Below you will find information about the modifications applicable to all contracts you have in place with this Entity that fall within the scope of the Payment Services Act 16/2009, of 13 November, modified in part by Royal Decree-Act of 24 November 2017 in order to comply with PSD2 (Directive 2015/2366 of the Parliament and Council of Europe regarding payment services within the EU, of 25 November 2015).
The new applicable legislation may permit, with customer's prior authorisation, other service providers to access their accounts, and may allow a retailer to execute payment orders in their name, debit or credit operations, including within the scope of this new payment services legislation payment initiation services and accounts information services provided by payment service providers other than this banking Entity.
- Liability in the event of unauthorised payment operations.- Consumer-holders are liable for and consequently shall pay for, up until the moment the Entity is notified, any losses derived from operations not authorised by the holder, either through fraudulent use, theft, robbery, misplacement, use by means of coercion or in any way other than agreed, of any payment instrument provided by the Entity (cheque books, bank book, cards, etc...) up to a maximum limit of 50 euros (previously 150 Euros), unless the card holder has acted fraudulently, knowingly, or has committed gross negligence, or has not observed due diligence in the safeguarding of said instruments, codes, or secret passwords, or has not fulfilled the obligation to notify the Entity of the theft or loss of the instruments, without undue delay, and as soon as they have become aware of it, in which case they shall be liable for all losses.
- Consent for the execution of payment operations.- This consent, as agreed, is obtained by signing the relevant request, service receipt, by using the payment instruments provided or agreed for this purpose, or using any of the remote communication techniques set out in current legislation, as long as they have sufficient data that, in their opinion, guarantee their authenticity. Furthermore, consent may be given through the beneficiary of the payment operation, or through Payment Initiation Service Providers (PISP). In the absence of consent, the payment operation shall be deemed to be unauthorised.
- Irrevocability of a payment order: In the case of payment orders initiated by a Payment Initiation Service Provider or by the beneficiary through the former, the ordering party may not revoke the payment order once they have given their consent to the (PISP) to initiate the payment operation or to the beneficiary for the payment operation to be executed.
- Notification and rectification of payment operations that have not been authorised or have been executed incorrectly.- When a payment initiation service provider intervenes, the payment service user must obtain the rectification from the account manager payment service provider.
- Confirmation of the availability of funds.- The account manager payment service provider, having previously received a request from a payment service provider that issues payment instruments based on cards, shall immediately confirm the availability of funds in the payment account of the ordering party for the execution of a payment operation based on a card, with a Yes or No, provided all of the following conditions are fulfilled:
For the payment service provider to be able to request confirmation, it must be authenticated to the account manager payment service provider prior to each request for confirmation and communicated securely with the latter. This confirmation is not applicable with regard to payment instruments based on cards that store electronic money.
- The ordering party's payment account must be accessible on line at the time of the request.
- The ordering party must have given their express consent prior to the first request for confirmation sent to the account manager payment service provider so that the latter can respond to the requests of specific payment service providers, to provide confirmation that the amount corresponding to a payment operation based on a determined card is available in the ordering party's payment account;
- Termination of the Contract.- By virtue of the modification of the Payment Services Act effected by the first final provision of Royal Decree-Act 19/2017 of 24 November, you, as a payment service user of this Entity may terminate any contract at any time, with no prior notification and free of charge, (as well as any contract and framework appendix that modifies it in order to comply with the Payment Services Act 16/2009 - LSP), which you have in place with this Entity within the scope of the aforementioned Payment Services Act, simply by withdrawing all the credit balance in the account, or repaying any debit balances owing, and handing into the ENTITY the documents or instruments that can be used to withdraw funds from the account so that said documents or instruments can be disposed of. Similarly, the Entity is authorised to terminate contracts within the scope of the payment services legislation, providing advance warning of 2 months in the case of Consumer Holders and 15 days in the case of Non-Consumer Holders.
However, in cases in which customers have another product or financial service in place that is linked to a payment account, open in this Entity, the linked payment account cannot be closed while the linked product or financial service is still in place, although the Entity may not unilaterally modify the cost of that payment account, or introduce concepts that would give rise to a higher cost than the one stipulated at the time of termination, provided the user does not use said payment account for any purposes other than those related with the linked product or financial service.
- Relationship with third party payment service providers / Main implications derived from the relationship with PISPs/AISPs
When payment initiation or account information services are provided by third party providers, the corresponding interest rates agreed by each Entity with the customer depending on the services in place shall be applicable.
When exclusively providing a payment initiation service, the PISP may not have in its possession the user's funds at any stage of the payment chain, and when it wishes to provide other payment services for which it does have the user's funds, it must obtain complete authorisation for said services. The user has the right to address their refund claim to their account manager payment service provider, including when a PISP has intervened in the payment operation. The above is understood in addition to the assignation of responsibilities between payment service providers, according to which parts of the operation each one of them controls.
- Responsibility in the case of payment initiation services pertaining to the non-execution or faulty execution of payment operations
With regard to payment operations initiated by the ordering party through a PISP, the account manager payment service provider must refund the ordering party the amount of the payment operation that has not been executed or which has been executed faultily, and shall reinstate the payment to the account from which the charge has been made, returning said account to the status in which it would have been if the faulty operation had not been executed.
The PISP is responsible for proving that the ordering party's account manager payment service provider had received the payment order and that, within its sphere of competence, the payment operation was authenticated and recorded accurately and that it was not affected by a technical fault or other deficiencies linked to the non-execution, faulty execution, or delayed execution of the operation.
If the PISP is responsible for the non-execution, faulty execution, or delayed execution of the payment operation, it must reimburse the account manager payment service provider immediately, at the latter's request, for any losses incurred or any amounts paid in order to carry out the refund to the ordering party.
- Notification about contract termination with PISPs or AISPs.- The user must notify their payment service provider regarding the termination of any service contract signed with a PISP (Payment Initiation Service Provider) or an AISP (Account Information Service Provider).
- Access to the payment account in the case of Payment Initiation Services.- All ordering party customers shall have the right to use a (PISP) in order to use payment services from another provider (account manager), unless the corresponding payment account cannot be accessed on line. The (PISP) may not modify the amount, recipient, or any other element of the operation, and must guarantee that the personalised security credentials, PIN or access codes, as well as any other information about the payment service user are not accessible to third parties, have sufficient security measures in place, and are transmitted via secure channels, not storing sensitive payment data or using them for purposes other than the provision of the accounts information service. Said PISP must communicate with the account manager service provider using secure channels.
An account manager payment service provider may refuse to allow an account information service provider or a payment initiation service provider to have access to a payment account, for objectively and duly documented reasons, related with unauthorised or fraudulent access to the payment account by the account information service provider or the payment initiation service provider, pertaining in particular to the unauthorised or fraudulent initiation of a payment operation. In such cases, the account manager payment service provider shall notify the ordering party, in the agreed way, of its refusal to allow access to the payment account and the reasons for this. That information shall be provided to the ordering party, if possible, before access is denied, and at the latest immediately after refusal, unless the communication of this information objectively endangers justified security measures, or is prohibited by other pertinent provisions pertaining to European Union Law or national Law. The account manager service payment provider shall allow access to the payment account once the reasons for refusing access no longer exist.
- (i) That the payment service user may accept or reject any contractual modifications pertaining to their payment services that have been communicated to them. Modifications shall be deemed to have been accepted if the User does not notify the Entity of their non-acceptance. If the User rejects said modifications, they have the right to terminate the contract at no cost whatsoever.
- ii) That the Entity has adequate procedures in place (available on our webpage for consultation) to resolve any complaints or claims made by payment service users, and shall apply strong customer authentication measures when the ordering party accesses their payment account on line, initiates an electronic payment operation, or carries out any action by means of a remote channel that could entail a risk of fraud in the payment or other abuses.
- iii) That this Entity shall ensure payment service providers have adequate security measures in place to protect the confidentiality and integrity of credentials, codes, passwords, or any other security element provided to payment service users.
- iv) That for any matters not modified by this document, the terms and conditions set out in the Contracts and in the Framework Appendix documents regarding the execution of payment services and contractual modification of Contracts regulating payment services, which the customer has in place with this Entity, shall remain in force.
© Cajamar Caja Rural 2018. All rights reserved.