Business Internet Banking Terms and Conditions

1.1 The Customer and the Bank agree that the Services (as defined below) shall be supplied to the Customer and will include Primary Users being empowered to agree on behalf of the Customer the matters as described in this Agreement, in all cases subject to the terms and conditions contained or referred to in this Agreement.

1.2 The Customer will, acting through Customer Delegate(s), access the Services through the HSBC Site.

1.3 By signing the application form relating to Business Internet Banking and returning it to the Bank the Customer agrees to be bound by the terms of this Agreement.

1.4 Defined terms used in this Agreement are set out below: Administrator Any Customer Delegate who is empowered to administer and maintain the ongoing use of the Services by other Customer Delegates.

Agreement This agreement as modified from time to time including any supplementary terms for the provision of the Services published from time to time and any other Business Internet Banking documents (including all Customer Guides) mentioned in this agreement.

Bank (also we, us, our) HSBC Bank Middle East Limited.

Business Internet Banking The HSBC Group's business internet banking system.

Customer (also you, your, yours) The business customer named on the application form.

Customer Delegate Any of the Primary User, Administrator(s) or Secondary User(s) who are authorised from time to time to use the Services.

Customer Guides The welcome guide, the technical supplement and all customer guides, manuals, help text or similar documents (whether in hard copy or in electronic form) issued by us to you at any time in any format for use with the Services.

Customer Instruction Any request or instruction that is received by the Bank through Business Internet Banking.

Help Desk The Business Internet Banking Help Desk.

HSBC Group HSBC Holdings plc and its subsidiary and associate undertakings, or any of their branches.

HSBC Site The HSBC portal through which you access Business Internet Banking.

Password Any confidential password, phrase, code or number, memorable data, or any other identification of any kind whether issued to the Customer or any Customer Delegate by the Bank or adopted by the Customer or any Customer Delegate (including any Business Internet Banking ID/User ID) which may be used either alone or with any Security Device or other thing to access or facilitate access to any of the HSBC Site, Business Internet Banking and the Services or to effect Customer Instructions.

Primary User A Customer Delegate entrusted with responsibility for the initial Business Internet Banking installation and the Customer's on-going use of Business Internet Banking as described in the Customer Guides. Secondary User A Customer Delegate appointed by an Administrator or Primary User.

Security Device Any card, token, device, digital certificate, procedure or other thing whether issued to the Customer or any Customer Delegate by the Bank or adopted by the Customer or any Customer Delegate which may be used alone or with any Password or other thing to access or facilitate access to any of the HSBC Site, Business Internet Banking and the Services or to effect Customer Instructions or to generate any Password.

Services Any banking product or service provided by the Bank to the Customer using Business Internet Banking (including without limitation the empowerment of Customer Delegates to agree on behalf of the Customer the matters as described in this Agreement.)

2.1 The Services enable you to:

2.1.1 view accounts and give us instructions in relation to services you receive from us, and accounts and products that you have with us, being accounts, services and products which are from time to time the subject of Business Internet Banking; and

2.1.2 initiate applications, place orders and conclude contracts for or relating to services and products of any kind which we or any other member of the HSBC Group may offer from time to time and to agree any other matter or thing with us or any other member of the HSBC Group.

2.2 By this Agreement you authorise us and (in the case of the matters referred to in Clause 2.1.2) all other members of the HSBC Group to:

2.2.1 act on and accept Customer Instructions apparently given by any Customer Delegate in respect of any of the matters referred to in Clause

2.1.1 and to act on and accept Customer Instructions apparently given by any Primary User in respect of any of the matters referred to in Clause 2.1.2; and

2.2.2 add to Business Internet Banking all of your accounts whenever opened which are the subject of Business Internet Banking. This applies to all of your accounts existing at the date of this Agreement and those opened afterwards.

3.1 When registering you are required to nominate a Primary User. You understand that by doing this, the Primary User will have full control of your business bank accounts when accessed using Business Internet Banking and will have the authority to delegate various access and/or control rights to other Customer Delegates and to agree on your behalf any matter or thing as described in Clause 2.1.

4.1 We will only accept a Customer Instruction if it has been effected through Business Internet Banking, where access to Business Internet Banking appears to have been obtained using the appropriate Password(s) in accordance with this Agreement.

4.2 You request and authorise us to treat all apparently valid Customer Instructions received by the Bank as instructions or other communications properly authorised by you, even if made fraudulently and even if they conflict with the terms of any other mandates given by you at any time concerning your accounts or affairs. Subject to our obligations in Clause 4.1 above, we shall be under no other obligation to check the authenticity of Customer Instructions or the authority of the person or persons giving them.

4.3 You are responsible for the accuracy and completeness of Customer Instructions and for ensuring that they will achieve your intended purpose. We are not liable for any loss or delay where the contents of a Customer Instruction are inaccurate or incomplete.

4.4 If you request us to cancel or modify any Customer Instruction, we will make all reasonable efforts to comply with your request. However, we are not liable for any failure to cancel or modify the Customer Instruction if such a request is received at a time or under circumstances that render us unable to comply with your request.

4.5 We and any company in the HSBC Group are entitled to :

• debit your accounts, wherever they are situated and whenever they are opened, with any amounts that we, or such company, have paid or incurred in accordance with a Customer Instruction; and
• act and rely upon and treat as binding upon the Customer any Customer Instruction.

4.6 We may, in our absolute discretion and without liability, not agree to act on or delay acting on a Customer Instruction if:

4.6.1 It is a request or instruction the effect of which would be to exceed any limit imposed by the Bank upon you generally, for example your daily payment limit, or upon the Customer Delegate in question.

4.6.2 It is an informal overdraft request, namely a request or instruction that, if agreed to by us, would cause your account to go overdrawn or over an existing overdraft limit.

4.6.3 We know of or suspect a breach of security in respect of or in connection with the operation of one or more of your accounts or the Services generally.

4.7 If we do not act on or delay acting on a Customer Instruction pursuant to Clause 4.6.3, we shall where possible notify you of this as soon as is reasonably possible.

4.8 A transaction being carried out is not always simultaneous with a Customer Instruction being given. Some matters may take time to process and certain Customer Instructions may only be processed during normal banking hours even though Business Internet Banking may be accessible outside such hours.

5.1 If we make this facility ('Secure Messaging Services') available to you, you may send us and we may send you secure messages using Business Internet Banking. The Secure Messaging Services may include the capability for interactive online exchanges of messages between us and you.

5.2 We reserve the right to withhold at any time and without giving any prior notice, access by you to the Secure Messaging Services and, if made available, to withdraw all or any part of the Secure Messaging Services generally or from you.

5.3 You must not send us messages:

• in relation to matters for which there is specific functionality on Business Internet Banking e.g. to make a payment;
• which require immediate attention (please telephone us instead);
• which are requests of a transactional nature e.g. share dealing or fund management instructions;
• which are requests to open or amend or renew existing insurance policies e.g. life insurance, motor insurance, travel insurance, or buildings insurance;
• reporting loss or theft of cheques and/or cheque or credit cards and/or stopping a payment (please telephone us instead);
• on behalf of any third party or in relation to our dealings with any third party; or
• which are offensive, frivolous, defamatory or otherwise inappropriate.

5.4 We may send you messages concerning any accounts, products or services which you have with us including Business Internet Banking or the Services, or concerning any other service related matters. All products and services are subject to status and terms and conditions.

5.5 We will display on screen or otherwise inform you of our intended response time(s) to messages which you send to us. Please be aware that once you have sent your request we may not be able to reverse it before it is implemented.

6.1 We may (but are not obliged to) suspend any service provided to you under the Services without notice where we consider it necessary or advisable to do so, for example to protect you when:

• we suspect a breach or a potential breach of security; or
• you fail to take reasonable care to ensure the security of your use of the Services; or
• we need to suspend the Services for routine, non-routine or emergency maintenance where we consider it necessary to do so.

6.2 We will use reasonable efforts to inform you without undue delay through the Services, and/or our Internet Site(s) if any service under the Services is not available. In the event that we have levied any charge on you which is specifically expressed to be for a particular service which is not available (which for the avoidance of doubt shall not mean any periodic fee charged for the Services as a whole) then we will reimburse you this sum. Other than reimbursing any sum as set out above, we will have no further liability to you.

6.3 It may be necessary from time to time to suspend some or all of the Services for routine, non-routine or emergency maintenance where we consider it necessary to do so. In the event of such a suspension being necessary, we will so far as is possible provide you with a reasonable period of notice prior to the suspension

7.1 Information we hold about you may be shared within the HSBC Group as we see fit, and as these Terms provide, but shall not be disclosed to anyone outside of the HSBC Group, other than where:

7.1.1 we are legally required to disclose them;

7.1.2 we have a public duty to disclose them; or

7.1.3 the disclosure is made with either your express consent or with your deemed consent as provided by your acceptance of these Terms

7.2 You agree that we may use other members of the HSBC Group and/or third parties to provide you with the Services and to give effect to any Customer Instruction.

8.1 You agree to, and agree to ensure that all Customer Delegates will,

comply with the terms of this Agreement and any other reasonable instructions or recommendations we may issue to you regarding Business Internet Banking security including, without limitation, the security instructions and recommendations contained in the Customer Guides.

8.2 You also agree to comply with the instructions or recommendations we may issue to you from time to time about Internet and Business Internet Banking security, as displayed and accessible from time to time through the HSBC Site.

8.3 You agree that it is your sole responsibility to set-up, maintain and regularly review security arrangements concerning access to, and use of, the Services, and information stored on your computing and communications systems, and in particular your and any of your Customer Delegates' control of Passwords, Security Devices and access to Business Internet Banking.

8.4 You must ensure that your Customer Delegates keep their Password and Security Device secure and secret at all times and take steps to prevent unauthorised use of their Password and Security Device provided to them. For example, Customer Delegates must:

• never write or otherwise record their Password in a way that can be understood by someone else except where it is required by the Bank for the registration of a Customer Delegate or for any other reason as set out in the Customer Guides;
• avoid any Password which is easy to guess and never reveal their Password to anyone else including their business colleagues and our staff, except where specifically required to access telephone support from us; and change their Password regularly;

8.5 You and your Customer Delegates must not permit Customer Delegates to access Business Internet Banking or the HSBC Site from any public internet access device or access point (e.g. cyber/internet cafés).

8.6 You must notify us immediately of the following:

• any unauthorised access to Business Internet Banking, or the HSBC Site, or any unauthorised transaction or instruction which you or any of your Customer Delegates knows of or suspects; or
• if you suspect someone else knows the Password of one or more of the Customer Delegates or has access to their Security Device. In the event of any such breach or suspected breach of security you must ensure that all your Customer Delegates change their Passwords immediately to one which they have not used before.

8.7 You hereby agree to comply immediately with all reasonable requests for assistance from us and/or the police in trying to recover any losses or identify actual or potential breaches of security.

8.8 If you suspect any impropriety on the part of any Customer Delegate in connection with Business Internet Banking or the Services or a Customer Delegate leaves your business, you must ensure that the Primary User or an Administrator immediately takes all steps available to ensure that the Customer Delegate involved is unable to access the Services.

8.9 If you suspect any impropriety on the part of the Primary User in connection with Business Internet Banking or the Services or the Primary User leaves your business, you must immediately take steps to replace such Primary User.

8.10 You are responsible for the security of any Security Device held on the memory of your computers or otherwise held by you or held on the memory of the computers of Customer Delegates or otherwise held by them. You must ensure that Security Devices cannot be accessed, copied or otherwise tampered with by unauthorised persons. In particular you must ensure that any Security Device is removed from the memory of any of your computers that leave your possession at any time or the possession of your Customer Delegates, even temporarily. We shall not be liable to you or to third parties for any loss whatsoever arising from the unauthorised copying and/or unauthorised use of any Security Device. Further, neither you nor any Customer Delegate must use any Security Device other than for the purposes of identifying yourselves to the HSBC Group and must not give or transmit or otherwise send the Security Device to any party other than the HSBC Group.

8.11 You agree that you will access the HSBC Site, Business Internet Banking and the Services using only a computer which has installed on it up-to-date (and where relevant regularly run) anti-virus and anti-spyware software, a firewall and security patches.

8.12 You agree that you are solely responsible for the performance and protection of any browser, computer and matters referred to in Clause 8.11 used in connection with Business Internet Banking including the prompt adoption by you of all security patches and other security measures issued or recommended from time to time by the suppliers of such browsers, computers' operating systems and other matters referred to above, and we shall not be liable for any damage to/or reduction in the performance of your computer system or any part of it by the installation and/or use of any browser version, Security Device or other matters referred to above, required to use the Services. You agree to use a browser version and operating system that is supported by Business Internet Banking.

8.13 You agree to keep us and the other members of the HSBC Group indemnified against all actions, proceedings, costs, loss and damage of any kind which we or any other member of the HSBC Group may suffer as a result of our, or any member of the HSBC Group, acting on any Customer Instruction in accordance with this Agreement, or as a result of your failure to comply with any of your obligations under this Agreement.

9.1 We grant you a non-exclusive, non-transferable licence to use any Security Device and/or to install any Security Device on the internet browsers of all your Customer Delegates. Title to and rights in the Security Devices belong to us and, except for the specific rights granted to you by this licence, neither you nor any Customer Delegates will acquire any rights whatsoever to the Security Devices, which will remain the property of the Bank.

9.2 We will make all reasonable efforts to ensure that any Security Device that we provide to you will perform as necessary to permit access to Business Internet Banking as and when required. You will notify us immediately if any Security Device fails to function correctly.

9.3 We shall have no liability for breach of any implied term as to satisfactory quality, merchantability or fitness for purpose of any Security Device.

9.4 You will (and will ensure that your Customer Delegates) take reasonable care of any Security Device so that it does not become lost, damaged or faulty.

DEVICE REISSUE

10.1 Our procedures for re-setting Passwords and replacing Security Devices are available by calling our Help Desk the telephone number being set out in the Customer Guides. When the Customer Delegate calls, the caller will be taken through security procedures in order to identify the caller as a Customer Delegate.

10.2 You hereby request and authorise us from time to time without further authority or notice from you to act upon any telephoned request or instruction to re-set any Password or to revoke and/or deactivate any Security Device of a Customer Delegate, or to issue and/or replace a Security Device to any Customer Delegate made through the Help Desk. In addition you agree that we shall not be liable to you or any third party for any loss or damage suffered by you or any third party arising from any such request or instruction being unauthorised or fraudulent provided we have gone through our normal security procedures in relation to identification of the person calling and you agree to keep us fully indemnified against any claims or demands arising therefrom.

10.3 We shall not be liable for any losses arising as a result of a refusal by the Help Desk to carry out any of the matters referred to in Clauses 10.1 and 10.2.

11.1 Business Internet Banking is accessed through the Internet which is a public system over which we have no control. It is therefore your duty to make sure that any computer or other device which you use to access Business Internet Banking is free from and adequately protected against acquiring spyware, computer viruses and other invasive, destructive or disruptive components.

11.2 We will not be responsible for any loss of or damage to your data, software, computer, computer networks, telecommunications or other equipment caused by you using Business Internet Banking unless such loss or damage is directly and solely caused by our gross negligence or wilful misconduct.

12.1 We do not warrant that the information available through the Services is accurate, sufficient or error free, nor that such information is current and up-to-date at the time it is accessed.

13.1 You agree to pay our scale of charges (if any) for providing the Services as we advise you from time to time. We may vary our charges and the frequency and dates of payment on giving you not less than 30 days' notice. We reserve the right to make a charge for any replacement Security Device where such replacement is necessary as a result of any breach by you or any of your Customer Delegates of Clause 9.4 above. These charges are in addition to any charges for particular banking or other services we might provide in response to your Customer Instructions through the Services. Please let us know if you wish to receive details of our charges for particular banking or other services.

13.2 You are liable for any telephone charges and any charges made by your internet service provider as a result of the use by you of the Business Internet Banking Services.

13.3 You authorise us to debit any of your accounts with any charges for the Services.

13.4 We may change the terms of this Agreement subject to the following:

• if the change is to your disadvantage, we shall give not less than 30 days' prior notice to you or, exceptionally, such shorter period (other than in the case of any variations to our charges) as is necessary for the effective operation of the Services. At any time up to 60 days from the date of the notice, you may, without notice, terminate this Agreement without having to pay any extra charges for doing so.
• We may make any other change immediately and give you notice of it within 30 days.

14.1 Neither we nor any member of the HSBC Group shall be liable for any loss, damage or delay other than such losses which arise as a direct result of our gross negligence or wilful misconduct.

14.2 Our total liability to you due to, under and/or arising out of or in connection with this Agreement in aggregate:

• in respect of any claim, or series of connected claims arising out of the same cause, shall not exceed AED 1,000,000.
• in respect of all claims which arise in any calendar year, shall not exceed AED 3,000,000.

For the avoidance of doubt, the bullet points of Clause 14.2 shall each be construed as separate limitations of liability.

14.3 We will not be liable to you for any loss or damage arising out of your use of Business Internet Banking or the Services to the extent that such loss or damage is indirect, consequential or special or, without prejudice to the foregoing, is:

• a loss of business or profits, or
• a loss of data, whether or not we have been advised of the possibility of such loss or damage.

14.4 You are responsible for obtaining, if you consider it appropriate, insurance cover at your cost for any loss exceeding the limits set out in Clause 14.2 or for any loss for which we are not liable to you.

14.5 We are not obliged to monitor your use of the Services for any failure by you to carry out your obligations under this Agreement including your security duties under Clauses 8 and 11 or to notify you of any such failure.

14.6 Continued provision of the Services when you are in breach of this Agreement, whether or not we have knowledge of such breach, shall not prejudice or constitute a waiver of our rights under this Agreement (including without limitation Clause 4) which shall remain in full force and effect.

15.1 You authorise us from time to time to act upon written instructions concerning the administration of Business Internet Banking or the Services, including the re-setting of Passwords, the de-activation, issuing and/or replacement of Security Devices and the replacement of any Primary User.

15.2 Any instruction or request referred to in Clause 15.1 is to be, or must purport to be, signed in accordance with the then current bank mandate

15.3 Where any written instruction or request referred to in Clause 15.1 is sent by facsimile transmission or other electronic communication, you authorise us without further authority (but we shall not be obliged) to act upon such instruction or request. In addition you agree that we shall not be liable to you or any third party for any loss or damage suffered by you or any third party arising from the facsimile transmission or other electronic communication being unauthorised or fraudulent and you agree to keep us fully indemnified against any claims or demands arising therefrom.

15.4 We shall not be liable for any losses arising as a result of any delays when acting in accordance with written instructions howsoever given pursuant to Clause 15.

16.1 Either party may terminate this Agreement on not less than 30 days' notice to the other party.

16.2 Either party may also terminate this Agreement with immediate effect by notice to the other, if the other party commits a material breach of this Agreement or becomes insolvent under the laws of any applicable jurisdiction.

16.3 Termination will not affect the rights and remedies of either party accrued to the date of termination nor will it affect any provision of this Agreement (including, without limitation, Clauses 14 and 20) which is intended to apply after termination.

16.4 Upon termination of this Agreement for any reason, the Security Device licences referred in Clause 9.1 above terminate.

17.1 Neither party will be liable for delay in performing or failure to perform any of its obligations under this Agreement which is caused by circumstances beyond its reasonable control, including, but not limited to, the failure, malfunction or unavailability of telecommunications, data communications and computer systems and services, war, acts of terrorism, civil unrest, government action, strikes, lock-outs or other industrial action or trade disputes (whether involving either party's employees or those of a third party). Any delay or failure of this kind will not be deemed to be a breach of this Agreement and the time for performance of the affected obligation will be extended by a period which is reasonable in the circumstances.

18.1 We and other members of the HSBC Group are required to act in accordance with the laws and regulations operating in various jurisdictions which relate to the prevention of money laundering, terrorist financing and the provision of financial and other services to any persons or entities which may be subject to sanctions (together the 'Regulations'). We may take, and may instruct other members of the HSBC Group to take, any action which it, in its sole and absolute discretion, considers appropriate to take in accordance with any Regulations. Such action may include but is not limited to:

• the interception and investigation of any payment messages and other information or communications sent to or by you or on your behalf via the Bank's systems or any other member of the HSBC Group's systems; and
• making further enquiries as to whether a name which might refer to a sanctioned person or entity actually refers to that person or entity.

18.2 Neither we nor any member of the HSBC Group will be liable for loss (whether direct or consequential and including, without limitation, loss of profit or interest) or damage suffered by any party arising out of:

• any delay or failure by the Bank or any member of the HSBC Group in performing any of its duties under this Agreement or other obligations caused in whole or in part by any steps which we in our sole and absolute discretion, consider appropriate to take in accordance with any Regulations; or
• the exercise of any of our rights under this Clause.

18.3 In certain circumstances, the action which we may take may prevent or cause a delay in the processing of certain information. Therefore, neither the Bank nor any other member of the HSBC Group warrants that any information on the Bank's systems relating to any payment messages and communications which are the subject of any action taken pursuant to this Clause is accurate, current or up-to-date at the time it is accessed, whilst such action is being taken. Subject to the overriding requirements of any applicable laws and regulations, we will endeavour to notify you of the existence of such circumstances as soon as is reasonably practicable.

18.4 To help us comply with the Regulations, you agree to comply with such procedures as may be specified by us from time to time ('Procedures'). You also agree that, each time a Secondary User is appointed with authority to make payments or otherwise authorise transactions on your behalf, you will within seven days notify us in writing and provide the new Secondary User's name and address together with a specimen signature in accordance with the Procedures. In addition, you agree that as part of the process of appointing any Primary User, you will provide a specimen signature of such Primary User and that it may be necessary for us to take steps to identify such Primary User in accordance with the Procedures.

19.1 This Agreement is the entire agreement between the parties concerning the use of Business Internet Banking and supersedes all previous agreements, communications, representations or discussions between you and us relating to it. Any other agreements between us and you and/or mandates relating to the conduct of your accounts shall remain unaffected.

19.2 Any notice to be given under this Agreement must be communicated by post or through Business Internet Banking. If by post the notice will be taken to have been received 5 days after posting by one party to the postal address most recently notified by the receiving party and, if through Business Internet Banking, when it is received by the receiving party's computer which, in the case of the Customer, means any computer used by the Customer or any Customer Delegate.

19.3 The provision of the Services in certain countries or territories may be subject to special supplementary terms. Where applicable, you confirm that you have received and read these terms and agree to be bound by them.

19.4 Where we introduce new services as part of the Services we may provide them on supplementary terms which will be notified to you in accordance with this Agreement.

19.5 We and you both agree to comply with all applicable data protection and other laws to the same or similar purpose in all relevant jurisdictions. You confirm that all employees and other persons whose personal or other data is transmitted, processed or otherwise handled have consented to such transmission, processing or other handling under this Agreement in accordance with these laws, or will do so prior to any such transmission, processing or other handling.

19.6 Each of the terms of this Agreement is severable from the others and if one or more of them becomes void, illegal or unenforceable, the remainder will not be affected in any way. References in this Agreement to clauses are references to clauses of this Agreement unless expressly stated otherwise.

19.7 Subject to the applicable laws of evidence, each party agrees not to object to the admission of the records (including computer records) of the other as evidence in legal proceedings.

19.8 From time to time we may advertise our own products or services and those of other companies in the HSBC Group and also those of third parties on the HSBC Site through which you access the Services or through the Services itself. If, in relation to other agreements between you and us, you have asked us not to send you any marketing material (or if you do so in the future), you agree that this restriction will not apply to these electronic advertisements and consent to receiving them when accessing our Internet Site and/or the Services

20.1 These terms and Conditions shall be governed by and construed in accordance with the laws of the Emirate of Dubai and the Federal laws of the United Arab Emirates.

20.2 You agree to submit to the non-exclusive jurisdiction of the Courts of Dubai.