Fair Use Policy

1. What This Policy Is About

Paytia provides secure telephone payment services for contact centres. Our platform handles payment capture during live calls using DTMF tone suppression — when a customer presses their card number on their keypad, those digits are masked before they reach the agent's earpiece, the call recording, or any contact centre system. That technology only works if the platform is used correctly.

This policy exists because our service is built on trust — the trust that organisations and their customers place in us every time a payment is taken over the phone. Using the platform in ways that undermine that trust isn't just a breach of contract; it puts real people's card data at risk.

This policy forms part of your agreement with Paytia and applies to all services we provide.

2. Authorised Use

Our platform is for taking legitimate card payments from customers who have chosen to pay over the phone. That means:

• Transactions must be genuinely authorised by the cardholder
• You can only process the payment types covered by your service agreement
• Access to the platform should be limited to staff who are trained and authorised to take payments on your behalf
• Your API credentials and account login details must be kept secure — if you think they've been compromised, tell us immediately

3. Protecting the Payment Flow

This section matters more than any other. Our DTMF masking works at the telephony layer — card digits are suppressed before they hit your systems or the agent's audio feed. A few things would defeat that entirely, and you must not do them:

• Don't route audio around the masking layer.If your telephony configuration bypasses the Paytia payment session, card digits will be audible on the call and potentially captured in recordings. That's an immediate PCI DSS scope breach.
• Don't record payment sessions in a way that captures pre-suppression audio.If your call recording system is receiving audio before our masking is applied, you're storing card data — even if you don't realise it.
• Don't attempt to reconstruct DTMF tones. The point of suppression is to make card digits unrecoverable outside the secure flow. Any attempt to reverse this is a serious breach.

If you're ever unsure whether a telephony or recording configuration is compatible with our service, ask us before you deploy it. That's not a bureaucratic request — it's how we protect you and your customers.

4. What's Not Allowed

Beyond the payment flow, the following are off limits:

• Processing fraudulent transactions or payments on behalf of undisclosed third parties
• Anything that touches on money laundering or sanctions evasion — our AML obligations apply across all transaction activity
• Sharing account credentials or API keys with people outside your authorised team
• Attempting to access other customers' data or accounts
• Reverse engineering any part of our platform or service
• Using our telephony infrastructure for purposes unrelated to payment processing — for example, automated outbound calling campaigns or unsolicited communications

5. Usage Volumes and Service Integrity

We monitor our platform for unusual patterns — not to second-guess legitimate use, but because fraud and abuse look different from normal payment flows. If something flags, we'll contact you. We won't suspend access without warning unless we're dealing with an active security incident.

If your transaction volumes consistently exceed the levels in your service agreement, we'll talk to you about it. We'd always rather agree a new arrangement than throttle a growing business without explanation.

6. If Something Goes Wrong

If you suspect your account has been compromised, or a transaction has gone through that shouldn't have, contact us immediately at support@paytia.com. The sooner we know, the more we can do.

If you think you've breached this policy accidentally, tell us. We're a small team and we deal with things directly — a conversation is almost always better than an investigation after the fact.

We reserve the right to suspend access where there's an active risk of harm or fraud, and will reinstate as quickly as possible once the situation is resolved.

This Fair Use Policy is effective as of the last updated date shown above and forms part of your service agreement with Paytia Limited.