Developer Policy
Last updated: December 23, 2019
This Developer Policy outlines Squarespace’s expectations for Developers to respect the privacy, security, and safety of our Users, Your Users and End Users.
In addition to the Developer Terms, this Developer Policy provides rules and guidelines for Developers who use the Developer Tools to develop, test and create Developer Products. Violations of this Developer Policy are considered a violation of the Developer Agreement. We require all Developer Products and Developers to follow this Developer Policy as well as the rest of the Developer Agreement, including without limitation our Developer Terms, Privacy Policy, Terms of Service, Acceptable Use Policy, Brand Guidelines and Logo Guidelines. We reserve the right to take any action we deem necessary if any Developer Products violate this Developer Policy, or any other part of the Developer Agreement, to protect Squarespace, the Developer Tools or to protect Users, End Users or User Content.
Any capitalized terms not defined in this Developer Policy have the meanings set forth elsewhere in the Developer Agreement. Your Developer Products and services should not create unsafe environments for Your Users and their End Users. Your Developer Products and services must comply with all applicable laws and regulations in all locations where the Developer Product(s) are made available to Users.
This Developer Policy may be changed from time to time without notice. Please check here for any updates. We may provide notice, including via the email associated with your Developer Account, if we make a material change to this Developer Policy.
General
1. You will not create Developer Products or otherwise do anything which will enable Your Users to circumvent or violate Squarespace’s Terms of Service, Privacy Policy or Acceptable Use Policy.
2. You will not create Developer Products or otherwise do anything which will enable Your Users to circumvent or violate the terms or policies of third parties or other platforms.
3. You will not mislead, nor misrepresent to, Your Users about the functionality or data use of your Developer Products and services. Your Developer Products and services should not include unexpected functionality that is unrelated to the primary function of the Developer Products and your services, and are not likely to be expected by Users at installation from the Developer Product name or description.
4. You will not attempt to reverse engineer or otherwise derive source code, trade secrets or know-how from or in our Developer Tools or Services.
Data Protection and Privacy
Squarespace respects the privacy of our Users and their End Users. We believe in transparency, not surprises. Therefore, we expect you, your Developer Products and services to comply with all applicable laws and regulations to protect the security and privacy of Your Users and their End Users. In accordance with this, you shall ensure:
1. You, your Developer Products and your services shall comply with applicable data protection laws and regulations.
2. Your Developer Products and services should clearly explain your data privacy practices, and explain to Your Users how you plan to collect, use, process, store and share the data accessed. You must publish your own easily accessible Privacy Policy and comply with it. Your Privacy Policy must meet industry and legal standards.
3. You shall explain to Your Users how your Developer Products and services will use data received from Squarespace and their End Users in any Privacy Policies you publish or issue.
4. You shall acknowledge Squarespace’s rights to collect such data in any Privacy Policies you publish or issue.
5. You will not collect, use, process, store and/or share Your Users’ data, User Content, or personal information without obtaining proper consent of Your Users or having a lawful basis to collect, use, process, store or share such data, User Content, or personal information.
6. You will only retrieve or access data from Squarespace to the extent enabled by Your Users, and you will ensure any data is collected, used, processed, stored and/or shared in accordance with your agreement with Your Users.
7. You will not sell, rent, exploit or distribute Your Users’ data or User Content without the express permission from Your Users.
8. If you would like to contact Your Users or their End Users, you must obtain permission through a clear and separate explicit permissions process, in accordance with applicable laws.
9. You will not request Your Users to provide sensitive, private, and confidential data, such as credit card numbers or passwords, unless specifically necessary to fulfil the services requested by Your Users.
10. If you or your Developer Products store the personal information or User Content of Your Users and Your User requests to access, update, or delete their personal information or User Content, you will review and comply with such request as required by applicable law.
11. If Your User terminates permission for you and your Developer Products to access their account information and associated data, you shall immediately cease to access such data and you shall delete all associated data of Your User and/or their End Users in accordance with your agreement with Your Users, except where data retention is required under applicable law or regulation. Squarespace shall have the right to audit your deletion practices and you shall reasonably assist Squarespace with such audits.
12. You will not access Users data, User Content and/or End User data for surveillance purposes, unless required in order to comply with compulsory legal process. You may not allow or assist any entity to conduct surveillance or obtain data using your access to Developer Tools, unless required in order to comply with compulsory legal process.
13. Data Breach: If User data, End User data or User Content is breached, exposed, exploited, or otherwise compromised through your Developer Products, company or service, you must inform Squarespace and all affected Users reasonably promptly, but in no event more than 72 hours after you learn of such an incident, and cooperate with investigations, assist with any required notices, and provide any information reasonably requested by Squarespace. Please inform Squarespace by sending an email to security@squarespace.com.
Security
Squarespace makes security a high priority and we expect you to do the same. Please follow these guidelines:
1. You will use authentication for your Developer Products and maintain audit logs to secure your Developer Products, in each case consistent with industry standard practices.
2. You will comply with Payment Card Industry Data Security Standard (“PCI DSS”) and all applicable data security compliance frameworks and laws, as applicable to your services.
3. You will not allow or facilitate financial transactions to be conducted in an insecure or unapproved manner.
4. You will not transmit any viruses, malware or other code that may damage, injure, harm, interfere with, intercept in an unauthorized manner or expropriate any system or data.
5. You will not access the Developer Tools in a manner that compromises, breaks or circumvents, or attempts to do any of the foregoing, any technical processes or security measures associated with our Services or poses a security vulnerability to our Users.
6. You shall ensure you have appropriate technical and organizational measures to secure all data received from Squarespace, Your Users and/or their End Users. It is imperative that you do not let unauthorized third-parties to access such data. You are responsible at all times for security measures (including any lack thereof) used by third parties providing services to you.
7. Security Review of your Developer Products and services : In its sole discretion and cost at any time, Squarespace may perform a security review of any Developer Products (whether listed on Squarespace Extensions or not) to ensure compliance with the Developer Agreement, and that the Developer Products do not threaten the security, integrity, or performance of the Services or our Users. You shall reasonably cooperate, at your sole expense, with our security review. Squarespace may perform the security review itself or via a designated third party.
Law and Safety
Developer Products and Services must comply with all applicable laws and legal requirements:
1. You and Your Developer Products or services shall not facilitate any violations of the law.
2. You shall not spam, harass, stalk, intimidate, or threaten our Users, Your Users, End Users, or anyone else. Your Developer Products and Services shall not facilitate the spamming, harassing, stalking, intimidating, or threatening of our Users, Your Users, End Users, or anyone else.
3. You shall not infringe on anyone else’s intellectual property rights. Your Developer Products and Services shall not facilitate the infringing of anyone else’s intellectual property.
Access, Use and Restrictions of Developer Tools
In order to access and use the Developer Tools, Developers must comply with the following:
1. You shall only use the Developer Tools to develop extensions and/or applications and/or content for use by User(s) with the Services or otherwise with websites hosted by Squarespace.
2. You shall secure, keep private and not disclose Squarespace API credentials. You shall only use the Developer Tools as permitted.
3. You shall not use any unauthorized APIs.
4. You shall securely manage all credentials using industry-standard protocols.
5. You acknowledge and agree that the Developer Tools are the exclusive property of Squarespace. Access and use of the Developer Tools is at Squarespace’s sole discretion.
6. You shall not use or access the Developer Tools in order to monitor or benchmark the Developer Tools or Squarespace platform. You shall not publicly report on the performance of the Developer Tools.
7. You shall not use or access the Developer Tools to develop or distribute an extension, application or content with a primary purpose to migrate Users away from Squarespace.
8. You shall not alter any unique identifier assigned to your Developer Products, extension, application or content.
Design of Developer Products
It is important that your Developer Products comply with the following:
1. Your Developer Products should clearly display or otherwise disclose your identity, the purpose of your service and the functionality of your Developer Products and services.
2. Your Developer Products must not degrade or compromise our Developer Tools or Services.
3. You will immediately notify us if you change the function of, or discontinue, your Developer Products.
4. You acknowledge and agree that Squarespace does not certify, warrant, endorse or support your Developer Products or services, whether listed on Squarespace Extensions or otherwise. You represent and warrant that you shall not make any statements to the contrary that (directly or indirectly) imply that we certify, warrant, endorse or support your Developer Products or services, unless you have explicit written permission from Squarespace to do so.
5. You shall not represent that your Developer Products and services are authorized by or produced by another company or organization.
6. You shall not allow impersonation of Users or otherwise allowing for false representations within the Developer Products.
7. You shall clearly and accurately inform Your Users of the fees you will collect as part of your service and obtain the required consents. You shall notify and obtain all required consents prior to making any changes to such fees.
8. You shall not, without the express permission of Your Users, scrape, access, download, store, build databases or otherwise create a permanent copy of Your Users’ data, User Content or their End User data.
9. You shall not, without the express permission of Your Users, copy translate, modify, create derivative works of, sell, lease, sublicence, distribute or publicly display any of Your Users’ data or User Content.
If requested, you must provide us with proof of compliance with this Developer Policy. While we’d prefer not to, we may, at any time and in our sole discretion, and without any notice to you, suspend, restrict or disable access to or remove your Developer Account, without any liability to you or to any of Your Users, including without limitation for any loss of profits, revenue, data, goodwill or other intangible losses (except where prohibited by applicable law).
Violations of this Developer Policy may result in your Developer Products and services being blocked, access to Developer Tools removed, Developer Products removed from Squarespace Extensions, Squarespace API credentials revoked, OAuth tokens revoked, User notification, legal action or any other action deemed necessary solely by Squarespace. If you violate this Developer Policy, we may or may not provide notice before taking action.
If you have any questions about this Developer Policy, Developer Tools, Squarespace Extensions or our review process, please contact partnerships@squarespace.com who will be happy to help.