The terms and expressions which first letter is a capital one (used either as singular or plural) have the meaning defined in this article:
“Account” means the account that needs to create a User to use the APIs. The term includes the Users’ accounts as well as the accounts of End-users duly authorized by the Users;
“Application Programming Interface” or “APIs” means the Application Programming Interfaces created by the BIC that allow interactions between the Users’ IT systems and the Databases;
“BIC Code” means the unique identifier provided by the BIC for each Owner, in accordance with international standard ISO 6346;
“BIC Code Database” means the database created by the BIC and accessible from the BIC’s website (https://www.bic-code.org/) that contains the following information: BIC Codes, Owners’ name, Owners’ location, Owners’ contact details;
“BIC Facility Code” or “BIC LoCode” means the unique 9-character code used to identify container facilities (typically for use in EDI or other electronic container status messages). Originally created under international standard 9897, it is now a child code of the UNLOCODE.
“BIC Facility Code Database” means the database created by the BIC and accessible from the BIC’s website (https://www.bic-code.org/) that contains the following information: BIC Facility Codes, Facilities’ name, Owners’ name, Facilities’ location, Facilities’ Geofence.
“Container” means all freight containers covered by ISO and non-ISO standards as well as container accessories and container carrying chassis;
“Container Data” means all the data contained in the Global Container Database. These data are, in a non-exhaustive way: Container’s operational number, tare weight, size and type, maximum gross mass, payload, stacking mass, manufacturer ID number and/or other details or messages such as “Notice of Sale”, “Recovery Alerts”, “Exception Alerts” or any other Container information, including information related to ownership interests, lease interests and security interests;
“Databases” means together the BIC Code Database, the BIC Facility Code Database and the Global Container Database;
“End-users” means the employees or consultants of the User or any person under its responsibility authorised to access the APIs;
“Facility” means a sea or inland terminal or depot where full or empty Containers are stored, repaired or handled;
“Geofence” means the geographical perimeter of a Facility composed with a set of latitude and longitude coordinates and precisely located on a map;
“Global Container Database” means the database created by the BIC and accessible from the BoxTech website (https://www.bic-boxtech.org/) , that contains all the Container data that is uploaded by the Owners;
“Owner” means a legal person that is the owner of a Container, the beneficiary of a lease or the operator of a Container provided such person exercises, similarly as the actual owner, an exclusive and total control over the Container, as well as the owner of one or several Facilities;
“User” means any user of the APIs whether this user is shipper, carrier, terminal or any other participant of the Container transportation industry.
In order to allow easier access to the Databases, the BIC has created Application Programming Interfaces which allow interactions between the User’s IT systems and the Databases.
3. Access to the APIs
Access to the APIs requires the creation of an Account and the User is required to provide certain information (such as identification or contact details) as part of the registration process for the APIs.
Any registration information given to the BIC shall always be accurate and up to date and the User must promptly inform the BIC of any updates.
The natural person that fills out the form to create an Account warrants that they have the legal capacity and the necessary rights to create an Account on behalf of the company represents and that they have been duly authorized to do so.
After the completion of the sign-up form, the User will then be granted user ID and passwords for its End-users to access the APIs.
The User will be given all applicable user ID passwords to use in connection with the APIs and will ensure that each one of its End-user is given their own individual user ID and password, which may not be shared with another individual or legal entity for any reason.
The User will be responsible for changing such passwords immediately upon first use of the APIs and is entirely responsible for maintaining the confidentiality of such passwords and of its Account.
The User is responsible for the use of user ID and passwords by its End-users and shall ensure that they are not shared with non-authorised users.
The BIC is not responsible for any unauthorised access and/or use by any third party who independently gains access to the User’s Account.
The User will notify the BIC promptly of any unauthorised use or of any other breach of security occurring because of any activities of the User’s End-users or of any vulnerabilities so that the BIC may take or recommend appropriate remedial measures.
4. License over the APIs
5. Purposes of the APIs
The APIs enable the User to access the Databases and facilitate the interactions between the User’s IT system and the Databases.
The User can access the APIs for its own business purposes.
In certain cases, the User can be authorized by the BIC to upload data to the APIs under certain conditions. In that case, such authorization shall be subject to a separate agreement between the BIC and the User.
6. APIs’ limitations
The BIC sets and enforces limits on the User’s use of the APIs.
For instance, the BIC reserves the right to limit the number and type of allowable queries per User and per day or per month to ensure system stability and to avoid misuse.
The BIC shall indicate such limitations to the User, upon its request.
The User shall not attempt to circumvent such limitations.
If the User wishes to use the APIs beyond these limits (e.g. to make queries exceeding the limits set by the BIC), the User shall contact the BIC to obtain its express consent.
7. APIs prohibitions
The User shall not and, as the case may be, shall ensure that its End-users will not:
(i) use the APIs in a way that could impair, harm or damage the APIs;
(ii) sublicense, resell, lease, or rent the APIs (or any part thereof) or any other associated products and services to any third party;
(iii) scrape, build databases or otherwise create copies of any data accessed or obtained using the APIs;
(iv) alter, distort, or remove any confidential, proprietary, copyright, trademark, trade secret, or patent legends from any copy of the APIs (or any part thereof);
(v) perform an action with the intent of introducing to the APIs any viruses, worms, defects, Trojan horses, malware or any items of a destructive nature;
(vi) defame, abuse, harass, stalk or threaten other Users or third-parties;
(vii) use the APIs to disrupt, interfere with, or attempt to gain unauthorized access to services, servers or network connected to or which can be accessed via the APIs;
(viii) decompile, reverse engineer or attempt to discover or reconstruct the source code of the APIs or any software related to the APIS, except to the extent permitted by Article L.122-6-1 to the French Intellectual Property Code;
(ix) use the APIs in a way that violates applicable law, whether or not the use causes harm to a User or a third-party;
(x) attempt to circumvent the APIs limitations that the BIC sets without the BIC’s express consent;
(xi) use the APIs to identify, exploit or publicly disclose any potential security vulnerabilities;
(xii) use the APIs in a way that could create an unreasonable risk to other Users from a security or privacy perspective.
8. Availability of the APIs
The BIC makes its best efforts to ensure that the APIs are accessible twenty-four hours a day (24 h/24), seven days a week (7 d/7).
The BIC does not guarantee any continuity of access to the APIs and reserves the right, without compensation, to temporary or permanently close access to the APIs, for maintenance purposes, at its own discretion. Except in case of emergency, the BIC will make reasonable efforts to give prior information to Users before any closure of the APIs.
The BIC may make any changes and improvements to the APIs deemed necessary.
9. The User’s undertakings
The User undertakes to implement all the necessary security measures to make sure its IT system does not compromise the APIs.
10. Intellectual property
The User acknowledges and accepts that the intellectual property rights of the APIs and the Databases, in their form, code and structure, as well as the content, are the exclusive property of the BIC, with the exception of those elements for which the BIC has obtained a license.
11. Personal data
The BIC undertakes to comply with the provisions of Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the “GDPR”) and the French Data Protection Act as amended.
In the context of the use of the APIs, the User may process personal data as a separate data controller and undertakes to comply with the abovementioned regulations.
In particular, as the case may be the User undertakes to:
(i) process the personal data of data subjects in a lawful, fair and transparent manner;
(ii) collect the personal data of data subjects for specified, explicit and legitimate purposes and not to process such data further in a manner incompatible with those purposes;
(iii) ensure that there is a legal basis for the processing of personal data that it implements;
(iv) collect data that is adequate, relevant, necessary for the purposes for which it is processed, maintain its accuracy and, if necessary, update it;
(v) to keep processed personal data in a form which permits identification of data subjects only for such time as is necessary for the purposes for which they are processed;
(vi) to process the personal data of data subjects in such a way as to ensure appropriate security of such data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organizational measures;
(vii) to comply with the obligation to provide information as set out in articles 13 and 14 of the GDPR to the relevant data subjects from whom the personal data are collected;
(viii) to comply, in writing, with requests to exercise the rights of the data subjects namely, the right of access, rectification, erasure and opposition, the right to limit processing, the right to data portability, the right not to be subject to an automated individual decision;
(ix) maintain a record of processing activities.
12. Warranties and liability
The User uses the APIs at their own risk. Under no circumstances will the BIC be held responsible for the use made of the APIs by the User, nor for any damage that may result for the User or for third parties, in particular for any virus or malicious software that may be transmitted to the User.
In this respect, the User is informed that, due to the intrinsic characteristics of the Internet, data transmitted via the APIs is not protected against the risks of detour and/or piracy, for which the BIC cannot be held responsible.
It is up to the User, if necessary, to take all necessary measures to protect its IT system.
The BIC makes no warranty that the APIs will meet the User’s requirements. The BIC makes no warranty regarding the advice, results or information obtained by the User through the APIs.
The information contained in the Databases available through the APIs comes directly from the information and documents transmitted by the Owners or by third parties, the BIC has no control over its accuracy or veracity.
Under no circumstances will the BIC be liable for any inaccurate or erroneous information contained in the Databases, regardless of whether such information has caused injury to a User or a third party.
It is the User’s responsibility to verify the information contained in the Databases available through the APIs.
In any case, the total cumulative liability of the BIC all damages combined and for any reason whatsoever, may not exceed the amount of one thousand (1000) euros.
In the event that the User identifies any inaccurate or erroneous information available through the APIs the User shall immediately notify the BIC of such information by sending an e-mail to the following address: [email protected]
The BIC will use its best efforts to update such information.
In the event that the information is found to be inaccurate but updating it would require disproportionate effort or turn out to be impossible, the BIC will remove the information in question.
The BIC and the User agree to maintain and update an industry standard anti-virus program within their respective IT systems and to use commercially reasonable efforts to check attachments to e-mail messages or any other files that a party receives before saving such attachments to their respective organization’s hard drives or servers.
The User shall be fully responsible for any damage caused to the Databases or the BIC’s IT system because of any viruses, Trojan horse, logical bomb, worm or any other code or instruction affecting a program, software, data, file, database, computer or other equipment or element of the BIC because of the connexion between the BIC’s IT system and the User’s IT System through the APIs.
The User undertakes that its network, operating system, servers, databases, computer systems are properly configured to use the APIs.
The User undertakes to respond to any question by the BIC about the security measures it implements concerning its IT system.
The User acknowledges that it has a process to respond to any vulnerabilities related to its IT system, and in the case of any vulnerabilities related to its connection to the APIs discovered by the User or reported to the User by a third party, the User agrees to provide the BIC with the vulnerability details.
In the event of a security breach resulting from any aspect of the APIs involving the User’s IT system or any data collected through its IT system, the User shall promptly contact the BIC and provide details of the security breach.
In that case, the User agrees to refrain from making public statements without the prior express consent of the BIC as it relates to the BIC’s APIs.
If the User gives feedback about the APIs to the BIC, the User gives to the BIC, without charge, the right to use and share the feedback in any way and for any purpose.
The User will not give feedback that is subject to any license.
The User may be given access to certain non-public information, software, and specifications relating to the APIs (“Confidential Information”), which is confidential and proprietary to the BIC.
The User may not disclose any Confidential Information to any third party without the BIC’s prior written consent.
The User agrees that it will protect any Confidential Information from unauthorized use, access, or disclosure in the same manner that it would use to protect its own confidential and proprietary information.
17.1 Termination by the BIC
(ii) the APIs are used by the User for illicit purposes or to conduct an activity that is illegal whether or not this activity causes damages to the BIC or to a third party.
17.2 Termination by the User
Termination may be requested by the User by requesting the deletion of its Account by the BIC by sending a mail to [email protected]
The User shall be under no obligation to provide any justification.
17.3 Consequences of the termination
The deletion of the User’s Account results in the removal of the user rights of its End-users.
The fact that either party does not exercise any of its rights hereunder shall not constitute a renunciation by it of its exercise, such renunciation being subject only to an express declaration by the party concerned.
The provision considered invalid shall be replaced by a provision whose meaning, and scope shall be as close as possible to the provision thus invalidated, while remaining in accordance with the applicable laws and the common intention of the parties.
19. Force majeure
Neither the User nor the BIC shall be held liable if the performance of its obligations is delayed, restricted or made impossible due to the occurrence of an event of Force Majeure as defined by article 1218 of the French Civil Code and by French case law.
In the event of the occurrence of a Force Majeure, the performance of the obligations of the User or the BIC shall be suspended. If the Force Majeure continues for more than one (1) month, the Terms and Conditions may be terminated at the request of the most diligent party without any liability on the part of one party to the other. Each party shall bear the cost of all costs incumbent upon it as a result of the occurrence of Force Majeure.
20. Applicable law and jurisdiction
Updated: 14 November 2023