API Terms of Use

Effective Date: April 25, 2026

These API Terms of Use ("API Terms") supplement the CGG Enterprise Trust API Terms of Service and govern your use of the CGG application programming interface ("API"). By making API calls or using any CGG SDK, you agree to these API Terms in addition to the general Terms of Service.

1. API Access and Authentication

Access to the API requires a valid API key issued by CGG. Sandbox keys are self-serve via the POST /api/v1/keys/sandbox endpoint. Production keys require a signed Order Form and admin issuance via the Item #4 admin flow; production key issuance is currently gated and not yet generally available. Each API key is bound to a single account and may not be shared, transferred, sold, or sublicensed to any third party without CGG's prior written consent. You are solely responsible for all activity that occurs using your API key. If you suspect your API key has been compromised, you must revoke and rotate it immediately and notify CGG at support@cleargarment.com.

2. Available Endpoints

The CGG Enterprise Trust API currently exposes the following endpoint:

  • POST /api/v1/verify — Identity verification with cryptographic provenance, trust scoring, and risk signal detection

Sandbox key issuance and service health utilities are available at POST /api/v1/keys/sandbox and GET /api/v1/health. Additional verification endpoints will be added under separately executed Order Forms with reasonable notice. Breaking changes to existing endpoints will be communicated at least 90 days in advance.

3. Rate Limits and Quotas

Each subscription tier includes a monthly API call allocation. Calls exceeding the included allocation are billed at the applicable overage rate for your tier. CGG monitors API usage and reserves the right to throttle or restrict access for excessive usage patterns. Specific rate-limit thresholds are not currently published; thresholds will be published when activated. Customers should design clients to handle HTTP 429 responses if returned. Sustained or abusive usage patterns may result in temporary or permanent suspension of API access.

4. Request and Response Format

All API requests must be made over HTTPS. Requests submitted over unencrypted HTTP will be rejected. Request bodies must use JSON format with UTF-8 encoding. The API returns structured JSON responses including status, confidence scores (where applicable), audit reference identifiers, and timestamps. Error responses include machine-readable error codes and human-readable descriptions.

5. Data Handling

Data submitted through the API is processed in real time to provide the requested verification service. CGG does not retain the raw payload data beyond what is necessary to complete the transaction. Personal data is deleted or de-identified within 30 days after termination where legally required or contractually applicable. De-identified or aggregated operational metadata (timestamp, response status, pseudonymized identifiers, latency) may be retained for up to 12 months for security, audit, abuse prevention, and service reliability. You are responsible for ensuring that any data you submit through the API has been collected and is being processed in compliance with applicable data protection laws.

6. Prohibited Uses

In addition to the restrictions in the general Terms of Service, you shall not:

  • Use the API to process fabricated, synthetic, or intentionally misleading data for purposes other than authorized testing in a sandbox environment
  • Scrape, index, or cache API responses for the purpose of building a competing verification service
  • Proxy, resell, or redistribute API access without a valid partnership or reseller agreement with CGG
  • Submit API requests that contain malicious payloads, SQL injection attempts, or other attack vectors
  • Use the API in any manner that could damage, disable, overburden, or impair CGG's infrastructure
  • Attempt to bypass authentication, authorization, or rate limiting mechanisms

7. Sandbox and Testing

CGG provides a sandbox environment for development and testing purposes. Sandbox API calls do not count against your production allocation and return simulated responses. You must not submit real personal data or production records to the sandbox environment. Sandbox access is subject to the same authentication and acceptable use requirements as production access.

8. SDKs and Client Libraries

CGG may provide official SDKs and client libraries for common programming languages. These are provided on an "as is" basis and are subject to their respective open-source licenses. CGG does not guarantee compatibility with every runtime environment or framework version. Community-maintained client libraries are not endorsed or supported by CGG.

9. Versioning and Deprecation

The API uses URL-based versioning (e.g., /v1/). When a new version is released, the previous version will be supported for a minimum of 12 months from the date the new version becomes generally available. Deprecation notices will be communicated via email and published in the API documentation. CGG will provide migration guides for breaking changes between major versions.

10. Uptime and Availability

CGG targets high availability for the API as specified in your subscription tier documentation. Uptime targets are stated goals and not contractual guarantees unless a separate Service Level Agreement has been executed. Scheduled maintenance windows will be communicated at least 72 hours in advance. Emergency maintenance may be performed without advance notice when necessary to protect platform integrity or security.

11. Webhooks

Certain subscription tiers include access to verification result webhooks. Webhook endpoints provided by you must be accessible over HTTPS and must respond with a 2xx status code within 10 seconds. CGG retries failed webhook deliveries with exponential backoff. Specific retry windows are defined per subscription tier and Order Form. You are responsible for verifying webhook signatures to confirm authenticity.

12. Support

API support response times vary by subscription tier. Technical support for API integration issues is available via email at support@cleargarment.com. API documentation, guides, and reference material are available through the Platform. Enterprise customers receive dedicated support channels as specified in their agreement.

13. Changes to These API Terms

CGG may update these API Terms from time to time. Material changes will be communicated via the email address associated with your account at least 30 days before they take effect. Continued use of the API after the effective date of any modification constitutes acceptance of the updated API Terms.

14. Contact

For questions about these API Terms, contact us at:

Operator: Clear Garment Group LLC, a Virginia limited liability company
Registered agent (address for legal notices and service of process):
c/o Registered Agents Inc.
4445 Corporation Ln, Ste 264
Virginia Beach, VA 23462
United States
Contact: support@cleargarment.com