Zuato's Terms of Service

1. Introduction

These Terms of Service ("Agreement" or "Terms") constitute a legally binding contract between your business entity ("Merchant," "you," or "your") and Zuato Financial Services ("Zuato," "Company," "we," "us," or "our"), a licensed payment acquirer operating in the United Arab Emirates.

This Agreement governs your access to and use of Zuato's payment processing services, including but not limited to payment gateway services, point-of-sale solutions, settlement services, merchant wallet, API integrations, and all related products and services (collectively, the "Services").

1.1 Agreement Structure

This Agreement consists of:

• General Terms: Applicable to all Services and all Merchants
• Service-Specific Terms: Additional terms applicable to specific Services you elect to use
• Merchant Application: Your completed application and onboarding documentation
• Fee Schedule: The pricing and fees applicable to your account
• Policies: Our Privacy Policy, Acceptable Use Policy, and other policies incorporated by reference

1.2 Modifications to Terms

We reserve the right to modify these Terms at any time. We will provide notice of material changes by:

• Posting the updated Terms on our website
• Sending notification to your registered email address
• Displaying a notice in your merchant dashboard

Your continued use of the Services after the effective date of any modifications constitutes your acceptance of the modified Terms. If you do not agree to the modified Terms, you must discontinue use of the Services.

2. Definitions

The following terms shall have the meanings set forth below throughout this Agreement:

3. Eligibility & Registration

3.1 Eligibility Requirements

To be eligible to use our Services, you must:

• Be a legally registered business entity or licensed sole proprietor
• Be at least 18 years of age (or the age of majority in your jurisdiction)
• Have authority to bind your business to this Agreement
• Maintain a valid business bank account in your business name
• Not be located in, or a national of, a sanctioned country or territory
• Not be on any government prohibited or restricted party list
• Operate a legitimate business that complies with all applicable laws

3.2 Registration Process

To register for our Services, you must complete our merchant application and provide accurate information including:

• Legal business name and trade name (if different)
• Business registration/license documents
• Business address and contact information
• Beneficial ownership information (owners with 25% or more ownership)
• Bank account details for settlements
• Tax identification numbers
• Valid government-issued identification for authorized signatories
• Business description and website URL (if applicable)
• Estimated transaction volumes and average ticket size

3.3 Verification and Approval

We reserve the right to verify all information provided and may request additional documentation. Account approval is at our sole discretion. We may:

• Conduct background checks on your business and principals
• Verify your bank account ownership
• Review your website and business practices
• Request financial statements or other documentation
• Set transaction limits or reserve requirements based on risk assessment

3.4 Ongoing Obligations

You must promptly notify us of any changes to the information provided during registration, including:

• Changes to business ownership or control
• Changes to business name, address, or contact information
• Changes to bank account details
• Material changes to your business model or products/services
• Any legal actions, investigations, or regulatory inquiries

4. Payment Gateway Service

4.1 Service Description

The Payment Gateway Service includes:

• Secure payment page (hosted or embedded)
• Real-time transaction authorization and processing
• Support for Visa, Mastercard, American Express, and other major cards
• Digital wallet integration (Apple Pay, Google Pay, Samsung Pay)
• 3D Secure authentication (Verified by Visa, Mastercard SecureCode)
• Tokenization of payment credentials
• Fraud detection and prevention tools
• Transaction reporting and analytics

4.2 Integration Requirements

When integrating the Payment Gateway, you must:

• Use only the integration methods documented in our developer portal
• Implement 3D Secure for all applicable transactions
• Ensure your website uses HTTPS encryption
• Display required card network logos and security badges
• Test integrations in our sandbox environment before going live
• Maintain PCI DSS compliance appropriate to your integration method

4.3 Transaction Processing

You acknowledge that:

• Authorization does not guarantee settlement; transactions may be subject to review
• We may decline transactions based on fraud risk assessment
• You are responsible for ensuring customer consent for transactions
• Refunds must be processed through our system, not as new transactions
• You must retain transaction records for at least seven (7) years

4.4 Prohibited Transaction Types

You may not use the Payment Gateway to process:

• Transactions without cardholder authorization
• Split transactions to circumvent authorization limits
• Cash advances or quasi-cash transactions
• Transactions for goods/services already paid for
• Any transactions prohibited under Section 16 of this Agreement

5. Mini POS Service

5.1 Service Description

The Mini POS Service includes:

• Portable payment terminal with built-in connectivity
• Support for chip (EMV), contactless (NFC), and magnetic stripe transactions
• Digital receipt delivery via SMS or email
• Real-time transaction sync with merchant dashboard
• Battery-powered operation for mobile use
• Tip functionality (if enabled)

5.2 Equipment Terms

Regarding the Mini POS equipment:

• Ownership: Equipment may be purchased or leased according to your agreement
• Maintenance: You are responsible for proper care and maintenance
• Damage: You are liable for damage beyond normal wear and tear
• Return: Leased equipment must be returned upon termination
• Updates: You must accept software updates when prompted
• Security: You must secure the device and not share access credentials

5.3 Operational Requirements

• Verify cardholder identity for high-value transactions
• Ensure the device is charged before conducting transactions
• Process transactions only in the presence of the cardholder
• Report lost or stolen devices immediately
• Do not attempt to modify, tamper with, or disassemble the device

6. ePOS Solution (Soft POS)

6.1 Service Description

The ePOS (Soft POS) Solution enables:

• Contactless (NFC) payment acceptance on compatible devices
• PIN entry on device screen for applicable transactions
• Integration with your existing business applications
• Real-time transaction processing and reporting
• Digital receipts via email or SMS
• Multi-user support with individual operator accounts

6.2 Device Requirements

To use the ePOS Solution, your device must:

• Meet minimum hardware specifications as published in our documentation
• Have NFC capability enabled
• Run a supported operating system version
• Not be rooted, jailbroken, or modified
• Have active internet connectivity (cellular or WiFi)
• Pass our security attestation checks

6.3 Security Requirements

You agree to:

• Maintain device security with screen lock and encryption enabled
• Install only applications from official app stores
• Keep the operating system and ePOS application updated
• Not share device access with unauthorized users
• Report any security incidents or suspicious activity immediately
• Comply with all PCI Software-based PIN Entry on COTS (SPoC) requirements

7. POS Machine Service

7.1 Service Description

The POS Machine Service provides:

• Enterprise-grade countertop or integrated payment terminals
• Full EMV chip, contactless, and magnetic stripe support
• PIN pad with secure PIN entry
• Built-in or external printer for receipts
• Integration with major POS/ECR systems
• Multi-merchant and multi-location capabilities
• Advanced reporting and reconciliation tools
• 24/7 technical support

7.2 Equipment Agreement

The following terms apply to POS Machine equipment:

• Installation: We will arrange professional installation at your location
• Training: Basic operator training is included with installation
• Warranty: Hardware is covered by manufacturer warranty for the specified period
• Maintenance: You must maintain the equipment in good working condition
• Repairs: Contact our support for repairs; unauthorized repairs void warranty
• Replacement: Malfunctioning equipment will be replaced subject to warranty terms

7.3 Location Requirements

For each POS Machine location, you must:

• Provide a safe, secure environment for the equipment
• Ensure adequate power supply and connectivity
• Allow Zuato personnel access for installation and maintenance
• Notify us of any location changes in advance
• Not relocate equipment without prior authorization

7.4 Terminal Security

• Inspect terminals regularly for tampering or skimming devices
• Secure terminals when unattended
• Never store or record PIN numbers
• Report any suspected tampering immediately
• Follow all PCI PTS requirements for terminal security

8. Settlement Routing Service

8.1 Service Description

The Settlement Routing Service enables:

• Automatic splitting of transaction proceeds among multiple recipients
• Percentage-based or fixed amount splits
• Multi-tier routing for complex distribution requirements
• Real-time split calculation at transaction time
• Separate settlement reporting for each recipient
• Platform fee retention before distribution

8.2 Configuration Requirements

To use Settlement Routing, you must:

• Define split rules through the dashboard or API
• Provide valid bank account details for all recipients
• Ensure total split percentages equal 100% or specify remainder handling
• Maintain sufficient balance for fixed-amount splits
• Obtain necessary agreements with all parties receiving splits

8.3 Recipient Obligations

For each settlement recipient:

• You must have a valid contractual relationship with each recipient
• Recipients must comply with applicable KYC/AML requirements
• You are responsible for tax reporting related to payments made
• Recipients must have verified bank accounts in their legal name

8.4 Liability

You acknowledge that:

• We are not responsible for disputes between you and split recipients
• Chargebacks may be recovered from the primary merchant account
• We may suspend splits if recipient accounts have compliance issues
• Split configurations are your responsibility; we are not liable for misconfiguration

9. HTML Button Service

9.1 Service Description

The HTML Button Service provides:

• Pre-built payment buttons generated through our dashboard
• Customizable button styles and branding options
• Fixed amount or variable amount payment options
• Hosted payment page for secure checkout
• Email notifications for completed payments
• Basic webhook notifications (optional)

9.2 Usage Terms

When using HTML Buttons:

• Buttons must only be used on websites you own or control
• You may not modify the generated code in ways that affect security
• Each button should be used for its intended product/service only
• Fixed-price buttons must reflect actual product prices
• You must clearly describe what the customer is paying for

9.3 Limitations

The HTML Button Service has the following limitations:

• Limited customization compared to full API integration
• No programmatic control over payment flow
• Basic reporting only; advanced analytics require API integration
• Not suitable for high-volume or complex checkout requirements

10. Recurring Payments Service

10.1 Service Description

The Recurring Payments Service enables:

• Automatic recurring charges at defined intervals (daily, weekly, monthly, annually, or custom)
• Subscription plan management with multiple tiers
• Proration for plan upgrades and downgrades
• Automatic retry logic for failed payments
• Dunning management for payment failures
• Customer self-service portal for subscription management
• Webhook notifications for subscription events

10.2 Customer Consent Requirements

For recurring payments, you must:

• Obtain explicit customer consent before initiating recurring charges
• Clearly disclose the amount, frequency, and duration of charges
• Provide customers with a method to cancel their subscription
• Send advance notification of upcoming charges (as required by card network rules)
• Honor cancellation requests and stop charging within a reasonable timeframe
• Maintain records of customer consent

10.3 Subscription Management

You agree to:

• Maintain accurate subscription status in our system
• Process cancellations within one (1) business day of receipt
• Not charge customers after subscription cancellation
• Provide clear billing descriptors that customers will recognize
• Handle customer inquiries about subscriptions promptly

10.4 Failed Payment Handling

When recurring payments fail:

• Our system will automatically retry according to configured rules
• You may configure dunning emails to customers
• After maximum retries, subscriptions may be suspended or cancelled
• You are responsible for communicating service suspension to customers

11. Merchant Wallet Service

11.1 Service Description

The Merchant Wallet Service provides:

• Digital wallet linked to your merchant account
• Storage of settled funds before bank transfer
• Instant transfers to other Zuato merchants
• Multi-currency balance holding
• Bank withdrawal requests (subject to processing times)
• Transaction history and balance reporting
• Integration with other Zuato services

11.2 Wallet Funding

Your Merchant Wallet may be funded through:

• Settlements from processed transactions
• Incoming transfers from other Zuato merchants
• Refund reversals when original payment method cannot be credited
• Manual top-up (if enabled for your account)

11.3 Wallet Withdrawals

Withdrawals from your Merchant Wallet are subject to:

• Verification of your linked bank account
• Available balance after any reserve requirements
• Processing times as specified in your fee schedule
• Withdrawal limits as configured for your account
• Applicable withdrawal fees

11.4 Important Notices

• Wallet funds are not insured deposits
• We do not pay interest on wallet balances
• We may debit your wallet for chargebacks, refunds, or fees
• Wallet balances may be held or frozen for compliance reasons
• Upon account termination, remaining balance will be settled after reserve period

12. API Services

12.1 Service Description

Our API Services include:

• RESTful API endpoints for all payment operations
• SDKs for major programming languages (JavaScript, Python, PHP, Java, .NET, Ruby)
• Sandbox environment for development and testing
• Webhook notifications for real-time event updates
• Comprehensive API documentation and guides
• Developer support and technical assistance

12.2 API Access

API access is subject to:

• Approval based on your technical capabilities and use case
• Separate API credentials (API keys and secrets) for production and sandbox
• Rate limits as specified in our documentation
• Version support policies (deprecated versions may be retired with notice)

12.3 Developer Obligations

When using our APIs, you agree to:

• Secure API credentials and never expose them in client-side code
• Implement proper error handling and retry logic
• Follow our integration best practices and guidelines
• Test thoroughly in sandbox before deploying to production
• Subscribe to our developer updates for important announcements
• Comply with PCI DSS requirements appropriate to your integration method

12.4 Rate Limits and Fair Use

API usage is subject to rate limits:

• Standard rate limits apply to all API endpoints
• Exceeding rate limits may result in temporary throttling
• Higher limits may be available upon request for legitimate use cases
• Abusive API usage may result in access suspension

12.5 Webhooks

For webhook integrations:

• You must provide a secure HTTPS endpoint to receive webhooks
• Verify webhook signatures to ensure authenticity
• Acknowledge webhook receipt with HTTP 200 response promptly
• Implement idempotency to handle potential duplicate deliveries
• We will retry failed deliveries according to our retry policy

13. Corporate Debit Card Service

13.1 Service Description

The Corporate Debit Card Service includes:

• Physical and/or virtual debit cards linked to your Merchant Wallet
• Multi-user card issuance for employees and departments
• Spending limits and controls per card
• Merchant category restrictions (optional)
• Real-time transaction notifications
• Expense tracking and reporting
• Instant card freeze/unfreeze capabilities
• ATM withdrawal access (subject to limits and fees)

13.2 Card Issuance

Corporate Debit Cards are issued subject to:

• Verification of authorized users' identity
• Your account being in good standing
• Sufficient wallet balance for card funding
• Card issuance fees as specified in your fee schedule

13.3 Cardholder Responsibilities

Each cardholder must:

• Keep the card secure and confidential
• Not share card details, PIN, or security codes
• Report lost or stolen cards immediately
• Use the card only for authorized business purposes
• Comply with all card network rules and applicable laws

13.4 Administrator Responsibilities

As the account administrator, you are responsible for:

• Managing card issuance and user access
• Setting appropriate spending limits and controls
• Monitoring card usage and investigating suspicious activity
• Promptly deactivating cards for terminated employees
• Ensuring cardholders understand and comply with usage policies

13.5 Liability for Card Transactions

You are liable for:

• All authorized transactions made with issued cards
• Unauthorized transactions that occur before reporting card loss/theft
• Transactions made by employees or authorized users
• Any misuse resulting from failure to properly manage card access

14. Fees & Pricing

14.1 Fee Structure

You agree to pay all fees associated with your use of the Services as specified in your merchant agreement and fee schedule. Fees may include:

14.2 Fee Collection

Fees are collected through:

• Automatic deduction from settlements
• Debit from your Merchant Wallet balance
• Direct debit from your linked bank account (with authorization)
• Invoice for specific services (net 15 payment terms)

14.3 Fee Changes

We may modify fees with thirty (30) days' advance notice. Continued use of Services after fee changes take effect constitutes acceptance of the new fees.

14.4 Taxes

All fees are exclusive of applicable taxes. You are responsible for paying all taxes, levies, or duties imposed by taxing authorities, and we may collect such amounts as required by law.

15. Settlements

15.1 Settlement Schedule

We will transfer funds from processed transactions to your designated bank account according to the settlement schedule in your agreement. Options may include:

• Same-day settlement: Funds transferred on the same business day
• Next-day settlement: Funds transferred on the following business day
• Weekly settlement: Funds transferred weekly on a designated day
• Custom schedule: Settlement frequency as agreed

15.2 Settlement Calculation

Settlement amounts are calculated as:

• Gross transaction value
• Minus: Processing fees
• Minus: Refunds processed
• Minus: Chargebacks and representment fees
• Minus: Any applicable reserves
• Equals: Net settlement amount

15.3 Reserves

We may establish reserves based on your risk profile:

• Rolling reserve: Percentage of each settlement held for a specified period
• Fixed reserve: Fixed amount held as security
• Capped reserve: Reserve up to a maximum amount

Reserve amounts and terms will be specified in your merchant agreement. Reserves protect against chargebacks, refunds, and other liabilities.

15.4 Settlement Delays

Settlements may be delayed or suspended if:

• We suspect fraudulent activity on your account
• You are under investigation for Terms violations
• Excessive chargebacks or refunds occur
• Required by law enforcement or regulatory authorities
• Your bank rejects or returns settlement transfers
• There are discrepancies in your account information

16. Chargebacks & Disputes

16.1 Chargeback Liability

You are fully liable for all chargebacks, including:

• The original transaction amount
• Chargeback fees
• Any fines or assessments from card networks
• Administrative and investigation costs

16.2 Chargeback Process

When a chargeback is received:

• We will notify you via email and dashboard
• You must respond within the specified timeframe (typically 7-14 days)
• Provide all requested documentation to support your case
• We will submit representment on your behalf if documentation is sufficient
• Final decisions are made by the card issuer and/or card network

16.3 Required Documentation

To dispute a chargeback, you may need to provide:

• Proof of delivery or service completion
• Customer communications
• Signed receipts or invoices
• Terms and conditions accepted by customer
• 3D Secure authentication records
• IP addresses and device information
• Any other relevant transaction documentation

16.4 Chargeback Thresholds

You must maintain chargeback rates below card network thresholds:

• Visa: Below 0.9% of transactions or 100 chargebacks per month
• Mastercard: Below 1.0% of transactions

Exceeding thresholds may result in:

• Enrollment in monitoring programs
• Increased fees and fines
• Additional reserve requirements
• Account suspension or termination

17. Security & Compliance

17.1 PCI DSS Compliance

You must comply with the Payment Card Industry Data Security Standard (PCI DSS) at the level appropriate to your transaction volume and integration method:

• Complete annual PCI DSS Self-Assessment Questionnaire (SAQ)
• Undergo quarterly network vulnerability scans if applicable
• Maintain PCI compliance certification and provide upon request
• Never store prohibited data (CVV, full magnetic stripe data)

17.2 Data Security

You must implement appropriate security measures including:

• Encryption of sensitive data in transit and at rest
• Access controls limiting data access to authorized personnel
• Regular security assessments and penetration testing
• Incident response procedures
• Employee security awareness training

17.3 Breach Notification

You must notify us immediately (within 24 hours) if you experience or suspect:

• Unauthorized access to payment data
• Security breaches affecting customer information
• Malware or system compromises
• Physical theft of payment equipment

17.4 AML/KYC Compliance

You must comply with anti-money laundering and know-your-customer requirements:

• Verify customer identity for high-risk or high-value transactions
• Maintain records of customer due diligence
• Report suspicious activities as required by law
• Cooperate with regulatory inquiries and investigations

18. Prohibited Activities

18.1 Prohibited Business Types

You may not use our Services if your business involves:

• Illegal drugs, narcotics, or controlled substances
• Weapons, ammunition, explosives, or military equipment
• Adult content or services (unless pre-approved in writing)
• Gambling, gaming, or lottery (unless properly licensed and approved)
• Cryptocurrency exchange or trading platforms
• Pyramid schemes, Ponzi schemes, or multi-level marketing scams
• Counterfeit goods or trademark/copyright violations
• Drug paraphernalia
• Unlicensed financial services
• Telemarketing or outbound calling services
• Debt collection services (unless pre-approved)
• Escort or dating services
• Any business illegal in your operating jurisdiction

18.2 Prohibited Practices

You may not engage in the following practices:

• Processing transactions without valid customer authorization
• Submitting fraudulent or fictitious transactions
• Processing transactions for other businesses (factoring)
• Splitting transactions to avoid authorization limits
• Processing credits without corresponding debits
• Using the Services for personal, non-business purposes
• Money laundering or terrorist financing
• Violating economic sanctions or export control laws
• Making deceptive or misleading claims about products/services
• Charging customers without providing goods/services

18.3 Consequences of Violations

Violations may result in:

• Immediate account suspension or termination
• Withholding of funds pending investigation
• Reporting to law enforcement or regulatory authorities
• Fines and penalties from card networks
• Legal action to recover damages

19. Intellectual Property

19.1 Zuato Intellectual Property

All intellectual property rights in the Services, including software, APIs, documentation, trademarks, and content, are owned by Zuato or its licensors. You receive only the limited license to use the Services as specified in this Agreement.

19.2 License Grant

We grant you a limited, non-exclusive, non-transferable, revocable license to:

• Access and use the Services for your business operations
• Use our APIs and SDKs according to documentation
• Display required card network and security logos
• Use marketing materials we expressly provide for such purpose

19.3 Restrictions

You may not:

• Copy, modify, or create derivative works of our intellectual property
• Reverse engineer, decompile, or disassemble our software
• Use our trademarks without written permission
• Remove or alter proprietary notices or labels
• Sublicense or transfer your rights under this Agreement

19.4 Your Content

You retain ownership of your business information and content. You grant us a license to use such content as necessary to provide the Services, including displaying your business name and logo in transaction records.

20. Liability & Indemnification

20.1 Disclaimers

THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE." TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

20.2 Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

• WE SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES
• OUR TOTAL LIABILITY SHALL NOT EXCEED THE FEES PAID BY YOU IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM
• WE ARE NOT LIABLE FOR LOSSES CAUSED BY EVENTS BEYOND OUR REASONABLE CONTROL

20.3 Indemnification

You agree to indemnify and hold harmless Zuato, its affiliates, officers, directors, employees, and agents from any claims, damages, losses, liabilities, and expenses (including attorneys' fees) arising from:

• Your use of the Services
• Your violation of this Agreement
• Your violation of any law or third-party rights
• Disputes with your customers
• Chargebacks, refunds, and related costs
• Your business operations and products/services

21. Termination

21.1 Termination by You

You may terminate this Agreement at any time by providing thirty (30) days' written notice. Upon termination, you must:

• Cease using all Services
• Pay all outstanding fees and charges
• Resolve all pending transactions and disputes
• Return any leased equipment

21.2 Termination by Zuato

We may terminate this Agreement immediately if you:

• Breach any material term of this Agreement
• Engage in fraudulent or illegal activity
• Exceed chargeback thresholds
• Pose unacceptable risk to our business or partners
• Become insolvent or enter bankruptcy proceedings
• Are placed on any card network prohibited merchant list

21.3 Effect of Termination

Upon termination:

• Your access to Services will be disabled
• We will process final settlements minus any reserves
• Reserves will be held for at least 180 days to cover potential chargebacks
• Surviving provisions (liability, indemnification, confidentiality) remain in effect

22. Governing Law & Dispute Resolution

22.1 Governing Law

This Agreement shall be governed by and construed in accordance with the laws of the United Arab Emirates, without regard to conflict of law principles.

22.2 Dispute Resolution

Any disputes arising from this Agreement shall be resolved as follows:

• Negotiation: Parties shall first attempt to resolve disputes through good-faith negotiations
• Mediation: If negotiation fails, parties may submit to mediation
• Arbitration: Unresolved disputes shall be settled by binding arbitration in accordance with UAE arbitration rules

22.3 Jurisdiction

For matters not subject to arbitration, you consent to the exclusive jurisdiction of the courts of the United Arab Emirates.

22.4 Class Action Waiver

You agree to resolve disputes only on an individual basis and waive any right to participate in class actions or class-wide arbitration.

23. Contact Information

For questions, concerns, or notices regarding these Terms of Service, please contact us:

For urgent matters related to fraud, security incidents, or account access, please contact our 24/7 support line available through your merchant dashboard.