1. Introduction, Incorporation, and Scope

‍

This Acceptable Use Policy (the “AUP” or “Policy”) is issued by Phoenix Ecommerce Technologies LLC (“Phoenix,” “Company,” “we,” or “us”) and governs use of the Phoenix payment gateway, payment-related software, and other services we make available to merchants and other customers (collectively, the “Services”).

‍

This AUP applies to (a) all visitors and users of any Phoenix website or product page on which it is posted, and (b) all persons and entities that access or use the Services under a Phoenix Software as a Service Agreement, merchant agreement, sub-merchant agreement, order form, or other written agreement with Phoenix (each, a “Customer,” and each such agreement, the “Agreement”). When this AUP is referenced in or attached to an Agreement (including as an exhibit or addendum), it is incorporated into and forms part of that Agreement.

‍

Compliance with this AUP is a material condition to access and use of the Services. Any breach of this AUP shall constitute a material breach of the Agreement.

‍

2. Customer Responsibilities

‍

Customer acknowledges that Phoenix does not control Customer’s business operations, advertising, customer service, products, or legal compliance. Customer is solely responsible for the lawfulness, accuracy, and integrity of its business, its disclosures to consumers, and the activities of its affiliates, agencies, call centers, fulfillment providers, lead sources, processors, and other third parties acting for or on Customer’s behalf.

‍

Customer shall use the Services only for lawful, transparent, and legitimate business purposes, consistent with the Agreement, this AUP, applicable card-network rules, applicable bank, processor, and sponsor-bank requirements, applicable consumer-protection, privacy, and data-security laws, and all other applicable laws, rules, regulations, and guidelines.

‍

At a minimum, Customer shall:

• Provide accurate, complete, and current business information at onboarding and on an ongoing basis.
• Maintain clear and accessible customer-facing policies, including subscription billing, refund, cancellation, privacy, shipping, and delivery terms.
• Comply with the Payment Card Industry Data Security Standard (PCI DSS) as applicable to Customer’s use of the Services and safeguard cardholder data and sensitive authentication data.
• Maintain commercially reasonable controls to detect and prevent fraud, unauthorized transactions, and abuse.
• Maintain chargeback, fraud, and return rates at or below applicable card-network and processor thresholds.
• Respond promptly and in good faith to compliance, dispute, fraud, and information requests from Phoenix or a Phoenix bank, processor, or network partner.

3. Documentation and Audit Support

‍

Customer shall maintain records reasonably sufficient to demonstrate its compliance with this Policy, the Agreement, applicable law, card-network rules, and Phoenix requirements. Upon request, Customer shall promptly provide Phoenix with information and materials reasonably requested to evaluate Customer’s compliance, including applicable checkout flows, landing pages, advertisements, call scripts, consent records, transaction records, refund and cancellation records, fulfillment records, customer-service records, chargeback responses, and communications with consumers. Phoenix may use such materials for risk review, dispute response, processor or sponsor-bank inquiries, regulatory response, and enforcement of this Policy or the Agreement.

‍

4. Material Business Changes

‍

Customer shall notify Phoenix before making any material change to its business, products, services, offers, pricing, billing model, subscription or trial terms, marketing channels, URLs, trade names, ownership, fulfillment practices, customer-support practices, processing relationships, or any other matter that could reasonably affect Phoenix’s risk assessment of Customer. Phoenix may require additional information, impose conditions, restrict processing, hold funds, or suspend access to the Services pending review of any such change.

‍

5. Preservation of Records

‍

If Phoenix notifies Customer of a dispute, chargeback trend, processor inquiry, sponsor-bank request, subpoena, civil investigative demand, government inquiry, law-enforcement request, or other matter requiring review, Customer shall preserve all potentially relevant records, data, communications, marketing materials, transaction records, consumer disclosures, consent records, and fulfillment records. Customer shall not delete, alter, destroy, or withhold such materials while the matter remains pending, except as required by applicable law and with prompt notice to Phoenix.

‍

6. No Circumvention

‍

Customer shall not attempt to avoid, bypass, or evade this Policy, the Agreement, Phoenix’s underwriting or monitoring requirements, reserves, funds holds, processing restrictions, suspension, termination, or any card-network, processor, sponsor-bank, or legal requirement. Prohibited circumvention includes using undisclosed entities, merchant accounts, URLs, descriptors, products, affiliates, lead sources, processors, payment flows, or other arrangements to process transactions or conduct activity that Phoenix has declined, restricted, suspended, or terminated.

‍

7. Prohibited Uses

‍

Customer shall not, and shall not permit or facilitate any third party to, use the Services in connection with any of the following:
‍

• Any unlawful, fraudulent, deceptive, misleading, unauthorized, or evasive activity, or any activity that violates applicable law, card-network rules, or sponsor-bank or processor requirements.
• Any misrepresentation or material omission regarding Customer’s identity, products, pricing, subscription or trial terms, cancellation terms, refund rights, or any other material term presented to consumers, banks, processors, or card networks.
• Charging a consumer without valid authorization, charging after cancellation, or charging for goods or services not ordered.
• Transaction laundering, factoring, pass-through processing, aggregation on behalf of undisclosed third parties, or use of shell companies, nominee entities, or multiple merchant accounts to conceal the true merchant or evade monitoring or restrictions.
• Sale or distribution of counterfeit goods, content that infringes the intellectual property rights of a third party, or material that exploits or sexualizes minors (zero tolerance).
• Money laundering, structuring to evade monitoring or reporting controls, terrorist financing, or any transaction involving sanctioned persons, entities, or jurisdictions.
• Marketing in violation of applicable law or self-regulatory requirements, including deceptive claims, fake or undisclosed endorsements, unlawful robocalls or text messages, or marketing that is reasonably likely to violate the FTC Act, the Telemarketing Sales Rule, ROSCA, CAN-SPAM, the TCPA, state auto-renewal or negative-option laws, or comparable laws in any applicable jurisdiction.
• Submitting false, misleading, or fabricated evidence in response to a chargeback, refund, or dispute, or submitting evidence that does not accurately reflect the consumer-facing brand, URL, product, offer, checkout flow, and terms shown to the consumer.
  ‍

8. Restricted and Heightened-Risk Activities

‍

Certain business models, products, and marketing practices present elevated regulatory, reputational, financial, or network risk. Phoenix may, in its reasonable discretion, decline to onboard, restrict, condition, or impose enhanced diligence on any Customer or activity that Phoenix considers heightened risk, including without limitation:
‍

• Subscription, continuity, free-trial, auto-renewal, and other negative-option offers.
• Outbound telemarketing and affiliate-driven or lead-generation marketing programs.
• Gambling, sweepstakes, and contests, where lawful and only with prior written approval.
• Cryptocurrency, digital-asset exchange, and other quasi-cash services.
• Adult-oriented goods, services, or content.
• CBD, hemp-derived, nutraceutical, supplement, and other regulated wellness products.
• Debt relief, credit repair, timeshare exit, money-making or earnings-claim programs, and tech-support services.
• Any business subject to heightened government, processor, sponsor-bank, or card-network scrutiny.

Customer shall disclose to Phoenix, before onboarding and before any material change in Customer’s business model, whether Customer engages in any restricted or heightened-risk category. Customer shall promptly provide any supplemental information, materials, or certifications reasonably requested by Phoenix.

‍

If Customer uses a subscription, continuity, auto-renewal, free-trial, or other negative-option model, Customer shall: (a) clearly and conspicuously disclose all material terms (including the seller identity, total cost, recurring charges, trial conversion terms, refund restrictions, and cancellation methods) before obtaining the consumer’s billing information or authorization; (b) obtain the consumer’s express, informed consent without the use of pre-checked boxes or other dark patterns; (c) provide any pre-renewal or pre-conversion notices required by law; (d) offer a simple cancellation method that is at least as easy to use as the method of enrollment; and (e) cease billing promptly upon cancellation. Customer shall maintain records sufficient to demonstrate compliance with these requirements.

‍

9. Sanctions Compliance

‍

Customer represents and warrants on a continuing basis that neither Customer nor any of its principals, beneficial owners, affiliates, or control persons (a) is identified on the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) Specially Designated Nationals and Blocked Persons List or any other applicable sanctions list, or (b) is owned or controlled by, or acting on behalf of, any such person or entity. Customer further represents that it does not, and will not, use the Services to process transactions involving sanctioned persons, entities, or jurisdictions, or in violation of applicable U.S., U.K., EU, UN, or other applicable sanctions or export-control laws.

‍

Any breach of this Section may result in immediate suspension or termination of the Services and may be reported to Phoenix’s sponsor bank, processors, card networks, and applicable government authorities to the extent permitted or required by law.

‍

10. Consumer Transparency, Disclosure, and Refund Practices

‍

Customer’s advertising, landing pages, checkout flows, terms, privacy policy, cancellation terms, customer-service representations, and consumer communications shall be truthful, substantiated, conspicuous where required, and not misleading. Material terms shall be disclosed clearly and conspicuously before billing information is collected.

‍

Customer shall maintain commercially reasonable refund, cancellation, and customer-service practices appropriate to its business model and consistent with applicable law and card-network rules. This includes acknowledging refund and dispute requests, processing approved refunds, and responding to consumer inquiries within commercially reasonable timeframes, and submitting chargeback responses within network-mandated timelines. Customer shall retain transaction, authorization, and fulfillment records for the period required by applicable law and card-network rules and, in any event, for a period sufficient to permit Phoenix to respond to disputes, regulatory inquiries, and audits.

‍

11. Fraud, Chargeback, and Risk Monitoring

‍

Phoenix may monitor Customer transaction activity, fraud indicators, chargeback rates, and dispute volumes consistent with applicable card-network monitoring expectations and Phoenix’s internal risk standards. Customer shall maintain commercially reasonable procedures to minimize chargebacks, ACH returns, unauthorized transactions, refunds, and consumer complaints, and shall promptly investigate material dispute trends and implement corrective action where requested by Phoenix.
‍

If Customer is placed in, or appears likely to be placed in, any card-network, sponsor-bank, or processor monitoring, remediation, or excessive-chargeback program, Customer shall promptly notify Phoenix and cooperate with any required corrective action plan, including changes to disclosures, cancellation methods, customer support, refund practices, marketing channels, or product offerings.
‍

Customer shall notify Phoenix in writing within five (5) business days after learning of any of the following: (a) chargeback, fraud, return, or refund rates approaching or exceeding any threshold imposed by Phoenix, a processor, sponsor bank, or card network; (b) any processor termination, freeze, reserve, or material adverse underwriting action; (c) any governmental inquiry, civil investigative demand, subpoena, warning letter, or law-enforcement request; (d) any lawsuit, demand letter, class action, or arbitration alleging deceptive practices, unauthorized billing, privacy or telemarketing violations, or similar misconduct; or (e) any material spike in consumer complaints, refunds, ACH returns, or card disputes.

‍

12. Reserves, Funds Holds, and Settlement Controls

‍

Phoenix may, in its reasonable discretion and consistent with applicable law and the Agreement, establish rolling reserves, fixed reserves, delayed settlement schedules, settlement holdbacks, or temporary funds holds where Phoenix determines that risk exposure warrants such action, including in response to elevated chargeback or fraud activity, regulatory or law-enforcement inquiry, processor or sponsor-bank direction, suspected breach of this AUP, or potential insolvency or wind-down of Customer.

Held funds may be applied, to the extent permitted by the Agreement and applicable law, to chargebacks, refunds, ACH returns, fines, penalties, network assessments, and other amounts owed by Customer to Phoenix or its bank, processor, or network partners.

‍

13. Monitoring, Investigation, and Enforcement

‍

Phoenix has no obligation to, but may, monitor Customer’s use of the Services and conduct risk, manual, or compliance reviews at onboarding and during the term of the Agreement. Phoenix may also review publicly available information regarding Customer, including websites, advertisements, complaint forums, and public legal filings.

‍

Customer shall cooperate promptly and in good faith with any Phoenix inquiry, certification request, remediation request, or investigation, including by producing requested records, screenshots, terms, authorizations, processor notices, complaint logs, transaction and chargeback reporting, and other reasonably requested materials. Where Phoenix reasonably believes heightened risk exists, Phoenix may require test transactions, enhanced certifications, third-party legal or compliance review, or other reasonable diligence measures, at Customer’s expense where permitted by applicable law.

‍

Phoenix may, in its reasonable discretion and with or without prior notice, take any one or more of the following enforcement actions where Phoenix determines that Customer has breached this AUP, presents material risk, or is engaged in or reasonably likely to engage in deceptive, misleading, or unlawful activity: (a) request additional information or remediation; (b) require additional reserves, holdbacks, or delayed settlement; (c) restrict, suspend, or condition all or part of the Services; (d) block payouts; (e) terminate the Agreement; or (f) report the activity to a sponsor bank, processor, card network, regulator, or law-enforcement authority. Phoenix shall have no liability to Customer for any good-faith action taken under this AUP.

‍

Phoenix may also take enforcement action where a sponsor bank, processor, card network, regulator, or law-enforcement authority requests or directs Phoenix to do so, or where continued provision of the Services could expose Phoenix to liability, loss of processing access, or reputational harm.

‍

14. Regulatory and Third-Party Cooperation

‍

Customer authorizes Phoenix, to the extent permitted by applicable law, to share Customer information, transaction data, dispute and chargeback data, and related records with Phoenix’s sponsor banks, processors, card networks, regulators, and law-enforcement authorities (a) as necessary to provide the Services, (b) to comply with applicable law, card-network rules, or sponsor-bank or processor requirements, or (c) to respond to subpoenas, civil investigative demands, regulatory inquiries, or similar legal process.

‍

Customer shall reasonably cooperate with Phoenix in connection with any such inquiry, including by providing accurate and timely responses to information requests and by not interfering with Phoenix’s good-faith response to its sponsor banks, processors, card networks, regulators, or law-enforcement authorities.

‍

15. Updates to this Policy

‍

Phoenix may update or supplement this AUP from time to time to reflect changes in law, card-network rules, sponsor-bank or processor requirements, or Phoenix’s risk standards. Updates will be effective when posted at the applicable Phoenix website or otherwise made available to Customer (including by update within the Services, by email, or by written addendum), or on such later date as Phoenix may specify. Customer’s continued use of the Services after the effective date of an update constitutes acceptance of the updated AUP.

‍

16. Conflict and Order of Precedence

‍

This AUP supplements, and does not replace, the Agreement. To the extent of any direct conflict between this AUP and an Agreement between Phoenix and a Customer, the Agreement controls, except that this AUP controls solely with respect to the subject matter expressly addressed in this AUP (including prohibited and restricted uses, sanctions compliance, fraud and chargeback monitoring, reserves and funds holds, and monitoring, investigation, and enforcement).

Phoenix’s rights under this AUP are cumulative and in addition to any rights Phoenix has under the Agreement, at law, or in equity. Phoenix’s failure to detect, question, or act with respect to any Customer conduct shall not be deemed approval, ratification, or waiver of any breach.