Developers must be honest and accurate in their request and description of their application or service they are requesting access for. Developers need to provide clear information about the identity of the application or service and the requestor. Developers must accurately and thoroughly describe their application and services and how they will use and control data obtained through our APIs.
Use of APIs
Developers may only use the approved APIs to provide services directly to our customers. Developers are not allowed to build services on top of our APIs which are intended to re-create the functionality those APIs provide and offer them for use by other non-approved third parties.
Use of Data
Developers may only use the data available through our APIs to provide relevant, user-facing functionality aimed at improving or augmenting the email, calendar and contact experience through the approved application. For example, using the data for the user-facing functionality to provide consumer benefits of flight or expense tracking is permitted. Developers may not transfer or sell the data to other third parties. In addition, the data may not be used to create audience or user targeting segments for advertising, profiling for content personalization, monetization, or email engagement tracking purposes or for other purposes not directly related to the user-facing functionality. Sharing data with third parties to provide the user facing functionality or sharing data created by such functionality with third parties for consumer research or other reasons is not permitted.
Developers’ privacy and security policies and all related in-product notifications need to be easily accessible to the user and accurate. Developers’ policies must disclose all manners in which the application or service is collecting and using data received from Yahoo, what data is collected and used and how users can control that access. In addition developers must comply with all applicable laws and regulations.
Developers’ application must be honest and transparent with users and provide the exact purpose for requiring access to Yahoo mail data. The application or service must notify users and collect consent for each use case requiring access.
Developers are required to demonstrate that their application and services meet minimum security standards to mitigate the risk of data breach and ensure the secure handling and storage of data obtained through Yahoo’s APIs.
Unless otherwise prohibited, Yahoo reserves the right to revoke access to the APIs at any time and to impose rate limiting if appropriate or necessary.