Skip to main content

API Terms of Service

Terms and conditions for accessing and using Tutcart's Application Programming Interface (API).

RESTful API

OAuth 2.0

Rate Limited

Last updated: December 2025 | API Version: v1

1. Introduction

These API Terms of Service ("API Terms") govern your access to and use of the Tutcart API provided by ROFL Technologies Private Limited ("Tutcart," "we," "us"). By accessing or using our API, you agree to these API Terms, our main Terms of Service, and Privacy Policy.

API Overview

The Tutcart API enables authorized partners and developers to integrate with our platform, access certain data, and build applications that enhance the Tutcart experience. API access is granted at Tutcart's sole discretion.

2. API Access & Keys

Obtaining API Access

  1. Apply through our Developer Portal
  2. Describe your intended use case
  3. Agree to these API Terms
  4. Await approval (5-10 business days)
  5. Receive API credentials upon approval

🔐 API Key Security

  • NEVER share API keys publicly or in client-side code
  • NEVER commit API keys to version control
  • Store keys securely using environment variables or secret managers
  • Rotate keys immediately if compromised
  • You are responsible for all activity under your API keys

3. Usage Limits & Rate Limiting

📊 Rate Limits

Free Tier:100 requests/hour, 1,000/day
Basic Tier:1,000 requests/hour, 10,000/day
Pro Tier:10,000 requests/hour, 100,000/day
Enterprise:Custom limits

Rate Limit Headers

API responses include headers: X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset. Exceeding limits returns HTTP 429.

4. Authentication

Supported Authentication Methods

  • API Key: For server-to-server requests (Header: X-API-Key)
  • OAuth 2.0: For user-authorized access (Authorization Code flow)
  • JWT Tokens: For authenticated sessions

All API requests must be made over HTTPS. HTTP requests will be rejected.

5. Permitted Use

You May Use the API To:

  • Build applications that integrate with Tutcart
  • Access your own account data
  • Access user data with proper OAuth consent
  • Automate workflows within your organization
  • Build educational tools that complement Tutcart
  • Create analytics and reporting dashboards

6. Prohibited Use

🚫 STRICTLY PROHIBITED

  • Scraping: Bulk data extraction beyond API limits
  • Circumvention: Bypassing rate limits or access controls
  • Reselling: Selling API access or data to third parties
  • Competing Services: Building direct competitors using our API
  • Malicious Use: Attacks, spam, or harmful applications
  • Privacy Violations: Accessing data without proper consent
  • Reverse Engineering: Decompiling or reverse engineering the API
  • Misrepresentation: Implying official Tutcart endorsement

7. Data Handling & Privacy

Your Obligations

  • Comply with DPDP Act 2023, GDPR, and applicable privacy laws
  • Obtain proper user consent before accessing their data
  • Implement appropriate security measures
  • Delete user data upon request or consent withdrawal
  • Maintain a privacy policy disclosing data practices

Data Retention

Cache API data for no longer than 24 hours unless explicitly permitted. Do not store sensitive data (passwords, payment info) retrieved via API. Delete all data upon termination of API access.

8. Intellectual Property

Ownership

Tutcart retains all rights to the API, documentation, and data. You retain rights to your applications. You grant Tutcart a license to use your app name/logo for promotional purposes. "Powered by Tutcart" attribution may be required.

9. Service Level Agreement

Uptime Commitment

  • Free/Basic Tier: No SLA guarantee
  • Pro Tier: 99.5% monthly uptime
  • Enterprise: 99.9% monthly uptime with credits

Exclusions

SLA excludes: scheduled maintenance (announced 48 hours in advance), force majeure events, issues caused by your application, and third-party service outages.

10. Fees & Billing

Pricing

API access may be free or paid depending on your tier:

  • Free Tier: Limited requests, no cost
  • Paid Tiers: Monthly subscription or pay-per-request
  • Overage: Additional charges for exceeding limits

Fees are billed monthly. All fees are non-refundable. Prices may change with 30 days' notice.

11. Security Requirements

Mandatory Security Measures

  • Use HTTPS for all API communications
  • Implement proper authentication and authorization
  • Encrypt sensitive data at rest and in transit
  • Conduct regular security audits
  • Report security vulnerabilities to [email protected]
  • Notify us within 24 hours of any data breach

12. Termination

Termination by You

You may stop using the API at any time. Delete all cached data and revoke API keys upon termination.

Termination by Tutcart

We may suspend or terminate API access immediately for: policy violations, security concerns, abuse, non-payment, or at our discretion with 30 days' notice.

13. Limitation of Liability

THE API IS PROVIDED "AS IS" WITHOUT WARRANTIES. TUTCART IS NOT LIABLE FOR: API DOWNTIME, DATA LOSS, INTEGRATION FAILURES, OR DAMAGES ARISING FROM API USE. OUR TOTAL LIABILITY IS LIMITED TO FEES PAID IN THE PRECEDING 12 MONTHS. YOU INDEMNIFY TUTCART AGAINST CLAIMS ARISING FROM YOUR API USE.

14. API Changes & Versioning

Change Policy

  • Breaking Changes: 90 days' notice with migration guide
  • Deprecations: 6 months' notice before removal
  • New Features: Announced via changelog and email
  • Emergency Changes: May be immediate for security issues

Subscribe to our developer newsletter for API updates.

15. Contact

Developer Support

Email: [email protected]

Developer Portal: developers.tutcart.com

Documentation: docs.tutcart.com

Security: [email protected]

Terms of Service →Privacy Policy →