API Terms

Last updated July 10, 2026

Diese Seite ist nur auf Englisch verfügbar. · Cette page n’est disponible qu’en anglais.

Scope

These API Terms govern your use of the ProductSight public API — the programmatic interface to your own competitive-intelligence data (products, verdicts, price history, alerts, and reprice actions). They apply in addition to the Terms of Service and the Privacy Policy. You accept them in-app when you create your first API key.

Acceptable-use policy

By using the API you agree that you will not:

  • Resell, redistribute, or bulk-export competitor price data obtained through the API to any third party. The API exists to give you (the merchant) programmatic access to your own competitive-intelligence data — it is not a market-data feed to be re-sold.
  • Circumvent rate limits or plan entitlements — for example, minting keys across shops to pool throughput, or scripting around the per-tier ceilings. Limits are published and enforced server-side.
  • Attempt to access another tenant's data. Every key is bound to one installed shop; probing for other tenants' resources is a violation.
  • Use the API to build a competing price-monitoring product re-derived from our crawl output.
  • Share, embed, or leak API keys. Keys are secrets: never commit them, never ship them in client-side code, and rotate a key on any suspicion of exposure.

Enforcement

We may rate-limit, suspend, or revoke any key, and terminate API access, for a violation of these terms — with or without notice depending on severity. A leaked key we detect through secret-scanning is revoked automatically and immediately.

Data and retention

The API returns only your shop's own catalog, matches, verdicts, price history, alerts, and reprice actions. It never returns customer personal data, access tokens, other tenants' data, another merchant's raw competitor catalog, or notification recipient lists. API request logs are retained for a bounded window (about 30 days) and contain no request bodies or secrets. On uninstall, your keys are revoked immediately; on GDPR erasure they are hard-deleted with the rest of your data.

Versioning and deprecation

Each dated API version is supported for at least 12 months, with at least 9 months of overlap between versions. We give at least 6 months' notice — via deprecation headers, a changelog, and email — before removing any endpoint. Additive changes (new endpoints, new optional parameters, new response fields, new event types) ship without notice; your integration must tolerate unknown fields and enum values.

Binding terms

[COUNSEL] — Liability for key leakage rests with the key holder.

[COUNSEL] — The API is provided “as is” without warranty of availability or fitness.

[COUNSEL] — Governing law, indemnification, and limitation-of-liability clauses.

[COUNSEL] — Right to modify these terms with notice.

Contact

Questions about these API Terms? Email us at support@productsight.io.