# MURPHIE API — Terms and Conditions of Use
**Effective Date:** May 4, 2026
**Last Revised:** May 4, 2026
**Version:** 1.0
> **Legal Notice:** These Terms and Conditions ("Terms") constitute a legally binding agreement. Organizations deploying the MURPHIE API in a production environment should have these Terms reviewed by qualified legal counsel before relying on them for compliance purposes.
---
## 1. Definitions
| Term | Meaning |
|------|---------|
| **"API"** | The MURPHIE application programming interface, including all endpoints, webhooks, associated SDKs, and documentation provided by the Operator. |
| **"Operator"** | The church, ministry organization, or other legal entity that deploys and administers the MURPHIE API instance. |
| **"Authorized User"** | A human individual granted API access by the Operator, including church staff, ministry leaders, and approved volunteers. |
| **"API Consumer"** | Any software application, Wix site, embedded page, or automated process that authenticates with and calls the API on behalf of an Authorized User or congregation. |
| **"End Member"** | A congregant or site visitor whose data may be processed through the API (e.g., prayer request submitters, event attendees). |
| **"Church Data"** | All content, media, CMS records, calendar events, announcements, prayer requests, ministry moments, and financial goal data submitted to or generated by the API. |
| **"Third-Party Services"** | External platforms integrated with the API, including but not limited to Zoom Video Communications, Inc., Google LLC (Google Calendar, Google Cloud, Vertex AI), and Wix.com Ltd. |
| **"Personal Data"** | Any information relating to an identified or identifiable natural person, as defined under applicable privacy law. |
---
## 2. Acceptance of Terms
By deploying, accessing, or using the MURPHIE API in any manner — including but not limited to making HTTP requests, embedding lobby pages, sending webhook payloads, or processing API responses — you agree, on behalf of yourself and the Operator, to be bound by these Terms.
If you do not agree to these Terms, you must immediately cease all access to and use of the API.
These Terms apply to all API surfaces, including:
- REST endpoints (public and authenticated)
- Webhook receivers (`/api/webhook/*`)
- Embedded static assets served from the API host
- Wix Velo backend modules distributed with this project
---
## 3. Description of Services
The MURPHIE API provides the following service categories:
1. **Ministry Management** — Create, edit, and publish ministry-scoped announcements, calendar events, and ministry moments (photo sharing).
2. **Zoom Meeting Integration** — Server-to-server Zoom OAuth for creating and tracking live ministry Zoom meetings, including a public live-lobby feed.
3. **Announcement & Scripture Publishing** — Church-wide headline announcements, scripture-of-the-week, and weekly flyer posting.
4. **Prayer Board** — Submission, management, and lifecycle tracking of congregational prayer requests.
5. **Financial Goals** — Savings and fundraising goal tracking for ministry projects.
6. **AI-Assisted Chat** — Natural-language intent parsing via Google Vertex AI, enabling Authorized Users to manage church content via conversational commands.
7. **Role-Based Access Control (RBAC)** — Assignment and revocation of ministry roles (church admin, approved leader, assigned member) stored in the Operator's Wix CMS.
8. **Calendar Integration** — Read and write access to a Google Calendar instance owned and configured by the Operator.
The Operator acknowledges that features may be added, modified, or discontinued at any time.
---
## 4. Access, Authentication, and Security
### 4.1 Credentials and Secrets
Access to privileged API endpoints is controlled by one or more of:
- **Shared secret** (`X-Murphie-Secret` header) — a high-entropy value stored in Wix Secrets Manager and validated server-side.
- **Wix Member Identity** — member ID and email forwarded from Wix backend modules and verified against the Operator's CMS.
- **Zoom Webhook Signature** — HMAC-SHA256 token used to verify Zoom Event Subscription payloads.
The Operator is solely responsible for:
- Generating, rotating, and safeguarding all API secrets and tokens.
- Ensuring secrets are never embedded in client-side code or version-controlled repositories.
- Revoking credentials immediately upon suspected compromise.
- Restricting Cloud Run environment variables to authorized personnel only.
### 4.2 Acceptable Authentication Practices
Authorized Users must not:
- Share credentials across multiple Operators without explicit authorization.
- Use automated credential stuffing, brute-force, or replay attacks.
- Attempt to impersonate another member or escalate privileges beyond their assigned role.
### 4.3 Rate Limiting and Abuse Prevention
The API implements rate limiting on sensitive endpoints (e.g., public prayer submission). The Operator acknowledges that abusive traffic patterns may result in temporary or permanent suspension of access without prior notice.
---
## 5. Permitted Use
The MURPHIE API is licensed for use **solely by the Operator** for internal church and ministry administration purposes, including:
- Publishing content to the Operator's Wix website.
- Managing congregation-facing announcements, events, and media.
- Facilitating live ministry video meetings via Zoom.
- Processing and responding to congregant prayer requests.
- Tracking and reporting on internal fundraising goals.
---
## 6. Prohibited Uses
The following uses are strictly prohibited:
1. **Resale or sublicensing** — Providing access to the API as a service to third parties not affiliated with the Operator.
2. **Unauthorized data harvesting** — Scraping, bulk-exporting, or aggregating Church Data or End Member Personal Data without the consent of those individuals.
3. **Illegal processing** — Using the API to process Personal Data in violation of applicable law, including but not limited to GDPR, CCPA, COPPA, or HIPAA.
4. **Content that harms** — Publishing content via the API that is defamatory, discriminatory, harassing, or that violates any applicable law.
5. **Security testing without authorization** — Penetration testing, vulnerability scanning, or fuzzing of API endpoints without the written consent of the Operator's technical administrator.
6. **Circumventing RBAC** — Attempting to bypass role checks, forge member identities, or access endpoints above one's assigned permission level.
7. **Zoom `start_url` exposure** — Forwarding, logging, displaying, or transmitting Zoom host start URLs to any party other than the meeting creator. The API is explicitly designed to withhold `start_url` from all public-facing endpoints, and this design must not be circumvented.
8. **AI misuse** — Submitting prompts to the AI-assisted chat endpoints designed to manipulate, jailbreak, or extract model system instructions.
9. **Interference with services** — Sending payloads designed to degrade performance, trigger denial-of-service conditions, or corrupt CMS data.
---
## 7. Data Privacy and Personal Data
### 7.1 Data Controller Responsibility
For the purposes of applicable privacy law, the **Operator is the data controller** of all Church Data and Personal Data processed through the API. The developer(s) of the MURPHIE API codebase act as a **data processor** only to the extent they provide software tooling, and do not independently control or monetize Operator data.
### 7.2 Categories of Personal Data Processed
The API may process the following categories of Personal Data:
| Category | Examples |
|----------|---------|
| Identity | Member display name, login email |
| Contact | Email address used for member lookup |
| Behavioral | Prayer submissions, ministry moments, meeting participation |
| Financial | Fundraising goal amounts (not payment card data) |
| Media | Photos uploaded as ministry moments or announcement images |
| Communications | Chat messages submitted to AI-assisted endpoints |
### 7.3 Data Retention
The Operator is responsible for establishing and enforcing data retention policies for all data stored in the Operator's Wix CMS, Google Cloud Storage bucket, and Google Cloud Firestore instance. The MURPHIE API does not impose default retention periods; data persists until deleted by an Authorized User or by an automated process configured by the Operator.
### 7.4 Prayer Requests — Special Category Notice
Prayer requests may contain sensitive Personal Data relating to health, family circumstances, or other matters. The Operator must:
- Limit access to prayer board data to authorized pastoral staff.
- Not use prayer request data for marketing, analytics, or any purpose other than pastoral care.
- Obtain appropriate consent from End Members before recording prayer requests in a persistent system.
### 7.5 Minors
The API must not be used to knowingly collect Personal Data from individuals under the age of 13 (United States) or the applicable minimum age under local law, without verifiable parental consent.
### 7.6 Data Subject Rights
The Operator is responsible for honoring data subject rights requests (access, deletion, portability, rectification) under applicable law. The MURPHIE API provides deletion capability through its authenticated admin endpoints; the Operator must implement appropriate processes to respond to such requests within legally mandated timeframes.
### 7.7 Security Measures
The API implements the following technical safeguards:
- TLS encryption in transit for all API traffic (enforced by Google Cloud Run).
- HMAC-SHA256 signature verification for all Zoom webhook payloads.
- Shared-secret authentication for Wix-to-API server communication.
- Role-based access control enforced server-side on all privileged operations.
- CORS origin allowlisting to restrict browser-based API access.
Despite these measures, no system is perfectly secure. The Operator accepts responsibility for the security of their own credentials, Wix Secrets, CMS access controls, and Google Cloud IAM configuration.
---
## 8. Third-Party Integrations
### 8.1 Zoom
Use of Zoom features through the MURPHIE API is subject to the [Zoom Terms of Service](https://explore.zoom.us/en/terms/) and [Zoom API License Agreement](https://marketplace.zoom.us/docs/api-reference/api-overview/). The Operator must maintain a valid Zoom Server-to-Server OAuth application with appropriate scopes. The Operator is responsible for all Zoom usage fees.
### 8.2 Google
Use of Google Calendar, Google Cloud Run, Google Cloud Storage, Google Cloud Firestore, and Google Vertex AI is subject to the [Google Terms of Service](https://policies.google.com/terms) and [Google Cloud Platform Terms of Service](https://cloud.google.com/terms/). The Operator is responsible for all Google Cloud costs incurred by their deployment.
### 8.3 Wix
The Wix Velo modules distributed with this project interact with the Operator's Wix Data CMS and Wix Members API. Use is subject to [Wix Terms of Use](https://www.wix.com/about/terms-of-use) and the [Wix Privacy Policy](https://www.wix.com/about/privacy). The Operator must ensure their Wix site's own terms of use and privacy policy accurately describe data processing activities enabled by this API.
### 8.4 No Endorsement
Reference to Third-Party Services does not constitute an endorsement, partnership, or warranty regarding those services. The MURPHIE API developers are not responsible for outages, changes in API behavior, or data practices of any third party.
---
## 9. Intellectual Property
### 9.1 MURPHIE API Codebase
The MURPHIE API source code, architecture, and documentation are the intellectual property of the Operator or the developer(s) who authored the code, as applicable. Nothing in these Terms conveys a license broader than what is explicitly granted.
### 9.2 Church Data
All Church Data submitted through the API remains the intellectual property of the Operator and, where applicable, the individual Authorized Users or End Members who created it. The API processes this data solely to provide the services described herein.
### 9.3 AI-Generated Content
Content generated or refined by AI-assisted features (e.g., calendar event descriptions, announcement copy suggestions) is provided as a tool, not a legal work product. The Operator is solely responsible for reviewing and approving all AI-generated content before publication.
---
## 10. Disclaimer of Warranties
THE MURPHIE API IS PROVIDED **"AS IS"** AND **"AS AVAILABLE"** WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, OR UNINTERRUPTED SERVICE.
THE OPERATOR ACKNOWLEDGES THAT:
- The API may experience downtime, bugs, or data loss events.
- AI-generated intent classification may produce incorrect results.
- Third-party service outages (Zoom, Google, Wix) are outside the control of the API developers.
- No warranty is made regarding the accuracy of fuzzy member or ministry search results used in permission management commands.
---
## 11. Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL THE DEVELOPERS OR CONTRIBUTORS OF THE MURPHIE API BE LIABLE FOR ANY:
- INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES;
- LOSS OF DATA, REVENUE, GOODWILL, OR MINISTRY OPERATIONS;
- DAMAGES ARISING FROM UNAUTHORIZED ACCESS TO CHURCH DATA, MEMBER DATA, OR FINANCIAL RECORDS;
- DAMAGES ARISING FROM RELIANCE ON AI-GENERATED CONTENT OR INTENT CLASSIFICATIONS;
WHETHER BASED IN CONTRACT, TORT, STATUTE, OR ANY OTHER LEGAL THEORY, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Where limitation of liability is not permitted by law, liability is limited to the maximum extent permitted.
---
## 12. Indemnification
The Operator agrees to defend, indemnify, and hold harmless the developers and contributors of the MURPHIE API from and against any claims, damages, losses, and expenses (including reasonable legal fees) arising out of or relating to:
- The Operator's deployment, configuration, or use of the API.
- Breach of these Terms by the Operator or any Authorized User.
- The Operator's failure to comply with applicable privacy or data protection law.
- Any claim by an End Member regarding the processing of their Personal Data.
- The Operator's use of Third-Party Services through the API.
---
## 13. Termination and Suspension
### 13.1 Termination by the Operator
The Operator may terminate use of the API at any time by decommissioning their Cloud Run deployment, revoking all API secrets, and deleting associated Google Cloud and Wix resources.
### 13.2 Suspension for Cause
Access may be suspended or terminated for:
- Material breach of these Terms.
- Conduct that puts member Personal Data at risk.
- Use of the API for purposes that violate applicable law.
### 13.3 Effect of Termination
Upon termination, the Operator's obligations regarding data security, member privacy, and confidentiality of credentials survive.
---
## 14. Compliance with Laws
The Operator is solely responsible for ensuring their use of the MURPHIE API complies with all applicable laws and regulations, including but not limited to:
- **GDPR** (where End Members are located in the European Economic Area)
- **CCPA / CPRA** (where End Members are California residents)
- **COPPA** (if the API may process data of children under 13)
- **CAN-SPAM / CASL** (if the API is used to send communications)
- **IRS regulations** applicable to church tax-exempt status (financial data)
- **State data breach notification laws** (in the event of unauthorized access to Personal Data)
---
## 15. Changes to These Terms
These Terms may be revised at any time by updating the `TERMS.md` file in the API repository. Continued use of the API following publication of revised Terms constitutes acceptance of the changes. The Operator is encouraged to review Terms periodically.
Material changes that affect End Member rights will be communicated via documentation update notice in the project changelog or README.
---
## 16. Governing Law and Dispute Resolution
These Terms shall be governed by and construed in accordance with the laws of the state or jurisdiction in which the Operator is incorporated or primarily operates, without regard to its conflict-of-law provisions.
Any dispute arising under these Terms shall be resolved first through good-faith negotiation. If unresolved within 30 days, disputes shall be submitted to binding arbitration under the rules of the American Arbitration Association (or equivalent body in the Operator's jurisdiction), unless otherwise required by law.
---
## 17. Miscellaneous
- **Severability:** If any provision of these Terms is found invalid or unenforceable, the remaining provisions continue in full force.
- **Waiver:** Failure to enforce any right under these Terms does not constitute a waiver of that right.
- **Entire Agreement:** These Terms constitute the entire agreement between the Operator and the API developers regarding the subject matter herein, and supersede all prior agreements.
- **No Agency:** Nothing in these Terms creates a partnership, joint venture, employment, or agency relationship between the parties.
- **Force Majeure:** Neither party is liable for delays or failures due to causes beyond reasonable control, including natural disasters, infrastructure outages, or acts of government.
---
## 18. Contact and Notices
For questions regarding these Terms, data privacy, or API compliance, contact the Operator's designated administrator through the communication channels established during API deployment.
For security vulnerability disclosures related to the MURPHIE API codebase, please follow responsible disclosure practices and notify the Operator's technical administrator privately before any public disclosure.
---
*These Terms were prepared using a general legal framework and have not been reviewed by licensed legal counsel. The Operator is strongly encouraged to engage qualified legal counsel before relying on this document for regulatory compliance, contractual obligations, or data protection accountability purposes.*