BN Digital – API & Third-Party Integration Scope Summary
Purpose
Defines BN Digital’s standard scope, responsibilities, and limitations for API and third‑party integrations on hourly or budget‑capped engagements.
Client Responsibilities
Clients are solely responsible for:
- Creating and maintaining accounts with third‑party services
- Completing all required verifications
- Configuring settings within third‑party platforms
- Providing BN Digital with valid, current, and authorised credentials
- Ensuring credentials and tokens remain active during the engagement
- Revoking BN Digital’s access to all third‑party systems after handover
BN Digital is not liable for delays, overruns, or failures caused by missing, incorrect, revoked, or misconfigured client‑managed credentials or settings.
Included Services (Default Scope)
- Code‑level integration using official third‑party documentation
- Test‑mode data transfer validation
- Secret management aligned with the project’s system standards
Deliverable: a codebase that enables data transfer between the client’s system and external services (e.g., Stripe, Mailgun, Mailchimp, other third‑party APIs).
Excluded Services (Unless Agreed in Writing)
- Researching or selecting third‑party systems; configuration consulting
- Requirements documentation, manuals, or instructional guides
- Ongoing operation, monitoring, or maintenance after handover
- Production‑environment validation beyond test mode
- Updates required due to third‑party API changes after handover
- Debugging or fixes caused by client‑side configuration errors
Acceptance
Work is deemed accepted and complete when:
- BN Digital delivers the integration codebase, and
- Test‑mode validation is successful,
unless the client submits specific, documented objections in writing within 5 business days of delivery. Silence or continued use of the integration equals acceptance.
Credential & Security Handling
- BN Digital uses client‑provided credentials only for the engagement and in line with its security standards.
- Credentials are not retained beyond project handover.
BN Digital is not liable for security incidents arising from:
- Credentials shared insecurely by the client
- Compromised third‑party platforms
- Client failure to rotate or revoke credentials after handover
Third‑Party API Changes
Third‑party providers may change, deprecate, or discontinue APIs without notice. BN Digital is not responsible for failures caused by such changes after handover.
Any remediation due to post‑handover API changes is out of scope and will be estimated and billed separately.
Disclaimers
After handover, the client is solely responsible for operating and managing all external systems.
BN Digital does not assume liability for:
- External system failures, outages, or downtime
- API changes by third‑party providers
- Pricing changes by third‑party services
- Operational restrictions, rate limits, or policy changes
- Data loss or corruption caused by third‑party platform failures
Limitation of Liability
