Open Banking Terms of Use
Date of issue: 02/09/2025
END USER TERMS OF USE
1. Introduction
1.1. These terms of use (“Terms”) determine the main features of the account information and payment initiation services (“Services”) provided by payabl., including submission of data for the purpose of provision of these services, the security and confidentiality of your data and the legally binding agreement between you and payabl.
1.2. The Services are made available to you through a third party’s website or mobile app (the “Third Party”). This Third Party could be either our direct client or a customer of one of our clients. The Services are delivered via a Third Party’s website, mobile application or other electronic methods.
1.3. These Terms are specifically to your use of the Services. They apply in addition to the terms that govern (i) your use of the Third Party’s products and/or services, (ii) your access to your account with your bank or other ASPSP and (iii) your explicit consent authorising the initiation of payments from your account held with your bank or ASPSP on your behalf.
1.4. By accessing or using the Services in any form, you accept and agree to comply with these Terms, as well as our Privacy Policy https://payabl.com/privacy-policy which explains how we handle and process personal data. If you do not agree to these Terms, please do not use the Services.
1.5. These Terms, together with the Privacy Policy shall constitute the entire agreement between you and payabl.
1.6. These Terms form part of, and shall be read together with, any other applicable terms and conditions governing the relevant services. In the event of any conflict, these Terms shall prevail with respect to the matters expressly covered herein.
1.7. By using the Services, you acknowledge that you accept and agree to be bound by the Terms. By accepting and using the Services, you will be deemed to have entered into a contractual relationship with payabl. and will be considered our client.
1.8. Payabl. reserves the right to amend these Terms unilaterally at any time and such changes will become effective upon their publication. You are advised to regularly check our Website to review the latest version of these Terms.
For any questions, please feel free to reach out to us at operations@payabl.com.
2. Company details
We, PAYBAL. CY LIMITED, a company registered in the Republic of Cyprus under company registration number ΗΕ 289380 and our registered address is at Olympion 23, Libra Tower, 5th Floor, 3035, Limassol, Cyprus (“payabl.”, “we” or “our”). Payabl. operated the website www.payabl.com (“Website”) and the services available through our application and payment solutions.
Payabl. is a licensed payment institution regulated by the Central Bank of Cyprus with license number: 115.1.2.9/2018.
3. Definitions
“AIS” means an account initiation service which is an online service to provide information on one or more payment accounts held by you with other payment service providers.
“PIS” means a payment initiation service which is an online service to initiate a payment order related to a payment account held by you at another payment service provider at your request.
“Account Holder” is a natural or a legal person who has a payment account (accounts) with account servicing payment services provider and submits payment orders using AIS and PIS provided by payabl. as described in these Terms.
“AISP” means an account initiation service provider that can access information from one or more payment accounts held by the Account Holder with one or more ASPSPs, based on the Account Holder’s consent.
“ASPSP” means account servicing payment services provider which is the payment services provider where the Account holder holds account(s). Accounts(s) held with one or several ASPSP are used to initiate the PIS or AIS provided by payabl.
“PISP” means a payment initiation service provider that can initiate a payment transaction at the request of the Account Holder from a payment account held with the ASPSP.
4. Services
4.1. Account Information Services (“AIS”)
4.1.1. Payabl. provides AIS which enables the Third Party to access certain or all of your account details on a read-only basis. To activate AIS and offer our Services, you must provide your explicit consent authorizing payabl. to access the relevant payment account(s) held with each ASPSP. Once authorised, payabl. will retrieve your account information and make it available directly to the Third Party so that they may offer their services to you.
4.1.2. To grant access, you will be redirected through our software to your ASPSP’s secure environment, where you will authenticate and authorise payabl.’s access. Once your account information is transmitted through our services to the Third Party, the Third Party shall be solely responsible for its handling, processing and storage. We strongly advise you to carefully read their privacy policies and data protection of both the ASPSP and the Third Party.
4.1.3. Payabl. will only access the account information from those ASPSP’s account(s) for which you have explicitly granted consent. Payabl. will not use, access or retain any data for purposes other than for performing the Services as described in this Terms. The Services are provided on an ‘as is’ basis and payabl. makes no warranties or representations as to the accuracy of the information generated by our tools and functionalities of the Account Services.
4.1.4. There may be cases where you may be requested to re-authenticate or re-confirm the authorisation granted from time to time. In the event that you do not re-authenticate your consent, this may lead us to not being able to access your account information and offer the Services to you.
4.1.5. If you would like to withdraw your consent, you can do so via the Third Party or directly with your ASPSP. Once payabl. is notified of your withdrawal, we shall make the relevant changes and comply with your request.
4.2. Payment Initiation Service (“PIS”)
4.2.1. Payabl. provides PIS which allows payments to be initiated directly from your account with your ASPSP, subject to your explicit consent. To activate PIS and use our Services, you must redirect via our platform to your ASPSP’s secure environment, where you will authorize us and grant us consent to initiate the payment. Access to your payment account is strictly limited to the payment you have instructed and consented to.
4.2.2. Once you have authorized the payment, payabl. will initiate the transaction in accordance with the amount and instructions you have provided, transferring funds from your account to the designated beneficiary. After a payment order has been executed, it cannot be amended. You may only cancel the payment if it has not yet been authorised or confirmed. To cancel a payment or request a refund after authorization, you must contact your ASPSP directly.
4.2.3. Upon initiation of the payment, payabl. will confirm that the payment order has been submitted to your ASPSP. You will receive transaction details, including the amount, applicable fees, payment reference, and beneficiary information. Payabl. will also notify the beneficiary that the payment has been initiated.
4.2.4. Payabl. is not a bank and does not offer banking services. We act solely as a PISP by submitting your payment initiation instructions to your ASPSP. We do not hold or handle your funds at any point, nor do we control the ASPSP’s acceptance or execution of the payment.
4.2.5. Our responsibility is limited to accurately transmitting your payment instructions to your ASPSP. If you believe a payment initiated through us was incorrect, unauthorised, or not properly executed, you should contact us as soon as possible so we can investigate. Your rights regarding refunds and redress for unauthorised or incorrectly executed payment transactions remain unaffected under applicable law.
4.3. The Services are provided on an “as is” and “as available” basis. Payabl. makes no express or implied warranties or representations of any kind regarding the Services, including but not limited to:
4.3.1. That the Services will meet your requirements or expectations;
4.3.2. That the Services will be uninterrupted, timely, secure, or error-free;
4.3.3. That any results obtained from the use of the Services will be accurate, complete or reliable;
4.3.4. That products, services or information obtained through the Services will meet your expectations; or
4.3.5. That any errors in the technology or software will be corrected.
To the maximum extent permitted by law, payabl. disclaims all warranties, whether express, implied, statutory, or otherwise.
5. User Representations and Obligations
5.1. By accessing or using the Services, you represent, warrant and agree that:
5.1.1. You are at least 18 years of age and have full legal power and capacity to enter into a binding agreement;
5.1.2. You are using the Services as a private individual for personal, non-commercial purposes;
5.1.3. You will not use the Services for any unlawful, fraudulent, or prohibited activity;
5.1.4. You agree to comply with the Terms and our privacy policy uploaded on our Website;
5.1.5. You are responsible for keeping your unique credentials secure;
5.1.6. You will not share your credentials with third parties and accept full responsibility for any failure to safeguard them, including for any unauthorised access or misuse;
5.1.7. You will not use a false, stolen or misleading identity and confirm that all information provided by you is truthful, accurate and complete;
5.1.8. You may not resell, assign or otherwise transfer any rights granted to you under the Terms;
5.1.9. You will not use the Services for the benefit of or in development of any competing product or service;
5.1.10. Any unauthorised or prohibited use of the Services will result in immediate suspension or termination of your access.
6. Intellectual Property Rights and Permitted Use
6.1. Payabl., together with its licensors, owns or is the lawful beneficiary of all intellectual property rights, proprietary know-how, and associated rights in and to the Services. This includes, but is not limited to, all copyrights, database rights, design rights, trade secrets, trademarks (registered or unregistered), and software rights in all content and materials made available through the Services, including but not limited to: information, data, text, audio, music, photographs, graphics, video, and all related source code, compilations, and other software elements. All such rights are hereby reserved.
6.2. Subject to your continued compliance with these Terms, payabl. grants you a limited, non-exclusive, non-transferable, non-sublicensable, royalty-free, and revocable worldwide licence to use the Services solely for your personal, non-commercial use, and only for the duration of your use of the Services. This licence extends to future updates or upgrades made available to you, provided that such updates may be subject to additional terms and/or separate pricing, which will be communicated to you at the time of availability.
6.3. Except where expressly permitted by law or under these Terms, you may not (and shall not allow or assist any third party to):
6.3.1. modify, translate or adapt any part of the Services;
6.3.2. decompile, disassemble, reverse-engineer, or otherwise attempt to derive the source code of any software used in connection with the Services;
6.3.3. use the Services, in whole or in part, or any confidential information relating thereto, to create any derivative works or services that are functionally similar, competitive or equivalent to the Services; and/or
6.3.4. use the Services in a manner that facilitates, encourages or results in an unlawful, harmful, fraudulent, or criminal activity, or which may cause harm, injury, or damage to any person or property.
7. Security and Incident Reporting
7.1. If you become aware of or suspect any of the following:
7.1.1. Loss, theft, or misappropriation of your authentication credentials;
7.1.2. Unauthorised access or use of the Services;
7.1.3. Identity theft or impersonation fraud;
7.1.4. An unauthorised or incorrectly executed payment transaction;
7.1.5. A credit transfer initiated with incorrect or mismatched beneficiary information;
You must notify us immediately, and in any case no later than two (2) business days from the moment you become aware of the issue, by emailing operations@payabl.com.
7.2. Failure to notify us within the period specified above, it may affect your ability to claim a refund under applicable law for unauthorised or faulty transactions.
7.3. If we detect or suspect fraud or a serious security threat to your use of the Services, we will attempt to contact you using the contact information you provided during your use of the Services.
8. Technical and Organisational Measures
8.1. We implement and maintain a comprehensive set of technical and organisational measures designed to ensure a level of security appropriate to the risks associated with the processing of personal data and the provision of the Services. These measures are reviewed and updated on a regular basis in line with industry standards, applicable regulatory requirements, and evolving threat landscapes. They include, but are not limited to:
- Access Controls: Enforcement of multi-factor authentication, role-based access rights, and the principle of least privilege, combined with regular access reviews to prevent unauthorised access to systems and personal data.
- Encryption: Deployment of strong, industry-standard encryption algorithms with secure key management practices in accordance with recognised standards.
- Monitoring and Logging: Continuous monitoring of networks and applications, supported by centralised logging, automated alerting, and retention of audit logs to detect, respond to, and investigate security incidents in a timely manner.
- Resilience and Recovery: Implementation of high-availability architectures, routine backups, disaster recovery planning, and business continuity procedures, tested at regular intervals to ensure operational resilience and service restoration capabilities.
- Vendor and Sub-Processor Oversight: Rigorous due diligence, risk assessments, and contractual safeguards for all third-party providers and sub-processors, including security certifications and ongoing performance monitoring.
- Testing and Training: Regular penetration testing, vulnerability scanning, and security configuration reviews of critical systems, alongside mandatory security awareness and phishing-resilience training for all employees and contractors.
- Policy and Governance Framework: Adoption of documented information security, incident response, and data protection policies, supported by defined roles, responsibilities, and escalation procedures.
9. Data Privacy
9.1. We are committed to protecting your personal data and handling it in a transparent manner, in compliance with General Data Protection Regulation (GDPR) and other applicable data protection laws. This section provides a brief overview of our data practices. Your acceptance of these Terms of Use constitutes your agreement to our Privacy Policy, which is incorporated into and made a part of this agreement.
9.2. To provide the Services, we process certain personal data about you. This may include your Know Your Customer (KYC) data, financial and transaction information from your bank or payment account provider (ASPSP) and other data necessary for providing the Services. We process this data solely for the purpose of delivering the Services you have requested and in compliance with the GDPR and all applicable data protection laws, and regulatory requirements.
9.3. We implement appropriate technical and organizational measures to safeguard your personal data from unauthorized access, disclosure, alteration, or destruction. Further details on our data security practices are available in our Privacy Policy.
9.4. You have specific rights regarding your personal data, including the right to access, rectify, or erase your data. The full list of your rights and how to exercise them is explained in detail in our Privacy Policy at https://payabl.com/privacy-policy.
9.5. By using the Services, you acknowledge that we may need to share your personal data with your ASPSP and the Third Party to facilitate the Services. We will only share data with your explicit consent and as required to fulfil the terms of this agreement.
9.6. For any questions about our privacy practises or how we handle your personal data, please refer to our Privacy Policy. If you wish to raise a complaint, or have any specific questions, you can contact our appointed Data Protection Officer (DPO) directly.
Data Protection Officer Contact Details:
Postal Address: Libra Tower, Olympion 23-5th Floor, Limassol 3035
Phone: +357 25332590
Email address: dataprotection@payabl.com.
10. Fees
10.1. You shall not be required to pay any fees to payabl. in connection with your use of the Services as an end user. Fees may however be imposed by a Third Party, your internet or mobile access provider or your ASPSP, where you make use of the payment initiation. Such fees are solely a matter between you and the Third Party.
11. Termination and Suspension
11.1. You may terminate the Terms at any time without notice by withdrawing your consent to receive the Services via the Third Party or directly from your ASPSP.
11.2. Payabl. may suspend (in part or in full) or terminate your access to the Services with immediate effect and without liability, under the following circumstances:
11.2.1. there has been a breach of these Terms and Conditions through your use of the Services.
11.2.2. You have provided false or misleading information, or used the Services unlawfully or fraudulently;
11.2.3. You do not meet the eligibility criteria to access or use the Services; and/or
11.2.4. The Third Party offering services to you is no longer authorised to do so or has ceased operations.
11.3. In the event of termination under clause 11.2, we reserve the right to:
11.3.1. Immediate suspend or revoke your access to the Services (temporarily or permanently);
11.3.2. issue of a formal warning or notice;
11.3.3. pursue legal actions in accordance with the applicable law;
11.3.4. Report the matter to the Central Bank of Cyprus, law enforcement or other competent authorities, if necessary;
11.3.5. Block access to the Services if we suspect fraudulent, compliance or operational reasons; and/or
11.3.6. Take any other action we deemed necessary for security, compliance or operational reasons.
11.4. Payabl. may suspend or reject your registration or access to the Services at our sole discretion and without liability, including for security, fraud prevention, or compliance reasons.
11.5. We may terminate these Terms for any reason by providing two (2) months’ prior written notice, as required under applicable law.
11.6. Upon termination, we may retain certain personal or transaction data in accordance with our obligations under applicable anti-money laundering, data protection, and financial regulations in Cyprus.
12. Indemnification and Liability
12.1. You agree to indemnify, defend, and hold harmless payabl., affiliates, officers, directors, employees, agents from and against any and all claims, liabilities, damages, losses expenses and costs (including reasonable legal fees) arising from your use of the Services, your violation of the Terms, or any infringement of intellectual property rights or other rights by you or another person using your account.
12.2. Payabl. shall not be liable to you for any failure or delay in the performance of our obligations under the Terms to the extent such failure or delay results from circumstances beyond our reasonable control (force majeure), your own actions or omissions or the provision of incorrect or incomplete information. In addition to this, payabl. shall not be liable for any loss or damage you suffer in connection with the Services:
12.2.1. Where responsibility lies with the Third Party, your ASPSP or another third party;
12.2.2. Arising from the goods or services you purchases using our Services;
12.2.3. Due to abnormal or unforeseeable circumstances beyond our control, the consequences of which could not have been avoided even with reasonable care;
12.2.4. if we deny you access to the Services or any other related product or service for legitimate reasons;
12.2.5. resulting from your use (or attempted use) of the Services in breach of the Terms, or in pursuit of unlawful or prohibited activities;
12.2.6. where you have negligently or intentionally failed to secure your mobile device, credentials or security information;
12.2.7. if you have acted fraudulently or in violation of applicable law; or
12.2.8. If you were aware of unauthorised access to your account or data and failed to notify us promptly in accordance with clause 7.
12.3. To the maximum extent permitted by applicable law, payabl., its officers, directors, agents, affiliates, employees, or providers shall not be liable for any indirect, incidental, consequential or punitive damages, including but not limited to, loss of use, loss of profits, or loss of data, or loss of business opportunities, or for damages in the aggregate exceeding the amount of the payment order that was executed defectively or without authorization resulting in the loss of the amounts transferred within the relevant payment.
12.4. Nothing in these Terms excludes or limits our liability where such exclusion or limitation would be unlawful. This includes liability for:
12.4.1. Death or personal injury caused by our negligence;
12.4.2. Fraud or fraudulent misrepresentation; or
12.4.3. Any other liability which cannot legally be limited under applicable law.
12.5. Upon termination of these Terms for any reason:
12.5.1. We will immediately cease providing the Services to you;
12.5.2. Any rights or licenses granted to you under the Terms will be revoked; and
12.5.3. You must immediately stop using the Services and any related product or material provided to you.
13. Complaints
13.1. If you have any concerns or complaints regarding the Services, you may contact us at complaints@payabl.com. We are committed to handling complaints promptly, fairly, and consistently and will seek to resolve your issue as quickly as possible. For more information about our complaints-handling process, please visit our website at https://payabl.com/complaints-handling-policy.
13.2. Please note that due to the involvement of the Third Party and/or ASPSP in relation to our provision of the Services, we may not be able to investigate fully your complaint unless you collaborate and help us resolve your complaint. You agree to provide reasonable cooperation and information upon request to facilitate this process.
13.3. If you are not satisfied with the outcome or the way your complaint has been handled, you have the right to escalate your complaint to the Central Bank of Cyprus: https://www.centralbank.cy/en/licensing-supervision/financial-conduct.
14. General Provisions
14.1. The Terms are governed by and construed in accordance with the laws of the Republic of Cyprus. The courts of the Republic of Cyprus shall have exclusive jurisdiction over any contractual or non-contractual disputed relating to the Terms.
14.2. You may not assign, delegate, or transfer any of your rights or obligations under the Terms without our prior written consent. We may assign or transfer our rights and obligations under the Terms without restriction and notice to you, provided that such assignment does not affect your rights under the Terms.
14.3. If any provision (or part of a provision) of the Terms is found to be invalid, unlawful, or unenforceable by a court of competent jurisdiction, such provision shall be modified to the extent necessary to make it valid and enforceable, or if not possible, it shall be deemed deleted. This shall not affect the validity and enforceability of the remaining provisions
14.4. Nothing in this agreement is intended to, or shall be deemed to, establish any partnership or joint venture or create any fiduciary relationship between the parties, constitute either party the agent of the other party, nor authorise either party to make or enter into any commitments for or on behalf of the other party.