API Terms of Us

1. Introduction

The Vibble API enables approved developers to integrate Vibble’s platform data, posting tools, identity systems, and interaction features into external applications. Access is granted at the sole discretion of Nexa-Group and may be modified or revoked at any time.

2. Developer Account Requirements

• You must maintain an active Vibble Developer Account.
• You must provide accurate business, identity, and contact information.
• API keys must be stored securely and never shared or embedded in client-side code.
• Nexa-Group may require periodic verification, audits, or documentation updates.

3. Acceptable Use Requirements

Developers may NOT use the API to:

• Scrape, dump, or mass-export user data without explicit user consent.
• Automate posting or interactions in ways that mimic botnets or spam networks.
• Circumvent rate limits, trust signals, or automated safety systems.
• Reproduce Vibble’s core functionality to create competing services.
• Collect or infer sensitive personal attributes (political beliefs, religion, health, etc.).
• Build surveillance or monitoring tools without legal authority.

4. Data Access, User Consent & Privacy

All developers must comply with regional privacy laws, including:

• GDPR (EU/EEA)
• CCPA (California)
• UK Online Safety Act
• Nexa-Group’s Privacy Policy, Data Processing Agreement, and platform-level controls

Developers must:

• Collect data only with explicit, informed user consent.
• Provide users with accessible deletion and revocation tools.
• Encrypt all personal data both in transit and at rest.
• Respect all privacy settings, blocks, mutes, and content visibility rules.

5. Rate Limits & API Quotas

To preserve platform stability, developers must comply with API rate limits. Repeated or deliberate violations may result in permanent API suspension. Nexa-Group may adjust limits based on infrastructure, abuse patterns, or regulatory requirements.

6. Branding, Attribution & Use of Marks

Applications using the API must follow the Vibble Brand Guidelines and, where applicable, display the text “Powered by Vibble API”. Developers may not:

• Modify Vibble trademarks.
• Imply partnership or endorsement without written approval.
• Use the Vibble brand in advertisements without approval.

7. Security Requirements

• API keys must never appear in public repos or front-end code.
• OAuth tokens must be encrypted and time-limited.
• HTTPS is mandatory for all API traffic.
• Developers must notify Nexa-Group within 24 hours of any breach.
• Applications must implement bot and abuse safeguards.

8. Prohibited API Content & Use Cases

• Tools for harassment, hate, discrimination, or targeted abuse.
• Political influence operations or misinformation systems.
• Deepfake generation without disclosure labels.
• Shadow-profiling or unauthorized behavioral analytics.
• Bypassing or manipulating public-interest labels or safety warnings.

9. Commercial Use & Licensing

Commercial use of the API requires an enterprise agreement. Available tiers:

• Free Tier – Limited access, strict rate limits, non-commercial use only.
• Pro Tier – Higher limits, analytics, limited posting capabilities.
• Enterprise Tier – Custom SLAs, priority access, high-volume integrations.

10. Termination of API Access

Nexa-Group may suspend or terminate your API access for:

• Policy violations
• Security risks
• Failure to protect user data
• Abuse, scraping, or unauthorized redistribution
• Government or regulatory compliance obligations

11. Intellectual Property Ownership

All API endpoints, documentation, trademarks, algorithms, ranking systems, and platform data remain the exclusive intellectual property of Nexa-Group.

12. Liability Disclaimer

The Vibble API is provided “as-is” without warranties. Nexa-Group is not responsible for:

• Outages, downtime, or service degradation
• Data delivery delays or missing fields
• Losses caused by API failures, changes, or terminations
• Third-party integrations or dependencies

13. API Changes, Versioning & Deprecation

Nexa-Group may modify, add, or remove API endpoints at any time. Deprecated endpoints will typically have a 90-day sunset period, unless security or legal requirements necessitate immediate removal.

14. Compliance Monitoring & Audits

Nexa-Group reserves the right to audit developer applications to verify compliance. Failure to cooperate may result in suspension or termination of access.

15. Dispute Resolution & Legal Venue

Any disputes arising from API use will be governed by the legal jurisdiction associated with Nexa-Group’s corporate registration. Arbitration may be required for certain disputes.

16. Contact Information

Developer Support: dev@vibble.org
API Compliance: api-compliance@vibble.org
Security Issues: security@vibble.org
Legal Department: legal@nexa-group.org