Terms of Service

eCard Systems makes every effort to catch artwork errors prior to production but cannot be responsible for proofs approved for production that contain errors. The design will be printed as it appears in the proof provided. It is the sole responsibility of the customer to ensure that all materials submitted for printing are correct.

Printing errors attributed to the customer are not subject to free reprint. Depending on size of order, customer may correct the problem and reprint the order at up to 50% of the cost of the original order. Reprint cost will be quoted on a case by case basis. Material errors caused by eCard Systems will be reprinted and shipped free of charge.

eCard Systems accepts no liability for materials submitted by customer that are subject to copyright or trademark protections or that are otherwise in violation of the law. eCard Systems will not be held accountable for possession of such materials or illegal use of materials in connection with www.ecardsystems.com. Violation of these terms of service will indemnify eCard Systems against any legal action.

eCard Systems guarantees your finished product will not be defective in accordance with industry standards. If a product is found to be defective, then you may contact eCard Systems for a reprint or a refund. eCard Systems must be contacted via e-mail at [email protected] or by phone at 866-776-7409 within 15 days of receiving your order. If the product is deemed defective, one of the following resolutions will be offered: 1) eCard Systems will reprint with the same production and delivery terms extending from the time of resolution. 2) eCard Systems will authorize an RMA (Return Merchandise Authorization) for you. A representative will contact you within one business day of your initial query to help with your return. The package must be received by eCard Systems within 30 days of return authorization. Refunds will be processed only after the product has been returned to eCard Systems, after which fund transaction will take place within five business days.

In most cases, eCard Systems provides 15 business day plastic card production (from date of proof approval) not including shipping time.

Refused or undeliverable orders are not a valid reason for reprint or refund and reshipment of the order will be at the customer’s expense.

eCard Systems does not guarantee delivery times for basic ground shipping. Depending on the shipping destination, ground delivery ranges from 2 to 6 days. Buyer assumes full risk of possible delivery delays.

As it is outside of our direct control, eCard Systems makes no guarantee about time in transit of any shipping methods. In the event an order is lost or misplaced while in transit, a notification of no receipt must be sent via e-mail to [email protected] and include complete contact information for reply. eCard Systems is allowed 5 business days from the time of notification to respond with one of the resolutions below. 1) eCard Systems will reprint with the same production and delivery terms extending from the time of resolution. This occurs when lost packages cannot be found. 2) eCard Systems will redirect the lost order with the same delivery terms extending from the time of resolution. Packages located by shipper will be rerouted to the customer promptly upon discovery. Shipper requires a 10 business day window for refund of shipping costs.

Packages shipped outside of the United States may be charged a duty based on the receiving country’s import tax. eCard Systems is not responsible for the payment of this fee.

ECARD SYSTEMS ASSUMES NO LIABILITY WHATSOEVER TO CUSTOMERS FOR ANY LOST BUSINESS OR OTHER DAMAGES, REAL OR CONSTRUCTIVE, WHETHER ARISING FROM PRODUCTION ERRORS OR SHIPMENT AND DELIVERY DELAYS. ECARD SYSTEMS LIABILITY SHALL NOT IN ANY CASE EXCEED THE REPLACEMENT COST OF PRODUCTS DEEMED DEFECTIVE.

Card Processing Terms of Service

(For those using the eCard gift card / store value program)

This CARD PROCESSING Terms of Service (is entered into between eCard Systems LLC, a Delaware corporation (“ECS”) and the merchant (“Merchant”).

I. SERVICES

1.1 Services to be provided by ECS or its affiliates and other third party providers.

Subject to the terms and conditions set forth in this Agreement, ECS shall provide for the electronic processing of Gift Card, Prepaid Card and other related cards offered by ECS (collectively, a “Card”) for purchases and other transactions made by customers of Merchant who hold approved Cards (“Approved Cards”). ECS shall electronically verify that an Approved Card, when swiped, scanned or key-entered through a certified point of sale device at a participating Merchant location, is a valid account on the ECS data processing system (“Card System”) and complete the processing of the requested transaction according to the requirements of the card program associated with the Approved Card. The services to be rendered by ECS in accordance with this Section 1.1 are referred to hereafter as the “Services.”

1.2 Duties to be performed by Merchant.

The Merchant agrees to: (a) provide ECS with all information and data reasonably required by ECS to perform the Services; (b) maintain all ECS-related transaction records and other records required by law or regulation; (c) obtain, operate and maintain at its own expense the electronic point of sale equipment; (d) be responsible for the accuracy and adequacy of all data transmitted by it or on its behalf for processing by or storage of information on the Card System (e) comply with all federal, state and local laws and regulations relating to this Agreement, including consumer protection, financial transaction and escheatment laws and acknowledges that ECS is not responsible for Merchant’s compliance with said laws and agrees to wholly indemnify ECS for all related liabilities.

II. SYSTEM ACCESS

2.1 The Merchant acknowledges that in the event the Card System is not accessible by Merchant due to mechanical failure or other outage, ECS will not process transactions or provide account data during that time. Merchant agrees that ECS shall not be responsible for lost profits or sales due to the malfunction of the Card System. Merchant agrees that it will be solely responsible for any transactions that are authorized by the Merchant and will wholly indemnify and hold harmless ECS from and against any and all damage, loss, liability, consequential damage, expense, claim or obligation arising in connection therewith.

III. INDEMNIFICATION, LIMITATION OF LIABILITY

3.1 Indemnification.

ECS and Merchant agree that they shall each indemnify and hold harmless the other party and its officers, directors and shareholders, from any and all loss, cost, expense, claim, damage and liability (including attorney’s fees and court costs) paid or incurred by any one or more of them, to the extent it arises from, is caused by, or is attributable to (i) the failure by such party or its representatives to abide by the provisions of this Agreement; (ii) the violation by such party or its representatives, of any applicable laws, regulation or court order relating to this Agreement; or (iii) gross negligence or willful misconduct.

3.2 Limitation of Liability.

NEITHER ECS NOR MERCHANT’S CUMULATIVE LIABILITY FOR ALL LOSSES, CLAIMS, SUITS, BREACHES, OR DAMAGES FOR ANY CAUSE WHATSOEVER AND REGARDLESS OF THIS FORM OF ACTION OR LEGAL THEORY, SHALL EXCEED THE AMOUNT OF FEES AND CHARGES INCURRED BY MERCHANT TO ECS PURSUANT TO THIS AGREEMENT FOR SERVICES PERFORMED IN THE IMMEDIATELY PRECEDING 3 MONTHS. ECARD SYSTEMS ASSUMES NO LIABILITY WHATSOEVER TO MERCHANTS FOR ANY LOST BUSINESS OR OTHER DAMAGES, REAL OR CONSTRUCTIVE, INCLUDING INDIRECT DAMAGES.

IV. Security

4.1. Security Incident Response and Breach Notification

Security Incident Response 

eCard Systems maintains a comprehensive security incident response program to protect customer data and systems. In the event of a security incident that may affect customer data or services:

Incident Response Process:

• eCard Systems will investigate and respond to security incidents promptly upon discovery
• We maintain documented incident response procedures and a designated security response team
• All security incidents are logged, tracked, and reviewed for process improvements

Customer Notification:

• For incidents involving unauthorized access to or disclosure of personal information, we will notify affected customers within 72 hours of confirming the incident
• Notifications will include: nature of the incident, types of information involved, steps we are taking to address the incident, and recommended actions for customers
• Customers will be notified via email to their primary contact address on file

Regulatory Notifications:

• We will comply with all applicable breach notification laws and regulations
• Law enforcement and regulatory authorities will be notified as required by applicable law

Contact for Security Incidents:

• Email: [email protected]
• Phone: 866-776-7409 Ext. 4357
• Emergency after-hours incidents: 866-776-7409 Ext. 1172.

4.2. Confidentiality Protection Standards

Information Classification

eCard Systems classifies information based on sensitivity levels:

Confidential Information includes:

• Customer proprietary business information
• Non-public financial data
• Trade secrets and proprietary processes
• Information marked as confidential by customers
• Payment card information beyond what’s necessary for transaction processing

Confidentiality Controls:

• Access to confidential information is restricted on a need-to-know basis
• All employees with access to confidential information sign confidentiality agreements
• Confidential information is encrypted both in transit and at rest using industry-standard encryption
• We maintain audit logs of access to confidential information systems

Third-Party Confidentiality:

• All vendors and service providers with potential access to confidential information execute confidentiality agreements
• We conduct security assessments of third parties before granting access to confidential systems
• Confidential information sharing is limited to the minimum necessary for business purposes

Retention and Disposal:

• Confidential information is retained only as long as necessary for business purposes or legal requirements
• Secure disposal procedures ensure confidential information cannot be recovered after deletion
• Physical media containing confidential information is destroyed using certified destruction services

4.3. Data Processing Integrity Standards

Data Accuracy and Validation

eCard Systems maintains rigorous standards for data processing accuracy:

Input Validation:

• All data inputs are validated for accuracy, completeness, and authorization before processing
• Automated validation checks prevent processing of incomplete or invalid data
• Manual review processes are in place for exception handling

Processing Controls:

• All data processing activities are logged and monitored for accuracy
• Regular reconciliation procedures verify processing integrity
• Automated monitoring systems alert staff to processing anomalies or errors

Error Detection and Correction:

• We maintain documented procedures for identifying and correcting data processing errors
• Errors are tracked, investigated, and resolved within defined timeframes
• Root cause analysis is performed for significant processing errors to prevent recurrence

Output Verification:

• Processed outputs are verified for accuracy before delivery to customers
• Regular quality assurance reviews ensure processing meets specifications
• Customer feedback mechanisms allow for rapid identification and resolution of processing issues

Change Management:

• All changes to data processing systems undergo testing and approval before implementation
• Processing system changes are documented and communicated to affected stakeholders
• Rollback procedures are maintained for critical processing systems

4.4. System Availability and Business Continuity

Service Availability Commitments

eCard Systems is committed to maintaining high availability of our systems and services:

Availability Standards:

• We target 99.5% uptime for our primary card processing and ordering systems during business hours (Monday-Friday, 8 AM – 6 PM CT)
• Planned maintenance is scheduled during off-peak hours with advance customer notification
• We maintain redundant systems and failover capabilities for critical operations

Monitoring and Maintenance:

• 24/7 system monitoring with automated alerting for service disruptions
• Regular preventive maintenance to ensure optimal system performance
• Capacity planning and scaling to meet customer demand

Business Continuity Planning:

• Comprehensive disaster recovery procedures are maintained and tested regularly
• Critical business functions can be restored within 24 hours of a major system failure
• Backup systems and data recovery procedures are tested quarterly
• Alternative processing arrangements are maintained for extended outages

Customer Communication:

• Service status updates are provided via our website and email notifications
• Planned maintenance windows are communicated with at least 48 hours advance notice
• During service disruptions, status updates are provided every 2 hours until resolution

Performance Standards:

• Order processing systems maintain response times of less than 3 seconds for standard transactions
• Customer service response times: Email inquiries within 24 hours, phone calls answered within 3 minutes during business hours
• Production timeframes are maintained as specified in our service agreements

4.5. Vendor and Third-Party Risk Management

Third-Party Security Requirements

eCard Systems maintains strict standards for vendors and service providers:

Vendor Assessment:

• All vendors with access to customer data or critical systems undergo security assessments
• Annual security reviews are conducted for critical vendors
• Vendors must maintain appropriate security certifications (SOC 2, ISO 27001, or equivalent)

Contractual Requirements:

• All vendor agreements include specific security and confidentiality requirements
• Vendors must notify us of security incidents within 24 hours
• Right to audit vendor security practices is maintained in all critical vendor contracts

Ongoing Monitoring:

• Regular reviews of vendor security posture and compliance status

• Incident reporting and remediation tracking for vendor-related security issues

• Termination procedures for vendors who fail to meet security requirements

4.6. Compliance Monitoring and Reporting

Ongoing Compliance Assurance

eCard Systems maintains continuous monitoring of our SOC 2 compliance:

Internal Monitoring:

• Regular internal audits of security controls and procedures

• Quarterly compliance reviews with management

• Employee training and awareness programs on security and privacy requirements

External Validation:

• Annual SOC 2 Type II audits by independent certified public accountants
• Penetration testing and vulnerability assessments conducted semi-annually
• Third-party security assessments as needed

Documentation and Evidence:

• Comprehensive documentation of all security policies and procedures
• Audit trail maintenance for all system access and data processing activities
• Regular backup and testing of audit logs and compliance evidence

Continuous Improvement:

• Regular review and updates of security policies based on threat landscape changes
• Implementation of security enhancements based on audit findings
• Customer feedback integration into security program improvements

V. Entire Agreement

This Agreement contains the entire agreement of the parties.  It supersedes any and all other agreements, either oral or in writing, between the parties hereto with respect to the subject matter herein.  Each party to this Agreement acknowledges that no representations, inducements, promises, or agreements, oral or otherwise, have been made by any party, or anyone acting on behalf of any party, which are not embodied herein, and that no other agreement, statement, or promise not contained in this Agreement shall be valid or binding.