Payment Terms and Conditions – WeSpeak Payments
Last updated: August 2025
Specific Terms – Reservation Confirmation and Payment Interface
Order of Precedence: These Terms supplement the Service Agreement (WeSpeak Terms and Conditions), its applicable Service Orders/Technical Documents and policies. In the event of conflict, the Service Agreement and the corresponding Service Order/Technical Document shall prevail. Capitalized terms not defined here have the meaning set out in the Service Agreement.
1. Scope and Purpose
1.1 WeSpeak provides, as part of the Services, an Interface that, after confirmation through a conversational channel (e.g., WhatsApp), allows the End User to confirm their reservation and select a Payment Method.
1.2 WeSpeak does not act as a travel agency, financial institution, money transmitter, proprietary payment gateway, or Merchant of Record responsible for collection. The commercial relationship for the reservation is between the Hotel (Subscriber/Merchant) and the End User.
2. Specific Definitions
Order of Precedence. These definitions supplement the Service Agreement, its Service Orders/Technical Documents and applicable policies. Capitalized terms not defined here have the meaning established in the Service Agreement.
WeSpeak (Provider). NextGen Conversations Corp, a corporation duly incorporated under the laws of Delaware, United States of America, with registered address at 1007 North Orange ST 4th Floor, Wilmington, USA, ZIP: 19801 (hereinafter "WeSpeak"). Company that provides AI communication Services, the Platform, and the Confirmation Interface. It is NOT, nor does it act as, a travel agency, financial institution, proprietary gateway, money transmitter, or Merchant of Record; it does not hold funds or decide on chargebacks. For data protection purposes, it generally acts as a processor/data processor with respect to operational data. It does not access or store complete card data.
Platform. The set of WeSpeak modules, APIs, and tools (including the Interface) for managing conversations, reservations, and operational flows defined in the Service Order/Technical Document.
Confirmation and Payment Interface (Interface). An embedded module that, after validation through a conversational channel (e.g., WhatsApp), allows the End User to confirm the reservation and select a Payment Method.
Conversational Channel. Messaging medium (e.g., WhatsApp) through which communications prior to confirmation and payment are managed.
Hotel (Subscriber / Merchant / Merchant of Record). The establishment that offers the Reservation, sets prices and policies (taxes, cancellations, no-show, refunds), processes and confirms collection, assumes tax and regulatory obligations, and is solely responsible to the End User for service provision, charges, refunds, chargebacks, and handling of payment data once displayed.
End User (Guest). Person making the Reservation and payment. Must provide accurate data, review Hotel policies, and manage cancellations, refunds, and chargebacks with the Hotel (and/or Payment Provider).
Reservation. Offer and contracting of accommodation service between the Hotel and the End User, in accordance with Hotel policies.
Service Order / Technical Document (SO/TD). Document(s) describing the scope, configurations, integrations, service levels, and economic conditions of the Service for the Hotel.
Payment Methods. Options enabled for collecting payment for the Reservation, including but not limited to: Mercado Pago, PayPal, Stripe, PayU, bank transfers, and credit cards (including card-not-present and/or manual charge modality).
Embedded Payment Data Processing Provider (PPD/ZRU/"PROVIDER"). ZRU is an independent third party, separate from WeSpeak, that provides the embedded component within the Interface for capturing and making payment data available according to the flow defined by the Hotel (Subscriber). It is not a Merchant of Record and its operation is governed exclusively by its own terms (including, as applicable, Terms and Conditions, Privacy Policy, and/or DPA), which the Hotel must review, accept, and comply with before using the service.
WeSpeak is not party to the relationship between the Hotel and ZRU/other PSPs, does not access or store complete card data, and does not guarantee or bear any responsibility for availability, security, PCI DSS compliance, authorizations, settlements, chargebacks, refunds, errors, interruptions, incidents, or any act or omission attributable to ZRU and/or Payment Providers. Any claim, dispute, or liability related to the use of ZRU/PSP shall be addressed exclusively by the Hotel with such third parties; the Hotel shall hold WeSpeak harmless from damages, penalties, costs, or claims arising from such use.
Payment Providers (PSP/Gateways). Independent third parties (e.g., Mercado Pago, PayPal, Stripe, PayU) that process transactions according to their own terms and policies (including T&C, privacy, DPA, brand rules, KYC/AML, and PCI DSS). All commissions, fees, and charges depend exclusively on the current agreement between the Hotel (Subscriber) and each PSP and/or the T&C published by the PSP. WeSpeak does not intervene, negotiate, set, or collect such amounts and assumes no responsibility for their determination or changes.
The Hotel must review, accept, and comply with each PSP's T&C and assume all resulting costs and obligations. Any claim regarding charges, settlements, or chargebacks must be directed directly to the corresponding PSP; the Hotel shall hold WeSpeak harmless from claims arising from its relationship with the PSPs.
Issuer. Entity that issues the End User's card.
Acquirer. Entity that acquires/authorizes Merchant (Hotel) transactions through the card brand network or PSP.
PCI DSS. Payment card industry security standard. The Hotel declares and warrants its compliance for handling CNP (card-not-present) payment data, including technical and organizational controls.
CNP (Card Not Present) / Manual Flow. Modality in which the End User enters their card data into the embedded component and the Hotel processes the charge manually as the Merchant.
Single View. In the CNP/manual flow, card data is shown to the Hotel once (1) and exclusively for processing the charge for the specific Reservation. The Hotel may not store, copy, photograph, transcribe, export, retain, retransmit, or reuse such data (including CVV).
Payment Data. Information necessary to process the charge (e.g., PAN, expiration date, cardholder name, CVV where applicable, and transaction metadata). WeSpeak does not access or store complete card data.
Personal Data. Any information relating to an identified or identifiable individual processed within the Platform and Interface (e.g., identification, contact data, Reservation data), in accordance with applicable regulations and privacy policies.
Chargeback. Reversal of a charge initiated by the Issuer and/or card brand at the cardholder's request. Its management falls on the Hotel and/or Payment Provider according to their policies.
Refund. Voluntary return of amounts by the Hotel in accordance with its policies applicable to the Reservation.
3. Payment Flow and Roles
3.1 Credit cards (manual/CNP): the End User enters their data into the ZRU embedded component; such data is made available to the Hotel so that it manually processes the charge and confirms the reservation.
- PCI DSS – Embedded Provider Selection by WeSpeak. WeSpeak integrates only embedded providers declared PCI DSS-compatible (e.g., ZRU) at the time of integration. WeSpeak does not access or store PAN/CVV, is not the Merchant of Record, and does not manage authorizations/settlements. WeSpeak's responsibility is limited to such selection and technical integration of the embedded provider in accordance with PCI DSS, without guaranteeing ongoing third-party compliance or assuming PCI obligations that are the Hotel's own.
- Exclusive Hotel Responsibility – CNP. In card-not-present/manual flows, the Hotel (Subscriber) is solely and exclusively responsible for handling all payment data once it is displayed (single view). The Hotel declares and warrants its current PCI DSS compliance for CNP, including adequate technical and organizational controls (minimum access, access logging, segmentation, clean desk, secure destruction, training, and risk assessment), and will maintain its AOC/SAQ updated, making evidence available to WeSpeak upon reasonable request.
- Exclusive Use and Prohibitions (sworn declaration). The Hotel, under penalty of perjury (or equivalent provision in the applicable jurisdiction), commits to using card data exclusively for processing the charge of the specific reservation. It is expressly prohibited to store, copy, photograph, transcribe, export, retain, retransmit, or reuse such data—including the CVV, the retention of which is prohibited—for any other purpose. The Hotel must proceed to immediate and secure destruction/purging of any sensitive data once the charge has been made or when the data is no longer strictly necessary for that collection.
- Incidents and Cooperation. In the event of any incident (actual or suspected) affecting payment data, the Hotel will notify WeSpeak without delay and within 24 hours, will cooperate in the investigation, and will assume all costs, penalties, brand fines, chargebacks, damages, and any resulting liability.
- Indemnity. The Hotel shall hold WeSpeak (and its affiliates, directors, and collaborators) harmless from all claims, losses, penalties, chargebacks, damages, or costs (including reasonable legal fees) arising from the handling of payment data in CNP/manual flows and/or from the Hotel's non-compliance with PCI DSS or this section.
3.2 Bank transfer: the Hotel provides instructions and confirms the reservation once the transfer is verified.
3.3 Other Providers (Mercado Pago/PayPal/Stripe/PayU): the flow, authorization, settlement, commissions, and chargebacks are governed by the provider's terms and the Hotel's policies.
3.4 WeSpeak does not manage funds, does not control ZRU's or the Providers' operations, and does not guarantee the approval, availability, or performance of third parties.
4. Card Data Processing (Single View)
4.1 Single view by the Hotel: in the manual/CNP flow, the Hotel will have the possibility to view card data once (1), exclusively to process the charge for the specific reservation.
4.2 Prohibitions: the Hotel may not store, copy, photograph, transcribe, export, retain, retransmit, or reuse card data (including CVV) beyond the charge for that reservation.
4.3 PCI DSS: the Hotel declares and warrants compliance with PCI DSS and applicable regulations (personal data, cybersecurity, consumer protection, anti-fraud) for card-not-present handling.
4.4 WeSpeak Exemption: from the moment the data is displayed to the Hotel, all custody, processing, security, use, or misuse of the information is the exclusive responsibility of the Hotel. WeSpeak does not access or store complete card data and is not responsible for actions or omissions by the Hotel or ZRU/Providers.
5. Confirmation, Cancellation, Refunds, and Chargebacks
5.1 The reservation is considered confirmed when the Hotel expressly notifies through the defined channel.
5.2 Cancellation, no-show, refund, and chargeback policies are established and managed by the Hotel and/or the corresponding Payment Provider. Any refund is processed directly with the Hotel/Provider.
5.3 Accrual of WeSpeak Service Fees. At the moment the End User enters payment data through the embedded processor (PPD Provider) and such data is made available to the Hotel/PSP through the Interface, WeSpeak's service is considered fully rendered and the charges/fees established in the SO/TD (e.g., per transaction/reservation/use) accrue immediately. These charges are due and independent of Hotel policies and any subsequent outcome (approvals or rejections, cancellations, no-show, refunds, chargebacks, errors, or third-party unavailability).
5.4 (Non-participation in collection – exemption). WeSpeak does not participate in the authorization, capture, settlement, or disbursement of funds; it is not a Merchant of Record, collection agent, or fund custodian. Its role is limited to providing the Interface and the data capture/availability flow via ZRU. Therefore, WeSpeak is exempt from all liability to the Hotel and/or End User for authorizations, rejections, settlements, disbursement timing, commissions, chargebacks, refunds, fraud, or any act or omission attributable to the Hotel, ZRU, or PSPs/third parties.
6. Hotel (Subscriber) Obligations
6.1 Provide accurate information and clear policies (rates, taxes, cancellation, refunds) and keep them updated in the Platform and/or booking page.
6.2 Comply with PCI DSS, guarantee non-retention of sensitive data, and use information only for the applicable reservation charge.
6.3 Attend to and resolve queries, complaints, refunds, chargebacks, and payment disputes.
6.4 Subscriber Privacy Policy. The Subscriber will maintain a public, accurate, and current privacy policy describing how it collects, uses, and discloses personal data—including collection/use by WeSpeak and/or the Processor (including through cookies or other means)—in connection with the Services.
6.5 Representations and authorizations. The Subscriber declares that it has all rights and consents required by law to allow WeSpeak and/or the Processor to collect, use, retain, and disclose personal data and Cardholder Data in accordance with these T&C and WeSpeak's Privacy Policy, and that such processing does not violate applicable regulations.
6.6 Third-party data confidentiality. If the Subscriber receives customer/cardholder data (including Cardholder Data), it commits to keeping it confidential and using it only for the Services or as permitted by the cardholder; it will not disclose it to third parties or use it for marketing without express consent; it will not disclose Cardholder Data except to process the transaction requested by the customer.
6.7 The Subscriber also commits to:
- Comply with all applicable law (financial services, consumer, competition, anti-discrimination, advertising);
- Not submit transactions that do not arise from an actual sale of its own goods/services;
- Not act as an intermediary/payment aggregator;
- Not submit suspicious or fraudulent authorizations/transactions;
- Not circumvent technical limitations or perform reverse engineering;
- Not interfere with operations or impose disproportionate burdens;
- Not sublicense, resell, or transfer rights without express authorization.
6.8 Indemnity: hold WeSpeak harmless from claims, penalties, or costs arising from handling of payment data, fraud, chargebacks, security incidents, or Hotel breaches.
7. End User Obligations
7.1 Provide accurate data and a valid payment method.
7.2 Review and accept Hotel policies before paying.
7.3 Manage any cancellation, refund, or chargeback directly with the Hotel/Provider.
8. Availability and Third-Party Services
8.1 The Interface may depend on third-party channels and services (e.g., WhatsApp, ZRU, gateways). WeSpeak does not guarantee uninterrupted continuity or absence of errors from such third parties. The Interface and the Platform are provided "as is" and "as available," without guarantees of results.
8.2 WeSpeak may modify or discontinue the Interface or supported Payment Methods without assuming liability for third-party decisions or failures.
8.3 (Absence of additional warranties). To the maximum extent permitted by law, WeSpeak disclaims all express, implied, or statutory warranties, including merchantability, fitness for a particular purpose, non-infringement, satisfactory quality, accuracy, or availability. No advice or information (oral or written) will generate warranties other than those provided in the Service Agreement and, where applicable, in the SO/TD. Any SLA or service level applies only if expressly agreed in the corresponding SO/TD.
9. Privacy and Data Protection
9.1 In general, WeSpeak acts as a processor/data processor with respect to operational data, in accordance with the Service Agreement and applicable Subscriber/Hotel privacy policies.
9.2 For payment data, capture is performed via ZRU and the single exposure to the Hotel occurs under the Hotel's control and responsibility. WeSpeak does not retain complete card data.
10. Liability and Limits
10.1 The disclaimers, exclusions, and liability limits of the Service Agreement apply. Notwithstanding, for the manual/CNP flow the Hotel assumes exclusive responsibility for the handling of card data once displayed.
10.2 WeSpeak shall not be liable for indirect losses, chargebacks, third-party unavailability, Provider failures, or Hotel errors in amounts/charges/policies.
11. Term, Modifications, and Termination
11.1 These Terms apply while the Hotel uses the Interface under its subscription and SO/TD.
11.2 Modifications at WeSpeak's discretion and duty to review. WeSpeak may, at its sole discretion and at any time, modify or update these Terms. Unless applicable law requires otherwise, modifications will be effective upon publication on WeSpeak's Terms & Conditions page and/or upon notification as provided in the Service Agreement, without the need for additional express consent. The Subscriber/Hotel is obligated to review them periodically and, in any case, before using the Interface to check for changes. The current version will always be the last published, and continued use of the Services implies acceptance.
11.3 Automatic suspension/termination due to risk, fraud, or misuse. Without prejudice to what is provided in the Service Agreement and the SO/TD, WeSpeak may suspend and/or terminate, by operation of law, immediately, in whole or in part, and without liability, the Subscriber/Hotel's access to the Interface when there are reasonable indications of irregularities, fraud, attempted fraud, abuse, misuse, non-compliance with PCI DSS, or improper handling of Payment Data, violation of law or PSP/third party terms, or in the face of security, operational, or reputational risks. WeSpeak may block access, disable functions, preserve evidence, and notify PSPs/authorities when appropriate. The Subscriber/Hotel will be informed as soon as possible.
Accrued charges will remain due and there will be no refunds, and the Subscriber/Hotel must cooperate by providing the necessary information for the investigation.
12. Verification and Eligibility (KYB)
12.1 WeSpeak may request, and the Subscriber must provide within 5 business days, information reasonably necessary to verify identity, ownership, and regulatory compliance, including: company name and registration/tax number, registered address, representative data and powers of attorney, URL of its public privacy policy, privacy/security contact, applicable PCI DSS evidence (e.g., SAQ/AOC for CNP), and fraud prevention policies. WeSpeak may conduct checks against sanctions and compliance lists through third parties.
WeSpeak does not open acquiring accounts, perform financial underwriting, or hold funds. Non-compliance with this section enables suspension and/or termination under clause 11.3. (Data processing in accordance with the Agreement and Privacy Policy.)
12.2 Limited remote audit. Upon reasonable notice, WeSpeak may request documentary evidence (non-intrusive) to confirm compliance with these Terms (including PCI DSS in CNP flows). Unjustified refusal enables the measures in clause 11.3.
13. Governing Law and Dispute Resolution
13.1 Governing law, jurisdiction, and/or arbitration shall be as provided in the current Service Agreement between the Parties and/or the SO/TD.
13.2 In the absence of express provisions in the Service Agreement or SO/TD, any dispute arising from or related to these Terms shall be resolved by arbitration administered by the ICC in accordance with its current Rules; the tribunal shall be composed of one (1) sole arbitrator and the seat of arbitration shall be the City of Buenos Aires, Republic of Argentina.
Operational Annex (Card-Not-Present/Manual)
- Single view: ZRU will show the Hotel card data only once; the Hotel must process the charge immediately and will not retain sensitive data (including CVV).
- Security: adequate technical and organizational controls (minimum access, access logging, segmentation, clean desk, secure destruction).
- Incidents: upon suspicion of an incident affecting payment data, the Hotel will immediately notify WeSpeak and applicable brands/providers, cooperate in the investigation, and assume corresponding costs/penalties/claims.
- Indemnity: the Hotel will indemnify WeSpeak for any claims from cardholders, brands, acquirers, banks, authorities, or third parties related to the manual/CNP flow.
For inquiries: info@wespeak.pro