This Acceptable Use Policy ("AUP") sets forth the rules and guidelines for acceptable use of Oharapay's payment processing platform and services (collectively, the "Services").
This AUP is part of our Terms and Conditions and applies to all users of our Services, including merchants, customers, and any other parties accessing or using our platform.
By using our Services, you agree to comply with this AUP. Violation of this policy may result in suspension or termination of your account, withholding of funds, reporting to authorities, or other actions as deemed necessary.
We reserve the right to investigate suspected violations of this AUP and to take appropriate action, including cooperation with law enforcement agencies.
You must not use our Services for any of the following activities:
Illegal Activities: Any activity that violates applicable laws, regulations, or ordinances, including but not limited to money laundering, terrorist financing, fraud, theft, or sale of illegal goods and services.
Fraudulent Transactions: Processing fraudulent, fake, or unauthorized transactions. This includes using stolen credit cards, creating false identities, or engaging in any form of payment fraud.
Deceptive Practices: Misleading or deceiving customers about the nature, quality, or price of goods or services. This includes false advertising, bait-and-switch tactics, and misrepresenting refund or return policies.
Unauthorized Charges: Charging customers without proper authorization, including unauthorized recurring charges, hidden fees, or charges for goods or services not delivered.
Excessive Chargebacks: Engaging in business practices that result in excessive chargebacks. A chargeback rate above 1% may be considered excessive and subject to account review.
Transaction Laundering: Processing transactions on behalf of another business or individual without proper authorization (also known as payment aggregation or transaction laundering).
Card Testing: Using our Services to test stolen or fraudulent credit card numbers.
Circumventing Security: Attempting to bypass, disable, or interfere with security features of our Services or accessing systems without authorization.
The following business practices are prohibited when using our Services:
Unfair Business Practices: Engaging in unfair, deceptive, or abusive business practices that harm consumers or violate consumer protection laws.
Price Gouging: Charging unreasonably high prices for essential goods or services, particularly during emergencies or crises.
Discriminatory Practices: Discriminating against customers based on race, religion, gender, sexual orientation, disability, or other protected characteristics.
Negative Option Billing: Charging customers for products or services they did not explicitly agree to purchase, or making it unreasonably difficult to cancel subscriptions or recurring charges.
Misleading Free Trials: Offering "free trials" that automatically convert to paid subscriptions without clear disclosure and easy cancellation options.
Unauthorized Marketing: Sending unsolicited commercial emails (spam), making unsolicited telephone calls, or engaging in other unauthorized marketing activities.
False Claims: Making false or unsubstantiated claims about products or services, including health claims, performance claims, or endorsements.
Aggressive Sales Tactics: Using high-pressure sales tactics, harassment, or intimidation to force customers into purchases.
You must handle customer data responsibly and in compliance with data protection laws:
Data Collection: Only collect customer data that is necessary for your business purposes and for which you have a lawful basis.
Data Security: Implement appropriate security measures to protect customer data from unauthorized access, disclosure, or theft.
Data Sharing: Do not sell, rent, or share customer data with third parties without proper consent, except as necessary to fulfill transactions or comply with legal obligations.
PCI DSS Compliance: Comply with Payment Card Industry Data Security Standard (PCI DSS) requirements applicable to your merchant level.
Data Retention: Do not retain customer payment card data beyond what is necessary and permitted by PCI DSS and other regulations.
Privacy Policies: Maintain a clear and accessible privacy policy that explains how you collect, use, and protect customer data.
Data Breaches: Notify Oharapay and affected customers promptly in the event of a data breach involving payment or personal information.
Children's Data: Do not knowingly collect or process data from children under 13 (or applicable age in your jurisdiction) without parental consent.
When processing transactions through our Services, you must:
Accurate Descriptions: Provide accurate and complete descriptions of goods and services being sold.
Clear Pricing: Display all prices clearly, including taxes, shipping, and any additional fees before checkout.
Proper Authorization: Obtain proper authorization from cardholders before processing transactions.
Delivery of Goods/Services: Deliver goods or services as promised, within the timeframe specified to customers.
Refund Policies: Honor your stated refund and return policies and process refunds promptly.
Transaction Records: Maintain accurate records of all transactions, including customer information, purchase details, and delivery confirmation.
Dispute Resolution: Respond promptly to customer disputes and chargeback notifications, providing all requested documentation.
Single Transaction: Process each transaction only once unless explicitly authorized by the customer for recurring charges.
Correct Currency: Process transactions in the currency agreed upon with the customer.
No Surcharging: Do not impose surcharges on card transactions unless permitted by law and card network rules in your jurisdiction.
You are responsible for maintaining the security of your Oharapay account:
Credentials: Keep your account credentials (username, password, API keys) confidential and secure.
Strong Passwords: Use strong, unique passwords and change them regularly.
Two-Factor Authentication: Enable two-factor authentication on your account where available.
Authorized Users: Only grant account access to authorized employees or representatives.
Activity Monitoring: Regularly monitor your account for unauthorized access or suspicious activity.
Prompt Notification: Notify us immediately if you suspect unauthorized access to your account or any security breach.
Device Security: Ensure that devices used to access your account are secure and protected with up-to-date security software.
Secure Networks: Access your account only through secure, trusted networks. Avoid using public Wi-Fi for sensitive transactions.
When using our platform, you must not:
Abuse or Overload: Abuse, overload, or impair our servers or networks through excessive requests, automated tools, or denial-of-service attacks.
Unauthorized Access: Attempt to gain unauthorized access to our systems, other users' accounts, or restricted areas of the platform.
Reverse Engineering: Reverse engineer, decompile, or attempt to extract source code from our software or platform.
Data Mining: Use automated tools to scrape, mine, or collect data from our platform without permission.
Malware: Upload or distribute viruses, malware, or other malicious code through our platform.
Interfere with Operations: Interfere with or disrupt the operation of our Services or other users' ability to use the Services.
Circumvent Restrictions: Attempt to circumvent usage restrictions, rate limits, or other technical limitations.
Unauthorized APIs: Use undocumented or unauthorized APIs to access our Services.
You must respect intellectual property rights when using our Services:
Oharapay IP: Do not use Oharapay trademarks, logos, or other intellectual property without our written permission.
Third-Party IP: Do not sell or promote counterfeit goods, pirated software, or products that infringe on third-party intellectual property rights.
Licensed Content: Ensure you have proper licenses for any content, software, or intellectual property used in your business.
DMCA Compliance: Comply with copyright laws and respond approprily to DMCA takedown notices.
Trademark Usage: Do not use our trademarks in a way that suggests endorsement or partnership without authorization.
Brand Confusion: Do not create confusion about the source of goods or services or misrepresent your relationship with Oharapay.
When communicating with customers or using our platform for marketing:
Truthful Communication: Provide truthful, accurate information in all communications with customers.
Marketing Consent: Obtain proper consent before sending marketing communications to customers.
Unsubscribe Options: Provide clear and easy unsubscribe options for marketing emails.
CAN-SPAM Compliance: Comply with anti-spam laws including CAN-SPAM Act, GDPR, and similar regulations.
Professional Communication: Maintain professional and respectful communication with customers and Oharapay staff.
No Harassment: Do not harass, abuse, or threaten customers, other merchants, or Oharapay personnel.
Accurate Sender Information: Use accurate sender information in all communications and do not falsify headers or routing information.
Phishing: Do not engage in phishing or impersonate Oharapay, banks, or other entities in communications.
Certain high-risk activities are subject to additional requirements and monitoring:
High-Value Transactions: Transactions above certain thresholds may require additional verification and documentation.
International Transactions: Cross-border transactions may be subject to enhanced monitoring for fraud and compliance.
Unusual Patterns: Sudden changes in transaction volume, average transaction size, or business patterns may trigger reviews.
High-Chargeback Industries: Businesses in industries with historically high chargeback rates are subject to enhanced monitoring.
Age-Restricted Products: Sales of age-restricted products require proper age verification mechanisms.
Pre-Orders and Crowdfunding: Pre-orders and crowdfunding campaigns must clearly disclose delivery timeframes and refund policies.
You must notify us before engaging in any activities that may be considered high-risk and obtain approval where required.
You have certain reporting obligations when using our Services:
Material Changes: Notify us of any material changes to your business, including ownership changes, business model changes, or addition of new products or services.
Violations: Report any violations of this AUP by other users that come to your attention.
Suspicious Activity: Report suspicious transactions, fraud attempts, or security incidents promptly.
Legal Issues: Notify us of any legal proceedings, regulatory actions, or investigations affecting your business.
Data Breaches: Report any data breaches or security incidents involving customer payment information immediately.
Financial Difficulties: Notify us of bankruptcy filings, financial distress, or inability to fulfill customer orders.
Failure to report material information may result in account suspension or termination.
Oharapay reserves the right to monitor your use of our Services to ensure compliance with this AUP:
Transaction Monitoring: We monitor transactions for fraud, money laundering, and compliance with this AUP.
Risk Assessment: We conduct periodic risk assessments of merchant accounts based on various factors.
Account Reviews: We may conduct reviews of your account, business practices, and transaction history.
Information Requests: We may request additional information or documentation to verify compliance.
Site Visits: We may conduct site visits to verify business operations (with advance notice).
Third-Party Reports: We may consider reports from customers, payment networks, or other third parties when assessing compliance.
Automated Systems: We use automated systems and algorithms to detect suspicious activity and potential violations.
Violations of this AUP may result in the following actions:
Warning: For minor or first-time violations, we may issue a warning and require corrective action.
Account Suspension: Temporary suspension of your account pending investigation or resolution of issues.
Transaction Holds: Placing holds on funds or requiring reserves to cover potential losses.
Transaction Limits: Imposing limits on transaction amounts or volumes.
Enhanced Monitoring: Subjecting your account to enhanced monitoring and reporting requirements.
Account Termination: Permanent termination of your account and access to Services.
Legal Action: Pursuing legal action, including seeking damages and injunctive relief.
Reporting to Authorities: Reporting violations to law enforcement, regulatory agencies, or payment networks.
Industry Databases: Reporting to industry databases such as MATCH (Member Alert to Control High-risk merchants).
The specific action taken will depend on the severity and nature of the violation.
Oharapay cooperates with law enforcement and regulatory authorities:
Legal Compliance: We comply with all applicable laws and regulations, including providing information in response to valid legal requests.
Subpoenas and Court Orders: We respond to subpoenas, court orders, and other legal processes as required by law.
Fraud Investigations: We cooperate with law enforcement in fraud investigations and may provide transaction data and account information.
Suspicious Activity Reports: We file Suspicious Activity Reports (SARs) with financial authorities when required.
User Cooperation: You must cooperate with law enforcement investigations and legal processes related to your use of our Services.
No Notification: In some cases, we may be prohibited from notifying you of law enforcement requests or investigations.
We may update this Acceptable Use Policy from time to time:
Notification: We will notify you of material changes via email or through your merchant portal.
Effective Date: Changes will be effective 30 days after notification unless immediate changes are required by law or to address security concerns.
Continued Use: Your continued use of our Services after the effective date constitutes acceptance of the updated AUP.
Right to Terminate: If you do not agree with changes to this AUP, you may terminate your account before the changes take effect.
Regular Review: We recommend reviewing this AUP periodically to stay informed of any changes.
If you have questions about this Acceptable Use Policy or need to report a violation, please contact:
Compliance Department
Oharapay Limited
Grand Canal Square
Dublin 2, Ireland
Email: compliance@oharapay.com
Phone: +353 1 234 5678
For urgent security or fraud issues, contact our 24/7 Security Hotline: +353 1 234 5679
To report violations by other users, email: abuse@oharapay.com
Our compliance team is here to help you understand and comply with this policy.