Article 1 - Scope and intent
To ensure a smooth integration process, SecuTix distinguishes two types of programs:
(1) “Self-Serve API Program” where the Partner can fetch simple non-business critical data using Oxynade by SecuTix APIs that are available to the Partner immediately upon registration if the Partner meets the Self-Serve API Program eligibility criteria set forth below and have agreed to the API Terms; and
(2) “Advanced API Program” where the Partner can base and/or extend his application on/with the Oxynade by SecuTix application. This enables the Partner to create and edit Oxynade by SecuTix resources (e.g. purchase, ticket, event, …) using APIs that are available only to developers that meet the applicable Advanced API Program eligibility criteria set forth below and have agreed to the API Terms and any additional conditions noted in the agreement.
Article 2 - Developer documentation
The use of any of our APIs and display of Content in the Application of the Partner must comply with the technical documentation, usage guidelines, call volume limits, and other documentation maintained at the Developer Site or otherwise made available to the Partner.
In the event of any conflict between the Developer Documentation and the API Terms, the API Terms shall control.
Article 3 - Self-service API Program eligibility criteria
In addition to the compliance of the Partner with the other requirements and obligations set forth in the API Terms, the Partner may consume the API and display content retrieved via the applicable APIs in his application if:
- 1) The Partner is developing an application designed to fetch, visualize and/or synchronize Oxynade by SecuTix ticketing related data .
- 2) The application of the Partner is NOT expected to have more than 100,000 lifetime users.
- 3) The application of the Partner DOES NOT make more than 5,000 daily calls to an API.
- 4) The Partner DOES NOT rely on access to the APIs as a fundamental aspect of your business; to allow for correct support in this case, refer to the Advanced API Program.
Article 4 - Advanced API Program eligibility criteria
In addition to the compliance of the Partner with the other requirements and obligations set forth in the API Terms, the Partner may base and/or extend his application on/with the Oxynade by Oxynade application via the applicable APIs if:
- 1) The Partner is developing an application designed to sell/manage tickets/events through the Oxynade by SecuTix system in addition to visualising ticketing data as described in the API Project Document (defined in Article 6).
- 2) The Partner has delivered (and received a by SecuTix BV approved counter-signed version of the) API Project Document (defined in Article 6) complete with scope and use cases.
- 3) The Partner has a dedicated team to support his application and the underlying API integration.
- 4) The Partner has a dedicated project manager that protects the scope and is a single point of contact towards SecuTix BV.
- 5) The Partner has a data security and load protection plan/process that can be shared upon request.
Article 5 - Application registration
The Partner needs to register its application integration, together with contact details, goals and stake holders, through the support portal at oxynade.io. Doing so will allow SecuTix BV to send information to the Partner about updates.
Article 6 – Project definition
Before starting development on the Oxynade by SecuTix Advanced API Program we require the Partner to fill in a project definition (a template of this document can be delivered by SecuTix BV) that explains the scope, use cases and timings of its integration. This document (“API Project Document”) has to be validated by SecuTix BV to assess feasibility and correct usage.
Article 7 – API Support
API support and production uptime are covered by the default Oxynade by SecuTix SLA (Please remember: the acceptance environment is not). However, the correct usage of the API (security, feature implementation, data visualization, usage limit) is the responsibility of the Partner.
Based on the scope and size of the project, additional (set-up) support might be necessary to guide the project in the right direction. This support can be charged as Additional Services as described in Annex 2: Contract details
Article 8 - Updates and validation
The Oxynade by SecuTix API is updated frequently with non-breaking additional features (indicated with a minor version release). These updates will be shared with our known contacts of registered applications (see article 5).
In the case breaking changes are added to the API (indicated with major version release), the previous version will be supported for six months, giving the Partner the time to adapt where necessary.
The Partner is required to conduct his own acceptance testing in order to verify that his website, mobile application or other application using the Oxynade by SecuTix API meets the requirements set in the API Project Document before using the application in production.
Article 9 - Security measures
- Requirement for security measures. The Partners network, operating system, the software of web servers, databases, integrations and computer systems (collectively, “Systems”) must be properly configured to securely operate its application and process content.
- GDPR. The application of the Partner and development process should be in accordance with the GDPR law. Customer data protection through integrations is the responsibility of the Partner.
- Security Breach. The Partner must promptly report any security deficiencies in, or intrusions to, its Systems that the Partner discovers (or are reported publicly to the Partner) to SecuTix BV in writing via a support ticket in the support portal at oxynade.io. The Partner will work with SecuTix BV to immediately correct any security deficiency, and will immediately disconnect any intrusions or intruders.
Article 10 - Usage limitations
SecuTix BV has the right to limit the API usage per user to allow for an economical efficient bandwidth of the SaaS platform and minify risks on a DDOS attack.
When designing the application/integration by the Partner, it’s the responsibility of the Partner to assess for load protection on its application and the resulting triggered API calls towards the Oxynade by SecuTix API.