CCC Intelligent Solutions Inc. – CCC Secure Share™ Program

Application Standards and Review Guidelines

Last Updated December 18, 2017

Introduction

These are application standards and review guidelines for any application, including updates, modifications and future versions thereof (“Application” or “App”) you submit for inclusion in the CCC Secure Share™ Marketplace (“Marketplace”). To make it easier for your customers to find apps that fit their needs, we want to ensure that the apps available in the Marketplace are functional and up to our standards. This document describes the kinds of criteria we use to evaluate whether to approve or reject an Application submitted for inclusion in the Marketplace, and whether to remove a previously included Application from the Marketplace. After an Application is approved, we continue to monitor whether an Application meets the standards for being on the Marketplace. Apps may be removed from the Marketplace without notice if they no longer function as intended, violate or don't meet the current standards and review guidelines, or don't comply with any other terms that govern your Apps and the Marketplace, including the Secure Share Program Permitted Use Terms. Certain violations may result in your removal from the app developer program. These standards and review guidelines are a living document, and CCC reserves the right to change or modify them at any time.

App Standards and Review Guidelines

A few points to keep in mind regarding the review process:

  • Application registrants utilizing CCC Secure Share must maintain an active CIECA membership.
  • We will reject Apps for any content or behavior that we believe is over the line.
  • Any attempt to cheat the system (for example, by trying to trick the review process, steal user data, or copy another developer's work) will result in your Apps being removed from the Marketplace and/or cancellation of your developer registration.
  • We may update or change these standards and guidelines at any time.

Before You Submit

The following checklist can help you avoid common missteps that can slow down the review process or result in a rejection. Though this doesn't guarantee approval, reviewing the following may help your App approval go as smoothly as possible.

Make sure you:

  • Test your App for crashes and bugs
  • Ensure that all information and metadata included in your submission is complete, accurate and not misleading
  • Update your contact information in case we need to reach you
  • Enable backend services so that they are live and accessible during review
  • Include detailed explanations of non-obvious features in the “Note to Reviewer” field
  • Check whether your App is in compliance with and follows guidance in other documentation, such as:
    • App Category Guidelines
    • Application Registration Agreement, including the Permitted Use Terms
    • CCC Secure Share API Documentation
    • Developer Registration Agreement
    • Terms of Use
    • Privacy Policy

1. Usage Guidelines

You should carefully review and ensure your App complies with the Permitted Use Terms (available here: https://www.cccsecureshare.com/legal/permitteduses), which are included as part of the Application Registration Agreement. The list below is far from exhaustive, but is provided as a quick reference to major do's and don'ts to keep in mind.

  1. Acceptable.
    1. Creating an Application that aligns with the App Category Guidelines (available here: https://www.cccsecureshare.com/legal/appcategoryguidelines).
  2. Unacceptable.
    1. Creating an interface for displaying third party apps, extensions, or plug-ins similar to the Marketplace or as a general-interest collection.
    2. Creating an Application that generates files in the CIECA EMS format (other than in accordance with the Permitted Use Terms).
    3. Reselling data retrieved through CCC Secure Share to any third-party, especially for purposes of consumer credit reporting, pricing insurance policies, motor vehicle history reporting, and publishing for public consumption.
    4. Creating an Application for use outside of the United States.
    5. Creating an Application that stores data retrieved through CCC Secure Share outside of the United States.
    6. Creating an Application under an insurance company, or that exclusively targets insurance companies.

2. Performance

  1. Final and Complete App. When you submit an Application for inclusion in the Marketplace, your App should be in a final, production ready state and you should submit all necessary metadata and fully functional URLs. Make sure your App has been tested for bugs and stability before you submit it, and turn on any necessary back-end services. Demos, betas, and trial versions do not belong in the Marketplace.
  2. Metadata.
    1. Your users should know what your App does. Make sure your App description is up to date and accurately reflects your App's function.
    2. Information provided to CCC for inclusion in the Marketplace should fully describe all features and functionality of the App.
    3. Your App's category should be selected in accordance with the App Category Guidelines. CCC will either reject your App or change the category if the category you select is inconsistent with your App's function.
    4. Use a unique name for your App. App names must be limited to 50 characters and should not include terms or descriptions other than your App's name. Including third party trademarks, popular app names, or other irrelevant phrases to game the system is grounds for rejection.
    5. Logos should be specific to the App, and any imagery depicted in the logo should accurately reflect the Application functionality. Logo size is limited to 500x300, and must be free from pixilation or blurring.
    6. App descriptions will be displayed in the Marketplace, so make them easy for customers to read. Use proper spelling and punctuation, and write descriptions in sentence case.
    7. Metadata should be appropriate for all audiences.
  3. Health Standards. It's important to monitor your Applications to ensure that they are available and performing correctly, both prior to submission for approval, and after an App has been approved and is available on the Marketplace.
    1. Ongoing Monitoring. CCC may perform health monitoring by sending requests to the endpoints specified for your Applications.
    2. Uptime. Applications that are not performing correctly or are unavailable for extended periods of time may be rejected or removed from the Marketplace, including:
      1. Applications that have been suspended by you for more than 48 hours
      2. Applications that are unreachable or are inaccessible for more than 48 hours
      3. Applications that have experienced 48 hours of downtime between the hours of 6AM and 8PM Central Time in the last 7 days
  4. Transaction Thresholds. The CCC defined threshold for the number of acceptable number of transactions to the Secure Share Endpoint API is 10,000 transactions per hour. Applications that violate the published threshold for usage may be removed from the Marketplace.

3. Design and Content

The following are minimum standards for approval to the Marketplace. Apps that stop working or offer a degraded experience may be removed from the Marketplace at any time.

  1. No Copycats. Do not copy another App on the Marketplace, or try to pass off someone else's App or user interface as your own.
  2. Minimum Functionality. Useless Apps have no place in the Marketplace. Apps should use CCC Secure Share data in accordance with the Permitted Use Terms. If your App uses any third party APIs or frameworks, you should note such integration in the App's description and comply with any terms relating to the use of those APIs and frameworks. Apps should be fully functional to operate within the Marketplace, and should not require a user to have anything other than access to the Marketplace to function.
  3. No Spam. Do not create and submit multiple copies of the same App.
  4. Use of CCC Sites and Services. Do not use CCC Secure Share to spam, phish, or send unsolicited messages to customers. Do not attempt to reverse lookup, trace, relate, associate, mine, harvest, or otherwise exploit information obtained through CCC Secure Share, or you will be removed from the app developer program.
  5. No Objectionable Content. Information submitted for inclusion in the Marketplace should not include content that is offensive, insensitive, upsetting, intended to disgust, or in exceptionally poor taste. Examples of such content include:
    1. Defamatory or mean-spirited content.
    2. False information and features, including inaccurate data.
  6. Your Information. People need to know how to reach you with questions and support issues. Make sure to include an accurate and up-to-date support information, including but not limited to a support URL, phone number, and email address.

4. Legal

Apps must comply with all legal requirements applicable to you and your Apps. It is your responsibility to understand and make sure your App conforms to all applicable laws. The following guidelines are provided for your benefit, but in no way reduces or absolves you of your responsibility to comply with applicable laws. Apps should not solicit, promote, or encourage criminal or clearly reckless behavior of any kind.

  1. Privacy and Security. Privacy and security are extremely important to the CCC Secure Share Program. You should comply with all applicable laws, the terms of the Application Registration Agreement, any agreements between you and users of your App, and generally with those users' expectations. All data you receive through CCC Secure Share, whether personal, confidential, or otherwise sensitive or protected, including any BMS information should be properly secured to prevent unauthorized access or disclosure. More particularly:
    1. Data Use and Sharing.
      1. Apps cannot use or transmit someone's personal data without first obtaining their permission and providing access to information about how and where the data will be used.
      2. Secure Share data may not be used or shared with third parties except in compliance with the Permitted Use Terms.
    2. Security Standards. You should use administrative, physical, and technical safeguards to protect personal, confidential, sensitive, or protected information, and any BMS information you receive through CCC Secure Share, that are reasonably designed to prevent unauthorized access to and disclosure of such information and are no less rigorous than accepted industry practices. All API secret keys and credentials should be encrypted. Personnel with access to PII data should undergo criminal background checks. Data at rest or in motion over the wire should be encrypted.
    3. Data Breaches. Applications that experience a data privacy or security breach may be removed from the Marketplace. Data privacy and security breaches include, but are not limited to:
      1. Failing to comply with applicable laws relating to privacy or data protection.
      2. Violating any privacy policy you provide to your users in connection with your Apps.
      3. Failing to comply with these Application Standards and Review Guidelines with respect to protecting, securing, or sharing data.
      4. Failing to comply with the Application Registration Agreement or the Permitted Use Terms with respect to protecting, securing, or sharing data.
      5. Applications that share data with an unauthorized source.
      6. Any unauthorized access to or disclosure of personal, confidential, sensitive, or protected information.
  2. Intellectual Property. Data and information submitted to CCC in connection with the submission of your App for inclusion in the Marketplace, including any and all information submitted for publication in the Marketplace, should only include content that you own or have a license to use.
    1. Generally. Do not use trademarks, copyrighted works, or use patented methods or systems in connection with your App, unless you have the necessary permission or license. Do not make misleading or false statements in your App or in your App's metadata. Do not submit an App that appears confusingly similar to any third party's existing product, interface, app or advertising theme.
    2. Third Party Sites/Services. You need to have the necessary permissions or licenses to use, access, monetize, or display content from third parties in connection with your App. If requested by CCC, you must provide documentation of proper authorizations.
    3. No CCC Endorsement. Do not suggest or infer that CCC endorses your App, or that CCC endorses any particular representation regarding your App.
  3. Audit. Our objective in creating this guide is to create clarity and consistency around the app review process. Make sure that your App meets the guidelines specified in this document, and in the Application Registration Agreement (including, in particular, the Permitted Use Terms). If there is uncertainty if an Application is in compliance with these guidelines, CCC reserves the right to request an audit to ensure compliance with the Developer Registration Agreement, Application Registration Agreement and the Permitted Use Terms.

After You Submit

Once you've submitted your all information required for your App's inclusion in the Marketplace and you're in the review process, here are some things to keep in mind:

  • Timing: We will examine your submission as soon as we can.
  • Status Updates: The current status of your submission will be reflected in your CCC Secure Share Dashboard.
  • Rejections: Our goal is to apply these standards and guidelines fairly and consistently. If your App has been rejected or removed and you have questions or would like to provide additional information, please use “Contact Us” to communicate directly with our review team. This may help get your App on the Marketplace, and it can help us improve the app review process or identify a need for clarity in our policies.
  • Removal: Even after initial approval, an App can be removed from the Marketplace if you or your App fail to meet these standards and guidelines down the road.