PCI DSS audit. If PayPal so requests, you agree that a Qualified Security Assessor may conduct a security audit of your systems, controls and facilities and issue a report to PayPal and the Associations. You agree to cooperate fully in the conduct of this audit, and to provide any information and access to your systems required by the auditor for the performance of the audit. You also agree to bear the reasonable expenses of this audit. If you fail to initiate such an audit after PayPal requests you to do so, you authorise PayPal to take such action at the Merchant’s expense, or PayPal may immediately suspend your use of your Product. You will receive a copy of the audit report, and PayPal must also receive a copy and provide a copy to any Acquiring Institution or Card Association that requests a copy. This Data Protection Schedule applies only to the extent that PayPal acts as a processor or Sub-processor to Merchant. Capitalized terms used but not defined in this Schedule shall have the meaning set out in the Agreement.
Appears in 2 contracts
Sources: Paypal Website Payments Pro and Virtual Terminal Agreement, Paypal Hosted Solution and Eterminal Agreement