API Terms of Use

ETHICCRED API TERMS OF USE

1. Scope

These API Terms govern access to and use of EthicCred APIs, SDKs, webhook services, and developer tools.

2. Access

API access requires an approved developer account, valid API credentials, and acceptance of these terms in addition to the Platform Terms of Service and Privacy Policy.

3. Permitted Uses

APIs may be used to integrate verified credential reading, automated verifications, and bulk certificate issuance (where authorised). Use must be consistent with the user consents recorded on the Platform.

4. Rate Limits

API usage is subject to rate limits described in the developer documentation. EthicCred may throttle or temporarily suspend access that exceeds limits.

5. Webhooks

Webhook events must be processed securely. Failed deliveries may be retried; persistent failures may result in webhook subscriptions being disabled.

6. Security

Developers must store API keys securely, rotate them regularly, restrict their use to the smallest set of necessary IPs, and never expose keys in client-side code.

7. Data Handling

Data accessed through the API must be handled in accordance with the Platform Privacy Policy and Data Retention Policy. Data must not be cached longer than necessary and must not be redistributed to unauthorised third parties.

8. Service Levels

EthicCred uses commercially reasonable efforts to maintain API availability. Specific SLAs may apply to Enterprise and API plans.

9. Termination

EthicCred may suspend or terminate API access for violation of these terms, security risk, or non-payment.

10. Changes

EthicCred may modify API surfaces with reasonable advance notice. Breaking changes will normally be announced at least 90 days in advance.