TERMS AND CONDITIONS OF USE FOR ONBOARDING SYSTEM

By this instrument, the individual or legal entity identified through the data requested in this Onboarding system, which is an integral part of these Terms (the “Merchant”), and IOPAY SOLUCOES EM PAGAMENTO LTDA., a limited liability company, registered under CNPJ No. 19.786.646/0001-74, headquartered at Rua Orobó, No. 109, Alto de Pinheiros, São Paulo, State of São Paulo, ZIP 05466-030, email

1. Risk Analysis

1.1 I agree that the request to create a digital account may be subject to risk analysis and I understand that IOPAY may or may not approve my request. I understand that IOPAY will need to use my registration data such as CNPJ/CPF, Name, Phone, Address, Date of Birth, Company Incorporation Date, company’s line of business, as well as commercial data such as monthly transaction volume, average ticket in transactions, among other information that may be requested to complete the risk analysis procedure.

2. Request for Plans with Early Payout

2.1 I understand and agree that requests for plans with early payout in in-person and/or online payment methods may be subject to risk analysis based on my registration data, and IOPAY reserves up to 90 (ninety) days to grant an early-payout plan, and such request may be denied at IOPAY’s sole discretion.

2.2 If the request is denied, the Merchant may submit a new request, which may or may not be approved, within the same period of up to 90 (ninety) days after the request.

2.3 I also agree that to grant early payout, IOPAY may require a period with a constant transactional flow in my account, set at IOPAY’s sole discretion, to analyze daily and monthly movement volumes.

3. Contact for the Onboarding Process

3.1 I understand and agree that IOPAY may contact me by phone, email, or SMS messages and through apps such as WhatsApp and similar, to verify data and provide information relevant to the use of the offered products and services.

4. Responsibility for Chargebacks

4.1 I agree to assume responsibility for any chargebacks arising from my commercial activity using IOPAY’s in-person and/or online payment methods, without prejudice to applicable administrative and/or legal measures, as well as the automatic debiting of future receivables in my IO digital account to cover the debt resulting from the chargeback.

4.2 I undertake to send IOPAY, within up to 5 business days, documentation proving the legitimacy of a given transaction in case of dispute, to avoid chargebacks. I acknowledge that if the requested documentation is not sent to IOPAY, or does not comply with the instructed parameters, I will be exposed to the risk of the chargeback being finalized and I will bear the debt in accordance with clause 4.1 above.

5. Products and Services Related to These Terms and Conditions

5.1 I agree and understand that the IOPAY products and services offered through this onboarding process are:

5.1.1 POS terminals, IO Pro and IO Pocket, for processing in-person payment transactions.

5.1.2 For online payment methods, IOPAY provides API integrations, E-commerce Modules and a Payment Button, as well as Payment Links that can be generated from the IO Digital Account.

5.1.3 A payment account for analyzing sales flow, statements, making transfers to a bank account with the same ownership, generating payment links, viewing the contracted fee plan, among other features available via account access.

6. Payment Methods Offered

6.1 I understand and agree that IOPAY’s payment methods may be used to process transactions via Debit, Credit Cards (single payment and installments), Bank Slips (Boletos), and Pix in the QR Code and Pix Copy and Paste modalities.

6.2 Card brands offered by IOPAY for debit transactions currently are: Maestro, Visa Electron, Elo, Hipercard, Hiper, JCB, Banescard, Diners Club, Aura, Discover.

6.3 Card brands offered by IOPAY for credit transactions currently are: Mastercard, Visa, Elo, American Express, Aura, Diners Club, Discover, Hipercard, Hiper, JCB, Banescard.

6.4 In cases of requesting special benefit cards, such as meal/food cards, I understand that I must be registered with the respective brand to enable it in IOPAY’s payment methods; the brands offered in such cases are Alelo and Ticket VR.

7. Economic Plan

7.1 I understand and agree that under the Economic Plan for in-person transactions, single-payment credit transactions are settled within 30 calendar days after each transaction date.

7.2 Transactions made via installment credit under the Economic Plan are also settled within 30 days, with each installment being settled every 30 days, according to the number of installments selected at the time of payment.

7.3 Transactions made via Debit under the Economic Plan are settled in 1 (one) business day.

8. Anticipated Plan

8.1 Under these terms and conditions, I accept that the Anticipated Plan for in-person transactions provides settlement for debit, single-payment credit, and installment credit in 1 (one) business day, with all installments settled simultaneously in the case of installment payments.

9. Start Plan

9.1 I understand and agree that the Start Plan for online payment transactions settles single-payment credit and installment credit in 30 days after the date of each transaction.

9.2 Settlement of installment credit transactions under the Start Plan is simultaneous, with all installments settled on the 30th (thirtieth) day after the transaction date.

10. Pro Plan

10.1 I accept and understand that the Pro Plan for online transactions provides settlement for single-payment credit and installment credit in 10 days after the date of each transaction.

10.2 In the case of installment credit transactions, all installments are settled simultaneously, 10 days after the transaction date.

11. Custom Plan

11.1 I understand and agree that for Custom Plan requests, IOPAY may request additional information such as documents proving a transactional flow above R$100,000.00 (one hundred thousand reais) per month.

11.2 IOPAY reserves the right to grant or not grant the Custom Plan, in accordance with its internal approval policies for this type of special pricing.

12. Bank Slips (Boletos)

12.1 I understand and agree that under these terms I am also contracting the service of issuing registered bank slips (boletos).

12.2 The settlement period for sales made via bank slips observes the bank clearing period, which may take up to 3 business days after payment.

12.3 IOPAY does not charge per issued boleto; the boleto fee is charged only when the Merchant’s customer pays the boleto.

13. Pix

13.1 By contracting IOPAY’s payment methods, I understand that I can make sales via Pix and that the settlement period for this type of transaction is 1 (one) business day after payment.

13.2 IOPAY does not charge for a payment order; the fee related to Pix transactions is charged only when the Merchant’s customer pays via QR Code or Pix Copy and Paste.

14. Contracting Deadlines

14.1 I understand and agree that IOPAY’s response time, from the moment the requested information is submitted in this Onboarding system, is up to 5 business days, with either a positive or negative position regarding account approval.

14.2 In cases of POS terminal requests, IOPAY will ship the equipment within up to 2 (two) business days for São Paulo (capital) and up to 15 (fifteen) business days for other locations within Brazil.

15. Account Activation

15.1 I agree and understand that after IOPAY’s positive feedback regarding the approval and creation of the payment account, I must submit the requested documentation within the account so it is properly enabled and ready to process transactions.

By this instrument, IOPAY SOLUCOES EM PAGAMENTOS LTDA., a limited liability company, registered under CNPJ No. 19.786.646/0001-74, headquartered at Rua Orobó, No. 109, Alto de Pinheiros, São Paulo, State of São Paulo, ZIP 05466-030, email [email protected], sets out with transparency and commitment its Privacy Policy for the Processing of Data of individuals or legal entities who access the company’s portal at https://iopay.com.br, as well as of its customers. The terms and conditions of this Privacy Policy apply from the moment the user accesses any of IOPAY’s platforms or its website, as well as when contracting the products and services offered by the company.

1. How IOPAY Collects Your Data

1.1 IOPAY collects data whenever the Merchant’s responsible party accesses the website https://iopay.com.br , fills out the forms found at https://onboarding.iopay.com.br , contracts and accesses any products or services offered by the company, and may also collect data in situations such as prospecting and technical support.

2. What Data IOPAY Collects

2.1 Personal data provided by the Merchant’s Owner/Representative:

• Name
• Addressço
• Identification documents (CPF and RG)
• Date of Birth
• Phone
• Email
• Third-party personal data
• Bank details

2.2 Public information such as:

• Civil cases
• Criminal cases
• Labor cases
• Any other public information

2.3 Data from information systems and technology:

• Browsing, interaction, and device data during the session.
• Device IP address
• Device metrics such as ping and network latency
• Geolocation information
• URL information
• Network connection and provider data
• Cookies
• Device attributes: IMEI, ID, browser, model, and operating system

2.4 Financial data such as:

• Credit restrictions
• Negative records
• Restrictions on collateral and amounts due

3. Data Retention and Storage

3.1 IOPAY keeps the collected Data secure and in a controlled environment. Data may be retained during the Merchant’s contract term and also throughout a sales prospecting period. If deletion is requested, IOPAY may retain Data for an additional period to comply with legal obligations, exercise its rights, or for auditing purposes.

3.2 The request to delete data must be made by the Merchant’s Owner/Representative and will be fulfilled within up to 10 (ten) business days from confirmation of receipt of the request.

4. Data Processing by IOPAY

4.1 IOPAY uses the Merchant Owner’s/Representative’s data to provide its services and products, ensure transparency of information before Brazilian authorities, and comply with legal obligations before the authorities responsible for supervising Brazil’s payments market (art. 7 II of the LGPD). Another use of collected data relates to optimizing and maintaining the services and products offered.

4.2 IOPAY complies with the LGPD, following the purpose principle, which states that the Processing of Personal Data must be carried out for legitimate, explicit, and specific purposes that the data owner is aware of.

4.3 Purposes for which IOPAY may use the Merchant Owner’s/Representative’s data:

• Provision of contracted products and services
• Compliance with court orders from competent authorities or regulators
• Exercise of IOPAY’s rights, using documents in judicial and administrative proceedings
• Authenticate financial transactions
• Resolution and prevention of technical issues
• Optimization and evolution of technologies, products, and services provided
• Authenticate identity and verify compliance with internal requirements to contract available products and services
• Provision of support and customer service through any available communication channels
• Activities related to marketing and promotions
• Research and statistics related to user behavior across IOPAY technologies and platforms
• Combat fraud and financial crimes

5. Data and Information Sharing

5.1 IOPAY may share the Merchant Owner’s/Representative’s Data, in full compliance with the LGPD, with authorities, regulators, and business partners. Data may be shared with information technology companies, research organizations, financial services, customer service, marketing, collection agencies, banks and financial institutions, among any others that contribute to the purposes described above.

6. International Data Transfer

6.1 IOPAY uses cloud computing servers located outside Brazil. For this reason, Data and information may be transmitted abroad, securely and in compliance with the LGPD.

7. Data Subject Rights

7.1 The Merchant Owner/Representative may request that IOPAY confirm the Processing of Data and provide the Data held in custody.

7.2 The Merchant Owner/Representative may request that IOPAY provide information on the institutions and entities with which the collected Data is shared.

7.3 The Merchant Owner/Representative may request that IOPAY transfer the Data held to another Data Controller, securely and without disclosing any information that reveals IOPAY’s strategic secrets.

7.4 The Merchant Owner/Representative may request correction of Data that is outdated, incorrect, or incomplete.

7.5 The Merchant Owner/Representative may object to the Processing of their Data if irregularities are identified.

7.6 The Merchant Owner/Representative may, if deemed necessary, file a complaint with the National Data Protection Authority (ANPD). In such cases, IOPAY recommends first contacting the main customer service and support channels for a quick and efficient resolution.

8. Consent

8.1 By checking the option “I have read and agree to the terms and conditions,” you agree to the terms and conditions of this Privacy Policy.

9. Data Security and Privacy

9.1 IOPAY processes data following current best security practices and keeps it in a controlled environment to ensure customer privacy. However, it is the Merchant Owner’s/Representative’s responsibility to keep access credentials, such as the login and password used to access the IOPAY payment account, secure.

In case such credentials are stolen, the Owner/Representative must contact IOPAY’s customer service and support channels to report the incident as quickly as possible and reset the password via the “Forgot my password” link on the payment account login page.

10. Privacy Policy Updates

10.1 This Privacy Policy may be amended and updated, and the Owner/Representative may review it at any time via IOPAY’s customer service channels and on the company website.