Twilio < Pay >

Last Updated: August 5, 2025

These Twilio <Pay> requirements (“Twilio <Pay> Requirements”) will apply to Customer to the extent Customer uses any Twilio <Pay> Features (as defined below). These Twilio <Pay> Requirements supplement the terms of the agreement between Customer and Twilio covering Customer’s use of the Services (“Agreement”).

1. Definitions

“PCI-DSS” means the Payment Card Industry Data Security Standard administered by the Payment Card Industry Security Standards Council.

“Twilio Acceptable Use Policy” means the Twilio Acceptable Use Policy, the current version of which is available at https://www.twilio.com/legal/aup.

“Twilio <Pay> Features” means the specific Services, and any associated features, identified in the Twilio PCI-DSS Responsibility Matrix (as defined below).

“Twilio PCI-DSS Responsibility Matrix” means the Twilio PCI DSS Responsibility Matrix, the current version of which is available the Twilio Trust Center at https://security.twilio.com/?itemUid=af8aa24c-c7c2-4824-9bd1-f862b8cd9c83.

“Twilio <Pay> Features Documentation” means Twilio’s standard technical documentation applicable to the Twilio <Pay> Features, the current version of which is available at https://www.twilio.com/docs.

2. Access to Twilio <Pay> Features.  Customer must actively choose to enable “PCI Mode” within its account, on each individual Twilio Account SID under which it desires to use the Twilio <Pay> Features, in order to access the Twilio <Pay> Features. Customer will ensure that its use of the Twilio <Pay> Features complies with the Agreement, these Twilio <Pay> Requirements, the Twilio Acceptable Use Policy, and the Twilio <Pay> Features Documentation.

3. Payment Processing.  Twilio is neither a payment processor nor is Twilio providing Customer with, directly or indirectly, any payment processing services. Twilio is not responsible for (a) the acts or omissions of any payment processor, including, without limitation, a payment processor’s failure to process any payments; (b) any data provided by Customer to Twilio that is in a payment processor’s possession; or (c) network connectivity problems outside of Twilio’s network.

4. PCI-DSS Compliance.  Customer will comply with PCI-DSS in connection with its use of the Twilio <Pay> Features, including, without limitation, responsibilities that are designated for Customer, including Customer’s portion of any shared responsibilities between Twilio and Customer, as set forth in the Twilio PCI-DSS Responsibility Matrix. Customer acknowledges and understands that using the Twilio <Pay> Features will not make Customer PCI-DSS compliant.

5. Payment Issues.  Customer is solely responsible for managing and resolving all complaints, refunds, or credits or payment issues, disputes, reversals, chargebacks, or adjustments.

6. Payment Processor Credential Limitations.  Customer will limit Twilio’s access to Customer’s payment processor account only to allow Twilio to transmit payment information to a payment processor for the charging and tokenization of payments.