Legal - Epic Labs

Legal Documents

Important legal information about using Epic Labs services

Terms of Service

Last updated: May 29, 2025

1. Acceptance of Terms

By accessing or using Epic Labs' services, including our APIs, websites, and related services (collectively, the "Services"), you agree to be bound by these Terms of Service ("Terms"). If you disagree with any part of these terms, you may not access the Services.

2. Description of Services

Epic Labs provides a comprehensive suite of APIs and services including but not limited to:

  • Geolocation and mapping services
  • Address validation and verification
  • Device fingerprinting and bot protection
  • Phone and SMS services
  • Email and messaging APIs
  • Payment processing and fraud detection
  • Identity verification and authentication services
  • Professional consulting and audit services

3. User Accounts and Registration

To access certain features of our Services, you must register for an account. You agree to:

  • Provide accurate, current, and complete information during registration
  • Maintain and promptly update your account information
  • Maintain the security of your account credentials
  • Accept responsibility for all activities under your account

4. Acceptable Use Policy

You agree not to use the Services to:

  • Violate any applicable laws or regulations
  • Infringe on intellectual property rights of others
  • Transmit malicious code, viruses, or harmful software
  • Engage in fraudulent activities or financial crimes
  • Harassment, stalking, or threatening others
  • Spam or send unsolicited communications
  • Attempt to circumvent security measures or rate limits
  • Reverse engineer or attempt to extract source code

5. API Usage and Rate Limits

Our APIs are subject to usage limits and fair use policies. You agree to:

  • Comply with documented rate limits and usage guidelines
  • Implement appropriate error handling and retry logic
  • Monitor your usage and maintain compliance with your plan limits
  • Not share API keys or credentials with unauthorized parties

6. Payment Terms

For paid services, you agree to:

  • Pay all fees associated with your selected plan
  • Provide valid payment information
  • Pay invoices within the specified timeframe
  • Accept responsibility for all charges incurred under your account

7. Data and Privacy

Your privacy is important to us. Our collection and use of personal information is governed by our Privacy Policy. You acknowledge that you have read and understood our Privacy Policy.

8. Intellectual Property

The Services and all related content, including but not limited to software, text, graphics, logos, and trademarks, are owned by Epic Labs or its licensors and are protected by intellectual property laws.

9. Service Availability

While we strive for high availability, we do not guarantee uninterrupted access to our Services. We may suspend or terminate Services for maintenance, security issues, or other operational reasons.

10. Limitation of Liability

To the fullest extent permitted by law, Epic Labs shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits or revenues, whether incurred directly or indirectly.

11. Indemnification

You agree to indemnify and hold harmless Epic Labs from any claims, damages, or expenses arising from your use of the Services or violation of these Terms.

12. Termination

We may terminate or suspend your access to the Services at any time, with or without cause, with or without notice. Upon termination, your right to use the Services ceases immediately.

13. Governing Law

These Terms are governed by and construed in accordance with the laws of the State of Delaware, without regard to its conflict of law provisions. Epic Labs Inc is registered in Delaware with registration number 2781290.

14. Changes to Terms

We reserve the right to modify these Terms at any time. Changes will be effective upon posting on our website. Your continued use of the Services constitutes acceptance of the revised Terms.

15. Contact Information

If you have questions about these Terms, please contact us at:

Epic Labs Inc
169 Madison Ave #11256
New York, NY 10016
Email: legal@epiclabs.com
Phone: +1 855 699 9959

Privacy Policy

Last updated: May 29, 2025

1. Introduction

Epic Labs ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Services.

2. Information We Collect

2.1 Information You Provide

  • Account registration information (name, email, company details)
  • Payment information (processed securely by third-party providers)
  • Communications with our support team
  • Feedback and survey responses

2.2 Information Automatically Collected

  • IP addresses and geolocation data
  • Device information and browser details
  • Usage patterns and API call logs
  • Cookies and similar tracking technologies

2.3 Information from Third Parties

  • Data from payment processors
  • Information from identity verification services
  • Public data sources for verification purposes

3. How We Use Your Information

We use your information to:

  • Provide and maintain our Services
  • Process payments and prevent fraud
  • Communicate with you about your account
  • Improve our Services and develop new features
  • Comply with legal obligations
  • Protect against security threats

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

  • With service providers who assist in operating our Services
  • To comply with legal requirements or court orders
  • To protect our rights, property, or safety
  • In connection with a merger, acquisition, or sale of assets
  • With your explicit consent

5. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Employee training on data protection

6. Data Retention

We retain your information for as long as necessary to provide our Services and comply with legal obligations. API logs and usage data are typically retained for 90 days unless longer retention is required for security or compliance purposes.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access to your personal information
  • Correction of inaccurate information
  • Deletion of your information
  • Restriction of processing
  • Data portability
  • Objection to processing

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses approved by relevant authorities.

9. Children's Privacy

Our Services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it promptly.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through our Services. Your continued use of our Services after changes take effect constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Epic Labs Inc
169 Madison Ave #11256
New York, NY 10016
Email: privacy@epiclabs.com
Phone: +1 855 699 9959

Cookie Policy

Last updated: May 29, 2025

1. What Are Cookies

Cookies are small text files that are stored on your device when you visit our website. They help us provide you with a better experience by remembering your preferences and analyzing how you use our Services.

2. Types of Cookies We Use

2.1 Essential Cookies

These cookies are necessary for the website to function properly. They enable core functionality such as security, network management, and accessibility.

2.2 Performance Cookies

These cookies collect information about how visitors use our website, such as which pages are visited most often and if they get error messages from web pages.

2.3 Functionality Cookies

These cookies allow the website to remember choices you make and provide enhanced, more personal features.

2.4 Targeting Cookies

These cookies are used to deliver content more relevant to you and your interests. They may be set by us or by third-party providers.

3. Third-Party Cookies

We may use third-party services that set cookies on our behalf, including:

  • Google Analytics for website analytics
  • Payment processors for transaction security
  • Customer support tools for chat functionality

4. Managing Cookies

You can control and manage cookies in several ways:

  • Browser settings: Most browsers allow you to block or delete cookies
  • Opt-out tools: Some third parties provide opt-out mechanisms
  • Cookie preferences: You can adjust your preferences in our cookie banner

5. Impact of Disabling Cookies

If you disable cookies, some features of our website may not function properly, including:

  • Account login and authentication
  • Personalized content and preferences
  • Shopping cart functionality
  • Analytics and performance monitoring

6. Updates to This Cookie Policy

We may update this Cookie Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. Please check this page periodically for updates.

7. Contact Us

If you have questions about our use of cookies, please contact us at:

Epic Labs Inc
169 Madison Ave #11256
New York, NY 10016
Email: privacy@epiclabs.com
Phone: +1 855 699 9959

Data Processing Agreement

Last updated: May 29, 2025

1. Introduction

This Data Processing Agreement ("DPA") forms part of the Terms of Service between Epic Labs Inc ("Data Processor") and you ("Data Controller") regarding the processing of personal data in connection with Epic Labs' services.

2. Definitions

For the purposes of this DPA:

  • Personal Data means any information relating to an identified or identifiable natural person
  • Processing means any operation performed on personal data
  • Data Subject means the natural person to whom personal data relates
  • GDPR means the General Data Protection Regulation (EU) 2016/679

3. Scope and Duration

This DPA applies to the processing of personal data by Epic Labs on behalf of the Customer in connection with the Services. This DPA remains in effect for the duration of the Services agreement.

4. Nature and Purpose of Processing

Epic Labs processes personal data for the following purposes:

  • Providing geolocation and IP address services
  • Address validation and verification
  • Phone number validation and communication services
  • Email delivery and validation
  • Fraud detection and prevention
  • Identity verification services
  • Device fingerprinting for security purposes

5. Categories of Data Subjects

Personal data may relate to the following categories of data subjects:

  • End users of Customer's applications
  • Website visitors
  • Customer's employees and contractors
  • Individuals whose data is submitted for verification

6. Categories of Personal Data

Epic Labs may process the following categories of personal data:

  • IP addresses and geolocation data
  • Contact information (email addresses, phone numbers)
  • Address and location data
  • Device and browser information
  • Identity verification data
  • Transaction and payment data (processed via third parties)

7. Processing Instructions

Epic Labs will process personal data only on documented instructions from the Customer, including:

  • Processing through the Epic Labs APIs and Services
  • Processing initiated through the Customer's use of the Services
  • Additional instructions agreed in writing

8. Security Measures

Epic Labs implements appropriate technical and organizational measures including:

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Regular security assessments
  • Employee training and confidentiality agreements
  • Incident response procedures

9. Sub-processors

Epic Labs may engage sub-processors to assist in providing the Services. We maintain a list of approved sub-processors and will notify Customers of changes with 30 days' notice.

10. Data Subject Rights

Epic Labs will assist the Customer in fulfilling data subject rights requests, including:

  • Access to personal data
  • Rectification of inaccurate data
  • Erasure of personal data
  • Restriction of processing
  • Data portability

11. Data Retention and Deletion

Epic Labs will retain personal data only as long as necessary to provide the Services. Upon termination of the agreement, Epic Labs will delete or return personal data within 90 days unless legal obligations require retention.

12. International Transfers

Personal data may be transferred to countries outside the EEA. Epic Labs ensures appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

13. Data Breach Notification

Epic Labs will notify the Customer without undue delay upon becoming aware of a personal data breach affecting Customer data, providing all relevant details for the Customer's own notification obligations.

14. Audits and Compliance

Epic Labs will make available information necessary to demonstrate compliance with this DPA and allow for audits by the Customer or appointed auditor, subject to confidentiality obligations.

15. Contact Information

For DPA-related inquiries, contact:

Epic Labs Inc
Data Protection Officer
169 Madison Ave #11256
New York, NY 10016
Email: dpo@epiclabs.com
Phone: +1 855 699 9959

Security & Compliance

Last updated: May 29, 2025

1. Security Overview

Epic Labs is committed to maintaining the highest standards of security and compliance to protect our customers' data and ensure reliable service delivery. This document outlines our security practices and compliance commitments.

2. Data Security

2.1 Encryption

  • All data in transit is encrypted using TLS 1.3
  • Data at rest is encrypted using AES-256 encryption
  • Database encryption with transparent data encryption (TDE)
  • Encrypted backups with separate key management

2.2 Access Controls

  • Multi-factor authentication (MFA) required for all accounts
  • Role-based access control (RBAC) implementation
  • Principle of least privilege access
  • Regular access reviews and deprovisioning
  • API key management with rotation capabilities

3. Infrastructure Security

3.1 Network Security

  • Web Application Firewall (WAF) protection
  • DDoS protection and mitigation
  • Network segmentation and isolation
  • Intrusion detection and prevention systems

3.2 Server Security

  • Regular security patching and updates
  • Endpoint detection and response (EDR)
  • Container security scanning
  • Hardened server configurations

4. Monitoring and Logging

  • 24/7 security monitoring and alerting
  • Comprehensive audit logging
  • Log retention for 12 months minimum
  • Security Information and Event Management (SIEM)
  • Real-time threat detection

5. Incident Response

5.1 Response Process

  • Dedicated incident response team
  • 24/7 incident response capability
  • Defined escalation procedures
  • Customer notification within 4 hours of confirmed incidents

5.2 Data Breach Response

  • Immediate containment and assessment
  • Notification to affected customers within 72 hours
  • Coordination with regulatory authorities as required
  • Post-incident analysis and remediation

6. Compliance Standards

6.1 Current Certifications

  • SOC 2 Type II certification (in progress)
  • ISO 27001 compliance framework
  • GDPR and CCPA compliance
  • PCI DSS Level 1 for payment processing

6.2 Industry Standards

  • NIST Cybersecurity Framework
  • OWASP security guidelines
  • Cloud Security Alliance (CSA) standards
  • FedRAMP security controls (applicable components)

7. Data Protection

7.1 Data Minimization

  • Collection limited to necessary data only
  • Regular data purging and retention policies
  • Data anonymization where possible

7.2 Data Location and Residency

  • Primary data centers in the United States
  • EU data residency options available
  • Clear data processing location disclosure
  • Customer control over data location where applicable

8. Vendor Management

  • Security assessments of all third-party vendors
  • Contractual security requirements
  • Regular vendor security reviews
  • Incident notification requirements from vendors

9. Employee Security

  • Background checks for all employees
  • Security awareness training
  • Confidentiality and non-disclosure agreements
  • Regular security training updates

10. Business Continuity

  • Disaster recovery plan with RTO of 4 hours
  • Regular backup testing and validation
  • Multi-region infrastructure deployment
  • Service availability commitment of 99.99%

11. Security Testing

  • Annual penetration testing by third parties
  • Regular vulnerability assessments
  • Code security reviews
  • Security regression testing

12. Transparency and Reporting

  • Annual security reports
  • Public security policy documentation
  • Incident transparency reports
  • Security questionnaire responses

13. Contact Information

For security-related inquiries or to report security issues:

Epic Labs Inc
Security Team
169 Madison Ave #11256
New York, NY 10016
Email: security@epiclabs.com
Emergency: security-emergency@epiclabs.com
Phone: +1 855 699 9959

Acceptable Use Policy

Last updated: May 29, 2025

1. Introduction

This Acceptable Use Policy ("AUP") governs your use of Epic Labs' services and APIs. This policy is designed to protect our services, our customers, and the broader internet community from abusive or harmful activities.

2. General Principles

You agree to use Epic Labs services in a manner that:

  • Complies with all applicable laws and regulations
  • Respects the rights and privacy of others
  • Does not interfere with or disrupt our services
  • Maintains the security and integrity of our systems

3. Prohibited Activities

3.1 Illegal Activities

  • Using services for any illegal purpose or in violation of any laws
  • Facilitating illegal activities including fraud, money laundering, or identity theft
  • Violating intellectual property rights
  • Distributing illegal content or malware

3.2 Abusive Behavior

  • Harassment, stalking, or threatening individuals
  • Distributing spam or unsolicited communications
  • Creating fake accounts or impersonating others
  • Engaging in hate speech or discriminatory behavior

3.3 System Abuse

  • Attempting to circumvent security measures or access controls
  • Reverse engineering, decompiling, or attempting to extract source code
  • Performing unauthorized penetration testing or vulnerability scanning
  • Introducing viruses, malware, or other harmful code

4. API-Specific Usage Guidelines

4.1 Geolocation API

Acceptable Use:

  • Location-based content customization
  • Fraud prevention and risk assessment
  • Analytics and business intelligence
  • Compliance with local regulations

Prohibited Use:

  • Tracking individuals without consent
  • Creating detailed movement profiles
  • Stalking or surveillance activities
  • Bypassing geo-blocking for illegal content

4.2 Phone Validation & SMS API

Acceptable Use:

  • Account verification and two-factor authentication
  • Transactional notifications and alerts
  • Customer service communications
  • Opt-in marketing with proper consent

Prohibited Use:

  • Sending unsolicited messages or spam
  • Harassment or threatening communications
  • Robocalling or automated telemarketing
  • Bypassing Do Not Call registries

4.3 Email API

Acceptable Use:

  • Transactional emails (receipts, confirmations)
  • Password resets and account notifications
  • Opt-in newsletters and marketing
  • Customer support communications

Prohibited Use:

  • Sending spam or unsolicited bulk email
  • Phishing or fraudulent email campaigns
  • Email harvesting or list building without consent
  • Malware distribution or malicious attachments

4.4 Fraud Detection API

Acceptable Use:

  • Transaction risk assessment
  • Account creation monitoring
  • Compliance with KYC/AML requirements
  • Preventing financial crimes

Prohibited Use:

  • Discriminatory profiling based on protected characteristics
  • Creating blacklists without proper justification
  • Sharing fraud data with unauthorized parties
  • Using for non-fraud prevention purposes

4.5 Identity Verification API

Acceptable Use:

  • KYC compliance and customer onboarding
  • Age verification for restricted services
  • Account recovery and authentication
  • Regulatory compliance verification

Prohibited Use:

  • Identity theft or impersonation
  • Unauthorized background checks
  • Stalking or harassment facilitation
  • Creating fake identities

5. Rate Limits and Fair Use

  • Respect published rate limits for all APIs
  • Implement appropriate caching and error handling
  • Do not attempt to circumvent rate limiting
  • Contact support for legitimate high-volume needs

6. Data Usage and Privacy

  • Only collect data necessary for your stated purpose
  • Obtain proper consent for data collection and processing
  • Implement appropriate data security measures
  • Comply with applicable privacy laws (GDPR, CCPA, etc.)
  • Do not share API responses with unauthorized third parties

7. Content and Messaging Guidelines

  • Ensure all content complies with local laws
  • Provide clear opt-out mechanisms for communications
  • Include proper sender identification
  • Maintain current suppression and opt-out lists

8. Monitoring and Enforcement

Epic Labs reserves the right to:

  • Monitor usage patterns for compliance
  • Investigate suspected violations
  • Suspend or terminate services for violations
  • Report illegal activities to law enforcement

9. Violations and Consequences

Violations of this AUP may result in:

  • Warning and required corrective action
  • Temporary suspension of services
  • Permanent termination of account
  • Legal action for damages
  • Reporting to appropriate authorities

10. Reporting Violations

To report suspected violations of this AUP:

Epic Labs Inc
Abuse Team
169 Madison Ave #11256
New York, NY 10016
Email: abuse@epiclabs.com
Phone: +1 855 699 9959

Please include detailed information about the suspected violation and any supporting evidence.

11. Updates to This Policy

We may update this AUP from time to time. Continued use of our services after changes constitutes acceptance of the updated policy. We will notify customers of material changes via email or service notifications.