Thoughtly is an AI voice, SMS, and email agent platform built for revenue and GTM teams. Businesses in insurance, mortgage, home services, and outbound sales use Thoughtly to run inbound and outbound call campaigns, qualify leads, book appointments, and follow up across channels -- all without a human agent on every call. The platform is designed to handle the conversational layer: generating natural dialogue, routing calls, and integrating with CRMs and scheduling tools.
What Thoughtly does not handle is cardholder data. Its Terms of Service classify PCI DSS cardholder data as "Excluded Data" -- a category the platform explicitly will not process, store, or transmit. That is a deliberate product decision, not a gap waiting to be filled by a future feature. If you want a Thoughtly agent to collect a card payment during a call, you need a compliant payment layer that keeps the card data entirely outside the Thoughtly environment. Running card numbers through a platform that has not yet achieved PCI or SOC 2 certification would bring every component of that call into PCI scope, creating an audit and liability surface most businesses cannot accept.
This guide is for revenue teams, MSPs, and solution providers building on Thoughtly who need to add card capture to voice, SMS, or email workflows. It covers how Shuttle sits alongside Thoughtly to handle the payment step, which gateways are supported, and what the compliance picture looks like for each channel.
The Payment Challenge for Thoughtly Agents
Thoughtly's payment-adjacent feature is an Acuity Scheduling integration. When an agent books an appointment through Acuity, Acuity's own checkout flow (backed by Stripe) can collect a deposit. That is Acuity taking the payment, not Thoughtly. The card data goes into Acuity's environment, Acuity handles the PCI obligations, and Thoughtly remains uninvolved in the transaction. It is a useful scheduling feature, but it is not a general-purpose payment capability inside the voice agent itself.
For anything beyond appointment deposits -- outbound collections, in-call purchase conversion, bill payment, deposit-on-closing-call for home services -- there is no native path. Thoughtly does not support DTMF card capture (where callers key in card digits using their keypad), and it has no hosted payment link generation built into its agent flows. Building that capability directly on the Thoughtly platform would require handling raw card data in an environment outside the PCI DSS controls framework, which Thoughtly's own Terms advise against.
The practical answer is to keep Thoughtly doing what it does well -- running the conversation -- and hand off the payment step to a dedicated, certified payment layer. Shuttle is a PCI DSS Level 1 Service Provider built for exactly this hand-off, across voice, SMS, and email channels.
How Shuttle Adds Payment Capture to Thoughtly
Shuttle sits alongside Thoughtly and takes over the payment step without card data ever entering the Thoughtly environment. The flow works in five stages:
The Thoughtly agent runs the conversation. Lead qualification, objection handling, payment intent confirmation -- all of that stays inside Thoughtly's voice or messaging workflow.
The agent triggers Shuttle at the payment moment. When the caller or contact agrees to pay, the Thoughtly workflow hands off to Shuttle via a webhook or API call. For voice calls, this can be initiated mid-call. For SMS and email threads, the agent sends a Shuttle-generated hosted payment link.
Shuttle captures the card. On voice, Shuttle uses DTMF suppression: the caller keys in card digits on their keypad and those tones are suppressed before they reach the call recording or transcript. Shuttle captures the data directly into its certified environment. On SMS or email, the customer completes payment on a Shuttle-hosted page. Either way, card data never touches Thoughtly.
**Shuttle processes the payment and routes to your gateway.** Shuttle connects to 30+ gateways and routes the transaction to whichever gateway is configured for that client, campaign, or business unit.
Shuttle returns the result to Thoughtly. A confirmation webhook notifies the Thoughtly workflow of success or failure. The agent can then confirm the transaction, schedule a follow-up, or route the call accordingly.
This architecture is consistent with Thoughtly's Excluded Data terms. Card data is collected, processed, and stored entirely within Shuttle's certified infrastructure. Thoughtly sees only the outcome.
Multi-PSP Support
Shuttle connects to 30+ gateways, including Stripe, Adyen, Worldpay, Checkout.com, Braintree, Square, and Mollie. You are not locked to a single provider. Key capabilities for multi-tenant platforms and agencies:
Per-tenant routing. Each client or business unit can have its own gateway. An insurance agency running Thoughtly for three carriers can route each carrier's calls to the correct acquiring bank without building separate integrations.
Failover. If a primary gateway declines or goes offline, Shuttle can route to a secondary automatically, reducing failed transactions during outbound campaigns.
BYO gateway. If your client already has a negotiated rate with an acquirer, Shuttle connects to it. There is no requirement to use Shuttle's default provider.
For MSPs and agencies in the Thoughtly Partner Programme or Thoughtly Reseller Programme, this means you can offer payment capability as part of your implementation without building the compliance infrastructure yourself.
PCI Compliance
Shuttle is a PCI DSS Level 1 Service Provider, the highest certification tier. That matters for what it does to your compliance obligations:
**Thoughtly stays out of PCI scope.** Because card data never enters the Thoughtly environment, your Thoughtly deployment does not need to be assessed against PCI requirements.
Your merchant obligation shrinks. Businesses that use a Level 1 Service Provider for all card capture and processing can typically complete a SAQ-A or SAQ-D (reduced) Self-Assessment Questionnaire rather than a full QSA audit, depending on their setup.
DTMF suppression protects recordings. Call recordings and transcripts produced by Thoughtly will not contain card numbers, expiry dates, or CVVs. There is nothing to redact or restrict after the call.
If you are building on Thoughtly for a regulated sector (insurance, financial services, healthcare billing), the ability to point auditors at a Level 1 service provider certificate for the payment step significantly simplifies compliance conversations.
Beyond Voice: Payment Links
Thoughtly's SMS channel pairs naturally with Shuttle's hosted payment links. When a Thoughtly SMS agent reaches the payment moment -- a quote accepted, a booking confirmed, an invoice chased -- it can send a Shuttle payment link directly in the message thread. The customer taps the link, completes payment on a Shuttle-hosted, PCI-compliant page, and the result is returned to Thoughtly via webhook.
This is particularly useful for:
Follow-up collections after an outbound voice call that did not convert in-call.
Quote-to-purchase flows where the customer wants to review before paying.
Home services deposit collection where the job is booked by voice but the customer prefers to pay by link.
Payment links support the same 30+ gateways, per-client routing, and webhook confirmation as the in-call DTMF flow.
Use Cases
Outbound Sales
Outbound Thoughtly agents for subscription sales, insurance renewals, or SaaS upsells can close the transaction in the same call. When the prospect agrees to purchase, the agent hands off to Shuttle for in-call DTMF card capture. The sale is completed without a callback, a separate checkout page, or a human agent picking up.
Bill-Pay and Collections
Debt collection and accounts receivable teams use Thoughtly to run outbound payment reminder campaigns. Shuttle adds the ability to take the card payment in the same call, or send a payment link via SMS for customers who prefer not to key in card details over voice. For regulated sectors, Shuttle's DTMF suppression ensures call recordings remain clean.
Bookings and Deposits
For home services, mortgage brokers, and field sales teams, the deposit-on-closing-call model is a significant conversion lever. A Thoughtly agent qualifies the lead, books the appointment, and then prompts for a deposit via Shuttle's DTMF capture -- all before the call ends. This is distinct from the Acuity Scheduling integration, which collects deposits through Acuity's own checkout and only after an appointment is confirmed in that system.
Lead Qualification to Purchase
Revenue teams using Thoughtly to score and qualify inbound leads can extend the workflow into purchase. Once a lead crosses a qualification threshold, the agent transitions directly into payment collection rather than routing to a human rep. This shortens the sales cycle and reduces drop-off at the handover step.
FAQ
Does Thoughtly process payments natively?
No. Thoughtly's Terms of Service classify PCI DSS cardholder data as "Excluded Data" -- data the platform will not process, store, or transmit. There is no native DTMF card capture, no hosted payment link generation, and no PCI-certified payment processing built into the platform.
How do I take PCI-compliant payments on Thoughtly?
Use a dedicated payment layer like Shuttle alongside your Thoughtly deployment. Shuttle handles card capture (via DTMF on voice, or hosted links on SMS/email), processes the transaction across 30+ gateways, and returns the result to Thoughtly via webhook. Card data never enters the Thoughtly environment.
Which gateways does Shuttle support?
Shuttle connects to 30+ gateways, including Stripe, Adyen, Worldpay, Checkout.com, Braintree, Square, and Mollie. Per-tenant routing and BYO gateway are supported.
Can I build payment capture into Thoughtly myself?
You could build a custom integration that routes a call to an external IVR or payment page, but you would be responsible for the full PCI compliance stack for any component that touches card data. Using a certified Level 1 Service Provider like Shuttle avoids that obligation and significantly reduces your audit surface.
Does this work for outbound calls?
Yes. Shuttle's in-call DTMF capture works on both inbound and outbound calls. For outbound campaigns where a customer prefers not to key in details over voice, Shuttle can generate a payment link and Thoughtly can send it via SMS in the same session.
Related Reading
The Payment Layer for AI Agents: how a dedicated payment layer fits into AI voice and agentic workflows across platforms.
AI Voice Agent PCI Payments: a technical deep dive into PCI scope, DTMF suppression, and what certification means for voice deployments.
Voice Payments: an overview of in-call payment methods, gateway support, and channel architecture.
Bland AI Payments: the same gap-fill approach applied to Bland AI voice agents.
Retell AI Payments: how Shuttle adds PCI-compliant card capture to Retell voice agents.
Add Payments to Your Thoughtly Agents
Shuttle is a PCI DSS Level 1 Service Provider that adds compliant card capture to Thoughtly voice, SMS, and email agents. Connect to 30+ gateways via a single integration. No setup fees, no monthly fees, no per-seat costs. Pricing is $0.20 per transaction with no gateway lock-in.
See Voice Checkout | Book a discovery call