THE RULES
OF ACCESS.
By using PullFirst or its API you agree to these terms. If you do not agree, do not use the service. The short version is below. The long version is each subsequent section.
LAST UPDATED / APRIL 2026
Keys, access, and responsibility.
API access requires a valid API key issued through your PullFirst account. Keys are non-transferable and must not be shared with third parties or committed to public source repositories.
You are responsible for all activity that occurs under your API key. That includes usage by your applications, your employees, and your contractors. If a key is compromised, rotate it immediately from the dashboard.
We may suspend or revoke API keys at any time for abuse, excessive usage, or violation of these terms.
Rate limits and fair use.
API usage is subject to per-tier rate limits. Exceeding your plan’s limits may result in throttling or temporary suspension of access. Published limits live on the pricing page.
Do not attempt to circumvent rate limits through multiple accounts, key rotation, or distributed scraping. That will get the entire tenant suspended, not just the offending key.
Curated, normalized, refreshed.
PullFirst ingests public records from state licensing registries, enforcement bulletins, federal OSHA, and municipal permit feeds. We normalize, dedupe, and cross-reference those records into a single schema, and we run the pipeline on a cadence set per-source.
That work does not make PullFirst the authoritative issuer. A DLI order is still issued by DLI. An OSHA inspection is still filed by OSHA. When the originating agency publishes an error or sits on an update, PullFirst mirrors the source until the source is corrected. That is how public-record pipelines have to work.
For decisions with significant financial or human impact, such as underwriting, hiring, lending, or compliance sign-offs, treat PullFirst records as one high-quality signal alongside direct agency verification. For a disputed record, the correction has to land with the agency. We refresh when they do.
Ground rules.
A few things we don’t allow:
- 01Redistribute raw API data outside your organization without a redistribution license
- 02Use PullFirst data to harass, defame, or intimidate anyone
- 03Reverse-engineer, decompile, or attempt to extract the source code of the API
- 04Circumvent security measures, authentication, or rate limits
- 05Misrepresent PullFirst data as official government records
Limitation of liability.
PullFirst is not liable for damages arising from your use of the service or reliance on its data. That includes, without limitation, lost revenue, business interruption, or decisions made on the strength of an API response.
PullFirst runs best-effort with no contractual SLA or indemnity. If that doesn’t work for your use case, don’t use the service.
Corrections, and updates to these terms.
If you spot an inaccurate record, email contact@pullfirst.com with the contractor name, record identifiers, and the discrepancy. Since we source from public records, corrections to the underlying record should go to the originating agency. We refresh when the source does.
We may modify or discontinue the service at any time and may update these terms. Material changes are announced on this page. Continued use after an update means you accept the revised terms.
Questions about the terms?
For the privacy side of the house, read the Privacy Policy. For anything involving lawyers, email us directly and you will reach the same people who ship the platform.