Incorporated Terms – API Terms

Date of Last Revision: June 14, 2019

The terms below are incorporated into, and form an integral part of, the BigCommerce Terms of Service. Unless otherwise defined herein, capitalized terms shall have the meaning ascribed them in the Terms of Service. Any breach of the terms below will be deemed a material breach of the Terms of Service.

  1. API Use, Monitoring, Volume Limits
    1. Use. You will use the BigCommerce APIs solely in connection with the Services and in compliance with the Terms and all applicable laws.
    2. Monitoring. BigCommerce may monitor your use of any APIs to improve the quality of the Website and Services, and to verify your compliance with the Terms. This monitoring may include accessing and using your API client to, among other things, identify security issues that could affect BigCommerce, its customers, or its licensors. You will not interfere with this monitoring. BigCommerce may use any technical means to overcome such interference. Your access to the content provided through any API may be restricted, limited, or filtered in accordance with applicable laws.
    3. Volume Limits. You will not attempt to exceed or circumvent limitations on access, calls and use of the BigCommerce API, or otherwise use any API in a manner that exceeds reasonable request volumes, constitutes excessive or abusive usage, or fails to comply, or is inconsistent with, any part of these API Terms or the BigCommerce Terms of Service.


  2. User Information & Security
    1. User Information. You will use commercially reasonable efforts to protect all information collected from Your Users (as defined in the Store Terms)  through your API client from unauthorized access, use, or disclosure. All personal data collected from Your Users through your API client should be stored and served using strong encryption. You must delete all personal data you have collected from Your User through your API client (i) upon request from Your User, or (ii) when Your User deauthorizes your application or closes its account with you.
    2. Security. The network, operating system, and software of your web servers, databases, and computer systems, as well as your API client, must be properly configured to securely operate your application and store data. You must not architect or select your systems in a manner to avoid your security obligations.
    3. Security Breach. In the event of a security breach involving unauthorized access, use, disclosure, or destruction of Your Users’ personal data, you will immediately disconnect any intrusions or intruder and promptly notify BigCommerce of the breach. You will work with BigCommerce to promptly remedy any security breach, and in the event any security breach involves the BigCommerce API or BigCommerce customer data, you will make no public statement regarding such breach without BigCommerce’s prior written consent, unless such public statement is required by law.


  3. Prohibitions
    1. General Prohibitions. You will not, and will not allow others acting on your behalf to:
      • Share the APIs with any third party or create an API client that functions substantially the same as the APIs and offer it for use by any third party.
      • Use the APIs to introduce any virus, worm, defect, trojan horse, malware, or any items of a destructive or harmful nature.
      • Use the APIs to defame, abuse, harass, stalk, or threaten others.
      • Interfere with or disrupt the APIs or the servers or networks providing the APIs.
      • Reverse engineer or attempt to extract the source code from any API or any related Software, except to the extent that this restriction is expressly prohibited by applicable law.
      • Use the APIs for any activities where the use or failure of the APIs could lead to death, personal injury, or environmental damage (such as the operation of nuclear facilities, air traffic control, or life support systems).
      • Use the API to obtain or transmit personal data from Your Users, or expose such personal data to BigCommerce or any third party, without explicit opt-in consent from Your Users.
      • Perform activities unrelated to the Services in the Application (for example, crypto-currency mining).


  4. Termination

Upon any termination of the Terms, or cancellation of all Services, you will immediately stop using the BigCommerce API and the API client and permanently delete any cached or stored content.