IgorBox
IgorBox
← All Legal Documents

API Terms of Use

Effective Date: June 1, 2026

These API Terms of Use ("API Terms") govern your access to and use of the application programming interfaces, developer endpoints, webhooks, SDKs, sample code, and related developer documentation (collectively, the "API") made available by Rising Orchards LLC d/b/a IgorBox ("Company," "we," "our," "us") as part of the IgorBox Studio platform.

These API Terms are an addendum to, and incorporate by reference, the Terms and Conditions (the "Main Terms"). Capitalized terms used but not defined in these API Terms have the meanings given in the Main Terms. In the event of any conflict between these API Terms and the Main Terms with respect to your use of the API, these API Terms control.

By generating, requesting, or using API Credentials, or by making any call to the API, you agree to these API Terms. If you do not agree, do not use the API.

1. Definitions

  • "API Credentials" means any access tokens, API keys, client secrets, OAuth tokens, signing keys, or other authentication material we issue to you or your account for access to the API.
  • "API Client" means any software, script, integration, or system that makes calls to the API using your API Credentials.
  • "Application" means any product, service, integration, plug-in, or other software you develop, deploy, or operate that uses the API, whether for your own internal use or for use by End Users.
  • "Customer Content" means data and content you or your End Users submit to the IgorBox Studio platform through the API, including show data, timelines, fixture configurations, device configurations, and account information.
  • "End User" means any individual or entity (other than you) who uses your Application or accesses functionality you expose through the API.
  • "IgorBox Studio" means the IgorBox cloud platform, hosted software, and associated services through which the API is made available, which form part of the "Services" as defined in the Main Terms.
  • "Rate Limits" means the quantitative limits we apply to API access, including requests per second, requests per period, concurrent connections, payload sizes, and any other metered dimensions.
  • "Service Data" means metadata generated by API use, including request logs, timing data, error rates, IP addresses, User-Agent strings, and other operational telemetry.

2. Eligibility and Scope of Access

2.1 Subscription Requirement — API access requires an active, paid IgorBox Studio subscription in good standing on a plan that includes API access. Access automatically terminates if your subscription lapses, is suspended, downgraded to a tier without API access, or terminated.

2.2 License Grant — Subject to your continuous compliance with these API Terms and the Main Terms, we grant you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license during the term of your subscription to access and use the API solely to:

  • (a) operate IgorBox hardware, software, and accounts that belong to you or that you have been authorized to manage; and

  • (b) build and operate Applications that interoperate with the IgorBox Studio platform on behalf of yourself or your End Users.

    2.3 Reservation of Rights — All rights not expressly granted in these API Terms are reserved by Rising Orchards LLC. No license is granted by implication, estoppel, or otherwise. The API, all endpoints, schemas, protocols, response structures, and supporting documentation are and remain our intellectual property.

3. API Credentials

3.1 Issuance and Security — API Credentials are issued to and for the use of a single account or organization. You must keep API Credentials secret, store them securely (encrypted at rest, not committed to source control, not embedded in publicly distributed client-side code), and use industry-standard practices to protect them from disclosure.

3.2 No Sharing — You may not share, sell, sublicense, lease, or otherwise transfer API Credentials to any third party, including affiliates, contractors, or other users of your Application, unless we have provided a documented mechanism for doing so (such as OAuth on behalf of an End User).

3.3 Responsibility for Activity — You are responsible for all activity that occurs under your API Credentials, whether authorized by you or not, until you notify us of compromise and we have had a reasonable opportunity to revoke the credentials.

3.4 Compromise Notification — You must notify us immediately at security@igorbox.com if you know or reasonably suspect that any API Credential has been disclosed, lost, or compromised.

3.5 Rotation and Revocation — We may rotate, revoke, expire, or invalidate API Credentials at any time, with or without notice, for security, abuse, billing, or operational reasons.

4. Rate Limits, Metering, and Quotas

4.1 Limits Apply — API access is metered and subject to Rate Limits and quotas that vary by subscription tier. Current Rate Limits and metering definitions are published in our developer documentation and may be updated from time to time.

4.2 Enforcement — We may throttle, queue, delay, or reject API requests that exceed Rate Limits or quotas. You are responsible for handling rate-limit responses gracefully (including respecting Retry-After headers and implementing exponential backoff).

4.3 No Circumvention — You may not attempt to circumvent Rate Limits or quotas by any means, including but not limited to:

  • creating multiple accounts or sub-accounts to multiply quotas;

  • distributing API calls across multiple sets of API Credentials owned or controlled by you or related parties;

  • rotating IP addresses or User-Agent strings to evade detection;

  • masking the volume or nature of your traffic;

  • coordinating with other API users to share quota; or

  • any other technique designed to obtain access beyond what your subscription tier permits.

    4.4 Caching and Efficiency — You must design your API Client to use the API efficiently. This includes respecting cache headers, avoiding unnecessary polling for data that changes infrequently, using webhook subscriptions or change feeds where provided in lieu of polling, and avoiding requests for data you do not need.

    4.5 Overage Charges — Where overage pricing is published for your subscription tier, calls in excess of included quota may be billed at the published rate. We may suspend API access if overage charges exceed reasonable limits; except in cases of suspected abuse, we will notify the contact on your account before suspending access on this basis.

5. Acceptable Use

5.1 General Prohibitions — In addition to the restrictions in the Main Terms, you may not, and may not permit any End User or third party to:

  • (a) Reverse engineer. Use the API, its responses, or its behavior to reverse engineer, decompile, disassemble, or attempt to derive the source code, internal data models, proprietary algorithms, firmware, hardware protocols, or trade secrets of any IgorBox product or service.

  • (b) Build a competing product. Use the API, the data returned by it, or any insight gained from observing it, to design, develop, train, or operate any product or service that competes with IgorBox Studio, IgorBox hardware, or any IgorBox cloud service.

  • (c) Train AI/ML models. Use API responses or Customer Content obtained through the API to train, fine-tune, evaluate, or improve any machine learning model, large language model, or AI system, except for models used solely within your own Application to serve your own End Users in connection with the IgorBox platform.

  • (d) Scrape or harvest. Bulk-extract, scrape, mirror, archive, or otherwise harvest data from the API beyond what is reasonably necessary to operate your Application for its documented purpose. The API is not a data export channel except where we have documented an endpoint as such.

  • (e) Access other users' data. Attempt to access, view, infer, or interact with accounts, devices, Customer Content, or API Credentials belonging to any other IgorBox customer or End User without their authorization.

  • (f) Automate account creation. Use the API to create user accounts, devices, or other resources programmatically except through endpoints we have documented for that purpose.

  • (g) Send unsolicited communications. Use the API to send spam, unsolicited commercial messages, or any communication that violates anti-spam laws.

  • (h) Probe or attack. Conduct any security scan, penetration test, vulnerability assessment, fuzz test, denial-of-service test, or red-team activity against the API or any IgorBox infrastructure without our prior written authorization, except for good-faith security research conducted in accordance with Section 13 (Security and Responsible Disclosure).

  • (i) Interfere with the service. Take any action that imposes an unreasonable or disproportionately large load on our infrastructure, degrades service for other users, or interferes with the proper functioning of the API.

  • (j) Misrepresent identity. Misrepresent yourself, your Application, or your End Users to us or to other API users, including by spoofing User-Agent strings or falsifying request metadata.

  • (k) Violate law or rights. Use the API to violate any applicable law, infringe any third-party right, or facilitate any unlawful activity.

    5.2 Compliance Across the Stack — You are responsible for ensuring that your Application, your End Users, and anyone you authorize to use your API Credentials comply with these API Terms. Violations by your End Users are treated as violations by you.

6. Show Control Safety Restrictions

This section is in addition to, and reinforces, Section 5.1 (Non-Safety-Critical Use) of the Main Terms.

6.1 Cloud API Is Not a Safety-Critical Control Path — The API is provided over the public internet and depends on third-party networks, cloud services, and components outside our control. It is not designed for, and must not be used as, a control path for any function where loss, delay, corruption, or compromise of an API call could result in death, personal injury, or significant property damage.

6.2 Prohibited Uses — Without limiting Section 5.1 of the Main Terms, you may not use the API to remotely trigger, control, or arm:

  • pyrotechnics, flame effects, or any combustion-based effect;
  • kinetic systems, motors, lifts, drops, or actuators where a person could be in or near the motion path;
  • high-voltage, high-current, or high-pressure systems where uncontrolled actuation could cause injury;
  • life safety systems, emergency stop systems, fire suppression systems, or fire alarms; or
  • any system whose failure or unintended activation could endanger a person.

For such systems, all triggering, interlocks, watchdogs, and emergency-stop logic must reside in local, deterministic hardware and software, independent of the API and independent of internet connectivity.

6.3 Your Responsibility for Safe Design — Where your Application or installation uses IgorBox hardware in any way that could interact with people or hazardous systems, you are solely responsible for designing the system to fail safely if API connectivity is lost, delayed, intercepted, or compromised. You acknowledge that we cannot and do not guarantee delivery, latency, integrity, or authenticity of any individual API call.

7. Applications and End Users

7.1 Your Application's Terms — If your Application is used by End Users, you must publish and enforce your own terms of service and privacy policy that are at least as protective as ours of (a) IgorBox, (b) the IgorBox platform, and (c) Customer Content. You must obtain all consents and authorizations from your End Users that are necessary for your Application's processing of their data.

7.2 Identification — Every API request from your Application must include a descriptive User-Agent header that identifies your Application by name and contact information, in a form we may specify in our developer documentation. Generic or misleading User-Agent strings are prohibited.

7.3 No Implied Endorsement — You may not state or imply that your Application is endorsed, certified, sponsored, or affiliated with IgorBox or Rising Orchards LLC unless we have agreed to such designation in writing.

7.4 Naming and Branding — You may use "IgorBox" in factual statements describing your Application's interoperability (e.g., "Works with IgorBox," "Integrates with IgorBox Studio") in accordance with any brand and trademark guidelines we publish. You may not use "IgorBox," "Rising Orchards," or any confusingly similar name as part of your product name, company name, domain name, or in any way likely to cause confusion as to source.

7.5 Honoring Revocation — If an End User revokes authorization for your Application or deletes their IgorBox account, you must stop accessing their data through the API and delete any cached copies in your possession within a commercially reasonable period.

8. Customer Content and Service Data

8.1 Ownership of Customer Content — As between you and us, you retain ownership of Customer Content submitted through the API, subject to the licenses granted in the Main Terms.

8.2 Our Use of Service Data — We collect, generate, and process Service Data for the purposes of operating, securing, monitoring, and billing the API and the IgorBox platform. Any use of Service Data beyond these operational purposes — including to improve the API or the IgorBox platform, or to develop or train models — is performed only on aggregated or anonymized data that does not identify you or any End User, consistent with Section 7 of the Main Terms. We will not use personally identifiable information for model training without consent as required by the Main Terms.

8.3 Privacy Compliance — You are responsible for complying with all applicable data protection and privacy laws (including but not limited to the GDPR, CCPA, and any other regimes that apply to your End Users) in connection with your Application and your use of the API.

9. Webhooks

9.1 Delivery Is Best-Effort — Webhooks are delivered on a best-effort basis. We do not guarantee delivery, ordering, exactly-once semantics, or latency of any webhook. Your endpoint must be designed to tolerate duplicates, out-of-order delivery, missed events, and replays.

9.2 Endpoint Requirements — Webhook receiver endpoints must (a) be served over HTTPS with a valid certificate, (b) verify the signature header we provide on each request using the documented signing scheme, and (c) respond to delivery attempts within the documented timeout window.

9.3 Suspension of Delivery — We may pause, throttle, or disable webhook delivery to any endpoint that repeatedly fails, returns 4xx or 5xx responses, exceeds latency thresholds, or otherwise behaves abusively toward our delivery infrastructure.

10. Beta and Experimental APIs

10.1 Endpoints, features, or SDKs we designate as "Beta," "Preview," "Experimental," "Alpha," or with similar labels are provided as-is and as-available, may change or be removed at any time without notice, and are not subject to any service-level commitments. You use Beta APIs at your own risk and must not rely on them for production-critical functionality.

11. Versioning, Changes, and Deprecation

11.1 Versioning — We use versioned API endpoints. We may release new versions, modify existing endpoints, or change response schemas at any time.

11.2 Deprecation — When we deprecate an endpoint, version, parameter, or feature that we have designated as generally available (i.e., not Beta), we will provide reasonable advance notice through our developer documentation, changelog, or direct communication, typically no less than ninety (90) days before removal. Shorter notice periods may apply for changes required by security, legal, or operational necessity.

11.3 Continued Use of Deprecated APIs — Continuing to use a deprecated endpoint after the published end-of-life date is at your own risk. We may disable deprecated endpoints without further notice after that date.

12. Monitoring, Suspension, and Enforcement

12.1 Monitoring — We monitor API usage for performance, security, billing, capacity planning, and detection of abuse and violations of these API Terms.

12.2 Suspension — We may suspend, throttle, or revoke API access (in whole or in part), with or without prior notice, if we reasonably believe:

  • (a) you have materially breached these API Terms or the Main Terms;

  • (b) your use of the API presents a security risk to IgorBox, our customers, or third parties;

  • (c) your use of the API is causing or is likely to cause harm to our infrastructure or other users;

  • (d) your use of the API may subject IgorBox to liability or regulatory action;

  • (e) we are required to do so by law, court order, or governmental authority; or

  • (f) you have failed to pay amounts owed to us when due.

    12.3 Emergency Action — For suspected security incidents or active abuse, we may suspend access immediately and provide notice afterward.

    12.4 Investigation — You agree to reasonably cooperate with our investigations of suspected violations, including by promptly responding to inquiries about your API usage.

13. Security and Responsible Disclosure

13.1 Reporting Vulnerabilities — If you discover or reasonably suspect a security vulnerability in the API, the IgorBox platform, or any related system, you must report it promptly to security@igorbox.com with sufficient technical detail for us to reproduce and validate the finding.

13.2 No Exploitation — You must not exploit a discovered vulnerability beyond the minimum necessary to demonstrate its existence. You must not access, modify, exfiltrate, or destroy any data belonging to IgorBox, our customers, or third parties, and you must not degrade or disrupt any IgorBox service.

13.3 Coordinated Disclosure — You agree not to publicly disclose any vulnerability for at least ninety (90) days from your initial report, or until we have remediated it and authorized disclosure, whichever comes first, unless a longer or shorter period is required by law. We will work with you in good faith to remediate validated reports and acknowledge your contribution where appropriate.

13.4 Safe Harbor — Good-faith research conducted in accordance with this Section will not be treated as a violation of these API Terms, and we will not pursue legal action against researchers who comply with it.

14. Fees and Billing

14.1 API Pricing — API access is included in or available as part of certain IgorBox Studio subscription tiers, on the pricing terms published on our website or in your order. Usage in excess of included quota may be subject to overage charges at our published rates.

14.2 Billing Disputes — You must notify us of any disputed charges within thirty (30) days of the invoice date. Failure to do so constitutes acceptance of the invoiced amounts.

14.3 Taxes — All fees are exclusive of taxes, which are your responsibility.

15. Termination and Effect of Termination

15.1 Termination — Your right to use the API terminates immediately upon (a) termination, expiration, suspension, or downgrade of your IgorBox Studio subscription; (b) material breach of these API Terms or the Main Terms; or (c) our discontinuation of the API or the relevant endpoint.

15.2 Effect of Termination — Upon termination of your API access, you must:

  • (a) immediately cease all use of the API;

  • (b) destroy or return all API Credentials in your possession or control;

  • (c) delete cached or stored API responses that contain Customer Content of End Users whose authorization has ended, within a commercially reasonable period; and

  • (d) cease holding yourself out as integrated with, or compatible with, the IgorBox platform.

    15.3 Survival — Sections 1, 3.3, 5, 6, 8, 13, 14.2, 15.2, 15.3, 16, 17, 18, 19, 20, and 21 of these API Terms, together with all surviving provisions of the Main Terms, survive any termination.

16. No SLA Unless Specified

The API is provided "as is" and "as available." Except where an express service-level agreement is included in a separate Enterprise order form signed by us, we do not warrant uptime, response time, throughput, or fitness for any particular production use.

17. Warranty Disclaimers

Section 12 of the Main Terms (Warranties and Disclaimers) applies in full to the API. Without limiting that section, we specifically disclaim any warranty that the API will be uninterrupted, error-free, free of harmful components, accurate, complete, secure, or that any defects will be corrected.

18. Limitation of Liability

Section 14 of the Main Terms (Limitation of Liability) applies in full to the API and is incorporated by reference. Our aggregate liability arising out of or relating to the API is included in, and not in addition to, the liability cap stated in the Main Terms.

19. Indemnification

In addition to the indemnification obligations in Section 15 of the Main Terms, you agree to defend, indemnify, and hold harmless Rising Orchards LLC, its affiliates, and their respective officers, directors, employees, and agents from and against any and all claims, damages, liabilities, costs, and expenses (including reasonable attorneys' fees) arising out of or relating to:

  • (a) your Application or any product or service operated by you that uses the API;
  • (b) Customer Content submitted by you or your End Users through the API;
  • (c) your violation of these API Terms;
  • (d) your violation of any applicable law or any right of any third party in connection with your use of the API; or
  • (e) any claim brought by an End User of your Application against IgorBox arising from your acts or omissions.

20. Governing Law and Dispute Resolution

Sections 17 (Governing Law) and 18 (Binding Arbitration and Class Action Waiver) of the Main Terms govern these API Terms, including the thirty-day arbitration opt-out procedure.

21. Changes to These API Terms

We may update these API Terms from time to time. Material changes will be communicated through our developer documentation, changelog, email to the contact on your account, or in-product notice. Your continued use of the API after the effective date of any update constitutes acceptance of the updated API Terms.

22. Contact

For questions about these API Terms:

Email: help@igorbox.com (general) / security@igorbox.com (vulnerability reports) Address: Rising Orchards LLC, 128 Orange Ave, Daytona Beach, FL 32114

This document is maintained at github.com/RisingOrchards/legal

IgorBox® is a Registered Trademark of Rising Orchards, LLC.

© 2026 Rising Orchards, LLC

TermsPrivacy PolicyLegalStatus

build: b0fcd7f