API Usage Agreement

1. Agreement Scope

This API Usage Agreement governs your use of the PithToken API and defines the rights, responsibilities, and limitations for accessing our prompt optimization service. This agreement supplements our Terms of Service and Privacy Policy.

By obtaining and using a PithToken API key, you agree to comply with all provisions of this agreement.

2. API Key Ownership and Non-Transferability

Your PithToken API key is:

Personal and Non-Transferable: Your API key is issued exclusively to you and your account. You may not sell, share, transfer, or allow others to use your key.
Confidential: Treat your API key with the same care you would sensitive passwords. Never share it in public code repositories, forums, or with untrusted parties.
Single-Account Access: Each API key grants access only to the associated PithToken account and its resources.
Revocable: PithToken reserves the right to revoke or regenerate API keys at any time, particularly for security or abuse reasons.

                Responsibility: You are fully responsible for all activity conducted using your API key. If you believe your key has been compromised, regenerate it immediately through your account dashboard.
            

3. Rate Limits and Quotas

PithToken enforces rate limits based on your subscription tier to ensure fair resource allocation and service stability.

Free Tier

100 requests/day

1 request/second

1M tokens/month

No SLA

Pro Tier

Unlimited requests/day

100 requests/second

Unlimited tokens

99.5% uptime

Exceeding Limits: Requests exceeding your tier's rate limits will receive HTTP 429 (Too Many Requests) responses. Persistent abuse may result in temporary or permanent rate limiting.

Burst Allowance: We permit brief bursts slightly above your stated limits, but sustained excess traffic may trigger automatic throttling.

4. Prohibited Uses

You agree not to use the PithToken API for:

Reverse Engineering: Attempting to reverse engineer, decompile, disassemble, or derive the source code of our optimization algorithms
Competitive Products: Building, training, or improving competing prompt optimization services using PithToken's optimization techniques
Unauthorized Access: Accessing or attempting to access the API using another user's credentials or API key
Automated Scraping: Using automated tools to extract data, optimize algorithms, or bypass rate limits (beyond legitimate application use)
Malware and Abuse: Transmitting malware, viruses, spam, or content designed to disrupt or compromise PithToken's infrastructure
Illegal Content: Sending prompts or content that violates applicable laws, intellectual property rights, or third-party rights
Reselling: Reselling PithToken's optimization service without explicit written authorization
Testing and Probing: Security testing, penetration testing, or vulnerability scanning without prior written authorization

Violation of these restrictions may result in immediate API key suspension, account termination, and potential legal action.

5. Fair Use Policy

PithToken's fair use policy ensures equitable service for all users:

Resource Consumption: Do not consume excessive computational resources that impact other users' experience
Batch Processing: Large batch jobs should be executed during off-peak hours when possible
Reasonable Usage: Use the API in a manner consistent with its stated purpose (prompt optimization for language models)
No Hoarding: Do not accumulate or cache optimization results to circumvent token limits

We monitor usage patterns and may throttle accounts engaged in resource hoarding or abuse without explicit notice if necessary to protect service availability.

6. Service Modifications and Improvements

PithToken reserves the right to:

Enhance Algorithms: Improve or modify the optimization algorithms to deliver better results
Change Parameters: Alter optimization parameters, settings, or behavior without advance notice (except for breaking changes)
Update API Endpoints: Modify API endpoints or request/response structures as needed
Feature Additions: Add new features, fields, or capabilities to the service
Deprecation: Discontinue less-used features or endpoints

Breaking Changes: Material breaking changes to API endpoints or response formats will be announced at least 30 days in advance with migration guidance.

7. Uptime and Service Level Agreement

Free Tier: No uptime guarantee or service level agreement. The service is provided on a best-effort basis.

Pro Tier: PithToken targets 99.5% uptime for the API endpoint, calculated monthly. This is an aspirational target, not a guaranteed service level.

No Warranty: Even for Pro tier users, we provide no warranty that the service will be uninterrupted, error-free, or always available. We do not guarantee specific response times or optimization quality.

Scheduled Maintenance: PithToken may perform maintenance, updates, or improvements that temporarily affect service availability. We will attempt to schedule maintenance during low-traffic periods and announce significant maintenance in advance.

8. API Versioning and Deprecation

Versioning: PithToken API versions are indicated in the URL path (e.g., /api/v1/optimize).

Backward Compatibility: Within a major version, we maintain backward compatibility for existing endpoints and response fields. New fields may be added without notice.

Major Version Changes: When transitioning to a new major version (e.g., v1 to v2), we will:

Announce the change at least 30 days in advance
Provide documentation for migration
Support the legacy version for at least 6 months alongside the new version

Sunset Policy: Deprecated API versions will be retired after the announced sunset date. At that time, requests to deprecated endpoints will fail with HTTP 410 (Gone).

9. Intellectual Property Rights

PithToken IP: All intellectual property related to the PithToken platform, including optimization algorithms, methodologies, code, documentation, and service infrastructure, is owned exclusively by PithToken Ltd.

Your Content: You retain all intellectual property rights to the prompts, ideas, and content you send through PithToken. PithToken does not claim ownership of your prompts or any generated outputs.

Optimization Techniques: You may not extract, use, or replicate PithToken's optimization techniques for purposes outside the scope of using the API service.

License Grant: We grant you a limited, non-exclusive, revocable license to use the PithToken API solely for lawful, non-commercial or authorized commercial purposes consistent with this agreement.

10. Request and Response Logging

Metadata Logging: PithToken logs request metadata including timestamps, token counts, model selection, latency, and cost savings for analytics, billing, and abuse prevention.

Prompt Content: The actual prompt text is NOT logged or retained by PithToken (though it is forwarded to your chosen provider per your API key).

Retention: Metadata logs are retained for 90 days, after which they are automatically deleted unless required for legal compliance.

11. Error Handling

PithToken returns standard HTTP status codes and error messages:

200 OK: Request processed successfully
400 Bad Request: Invalid request parameters or malformed prompt
401 Unauthorized: Invalid or missing API key
403 Forbidden: API key lacks required permissions
429 Too Many Requests: Rate limit exceeded
500 Internal Server Error: Server error on PithToken's infrastructure
502/503 Bad Gateway/Service Unavailable: Temporary service disruption or maintenance

Always implement appropriate error handling and retry logic (with exponential backoff) in your client applications.

12. Third-Party Provider Dependencies

PithToken's service depends on the availability and functionality of third-party language model providers:

OpenAI API
Anthropic API
OpenRouter API

If a third-party provider experiences an outage or changes their API, PithToken's functionality may be impacted. We are not responsible for third-party provider availability, changes, or service disruptions. You remain responsible for maintaining your own API keys and understanding each provider's terms.

13. Monitoring and Abuse Detection

PithToken monitors API activity for:

Unusual traffic patterns or anomalies
Potential security threats or unauthorized access attempts
Violation of this agreement or our Terms of Service
Resource hoarding or unfair usage

If suspicious activity is detected, we may:

Temporarily throttle or block requests from your API key
Suspend your API access pending investigation
Require verification of your identity and intended use
Permanently terminate your API key and account

14. API Security

HTTPS Required: All API requests must be made over HTTPS. Unencrypted HTTP requests will be rejected.

Authentication: Include your API key in the Authorization header as a Bearer token:

Authorization: Bearer your_api_key_here
            

Never: Embed API keys in client-side code, version control systems, or public repositories. Use secure environment variables and secret management systems.

15. Testing and Sandbox Environments

PithToken does not provide a separate sandbox or testing environment. All API requests count toward your rate limits and usage quotas, even if you're testing or developing integrations.

To minimize costs during development, use the Free tier or implement request throttling in your client application.

16. Compliance and Regulatory Obligations

You are responsible for ensuring your use of PithToken complies with:

Applicable data protection and privacy laws (GDPR, UK DPA, etc.)
Content regulations in your jurisdiction
Your own organization's policies and terms of service
Third-party provider terms (OpenAI, Anthropic, OpenRouter)

PithToken is not responsible for your compliance with these regulations. If you process personal data through PithToken, you must comply with GDPR and implement appropriate safeguards.

17. Limitation of Liability

To the maximum extent permitted by law, PithToken and its directors, officers, and employees are not liable for:

Any indirect, incidental, special, or consequential damages
Loss of profits, revenue, data, or business opportunities
Damages from service interruptions or third-party provider failures
Unauthorized access or data breaches (except where caused by our gross negligence)

Our total liability is limited to the amount you have paid to PithToken in the 12 months preceding the claim.

18. Termination

PithToken may suspend or terminate your API access at any time if:

You violate this API Usage Agreement
Your account has been inactive for an extended period
We detect abuse or unauthorized use
It is necessary for legal or operational reasons

Upon termination, your API key becomes invalid immediately, and all requests will be rejected.

19. Support and Documentation

PithToken provides API documentation at our developer portal. Support is available via email at [email protected].

Response Times: We aim to respond to support inquiries within 48 hours, but support is provided on a best-effort basis. Critical security issues should be reported to [email protected].

20. Entire Agreement

This API Usage Agreement, together with the Terms of Service and Privacy Policy, constitutes the entire agreement between you and PithToken regarding the API and supersedes all prior agreements and understandings.

21. Governing Law and Disputes

This agreement is governed by the laws of England and Wales. Any disputes shall be resolved in the exclusive jurisdiction of the English courts.

22. Contact Information

For questions about this API Usage Agreement or to report violations:

Email: [email protected]

Security Issues: [email protected]

Company: PithToken Ltd
Location: London, UK