# Generating Terms and Conditions hashes

For compliance reasons it is required to show the customers Terms and Conditions documents. A merchant is obligated to receive a confirmation from a customer that the documents are read and accepted. A merchant should send the  **SHA256 hashes** for compliance documents when creating or updating a customer using designated parameters:

* Privacy Policy - `accepted_privacy_policy_hash`
* Terms and Conditions - `accepted_terms_and_conditions_hash`
* Terms of Service - `accepted_terms_of_service_hash`

Example of a script for hash generation: [Generating Terms and Conditions Hashes for Compliance](https://docs.dtr.org/docs/generating-terms-and-conditions-hashes-for-compliance)

The generated hashes must be included in the following API when creating or updating users:

* [Create a new account](https://docs.xgateway.tech/miscellaneous/sepa-secure-service-api/customer-account-creation)
* [Update account data](https://docs.xgateway.tech/miscellaneous/sepa-secure-service-api/patching-kyc-data)

 The latest documents version at the time of writing is here:

1. Privacy Policy - <https://unblock-legal-docs-sandbox-1.s3.eu-west-2.amazonaws.com/Unblock+Privacy+policy+Apr+16+2025.docx+(1).pdf>
2. Terms and Conditions - <https://unblock-legal-docs-sandbox-1.s3.eu-west-2.amazonaws.com/67cf42617b9b92427ecae58b_EPMAP%2BT%26Cs%2BJan%2B30%2B2025.pdf>
3. Terms of Service - <https://unblock-legal-docs-sandbox-1.s3.eu-west-2.amazonaws.com/Unblock+ToU+May+12+2025.docx+(1).pdf>

Hashes for testing

1. Privacy Policy `+hKGaGhIRpUJAW9vMG5y51WMvbTOYb8C1Ln42IuTX4A=`
2. Terms and Conditions `HqKJAiAyPqBFOs386w6EVO5KlKQt5z8EzGvSB+iQeTQ=`
3. Terms of Service `lIPG8x6y+ObLv5bDWhn8h7QP0z221Iu3Ge1rLH4uvHI=`