuania.
Payer – a natural or legal person who has a payment account (accounts) in another (other) payment service provider’s institution (institutions) and allows to perform or submits payment orders from that payment account (accounts) using services provided by Paysera described in the present Rules.
Payment Initiation Service, PIS – a payment service, when a payment order is initiated by a request from the Payer from a payment account opened in another payment service provider’s institution via the Payment Initiation Service provider.
Payment service provider, PSP – under the present Rules is understood as a payment service provider, in the institution of which the Payer has a payment account from which they intend to execute a transfer order (e.g. banks, other credit institutions, etc.).
Account Information Service, AIS – a payment service, where consolidated information about one or several payment accounts of the Payer in the institution of another payment service provider is provided via the Internet.
Rules – the present rules for the provision of the Payment Initiation and Account Information Services.
General Features of the PIS and the AIS
1. These Rules determine the functioning of the PIS and the AIS in the Paysera system, provide the main features of the PIS and the AIS, regulate the processing of the personal data of the Payer for the purpose of provision of the PIS and the AIS for the Payer.
2. The AIS provided by Paysera allows the Payer, who intends to use the PIS, to receive information about their accounts with the institution of other PSPs, balance of funds on those accounts, and/or select an account which the Payer intends to initiate a Payment order from via the Open connection interface supported by Paysera.
3. Using the PIS provided by Paysera, the Payer has the possibility to initiate and confirm (authorise) an automatically generated payment order of the Payer by Paysera to the PSP institution of the Payer.
4. Paysera does not apply the commission fee to the Payer neither for the provision of the AIS nor the PIS. However, the Payer under the present Rules is informed that the standard commission fee, applied to the Payer by their PSP institution for a payment transfer of a certain type charged by the PSP of the Payer, will be applied for the payment transfer. If the PSP of the Payer informs about the price of such payment transfer, Paysera shall also inform the Payer thereof before they authorise the payment order.
Detailed Description of the Operation of the PIS and AIS
5. When submitting a request to initiate a payment order from their payment account and/or submitting a request for account information provision, the Payer expresses their consent to Paysera for the use of these services electronically and enters their electronic banking data to log in to their PSP via the Open connection interface supported by Paysera, where a payment order is automatically generated and initiated on behalf of the Payer. When executing this function, Paysera does not collect, accumulate, or store any electronic banking data (personalised security data) provided by the Payer. Information which the Payer uses to log in to their electronic banking (client ID, password, generated codes, password card codes, or any other) is encrypted and used only once for payment order initiation, account information, and during only one session.
6. In each separate instance of service provision, the Payer gives their consent to Paysera to initiate the PIS and the AIS electronically, by clicking the consent button in the provided information window and later when performing some actions, i.e. entering their login data to the electronic banking with the PSP and confirming the payment order generated by Paysera. Using the Paysera PIS, the Payer on their behalf, and unilaterally, initiates submission of the payment order to the selected PSP. The Payer may cancel a payment order up to the moment when the payment order is confirmed (authorised). The wish to cancel a payment order is expressed by the Payer by terminating the session and not confirming (authorising) the payment order.
7. By using the AIS provided by Paysera, the Payer is provided with the information about the Payer’s account(s) at a specific PSP institution during the PIS. If the Payer has several payment accounts at a specific institution of the PSP, the Payer may select the payment account from which they intend to execute the payment order.
8. By using the PIS provided by Paysera, after the Payer logs in to their PSP via the Open connection interface supported by Paysera, Paysera automatically generates a payment order according to the data of the Payer provided to Paysera, also indicating the following:
8.1. Paysera is indicated as the recipient and information on the final recipient is provided to the Payer in the purpose of payment field;
8.2. if the final recipient is a client of Paysera, the payment purpose is indicated automatically according to the data of the final recipient in order for the final recipient to be able to easily recognise the payment performed by the Payer, i.e. the purchased goods or services, and the purpose of the payment;
8.3. the payment amount automatically generated during the provision of the PIS and confirmed by the Payer during the initiation of the payment order;
8.4. after a payment order is generated, the amount, the recipient of funds, and other transaction data cannot be changed.
9. The Payer shall confirm (authorise) a payment order automatically generated by Paysera.
10. After successful provision of the payment order initiation service, via a durable medium, Paysera submits a confirmation to the Payer and the final recipient about the proper initiation of the payment order and the successfully completed Payment order, which at the same time is also a confirmation that the payment order has been appropriately initiated at the institution of the PSP of the Payer. Along with this information, Paysera submits other data received during a payment transaction that allows the Payer and the Final recipient to recognise the payment transaction, the amount and the data required for the final recipient to recognise the Payer.
11. Paysera shall inform the final recipient about the successful execution of a payment.
12. When providing the PIS, Paysera provides the Payer and the final recipient with data that allows them to identify the payment transaction and the Payer.
13. When providing the PIS and/or AIS, Paysera does not keep the funds of the Payer at any moment.
14. Paysera undertakes full responsibility for the proper submission of a payment order of the Payer to the PSP selected by the Payer, as well as the security and confidentiality of login data to the electronic banking provided by the Payer.
15. In case Paysera provides the PIS according to the payment order initiated by the Payer, and according to this information the funds indicated by the Payer have been credited to the recipient of funds, but for some reason the funds have not been debited and transferred or have been returned to the Payer, Paysera shall deem such funds as a debt of the Payer to the final recipient.
16. If the Payer finds out about an unauthorised or inappropriately executed payment transaction using the Paysera services, the Payer shall inform the operator of their payment account thereof under the procedure indicated in the agreements with their account operator.
17. Ensuring the security of payment transfers and the confidentiality of the data of the Payers, Paysera does not store any data of the Payer related to personalised security data (e.g. unique identifiers, passwords, or payment order confirmation (authorisation) codes) in the information technology systems and servers used. All this data is submitted by the personal data subject themselves and/or the PSP.
18. All the personalised login data (personalised security data) for the electronic banking of the Payer is used only during one-time sessions, throughout which it is encrypted and cannot be seen, recovered, or used in the Paysera system. Each time when the Payer submits a request to initiate a payment order and/or a request for account information, they must once again confirm their identity to the PSP operating their account.
19. All the data provided by the Payer in the Paysera system during payment execution are is transmitted to a PSP institution through a safe channel secured by SSL certificate. Therefore, login data to the electronic banking of the Payer and payment order confirmation (authorisation) codes remains safe and cannot be taken over by third persons.
20. For the purpose of provision of the PIS and AIS in the Paysera system, the following data (including personal data) may be processed: the Payer’s full name, national identification number (if transferred together with the payment order), payment date, payment amount, payment purpose, email address, IP address, list of accounts of the Payer, and account number of the Payer.
21. Paysera processes the personal data of the Payer on the basis of legislation regulating the payment services.
22. Paysera processes the personal data of the Payer in compliance with the following provisions:
22.1. ensures that information about the Payer received during the provision of the AIS will be provided only to the Payer and only after receiving clear consent from the Payer;
22.2. ensures that information about the Payer received during the provision of the PIS will be provided only to the recipient of funds and only after receiving a clear consent from the Payer;
22.3. does not store sensitive payment data of the Payer, i.e. data which can be used to commit fraud and which includes personalised security data;
22.4. ensures that personalised security data of the Payer will not be available to other parties except for the Payer themselves and the issuer of the personalised security data (relevant PSP);
22.5. does not collect or process the data for purposes unrelated to the provision of the PIS and/or AIS;
22.6. has access only to indicated payment accounts and information of related payment transactions;
22.7. does not modify the personal data of the Payer specified in the payment order;
22.8. implements appropriate organisational and technical measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, and any other illegal handling, as set forth in the legislation regulating the processing of personal data;
22.9. implements measures to prevent the PIS or AIS from being used by individuals who seek to obtain or take control over funds by deception.
23. The Payer has the right to be acquainted with the personal data processed by Paysera. The Payer has the right to receive information on whether Paysera processes their personal data and, if it does, to be acquainted with it and receive information from which sources and what personal data is collected, what is the purpose of its processing and to whom it is or may be submitted; to receive a copy of their personal data from Paysera in accordance with the procedure established in applicable legislation. Paysera, having received a written request from the Payer, shall submit the requested data in writing within the time limit specified in the legislation or indicate the reasons for refusing to satisfy such request. The data can be provided free of charge once per calendar year, but in other cases provision of data may be charged at an amount which does not exceed the costs of data provision.
24. The Payer is entitled to request Paysera to correct incorrect, and/or inaccurate personal data or provide the complete data free of charge by submitting a request.
25. The Payer is entitled to request to terminate the processing of their personal data (delete data) if the personal data is no longer needed for the purpose for which it was received or if the personal data was processed illegally or if the personal data must be deleted by complying with a legal duty. The Payer’s right to request to delete their personal data which is being processed may be limited or impossible due to legal obligations of Paysera, as provider of payment services, to protect the data about the identification of the client, payment transactions, concluded agreements, and so on, for the period determined by the law.
26. For the purpose of PIS and/or AIS provision, the Payer’s personal data is stored for 3 years after its receipt.
27. Requests for access, correction, and deletion of data shall be sent by the Payer by email to firstname.lastname@example.org. In the request, the Client shall clearly indicate their name and surname. Contacts of the Paysera Data Protection Officer: email@example.com.
28. In providing the PIS and/or AIS services, the necessary cookie PHPSESSID, ensuring proper performance of the PIS and/or AIS services, is installed on the Payer’s device for the duration of the web session. The Payer may change the settings of their browser so that the cookie would not be accepted or would be deleted, however, in such case the PIS and/or AIS services would not be available due to technical reasons.
29. The Payer, using Paysera services, is advised to get acquainted with the guidelines and recommendations for the safe use of the Paysera system..
30. The present Rules are subject to the law of the Republic of Lithuania, even if a dispute between the Payer and Paysera falls under the jurisdiction of a country other than the Republic of Lithuania.
31. The Payer has the right to submit claims and complaints about the payment services provided to the general email address firstname.lastname@example.org. A written claim from the Payer shall be examined not later than within 15 business days from the day of receipt. In exceptional cases, when due to circumstances that are out of the control of Paysera the response cannot be provided within 15 business days, Paysera shall provide an indecisive response. In any case, the final response shall be provided not later than within 35 business days.
32. If the Payer is not satisfied with the solution of Paysera, the Payer has the right to exercise other legal remedies and:
32.1. submit a claim to the Bank of Lithuania at Totorių g. 4, LT-01121 Vilnius, and/or via email at email@example.com.
32.2. If the Payer is a user, they also have the right to contact the Bank of Lithuania as an institution resolving consumer disputes in an extra-judicial manner (find out more).
33. In case of failure to settle a dispute amicably or in another extrajudicial method of dispute resolution, the dispute shall be settled by the courts following the procedure established by the law according to the location of Paysera’s office.
34. The person, using the PIS in the Paysera system, acknowledges that they are familiar with the present Rules.
35. Paysera reserves the right to amend these Rules unilaterally at any time, and such amendments come into force upon their publication on the Paysera website.