PCI Addendum to Service Agreement between Dave Operating LLC and Galileo Financial Technologies, LLC
This addendum, effective October 12, 2022, modifies the existing Service Agreement between Dave Operating LLC and Galileo Financial Technologies, LLC. It allows Dave to receive sensitive payment card data from Galileo, subject to strict security standards (PCI DSS). Dave must ensure compliance through third-party audits, secure the data, and promptly delete it when no longer needed. Dave is responsible for any breaches and must indemnify Galileo, with liability limits except in cases of willful misconduct or fraud. The addendum is governed by Utah law and does not alter other terms of the original agreement.
Exhibit 10.8
CERTAIN INFORMATION IN THIS DOCUMENT, MARKED BY [**], HAS BEEN EXCLUDED PURSUANT TO REGULATION S-K, ITEM 601(B)(10)(iv). SUCH EXCLUDED INFORMATION IS NOT MATERIAL AND IS THE TYPE THAT THE REGISTRANT TREATS AS PRIVATE OR CONFIDENTIAL.
Execution Copy
PCI ADDENDUM TO SERVICE AGREEMENT
THIS PCI ADDENDUM TO SERVICE AGREEMENT (the “Addendum”) is entered into as of 10/12/2022 (the “Effective Date”), by and between Dave Operating LLC, f.k.a. Dave, Inc. (“Customer”), a Delaware corporation with a principal business address of 1265 S. Cochran Avenue, Los Angeles, California 90292, and Galileo Financial Technologies, LLC (Galileo”), a Delaware limited liability company with a principal business address of 9800 South Monroe Street, 7th Floor, Sandy, Utah 84070 as an Addendum to that certain Service Agreement (the “Agreement”) between Galileo and Customer dated March 18, 2020. Capitalized terms used herein but not defined have the meanings given to them in the Agreement.
Whereas, the parties wish to amend the Agreement, and as such this Addendum is being entered into for the purpose of modifying the Agreement in the manner and to the extent set forth herein; and
Whereas, Customer wishes to receive from Galileo certain sensitive data, including but not limited PAN, CVV, and expiration date (“Data”), subject to the Payment Card Industry Data Security Standard (“PCI DSS”) promulgated by the PCI Security Standards Council;
The parties agree as follows:
Agreement
[**] in the aggregate.
[Remainder of Page Intentionally Left Blank]
IN WITNESS WHEREOF, this Addendum is executed effective as of the Effective Date.
Dave Operating LLC: Galileo Financial Technologies, LLC:
By: /s/ Kyle Beilman By: /s/ William Kennedy
Name: Kyle Beilman Name: William Kennedy
Title: Chief Financial Officer Title: Chief Financial Officer