API Terms of Use

1. Definitions

The following definitions apply throughout these API Terms of Use. Capitalized terms not defined herein shall have the meanings ascribed to them in the Kotova Terms of Service.

• "API" (Application Programming Interface) means the set of protocols, routines, tools, and endpoints made available by Kotova that enable authorized third parties to programmatically interact with Kotova's platform, access data, and execute transactions in accordance with these API Terms of Use and the accompanying Documentation.
• "API Key" means the unique cryptographic credential issued by Kotova to an authorized Client upon successful registration, which serves as the primary means of authentication and identification when accessing the API. Each API Key is confidential and non-transferable.
• "Rate Limit" means the maximum number of API requests that a Client is permitted to make within a defined time period, as specified in the Documentation. Rate Limits are imposed to ensure fair usage, maintain platform stability, and prevent abuse of the API infrastructure.
• "Endpoint" means a specific URL path exposed by the API through which a Client may submit requests to access particular data or invoke particular functionality of the Kotova platform, as described in the Documentation.
• "Response" means the data, status codes, headers, and any other information returned by the API to a Client following the submission of a valid request to an Endpoint, formatted in accordance with the specifications set forth in the Documentation.
• "Client" means any natural or legal person who has been issued an API Key by Kotova and is authorized to access and use the API in accordance with these API Terms of Use. The term "Client" includes, where applicable, the Client's employees, contractors, and authorized agents acting on the Client's behalf.
• "Partner" means a Client who has entered into a separate written agreement with Kotova granting enhanced API access, elevated Rate Limits, or additional privileges beyond those available under the standard API Terms of Use.
• "User Data" means any data relating to an identified or identifiable natural person that is transmitted to, processed by, or received from the API in the course of the Client's use of the API, including but not limited to personal identifiers, transaction data, wallet addresses, and any other information that constitutes personal data under applicable data protection legislation.
• "Documentation" means the official technical documentation, guides, reference materials, changelogs, and specifications published by Kotova that describe the functionality, Endpoints, request formats, Response structures, Rate Limits, authentication procedures, and best practices for using the API.

2. Using the API

Access to the Kotova API requires a valid API Key. To obtain an API Key, you must complete the registration process on the Kotova platform, agree to these API Terms of Use and the Kotova Terms of Service, and provide accurate and complete information as requested during the application process. Kotova reserves the right to approve or reject any API Key application at its sole discretion, without obligation to provide reasons for rejection.

You are solely responsible for maintaining the confidentiality and security of your API Key. Your API Key must be treated as highly sensitive credential information and must not be shared with, disclosed to, or made accessible to any unauthorized third party. You shall implement appropriate technical and organizational measures to protect your API Key from unauthorized access, including but not limited to encryption at rest, secure transmission protocols, and restricted access controls within your organization.

All API requests must comply with the specifications, formats, protocols, and procedures set forth in the Documentation. You are responsible for ensuring that your integration conforms to the current version of the Documentation and that your systems are updated to reflect any changes published by Kotova. Kotova shall not be liable for any errors, failures, or data loss resulting from non-compliant API requests or outdated integrations.

The API is subject to Rate Limits as specified in the Documentation. You must design your integration to respect and adhere to the applicable Rate Limits at all times. Exceeding the Rate Limits may result in temporary throttling, rejection of requests, or suspension of your API Key. If your use case requires Rate Limits in excess of the standard allocation, you may contact Kotova to discuss a Partner arrangement with elevated limits.

Kotova may release updated versions of the API from time to time. When a new version is released, Kotova will provide reasonable notice of the deprecation timeline for the prior version as described in Section 5. You are responsible for migrating your integration to the latest supported version within the deprecation period. Continued use of a deprecated API version after the end of its support period is at your own risk and may result in degraded functionality or loss of access.

You shall not use the API for any purpose that is unlawful, fraudulent, or prohibited by these API Terms of Use, the Kotova Terms of Service, or any applicable law or regulation. You shall not attempt to circumvent, disable, or interfere with any security, authentication, rate-limiting, or access control mechanisms implemented by Kotova in connection with the API.

3. Rights and Limitations

Subject to your compliance with these API Terms of Use, Kotova grants you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to access and use the API solely for the purposes described in the Documentation and in accordance with the scope of authorization granted to your API Key. This license does not confer any ownership rights in the API, its underlying technology, or any intellectual property of Kotova.

You shall not sublicense, sell, resell, lease, rent, distribute, or otherwise make available the API or any API Key to any third party without the prior written consent of Kotova. You shall not grant any third party direct or indirect access to the API using your API Key, except to the extent that such access is provided to your authorized employees or contractors who are bound by confidentiality obligations at least as restrictive as those set forth in these API Terms of Use.

You shall not reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, algorithms, data structures, or underlying architecture of the API or any component thereof. You shall not modify, adapt, translate, or create derivative works based on the API or any part thereof, except to the extent expressly permitted by the Documentation or by mandatory applicable law that cannot be excluded by contract.

You shall not engage in any abusive, excessive, or anomalous usage patterns that may degrade the performance, availability, or security of the API or the Kotova platform. This includes but is not limited to automated scraping of data beyond the scope of your authorized use, deliberate overloading of Endpoints, submission of malformed or malicious requests, or any activity that could be reasonably construed as a denial-of-service attack or an attempt to exploit vulnerabilities in the API infrastructure.

Kotova reserves the right to revoke, suspend, or restrict your access to the API at any time, with or without prior notice, if Kotova determines in its sole discretion that your use of the API violates these API Terms of Use, poses a security risk, adversely affects the performance or integrity of the platform, or is otherwise detrimental to Kotova or its users.

All data, content, and information made available through the API, including but not limited to exchange rates, market data, transaction records, and platform metadata, remains the exclusive property of Kotova or its licensors. You are granted a limited right to use such data solely in connection with your authorized use of the API. You shall not cache, store, redistribute, or commercially exploit API data except as expressly permitted by the Documentation or by a separate written agreement with Kotova.

4. Privacy and Confidentiality

You acknowledge and agree that your use of the API may involve the processing of User Data. You shall handle all User Data in strict compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the German Federal Data Protection Act (Bundesdatenschutzgesetz, "BDSG"), and all other applicable data protection and privacy laws and regulations. You shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage of User Data.

You shall not share, disclose, or make accessible your API Key to any unauthorized third party under any circumstances. Your API Key is a confidential credential that uniquely identifies your account and grants access to the API. Any unauthorized use of your API Key, whether resulting from your negligence or a security breach, is your sole responsibility. You must notify Kotova immediately at legal@kotova.io if you become aware or suspect that your API Key has been compromised, disclosed to an unauthorized party, or used without your authorization.

You shall not store, retain, or persist User Data obtained through the API beyond the period strictly necessary for the fulfillment of the specific purpose for which the data was collected. You shall establish and maintain data retention and deletion policies that comply with the principle of data minimization as prescribed by the GDPR. Upon termination of your access to the API, or upon request by Kotova, you shall promptly and permanently delete all User Data in your possession or control that was obtained through the API.

In the event of a personal data breach, as defined under Article 4(12) of the GDPR, involving User Data obtained through or processed in connection with the API, you shall notify Kotova without undue delay and in any event no later than twenty-four (24) hours after becoming aware of the breach. The notification shall include, at a minimum, a description of the nature of the breach, the categories and approximate number of data subjects affected, the likely consequences of the breach, and the measures taken or proposed to be taken to address the breach and mitigate its effects.

All non-public information relating to the API, including but not limited to technical specifications, security protocols, internal documentation, business processes, and any information designated as confidential by Kotova, constitutes confidential information. You shall not disclose, publish, or disseminate any confidential information to any third party without the prior written consent of Kotova, and you shall use such information solely for the purpose of exercising your rights and fulfilling your obligations under these API Terms of Use.

5. Availability and Support

Kotova shall use commercially reasonable efforts to maintain the availability of the API. However, the API is provided without any service level agreement (SLA), and Kotova does not guarantee any specific level of uptime, availability, or performance. The API may be subject to scheduled and unscheduled downtime, including but not limited to maintenance windows, infrastructure upgrades, security patches, and emergency repairs.

Kotova will endeavor to provide advance notice of scheduled maintenance windows that are expected to result in significant API downtime. Where practicable, such notice will be communicated through the Documentation, status page, or by email to registered Clients. However, Kotova reserves the right to perform emergency maintenance without prior notice when necessary to protect the security, integrity, or availability of the platform.

Kotova may deprecate or discontinue any API version, Endpoint, or feature at any time. In the event of a planned deprecation, Kotova shall provide at least thirty (30) days' prior written notice to affected Clients, specifying the deprecation date, the affected components, and, where applicable, the recommended migration path to a successor version or Endpoint. After the expiration of the deprecation notice period, the deprecated API version, Endpoint, or feature may be removed without further notice, and Kotova shall have no obligation to continue supporting it.

Technical support for the API is provided on a reasonable-efforts basis through the channels designated in the Documentation. Kotova does not guarantee response times or the resolution of technical issues within any specific timeframe. Partners with a separate written agreement may be entitled to enhanced support levels as specified in their agreement.

6. Warranty Disclaimer

The API is provided "as is" and "as available," without warranty of any kind, whether express, implied, statutory, or otherwise. To the fullest extent permitted by applicable law, Kotova expressly disclaims all warranties, including but not limited to implied warranties of merchantability, fitness for a particular purpose, non-infringement, accuracy, completeness, reliability, and timeliness.

Kotova does not warrant that the API will be uninterrupted, error-free, secure, or free of viruses or other harmful components. Kotova does not warrant that the data, exchange rates, market information, or any other content made available through the API will be accurate, complete, current, or reliable. You acknowledge that cryptocurrency markets are inherently volatile and that data provided through the API may be subject to delays, inaccuracies, or discrepancies.

Kotova does not warrant that the API will meet your specific requirements, that any defects or errors will be corrected, or that the API will operate in combination with any other hardware, software, systems, or services. You assume all risk and responsibility for your use of the API and for any decisions made or actions taken based on data or functionality provided by the API.

No advice, information, or representation obtained from Kotova or through the API, whether oral or written, shall create any warranty not expressly stated in these API Terms of Use. This disclaimer of warranties applies to the fullest extent permitted by law and shall survive the termination or expiration of these API Terms of Use.

7. Limitation of Liability

To the maximum extent permitted by applicable law, in no event shall Kotova, its partners, directors, employees, agents, or affiliates be liable for any indirect, incidental, special, consequential, punitive, or exemplary damages arising out of or in connection with your access to or use of the API, including but not limited to damages for loss of profits, loss of revenue, loss of data, loss of business opportunities, business interruption, or loss of goodwill, regardless of the theory of liability (whether in contract, tort, negligence, strict liability, or otherwise) and even if Kotova has been advised of the possibility of such damages.

To the extent that Kotova's liability cannot be excluded under applicable law, Kotova's total aggregate liability to you for all claims arising out of or in connection with these API Terms of Use and your use of the API shall not exceed the total amount of fees actually paid by you to Kotova for the use of the API during the twelve (12) month period immediately preceding the event giving rise to the claim. If no fees have been paid, Kotova's maximum aggregate liability shall not exceed one hundred euros (€100).

The limitations of liability set forth in this section shall apply to the fullest extent permitted by law and shall survive the termination or expiration of these API Terms of Use. You acknowledge that these limitations are a material inducement for Kotova to provide the API and that Kotova would not make the API available without these limitations.

8. Term and Termination

These API Terms of Use are effective from the date on which you first access or use the API and shall remain in effect until terminated by either party in accordance with this section. Your continued use of the API constitutes ongoing acceptance of and agreement to be bound by these API Terms of Use, as amended from time to time.

Kotova may suspend or terminate your access to the API and revoke your API Key immediately, without prior notice and without liability, if Kotova determines in its sole discretion that:

• You have violated any provision of these API Terms of Use, the Kotova Terms of Service, or any other applicable Kotova policy.
• Your use of the API poses a security risk to the Kotova platform, its infrastructure, or its users.
• Your use of the API is causing or is reasonably likely to cause harm, disruption, or degradation to the performance or availability of the API or the Kotova platform.
• You are using the API in connection with any unlawful, fraudulent, or abusive activity.
• Continued provision of the API to you is no longer commercially viable or is required to be discontinued due to changes in applicable law or regulation.

You may terminate your use of the API at any time by ceasing all use of the API and deleting your API Key. You may also request the formal closure of your API account by sending written notice to legal@kotova.io.

Upon termination, whether initiated by you or by Kotova, your license to access and use the API shall immediately cease. You shall promptly delete, destroy, or return all API Keys, confidential information, and User Data in your possession or control that were obtained through the API. Termination shall not relieve you of any obligations incurred prior to the effective date of termination, including any obligations relating to the payment of fees, the protection of confidential information, and compliance with data protection requirements. Sections 1, 3, 4, 6, 7, 9, and 10 of these API Terms of Use shall survive termination.

9. Applicable Law

These API Terms of Use are governed by and shall be construed in accordance with the laws of the Federal Republic of Germany, without regard to its conflict of law principles. The application of the United Nations Convention on Contracts for the International Sale of Goods (CISG) is expressly excluded.

Any dispute, controversy, or claim arising out of or in connection with these API Terms of Use, including disputes regarding its existence, validity, interpretation, performance, breach, or termination, shall be subject to the exclusive jurisdiction of the competent courts of Hamburg, Germany. You irrevocably consent to the personal jurisdiction and venue of such courts and waive any objection on grounds of inconvenient forum or lack of jurisdiction.

Notwithstanding the foregoing, Kotova retains the right to seek injunctive or other equitable relief in any court of competent jurisdiction to prevent or restrain any actual or threatened violation of these API Terms of Use, particularly where such violation involves unauthorized access to the API, misuse of confidential information, or infringement of Kotova's intellectual property rights.

10. Miscellaneous

These API Terms of Use, together with the Kotova Terms of Service and the Kotova Privacy Policy, constitute the entire agreement between you and Kotova with respect to your access to and use of the API, and supersede all prior or contemporaneous oral or written communications, proposals, representations, and agreements with respect to the subject matter hereof.

Kotova reserves the right to modify, amend, or update these API Terms of Use at any time. Material changes will be communicated to Clients through the Documentation, by email to the address associated with their API Key, or through other reasonable means. Your continued use of the API following the effective date of any amendment constitutes acceptance of the revised API Terms of Use. If you do not agree with the amended terms, you must immediately cease all use of the API and delete your API Key.

If any provision of these API Terms of Use is found to be invalid, unlawful, void, or unenforceable by a court of competent jurisdiction, that provision shall be deemed severed from these API Terms of Use, and the remaining provisions shall continue in full force and effect. The invalid or unenforceable provision shall be reformed to the minimum extent necessary to make it valid and enforceable while preserving the original intent of the parties as closely as possible.

You may not assign, transfer, delegate, or sublicense any of your rights or obligations under these API Terms of Use to any third party without the prior written consent of Kotova. Any purported assignment or transfer in violation of this provision shall be null and void. Kotova may freely assign or transfer its rights and obligations under these API Terms of Use without restriction.

The failure of Kotova to enforce any right or provision of these API Terms of Use shall not constitute a waiver of such right or provision. No waiver by Kotova shall be effective unless made in writing and signed by an authorized representative of Kotova.

For any questions, concerns, or inquiries regarding these API Terms of Use or the Kotova API, please contact our legal team at legal@kotova.io.