Terms and Conditions for Mercado Pago Developers
Last modified: 08/14/2024
These Terms and conditions, including their annexes (the “Terms and Conditions”), constitute a contract that establishes the rules for any legal person and/or legal entity to participate as a Developer and to access and/or use the API of Deremate.com de Uruguay S.R.L., R.U.T: 214111700011 (“Mercado Pago” or the “API”). By accessing and/or using the API, Developers accept these Terms and Conditions.
Any person who does not accept these Terms and Conditions for Mercado Pago Developers will not be able to participate as a Developer, nor access and/or use the API.
1. Definitions
1.1 API: It is the Application Programming Interface of Mercado Pago and any other tool made available to Developers.
1.2 Application: It is the software application, website, or other interface that the Developer creates, owns, or operates to interact with the API, the Website, and/or the services provided by Mercado Pago.
1.3 Access Credentials: These are the confidential security keys provided to the Developer by Mercado Pago for the use of the API, such as the Developer's Username, their access credentials for Mercado Pago, and the application identification key automatically assigned by Mercado Pago, as well as those shared by third parties for the purpose of developing for those accounts.
1.4 Mercado Pago Content: This is the information stored in Mercado Pago's databases, which Mercado Pago, at its sole discretion, makes available to Developers through the API. Mercado Pago Content does not include information obtained by Developers independently of Mercado Pago and the API.
1.5 Developers: All legal persons or entities, regardless of whether they are Users of Mercado Libre and/or Mercado Pago, who use any of Mercado Pago's tools in their own or third-party software.
1.6 Incident: It refers to: (i) any detected infringement in the facilities, equipment, systems, or staff contracted or employed by the Developer (hereinafter referred to as a “Infringement”), which could reasonably be expected to have an adverse effect on the security, confidentiality, or integrity of the Data and the involved systems; (ii) any appropriation of data, and/or any situation that implies or constitutes unauthorized Use or alteration of the Data and the involved systems and/or servers; as well as any situation that implies a threat to their security or constitutes unauthorized Use of the Data; and (iii) any failure to comply with the regulations regarding data protection and security.
1.7 Personal Data: Any information related to an identified or identifiable natural person. An identifiable person is considered to be any individual whose identity can be determined, directly or indirectly, through an identifier, such as a name, an identification number, location data, an online identifier, or one or more elements specific to the physical, physiological, genetic, psychological, economic, cultural, or social identity of that person.
1.8 Data Processor: Natural or legal person who processes Personal Data on behalf of and under the direction of the Data Controller.
1.9 Data Protection Laws: Refers to all laws, regulations, rules, and orders of any jurisdiction or subdivision thereof related to the privacy, security, confidentiality, and/or integrity of Personal Data applicable to these Terms and Conditions, especially Law 18,331 regarding the Protection of Personal Data and any other applicable regulations.
1.10 Mercado Libre: Deremate.com de Uruguay S.R.L. and/or any of its controlled, affiliated, or related companies.
1.11 Mercado Pago: It is a business unit of Deremate.com de Uruguay S.R.L. (“Mercado Libre”) that provides, among other services, online payment processing.
1.12 Data Controller: The natural person or legal entity that, alone or jointly with others, determines the purposes and means of processing Personal Data.
1.13 Terms and Conditions: The Terms and Conditions for Developers of Mercado Pago, through which Mercado Pago makes the API available to Developers, so that in its use or application, Applications that employ content from the Website can be developed, integrated, and interact with it and/or with the services provided by Mercado Pago, or facilitate its use.
1.14 Data Subject: An identified or identifiable natural person whose Personal Data is processed under these Terms and Conditions and who has rights over their data, in accordance with the provisions of the Personal Data Protection Laws.
**1.15 Process, Data Processing:**Any operation performed on Personal Data, including but not limited to collection, consultation, receipt, use, transfer, retrieval, manipulation, recording, organization, storage, maintenance, hosting, adaptation, alteration, possession, disclosure, dissemination (by transmission, broadcast, or making available in any other form), blocking, deletion, destruction, sale, or licensing.
1.16 Website: Refers to the Mercado Pago Developers website (available at the URL https://www.mercadopago.com.uy/developers) and all its versions belonging to Mercado Libre.
1.17 General Terms and Conditions: These are the provisions and policies under which Mercado Pago offers its services to Users.
1.18 Application User: These are the end users of the Application, their service providers, and/or any person who grants a sublicense for the Application.
1.19 Mercado Pago Users: These are the individuals who have accepted the terms and conditions of use of Mercado Pago and are registered as Mercado Pago Users.
2. The API
2.1 License
Mercado Pago grants Developers, while they use the API, a limited, non-exclusive, personal, revocable, and non-transferable license to use the API, solely for the purposes listed below and subject to the limitations set forth in these Terms and Conditions:
2.1.1 To facilitate, enhance, and/or boost the use and functionalities of the Website and the services provided by Mercado Pago;
2.1.2 To allow your Application to interact with Mercado Pago's Content, to obtain the necessary information to facilitate its use by the Users of the Application;
2.1.3 To make a limited number of intermediate copies of Mercado Pago's Content only to the extent strictly necessary to carry out the activities permitted by these Terms and Conditions. Developers must delete the intermediate copies when they are no longer necessary for the purposes for which they were created; and
2.1.4 Publish Mercado Pago Content within an Application in accordance with these Terms and Conditions, implementing appropriate security measures to prevent unauthorized third parties from accessing Mercado Pago Content.
2.2 Access
Developers can access the API through the means described in the documentation linked to the API that will be provided by Mercado Pago.
Mercado Pago, at its sole discretion, may require Developers to have Access Credentials (for example, passwords or access tokens) to access the API. Developers must keep these keys confidential and are responsible at all times for the use made of them and for the actions taken when accessing the API using the mentioned credentials.
2.3 Limits on API Calls
Mercado Pago may limit, at its discretion, the number of API calls that a Developer can make during any period. Mercado Pago will determine the limits on requests based on various factors, such as how a Developer uses their Application or the expected volume of use of their Application, among others. Mercado Pago may, at its sole discretion, charge Developers a fee for API calls that exceed the established request limit, or interrupt their access to the API. Unused API calls cannot be carried over to the following day or month, as applicable.
2.4 Applications
Developers may create, display, or distribute Applications that interact with the API, the Website, and the Content of Mercado Pago. Each Developer will be solely responsible regarding the Users of the Application or any third party for the Applications they develop, as well as for their operation, use, and respective consequences. The Applications must observe and comply with all applicable regulations in each jurisdiction where their use is permitted.
Mercado Pago will not recommend, refer, control, review, manage, sponsor, approve, guarantee, or endorse the Applications.
Developers must refrain from including in the title by which the Application is identified the words: “mercado,” “libre,” “pago,” “shops,” “envíos,” and/or “crédito” and shall refrain from using within the Application: (i) such designations; and/or (ii) a combination of colors, screen content, elements, or formats that are identical, similar, or closely resembling those of Mercado Pago, which could confuse or mislead Users.
Developers acknowledge and accept that Mercado Pago may develop products, services, or applications that may compete with the Applications or any other product or service developed by the Developers.
The Developers authorize Mercado Pago to: (i) make copies, modifications, distribution, or internal testing of the Application or other processes that Mercado Pago deems necessary; and (ii) display images related to the content or operation of the Application on the Website or any other document or by any other means.
3. Certifications
Mercado Pago, at its sole discretion, may request or grant certifications for Developers or Applications (the “Certification”).
Through Certification, Mercado Pago or a third party designated by Mercado Pago will confirm that the Developers or Applications meet all the requirements set by Mercado Pago to determine that the Developer or Application is knowledgeable about the API and follows best practices regarding its access and use. Mercado Pago will not recommend, refer, control, review, manage, sponsor, approve, guarantee, or endorse certified Developers or Applications.
Developers and Applications that obtain Certification will be able to access the benefits that Mercado Pago grants to certified Developers and Applications (“Certified Developers Program” or “Developer Partner Program”). Any benefit received under the Certified Developers Program will be governed by these Terms and Conditions and the Terms and Conditions of the Certified Developers Program.
The Developers will be responsible for the costs associated with the Certification.
Mercado Pago may, at its sole discretion, prohibit any Developer from participating in the Certified Developers Program and therefore deny access to the API until they can prove they have obtained the Certification.
Mercado Pago may revoke any Certification granted if, in its sole discretion, a Developer or an Application has failed to meet the requirements for granting the Certification or these Terms and Conditions.
Mercado Pago may modify the requirements for accessing the Certification and associated benefits of the Certified Developers Program at any time, at its sole discretion, in which case it may require Developers or Applications that have obtained the Certification to comply with the new requirements in order to maintain it. Additionally, modifications made to an Application after obtaining the Certification may be subject to recertification.
4. Brands
4.1 Mercado Pago Brands
Mercado Pago may grant Developers a limited, non-exclusive, personal, non-transferable, free, and revocable license to display certain trademarks owned by Mercado Libre, whether registered or not, related to these Terms and Conditions (the “Mercado Pago Brands”). This authorization is limited to being granted and used by the Developer within the Oriental Republic of Uruguay and exclusively to fulfill the purpose for which it was granted.
Developers may only display the Mercado Pago Brands to identify their participation as Developers. Those who do not meet the requirements to participate must refrain from using the Mercado Pago Brands and may not present themselves to any third party as a “Developer” or “Certified Developer” or “Certified Partner” or “Certified Application” of or by Mercado Pago.
Developers may not use the Mercado Pago Brands in a way that creates or may create confusion and/or lead Users of the Applications or third parties receiving their communications to interpret that the Applications are owned by Mercado Pago, have been developed by Mercado Pago, or that there is a relationship, association, or connection between Mercado Pago and the Application and/or the Developer beyond what is established in these Terms and Conditions and in the Terms and Conditions of the Developer Program. It must always be clear that the Developer or the Application does not belong to Mercado Pago and that Mercado Pago does not recommend, refer, control, review, sponsor, approve, manage, guarantee, or in any way endorse the Application or the Developer.
The use of the Mercado Pago Brands must comply with the guidelines established in the Mercado Pago Brand Manual, which will be incorporated by reference into these Terms and Conditions, and with any other guidelines that Mercado Pago may establish and/or modify in the future regarding the use of all its brands.
Any use of the Mercado Pago Brands outside the scope of the license provided in this clause will require express written authorization from Mercado Pago (which may be granted by email).
Developers may not modify the Mercado Pago Brands in any way. Mercado Pago may modify or update the Mercado Pago Brands at any time, and Developers using them must display them in their modified or updated version.
Mercado Pago may revoke the usage license provided in this clause at any time and for any reason, without this generating any right to compensation for the Developer, in which case the Developer must cease using the Mercado Pago Brands immediately. On the contrary, the Developer will be solely and fully responsible for the reasons for the revocation made by Mercado Pago.
4.2 Developer Brands
Developers grant Mercado Pago a non-exclusive, free license, without territorial or temporal limitations or of any other nature, to use, at its sole discretion, the trade names, brands, logos, designs, and domain names or ownership of the Developers (the "Developer Brands"), for the purpose of advertising or promoting their participation as Developers and/or to disseminate the existence of the Application.
When a Developer requests Mercado Pago to include an Application on the Website or to host an Application by Mercado Pago, the Developer will be authorizing Mercado Pago to (i) use the Developer Brands; (ii) host the Application, provide links to it, or incorporate it in any other way into the services provided by Mercado Pago; (iii) make copies, modifications, distribution, internal testing, or other processes that Mercado Libre deems necessary; and (iv) display on the Website or any other website or document, images related to the content or operation of the Application.
5. Mercado Pago Content
5.1 Access
Mercado Pago, at its sole discretion, may restrict, limit, or filter access to Mercado Pago Content, or subject it to compliance with certain conditions. It may also require Developers to have Access Credentials to access certain Mercado Pago Content, in which case Developers must keep such keys confidential and will be responsible for their use and for the actions taken when accessing Mercado Pago Content. Mercado Pago Content may include information or data generated by third parties, and this content is the sole responsibility of the entity that generated it. For the rest of the content that is created or is an original work of Mercado Pago, any use outside the scope of the license provided in this clause will require express written authorization from Mercado Pago (which may be granted via email).
5.2 Use and Display of Mercado Pago Content
Developers may only display Mercado Pago Content within the Application, during the period in which such content is available to the public. When Mercado Pago Content is no longer available to the public, it must be removed from the Application.
The Mercado Pago Content displayed by a Developer in their Application may not be confused with or combined with third-party content.
When Mercado Pago Content contains information about Mercado Pago Users that is not public, it may only be displayed in the Application with the prior express authorization granted by such user.
Application Users may display Mercado Pago Content on their websites or in their applications. Developers must inform and subject Application Users to the guidelines set forth in this clause 5.2 regarding the display of Mercado Pago Content, as well as inform them about Mercado Pago's rights over the API and Mercado Pago Content.
6. Obtaining and Using Personal Information
When, under these Terms and Conditions, the Developer uses any of the Mercado Pago tools in their own software or in third-party software for application development, and processes Personal Data for this purpose, the following provisions are established:
6.1 Developer's Role: When handling Personal Data, the Mercado Pago User who allows the Developer to access Personal Data through the use of the API will act as the Data Controller, and the Developer will act as their Data Processor. Both Parties commit to comply with the Personal Data Protection Laws.
6.2 Purpose and Proportionality of Processing: The Developer may only process Personal Data in accordance with the instructions and authorizations received from the Mercado Pago User acting as the Data Controller. The Developer will process the Personal Data they access solely to fulfill the purposes and obligations established in these Terms and Conditions.
If the Developer engages in any processing activity that is not related to the execution of these Terms and Conditions, this processing activity will be carried out outside the context of the conditions established by this Clause. In this case, the Developer will be solely responsible for such processing, and Mercado Pago and any of its related companies will be exempt from any complaint, report, claim, obligation, or liability arising from the improper processing of Personal Data.
6.3 Subcontracting: If the Developer decides to hire a subprocessor to carry out any Personal Data processing operation related to the execution of these Terms and Conditions, they must ensure that the subprocessor limits the use of Personal Data to the purposes specified in the contract with the Mercado Pago User, has the ability to keep the Personal Data secure and confidential, and complies with the requirements of these Terms and Conditions and the Personal Data Protection Laws.
6.4 Requirements from Competent Authorities: The Developer, in addition to notifying the Mercado Pago User, must immediately and without unjustified delay notify Mercado Pago of any communication or request received from a Competent Authority. The Developer will cooperate with Mercado Pago as permitted or required by the Personal Data Protection Laws to respond to the requests from the Competent Authorities.
6.5 Indemnification: Developers must indemnify Mercado Pago for any direct or indirect damage resulting from any breach of the obligations established in these Terms and Conditions and/or the Personal Data Protection Laws.
6.6 Security and Confidentiality of Personal Information: Developers will adopt appropriate and updated technical and organizational security measures to protect Personal Data and any information accessed from Mercado Pago Users to prevent loss, use, disclosure, acquisition, or unauthorized access and/or Security Incident.
In addition to notifying the Mercado Pago User, the Developer must notify Mercado Pago of any Privacy Incident, including any Privacy Incident involving their subprocessors, by sending an email to privacidad@mercadolibre.com. The Developer will cooperate with Mercado Pago in the investigation and audit, or any other action that Mercado Pago, at its discretion, implements, and will carry out the applicable corrective measures.
6.7. Retention Period for Personal Data: The Developer will not retain Personal Data longer than necessary to fulfill the purposes and obligations established in these Terms and Conditions. However, the Developer may retain Personal Data for an additional period when: (i) permitted or required by applicable laws; or (ii) authorized by the Data Subjects.
7. Restricted Activities
7.1 Developers may not access (nor facilitate or allow third parties to use or access) the API, nor use it in any way that is not expressly permitted under the Terms and Conditions.
7.2 Developers may not perform or allow third parties to perform the following activities:
A. Market or sublicense the API for use by third parties. Therefore, they may not create an Application that functions substantially the same as the API and offer its use for and by third parties.
B. Distribute, publish, or allow access to Mercado Pago Content from any location or source other than their Application, or allow its disclosure in an unauthorized manner under these Terms and Conditions.
C. Allow linking to the API or to Mercado Pago Content from any location or source other than their Application.
D. Market, distribute, copy, reproduce, or store Mercado Pago Content for purposes other than those allowed in the Terms and Conditions, or sublicense such Mercado Pago Content to third parties.
E. Modify, disassemble, or decompile the API or Mercado Pago Content, perform reverse engineering, interfere with or alter the API or the servers or networks that provide the API, or make any other alterations. They may not avoid technical limitations or disable, alter, or attempt to evade any mechanism that limits the use of the API.
F. Use robots, harvesters, spiders, scraping, or other technology to access Mercado Pago Content or the Website or services provided by Mercado Pago, or use them to obtain any information not provided to them by Mercado Pago under these Terms and Conditions.
G. Knowingly create an Application that may be used to infringe the Terms and Conditions of Use or any other policy of Mercado Pago as well as any applicable law.
H. Use the API in such a way that exceeds a reasonable order volume, constitutes abuse or excessive use, overloads, interferes with, or harms the Website, Mercado Pago services, and/or its networks in any way.
I. Allow an Application, or the use of the API or Mercado Pago Content by an Application: (i) to be false, incomplete, inaccurate, or misleading; (ii) to infringe third-party rights, including, without limitation, copyrights, patents, trademarks, trade secrets, or other intellectual property rights, or third-party privacy or data privacy rights; (iii) to infringe any applicable law, regulation, ordinance, contract, or generally accepted practice in the activity in which the Developer operates or in which the Application is used (for example, those related to trade and export, financial services, and the credit and debit card industry, consumer protection, economic competition, discrimination, or false advertising); (iv) to be defamatory or threatening; (v) to contain viruses or other computer programming routines that may damage, interfere with, intercept secretly, or expropriate any system or set of data; (vi) to harm, in any way, the operation of the Website and/or the services provided by Mercado Pago or interfere with the security, identification, and authentication mechanisms employed by Mercado Pago for the Website and/or its services; (vii) to generate or possibly generate any type of liability for Mercado Pago or cause it to lose all or part of the services of its Internet service providers or other providers; (viii) to infringe PCI_DSS standards or capture and/or store transaction data made by Mercado Pago Users with credit or debit cards or financial information of such users, which implies an express and unrestricted prohibition on storing credit or debit card information, cardholder data, security codes, etc., in any database, vault, website, data warehouse, or any other type of storage owned by the Developer or third parties; (ix) to capture or store security keys of Mercado Pago Users, or identity document numbers, driver's license numbers, or Social Security numbers in an unauthorized manner under these Terms and Conditions or under the Terms and Conditions of Use or the Privacy Policies of Mercado Libre.
J. Provide data or information to Mercado Pago unless the Developer states and guarantees its truthfulness and ownership of the necessary rights to provide such data or information to Mercado Pago.
8. Modifications to the API, the Website, and/or the services. Maintenance
Mercado Pago will not be obligated to update the API. However, at its sole discretion, it may, at any time: (i) modify the API and/or the number of API calls allowed; (ii) its databases; (iii) any Website or service provided by Mercado Pago; or (iv) any of the benefits or functions provided in relation to the use of the API.
The Developer acknowledges and agrees that, in the event that Mercado Pago decides to implement updates or modifications as provided in the previous paragraph, these may involve substantial changes to the functionalities of the API or may affect the Application in such a way that Developers must make changes to their Applications at their own expense and cost to maintain compatibility or interface with the API or the Website or the services provided by Mercado Pago.
Mercado Pago is not obligated to provide any support or maintenance services for the API.
9. Monitoring and Audits
Mercado Pago may monitor or supervise the use that Developers make of the API and/or the operation of the Applications. Developers may not, nor attempt to, block or otherwise interfere with the monitoring or supervision, and Mercado Pago may counteract by technical means any method that Developers use to block or interfere with such monitoring activities.
In the event that Mercado Pago becomes aware of or suspects an infringement of the security of the facilities, systems, websites, or Applications of a Developer where Mercado Pago Content is displayed or stored, or of a Developer's infringement of the security requirements described in Clause 10 of these Terms and Conditions, Mercado Pago may suspend or discontinue their access to the API and Mercado Pago Content and/or may conduct a security audit.
Additionally, Mercado Pago may periodically audit, randomly and without prior notice, the systems and facilities of Developers to ensure compliance with the security requirements established in Clause 10. Such audits will be conducted in a non-invasive manner on the networks and applications of Developers and may include requests for documentation and information.
Developers must cooperate with the audits conducted by Mercado Pago and, if required, must demonstrate that they comply with the Terms and Conditions.
Mercado Pago will provide the Developer with detailed results of any security audit conducted. The Developer will have thirty (30) days to resolve any issues that Mercado Pago has identified during the security audit. If the Developer does not resolve such issues, Mercado Pago may, without the need to provide prior notice, suspend or discontinue their access to the API and Mercado Pago Content.
10. Security Requirements
Developers must comply with and enforce the security requirements detailed in this section to their employees, agents, contractors, and/or suppliers, and implement reasonable data and information security practices in accordance with industry standards (such as those mentioned in item (ii) of the third paragraph).
In particular, and without limiting the obligations set forth in the previous paragraph, they must ensure the necessary measures to protect the security of the following information: first and last name, email addresses of users, identity validation credentials, Mercado Pago User nicknames (including the API Developer nickname, Application nickname, and certificate nickname), or any other user data they may have access to; whether provided by a Mercado Pago User or obtained from Mercado Pago via the API, as well as any other requirement that Mercado Pago deems applicable.
In the event that the Developer's systems interact with Mercado Pago's systems, or that Mercado Pago interacts with the Developer's systems where confidential information of Mercado Pago and/or its affiliates is uploaded, included, or accessed, the Developer must have an adequate policy that includes mechanisms to ensure the security of confidential information.
The Developer, without the following being restrictive, must:
(i) Implement all appropriate technical and organizational measures, including a written information security program that complies with applicable and current laws and regulations, designed to ensure and protect the security, integrity, and confidentiality of the Personal Data shared and protect against any unauthorized processing, loss, use, disclosure, acquisition, or access to any Personal Data.
(ii) Have an appropriate information security policy applicable to its employees, agents, contractors, and/or suppliers that allows safeguarding and ensuring the security of the confidential information accessed.
(iii) Adhere to the best practices of the ISO/IEC 27552:2019 standard (“Privacy Management”) or 270012:2013 (“Code of Practice for Information Security Management”) in its latest version (hereinafter referred to as the "ISO ISMS Standards" - ISMS, the acronym for Information Security Management System).
(iv) Build and maintain a secure network, using firewalls and proxies where appropriate and implementing an appropriate password policy.
(v) Protect cardholder data using encrypted connections for the transmission of data and confidential information of cardholders over open public networks and take appropriate measures to safeguard personal information.
(vi) Maintain a vulnerability management program, using updated antivirus, operating systems, and support applications in their latest version, maintaining secure development procedures and conducting internal audits.
(vii) Create robust access control measures, implementing access policies, both logical and physical, for the Developer's systems and facilities.
(viii) Continuously monitor and assess the state of security in computer networks.
(ix) Comply with the PCI-DSS standard in case annual operations exceed two and a half million (2,500,000) transactions with American Express cards or six million (6,000,000) transactions with other cards. In this regard, annually the Developer must provide, upon Mercado Pago's request, evidence of their current PCI-DSS certification.
(x) When the user does not exceed six million (6,000,000) transactions annually or two and a half million (2,500,000) transactions with American Express cards, they must complete the SAQ (“Self Assessment Questionnaire”) provided by Mercado Pago annually.
(xi) Classify data based on its criticality, controls, and appropriate treatments.
Incidents
Upon becoming aware of a cybersecurity incident, the Developer must notify Mercado Pago through this form promptly, within a period that shall not exceed twenty-four (24) hours, detailing the circumstances and particulars of the case and including all available and relevant information. If applicable, within twenty-four (24) hours of receiving the aforementioned notification, the Developer must provide Mercado Pago with a copy of all written communications issued by government and/or regulatory entities and of any claims and/or petitions filed with the courts and/or with government and/or regulatory entities that relate to or arise from the incident.
Corrective Measures. In the event of a cybersecurity incident, the Developer must take those corrective and compensatory actions that Mercado Pago may reasonably request and that are customary for the circumstances of the case (such as sending notifications of infringement to the affected individuals), and follow the phases of detection, analysis and mitigation, and eradication and recovery; where in each of the phases, Mercado Pago will be notified of the progress of the implemented measures, as well as the analysis conducted that explains the scope of the incident.
The Developer must promptly reimburse Mercado Pago upon written request from it (accompanied by the corresponding details) for the costs and expenses reasonably incurred by Mercado Pago for the implementation of additional corrective and compensatory measures adopted as a result of an Incident.
Public Statements. The Developer may not issue press releases, send written notifications to individuals who were affected, or make public statements regarding a cybersecurity incident without having previously obtained written consent from Mercado Pago regarding the format, content, and timing of such announcement. The Developer must cooperate in good faith with Mercado Pago by promptly responding to all inquiries related to cybersecurity incidents.
In the event of a cybersecurity incident or if Mercado Pago and/or its subsidiaries, affiliates, related parties, and/or controlled entities are affected by negative publicity as a result of a cybersecurity incident, Mercado Pago may, at its discretion, suspend or terminate the contractual relationship with the Developer immediately, by written notification to the Developer.
11. Ownership
Mercado Pago is the owner and retains all intellectual property rights related to the API, Mercado Pago Content, the Website, the services provided by Mercado Pago, and any content or technology created or derived from those. Developers are the owners and retain all intellectual property rights related to their Application and/or their developments. These Terms and Conditions do not grant implied licenses. Any rights not expressly granted to the Developers under these Terms and Conditions are reserved to Mercado Pago.
Developers may not perform acts that infringe Mercado Pago's property rights over the API, the Website, or Mercado Pago Content.
Developers grant Mercado Pago an unlimited, irrevocable, perpetual, assignable, transferable, and free license to use all suggestions they make related to the API and/or its use.
12. Exemption and Limitation of Liability
EXCEPT AS EXPRESSLY PROVIDED IN THE TERMS AND CONDITIONS, AND TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, MERCADO PAGO DOES NOT WARRANT (I) THE AVAILABILITY, CONTINUOUS OR UNINTERRUPTED USE OF THE API, MERCADO PAGO CONTENT, THE WEBSITE, OR MERCADO PAGO SERVICES, (II) THE ADEQUACY OR SUITABILITY OF THESE FOR SPECIFIC PURPOSES, USES, OR SYSTEMS, OR (III) THE ABSENCE OF ERRORS OR MERCHANTABILITY.
MERCADO PAGO DOES NOT REPRESENT OR WARRANT THAT THE WEBSITE, MERCADO LIBRE SERVICES AND/OR MERCADO PAGO, AND THE API FUNCTION SECURELY. THE API AND ALL PRODUCTS AND SERVICES PROVIDED BY MERCADO PAGO UNDER THESE TERMS AND CONDITIONS ARE PROVIDED "AS IS," "WITH ALL FAULTS," AND "AS AVAILABLE." DEVELOPERS ASSUME THE RISK OF USING THEM, AND ACKNOWLEDGE AND AGREE THAT THEY HAVE NOT ACCEPTED THESE TERMS AND CONDITIONS BASED ON ANY WARRANTY OR STATEMENT NOT CONTAINED IN SUCH TERMS.
MERCADO LIBRE AND/OR MERCADO PAGO SHALL NOT BE LIABLE FOR CONSEQUENTIAL, DIRECT, INDIRECT DAMAGES, OR LOSS OF PROFITS OR OPPORTUNITIES, NOR SHALL IT BE OBLIGATED TO PAY ANY OTHER TYPE OF INDEMNIFICATION.
DEVELOPERS ACKNOWLEDGE AND AGREE THAT THE LIMITATIONS OF LIABILITY AGREED UPON IN THESE TERMS ARE REASONABLE, AS THEY CONSTITUTE AN ESSENTIAL ELEMENT TO MAINTAIN THE ECONOMIC CONDITIONS OF THE RELATIONSHIP BETWEEN MERCADO PAGO AND THE DEVELOPER.
13. Indemnity
Developers shall hold Mercado Pago, its controlled, controlling, and/or affiliated companies, and their respective directors, managers, representatives, and/or employees harmless from any administrative, judicial, or extrajudicial claim, damage, cost, expense, judgment, sanction, infringement, or loss arising from or related to: (i) the use that Developers make of the API; or (ii) the development, maintenance, and content of the Applications; or (iii) the infringement by Developers or the Application of third-party rights; or (iv) the breach of the Terms and Conditions by Developers or their service providers; or (v) the use of Mercado Pago Content by Developers or Users of the Application; or (vi) the use of the Application by Users of the Application; or (vii) the falsity or inaccuracy of any statements made by Developers under these Terms and Conditions as well as the documentation in general and the outdated nature of all of these; or (viii) the disclosure or improper or unauthorized use of Confidential Information and Personal Information.
To this end, Developers authorize Mercado Pago to intervene and represent them in such claims, being able to enter into, on their behalf, the transactional agreements that Mercado Pago deems appropriate and that aim to avoid further costs and/or prevent potential contingencies. Likewise, Developers may not enter into transactional agreements without the prior consent of Mercado Pago, which shall not be unreasonably withheld.
14. Confidentiality
Developers will not use or disclose Confidential Information except as necessary to comply with the Terms and Conditions and to the extent permitted therein.
“Confidential Information” includes all information provided to Developers by Mercado Pago under the Developer Program and/or the Certified Developers Program, including, but not limited to, the API, Mercado Pago Content, Access Credentials, and/or any information received by Developers through the API or provided by Mercado Pago to Developers.
15. Termination
Mercado Pago reserves the right to revoke, suspend, or interrupt, in whole or in part, the license to use and access the API and any other rights granted under these Terms and Conditions, without cause and at any time, without the need to notify and without generating liability towards the Developer, their suppliers, the Application Users, or third parties.
Furthermore, if Mercado Pago reasonably believes that a Developer or their service providers have infringed the Terms and Conditions, Mercado Pago may take all measures it deems appropriate, such as issuing a warning, initiating an investigation, or suspending or revoking, without prior notice, the license to use the API.
In the event of revocation, the Developer must: (i) cease using and accessing the API and Mercado Pago Content; (ii) pay any overdue and accrued fees up to the date of revocation; (iii) destroy all intermediate copies of Mercado Pago Content and Personal Information; and (iv) cease identifying themselves as a Developer and/or stop using Mercado Pago's Trademarks.
16. Jurisdiction and Applicable Law
This agreement will be governed in all its points by the laws in force in the Oriental Republic of Uruguay. Any controversy arising from this agreement, its existence, validity, interpretation, scope or compliance, shall be submitted to the courts or tribunals of Montevideo.
17. Miscellaneous Provisions
17.1 If the Developer accesses and/or uses the API on behalf of another natural person or legal entity, they represent and warrant that they have the authority to bind that natural person or legal entity, and that they accept the Terms and Conditions on behalf of the individual or entity they represent.
17.2 If the use of the API is made in conjunction with the use of other services provided by Mercado Pago, the terms and conditions and policies of Mercado Pago applicable to those services will also apply and must therefore be respected by the Developers.
17.3 Mercado Libre and/or Mercado Pago may use the contact data provided by the Developers to send them information about Mercado Libre and/or Mercado Pago, the Website, and the API, or any other information that Mercado Libre and/or Mercado Pago believe may be of interest to them. Developers authorize Mercado Libre and/or Mercado Pago to collect, store, use, and process any information that Developers provide in accordance with Mercado Libre's Privacy Policies.
17.4 Any notification made under these Terms and Conditions may be done by email, unless otherwise stipulated in these terms.
17.5 These Terms and Conditions do not create an associative, corporate, labor, joint venture, commission, mandate, or agency relationship between Mercado Libre and/or Mercado Pago and the Developer. The use of the term “Partner” within the Certified Developers Program only refers to the participation of Developers in that program.
17.6 Annexes: They are an integral and inseparable part of the Terms and Conditions incorporated in this agreement, the following documents, which can be consulted within the Site through the link provided below or by directly accessing the corresponding website:
18. Modifications to the Terms and Conditions
Mercado Pago may modify the Terms and Conditions at any time, notifying Developers of the changes by publishing an updated version of these Terms and Conditions on the Website, indicating the date of the last modification. All modified terms will take effect 10 (ten) days after their publication.
19. Capitalized Terms
Capitalized terms that are not defined in these Terms and Conditions will have the meaning assigned to them in the Mercado Pago Terms and Conditions of Use.