Introduction

This API Acceptable Use Policy (the “Policy”) governs the access to and use of application programming interfaces (“APIs,” and each individually, an “API”) provided by Honk Mobile Inc. (“HONK,” “we,” “our,” or “us”) to authorized business partners, parking operators, property managers, and technology integrators (each, a “Partner,” “you,” or “your”).

By accessing or using the APIs, you acknowledge that you have read, understood, and agree to be bound by this Policy, as well as any applicable Mutual Confidentiality and Non-Disclosure Agreement (“NDA”), Terms of Use, and Privacy Policy currently in effect between you and HONK.

This Policy supplements, and does not replace, any existing contractual obligations between you and HONK. In the event of a conflict between this Policy and a separately executed agreement, the terms of the separately executed agreement shall prevail to the extent of such conflict.

Authorization

API access is granted solely to Partners who have executed the requisite agreements with HONK, including an NDA and any applicable service agreements. Access credentials are issued at HONK’s sole discretion and may be revoked at any time.

Authentication

All API requests must be authenticated using the credentials and methods prescribed by HONK, including:

• API key authentication via the X-ApiKey header for all requests.
• Credentials must be kept strictly confidential and must not be shared with, or disclosed to, any unauthorized third party.
• Partners must notify HONK immediately upon discovering any unauthorized use or compromise of API credentials.

Access Control

Partners may only query data associated with zones, locations, or accounts for which they have been explicitly authorized by HONK. Attempts to access data outside of authorized scope constitute a material breach of this Policy.

Approved Use Cases

The APIs are designed exclusively for the following approved use cases. Any use outside of these categories requires prior written authorization from HONK.

Parking Enforcement Operations

Partners may use the API to enable real-time validation of parking session validity for enforcement personnel. Permitted data access includes:

• Active and historical parking session data.
• Reservation validity and status.
• Plate number verification and history.
• Zone assignment and location data.
• Transaction identifiers for cross-reference.

Financial Transaction Lookup

Partners may use the API for on-demand access to individual or small sets of transaction records for real-time verification. Approved uses include:

• Real-time receipt lookup for customer service inquiries.
• Individual transaction verification and dispute resolution.
• On-demand validation of specific transactions.
• Integration testing and development workflows.
• Ad-hoc queries requiring immediate response (fewer than 100 records per request).

Permitted data fields include transaction amounts (subtotals, taxes, fees, discounts), payment methods and processing details, refund and settlement information, and parker identification where available.

Prohibited Uses

The following uses of the APIs are strictly prohibited:

• Bulk data retrieval: Including, but not limited to, daily, weekly, or monthly transaction exports; reconciliation pulls; scheduled batch jobs; or data warehouse population via API polling. Partners requiring bulk financial data must use the SFTP or email reporting services provided by HONK.
• Unbounded queries: All API requests must include temporal or zone-based scoping within the applicable data retention window (currently 90 days).
• Cross-domain queries: Enforcement and financial data cannot be combined in a single API request.
• Resale or redistribution: API data may not be sold, sublicensed, redistributed, or made available to any third party without HONK’s prior written consent.
• Competitive use: API data may not be used to develop, enhance, or market any product or service that competes with HONK’s offerings.
• Reverse engineering: Partners may not reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, algorithms, or underlying architecture of the API.
• Circumventing controls: Partners may not bypass, disable, or circumvent any rate limits, authentication mechanisms, access controls, or other security measures implemented by HONK.
• Automated scraping or harvesting: Systematic or automated collection of data beyond the scope of the approved use cases is prohibited.
• Computed analytics or aggregations: The API returns raw records only. Partners are responsible for all client-side data transformation, aggregation, and reporting.

Rate Limits and Technical Standards

To ensure platform stability and fair access for all Partners, the following technical standards apply:

• Pagination is required using standard limit/offset parameters, with a maximum of 5,000 records per request.
• Data retention: The API provides access to a 90-day rolling window of data. Queries outside this window will return no results.
• HONK reserves the right to impose, modify, or enforce rate limits at any time. Current rate limits are communicated via API documentation and response headers.
• Partners must implement appropriate error handling, retry logic with exponential backoff, and caching strategies to minimize unnecessary API calls.

Confidential Information

All data accessed through the API constitutes Confidential Information as defined in the NDA between the Partner and HONK. Partners must handle all API data in accordance with the confidentiality obligations set forth therein.

Personal Information

Where API data includes personal information (such as parker identification or payment details), Partners must:

• Process such data only for the purposes authorized under this Policy and any applicable agreements.
• Comply with all applicable privacy and data protection laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), applicable provincial privacy legislation, and any applicable United States federal or state privacy laws.
• Implement and maintain appropriate technical and organizational security measures to protect personal information against unauthorized access, disclosure, alteration, or destruction.
• Promptly notify HONK of any actual or suspected data breach involving API data.
• Not retain personal information longer than necessary to fulfill the approved use case, and securely delete such data when no longer required.

Data Ownership

All data accessible through the API remains the sole and exclusive property of HONK or its licensors. Nothing in this Policy grants the Partner any ownership interest in such data. Partners receive a limited, revocable, non-exclusive, non-transferable license to access and use the data solely for the approved use cases described herein.

Bulk Reporting Alternatives

Partners requiring bulk access to financial data must use the following dedicated services rather than the API:

• SFTP: Automated nightly file delivery in CSV format. This is the primary method for bulk financial reporting.
• Email Reports: Scheduled reports delivered during off-peak hours for periodic reconciliation and analysis.

These services are purpose-built for high-volume reporting and run outside of business hours.

Intellectual Property

The API, including its design, structure, documentation, and all related intellectual property, is and shall remain the exclusive property of HONK. This Policy does not grant the Partner any rights to HONK’s trademarks, trade names, logos, or other branding elements. Partners may not represent or imply any endorsement by HONK without prior written consent.

Disclaimer of Warranties

The API is provided “as is” and “as available.” HONK makes no warranties, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, non-infringement, accuracy, completeness, or reliability of the API or any data accessed through it. HONK does not warrant that the API will be uninterrupted, error-free, or secure.

Limitation of Liability

To the maximum extent permitted by applicable law, HONK shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits, revenue, data, or business opportunities, arising out of or related to the use of or inability to use the API, regardless of the theory of liability and even if HONK has been advised of the possibility of such damages.

HONK’s total aggregate liability arising out of or related to this Policy shall not exceed the fees paid by the Partner to HONK for API access during the twelve (12) months preceding the event giving rise to the claim.

Indemnification

Partners agree to indemnify, defend, and hold harmless HONK, its affiliates, officers, directors, employees, and agents from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising out of or related to the Partner’s use of the API, violation of this Policy, or infringement of any third-party rights.

Suspension and Termination

HONK reserves the right to suspend or terminate API access, in whole or in part, at any time and without prior notice, if HONK reasonably believes that:

• The Partner has violated any provision of this Policy.
• The Partner’s use of the API poses a security risk to HONK or its users.
• The Partner’s usage patterns are inconsistent with the approved use cases.
• Suspension or termination is required to comply with applicable law or a court order.

Upon termination or expiration of API access, the Partner must immediately cease all use of the API and securely destroy or return all API data and credentials in its possession.

Modifications to This Policy

HONK reserves the right to modify this Policy at any time. Material changes will be communicated to Partners via email or through the API documentation portal. Continued use of the API following notification of changes constitutes acceptance of the modified Policy. If the Partner does not agree to the modified Policy, the Partner must discontinue use of the API and notify HONK to arrange termination of access.

Governing Law and Dispute Resolution

This Policy is governed by and shall be construed in accordance with the laws of the province of Ontario and the laws of Canada applicable therein. Each Party attorns to the exclusive venue and jurisdiction of the Courts of Ontario and waives any arguments under the conflict of laws removing such exclusive venue, jurisdiction, or governing law.

Last updated: April 1, 2026