When you perform a query to any of our API endpoints or signup for our service with your email address you are automatically agreeing to all the terms set out on this page. If you do not agree with the terms you should immediately stop querying our API and if you've already registered for an account you should stop using it.
This could mean hacking attempts, brute force login attempts, credential stuffing, Distributed Denial of Service (DDoS) attacks and so forth.
However there are exceptions, if you're testing our security with an aim to disclose what you find to us and not for malicious exploitation then you're welcome to do so. We're receptive to all security reports and you will not be penalised in any way for disclosing vulnerabilities.
If you're found creating more than one free account you will lose access to every account you create. Each customer is allowed one free account in addition to any paid accounts they have. Do not make multiple free accounts for different websites you own, they can all be managed from a single account. There are no limits to how many paid accounts you may have.
Using disposable addresses makes it impossible to contact you if we need to and it also jeopardises the security of your account as disposable addresses are often shared amongst multiple users of the websites which provide them.
Payment fraud costs merchants like ourselves billions of dollars a year in lost revenue and bank fees. We take a hard stance on this, all suspicious payments are refunded and in all instances of confirmed payment fraud your account will be terminated.
You may want to look at our GDPR compliance page which goes into detail about how we securely store your payment information.
This means quite simply you cannot setup a website or service which provides access to our API data to third parties. When you query our API the data is for your use only meaning to be directly acted upon by you or entities you own. It's not meant for you to re-sell or provide to third parties.
We do make exceptions to this term on a case-by-case basis. If you wish to do this you must contact us and make a clear and concise request with sound reasoning as to why you want to do this.
Please note this term doesn't apply to the development of third party software that integrates our API directly. We welcome the development of applications, libraries, classes, plugins, addons & widgets which utilise our API so long as they query our API directly and provide a way for their users to enter an API Key from us.
This applies to your private API Key found within the customer dashboard. Any API Keys we find which are being shared either semi-privately or publicly will be deactivated. Sharing accounts is a big security issue for any site or service you protect with our API due to the power of the Custom Rules feature.