Lasso Inc- Terms of Service

Last updated: August 30, 2025

Plain-English summary (non-binding): You (the Merchant) use Lasso to build and run checkout and post-purchase flows (including one-click upsells). You remain the merchant of record. Payments run through third-party providers that renderprovider-hosted payment components inside your Lasso flows. Card data is entered into those provider-hosted components, not on Lasso’s servers. Lasso isn’t

a bank, money transmitter, or payment facilitator.

1. Definitions

“AUP” = Acceptable Use Policy.

“Customer/End-Customer” = Merchant’s buyer.

“Designated Provider” = third-party checkout/orchestration/gateway/acquirer/risk service Lasso integrates.

“Embedded PSP Components” = provider-hosted payment fields/widgets rendered within Lasso pages.

“Pass-Through Terms” = published terms/rules/fees of Designated Providers and Networks.

“Services” = Lasso’s checkout/orchestration platform, hosted UX, APIs/SDKs, and related features.

2. Agreement; Business Use; EligibilityBy using the Services, Merchant accepts these Terms for business use only and represents it has authority to bind itself. U.S.-only: Merchant is organized under U.S. law (or is a U.S. sole proprietor), has its principal place of business in the U.S., and isn’t a prohibited/sanctioned party. Lasso may suspend/terminate for ineligibility or misrepresentation.

3. Services; Scope; Integration Modes

Provider-Hosted Checkout (merchant-direct): Provider renders its own checkout.Lasso places/orchestrates and forwards events; the provider controls paymentcollection/tokenization.

Embedded PSP Components: Lasso renders provider-hosted payment fields/widgetsfor card entry/tokenization, then orchestrates routing and post-purchase logic.In all modes, cardholder data entry occurs in provider-hosted components, not onLasso’s servers.

4. Roles; Merchant of Record; No Money Services

Merchant is seller and merchant of record. Lasso does not sell goods, take title, act as merchant/payment facilitator, money transmitter, escrow, or bank. Funds do not flow to Lasso unless a separate written funds-flow schedule is executed.

5. Third Parties; Pass-Through Terms; Provider Directory

Use of Designated Providers/Networks is subject to their Pass-Through Terms. Merchant authorizes Lasso to share necessary data with those providers/networks to deliver the Services and keeps any required provider accounts in good standing. Lasso isn’t responsible for provider underwriting, reserves/holds, declines, fee changes, or settlement timelines. A dashboard Provider Directory links current providers and terms.

6. Implementation; API License; Credentials; Changes

Limited, non-exclusive API/SDK license. Merchant secures credentials and complies with rate limits/technical restrictions. Lasso may throttle/suspend to protect the Services, address security/fraud, or comply with law. For deprecations that materially impact production traffic, Lasso provides a commercially reasonable migration period.

7. Merchant Obligations

Merchant will publish and honor clear terms, privacy, and refund/return policies; ensure goods/services are lawful/accurate; comply with applicable laws (consumer, privacy, export/sanctions), card-brand rules, and 3DS/SCA where applicable; configure taxes; provide receipts/disclosures; and avoid prohibited uses in the AUP.

8. Fees; Billing; Taxes; Refunds; Auto-Debit; Late Fees; Chargebacks & Collections

8.1 Fees & Taxes. Merchant will pay platform, usage/overage, and add-on fees plus applicable taxes. Fees are exclusive of taxes; Merchant is responsible for sales/use/VAT/GST/withholding where applicable (provide exemption certificates if any).

8.2 Invoices & Disputes. Unless stated otherwise, invoices are monthly net-15. Merchant must dispute any charge in writing within 30 days of invoice; undisputed amounts must be paid on time.

8.3 Payment Method & Auto-Debit Authorization. Merchant authorizes Lasso and its billing processor to auto-debit Merchant’s card/ACH on file for subscriptions, usage/overages, taxes,and reasonable documented third-party fees related to undisputed chargebacks/collections. Merchant must maintain a valid payment method at all times.

8.4 Late Fees; Interest. Overdue amounts may accrue 1.5% per month (or the maximum permitted by law), plus reasonable costs of collection to the extent permitted by law.

8.5 Non-Refundable Amounts. Unless the Order states otherwise or required by law: subscription fees, setup/implementation, and usage/overages are non-refundable. If Lasso terminates a Service for convenience, Lasso will pro-rate and refund prepaid, unused fees for the terminated Service.

8.6 Chargebacks. Merchant is responsible for chargebacks and will timely provide evidence as required by providers/PSPs/Networks. Lasso may pass through documented third-party fees and a reasonable administrative cost recovery for handling chargebacks (no outcome guarantee).

8.7 Suspension & Collections Timeline.

Day 1 past due: courtesy reminder.

Day 7 past due: written notice; late fees may begin accruing.

Day 15 past due: suspension of the Services until full payment.

Day 30+ past due: account may be terminated and referred to collections; data retained for 30 days after termination for export (if account is otherwise in good standing).

See AUP §5 for enforcement remedies related to policy violations.

9. Funds Flow; Settlement; Reserves

Providers/PSPs/Networks—not Lasso—determine settlement timelines, reserves, and holds. Settlement disputes are between Merchant and the applicable provider/PSP.

10. Chargebacks; Disputes; Refunds

Merchant is responsible for chargebacks, disputes, and refunds. Lasso may facilitate evidence packaging but does not control outcomes or guarantee wins.

11. Data Processing TermsRole split. For End-Customer Personal Data, Merchant = Controller; Lasso = Processor/Service Provider. For Merchant admin/account data, service telemetry/security/fraud signals, and aggregated/de-identified analytics, Lasso = independent controller (see Privacy Policy).

Processor commitments (U.S. service-provider terms). Lasso will (i) Process only to provide/secure/support/improve the Services per Merchant’s instructions; (ii) not Sell or Share data or use it for Cross-Context Behavioral Advertising; (iii) implement reasonable security and notify Merchant of any Personal Data Breach without undue delay and within 72 hours of confirmation; (iv) flow down materially comparable obligations to sub-processors and remain responsible; (v) delete or return Personal Data at end of term or on request (subject to legal retention); (vi) assist reasonably with Consumer/Data Subject requests, security, breach notices and DPIAs/assessments.

Provider-hosted components. In Embedded PSP Components, the relevant provider is Lasso’s sub-processor. In Provider-Hosted Checkout (merchant-direct), the provider is Merchant’s independent controller/processor (not Lasso’s sub-processor).

Sub-processors & Change Notice. Lasso engages third-party service providers (e.g., cloud hosting, CDN, logging/monitoring, email delivery, support, analytics, and embedded PSP components) to support the Services. Lasso will provide at least 30 days’ prior notice of any new or replacement sub-processor by posting in the dashboard or by email. Merchant may object on reasonable data-protection grounds within that period; if unresolved in good faith, Merchant may terminate the affected Services and receive a pro-rata refund of prepaid fees for the terminated portion.

International transfers (if/when applicable). Lasso is onboarding U.S. businesses only. If Merchant’s usage later involves Personal Data subject to EEA/UK/Swiss laws transferred to the U.S., appropriate transfer tools (e.g., EU SCCs/UK Addendum/Swiss adaptations) will apply only as required by law.

Ad signals (optional). If enabled, Lasso may send limited event metadata (e.g., hashed identifiers, conversion events) to Merchant-designated ad platforms; Merchant is responsible for notices/consents and platform settings.

See Privacy Policy for additional details on roles, sub-processors, and retention.

12. PCI DSS; Payment Data; Security

Provider-hosted fields/components capture card data. Depending on implementation, Merchant’s PCI scope may be SAQ-A or SAQ A-EP. Merchant must not log/store raw PAN or sensitive auth data. Lasso stores token references/aliases only (no raw PAN). Each party will notify the other without undue delay and ≤72 hours after confirming a security incident impacting the Services or End-Customer data.

13. Service Levels; Maintenance; Support

Target availability: 99.9% per calendar month, excluding scheduled maintenance, force majeure, and third-party outages (providers, PSPs, Networks, Shopify/WooCommerce, clouds, DNS, CDNs) outside Lasso’s control. If below target, Merchant may request a service credit as the exclusive availability remedy. Support response targets are shown in-product. See SLA for complete service level commitments and remedies. In the event of inconsistency, SLA remedies govern availability, and these Terms govern all other aspects.

14. Acceptable Use

Merchant must comply with the separate AUP (incorporated by reference). Violations may lead to warning, feature limits, suspension, or termination (see AUP enforcement ladder).

15) Proprietary Rights; Feedback; Branding/Publicity

The Services/Documentation are owned by Lasso/licensors. Merchant grants Lasso a limited license to use Merchant Content to provide/improve the Services. Feedback may be used without restriction. Merchant grants Lasso a limited, revocable license to use Merchant’s name/marks in checkout pages and customer lists/case studies unless Merchant opts out by notice.

16) Warranties; Disclaimers

Except as expressly stated, the Services are provided “AS IS” without warranties (express, implied, or statutory), including merchantability, fitness for a particular purpose, and non-infringement. Beta/pre-release features are AS IS. Providers do not perform AML/KYC for Merchant unless stated in their terms; chargebacks remain Merchant’s responsibility.

17) Indemnification

Merchant will defend/indemnify Lasso against third-party claims arising from Merchant products, content, or data; Merchant’s breach of law/AUP/Pass-Through Terms; or use of the Services contrary to these Terms. Lasso will defend/indemnify Merchant against third-party IP claims that the Services (as provided) infringe certain IP rights, subject to standard exclusions; Lasso may procure rights, modify, or discontinue the affected feature with pro-rata refund.

18) Limitation of Liability

No indirect/special/incidental/consequential/punitive damages or lost profits. Except for carve-outs, each party’s aggregate liability is capped at fees paid/payable in the preceding12 months. Carve-outs: indemnification obligations; Merchant’s payment obligations; confidentiality/security breaches; willful misconduct/gross negligence.

19. Suspension; Term; Termination; Effect

Lasso may suspend to address security risks, fraud/abuse, legal compliance, or non-payment. Either party may terminate for uncured material breach after 30 days’ notice, or immediately for insolvency/legal prohibition; Merchant may terminate for convenience (fees incurred remaindue). On termination, Merchant stops using the Services and removes Lasso code/SDKs; 30-day export window.

20) Government Use

Commercial computer software per FAR/DFARS; U.S. Government use subject to restricted rights.

21) Disputes; Governing Law; Arbitration (JAMS)

Good-faith resolution first (30 days). Then binding JAMS arbitration (Commercial Rules; Streamlined ≤ $250k), one arbitrator; Wilmington, Delaware seat; remote hearings allowed. Either party may seek injunctive relief in court for IP/confidentiality. Small-claims carve-out. Class/jury waivers. If JAMS unavailable, AAA Commercial Rules. Delaware law governs.

22) Changes to These Terms

Updates are effective when posted in the dashboard/site. Material Adverse Changes (material rights reduction or fee increase for same usage) take effect no earlier than 30 days after notice, except legal/pass-through or security/fraud/abuse changes, which may be immediate. If a Material Adverse Change (not driven by law/pass-through) applies to you, you may terminate the affected Services during the notice period; fees already incurred remain due. Continued use after the effective date = acceptance.

23) Assignment; Notices; Entire Agreement; Precedence

Either party may assign to an Affiliate or in connection with a merger/acquisition or sale of substantially all assets (with notice); otherwise requires consent (not unreasonably withheld). Notices go to the dashboard contact or admin@lassocart.com. These Terms are the entire agreement for their subject matter and supersede prior agreements. Precedence: (1) any Order; (2) these Terms; (3) Documentation.

References & Links

Privacy Policy: [Here]

AUP: [Here]

SLA: [Here]

Contact

Lasso Inc.

Legal: admin@lassocart.com

Address: 3237 Brookline Rd Wilmington, DE 19808