1
. Payment Security Policy
1.1. General Provisions
The platform atasuai.com ensures maximum payment security. We use modern protection technologies and work only with licensed payment partners.
1.2. Payment Partner
All payments are processed through a licensed partner — JSC «Freedom Finance Bank» and other second-tier banks
| Parameter |
Value |
| Partner |
JSC «Freedom Finance Bank» |
| License |
License of the NB RK for banking operations |
| Certification |
PCI DSS Level 1 |
| Technology |
Automatic payment splitting |
1.3. Protection Technologies
1.3.1. Data Encryption
SSL/TLS encryption of all connections (HTTPS)
256-bit card data encryption
The platform DOES NOT store full bank card data
1.3.2. Payment Authentication
3D Secure 2.0 — two-factor authentication
SMS transaction confirmation
Verification of CVV/CVC code
1.3.3. Anti-Fraud System
Automatic monitoring of suspicious operations
Verification of card and recipient data
Transaction limits for new users
Blocking of suspicious transactions
1.4. Secure Payments (Escrow)
The platform uses an escrow system to protect both parties:
- The buyer pays for the order
- The money is held in the Platform's account
- The seller ships the goods
- The buyer confirms receipt
- The money is transferred to the Seller (1-3 business days)
1.5. Payment Methods
| Method |
Status |
Commission |
| Bank cards (Visa, Mastercard) |
Available |
Free for the buyer |
| Apple Pay / Google Pay |
Available |
- |
| Installment |
In development |
- |
1.6. Payment Splitting
The platform uses automatic splitting — dividing the payment among participants:
| Recipient |
Share |
| Seller |
Product amount minus fee |
| Platform |
Fee according to rates |
| Delivery |
Delivery cost (if paid by the buyer) |
Splitting occurs automatically at the time of payment. The seller receives their share after confirming receipt of the goods.
1.7. Refunds
Refunds are made:
To the same card used for payment
Within 1-14 business days (depends on the buyer's bank)
After confirming the return of the goods to the Seller
1.8. What We DO NOT Store
For security reasons, the Platform DOES NOT store:
Full bank card numbers
CVV/CVC codes
PIN codes
Internet banking passwords
1.9. Recommendations for Users
Do not disclose your card details, CVV code, and SMS codes to anyone
Ensure the website address starts with https://atasuai.com
Do not click on suspicious links from emails and messages
Use complex passwords for your account
If suspicious activity occurs — contact us immediately
2
. Secure Payments (ESCROW)
2.1. What are secure payments
The platform uses a secure payment system (escrow) to protect Buyers and Sellers. The money for the order is temporarily held in the Platform's account and transferred to the Seller only after confirmation of receipt of the goods.
2.2. How it works
| Stage |
What happens |
Status of the money |
| 1. Payment |
The Buyer pays for the order |
Money in the Platform's account |
| 2. Shipping |
The Seller ships the goods |
Money is held |
| 3. Delivery |
The Buyer receives the goods |
Money is held |
| 4. Confirmation |
The Buyer confirms receipt OR the deadline expires |
Money is transferred to the Seller |
2.3. Holding periods
| Event |
Transfer period to Seller |
| The Buyer confirmed receipt |
1-3 business days |
| The Buyer did not confirm, but the goods were delivered |
7 days after the "Delivered" status |
| The Buyer opened a dispute |
After the dispute is resolved |
2.4. Buyer protection
- If the goods are not delivered — full refund
- If the goods are defective — refund after returning the goods
- If the goods do not match the description — open a dispute
2.5. Seller protection
- Payment guarantee — money is already in the Platform's account
- Automatic transfer 7 days after delivery
- Protection against unreasonable returns through the dispute system
2.6. Dispute resolution procedure
- The Buyer opens a dispute in the Personal Account (up to 7 days after delivery)
- The Seller receives a notification and provides their position
- The Platform reviews the dispute (up to 5 business days)
- Decision: refund to the Buyer OR transfer to the Seller
2.7. Commission
A commission is charged for using the secure payment system according to the current Platform rates.
The current rates are posted in the "Rates" section in the Seller's Personal Account.
2.8. Important
- All payments go through a licensed payment partner (Freedom Bank)
- The Platform does not store bank card data
- Transactions are protected by the 3D Secure protocol
- Payment splitting occurs automatically
3
. Anti-Money Laundering and Know Your Customer Policy (AML/KYC)
3.1. General Provisions
3.1.1. This Policy establishes the procedure for identifying clients and countering the legalization (laundering) of proceeds from crime and the financing of terrorism on the platform atasuai.com (hereinafter referred to as the "Platform").
3.1.2. The Policy is developed in accordance with:
The Law of the Republic of Kazakhstan "On Counteracting the Legalization (Laundering) of Proceeds from Crime and the Financing of Terrorism"
FATF (Financial Action Task Force) Recommendations
Payment systems requirements (Visa, Mastercard)
3.1.3. The Policy is mandatory for execution by all employees of the Platform and applies to all Users.
3.2. Terms and Definitions
| Term |
Definition |
| AML |
Anti-Money Laundering — counteraction to money laundering |
| KYC |
Know Your Customer — know your client (identification procedure) |
| AML/CFT |
Anti-Money Laundering / Counter Financing of Terrorism |
| Beneficiary |
Ultimate beneficial owner holding >25% of the company |
| PEP |
Politically Exposed Person — politically significant person |
| Suspicious Transaction |
Transaction with signs of money laundering or terrorism financing |
3.3. Identification Procedure (KYC)
3.3.1. Identification of Sellers — Individuals
During registration, the Seller provides:
| Document |
Requirement |
Verification |
| ID / Passport |
Mandatory |
Check against the Ministry of Internal Affairs of RK database |
| IIN |
Mandatory |
Validity check |
| Selfie with document |
Mandatory |
Identity verification |
| Registration address |
Mandatory |
Indication in the form |
| Contact phone |
Mandatory |
SMS verification |
3.3.2. Identification of Sellers — Legal Entities
| Document |
Requirement |
| Certificate of Registration / Extract from the Register |
Mandatory |
| BIN |
Mandatory |
| Charter (for LLP) |
Upon request |
| Director's Documents (ID, IIN) |
Mandatory |
| Beneficiaries' Documents (if share >25%) |
Mandatory |
| Address of Actual Location |
Mandatory |
3.3.3. Simplified Identification of Buyers
Buyers undergo simplified identification:
- Phone number (SMS verification)
- Email (confirmation)
- Full name and delivery address
Full identification of the Buyer is required when:
- The order amount exceeds 1,000,000 ₸
- Suspicious activity
- Return of large amounts
3.4. Monitoring of Operations
3.4.1. Signs of Suspicious Operations
| Sign |
Action |
| Multiple orders with one card to different addresses |
Blocking + verification |
| Order > 1,000,000 ₸ from a new user |
Request for documents |
| Frequent returns without receiving goods |
Blocking + verification |
| Mismatch of card data and recipient |
Payment rejection |
| Operations from sanctioned countries |
Automatic rejection |
| Use of anonymizers / VPN when paying |
Additional verification |
3.4.2. Operation Limits
| Category |
Limit without additional verification |
Action upon exceeding |
| Single order |
500,000 ₸ |
Request for documents |
| Total orders per month (Buyer) |
2,000,000 ₸ |
Full identification |
| Payment to Seller per month |
5,000,000 ₸ |
Enhanced verification |
| Returns per month (Buyer) |
500,000 ₸ |
Fraud check |
3.5. Data Storage
KYC documents are stored for 5 years after the termination of the relationship
Transaction data is stored for 5 years
Access to data is restricted (only authorized personnel)
Data is transferred to government bodies upon official request
3.6. Final Provisions
3.6.1. The platform reserves the right to refuse service without explanation if there is suspicion of legal violations.
3.6.2. This Policy is reviewed at least once a year.
