1 Introduction
1.1 Scope
The General Terms and Conditions of ISX (hereafter the Terms/these Terms) apply to
transactions
between Bálkar Miðlun ehf. (hereafter Bálkar Miðlun or ISX) and a customer. In addition to
these
Terms, contract provisions, terms and rules may apply to specific products or services
provided by
ISX. Such provisions shall take precedence over these Terms, in the case of any
discrepancies. ISX’s
terms are published on its website and are available in ISX branches.
1.2 Changes to these Terms
ISX may at any time alter these Terms unilaterally and without notice. Changes to the Terms
are
communicated to customers through messages sent via ISX or with a general notice on ISX’s
website or in another manner chosen by ISX.
Notices of amendments to such provisions of the Terms call attention to the fact that
customers
may notify ISX of the termination of the master contract before the changes enter into
effect. The
customer is considered to have approved changes unless he/she notifies ISX otherwise
before
the
date of entry into force. If a customer terminates a master agreement before the two
months’
notice is up yet continues to use the payment account in question or a payment
instrument
linked
to the account after the two months’ notice has lapsed, the customer is considered to
have
approved the changes.
1.3 About Bálkar Miðlun and ISX
Bálkar Miðlun provides individuals, corporations and investors with cryptocurrency services,
on its
website ISX, based on long term business relationships. ISX is licensed to operate as a
virtual
assets service provider and is subject to supervision by the Financial Supervisory Authority
of the
Central Bank of Iceland, Kalkofnsvegur 1, 101 Reykjavík (see the Financial Supervisory
Authority's
website, www.fme.is).
Bálkar Miðlun hf., Reg. No. 550819-1200, Dalsbyggð 23, 210 Garðabær,
Iceland
Tel. +354 620 3700. E-mail address: [email protected], Website: www.ISX.is.
2 General provisions on the business relationship
2.1 Processing of personal data
Bálkar Miðlun processes its customers’ personal data based on these Terms and, as the case
may
be, agreements, terms and conditions and rules applying to individual products or services
ISX may
provide to the customer. ISX processes and stores all information derived from or submitted
in
relation to any contracts between the customer and ISX. ISX may also process personal data
based
on the customer’s consent, law, administrative provisions or based on legitimate interest,
as
detailed in ISX Privacy Policy, published on ISX’s website. The processing of personal data
is
necessary for ISX to provide customers with financial services and for customers to
undertake
transactions with ISX, as well as to conclude or execute related contracts. See further
details in ISX
privacy policy.
2.2 Establishment of a business relationship
A customer establishes a business relationship with ISX through its website, its app or in a
ISX
branch. The customer must undergo due diligence upon the establishment of a business
relationship. Upon establishing a business relationship, a customer selects products and/or
services and gets access to ISX. ISX performs due diligence on new customers by requesting
verification of identity and information about them, cf. details in the chapter on Measures
against
money laundering and terrorist financing. A new business relationship must meet the
conditions
of these Terms and, as the case may be, agreements, terms and conditions or rules that apply
to
individual products and/or services. The customer attests, as the case may be, the
application,
agreement and/or terms in question in accordance with ISX’s requirements at each time. ISX
may,
without providing specific grounds, reject an application to establish a business
relationship
and/or for a product or service, if information is insufficient, the application does not
meet ISX’s
requirements or for other reasons, as determined by ISX.
2.3 Measures against money laundering and terrorist financing
ISX operates in accordance with the Act on Measures Against Money Laundering and Terrorist
Financing, as subsequently amended. ISX is required to perform due diligence on customers,
upon
the establishment of a business relationship, as part of regular control and/or for
individual
transactions. To perform due diligence, ISX calls for, among other details, personal
information
about a customer, including name, Id. No., legal domicile, job title/position, telephone
number,
email address, place of birth and nationality, in addition to financial information. Legal
entities
shall provide information about name, Reg. No., legal address, legal form, board of
directors,
executive board and person authorised to sign, as well as information about the beneficial
owners
of the legal entity and persons authorised to oblige the entity. ISX also gathers
information about
the origin of the funds customers intend to use in transactions with ISX, whether
transactions are
undertaken on behalf of a third party and information about the nature and purpose of the
intended business relationship and/or transaction.
As part of due diligence, the customer shall provide proof of identity by showing valid
identification issued or attested by a competent authority, e.g. a passport, driver's
licence,
Icelandic identity card or valid electronic ID. For underage customers, who do not have
own
personal identification, legal guardians can show their ID. If a business relationship
is
established
on behalf of a legal entity, trust fund or comparable party, all board members, managing
directors,
authorised signatories and beneficial owners must verify their identity by showing valid
identification. The same applies to all owners in a residents' association when
property
holdings in
multi-family dwellings number six or less. Legal entities prove their identity by
providing
a
certificate from the Enterprise Register of the Directorate of Internal Revenue
(Fyrirtækjaskrá
ríkisskattstjóra) or equivalent registry as proof of their registration. An assessment
shall
be made
on a case-by-case basis whether to request a copy of a company's Articles of
Association
and/or
audited annual financial statements.
ISX uses risk-based monitoring of contractual relationships with customers and gathers
updates to
information as and when necessary, at any time during a business relationship. Under certain
circumstances and in addition to the above, ISX is required to apply enhanced due diligence
in
certain sensitive cases. In such cases, ISX reserves the right to request additional
information,
including personal data, about the customer to carry out enhanced due diligence. If ISX
suspects
that the funds the customer intends to funnel into ISX’s systems are earnings from illegal
activity
and/or linked to terrorist financing, ISX reserves every right to halt requested
transactions without
any notice. If ISX has legitimate grounds or reason to suspect certain transactions of being
suspicious with regard to money laundering and/or terrorist financing, ISX is obliged to
report the
transaction to the relevant law enforcement authorities and provide all necessary
information in
connection with the case. Customers are obligated to inform ISX of any changes to the
details
submitted to ISX in relation due diligence.
2.4 Information provision
ISX sends messages to customer, information and notifications about ISX through ISX website
or
an app or via other communication channels determined by ISX at each time. ISX may also use
physical post/email in exceptional cases. ISX sends push notifications to the customer via
ISX or a
app. If the customer wishes to change his/her contact details, i.e. phone number or email
address,
he/she shall update this information on ISX, the app, with ISX’s Customer Service Centre or
at a
local branch.
To log in to ISX, the customer shall always do so through ISX’s website or open the app
through
means provided by ISX and identify/authenticate in a secure manner, in accordance with
ISX’s
requirements. The customer shall show enhanced precaution as regards false messages,
such as
text messages or emails that include links to purported log-in pages for ISX/the app,
which
the
customer may receive from a third party, for such purposes as gaining access to
personalised
security credentials and/or defraud the customer. ISX does not send customers messages
with
links to log in to ISX. ISX may send to customers messages that include links following
customers’
requests to access certain of ISX’s services. The message from ISX will refer to the
requested
service. If the customer receives a message that includes a link, without having
previously
requested a specific service from ISX, the message is fraudulent and the customer shall
not
click
on the link, reply to the message or authenticate him-/herself as the message requests.
2.5 Transactions
Bálkar Miðlun shall bear no responsibility for possible mistakes or negligence resulting
from its
customer’s choice of foreign business partners and their reliability. The same applies to
mistakes
or negligence on behalf of foreign financial undertakings. The customer is advised to
familiarise
him-/herself with the terms and conditions of the foreign financial undertaking, as well as
current
legislation and business conventions of the state in question. ISX’s exchange rates apply to
all
foreign currency transactions, unless expressly agreed otherwise. The nature of the
transaction
determines the rate used, be it spot rate, closing rate or a special rate determined by ISX.
Any risk
of resulting trading gains/losses shall be borne by the customer, unless otherwise expressly
agreed.
In these Terms, the section on payment accounts contains special provisions for payment
accounts
and foreign currency payments.
2.6 Tariff
The customer pays charges for ISX's products and services and other expenses linked to
services
rendered in accordance with ISX's tariff at each time. Should other terms or ISX's
agreements with
the customer provide for charging fees, those terms shall take precedence over ISX's
tariff. ISX is
authorised to debit fees and costs from the customer’s payment account with ISX and such
direct
debit shall appear on account statements. ISX may change its tariff without notice. ISX’s
tariff is
available on ISX’s website.
3 Online services
3.1 General information about ISX website
ISX is an Internet site customers log in to using verification/authentication approved by
ISX in
order to exchange, give payment orders or view account information, among other things. ISX
is
accessible from ISX’s website, through mobile and the app. In order to take advantage of ISX
services, the customer must have equipment that is linked to the Internet. ISX reserves the
right to
unilaterally determine what services and communication channels are offered via ISX, and to
alter
those services/communication channels. ISX services may vary according to whether the
customer
logs in through ISX’s website, mobile or the app. Bálkar Miðlun owns the software used on
ISX.
The customer is authorised to access and use it. The customer is completely prohibited from
making alterations or having alterations made to software connected with ISX.
Personalised security credentials are personalised components, such as PIN, passwords,
security
codes, unique identifier numbers/codes sent to the customer to confirm transactions,
approved
by ISX at each time for customer verification/authentication.
Verification/authentication is
a
method that allows ISX to verify the customer’s identity or confirm authority to use a
specific
payment instrument, including the use of personalised security credentials. Strong
verification is
verification based on two or more components classified as knowledge, possession and
inherence.
ISX reserves the right to amend its verification/authentication requirements without
notice.
Once
the customer has logged in to ISX, the customer is responsible for and obliged by all
actions
carried out on ISX. The same applies if a third party gains access to information about
access to ISX
or is able to access it in another manner. The customer is responsible for adequately
ensuring the
safety of personalised security credentials he/she uses for verification/authentication.
The
customer is prohibited from granting third parties access to his/her personalised
security
credentials and shall at all times ensure that no-one can get their hands on, see or
copy
the
customer’s personalised security credentials. The customer shall keep secret his/her
personalised
security credentials and all information relating to his/her verification/authentication
for
ISX and
information linked to payment instruments (such as payment card numbers) and is
responsible
for
ensuring that such information is neither divulged nor accessible to unauthorised
parties.
The
customer shall show enhanced precaution as regards false messages, such as text messages
or
emails that include links to purported log-in pages for ISX/the app, which the customer
may
receive from a third party, for such purposes as gaining access such information,
including
to
personalised security credentials and/or defraud the customer. Should the customer fail
to
safeguard personalised security credentials and other aforementioned information
securely or
in
accordance with the above, such as fail to show precaution with respect to false
messages
from a
third party, this shall constitute gross negligence by the customer. Should the customer
become
aware that an unauthorised party has attempted to gain or acquired knowledge of the
customer’s
personalised security credentials and other aforementioned information, the customer
shall
notify
ISX without delay and, as the case may be, alter his/her personalised security
credentials.
The
same applies if a customer becomes aware of loss, theft or misuse of a payment
instrument or
unauthorised use thereof. To ensure safety, the customer shall activate locking
mechanisms
on
the equipment he/she uses to log in to ISX. ISX shall not be responsible for the
customer’s
use of
ISX through the app, ISX’s website or mobile. ISX shall not be responsibility for
damages
caused by
use of ISX or the use of connections to ISX. Nor shall ISX bear responsibility for loss
the
customer
suffers as a result of a third party gaining access to personalised security
credentials,
access to
accounts on ISX/the app, e.g. through the aid of false messages, or access to
information
about a
payment instrument (such as payment card numbers). ISX shall not be liable for any
direct or
indirect damage which may be caused by the suspension of ISX, links or additions to ISX
without
prior notice, for instance, due to necessary maintenance actions, malfunction of
software or
hardware, system modifications, or other circumstances beyond its control. If the
customer
lends,
sells or authorises a third party to access a device on which the app has been
installed,
he/she is
obliged to log out of the app first. If the device has been tampered with in a manner
that
compromises its security in any way, for instance, with the installation of insecure
applications,
use of the app on that device is no longer secure and thus prohibited. The customer
shall
show
caution in the use of ISX. If the customer receives a unique identifier number/code from
ISX
for
the purpose of confirming an electronic transaction, the customer shall not confirm the
number/code without first verifying the validity of the payment (valid transaction).
Failure
by the
customer to uphold precautionary obligations in accordance with the above is considered
gross
negligence on behalf of the customer.
The customer shall notify ISX without delay if he/she becomes aware of misuse or
unauthorised
use of ISX. The customer shall not suffer the damages caused by use of ISX if ISX fails to
take
appropriate steps as provided for in the Act on Payment Services, due to notification
obligations
linked to payment instruments that have been lost, stolen or misused. ISX may, without prior
warning or notice, terminate the customer’s access to ISX or limit the customer’s access to
ISX in
part or in whole, temporarily or permanently, in the following instances: (a) if there is a
suspicion
of unauthorised or fraudulent use of ISX or services on ISX, (b) if there is a suspicion of
breaches of
ISX’s rules or terms and conditions, (c) if there is a suspicion that a third party may have
gained
access to the customer’s access information, with or without the customer’s consent, (d) due
to
file and system updates and changes or other technical or security reasons, or (e) if the
customer
enters into bankruptcy proceedings or the customer seeks composition, payment moratorium, or
if other similar conditions exist. The customer is notified as soon as practicable. If the
reasons for
termination are removed, ISX shall grant access again. ISX is authorised to terminate the
customer’s access to ISX if the customer’s account has been inactive over a 6-month
continuous
period or longer. Information about transactions, including the status of transaction
orders, may
be temporarily inaccessible in ISX due to a heavy load on the relevant computer and trading
systems. Certain services or actions in ISX might determine device location based on GPS
coordinates, network systems or phone company distribution systems, including information
about service points. Access to such services can be controlled through each devices’
settings. ISX
does not retrieve location information from the device without clear authorisation. ISX
shall not
be responsible for invoices that appear on the list of unpaid invoices and where ISX is not
the
invoicer. Any objections the customer may have to such invoices shall be directed at the
registered
invoicer.
4 Payment accounts
4.1 About payment accounts
The customer creates an account using ISX website or in a ISX branch. ISX is authorised to
reject
new accounts, for instance if information about the customer is insufficient, and will
notify of such
rejection as promptly as possible. Accounts may not be established on behalf of another
financially competent party unless the customer has granted power of attorney to the effect,
unless otherwise provided for by law. Upon establishing an account, the customer is obliged
to
provide proof of identity by showing valid identification, such as a passport, Icelandic
identity card,
driver’s licence, valid electronic ID, through verification/authentication upon logging in
to ISX or
other means of identification that meat with ISX’s requirements at each time. ISX reserves
the
right to amend its security requirements without notice.
Accounts are in Icelandic króna, unless otherwise expressly agreed. These Terms apply to
accounts
both in foreign currency, in ISK or virtual currencies.
Accounts can be indexed to a portfolio of currencies or virtual assets or traded accounts
that
Bálkar Miðlun manages. All assets that customers deposit into their ISX account become
assets of
Bálkar Miðlun. Bálkar Miðlun owns all assets on its bank accounts and virtual wallets.
Customers
have no direct claim to any bank deposits on Bálkar Miðlun bank accounts or virtual wallets
or
with other service providers that Bálkar Miðlun utilizes.
4.2 Passwords and access to accounts
The customer holder chooses a password accompanied with an e-mail to use for authentication
and confirmation of payments in communication with ISX. The customer agrees not to divulge
the
password to unauthorised parties. Unauthorised parties here refers to parties who are not
authorised to issue payment orders for the customer's account in accordance with these
Terms.
Should the customer have reason to believe that an unauthorised party may have become aware
of the password, the customer agrees to change the password immediately and notify Bálkar
Miðlun without delay. The customer is responsible for all payments and actions carried out
using
his/her password or other personalised security credentials.
4.3 Deposits and withdrawals
When the customer gives trading or payment order, he/she shall verify his/her identity or
provide
other adequate means of authentication, such as the account's password, by showing
personal
identification or other means that satisfy ISX’s requirements. The above applies whether or
not
the action is carried out by way of a payment instrument or not.
ISX will process trading or withdrawal requests on its website, given that it is not in
maintenance
mode or trading has been halted for other reasons. Deposits in Icelandic króna or other
currencies
will be processed on opening hours of Icelandic banks on bank days. Withdrawals of
Icelandic
króna and other currencies will be processed twice a day on banking days, after 8
o’clock am
and
after 8 o’clock pm, GMT. Deposits and withdrawals of virtual assets will be processed as
soon as
relevant blockchains show that payments are fully confirmed or ISX wallets or wallet
providers are
operational and relevant blockchains are operating normally.
ISX may delay, halt and/or refuse to execute payment orders, initiated by either payor or
recipient,
if the conditions of law, these Terms, other terms and conditions or ISX’s rules have not
been met,
e.g. of the balance on the account is insufficient, if withdrawals have been suspended for
other
reasons, for security reasons, if there is considered to be a risk of misuse or fraud, due
to
significantly heightened risk of the payor being able to make payment, if there is doubt
concerning
the payor’s authority to utilise the account or for regular monitoring of payments that
involves
gathering information about the connection between payor and recipient, origin of funds,
purpose
of a transaction, etc. ISX uses foreign intermediaries to send and receive international
payments
on behalf of customers. For that reason, ISX may request details about payments and share
that
information with foreign intermediaries.
The customer will be notified of Bálkar Miðlun's decision to reject payment orders,
unless
otherwise indicated by law. If the customer is the cause of ISX's decision to reject
payment orders,
a fee may be charged for written notification. If payment orders are rejected by ISX,
this
is
equivalent to such orders not having been received at all. Notwithstanding the above,
ISX
may
postpone carrying out payment orders until sufficient funds are available on the
customer's
account, including funds to cover fees and other expenses. ISX may attempt to debit the
payment
from the customer's account to satisfy payment following reception of payment orders
and
until
the orders have been carried out. If Bálkar Miðlun receives multiple payment orders the
same
day,
ISX is not responsible for the order in which the instructions are carried out or which
payments are
not carried out due to insufficient account balance.
A priori received payment orders will be carried out despite latterly occurring events
that
would
have prevented their issuance, such as the revocation of power of attorney or death of
the
customer. The customer may only recall or halt payment orders if the relevant provisions
of
the
Act on Payment Services have been met and provided the customer is a consumer. ISX may
demand a fee for recalled payment orders. A priori received payment orders will not be
carried
out after the termination of an account. ISX is responsible for the payment being
carried
out in
accordance with law until the recipient ISX has received the payment. After that time,
the
recipient ISX is responsible for the handling of the payment. The customer is
responsible
for
ensuring the accuracy of payment instructions. ISX is not responsible for the customer's
mistakes,
inter alia, the customer entering erroneous identification for the recipient. Such
mistakes
cannot
be corrected one-sidedly by ISX without the approval of the recipient of the payment. If
a
customer can provide evidence to show that the amount of a payment, authorised by the
customer and initiated by the recipient, was not specified in the issued authorisation
and
that the
customer's account was debited for a higher amount than he/she could reasonably
expect
based
on his/her spending patterns, these Terms and other circumstances of the case, the
customer
shall
notify ISX and request refund within eight weeks of funds being debited from his/her
account.
These conditions being met, ISX shall refund the customer such payments within 10
bankdays
of
receiving notice to the effect from the customer. Otherwise ISX will refuse repayment.
The
above
does not apply when a customer, who is not a consumer as defined by the Act on Payment
Services as subsequently amended, orally consents to a third party withdrawing funds
from
his/her account. In such cases, the customer is not entitled to a refund once he/she has
directly
authorised ISX to carry out payment and, if appropriate, ISX or the recipient provided a
priori
information about payments or transmitted such information to the payor at least four
weeks
prior to the date of payment. If payment orders have been revoked, Bálkar Miðlun is
neither
responsible for paying interest nor other fees levied on overdue payments.
Payment services may be subject to limitations provided for in the Act on Foreign Exchange
at
each time and rules based on the Act. If regular payments have been agreed upon, the notice
of
termination shall factor in collection of payments following termination of a contract. ISX
is
authorised to charge a fee on transfers from the payment account. ISX may also charge a fee
for
assistance granted in recovering mistakenly paid funds, e.g. due to erroneous information
about
the recipient of payment issued along with instructions for payment. Fees are in accordance
with
ISX’s tariff of charges at each time.
4.4 Information about an account and its use
Messages, information and notices about accounts, such as about changes to terms and
conditions and costs, are communicated to customers via ISX’s website or the app or another
manner chosen by ISX. ISX may also use mail in exceptional cases.
4.5 Closing of accounts and other services
A customer wishing to close an account may submit a written request to ISX, request it
verbally
over the phone or, as the case may be, close the account independently in self-service.
Should the
customer terminate these Terms, ISX reserves the right to terminate accounts and other
services,
including ISX, in part or in full, at its own initiative and without first informing the
customer. The
same applies if a customer is demonstrated to have committed an offence against law, ISX's
rules,
its terms and conditions or other rules applying to the customer’s business with ISX, if the
customer or a third party is demonstrated to have misused an account, the customer fails to
comply with ISX’s request to update or submit information during regular monitoring of money
laundering and terrorist financing, if transactions are considered by ISX to constitute a
risk of
fraud, money laundering and terrorist financing or if the business relationship might damage
ISX’s
reputation or does not confirm to ISX’s risk policy, in its estimation.
In such cases, ISX may deposit the balance of accounts to an account held by ISX. ISX
further
reserves the right to close an account that has been inactive for a period of 2 years or
longer,
following a notice to the effect to the customer, and deposit the balance to another
account
held
by the customer or, if the customer does not own a second account, to an account held by
ISX.
Any fees or costs owed ISX by the customer for services rendered when an account is
closed
in
accordance with the above, may be debited from the customer's account prior to its
closing. In the
case of any negative balance on the customer’s account upon closing, e.g. charged fees,
ISX
reserves the right to enforce the claim through collection. The customer will be
notified of
the
closing of the account as promptly as possible.
5 Final provisions
Unless otherwise specified by statute, contractual provisions, these Terms, other terms and
conditions, ISX’s rules or according to the nature of the matter, ISX and the customers may
end
their mutual business relationship at any time without notice. ISX may terminate a framework
agreement with two months’ notice, in accordance with these Terms. The customer shall notify
ISX in writing of his/her decision to end the business relationship with ISX or revocation
of
authority to process personal data. ISX reserves the right to end a business relationship,
in full or
in part, of its own initiative with a unilateral notice to the customer if the customer is
demonstrated to have committed an offence against law, ISX's rules, its terms and
conditions or
other rules applying to his/her business with ISX, if the customer or a third party is
demonstrated
to have misused the business relationship, if transactions are considered by ISX to
constitute a risk
of money laundering or terrorist financing, if the business relationship might damage ISX’s
reputation, or does not confirm to ISX’s risk policy, in its estimation.
If communications leading up to and the establishment of this Terms are solely
telecommunications, the Terms shall be considered a distance contract as provided for in
Act
No.
33/2005, on Distance Sales of Financial Services. If the customer is a consumer he/she
has
the
right, having regard for the limitations set out in the Act on Distance Selling of
Financial
Services,
to abandon the Terms if they constitute a distance contract as defined in the
aforementioned
Act
without specifying a reason, provided he/she verifiably notifies ISX thereof within 14
days
of
approving the Terms.
Any dispute which may arise as a result of these Terms and Conditions may be brought before
the
Reykjavík District Court. All disputes concerning business with ISX shall be resolved in
accordance
with Icelandic law, unless otherwise agreed.
ISX shall not be responsible for any direct or indirect loss which a customer may incur
in
connection with these Terms or transactions concluded on their basis if such loss can be
attributed
to events resulting from force majeure, such as natural catastrophes, wars, terrorist
activity,
epidemics, strikes, border closures, electricity disruption or failure, disruption of a
settlement
system, disruption of blockchains, telephone system or other communication routes, or
other
similar events. Nor shall Bálkar Miðlun be responsible for any inconvenience, expense,
missed
investment opportunities or other direct or indirect financial loss resulting from the
closure,
failure, interruption or other disruption of ISX’s activities.
These Terms are originally published in Icelandic. The Icelandic language version shall be
the sole
valid version of these Terms and Conditions, regardless of whether ISX chooses to publish
the
Terms in another language. Icelandic law shall apply to these Terms.