API Supplement
The API Supplement, effective December 16, 2024, is incorporated into the Proof General Terms and grants Subscribers a limited, revocable license to use Proof’s APIs solely for integrating their applications with Proof’s Services, requires secure handling and non-sharing of API Keys, restricts API use to approved purposes, and governs access to sensitive personal data such as homeowner and financial information under strict compliance conditions.
API Supplement
Last Modified Date: December 16, 2024
This Application Programming Interface Supplement ("API Supplement") is attached to and incorporated into the Proof General Terms ("General Terms"). Capitalized terms not otherwise defined have the meanings given in the General Terms, the Proof Glossary, or the Order Form.
1. General
This API Supplement applies to Subscriber, if Subscriber uses Proof’s APIs. If Subscriber does not accept this API Supplement, Subscriber may not access or use the API.
2. License Grant
Subject to and conditioned on Subscriber’s compliance with all terms and conditions set forth in the Agreement, Proof grants Subscriber a limited, revocable, non-exclusive, non-transferable, non-sublicensable license during the term of the Agreement to use the API solely for developing an integration with Subscriber’s application(s) that will communicate and interoperate with the Services for the benefit of a User ("Applications"). There are no implied licenses granted under the Agreement. Proof reserves all rights not expressly granted. Subscriber may not use the API for any other purpose without Proof’s prior written consent. To use and access the API, Subscriber must purchase Proof Services that include Proof’s APIs or have use approved by Proof. Subscriber will gain access to the API Key on the Proof Platform. Subscriber may not share the API Key with any third party, must keep the API Key and all log-in information secure, and must use the API Key as the sole means of accessing the API. The API Key may be revoked at any time by Proof.
3. Personal Data
The API may provide Subscriber with access to certain personal information of Users or other individuals, including but not limited to:
- Homeowner names and other homeowner information
- Certain financial information, including mortgage details, individual net worth, or home worth details (collectively, "API Personal Data")
Subscriber’s use of API Personal Data is strictly limited to the uses specifically requested through opt-in consent by Users. Subscriber agrees to keep the API Personal Data confidential and will not disclose, reproduce, summarize, or distribute the API Personal Data to any third party or otherwise display API Personal Data to anyone other than the User to whom the API Personal Data belongs and Subscriber’s employees who are bound by this Agreement on a need-to-know basis. Subscriber will take reasonable security precautions, at least as great as those taken to protect Subscriber’s confidential information, but no less than reasonable care, to keep API Personal Data confidential.
4. Use Restrictions
4.1 Restrictions
Except as expressly authorized under this Agreement, Subscriber may not:
- Copy, modify, or create derivative works of the API, in whole or in part
- Share access credentials with any third party, or allow any third party to use Subscriber's access credentials
- Rent, lease, lend, sell, license, sublicense, assign, distribute, publish, transfer, or otherwise make available the API
- Reverse engineer, disassemble, decompile, decode, adapt, or otherwise attempt to derive or gain access to any software component of the API
- Remove any proprietary notices from the API
- Use the API in any manner or for any purpose that infringes, misappropriates, or otherwise violates any intellectual property right or other right of any person, or that violates any applicable law
- Use any data or materials accessible through the API for any purpose other than for providing the Application to Users
- Access the API or use any data or materials available through the API for competitive or benchmarking purposes
- Combine or integrate the API with any software, technology, services, or materials not authorized by Proof
- Design or permit Subscriber's Application(s) to disable, override, or otherwise interfere with any Proof-implemented communications to end users, consent screens, user settings, alerts, warnings, or the like
- Use the API in any of Subscriber's Application(s) to replicate or attempt to replace the user experience of the Proof Services, including any Proof or User forms or data
- Attempt to cloak or conceal Subscriber's identity or the identity of Subscriber's Application(s) when requesting authorization to use the API
4.2 Acceptable Use
Subscriber and Subscriber's Applications shall comply with all terms and conditions of this Agreement, all applicable laws, rules, and regulations, and all guidelines and standards. Subscriber will not use the API in connection with or to promote any products, services, or materials that constitute, promote, or are used primarily for the purpose of dealing in spyware, adware, or other malicious programs or code, counterfeit goods, items subject to U.S. embargo, unsolicited mass distribution of email ("spam"), multi-level marketing proposals, hate materials, hacking, surveillance, interception, or descrambling equipment, libelous, defamatory, obscene, pornographic, abusive, or otherwise offensive content, stolen products, and items used for theft, hazardous materials, or any illegal activities. If Subscriber becomes aware of any access to the API that violates the Agreement, or any User activity that violates the Agreement, Subscriber agrees to immediately notify Proof of such breach by email to legal@proof.com.
5. Applications
Subscriber agrees to monitor the use of Applications for any activity that violates applicable laws, rules, and regulations or any terms and conditions of the Agreement, including any fraudulent, inappropriate, or potentially harmful behavior, and promptly restrict any offending users of Applications from further use. Subscriber agrees to provide a resource for users of Applications to report abuse. As between Subscriber and Proof, Subscriber is responsible for all acts and omissions of Subscriber’s end users in connection with Subscriber’s Application and their use of the API. Subscriber is solely responsible for posting any privacy notices and obtaining any consents from Subscriber’s end users required under applicable laws, rules, and regulations for their use of Applications. If the number of requests that Applications make to the Platform are unreasonably large, Proof reserves the right, in its sole discretion, to limit the number of requests.
6. No Fees
Subscriber agrees that no license fees or other payments will be due under this API Supplement in exchange for the rights granted. This fee arrangement is made in consideration of the mutual covenants set forth in this agreement, including disclaimers, exclusions, and limitations of liability. Notwithstanding the foregoing, Proof reserves the right to start charging for access to and use of the API at any time.
7. Intellectual Property Ownership
As between Subscriber and Proof:
- Proof owns all right, title, and interest, including all intellectual property rights, in and to the API (including all data or other materials accessible through the API), and the Services
- Subscriber owns all right, title, and interest, including all intellectual property rights, in and to Subscriber’s Application(s), excluding the aforementioned rights
Subscriber will use commercially reasonable efforts to safeguard the API (including all copies thereof) from infringement, misappropriation, theft, misuse, or unauthorized access. Subscriber will promptly notify Proof if Subscriber becomes aware of any infringement of any intellectual property rights in the API and will fully cooperate with Proof in any legal action taken by Proof to enforce Proof’s intellectual property rights.
8. Indemnification
Subscriber agrees to indemnify, defend, and hold harmless Proof and its officers, directors, employees, agents, affiliates, successors, and assigns from and against any and all losses, damages, liabilities, deficiencies, claims, actions, judgments, settlements, interest, awards, penalties, fines, costs, or expenses of whatever kind, including attorneys’ fees, arising from or relating to:
- Subscriber’s use or misuse of the API
- Applications, including any User’s use of Applications
Subscriber’s obligations under this section are conditioned on Proof:
- Giving prompt notice of the claim to Subscriber
- Granting sole control of the defense or settlement of the claim to Subscriber
- Providing reasonable cooperation to the Subscriber at Subscriber's request and expense
Proof may participate in the claim’s defense at its sole cost and expense. Subscriber will not enter into any settlement that adversely affects Proof’s interests without prior written approval, not to be unreasonably withheld. Subscriber is not responsible for any settlement it does not approve in writing.
9. Term and Termination
Proof may immediately terminate or suspend any rights granted herein, and/or Subscriber’s licenses under the Agreement, in Proof’s sole discretion at any time and for any reason, by providing notice to Subscriber or revoking access to the API. Proof may suspend access to the API immediately without any notice if Subscriber violates any of the terms and conditions of the Agreement. Upon termination of the Agreement for any reason, all licenses and rights granted to Subscriber under the Agreement will also terminate and Subscriber must cease using, destroy, and permanently erase from all devices and systems Subscriber directly or indirectly controls all copies of the API and any related materials and API documentation. Any terms that by their nature are intended to continue beyond the termination or expiration of the Agreement will survive termination. Termination will not limit any of Proof’s rights or remedies at law or in equity.
Incident Priority Levels
- Level 1 (Critical Business Impact): The Incident seriously affects the functionality of the Services (or component thereof) and cannot be circumvented such that most of the significant functionality of the Services (or component thereof) is available.
- Level 2 (Significant Business Impact): The Incident partially affects the functionality of the Services (or component thereof), but can be circumvented so that most of the significant functionality of the Services (or component thereof) is available.
- Level 3 (Minimal Business Impact): The Incident can be circumvented such that the Services (or component thereof) can be used with only slight inconvenience. The problem can be considered insignificant and has no significant effect on the usability of the Services (or component thereof).
Conditions for Closure of Help-Desk Ticket
- Level 1: The Incident is considered resolved and closed when an Incident Resolution has been fully implemented.
- Level 2: The Incident is considered resolved and closed when an Incident Resolution has been fully implemented.
- Level 3: The Incident is considered resolved and closed when one of the following occurs: (i) an Incident Resolution has been fully implemented, or (ii) 10 business days have elapsed since Proof’s communication of the information that Proof reasonably believes will resolve the Incident (communicated by email to Subscriber’s designated contact for such Incident), and Subscriber has not responded to Proof. The Incident can be reopened later if it has not been resolved.
On-Demand Notary Availability Downtime Credits (per calendar month)
- Up to 240 minutes: No credit
- 241-360 minutes: 1%
- 361-480 minutes: 3%
- 481-600 minutes: 5%
- 601 minutes or greater: 7%
Platform Availability Percentage Credits (per calendar month)
- 99.9% or higher: No credit
- 97% - 99.9%: 1%
- 95% - 97%: 3%
- 93% - 95%: 5%
- Below 93%: 7%
Incident Response Times
| Incident Priority | Acknowledgement Time (Business Hours) | Provision of Incident Resolution or Interim Process | If Interim Process is provided, Maximum Timeframe for Provision of Incident Resolution |
|---|---|---|---|
| Level 1 | 1 hour | 8 hours | 36 hours |
| Level 2 | 4 hours | 24 hours | 5 days |
Personal Information Categories (California)
-
Personal Identifiers: Collected from various sources including directly from you, notaries, data analytics providers, social networks, advertising networks, internet or mobile service providers, counterparties in a transaction, credential analysis companies, and identity verification services. Used to provide services, communicate, protect and secure environment, verify, maintain, improve, upgrade, or enhance a product or service, identify and repair errors, advertise or market, and for job applicants, to assess applications and satisfy legal obligations. Shared with affiliates, advertising networks, social networks, technology service providers, and others. Retained for the length of the business relationship plus any legally required additional retention period or as long as business needs require.
-
California Customer Records Personal Information: Includes name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Collected and used similarly to personal identifiers.
-
Characteristics of Protected Classifications: Collected and used as above, including for legal obligations.
-
Commercial Information: Includes records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Collected and used as above.
-
Biometric Information: Collected directly and indirectly, used to provide services, communicate, protect and secure environment, verify, maintain, improve, upgrade, or enhance a product or service, identify and repair errors, meet legal obligations, and maintain transaction records.
-
Internet and Other Electronic Network Activity Information: Includes browsing history, search history, and information about individual interactions with an Internet website, application, or advertisement. Collected indirectly and used for service provision, security, analytics, and marketing.
-
Geolocation Data: Collected indirectly and used for service provision, security, and marketing.
-
Sensory Data: Includes audio, electronic, visual, thermal, olfactory, or similar information. Collected directly and indirectly, used for service provision, communication, security, and legal obligations.
-
Professional or Employment-Related Information: Collected directly and indirectly, used for service provision, communication, security, and for job applicants, to process applications.
-
Non-public Education Information: For job applicants, collected directly and used to process applications.
-
Inferences Drawn from Information: Used to create a profile about preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Collected indirectly and used for service provision, marketing, and analytics.