API terms and conditions (standard)
Under these API terms and conditions, a services provider grants to a customer or customers a non-exclusive right to access and use an application programming interface (API). Optionally, the services provider can also grant to customers a right to use data provided through the API.
These rights may be limited by reference to the means by which the API is accessed, the purposes for which the API is used, the number of calls made to the API and/or the resources consumed by the API user. Particular uses of service data may also be permitted or prohibited.
As well as the core API services, the API terms and conditions may also cover the provision of support in relation to the API and the modification and maintenance of the API and the underlying software.
The API terms and conditions include service level agreements (SLAs) covering both API service availability and support service performance.
Several provisions in the API terms and conditions deal with customer-supplied data. The services provider is granted a right to use the data for the purpose of providing the services, but may also (optionally) be granted rights to use the data for the purpose of training machine learning algorithms and/or creating anonymised aggregated datasets. The customer warrants that this data will not infringe any third party rights (including intellectual property rights) or otherwise breach applicable law. A special clause is included covering the processing of personal data that is incorporated into the customer data, as required by UK and EU data protection legislation.
These standard API terms and conditions are an extended version of the basic API terms and conditions also published on this site. In addition to the provisions of the basic document, this standard document includes clauses covering: (i) third party services integrations; (ii) set up services, expenses and timesheets; (iii) publicity; (iv) customer acknowledgements; and (v) indemnities.Ask about this document
API terms and conditions (standard) contents
- Definitions: definitions.
- Term: commencement of term; end of term (initial and renewal periods); each services order form creates distinct contract.
Set Up Services: obligation to provide set up services; set up services timetable; delays in set up services consequent uponCustomerdelays; hosted services set up and intellectual property rights. API Services: provision of API services access credentials (set up services option); grant of licence to use API services; limitations on use of API services; prohibitions on the use of the API services; security of access credentials (API services); availability of API services and SLA; no damaging use of API services; no excessive use of the API services; no unlawful use of API services; no access to platform code. Service Data: licence to use service data; prohibitions on use of service data; security of service data.
- CustomerData: licence ofCustomerdata; licence ofCustomerdata for machine learning purposes; licence ofCustomerdata for aggregation purposes; warranties relating toCustomerdata; back-up ofCustomerdata (API services); restoration ofCustomerdata.
- Scheduled maintenance and
Modifications: right to conduct scheduled maintenance and modify (API services); acknowledgement of modifications byCustomer(API services); limitations on right to modify (API services); notice or prohibition of significant modifications (API services); notice of modifications generally (API services); security modifications (API services); notice of scheduled maintenance (API services); times for provision of scheduled maintenance; maximum aggregate time for scheduled maintenance (API services). Support Services: support services provision; standard of support services; support services in accordance with SLA; suspension of support services.
- Customerobligations: general second party obligations; access to computer systems.
- Integrations with
Third Party Services: integration of third party services (API services); right to integrate third party services (API services); activation of third party services integration (API services); right to remove third party services integrations (API services);Providernot responsible for supplying third party services;Customerresponsibilities in relation to third party services (API services); charges relating to third party services; no warranties or liability in relation to third party services.
- No assignment of
Intellectual Property Rights: no assignments of intellectual property rights.
- Charges: obligation to pay charges; time-base charges limitations; amounts inclusive or exclusive of VAT; variation of charges.
- Expenses: obligation to reimburse expenses; collection of evidence of expenses; supply of evidence of expenses.
- Timesheets: obligation to keep timesheets; obligation to supply timesheets.
- Payments: issue of invoices; time for payment of charges following invoice; payment methods; interest on late payments; interest on late payments.
- Confidentiality obligations: Providerconfidentiality undertaking;Customerconfidentiality undertaking; disclosure of confidential information to certain persons; exceptions to confidentiality obligations; disclosures of confidential information mandated by law etc; parties to stop using confidential information upon termination; parties to delete confidential information following termination; confidentiality obligations after termination.
- Publicity: limited public disclosures; limited public disclosures by Provider; limited public disclosures byCustomer; confidentiality obligations overriding.
- Data protection: compliance with data protection laws; warranty of Customer's right to disclose personal data (GDPR); details of personal data processed bythe Provider(GDPR); purposes of processing of personal data bythe Provider(GDPR); duration of personal data processing byProvider(GDPR); personal data processed byProvideron instructions (GDPR); authorised international transfers of personal data (GDPR); informingCustomerof illegal instructions (GDPR); personal data processed byProvideras required by law (GDPR); confidentiality obligations onProviderpersons processing personal data (GDPR); security of personal data processed byProvider(GDPR); appointment of sub-processor byProvider(GDPR); authorisation forProviderto appoint sub-processors (GDPR);Providerto assist with exercise of data subject rights (GDPR);Providerto assist with compliance (GDPR); obligation to notifyCustomerof personal data breach (GDPR);Providerto provide data protection compliance information (GDPR); deletion of personal data byProvider(GDPR);Providerto allow audit (GDPR); changes to data protection law.
- Warranties: first party general warranties; API services general warranties; warranty of legality of API services; API services intellectual property infringement warranty; breach of API services infringement warranty; second party warranty of authority; exclusion of implied warranties and representations.
- Acknowledgements and warranty limitations: API services not error-free; API services not entirely secure; API services compatibility limitation; no legal etc advice with API services.
- Indemnities: indemnity (flexible, with definition); conditions upon first party indemnity; indemnity (flexible, with definition); conditions upon second party indemnity; limitations of liability vs indemnities.
- Limitations and exclusions of liability: caveats to limits of liability; interpretation of limits of liability; no liability for force majeure; no liability for loss of profits; no liability for loss of revenue; no liability for loss of use; no liability for loss of opportunities; no liability for loss of data or software (subject to back-up obligations); no liability for consequential loss; per event liability cap upon services contract; aggregate liability cap upon services contract.
Force Majeure Event: obligations suspended for force majeure; force majeure notification and information; mitigation of effects of force majeure.
- Termination: termination without cause (optionally asymmetric); termination by either party without cause; termination upon breach; termination upon insolvency; termination upon non-payment; rights of termination supplemental or exclusive.
- Effects of termination: surviving provisions upon termination; termination does not affect accrued rights; charges on termination of contract.
- Notices: section applies to all contractual notices; contractual notices must be in writing; methods of sending contractual notices; substitute contact details for notices; acknowledgement of notice by email; deemed receipt of contractual notices.
- Subcontracting: no subcontracting without consent; subcontracting permitted; first party responsible for subcontracted obligations; subcontracting of hosting.
- General: no waiver; severability; variation written and signed; no assignment without written consent; no third party rights; entire agreement; governing law; exclusive jurisdiction.
- Interpretation: statutory references; section headings not affecting interpretation; calendar month meaning; no ejusdem generis.
Schedule 1 (Availability SLA)
- Introduction to availability SLA: purpose of API services availability SLA; informal definition of uptime (API services).
- Availability: uptime commitment (API services); measurement of uptime; reporting of uptime measurements.
- Service credits: earning service credits (API services); amount of service credits; application of service credits (API services); service credits are sole remedy; service credits upon termination (API services).
- Exceptions: list of exceptions to availability commitment.
Schedule 2 (Support SLA)
- Introduction: introduction to support SLA.
- Helpdesk: helpdesk obligation; purpose of support services helpdesk; access to helpdesk; times of helpdesk availability; all requests for support to go through helpdesk.
- Response and resolution: API services support issue categorisation; allocation of support issue severity categories; support response times; contents of response to support request; support resolution times.
- Provision of
Support Services: support services to be provided remotely.
- Limitations on
Support Services: excessive use of hosted services support; API support services training and misuse limitations.
Schedule 3 (Data processing information)
- Categories of data subject: prompt for categories of data subject.
- Types of
Personal Data: prompt for types of personal data.
- Purposes of processing: prompt for personal data processing purposes.
- Security measures for
Personal Data: prompt for security measures for personal data.
- Sub-processors of Personal Data: prompt for identifying sub-processors of personal data.