Terms & Conditions

Effective Date: 08.11.2025

Welcome to Spotted (AAR Tech Ventures Private Limited) (“Spotted”, “we”, “our”, or “us”).These Terms & Conditions govern your access to and use of our platform, services, and applications (collectively, the "Platform") which facilitate QR-based UPI payments and reward-based interactions between merchants and end-users.

Please read these Terms carefully before using the Platform. By accessing or using any part of the Platform, you agree to be bound by the following terms:

1. Definitions

User: Any individual who uses the Spotted platform to make UPI-based payments, earn cashback, or engage with merchant content.

Merchant: Any business entity onboarded on Spotted for payment acceptance and consumer engagement.

Spotted Post: A user-generated content unit shared publicly upon a qualified transaction, e.g., “User was Spotted @MerchantName”.Cashback: A defined monetary incentive (e.g., 3%) granted to the User for successful participation in a qualified transaction and opt-in to share a Spotted Post.Transaction: A UPI payment initiated by the User via QR code scanned through the Spotted application.

2. Scope of Service

Spotted acts as a value-added technology platform on top of the existing UPI ecosystem. We facilitate UPI payment initiation and provide conditional rewards subject to user action and platform logic. Payments are routed through certified Payment Service Providers (PSPs) or TPAPs.Spotted is a Technology Service Provider (TSP) or operates via partnership with a licensed TPAP/PSP under NPCI norms.We do not store, process, or transmit sensitive UPI credentials such as MPIN, OTP, or VPA authentication tokens.

3. Payment Mechanism

Users initiate transactions by scanning standardized UPI QR codes. The app decodes VPA and optionally initiates UPI Intent flow or Deep Link Payment, redirecting to an authorized UPI app. All payments are executed under the governance of the relevant banking PSP and UPI network protocols. Spotted validates success through PSP-provided APIs or callback events before triggering any post-transactional logic.

4. Cashback Logic

Cashback is only credited when the User completes a qualified UPI transaction and publishes a valid Spotted Post. The cashback amount is funded by the merchant and deducted either from the merchant’s wallet balance or via an automated settlement API. If the Spotted Post is deleted, modified, or found to be inauthentic, Spotted reserves the right to revoke or adjust the cashback. Cashback will remain under moderation for up to 48 hours before being credited to the User’s wallet or linked bank account. Cashback values, eligibility rules, and moderation timeframes may change periodically and will be reflected in-app.

5. User Responsibilities

Users must ensure their UPI app is active and functional. Users shall not engage in fraudulent activity to artificially trigger cashback or manipulate post logic. Any misuse of the platform, including fake location check-ins, automation, or post tampering, will lead to immediate account suspension.

"Users are responsible for all content they generate on the Platform, including Spotted Posts."

6. Merchant Responsibilities

Merchants agree to pay:Customer Incentive (Cashback):
Configurable by merchant
(default: 3% of transaction value)Platform Fee: 2% for marketing and engagement servicesFees apply only to qualified transactions where a Spotted Post is successfully shared.Merchants must keep business details updated and comply with all verification and payout policies.

7. Refunds & Reversals

Refunds for failed or duplicate transactions are governed by the policies of the respective UPI PSP or Bank. If cashback was granted on a later refunded transaction, the cashback amount will be clawed back. Users and merchants agree to allow such reversals without further consent.

8. Data & Security Compliance

We do not store UPI credentials, card numbers, PINs, or bank passwords. All data handling complies with: PCI-DSS (for any card-linked modules)ISO 27001:2013 standards (internal infra policies)Data Minimization & Encryption protocols at rest and in transit Personally Identifiable Information (PII) and transaction logs are secured using AES-256 encryption and TLS 1.3 for API calls.

9. API and Transaction Logging

All payment actions, post status, cashback triggers, and reversals are logged in an immutable audit log system. API endpoints are rate-limited, auth token gated, and monitored for abuse patterns.

10. Acceptable use & Child safety

Child Sexual Abuse and Exploitation (CSAE) Policy

Spotted has a zero-tolerance policy regarding Child Sexual Abuse Material(CSAM) and any behavior that exploits or endangers minors (CSAE).Prohibited Activities:

● You may not upload, share, or transmit any material that depicts the sexual exploitation or abuse of a minor.

● You may not use the Service to engage in grooming, sextortion, or any predatory behavior toward minors.

Enforcement:

Any account found to be distributing CSAM will be permanently banned, immediately and without notice. Spotted complies with all legal obligations and will report confirmed cases of CSAM to the National Center for Missing &Exploited Children (NCMEC) and relevant law enforcement authorities.

User Reporting:

If you encounter any content or user violating these standards, please use thein-app "Report" button or contact our Safety Team at tech@tryspotted.com.

11. Compliance & Regulatory Oversight

Spotted operates in accordance with NPCI guidelines, RBI circulars, and Indian IT Act, 2000 (as amended).Any bank- or PSP-mandated change (e.g., due to circulars like DPSS.CO.PD.No.1343/02.14.003/2017-18) shall be implemented within 48 hours of notice.

12. User-Generated Content & Community Guidelines

Spotted allows users to share posts (“Spotted Posts”) which are considered User-Generated Content (UGC).To maintain a safe and positive community, users agree to the following:

Zero Tolerance: Users must not upload or share content that is abusive, hateful, obscene, harassing, defamatory, discriminatory, or violates any law.

Filtering & Moderation: All user-generated posts are automatically and manually moderated. Inappropriate or objectionable content will be filtered or removed.

Reporting: Users can report objectionable content directly through the app interface.

Blocking: Users can block or restrict other users who exhibit abusive behavior.

Developer Action: Spotted will review all reported or flagged content within 24 hours and remove any content or account violating these guidelines.

Account Suspension: Users repeatedly posting objectionable material may have their account suspended or permanently terminated.By using Spotted, you agree to these community standards and acknowledge that violation may lead to account restrictions or deletion.

"Generated content (including Spotted Posts) may not be used for commercial purposes without prior written permission from the respective brand or merchant featured in the content."

13. Limitation of Liability

Spotted is not liable for:Transaction failures due to third-party UPI app issues.Cashback denial due to user action (e.g. no post shared).Delays in bank settlements or merchant bank-related issues.User-generated content posted by users; however, we will remove any reported content violating our guidelines within 24 hours.

14. Amendments and Legal Jurisdiction

Spotted reserves the right to modify these Terms at any time. Updates will be posted on the Platform and take effect immediately upon publication. Continued use of the Platform after changes indicates acceptance of the updated Terms. The governing law is Indian law, and disputes shall be subject to the exclusive jurisdiction of the courts of Mumbai, Maharashtra.

15. Contact Information

For compliance queries, disputes, or technical clarification, please contact: AAR Tech Ventures Pvt. Ltd.

Email: support@tryspotted.com

Legal · Last updated 2026

Terms &
Conditions.

The rules that govern how you use Spotted, how we handle your transactions, and what both sides are on the hook for. Written plainly where we can, precisely where we must.

01

Definitions

The following terms are used throughout this document with specific meaning:

  • User — any individual who downloads, registers on, or transacts through the Spotted application.
  • Merchant — any business or entity onboarded to accept payments via Spotted.
  • Spotted Post — a user-submitted photograph or review shared on the platform following a qualifying transaction.
  • Cashback — a percentage of a completed transaction credited back to the user's account after eligibility checks.
  • Transaction — any payment initiated through the Spotted app and routed via a UPI-certified provider.

02

Scope of Service

Spotted operates as a technology platform that facilitates UPI-based payments between Users and Merchants. We do not store sensitive payment credentials such as UPI PINs, card numbers, or CVVs.

All payment processing is handled by regulated, certified providers. Spotted's role is limited to routing, moderation, and the cashback layer that sits on top of the underlying payment rails.

03

Payment Mechanism

Users initiate transactions by scanning a merchant QR code within the Spotted app. The payment is routed through certified UPI providers to the merchant's registered account.

Spotted does not intermediate the movement of funds. Transaction confirmation is provided by the underlying UPI network, and Spotted records the outcome for the purpose of computing cashback eligibility.

04

Cashback Logic

Cashback is credited only after a qualifying Spotted Post is submitted and passes moderation. Posts are reviewed within a stated window; cashback is released once the post is approved.

Eligibility is subject to:

  • A verified, completed transaction at a participating merchant.
  • A Spotted Post that meets the community and quality guidelines.
  • No reversal, dispute, or chargeback against the underlying transaction.

05

User Responsibilities

Users are responsible for keeping their device secure, their app up to date, and their account information accurate.

Users must not:

  • Attempt to defraud the cashback system through fake posts, duplicate transactions, or coordinated abuse.
  • Use the app for any purpose that violates applicable law.
  • Reverse-engineer, tamper with, or interfere with the operation of the platform.

06

Merchant Responsibilities

Merchants onboarded to Spotted agree to the applicable fee structure — a 3% cashback contribution and a 2% platform fee — deducted per qualifying transaction.

Merchants must maintain accurate business information, honour advertised offers, and comply with all applicable local, tax, and consumer-protection regulations. Spotted reserves the right to suspend merchants who fail these obligations.

07

Refunds & Reversals

Refunds for transactions are governed by the merchant's own policy and the UPI provider's dispute process. Spotted facilitates but does not adjudicate refund claims.

If a transaction is refunded, reversed, or charged back after cashback has been credited, Spotted may claw back the corresponding cashback amount from the user's account balance or from future credits.

08

Data & Security Compliance

All data in transit and at rest is encrypted using industry-standard protocols. Spotted's systems are aligned with PCI-DSS requirements and ISO 27001:2013 controls.

Personal data is handled in accordance with our Privacy Policy. Sensitive payment credentials are never persisted by Spotted; they remain within the certified UPI provider's environment.

09

API and Transaction Logging

Every transaction event is written to an immutable audit log for reconciliation, dispute handling, and regulatory reporting.

API access is authenticated, rate-limited, and monitored. Access credentials are rotated on a defined schedule, and anomalous patterns trigger automated review.

10

Acceptable Use & Child Safety

Spotted maintains a zero-tolerance policy against Child Sexual Abuse Material (CSAM) and any content that exploits, endangers, or sexualises minors.

Detected content is removed, reported to the appropriate authorities, and the associated account is permanently disabled. Users can report suspected violations through the in-app reporting tool at any time.

11

Compliance & Regulatory Oversight

Spotted operates in compliance with NPCI guidelines governing UPI transactions and the broader Indian regulatory framework applicable to payment aggregators and technology platforms. We cooperate with regulators, law enforcement, and audit bodies as required.

12

User-Generated Content & Community Guidelines

Spotted Posts are moderated for authenticity, safety, and adherence to community standards. Content that is misleading, harmful, or violates the guidelines may be removed and cashback withheld.

Users can report posts through the in-app reporting flow. Reported content is reviewed within a defined SLA and actioned as appropriate.

13

Limitation of Liability

To the maximum extent permitted by law, Spotted is not liable for:

  • Losses arising from outages, delays, or errors of the underlying UPI network or third-party providers.
  • Merchant disputes, product quality, or service delivery.
  • Losses arising from user compromise of their own device or credentials.
  • Indirect, incidental, or consequential damages of any kind.

14

Amendments & Legal Jurisdiction

Spotted reserves the right to update these Terms at any time. Material changes will be communicated via the app or by email. Continued use of the platform after an update constitutes acceptance of the revised Terms.

These Terms are governed by the laws of India. Any dispute is subject to the exclusive jurisdiction of the courts in Mumbai.

End of document · Last updated 2026