Updated 1 June 2021


IBIS provide Tourism Business Management systems to enable our users to manage reservations, ticketing, gift vouchers and point of sale transactions. This includes E-Commerce interfaces, browser and desktop applications (together known as the “Service”). IBIS has employees, independent contractors and representatives (“IBIS Team”). The IBIS API is available for integrating online travel agents and FIT websites to operators using the IBIS system (“IBIS Operators”). By accessing the APIs, you agree to this API Terms of Engagement (the “Policy”).

1. Login

You’ll only access the API using the API key(s) provided by IBIS. You must keep the API key(s) secure and confidential at all times.

2. Permitted Use

You won’t use the API to send spam or take any actions that negatively impact IBIS or IBIS Operators. You will comply with all applicable laws (including the Privacy Act 2020 and Unsolicited Electronic Messages Act 2007). You’ll follow all documentation we provide for the APIs. You won’t attempt to hack or change the way the Service functions. We may throttle your use of the APIs at any time. We may monitor your use of the APIs for compliance with these rules, and we may deny you access to the API if you violate this Policy.

3. Privacy

You’ll respect the privacy of our users. You must obtain express permission from each IBIS Operator before you access their IBIS system. Your Integration must display a privacy policy for users detailing the information you’ll collect from them when they use the Integration. You will only access a user’s data to the extent permitted by the user and explained in your privacy policy. You must immediately delete a user’s data if the user requests deletion or terminates their account with you. Any user data which is collected by IBIS via your Integration will be treated in accordance with our Privacy Policy.

4. Security

You will implement and maintain appropriate technical and organisational security measures to protect and to preserve the security, integrity and confidentiality of the data of your users. These security measures shall prevent the unauthorised access or disclosure of personal or confidential data that you process. You must promptly report any security deficiencies or security incidents that may impact or compromise our users, APIs, or Service in writing to privacyofficer@ibis.co.nz. And, if there is a security incident, you will work with us to immediately correct the incident or deficiency.

5. License

We grant you a non-exclusive, non-transferable, non-sublicensable, revocable, limited right to access and use the APIs to develop, test and support your Integration and to distribute or allow access to your Integration to users of your service, provided that you comply with this Policy and all applicable laws. You have no right to distribute or allow access to our stand-alone APIs. We may terminate your access to our APIs at any time for any reason.

6. Ownership

We own all rights, titles, and interest in the Service and the APIs, including all intellectual property rights, marks, code, and features. You won’t infringe, reverse engineer, or copy our code, design, or content. You will not access our APIs in order to compete with our Service. Any rights not expressly granted by this Policy are withheld, so if you don’t see it here, then it’s not a right we’re giving you. You own all rights, titles, and interest in the Integration, except for the APIs, our marks, and the Service. If you provide feedback about the APIs or the Service, we may copy, modify, create derivative works, display, disclose, distribute, or use that feedback without any obligation to you.

7. Use of Marks

You may only use our name and marks (meaning our logos, mascots, and copyrighted images) according to our specifications. You may not alter or remove any proprietary notices in our marks. You won’t use our name or marks in your Integration name or logo, or in any way that implies an endorsement by us. If you use our marks to create your logo or name, you’ll immediately assign those rights to us at no expense.

8. Disclaimer

To the maximum extent permitted by law, we provide the APIs as-is. That means we don’t provide warranties of any kind, either express or implied, including but not limited to merchantability and fitness for a particular purpose.

9. Updates

We may update or modify the APIs and this Policy from time to time by posting the changes on this site or notifying you via email. These changes may affect your use of the APIs or the way your Integration interacts with the API. If we make a change that’s unacceptable to you, you should stop using the APIs.

10. Confidentiality

You may have access to confidential, proprietary, and non-public information specific to the APIs (“Confidential Information”). You may use this information only to build with the APIs. You won’t disclose the Confidential Information to anyone without our written consent, and you’ll protect the Confidential Information from unauthorised use and disclosure in the same way you’d protect your own confidential information.

11. Indemnification

You’ll indemnify and hold us and our IBIS Team harmless from any losses (including legal fees) that result from third-party claims that relate to your use of the API.

12. The Rest

This Policy doesn’t create or imply any partnership, agency, or joint venture. This Policy will apply for as long as you use the APIs or until terminated by IBIS or an IBIS Operator.