1. Definitions
In these Developer Terms and Conditions (Developer T&Cs) which form part of and are to be read with the Terms & Conditions for the SBI Open API Banking Developer Portal services, the following terms shall have the meaning ascribed to them below, unless the context requires otherwise.
1.1. Affiliate means any entity or Person, which Controls, is controlled by, or is under the common Control with the Person whose Affiliate is being referred to.
1.2. API means an Application Programming Interface, which is computing interface allowing two systems to interact by exchanging data or requesting (& responding) an action.
1.3. SBI Open API Banking Developer Portal services means the Open API Developer Portal of the Bank’s services, which provide access to API Banking (Application Programming Interface) .It is a standard method of interconnecting systems together. Open API banking refers to a set of protocols that makes a bank's services available to other third-party companies via APIs. This helps both banks and third-party companies augment their complementary specialties and offerings more than they can provide to their Fintech’s/Startups by themselves. Allows External Entities to interact with the bank's sandboxed system directly from user application or systems. It saves operational time and brings efficiency in External Entities systems. Provides opportunities to pilot, test and launch innovative applications. An API allows a third-party application to use a common set of services via a defined interface.
URL: https://apihub.sbi/portal/
1.4. API-Based ERP Integration means the integration between the Fintech’s/Startup’s ERP and SBI’s systems by using APIs hosted by SBI on its API banking platform and developer portal
1.5. Applicable Law means all laws, ordinance, statutes, rules, orders, decrees, judgments, injunctions, licenses, permits, approvals, authorizations, consents, waivers, privileges, agreements and regulations of any Governmental Authority having jurisdiction over the relevant matter as such, and as may be amended, modified, enacted or revoked from time to time hereafter.
1.6. Authorized User means the person(s) authorized by the Fintech’s/Startup to carry out the Development Activities as per the Omnibus Board Resolution.
1.7. Bank or SBI means the State Bank of India.
1.8. Bank’s IT Team means the information technology team of SBI which will drive the development of API Banking Services, Sandbox, UAT Environment and SBI’s APIs, and assist the Fintech’s/Startup during the Development Activities and provide required support.
1.9. User means the persons identified by Bank as Authorised representative of Fintech’s/Startup Company.
1.10. Business Day means a day (other than a Saturday or a Sunday) on which scheduled commercial banks are generally open for business in Mumbai and it is clarified that, notwithstanding the foregoing, the 1st, 3rd and 5th Saturdays of every month are Business Days.
1.11. Fintech’s/Startup means each legal entity carrying out the Development Activities under these Developer T&Cs.
1.12. Fintech’s/Startup Content means the Fintech’s/Startup’s data (applicable for the Development Activities) which is at rest or in-transit, and which may or may not include PI/SI and financial/non-financial data.
1.13. Fintech’s/Startup ERP means the Fintech’s/Startup’s Enterprise Resource Planning solution and refers to software and systems used to plan and manage the core business operations in procurement, manufacturing, logistics, supply-chain, financial, etc. verticals of an organization.
1.14. Fintech’s/Startup Information & System means the system(s) that the Fintech’s/Startup uses (including, without limitation, the Fintech’s/Startup ERP) and any integration of the same with SBI’s APIs for the purpose of the Development Activities, and the information flowing through such system(s).
1.15. User ID means the unique ID provided by the Bank to the User for the Development Activities, for accessing SBI’s APIs.
1.16. Digital Certificate means an electronic “finger-print” that is unique to the relevant person or organization and allows it to exchange data securely over the internet using the public key infrastructure.
1.17. SBI Developer Portal means the online portal or website built by the Bank wherein the Development Activities and/or Onboarding Process may be carried out in in the Sandbox, UAT Environment and Production Environment. The purpose of the Developer Portal is, inter alia:
(a) to ensure that the request and response syntax of the proposed API-Based ERP Integration is as per the requirement of the Bank;
(b) to function as portal for the Fintech’s/Startups to get API documentation and information related to the Bank’s APIs, so that the they may review the same during the Development Activities and the API-Based ERP Integration;
(c) to facilitate the Bank in carrying out activities such as
(i) exposing and publicizing its APIs from time to time (along with versions and release date), including for various upgradations and bug-fixing,
(ii) educating the Fintech’s/Startup regarding the APIs,
(iii) generating keys; and
(d) to facilitate the Fintech’s/Startup in carrying out activities such as
(i) registering applications,
(ii) resetting credentials,
(iii) viewing API documentation, and
(iv) tracking API usage through analytical dashboards and reports,
(e) each, with the objective of carrying out the Development Activities and completing the Onboarding Process.
1.18. Governmental Authority means any union, state, local or other governmental, administrative, regulatory, judicial or quasi-judicial authority or self-regulating authority or agency, commission, board, tribunal, court or arbitrator and any securities exchange or body or authority regulating such securities exchange, central bank (or any Person whether or not government owned and howsoever constituted or called that exercises the functions of the central bank), in each case applicable to the relevant Party and having jurisdiction over the relevant matter.
1.19. IP means a numerical label assigned to each device/server connected in a network that uses the Internet Protocol for communication; it being clarified that the IP addresses of Fintech’s/Startups subject to internal clearance by the Bank, will be whitelisted by the Bank to provide a secured connection for the Fintech’s/Startups to carry out the Development Activities.
1.20. Instructions means the Fintech’s/Startup’s request for initiating any activity through APIs provided by the Bank, and in relation to the Development Activities.
1.21. Integration Team means the group of authorized personnel of the Fintech’s/Startup (which shall mandatorily include members from the Fintech’s/Startup’s IT function) who have been authorized to carry out the Development Activities.
1.22. Intellectual Property includes ideas, concepts, creations, discoveries, inventions, improvements, know how, trade or business secrets; trademarks, service marks, designs, utility models, tools, devices, models, methods, procedures, processes, systems, principles, algorithms, works of authorship, flowcharts, drawings, books, papers, models, formulas, electronic codes, source code and object code, proprietary techniques, research projects, and other confidential and proprietary information, databases, software programs, data, documents, instruction manuals, records, memoranda, notes, user guides, in either printed or machine-readable form, whether or not copyrightable or patentable, or any written or verbal instructions or comments, or analysis/summaries of the foregoing.
1.23. Omnibus Board Resolution means a duly certified board resolution of the Fintech’s/Startup that, inter alia,
(a) authorizes the Fintech’s/Startup to enter into and perform these Developer T&Cs,
(b) authorizes the Fintech’s/Startup to carry out the Development Activities,
(c) identifies the Corporate Admin, and
(d) incorporates any other authorizations/approvals as the Bank may require from time to time, and any amendments or restatements of the foregoing.
1.24. PKI System means the Public Key Infrastructure system for the creation, storage, and distribution of Digital Certificates which are used to verify that a public key belongs to a certain entity.
1.25. Parties means Bank and the Fintech’s/Startup collectively, and the term Party shall mean either of them.
1.26. Person means and includes any natural person, proprietorship, partnership, limited liability partnership, corporation, company, unincorporated organization or association, firm, body corporate, Governmental Authority, joint venture, trust, association or other entity, whether incorporated or not and whether or not having separate legal personality.
1.27. Production Environment means the environment in which the APIs operate, and which may be made available (at the Bank’s sole discretion) to end users and/or their software
1.28. Private Key means a variable in cryptography that is used with an algorithm to encrypt and decrypt code, and which are only shared with the key’s generator.
1.29. Public Key means a large numerical value that is used to encrypt data, which can be generated by a software code, is typically provided by a trusted, authority, and is made available to everyone through a publicly accessible repository or directory.
1.30. RBI means the Reserve Bank of India.
1.31. Service Communication Level Parameters means such communication criteria and/or parameters that meet the Bank’s internal process and requirements and as may be amended from time to time at the Bank’s sole discretion.
1.32. Taxes means any and all domestic or foreign, federal, state, local or other taxes, duties, levies, imposts, tariffs, fees or similar charges of any kind (together with any and all interest, penalties, fines, additional to tax and additional amounts imposed with respect thereto) imposed by any Governmental Authority, including taxes, duties, levies, imposts, tariffs, fees or similar charges with respect to income, franchises, windfall or other profits, gross receipts, property, sales, use, capital stock, employment, unemployment, health, disability, retirement, social security, unclaimed property, payroll, customs duties, import duties, license, workers’ compensation or net worth, and taxes, duties, levies, imports, tariffs, fees or similar charges in the nature of excise, withholding, ad valorem, value added tax and goods and service tax
1.33. UAT means user acceptance testing to carry out testing activities related to the API Banking Services, in a dummy environment which mimics the Production Environment similarities
1.34. UAT API means APIs hosted in the UAT Environment of SBI’s systems.
1.35. UAT Environment means the testing environment which is made available to Fintech’s/Startups for them to carry out UAT, upon completion of the Development Activities carried out in the Sandbox.
1.36. Website means the following websites that are owned and maintained by the Bank:
2. Interpretation
2.1. In the absence of a definition being provided for a term, word or phrase used in these Developer T&Cs, no meaning shall be assigned to such term, word, phrase which derogates or detracts from, in any way, the intent of these Developer T&Cs.
2.2. The words and phrases other, including and in particular shall not limit the generality of any preceding words or be construed as being limited to the same class as the preceding words where a wider construction is possible.
2.3. Words of any gender include each other gender.
2.4. Words using the singular or plural number also include the plural or singular number, respectively.
2.5. The terms hereof, herein, hereby and derivative or similar words refer to these Developer T&Cs and not to any particular clause, article or section of these Developer T&Cs, unless the contrary is expressly stated or the contrary clearly appears from the context.
2.6. Whenever these Developer T&Cs refers to a number of days, such number shall refer to calendar days unless otherwise specified.
2.7. Headings and captions are used for convenience only and shall not affect the interpretation of these Developer T&Cs.
2.8. References to Clauses shall be deemed to be a reference to the clauses of these Developer T&Cs, unless otherwise specified.
2.9. Any grammatical form or variation of a defined term herein shall have the same meaning as that of such term.
2.10. Any reference to any statute or statutory provision shall include:
(a) all subordinate legislation made from time to time under that provision (whether or not amended, modified, re-enacted or consolidated); and
(b) such statute or provision as may be amended, modified, re-enacted or consolidated.
2.11. Any reference to an agreement, instrument or other document (including a reference to these Developer T&Cs) herein shall be to such agreement, instrument or other document as validly amended, supplemented or novated.
2.12. The word including herein shall always mean including, without limitation.
2.13. Any reference to books, files, records or other information or any of them means books, files, records or other information or any of them in any form or in whatever medium held including paper, electronically stored data, magnetic media, film and microfilm.
2.14. When any number of days is prescribed in these Developer T&Cs, the same shall be reckoned exclusively of the first and inclusively of the last day unless the last day does not fall on a Business Day, in which case the last day shall be the next succeeding day that is a Business Day.
2.15. With respect to any provision of these Developer T&Cs where a matter is expressed as the responsibility of the Fintech’s/Startup, the Bank shall not be liable to the Fintech’s/Startup for any failure or lapse in the Fintech’s/Startup’s discharge of such responsibility, and the Fintech’s/Startup shall indemnify the Bank for losses arising due to any such failure or lapse.
2.16. If there is act, omission, document, or thing, which as per these Developer T&Cs is required to confirm to certain requirements, criteria, and/or parameters, then the Bank may (if unspecified) specify such requirements, criteria, and/or parameters at its sole discretion, and whether specified or unspecified shall have the sole right and discretion to determine whether the same have been adequately complied with or not.
2.17. Any act/omission which requires the Bank’s approval hereunder shall be deemed to require a prior written approval of the Bank before the relevant Person is permitted to undertake such action; any such act/omission done without such approval shall be deemed to be void ab initio, and the Bank shall be permitted to take (and the Fintech’s/Startup hereby consents to the Bank taking) all necessary steps to unwind such acts/omissions, at any time and as the Bank deems fit.
3. Scope; Warranties; Term
3.1. The Fintech’s/Startup (through its Integration Team) shall carry out the Development Activities (as defined below) in accordance with, and subject to the terms of, these Developer T&Cs.
3.2. The Bank shall provide the Fintech’s/Startup with requisite access to its Website in order to facilitate the Fintech’s/Startup carrying out the Development Activities (as defined below) in accordance with, and subject to the terms of, these Developer T&Cs.
3.3. The Fintech’s/Startup and the Bank shall implement the terms of these Developer T&Cs in good faith, with the objective of completing the Development Activities within 3 (Three) months of the execution / acceptance of the Terms & Conditions for the API Banking Services so that the Fintech’s/Startup can begin to avail the API Banking Services in the Production Environment.
3.4. The Bank shall be permitted to unilaterally communicate service level process flows and instructions in relation to the Development Activities to the Fintech’s/Startup from time to time (the Process Terms), which the Fintech’s/Startup shall be bound to comply with. The Process Terms shall be deemed to be part of these Developer T&Cs, provided, however that in the event of any conflict between these Developer T&Cs and the Process Terms, these Developer T&Cs shall control and prevail. It is clarified that, in addition to the foregoing, if there is any difficulty in carrying out the Development Activities, and/or the application of these Developer T&Cs, the Bank shall be entitled to issue Process Terms in order to remove such difficulties.
3.5. The Fintech’s/Startup represents and warrants that (when applicable) it has duly and validly executed the Omnibus Board Resolution in a duly convened and quorate meeting of its board of directors (or appropriately authorized committee thereof), and that the Omnibus Board Resolution shall continue to be in effect during the course of the Development Activities/Term.
3.6. Each of the Fintech’s/Startup and the Bank represent and warrant to each other that:
(a) it has all requisite power and authority to enter into these Developer T&Cs and to perform their respective obligations hereunder;
(b) the entering into and performance of these Developer T&Cs by it, does not, and will not, (i) conflict with or affect or result in any violation or breach of, or default (with or without notice or lapse of time, or both) under, any provision of Applicable Law, or (ii) result in any material violation or material breach of, or material default (with or without notice or lapse of time, or both) under, any contractual obligation applicable to it; and
(c) the execution/acceptance of the Terms & Conditions for the API Banking Services (of which these Developer T&Cs are a part) by it shall constitute valid and binding obligations, enforceable against it in accordance with its terms.
3.7. These Developer T&Cs shall be effective from the date of execution / acceptance of the Terms & Conditions for the API Banking Services (of which these Developer T&Cs are a part) until termination pursuant to Clause 10 hereof (the Term).
4. Sandbox; UAT Environment
4.1. Upon execution/acceptance of the Terms & Conditions for the API Banking Services (of which these Developer T&Cs are a part), the Fintech’s/Startup shall be permitted to carry out development activities in a mock testing environment whose purpose is to ensure that the request and response syntax of the proposed API-Based ERP Integration is functioning properly for the purpose of making Payments to Beneficiaries, or any other similar operation involved in the API Banking Services, and in which pre-defined hardcoded responses will be provided by the Bank’s API on a ‘dummy’ basis (the Sandbox).
4.2. It is clarified that actual Payments to Beneficiaries shall not take place on the basis of development work done in the Sandbox.
4.3. The Sandbox may be accessed by the Fintech’s/Startup through the Authorized User on the applicable address of the Website, and until the Bank’s approval is provided in writing for the development activities being carried out by the Fintech’s/Startup in the Sandbox, the Fintech’s/Startup shall not be permitted to access the UAT Environment.
4.4. Subsequently, in the event the Fintech’s/Startup’s development activities that have taken place in the Sandbox receive the written approval of the Bank upon the Fintech’s/Startup (or its applicable user) completing the relevant procedures that the Bank may prescribe in this regard, to the satisfaction of the Bank, then the Fintech’s/Startup may access the UAT Environment.
4.5. The Fintech’s/Startup is required to ensure that the applications developed in the Sandbox by the Fintech’s/Startups conform to the parameters indicated/required by the Bank to the Fintech’s/Startup from time to time, in line with the objective of providing the API Banking Services, and, without limitation:
(a) incorporate enrolment and authentication technologies, processes and procedures appropriate to mitigate the risk of unauthorized enrolment or access to sensitive Fintech’s/Startup information or funds transfer functionality;
(b) ensure that critical information (e.g., passwords and account) does not reside directly on a device, unless essential to the applications’ functionality. If critical information does reside on the device, the applications should encrypt and securely store such information (e.g., within an encrypted data section or within encrypted storage in the file system);
(c) collect any end user information only as necessary, and appropriately secure such information and any derived analytics reporting available within or external to the applications;
(d) mitigate the risk of unpatched devices or those that are no longer supported by the manufacturer;
(e) securely wipe any sensitive end user information upon exiting the applications; and
(f) secure back-end servers containing the application and Fintech’s/Startup data.
4.6. In the Sandbox, the Fintech’s/Startup must complete the following activities before it requests the Bank for access to the UAT Environment:
(g) registration of the Fintech’s/Startup to the Sandbox, as per the Bank’s requirements;
(h) subscription to the relevant APIs;
(i) testing of the relevant APIs in the Sandbox;
(j) validation of output of the APIs’ testing and execution in the Sandbox, in the manner provided in the test case documentation communicated by the Bank.
4.7. In the UAT Environment, the Fintech’s/Startup will continue to carry out development activities in order to further develop the API-Based ERP Integration to finalize the form in which the Bank will provide the API Banking Services, and carry out further functional testing to ensure expected response for API calling carried out in the UAT Environment responses will be provided from the Bank’s core banking UAT system.
4.8. Access to the UAT Environment and the UAT APIs will be granted to the Fintech’s/Startup only after the Fintech’s/Startup submits Omnibus Board Resolution to Bank. Subsequently, upon a written acceptance of the Omnibus Board Resolution by the Bank, access to UAT APIs will be granted to the Fintech’s/Startup through the applicable address of the Website, and the Fintech’s/Startup complying with the relevant requests/requirements of the Bank.
4.9. At the conclusion of the development activities in the UAT Environment, if the Bank is satisfied with the development activities carried out by the Fintech’s/Startup, the Bank may, at its sole discretion, verify the results of the UAT testing by reviewing the UAT Exit Report, along with a security certification, which shall be a pre-condition for the Fintech’s/Startup being permitted to completing the ‘onboarding process for the API Banking Portal Services, accessing the Production Environment and availing the API Banking Portal Services.
4.10. In the UAT Environment, the Fintech’s/Startup must complete the following activities before it requests the Bank for access to the Production Environment:
(a)the Onboarding Process for the Open API Banking Developer portal, as defined in the Terms & Conditions for the Open API Banking Developer portal Services;
(b) submission and validation of Omnibus Board Document generated as a part of onboarding process, in the home branch of the Fintech’s/Startup;
(c) registration to the UAT Environment after the Bank’s validation;
(d) subscription to the UAT APIs;
(e)testing of relevant UAT APIs on UAT Environment, after configuring UAT IPs and Digital Certificates with the Bank; and
(f)validation of output of the UAT APIs’ testing and execution in the UAT Environment, in the manner provided in the test case documentation communicated by the Bank
5. General Terms & Conditions
5.1. The development activities carried out by the Fintech’s/Startup for availing the API Banking that are carried out in the Sandbox and the UAT Environment (as aforesaid) are hereinafter referred to as Development Activities.
5.2. The Bank has granted the Fintech’s/Startup access to the Sandbox and the UAT Environment as aforesaid in express reliance upon the Fintech’s/Startup’s undertakings regarding the specific use to which the same shall be put by the Fintech’s/Startup, and the Fintech’s/Startup shall not use the said Sandbox and the UAT Environment for any other purpose.
5.3.During the Development Activities, the Fintech’s/Startup will be required to meet the Bank’s requirements, as may be communicated and determined by the Bank from time to time, and satisfy the same promptly (including, without limitation, satisfying the Bank’s IT Team in relation to presence of adequate firewalls, IP authentication etc.).
5.4.The Fintech’s/Startup’s ability to carry out Development Activities shall be activated only upon each Party confirming in writing to the other Party that such Party has correctly accessed the other party’s Public Key generated for the relevant service. Without prejudice to this term/clause, any change or substitution of either Party’s Public Key will only be effective after the delivery and/or exchange and validation of the new keys and on a date to be notified by the Bank to the Fintech’s/Startup.
5.5. The Fintech’s/Startup agrees to use the Fintech’s/Startup ERP at the designated server which has been intimated to Bank at the time of the Development Activities, and shall continue to do so unless the Bank provides its prior written approval for any change of server
5.6. The IP and Digital Certificates for the Production Environment may only be modified only upon the completion of the following conditions:
(a) by the Fintech’s/Startup, if the Fintech’s/Startup is acting through the Corporate Admin, and
(b) upon the Fintech’s/Startup’s branch of the Bank, and the Bank’s IT Team’s approval.
5.7. The Fintech’s/Startup undertakes to (and further undertakes to require the Authorized Users to) provide accurate information and disclosures to the Bank wherever required. The Fintech’s/Startup shall always be responsible for the correctness of the information provided by such Authorized Users to the Bank.
5.8. While the Bank and its Affiliates will take all reasonable steps to ensure the accuracy of the information supplied to the Fintech’s/Startup, the Bank and its Affiliates shall not be liable for any inadvertent error, which results in the provision of inaccurate information.
5.9. The Bank may refuse to act upon an Instruction and take any action that the Bank deem appropriate in the circumstances, including cancellation or restriction of the Fintech’s/Startup’s Development Activities, if:
(a) the Bank has reasonable grounds to believe that the Instruction was not given by the Fintech’s/Startup;
(b) the Instruction was not clear or ambiguous, as determined by the Bank; and
(c) the Bank believes in its sole discretion that acting upon the Instruction will prevent the Bank from complying with what the Bank considers to be their obligations under Applicable Law, regulation or guidelines of a regulatory authority;
(d) the Bank believes, in its sole discretion, that acting on the Instruction might cause the Bank to be in breach of a contractual duty, or prevent the Bank from complying with their obligations under any contract or arrangement the Bank may be subject to;
(e) the Bank believes, in its sole discretion, the Fintech’s/Startup’s rights of access to the Sandbox/UAT Environment are being used for an unlawful purpose, including but not limited to, a violation of sanctions legislation, anti-money laundering or terrorism financing legislation; or
(f) there has been, or the Bank have reason to believe, there is about to be an unauthorized disclosure of the Fintech’s/Startup’s security details or other security breach, or breach of these Developer T&Cs generally.
5.10. The Fintech’s/Startup hereby unconditionally permits the Bank to act on the basis of the Instructions. The Fintech’s/Startup agrees to ensure all Instructions initiated via the API Banking Service are clear and accurate.
5.11. The Fintech’s/Startup must also follow any procedures for submitting Instructions that may be provided to the Fintech’s/Startup, including but not limited to, usage of a security token using a Bank specified mechanism, private-public key, digital certificates issued by the certifying authority, etc.
5.12. The Fintech’s/Startup shall ensure full compliance with the Applicable Laws during the time of, and in relation to, the Development Activities.
5.13. The Fintech’s/Startup acknowledges that the Bank is not the owner or developer of the whole or any part of the PKI System chosen and used by the Fintech’s/Startup in connection with the Development Activities, and that the Bank has not made any representations or warranties regarding the PKI System to the Fintech’s/Startup.
5.14. The Fintech’s/Startup hereby agrees that the Bank has no liability for any loss or damages caused by any defect or malfunction in the PKI System chosen by the Fintech’s/Startup.
5.15. The Fintech’s/Startup agrees that it shall not be entitled to rely on any information sent by the Bank in response to any Instruction where such information may be accessed freely by the Fintech’s/Startup without using the Bank’s Public Key, and the Bank shall not be liable for any damages or losses arising from such reliance.
5.16. The type of PKI System to be used in relation to Development Activities shall be submitted to the Bank for its prior written approval, and the Bank may provide or deny approval for the same at its sole discretion.
5.17. The PKI System chosen by each Fintech’s/Startup must conform to the Bank’s requirements.
5.18. Notwithstanding that the PKI System chosen by the Fintech’s/Startup may be provided to the Fintech’s/Startup by the Bank, Fintech’s/Startup agrees that each Party is solely responsible for generating its own Private Key and Public Key, and ensuring the due delivery of the Public Key (in the manner agreed to between the Fintech’s/Startup and the Bank as set out in the relevant set-up form(s)) to the other party.
5.19. The Fintech’s/Startup shall be fully responsible for storing and configuring the Fintech’s/Startup ID, Private Key, Public Key and the Bank’s Public Key.in its ERP. Bank will provide its Public Key and the same would be provided by the Fintech’s/Startup in the integration process. The relevant Private Key will be maintained at both the ends (i.e., the Bank’s and the Fintech’s/Startup’s).
5.20. In the event of any urgent maintenance services or downtime, the Bank shall not be required to provide the Fintech’s/Startup with the ability to carry out Development Activities.
5.21. The Fintech’s/Startup will ensure to prevent the spread of viruses by checking all magnetic tapes, diskettes, cartridges, and all computer software used for transmission of data to the Bank. This includes running a virus check program on the computer where the transmission of data to the Bank will be originated. Fintech’s/Startup shall not transmit any materials or information in the course of the Development Activities which are or may be offensive, indecent and defamatory or which may not be lawfully disseminated under Applicable Laws or which contains any viruses, malicious code or damaging components.
5.22. The Fintech’s/Startup hereby unconditionally permits the Bank to act on the basis of the Instructions.
5.23. Where it has been agreed in writing between the Fintech’s/Startup and the Bank that any information or Instruction shall not be encrypted by either, or both, the Fintech’s/Startup and Bank, the Bank shall not have any liability arising from or in connection with the interception of or interference with such information or Instruction.
5.24. The Bank shall:
(a) have no responsibility to act upon, and shall have no liability in relation to, any Instruction unless the Instruction is digitally signed and encrypted by the Fintech’s/Startup, as per the Bank’s guidelines, prior to sending such Instruction; and
(b) encrypt information required by the Fintech’s/Startup in relation to all Instructions, and all other information, using the Bank’s Private Key prior to sending such information to the Fintech’s/Startup
5.25. The Bank may, at its discretion periodically audit the scope of use and Fintech’s/Startups compliance with these Developer T&Cs by giving a reasonable notice of such audit to the Fintech’s/Startup.
5.26. The Fintech’s/Startup shall ensure the diligence at their end as regards the accuracy of the data and information prior to transmitting the same to the Bank through APIs. The Bank shall in no manner be responsible for any error or discrepancy arising out of any error or omission or incorrect data on the part of the Fintech’s/Startup.
5.27. The Fintech’s/Startup agrees:
(a) to take all reasonable and necessary measures to detect and prevent any unauthorized entry or use of their local area network;
(b) to immediately inform the Bank in the event that the Fintech’s/Startup have (or ought to have) reason to believe that there is or has been unauthorized access or use within their local area network; and
(c)to inform the Bank as soon as possible if the Parties becomes aware that any Public Key or Private Key has been corrupted or is unable to perform validly and/or accurately its function.
(d) This website is integrated with Google Analytics and that the data from the Fintech’s/Startup’s browser is being used to enhance Fintech’s/Startup experience and for analytics purposes.
5.28. The Fintech’s/Startup acknowledges that the Bank will not be aware of such notifications whose receipt is solely within the Fintech’s/Startup’s control, and the Fintech’s/Startup agrees to inform the Bank of such notifications as soon as possible.
5.29. The Fintech’s/Startup has exercised adequate controls at its end to ensure the authorisation, authenticity and accuracy of the Instructions.
5.30. The Fintech’s/Startup hereby acknowledges that it is carrying out the Development Activities at its own risk. The Fintech’s/Startup understands and accepts that the Bank shall neither be liable for, nor be responsible for, any such risks, and has entered into these Developer T&Cs upon an express acknowledgement of the Bank’s liability disclaimers set out herein. These risks would include the various risks as below.
(a) Misuse of passwords
The Fintech’s/Startup acknowledges that if any unauthorized/third person obtains access to the password, such unauthorized/third person would be able to have access to the Development Activities, and/or be able to provide Instructions; in such event, the Bank shall not be liable for any loss, injury or damage sustained by the Fintech’s/Startup. The Fintech’s/Startup shall ensure that it has robust internal policies to provide for the terms and conditions applicable to the use of the password/s, and that the same are complied with at all times.
(b) Internet Risks
The Internet is susceptible to a number of frauds, misuse, hacking and other actions, which could affect Instructions given to the Bank. Whilst the Bank shall provide security measures to the extent required to adhere to the standards prescribed by the RBI in respect of security measures, transactions conducted over the internet etc., there is no guarantee from the Bank in relation to the same, and the Banks shall not be shall not be liable for any loss, injury or damage sustained by the Fintech’s/Startup due to such risks.
(c) Technology Risk
Despite following all security and technological measures prescribed by the RBI from time to time, the technology for the Development Activities could be affected by a virus or other malicious, destructive or corrupting code or programme. It may also be possible that the Website may require maintenance/repairs, and during such time it may not be possible to process the request of the Fintech’s/Startup. This could result in delays in processing of Instructions, or failure in the processing of Instructions, and other such failures and mobility. The Bank disclaims all and any liability, whether direct or indirect, arising out of loss or profit, or otherwise arising out of any failure or inability by the Bank to honour the Instructions for whatsoever reason. The Bank shall not be liable if the Instruction is not received correctly, and/or is not complete, and/or is not in machine readable form.
5.31. If the Bank becomes aware of any violation of these Developer T&Cs, it shall have the right to immediately suspend the Fintech’s/Startup’s Development Activities.
5.32. If the Fintech’s/Startup becomes aware of any violation of these Developer T&Cs, it shall immediately inform the Bank in writing of the same, providing it details regarding such violation
5.33. The Bank, its Affiliates, and their respective sub-contractors, service providers and agents disclaim any liability for any unauthorized access or use during the course of the Development Activities.
5.34. The Fintech’s/Startup is responsible for the appropriate configuration and use of the Sandbox and the UAT Environment. The Fintech’s/Startup shall take appropriate action to secure, protect, and back up Fintech’s/Startup Content in a manner that will provide desired security and protection. This may include the use of encryption to protect Fintech’s/Startup Content from unauthorized access, and routine archiving of the Fintech’s/Startup Content.
5.35. Credentials, including log-in credentials for the Fintech’s/Startup ERP, and Private Keys generated by during the course of the these Developer T&Cs, are for Fintech’s/Startup’s internal use only and Fintech’s/Startup shall not assign, sell, transfer, license, or sub-license the same to any other entity or person.
5.36.The Fintech’s/Startup will be responsible for the acts and omissions of the Authorized Users, its employees, officers, directors, consultants, advisors, agents, contractors and sub-contractors
5.37. Notwithstanding anything contained in these Developer T&Cs, the Fintech’s/Startup shall be responsible for all and any consequences which may arise as a result of the Fintech’s/Startup carrying out Development Activities.
5.38. The Fintech’s/Startup agrees to accept the prescribed authentication technologies and security measures required for providing/receipt of the request/instruction to/from the Bank through the Website, and undertake to take all reasonable steps to ensure that the accuracy, completeness, authenticity and security of the details provided, and that the same are not tampered with or violated.
5.39. The Fintech’s/Startup undertakes that any information provided by the Bank during the course of the Development Activities shall not be transferred outside the territorial jurisdiction of India.
5.40. The Fintech’s/Startup agrees and acknowledges that the Bank’s sole obligation, and the Fintech’s/Startup’s sole and exclusive remedy, in the event of interruption to the Development Activities, or loss of use and/or access to the Website (each, if due to a fault/lapse of the Bank), shall be for the Bank to use all reasonable endeavors to restore the access to the Development Activities as soon as reasonably possible.
5.41. The Bank makes no other express or implied warranty with respect to the Development Activities provided hereunder, including without limitation any warranties of uninterrupted and/or error-free performance of the system forming part of the Website, non-infringement of third party rights, title, merchantability, satisfactory quality and/or fitness for a particular purpose.
5.42. At the request of the Fintech’s/Startup, the Bank at its sole discretion may provide tools, including but not limited to, extraction programs, converters etc. to facilitate the Development Activities. The Fintech’s/Startup agrees that these tools are provided by the Bank solely at the request of the Fintech’s/Startup. The Bank may use third party service providers for the creation of such tools. The Fintech’s/Startup agrees and undertakes that the Fintech’s/Startup shall be solely responsible to confirm the accuracy of the tools and on-going maintenance of the same as per the Fintech’s/Startup’s internal requirements from time to time.
5.43. The Fintech’s/Startup irrevocably, absolutely and perpetually assign to the Bank worldwide rights in respect of all his/her right(s), title(s), and interest(s) under any statute or common law including patent rights; copyrights including moral rights; trademarks, designs, anywhere in the world, whether negotiable or not, in respect of the Development Activities, free from encumbrances of any kind for the full term of each and every such right, including renewal or extension of any such term
5.44. All of the Intellectual Property (created solely or jointly with others) given, disclosed, created, developed or prepared in connection with the Development Activities, and/or inventions developed in the course of the Development Activities, within the meaning of the copyright laws of all jurisdictions, including and without limitation, India, and the Bank shall be deemed to be the sole author thereof in all jurisdictions for all purposes. If under any Applicable Law, any results and proceeds of the Development Activities are not deemed to be works and/or inventions developed in the course of the Development Activities, then to the fullest extent allowable, and for the full term of protection otherwise accorded to the Fintech’s/Startup under such Applicable Law, the Fintech’s/Startup hereby assigns and transfers to the Bank any/all right(s), title(s), and interest(s) in such works and/ or inventions
5.45. The Fintech’s/Startup further irrevocably, absolutely and perpetually assigns to the Bank worldwide rights in respect of:
(a) any licences, permissions and grants in connection with any of the above
Intellectual Property;
(b) applications for any of the foregoing, and the right to apply for them in any
part of the world;
(c) right to obtain and hold appropriate registrations in any of the above
Intellectual Property,
(d) all extensions and renewals thereof; and
(e) causes of action in the past,
present or future, related thereto including the rights to damages and profits, due or accrued, arising out of past, present or future infringements or violations thereof and the right to sue for and recover the same.
6. Security Measures
6.1. The Fintech’s/Startup will ensure that appropriate restrictions are put in place to ensure that the Instructions pertaining to the Development Activities are generated by a human, and not by any automatic process or script.
6.2. In the event the Bank apprehends that illegal activities are being done using the Development Activities, the Bank has the right to immediately cease providing the Development Activities.
6.3. Where it has been agreed in writing between the Fintech’s/Startup and the Bank that any information or Instruction shall not be encrypted by either, or both, the Fintech’s/Startup and Bank, the Bank shall not have any liability arising from or in connection with the interception of or interference with such information or Instruction.
6.4. Subject to point above, the Bank shall:
(a) have no responsibility to act upon, and shall have no liability in relation to, any Instruction unless the Instruction is digitally signed and encrypted by the Fintech’s/Startup, as per the Bank’s guidelines, prior to sending such Instruction; and
(b) encrypt information required by the Fintech’s/Startup in relation to all Instructions, and all other information, using the Bank’s Private Key prior to sending such information to the Fintech’s/Startup.
7. Fees
7.1. Though right now there is no charges for using Open API Banking developer Portal for Fintech’s/Startup companies at the moment .The Fintech’s/Startup agrees that the Bank shall have the discretion to charge such fees as it may deem fit from time to time and may at its sole discretion, in consideration for permitting the Fintech’s/Startup to carry out the Development Activities and/or availing the API Banking Services (the Fees); it being clarified that the Bank may revise the Fees unilaterally from time to time.
7.2. Such Fees shall be notified on the Website from time to time, and the Fintech’s/Startup would be expected to appraise itself of the same. Any transactions conducted on behalf of the Fintech’s/Startup, post such notification, shall be deemed as Fintech’s/Startup’s acknowledgement and acceptance of the Fees notified on the Website.
7.3. The Fintech’s/Startup shall pay the Fees within each relevant Fee Payment Due Date.
7.4. The Fintech’s/Startup shall be solely responsible for payment of all past, present and future Taxes, as may become due and payable in relation to the API Banking Services.
7.5. The Bank is entitled to recover the Fees by adjusting the same against the funds belonging to Fintech’s/Startup, or by debit to the account held by the Fintech’s/Startup with the Bank, after giving prior to notice to Fintech’s/Startup.
7.6. The Fintech’s/Startup shall be liable to pay interest at prevailing rates on account of any delay or default on its part to pay the Fees (including applicable Taxes if any), or any outstanding payable to the Bank, on or before the relevant Fee Payment Due Date.
7.7. The Fintech’s/Startup shall be liable for payment of airtime or other charges which may be levied by any cellular service provider in connection with the Development Activities and/or the API Banking Services, and the Bank shall in no way be concerned with or liable for the same.
8. Indemnification
8.1. The Fintech’s/Startup expressly and unequivocally agrees to, and hereby does, indemnify, save, defend and hold harmless the Bank and its officers, directors, employees, shareholders, agents, consultants and other representatives, successors and assigns of, from and against all, direct and indirect, claims, damages, fines, penalties losses, costs and expenses, including attorneys’ fees arising out of any action, omission, breach or default by the Fintech’s/Startup and/ or its employees or agents under or in the course of performing its obligations under these Developer T&Cs, or as a result of any acts or omissions on the part of the Authorized Users, including without limitation, any acts or omissions which are contrary to these Developer T&Cs, and/or otherwise incurred by the Bank in the course of performance of its obligations under these Developer T&Cs, including without limitation, in the following cases:
(a) The Fintech’s/Startup’s breach of any representation, warranty or covenant made/undertaken by it under these Developer T&Cs;
(b) the Fintech’s/Startup’s breach of Applicable Law;
(c) any claim made, or proceeding commenced, by any other person against the Bank, in relation to the Development Activities;
(d) taxes/charges/cess/levies (and interest or penalties assessed thereon) against the Bank that are obligations of the Fintech’s/Startup under the terms of these Developer T&Cs;
(e) the Fintech’s/Startup’s (or any Authorized User’s) wilful misconduct, fraud or gross negligence in connection with these Developer T&Cs;
(f) as a result of faulty, inaccurate or unauthorised information/Instructions having been provided to the Bank by the Fintech’s/Startup;
(g) any breach of security, compromise, theft, modification and/or corruption of the Fintech’s/Startup ERP; and
(h) all user setups that the Bank performs basis the Omnibus Board Resolution.
9. Limitation of Liability
9.1. Without prejudice to any other provisions of these Developer T&Cs, the Bank shall not be liable to the Fintech’s/Startup for any loss or damage, whatsoever or however caused or arising, whether directly or indirectly, in connection with the Development Activities and/ or these Developer T&Cs, including without limitation any loss or damage arising from:
(a) any breach of these Developer T&Cs by the Fintech’s/Startup;
(b) loss of data contained in the Website and/ or the servers maintained by the Fintech’s/Startup;
(c) any interruption or stoppage in the Fintech’s/Startup’s access to and/ or the use of the Website;
(d) any breach of security in respect of or loss of data residing on the server of the Fintech’s/Startup or a third party;
(e) any loss of profits, loss of business opportunity, reputational loss and/or any other direct or indirect loss;
(f) any failure or delay in performing the Development Activities, if such failure or delay: (i) is caused by the Fintech’s/Startups acts or omissions; (ii) results from actions taken by the Bank in good faith to avoid violating Applicable Law or to prevent fraud on a Fintech’s/Startup; or (iii) is caused by a Force Majeure Event.
9.2. The Parties hereby acknowledge and agree that the cumulative liability of the Bank to the Fintech’s/Startup (as may be determined by a final, non-appealable order of a competent court) arising out of or as a result of these Developer T&Cs, whether under terms of these Developer T&Cs or under Applicable Law, shall at no point in time exceed the Fees paid by the Fintech’s/Startup to the Bank during the period of 3 (Three) months (or such shorter period during which these Developer T&Cs has been in force) immediately preceding the date on which any claim is made.
9.3In the performance of these Developer T&Cs, the Bank shall be entitled to assume the below, and shall not be liable for any acts/omissions on the basis of the below in any circumstances including in case of any forged signatures, unauthorised use of digital/electronic signatures, electronic consent or electronic access:
(a) messages that originate from the server of the Fintech’s/Startup, or from the Authorized User, have been duly authorised by the Fintech’s/Startup, as the case may be;
(b) messages that originate from the Fintech’s/Startup are deemed to be authorised by the Fintech’s/Startup; and
(c) all the information contained in any such messages is true and accurate and is sent by authorised personnel of the Fintech’s/Startup.
9.4. The Bank shall not be liable for any losses or damages caused to any person whatsoever as a result of any such message being unauthorised, inaccurate or fraudulent.
10. Termination
10.1. The Fintech’s/Startup may at any time discontinue the Fintech’s/Startup’s access to the Website, either fully or in respect of certain of its Authorized Users, by way of a written notification to the Bank.
10.2. The Bank may terminate these Developer T&Cs with immediate effect, and without cause, by giving a written notice to the Fintech’s/Startup.
10.3. Notwithstanding any contained herein, the termination of these Developer T&Cs will be without prejudice to any rights or obligations accrued to or in respect of the Parties prior to the date of termination, and will not release any Party from any liability that at the time of termination has already accrued to any Party, or which thereafter may accrue in respect of any act or omission taken or suffered prior to or on such termination.
10.4. The following provisions shall survive any termination of these Developer T&Cs: Clauses [?], and this Clause 10.4.
11. Data Security
11.1. The Fintech’s/Startup shall (and shall ensure that its employees, agents and subcontractors shall) be required to maintain such administrative, technical and physical safeguards, and such processes, procedures and checks including, to secure the Fintech’s/Startup Information & System as may be required under Applicable Law and/or industry standards or regulations, which safeguards must be at least equal to or better than
(a) the safeguards it currently has in place to protect its own data; and
(b) generally accepted security standards in the financial services industry.
11.2. The administrative, technical and physical safeguards, processes, procedures and checks provided for in Clause 11.1 shall be designed to:
(a) protect the security and confidentiality of the Fintech’s/Startup Information & System;
(b) ensure protection against any anticipated threats or hazards to the security and confidentiality of the Fintech’s/Startup Information & System;
(c) protect against unauthorised access to or use of the Fintech’s/Startup Information & System or associated records which could result in substantial harm or inconvenience to the Bank or any of its Fintech’s/Startups; and
(d) ensure the proper and secure disposal of such Fintech’s/Startup Information & System and other material in its possession, custody or control, in accordance with the instructions of the Bank.
(e) without limiting the generality of the foregoing, the Fintech’s/Startup shall ensure that all Fintech’s/Startup Information & System, whether in transit, hosted, stored, or held by the Fintech’s/Startup in the products or in the platform operated by the Fintech’s/Startup, or on any device owned or in the custody of the Fintech’s/Startup, including the Fintech’s/Startup’s staff, or held or retained by the Fintech’s/Startup (including by any of the Fintech’s/Startup’s staff), shall be encrypted by 128-bit or higher encryption, at all times until such Fintech’s/Startup Information & System is held by it/ them, pursuant to its/ their obligations under these Developer T&Cs.
11.3. Without limiting the generality of the foregoing, the Fintech’s/Startup shall initiate all measures which a prudent organisation, in a similar situation, would take to secure and defend its systems that contain the Fintech’s/Startup Information & System against “hackers” and others who may seek, without authorisation, to modify or access its systems or the Fintech’s/Startup Information & System. The Fintech’s/Startup will periodically test its systems for potential areas where security could be breached.
11.4. The Fintech’s/Startup covenants that it shall take appropriate technical and organisational measures against:
(a) any unauthorised or unlawful processing or alteration of the Fintech’s/Startup Information & System in the systems of the Fintech’s/Startup,
(b) any resultant loss or destruction of, or damage to, the Fintech’s/Startup Information & System due to unauthorised processing or alterations, and
(c) unauthorised or accidental access, processing, erasure, transfer, use, modification, or other misuse of the Fintech’s/Startup Information & System, and shall ensure that only reliable personnel who are authorised for such access by the Bank, and bound by adequate confidentiality obligations shall have access to the Fintech’s/Startup Information & System and strictly only on a ‘need to know’ basis.
11.5. The Fintech’s/Startup shall ensure that the personnel of the Fintech’s/Startups (or of any of the Fintech’s/Startup’s sub-contractors) who access the Fintech’s/Startup Information & System provide a written undertaking not to access, use, disclose or retain the Fintech’s/Startup Information & System except in performing their duties of employment and any failure to comply with this undertaking may result in a criminal offence and may lead the Fintech’s/Startup (or the Fintech’s/Startup’s sub-contractor, as the case may be) to initiate disciplinary action against such personnel.
11.6. The Fintech’s/Startup agrees and acknowledges that any unauthorised access, destruction, alteration, addition or impediment to, access or use of the Fintech’s/Startup Information & System (whether stored in any computer or otherwise) or the publication or communication of any part thereof (other than to a person to whom the Fintech’s/Startup is authorised to publish or disclose the fact or document) may be a criminal offence.
11.7. The Fintech’s/Startup shall (and shall ensure that its employees, agents and subcontractors shall) in respect of the Fintech’s/Startup Information & System:
(a) comply with any request made or direction given by any authorised personnel of the Bank in connection with the requirements of any data protection laws;
(b) not do or permit anything to be done which might jeopardise or contravene the terms of any registration, notification or authorisation under any data protection laws;
(c) use the Fintech’s/Startup Information & System only for the purposes of fulfilling its obligations under these Developer T&Cs and to comply with instructions given by the Bank from time to time in connection with use of such data, and not retain the data any longer than is necessary for these purposes and/or under Applicable Law;
(d) not transfer Fintech’s/Startup Information & System which has been obtained by or made available to the Fintech’s/Startup or any other data relating to payment systems operated by the Bank including, without limitation, full end-to-end transaction details/information collected/carried/processed as part of the message/payment Instruction, outside India, or allow persons outside India to have access to it, without the prior written approval of the Bank;
(d) take all reasonable steps to ensure the reliability of the personnel who will have access to any Fintech’s/Startup Information & System and ensure that the personnel of the Fintech’s/Startup who access the Fintech’s/Startup Information & System give a written undertaking not to access, use, disclose or retain the Fintech’s/Startup Information & System except in performing their duties of employment;
(f) consider and comply with all suggestions of the Bank to ensure that the level of protection provided for the Fintech’s/Startup Information & System is in accordance with these Developer T&Cs, Applicable Law, and shall be required to make, at its own cost, any revisions and modifications suggested by the Bank in this regard;
(g) not disclose Fintech’s/Startup Information & System, except as expressly authorised by these Developer T&Cs, without the prior written consent of the Bank and immediately notify the Bank prior to any disclosure required to be made under Applicable Law; and
(h) promptly return to the Bank any part or all of the Fintech’s/Startup Information & System, on a request being made in this regard by the Bank.
11.8. The Fintech’s/Startup shall ensure that the Fintech’s/Startup Information & System is maintained in such a way that it is protected and is not mixed or mingled with any other data, including any data of its other business partners.
11.9. The Fintech’s/Startup shall exercise due diligence, be vigilant and forthwith report any breach of this Clause 11, all violations of information security, any breaches in the security practices, control processes and checks of the Fintech’s/Startup and all suspected security events immediately to the Bank at apihub.eis@sbi.co.in, and shall also immediately intimate all the concerned representatives and employees of the Bank which interact with the Fintech’s/Startup on a regular basis of such violation. In case of any security breach observed by the Bank, the same should be intimated to the Fintech’s/Startup immediately so that the same can be rectified.
11.10. The Fintech’s/Startup further confirms and agrees that it shall at all times during the tenure of these Developer T&Cs monitor the security practices, control processes and checks in respect of any Fintech’s/Startup Information & System on a regular basis.
11.11. The Fintech’s/Startup shall be solely liable for any breach of security, compromise, theft, modification and/or corruption of the Fintech’s/Startup Information & System (the Data Compromise Events), where the Data Compromise Events were result of any act or omission of the Fintech’s/Startup. The Fintech’s/Startup hereby indemnifies and agrees to keep indemnified the Bank in respect of the Data Compromise Events in terms of Clause 11 above.
12. Confidentiality
12.1. The Parties shall maintain utmost confidentiality regarding the existence of these Developer T&Cs, their terms, all matters related to the Development Activities, and all information and other materials passing between the Parties in relation to the transactions contemplated therein (the Confidential Information) at all times.
12.2. The restriction contained in Clause 12.1 shall not apply:
(a) to the extent that such Confidential Information is in the public domain other than by breach of these Developer T&Cs;
(b) to the extent that such Confidential Information is required or requested to be disclosed under any Applicable Law or by any Governmental Authority to whose jurisdiction the relevant Party is subject or with whose instructions it is customary to comply under notice to such Party or the rules of any stock exchange;
(c) in so far as any such Confidential Information is disclosed to its Affiliates, or the employees, directors, investors or creditors of such Party or its Affiliates on a need to know basis, provided that such Party shall inform such Persons of the confidential nature of such information;
(d) to the extent that any such Confidential Information is later acquired by a Party from a source not obligated to any other Party, or its Affiliates, to keep such Confidential Information confidential
(e) to the extent that any such Confidential Information was previously known or already in the lawful possession of a Party, prior to disclosure by any other Party unless such information came to be known under obligations of confidentiality;
(f) to the extent that any information, similar to the Confidential Information, shall have been independently developed by a Party without reference to any information furnished by any other Party; and
(g) to the extent required any such Confidential Information to be disclosed to any Governmental Authorities for the purpose of enforcement of rights and obligations under the these Developer T&Cs.
12.3. Further, no Party shall make any announcements to the public or to any third party regarding the these Developer T&Cs without the prior written consent of the other Parties, provided that nothing contained in this Clause 12.3 shall apply if such announcement is required to be disclosed on account of Applicable Law or pursuant to legal process.
12.4. The Fintech’s/Startup agree that the Bank may disclose, to other institutions, such information in relation to the Fintech’s/Startup as may be necessary for any reason, including, but not limited to, participation in any telecommunication or electronic clearing network, in compliance with legal directive, for credit rating by recognized credit scoring agencies, and for fraud prevention.
12.5. The Fintech’s/Startup accepts that all information/Instructions will be transmitted to and/or stored at various locations, and is accessed by personnel of the Bank (and its Affiliates).
13. Governing Law & Dispute Resolution
13.1. These Developer T&Cs shall be governed by, and construed in accordance with, the laws of India. The competent courts at Mumbai shall have exclusive jurisdiction and both the Parties hereto submit to the same.
13.2. In the event of a dispute, difference, controversy or claim arising out of or in connection with or relating to any of the matters set out in these Developer T&Cs, including any dispute regarding their existence, validity, interpretation or breach (each, a Dispute), the parties to the Dispute shall discuss in good faith to resolve the Dispute. In case the Dispute is not settled within 30 (Thirty) calendar days, either party may refer the Dispute to arbitration in accordance with this Clause 13.
13.3. All Disputes that have not been satisfactorily resolved under Clause 13.1 above shall be referred to arbitration. Such arbitration shall be governed by the Arbitration and Conciliation Act, 1996 or any statutory modification or re-enactment thereof for the time being in force and shall be administered by the Mumbai Centre for International Arbitration in accordance with its rules for the time being in force (the MCIA Rules) which rules are deemed to be incorporated by reference into this Article. These Articles shall remain in full force and effect pending issuance of the award in such arbitration proceedings.
13.4. The language of the arbitration shall be English and all documents submitted (including those submitted as filings, evidence or exhibits) shall be certified English translations if in a language other than English. The juridical seat and venue of arbitration shall be Mumbai, India.
13.5. There shall be 3 (Three) arbitrators to be appointed in accordance with the MCIA Rules as given below, all of whom shall be fluent in English.
13.6. The party referring to the Dispute shall appoint 1 (One) arbitrator and the other party shall appoint 1 (One) arbitrator. The third presiding arbitrator shall be appointed by the 2 (Two) appointed arbitrators. If either of the parties fails to appoint an arbitrator and/or if the appointed arbitrators fail to appoint a third arbitrator, then the arbitrator shall be appointed in accordance with the MCIA Rules.
13.7. The arbitrator(s) will not have power to alter, amend, or add to the provisions of these Articles.
13.8. The arbitration award shall be made in accordance with the MCIA Rules and shall be final and binding on the parties and the parties shall be bound thereby and to act accordingly. The award shall be enforceable in any competent court of law.
13.9. The award shall be in writing and shall be a reasoned award.
13.10. The arbitrator(s) may (but shall not be required to) award to the party that substantially prevails on merits, its costs and reasonable expenses (including reasonable fees of its counsel).
14. Miscellaneous
14.1. Amendments: All amendments or supplements to the terms of these Developer T&Cs can be made only in writing duly signed by each Party.
14.2. No Partnership: Nothing contained in these Developer T&Cs shall constitute or be deemed to constitute a partnership between the Parties, and no Party shall hold himself out as an agent for the other Party, except with the express prior written consent of the other Party. In particular, the Fintech’s/Startup shall not be entitled to use the name or logo of the Bank in connection with the Development Activities, except as may be expressly permitted by the Bank in writing.
14.3. Time: Any date or period as set out in any clause of these Developer T&Cs may be extended with the written consent of the Parties, failing which such time shall be of the essence, if so determined by the Bank.
14.4. Independent Rights: Each of the rights of the Bank under these Developer T&Cs are independent, cumulative and without prejudice to all other rights available to it, and the exercise or non-exercise of any such rights shall not prejudice or constitute a waiver of any other right of the Bank, whether under these Developer T&Cs or otherwise.
14.5. Limitations on Rights of Third Persons: Nothing expressed or implied in these Developer T&Cs is intended, or shall be construed to, confer upon or give any person other than the Parties hereto any rights or remedies under or by reason of these Developer T&Cs or any transaction contemplated thereby, except to the lawful successors and permitted assigns of the Parties hereunder.
14.6. Waiver: Waiver of any breach of any provision of these Developer T&Cs by the Bank shall not constitute a waiver of any prior, concurrent or subsequent breach of the same, or any other provisions hereof, and no waiver shall be effective unless made in writing and signed by an authorised representative of the Bank.
14.7. Severability: If any provision of these Developer T&Cs is invalid, unenforceable or prohibited by law, these Developer T&Cs shall be considered divisible as to such provision and such provision shall be inoperative, and shall not be part of the consideration moving from the Bank to the Fintech’s/Startup, and the remainder of these Developer T&Cs shall continue to remain valid, binding as though such provision was not included herein. In such an event, the Parties shall make all possible efforts to replace the invalid/unenforceable/ illegal provision with a valid, enforceable and legal provision embodying the intention of the Bank as gathered from the earlier provision.
14.8. Force Majeure: The Bank shall not be liable for any failure or delay in its performance under these Developer T&Cs due to acts of God, acts of civil or military authority, fires, epidemics, floods, earthquakes, riots, sabotage or destruction of production facilities, systems failure, technical mishaps, hacking, internet disruptions, loss of data, communications failure, strikes, work stoppages, or other industrial disputes (each, a Force Majeure Event) provided that the Bank:
(a) gives the other Party written notice of such cause within 10 (Ten) Business Days of discovery of the Force Majeure Event; and
(b) uses its reasonable efforts to remedy such delay in its performance.
14.9. Further Assurances: The Fintech’s/Startup hereby agrees to execute and deliver all documents and instruments and to take or cause to be taken such other actions that are reasonably necessary or appropriate to consummate the transactions contemplated by these Developer T&Cs.
14.10. Entire Agreement: These Developer T&Cs (and the Process Terms and to the extent applicable, and the Terms & Conditions for the API Banking Services) constitute the entire understanding between the Parties relating to the subject matter hereof and supersedes all previous writings, negotiations and understandings. It is clarified that these Developer T&Cs, are a part of and shall be read together with the Terms & Conditions for the API Banking Services.
14.11. Drafting: Neither these Developer T&Cs, nor other documents, nor any provision contained herein, will be interpreted against the Bank merely by reason of the Bank having drafted these Developer T&Cs, or such provision.
14.12. Expenses: All costs and expenses (including legal costs) incurred in connection with the execution / entry / acceptance of these Developer T&Cs (being part of the Terms & Conditions for the API Banking Services) shall be solely borne by the Fintech’s/Startup.
14.13. Taxes: The Fintech’s/Startup shall during the period of these Developer T&Cs bear all present and future taxes and other charges levied from time to time by any Governmental Authority pertaining to, or in respect of the Fees paid by the Fintech’s/Startup to the Bank under these Developer T&Cs, and/ or any other amounts payable pursuant to these Developer T&Cs, and pay the same on demand by the Bank. The Parties would however bear their own income taxes.
14.14. Subcontractors: The Fintech’s/Startup agrees and confirms that the Bank may, for the performance of the Development Activities (or any part thereof), and its obligations under these Developer T&Cs utilize such third party subcontractor(s) as it may deem fit. The Fintech’s/Startup acknowledges that no contractual relationship will be formed between the Fintech’s/Startup and any such subcontractor. The Fintech’s/Startup shall not be entitled to appoint any sub-contractors, agents or representatives in relation to the performance by the Fintech’s/Startup of its obligations in terms of these Developer T&Cs.
14.15. Independent Rights: Each of the rights of the Bank hereto under these Developer T&Cs are independent, cumulative and without prejudice to all other rights available to them, and the exercise or non-exercise of any such rights shall not prejudice or constitute a waiver of any other right of the Bank, whether under these Developer T&Cs or otherwise.
14.16. Remedies: No remedy conferred by any of the provisions of these Developer T&Cs to the Bank is intended to be exclusive of any other remedy which is otherwise available at law, in equity, by statute or otherwise, and each and every other remedy shall be cumulative and shall be in addition to every other remedy given hereunder or now or hereafter existing at law, in equity, by statute or otherwise. The election of any one or more of such remedies by the Bank shall not constitute a waiver by the Bank of the right to pursue any other available remedies.
14.17. Consent to Specific Performance: The Fintech’s/Startup acknowledges that it is impossible to measure in money the damages that would be suffered by the Bank by reason of the failure of the Fintech’s/Startup to perform any of the obligations hereunder. Therefore, if the Bank institutes any action or proceeding to seek specific performance or enforcement of the provisions hereof, the Fintech’s/Startup hereby waives any claim or defence therein that the Fintech’s/Startup has an adequate remedy at law.
14.18. Assignment: The Fintech’s/Startup shall not be entitled to assign any right under these Developer T&Cs to any Person without the prior written consent of the Bank. The Bank shall be entitled to assign all or any of its rights and/or obligations under these Developer T&Cs to any Person without the prior written consent of the Fintech’s/Startup.
14.19. Notices: Unless otherwise provided herein, all notices or other communications to be given shall be made in writing by email at the respective addresses of the Parties set out below (or such other addresses as the Parties may notify to each other in writing from time to time). Any notice or other communication shall be deemed to be duly given or made when received by the recipient. The addresses referred to above are: (x) in relation to the Fintech’s/Startup, its email address as per the Bank’s records, and (y) in relation to the Bank, the official email address of the relationship manager of the Fintech’s/Startup at the Fintech’s/Startup’s home branch of the Bank.