TDRTraining Data Registry

API Terms of Service

Version 1.0February 2026

The short version

These terms govern access to the Training Data Registry API. The API allows you to check whether content has been opted out of AI training. Keep your API key secure, do not share it, respect opt-out preferences you receive, and cache results only within the period permitted by your tier. These API terms supplement our general Terms of Service.

Definitions

  • "API" — the Training Data Registry application programming interface, accessible at https://trainingdataregistry.org/api/v1.
  • "API Consumer", "you" — the person or entity accessing the API under these terms.
  • "API Key" — the unique credential issued to you for authenticating API requests.
  • "Registry Data" — the opt-out preferences, URLs, verification statuses, timestamps, and associated metadata made available through the API.
  • "TDR", "we", "us" — Daniel Gage, trading as Training Data Registry, the operator of the registry and API.

Who these terms apply to

These API Terms of Service ("API Terms") apply to any individual or organisation ("API User") that accesses the Training Data Registry API. By obtaining or using an API key, you agree to these terms in addition to our general Terms of Service and Privacy Policy. Where these API Terms conflict with the general Terms of Service, these API Terms take precedence for matters relating to API access.

If you are accessing the API on behalf of an organisation, you represent that you have the authority to bind that organisation to these terms.

What the API provides

The Training Data Registry API provides:

  • URL lookup — check whether a specific URL has been registered as opted out of AI training (GET /api/v1/check?url=).
  • Hash lookup — check by SHA-256 content hash (GET /api/v1/check?hash=).
  • Bulk check — batch lookup of multiple URLs per request, available on paid tiers, subject to tier limits (POST /api/v1/check/bulk).

API responses include the registration status, verification trust level, and the specific AI-use preferences expressed by the registrant (training, inference, archive). Full technical documentation, including request and response format details and code examples, is available in our API documentation.

API keys

Access to the API requires an API key issued through your TDR account dashboard. API keys:

  • Are issued to the account holder for their sole use.
  • Must not be shared, distributed, published, or embedded in public code repositories.
  • Must not be used by more than one individual or system concurrently unless that arrangement is explicitly supported by your subscription tier.
  • Are shown to you only once at creation — you are responsible for storing them securely.
  • May be revoked or suspended if we reasonably believe they are being misused or these terms are being violated.

If your API key is compromised or you suspect unauthorised use, delete it immediately from your dashboard and generate a new one. Report suspected breaches to contact@trainingdataregistry.org.

A free tier is available with a limited monthly query allowance. Free tier access is subject to these same terms.

Rate limits and quotas

API access is available across multiple subscription tiers, each with defined monthly query limits and access to features such as bulk checking endpoints. Current tiers, pricing, and rate limits are published on our pricing page.

Monthly query limits reset at the start of each calendar month (UTC). Your remaining quota is returned in the X-RateLimit-Remaining response header with each request. Exceeding your monthly quota returns a 429 Too Many Requests response. Quotas are not automatically increased — upgrade your subscription to access a higher limit.

We reserve the right to modify tier definitions, pricing, and rate limits. Changes to your current tier will be communicated with at least 30 days' notice. You may cancel your subscription before changes take effect if you do not agree with them.

Permitted use

You may use the API to:

  • Check whether URLs or content you intend to process have been opted out of AI training.
  • Integrate registry checks into your data processing pipelines for compliance purposes.
  • Audit your existing datasets against the registry.
  • Build internal tools that surface opt-out status to your teams.
  • Cache API responses in accordance with the caching terms below.

Prohibited use

You must not use the API to:

  • Build, compile, or distribute a competing registry or dataset of opt-out preferences.
  • Redistribute, resell, sublicense, or make registry data available to third parties in bulk, whether directly or through a derivative product.
  • Circumvent rate limits through IP rotation, multiple accounts, or by splitting quota across multiple keys to aggregate volume beyond your tier limit.
  • Share or distribute your API key to third parties.
  • Use the API in a way that damages, disrupts, or impairs the registry or its infrastructure.
  • Use opt-out data to identify or target content for processing that falls outside the registrant's stated permissions.
  • Misrepresent your use of the registry or falsely claim compliance with opt-out preferences you have not actually honoured.

We reserve the right to monitor API usage patterns to detect misuse and enforce these terms.

Caching and data retention

You may cache API responses locally within the following limits:

  • Free tier: up to 7 days from the time of the response.
  • Paid tiers: up to 30 days from the time of the response.
  • Enterprise tier: extended caching terms (up to 90 days) may be negotiated — contact us at contact@trainingdataregistry.org.

After the permitted cache period, cached data must be refreshed by making a new API request or discarded. You may not store API responses beyond the permitted period to build or maintain a historical dataset of registry contents.

If your subscription is terminated or expires, you must delete all cached registry data within 30 days of termination.

Each API response includes a timestamp indicating when the data was retrieved. We recommend logging this timestamp alongside your cached results as part of your compliance records. API responses cached within the permitted period, together with the response timestamp, may serve as evidence that you checked the registry within a reasonable timeframe relative to your use of the content.

Currency of data

Registry data reflects opt-out preferences at the time of the API response. Preferences may change between queries — a creator may register or withdraw a URL after your most recent check.

It is your responsibility to query the registry at intervals appropriate to your use case. We recommend checking the registry before each training run or content ingestion cycle.

We do not guarantee that data remains current between checks, and we accept no liability for actions taken on the basis of data that has changed since it was last retrieved. Relying on data older than your permitted cache period increases this risk.

Payment

  • Paid subscriptions are billed monthly or annually in advance via Stripe.
  • All fees are quoted in GBP and are exclusive of VAT or other applicable taxes, which will be added where required.
  • Payment is due at the start of each billing period. If payment fails, we may suspend your API access until payment is received.
  • You may upgrade your tier at any time. Upgrades take effect immediately and are billed on a pro-rata basis for the remainder of the current billing period.
  • You may downgrade your tier or cancel your subscription at any time. Downgrades and cancellations take effect at the end of the current billing period. We do not offer refunds for unused portions of a billing period.

Obligations regarding opt-out data

When you receive an API response indicating that content has been opted out of a category of AI use, you are expected to act on that preference in good faith. While we cannot technically enforce compliance, a verified opt-out from the Training Data Registry constitutes clear, documented notice of the registrant's preferences.

API responses include a trust field indicating whether the registration has been domain-verified (verified) or is a self-declared claim (unverified). You may weight your compliance decisions accordingly, but we recommend giving appropriate weight to both.

By using the API, you acknowledge that:

  • Checking the registry does not, on its own, constitute compliance with any applicable law, regulation, or directive — including but not limited to the EU Copyright Directive, the EU AI Act, UK copyright law, or any other jurisdiction's requirements.
  • You are responsible for understanding and complying with all laws applicable to your use of content for AI training, independent of the information provided by the registry.
  • The registry is one tool among several — including robots.txt, ai.txt, meta tags, and direct licensing — that may be relevant to your compliance processes.

You must not use the registry as a tool to identify content for processing that falls outside the registrant's stated permissions.

Audit and compliance records

We log API requests, including the API key used, the URL or hash queried, the response returned, and the timestamp. These logs serve two purposes:

  • Providing content creators with visibility into who is checking their content.
  • Maintaining an audit trail of registry queries for compliance purposes.

API access logs associated with your account are retained for as long as your API account is active, plus 2 years following termination, after which they are deleted. You may request a copy of your own API access logs by contacting us.

You are responsible for maintaining your own compliance records (including API response timestamps and cached data) for whatever period your legal or regulatory obligations require. Our retention of logs is provided as a convenience and does not replace your own record-keeping obligations.

Security monitoring

We monitor API usage for signs of misuse. If unusual patterns are detected, your key may be flagged and suspended pending review.

Contact contact@trainingdataregistry.org if you believe a suspension was raised in error — for example, due to legitimate use via a corporate network with multiple egress points or a distributed engineering team.

Intellectual property

  • Registry data is owned by the Training Data Registry. Your subscription grants you a limited, non-exclusive, non-transferable licence to access and use registry data for the permitted uses described in these terms.
  • You may not claim ownership of registry data or represent it as your own.
  • You may publicly state that you use the Training Data Registry as part of your compliance processes. We may provide a compliance badge for this purpose, subject to separate usage terms.

Confidentiality

  • Your API key and account details are confidential.
  • Aggregate, non-identifying information about API usage (such as total query volumes or number of active API consumers) may be published by us to demonstrate registry adoption.
  • We will not publicly identify you as an API consumer without your prior consent, unless required by law.

Service availability

We aim to maintain high availability of the API, but do not provide a formal Service Level Agreement (SLA) at this time. Current system status is available at /status.

We will endeavour to provide advance notice of planned maintenance. If we discontinue the API entirely, we will provide at least 90 days' notice to all active subscribers.

We are not liable for losses arising from API unavailability, rate limit enforcement, or changes to API behaviour. We will provide reasonable notice of breaking changes.

Changes to the API and these terms

We may update the API and these terms from time to time. For material changes:

  • We will notify API key holders by email with at least 30 days' notice for breaking changes.
  • The version number and date at the top of this page will reflect the current version.
  • Continued use of the API after changes take effect constitutes acceptance of the updated terms.
  • You may cancel your subscription before changes take effect if you do not agree with them.

Suspension and termination

By you

  • You may cancel your subscription at any time. Cancellation takes effect at the end of the current billing period.
  • Upon cancellation, your API key will be deactivated and you must delete all cached registry data within 30 days.

By us

We may suspend or terminate API access if you:

  • Breach these API Terms or our general Terms of Service.
  • Use the API in a way that causes harm to the registry, its users, or third parties.
  • Fail to pay applicable subscription fees.

Where possible, we will give notice before suspension and an opportunity to remedy the issue. For serious breaches, we may act immediately.

If we discontinue the API entirely, we will provide at least 90 days' notice to all active subscribers.

Effect of termination

  • All cached registry data must be deleted within 30 days of termination.
  • Outstanding payment obligations survive termination.
  • The confidentiality, intellectual property, limitation of liability, and indemnification sections survive termination.

Limitation of liability

To the fullest extent permitted by law:

  • We make no representations or warranties, whether express or implied, regarding the API or registry data, including but not limited to implied warranties of satisfactory quality, accuracy, completeness, or fitness for a particular purpose.
  • The registry reflects preferences registered directly with TDR. It may not include preferences expressed solely through other mechanisms (such as robots.txt, ai.txt, or direct communication with individual AI companies). We recommend using the registry alongside other compliance checks as part of a comprehensive approach.
  • We do not guarantee that all registrations are legitimate, or that acting on registry data alone will satisfy your legal obligations in any jurisdiction.
  • We are not liable for any damages arising from your use of the API, including but not limited to reliance on registry data for compliance purposes, decisions made on the basis of cached or outdated data, service interruptions, or loss of data.
  • Our total liability to you for any claim arising from your use of the API is limited to the total fees you have paid us in the 12 months preceding the claim.

Nothing in these terms excludes or limits our liability for death or personal injury caused by our negligence, for fraud or fraudulent misrepresentation, or for any other liability that cannot be excluded or limited under English law.

Indemnification

You agree to indemnify and hold harmless Daniel Gage (trading as Training Data Registry) from any claims, losses, or damages arising from your breach of these terms, your misuse of the API, or your failure to comply with applicable laws regarding AI training and content use. This indemnity applies to the extent permitted by applicable law.

Governing law

These API Terms are governed by the laws of England and Wales. Any disputes will be subject to the exclusive jurisdiction of the courts of England and Wales.

Contact

For questions about these API Terms or your API access:

Email: contact@trainingdataregistry.org

Operated by: Daniel Gage, trading as Training Data Registry, based in England.