Refer to Pagero’s Master Subscription Agreement, General Terms and Conditions, and Data Processing Agreement here.

Service-Specific Terms: Gosocket Services Terms

These service-specific terms apply to services provided by Pagero through the Gosocket platform (hereinafter referred to as the “Gosocket Services”) form an integral part of the MSA entered into between a Pagero Group entity and Customer.

Additional Terms

1. Application

1.1. These Gosocket Services terms apply where the Customer is utilizing the Gosocket Services as part of the Services provided by Pagero under the Master Subscription Agreement. 

1.2. The ordered Gosocket Services are further described in a separate order document named “Technical Proposal”, including descriptions of applicable regulated tax documents, electronic certificates or electronic equivalent documents, and regulatory models of electronic invoicing.

2. Gosocket Support

2.1. If the Customer is utilizing any of the Gosocket Services through a direct integration between the Gosocket Services and Customer, the Gosocket support agreement shall apply for the support of the Gosocket Services. If the Gosocket services are utilized by Customer through a connection with Pagero Online, the applicable Pagero support agreement or support as agreed in a Technical Proposal shall govern Customer’s support services. 

3. Protection of personal data

3.1. The Gosocket Services are compliant with applicable local data protection legislation within the geographical region of Latin America, which includes Central America, South America, Mexico, and the Caribbean (hereinafter referred to as the "LATAM" region). Therefore, it is acknowledged that any data processing agreement based on EU data protection regulations shall not be applicable to the Gosocket Services. Instead the following shall apply in relation to data protection in the Gosocket Services:  

  1. The Customer will act as data controller and Pagero as data processor with respect to Personal Data processed under this Agreement, except as set forth below in relation to Contact Data. The Customer is responsible for ensuring that its instructions to Pagero in relation to the processing of personal data constitute adequate measures for the protection of personal data in accordance with applicable personal data legislation.

  2. Pagero will process the personal data provided by the Customer in order to provide Customer with the contracted service and to invoice the Customer. User data provided by Customer will be kept as long as the commercial relationship is maintained or during the years necessary to comply with legal obligations.

  3. Pagero may, from time to other contract sub-processors to meet their obligations under the Agreement. The Customer may at any time assess the current list of sub-processors at (password: Compliance). The sub-processors relevant for the Gosocket Services are listed separately.

  4. Pagero will not disclose user data to third parties, unless the owner of the data indicates so, or by legal obligation. If third parties contact us requesting Customer data, Pagero will forward any such request to the Customer. If Pagero by law is obligated to disclose Customer data to third parties, Pagero will use commercially reasonable efforts to notify the Customer in advance, unless Pagero is prevented to do so by mandatory law.

  5. The Customer is solely responsible for establishing the purposes and means and the lawfulness of the processing of personal data by Pagero (or, where appropriate, its sub-processors) in relation to the Gosocket Services.

  6. Additional provisions regarding the processing of personal data are available at

  7. Pagero shall have and maintain measures to ensure that data subjects rights requests are managed in a timely manner and are forwarded to Customer where applicable.

  8. Pagero shall have and maintain appropriate technical, business and physical processes, security standards, guidelines, controls and procedures and industry standards to protect personal data in accordance with the Gosocket ISMS Policy.

4. Data storage

4.1. When exchanging e-Documents in the countries the Gosocket Services operate, it is acknowledged that there legal obligations for organizations to keep a complete and chronological record, without any modification, of all the e-Documents that have been exchanged by the organization throughout a commercial transaction, in accordance with the time limits and the specifications established by applicable law. Said information will be stored by Gosocket (or our subcontractors) in accordance
with the requirements of the applicable country and legislation or until the Customer agreement is terminated, in which case deletion and/or export of the data must be explicitly requested by the Customer.

4.2. It is acknowledged that there are legal obligations to store e-Documents by the sender in the format in which they were transmitted and by the receiver in the format in which they were received. Local deviations may apply.

5. Information security 

5.1.    For Gosocket Services, any agreed information security clauses shall for the be replaced with the Gosocket ISMS Policy.

Gosocket ISMS Policy

For the Gosocket Services, information is a fundamental asset that supports the provision of services to clients, therefore, it must be protected to preserve its confidentiality, integrity and availability, through a continuous risk management process.

Understanding the current needs related to growing threats and vulnerabilities, the company has implemented an Information Security Management System that meets the requirements of the ISO/IEC 27001:2013 standard and which allows the identification and mitigation of security risks. to which the information is exposed, and that it is aligned with the business objectives and compliance with current legal, contractual and regulatory requirements, both for the business and for information security.

Gosocket applies the following principles:

  • Protect unauthorized disclosure of business and customer information.
  • Preserve in full the information that is generated, processed and stored, since its value lies in its veracity.
  • Keep critical business and customer information available permanently.


Gosocket's Information Security Management System is defined based on the information security risk management process, with the aim of implementing controls that protect the confidentiality, integrity and availability of information assets.

At Gosocket there is a commitment from Senior Management to establish, maintain, disclose, comply with and review the information security policy, in accordance with the objectives of both the business and information security.

Collaborators, contractors and suppliers who have responsibilities for the use and processing of Gosocket information must adopt the guidelines contained in the Information Security Management System and in the related documents that support it.

Gosocket's Information Security Policy is supported by specific policies and procedures that describe the guidelines and directives for the generation, maintenance, disposal and use of information assets.