← Back to NEXQ Legal Center

Contract effective date: September 18, 2024. Audit release: July 9, 2026. Runtime consent and session timestamps are recorded when users actually interact with NEXQ systems.

API and Developer Terms Policy

Customization required. This template is provided for policy operations and counsel review. Replace every NEXQ-reviewed value, verify every factual statement, and confirm applicability before publication. The template is not legal advice and does not create an attorney-client relationship.

Effective date: September 18, 2024
Last updated: September 18, 2024
Owner: NEXQ privacy, security, and legal operations
Applies to: NEXQ websites, web applications, protected workspace surfaces, mobile app surfaces, APIs, secure healthcare and healthtech workflow demonstrations, quantum encryption, diagnostics, oncology, longevity, research collaboration, support, and related services

This policy governs developer access to NEXQ's APIs, SDKs, sandbox environments, documentation, and developer tools.

1. API access

API credentials are confidential and may not be shared. You are responsible for all activity under your credentials.

2. Rate limits and security

You must follow rate limits, authentication requirements, webhook verification, secure storage, logging restrictions, and vulnerability reporting obligations.

3. Data use

You may use API data only for authorized purposes, with required notices, consents, and legal bases. Do not use API data for advertising, profiling, AI training, resale, data brokerage, or unrelated purposes unless expressly authorized.

4. Health and regulated APIs

APIs involving PHI, clinical, financial, education, children’s, biometric, or government data require specific contractual authorization and security controls.

5. Changes

APIs may change, be deprecated, or be rate limited. We will provide notice where reasonable.

Audit addendum

APIs must enforce authentication, authorization, rate limits, logging, least privilege, data minimization, deletion/return on termination, secure token storage, abuse monitoring, and contract limits. Developers must not use API data for advertising, resale, model training, profiling, or regulated decisions unless explicitly authorized.