OneBoss APIs Terms of Use

OneBoss APIs Terms of Use

Thank you for developing with OneBoss!

By accessing or using OneBoss APIs, including within a software application, website, tool, service, or product you create or offer to Customers (your “Application”), you are agreeing to these terms and to comply with any accompanying documentation that applies to your use of the OneBoss APIs (“API Terms”) with OneBoss Solutions Inc., (“OneBoss”, “we”, “us”, or “our”). You represent and warrant to us that you have the authority to accept these API Terms on behalf of yourself, a company, and/or other entity, as applicable. We may change, amend or terminate these API Terms at any time. Your use of the OneBoss APIs after any change or amendment means you agree to the new API Terms. If you do not agree to the new API Terms or if we terminate these API Terms, you must stop using the OneBoss APIs.

1. Defined Terms

a) “Customer(s)” means the licensee of a OneBoss online service (“OneBoss Offering”) and if the licensee is an organization, includes their administrators and end users.
b) “OneBoss APIs” means (i) any form of machine accessible application programming interface that OneBoss makes available which provides access to a OneBoss Offering, including all associated tools, elements, components and executables therein, (ii) any OneBoss sample code that enables interactions with a OneBoss Offering, and (iii) documentation that OneBoss makes available to help enable your access to the OneBoss APIs.
c) The OneBoss APIs include:
1. Any APIs that provide access to OneBoss RepWeb or OneBoss GUI;
2. Any other OneBoss APIs that enable access to Ensemble;
3. Any other OneBoss APIs that enable access to OneBoss KYP™;
4. Any other APIs that provide access to the OneBoss ecosystem.

2. Scope and Application Registration

a) These API Terms govern your use of OneBoss APIs except:
1. if you have entered into another agreement with OneBoss that expressly supersedes these API Terms and governs your use of specific OneBoss APIs, or
2. for any APIs other than the APIs listed in section 1.d) of these terms, if you access APIs that present accompanying terms (“Accompanying Terms”) and you have accepted those Accompanying Terms, then those Accompanying Terms will apply to your access of those APIs.
b) Registration for your Application may be required pursuant to documentation. If registration is required, you must register your Application with OneBoss. Your registration must be accurate and kept up-to-date by you at all times. Once you have successfully registered an Application, you will be given access credentials for your Application. “Access Credentials” means the necessary security keys, secrets, tokens, and other credentials to access the OneBoss APIs. The Access Credentials enable us to associate your Application with your use of the OneBoss APIs. All activities that occur using your Access Credentials are your responsibility. Access Credentials are non-transferable and non-assignable. Keep them secret. Do not try to circumvent them.

3. OneBoss APIs License and Guidelines

a) OneBoss APIs License Subject to your compliance with all of the API Terms, OneBoss grants you a limited, non-exclusive, non-assignable, non-transferable, revocable license to use the OneBoss APIs to develop, test, and support your Application, and allow Customers to use your integration of the OneBoss APIs within your Application. You may use the OneBoss APIs only as expressly permitted in these API Terms. Violation of these API Terms may result in the suspension or termination of your use of the OneBoss APIs.
b) OneBoss APIs Guidelines
You may NOT:
1. Use the OneBoss APIs in a way that could impair, harm or damage OneBoss, the OneBoss APIs, any OneBoss Offering, or anyone’s use of the OneBoss APIs or any OneBoss Offerings;
2. Use the OneBoss APIs to disrupt, interfere with, or attempt to gain unauthorized access to services, servers, devices, or networks connected to or which can be accessed via the OneBoss APIs;
3. Use the OneBoss APIs, or any information accessed or obtained using the OneBoss APIs, for the purpose of migrating Customers away from a OneBoss Offering, except in connection with use of the OneBoss APIs by your Application or unless expressly permitted by OneBoss pursuant to a duly executed written agreement;
4. Scrape, build databases or otherwise create copies of any data accessed or obtained using the OneBoss APIs, except as necessary to enable an intended usage scenario for your Application;
5. Request from the OneBoss APIs more than the minimum amount of data, or more than the minimum permissions to the types of data, that your Application needs for Customers to use the intended functionality of your Application;
6. Use an unreasonable amount of bandwidth, or adversely impact the stability of the OneBoss APIs or the behavior of other apps using the OneBoss APIs;
7. Attempt to circumvent the limitations OneBoss sets on your use of the OneBoss APIs. OneBoss sets and enforces limits on your use of the OneBoss APIs (e.g., limiting the number of API requests that you may make or the number of users you may serve), in its sole discretion;
8. Use OneBoss APIs in any manner that works around any technical limitations of the OneBoss APIs or of the accessed OneBoss Offering, or reverse engineer, decompile or disassemble the OneBoss APIs, except and only to the extent that applicable law expressly permits, despite this limitation;
9. Use the OneBoss APIs, or any data obtained using the OneBoss APIs, to conduct performance testing of a OneBoss Offering unless expressly permitted by OneBoss pursuant to a duly executed written agreement;
10. Use the OneBoss APIs, or any data obtained using the OneBoss APIs, to identify, exploit or publicly disclose any potential security vulnerabilities;
11. Request, use or make available any data obtained using the OneBoss APIs outside any permissions expressly granted by Customers in connection with using your Application;
12. Use or transfer any data accessed or obtained using the OneBoss APIs, including any data aggregated, anonymized or derived from that data (collectively the “OneBoss APIs Data”) for advertising or marketing purposes including (i) targeting ads, or (ii) serving ads. For purposes of clarity, this prohibition on using OneBoss APIs Data for advertising or marketing purposes does not extend to using other data, such as (i) the number of users of your Application, (ii) a user identifier you independently receive from a user (e.g., an email address you receive when a user enrolls to use your Application, a device identifier, or an advertising identifier), or (iii) a product or service identifier that identifies a OneBoss Offering;
13. Make your Application available for use in a manner that circumvents the need for users to obtain a valid license to the OneBoss application or service that is accessed through the OneBoss APIs;
14. Redistribute or resell, or sublicense access to, the OneBoss APIs, any data obtained using the OneBoss APIs, or any other OneBoss Offering accessed through the OneBoss APIs; or
15. Misrepresent expressly, by omission, or implication, the need for users to obtain a valid license to the OneBoss application or service that is accessed through the OneBoss APIs;
16. Falsify or alter any unique referral identifier in, or assigned to an Application, or otherwise obscure or alter the source of queries coming from an Application to hide a violation of this agreement; or
17. Use the OneBoss APIs or allow any user to use the Application in a way that violates applicable law, including:
* Illegal activities, such as child pornography, gambling, piracy, violating copyright, trademark or other intellectual property laws.
* Any activity that may negatively affect the reputation of OneBoss, its products or its employees.
* Accessing or authorizing anyone to access the OneBoss APIs to conduct any activity that may be illegal.
* Threatening, stalking, defaming, defrauding, degrading, victimizing or intimidating anyone for any reason.
* Violating applicable anti-money laundering, privacy laws and regulations.
18. Use the OneBoss APIs in a way that could create, in OneBoss’s sole discretion and judgment, an unreasonable risk to Customers from a security or privacy perspective.

4. Security

You warrant that your Application has been developed to operate with OneBoss API content in a secure manner. Your network, operating system and the software of your servers, databases, and computer systems (collectively, “Systems”) must be properly configured to securely operate your Application and store content collected through your Application (including the OneBoss API content). Your Application must use reasonable security measures to protect the private data of your users.

We may use technology to detect, prevent or limit the impact of any issues caused by your Application (before, after, or instead of suspension of your access). This may include, for example, (i) filtering to stop spam, (ii) performing security or privacy monitoring regarding scraping, denial of service attacks, user impersonation, application impersonation, or illicit consent grant(s), or (iii) limiting or terminating your access to the OneBoss APIs.

You will permit OneBoss reasonable access to your Application for purposes of monitoring compliance with these API Terms. You will respond to any questions by OneBoss about your compliance with these API Terms.

Without limiting the foregoing, upon request by OneBoss, you will provide us (or an independent auditor acting on our behalf) with up to two full-feature client account-level instances to access your Application (and/or other materials relating to your use of the API) as reasonably requested by us to verify your compliance with these API Terms (including, in particular, your security and privacy obligations under these API Terms).

We may restrict or terminate access to the APIs or perform an audit (including by hiring an independent auditor acting on our behalf) of your Application if you fail to provide adequate information and materials (including up to two full-featured instances of your Application) to verify your compliance with these Terms.

You must have a process to respond to any vulnerabilities in your Application, and in the case of any vulnerabilities related to your Application’s connection to the OneBoss APIs discovered by you or reported to you by a third party, you agree that you will provide vulnerability details to OneBoss.

In the event of a data breach by you resulting from any aspect of the OneBoss APIs involving your Application or any data collected through your Application, you will promptly contact OneBoss and provide details of the data breach. You agree to refrain from making public statements (e.g., press, blogs, social media, bulletin boards, etc.) without prior written and express permission from OneBoss in each instance as it relates to the OneBoss APIs.

The rights and requirements of this section — 4. Security — will survive for five (5) years following any termination of these API Terms.

5. Your Compliance with Applicable Privacy and Data Protection Laws

You must comply with all laws and regulations applicable to your use of the data accessed through the OneBoss APIs, including without limitation laws related to privacy, biometric data, data protection and confidentiality of communications. Your use of the OneBoss APIs is conditioned upon implementing and maintaining appropriate protections and measures for your service and Application, and that includes your responsibility to the data obtained through the use of the OneBoss APIs. For the data you obtained through the OneBoss APIs, you must:
a) obtain all necessary consents before processing data and obtain additional consent if the processing changes (“Data Access Consents”),
b) In the event that you are storing data locally, ensure that data is kept up to date and implement corrections, restrictions to data, or the deletion of data as reflected in the data obtained through your use of the OneBoss APIs,
c) implement proper retention and deletion policies, including deleting all data when your user abandons your Application, uninstalls your Application, closes its account with you, or abandons the account,
d) maintain and comply with a written statement available to Customers and users that describes your privacy practices regarding data and information you collect and use (“Your Privacy Statement”), and that statement must be as protective as the OneBoss Privacy Statement, and
e) When your Application allows end users to sign in with a OneBoss account and OneBoss is not providing the user interface for the sign in, your Privacy Statement must provide a link to https://www.oneboss.ca/privacy or such other location(s) as we may specify from time to time, with a clear indication that Customers and end users can go to the OneBoss site(s) to revoke Data Access Consents at any time. If Customers or end users must take additional steps to disable your Application’s access to Customer or end user data, then Your Privacy Statement must clearly indicate to Customers and end users the additional steps required to disable access.
Nothing in the Agreement shall be construed as creating a joint controller or processor-subprocessor relationship between you and OneBoss.

6. Changes to the OneBoss APIs and API Terms

WE MAY CHANGE OR DISCONTINUE THE AVAILABILITY OF SOME OR ALL OF THE ONEBOSS APIs AT ANY TIME FOR ANY REASON WITH OR WITHOUT NOTICE. Such changes may include, without limitation, removing or limiting access to specific API(s), requiring fees or setting and enforcing limits on your use of additions to the OneBoss APIs. We may also impose limits on certain features and services or restrict your access to some or all of the OneBoss APIs. We may release subsequent versions of the OneBoss APIs and require that you use those subsequent versions, at your sole cost and expense.

Any version of the OneBoss APIs designated as “preview”, “pre-release” or “beta” (“Preview API”), may not work in the same way as a final version. We may change or not release a final or commercial version of a Preview API in our sole discretion.

WE MAY MODIFY THESE API TERMS AT ANY TIME, WITH OR WITHOUT PRIOR NOTICE TO YOU. YOUR CONTINUED USE OF THE ONEBOSS APIs FOLLOWING THE RELEASE OF A SUBSEQUENT VERSION OF THESE API TERMS WILL BE DEEMED YOUR ACCEPTANCE OF ANY MODIFICATIONS TO THESE API TERMS.

7. Feedback

If you give feedback about the OneBoss APIs to OneBoss, you give to OneBoss, without charge, the right to use, share and commercialize your feedback in any way and for any purpose. You will not give feedback that is subject to a license that requires OneBoss to license its software or documentation to third parties because OneBoss includes your feedback in them. These rights survive these API Terms.

8. Confidentiality

You may be given access to certain non-public information, software, and specifications relating to the OneBoss APIs (“Confidential Information”), which is confidential and proprietary to OneBoss. You may use Confidential Information only as necessary in exercising your rights granted under these API Terms. You may not disclose any Confidential Information to any third party without OneBoss’s prior written consent. You agree that you will protect any Confidential Information from unauthorized use, access, or disclosure in the same manner that you would use to protect your own confidential and proprietary information.

9. Disclaimer of Warranties, Limitation of Liability and Indemnity

a) Disclaimer of Warranties
WE MAKE NO WARRANTIES, EXPRESS OR IMPLIED, GUARANTEES OR CONDITIONS WITH RESPECT TO YOUR USE OF THE ONEBOSS APIs. YOU UNDERSTAND THAT USE OF THE ONEBOSS APIs IS AT YOUR OWN RISK AND THAT WE PROVIDE THE ONEBOSS APIs ON AN “AS IS” BASIS “WITH ALL FAULTS” AND “AS AVAILABLE” TO THE EXTENT PERMITTED UNDER CANADIAN LAW, WE EXCLUDE ANY IMPLIED WARRANTIES, INCLUDING FOR MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, WORKMANLIKE EFFORT, AND NON-INFRINGEMENT. YOU MAY HAVE CERTAIN RIGHTS UNDER CANADIAN LAW. NOTHING IN THESE API TERMS ARE INTENDED TO AFFECT THOSE RIGHTS, IF THEY ARE APPLICABLE. WE DO NOT GUARANTEE THE ONEBOSS APIs WILL FUNCTION WITHOUT INTERRUPTION OR ERRORS IN FUNCTIONING. IN PARTICULAR, THE OPERATION OF THE ONEBOSS APIs MAY BE INTERRUPTED DUE TO MAINTENANCE, UPDATES, OR SYSTEM OR NETWORK FAILURES. WE DISCLAIM ALL LIABILITY FOR DAMAGES CAUSED BY ANY SUCH INTERRUPTION, ERRORS IN FUNCTIONING, OR THAT DATA LOSS WILL NOT OCCUR.

b) Limitation of Liability
IF YOU HAVE ANY BASIS FOR RECOVERING DAMAGES (INCLUDING BREACH OF THESE API TERMS), YOU AGREE THAT YOUR EXCLUSIVE REMEDY IS TO RECOVER, FROM ONEBOSS OR ANY AFFILIATES, RESELLERS, DISTRIBUTORS, SUPPLIERS (AND RESPECTIVE EMPLOYEES, SHAREHOLDERS, OR DIRECTORS) AND VENDORS, ONLY DIRECT DAMAGES UP TO CAN $5.00 COLLECTIVELY. YOU CANNOT RECOVER ANY OTHER DAMAGES OR LOSSES, INCLUDING, WITHOUT LIMITATION, DIRECT, CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT, INCIDENTAL, OR PUNITIVE. These limitations and exclusions apply even if this remedy does not fully compensate you for any losses or fails in its essential purpose or if we knew or should have known about the possibility of the damages. To the maximum extent permitted by law, these limitations and exclusions apply to any claims related to these API Terms or your use of the OneBoss APIs.

c) Indemnification
You will defend, hold harmless, and indemnify OneBoss from any claim or action brought by a third party, including all damages, liabilities, costs and expenses, and reasonable attorney fees, to the extent resulting from, alleged to have resulted from, or in connection with your breach of the obligations herein or infringement of OneBoss’s or third party’s intellectual property.

d) No Injunctive Relief
In no event shall you seek or be entitled to rescission, injunctive or other equitable relief, or to enjoin or restrain the operation of the OneBoss APIs, content or other material used or displayed through the current OneBoss website or successor site.

e) No Third-Party Beneficiaries
There are no third-party beneficiaries to this Agreement.

10. Termination

a) We may suspend or immediately terminate these API Terms, any rights granted herein, and/or your license to the OneBoss APIs, in our sole discretion at any time, for any reason. You may terminate these API Terms at any time by ceasing your access to the OneBoss APIs.
b) Upon termination, all licenses granted herein immediately expire and you must cease use of the OneBoss APIs. You must also comply with Customer’s instruction to return or delete any data accessed or obtained through the OneBoss APIs, unless expressly permitted by OneBoss or prohibited by law. Neither party will be liable to the other for any damages resulting solely from termination of these API Terms.

11. General Terms

a) Applicable Law
1. The laws of Canada shall apply. This agreement is governed by the laws of the Province of Ontario and the laws of Canada as applicable therein without giving effect to any principles of conflicts of laws regardless of the domicile, residence or physical location of the user. All disputes, controversies or claims arising out of or in connection with the website shall be submitted to and be subject to the jurisdiction of the courts of the Province of Ontario. You submit and attorn to the exclusive jurisdiction of the courts of the Province of Ontario to finally adjudicate or determine any suit, action or proceeding arising out of or in connection with the APIs.
2. Any claims shall be filed in Windsor, Ontario. You agree that all Claims will be heard and resolved in a court of competent subject matter jurisdiction located in Windsor, Ontario. You consent to the personal jurisdiction of such courts over you, stipulate to the fairness and convenience of proceeding in such courts, and covenant not to assert any objection to proceeding in such courts.
b) Support. Because the OneBoss APIs are provided “as is,” we shall not provide support services for them. You are solely responsible for the quality of your Application and providing support for your Application.
c) Assignment and Delegation. You shall not assign or delegate any rights or obligations under these API Terms, including in connection with a change of control. Any purported assignment and delegation shall be ineffective. We may freely assign or delegate all rights and obligations under these API Terms, fully or partially without notice to you.
d) Reservation of Rights. All rights not expressly granted herein are reserved by OneBoss. You acknowledge that all intellectual property rights within the OneBoss APIs remain the property of OneBoss and nothing within these API Terms will act to transfer any of these intellectual property rights to you.
e) OneBoss and you are independent contractors. Nothing in this Agreement shall be construed as creating an employer-employee relationship, processor-subprocessor relationship, a partnership, or a joint venture between the parties.
f) No Waiver. Either party’s failure to act with respect to a breach of these API Terms does not waive either party’s right to act with respect to that breach or subsequent similar or other breaches.
g) Survival. Sections of these API Terms that, by their terms, require performance after the termination or expiration of these API Terms will survive, such as, for example, the rights and requirements of section 4. Security and section 8 Confidentiality.
h) Modifications. We may modify these API Terms at any time with or without individual notice to you. Any modifications will be effective upon your continued use of the OneBoss APIs.
i) Entire Agreement. These API Terms and any documents incorporated into these API Terms by reference, constitute the entire agreement between you and us regarding the OneBoss APIs and supersede all prior agreements and understandings, whether written or oral, or whether established by custom, practice, policy or precedent, with respect to the subject matter of these API Terms. If any provision of these API Terms is found to be illegal, void, or unenforceable, the unenforceable provision will be modified so as to render it enforceable to the maximum extent possible.