Legal

Terms of Service

Effective Date: May 13, 2026 · Governing Law: Delaware, United States · 20022api.com

    20022api.com is operated by NextGenRails™, an independent cryptographic infrastructure authority. By accessing or using this service, you agree to these terms in full. If you do not agree, do not use the service.
  

1. Service Description

20022api.com provides a REST API for cryptographic validation of ISO 20022 financial messages. The service accepts JSON-formatted ISO 20022 messages, processes them in-memory, and returns a signed JSON Web Signature (JWS) receipt proving message composition and integrity at a specific point in time.

The service operates under a zero-retention architecture. Submitted message data is processed transiently and immediately discarded after receipt generation. No message content is stored, logged, indexed, or retained.

2. API Access and Keys

Access to the validation API requires a valid API key obtained through a completed purchase. API keys are:

Non-transferable and for your use only
Subject to usage limits as specified at purchase (10 receipts for Standard, 10 for Advanced, 25/month for Professional)
Delivered to the email address provided at checkout
Not replaceable if lost — keep your key secure

You are responsible for all API calls made using your key. Do not share your key publicly or embed it in client-side code.

3. Payment and Refunds

All purchases are final. No refunds are issued except where required by applicable law. One-time packs are consumed as API calls are made. Monthly subscriptions may be cancelled at any time; cancellation takes effect at the end of the current billing period.

Payments are processed by Stripe. NextGenRails does not store payment card information.

4. Receipt Validity and Limitations

Issued receipts constitute cryptographic proof of the submitted message's composition at the time of issuance. Specifically:

A receipt proves what data was submitted and when
A receipt does not constitute legal compliance certification
A receipt does not guarantee the message's business validity, regulatory acceptance, or settlement status
Receipt verification requires the public key available at /.netlify/functions/public-key

    The receipt proves submitted input state at issuance time with a signed output and an independent validation path. It does not claim full legal compliance or automatic regulatory acceptance.
  

5. Acceptable Use

You may not use this service to:

Submit fraudulent, fabricated, or maliciously crafted financial messages
Attempt to reverse-engineer, circumvent, or compromise the signing infrastructure
Resell or white-label API access without a written enterprise agreement
Automate bulk submissions in excess of purchased receipt limits
Use the service in violation of any applicable financial regulation or law

6. Intellectual Property

The 20022api.com service, including its cryptographic protocols, receipt format, signing infrastructure, and associated software, is proprietary to NextGenRails™. A U.S. provisional patent application has been filed. All rights reserved.

The ISO 20022 standard is owned by ISO. NextGenRails™ claims no ownership over the ISO 20022 message standard itself.

7. Disclaimer of Warranties

The service is provided "as is" without warranty of any kind, express or implied. NextGenRails™ does not warrant that the service will be uninterrupted, error-free, or that receipts will be accepted by any specific regulatory authority, counterparty, or auditor.

8. Limitation of Liability

To the maximum extent permitted by law, NextGenRails™ shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of the service, even if advised of the possibility of such damages. Total liability shall not exceed the amount paid for the specific receipt pack or subscription period giving rise to the claim.

9. Privacy and Data Handling

Zero-retention architecture means submitted message data is never stored. The email address provided at checkout is used solely to deliver your API key and service communications. No message content, financial data, or submission history is retained by NextGenRails™.

Anonymous page view analytics are collected via Supabase for operational monitoring. No personally identifiable information is collected from API usage.

10. Modifications

NextGenRails™ reserves the right to modify these terms at any time. Continued use of the service after changes are posted constitutes acceptance of the revised terms. Material changes will be communicated via the email address on file.

11. Governing Law

These terms are governed by the laws of the State of Delaware, United States, without regard to conflict of law principles. Any disputes shall be resolved in the courts of Delaware.

Privacy & Data Collection

This site collects anonymous usage analytics including pages visited, browser type, referrer URL, and approximate geographic location derived from IP address. No personally identifiable information is collected or stored. IP addresses are never retained.

Financial message payloads submitted via the API are processed in memory and immediately discarded per the Zero Retention Policy above. No submitted message content is stored after processing.

Payment data is processed exclusively by Stripe. NextGenRails™ does not store payment card details. Analytics data is used solely for internal operational purposes and is never sold or shared. Full disclosure: nextgenrails.net/legal

To request deletion of any personal data, contact ngr.admin@proton.me. Requests processed within 30 days.

12. Contact

For questions regarding these terms: ngr.admin@proton.me

NextGenRails™ · 20022api.com · ISO 20022 Validation Authority · NGR-TEC-20022-001