Must each card transaction at an Even Hotels franchise comply with certain rules and laws?

• 3.1 Card Organization Rules. You must comply with the Card Organization Rules, including the Payment Card Industry Data Security Standard ("PCI DSS"), applicable to the Card types you accept. You are responsible for staying up to date with all changes to Card Organization Rules and maintaining compliance with Card Organization Rules. Card Organization Rules may be available on websites such as https://usa.visa.com, http://www.mastercard.com/us/merchant/support/rules.html, www.discovernetwork.com/en-us, and www.americanexpress.com/merchantopguide, as links and their content may change from time to time.
• 3.2 Applicable Law. Each party is responsible for determining all Applicable Law that is applicable to it and for complying with all such Applicable Law in connection with the Agreement.
• 3.4 Conflicts. For the avoidance of doubt, your use of the Services, the transactions you process, and all of your acts and omissions must comply with the Agreement, Applicable Law, and Card Organization Rules (including PCI DSS). If there is a conflict between Applicable Law, Card Organization Rules, and the Agreement, the conflict shall be governed in the following order of precedence: (1) Applicable Law; (2) Card Organization Rules; and (3) the Agreement.

4.6 Merchant Providers.

• (a) Data Security Requirements Apply to Merchant Providers. The data security standards set forth in this Section 4 also apply to Merchant Providers.

You are responsible for all our costs and expenses associated with our review, approval, certification (and recertification as may be required by us or the Card Organization Rules) and registration of any Merchant Providers.

Source: Item 23 — RECEIPTS (FDD pages 99–438)