API使用条款 / API Terms of Use

文件层级声明：本API使用条款（MC-LEGAL-13）为合同文件体系的组成部分。对于企业API客户，如本文件与其他文件存在不一致之处，以下优先级规则适用：《企业主服务协议》（MC-LEGAL-11）优先于本文件；《数据处理协议》（MC-LEGAL-12）管辖个人数据处理事项；《隐私政策》（MC-LEGAL-02）管辖数据主体权利事项；《用户服务条款》（MC-LEGAL-01）管辖一般性服务条款事项。本文件中有关服务水平和支持响应时间的条款（第9条和第12条）应参照《服务水平协议》（MC-LEGAL-04）为准。

Document Hierarchy: These API Terms of Use (MC-LEGAL-13) form part of the wider contract suite. For enterprise API customers, where there is any inconsistency with other documents, the following precedence rules apply: the Enterprise Master Service Agreement (MC-LEGAL-11) prevails over this document; the Data Processing Agreement (MC-LEGAL-12) governs personal data processing matters; the Privacy Policy (MC-LEGAL-02) governs data subject rights; and the Terms of Service (MC-LEGAL-01) governs general service terms. Provisions in this document regarding service levels and support response times (Articles 9 and 12) should be read subject to the Service Level Agreement (MC-LEGAL-04).

第一条Article 1

概述与接受Overview & Acceptance

重要提示Important Notice

API访问仅限于 MiningClawd Enterprise 计划用户。本条款与主要《用户服务条款》（MC-LEGAL-01）共同约束 API 的使用。

API access is restricted to MiningClawd Enterprise plan users. These Terms, together with the principal Terms of Service (MC-LEGAL-01), govern all API usage.

1.1 适用范围 / 1.1 Scope of Application

本条款规定了访问和使用 MiningClawd API 的权利、义务和限制。任何通过 API 进行数据交互的行为均视为接受本条款。

These Terms set forth your rights, obligations and restrictions regarding access to and use of the MiningClawd API. Any interaction with the API constitutes acceptance of these Terms.

1.2 Enterprise 计划要求 / 1.2 Enterprise Plan Requirement

API 访问权限仅向订阅 MiningClawd Enterprise 或更高级计划的用户开放。免费版和标准版用户不得访问 API 功能。

API access is exclusively available to users subscribed to MiningClawd Enterprise or higher-tier plans. Free and Standard users are not permitted to access API functionality.

1.3 API密钥接受 / 1.3 Acceptance by API Key Use

用户通过获取和使用 API 密钥，明确同意受本条款约束。不同意任何条款的用户应停止 API 访问并销毁其 API 密钥。

By obtaining and using an API key, you expressly agree to be bound by these Terms. Users who do not agree to any provision should cease API access and destroy their API credentials.

第二条Article 2

API密钥管理API Key Management

2.1 密钥颁发 / 2.1 Key Issuance

MiningClawd 通过用户控制面板（developers.miningclawd.com）为每个企业账号颁发 API 密钥。每个企业最多可持有 10 个有效密钥，用于不同的应用或集成场景。

MiningClawd issues API keys through the user control panel (developers.miningclawd.com) for each enterprise account. Each organisation may hold up to 10 active keys for different applications or integration scenarios.

2.2 密钥类型 / 2.2 Key Types

MiningClawd 提供三种类型的 API 密钥：

MiningClawd offers three types of API keys:

生产密钥（Production）：用于全面 API 访问，适用于生产环境，具有完整的读写权限。
Production Keys: Full API access for production environments with complete read-write permissions.
测试密钥（Staging）：用于测试和开发环境，功能与生产密钥相同但速率限制更低。
Staging Keys: For testing and development; same functionality as production keys but with lower rate limits.
只读密钥（Read-only）：仅允许 GET 请求，不允许数据修改，适用于受限集成场景。
Read-only Keys: Restrict access to GET requests only; no modification permissions; suitable for restricted integration scenarios.

2.3 安全义务 / 2.3 Security Obligations

用户应承担以下安全责任：

You must adhere to the following security obligations:

密钥需静态加密存储（AES-256 或等效方式），不得在客户端或前端代码中暴露
Keys must be stored encrypted at rest (AES-256 or equivalent); never expose keys in client-side or frontend code
不得向第三方或未授权人员共享密钥
Do not share keys with third parties or unauthorised personnel
每90天强制轮转密钥一次（生产密钥）；测试密钥每60天轮转一次
Rotate production keys every 90 days; staging keys every 60 days
使用安全传输协议（HTTPS）进行所有 API 调用
Use secure transport (HTTPS) for all API calls
发现密钥泄露或被盗时立即通知 MiningClawd，我们将立即撤销该密钥
Immediately notify MiningClawd of any key compromise or theft; we will revoke keys immediately

2.4 一应一密钥 / 2.4 One Key Per Application

每个应用程序或集成应使用唯一的专属 API 密钥。禁止在多个应用之间重用同一密钥。如需多个密钥，应在控制面板中创建新的密钥并分配给相应应用。

Each application or integration must use a unique, dedicated API key. Reusing a single key across multiple applications is prohibited. Create separate keys in the control panel for different applications.

2.5 密钥撤销与停用 / 2.5 Key Revocation & Disablement

用户可随时在控制面板中禁用或撤销密钥。MiningClawd 保留权利在以下情况下立即撤销密钥：滥用、违规使用、超配额、或安全风险。

You may disable or revoke keys at any time through the control panel. MiningClawd reserves the right to immediately revoke keys in cases of abuse, violations, quota exceedance, or security threats.

第三条Article 3

速率限制与配额Rate Limits & Quotas

MiningClawd 对 API 请求实施分级速率限制以保护系统稳定性。超限请求将收到 HTTP 429 响应。

MiningClawd enforces tiered rate limits on API requests to protect system stability. Requests exceeding limits will receive HTTP 429 responses.

3.1 速率限制表 / 3.1 Rate Limits Table

计划 Plan	每分钟请求数 Requests/Min	每天请求数 Requests/Day	突发额度（30秒） Burst (30s)
Enterprise Standard Enterprise Standard	1,000	100,000	2,000
Enterprise Premium Enterprise Premium	5,000	500,000	10,000

3.2 突发处理 / 3.2 Burst Allowance

每个计划允许短时突发，突发额度为标准限制的 2 倍，持续不超过 30 秒。超过突发额度后，系统将进行速率限制。

Each plan permits short bursts at 2x the standard limit for up to 30 seconds. Requests exceeding burst capacity will be rate-limited thereafter.

3.3 配额重置 / 3.3 Quota Reset

日配额（每天请求数）在每日 00:00 AEST（澳大利亚东部标准时间）重置。分钟级限制每分钟滚动重置。

Daily quotas reset at 00:00 AEST (Australian Eastern Standard Time) each day. Per-minute limits are calculated on a rolling window basis.

3.4 HTTP 429 响应处理 / 3.4 HTTP 429 Response Handling

收到 HTTP 429（Too Many Requests）响应时，应使用指数退避策略重试：第1次重试等待 2 秒，第2次等待 4 秒，第3次等待 8 秒。连续失败超过 5 次时停止重试。

Upon receiving HTTP 429 (Too Many Requests), implement exponential backoff: retry #1 after 2 seconds, #2 after 4 seconds, #3 after 8 seconds. Stop retrying after 5 consecutive failures.

3.5 速率限制超额处理 / 3.5 Rate Limit Escalation Policy

超出速率限制的处理流程:(a)首次超限:自动降速(请求延迟50%),持续至当前计费周期结束;(b)连续3个计费周期超限:API密钥暂停,需联系客服升级套餐或申诉;(c)恶意超限(如DDoS):API密钥立即撤销,账号审查;(d)企业客户可申请自定义速率限制(需单独协商)。所有速率限制事件通过注册邮箱和API Dashboard通知。

Rate limit excess handling: (a) First excess: automatic throttle (50% request delay) until current billing cycle end; (b) 3 consecutive billing cycles excess: API key suspended, must contact support to upgrade or appeal; (c) Malicious excess (e.g. DDoS): API key immediately revoked, account review; (d) Enterprise clients may request custom rate limits (separately negotiated). All rate limit events notified via registered email and API Dashboard.

第四条Article 4

可用端点Available Endpoints

以下列表为 MiningClawd API 当前提供的主要端点和功能。所有端点均遵循 RESTful 架构，采用 JSON 数据格式。

Below are the primary API endpoints and features currently provided by MiningClawd. All endpoints follow RESTful architecture and use JSON data format.

端点 Endpoint	功能 Purpose	返回数据 Returns
/v1/companies	全球矿业公司数据库查询 Global mining company database queries	公司详情、财务数据、管理层信息 Company profiles, financial data, management info
/v1/reports	矿业情报报告检索 Mining intelligence report retrieval	报告元数据、内容摘要、下载链接 Report metadata, summaries, download links
/v1/agents	AI 智能代理交互（Lobby、Crabby、Pincer、Clawdia） AI Agent interactions (Lobby, Crabby, Pincer, Clawdia)	AI 生成回复、分析结果、对话历史 AI-generated responses, analysis results, chat history
/v1/drilling	3D 钻探数据可视化与分析 3D drilling data visualization and analytics	钻孔坐标、岩芯数据、地质分析 Borehole coordinates, assay data, geological analysis
/v1/market	实时矿产品市场数据流 Real-time commodity market data feeds	价格、成交量、历史趋势、预报 Prices, volumes, historical trends, forecasts
/v1/exports	数据导出与批量下载 Data export and batch downloads	CSV、Excel、JSON 格式导出 CSV, Excel, JSON export formats

4.1 API 版本控制 / 4.1 API Versioning

MiningClawd 采用版本化 API（v1、v2...）。对旧版本的弃用将提前 12 个月通知，给予用户充足的迁移时间。

MiningClawd uses versioned APIs (v1, v2...). Deprecation of older versions will be announced 12 months in advance to allow adequate migration time.

第五条Article 5

数据使用限制Data Use Restrictions

禁止行为Prohibited Conduct

通过 API 获取的数据仅供授权用户在其组织内部使用。禁止转售、再分发或用于构建竞争产品。

Data obtained via API is for authorised use within your organisation only. Redistribution, resale, or competitive product development is strictly prohibited.

5.1 转售与再分发禁止 / 5.1 Prohibition on Resale & Redistribution

您不得向第三方转售或商业化分发通过 API 获取的任何原始数据。这包括通过网站、应用、或其他服务出售数据库内容。

You may not resell or commercially distribute any raw data obtained via the API to third parties. This includes selling database content through websites, apps, or other services.

5.2 竞争产品开发禁止 / 5.2 Competitive Product Development Prohibited

禁止使用 API 数据构建、开发或维护与 MiningClawd 功能相同或类似的竞争性数据产品或服务。

You may not use API data to develop, build or maintain competing data products or services that replicate or substitute MiningClawd functionality.

5.3 数据缓存 / 5.3 Data Caching

数据可在本地缓存，但需遵循以下限制：

Data may be cached locally, subject to these limits:

市场数据（/v1/market）：最多缓存 24 小时
Market data (/v1/market): max 24-hour cache
情报报告（/v1/reports）：最多缓存 7 天
Intelligence reports (/v1/reports): max 7-day cache
公司数据库（/v1/companies）：最多缓存 30 天
Company database (/v1/companies): max 30-day cache
钻探数据（/v1/drilling）：最多缓存 14 天
Drilling data (/v1/drilling): max 14-day cache

缓存需清晰标注时间戳，用户应定期刷新以获取最新数据。

Cached data must be clearly timestamped. You should refresh regularly to obtain the latest data.

5.4 署名要求 / 5.4 Attribution Requirements

除非另有协议明确授权（如《企业主服务协议》或《矿业数据授权协议》中的特定许可），通过 API 获取的数据仅限用户内部使用，不得公开展示、再分发或商业转售。如用户已获得公开使用的明确授权，则在任何公开展示或报告中使用 API 数据时，必须清晰注明数据来源为「MiningClawd」或「来自 MiningClawd API」。

Unless expressly authorised by another agreement (such as specific permissions under the Enterprise Master Service Agreement or the Mining Data Licence Agreement), data obtained via the API is for the user's internal use only and must not be publicly displayed, redistributed or commercially resold. Where the user has obtained express authorisation for public use, any public display or report using API data must clearly attribute the source as "MiningClawd" or "via MiningClawd API".

5.5 自动化交易禁止 / 5.5 Automated Trading Prohibition

禁止基于 API 数据进行任何自动化交易、交易机器人、或高频交易。API 数据不可作为交易决策的唯一依据。

Automated trading, trading bots, or algorithmic trading based solely on API data is prohibited. API data cannot be the sole basis for trading decisions.

第六条Article 6

AI Agent API 特别条款AI Agent API Special Terms

AI Agent API (/v1/agents) 允许与 MiningClawd 的四个智能代理交互：Lobby（决策助手）、Crabby（技术分析）、Pincer（风险评估）、Clawdia（合规顾问）。

The AI Agent API (/v1/agents) enables interaction with four MiningClawd intelligences: Lobby (Decision Support), Crabby (Technical Analysis), Pincer (Risk Assessment), Clawdia (Compliance Advisory).

6.1 无状态交互（默认） / 6.1 Stateless Interactions (Default)

默认情况下，AI Agent 交互是无状态的。每个请求独立处理，不保留对话历史。用户每次调用需重新提供完整上下文。

By default, AI Agent interactions are stateless. Each request is processed independently without conversation history. Provide full context with each request.

6.2 会话管理 / 6.2 Session Management

用户可选择启用会话模式，保持多轮对话。每个会话 ID 的有效期为 1 小时（不活跃）。会话数据在后端加密存储，用户可随时删除会话。

Users may optionally enable session mode to maintain multi-turn conversations. Each session ID expires after 1 hour of inactivity. Session data is encrypted at rest; users may delete sessions anytime.

6.3 Token 限制 / 6.3 Token Limits Per Request

每个请求的 token 限制如下：

Token limits per request are as follows:

输入上限：8,000 token（约 6,000 个英文词或 2,000 个中文字）
Input limit: 8,000 tokens (~6,000 English words or 2,000 Chinese characters)
输出上限：4,000 token
Output limit: 4,000 tokens
会话历史总计：最多保留前 10 轮对话（约 50,000 token）
Session history: max 10 previous exchanges (~50,000 tokens total)

6.4 内容审核义务 / 6.4 Content Moderation Obligations

用户需对发送给 AI Agent 的输入进行筛选，确保不包含：

You must filter inputs sent to AI Agents to exclude:

仇恨言论、歧视内容或骚扰信息
Hate speech, discriminatory content, or harassment
非法活动相关的请求或指示
Requests related to illegal activities or instructions
欺骗性或误导性投资信息
Deceptive or misleading investment information
商业秘密或敏感信息。对于个人数据：非企业用户不得向AI Agent输入个人数据；企业用户如需向AI端点提交个人数据，须确保已签署《数据处理协议》（MC-LEGAL-12），且相关数据处理符合该协议约定的控制者/处理者架构
Trade secrets or sensitive information. Regarding personal data: non-enterprise users must not submit personal data to AI Agent inputs; enterprise users who need to submit personal data to the AI endpoint must ensure a Data Processing Agreement (MC-LEGAL-12) is in place and that the relevant processing complies with the controller/processor framework set out therein

6.5 输出免责 / 6.5 Output Disclaimer

AI Agent 生成的回复不构成专业的财务、法律或投资建议。用户不得将 AI 输出表述为人类专家的意见或建议。

AI Agent outputs do not constitute professional financial, legal or investment advice. You may not represent AI outputs as originating from human experts or professionals.

6.6 日志与审计 / 6.6 Logging & Audit Trail

所有 AI Agent 交互（包括输入、输出、元数据）将被记录用于质量改进、安全监控和合规审计。用户可通过控制面板查阅自己的交互日志。

All AI Agent interactions (inputs, outputs, metadata) are logged for quality improvement, security monitoring and compliance audits. You may review your interaction logs via the control panel.

6.7 AI Agent 自主模式条款 / 6.7 AI Agent Autonomous Mode Terms

自主模式特别警告Autonomous Mode Special Warning

通过API调用AI Agent自主模式时:(a)用户对Agent自主执行的所有操作(包括发送邮件、数据导出、报告生成)承担完全法律责任;(b)自主模式下的对外通信(如Clawdia Agent发送的邮件)须预先批准消息模板;(c)Agent记录自主模式下的所有操作日志,保留90天;(d)建议对高风险操作(金额>A$10,000的数据交易、对外公开通信)保持人工审批环节;(e)MiningClawd不对自主模式下Agent输出的准确性或操作后果承担责任。

When invoking AI Agent Autonomous Mode via API: (a) User bears full legal responsibility for all operations autonomously performed by Agents (including sending emails, data exports, report generation); (b) Outbound communications in autonomous mode (e.g. emails sent by Clawdia Agent) require pre-approved message templates; (c) Agent logs all autonomous mode operations, retained for 90 days; (d) Human approval checkpoints recommended for high-risk operations (data transactions >A$10,000, outbound public communications); (e) MiningClawd accepts no liability for accuracy of Agent outputs or consequences of operations in autonomous mode.

第七条Article 7

Webhook 与集成Webhooks & Integrations

7.1 Webhook 端点要求 / 7.1 Webhook Endpoint Requirements

如使用 Webhook 功能，用户需提供符合以下要求的 Webhook 端点：

If using Webhooks, you must provide endpoints that meet these requirements:

必须通过 HTTPS 加密传输（TLS 1.2+）
Must use HTTPS encryption (TLS 1.2+)
必须在 5 秒内返回 HTTP 2xx 状态码
Must return HTTP 2xx status within 5 seconds
不得重定向（3xx 响应）或返回身份验证错误（4xx）
Must not redirect (3xx) or return authentication errors (4xx)
应记录所有接收到的 Webhook 事件用于审计
Should log all received webhook events for audit purposes

7.2 重试策略 / 7.2 Retry Policy

若 Webhook 端点未能及时返回响应，MiningClawd 将进行重试：

If your webhook endpoint fails to respond, MiningClawd will retry:

第 1 次重试：5 秒后
Retry #1: after 5 seconds
第 2 次重试：30 秒后
Retry #2: after 30 seconds
第 3 次重试：5 分钟后
Retry #3: after 5 minutes

3 次重试均失败后，事件将标记为已死信（Dead Letter Queue）。用户可通过控制面板查询失败的 Webhook。

After 3 failed attempts, the event enters Dead Letter Queue (DLQ). You can review failed webhooks in the control panel.

7.3 签名验证（HMAC-SHA256） / 7.3 Signature Verification (HMAC-SHA256)

每个 Webhook 请求都包含 X-MiningClawd-Signature 请求头，使用 HMAC-SHA256 算法和您的 Webhook Secret 生成。建议验证签名以确保请求来自 MiningClawd。

Each webhook includes an X-MiningClawd-Signature header computed via HMAC-SHA256 using your Webhook Secret. We recommend verifying this signature to ensure authenticity.

7.4 事件类型表 / 7.4 Event Types Table

事件类型 Event Type	触发条件 Triggered When	数据 Data Payload
report.published	新报告发布 New report published	报告ID、标题、分类、发布时间 Report ID, title, category, timestamp
market.update	市场数据更新 Market data updated	商品代码、价格、变化幅度、时间 Commodity code, price, change %, timestamp
company.update	公司信息更新 Company profile updated	公司ID、更新字段、新值、更新者 Company ID, updated fields, new values, editor
quota.warning	接近配额限制 Approaching quota limit	已用配额百分比、剩余请求数、重置时间 Quota % used, remaining requests, reset time

第八条Article 8

安全要求Security Requirements

8.1 TLS 加密传输 / 8.1 TLS Encryption

所有 API 调用必须通过 TLS 1.2 或更高版本进行加密。不接受明文 HTTP 请求。

All API calls must be encrypted via TLS 1.2 or higher. Plaintext HTTP requests are not accepted.

8.2 IP 地址白名单（Enterprise Premium 专用） / 8.2 IP Allowlisting (Enterprise Premium)

Enterprise Premium 用户可配置 IP 地址白名单，只允许指定 IP 地址范围访问 API。此功能可在控制面板中启用。

Enterprise Premium users may configure IP allowlists to restrict API access to specified IP ranges. Enable this feature in the control panel.

8.3 OAuth 2.0 认证（用户委托访问） / 8.3 OAuth 2.0 for User-Delegated Access

如需代表最终用户访问 API，应使用 OAuth 2.0 授权流程而非直接共享 API 密钥。此方式更安全且易于撤销权限。

For accessing APIs on behalf of end users, use OAuth 2.0 authorisation flows rather than sharing keys directly. This provides better security and granular permission control.

8.4 禁止凭证共享 / 8.4 Prohibition on Credential Sharing

严禁与未授权第三方共享 API 密钥、OAuth token 或任何认证凭证。每个应用应使用专属凭证。

Never share API keys, OAuth tokens, or authentication credentials with unauthorised third parties. Each application must use dedicated credentials.

8.5 漏洞披露政策 / 8.5 Vulnerability Disclosure Policy

如发现 API 或平台中的安全漏洞，请立即通知 info@lynaimining.com。请勿公开披露漏洞或将其用于恶意目的。MiningClawd 将在 90 天内确认并修复已知漏洞。

If you discover a security vulnerability in the API or platform, notify info@lynaimining.com immediately. Do not disclose vulnerabilities publicly or use them maliciously. MiningClawd will confirm and remediate known vulnerabilities within 90 days.

第九条Article 9

SLA与支持API SLA & Support

9.1 API 可用性 SLA / 9.1 API Availability SLA

MiningClawd 承诺 API 服务 99.9% 的可用性（每月最多允许 43.2 分钟停机时间）。停机时间不包括计划内维护、用户误操作或第三方服务故障。详见《SLA 协议》（MC-LEGAL-05）。

MiningClawd commits to 99.9% uptime for API services (max 43.2 minutes downtime per month). Excludes planned maintenance, user errors and third-party failures. See SLA Agreement (MC-LEGAL-05) for details.

9.2 专属 API 支持渠道 / 9.2 Dedicated API Support Channel

Enterprise 用户可通过专属渠道获得 API 技术支持，包括：

Enterprise users receive dedicated API support including:

专属 Slack 频道（Enterprise Premium 用户）
Dedicated Slack channel (Enterprise Premium)
邮件支持：api-info@lynaimining.com
Email support: api-info@lynaimining.com
开发者社区论坛：dev.miningclawd.com/community
Developer community forum: dev.miningclawd.com/community

9.3 支持响应时间 / 9.3 Support Response Times

严重级别 Severity	描述 Description	响应时间 Response Time
P1 - 严重 P1 - Critical	API 完全不可用或数据严重错误 API completely down or data corruption	1 小时 / 1 hour
P2 - 高 P2 - High	某端点无法访问或功能严重受限 Some endpoints down or major functionality degraded	4 小时 / 4 hours
P3 - 中 P3 - Medium	功能异常但可用替代方案 Feature malfunction but workarounds available	12 小时 / 12 hours
P4 - 低 P4 - Low	问询、建议或文档请求 General questions or documentation requests	24-48 小时 / 24-48 hours

9.4 API 状态端点 / 9.4 API Status Endpoint

用户可通过 api.miningclawd.com/health 实时查询 API 各端点的状态。此端点每 30 秒更新一次。

Check API status in real-time at api.miningclawd.com/health. Updates every 30 seconds.

第十条Article 10

变更与弃用Changes & Deprecation

10.1 突破性变更通知 / 10.1 Breaking Changes Notice

任何破坏向后兼容性的 API 变更将提前至少 12 个月通知所有受影响的用户，包括：

Breaking changes to API will be announced at least 12 months before, including:

端点 URL 变更或删除
Endpoint URL changes or removal
请求/响应格式变更
Request/response format changes
身份验证方式变更
Authentication method changes
强制性参数添加或删除
Required parameter additions or removals

10.2 端点弃用通知 / 10.2 Endpoint Deprecation Notice

弃用端点将遵循以下时间表：

Deprecated endpoints follow this timeline:

第 1-6 个月：标记为"已弃用"，功能仍完全可用
Months 1-6: Marked deprecated, fully functional
第 7-12 个月：继续可用，所有新应用应使用替代端点
Months 7-12: Available, new apps should use replacement
第 13 个月之后：完全删除
Month 13+: Completely removed

10.3 变更日志 / 10.3 Changelog

API 的所有变更、新功能和已知问题都公布在 api.miningclawd.com/changelog 上，用户应定期查阅。

All API changes, new features and known issues are published at api.miningclawd.com/changelog. Check regularly for updates.

10.4 迁移支持 / 10.4 Migration Support

MiningClawd 为弃用端点的迁移提供技术支持，包括代码示例、文档和咨询。用户可通过 api-info@lynaimining.com 申请迁移协助。

MiningClawd provides migration support for deprecated endpoints, including code examples, documentation and technical guidance. Request migration assistance at api-info@lynaimining.com.

第十一条Article 11

终止与暂停Termination & Suspension

11.1 即时暂停（滥用情况） / 11.1 Immediate Suspension (Abuse)

MiningClawd 保留权利立即暂停或撤销 API 访问，如发现以下情况：

MiningClawd reserves the right to immediately suspend API access if we detect:

持续超过配额限制或滥用 API 服务
Persistent quota violations or API abuse
转售或再分发 API 数据
Resale or redistribution of API data
数据泄露或安全违规
Data breaches or security violations
违反《可接受使用政策》（MC-LEGAL-06）
Violation of Acceptable Use Policy (MC-LEGAL-06)
恶意扫描、DDoS 攻击或渗透测试
Malicious scanning, DDoS attacks or unauthorized testing

11.2 速率限制违规后果 / 11.2 Rate Limit Violation Consequences

根据违规频率，后果如下：

Consequences depend on violation frequency:

首次违规：警告 + 48 小时 API 限流（速率减半）
First violation: Warning + 48-hour rate reduction (50%)
第二次违规：7 天 API 访问暂停
Second violation: 7-day suspension
第三次违规及以后：永久撤销 API 访问权限
Third+ violations: Permanent revocation

11.3 数据保留期限 / 11.3 Data Retention After Termination

API 访问被终止或撤销后：

After API access is terminated or revoked:

API 日志和交互记录将保留 90 天用于合规审计
API logs and interaction records retained for 90 days for compliance
Webhook 配置和会话数据立即删除
Webhook configurations and session data deleted immediately
自动备份将在 30 天后清除
Automatic backups purged after 30 days

11.4 API 密钥撤销程序 / 11.4 API Key Revocation Procedures

MiningClawd 撤销 API 密钥时，将以以下方式进行：

When MiningClawd revokes API keys, we will:

立即发送邮件通知主要账户所有者
Send immediate email notification to primary account owner
撤销前 24 小时在控制面板显示警告（如非安全违规）
Display warning in control panel 24 hours before revocation (non-security cases)
安全违规情况下立即撤销，不提前通知
Revoke immediately without notice in security breach cases
提供 30 天的数据导出窗口（除非被永久禁用）
Provide 30-day window to export data (unless permanently disabled)

第十二条Article 12

API服务等级承诺API Service Level Commitment

指标 Metric	Professional API Professional API	Enterprise API Enterprise API
可用率 Availability	99.5%月度 / 99.5% monthly 99.5% monthly	99.9%月度 / 99.9% monthly 99.9% monthly
响应延迟 Latency	<500ms (p95) <500ms (p95)	<200ms (p95) <200ms (p95)
事故首次响应 Incident Response	4小时 / 4 hours 4 hours	15分钟 / 15 min 15 min
维护通知 Maintenance Notice	7天 / 7 days 7 days	14天 / 14 days 14 days

API SLA积分参照《服务等级协议》(MC-LEGAL-05)执行。API数据在终止后30天内清除;用户负责备份。归档日志保留3年以满足合规要求。

API SLA credits follow the Service Level Agreement (MC-LEGAL-05). API data purged within 30 days of termination; User responsible for backups. Archived logs retained 3 years for compliance.

第十三条Article 13

联系方式Contact Information

事项 Matter	联系方式 Contact	说明 Notes
API 技术支持 API technical support	api-info@lynaimining.com	故障排除、集成协助、错误报告 Troubleshooting, integration help, bug reports
API 产品反馈 API product feedback	info@lynaimining.com	功能请求、改进建议、设计反馈 Feature requests, improvements, design feedback
安全问题 Security issues	info@lynaimining.com	漏洞报告、安全事件、密钥泄露 Vulnerability reports, security incidents, key compromise
法律/合规 Legal / Compliance	info@lynaimining.com	条款解释、合规审计、法律事务 Terms interpretation, compliance audits, legal matters
开发者门户 Developer portal	developers.miningclawd.com	API 文档、SDK、控制面板、API 密钥管理 API docs, SDKs, control panel, key management
API 状态页面 API status page	status.miningclawd.com	实时状态、事件历史、维护通知 Real-time status, incident history, maintenance notices
API 变更日志 API changelog	api.miningclawd.com/changelog	版本历史、新功能、已知问题 Version history, new features, known issues

13.1 邮寄地址 / 13.1 Postal Address

Geovision AI Mining Pty Ltd
Level 10, 123 Collins Street
Melbourne VIC 3000
Australia
ABN: 27 687 204 799