API Terms of Use

Last updated: December 13, 2025

These terms govern your use of the MIR API as a partner. By using the API, you agree to these terms and commit to using reputation data ethically and in accordance with user privacy expectations.

1. Definitions

"MIR" refers to My Internet Reputation, operated by phpMyDEV, LLC.

"Partner" refers to any organization or individual approved to use the MIR API.

"User" refers to individuals whose reputation data is stored in the MIR system.

"Reputation Signals" refers to verified events and data points associated with a user.

"API" refers to the MIR application programming interface and related services.

2. API Access

2.1 Registration

To use the API, you must register as a partner and receive approval. Registration requires accurate information about your organization and intended use case.

2.2 API Keys

Your API key is confidential. You must:

Keep your API key secure and never share it publicly
Not embed API keys in client-side code or public repositories
Immediately notify MIR if your key is compromised
Use only one active API key per approved application

2.3 Rate Limits

API access is subject to rate limits based on your partner tier. Default limits are 1,000 requests per hour. Exceeding limits may result in temporary throttling or suspension.

3. Acceptable Use

Core Principle: MIR provides signals, not verdicts. You remain fully responsible for your own decisions. Reputation data should inform, not replace, your judgment.

3.1 Permitted Uses

Querying reputation signals to inform trust decisions on your platform
Submitting verified events that occurred on your platform
Displaying reputation information to users about themselves
Using aggregated, anonymized data for analytics

3.2 Prohibited Uses

You must NOT use the API to:

Automatically deny service based solely on MIR history data
Share or sell reputation data to third parties
Build shadow profiles or track users without their knowledge
Discriminate based on protected characteristics
Harass, stalk, or harm individuals
Submit false, misleading, or unverified events
Circumvent rate limits or access controls
Reverse engineer scoring algorithms
Aggregate data to re-identify anonymized users
Use reputation data for purposes unrelated to your approved use case

4. Data Handling

4.1 Privacy Obligations

When handling reputation data, you must:

Comply with all applicable privacy laws (GDPR, CCPA, etc.)
Collect only data necessary for your stated purpose
Delete cached reputation data within 24 hours
Honor user deletion requests promptly
Maintain appropriate security measures

4.2 Event Submission Standards

Events you submit to MIR must be:

Accurate: Based on verified, factual occurrences
Relevant: Related to trust and reputation
Timely: Submitted within 30 days of occurrence
Complete: Including required metadata

Important: Submitting false or misleading events is grounds for immediate termination and may result in legal action.

4.3 Data Retention

You may cache reputation query results for up to 24 hours. Longer retention requires explicit user consent. You must delete all MIR data upon termination of your partnership.

5. User Rights

MIR users have fundamental rights that you must respect:

Transparency: Users can see what signals exist about them
Dispute: Users can challenge inaccurate information
Export: Users can download their data
Deletion: Users can request account deletion

If a user disputes an event you submitted, you must respond to MIR's inquiry within 7 business days with supporting documentation.

6. Security Requirements

You must implement reasonable security measures including:

Encrypted transmission (HTTPS/TLS 1.2+)
Secure storage of any cached data
Access controls limiting who can query the API
Logging and monitoring for unauthorized access
Incident response procedures

You must notify MIR within 48 hours of discovering any security incident involving MIR data.

7. Service Availability

MIR strives for high availability but does not guarantee uninterrupted service. We may:

Perform scheduled maintenance with advance notice
Implement emergency changes without notice
Modify API endpoints with reasonable deprecation periods
Suspend access for investigation of policy violations

8. Termination

8.1 By You

You may terminate your partnership at any time by discontinuing API use and notifying MIR. You must delete all cached MIR data upon termination.

8.2 By MIR

We may suspend or terminate your access:

Immediately for serious violations (fraud, abuse, security incidents)
With 30 days notice for other policy violations
With 90 days notice for business reasons

9. Liability

MIR provides reputation signals "as is" without warranty. We are not liable for:

Decisions you make based on reputation data
Inaccurate information submitted by other partners
Service interruptions or data loss
Indirect, consequential, or punitive damages

Your use of MIR data is at your own risk. You agree to indemnify MIR against claims arising from your use of the API.

10. Changes to Terms

We may update these terms with notice. Continued use after changes take effect constitutes acceptance. Material changes will be communicated via email to registered partners.

11. Contact

For questions about these terms:

Email: hello@myinternetreputation.org
Contact form: /contact

Summary: Use the API honestly. Protect user privacy. Don't make automated decisions based solely on history data. Respect user rights. Keep data secure. When in doubt, ask.