Pandascrow Legals

Effective by June 15th, 2026

Pandascrow Developer Policy

This Policy governs access to and use of Pandascrow's APIs, SDKs, webhooks, documentation, developer portals, sandbox environments, and related developer resources (collectively, the "Developer Services").

By accessing or using the Developer Services, you agree to comply with this Policy, our Terms of Service, Privacy Policy, Anti-Money Laundering Policy, Service Level Agreement, and all applicable laws and regulations.

If you do not agree to this Policy, you must not access or use the Developer Services.

1. Definitions For purposes of this Policy:

  • "API" means any application programming interface made available by Pandascrow.
  • "Application" means any software, integration, plugin, website, mobile application, platform, or service developed by a Developer using Developer Services.
  • "Developer" means any individual, company, organization, institution, or entity accessing or using Developer Services.
  • "Developer Services" means APIs, SDKs, webhooks, documentation, sandbox environments, developer portals, tools, and resources provided by Pandascrow.
  • "End User" means any person whose information, transactions, or activities are processed through an Application.
  • "Personal Data" means information relating to an identified or identifiable individual.
  • "Platform" means the Pandascrow website, applications, APIs, systems, infrastructure, and related services.
  • "Production Environment" means the live environment used for processing real transactions and customer data.
  • "Sandbox Environment" means a testing environment provided by Pandascrow for development and evaluation purposes.
  • "Sensitive Data" includes:
    • Payment information;
    • Financial information;
    • Authentication credentials;
    • Government-issued identification;
    • Biometric information;
    • Any information classified as sensitive under applicable law.
  • "User Data" means any data relating to End Users accessed, processed, transmitted, stored, or generated through Developer Services.

2. Eligibility To access Developer Services, you must:

  • Be at least 18 years old;
  • Have legal authority to enter binding agreements;
  • Comply with all applicable laws and regulations;
  • Provide accurate registration information;
  • Maintain accurate account information.

If you are acting on behalf of an organization, you represent that you have authority to bind that organization to this Policy.

3. Scope of Developer Services

Pandascrow may provide Developer Services relating to:

  • Escrow Services;
  • Wallet Services;
  • Payment Services;
  • Invoice APIs;
  • PayMe APIs;
  • Marketplace integrations;
  • Multi-party transaction APIs;
  • Currency conversion services;
  • Webhook services;
  • Identity verification services;
  • Compliance services;
  • Settlement services;
  • AI-powered services;
  • Analytics and reporting tools.

Pandascrow reserves the right to modify, expand, restrict, suspend, or discontinue any Developer Service at any time.

4. Sandbox and Production Environments

Pandascrow may provide Sandbox and Production Environments. Sandbox Environments:

  • Are intended solely for testing and development;
  • May contain simulated data;
  • May not reflect actual production behavior;
  • May be modified without notice;
  • May experience interruptions or resets.

Production credentials must not be used within Sandbox Environments.

Sandbox data must not be treated as production-grade information.

Pandascrow does not guarantee feature parity between Sandbox and Production Environments.

5. Developer Responsibilities

Developers are responsible for:

  • Maintaining secure Applications;
  • Protecting User Data;
  • Following API documentation;
  • Monitoring Application performance;
  • Maintaining Application security;
  • Ensuring lawful use of Developer Services;
  • Complying with all applicable laws;
  • Maintaining appropriate internal controls.

Developers remain solely responsible for the operation, maintenance, content, functionality, and security of their Applications.

6. Compliance Obligations

Developers must comply with all applicable laws, regulations, rules, directives, and industry standards, including:

  • Anti-Money Laundering (AML) laws;
  • Counter-Terrorism Financing (CTF) requirements;
  • Sanctions regulations;
  • Consumer protection laws;
  • Data protection laws;
  • Financial services regulations;
  • Tax obligations;
  • Electronic communications laws.

Pandascrow may require Developers to provide information demonstrating compliance with applicable requirements.

Failure to provide requested information may result in suspension or termination of access.

7. Security Requirements

Developers must implement and maintain appropriate technical and organizational security measures designed to protect:

  • User Data;
  • Personal Data;
  • Financial Data;
  • Authentication Credentials;
  • API Keys;
  • Transaction Information.

Minimum security requirements include:

  • Encryption of data in transit using TLS;
  • Encryption of sensitive data at rest;
  • Secure credential management;
  • Access controls based on least privilege;
  • Secure software development practices;
  • Vulnerability management processes;
  • Logging and monitoring mechanisms.

Developers must promptly remediate identified vulnerabilities affecting their Applications.

Pandascrow may require evidence of security controls or remediation efforts where reasonably necessary.

8. API Keys and Credentials

API keys, access tokens, secrets, certificates, and other credentials issued by Pandascrow remain the property of Pandascrow.

Developers must:

  • Keep credentials confidential;
  • Store credentials securely;
  • Restrict access to authorized personnel;
  • Rotate credentials when appropriate;
  • Monitor credential usage.

Developers must not:

  • Publish credentials publicly;
  • Embed credentials in client-side code;
  • Share credentials with unauthorized third parties;
  • Circumvent authentication mechanisms.

Developers must immediately notify Pandascrow upon becoming aware of:

  • Credential compromise;
  • Unauthorized access;
  • Credential leakage;
  • Security incidents involving Developer Services.

Pandascrow may revoke, rotate, suspend, or replace credentials at any time.

9. Data Protection and Privacy

Developers must comply with all applicable privacy and data protection laws, including:

  • Nigeria Data Protection Act (NDPA) 2023;
  • General Data Protection Regulation (GDPR), where applicable;
  • California Consumer Privacy Act (CCPA), where applicable;
  • Other applicable privacy laws.

Developers shall:

  • Process data lawfully;
  • Process data fairly and transparently;
  • Collect only necessary data;
  • Limit data retention appropriately;
  • Protect User Data against unauthorized access;
  • Respect data subject rights.

Developers must implement appropriate safeguards for the processing of Personal Data.

10. User Consent Requirements

Developers are responsible for obtaining all required permissions, consents, authorizations, and disclosures before:

  • Collecting User Data;
  • Processing User Data;
  • Sharing User Data;
  • Accessing Pandascrow APIs on behalf of Users.

Applications must provide clear and accessible privacy notices explaining:

  • What data is collected;
  • Why data is collected;
  • How data is used;
  • Who data is shared with;
  • User rights and choices.

Developers must maintain records of consent where required by law.

11. AML, KYC and Regulatory Compliance

Developers shall not use Developer Services to facilitate:

  • Money laundering;
  • Terrorist financing;
  • Fraudulent schemes;
  • Sanctions evasion;
  • Human trafficking;
  • Illegal gambling;
  • Unauthorized financial services;
  • Any unlawful activity.

Where applicable, Developers must:

  • Conduct customer verification;
  • Implement AML controls;
  • Monitor suspicious activity;
  • Cooperate with regulatory investigations.

Pandascrow reserves the right to request information relating to compliance programs, policies, controls, or investigations.

Failure to cooperate may result in suspension or termination.

12. Acceptable Use

Developers must not use Developer Services to:

  • Violate Applicable Laws;
  • Access data without authorization;
  • Circumvent security controls;
  • Probe, scan, or test platform vulnerabilities without authorization;
  • Introduce malware or malicious code;
  • Interfere with Platform operations;
  • Abuse APIs;
  • Conduct denial-of-service attacks;
  • Harvest user credentials;
  • Impersonate another individual or organization;
  • Engage in deceptive practices;
  • Infringe intellectual property rights.

Pandascrow may investigate suspected violations and take appropriate action.

13. Rate Limits and Fair Usage

Pandascrow may establish:

  • Rate limits;
  • Throughput limits;
  • Transaction limits;
  • Request quotas;
  • Concurrent connection limits.

Developers must not attempt to bypass such limits.

Pandascrow may:

  • Throttle requests;
  • Restrict API access;
  • Suspend Applications;
  • Require migration to alternative service tiers.

Rate limits may vary by service, account type, transaction volume, risk profile, or commercial arrangement.

14. Webhooks and Event Processing

Pandascrow may provide webhook functionality to notify Applications of platform events.

Developers are responsible for:

  • Securing webhook endpoints;
  • Validating webhook signatures;
  • Verifying message authenticity;
  • Processing events safely;
  • Handling duplicate events;
  • Implementing retry handling;
  • Maintaining endpoint availability.

Developers should design webhook processing to be idempotent.

Pandascrow is not responsible for failures caused by improperly configured webhook endpoints.

15. Escrow, Wallet and Payment APIs

Developer Services may provide access to:

  • Escrow creation;
  • Milestone management;
  • Payment processing;
  • Wallet operations;
  • Transaction monitoring;
  • Settlement processing;
  • Currency conversion;
  • Payment links;
  • Invoice generation;
  • Marketplace functionality.

Developers must accurately represent Platform functionality to End Users.

Developers shall not:

  • Misrepresent escrow protection;
  • Misrepresent payment guarantees;
  • Promise outcomes not supported by the Platform;
  • Mislead users regarding dispute resolution procedures.

All transactions remain subject to Pandascrow policies and compliance requirements.

16. AI-Assisted Services

Pandascrow may provide AI-powered services through Developer Services, including:

  • Fraud detection;
  • Risk assessment;
  • Transaction monitoring;
  • Dispute assistance;
  • Recommendation systems;
  • Compliance screening;
  • Analytics and reporting.

AI-generated outputs:

  • May contain inaccuracies;
  • May be incomplete;
  • Should not be relied upon as legal, financial, regulatory, or professional advice.

Developers remain solely responsible for reviewing, validating, and verifying AI-generated outputs before using them in production environments.

Pandascrow does not guarantee the accuracy, completeness, reliability, or suitability of AI-generated results.

17. Service Availability

Pandascrow aims to maintain high availability for Developer Services.

However, Developer Services may experience interruptions due to:

  • Scheduled maintenance;
  • Emergency maintenance;
  • Security incidents;
  • Third-party provider outages;
  • Banking infrastructure disruptions;
  • Regulatory requirements;
  • Force Majeure Events.

Pandascrow does not guarantee uninterrupted or error-free access to Developer Services.

Availability targets, where provided, shall be governed by applicable Service Level Agreements.

18. Monitoring and Audits

Pandascrow may monitor Developer use of Developer Services for:

  • Security purposes;
  • Fraud prevention;
  • Compliance verification;
  • Performance optimization;
  • Platform protection.

Pandascrow may conduct reviews or audits where reasonably necessary to:

  • Investigate suspected violations;
  • Assess security risks;
  • Verify compliance obligations;
  • Respond to regulatory requirements.

Developers agree to cooperate with reasonable audit requests relating to their use of Developer Services.

19. Security Incident Reporting

Developers must promptly notify Pandascrow upon becoming aware of:

  • Data breaches;
  • Credential compromises;
  • Unauthorized access;
  • Malware infections;
  • Security vulnerabilities affecting integrations;
  • Unauthorized API usage;
  • Material security incidents.

Notifications should include:

  • Nature of the incident;
  • Systems affected;
  • Data potentially impacted;
  • Actions already taken;
  • Proposed remediation measures.

Pandascrow may temporarily suspend access while investigating security incidents.

20. Intellectual Property Rights

Pandascrow and its licensors retain all rights, title, and interest in:

  • APIs;
  • SDKs;
  • Documentation;
  • Developer portals;
  • Trademarks;
  • Logos;
  • Source code;
  • Platform technology;
  • Software;
  • Infrastructure.

Nothing in this Policy transfers ownership of Pandascrow intellectual property to Developers.

Subject to compliance with this Policy, Pandascrow grants Developers a limited, non-exclusive, revocable, non-transferable license to access and use Developer Services.

21. Developer Intellectual Property

Developers retain ownership of:

  • Applications;
  • Source code;
  • Proprietary content;
  • Trademarks;
  • Intellectual property independently created by Developers.

Developers grant Pandascrow a limited, non-exclusive, worldwide, royalty-free license to:

  • Display Application names;
  • Display integration status;
  • Reference integrations in developer directories;
  • Promote ecosystem compatibility.

Such use shall be solely for purposes relating to operation, support, and promotion of Developer integrations.

22. Third-Party Services

Developer Services may integrate with or depend upon third-party providers, including:

  • Payment processors;
  • Banking institutions;
  • Cloud providers;
  • Verification services;
  • Compliance providers;
  • Communication services.

Pandascrow does not control third-party services and makes no guarantees regarding:

  • Availability;
  • Security;
  • Accuracy;
  • Reliability;
  • Performance.

Developers acknowledge that third-party disruptions may impact Developer Services.

23. Confidential Information

Developers may receive Confidential Information relating to:

  • APIs;
  • Technical documentation;
  • Product roadmaps;
  • Security practices;
  • Non-public platform functionality.

Developers shall:

  • Protect Confidential Information;
  • Use Confidential Information only for authorized purposes;
  • Restrict access to authorized personnel;
  • Prevent unauthorized disclosure.

Confidential Information shall not include information that:

  • Is publicly available;
  • Was independently developed;
  • Was lawfully obtained from another source;
  • Is required to be disclosed by law.

Confidentiality obligations survive termination of access to Developer Services.

24. Warranties and Representations

Developers represent and warrant that:

  • They have authority to enter into this Policy;
  • They will comply with Applicable Laws;
  • Their Applications do not infringe third-party rights;
  • Information provided to Pandascrow is accurate;
  • Their use of Developer Services is lawful.

Developers further represent that they will maintain reasonable security controls and operational safeguards appropriate to their use of Developer Services.

Except as expressly stated, Developer Services are provided on an "AS IS" and "AS AVAILABLE" basis.

25. Disclaimer of Warranties

TO THE MAXIMUM EXTENT PERMITTED BY LAW, DEVELOPER SERVICES ARE PROVIDED ON AN "AS IS", "AS AVAILABLE", AND "WITH ALL FAULTS" BASIS.

PANDASCROW DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING:

  • Merchantability;
  • Fitness for a particular purpose;
  • Non-infringement;
  • Availability;
  • Accuracy;
  • Reliability;
  • Security;
  • Performance.

Pandascrow does not warrant that:

  • Developer Services will be uninterrupted;
  • Developer Services will be error-free;
  • Defects will be corrected;
  • Developer Services will meet Developer requirements;
  • Developer Services will be compatible with every Application.

Developers assume all risks associated with their use of Developer Services.

26. Limitation of Liability

To the fullest extent permitted by Applicable Law, Pandascrow shall not be liable for:

  • Indirect damages;
  • Consequential damages;
  • Incidental damages;
  • Special damages;
  • Exemplary damages;
  • Punitive damages;
  • Loss of profits;
  • Loss of revenue;
  • Loss of goodwill;
  • Loss of business opportunities;
  • Loss of data;
  • Loss of customers.

Pandascrow's aggregate liability arising from or relating to Developer Services shall not exceed the total fees paid by the Developer to Pandascrow during the six (6) months immediately preceding the event giving rise to the claim.

Nothing in this Policy excludes liability that cannot legally be excluded.

27. Indemnification

Developers agree to indemnify, defend, and hold harmless Pandascrow, its affiliates, officers, directors, employees, agents, contractors, licensors, partners, and service providers from and against any claims, actions, proceedings, liabilities, damages, losses, fines, penalties, costs, and expenses (including reasonable legal fees) arising from:

  • Use of Developer Services;
  • Violation of this Policy;
  • Violation of Applicable Laws;
  • Security incidents caused by Developer systems;
  • Intellectual property infringement;
  • Misuse of User Data;
  • Fraudulent or unlawful conduct;
  • Applications developed or operated by the Developer.

These obligations survive termination of this Policy.

28. Suspension and Termination

Pandascrow may suspend, restrict, revoke, or terminate access to Developer Services immediately where:

  • This Policy is violated;
  • Security concerns arise;
  • Fraudulent activity is suspected;
  • Regulatory obligations require action;
  • Risk to Users or the Platform is identified;
  • False information is provided;
  • Compliance requirements are not met.

Pandascrow may also:

  • Revoke API credentials;
  • Disable Applications;
  • Restrict API access;
  • Limit transaction capabilities;
  • Freeze integrations pending investigation.

Developers may terminate their use of Developer Services at any time by discontinuing use and deleting API credentials.

Termination shall not affect accrued rights or obligations.

29. Changes to Developer Services

Pandascrow may:

  • Modify APIs;
  • Deprecate endpoints;
  • Introduce new features;
  • Change technical requirements;
  • Remove functionality;
  • Upgrade infrastructure.

Where reasonably practicable, Pandascrow will provide advance notice of material changes through:

  • Developer portals;
  • Documentation updates;
  • Email notifications;
  • Platform announcements.

Developers are responsible for maintaining compatibility with updated services.

30. Governing Law

This Policy shall be governed by and construed in accordance with the laws of the Federal Republic of Nigeria.

The Parties agree that Nigerian law shall apply regardless of conflict-of-law principles.

31. Dispute Resolution

The Parties shall first attempt to resolve disputes through good-faith negotiations.

If a dispute cannot be resolved within thirty (30) days, the Parties agree to attempt mediation.

If mediation is unsuccessful, the dispute shall be finally resolved by arbitration administered by the Lagos Court of Arbitration (LCA), Lagos, Nigeria.

The arbitration shall:

  • Be conducted in English;
  • Be confidential;
  • Be conducted before a single arbitrator unless otherwise required;
  • Result in a final and binding decision.

Nothing prevents either Party from seeking urgent equitable or injunctive relief from a court of competent jurisdiction.

32. Severability

If any provision of this Policy is found to be invalid, illegal, or unenforceable, the remaining provisions shall remain in full force and effect.

The invalid provision shall be replaced with a valid provision that most closely reflects the original intent.

33. Waiver

Failure by Pandascrow to enforce any provision of this Policy shall not constitute a waiver of that provision.

Any waiver must be made in writing.

A waiver of one breach shall not constitute a waiver of any future breach.

34. Entire Agreement

This Developer Policy, together with:

  • Terms of Service;
  • Privacy Policy;
  • Service Level Agreement;
  • Anti-Money Laundering Policy;
  • Acceptable Use Policy;
  • API Documentation;
  • Any additional policies referenced by Pandascrow;

constitutes the entire agreement governing Developer access to Developer Services.

This Policy supersedes all prior discussions, representations, understandings, and agreements relating to Developer Services.

35. Contact Information

For developer support, compliance inquiries, security reports, legal notices, or questions regarding this Policy, contact:

Pandascrow Developer Relations & Compliance Team

Email: support@pandascrow.io

Website: https://pandascrow.io/contact

Phone: +234 802 132 5996

Security Reports: support@pandascrow.io

36. Acceptance

By registering for Developer Services, generating API credentials, accessing documentation, connecting an Application, or otherwise using Developer Services, you acknowledge that:

  • You have read and understood this Policy;
  • You agree to be bound by this Policy;
  • You agree to comply with all applicable laws and regulations;
  • You accept responsibility for your Applications and integrations.

Thank you for building with Pandascrow.

Pandascrow — Escrow, Wallets, Payments, APIs, and Financial Infrastructure for Businesses, Freelancers, and Developers.