1. Agreement and Acceptance
These Terms of Service ("Terms", "Agreement") govern your access to and use of the services of Anchorbase Inc. ("Anchorbase", "we", "our", "us"), including data-extraction, robotic-process-automation ("RPA"), and data-transfer functionality that moves information from your systems of record into payment terminals, gateways, ERPs, CRMs, or other platforms (collectively, the "Services"), including any beta, preview, or experimental features.
For purposes of these Terms, "Customer" means the merchant, reseller, partner, business, or other entity that creates an account with, contracts with, accesses, or uses the Services of Anchorbase. "End Customer" means a customer, client, patient, account holder, cardholder, or other individual or business whose information is contained in, accessed from, transmitted through, or acted upon within Customer's systems of record or Third-Party Platforms.
By creating an account, accessing, or using the Services, you, as the merchant, reseller, partner, business, or other entity using Anchorbase's Services ("Customer", "you"), agree to these Terms and represent that you have authority to bind the entity you represent. If you have executed a written Master Services Agreement ("MSA") with Anchorbase, that MSA prevails where inconsistent; these Terms supplement it.
2. Scope of Services
2.1 General Scope
Anchorbase provides automation tools that allow Customers to extract, transform, and transfer data between systems you lawfully control or have authorization to access, and to execute RPA actions based on your configuration.
2.2 Third-Party Dependencies and Service Stability
Customer acknowledges that the Services function by interacting with third-party applications, websites, and systems of record ("Third-Party Platforms") that are not controlled by Anchorbase. The Services may employ techniques such as screen scraping, robotic process automation (RPA), and emulation of user actions to extract and transfer data. Customer expressly accepts that:
- Volatility: Third-Party Platforms may update their user interfaces, security controls, including CAPTCHA, multi-factor authentication, or bot-detection mechanisms, or terms of service at any time without notice, which may cause the Services to break, pause, or function incorrectly ("Integration Breakage");
- No Liability for Breakage: Anchorbase shall not be liable for any Integration Breakage, data loss, synchronization latency, or transaction errors caused by modifications to Third-Party Platforms; and
- Maintenance: Anchorbase will use commercially reasonable efforts to update the Services to restore functionality following an Integration Breakage, but makes no guarantee that such restoration will be immediate or possible.
Anchorbase does not monitor, interpret, or enforce Third-Party Platform terms of service and makes no representation regarding Customer's compliance with such terms. Anchorbase does not bypass technical access controls and relies solely on Customer-provided credentials, permissions, and configurations.
2.3 Non-Financial Status
Anchorbase is not a bank, payment processor, money services business, or financial institution of record and does not hold funds, settle transactions, or provide merchant-processing services unless expressly agreed in writing.
2.4 Data Verification
Customer remains solely responsible for verifying the accuracy, completeness, and legality of all data processed through the Services and for any resulting transactions or actions.
3. User Responsibilities and Authority
3.1 Agency and Authorization
By providing login credentials, API keys, session tokens, or other access mechanisms for any Third-Party Platform to Anchorbase, or by configuring the Services to access such platforms, Customer:
- Appointment of Agent: Expressly appoints Anchorbase as its non-exclusive, limited agent and legal proxy to access, view, and manipulate Customer's accounts on such Third-Party Platforms solely for the purpose of providing the Services. This agency automatically terminates upon termination of this Agreement;
- Warranty of Rights: Represents and warrants that it possesses all necessary rights, licenses, and permissions to authorize Anchorbase to access the Third-Party Platforms on its behalf, and that Customer is responsible for determining whether its use of the Services complies with any applicable Third-Party Platform terms and applicable law; and
- Credential Security: Acknowledges that it is solely responsible for the security of the credentials used by the Services and for any actions taken by the Services while acting under Customer's identity.
3.2 Prohibited Use
You will not instruct or configure the Services to:
- access systems or data you are not authorized to access;
- bypass authentication, security, or rate-limiting controls;
- use the Services to infringe intellectual-property, privacy, or data-protection rights;
- violate applicable law;
- introduce malware or otherwise interfere with system performance; or
- misrepresent your identity or affiliation when using the Services.
3.3 Customer Systems and Data
You are solely responsible for the configuration, security, and backup of your own systems and data before and after automation.
3.4 Verification of Results
Anchorbase provides automation tools "as is." Data obtained or transferred may be inaccurate, incomplete, or outdated. Automated actions may be irreversible once executed on third-party systems, and Customer assumes all risk of such execution. You must verify all results before reliance.
3.5 PCI-DSS and Payment Data
Anchorbase acts solely as a technical bridge for data transmission. Anchorbase does not retain or store full Primary Account Numbers (PAN) or sensitive authentication data subject to the Payment Card Industry Data Security Standard ("PCI-DSS") beyond the transient processing necessary to provide the Services. Anchorbase may process non-sensitive payment metadata, tokens, or transaction identifiers that do not constitute cardholder data. Customer acknowledges that Anchorbase is not a payment processor, bank, or money services business. Customer retains sole responsibility for its own compliance with PCI-DSS and for the security of its payment gateways and systems of record.
3.6 End Customer Data
Anchorbase does not sell or use End Customer Data as a customer database, marketing list, or permanent system of record. Anchorbase may access, process, transmit, temporarily cache, and log limited End Customer Data only as necessary to provide, secure, support, troubleshoot, and improve the Services. Customer remains the owner and controller of End Customer Data, and Anchorbase acts only as a service provider/processor with respect to such data.
4. Accounts and Access
You must provide accurate registration information and keep credentials secure. You are responsible for all activity under your account. Anchorbase may log, audit, and monitor usage for security, compliance, and operational purposes and may suspend or terminate access if it suspects misuse, security risks, or legal non-compliance.
5. Fees and Payment
Fees, billing cycles, and payment methods for the Services are set in your order, subscription plan, statement of work, or other written agreement with Anchorbase.
For purposes of this Agreement, "Anchorbase Fees" means software, platform, subscription, implementation, support, or other service fees payable to Anchorbase for use of the Services. Anchorbase Fees do not include payment-processing volume, transaction amounts, interchange, assessments, card brand fees, acquirer or processor fees, gateway fees, pass-through amounts, merchant services fees, chargebacks, refunds, banking fees, or other amounts payable to third parties or not retained by Anchorbase as compensation for the Services.
Anchorbase may adjust pricing or plan features with thirty (30) days' notice. Late payments accrue interest at the maximum rate permitted by law. Anchorbase Fees are exclusive of taxes and non-refundable unless required by law.
6. Service Changes and Termination
6.1 Service Modification
Anchorbase may update, enhance, suspend, or discontinue any feature, API, or component of the Services at any time, with or without notice, and may modify pricing or usage limits upon thirty (30) days' notice. Continued use after such notice constitutes acceptance.
6.2 Termination
Either party may terminate this Agreement for convenience with thirty (30) days' written notice or immediately for material breach. Anchorbase may suspend or terminate access immediately if: (a) you violate these Terms or any law; (b) your use poses a security or reputational risk; or (c) payment is overdue.
6.3 Effect of Termination
Upon termination, your right to use the Services ceases. Anchorbase may delete or deactivate Customer Data thirty (30) days after termination unless retention is required by law. You must cease use and delete Anchorbase Confidential Information. Anchorbase will have no liability for deletion of data following termination.
7. Confidentiality
Each party must protect the other's Confidential Information, use it only to perform this Agreement, and disclose it solely to personnel under equivalent obligations. These obligations survive for two (2) years post-termination.
8. Intellectual Property
All technology, software, documentation, designs, and know-how used to provide the Services are and remain the exclusive property of Anchorbase or its licensors. No ownership rights are transferred; only a limited, revocable licence is granted for lawful internal use. Anchorbase may use aggregated and anonymized data derived from use of the Services for product improvement and analytics.
9. Independent Contractor Status
The parties are independent contractors. Nothing in this Agreement creates a partnership, joint venture, fiduciary, or employment relationship. Except as expressly provided in Section 3.1, neither party is an agent of the other and neither may bind the other.
10. Warranties and Disclaimers
10.1 Warranty
Anchorbase warrants it will perform the Services with reasonable skill and care consistent with industry standards.
10.2 Disclaimer
EXCEPT AS EXPRESSLY STATED, THE SERVICES AND OUTPUTS ARE PROVIDED "AS IS" AND "AS AVAILABLE". ANCHORBASE MAKES NO WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING ACCURACY, RELIABILITY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. SPECIFICALLY, ANCHORBASE DOES NOT WARRANT THAT: (I) THE SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE; (II) DATA SCRAPED OR TRANSFERRED WILL BE ACCURATE; OR (III) THE SERVICES WILL MAINTAIN COMPATIBILITY WITH ANY THIRD-PARTY SYSTEM OF RECORD. YOU ASSUME ALL RISK OF RELIANCE ON AUTOMATED OR SCRAPED DATA.
11. Limitation of Liability
11.1 Exclusion of Damages
TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER ANCHORBASE NOR ITS AFFILIATES SHALL BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES, INCLUDING LOSS OF PROFITS, DATA, REVENUE, BUSINESS, OR GOODWILL, ARISING FROM THIS AGREEMENT OR THE SERVICES, INCLUDING ANY LOSS OF FUNDS, DUPLICATE PAYMENTS, BANKING FEES, OR TRANSACTIONAL ERRORS.
11.2 Liability Cap
ANCHORBASE'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE SERVICES WILL NOT EXCEED THE ANCHORBASE FEES PAID BY CUSTOMER TO ANCHORBASE IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.
12. Indemnification
You agree to defend, indemnify, and hold harmless Anchorbase and its officers, directors, employees, and agents from any claim, loss, or expense, including legal fees, arising out of: (a) your use of the Services; (b) your breach of these Terms; (c) violation of law or third-party rights; (d) data or systems you connect to the Services; or (e) any claim by a Third-Party Platform alleging that your use of the Services violates its terms or results in unauthorized access.
13. General Provisions
13.1 Force Majeure
Neither party shall be liable for delay or failure due to causes beyond reasonable control.
13.2 Amendments
Anchorbase may amend these Terms with at least thirty (30) days' notice.
13.3 Governing Law
These Terms are governed by the laws of the Province of Alberta and the federal laws of Canada applicable therein, and the parties submit to the exclusive jurisdiction of the courts located in Alberta, Canada.
13.4 Entire Agreement
This Agreement constitutes the entire agreement between the parties.
14. SMS and Text Message Consent
By providing your mobile phone number to a merchant that uses Anchorbase's services for payment processing, you are providing your express consent for Anchorbase and the merchant to send you transactional text (SMS) messages related to your payments. These messages may include payment request links, payment confirmations, receipts, and other account-related notifications.
You can cancel this SMS service at any time. To stop receiving messages, text "STOP" to the short code from which you received a message. After you send the "STOP" message to us, we will send you an SMS message to confirm that you have been unsubscribed. After this, you will no longer receive SMS messages from that merchant via Anchorbase. If you want to join again, just sign up as you did the first time and we will start sending SMS messages to you again.
If you are experiencing issues with the messaging program, you can reply with the keyword "HELP" for more assistance, or you can get help directly at support@anchorbase.com.
Carriers are not liable for delayed or undelivered messages. As always, message and data rates may apply for any messages sent to you from us and to us from you. Message frequency will vary depending on your transaction activity. If you have any questions about your text plan or data plan, it is best to contact your wireless provider. Consent to receive these messages is not a condition of any purchase. For all questions about the services provided by this short code, you can send an email to support@anchorbase.com. If you have any questions regarding privacy, please read our privacy policy.
Data Processing Addendum
Anchorbase Inc.
1. Purpose and Limited Scope
This Data Processing Addendum ("DPA") supplements the Agreement between Customer and Anchorbase and applies only to limited data that Anchorbase may access, process, transmit, temporarily cache, or log in connection with providing the Services.
Anchorbase does not host, manage, or process Customer's general personal data, internal employee records, HR records, internal financial records, operational records, or other internal business records, except to the limited extent such information is intentionally provided by Customer or its authorized users for account administration, support, billing, security, or use of the Services.
Anchorbase is not Customer's system of record, customer database, CRM, DMS, ERP, payment processor, financial institution, or permanent repository for End Customer Data.
2. Definitions
For purposes of this DPA, capitalized terms not otherwise defined have the meanings given in the Terms.
"Data Protection Law" means applicable privacy, data protection, and data security laws governing the processing of Personal Data, including PIPEDA and, where applicable, GDPR, CCPA, and substantially similar laws.
"Personal Data", "Controller", "Processor", "Service Provider", and "Processing" have the meanings given under applicable Data Protection Law.
"Customer Account Data" means limited business contact, account, user, login, billing, support, security, and administrative information provided by Customer or its authorized users in connection with the Services.
"End Customer Data" means limited information relating to Customer's customers, clients, account holders, cardholders, or other third parties that may be accessed, transmitted, temporarily cached, logged, or otherwise processed by Anchorbase solely as necessary to perform Customer-configured workflows.
"Payment Metadata" means non-sensitive payment-related data such as payment tokens, transaction identifiers, invoice numbers, receipt details, payment status, payment links, and similar information that does not include full Primary Account Numbers, CVV/CVC codes, PINs, magnetic stripe data, or other sensitive authentication data.
"Operational Logs" means limited technical, security, audit, troubleshooting, and usage logs generated in connection with the operation, security, support, and improvement of the Services.
3. Limited Processing Role
Anchorbase processes Customer Account Data, End Customer Data, Payment Metadata, and Operational Logs only as necessary to provide, secure, support, troubleshoot, maintain, and improve the Services.
Anchorbase does not sell or use End Customer Data as a customer database, marketing list, or permanent system of record. Customer remains the owner and controller of End Customer Data, and Anchorbase acts only as a service provider/processor with respect to such data.
Anchorbase does not retain or store full Primary Account Numbers or sensitive authentication data subject to PCI-DSS beyond the transient processing necessary to provide the Services. Anchorbase may process non-sensitive Payment Metadata, tokens, or transaction identifiers that do not constitute cardholder data.
4. Customer Instructions and Responsibilities
Anchorbase processes applicable data only on Customer's documented instructions, including through Customer's configuration, use of the Services, support requests, account settings, or written directions.
Customer is responsible for ensuring that it has all necessary rights, permissions, notices, consents, and lawful bases required to permit Anchorbase to access, process, transmit, temporarily cache, or log End Customer Data, Payment Metadata, Customer Account Data, and Operational Logs in connection with the Services.
Customer is responsible for the accuracy, quality, legality, and availability of data in Customer's systems of record and Third-Party Platforms.
5. No Sale or Marketing Use of End Customer Data
Anchorbase does not sell End Customer Data.
Anchorbase does not use End Customer Data to build marketing lists, create customer profiles for its own marketing purposes, or independently market to Customer's End Customers.
Anchorbase does not use End Customer Data except as necessary to provide, secure, support, troubleshoot, maintain, and improve the Services, or as otherwise required by law.
6. Security Measures
Anchorbase will implement reasonable technical, organizational, and administrative safeguards designed to protect data processed through the Services against unauthorized access, disclosure, alteration, or destruction.
These safeguards may include, as appropriate to the nature of the Services and the risk involved:
- access controls and role-based permissions;
- authentication controls for administrative access;
- encryption or secure transmission protocols for data in transit;
- credential protection measures;
- logging, monitoring, and audit controls;
- internal confidentiality obligations; and
- incident response procedures.
7. Personnel Confidentiality
Anchorbase will ensure that personnel who are authorized to access data processed through the Services are subject to confidentiality obligations or professional duties of confidentiality.
8. Security Incidents
Anchorbase will notify Customer without undue delay after becoming aware of a confirmed breach of security that results in unauthorized access to, disclosure of, or loss of Personal Data processed by Anchorbase on Customer's behalf.
Anchorbase's notice will include available information reasonably necessary for Customer to assess the Security Incident, except where prohibited by law or where disclosure would compromise security, an investigation, or remediation efforts.
Anchorbase will take reasonable steps to investigate, contain, and remediate Security Incidents involving data processed through the Services.
9. Data Subject Requests
If Anchorbase receives a request from an individual relating to Personal Data controlled by Customer, Anchorbase may direct the individual to Customer.
Taking into account the limited nature of Anchorbase's processing and the information available to Anchorbase, Anchorbase will reasonably assist Customer in responding to data subject access, deletion, correction, or similar requests to the extent required by applicable Data Protection Law.
Customer remains responsible for responding to End Customer requests relating to data contained in Customer's systems of record or Third-Party Platforms.
10. Retention, Deletion, and Logs
Because Anchorbase is not Customer's system of record, Customer remains responsible for retaining authoritative copies of Customer data, End Customer Data, payment records, invoices, receipts, and other records in Customer's own systems of record, payment gateways, processors, ERPs, CRMs, DMSs, or other Third-Party Platforms.
Upon termination of the Agreement, Anchorbase will delete or de-identify retained Personal Data in its possession or control in accordance with its retention practices, unless retention is required by law or reasonably necessary for security, fraud prevention, dispute resolution, backup integrity, audit, or legal compliance.
Temporary caches, support records, backup copies, and Operational Logs may persist for a limited period after termination, but Anchorbase will not use such data for any purpose other than security, support, compliance, dispute resolution, service integrity, or legal obligations.
11. Cross-Border Processing
Customer acknowledges that Anchorbase may process data in Canada, the United States, or other jurisdictions where Anchorbase maintains operations or infrastructure.
Where required by applicable Data Protection Law, Anchorbase will implement appropriate safeguards for cross-border transfers of Personal Data.
12. Compliance with Data Protection Law
Each party will comply with Data Protection Law applicable to its role in connection with the Services.
Customer is responsible for determining whether the Services are appropriate for Customer's intended use and for ensuring that Customer's configuration and use of the Services complies with applicable law, Third-Party Platform terms, and Customer's own privacy notices and policies.
13. Liability
Any liability arising under or in connection with this DPA is subject to the exclusions, limitations, and liability cap set out in the Agreement, including Section 11 of the Terms.
14. Order of Precedence
This DPA controls in the event of conflict with the Terms solely with respect to the processing of Personal Data. The Terms control in all other respects.