Usage Policies
To ensure fair and responsible use of our API, we've established the following usage policies. These guidelines help maintain service quality for all users while promoting ethical AI usage.
Rate Limits
Our API implements rate limiting to ensure fair resource distribution and protect against abuse. Rate limits vary by API endpoint and account tier.
| Account Tier | Text Generation | Image Generation | Voice Generation |
|---|---|---|---|
| Free | 60 requests/minute | 10 requests/minute | 5 requests/minute |
| Basic | 300 requests/minute | 30 requests/minute | 20 requests/minute |
| Pro | 600 requests/minute | 60 requests/minute | 40 requests/minute |
| Enterprise | Custom | Custom | Custom |
Rate Limit Headers
All API responses include rate limit information in the headers:
Handling Rate Limits
When you exceed your rate limit, the API will return a 429 Too Many Requests status code. We recommend implementing exponential backoff in your client applications to gracefully handle rate limiting.
# Python example of handling rate limits with exponential backoff
import requests
import time
import random
def make_api_request(url, headers, data, max_retries=5):
retries = 0
while retries < max_retries:
response = requests.post(url, headers=headers, json=data)
if response.status_code == 429:
# Extract the reset time from headers if available
reset_time = int(response.headers.get('x-ratelimit-reset', 0))
current_time = int(time.time())
# Calculate delay with exponential backoff and jitter
delay = min(
((2 ** retries) + random.random()),
# If reset time is available, use it as a ceiling
max(1, reset_time - current_time) if reset_time > current_time else 60
)
print(f"Rate limit exceeded. Retrying in {delay} seconds...")
time.sleep(delay)
retries += 1
else:
return response
raise Exception("Maximum retries exceeded")Content Policies
We enforce content policies to ensure our API is used responsibly and ethically. The following types of content are prohibited:
- Illegal Content: Any content that violates applicable laws or regulations.
- Harmful or Malicious Content: Content designed to harm individuals, groups, or systems, including but not limited to malware, phishing attempts, or harassment.
- Hateful Content: Content that promotes discrimination, harassment, or violence against individuals or groups based on attributes such as race, ethnicity, nationality, religion, gender, gender identity, sexual orientation, age, disability, or serious disease.
- Adult Content: Sexually explicit content, pornography, or content promoting sexual services.
- Violent Content: Graphic violence, gore, or content that glorifies violence.
- Deceptive Content: Content designed to deceive or mislead, including deepfakes without proper disclosure, misinformation, or disinformation.
- Privacy Violations: Content that violates others' privacy, including personal information, without proper consent.
Content Moderation
All API requests are subject to automated content moderation. Requests that violate our content policies will be rejected with a 400 Bad Request status code and an explanation. Repeated violations may result in account suspension.
Data Privacy and Retention
We take data privacy seriously and comply with global data protection regulations. Here's how we handle your data:
Data Processing
- API requests and responses may be logged for debugging, monitoring, and improving our services.
- We retain API logs for up to 30 days, after which they are automatically deleted.
- We use anonymized and aggregated usage data for analytics purposes.
- We do not use your API data to train our own models without explicit consent.
Data Sharing
- We do not sell your data to third parties.
- We may share data with service providers who help us operate our services.
- We may disclose data if required by law or to protect rights and safety.
Data Security
We implement industry-standard security measures to protect your data, including:
- Encryption of data in transit using TLS
- Encryption of sensitive data at rest
- Regular security assessments and audits
- Access controls and authentication mechanisms
Attribution and Commercial Usage
Attribution Requirements
When using our API in public-facing applications, we request the following attribution:
- Include "Powered by Pomelo" in your application or documentation.
- When possible, include a link to our website (https://pomeloapi.example.com).
Commercial Usage
Our API can be used for commercial purposes under the following conditions:
- You must have an active paid subscription for commercial usage.
- You are responsible for ensuring that your usage complies with all applicable laws and regulations.
- You may not resell or redistribute API access directly without prior written approval.
Changes to Policies
We may update these policies from time to time. Significant changes will be communicated through email notifications to all users and posted on our website at least 30 days before they take effect.
Questions?
If you have questions about our usage policies or need clarification, please contact our support team at support@pomeloapi.example.com.