Legal

Terms and Conditions (Master Platform Agreement)

Last Updated: 2026-03-09

These Terms and Conditions ("Terms") govern access to and use of the Bitolo platform, APIs, website, and related services (collectively, the "Services") provided by Bitolo. ("Bitolo", "we", "our", or "us").

By accessing or using the Services, you ("Client", "User", or "you") agree to be bound by these Terms. If you do not agree, you must not use the Services.

1.1 Nature of the Platform

Bitolo provides a SaaS technology platform enabling Clients to connect with payment infrastructure providers, banks, and licensed payment service providers through secure APIs.

Services include:

API connectivity and payment orchestration
Operational dashboards and reporting tools
System monitoring and integration support

Bitolo provides technology infrastructure only. Bitolo does not operate as a bank or licensed payment provider, and does not directly process or settle transactions on behalf of Clients. All payment services are performed by third-party banks, payment institutions, or licensed payment service providers.

1.2 Third-Party Payment Providers

Clients acknowledge that third-party providers operate independently and may require separate agreements. Bitolo is not responsible for the performance, compliance, or availability of such providers. Bitolo may leverage regulated or licensed entities to support payment service integrations or operational servicing arrangements.

1.3 Operational Authorization

Clients authorize Bitolo to communicate and interact with Third-Party Providers to facilitate operational, technical, and administrative matters, including:

Transmitting operational or technical information
Managing API integrations and connectivity
Responding to inquiries from Third-Party Providers
Coordinating onboarding, updates, and configuration adjustments
Facilitating Client-initiated payment or service requests by relaying quotes, confirmations, and instructions between the Client and Third-Party Providers

Clients acknowledge that any quotes or instructions provided by Bitolo are for informational purposes only. Payment services are executed solely by Third-Party Providers. Bitolo does not assume regulatory responsibility for any transactions.

This authorization does not permit Bitolo to:

Enter into payment agreements on behalf of the Client
Modify contractual arrangements between the Client and any Third-Party Provider

Clients agree to provide reasonable cooperation where necessary to enable such interactions.

1.4 Client Accounts

Clients are responsible for safeguarding credentials, managing internal user access, and ensuring only authorized individuals access the Platform. All activity is deemed authorized by the Client.

1.5 Client Responsibilities

Clients must use the Platform lawfully, comply with applicable laws, manage integrations responsibly, and maintain internal security controls. Clients remain solely responsible for activity conducted through their accounts and regulatory compliance.

1.6 Regulatory Compliance and Licensing

Clients operating in emerging or international markets must obtain all required licenses, approvals, or regulatory authorizations. Bitolo does not provide regulatory advice and is not responsible for Client compliance.

1.7 Data Security

Bitolo stores data using secure infrastructure and industry-standard protocols, including encryption and monitoring. Clients remain responsible for compliance with data protection laws.

1.8 Fees and Dormancy

Clients agree to pay all applicable fees. Inactive accounts may incur monthly administrative charges after notification until activity resumes or the account balance reaches zero, whichever occurs first.

1.9 Limitation of Liability

Bitolo is not liable for indirect or consequential damages, payment failures by third parties, or regulatory penalties. Maximum liability is limited to fees paid in the previous 12 months.

Privacy Policy (UK & GDPR Compliant)

Last Updated: 2026-03-09

Bitolo. ("Bitolo", "we", "our") values your privacy. This policy explains how we collect, use, and protect personal data in accordance with the UK GDPR and Data Protection Act 2018.

Data We Collect:

Account and business information
Contact details (email, phone)
Usage and API interaction logs
Technical data (IP address, device, browser)

How We Use Data:

Provide and operate the Platform
Maintain security and prevent fraud
Respond to inquiries and support requests
Comply with legal and regulatory obligations

Legal Basis for Processing:

Contractual necessity
Legal obligations
Legitimate interests

Data Sharing:

Regulated payment providers and banks
Third-party service providers
Compliance authorities if required by law

Data Retention: Retained only as long as necessary for service provision and legal compliance.

Data Subject Rights:

Access, correct, delete personal data
Restrict or object to processing
Data portability
Withdraw consent

Contact: privacy@bitolo.io

Data Processing Agreement (DPA)

Effective Date: 2026-03-09

Parties: Data Controller = Client, Data Processor = Bitolo.

Purpose: Bitolo processes personal data on behalf of the Client to deliver Platform services.

Processor Obligations:

Process data only on Client instructions
Implement technical and organizational safeguards
Maintain confidentiality
Notify Client of data breaches promptly

Sub-Processors: Bitolo may engage sub-processors (cloud, payment providers) with Client consent.

International Transfers: Any transfers outside the UK/EEA comply with UK GDPR safeguards.

Data Subject Rights: Bitolo assists Clients in responding to data subject requests.

Termination: Upon termination, Bitolo returns or deletes personal data unless retention is legally required.

Acceptable Use Policy

Clients must not:

Conduct fraudulent or illegal transactions
Engage in money laundering or terrorist financing
Violate sanctions laws
Distribute malware
Infringe intellectual property rights

Bitolo may suspend services for violations.

API License Terms

License: Limited, non-exclusive, non-transferable license to use Bitolo APIs.

Restrictions:

No reverse engineering or replication
Do not overload or misuse APIs
Maintain credential confidentiality

Updates: APIs may be updated periodically for security and performance.

Sanctions & Prohibited Payments Policy

Clients must not:

Facilitate payments to sanctioned countries, entities, or individuals
Process transactions involving illegal goods/services
Breach UK or international sanctions laws

Bitolo may block or report prohibited transactions.

Client/Merchant Onboarding Terms

Complete identity verification (KYC) and compliance documentation
Bitolo may coordinate with third-party providers for onboarding
Clients are responsible for legal compliance

Risk Disclosure Statement

Using Bitolo involves operational and regulatory risks:

Third-Party Risk: Services executed by external providers
Regulatory Risk: Clients must comply with all jurisdictions
Infrastructure Risk: Technical outages may occur
Market Risk: Emerging markets have evolving regulations

Clients acknowledge and accept these risks when using the Platform.

Contact: Bitolo., legal@bitolo.io, https://bitolo.io