Skip to main content
FinMIFinMI

Acceptable Use Policy

Last updated: April 28, 2026

1. Overview

This Acceptable Use Policy ("AUP") governs your use of FinMI services provided by uPayments LLC. It exists to protect our merchants, end customers, payment networks, infrastructure providers, and the broader payment ecosystem. This policy is incorporated by reference into our Terms of Service; violation may result in suspension or termination.

2. Prohibited Activities

You may not use the Services to:

  • Process payments for any business that violates applicable law or card-network rules.
  • Engage in fraud, money laundering, terrorist financing, or sanctions evasion.
  • Process unauthorized charges, including charges to cards you do not have permission to charge.
  • Misrepresent your business, products, refund terms, billing descriptors, or shipping practices.
  • Knowingly process transactions for another party as a payment facilitator without our written consent.
  • Distribute malware, spyware, or content intended to compromise security or privacy.
  • Send unsolicited bulk communications (spam) using FinMI features or templates.

3. Prohibited Business Types

The following business categories are not supported on FinMI without prior written approval, and many are prohibited outright by the connected payment networks:

  • Adult content, escort services, or sexually-oriented services.
  • Online gambling or other forms of gaming-of-chance not authorized by the relevant jurisdiction.
  • Cannabis, CBD over the federally allowed THC limit, controlled substances, or drug paraphernalia.
  • Firearms, ammunition, weapons, or weapon parts (including 3D-printable receivers).
  • Cryptocurrency exchanges, ICOs, mining services, or speculative-investment marketplaces.
  • Multi-level marketing, pyramid, or get-rich-quick schemes.
  • Forex / binary options / contracts-for-difference brokerages without clear regulatory licensure.
  • Any business prohibited by NMI or the merchant's acquiring bank.

If your business fits a borderline category, contact us at legal@finmi.io before processing transactions.

4. API and Platform Usage Limits

You may not abuse the API or the dashboard infrastructure. Specifically: respect documented rate limits, do not bypass authentication or rate-limit controls, do not scrape data at scale, do not attempt to enumerate other tenants' data, and do not use the platform to host third-party services. We may apply additional per-account limits where necessary to protect platform stability.

5. Security Requirements

As a FinMI merchant you are responsible for:

  • Maintaining the security of your dashboard credentials and any API keys you generate.
  • Enabling 2FA for users who handle payments or settings.
  • Reviewing access regularly and revoking sessions for departed staff.
  • Reporting suspected unauthorized access to security@finmi.io immediately.
  • Complying with any PCI-DSS obligations that apply to your business model. FinMI minimizes your PCI scope by routing card data through NMI's certified gateway, but does not relieve you of merchant-side obligations.

We welcome responsible disclosure of vulnerabilities at security@finmi.io. Do not test against production accounts you do not own.

6. Enforcement

We may investigate suspected violations and take appropriate action, including warning, throttling, suspending, or terminating accounts. We will generally try to give notice and an opportunity to cure, but may act without prior notice when required by law or to prevent imminent harm. In serious cases we may report violations to law enforcement, banks, or card networks.

7. Reports and Contact

To report a suspected AUP violation by another FinMI merchant, or for questions about this policy, contact us at: legal@finmi.io.

uPayments LLC
Albuquerque, NM, United States