U MOBILE SDN BHD

MERCHANT GUIDE
 MERCHANT GUIDE

Contents

1. INTRODUCTION .......................................................................................................................... 3
2. HOW TO CONTACT U MOBILE ............................................................................................... 3
3. DEFINITION .................................................................................................................................. 3
4. THE MERCHANT’S OBLIGATIONS ........................................................................................ 5
5. PAYMENT CARD ACCEPTANCE ............................................................................................ 7
6. FLOOR LIMIT ............................................................................................................................... 7
7. COMPLETION OF TRANSACTIONS ...................................................................................... 7
8 AUTHENTICATION OF TRANSACTIONS ............................................................................ 10
9 REFUND OR RETURN OF GOODS ...................................................................................... 10
10 POS TERMINAL (APPLICABLE FOR POS TERMINAL MERCHANT ONLY) .......... 11
11 MERCHANT’S SYSTEM (APPLICABLE TO E-COMMERCE MERCHANT ONLY) .. 12
12 WEBSITE REQUIREMENTS (APPLICABLE TO E-COMMERCE MERCHANT
ONLY) .................................................................................................................................................. 13
13 RECURRING PAYMENT (APPLICABLE TO MERCHANT WHO ALLOWS
RECURRING PAYMENT BY CARDHOLDERS) .......................................................................... 13
14 MAIL/TELEPHONE ORDER (APPLICABLE TO MERCHANT WHO PROVIDES
MAIL/TELEPHONE ORDER SERVICE) ........................................................................................ 14
15 EASY PAYMENT PLAN (APPLICABLE TO MERCHANT WHO PROVIDES EASY
PAYMENT PLAN) .............................................................................................................................. 15
16 DIRECT MAILING PROMOTION ........................................................................................ 16
17 TRANSACTION RECORDS ................................................................................................ 16
18 COMPLAINT BY CARDHOLDER ....................................................................................... 17
19 SECURITY REQUIREMENTS ............................................................................................. 17
20. ADDITIONAL SECURITY REQUIREMENTS ................................................................... 19
21. ADC EVENTS ......................................................................................................................... 19

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

2
 MERCHANT GUIDE

1. INTRODUCTION
1.1 This Merchant Guide provides the procedure applicable for processing Payment Card
Transactions using the Services.

1.2 This Merchant Guide forms part of the Agreement between U Mobile and the
Merchant and is in addition to and does not alter or reduce any obligations that are
set out in the Agreement. If there is a conflict between this Merchant Guide and the
Agreement, the provisions of the Agreement will prevail.

1.3 U Mobile may amend this Merchant Guide at any time without notice. The Merchant
is encouraged to periodically review the Merchant Guide on the relevant web portal
specified by U Mobile to ensure that Merchant complies with this Merchant Guide.

1.4 Terms defined in the Merchant General Terms and Conditions have the same
meaning when used in this Merchant Guide.

2. HOW TO CONTACT U MOBILE

 For general sales and services enquiries, please call 018-388 3388;

 For authorisation and merchant services, please call 018-227 0146.

Postal address:

U Mobile Sdn Bhd

Lot 11.01, East, Level 11
Berjaya Times Square
No. 1 Jalan Imbi
55100 Kuala Lumpur

For change of business details, please fill up the service request form, which can be
downloaded from U Mobile’s website www.u.com.my.

3. DEFINITION
In this Merchant Guide, the following phrase shall have the corresponding meanings:

PHRASE MEANING

“ADC” means Account Data Compromise event as prescribed in PCI

DSS, which include but is not limited to, the full contents of a
Payment Card’s magnetic stripe data;

“Card Security Code” means the 3-digit numerical code being a unique check value
generated using a secure cryptographic process that is displayed
on the signature panel of the Payment Card;

“Easy Payment Plan” means any Transaction Charges which can be paid by the
Cardholder by way of interest free instalments as designated by U
Mobile from time to time;

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

3
 MERCHANT GUIDE

“Fast Moving means products that usually have a short shelf life;
Consumer Goods” or
“FMCG”

“Floor Limit” means the amount of a Transaction Charges or series of

Transaction Charges by one Cardholder in one day at any outlet
that the Merchant operates in excess of which, the Merchant must
seek specific authorisation from U Mobile prior to completing the
relevant Transaction;

“High Risk Business” means Goods offered from the following categories:

(a) events such as a one (1) time seminar, conference, or

exposition, or online ticketing service; or

(b) FMCG products such a pharmaceuticals, consumer

electronics, packaged food products and drinks;

“Instalment Plan” means the minimum and maximum number of instalments to be

offered under the Easy Payment Plan;

“NFC” means near field communication;

“PAN” means primary account number, which is a unique card number

assigned to the Payment Card and embossed on the front of the
Payment Card;

“PFI” means PCI forensic investigator, which is an approved forensic

investigator by the Card Schemes to perform an independent
forensic investigation for an ADC event or potential ADC event;

“PIN Pad” means a device that enables the Cardholder to enter a PIN at a
POS Terminal;

“QR Code” means quick response code;

“Recurring Payment” means a Cardholder’s periodic Transaction Charges incurred at the

Merchant which are billed directly to the Cardholder’s Payment
Card as authorised in the Standing Instruction;

“Standing means an instruction given by Cardholder that authorises the direct

Instruction” billing of the Cardholder’s periodic Transaction Charges incurred at
the Merchant;

“Standing Instruction means a form used by Cardholder for Standing Instruction; and
Form”

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

4
 MERCHANT GUIDE

“Transaction Credit” means the amount credited into the Cardholder’s Payment Card
account as a refund for any Transaction Charges pursuant to a
Refund Form completed by such Cardholder and accepted by U
Mobile.

4. THE MERCHANT’S OBLIGATIONS

4.1 The Merchant shall:

(a) not submit to U Mobile any Transaction that:

(i) the Merchant knows or should have known to be fraudulent, counterfeit,

suspicious, wrongful or not authorised by the Cardholder;

(ii) the Merchant knows or should have known to be authorised by a Cardholder

colluding with the Merchant for a fraudulent, counterfeit, suspicious or
wrongful purpose; or

(iii) represents the refinancing or transfer of an existing Cardholder obligation that

is deemed to be uncollectible or arises from the dishonour of a Cardholder’s
personal cheque;

(b) not offer any Goods at a price lower than that which the Merchant intends to sell such
Goods, or from using promotional tactics which are not commercially reasonable or
acceptable;

(c) sell Goods where the Merchant has legal or legitimate rights to sell and market such
Goods;

(d) ensure that the Cardholder understands who is responsible for the Transactions,
including delivery of the Goods, and for customer service and dispute resolution, all in
accordance with the terms applicable to the Transactions;

(e) has sufficient safeguards in place to:

(i) protect Cardholder and Transactions information permitted by the regulatory

guidelines to be captured from authorised disclosure or use;

(ii) comply with all applicable Laws; and

(iii) ensure each Transaction submitted by the Merchant reflects a genuine

transaction between the Merchant and the Cardholder;

(f) be financially liable for all Transactions and liable for all acts, omissions, Cardholder
disputes, and other Cardholder service-related issued caused by the Merchant;

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

5
 MERCHANT GUIDE

(g) be responsible and financially liable for each Transaction entered into interchange, or
for any disputed Transaction, or credit;

(h) not transfer or attempt to transfer any of the Merchant financial liability by way of
asking or requiring Cardholders to waive their rights to make a claim;

(i) ensure that any Transactions or any activities that is illegal or is deemed by the Card
Schemes in its sole discretion, to damage or have the potential to damage the
goodwill of the Card Schemes or reflect negatively on the Marks shall not be
submitted into interchange;

(j) provide U Mobile and the Card Schemes with the necessary information, documents
and records of the Transaction or Cardholder and assistance required or requested
by anyone of them to maintain compliance with the Standards and Laws immediately
upon request by U Mobile and the Card Schemes at any reasonable time;

(k) at all times, comply with the requirements prescribed in the Standards in relation to all
other matters not specifically provided in the Agreement, including but not limited to:

(i) the data protection programme;

(ii) the fraud control rules and maintaining a total chargeback-to-interchange

sales volume ratio below the thresholds set by the Card Schemes;

(l) be responsible for staying apprised of all applicable changes to the Standards and
this Merchant Guide and maintaining compliance with the Standards and this
Merchant Guide. Standards may be available on websites of the Card Schemes;

(m) undertake that none of the Goods shall relate to timeshare, membership,
telemarketing, unlicensed investment scheme, unlicensed multi-level marketing
scheme as stipulated in the Standards;

(n) in addition to the above provisions, the Merchant must perform the following, if the
Goods provided by the Merchant is categorised as High Risk Business:

(i) ensure that the Transactions are not fraudulent, counterfeit, suspicious or
wrongful;

(ii) if the Transaction is fraudulent, counterfeit, suspicious or wrongful, the

Merchant will be liable for any loss suffered by U Mobile or the Card
Schemes arising from such fraudulent, counterfeit, suspicious or wrongful
Transaction; and

(iii) if the Merchant suspects any Transactions to be a fraudulent, counterfeit,

suspicious or wrongful transaction or if such the Transaction Charges for
such Transaction involve a material transaction value (which amount shall be
informed by U Mobile to the Merchant from time to time), the Merchant must
perform card verification with the Cardholder and to submit the relevant
verification document to U Mobile within three (3) Business Days after the

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

6
 MERCHANT GUIDE

date of the Transaction, failing which, the Merchant shall reverse the
Transaction; and

(iv) resolve directly with the Cardholder any claims or complaints made by the
Cardholder in respect of any purchase of the Goods.

5. PAYMENT CARD ACCEPTANCE

5.1 The Merchant must not:

(a) in any way indicate a greater preference for any method of accepting payment for the
Goods other than a Payment Card; or

solicit or promote any such method more actively than a Payment Card.

6. FLOOR LIMIT

6.1 U Mobile may, designate a Floor Limit by way of a written notice for every Transaction
conducted by the Merchant. In the absence of any such notice, the Floor Limit shall be zero.

6.2 The Floor Limit may be varied by U Mobile from time to time by way of notice to the Merchant.

6.3 The Merchant must ensure that:

(a) the Transaction Charges for any Transaction by any Cardholder shall not exceed the
Floor Limit; and

(b) the Merchant does not perform any Split Sales for any Transaction performed by a
Cardholder to circumvent the Floor Limit.

6.4 If a Cardholder wishes to make a Transaction for which the Transaction Charges exceed the
Floor Limit, the Merchant must:

(a) obtain U Mobile’s prior written approval manually or electronically before accepting
the Transaction; and

(b) print legibly the Approval Code evidencing on the Sales Slip before completing the
Transaction.

7. COMPLETION OF TRANSACTIONS

7.1 For each Transaction completed at an outlet or website operated by the Merchant, the
Merchant must ensure that:

(a) the Transaction request submitted are in accordance with procedures notified by U
Mobile to the Merchant from time to time;

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

7
 MERCHANT GUIDE

(b) the following conditions are observed for Transaction completed at the Merchant’s
outlet:

(i) the Payment Card is presented with its validity period as expressed on the
face of the Payment Card;

(ii) there is no apparent alteration or mutilation on the Payment Card;

(iii) the Payment Card bears genuine programme marks or any security or
distinctive features; and

(iv) the signature on the Sales Slip, if applicable, appears to be the same as that
on the signature panel of the Payment Card upon reasonable examination.

7.2 The Merchant must obtain an Approval Code from U Mobile for each Transaction via POS
Terminal.

7.3 Upon receipt of Approval Code, the Merchant must check to ensure that the Sales Slip, which
shall be printed through the electronic printer, is printed with the following particulars:

(a) the Merchant’s name, address and MID;

(b) POS Terminal identification number;

(c) Cardholder’s card number;

(d) batch number;

(e) date and time of Transaction;

(f) Transaction Charges; and

(g) Approval Code.

7.4 Transactions conducted when POS Terminal malfunction

In the event of equipment/line/system failure or the POS Terminal malfunctions, the Merchant
must contact U Mobile and obtain an Approval Code for each and every Transaction and
record legibly on the Sales Slip the Approval Code before completing a Transaction. The
Sales Slip shall be completed with the following:

(a) the embossed data/legends which includes the Payment Card account number, the
name and validity/expiry date of the Payment Card using an authorised Imprinter;

(b) the date of the Transaction;

(c) the total Transaction Charges (including any applicable Tax);

(d) the Approval Code, if any;

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

8
 MERCHANT GUIDE

(e) the Merchant’s name, address or place of business; and

(f) a description of Goods in detail sufficient to identify the Transaction.

7.5 Transaction where signature is required

To complete the Transaction, the Merchant must:

(a) obtain the signature of the Cardholder on the designated place of the Sales Slip;

(b) compare the Cardholder’s signature on the Sales Slip and the signature on the
Cardholder’s Payment Card to ensure that both signatures are identical; and

(c) decline the Transaction if the Merchant is unable to confirm that the signatures are
identical or if the signature differs.

7.6 Transactions that require PIN

The Merchant must ensure that the Cardholder key-in the PIN via PIN Pad to authorise the
completion of a Transaction.

7.7 For NFC Transactions

(a) The Merchant must request the Cardholder to place the Payment Card in front of the
reader and wait for the transaction authorisation.

(b) No signature or PIN is required for transaction amount up to RM250.00 (or any other
amount as defined by any Card Schemes, BNM or any Government Agency or
relevant authority having jurisdiction over the matters).

7.8 For QR Code T ransactions

The Merchant must scan the QR code via Cardholder’s mobile device with the correct
Transaction Charges processed for approval.

7.9 If the Transaction request for any Approval Code is declined or refused, the Merchant must
not complete the Transaction or attempt to split into two or more Sales Slip to effect the same
Transaction, or accept the same Payment Card for any other transactions.

7.10 The Merchant must not complete the Transaction if the Payment Card presented:

(a) has expired;

(b) has been altered, defaced or reprinted in any manner;

(c) does not bear the signature of the Cardholder (for transaction where signature is
required); or

(d) does not have the security features as advised by U Mobile from time to time.

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

9
 MERCHANT GUIDE

7.11 The Cardholder’s copy of the completed Sales Slip, if applicable, shall be given to the
Cardholder upon completion of every Transaction.

7.12 All Sales Slips shall be drawn in RM only. Any breach of this term resulting in currency
exchange differences shall be borne by the Merchant.

8 AUTHENTICATION OF TRANSACTIONS

8.1 If U Mobile notifies the Merchant that the volume of counterfeit or fraudulent Transactions at
any one (1) of the Merchant’s outlets has exceeded eight percent (8%) of the total
Transactions (or any other percentage as U Mobile shall in its absolute discretion prescribe)
at one (1) outlet for two (2) consecutive months, then upon the Merchant’s receipt of such
notification:

(a) the Merchant shall reimburse U Mobile of all payments made by U Mobile in respect
of Transactions for the Merchant’s claimed payment during the previous two (2)
consecutive months (“Recoursed Transactions”); and

(b) U Mobile shall have no liability to the Merchant and Cardholder in respect of any
Recoursed Transactions.

8.2 Subject to Paragraph 8.1(b):

(a) the Merchant is deemed not to have complied with the terms and conditions of the
Agreement where the affected Cardholder denies (wholly or in part) liability for the
Transaction, and a statutory declaration to that effect by the Cardholder shall be
conclusive evidence of all matters between U Mobile and the Merchant; and

(b) any two (2) or more Recoursed Transactions purportedly made by the same
Cardholder on different dates shall, unless U Mobile otherwise directs, be deemed
(for the purpose of Paragraph 6 above) to have been made on the same date.

8.3 All Recoursed Transactions accepted by the Merchant without prove that such Transactions
are accepted in accordance with the terms and conditions of the Agreement:

(a) shall be accepted at the Merchant’s sole risk and responsibility; and

(b) the Merchant waives and dischargse U Mobile and the Card Schemes from all rights,
claims, cost, expenses, cause of action, losses, damages and liabilities whether
direct or indirect whatsoever arising out of such Recoursed Transactions whether
based on contract, tort, negligence or otherwise.

9 REFUND OR RETURN OF GOODS

9.1 If a Cardholder returns the Goods purchased, and the Merchant accepts the return of such
Goods or if for any reason a Cardholder is entitled to have the Transaction Charges reduced
or refunded, then the Merchant must either:

(a) legibly complete a Refund Form bearing the following details and submit the
completed Refund Form to U Mobile:

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

10
 MERCHANT GUIDE

(i) the nature of the Transaction;

(ii) the Transaction Charges in RM;

(iii) the date the Merchant process the refund of Transaction Charges; or

(b) perform the refund transaction via Settlement Processing.

9.2 The Merchant must promptly present each Refund Form completed pursuant to Paragraph
9.1 to U Mobile.

9.3 Upon receipt of the Refund Form or refund Transaction via Settlement Processing, the
Merchant must reimburse U Mobile of the amount notified less the Merchant Discount and
less GST and all other Taxes, GST shall be calculated in the manner and at the rate from
time to time notified by U Mobile to the Merchant.

9.4 The Merchant must not perform Transaction Credit directly to a Cardholder in any manner.

9.5 The Merchant must not provide refunds to Cardholder for Transaction for Goods where at the
time the Transaction took place, sufficient disclosure was provided to the Cardholder that:

(a) the Goods are non-refundable or cannot be exchanged;

(b) the Merchant only accepts Goods in immediate exchange for similar Goods with the
price equivalent to the original Transaction Charges;

(c) the Merchant accepts return of Goods, and in return the Merchant will provide a credit
voucher to the Cardholder for the value of the Goods returned. Such credit voucher
may be used by the Cardholder at the Merchant’s outlet(s) or website(s); or

(d) subject to applicable Laws and as agreed by the Cardholder, the Transaction
Charges cannot be refunded, for example for Transactions involving delivery charges
or insurance charges.

10 POS TERMINAL (APPLICABLE FOR POS TERMINAL MERCHANT ONLY)

10.1 U Mobile may provide POS Terminals to the Merchant to be installed at the Merchant’s
outlets.

10.2 If U Mobile install POS Terminal at the Merchant’s outlets, the Terminal Fee shall be paid by
the Merchant to U Mobile.

10.3 The Merchant may use one (1) or more POS Terminals. However, the Merchant must not use
the POS Terminal for any third parties.

10.4 The Merchant must use the POS Terminal with care and in accordance with the relevant
equipment user guide.

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

11
 MERCHANT GUIDE

10.5 U Mobile or U Mobile’s appointed terminal vendor or any third party may provide training for
the Merchant’s Personnel who will operate the POS Terminal and shall at their discretion
provide POS Terminal instruction manual and specifications as U Mobile may deem
necessary for its efficient operation.

10.6 The POS Terminal training will include all aspects of the Payment Card acceptance
procedure, reconciliation, Settlement Processing and operation of the POS Terminal.

10.7 The cost for all subsequent POS Terminal trainings provided based on the Merchant’s
request shall be determined by U Mobile and borne by the Merchant.

10.8 The Merchant must:

(a) without limiting any other provisions in the Agreement, allow U Mobile or its
authorised agents or sub-contractors to access the Merchant’s premises to install,
repair, service, swap or retrieve the POS Terminal; and

(b) process all Transactions through the POS Terminal in accordance with the Standards
and operating instructions supplied by U Mobile from time to time.

10.9 U Mobile may replace or request the POS Terminal to be returned at any time for any reason
as U Mobile deems fit.

10.10 The provisions in this Paragraph 10 apply to any Imprinters which may be provided by U
Mobile to the Merchant.

11 MERCHANT’S SYSTEM (APPLICABLE TO E-COMMERCE MERCHANT

ONLY)

11.1 The Merchant must bear the cost for the setting-up, maintenance, upgrading, security and
integrity of the Merchant’s computer system, and related costs.

11.2 The Merchant must keep all systems and media containing any information or data (whether
physical or electronic) relating to Cardholders, their Payment Card accounts and
Transactions in a secure manner subject to the confidentiality, privacy and data security and
protection clause in the Agreement to prevent access by or disclosure to anyone other than
the Merchant’s Personnel or U Mobile.

11.3 If information or transaction data stored in any part of the Merchant’s system is lost,
damaged, stolen, tampered with or otherwise compromised, the Merchant must report and
give written notice of such loss, damage, theft or compromise to U Mobile immediately. Upon
U Mobile’s receipt of the Merchant’s notice, the Merchant shall, in consultation with U Mobile,
take immediate steps to remedy the situation and prevent its recurrence.

11.4 In the event that the Merchant upgrade or change the version or type of its software or
hardware or any other part of its system, the Merchant must inform U Mobile of such change
prior to its implementation and conduct testing with U Mobile’s system soonest possible. U
Mobile shall not be liable for any loss or damage suffered by any party or for any

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

12
 MERCHANT GUIDE

incompatibility between the Merchant’s system and U Mobile’s system due to such changes
made by the Merchant.

11.5 U Mobile shall not be liable in any way, for any claims, liabilities, expenses, costs, loss or
damage of whatever nature brought against, suffered or incurred by or caused to any party
whosoever due to or arising out of or in connection with the Agreement or any breach or
compromise of the security or integrity, or malfunction, of any encryption and identification
software, any electronic code keys, any equipment provided to any party or the Merchant’s
system.

12 WEBSITE REQUIREMENTS (APPLICABLE TO E-COMMERCE

MERCHANT ONLY)

12.1 The Merchant must promptly inform U Mobile of any security breach, suspected fraudulent
card account numbers or any suspicious activities that may be connected with attempts to
commit a security breach or to use fraudulent card account numbers the Merchant’s security
system or at the Merchant’s website.

12.2 The Merchant must ensure the Merchant’s website and its content comply with all applicable
Law and do not infringe any third party’s intellectual property rights.

13 RECURRING PAYMENT (APPLICABLE TO MERCHANT WHO ALLOWS

RECURRING PAYMENT BY CARDHOLDERS)

13.1 The Merchant must honour all valid Payment Cards when presented for the purchase of
Goods via the Recurring Payment Service if:

(a) the Transaction is made prior to the Payment Card’s expiration date; and

(b) the Merchant has obtained the duly filled and signed Standing Instruction Form from
the Cardholder for the Recurring Payment.

13.2 The Merchant must ensure that the list of Recurring Payment Transactions:

(a) is accurate, complete and free from errors; and

(b) is submitted in an agreed format and transmission channel on a periodical basis as

agreed by the Parties.

13.3 The Merchant must:

(a) submit to U Mobile replacement list of Recurring Payment Transactions if the initial
list submitted is faulty, corrupted, missing or unreadable; and

(b) be responsible for any unauthorised entries, errors or omissions in the list and to
indemnify U Mobile against all actions, proceedings, claims, demands and losses
whatsoever arising from U Mobile reliance on the list.

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

13
 MERCHANT GUIDE

13.4 Upon receipt of the list of Recurring Payment Transactions from the, U Mobile will debit the
Cardholder’s Payment Card account for the amount as specified in the list.

13.5 If U Mobile is unable to debit the Cardholder’s Payment Card account for any reason
whatsoever:

(a) U Mobile shall notify the Merchant;

(b) the Merchant must notify the Cardholder of the unsuccessful debit; and

(c) the Merchant must resolve the payment issue directly with the Cardholder.

14 MAIL/TELEPHONE ORDER (APPLICABLE TO MERCHANT WHO

PROVIDES MAIL/TELEPHONE ORDER SERVICE)

14.1 The Merchant who participates in the Mail/Telephone Order Programme shall deliver the
Goods as set out in this Mail/Telephone Order Programme to Cardholders subject to the
terms and conditions of this Paragraph 14 and to terms and conditions of the Agreement
which shall apply unless otherwise provided for in this clause.

14.2 The Merchant must honour all valid Payment Cards when presented for the purchase of
Goods via the Mail/Telephone Order Programme provided always that:

(a) the Transaction made is prior to the Payment Card expiration date and the Merchant
has received the Approval Code from U Mobile for the Transaction; and

(b) the Merchant has obtained the proper authorisation via the Mail/Telephone Order
Form from the Cardholder for the Mail/Telephone Order.

14.3 The Mail/Telephone Order Forms shall contain the following information:

(a) type of Payment Card;

(b) Cardholder’s full name or Cardholder’s name on the Payment Card;

(c) Payment Card number;

(d) Payment Card expiry date;

(e) Transaction Charges in RM;

(f) Transaction date;

(g) The Merchant’s name and address;

(h) brief description of the Goods supplied;

(i) Cardholder’s postal address and telephone number;

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

14
 MERCHANT GUIDE

(j) method of delivery of the Goods; and

(k) Cardholder’s signature.

14.4 Pursuant to Paragraph 14.3 above, any Mail/Telephone Order Forms that are incomplete or
have been altered shall be invalid and may not be accepted by U Mobile.

14.5 The cost of producing all Mail/Telephone Order Forms or other marketing material and of
altering the same in relation to any mailing programmes shall be borne by the Merchant.

14.6 The Merchant shall process the Mail/Telephone Order (if applicable) in the following manner:

(a) the Merchant must complete and submit the Mail/Telephone Order Form for every
valid Mail/Telephone Order received to U Mobile;

(b) U Mobile shall obtain the Approval Codes for the respective Transactions and return
the Mail/Telephone Order Form to the Merchant for fulfilment. The Merchant must
fulfil the orders placed via the Mail/Telephone Order Form;

(c) where Cardholder has opted to pay by instalments, the Merchant must complete and
submit to U Mobile the authorisation/payment form in respect of every instalment that
is due; and

(d) U Mobile shall obtain the Approval Codes for the respective instalments and return
the authorisation/payment form to the Merchant. The Merchant must complete and
submit to U Mobile for payment within three (3) days on receipt of the Mail/Telephone
Order form.

14.7 The Merchant must provide a fourteen (14) day trial period during which time the Cardholder
may reject any Goods ordered through the Mail/Telephone Order Programme where full
refund of the Transaction Charges must be provided to the Cardholder.

15 EASY PAYMENT PLAN (APPLICABLE TO MERCHANT WHO PROVIDES

EASY PAYMENT PLAN)

15.1 The Easy Payment Plan is only valid for payment made via a specific Payment Card as
informed by U Mobile from time to time.

15.2 U Mobile shall prescribe the minimum purchase amount to be entitled for the Easy Payment
Plan and the Instalment Plan.

15.3 U Mobile may withhold payment of any amount that are not within the stipulated Instalment
Plan as specified in Paragraph 15.2 above until U Mobile has examined the supporting
document and verified with the Cardholder concerned. If in U Mobile’s opinion, the
Transaction is invalid, U Mobile shall make no payment for such Transaction.

15.4 U Mobile may at its absolute discretion and without any liability, with or without giving prior
notice to the Merchant, restrict, limit or increase the Instalment Plan.

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

15
 MERCHANT GUIDE

15.5 The Merchant must disclose in writing, electronically or by another method to the Cardholder
the terms of the Easy Payment Plan, including all cost associated with the purchase of the
Goods.

15.6 The Merchant shall resolve all disputes or differences on the quality or quantity of the Goods
with the Cardholders who opt for the Easy Payment Plan directly. U Mobile shall not be
concerned with or held liable for any inadequate, defective or damaged Goods or other
disputes between the Cardholder and the Merchant.

16 DIRECT MAILING PROMOTION

16.1 U Mobile may at its sole discretion, assist the Merchant in a direct mailing promotion in the
following manner:

(a) identify Cardholders according to the Merchant’s requirement;

(b) print labels bearing the name and address of a selected Cardholder in respect of
each item of promotional material supplied by the Merchant; and

(c) manage the posting of the promotional material available to selected Cardholder or if
there is insufficient promotional material.

16.2 If at any time U Mobile, disapprove or disagree, for any reason whatsoever, any aspects of
the Merchant’s proposed direct mailing promotion, U Mobile shall be entitled to withdraw its
assistance without incurring any liability to the Merchant.

16.3 If U Mobile agrees to assist the Merchant in any direct mailing promotion, the Merchant shall
supply to U Mobile, the relevant promotional material in the form agreed by the Parties. These
promotional materials must be ready for posting by mail (except for the recipients’ address
and postal stamp).

16.4 U Mobile’s fee or the method of calculating U Mobile’s fee (including reimbursement for all
expenses incurred by U Mobile, including all postal charges) for assisting in any direct mailing
promotion shall be agreed with the Merchant in advance.

16.5 U Mobile shall not be liable in any way for the promotional materials provided by the
Merchant, and the Merchant must indemnify U Mobile in respect of any claim arising out of
the promotional materials supplied by the Merchant.

17 TRANSACTION RECORDS

17.1 The Merchant must retain the Sales Slip or Refund Form issued by the Merchant together
with the Merchant’s copy of all other documents evidencing the Transactions for a period of at
least eighteen (18) months from the date of Transaction.

17.2 The Merchant must allow U Mobile or Card Schemes to examine the documents specified in
Paragraph 17.1 within seven (7) calendar days from the date of U Mobile or Card Scheme’s
request.

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

16
 MERCHANT GUIDE

17.3 If the Merchant fail to produce legible and complete copy of the Sales Slips within seven (7)
calendar days upon U Mobile’s request, U Mobile reserves the right to be reimbursed for the
affected Settlement by deducting from subsequent Transactions submitted to U Mobile for
payment.

18 COMPLAINT BY CARDHOLDER

18.1 U Mobile shall not be responsible to Cardholders in any way for any Goods sold by the
Merchant.

18.2 The Merchant must in good faith, satisfy any claims or complaints made by Cardholders
concerning any Goods purchased from the Merchant via the Payment Card.

18.3 The Merchant must indemnify U Mobile against any and all claims made against U Mobile
arising out of or in relation to the Goods purchased from the Merchant via the Payment Card
including all losses, costs and expenses (including legal fees) incurred by U Mobile in
connection with such claims.

19 SECURITY REQUIREMENTS

19.1 Data Security and Protection

The Merchant must ensure that:

(a) a terminal or other device at the Merchant’s outlet does not display, replicate, or store
any Payment Card-read data except Payment Card account number, expiration date,
service code or Cardholder’s name;

(b) before discarding any media containing Payment Card, Cardholder or Transaction
data, including such data as Card Security Code, account numbers, PINs, credit
limits, and account balances, the Merchant must:

(i) render the data unreadable by ensuring that it has irretrievably and
permanently destroyed;

(ii) delete all such data from all its systems including its archival systems; and

(iiI) undertake the necessary verification of such destruction and deletion; and

(c) access to Payment Card, Cardholder or the Transaction data stored in computers
and terminals is limited and controlled by establishing data protection procedures that
include, but are not limited to, a password system for computer remote terminal
access, control over dial-up lines, and any other means of access.

19.2 The Merchant must demonstrate to the satisfaction of the Card Schemes and U Mobile the
following:

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

17
 MERCHANT GUIDE

(a) the existence and use of meaningful physical and logical security controls for any
communications processor or other device used to connect U Mobile’s processing
systems to the worldwide network of the Card Schemes and all associated
components, including all hardware, software, systems, and documentation located
on-site at the Merchant’s facility, front-end communications processors include the
Card Schemes interface processors (MIPs), network interface units (NIUs), and debit
interface units (DIUs); and

(b) the controls must meet the minimum requirements, and preferably will include the
recommendation of additional parameters.

19.3 The Merchant must put in place security requirements as described in the Merchant Guide, at
each physical location housing the network device of the Card Schemes.

19.4 At a minimum, the Merchant must put in place the following controls:

(a) each network segment connecting the network device of the Card Schemes to U
Mobile’s processing systems must be subject to strict security control, as appropriate
or necessary, to prevent unauthorised access to or from other public or private
network segments;

(b) the connectivity provided by each such network segment must be dedicated wholly
and restricted solely to the support of communications between the Card Schemes
and U Mobile’s processing systems;

(c) the Merchant must replace each vendor-supplied or default password present on U
Mobile’s processing systems, each network device of the Card Schemes, and any
device providing connectivity between them with a “strong password”. A strong
password contains at least eight (8) characters, uses a combination of letters,
numbers, symbols, punctuation, or all, and does not include a name or common
word(s);

(d) the Merchant must conduct regular periodic reviews of all systems and devices that
store the Card Schemes account information to ensure that access is strictly limited
to the Merchant’s appropriate personnel on a “need to know” basis;

(e) the Merchant must notify U Mobile or Card Schemes within thirty (30) Business Days
of any change in the personnel designated to administer the network device of the
Card Schemes;

(f) the Merchant must maintain and document appropriate audit procedures for each the
network device of the Card Schemes. Audit reports must be maintained and
accessible to U Mobile for at least one year, including a minimum of ninety (90) days
in an easily retrieved electronic format;

(g) the Merchant must ensure that the software employed in any system or device used
to provide connectivity to the worldwide network of the Card Schemes is updated with
all appropriate security patches, revisions and other updates as soon after a release
as is practicable;

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

18
 MERCHANT GUIDE

(h) the physical location of the service delivery point equipment must be accessible only
by the Merchant’s authorised personnel. Visitor access must be controlled by at least
one of the following measures:

(i) require each visitor to provide government-issued photo identification before

entering the physical location; or

(ii) require each visitor to be escorted to the physical location by the Merchant’s
authorised personnel of the;

(i) if the physical location of the service delivery point equipment provides common
access to other devices or equipment, then the network device of the Card Schemes
must be stored in a cabinet that is locked both in front and the rear at all times. Keys
to the cabinet must be stored in a secured location; and

(j) the Merchant must have documented procedures for the removal of service delivery
point equipment from the physical location.

20. ADDITIONAL SECURITY REQUIREMENTS

The Merchant may put in place the following additional controls at each physical location
housing the network device of the Card Schemes:

(a) placement of the network device of the Card Schemes in a physical location that is
enclosed by floor-to-ceiling walls; and

(b) continual monitoring of the network device of the Card Schemes by cameras or other
type of electronic surveillance system. Video records should be maintained for a
minimum period of ninety (90) days from the date the footage is taken.

21. ADC EVENTS

21.1 In the event that the Merchant’s system or environment compromised or may be
compromised (at the time the ADC event or potential ADC event occurred), the Merchant
must resolve all outstanding issues and liabilities to the satisfaction of the Card Schemes.

21.2 The Merchant must notify U Mobile and the Card Schemes immediately when the Merchant
becomes aware of an ADC event or potential ADC event in or affecting any system or
environment of U Mobile or the Merchant.

21.3 The Merchant deemed to be aware of an ADC event or potential ADC event when:

(a) the Merchant first becomes aware of an ADC event or a potential ADC event;

(b) under circumstances that include, but are not limited to, any of the following:

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

19
 MERCHANT GUIDE

(i) the Merchant is informed, through any source, of the installation or existence
of any malware in any of the Merchant’s systems or environments, no matter
where such malware is located or how it was introduced;

(ii) the Merchant receives notification from the Card Schemes or any other
source that the Merchant has experienced an ADC event or a potential ADC
event; or

(iii) the Merchant discovers or, in the exercise of reasonable diligence, should
have discovered a security breach or unauthorised penetration of the
Merchant’s own system or environment.

21.4 The Merchant must perform the following (unless directed otherwise in writing by the Card
Schemes) if the Merchant is aware or becomes aware of an ADC event or a potential ADC
event:

No. Time from the Merchant Action to be taken by the Merchant

is aware or becomes
aware of an ADC event
or a potential ADC
event
(i) immediately commence a thorough investigation into the
ADC event or potential ADC event

(ii) within twenty-four (24) identify, contain, and mitigate the ADC event or
hours potential ADC event, secure Payment Card
account data and preserve all information, in all
media, concerning the ADC event or potential
ADC event, including:

(a) preserve and safeguard all potential

evidence pertinent to a forensic examination
of an ADC event or potential ADC event;

(b) isolate compromised systems and media

from the network;

(c) preserve all intrusion detection systems,

intrusion prevention system logs, all firewall,
web, database and events logs;

(d) document all incident response actions; and

(e) refrain from restarting or rebooting any

compromised or potentially compromised
system or taking equivalent or other action
that would have the effect of eliminating or
destroying information that could potentially
provide evidence of an ADC event or
potential ADC event;

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

20
 MERCHANT GUIDE

iii. on an ongoing basis submit to U Mobile and if requested by the Card

subsequently Schemes, submit to the Card Schemes:

(a) all known or suspected facts concerning

the ADC event or potential ADC event,
including, by way of example and not
limitation, known or suspected facts as to
the cause and source of the ADC event or
potential ADC event;

iv. continuing throughout the provide to U Mobile or Card Schemes, in the

investigation required format:

(a) all account numbers and expiration dates

associated with the Card Schemes
account data that were actually or
potentially accessed or disclosed in
connection with the ADC event or
potential ADC event;

(b) any additional information requested by

the Card Schemes; and

(c) the Merchant’s obligation to obtain and

provide account numbers to the Card
Schemes applies to any the Card
Schemes account number in BIN range
assigned by the Card Schemes. This
obligation applies regardless of how or
why such account numbers were
received, processed or stored, including,
by way of example and not limitation, in
connection with or relating to a credit,
debit (signature- or PIN-based)
proprietary, or any other kind of payment
transaction, incentive or reward
programme;

v. within seventy-two (72) engage the services of a PFI to conduct an

hours independent forensic investigation to assess the
cause, scope, magnitude, duration and effects
of the ADC event or potential ADC event subject
to the following:

(a) the PFI engaged to conduct the

investigation must not have provided the
last PCI compliance report concerning the
system or environment to be examined;
and

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

21
 MERCHANT GUIDE

(b) prior to the commencement of such PFI’s

investigation, the must notify U Mobile or
Card Schemes of the proposed scope and
nature of the investigation and obtain
preliminary approval of such proposal
from U Mobile or Card Schemes or, if
such preliminary approval is not obtained,
of a modified proposal acceptable to U
Mobile or Card Schemes;

vi. within two (2) Business identify to the Card Schemes the engaged PFI
Days from the date on and confirm that such PFI has commenced its
which the PFI was investigation;
engaged

vii. within three (3) Business ensure that the PFI submits to U Mobile or Card
Days from the Schemes a preliminary forensic report detailing
commencement of the all investigative findings to date
forensic investigation

viii. within twenty (20) (a) provide to U Mobile or Card Schemes a

Business Days from the final forensic report detailing all findings,
commencement of the conclusions and recommendations of the
forensic investigation: PFI; and

(b) continue to address any outstanding

exposure, and implement all
recommendations until the ADC event or
potential ADC event is resolved to the
satisfaction of U Mobile or Card Schemes.

21.5 Despite Paragraph 21.4 above, U Mobile or Card Schemes may engage a PFI on the
Merchant’s behalf in order to expedite the investigation. The PFI who is engaged on the
Merchant’s behalf will be responsible for all costs associated with the investigation.

21.6 Forensic Report

(a) In connection with the independent forensic investigation and preparation of the final
forensic report:

(i) the Merchant cannot engage in or enter into any conduct or agreement
understanding that would impair the completeness, accuracy or objectivity of
any aspect of the forensic investigation or final forensic report;

(ii) the Merchant must not engage in any conduct that could or would influence,
or undermine the independence of, the PFI or undermine the reliability or
integrity of the forensic investigation or final forensic report. By way of

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

22
 MERCHANT GUIDE

example, and not limitation, the Merchant must not take any action or fail to
take any action that would have the effect of:

(1) precluding, prohibiting or inhibiting the PFI from communicating

directly with U Mobile or Card Schemes;

(2) permitting the Merchant to substantively edit or otherwise alter the

forensic report; or

(3) directing the PFI to withhold information from U Mobile or Card

Schemes.

(b) The Merchant must ensure that the PFI retain and safeguard all draft forensic report(s)
pertaining to the ADC event or potential ADC event and, upon U Mobile or Card
Schemes’ request, immediately provide to U Mobile or Card Schemes any such draft
forensic report.

(c) The final forensic report must include the following, unless otherwise directed in writing
by U Mobile or Card Schemes:

(a) a statement of the scope of the forensic investigation, including sources of

evidence and information used by the PFI;

(b) a network diagram, including all systems and network components within the
scope of the forensic investigation. As part of this analysis, all system
hardware and software versions, including POS applications and versions of
applications, and hardware used by the compromised entity within the past
twelve (12) months must be identified;

(c) a Transaction flow depicting all points of interaction associated with the
transmission, processing and storage of the Card Schemes account data and
network diagrams;

(d) a written analysis explaining the method(s) used to breach the subject entity’s
network or environment as well as method(s) used to access and infiltrate the
Card Schemes account data;

(e) a written analysis explaining how the security breach was contained and the
steps (and relevant dates of the steps) taken to ensure that the Card
Schemes account data are no longer at risk of compromise;

(f) an explanation of investigative methodology as well as identification of

forensic data sources used to determine final report findings;

(g) a determination and characterisation of the Card Schemes account data at

risk of compromise, including the number of the Card Schemes accounts and
at risk data elements (magnetic stripe data - Track 1 and Track 2, Cardholder
name, PAN, expiration date, Card Security Code, PIN, and PIN block);

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

23
 MERCHANT GUIDE

(h) the location and number of the Card Schemes accounts where restricted
account data (magnetic stripe, Track 1 and Track 2, Cardholder name, PAN,
expiration date, Card Security Code, PIN, or PIN block), whether encrypted
or unencrypted, was or may have been stored by the entity that was the
subject of the forensic investigation. This includes restricted the Card
Schemes account data that was or may have been stored in unallocated disk
space, backup media and malicious software output files;

(i) the period for Transactions involving the Card Schemes accounts determined
to be at risk of compromise. If Transaction date/time is not able to be
determined, file-creation timestamps must be supplied;

(j) a determination of whether a security breach that exposed payment card data
to compromise occurred;

(k) on a requirement-by-requirement basis, a conclusion as to whether, at the

time the ADC event or potential ADC event occurred, each applicable PCI
Security Standards Council requirement was complied with. For the
avoidance of doubt, as of the date of the publication of these Standards, the
PCI Security Standards include the PCI DSS, PIN Entry Device (PCI PED)
Security Requirements, and PA-DSS; and

(l) the Card Schemes may require the Merchant to cause a PFI to conduct a
PCI gap analysis and include the result of that analysis in the final forensic
report.

(The rest of this page has been intentionally left blank)

Copyright and Confidentiality Statement

The copyright of this document, which may contain proprietary information, is the property of U Mobile Sdn Bhd. The document shall not be
disclosed, copied, transmitted or stored in an electronic retrieval system, or published in any form, either wholly or in part without prior written
consent.

The document shall be held in safe custody and treated in confidence

U Mobile Legal version 10 May 2018

24