Legal

Terms of Service

Last updated: May 2026

Free beta until October 2026. Right now the Free tier gives expanded access — the full 19,000+ filer universe, 10 years of history, 500 requests/min — free of charge, and commercial use is permitted during the beta. The tier limits and licence described below (§4, §8) describe the standard product that takes effect when paid plans launch in October 2026; at that point the Free tier reverts to those limits and existing accounts are not charged — you simply move to the free tier unless you choose to upgrade.

1. The service and the parties

SECfinAPI provides standardised financial data sourced from SEC EDGAR filings via a REST API. The service is operated from the Czech Republic by the entity identified on our Imprintpage ("we," "us").

We are not affiliated with the U.S. Securities and Exchange Commission. Data is provided for informational purposes only and does not constitute financial, investment, legal, or tax advice.

By creating an account or using the API, you agree to these Terms and to our Privacy Policy. You must be at least 18 years old (or the age of majority in your jurisdiction) to use the service.

2. Consumers and businesses

The service is offered to both consumers (natural persons acting outside their trade or profession) and businesses. If you are a consumer in the EU, EEA, or UK, mandatory consumer-protection rules in your country of residence apply in addition to these Terms and override any clause that conflicts with them. If you are a business (acting in the course of your trade), Sections 6 (withdrawal) and 13 (consumer ADR) do not apply to you.

3. Your account

You must provide a valid email address to register. You are responsible for keeping your password and API key confidential. Do not commit your API key to public repositories, paste it into client-side code that users can inspect, or share it outside your organisation. If your key is compromised, regenerate it immediately from the dashboard — the old key is revoked the moment a new one is issued.

One person, one account. Operating multiple free-tier accounts to evade rate limits or to obtain aggregate quota beyond a single account's limit is grounds for suspension of all related accounts.

4. License — what each plan allows

The underlying SEC EDGAR data is in the public domain. The license below covers our standardised, enriched, and curated layer (concept mapping, derived metrics, data-quality scoring, infrastructure).

Free ($0): Personal, non-commercial use only. Research, learning, evaluation, and internal prototyping. Not for production apps, paid client work, or any context where third parties see the data.
Hobby ($9/mo): All Free rights, plus one indie commercial project operated by a single person (e.g. your investment blog, newsletter, hobby screener, personal trading model). Public attribution required (see Section 5).
Pro ($29/mo): All Hobby rights, plus internal commercial use within a single organisation — dashboards for your team, internal valuation models, BI tools used by your colleagues. Public attribution required where the data is shown publicly.
Business ($99/mo):All Pro rights, plus the right to embed our data in a product or service you ship to your own end-users ("build on top"). White-label — no public attribution required. Your end-users access our data only through your product; they do not get direct API access via your key.

Prohibited on every plan, including Business:

Bulk-export the data and resell, post, or share it as a dataset, file, archive, or download (e.g. selling a CSV/JSON dump of our standardised data, posting it to a data marketplace, publishing it on a public mirror or torrent).
Re-expose our data as a competing API, proxy service, or data feed to third parties.
Sub-license, transfer, lease, or share your API key with another individual or organisation.
Reverse-engineer, copy, scrape, or attempt to replicate our standardisation mapping (the canonical field names), derived metrics (ROE, ROIC, FCF, etc.), or data-quality scoring methodology.
Circumvent or attempt to circumvent rate limits, including by rotating accounts, rotating IPs, distributing requests across multiple keys, or any other method.
Use the API in a way that damages, disables, overloads, or impairs the service for other customers.
Use the API for any illegal purpose, to violate any third-party rights, or in any jurisdiction subject to comprehensive U.S. or EU sanctions.

5. Attribution requirement (Free / Hobby / Pro)

Wherever data from our API is shown to a person other than the API key holder — public blog, dashboard, newsletter, app — include a visible link reading "Financial data powered by secfinapi.com" on the page or near the data. A single reference per page or per app surface is sufficient. The Business plan is fully white-label and removes this requirement.

6. Right of withdrawal (consumers in the EU/EEA)

Under Articles 9–16 of Directive 2011/83/EU and § 1829 of the Czech Civil Code (Act No. 89/2012 Coll.), if you are a consumer you have the right to withdraw from a distance contract within 14 days from its conclusion, without giving any reason. To exercise this right, send a clear statement to support@secfinapi.com (you may, but are not required to, use the model form below).

Important — supply of digital services begun before the withdrawal period ends. SECfinAPI is a digital service that is made available to you immediately upon registration (Free plan: API key issued at email verification) and immediately upon successful checkout (paid plans: tier upgraded the moment Stripe confirms payment).

Under § 1837(l) of the Czech Civil Code and Article 16(m) of Directive 2011/83/EU, by ticking the consent checkbox during registration or checkout you (a) expressly consent to immediate performance of the service before the 14-day withdrawal period expires, and (b) acknowledge that you thereby lose your right of withdrawal once performance has begun. We confirm this consent in writing in the order-confirmation email.

You may still cancel your subscription at any time (see Section 7); cancellation prevents future renewals but is not the same as withdrawal.

Model withdrawal form (if you have not yet started using the service):

To: SECfinAPI — support@secfinapi.com

I hereby give notice that I withdraw from my contract for the
supply of the following digital service: SECfinAPI subscription
(tier: ____________).

Ordered on (date): _____________
Email used to register: _____________
Name of consumer: _____________
Date: _____________

7. Billing, renewal, and cancellation

Paid plans are billed monthly via Stripe in advance of each period. Prices are shown in U.S. Dollars exclusive of any applicable VAT or sales tax — Stripe collects the correct amount at checkout based on your billing address. For EU customers, we (or Stripe Tax acting on our behalf) issue a VAT invoice compliant with the Czech VAT Act (Act No. 235/2004 Sb.). B2B customers within the EU outside the Czech Republic who supply a valid VAT ID are invoiced under the reverse-charge mechanism.

You may cancel at any time from /billing → Manage subscription, which opens the Stripe Customer Portal. Cancellation takes effect at the end of your current billing period; you keep full access until that date.

We do not offer pro-rated refunds for the unused portion of a billing period, except where (a) the right of withdrawal in Section 6 applies and has not been waived, or (b) mandatory consumer-protection law in your country requires a refund. We may issue a discretionary refund in cases of clear service failure on our side.

If a payment fails, your account enters a grace period (Stripe attempts retries over 8 days). API access is paused after the final failed attempt. You can recover access by updating your payment method in the Customer Portal.

8. Rate limits

Each plan includes a defined request limit, enforced per API key:

Free: 100 requests per day
Hobby: 500 requests per minute
Pro: 2,000 requests per minute
Business: 5,000 requests per minute

Exceeding your limit returns an HTTP 429response. We do not charge overage fees or silently drop requests. Consistent abuse of rate limits, or attempts to circumvent them, may result in account suspension. We may change plan limits with at least 30 days’ email notice; if a change would meaningfully reduce your current limit, you may cancel for a pro-rated refund.

9. Data accuracy

Financial data is sourced directly from SEC EDGAR filings. We parse and standardise it; we do not generate or fabricate any underlying numbers. We cannot guarantee 100% accuracy — filings can be amended, contain errors, or use ambiguous tagging that our standardiser handles imperfectly.

Our Data Quality Score (DQS) flags suspect filings, but DQS is a tool, not a guarantee. Do not use our data as the sole basis for material financial decisions. For investment, audit, or regulatory purposes, always verify against the original SEC filing.

10. Service availability

We aim for high availability and run automated backups, but we do not currently commit to a specific uptime SLA on any tier. Scheduled maintenance and unplanned outages can happen; we will communicate significant incidents via email to active subscribers.

We are not liable for losses caused by service downtime, data unavailability, latency, or transient errors. If you build mission-critical infrastructure on top of the API, implement appropriate caching, retry, and fallback strategies on your side.

11. Suspension and termination

We may suspend or terminate accounts that violate these Terms, including but not limited to the prohibited uses in Section 4, repeated rate-limit evasion, chargebacks without prior dispute contact, or activity that puts the service at risk.

You may delete your account at any time from /account → Delete account. Upon deletion: your API key is revoked immediately, any active Stripe subscription is cancelled, and your row is removed from our database. Certain transactional records (invoices, fraud signals) are retained as required by law, as described in the Privacy Policy.

12. Personal data and GDPR

Our processing of personal data is described in the Privacy Policy. If you process personal data of natural persons through our API in the course of your own services, you act as a separate controller for that processing. Business-tier customers who require a data-processing agreement under Article 28 GDPR may request our DPA template at privacy@secfinapi.com or see /dpa.

13. Consumer dispute resolution (EU)

If you are a consumer in the Czech Republic and we cannot resolve a dispute amicably, you have the right to out-of-court resolution through the Česká obchodní inspekce (ČOI), Štěpánská 567/15, 120 00 Praha 2, adr.coi.cz.

If you are a consumer elsewhere in the EU, you can use the European Commission's online dispute resolution platform: ec.europa.eu/consumers/odr. Our contact email for ODR purposes is support@secfinapi.com.

14. Changes to these terms

We may update these Terms over time. We will notify active subscribers by email at least 30 days before any material change takes effect. Non-material changes (typo fixes, clarifications) take effect immediately. Continued use of the service after the effective date constitutes acceptance.

15. Limitation of liability

The service is provided "as is" and "as available" without warranty of any kind, express or implied, including warranties of merchantability, fitness for a particular purpose, accuracy, and non-infringement, except as expressly provided by mandatory law.

To the maximum extent permitted by applicable law, SECfinAPI is not liable for any indirect, incidental, consequential, special, or punitive damages — including lost profits, lost revenue, lost data, or business interruption — arising from your use of the service. Our total aggregate liability to you for any claim is capped at the greater of (a) the amount you paid us in the 12 months preceding the claim, or (b) USD 100.

Nothing in these Terms limits or excludes liability that cannot be limited or excluded under applicable law, including liability for intentional acts, gross negligence, harm to natural rights, or — for consumers — mandatory statutory rights.

16. Governing law and jurisdiction

These Terms are governed by the laws of the Czech Republic, excluding its conflict-of-law rules and the UN Convention on Contracts for the International Sale of Goods (CISG). For business customers, the courts of the Czech Republic have exclusive jurisdiction. For consumers, mandatory consumer protection laws and the jurisdiction of your country of residence apply where they grant additional rights.

17. Contact

Questions about these Terms, or want to report abuse? support@secfinapi.com. Privacy and data-protection requests: privacy@secfinapi.com. Security disclosures: see /.well-known/security.txt.

← Back to home