Skip to main content

  • We value your feedback! Take our semi-annual Developer Survey and help us build better experiences.
  • API License Agreement Update: We have made significant enhancements to our API License Agreement, including detailed data protection measures and compliance with international regulations. Important restrictions have been applied to the use of Restricted APIs and AI content. Developers must review the updated agreement to ensure compliance.

EBAY DEVELOPERS PROGRAM

TERMS OF USE AND API LICENSE AGREEMENT

Thank you for your interest in the eBay Developers Program (the “Program”). Through the Program, eBay offers various tools, content, and services (the “Developer Tools”), including certain eBay Application Programming Interfaces (“APIs”), to manage and facilitate the development of Applications (as defined herein) that use content from, and interact with, eBay-branded marketplaces around the world.

The Program and access to the Developer Tools are provided solely for the purpose of promoting and facilitating access to, and use of, eBay Services (as defined herein). Among other reasons, if eBay believes you or Your Users (as defined herein) are using the Developer Tools in any way that undermines eBay’s business interests, eBay may, at its sole discretion, suspend your access to use the APIs and/or the Developer Tools, discontinue your participation in the Program, terminate your access to all or any of the Developer Tools, reduce your access to all or some APIs, or terminate this eBay Developers Program Terms of Use and API License Agreement. These Terms of Use and API License Agreement (“API License Agreement”) governs your participation in the Program, including your license to use the APIs, and takes effect as of the earlier of (a) the date you signify your agreement, or (b) the date that you first access any Developer Tools, API or eBay Content (as defined herein) (the “Effective Date”). eBay may update this API License Agreement from time to time at its discretion, and the Developer Tools will change over time, so we encourage you to check the eBay Developers Program site periodically to see the latest updates given that you must ensure compliance with currently posted terms.

You are contracting with an eBay company (individually and collectively referred to as "eBay," "we," or "us") determined by your country of residence. For example, and as listed in the chart of eBay companies linked above, if you reside in the United States, you are contracting with eBay Inc.

You represent and warrant that you are authorized to act on behalf of, and have the authority to bind, the authorized party being issued an Application Key (as defined herein) to these Terms. You and the authorized party being issued an Application Key are collectively referred to as “you” or “your” in these Terms. eBay and you, may be referred to as a “Party” or, collectively, the “Parties.”)

  1. DEFINITIONS

    Application Key(s)” means the confidential security keys eBay provides to you, or your authorized party being issued an Application Key, for your use of an eBay API, including the developer ID, certificate ID, and application ID

    Application” means the software application, website or other interface that you develop, own or operate to interact with an eBay API.

    Authorized Use” has the meaning defined in Section 3.1.

    Restricted APIs” refers to any APIs provided by eBay that offer data or insights related to market trends, pricing strategies, sales volumes, user behavior, or related information whose access is specially granted to select Developers.

    Developer” means the individual or entity who has accepted this API License Agreement and is granted the right to use the Developer Tools, APIs, and eBay Content to create Applications that interact with eBay Services. This includes any employees, agents, contractors, or representatives acting on behalf of the individual or entity.

    eBay Content” means all of the information, data, content, images, and other material stored by and retrieved from eBay. eBay Content does not include information that you lawfully obtain independent of eBay.

    eBay Services” means eBay Sites, including any eBay Content therein, and all other services, applications and tools eBay offers to eBay Users.

    eBay Site(s)” means any one or all of the following websites: ebay.com and all international versions thereof that are owned, operated, and controlled by eBay Inc. or its affiliates (for example, ebay.de, ebay.co.uk, ebay.com.au, etc.).

    eBay User” means any person who accesses any eBay Service, either directly or through the Developer Tools.

    eBay User Agreement” means the terms and policies on which eBay offers eBay Services to eBay Users, currently available and as updated through a link on the homepage of each eBay Site (for example, the US ebay.com User Agreement).

    Personal Information” means any information that directly or indirectly identifies an eBay User that you obtain or send to eBay through your participation in the Program and your use of the Developer Tools, including information that you collect or receive, or have access to, directly from Your Users in connection with your Application, information that is included in eBay Content, or information that you otherwise receive from eBay about Your Users or other eBay Users and their trading activities.

    Your Users” means end-users of your Application (as defined herein) and anyone who sublicenses your Application. Developer is responsible for ensuring that Your Users comply with all terms and conditions of this Agreement.

  2. EBAY DEVELOPERS PROGRAM CONDITIONS
    1. Participation in the Program. You may participate in the Program and use the Developer Tools to create and use Applications that access and/or interact with eBay Services consistent with the Authorized Use and this API License Agreement. You agree that you are solely responsible for the Applications that you develop. You agree to provide and maintain accurate contact information, and you will inform us promptly of any updates to your contact information.
    2. Application Growth Check. Applications that you develop, display or distribute that interact with an eBay API must comply with eBay’s Compatible Application Growth Check requirements, incorporated herein by reference. eBay may update these requirements from time to time, and you must ensure compliance with current standards.
    3. Additional Certifications. Access to certain eBay APIs, eBay Content and increased API call limits may require special certifications. You may be responsible for any costs associated with such certifications, as well as any modifications necessary for your Application to meet certification criteria.
  3. LICENSE FOR DEVELOPER TOOLS
    1. License and Authorized Use. eBay grants you a non-exclusive, non-transferable, non-sublicensable (except as expressly permitted herein) license to use the Developer Tools (including to access and use eBay APIs) solely during the Term (as defined herein) and solely for the purpose of facilitating your own or Your Users’ use of eBay Services, such licensed uses limited to the following (the “Authorized Use”):
      1. Enabling your Application to interact with, and ongoing interactions with, eBay’s databases (for example, the eBay public database and the Sandbox Test Environment);
      2. Making limited intermediate copies of eBay Content only as necessary to perform an activity permitted under this API License Agreement. All intermediate copies must be deleted when they are no longer required for the purpose for which they were created;
      3. Rearranging or reorganizing eBay Content within your Application consistent with this API License Agreement;
      4. Displaying eBay Content consistent with this API License Agreement; and
      5. Using, displaying or modifying eBay Content as expressly authorized by Your Users and consistent with this API License Agreement.
    2. Application Keys. eBay will provide you with Application Keys that permit you to access eBay’s databases. You may not share or transfer your Application Keys to any third party (including any affiliate) without eBay’s prior written consent. The Application Keys are the property of eBay and may be revoked at any time by eBay. You must maintain the confidentiality of your Application Keys and immediately notify eBay of any suspected unauthorized access or use.
    3. API Call Limitations. eBay reserves the right to limit the number of periodic API calls you are allowed to make. Unused API calls will not roll over to the next call limit period. eBay may temporarily suspend your access to an API if you exceed API call limits. Attempts to circumvent API call limits may result in suspension of your access to the Developer Tools, and/or suspension of your access to all or some APIs or may result in termination of this API License Agreement, termination of your license to use the APIs and the Developer Tools and discontinuance of your participation in the Program.
    4. Loyalty Program Badges. eBay grants you a non-exclusive, non-transferable and non-sublicensable license to display certain eBay Loyalty Program Badges as set forth in the eBay Badge Usage Terms, incorporated herein by this reference (“Loyalty Program Badges”). eBay may update these requirements from time to time, and you must ensure compliance with current standards.
  4. WORKING WITH THIRD PARTIES
    1. Service Providers. You may work with service providers as necessary to facilitate your performance under this API License Agreement but only if you require your service providers to comply with all of the conditions and restrictions of this API License Agreement. You acknowledge and agree that any act or omission by your service provider(s) amounting to a breach of this API License Agreement will be deemed a breach by you
    2. Sublicensing. Except as set forth in this Section 4.2, all license rights (under any applicable intellectual property right) granted to you by eBay are not sub-licensable, transferable or assignable. Notwithstanding the foregoing, you may sublicense your right to display the eBay Content to Your Users solely to enable them to display eBay Content on their computer screens or websites through your Application; provided that all of the following conditions are met:
      1. You will not disclose or share your Application Keys with Your Users.
      2. All API calls initiated by Your Users will be made through your Application Keys.
      3. All API calls initiated by Your Users will count toward your maximum permitted API calls.
      4. Your Users will have no programmatic control over any API.
      5. You will enter into a binding agreement with each of Your Users that includes the following terms: (1) Your Users will be bound by this API License Agreement; (2) eBay will be a third-party beneficiary to such agreement; (3) such sublicense is revocable at any time.
    3. Breach by Your Users. As a third-party beneficiary to all sublicenses permitted pursuant to this API License Agreement, eBay will have the right, in its sole discretion, to directly enforce any term of the sublicense agreement against Your Users, including termination. You acknowledge and agree that any act or omission by Your Users amounting to a breach of these Terms will be deemed a breach by you.
  5. OWNERSHIP. As between eBay and you, except to the extent of the limited licenses granted by this API License Agreement during the Term: (i) eBay retains all rights, title and interest in and to all intellectual property rights embodied in or associated with the Developer Tools, eBay Services, eBay Content, eBay logos, and shall own any content created or derived therefrom or any form of derivative works; and (ii) you retain all rights, title and interest in and to all intellectual property rights embodied in or associated with your Application, excluding the aforementioned rights in this Section 5 subsection (i) above owned by or licensed to eBay. There are no implied licenses under these Terms, and any rights not expressly granted to you hereunder are reserved by eBay or its licensors You will not take any action inconsistent with eBay’s ownership of the Developer Tools, eBay Services, eBay Content or eBay’s Marks (as defined herein).
  6. COMPETITIVE OR SIMILAR MATERIALS. In no event will eBay be precluded from discussing, reviewing, developing (or having developed) for itself, acquiring, licensing or developing for third parties, as well as marketing and distributing, materials or products which are competitive with your Application or other products or services provided by you, irrespective of their similarity to your current products or products that you may develop.
  7. TRADEMARK AND COPYRIGHT LICENSE. eBay, in its sole discretion, may use your name, trade names, trademarks, service marks, logos, and domain names (collectively, “Marks”) for the purpose of advertising or publicizing your participation in the Program and use of an API. If you submit an Application for inclusion on an eBay Site or to be hosted by eBay, you direct and authorize eBay and its affiliates to host, link to, and otherwise incorporate the Application into eBay Services and to publish and publicly display it and carry out any copying, modification, distribution, internal testing, or other processes eBay deems necessary and grant eBay a non-exclusive, transferable, sublicensable, royalty-free, worldwide license to such Application during the Term.
  8. EBAY CONTENT
    1. Using and Displaying eBay Content. You may use and display eBay Content only within your Application during the Term and solely for purposes contemplated and as allowed herein and in accordance with the following guidelines:
      1. Authentication. If your Application will enable Your Users to interact with eBay Services in a way that requires sign-in to their eBay accounts (for example, bidding, buying, listing or access to My eBay), you may provide this access only after “Authentication.” Authentication occurs when an eBay User grants your Application access to their eBay Content via an eBay-controlled sign-in and consent page. An “Authenticated User” is an eBay User who has granted such access to your Application. You represent, warrant and covenant that Your Users may revoke Authentication at any time for any reason.
      2. Public Display. To the extent eBay Content is publicly available within an eBay Service, you may display such eBay Content within your Application to promote eBay and enable Your Users to search and browse listings (“Public Display”), subject to the following restrictions: (1) When the eBay Content is no longer publicly available, you must delete it from your Application. For example, when an eBay User ID is publicly available in connection with a listing on the eBay Site, you may display the eBay User ID through your Application; but if that eBay User ID is no longer viewable in connection with the listing or is otherwise anonymized, you may no longer display the eBay User ID in a Public Display; (2) eBay Content in a Public Display may not be co-mingled or combined with non-eBay Content. For example, all eBay Content in a Public Display must be visually isolated from third-party listings or other non-eBay information; and (3) eBay Content that is available only to an eBay User after signing in to the eBay User’s account may only be displayed to that eBay User and only after Authentication, and such eBay Content may not be used for Public Display without the explicit prior consent of that Authenticated User.
      3. Age of Displayed eBay Content. eBay Content displayed within your Application must be kept reasonably up to date. Displayed item listing information may not be more than six (6) hours older than information displayed on the eBay Site, and other eBay Content must be no more than twenty-four (24) hours older than content displayed on the eBay Site. If your displayed item listing is not as current as the listing on the eBay Site, you will disclose in your Application how much older your displayed item listing is than the same listing on the eBay Site.
      4. Prohibited Use and Derivation of Information.
        1. You must have eBay’s express prior written permission to use or display eBay Content in any way that enables derivation of, including without limitation, any of the following:
          1. Any site-wide statistics across eBay Sites or within any eBay Site;
          2. Take-up rates for enhanced listings (for example, gallery, featured, category featured, etc.);
          3. Statistics relating to the performance (financial or otherwise) of any eBay Service (for example, gross merchandise sales);
          4. Average selling price or gross merchandise sold for any eBay category.
        2. Notwithstanding Your Users’ access to and use of their own information, you must have eBay’s express prior written permission to use or display eBay Content in any way that enables derivation of, including without limitation, any of the following:
          1. Aggregated seller or buyer data (for example, Personal Information);
          2. Data relating to the performance of sellers, either individually or in aggregate (for example, performance data related to promotional campaigns, ad placements, or promoted listings);
          3. Aggregated data relating to transactions conducted through third-party affiliates (for example, off-eBay purchases on social networks, merchants, or other marketplaces enabled through Buy APIs);
          4. Data comparing eBay User utilization of eBay Services and the services of any third party;
          5. Information relating to specific eBay Users or types of eBay Users;
          6. Conversion, completion or success rates; or
          7. Reserve auction information.
      5. Displaying Aggregated Content. Unless expressly permitted by eBay, you will not display any web page served by eBay servers in an aggregated display of different web pages in a browser display area (for example, by framing or mirroring).
      6. API Integration Guidelines and Instructions. When using and/or displaying eBay Content, you agree to comply with any requirements outlined in API integration guidelines and/or integration instructions eBay shares with you.
    2. Protecting User Privacy
      1. Collecting and Storing Personal Information.
        1. Your participation in the Program and your use of the Developer Tools may allow you to receive or collect Personal Information from and about eBay Users (including Other Users (as defined herein)) and Your Users.
        2. You agree to promptly delete Personal Information on the earlier of: (i) when required by your data privacy and data retention policies; (ii) when requested by eBay or by the applicable eBay User to whom the Personal Information pertains, (iii) when the Personal Information is no longer necessary for the specific, legitimate purpose for which it was collected or processed for your Application, or (iv) when your participation in the Program is terminated.
        3. You will not under any circumstances collect, store or share any eBay User’ User IDs or passwords.
      2. Compliance with Privacy Laws. At all times, you will cause your Application and your use of the Developer Tools, eBay Services, eBay Content and Personal Information to comply with all applicable laws, rules, regulations and best practices concerning privacy and data protection.
      3. Your Privacy Policy. You must make publicly available (in compliance with applicable privacy laws), and must abide by, an appropriate privacy policy for your Application. In all cases, your posted privacy policy must be consistent with the eBay Privacy Notice (meaning, at a minimum, that you may not process Personal Information in a manner that eBay cannot). eBay’s Privacy Notice is available on each of the eBay Sites (for example, the ebay.com Privacy Notice).
      4. Collecting and Using Your Users’ Personal Information. You covenant as follows: (i) your collection, storage, use, sharing, transfer and processing of Your Users’ Personal Information will be only as authorized by Your Users; (ii) you will comply with your posted privacy policy; and (iii) such privacy policy and your privacy practices will comply with all applicable laws, rules and regulations.
      5. Other User Information and Usage. You may receive information about eBay Users who may not be Your Users (“Other Users”) that is (i) publicly available from eBay; (ii) provided by eBay through an API; or (iii) otherwise obtained by you in connection with your participation in the Program and use of the Developer Tools (“Other User Information”). You may use Other User Information only as strictly necessary to perform activities permitted under these Terms and strictly in compliance with your posted privacy policy, eBay’s Privacy Notice and applicable laws, rules and regulations.
      6. Processing Other User Information. You will not collect, store, share , transfer or otherwise process Other User Information for any purpose other than facilitating the use of eBay Services as permitted under these Terms and only as allowed by eBay’s posted Privacy Notice (meaning, at a minimum, not in any manner that eBay cannot) and consistent with the Data Processing Addendum (the “DPA”) attached hereto as Exhibit A.
      7. Public Display of Other User Information. You may engage in the Public Display of Other User Information (for example, eBay listings) only in accordance with Section 8.1(b).
      8. Application Testing. The Sandbox Test Environment (the “Sandbox”) is a production environment made available only to active Program participants for testing their own Application to ensure proper operation with respect to API integration. The Sandbox is intended for testing API logic and API behavior only. You may use eBay Content made available in the Sandbox for your own Application development and test only. You are responsible for safeguarding your data and the data of Your Users. You are prohibited from publishing confidential information, Personal Information, or restricted data in the Sandbox. You must delete your Application from the Sandbox immediately after testing is completed.
    3. DPA Requirements. Your continued access to the Developer Tools, eBay Services and eBay Content is subject to your compliance with the terms of the eBay DPA attached as Exhibit A and incorporated herein by reference, as the same may be updated from time to time.
    4. Communication. You will not use Personal Information to send or enable sending unsolicited communications of any type to any eBay Users. You may only communicate with Your Users, or send communications initiated by and on behalf of Your Users to Other Users, to promote and facilitate access to and use of eBay Services.
    5. Requirements and Limitations on Use of Restricted APIs. With respect to data involving or which has been enhanced by data from the Restricted APIs, Developer may not:
      1. Ingest or the Restricted APIs data into any generative artificial intelligence model or tool (“AI”) licensed from or otherwise made available by a third party without eBay’s prior written consent, which may be granted or withheld in eBay’s sole discretion;
      2. Use the Restricted APIs data to train algorithms or AI which would be reasonably likely to benefit any third parties other than consumer users of any Developer’s tool;
      3. Sell, share, assign, or otherwise transfer, or license or sublicense (through multiple tiers), as applicable, the Restricted APIs data or insights derived therefrom to any third party;
      4. Electronically distribute via API the Restricted APIs data (either in raw or aggregated form) or allow the Restricted APIs data (either in raw or aggregated form) to be downloaded in bulk.
      5. Developer is permitted to use, modify, create derivative works of, publicly display and host, and distribute data outputs of the Restricted APIs Data during the Term solely to develop pricing tools, only upon receiving eBay’s express prior written consent. In the event that eBay provides such consent, any internal or external pricing tools created by Developer that incorporate data from or are enhanced by the Restricted APIs data (“eBay Enhanced Tools”), Developer agrees to the following:
        1. Developer grants to eBay and its affiliates a non-exclusive, transferable, sublicensable, royalty-free, irrevocable, worldwide, license to access, run, publicly display, perform, redistribute, reproduce, modify, host, translate, store and other use use the eBay Enhanced Tools.
        2. For purposes of clarity, such foregoing license shall permit eBay and its Affiliates to:
          1. Use the eBay Enhanced Tools and/or their data outputs for promotional purposes, in any form, including online and offline marketing and advertising, including social media marketing and any and all other methods to attract users to eBay and its affiliates’ sites to the attention of users;
          2. Use the eBay Enhanced Tools and/or their data outputs and any excerpts thereof; and
          3. Modify, enhance, and create derivative works of the eBay Enhanced Tools data outputs through integration witheBay’s pricing tools.

            Provided, that in each case of the foregoing, eBay and its affiliates shall use the eBay Enhanced Tools data outputs for the benefit of eBay and its affiliates and their respective customers.
        3. Developer represents and warrants that the eBay Enhanced Tools shall comply with applicable law, including without limitation complying with the FTC regulatory requirements on deceptive pricing; and that to the extent Developer uses scraped data in its pricing tools, Developer confirms that it has not and will not circumvent any third-party rights, and that the eBay Enhanced Tools will not infringe, misappropriate, or otherwise violate the rights of any third party.
      6. Section 8.5 does not obligate eBay to utilize the eBay Enhanced Tools or their data outputs on the eBay Site or its affiliates’ Sites. Further, nothing in this Agreement shall preclude eBay from developing itself, having developed or developing for others, any product, tool or data set that is competitive with the eBay Enhanced Tools or their data outputs provided that the technology does not incorporate and is not derived from or based on any of Developer’s Confidential Information; eBay shall not be deemed to be in breach of the foregoing solely on account of using or incorporating technology, information, materials, or other intellectual property (collectively, “Similar IP”) that is similar or materially equivalent to Developer’s Confidential Information, or any portion thereof, so long as such Similar IP was not obtained (directly or indirectly from Developer. For the avoidance of doubt, Developer’s Confidential Information shall not include the eBay Enhanced Tools or their data outputs.
  9. RESTRICTED ACTIVITIES. Notwithstanding any rights expressly granted under this API License Agreement, you may not use or access (nor facilitate or enable others to use or access) eBay Services, including the Developer Tools, in any way which may, directly or indirectly, undermine eBay’s business interests without eBay’s prior written consent. For example, you will not, and you will not facilitate or enable others to do, any of the following:
    1. Distribute, publish, or allow access or linking to eBay Services, including any API, from any location or source other than your Application.
    2. Use eBay Content to determine or verify eBay User identities or to access user profiles.
    3. Use eBay Content with the intent to design, build, promote or augment any site or service competitive to eBay Services.
    4. Display eBay Content relating to the performance of any eBay Service relative to the performance of any third-party service (for example, sales volume, velocity, etc.).
    5. Use eBay Content, either alone or in combination with third-party information, to suggest or model prices for items listed on eBay Site.
    6. Use eBay Services to promote or engage in seller arbitrage (for example, automatically repricing eBay listings in response to price changes on other third-party sites, automatically ordering sold items from other third-party sites, or posting tracking information to eBay when items purchased from other third-party sites are shipped).
    7. Sell, rent, trade, distribute, lease (or otherwise commercialize), copy, store or modify eBay Content, other than for the purposes allowed by this API License Agreement.
    8. Enable eBay Users to set or change eBay User preferences, registration preferences or privacy preferences for any eBay Site with your Application, notwithstanding listing preferences, item cross-promotion preferences or preferences that customize end-of-auction emails.
    9. Collect, use, transfer, store and/or otherwise process Personal Information of any eBay User other than as provided in these Terms and Exhibit A.
    10. Use eBay Content, including without limitation any Personal Information, to train algorithms, conduct machine learning, develop synthetic data sets, train large learning models, and/or train artificial intelligence systems.
    11. Modify, decompile, reverse engineer or otherwise alter the Developer Tools, eBay Sites or eBay Content.
    12. Knowingly and/or intentionally design or create an Application that may be used (by you or anyone else) to violate, or attempt to violate, this API License Agreement the eBay User Agreement, the eBay Privacy Notice, any other eBay policy or any applicable laws, rules or regulations.
    13. Use any API in a manner that exceeds reasonable request volume, constitutes excessive or abusive usage or otherwise fails to comply or is inconsistent with any part of any posted eBay Developer Documentation. eBay may update these requirements from time to time, and you must ensure compliance with currently posted standards.
    14. Have your Application or your use of eBay Services, including your use of the Developer Tools: (i) be false, inaccurate or misleading; (ii) infringe on any third party's copyright, patent, trademark, service mark, trade secret or other property rights or rights of publicity or privacy; (iii) violate this API License Agreement, the eBay User Agreement, the eBay Privacy Notice or any other posted eBay policy, (iv) violate any law, statute, ordinance, contract, regulation or generally accepted practice in any relevant jurisdiction (including, without limitation, those governing trade and export, financial services, consumer protection, unfair competition, anti-discrimination or false advertising); (v) be defamatory, trade libelous, threatening or harassing; (vi) contain or distribute any malware or other computer programming routines that may damage, detrimentally interfere with, surreptitiously intercept or expropriate any system or data; or (vii) create harm to or liability for eBay, including, without limitation, causing eBay to lose (in whole or in part) the services of eBay’s ISPs, cloud hosts or other suppliers.
    15. Have your Application introduce to eBay Services or any third-party systems, any information, code or other content that (i) is illegal; (ii) is abusive; (iii) is harmful to or interferes with eBay Services or systems of any other entity or the use thereof; (iv) infringes, misappropriates or otherwise violates the intellectual property, privacy or other proprietary rights of any party, including eBay; (v) creates or exploits a security risk or vulnerability; or (vi) attempts to do any of the foregoing.
    16. Provide any inaccurate or corrupted data or information to eBay or introduce it into eBay Services, or provide any data or information to eBay without having a valid legal basis and all of the rights necessary to provide such data or information to eBay and for eBay (and other Program developers in the Sandbox) to use it in any eBay Services in accordance with eBay’s Privacy Notice.
    17. Misrepresent or mask your identity in providing information as part of the registration process or as part of your continuing membership in the Program or during your use of any APIs or during any Application check process.
    18. Using Buyer Demand Data in any manner other than for the express purpose of constructing or editing a listing.
  10. EBAY POLICIES. You and your Application will comply with the eBay User Agreement, which is incorporated into this API License Agreement by reference. eBay may update the User Agreement from time to time, and you must ensure compliance with currently posted standards. In the event of a conflict between this API License Agreement and the eBay User Agreement regarding your participation in the Program and use of the eBay Services, the terms of this API License Agreement will control.
  11. MODIFICATIONS
    1. Modification of the Developer Tools and eBay Services. eBay reserves the right to and may modify the Developer Tools, its databases, any eBay Service, or any of the benefits and/or features provided in connection with the Program or your use of the Developer Tools, including without limitation, API call limits, at any time with or without notice to you. Modifications may affect your Application and may require you to make changes to your Application at your own cost to continue to be compatible with or interface with an API or other eBay Services.
    2. Modification of this API License Agreement. eBay may amend this API License Agreement at any time by posting an updated API License Agreement to the eBay Developers Program site. eBay may also (but is not required to) send you notice of the updated API License Agreement via email. Except where stated otherwise, all amended terms will be effective thirty (30) days after they are posted. Your continued use of the Developer Tools or any eBay Services after notice of modification constitutes your acceptance of such changes, even if the thirty (30) day notice period has not fully elapsed. IF ANY MODIFICATION IS UNACCEPTABLE TO YOU, YOUR ONLY RECOURSE IS TO TERMINATE THIS API LICENSE AGREEMENT IN ACCORDANCE WITH SECTION 16 BEFORE THE EFFECTIVE DATE OF THE AMENDED TERMS. YOUR USE OF THE DEVELOPER TOOLS OR ANY EBAY SERVICES AFTER THE DATE CHANGES TAKE EFFECT WILL CONSTITUTE YOUR ACCEPTANCE OF SUCH CHANGES. Other than as set forth above, this API License Agreement may not otherwise be amended except through a mutual and executed written agreement (not including email) by you and an eBay representative who intends to amend this API License Agreement and is duly authorized to agree to such an amendment.
  12. MONITORING AND ENFORCEMENT
    1. Right to Monitor and Audit. eBay reserves the right to monitor or audit your Application and/or activities relating to your use of Developer Tools and eBay Services. At eBay’s request, you agree to provide eBay free and unrestricted access to use your Application for the purpose of monitoring or auditing it, including Developer’s records related to the storage, use and handling of eBay data. You will not seek to block or otherwise interfere with the monitoring or audit, and eBay may use technical means to overcome any methods you may use to block or interfere with such monitoring or audit. Audits may include requests for documents and information and visits to your facilities and/or access to your systems, and you agree to promptly provide all requested information in its unmodified, true and complete form and to cooperate with eBay’s requests with any failure of production or termination being a breach of this API License Agreement.
    2. Remedy for Breach. If eBay, in its sole discretion, believes that you, anyone acting under your Application Key or your service providers have breached this API License Agreement or have engaged in fraudulent activity, eBay may take any and all steps it deems appropriate in its discretion and without any liability to you or Your Users, including suspending your access to use the APIs and/or the Developer Tools, discontinuing your participation in the Program, terminating your access to all or any of the Developer Tools, reducing your access to all or some APIs, or terminating this API License Agreement and API License Agreement.
    3. Corrective Actions. In addition to any other available remedies, eBay may, at its sole discretion, seek specific performance injunctive relief and any other remedy available at law or in equity and/or shall be entitled to receive its attorneys' fees incurred during any efforts to enforce its rights hereunder. eBay reserves the right to take other corrective action as eBay sees fit in the event that eBay receives complaints from eBay Users about your Application or your actions.
  13. AVAILABILITY, SECURITY AND STABILITY
    1. eBay makes no guarantees with respect to the availability, uptime or accuracy of the Developer Tools or any eBay Service. eBay may conduct maintenance on or stop providing any of the Developer Tools or any eBay Service at any time, with or without notice to you. eBay may change the method of access to the Developer Tools or any eBay Service at any time.
    2. In the event of degradation or instability of eBay’s systems or during an emergency, eBay may, in its sole discretion, temporarily suspend your access to the Developer Tools or any eBay Service. It is your responsibility to check for their resumption.
    3. All such interruptions, changes or suspensions shall be without liability to you or Your Users.
  14. DISCLAIMER OF WARRANTIES & LIMITATION OF LIABILITY
    1. SOME JURISDICTIONS DO NOT ALLOW CERTAIN WARRANTY DISCLAIMERS OR LIMITATIONS ON LIABILITY. ONLY DISCLAIMERS OR LIMITATIONS THAT ARE LAWFUL IN THE APPLICABLE JURISDICTION WILL APPLY TO YOU, AND EBAY’S LIABILITY WILL BE LIMITED TO THE MAXIMUM EXTENT PERMITTED BY LAW.
    2. EXCEPT AS EXPRESSLY STATED HEREIN, EBAY DISCLAIMS ALL WARRANTIES AND CONDITIONS, EXPRESS, IMPLIED OR STATUTORY, INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. ALL EBAY SERVICES PROVIDED BY EBAY HEREUNDER ARE PROVIDED “AS IS” AND “AS AVAILABLE,” AND EBAY DOES NOT REPRESENT OR WARRANT THAT ANY EBAY SERVICES OR DEVELOPER TOOLS, WILL OPERATE SECURELY OR WITHOUT INTERRUPTION OR AS DESCRIBED. YOU ACKNOWLEDGE THAT YOU HAVE NOT ENTERED INTO THIS API LICENSE AGREEMENT IN RELIANCE UPON ANY REPRESENTATION EXCEPT THOSE SPECIFICALLY SET FORTH HEREIN.
    3. EBAY WILL HAVE NO CONSEQUENTIAL, SPECIAL, INDIRECT, EXEMPLARY, PUNITIVE, OR OTHER LIABILITY WHETHER IN CONTRACT, TORT OR ANY OTHER LEGAL THEORY, UNDER THIS API LICENSE AGREEMENT, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH LIABILITY AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY.
    4. IN THE EVENT THAT THE ABOVE IS NOT ENFORCEABLE, EBAY'S AGGREGATE LIABILITY UNDER THIS API LICENSE AGREEMENT IS LIMITED TO AMOUNTS PAID OR PAYABLE TO EBAY BY YOU FOR THE DEVELOPER TOOLS IN THE MONTH PRECEDING THE CLAIM. IN THE EVENT THAT THE FORMER LIMITATION OF LIABILITY IS HELD UNENFORCEABLE BY A COMPETENT COURT, EBAY’S AGGREGATE LIABILITY TO YOU AND ANYONE CLAIMING THROUGH YOU IS LIMITED TO $25,000.
  15. INDEMNIFICATION. You will indemnify, defend and hold eBay, its directors, officers, employees, agents, consultants, subsidiaries, partners, affiliates, and licensors harmless against any and all claims, costs, losses, damages, liabilities, judgments and expenses (including reasonable fees of attorneys and other professionals) (collectively, “Claims”) that may arise from or are related to (i) your access to and use or misuse of the Developer Tools or eBay Services and that of anyone acting through you or on your behalf; (ii) the development, maintenance, use, misuse and contents of your Application, including but not limited to, any infringement of any third-party proprietary rights; and (iii) your negligence or willful misconduct and that of anyone acting through you or on your behalf. eBay will: (A) give you prompt written notice of any Claim; provided, however, that failure to provide such notice shall not relieve you of your liabilities or obligations hereunder, except solely to the extent of any material prejudice as a direct result of such failure; (B) cooperate with you, at your sole cost and expense, in connection with the defense and settlement of the Claim; and (C) permit you to select counsel and to control the defense and settlement of the Claim; provided, that you may not settle any Claim or take any other action to the extent such settlement or other action would materially adversely impact eBay’s rights, obligations or business operations without eBay’s prior written consent. eBay, at its cost and expense, may participate in the defense of the Claim through counsel of its own choosing. Notwithstanding the foregoing, if you fail to assume the defense of any Claim within thirty (30) calendar days after you receive a request for indemnification under this Section 15, eBay shall control its own defense and follow such course of action as it reasonably deems necessary to protect its interests, and you shall fully indemnify eBay for all costs (including attorneys’ fees and settlement payments) reasonably incurred in such course of action.
  16. TERM, SUSPENSION, AND TERMINATION
    1. Program Duration. This API License Agreement will be in effect from the Effective Date until properly terminated by a Party as provided hereunder.
    2. Suspension and Termination.
      1. EBAY RESERVES THE RIGHT TO (i) SUSPEND YOUR ACCESS TO THE DEVELOPER TOOLS AND/OR EBAY’S SERVICES AND/OR YOUR PARTICIPATION IN THE PROGRAM, OR ANY PORTION OR FEATURE THEREOF, OR (ii) TO TERMINATE THIS API LICENSE AGREEMENT AND DISCONTINUE YOUR PARTICIPATION AND YOUR ACCESS, INCLUDING YOUR LICENSE TO USE ALL APIS, OR ANY PORTION OR FEATURE THEREOF, FOR ANY (INCLUDING, WITHOUT LIMITATION, BREACH AND AS SET FORTH IN SECTIONS 3.3 AND 12.2) OR FOR NO REASON AND AT ANY TIME WITH OR WITHOUT NOTICE TO YOU AND WITHOUT LIABILITY TO YOU OR YOUR USERS.
      2. If you wish to terminate this API License Agreement, you must email a termination notice to ebaydevelopersprogram@ebay.com. Any other methods used by you to terminate this API License Agreement will be void and will not result in a termination. Your termination notice will be effective when it is received by eBay.
    3. Effect of Termination. Upon the termination of this API License Agreement, you must immediately stop using all APIs, all eBay Services and all Developer Tools. Your Application Keys will be revoked, and all licenses granted hereunder will terminate. You must destroy all copies of, or anything containing, eBay Content and Personal Information in your possession within ten (10) days after termination, and you will provide written certification of destruction to eBay upon eBay’s request.
    4. Survival. The following Sections will survive any termination of this API License Agreements: [5] Ownership, [6] Competitive or Similar Materials, [7] Trademark and Copyright License, [8] eBay Content, [10] eBay User Agreement, [14] Disclaimer of Warranties & Limitation of Liability, [15] Indemnification, [16.2] Effect of Termination, [17] Confidentiality, [18] Publicity, and [19] Law and Venue.
  17. CONFIDENTIALITY.Confidential Information” includes all information and data eBay provides to you under this API License Agreement, including without limitation, Developer Tools, eBay Services, including eBay Content, Personal Information and Application Keys. You will not use or disclose Confidential Information other than as required to perform under and as permitted by these Terms. Your confidentiality obligations will survive the termination of this API License Agreement. You acknowledge that monetary damages may not be a sufficient remedy for unauthorized use or disclosure of Confidential Information and that eBay will be entitled (without waiving any other rights or remedies) to such injunctive or equitable relief as may be deemed proper by a court of competent jurisdiction, without obligation to post any bond. Any information or data you provide to eBay hereunder is considered by eBay to be non-confidential. You acknowledge and agree that you have no expectation that such information will be held confidential by eBay, and that eBay has no duty, express or implied, to pay any compensation for the disclosure or use of any such information.
  18. PUBLICITY. Absent the prior written approval of eBay, you will not directly or indirectly issue or permit the issuance of any public statement concerning any aspect of the eBay Developers Program. You agree to permit eBay to make public statements about your use of the Developer Tools and/or participation in the eBay Developers Program.
  19. LAW AND VENUE. The rights and obligations of you and eBay shall be governed by, and this API License Agreement shall be construed and enforced in accordance with, the laws of the State of California, excluding its conflict of laws rules to the extent such rules would apply the Law of another jurisdiction. The Parties consent to the jurisdiction of all federal and state courts in California and agree that venue shall lie exclusively in Santa Clara County, California.
  20. MISCELLANEOUS. MISCELLANEOUS. You acknowledge and agree that this API License Agreement constitutes the entire agreement between you and eBay and supersedes all prior understandings and agreements of the Parties. Any notices to eBay must be sent to our corporate headquarters address as set forth in the eBay User Agreement via first class or air mail or overnight courier and are deemed given upon receipt. A waiver of any default is not a waiver of any subsequent default. Unenforceable provisions will be modified to reflect the parties' intention, and remaining provisions of this API License Agreement will remain in full effect. Neither party may assign these Terms without the prior express written permission of the other party. Notwithstanding the foregoing, your consent shall not be required for eBay’s assignment or transfer (1) due to operation of law; or (2) to an entity that acquires substantially all of eBay’s stock, assets or business; or (3) to a related entity (e.g., parent or subsidiary of parent). You and eBay are independent contractors, and nothing in these Terms creates a partnership, agency, joint venture, or employer-employee relationship between eBay and you. There are no third-party beneficiaries to this API License Agreement.

Exhibit A: eBay Developers Program Terms of Use and API License Agreement

Data Processing Addendum

This Data Processing Addendum and any applicable appendices or annexes thereto (collectively, the “DPA”) is incorporated into and forms an integral part of the eBay Developers Program Terms of Use and API License Agreement (the “Agreement”) between you (“Developer”) and eBay Inc. and its affiliates (“EBAY”), each a “Party” and collectively the “Parties”. This DPA replaces any previously applicable terms relating to their subject matter. Capitalized but undefined terms used in this DPA will have the meanings assigned to those terms in the Agreement.

To the extent you are using the eBay Services specified herein, you shall be deemed to have accepted this DPA and applicable Standard Contractual Clauses upon acceptance of the Agreement. In the event that an offline DPA has been duly executed and remains in effect, its terms shall take precedence over this online version, provided that such offline DPA expressly addresses the subject matter of the Agreement, as such term is defined herein.

  1. DEFINITIONS
    1. Approved Addendum” means the template addendum issued by the United Kingdom Information Commissioner’s Office and laid before the United Kingdom Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section 18 of such addendum.
    2. Controller”, “Data Subject”, “Process”, “Personal Data”, and “Personal Data Breach” have the meanings as defined in the GDPR.
    3. To the extent that the CCPA is applicable, the definition of “Personal Data” includes “Personal Information”; the definition of “Data Subject” includes “Consumer”; the definition of “Controller” includes “Business” all as defined under the CCPA.
    4. To the extent that Non-EU Data Protection Laws are applicable, definitions will have the meanings given under applicable law.
    5. Data Protection Laws” means all laws and regulations applicable to the Processing of Personal Data by EBAY under the Agreement including, but not limited to, the GDPR, UK GDPR, Non-EU Data Protection Laws, and any other applicable data protection law.
    6. Non-EU Data Protection Laws” means the California Consumer Privacy Act, as amended by the California Privacy Rights Act (together, the “CCPA”); the Virginia Consumer Data Protection Act (“VCDPA”); the Colorado Privacy Act (“CPA”), the Connecticut Data Protection Act (“CTDPA”), the Utah Consumer Privacy Act (“UCPA”); the Florida Digital Bill of Rights (“FDBR”); the Oregon Consumer Privacy Act ("OCPA"); the Texas Data Privacy and Security Act ("TDPSA"); the Montana Consumer Data Privacy Act (“MTCDPA”); the Canadian Personal Information Protection and Electronic Documents Act (“PIPEDA”); the Québec's Act Respecting the Protection of Personal Information in the Private Sector (“Private Sector Act”), the Brazilian General Data Protection Law (“LGPD”), and the Argentina Personal Data Protection Act (“APDPA”).
    7. GDPR” means the EU General Data Protection Regulation 2016/679 and any national data protection laws made under or pursuant to such regulation.
    8. UK GDPR” means the EU General Data Protection Regulation 2016/679 as incorporated into UK data protection laws.
    9. SCCs" means with respect to data transfers from the European Union to third countries that are not deemed adequate jurisdictions by the European Commission, the Controller-Controller standard contractual clauses approved by the European Commission, as may be updated from time to time (the “EU SCCs”) or, with respect to data transfers from the United Kingdom, the EU SCCs as further amended by the Mandatory Clauses of the Approved Addendum, as may be updated by the United Kingdom Commissioner’s Office from time to time (the “UK SCCs”), or with respect to data transfers from Switzerland, the EU SCCs as further amended below (the “Swiss SCCs”), for so long as this DPA is effective, subject to the following:
      1. “data exporter” means the party transferring the personal data to other party;
      2. “data importer” means the party receiving the personal data;
      3. only the provisions pertaining to Module One are deemed applicable under the EU SCCs;
      4. the relevant annex of the EU SCCs, the UK SCCs, and the Swiss SCCs, as applicable, is amended as set forth in Appendix A appended hereto, subject to the additional provisions below;
      5. with respect to governing law and exclusive jurisdiction:
        • the EU SCCs are governed by German law and subject to the exclusive jurisdiction of the German courts;
        • the UK SCCs are governed by the law of England and Wales and subject to the exclusive jurisdiction of the courts of England;
        • the Swiss SCCs are governed by Swiss law and subject to the exclusive jurisdiction of the Swiss courts;
      6. with respect to the competent supervisory authority:
        • for the EU SCCs, the competent supervisory authority referred to in Clause 13 is the LDA Brandenburg;
        • for the UK SCCs, the competent supervisory authority is the Information Commissioner’s Office;
        • for the Swiss SCCs, the competent supervisory authority is the Swiss Federal Protection and Information Commission;
      7. with respect to the Swiss SCCs, references in the EU SCCs to “Member State” shall mean “Switzerland”, and references to “GDPR” shall mean the “Swiss Federal Act on Data Protection”.
  2. SCOPE
    1. Relationship of the Parties. The parties acknowledge and agree in connection with the processing of Personal Data for the eBay Services, each party (a) is an independent controller of the Personal Data under Data Protection Laws; (b) will individually determine the purposes and means of its processing of Personal Data; and (c) will comply with the obligations applicable to it under Data Protection Laws with respect to Personal Data.
    2. Purpose of Processing. Developer may receive Personal Data in connection with its use of the eBay Services (“eBay Services Data”). The Parties acknowledge and agree that Developer may process the eBay Services Data only for the purposes specified in the Agreement. Any processing outside of these explicitly stated purposes is strictly prohibited. Subject to the foregoing, each party remains independently responsible for establishing its own legal basis for the processing of the eBay Services Data to the extent required by Data Privacy Laws.
    3. Security. Developer shall implement appropriate technical and organizational measures that meet or exceed industry standards to protect the Personal Data (i) from accidental or unlawful destruction, and (ii) loss, alteration, unauthorized disclosure of, or access to the Personal Data (a "Security Incident"). Such appropriate technical and organizational measures shall include at a minimum the measures described herein as Annex II.
    4. Audit Rights. eBay reserves the right to conduct periodic audits of Developer's security measures and practices related to the protection of Personal Data. Developer agrees to fully cooperate with such audits and provide all necessary information and access.
  3. TRANSFERS OF PERSONAL DATA
    1. General Obligations for Transfer of Data. Either Party may transfer Personal Data to third countries if such transfer complies with the provisions for the transfer of such data as set forth in applicable Data Privacy Laws. To the extent applicable, Developer represents that they are able to act as an exporting controller of data whether by their organization being within the applicable jurisdiction (e.g., European Union, the United Kingdom, or Switzerland, as applicable) or by being subject to categorization under Clause 13(a) of the SCCs as an organization capable of acting as an exporter from the European Union or equivalent provision under the UK GDPR or the Swiss Federal Act on Data Protection.
    2. Transfers of European Union/United Kingdom/Switzerland Personal Data to Developer. To the extent that EBAY transfers Personal Data requiring a legal data transfer mechanism to Developer and Developer is established in a country outside of the European Union, the United Kingdom, or Switzerland (as applicable) that is not subject to an adequacy decision in the applicable jurisdiction, then Developer will be deemed to have entered into the required SCCs as the data importer with the relevant EBAY party identified in Annex III as the data exporter, and such transfers will be subject to those SCCs.
    3. Transfers of European Union/United Kingdom/Switzerland Personal Data to EBAY. To the extent that Developer transfers Personal Data requiring a legal data transfer mechanism to EBAY, then Developer will be deemed to have entered into the required SCCs as the data exporter with the relevant EBAY Party identified in Annex III as the data importer, and such transfers will be subject to those SCCs.
    4. Transfers of Brazilian Personal Data. To the extent that a party transfers personal data subject to the LGPD to the other party, then the transferring party will be deemed to have entered into the required SCCs as the data exporter with the receiving party as the data importer, and such transfers will be subject to those SCCs. With respect to EBAY, such SCCs shall be deemed to be entered into by the relevant EBAY Party identified in Annex III.
    5. Transfers of Swiss Personal Data. To the extent that a party transfers personal data subject to the Switzerland Data Protection Law, the 2021 Standard Contractual Clauses form part of this DPA and take precedence over the rest of this DPA for such transfer to the extent of any conflict.
    6. Transfers of Personal Data from Argentina to outside of Argentina. To the extent that provision of the eBay Services involves the transfer of personal data from Argentina to outside of Argentina (either directly or via onward transfer) to a jurisdiction that does not have adequate legislation in the terms of article 12 of Law No. 25,326 and its regulatory Decree No. 1558/01, then the parties will be deemed to have entered into the required Argentinian Model Clauses, and such transfers will be subject to those Model Clauses. The roles of the parties and the description of transfers, for the purposes of Annex A to the Argentinian Model Clauses, is set out in Appendix A hereto.
    7. United States Regulations 28 CFR Part 202. Developer represents, warrants and agrees to the following regarding compliance with United States 28 Code of Federal Regulations, Title 28, Part 202 (“28 CFR Part 202”) and Executive Order 14117:
      1. Compliance and Certification. Developer affirms that it is not a covered person as defined in 28 CFR Part 202, and confirms compliance with 28 CFR Part 202 and any other prohibitions, restrictions or provisions applicable to eBay Personal Data. Developer agrees to certify periodically to eBay, at intervals determined by eBay, in writing, Developer’s compliance with 28 CFR Part 202. Developer agrees to not evade or avoid, cause a violation of, or attempt to violate any of the prohibitions set forth in Executive Order 14117 or 28 CFR Part 202. Any breach of 28 CFR Part 202 or Executive Order 14117 will constitute a material breach of the Agreement and this DPA, entitling eBay to immediately terminate the Agreement and seek all available remedies.
      2. Use and Transfer Restrictions. eBay grants Developer with a non-transferable, revocable license to access the eBay Services Data and any data derived from it. Developer is prohibited from engaging or attempting to engage in, or permitting others to engage or attempt to engage in further “covered data transactions,” as defined in 28 CFR Part 202, including, but not limited to, the following:
        1. Selling, licensing of access to, or other similar commercial transactions, such as reselling, sub-licensing, leasing, or transferring in return for valuable consideration, the eBay Services Data or any part thereof, to “countries of concern” or “covered persons,” as defined in 28 CFR Part 202;
        2. Sharing, granting access to, transmitting, or making eBay Services Data available to any “covered person” under any employment or investment agreement, as those terms are defined in 28 CFR Part 202.
      3. Reporting Obligations. In the event that Developer becomes aware or suspects that a “country of concern” or “covered person” has gained access to eBay Services Data through a data brokerage transaction, Developer will immediately notify eBay. Failure to comply with the above provisions will constitute a breach of contract and may also constitute a violation of 28 CFR Part 202, and eBay shall have the right to terminate the Agreement and this DPA and demand an immediate return or deletion of eBay Services Data.
  4. MISCELLANEOUS
    1. Control/Application of the DPA. In the event of any conflict or discrepancy between the SCCs, the Agreement, and the terms and conditions of this DPA, the following order of precedence will apply: (a) the SCCs (where applicable), (b) this DPA, (c) the Agreement. This DPA applies only to Developer and EBAY and does not confer any rights to any third party hereunder. This DPA does not replace any additional rights or obligations related to privacy or data security set forth in the Agreement.
    2. Treatment of Data Rights and Restrictions in the Agreement. Developer agrees that this DPA does not enlarge any rights or restrict any obligations provided for in the Agreement, and Developer continues to be limited to the data use rights and restrictions provided for therein.
    3. Limitations of Liability. This DPA in no way alters the limitations of liability or other legal terms set out in the Agreement.
    4. Governing Law. This DPA shall be governed by the laws of the applicable jurisdiction in accordance with the definition of SCCs within Section 1.i of the DPA herein or as otherwise set forth under applicable Data Protection Laws. In all other cases, this DPA shall be governed by the laws of the jurisdiction stated in the Agreement.
    5. Term and Termination. This DPA will become effective on the date when both Parties have: (i) executed a valid Agreement; and (ii) executed this DPA. The term of this DPA (the “Term”) will continue concurrently with the Agreement and will automatically terminate upon the termination of the Agreement.
    6. Changes. From time to time, EBAY may change this DPA as set forth in the Agreement, including to reflect a change in the name or form of a legal entity; to comply with applicable legal requirements (including regulatory guidance); to reflect EBAY’s adoption of an alternate data transfer solution than the SCCs, provided such changes do not result in a material degradation of the overall security of the eBay Services, or otherwise have a material adverse impact on Developer’s rights under this DPA (as reasonably determined by EBAY).

APPENDIX A

ANNEX 1 TO THE SCCs

MODULE ONE TRANSER CONTROLLER TO CONTROLLER

  1. LIST OF PARTIES

    Data exporter(s):

    • Name: The EEA/UK-based eBay entity which is the controller under the Agreement, or you when you transfer data directly to a non-EEA/UK-based eBay entity. The eBay entities which could be acting as the data exporter(s) and controller under the Agreement is/are the entities as identified in Annex III that transfer(s) personal data to the data importer.
    • Address: eBay as Exporter – see Annex III
    • You as Exporter: As specified in your eBay Developer account.
    • Contact Person’s Name, position and contact details: As specified in your eBay Developer account.
      • eBay as Exporter: see Annex III
      • You as Exporter: Contact person indicated in your eBay Developer account.
    • Signature and date: Deemed signed and effective as of the Effective Date set forth in the Agreement or the date on which Developer otherwise accessed, enabled or utilized any of eBay Services, whichever is earlier.
    • Role (controller/processor): Controller

    Data importer(s)

    • Name: You as a controller under the Agreement or a non-EEA/UK-based eBay entity if you transfer data directly to this entity.
    • Address: You as Importer: As specified in your eBay Developer account.
    • eBay as Importer: see Annex III
    • Contact Person’s Name, position and contact details:
      • You as Importer: Contact person indicated in your eBay Developer account.
      • eBay as Importer: see Annex III
    • Signature and date: Deemed signed and effective as of the Effective Date set forth in the Agreement or the date on which Developer otherwise accessed, enabled or utilized any of eBay Services, whichever is earlier.
    • Role (controller/processor): Controller
  2. DESCRIPTION OF TRANSFER

    Categories of data subjects whose personal data is transferred

    • eBay Users and/or Your Users Personal Data transferred to the data importer in connection with your participation in the eBay Services, at the direction of, or on behalf of the data exporter.

    Categories of personal data transferred

    • Information related to end users (i.e. eBay Users and/or Your Users) provided to the data importer through participation in the eBay Services by (or at the direction of) the data exporter or as otherwise described in the Agreement.

    Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialized training), keeping a record of access to the data, restrictions for onward transfers or additional security measures.

    • None.

    The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis).

    • Transferred continuously.

    Nature of the processing

    • Storing and analyzing data to carry out the purposes of the data transfer.

    Purpose(s) of the data transfer and further processing

    • The data importer will process Personal Data in order to participate in the eBay Services, which includes promoting and facilitating access to, and use of such services.

    The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period

    • The data importer will retain the Personal Information on the earlier of: (i) when required by the data importer’s data privacy and data retention policies; (ii) when requested by eBay or by the applicable end user; (iii) when it is no longer necessary for data importer’s purposes; (iv) when the data importer’s participation in the Program is terminated.

    For transfers to (sub-)processors, also specify subject matter, nature and duration of the processing

    • N/A
  3. COMPETENT SUPERVISORY AUTHORITY
    • As set forth in the DPA. With respect to eBay Services related to payment services, the relevant authority is:
    • Commission Nation pour la Protection des Données
      15, Boulevard du Jazz
      L-4370 Belvaux
      Tel: +352 2610 60 1
      Fax: +352 2610 60 6099
      Email: info@cnpd.lu

ANNEX II TO CONTROLLER-CONTROLLER

TECHNICAL AND ORGANIZATIONAL MEASURES

Explanatory Note:

The technical and organizational measures must be described in specific (and not generic) terms. See also the general comment on the first page of the Appendix, in particular on the need to clearly indicate which measures apply to each transfer/set of transfers.

Description of the technical and organizational measures implemented by the data importer(s) (including any relevant certifications) to ensure an appropriate level of security, taking into account the nature, scope, context and purpose of the processing, and the risks for the rights and freedoms of natural persons.

The data importer has implemented measures at least equivalent to the technical and organizational measures described below to safeguard the eBay Services Data, in addition to any other measures specified in, or supplied to eBay in connection with, the Agreement.

  1. Information Security Policy

    Importer has a documented information security policy aligned to industry recognized information security management systems which its personnel are aware of and comply with.

  2. Organization of Information Security

    Data Importer has organized its operations in such a manner that it is clear as to which individual(s) in the Data Importer’s organization have responsibility for information security. Data Importer defines, establishes and documents basic security processes to include, but not be limited to: information risk assessments; incident response; patch management; vulnerability monitoring; periodic security awareness education and training for its personnel (as appropriate to its operations).

    Data Importer has controls to reduce the risk associated when outsourcing services, including but not limited to: specifying security and confidentiality requirements; restricting subcontractor access to only those areas of the system(s) that are necessary to perform the outsourced service(s), generating event logs on systems and networks that have been accessed; and analyzing the event logs.

  3. Physical and Environmental Security

    Data Importer executes measures necessary to limit the risk of operational disturbance, theft, natural disasters and unauthorized access to data.

    Data Importer ensures that only authorized users have physical access to the network, critical systems and applications, server rooms, communication rooms and work environments. Data Importer provides secure protection for its physical facilities (e.g. through card readers, key cards or a tended reception area).

  4. Communications and Operations Management

    To ensure the confidentiality, integrity and availability of data, Data Importer applies proper security controls.

    1. Data Importer has controls to protect data in transit and at rest, including but not limited to encryption, tokenization, pseudonymization technologies

      Data Importer has controls in place to detect and prevent malicious code from being executed on any system. These controls are regularly updated, and the most recent versions of antivirus signatures are distributed as soon as reasonably practicable to ensure detection and prevention of malicious attacks.

    2. Data Importer ensures that there are reasonable controls in place when backing up data, such as event logs and reviews of those; the backup media is encrypted, where possible, using strong encryption; backup restoration testing is performed regularly; and procedures are in place to ensure backup media will operate in the event of an emergency.
    3. Data Importer ensures that all external entry points to network segments containing data have access controls in place.
    4. Data Importer ensures that the databases and repositories containing data are protected from unauthorized access by using appropriate authorization controls. The databases and connections to the databases are encrypted.
    5. Data Importer ensures that controls for the operating system and applications are in place to prevent unauthorized access to system documentation.
    6. Data Importer has a secure electronic messaging system to prevent unauthorized access. All incoming and outgoing emails are scanned.
    7. Data Importer has a secure electronic messaging system to prevent unauthorized access. All incoming and outgoing emails are scanned.
  5. Access Control

    Data Importer has in place formal processes and procedures to support the secure creation, amendment and deletion of user accounts.

    1. Access is only granted to individuals needing access in order to perform a certain role, function or responsibility. Accounts must be assigned individually with no sharing of accounts permitted.
    2. Data Importer ensures that access control mechanisms based on passwords are enforced by automated means.
    3. Data Importer has controls in place that enable periodic reviews of user access rights with particular focus on ‘privileged users’ (e.g. sys administrator).
    4. Data Importer will revoke user’s access to physical locations, systems and applications containing or processing data within twenty-four (24) hours of the cessation of such user’s need to access the physical locations, systems or applications.
    5. Data Importer ensures that remote access to systems and applications containing data are governed by appropriate authentication (e.g. two-factor authentication), and that such access is encrypted (e.g. VPN).
    6. Data Importer ensures that only authorized users can connect to wired or wireless network segments, if such segments exist.
    7. Data Importer applies a level of security for its own wireless network that is equivalent to the level of protection achieved using VPN. Traffic supports strong encryption and strong authentication.
    8. Data Importer ensures that access to operating system used to store or process data use secure logon mechanisms.
    9. Data Importer has a policy in place to prevent the spread of information from mobile computing such as portable computers and smartphones.
  6. External Operating of Applications and Maintenance of Software and Services
    1. Data Importer has security controls of software, services and systems that process or make data accessible.
    2. Data Importer has processes and systems for patch management (where appropriate), including procedures for applying emergency or critical patches as soon as practicable.
    3. Data Importer ensures that web-based products are reasonably protected against attack.
    4. Data Importer maintains a comprehensive vulnerability management program to continuously evaluate and remediate known vulnerabilities in systems and applications.
  7. Information Security Incident Management

    In order to maintain business operations Data Importer has a formalized security incident handling process in place.

  8. Business Continuity Management

    Data Importer ensures that Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP) are documented and tested on a regular basis to ensure operational continuity (to the extent necessary for its operations).

    For transfers to (sub-) processors, also describe the specific technical and organizational measures to be taken by the (sub-) processor to be able to provide assistance to the controller and, for transfers from a processor to a sub-processor, to the data exporter

    Not applicable.

ANNEX III TO SCCs

  1. DATA EXPORTER(S)

    In providing the eBay Services to Developer, the following eBay entities may act as data exporter(s) under the SCCs, as applicable:

    Name Address
    eBay GmbH Albert-Einstein-Ring 2-6, 14532 Kleinmachnow, Germany
    eBay (UK) Limited 1 More London Place, London, SE1 2AF, United Kingdom
    eBay Marketplaces GmbH Helvetiastrasse 15/17, 3005 Bern, Switzerland
    eBay S.à.r.l., 22-24 Boulevard Royal, L-2449 Luxembourg
    eBay Commerce UK Ltd 1 More London Place, London SE1 2AF, United Kingdom
    eBay Customer Support GmbH Albert-Einstein-Ring 2-6, 14532, Kleinmachnow, Germany
    eBay Group Services GmbH Albert-Einstein-Ring 2-6, 14532, Kleinmachnow, Germany
    eBay International Management B.V. Wibaustraat 224, 1097 DN, Amsterdam, Netherlands
    EU Liaison Office BVBA Kunstlaan 44, 1040 Brussel, Belgium
    eBay Services S.a.r.l. 22-24 Boulevard Royal, 5th Flr., 2449, Luxembourg, Luxembourg
    eBay Europe Services Limited The Atrium, Old Navan Road, Blanchardstown, Dublin 15, Ireland
    eBay GmbH, succursale France 21, rue de la Banque, 75002, Paris, France
    eBay France SAS 21, rue de la Banque, 75002, Paris, France
    eBay (UK) Limited, sede secondaria, Milano Via Roberto Lepetit 8/10, 20124, Milano, Italy
    eBay Spain International, S.L. Paseo de la Castellana, 216, 9th floor, 28046 Madrid, Spain
    eBay Czech Republic s.r.o.. Nile House, Karolinska 654/2, Prague 8, Karlin, Prague 186 00, Czech Republic
  2. DATA IMPORTER

    In providing the eBay Services to Developer, the eBay entity listed below will act as a data importer under the SCCs:

    Name Address
    eBay Inc. 2145 Hamilton Avenue, San Jose, CA 95125, United States of America

June 24, 2025