PRIVACY POLICY
ARC Business Super-App Platform
Payment Orchestration | HRMS | Accounting | Loyalty | Gift Cards | eSIMs | Mobile Top-Ups
Operated by ARC Synergy FZE LLC | Version 1.0 | Effective Date: 2026 | Governing Law: UAE
YOUR PRIVACY MATTERS — PLAIN LANGUAGE SUMMARY
This Privacy Policy explains what personal and business data ARC collects, why we collect it, who we share it with, and what rights you have over it. ARC is a B2B orchestration platform — we primarily process data about businesses and their authorised representatives, employees (via HRMS), and customers (via payment and loyalty features). We are committed to handling all data responsibly, lawfully, and transparently in accordance with UAE data protection law and applicable GCC regulatory requirements.
TABLE OF CONTENTS
1. About This Policy & Who We Are
2. Scope Who This Policy Applies To
3. What Data We Collect
4. How We Collect Data
5. Why We Use Your Data — Legal Bases & Purposes
6. Data Sharing & Third-Party Disclosures
7. Cross-Border Data Transfers
8. Data Retention
9. Cookies, Tracking & Analytics
10.Employee & HRMS Data
11.Payment, Transaction & Financial Data
12. Digital Products — Gift Cards, eSIMs & Mobile Top-Ups
13.Loyalty & Rewards Data
14.AML / CFT & Regulatory Disclosures
15.Your Rights as a Data Subject
16.Data Security
17.Children’s Privacy
18.Changes to This Policy
19.Contact & Data Queries
1 ABOUT THIS POLICY & WHO WE ARE
This Privacy Policy ("Policy") describes how ARC Synergy FZE LLC ("ARC", "we", "us", "our") collects, uses, stores, shares, and protects personal and business data in connection with the ARC platform (arc360.me) and all related services.
Data Controller
ARC Synergy FZE LLC
Registered Office
Office No. BC-888870, 26th Floor, Amber Gem Tower, Sheikh Khalifa Street, Ajman, UAE (P.O. Box 4848)
Free Zone
Ajman NuVentures Centre Free Zone (Amiri Decree No. 15 of 2023)
Privacy Contact
privacy@arc360.me
Effective Date
2025
Governing Law
UAE Federal Data Protection Laws; Ajman NuVentures Centre Free Zone Regulations; CBUAE Data Standards
ARC operates as a data controller in respect of Business User and authorised representative data. For employee data processed through the HRMS module, ARC acts as a data processor on behalf of the Business User (who is the data controller). This distinction is important and is explained further in Section 10.
2 SCOPE — WHO THIS POLICY APPLIES TO
This Policy applies to:
Business Users — companies, freelancers, and entities registered on the ARC Platform;
Authorised Representatives — directors, officers, and employees of Business Users who interact with ARC directly.
Beneficial Owners — individuals whose identity information is collected as part of KYB/KYC due diligence.
Employees of Business Users — whose data is processed via the ARC HRMS and Payroll modules.
End customers of Business Users whose payment, loyalty, or digital product transaction data is processed through the Platform.
Visitors to arc360.me — individuals who browse the website without registering.
This Policy does not apply to third-party websites, payment gateways, or partner platforms linked from ARC. Those services operate under their own privacy policies.
3 WHAT DATA WE COLLECT
The data we collect depends on how you interact with the Platform. The table below sets out the categories:
Data Category
Examples
Purpose / Legal Basis
Business Identity Data
Trade licence, incorporation certificate, company name, registered address, company type, ownership structure
KYB onboarding; regulatory compliance; contract performance
Individual Identity Data
Full name, passport or Emirates ID copy, date of birth, nationality, photograph (where required)
KYC verification; AML/CFT due diligence; legal basis: regulatory obligation
Contact Data
Email address, telephone number, WhatsApp number, physical address
Account management; service delivery; communications
Financial & Banking Data
Bank account details, IBAN, account holder name, transaction history, settlement records
Payment processing; settlement; financial reporting
Payment Instrument Data
Card type, card fingerprint (tokenised via gateway), billing country, expiry, last four digits
Transaction processing; fraud prevention; chargeback evidence
Transaction Data
Order ID, Payment Intent ID, transaction amount and currency, timestamp, product type, redemption status
Service delivery; audit trail; dispute resolution; regulatory reporting
HRMS & Payroll Data
Employee names, Emirates ID, salary, bank account for WPS, attendance records, leave balances, contract documents
HRMS module; payroll processing; WPS compliance (MoHRE)
Technical & Device Data
IP address, browser type, operating system, device ID, session timestamps, API access logs
Security; fraud detection; platform performance; AML monitoring
Geolocation Data
Country and city derived from IP address at time of transaction
Sanctions screening; fraud prevention; geographic risk assessment
Digital Product Data
Gift card order details, eSIM plan selected, mobile number for top-up, delivery email, activation/redemption status
Digital product fulfilment; delivery confirmation; dispute resolution
Loyalty Data
Customer identifiers, points balance, redemption history, campaign participation
Loyalty programme operation on behalf of Business User
Communications Data
Support ticket content, email correspondence, live chat records, call logs
Customer support; dispute evidence; service improvement
Marketing Preferences
Email opt-in/out status, campaign engagement data
Commercial communications (with consent or legitimate interest)
4 HOW WE COLLECT DATA
4.1 Directly from You
When you register on the Platform, complete KYB/KYC forms, upload documents, make transactions, configure HRMS records, process payroll, contact our support team, or use any feature of the Platform.
4.2 Automatically
When you access the Platform, our servers and third-party tools automatically collect technical data including IP address, device identifiers, session data, and browsing behaviour within the Platform.
4.3 From Third Parties
Payment gateways — transaction confirmation, card data tokens, and fraud scores;
Banking partners — settlement confirmations and account verification results;
Identity verification providers — document verification results and fraud signals;
Sanctions screening databases — watchlist match results;
Public registers — company registry data and regulatory filings;
Card networks (Visa/Mastercard) — chargeback notifications and dispute outcomes;
Network operators — eSIM activation and top-up confirmation data.
5 WHY WE USE YOUR DATA — LEGAL BASES & PURPOSES
ARC processes personal and business data on one or more of the following legal bases:
Contract Performance
To provide, manage, and operate the Platform services you have subscribed to, including payment processing, HRMS, payroll, loyalty, accounting, and digital products.
Legal & Regulatory Obligation
To comply with UAE AML/CFT laws (Federal Law No. 20 of 2018), CBUAE regulations, MoHRE WPS requirements, UAE VAT Law, UAE Labour Law, and applicable GCC financial regulations. This includes KYB/KYC, transaction reporting, and sanctions screening.
Legitimate Interests
To prevent fraud, protect the security and integrity of the Platform, improve our services, manage chargeback risk, conduct analytics, and send relevant commercial communications to existing Business Users (subject to opt-out).
Consent
For marketing communications to prospective users, use of non-essential cookies, and any processing specifically requiring your consent. Consent may be withdrawn at any time without affecting prior processing.
Vital Interests
In exceptional circumstances where processing is necessary to protect life or safety.
6 DATA SHARING & THIRD-PARTY DISCLOSURES
6.1 Categories of Recipients
ARC shares data only where necessary and in accordance with this Policy. Categories of recipients include:
Payment Gateway Partners
Transaction data shared with licensed gateways (e.g. Network International) for payment processing, fraud scoring, and settlement.
Banking & WPS Partners
Account and payroll data shared with licensed UAE banks and CBUAE-approved WPS agents for settlement and salary disbursement.
Card Networks
Transaction and chargeback evidence shared with Visa, Mastercard, and other card networks for dispute resolution and fraud monitoring.
Cross-Border / FX Partners
Originator and beneficiary information shared with licensed MTOs and correspondent banks as required by FATF Travel Rule and applicable AML regulations.
Card Issuers
Cardholder data shared with the CBUAE-licensed issuing partner for prepaid card issuance and management.
Network Operators
Mobile number and plan data shared with eSIM providers and telecom operators for eSIM activation and top-up fulfilment.
Gift Card Distributors
Order data shared with authorised gift card distributors for code issuance and delivery.
Identity Verification Providers
Document images and identity data shared with licensed KYC/KYB verification providers.
Regulatory Authorities
Data disclosed to CBUAE, UAE FIU (goAML), MoHRE, UAE Federal Tax Authority, law enforcement, and any competent GCC regulatory authority upon lawful request or mandatory reporting obligation.
Cloud & Infrastructure
Technical data processed by cloud and CDN providers (e.g. AWS, Cloudflare) under data processing agreements with appropriate safeguards.
Professional Advisors
Legal, audit, and accounting firms under strict confidentiality obligations.
Successors in Business
In the event of a merger, acquisition, or sale of ARC's business, data may be transferred to the acquiring entity subject to equivalent privacy protections.
6.2 No Sale of Personal Data
ARC does not sell, rent, or trade personal data to third parties for their independent marketing or commercial purposes. Data shared with partners is strictly for the purposes set out in this Policy.
7 CROSS-BORDER DATA TRANSFERS
ARC operates primarily in the UAE and GCC. In the course of providing services — particularly cross-border payments, eSIM fulfilment, gift card distribution, and cloud infrastructure — data may be transferred to service providers and partners located outside the UAE.
Where such transfers occur, ARC ensures they are subject to:
Contractual safeguards in the form of data processing agreements incorporating appropriate data protection clauses;
Transfers only to jurisdictions or entities that provide an adequate level of data protection as recognised under applicable UAE law;
Compliance with any CBUAE data localisation requirements applicable to payment and financial data.
Business Users who use cross-border payment services acknowledge that originator and beneficiary data will be transmitted to overseas correspondent banks and payment networks as required by FATF Travel Rule obligations.
8 DATA RETENTION
ARC retains data only for as long as necessary for the purposes set out in this Policy and to meet legal and regulatory retention requirements. The following minimum retention periods apply:
Data Type
Retention Period
Legal Basis
KYB / KYC Identity Documents
5 years from end of business relationship
UAE Federal Law No. 20 of 2018 (AML Law); CBUAE AML/CFT Standards
Transaction & Payment Records
5 years from transaction date
CBUAE regulations; UAE VAT Law (Federal Decree-Law No. 8 of 2017)
WPS & Payroll Records
5 years from date of payroll disbursement
UAE Labour Law (Federal Decree-Law No. 33 of 2021); MoHRE requirements
Cross-Border Transfer Records
5 years from transfer date
FATF Travel Rule; CBUAE AML/CFT Standards
Chargeback & Dispute Evidence
5 years from dispute resolution date
Card network rules; legal proceedings limitation period
STR / AML Reports
10 years from date of report filing
UAE Federal Law No. 20 of 2018, Article 16
Digital Product Order Records
5 years from order date
CBUAE regulations; VAT Law; dispute resolution
HRMS Employee Records
5 years after employment termination
UAE Labour Law; MoHRE requirements
General Account & Contact Data
Duration of relationship + 5 years
Contract performance; regulatory compliance
Marketing & Consent Records
Until consent withdrawn + 2 years
Consent management; audit trail
Technical & Security Logs
12 months (rolling)
Security monitoring; fraud detection; platform integrity
Data may be retained beyond the above periods where required by ongoing legal proceedings, regulatory investigations, or lawful directions from competent authorities.
9 COOKIES, TRACKING & ANALYTICS
9.1 Types of Cookies Used
Strictly Necessary
Session management, authentication, security tokens. These cannot be disabled — they are required for the Platform to function.
Functional
User preferences, language settings, dashboard configurations. Disabled via cookie settings without affecting core functionality.
Analytics
Platform usage patterns, feature engagement, error tracking. Used to improve the Platform. Subject to your cookie consent.
Fraud Prevention
Device fingerprinting and behavioural analytics used to detect and prevent fraudulent transactions. These operate as part of our security infrastructure.
9.2 Managing Cookies
You can manage non-essential cookie preferences via the cookie settings panel on arc360.me. Please note that disabling certain cookies may affect Platform functionality. Browser-level cookie controls may also be used, but do not override cookies set for security and fraud prevention purposes.
9.3 Third-Party Analytics
ARC may use third-party analytics tools (e.g. Google Analytics or equivalent) subject to appropriate data processing agreements. These tools process anonymised or pseudonymised usage data. IP addresses are truncated before processing where technically feasible.
10 EMPLOYEE & HRMS DATA
10.1 ARC as Data Processor
When Business Users process employee data through ARC's HRMS and Payroll modules, ARC acts as a data processor on behalf of the Business User (who is the data controller). ARC processes this data only on the documented instructions of the Business User and for the purposes of providing the HRMS and payroll services.
10.2 Business User Responsibilities
Business Users who use the HRMS module are responsible for:
Establishing a lawful basis for processing employee personal data under applicable UAE law;
Providing employees with appropriate privacy notices informing them that their data is processed on the ARC Platform;
Obtaining any required consents from employees, particularly for sensitive data;
Ensuring the accuracy and completeness of employee data entered into the Platform;
Complying with UAE Labour Law, MoHRE requirements, and applicable free zone employment regulations.
10.3 Special Categories — Employee Data
The HRMS module may process sensitive employee data including medical leave information, salary details, and identity document copies. Business Users must ensure processing of such data is lawful and that appropriate safeguards are in place. ARC implements technical access controls to restrict HRMS data to authorised users only.
10.4 WPS Data
Salary and bank account data submitted for WPS processing is transmitted to a CBUAE-approved WPS agent. Such transmission is a legal requirement under MoHRE WPS regulations. ARC does not retain WPS bank account details beyond what is necessary for the relevant payroll cycle, subject to minimum retention requirements under UAE Labour Law.
11 PAYMENT, TRANSACTION & FINANCIAL DATA
Payment card data is processed through PCI DSS-compliant payment gateway partners. ARC does not store full card numbers, CVV codes, or unencrypted card data on its own servers. Card data is tokenised by the gateway at the point of entry.
Transaction metadata — including Payment Intent IDs, Charge IDs, IP addresses, device fingerprints, and timestamps — is retained by ARC as part of its fraud prevention, AML monitoring, and dispute resolution infrastructure. This data forms part of ARC's evidence pack in the event of a chargeback or regulatory inquiry.
Settlement and financial account data is shared with licensed banking partners for the purpose of disbursing settlement funds to Business Users. ARC does not share settlement bank account details with any party other than the relevant banking partner.
12 DIGITAL PRODUCTS — GIFT CARDS, ESIMS & MOBILE TOP-UPS
When Business Users or their customers purchase digital products through the ARC Platform, the following data is collected and processed:
Gift Cards
Order ID, product type and denomination, delivery email address, gift card code (encrypted at rest), delivery timestamp, redemption status. Shared with the authorised gift card distributor for code issuance.
eSIMs
Order ID, selected data plan, ICCID/EID of the eSIM profile, delivery email, activation status and timestamp. Shared with the eSIM provider for profile provisioning and activation.
Mobile Top-Ups
Order ID, mobile number (recipient), network operator, top-up amount and currency, delivery confirmation timestamp. Shared with the relevant network operator or aggregator for top-up fulfilment.
Digital product order data is retained for a minimum of five (5) years for dispute resolution, VAT compliance, and AML audit purposes. Delivery and redemption confirmation data may be submitted as evidence in the event of a payment dispute or chargeback.
Mobile numbers collected for top-up purposes are used solely to process the requested top-up. They are not used for marketing without separate consent and are not shared with parties other than the relevant network operator or aggregator.
13 LOYALTY & REWARDS DATA
ARC processes end-customer loyalty data on behalf of Business Users as a data processor. This data includes customer identifiers (email, phone, or loyalty card number), points balances, redemption history, and campaign participation records.
Business Users are responsible for ensuring their customers are aware that loyalty programme data is processed through the ARC Platform and for obtaining any required consents from end customers under applicable consumer protection and data protection law.
Loyalty data is retained for the duration of the Business User's subscription and for a period of two (2) years thereafter, unless a longer period is required for dispute resolution or regulatory purposes.
14 AML / CFT & REGULATORY DISCLOSURES
ARC is subject to UAE Federal Law No. 20 of 2018 on Anti-Money Laundering and Counter-Financing of Terrorism and related CBUAE regulations. In fulfilment of these obligations, ARC:
Collects and verifies identity information for all Business Users and beneficial owners as part of KYB/KYC;
Screens all customers and transactions against UAE, UN, EU, US OFAC, and UK sanctions lists;
Monitors transactions for suspicious patterns and files Suspicious Transaction Reports (STRs) with the UAE Financial Intelligence Unit (FIU) via the goAML portal where required;
Retains AML-related records for a minimum of ten (10) years as required by Article 16 of the AML Law;
Cooperates fully with UAE law enforcement, the CBUAE, and other competent authorities in connection with financial crime investigations.
IMPORTANT — TIPPING OFF PROHIBITION
UAE Federal Law No. 20 of 2018 prohibits ARC from informing a Business User or any other party that a Suspicious Transaction Report has been filed, or that they are under investigation in connection with money laundering or terrorist financing. If ARC is unable to respond to a query about account activity for this reason, we are legally prohibited from explaining why. This is a statutory obligation and not a discretionary policy.
15 YOUR RIGHTS AS A DATA SUBJECT
Subject to applicable UAE law and regulatory limitations, individuals whose personal data is processed by ARC have the following rights:
Right of Access
Request a copy of the personal data ARC holds about you and information about how it is processed.
Right to Rectification
Request correction of inaccurate or incomplete personal data. Note: changes to KYB/KYC data may require re-verification.
Right to Erasure
Request deletion of your personal data where there is no lawful reason for continued retention. This right is subject to overriding legal and regulatory retention obligations (e.g. AML, VAT, WPS records).
Right to Restriction
Request that ARC restrict processing of your data in certain circumstances, e.g. while accuracy is contested.
Right to Data Portability
Request that ARC provide your data in a structured, commonly used format where technically feasible and where processing is based on consent or contract.
Right to Object
Object to processing based on legitimate interests, including direct marketing. ARC will cease marketing communications upon receipt of an opt-out request.
Right to Withdraw Consent
Where processing is based on consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
Right to Lodge a Complaint
You have the right to lodge a complaint with the relevant UAE data protection authority or the CBUAE Consumer Protection Department.
To exercise any of these rights, submit a written request to privacy@arc360.me with proof of identity. ARC will respond within thirty (30) days. Where requests are complex or numerous, ARC may extend this period by a further thirty (30) days with prior notice.
Important limitations: Rights to erasure and restriction are subject to ARC's overriding obligations under UAE AML Law, CBUAE regulations, UAE VAT Law, and UAE Labour Law. Data retained for regulatory compliance cannot be deleted on request during the applicable mandatory retention period.
16 DATA SECURITY
ARC implements a layered security programme designed to protect personal and business data against unauthorised access, disclosure, alteration, and destruction. Key measures include:
Encryption of data in transit using TLS 1.2 or higher across all Platform connections;
Encryption of sensitive data at rest, including identity documents, financial records, and employee data;
Role-based access controls (RBAC) ensuring that employees access only the data necessary for their role;
Multi-factor authentication (MFA) for administrative and privileged access to Platform systems;
Regular vulnerability assessments, penetration testing, and security patching;
Payment Card Industry Data Security Standard (PCI DSS) compliance through certified gateway partners;
Incident response and data breach notification procedures consistent with applicable UAE law.
In the event of a data breach that poses a risk to individuals, ARC will notify affected parties and relevant regulatory authorities in accordance with applicable UAE notification requirements. Business Users are responsible for securing their own Platform credentials and promptly reporting suspected breaches to security@arc360.me.
17 CHILDREN’S PRIVACY
The ARC Platform is designed exclusively for business use and is not directed at individuals under the age of 18. ARC does not knowingly collect personal data from minors. If we become aware that personal data of a minor has been submitted to the Platform, we will take prompt steps to delete it. If you believe a minor's data has been submitted, please contact privacy@arc360.me immediately.
18 CHANGES TO THIS POLICY
ARC may update this Privacy Policy from time to time to reflect changes in our services, applicable law, or regulatory requirements. Updated versions will be posted at arc360.me/privacy with the revised effective date noted.
For material changes — particularly those affecting how we use data, who we share it with, or individuals' rights — ARC will provide not less than thirty (30) days' prior notice via email to registered Business Users. Continued use of the Platform after the effective date of any revised Policy constitutes acceptance of the updated terms.
19 CONTACT & DATA QUERIES
For any privacy-related queries, data subject rights requests, or concerns about how ARC handles your data, please contact:
Privacy & Data Protection
info@arc360.me
Security / Breach Reports
info@arc360.me
AML / Compliance
info@arc360.me
General Legal
legal@arc360.me
Registered Address
ARC Synergy FZE LLC, Office No. BC-888870, 26th Floor, Amber Gem Tower, Sheikh Khalifa Street, Ajman, UAE (P.O. Box 4848)
Response Time
30 days for data subject requests; 48 hours for urgent security or breach notifications
Regulatory Complaints
CBUAE Consumer Protection Department: consumerprotection@centralbank.ae
ACCEPTANCE
By registering for, accessing, or using the ARC Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, processing, and use of your data as described herein, to the extent required by applicable UAE law.
ARC Synergy FZE LLC | Ajman NuVentures Centre Free Zone | arc360.me | Privacy Policy v1.0 — 2025
TERMS OF USE
ARC Business Super-App Platform
Payment Orchestration | HRMS | Accounting | Loyalty | Financial Services
Operated by ARC Synergy FZE LLC Version 1.0 | Effective Date: 2026 | Governing Law: UAE
IMPORTANT — PLEASE READ CAREFULLY
By registering for, accessing, or using the ARC Platform, you acknowledge that you have read, understood, and agree to be legally bound by these Terms of Use ("Terms"). These Terms constitute a binding legal agreement between you (the Business User, Merchant, or Partner) and ARC Synergy FZE LLC. If you do not agree with any part of these Terms, you must cease using the Platform immediately.
TABLE OF CONTENTS
1. General & Definitions
2. Eligibility & Onboarding (KYB / KYC)
3. Platform Description & Services
4. Account Responsibilities
5. Payment Services & Transaction Processing
6. Payment Orchestration & Gateway Rules
7. HRMS, Payroll & WPS Compliance
8. Loyalty & Rewards Programme
9. Accounting & Financial Reporting Module
10.Cross-Border Payments & FX — GCC Market Rules
11.Prepaid & Stored-Value Instruments
12.Fees, Billing & Settlement
13.Prohibited Conduct & AML / CFT Compliance
14.Data Protection, Privacy & Security
15.Intellectual Property
16.Third-Party Integrations & Partners
17.Disclaimer of Warranties & Limitation of Liability
18.Dispute Resolution & Governing Law
19.Amendments, Severability & Notices
20.Contact Information
1 GENERAL & DEFINITIONS
1.1 About ARC
ARC (arc360.me) is a Business Super-App operated by ARC Synergy FZE LLC, a company incorporated on 14 October 2025 under Amiri Decree No. 15 of 2023 at Ajman NuVentures Centre Free Zone, with its registered office at Office No. BC-888870, 26th Floor, Amber Gem Tower, Sheikh Khalifa Street, Ajman, United Arab Emirates (P.O. Box 4848).
ARC enables small and medium businesses ("SMEs") across the UAE, GCC, and broader MENA region to manage payments, human resources, payroll, loyalty programmes, accounting, and financial services through a single integrated platform.
1.2 Key Definitions
Term
Definition
"Platform"
The ARC web application, mobile application, APIs, dashboard, and all related services accessible via arc360.me.
"Business User" / "You"
Any individual, company, freelancer, or entity that registers for and uses the Platform for business purposes.
"Merchant"
A Business User who accepts payments through ARC's payment orchestration layer.
"Partner"
A licensed financial institution, payment gateway, HRMS provider, or technology integrator connected to the ARC ecosystem.
"Transaction"
Any payment, transfer, refund, settlement, payroll disbursement, or financial instruction processed through the Platform.
"Settlement"
The transfer of net funds to a Business User's nominated bank account after deduction of applicable fees.
"Wallet"
An ARC-managed digital store of value assigned to a Business User for the purpose of facilitating payments and disbursements on the Platform.
"WPS"
Wage Protection System — the UAE Ministry of Human Resources and Emiratisation (MoHRE) payroll compliance framework.
"KYB"
Know Your Business — the due diligence process applied to Business Users before Platform access is granted.
"KYC"
Know Your Customer — identity verification applied to individuals and beneficial owners of Business Users.
"AML / CFT"
Anti-Money Laundering and Counter-Financing of Terrorism — compliance obligations under UAE Federal Law No. 20 of 2018 and CBUAE regulations.
"FX"
Foreign exchange — the conversion of funds between currencies facilitated through ARC or its licensed FX Partners.
"Prepaid Instrument"
A prepaid card, stored-value card, or e-money instrument issued or managed through the ARC Platform (subject to regulatory approval).
"Loyalty Points"
Non-monetary reward credits issued under the ARC Loyalty module to customers of Business Users.
"Chargeback"
A reversal of a payment transaction initiated by a cardholder through their issuing bank via the card network dispute process.
"Regulatory Authority"
The Central Bank of the UAE (CBUAE), UAE Ministry of Human Resources and Emiratisation (MoHRE), UAE Ministry of Finance, and any other competent authority with jurisdiction over the relevant service.
2 ELIGIBILITY & ONBOARDING (KYB / KYC)
2.1 Eligibility Criteria
To access and use the Platform, you represent and warrant that you:
Are a duly registered and licensed business entity or an individual legally permitted to conduct commercial activities in the UAE or applicable GCC jurisdiction;
Are 18 years of age or older (or of legal contracting age in your jurisdiction);
Hold all required commercial licences, permits, and regulatory approvals applicable to your business activities;
Are not subject to any trade sanctions, asset freezes, or restrictions imposed by the UAE, UN, EU, US OFAC, or UK OFSI;
Are not a Politically Exposed Person (PEP) or beneficial owner of a PEP-controlled entity, without prior disclosure and enhanced due diligence approval;
Will use the Platform solely for lawful business purposes and in accordance with these Terms.
2.2 KYB / KYC Onboarding
All Business Users must complete ARC's onboarding verification process before accessing payment, payroll, or financial services features. Required documentation includes:
Valid commercial trade licence or free zone incorporation certificate;
Memorandum and Articles of Association (or equivalent constitutional document);
Proof of registered address (utility bill, tenancy contract, or official letter not older than 3 months);
Government-issued identity documents for all directors and beneficial owners holding 25% or more of the entity;
Bank account details in the name of the registered business;
Any sector-specific licences (e.g. financial services, healthcare, F&B) as applicable.
ARC reserves the right to request additional documentation at any time, including on a periodic review basis, as part of ongoing due diligence obligations. Access may be suspended pending completion of enhanced due diligence (EDD) reviews.
2.3 Restricted Businesses
The following business categories are prohibited from using the Platform:
Unlicensed money service businesses, hawala operators, or informal value transfer schemes;
Entities engaged in the manufacture, sale, or distribution of weapons, ammunition, or military equipment without applicable government licences;
Gambling, gaming, or lottery operations not licensed by the relevant UAE authority;
Adult entertainment or explicitly sexual content businesses;
Entities on any UAE, UN, or international sanctions list;
Cryptocurrency exchanges, token issuers, or virtual asset service providers (VASPs) not licensed by the Virtual Assets Regulatory Authority (VARA) or CBUAE;
Any business whose activities are illegal under UAE Federal Law or the law of the Emirate of Ajman.
3 PLATFORM DESCRIPTION & SERVICES
3.1 Core Service Modules
The ARC Platform provides the following integrated service modules, each subject to the specific provisions in the relevant section of these Terms:
Payment Orchestration
Multi-gateway payment acceptance, intelligent routing, failover management, and settlement — Section 5 & 6.
HRMS & Payroll
Employee records, attendance, leave management, payroll processing, and WPS-compliant salary disbursement — Section 7.
Loyalty & Rewards
Customer loyalty points, cashback campaigns, discount management, and marketing automation — Section 8.
Accounting
Invoice generation, expense tracking, financial reporting, VAT summaries, and payment reconciliation — Section 9.
Cross-Border / FX
International payment facilitation, multi-currency processing, and FX conversion via licensed Partners — Section 10.
Prepaid Instruments
Multi-currency prepaid cards and WPS salary cards issued or managed in partnership with licensed issuers — Section 11.
Merchant Dashboard
Unified analytics, transaction monitoring, employee management, and financial reporting interface.
Gift Cards
Purchase and redemption of digital gift cards from third-party brands and merchants, delivered electronically to registered Business Users and their customers.
eSIMs & Mobile Top-Ups
Procurement and distribution of eSIM data plans and mobile airtime top-ups across supported network operators globally, delivered digitally via the Platform.
3.2 Service Availability
ARC endeavours to maintain Platform availability 24/7 but does not guarantee uninterrupted access. Scheduled maintenance, regulatory requirements, force majeure events, or technical failures may result in temporary service interruptions. ARC will provide reasonable advance notice of planned downtime where possible.
3.3 Beta & Preview Features
Certain features may be made available in beta or preview status. These are provided without warranty and may be modified, suspended, or withdrawn at any time. Business Users accessing beta features do so at their own risk.
3.4 — Digital Products: Gift Cards, eSIMs & Mobile Top-Ups
ARC facilitates the sale and distribution of digital gift cards, eSIM data plans, and mobile airtime top-ups to Business Users and their end customers. The following apply to all digital product transactions:
All digital products are delivered electronically. No physical delivery is made or implied.
Delivery is automated upon payment confirmation to the registered email or phone number.
Gift card codes and eSIM activation credentials are unique, single-use, and linked to the originating Order ID.
Validity periods, data caps, geographic restrictions, and network compatibility for eSIMs and top-ups are set by the issuing operator or brand and are outside ARC's control.
ARC acts as a marketplace intermediary for these products and does not manufacture, operate, or take responsibility for the underlying services of the issuing brand or network operator.
All digital product sales are final once delivered. Claims of non-receipt must be raised within 48 hours with Order ID and registered delivery contact.
4 ACCOUNT RESPONSIBILITIES
You are solely responsible for:
Maintaining the security and confidentiality of your login credentials, API keys, and any authentication tokens issued to your account;
All activities conducted under your account, whether by your employees, contractors, or any other person you permit access;
Ensuring all registration, business, and payment information provided to ARC is accurate, complete, and kept up to date;
Promptly notifying ARC of any suspected unauthorised access, security breach, or compromise of your account at info@arc360.me;
Maintaining compliance with all applicable laws and regulations in your jurisdiction of operation;
Retaining your own records of transactions for VAT, audit, and regulatory purposes in accordance with UAE Federal Law No. 8 of 2017 (VAT Law) and applicable retention requirements.
Account Suspension / Termination: ARC reserves the right to suspend or permanently terminate any account where it detects or suspects: (a) fraudulent activity, (b) AML/CFT red flags, (c) breach of these Terms, (d) provision of false identity or business information, (e) chargebacks exceeding acceptable thresholds, or (f) conduct inconsistent with applicable law or regulatory requirements. Termination may occur without prior notice where fraud, money laundering, or regulatory non-compliance is suspected.
5 PAYMENT SERVICES & TRANSACTION PROCESSING
5.1 Payment Acceptance
ARC enables Business Users to accept payments from customers via credit cards, debit cards, digital wallets, bank transfers, and other payment methods supported by ARC's integrated payment gateway partners. Acceptance of specific payment methods is subject to the capabilities of the relevant gateway and applicable regulatory permissions.
5.2 Transaction Records
ARC maintains comprehensive transaction logs including: Payment Intent ID, Charge ID, Transaction ID, merchant ID, customer identifiers, IP address at time of transaction, card fingerprint, device metadata, transaction amount and currency, and settlement status. These records are retained for a minimum of five (5) years and may be provided to regulatory authorities or card networks upon lawful request.
5.3 Refunds
Business Users are responsible for processing refunds to their customers in accordance with their own refund policies. ARC provides the technical facility to process refunds via the Platform dashboard. Refunds may be subject to the original payment gateway's processing timelines (typically 5–10 business days). ARC's fees for processed transactions are non-refundable unless a refund is due to a platform-side processing error.
5.4 Chargebacks & Disputes
Business Users acknowledge that chargebacks may be initiated by cardholders through their issuing bank. ARC will notify the affected Business User upon receipt of a chargeback and provide a reasonable period to submit rebuttal evidence. ARC may, at its discretion, submit comprehensive evidence on behalf of the Business User including transaction logs, delivery confirmations, IP data, and usage records.
Where chargebacks exceed thresholds set by card networks (Visa VDMP / Mastercard MDMP), ARC reserves the right to adjust processing terms, require additional security deposits, or terminate payment processing services. Business Users are liable for all chargeback amounts, card network fees, and ARC administrative costs arising from disputes.
5.5 Transaction Limits & Velocity Controls
ARC applies transaction limits, velocity controls, and risk-scoring mechanisms consistent with its obligations under CBUAE regulations and card network rules. Limits may be adjusted based on your business profile, processing history, and risk assessment. ARC will notify Business Users of material changes to applicable limits.
6 PAYMENT ORCHESTRATION & GATEWAY RULES
6.1 Intelligent Routing
ARC's payment orchestration layer routes transactions across multiple integrated payment gateways to optimise authorisation rates, minimise fees, and ensure continuity of service. Routing decisions are made algorithmically based on factors including gateway availability, transaction currency, card type, and geographic origin. Business Users may request preferred routing configurations subject to commercial arrangement.
6.2 Gateway Partners
ARC integrates with licensed payment gateway partners including Network International and other CBUAE-regulated or globally recognised processors. Each gateway partner operates under its own licensing, terms, and card network agreements. Transactions processed via a specific gateway are subject to that gateway's operating rules and applicable card network regulations (Visa, Mastercard, etc.).
6.3 Failover & Redundancy
In the event of gateway unavailability or elevated decline rates, ARC's orchestration layer automatically re-routes to an available gateway. This failover mechanism is designed to maximise uptime but does not guarantee 100% transaction success. ARC is not liable for losses arising from gateway outages beyond its reasonable control.
6.4 Prohibited Transaction Categories
The following transaction types are strictly prohibited through the ARC payment infrastructure:
Payments related to sanctioned entities, persons, or jurisdictions;
Cash advances, money transfers disguised as goods/services transactions, or round-tripping of funds;
Transactions designed to circumvent AML/CFT monitoring or transaction reporting thresholds;
Payments for unlicensed financial services, illegal gambling, or prohibited goods under UAE law;
Any transaction that would violate applicable card network operating rules.
7 HRMS, PAYROLL & WPS COMPLIANCE
7.1 HRMS Module
ARC's HRMS module provides tools for employee record management, attendance tracking, leave management, document storage, HR letters, and organisational structuring. Business Users are responsible for ensuring the accuracy of all employee data entered into the system and for maintaining compliance with UAE Labour Law (Federal Decree-Law No. 33 of 2021) and applicable free zone employment regulations.
7.2 Payroll Processing
ARC facilitates payroll processing including salary calculations, deductions, allowances, and net-pay disbursements. Business Users are solely responsible for: (a) verifying payroll figures before authorizing disbursement; (b) ensuring compliance with applicable minimum wage requirements; (c) accurate computation of end-of-service gratuity (EOSG) in accordance with UAE Labour Law; and (d) maintaining payroll records for a minimum of five (5) years.
7.3 WPS Compliance
Where Business Users opt to use ARC for Wage Protection System (WPS) salary disbursements, ARC will facilitate the transmission of salary information and payments through a CBUAE-approved WPS agent in accordance with MoHRE requirements. Business Users must:
Ensure all employees are correctly registered under the applicable WPS employer code;
Submit WPS-compliant payroll files in the format prescribed by MoHRE;
Fund the payroll wallet no later than the business day prior to the WPS salary due date;
Comply with WPS submission deadlines — typically by the last calendar day of the month for monthly payroll cycles;
Retain WPS confirmation receipts for audit purposes.
ARC's WPS facilities are contingent upon the availability of a compliant banking partner and applicable regulatory approvals. ARC does not assume liability for WPS penalties, fines, or MoHRE enforcement actions arising from Business User non-compliance.
7.4 Employee Data
Employee personal data processed through the HRMS module is subject to ARC's Privacy Policy and applicable UAE data protection regulations. Business Users act as data controllers for their employees' personal data and are responsible for obtaining all necessary consents and providing required notices to employees.
8 LOYALTY & REWARDS PROGRAMME
8.1 Programme Setup
Business Users may configure customer loyalty programmes through the ARC Loyalty module, including points-based rewards, cashback schemes, discount campaigns, and tier-based incentives. ARC provides the technological infrastructure; Business Users are responsible for defining the programme rules, point values, expiry policies, and terms communicated to their customers.
8.2 Loyalty Points — Not Legal Tender
Loyalty Points issued through the ARC Platform are promotional credits and do not constitute electronic money, stored value, currency, or any financial instrument under UAE law. Points have no cash value, are non-transferable between customers, are not redeemable for cash, and expire in accordance with the terms set by the Business User. ARC is not responsible for any financial exposure arising from a Business User's loyalty programme obligations to its customers.
8.3 Programme Compliance
Business Users must ensure their loyalty programmes comply with UAE Federal Law No. 15 of 2020 (Consumer Protection Law), applicable advertising regulations, and any sector-specific rules. Programmes that constitute unlicensed money transmission or involve monetary guarantees require prior regulatory clearance.
9 ACCOUNTING & FINANCIAL REPORTING MODULE
9.1 Scope
ARC's Accounting module provides tools for invoice generation, expense tracking, financial statement preparation, VAT reporting, and payment reconciliation. These tools are provided as operational aids; they do not constitute professional accounting, auditing, or tax advisory services.
9.2 VAT Compliance
Business Users remain solely responsible for ensuring their VAT obligations under UAE Federal Decree-Law No. 8 of 2017 (VAT Law) and its Executive Regulations are met. ARC's VAT reporting tools are designed to assist with record-keeping but do not constitute a VAT compliance guarantee. Business Users should engage qualified tax advisors for VAT filing, registration, and audit purposes.
9.3 Disclaimer
Financial data displayed in the ARC Accounting module is derived from transactions processed through the Platform. Business Users are responsible for reconciling ARC data with their own banking records and maintaining complete books of account as required by UAE Commercial Companies Law and applicable free zone regulations.
10 CROSS-BORDER PAYMENTS & FX — GCC MARKET RULES
10.1 Regulatory Framework
Cross-border payment services facilitated through ARC are subject to:
UAE Central Bank (CBUAE) regulations including the Retail Payment Services and Card Schemes (RPSC) Regulation 2021 and applicable licensing requirements;
GCC cross-border payment regulations in the relevant recipient country (including Oman's CBO regulations, Saudi Arabia's SAMA rules, and Bahrain's CBB Payment Services framework);
FATF Recommendation 16 (the "Travel Rule”) originator and beneficiary information requirements for wire transfers above applicable thresholds;
UAE Cabinet Decision No. 74 of 2020 on Beneficial Ownership — applicable to legal entity customers;
Any bilateral payment settlement agreements applicable to the relevant currency corridor.
10.2 Execution of Cross-Border Transactions
ARC facilitates international payments in partnership with licensed money transfer operators (MTOs), correspondent banking partners, and global payment networks. Execution times, exchange rates, and fees vary by corridor and are disclosed prior to transaction confirmation. Exchange rates are indicative until execution and may differ from quoted rates due to market movements.
10.3 FX Rate & Spread Disclosure
Where ARC or its Partners apply a foreign exchange conversion, the applicable rate includes a spread above the mid-market rate. This spread constitutes part of ARC's or the Partner's commercial return and is disclosed as part of the fee summary presented to Business Users before transaction authorisation. Business Users accept the disclosed rate at the point of confirmation.
10.4 Screening
All cross-border transactions are screened against UAE, UN, EU, US OFAC, and UK sanctions lists before processing. Transactions that match or partially match a sanctioned entity, jurisdiction, or designated person will be blocked and reported to the relevant UAE authority in accordance with applicable AML/CFT obligations. ARC will not be liable for delays or losses arising from mandatory sanctions screening holds.
10.5 Reporting Obligations
Cross-border transactions above thresholds specified by the CBUAE or Financial Intelligence Unit (FIU) are subject to mandatory reporting. Business Users authorise ARC to make such reports where legally required. Business Users must not structure transactions to avoid reporting thresholds — doing so constitutes a criminal offence under UAE Federal Law No. 20 of 2018.
10.6 GCC-Specific Corridor Rules
The following additional rules apply to specific GCC corridors:
Saudi Arabia (SAR): SAMA prohibits unlicensed remittance; all SAR transfers are routed via SAMA-compliant licensed correspondents.
Oman (OMR): Transfers to or from Oman are subject to Central Bank of Oman (CBO) oversight and may be subject to additional documentation for business transfers above OMR 5,000.
Kuwait (KWD): Central Bank of Kuwait (CBK) rules apply; enhanced due diligence is required for business transfers above applicable thresholds.
Qatar (QAR): Qatar Central Bank (QCB) regulations apply to all inbound transfers from Qatar Free Zones and QFC-licensed entities.
Bahrain (BHD): CBB-regulated payment service providers must be used for BHD-denominated transfers; BFPS network rules apply.
11 PREPAID & STORED-VALUE INSTRUMENTS
11.1 Regulatory Status
Prepaid cards and stored-value instruments (including Multi-Currency Travel Cards and WPS Salary Cards) available through the ARC Platform are issued by a CBUAE-licensed issuing partner. ARC acts as the programme manager and platform provider; it does not itself hold a payment institution licence for card issuance. Cardholders' rights and obligations are governed by the Card Issuer's cardholder agreement.
11.2 Accepted Use
Prepaid instruments issued through the ARC Programme may be used for:
Payment of goods and services at merchants accepting Visa/Mastercard;
ATM cash withdrawals subject to daily limits and applicable fees;
Multi-currency transactions at published exchange rates;
WPS-compliant salary disbursements to employees.
11.3 Prohibited Use
Prepaid instruments must not be used for:
Funding of gambling or lottery accounts;
Purchase of cryptocurrency or virtual assets;
Any transaction that would violate UAE law or applicable card network rules;
Money laundering, terrorist financing, or sanction evasion.
11.4 Safeguarding of Funds
Funds loaded onto ARC-managed prepaid instruments are held in segregated accounts with the licensed issuing partner in accordance with CBUAE safeguarding requirements. These funds are not ARC's assets and are protected in the event of ARC's insolvency.
12 FEES, BILLING & SETTLEMENT
12.1 Fee Schedule
ARC charges fees for Platform services as set out in the applicable commercial agreement, service schedule, or fee schedule provided to Business Users at onboarding and updated from time to time. Fee categories may include:
Transaction processing fees (percentage and/or fixed per transaction);
SaaS subscription fees for HRMS, Accounting, and Loyalty modules;
Cross-border transfer fees and FX spread;
Chargeback handling fees;
Prepaid card issuance and maintenance fees;
Setup, integration, and API access fees where applicable.
12.2 Settlement
Net settlement proceeds are disbursed to the Business User's nominated bank account on the schedule set out in the applicable commercial agreement, typically on a T+1 or T+2 basis subject to the gateway partner's settlement cycle. ARC reserves the right to hold settlement where: (a) a fraud investigation is ongoing; (b) chargeback exposure exceeds reserves; or (c) regulatory or legal requirements require a hold.
12.3 Reserve Requirements
ARC may require Business Users in higher-risk categories to maintain a rolling reserve or security deposit to cover potential chargebacks, reversals, or regulatory penalties. Reserve amounts and release schedules will be communicated in the applicable commercial agreement.
12.4 VAT on Fees
ARC's fees are subject to UAE VAT at 5% in accordance with Federal Decree-Law No. 8 of 2017. Tax invoices will be issued in accordance with UAE VAT regulations.
13 PROHIBITED CONDUCT & AML / CFT COMPLIANCE
13.1 Prohibited Activities
The following activities are strictly prohibited on the ARC Platform:
Using the Platform to process transactions on behalf of unlicensed third parties (i.e., acting as an unregistered payment facilitator);
Structuring transactions to evade reporting thresholds or AML/CFT monitoring;
Processing payments for sanctioned entities, jurisdictions, or prohibited goods;
Using the payroll module to disburse funds to fictitious employees or non-existent workers;
Providing false or misleading information during KYB/KYC onboarding or periodic review;
Using the Platform to facilitate fraud, theft, or any other criminal activity;
Reverse-engineering, scraping, or attempting to compromise the Platform's security infrastructure.
13.2 AML / CFT Obligations
ARC operates an AML/CFT programme in accordance with UAE Federal Law No. 20 of 2018 (AML Law), Cabinet Decision No. 10 of 2019, and CBUAE AML/CFT Standards. This programme includes:
Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) for high-risk Business Users;
Ongoing transaction monitoring and suspicious activity detection;
Filing of Suspicious Transaction Reports (STRs) with the UAE Financial Intelligence Unit (FIU / goAML portal) where required;
Sanctions screening against OFAC, UN, EU, and UAE local sanctions lists;
Record retention for a minimum of five (5) years from the end of a business relationship.
Business Users are required to cooperate fully with ARC's AML/CFT programme, including providing timely responses to CDD requests and disclosing any material change in ownership, control, or business activities.
LEGAL NOTICE — AML / CFT CONSEQUENCES
Any Business User found to be using the ARC Platform in violation of UAE Federal Law No. 20 of 2018 (AML Law) or applicable CFT regulations faces: immediate account termination; mandatory reporting to the UAE FIU and relevant law enforcement authorities; civil recovery of all funds processed in violation; and criminal liability under UAE law including potential imprisonment and fines. ARC will cooperate fully with any law enforcement or regulatory investigation.
14 DATA PROTECTION, PRIVACY & SECURITY
14.1 Data We Collect
In connection with Business User onboarding and Platform use, ARC collects and processes:
Business and entity information: trade licence, incorporation documents, ownership structure, UBO details;
Individual identity data: names, passport/Emirates ID copies, photographs (where required for KYC);
Financial data: bank account details, transaction records, settlement history;
Technical data: IP addresses, device identifiers, login timestamps, API access logs;
Communication data: emails, support tickets, and correspondence with ARC.
14.2 Purpose of Data Use
Data is processed for: platform operation and service delivery; KYB/KYC verification and ongoing due diligence; fraud prevention, AML/CFT compliance, and regulatory reporting; dispute resolution and evidence submission; platform security and abuse prevention; and commercial communications (subject to opt-out). Data may be shared with licensed gateway partners, banking correspondents, card networks, regulatory authorities, and law enforcement where required by law.
14.3 Data Retention
Transaction records, KYB/KYC documentation, and identity data are retained for a minimum of five (5) years from the end of the business relationship, or longer as required by applicable UAE law, regulatory direction, or ongoing legal proceedings.
14.4 Cross-Border Data Transfers
ARC may transfer data to service providers and partners located outside the UAE, including within the GCC and to jurisdictions with adequate data protection frameworks. Such transfers are subject to appropriate safeguards consistent with applicable UAE data protection regulations.
14.5 Security
ARC applies commercially reasonable technical and organisational security measures including encryption at rest and in transit, access controls, multi-factor authentication, and regular security assessments. Business Users are responsible for securing their own access credentials and systems. ARC is not liable for security breaches arising from Business User negligence.
15 INTELLECTUAL PROPERTY
"ARC", "arc360.me", the ARC logo, and all associated brand identity, user interface designs, software, APIs, algorithms, and proprietary content are the exclusive intellectual property of ARC Synergy FZE LLC. All rights reserved.
Business Users are granted a limited, non-exclusive, non-transferable, revocable licence to use the Platform for their legitimate business purposes during the term of their agreement with ARC. This licence does not include the right to: sub-licence, resell, or white-label the Platform without a separate written agreement; copy, reproduce, or create derivative works from ARC's software, documentation, or brand assets; or reverse-engineer, decompile, or disassemble any part of the Platform.
Any feedback, suggestions, or improvement proposals submitted by Business Users may be used by ARC without restriction or compensation.
16 THIRD-PARTY INTEGRATIONS & PARTNERS
The ARC Platform integrates with third-party services to deliver its full functionality. Your use of these services is subject to the applicable partner's own terms:
Payment Gateways
Network International, and other CBUAE-regulated processors — subject to gateway-specific operating rules and card network agreements.
Banking Partners
Licensed UAE and GCC banks providing settlement accounts, WPS agent services, and correspondent banking — subject to each bank's terms.
FX & Cross-Border Partners
Licensed MTOs and global payment networks — subject to MTO-specific terms and applicable regulatory frameworks.
Card Issuers
CBUAE-licensed prepaid card issuers — subject to the Cardholder Agreement and applicable card network rules.
Cloud Infrastructure
AWS, Cloudflare, or equivalent providers — subject to their respective terms of service and security standards.
Payroll & WPS Agents
CBUAE-approved WPS agents — subject to MoHRE operating rules and agent-specific terms.
ARC is not responsible for the availability, performance, accuracy, or acts of any third-party service provider. Disruption of a third-party service does not constitute a breach of ARC's obligations under these Terms.
17 DISCLAIMER OF WARRANTIES & LIMITATION OF LIABILITY
17.1 As-Is Basis
The platform is provided on an "as is" and "as available" basis. To the maximum extent permitted by uae law, arc makes no warranties, express or implied, including but not limited to: merchantability, fitness for a particular purpose, uninterrupted availability, regulatory compliance of business user operations, or accuracy of third-party data or exchange rates.
17.2 Liability Cap
To the maximum extent permitted by applicable law, ARC's total aggregate liability to a business user for any claim arising from or related to the platform shall not exceed the total fees paid by that business user to ARC in the three (3) months immediately preceding the event giving rise to the claim.
17.3 Exclusions
ARC shall not be liable for:
Indirect, incidental, consequential, punitive, or special damages of any kind;
Loss of profits, revenue, business opportunity, or goodwill;
Losses arising from Business User's own non-compliance with applicable law, tax, or regulatory requirements;
Chargeback amounts, card network fines, or penalties arising from Business User's processing activity;
WPS penalties or MoHRE enforcement actions arising from Business User's payroll non-compliance;
FX losses or rate fluctuations between quote and execution of cross-border transactions;
Service interruptions caused by third-party gateway outages, banking partner issues, or force majeure events;
Unauthorised access to Business User accounts arising from Business User's failure to secure credentials;
Any loss resulting from Business User acting on information generated by ARC's accounting or reporting tools without independent verification.
18 DISPUTE RESOLUTION & GOVERNING LAW
18.1 Good Faith Resolution
In the event of any dispute arising from these Terms or the use of the Platform, the Parties agree to first attempt resolution through good-faith negotiation. Disputes should be escalated to legal@arc360.me with a written description of the issue and proposed resolution. ARC will respond within ten (10) business days.
18.2 Arbitration
Any dispute not resolved through negotiation within thirty (30) days of written notification shall be referred to binding arbitration seated in the Emirate of Ajman, UAE, under the rules of the Abu Dhabi Commercial Conciliation & Arbitration Centre (ADCCAC), conducted in the English language, before a sole arbitrator. The arbitral award shall be final and binding.
18.3 Governing Law
These Terms are governed by and construed in accordance with the laws of the United Arab Emirates, including applicable Federal Laws, the regulations of the Ajman NuVentures Centre Free Zone (Amiri Decree No. 15 of 2023), and CBUAE regulations, without regard to conflict of law principles. For matters not subject to arbitration, the Parties submit to the exclusive jurisdiction of the competent courts of Ajman, UAE.
18.4 Regulatory Complaints
Business Users who are also consumers of financial services retain the right to file complaints with the CBUAE Consumer Protection Department at consumerprotection@centralbank.ae regardless of the arbitration clause. These Terms do not limit any mandatory statutory rights.
19 AMENDMENTS, SEVERABILITY & NOTICES
19.1 Updates to Terms
ARC may revise these Terms at any time. Updated Terms will be posted at arc360.me/terms with the revised effective date. For material changes — particularly changes affecting payment processing fees, data handling, or liability — ARC will provide not less than thirty (30) days' prior written notice via email to the registered account address. Continued use of the Platform after the effective date of revised Terms constitutes acceptance.
19.2 Electronic Communications
By registering for the Platform, Business Users consent to receive all legal and commercial communications electronically via their registered email address. Electronic communications satisfy any requirement for written notice under UAE law.
19.3 Severability
If any provision of these Terms is found invalid or unenforceable, that provision shall be modified to the minimum extent necessary to make it enforceable, and all remaining provisions shall continue in full force and effect.
19.4 Entire Agreement
These Terms, together with any applicable commercial agreement, fee schedule, and ARC's Privacy Policy, constitute the entire agreement between ARC and the Business User in relation to the use of the Platform and supersede all prior agreements, representations, or understandings.
19.5 Waiver
No failure or delay by ARC in exercising any right or remedy shall constitute a waiver. Waivers must be in writing signed by an authorised representative of ARC.
20 CONTACT INFORMATION
Legal Entity
ARC Synergy FZE LLC
Platform
arc360.me
Registered Office
Office No. BC-888870, 26th Floor, Amber Gem Tower, Sheikh Khalifa Street, Ajman, UAE (P.O. Box 4848)
Free Zone
Ajman NuVentures Centre Free Zone (incorporated under Amiri Decree No. 15 of 2023)
General Support
info@arc360.me
Legal / Disputes
info@arc360.me
Security Issues
info@arc360.me
AML / Compliance
info@arc360.me
Response Time
Within 5 business days (standard); within 48 hours (urgent compliance / security matters)
ACCEPTANCE OF TERMS
By registering for, accessing, or using the ARC Platform, you confirm that you have read, understood, and agree to be legally bound by these Terms of Use in their entirety, including the Payment Services provisions (§5–§6), WPS & Payroll obligations (§7), AML/CFT Compliance requirements (§13), and the Dispute Resolution clause (§18).
ARC Synergy FZE LLC | Ajman NuVentures Centre Free Zone | arc360.me | v1.0 — 2025
