Security

• We consider the security of txt2buy merchants and consumers to be our primary responsibility. Inherent to our operations and business approach is the need to provide a 100% secure, robust and reliable payment processing service. Upon registration consumers' payment details are broken down, encrypted (128bit SSL) and then transmitted to our payments partner; Realex Payments. www.realexpayments.co.uk

• Realex Payments; a global real time payment exchange are fully accredited with Level 1 PCI DSS by Visa and Mastercard. Their systems and security controls ensure the 100% confidentiality, authentication and integrity of all our information. www.pcisecuritystandards.org

• During registration, consumer payment information is transmitted via an IVR system into Realex’s payment gateway. All txt2buy suppliers are fully accredited with Level 1 PCI DSS by Visa and Mastercard.

• By only working with service providers who are fully accredited with Level 1 PCI DSS, txt2buy can ensure the processing of payments via SMS is totally secure and adheres to the highest industry security standards.

• Advertising featuring txt2buy calls-to-action must feature the following disclaimer "Standard network rates apply. For txt2buy and (merchant) T's & C's visit www.txt2buy.com/terms and www.merchant.com/terms. txt2buy is a free service, we never charge your phone bill to send or receive SMS."

Data

• txt2buy Limited is registered with the Information Commissioner in the UK as a "data controller" in accordance with the provisions of the Data Protection Act 1998 (Reg no. Z1883723). Further details of the registration are available at ico.gov.uk

• When a consumer purchases from a merchant through txt2buy, txt2buy will pass merchant consumer data including; title, first name, last name, delivery address, email address and mobile number. txt2buy grants the merchant a perpetual, non-exclusive, non-transferable licence to use the data for the purposes of:

• Fulfilling the sales of Products and/or Services;

• Sending marketing communications to those End Users who have consented to receive such communications; and

• Otherwise using the Data in accordance with and as permitted by txt2buy's Privacy Policy.

• Company acknowledges and agrees that it (and not txt2buy) will be entering into contracts with the applicable End Users for the sale of Products and/or Services purchased via the txt2buy Platform, and that it is responsible for complying with all Applicable Laws relating to the contracting process and the fulfilment of such contracts.

• If merchant wishes to send SMS marketing communication to its txt2buy members, txt2buy can only provide guarantee of adherence to requirements of the UK Data Protection Act 1998 and regulations under the EC Directive 2003 if communications are sent by txt2buy. Failure to do so may result in the Information Commissioner issuing fines to merchant.

• Merchant may instruct txt2buy to handle SMS communications with its existing non-txt2buy database. In this circumstance txt2buy will ensure requirements of UK Data protection Act 1998 and regulations under EC Directive have been considered.

• txt2buy members may receive marketing communications directly from txt2buy informing them of txt2buy services.

• txt2buy will not send marketing communications to its members on behalf of merchants they have not purchased from.