Developer API License Agreement

Subject to your compliance with this Agreement and all applicable terms, Deep Identity Inc. grants you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to access and use the Developer Tools solely for the purpose of developing, testing, and operating software applications and services that integrate with the Universal AI Identity Protocol (UAIIP) and the getai.id platform (“Your Applications”). This license permits you to make API calls to the getai.id endpoints in accordance with the published API documentation and within the rate limits and usage quotas applicable to your account tier. This license permits you to download, install, and integrate the getai.id SDKs into Your Applications for the purpose of enabling UAIIP functionality, including AI system registration, model fingerprinting, attestation credential management, registry queries, and ASID verification. This license permits you to use the getai.id sandbox environment for development and testing purposes. This license permits you to reproduce and distribute the getai.id SDK libraries as embedded components within Your Applications, provided that the SDK is distributed only in compiled or object code form, is distributed only as part of Your Application and not as a standalone product, and is used solely for the purpose of enabling UAIIP integration within Your Application.

This license does not grant you any right to access the source code of the getai.id platform, APIs, or SDK internals beyond what is published as open-source under a separate license. This license does not grant you any right to use the Developer Tools for any purpose other than integrating with the UAIIP protocol as described in this Agreement. This license does not grant you any right to sublicense, resell, rent, lease, or otherwise commercially distribute the Developer Tools as standalone products or services.

To access the Developer Tools, you must create a developer account on the getai.id developer portal. Developer account creation is subject to the same identity verification and account eligibility requirements described in the Terms of Service. Upon account creation and approval, you will be issued API keys, client credentials, and other authentication tokens necessary to access the Developer Tools (“API Credentials”).

Your API Credentials are confidential and personal to your account. You shall not share, publish, embed in client-side code, commit to public code repositories, or otherwise disclose your API Credentials to any unauthorized person. You are solely responsible for all activities conducted using your API Credentials, regardless of whether those activities were authorized by you. You shall implement appropriate security measures to protect your API Credentials, including storing them in environment variables or secure credential management systems rather than hardcoding them in application source code, rotating them periodically in accordance with security best practices, and immediately revoking and regenerating them if you suspect they have been compromised. You shall notify Deep Identity Inc. immediately at security@deepidv.com if you become aware of any unauthorized use of your API Credentials.

The getai.id APIs are subject to rate limits and usage quotas that vary by account tier. The current rate limits and quotas for each tier are published on the getai.id developer portal and may be updated from time to time. You agree to design Your Applications to operate within the applicable rate limits and to implement appropriate backoff and retry logic to handle rate limit responses gracefully. You shall not attempt to circumvent, bypass, or defeat rate limits through the use of multiple accounts, distributed request patterns, or any other mechanism.

You shall use the APIs only in accordance with the published API documentation, including the specified request formats, authentication methods, endpoint URLs, and response handling procedures. You shall not rely on undocumented API behavior, internal endpoints, or response fields that are not part of the published API specification, as these may change without notice. You shall keep your SDK installation up to date and shall upgrade to new SDK versions within a reasonable timeframe when we publish updates, particularly security updates. We reserve the right to deprecate API versions with reasonable advance notice (typically ninety days) and to discontinue support for deprecated versions.

You may use the Developer Tools to build integrations that enable Your Applications to register AI systems on the getai.id registry on behalf of your users, provided that you obtain appropriate authorization from each user and comply with all registration requirements. You may query the AI Identity Registry to verify the registration status, ASID, capability classification, and attestation validity of AI systems that interact with Your Applications. You may integrate the attestation verification SDK to validate attestation proofs (API headers, token biasing watermarks, or media steganography) embedded in outputs from registered AI systems. You may integrate the fingerprinting SDK to enable users of Your Applications to fingerprint their AI models locally and submit the resulting hashes for registration. You may display public profile information from the AI Identity Registry within Your Applications, provided that you display such information accurately and without modification and include appropriate attribution to getai.id.

You shall not use the Developer Tools to build or operate a service that replicates, competes with, or substitutes for the core functionality of the getai.id platform, the AI Identity Registry, or the UAIIP protocol. You shall not use the Developer Tools to build a competing AI identity registry, a competing attestation service, or a competing model fingerprinting service. You shall not cache, store, or create derivative databases from registry data obtained through the APIs beyond what is reasonably necessary for the operation of Your Application, and you shall not retain cached registry data for more than twenty-four (24) hours without refreshing it through a new API call. You shall not use the Developer Tools to aggregate, correlate, or cross-reference registry data with data from other sources for the purpose of deanonymizing pseudonymous AI system owners. You shall not use the Developer Tools to facilitate any activity prohibited by the Acceptable Use Policy.

If Your Application integrates with the UAIIP attestation system, either by generating attestation proofs for registered AI systems or by verifying attestation proofs from third-party systems, you agree to implement the attestation protocol in strict accordance with the published UAIIP Attestation Specification (UAIIP-ATTEST-v1). You shall not modify, extend, or deviate from the attestation protocol in any way that could produce attestation proofs that are incompatible with the standard verification process or that could be mistaken for valid attestation proofs when they are not. You shall not forge, fabricate, or generate counterfeit attestation proofs. You shall not strip, modify, or remove valid attestation proofs from AI-generated outputs that pass through Your Application, unless the user who owns the registered AI system has explicitly authorized such removal. You shall present attestation verification results to your users accurately and without misrepresentation, clearly distinguishing between verified, unverified, expired, and revoked attestation statuses.

If Your Application incorporates zero-knowledge proof functionality, whether for age attestation through the deepage module, for jurisdiction verification, for capability attestation, or for any other purpose, you agree to implement the zero-knowledge circuits and verification logic in strict accordance with the published specifications. You shall not implement zero-knowledge proofs in a manner that could produce false positives (accepting invalid proofs as valid) or false negatives (rejecting valid proofs as invalid). You acknowledge that zero-knowledge proofs, by their cryptographic nature, are designed to reveal only the specific attribute being attested (such as “this user is 18+” or “this AI system is registered”) without revealing any underlying personal information, and you shall not attempt to extract, infer, or derive any information beyond the attested attribute from the zero-knowledge proof or its associated metadata.

If Your Application interacts with the UAIIP soulbound token smart contracts on the blockchain, you agree to interact with the smart contracts only through the published contract ABIs and addresses provided by Deep Identity Inc. You shall not deploy modified, forked, or counterfeit versions of the UAIIP smart contracts on any blockchain network. You shall not interact with the smart contracts in any manner not contemplated by their published interfaces. You acknowledge that blockchain transactions are irreversible and that Deep Identity Inc. cannot reverse, cancel, or modify any confirmed transaction. You are solely responsible for the gas fees and transaction costs associated with any blockchain transactions initiated by Your Application.

If Your Application mints soulbound tokens on behalf of users (through the registration API), you agree to clearly inform your users that the tokens are non-transferable by design, that the tokens will persist on the blockchain even if the user's getai.id account is terminated, and that the on-chain data associated with the tokens (ASID, VOC hash, fingerprint hash, capability classification) is publicly accessible. You shall obtain your users' informed consent before initiating any blockchain transaction on their behalf.

If Your Application collects, processes, or transmits personal information in connection with its integration with getai.id, you are solely responsible for complying with all applicable data protection laws, including GDPR, CCPA/CPRA, PIPEDA, and any other applicable legislation. You shall maintain a clear and accurate privacy policy that discloses your use of the getai.id APIs and SDKs, the types of data transmitted to and received from the getai.id platform, and how that data is used and protected. You shall obtain all necessary consents from your users before transmitting their information to the getai.id platform through the APIs. You shall not transmit to the getai.id APIs any personal information beyond what is required for the specific API function being called. You shall implement appropriate security measures to protect any data received from the getai.id APIs, including encryption in transit and at rest, access controls, and secure deletion when data is no longer needed.

You shall not use data obtained from the getai.id APIs for purposes other than those directly related to the functionality of Your Application as described in your developer account application. You shall not sell, rent, lease, or otherwise commercially exploit data obtained from the getai.id APIs. You shall not use data obtained from the getai.id APIs to train machine learning models, whether your own or third-party models, without the express written consent of Deep Identity Inc.

Deep Identity Inc. retains all right, title, and interest in and to the Developer Tools, including all APIs, SDKs, documentation, sample code, smart contracts, cryptographic protocols, and all related intellectual property. The license granted in Section 1 is the only right you receive under this Agreement with respect to the Developer Tools. You retain all right, title, and interest in Your Applications, excluding any Deep Identity Inc. intellectual property embedded therein through the SDK. If you provide feedback, suggestions, bug reports, or feature requests regarding the Developer Tools, you hereby assign all right, title, and interest in such feedback to Deep Identity Inc., and Deep Identity Inc. may use such feedback for any purpose without obligation or compensation to you.

You may use the getai.id name, logo, and brand marks in Your Application solely for the purpose of accurately indicating that Your Application integrates with the getai.id platform, subject to the getai.id Brand Guidelines (to be published on the developer portal). You shall not use the getai.id name, logo, or brand marks in any manner that suggests endorsement, sponsorship, or affiliation by Deep Identity Inc. unless you have received express written permission. You shall not register any trademark, domain name, or social media handle that is confusingly similar to “getai.id,” “UAIIP,” “deepidv,” or any other trademark of Deep Identity Inc.

You represent and warrant that you have the legal capacity and authority to enter into this Agreement, that Your Applications will comply with all applicable laws and regulations, that Your Applications will not infringe or violate any third-party intellectual property rights, and that you will use the Developer Tools only in accordance with this Agreement and the published documentation.

THE DEVELOPER TOOLS ARE PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. DEEP IDENTITY INC. DOES NOT WARRANT THAT THE DEVELOPER TOOLS WILL BE UNINTERRUPTED, ERROR-FREE, SECURE, OR FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS. DEEP IDENTITY INC. DOES NOT WARRANT THE ACCURACY, COMPLETENESS, OR RELIABILITY OF ANY DATA RETURNED BY THE APIS, INCLUDING REGISTRY DATA, ATTESTATION VERIFICATION RESULTS, OR FINGERPRINT MATCHING RESULTS. YOU USE THE DEVELOPER TOOLS AT YOUR OWN RISK AND ARE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR SYSTEMS OR LOSS OF DATA RESULTING FROM YOUR USE OF THE DEVELOPER TOOLS.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL DEEP IDENTITY INC. BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING DAMAGES FOR LOSS OF PROFITS, LOSS OF DATA, LOSS OF GOODWILL, BUSINESS INTERRUPTION, OR ANY OTHER INTANGIBLE LOSSES, ARISING OUT OF OR RELATED TO YOUR USE OF THE DEVELOPER TOOLS, WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR ANY OTHER LEGAL THEORY, EVEN IF DEEP IDENTITY INC. HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE TOTAL AGGREGATE LIABILITY OF DEEP IDENTITY INC. FOR ALL CLAIMS ARISING UNDER THIS AGREEMENT SHALL NOT EXCEED THE AMOUNTS YOU HAVE PAID TO DEEP IDENTITY INC. FOR USE OF THE DEVELOPER TOOLS IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM, OR ONE HUNDRED DOLLARS ($100.00 USD), WHICHEVER IS GREATER.

You agree to indemnify, defend, and hold harmless Deep Identity Inc. and its directors, officers, employees, agents, and affiliates from and against any and all claims, demands, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising out of or relating to Your Applications, your use of the Developer Tools, your violation of this Agreement, your violation of any applicable law, any claim that Your Applications infringe or violate any third-party right, or any data breach or security incident involving Your Applications that affects data obtained from or transmitted to the getai.id platform.

This Agreement is effective from the date you first access or use any Developer Tools and continues until terminated by either party. You may terminate this Agreement at any time by ceasing all use of the Developer Tools, deleting all copies of the SDKs from your systems, and closing your developer account. Deep Identity Inc. may terminate this Agreement and revoke your access to the Developer Tools at any time, with or without cause, by providing written notice to the email address associated with your developer account. Upon termination, you shall immediately cease all use of the Developer Tools, delete all copies of the SDKs from your systems, and cease making API calls to the getai.id endpoints. Termination does not relieve you of any obligations incurred prior to termination. Sections 8, 9, 10, 11, and 13 shall survive termination.

This Agreement shall be governed by and construed in accordance with the laws of the State of Delaware, United States of America, without regard to its conflict of law provisions. Any dispute arising out of or relating to this Agreement shall be resolved by binding arbitration administered by JAMS in New York, New York, in accordance with its Comprehensive Arbitration Rules, conducted by a single arbitrator in the English language. The arbitrator's decision shall be final and binding, and judgment upon the award may be entered in any court of competent jurisdiction. Each party shall bear its own costs, except that the prevailing party shall be entitled to recover its reasonable attorneys' fees. Each party irrevocably waives the right to trial by jury and the right to participate in a class action.

This Agreement, together with the Terms of Service, Privacy Policy, and Acceptable Use Policy, constitutes the entire agreement between you and Deep Identity Inc. with respect to the Developer Tools and supersedes all prior or contemporaneous agreements, understandings, and communications, whether written or oral. If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions shall continue in full force and effect, and the invalid provision shall be modified to the minimum extent necessary to make it enforceable while preserving the parties' intent. Deep Identity Inc.'s failure to enforce any provision of this Agreement shall not constitute a waiver of that provision or of any other provision. Deep Identity Inc. may assign this Agreement to any successor, acquirer, or affiliate without your consent. You may not assign this Agreement without Deep Identity Inc.'s prior written consent.

For questions about this Developer API License Agreement, developer support, API issues, or SDK bugs, contact us at developers@deepidv.com. For legal inquiries, contact legal@deepidv.com. Mailing address: Deep Identity Inc., 535 Mission Street, San Francisco, CA 94105, United States.