Skip to content
Last updated

API License Terms

These API License Terms govern the access and usage of JTL-APIs by Users and supplement the Applicable JTL General Terms and Conditions for the relationship between JTL and Users. In case of contradictions, these API License Terms take precedence over the Applicable General Terms and Conditions.

Definitions

    1. Capitalized terms have the meaning defined in JTL General Terms and Conditions. In case a definition in the JTL Customer General Terms and the JTL Third-Party Provider General Terms and Conditions differs, the definition in the Applicable JTL General Terms and Conditions takes precedence.

In addition, within the scope of these API License Terms the following definitions apply:

    1. JTL General Terms and Conditions” comprise JTL Customer General Terms and Conditions as well as JTL Third-Party Provider General Terms and Conditions.
    2. “Applicable JTL General Terms and Conditions” are, depending on the qualification of the specific User, either – in case the User is a customer of JTL (e.g. a merchant using JTL-Wawi, JTL-Shop etc.) – the JTL Customer General Terms and Conditions or – in case the User is a Third-Party Provider (e.g. the Operator of a marketplace integration) – the JTL Third-Party Provider General Terms and Conditions.
    3. “User” is a customer or a Third-Party Provider accessing a JTL-API.
    4. “JTL-API” is any application programing interface, including if applicable its associated tools and documentation, provided by JTL which allows Users to access certain JTL Customer Products or certain functionalities hereof in order to interconnect and exchange data with an Application; an overview of all current JTL-APIs can be found here.

d) “Application” means software application, website, interface or any other means provided or used by the User to access a JTL-API using API Credentials.

    1. “API Credentials” means the credentials that allow the User or Service to authenticate in order to send authorized requests to the respective JTL-API.
    2. “API Documentation” all documentation referring to specific JTL-API, including but not limited to (technical) descriptions, guidelines, tutorials, (GitHub) repositories etc.

Access / API Credentials

    1. In order to access a JTL-API, User must obtain API Credentials for the respective JTL-API. User shall keep its API Credentials secure and may not share them with any third parties without JTL's prior written consent, unless permitted in these API License Terms. Sharing API Credentials with internal personnel, contractors, and other vicarious agents (e.g. external developers) is only permitted on a need-to-know basis and if the User has ensured that those internal personnel, contractors, and vicarious agents are bound to these API License Terms.
    2. API Credentials are User’s sole means for an authorized access to a JTL-API, notwithstanding any additional technical access requirements specified in the respective API Documentation.
    3. User shall immediately notify JTL in the case of loss or unauthorized use of the API Credentials by third parties.
    4. JTL may revoke API Credentials without prior notice if there is any suspicion of unauthorized use.

License grant

JTL grants the User a non-exclusive, royalty-free, non-transferable, non-sublicensable, revocable right to access and use the JTL-API limited to the extend necessary to develop, implement and/or distribute User’s Application to interoperate or integrate with JTL Customer Products and solely in accordance with these API License Terms, the API Documentation and, if applicable, the special license terms of the respective JTL-API.

Usage restrictions

    1. User may not (and will ensure that its employees, contractors and other vicarious agents may not) access and use a JTL-API in violation of the API license grant under Section 3, especially for purposes other than those specified in the license scope, and/or in a manner that violates applicable law and/or the rights and freedoms of JTL or third parties like e.g. (other) JTL Customers or Third-Party Providers. In particular, it is prohibited to access and use JTL-APIs to substantially replicate existing JTL Customer Products, JTL Third-Party Provider Products, including JTL-APIs itself, as well as Third-Party Provider Products, unless explicitly authorized by JTL respectively the affected Third-Party Provider(s).
    2. The extend of access and use of JTL-APIs may be technically restricted to specific API call limits as specified in the respective API Documentation.

Data Protection

    1. Information processed when accessing and using a JTL-API, like e.g. names, contact information and transaction related data of JTL Customers’ customers may qualify as personal data respectively personal identifiable information under applicable privacy and data protection laws, in particular the GDPR in European Union.
    2. The User is obliged to comply with the applicable privacy and data protection laws and, if applicable, data processing agreements concerning the processing of personal data within the Application received from or forwarded to a JTL-API.
    3. In case the User is a Third-Party Provider, providing Third-Party Provider Products to JTL Customers or acting as subcontractor of such Third-Party Provider, JTL does not act as a data (sub-)processor on behalf of the such User when processing personal data received from such User’s Application via a JTL-API. Such processing of JTL Customers’ personal data by JTL is rather covered by the data processing agreement between JTL and JTL Customers. If required by applicable privacy and data protection law, such User itself may be obliged to enter into a separate data processing agreement with the respective JTL Customers (as the data controllers) regarding the processing of such personal data within User’s Application before and after the exchange via the JTL-API.
    4. In case the User is a Third-Party Provider engaged by JTL to develop, operate and/or maintain a JTL Customer Product for which access and usage of a JTL-API is necessary, such User acts as a data processor of JTL for the processing of JTL Customers’ personal data to and from the respective JTL-API and shall enter into a data processing agreement with JTL.

Availability and modifications

    1. Unless otherwise specified in the API Documentation and/or, if applicable, the specific license terms of the respective JTL-API or a JTL Third-Party Provider Product where the respective JTL-API is integral part of, JTL does neither warrant nor guarantee any specific availability, restoration and/or continuation of a JTL-API and/or its technical specifications and features towards a User.
    2. JTL may modify the JTL-APIs, its databases, any service, or any of the benefits and/or features provided in connection with the use of the JTL-APIs at any time at its reasonable discretion. Modifications may affect the Application and may require the User to make changes to the Application at their own cost to continue to be compatible with or interface with the respective JTL-API.

c) JTL will undertake to inform the User in a timely manner, at least 1 month prior to any modification. In case of modifications which cause breaking changes in a JTL-API, i.e. a change that will require User to amend the Application to prevent disruptions, JTL will undertake to inform the User at least 3 months prior to any of such modifications. If modifications, including those causing breaking changes, are necessary (i) to avert sudden serious errors/malfunctions, (ii) to be able to implement the necessary remedial measures in response to a data/security/cyber incident or (iii) to be able to react to circumstances outside the area of control and responsibility of JTL, like e.g. short-term technical modifications from JTL partners (e.g. connected marketplaces), JTL may implement the corresponding modifications – in deviation from the aforementioned provisions – with less prior or even without notice. In the latter case JTL will notify the User without undue delay after the implementation of such modifications.

Monitoring of the API

    1. JTL may monitor and audit any Application interacting with a JTL-API. Monitoring by JTL includes Application interactions such as JTL-API endpoints being consumed, error rates, amount and frequency of requests/calls.
    2. At JTL's request, the User will provide JTL free sufficient access to the Application for the strict purpose of monitoring or auditing procedures / events.
    3. The User will not seek to block or otherwise interfere with the monitoring or audit, and JTL may use technical means to overcome any methods the User may use to block or interfere with such monitoring. Audits may include requests for documents and information.
    4. In case the User is a Third-Party Provider, the User must be in the possession of an emergency plan in case of a data breach (incident response plan for privacy and security breaches) or an operational disruption (incident response plan for operational disruptions); a copy of each plan must be provided to JTL for the purpose of carrying out an audit.

Blocking and other measures to restrict API access

    1. lf there are any indications that a JTL-API is being accessed and used by the User in violation of these API License Terms, the API Documentation and/or, if applicable, the specific license of the respective JTL-API or in a manner that the stability, security and integrity of JTL Customers Products, JTL Third-Party Provider Products and/or Third-Party Provider Products, including the technical infrastructure used and data processed herein, is compromised or endangered, JTL shall be entitled to implement immediate adequate measures without previous warning to stop and prevent this access and use of the respective JTL-API. For this purpose, JTL shall in particular be entitled to either temporarily or permanently revoke User’s access to the respective JTL-API.
    2. The decision on the appropriate remedial measure(s) in the specific case is at the sole reasonable discretion of JTL. JTL will take into account in particular the nature and extent of the violation respectively the hazardous use, its (potential) effects and the legitimate interest of the User in maintaining access to the respective JTL-API. The automatic (temporarily) blocking of access to a JTL-API to enforce the applicable API call limits pursuant section 4. b) (“rate limiting”) remains unaffected by thereof.
    3. JTL shall use its best efforts to inform the User prior to the remedial measures to be taken. If a prior information is not possible or suitable for urgent reasons, JTL may implement remedial measures even without previous information or warning. JTL shall in this case without undue delay notify the User after such measures have been applied to User’s access and use of the JTL-API with the aim to create User awareness and, if necessary, collaboratively solve the problem and restore full operating status.
    4. There is no entitlement to restoration of a blocked account, except if the allegations turn out to be wrong or – in case of automatic rate limiting – after expiry of the period to which the exhausted API call limit related.

User’s liability, indemnification

    1. User shall be liable to JTL for any damages resulting from User’s access to the relevant JTL-API that does not comply with these API License Terms, the API Documentation and/or, if applicable, the specific license terms of the respective JTL-API, unless User can prove that he/she is not responsible for the non-compliant usage of the JTL-API.
    2. User shall indemnify JTL upon first demand from any liability claims raised by JTL Customers or other third parties if the User's non-compliance described in lit. a) above has resulted in JTL being unable to fulfill its contractual obligations (e.g. with regard to the availability of certain JTL Customer Products or certain functionalities hereof) towards JTL Customers.

Amendments to these API License Terms

JTL reserves the right to change these API License Terms. The provisions of § 5 of the Third-Party Terms and Conditions apply accordingly.

Final provisions

    1. These API License Terms shall be governed by the Laws of the Federal Republic of Germany. The UN Convention on International Sale of Goods (CISG) shall not apply.

b) The place of jurisdiction for all disputes arising from this agreement is the court of JTL’s business location if the User is a merchant, legal entity governed by public law or special fund. The same shall apply if neither the domicile nor the habitual place of residence of the user is known at the time the action is filed.