Streaming API Rules

1. Overview

The Vibble Streaming API allows approved partners to receive near real-time updates of public posts, interactions, and events. Streaming access is a privileged capability intended for analytics providers, safety partners, research use cases, and enterprise customers vetted by Nexa-Group.

2. Access Levels

• Standard Stream: Filtered access for limited keywords, accounts, or hashtags.
• Elevated Stream: Higher volume filtered access with additional business review.
• Firehose / Full Stream: Broad access to the global public posting firehose, available only under strict contractual terms and regulatory review.

3. Eligibility & Approval

Access to streaming endpoints requires:

• A verified Vibble Developer Account with organizational verification.
• A signed enterprise or research agreement with Nexa-Group.
• Documented data-protection, security, and retention controls.
• Clear use case description (e.g., safety, compliance, analytics, research).

4. Permitted Use Cases

Streaming access may be approved for:

• Trust & safety monitoring (harassment, threats, extremism, CSAM indicators).
• Regulatory reporting and compliance dashboards.
• Aggregate analytics, public-interest research, and sentiment measurement.
• Brand safety, media monitoring, and crisis communications tools.

Use cases focused on surveillance, political influence campaigns, or individual tracking will be rejected or terminated.

5. Prohibited Uses

• Creating shadow profiles or tracking individuals across time and locations.
• Bulk exporting and reselling raw Vibble data feeds.
• Building law-enforcement or intelligence tools without explicit written agreements.
• Using firehose data to train discriminatory or harmful models.
• Re-identifying anonymized datasets or circumventing privacy protections.

6. Filtering, Sampling & Content Scope

Vibble may apply sampling, regional limits, and content filters to maintain performance and comply with legal obligations. Streaming data:

• May exclude deleted or restricted posts.
• May omit content removed for policy violations.
• May be subject to geographic or jurisdictional constraints.

7. Data Storage, Retention & Redistribution

• Developers must define retention limits and delete data when no longer needed.
• Redistribution of raw content (text, media) is prohibited unless explicitly allowed.
• Public-facing products must respect user deletions, blocks, and privacy controls.
• Derived, aggregated, or anonymized analytics must not be re-identifiable.

8. Rate Controls & Backpressure

Vibble may throttle, buffer, or temporarily pause streams to protect platform stability. Clients must implement:

• Automatic backoff and reconnection logic.
• Graceful handling of partial or delayed deliveries.
• Support for checkpointing, cursors, or sequence offsets where provided.

9. Security Requirements

• Streams must be consumed over HTTPS with strong TLS configurations.
• Access tokens must be stored server-side and never exposed to clients.
• Logs containing user data must be protected and access-controlled.
• Any breach or suspected compromise must be reported to Vibble within 24 hours.

10. Compliance Monitoring & Audits

Nexa-Group may audit your implementation, including sampling data, reviewing architecture, and requesting documentation. Failure to comply or cooperate can result in immediate termination of streaming access.

11. Suspension & Termination

Vibble may suspend or revoke streaming access at any time for:

• Policy violations or suspected misuse.
• Security or privacy risks.
• Regulatory requests or legal obligations.
• Non-payment or breach of commercial terms.

12. Contact

Streaming API & Enterprise Access: api-enterprise@vibble.org
Developer Support: dev@vibble.org
Legal & Compliance: legal@nexa-group.org