Select Page

Our Beauty Plan Software as a Service Terms

These SaaS Terms govern all transactions between Customer and Company involving the Services. By executing the Order, or using the Services, Customer agrees to these SaaS Terms in full.  If there is any discrepancy or conflict between these SaaS Terms and the Order, the Order shall govern and control. The Order, which is hereby incorporated by reference, and these SaaS Terms (collectively, the “Agreement”) comprise the entire agreement between the Parties regarding the Services and supersede all prior or contemporaneous understandings, agreements, negotiations, representations and warranties and communications, both written and oral, and shall not be supplemented or explained by any evidence of trade usage or course of dealing. All Customer terms and conditions on any Customer documentation or contract are hereby objected to and rejected and shall be of no force and effect or deemed to be binding on Company in whole or in part. This Agreement will become effective when the Order is executed by the Customer and accepted by Company (the “Effective Date”).

    1. Defined Terms.
      • Administrator” means one or more Authorized Users or other persons who Customer authorizes to control, manage and use the Services on Customer’s behalf, including access to and control of the Customer Data.
      • Affiliate” means any entity directly or indirectly controlling, controlled by, or under common control with, Customer or Company, as the case may be.
      • Aggregated Statistics” means data and information related to Customer’s, and Customer’s employees’, contractors’ and patients’, use of the Services that is used by Company in an aggregate and anonymized manner, including to compile statistical and performance information related to the provision and operation of the Services.
      • Agreement” means an order for Services together with these SaaS Terms.
      • Authorized User” means Customer’s employees, consultants, contractors, and agents (i) who are authorized by Customer to access and use the Services under the rights granted to Customer pursuant to this Agreement and (ii) for whom access to the Services has been purchased hereunder.
      • Company” means Sebastian Technology Group LLC, a New Hampshire limited liability company doing business as Our Beauty Plan, or any of its successors or Affiliates that offer the Services.
      • Company IP” means the Services, the Documentation, and any and all intellectual property provided to Customer or any Authorized User in connection with the foregoing. For the avoidance of doubt, Company IP includes Aggregated Statistics and any information, data, or other content derived from Company’s monitoring of Customer’s access to or use of the Services, but does not include Customer Data.
      • Customer” is the Party who orders and is responsible for payment of the Services for use by Customer. A Customer must be an individual or a legal or governmental entity (e.g. corporation, limited liability company, limited partnership, educational institution or governmental agency). References to “Customer” in these SaaS Terms shall in the applicable context also refer to any Administrator or Authorized User acting on Customer’s behalf.
      • Customer Data” means, other than Aggregated Statistics, information, data, and other content, in any form or medium, that is submitted, posted, or otherwise transmitted by or on behalf of Customer, or Customer’s employees, contractors or patients or an Authorized User through the Services.
      • “Data Protection Laws” shall mean (a) the General Data Protection Regulation 2016/679 (“GDPR”), (b) ) in respect of the United Kingdom, the GDPR as saved into United Kingdom by virtue of section 3 of the United Kingdom European Union (Withdrawal) Act 2018 (“UK GDPR”) and the Data Protection Act, 2019; (c) the Swiss Federal Data Protection Act and its implementing regulations (“Swiss DPA”) (d) the California Consumer Privacy Act (“CCPA”) as amended by the California Privacy Rights Act (“CPRA”) and all regulations issued by the California Attorney General and/or the California Privacy Protection Agency implementing CCPA and CPRA (“CA Privacy Laws”) (e) Colorado Privacy Rights Act (“Colorado Privacy Laws”) (f) Connecticut Data Privacy Act (“CTDPA”) (g) Virginia Consumer Data Protection Act (“VCDPA”) and any other data protection and privacy laws in the United States.
      • Documentation” means Company’s user manuals, handbooks, and guides relating to the Services provided by Company to Customer either electronically or in hard copy form/end user documentation relating to the Services available at ourbeautyplan.com.
      • HIPAA” means the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, and the rules and regulations issued thereunder.
      • Order” means any document which specifies the Services purchased, and fees payable, by Customer, including any online order, software or tool through which Customer requests provision of Service.
      • Parties” means Customer and Company, and each a “Party”.
      • Patient Data” means information relating to the patient of Customer.
      • SaaS Terms” means these terms and conditions that together with an Order form a binding agreement between the Parties regarding the use of the Services.
      • Services” means the services ordered by Customer and provided by Company by means of access to certain content and use of features and functionality of software applications made available and accessible to Customer by Company solely to the extent set forth and further described in, and as limited by, the Customer’s Order and these SaaS Terms.
    2. Access and Use.
      • Provision of Access. Subject to and conditioned on Customer’s payment of Fees and compliance with the terms and conditions of this Agreement, Company hereby grants Customer a non-exclusive, non-transferable (except in compliance with Section 11(g)) right to access and use the Services during the Term, solely for use by Authorized Users in accordance with the terms and conditions herein. Such use is limited to Customer’s internal use. Company shall provide to Customer the necessary passwords and network links or connections to allow Customer to access the Services. The total number of Authorized Users will not exceed the number set forth in the Order, except as expressly agreed to in writing by the Parties and subject to any appropriate adjustment of the Fees payable hereunder.
      • Documentation License. Subject to the terms and conditions contained in this Agreement, Company hereby grants to Customer a non-exclusive, non-sublicensable, non-transferable (except in compliance with Section 11(g)) license to use the Documentation during the Term solely for Customer’s internal business purposes in connection with its use of the Services.
      • Use Restrictions. Customer shall not use the Services for any purposes beyond the scope of the access granted in this Agreement. Customer shall not at any time, directly or indirectly, and shall not permit any Authorized Users to: (i) copy, modify, or create derivative works of the Services or Documentation, in whole or in part; (ii) rent, lease, lend, sell, license, sublicense, assign, distribute, publish, transfer, or otherwise make available the Services or Documentation; (iii) reverse engineer, disassemble, decompile, decode, adapt, or otherwise attempt to derive or gain access to any software component of the Services, in whole or in part; (iv) remove any proprietary notices from the Services or Documentation; or (v) use the Services or Documentation in any manner or for any purpose that infringes, misappropriates, or otherwise violates any intellectual property right or other right of any person, or that violates any applicable law.
      • Prohibited Uses. Customer understands and acknowledges that the Services are not designed, intended, validated or cleared to be used as a clinical decision support system because it does not provide patient specific assessments or recommendations for any clinical decision, including, but not limited to, decisions for treatment of patients. Customer shall not use the information obtained or generated through its use of the Services for patient care or for diagnostic purposes, which use is specifically prohibited by this Agreement. THE COMPANY DOES NOT OFFER MEDICAL ADVICE OR ADVICE REGARDING THE OPTIMAL SET OF PROCEURES, ALERTS, DOSAGES, FREQUENCY, MANNER OF USE, OR STEPS NEEDED TO ACHIEVE SPECIFIC OUTCOMES FOR A PATIENT. ANY DECISIONS MADE OR ACTIONS TAKEN BASED ON INFORMATION ACCESSED THROUGH THE SERVICES ARE THE SOLE RESPONSIBILITY OF CUSTOMER. COMPANY DOES NOT RECOMMEND OR ENDORSE ANY GIVEN PATIENT TREATMENT. NEITHER THE SERVICES NOR ANY CUSTOMER DATA CONSTITUTE MEDICAL ADVICE AND SHOULD NOT BE CONSIDERED A SUBSTITUTE FOR THE INDIVIDUAL PROFESSIONAL JUDGMENT OF A PHYSICIAN OR HEALTH CARE PRACTITIONER REGARDING THE APPROPRIATE COURSE OF ACTION FOR ANY PARTICULAR PATIENT. THE SERVICES SHOULD BE INDEPENDENTLY REVIEWED WITH APPROPRIATE PROFESSIONAL MEDICAL STAF IN LIGHT OF THE NEEDS OF ANY PARTICULAR PATIENT.
      • Reservation of Rights. Company reserves all rights not expressly granted to Customer in this Agreement. Except for the limited rights and licenses expressly granted under this Agreement, nothing in this Agreement grants, by implication, waiver, estoppel, or otherwise, to Customer or any third party any intellectual property rights or other right, title, or interest in or to the Company IP.
      • Suspension. Notwithstanding anything to the contrary in this Agreement, Company may temporarily suspend Customer’s and any Authorized User’s access to any portion or all of the Services if: (i) Company reasonably determines that (A) there is a threat or attack on any of the Company IP; (B) Customer’s or any Authorized User’s use of the Company IP disrupts or poses a security risk to the Company IP or to any other customer or vendor of Company; (C) Customer, or any Authorized User, is using the Company IP for fraudulent or illegal activities; (D) subject to applicable law, Customer has ceased to continue its business in the ordinary course, made an assignment for the benefit of creditors or similar disposition of its assets, or become the subject of any bankruptcy, reorganization, liquidation, dissolution, or similar proceeding; or (E) Company’s provision of the Services to Customer or any Authorized User is prohibited by applicable law; (ii) any vendor of Company has suspended or terminated Company’s access to or use of any third-party services or products required to enable Customer to access the Services; or (iii) in accordance with Section 4(a)(iii) (any such suspension described in subclause (i), (ii), or (iii), a “Service Suspension”). Company shall use commercially reasonable efforts to provide written notice of any Service Suspension to Customer and to provide updates regarding resumption of access to the Services following any Service Suspension. Company shall use commercially reasonable efforts to resume providing access to the Services as soon as reasonably possible after the event giving rise to the Service Suspension is cured. Company will have no liability for any damage, liabilities, losses (including any loss of data or profits), or any other consequences that Customer or any Authorized User may incur as a result of a Service Suspension.
      • Aggregated Statistics. Notwithstanding anything to the contrary in this Agreement, Company may monitor Customer’s use of the Services and collect and compile Aggregated Statistics. As between Company and Customer, all right, title, and interest in Aggregated Statistics, and all intellectual property rights therein, belong to and are retained solely by Company. Customer acknowledges that Company may compile Aggregated Statistics based on Customer Data input into the Services. Customer agrees that Company may (i) make Aggregated Statistics publicly available in compliance with applicable law, and (ii) use Aggregated Statistics to the extent and in the manner permitted under applicable law.
      • Retention of Customer Data. Subject to Section 2(f), Company shall use commercially reasonable efforts to retain copies of Customer Data for one (1) year following the effective date of expiration or earlier termination of the Term. During such period, Company will, upon written request by Customer and Customer’s payment of a $99 fee, use commercially reasonable efforts to provide Customer with a copy of its Customer Data in a format supported by Company. After such periods as specified in this section, Company may delete Customer Data and Customer acknowledges and agrees that Company will have no liability for any such deletion.
    3. Customer Responsibilities.
      • General. Customer is responsible and liable for all uses of the Services and Documentation resulting from access provided by Customer, directly or indirectly, whether such access or use is permitted by or in violation of this Agreement. Without limiting the generality of the foregoing, Customer is responsible for all acts and omissions of Authorized Users, and any act or omission by an Authorized User that would constitute a breach of this Agreement if taken by Customer will be deemed a breach of this Agreement by Customer. Customer shall use reasonable efforts to make all Authorized Users aware of this Agreement’s provisions as applicable to such Authorized User’s use of the Services, and shall cause Authorized Users to comply with such provisions.
      • Customer Data. Customer shall (i) be responsible for, and assumes the risk of, any problems relating to the accuracy, completeness and consistency of all data, materials and information supplied by Customer; (ii) be responsible for the accuracy, quality, integrity and legality of Customer Data and the means by which such data was acquired, including but not limited to, ensuring that such Customer Data was obtained and is being provided or made available to Company in accordance with all applicable laws, rules and regulations, including but not limited to HIPAA and the Data Protection Laws; and (iii) reasonably cooperate with Company as necessary for Company to perform the Services.
      • Compliance with Laws. Customer represents and warrants that its use of the Services shall comply with all applicable laws and regulations, including, without limitation, the Data Protection Laws. Customer shall be solely responsible for determining whether the Services as used by Customer will comply with Customer’s obligations under the Data Protection Laws. Customer acknowledges and agrees that Company shall not be liable for any use of the Services by Customer that violates any Data Protection Laws. Customer warrants that it has, and will continue to have through the Term, the right to transfer, and/or provide access to, the Customer Data to Company for processing in accordance with the terms of the Data Protection Laws.
    4. Fees and Payment.
      • Fees. Customer shall pay Company the fees (“Fees”) set forth in the Order and without deduction. Customer shall make all payments hereunder in US dollars on or before the due date set forth in the Order. If Customer fails to make any payment when due, without limiting Company’s other rights and remedies: (i) Company may charge interest on the past due amount at the rate of 1.5% per month calculated daily and compounded monthly or, if lower, the highest rate permitted under applicable law; (ii) Customer shall reimburse Company for all reasonable costs incurred by Company in collecting any late payments or interest, including attorneys’ fees, court costs, and collection agency fees; and (iii) if such failure continues for five (5) days or more, Company may suspend Customer’s and its Authorized Users’ access to any portion or all of the Services until such amounts are paid in full.
      • Taxes. All Fees and other amounts payable by Customer under this Agreement are exclusive of taxes and similar assessments. Customer is responsible for all sales, use, and excise taxes, and any other similar taxes, duties, and charges of any kind imposed by any federal, state, or local governmental or regulatory authority on any amounts payable by Customer hereunder, other than any taxes imposed on Company’s income.
      • Auditing Rights and Required Records. Customer agrees to maintain complete and accurate records in accordance with generally accepted accounting principles during the Term and for a period of two (2) years after the termination or expiration of this Agreement with respect to matters necessary for accurately determining amounts due hereunder. Company may, at its own expense, on reasonable prior notice, periodically inspect and audit Customer’s records with respect to matters covered by this Agreement, provided that if such inspection and audit reveals that Customer has underpaid Company with respect to any amounts due and payable during the Term, Customer shall promptly pay the amounts necessary to rectify such underpayment, together with interest in accordance with Section 4(a). Customer shall pay for the costs of the audit if the audit determines that Customer’s underpayment equals or exceeds five percent (5%) for any quarter. Such inspection and auditing rights will extend throughout the Term of this Agreement and for a period of two (2) years after the termination or expiration of this Agreement.
    5. Confidential Information.
      From time to time during the Term, either Party may disclose or make available to the other Party information about its business affairs, products, confidential intellectual property, trade secrets, third-party confidential information, and other sensitive or proprietary information, whether orally or in written, electronic, or other form or media/in written or electronic form or media, and whether or not marked, designated, or otherwise identified as “confidential” (collectively, “Confidential Information”). Confidential Information does not include information that, at the time of disclosure is: (a) in the public domain; (b) known to the receiving Party at the time of disclosure; (c) rightfully obtained by the receiving Party on a non-confidential basis from a third party; or (d) independently developed by the receiving Party. The receiving Party shall not disclose the disclosing Party’s Confidential Information to any person or entity, except to the receiving Party’s employees who have a need to know the Confidential Information for the receiving Party to exercise its rights or perform its obligations hereunder. Notwithstanding the foregoing, each Party may disclose Confidential Information to the limited extent required (i) in order to comply with the order of a court or other governmental body, or as otherwise necessary to comply with applicable law, provided that the Party making the disclosure pursuant to the order shall first have given written notice to the other Party and made a reasonable effort to obtain a protective order; or (ii) to establish a Party’s rights under this Agreement, including to make required court filings. On the expiration or termination of the Agreement, the receiving Party shall promptly return to the disclosing Party all copies, whether in written, electronic, or other form or media, of the disclosing Party’s Confidential Information, or destroy all such copies and certify in writing to the disclosing Party that such Confidential Information has been destroyed. Each Party’s obligations of non-disclosure with regard to Confidential Information are effective as of the Effective Date and will expire five years from the date first disclosed to the receiving Party; provided, however, with respect to any Confidential Information that constitutes a trade secret (as determined under applicable law), such obligations of non-disclosure will survive the termination or expiration of this Agreement for as long as such Confidential Information remains subject to trade secret protection under applicable law.
    6. Intellectual Property Ownership; Feedback.
      • Company IP. Customer acknowledges that, as between Customer and Company, Company owns all right, title, and interest, including all intellectual property rights, in and to the Company IP.
      • Customer Data. Company acknowledges that, as between Company and Customer, Customer owns all right, title, and interest, including all intellectual property rights, in and to the Customer Data. Customer hereby grants to Company a non-exclusive, royalty-free, worldwide license to reproduce, distribute, and otherwise use and display the Customer Data and perform all acts with respect to the Customer Data as may be necessary for Company to provide the Services to Customer, and a non-exclusive, perpetual, irrevocable, royalty-free, worldwide license to reproduce, distribute, modify, and otherwise use and display Customer Data incorporated within the Aggregated Statistics.
      • Protected Health Information. If Customer is a “covered entity” or “business associate” and includes and includes “protected health information”, as those terms are defined in 45 CFR § 160.103, the business associate agreement (“BAA”) attached to these SaaS Terms as Exhibit A and incorporated herein by reference will govern each Party’s respective obligations regarding such protected health information. The BAA will not govern, and Company has no obligations under these SaaS Term or the BAA with respect to, and Patient Data that Customer creates, receives, maintains, or transmits outside of the Services, including through use of any applications, databases or systems other than the Services.
      • Feedback. If Customer or any of its employees or contractors sends or transmits any communications or materials to Company by mail, email, telephone, or otherwise, suggesting or recommending changes to the Company IP, including without limitation, new features or functionality relating thereto, or any comments, questions, suggestions, or the like (“Feedback”), Company is free to use such Feedback irrespective of any other obligation or limitation between the Parties governing such Feedback. Customer hereby assigns to Company on Customer’s behalf, and on behalf of its employees, contractors and/or agents, all right, title, and interest in, and Company is free to use, without any attribution or compensation to any party, any ideas, know-how, concepts, techniques, or other intellectual property rights contained in the Feedback, for any purpose whatsoever, although Company is not required to use any Feedback.
    7. Warranty Disclaimer.
      EXCEPT AS EXPRESSLY REPRESENTED OR WARRANTED IN THIS AGREEMENT, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE COMPANY IP IS PROVIDED “AS IS” AND COMPANY HEREBY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE. COMPANY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT, AND ALL WARRANTIES ARISING FROM COURSE OF DEALING, USAGE, OR TRADE PRACTICE. COMPANY MAKES NO WARRANTY OF ANY KIND THAT THE COMPANY IP, OR ANY PRODUCTS OR RESULTS OF THE USE THEREOF, WILL MEET CUSTOMER’S OR ANY OTHER PERSON’S REQUIREMENTS, OPERATE WITHOUT INTERRUPTION, ACHIEVE ANY INTENDED RESULT, BE COMPATIBLE OR WORK WITH ANY SOFTWARE, SYSTEM, OR OTHER SERVICES, OR BE SECURE, ACCURATE, COMPLETE, FREE OF HARMFUL CODE, OR ERROR FREE.
    8. Indemnification.
      • Company Indemnification.
        • Company shall indemnify, defend, and hold harmless Customer from and against any and all losses, damages, liabilities, costs (including reasonable attorneys’ fees) (“Losses”) incurred by Customer resulting from any third-party claim, suit, action, or proceeding (“Third-Party Claim”) that the Services, or any use of the Services in accordance with this Agreement, infringes or misappropriates such third party’s US patents, copyrights, or trade secrets, provided that Customer promptly notifies Company in writing of such Third-Party Claim, cooperates with Company, and allows Company sole authority to control the defense and settlement of such Third-Party Claim.
        • If a Third Party-Claim is made or appears possible, Customer agrees to permit Company, at Company’s sole discretion, to (A) modify or replace the Services, or component or part thereof, to make it non-infringing, or (B) obtain the right for Customer to continue use. If Company determines that neither alternative is reasonably available, Company may terminate this Agreement, in its entirety or with respect to the affected component or part, effective immediately on written notice to Customer.
        • This Section 8(a) will not apply to the extent that the alleged infringement arises from: (A) use of the Services in combination with data, software, hardware, equipment, or technology not provided by Company or authorized by Company in writing; (B) modifications to the Services not made by Company; or (C) Customer Data.
      • Customer Indemnification. Customer shall indemnify, hold harmless, and, at Company’s option, defend Company from and against any Losses resulting from any Third-Party Claim that the Customer Data, or any use of the Customer Data in accordance with this Agreement, infringes or misappropriates such third party’s intellectual property rights and any Third-Party Claims based on Customer’s or any Authorized User’s (i) negligence or willful misconduct; (ii) use of the Services in a manner not authorized by this Agreement; (iii) use of the Services in combination with data, software, hardware, equipment, or technology not provided by Company or authorized by Company in writing; or (iv) modifications to the Services not made by Company, provided that Customer may not settle any Third-Party Claim against Company unless Company consents to such settlement, and further provided that Company will have the right, at its option, to defend itself against any such Third-Party Claim or to participate in the defense thereof by counsel of its own choice.
      • Sole Remedy. THIS SECTION 8 SETS FORTH CUSTOMER’S SOLE REMEDIES AND COMPANY’S SOLE LIABILITY AND OBLIGATION FOR ANY ACTUAL, THREATENED, OR ALLEGED CLAIMS THAT THE SERVICES INFRINGE, MISAPPROPRIATE, OR OTHERWISE VIOLATE ANY INTELLECTUAL PROPERTY RIGHTS OF ANY THIRD PARTY. IN NO EVENT WILL COMPANY’S LIABILITY UNDER THIS SECTION 8 EXCEED THE TOTAL AMOUNTS PAID TO COMPANY UNDER THIS AGREEMENT IN THE SIX (6) MONTH PERIOD PRECEDING THE EVENT GIVING RISE TO THE CLAIM.
    9. Limitations of Liability.
      IN NO EVENT WILL COMPANY BE LIABLE UNDER OR IN CONNECTION WITH THIS AGREEMENT UNDER ANY LEGAL OR EQUITABLE THEORY, INCLUDING BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, AND OTHERWISE, FOR ANY: (a) CONSEQUENTIAL, INCIDENTAL, INDIRECT, EXEMPLARY, SPECIAL, ENHANCED, OR PUNITIVE DAMAGES; (b) INCREASED COSTS, DIMINUTION IN VALUE OR LOST BUSINESS, PRODUCTION, REVENUES, OR PROFITS; (c) LOSS OF GOODWILL OR REPUTATION; (d) USE, INABILITY TO USE, LOSS, INTERRUPTION, DELAY, OR RECOVERY OF ANY DATA, OR BREACH OF DATA OR SYSTEM SECURITY; OR (e) COST OF REPLACEMENT GOODS OR SERVICES, IN EACH CASE REGARDLESS OF WHETHER COMPANY WAS ADVISED OF THE POSSIBILITY OF SUCH LOSSES OR DAMAGES OR SUCH LOSSES OR DAMAGES WERE OTHERWISE FORESEEABLE. IN NO EVENT WILL COMPANY’S AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT UNDER ANY LEGAL OR EQUITABLE THEORY, INCLUDING BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, AND OTHERWISE EXCEED THE TOTAL AMOUNTS PAID TO COMPANY UNDER THIS AGREEMENT IN THE SIX (6) MONTH PERIOD PRECEDING THE EVENT GIVING RISE TO THE CLAIM.
    10. Term and Termination.
      • Term. The term for each Order begins on the Effective Date of an Order as specified by Company, and, unless terminated earlier pursuant to this Agreement’s express provisions, will continue in effect until for one (1) month (or such other period of time specified in such Order) from the Effective Date (the “Initial Term”). Each Order will automatically renew for successive one (1) month terms unless earlier terminated pursuant to this Agreement’s express provisions or either Party gives the other Party written notice of non-renewal prior to the expiration of the then-current term (each a “Renewal Term” and together with the Initial Term, the “Term”).
      • Termination. In addition to any other express termination right set forth in this Agreement:
        • Company may terminate this Agreement or suspend Customer’s access to the Services in the event any amount is not received when due and Customer has not paid such amount within five (5) days of receipt of written notice to Customer of such overdue payment.
        • Company may terminate this Agreement, effective on written notice to Customer, if Customer breaches any of its obligations under Section 2(c) or Section 5;
        • either Party may terminate this Agreement, effective on written notice to the other Party, if the other Party breaches this Agreement, and such breach: (A) is incapable of cure; or (B) being capable of cure, remains uncured fifteen (15) days after the non-breaching Party provides the breaching Party with written notice of such breach; or
        • either Party may terminate this Agreement, effective immediately upon written notice to the other Party, if the other Party: (A) becomes insolvent or is generally unable to pay, or fails to pay, its debts as they become due; (B) files or has filed against it, a petition for voluntary or involuntary bankruptcy or otherwise becomes subject, voluntarily or involuntarily, to any proceeding under any domestic or foreign bankruptcy or insolvency law; (C) makes or seeks to make a general assignment for the benefit of its creditors; or (D) applies for or has appointed a receiver, trustee, custodian, or similar agent appointed by order of any court of competent jurisdiction to take charge of or sell any material portion of its property or business.
      • Effect of Expiration or Termination. Upon expiration or earlier termination of this Agreement, Customer shall immediately discontinue use of the Company IP and, without limiting Customer’s obligations under Section 5, Customer shall delete, destroy, or return all copies of the Company IP and certify in writing to the Company that the Company IP has been deleted or destroyed. No expiration or termination will affect Customer’s obligation to pay all Fees that may have become due before such expiration or termination or entitle Customer to any refund.
      • Survival. This Section 11(d) and Sections 1, 4, 5, 6, 7, 8(b), 9, and 11 survive any termination or expiration of this Agreement. No other provisions of this Agreement survive the expiration or earlier termination of this Agreement.
    11. Miscellaneous.
      • Entire Agreement. This Agreement, together with any other documents incorporated herein by reference and all related Exhibits, constitutes the sole and entire agreement of the Parties with respect to the subject matter of this Agreement and supersedes all prior and contemporaneous understandings, agreements, and representations and warranties, both written and oral, with respect to such subject matter. In the event of any inconsistency between the statements made in the body of this Agreement, the related Exhibits, and any other documents incorporated herein by reference, the following order of precedence governs: (i) first, this Agreement, excluding its Exhibits; (ii) second, the Exhibits to this Agreement as of the Effective Date; and (iii) third, any other documents incorporated herein by reference.
      • Notices. All notices, requests, consents, claims, demands, waivers, and other communications hereunder (each, a “Notice”) must be in writing and addressed to the Parties at the addresses set forth in the original Order (or to such other address that may be designated by the Party giving Notice from time to time in accordance with this Section). All Notices must be delivered by personal delivery, nationally recognized overnight courier (with all fees pre-paid), email, or certified or registered mail (in each case, return receipt requested, postage pre-paid). Except as otherwise provided in this Agreement, a Notice is effective only: (i) upon receipt by the receiving Party; and (ii) if the Party giving the Notice has complied with the requirements of this Section.
      • Force Majeure. In no event shall Company be liable to Customer, or be deemed to have breached this Agreement, for any failure or delay in performing its obligations under this Agreement, if and to the extent such failure or delay is caused by any circumstances beyond Company’s reasonable control, including but not limited to acts of God, flood, fire, earthquake, explosion, war, terrorism, invasion, riot or other civil unrest, strikes, labor stoppages or slowdowns or other industrial disturbances, or passage of law or any action taken by a governmental or public authority, including imposing an embargo.
      • Amendment and Modification; Waiver. Company reserves the right to modify, supplement or replace these SaaS Terms, effective upon the commencement of the Renewal Term immediately following Company’s Notice to Customer of such modification, supplement or replacement (the “Amendment Effective Date”). The continued use of the Services following such Amendment Effective Date will be deemed as Customer’s acceptance and consent to such modification, supplement or replacement. Except as provided in this Section, no amendment to or modification of these SaaS Terms or any Order is effective unless it is in writing and signed by an authorized representative of each Party. No waiver by any Party of any of the provisions hereof will be effective unless explicitly set forth in writing and signed by the Party so waiving. Except as otherwise set forth in this Agreement, (i) no failure to exercise, or delay in exercising, any rights, remedy, power, or privilege arising from this Agreement will operate or be construed as a waiver thereof, and (ii) no single or partial exercise of any right, remedy, power, or privilege hereunder will preclude any other or further exercise thereof or the exercise of any other right, remedy, power, or privilege.
      • Severability. If any provision of this Agreement is invalid, illegal, or unenforceable in any jurisdiction, such invalidity, illegality, or unenforceability will not affect any other term or provision of this Agreement or invalidate or render unenforceable such term or provision in any other jurisdiction. Upon such determination that any term or other provision is invalid, illegal, or unenforceable, the Parties shall negotiate in good faith to modify this Agreement so as to effect their original intent as closely as possible in a mutually acceptable manner in order that the transactions contemplated hereby be consummated as originally contemplated to the greatest extent possible.
      • Governing Law; Submission to Jurisdiction. This Agreement is governed by and construed in accordance with the internal laws of the State of New Hampshire without giving effect to any choice or conflict of law provision or rule that would require or permit the application of the laws of any jurisdiction other than those of the State of New Hampshire. Any legal suit, action, or proceeding arising out of or related to this Agreement or the licenses granted hereunder will be instituted exclusively in the federal courts of the United States or the courts of the State of New Hampshire in each case located in the County of Rockingham, and each Party irrevocably submits to the exclusive jurisdiction of such courts in any such suit, action, or proceeding.
      • Assignment. Customer may not assign any of its rights or delegate any of its obligations hereunder, in each case whether voluntarily, involuntarily, by operation of law or otherwise, without the prior written consent of Company. Any purported assignment or delegation in violation of this Section will be null and void. No assignment or delegation will relieve the assigning or delegating Party of any of its obligations hereunder. This Agreement is binding upon and inures to the benefit of the Parties and their respective permitted successors and assigns.
      • Export Regulation. Customer shall comply with all applicable federal laws, regulations, and rules, and complete all required undertakings (including obtaining any necessary export license or other governmental approval), that prohibit or restrict the export or re-export of the Services or any Customer Data outside the US.
      • US Government Rights. Each of the Documentation and the software components that constitute the Services is a “commercial product” as that term is defined at 48 C.F.R. § 2.101, consisting of “commercial computer software” and “commercial computer software documentation” as such terms are used in 48 C.F.R. § 12.212. Accordingly, if Customer is an agency of the US Government or any contractor therefor, Customer only receives those rights with respect to the Services and Documentation as are granted to all other end users, in accordance with (a) 48 C.F.R. § 227.7201 through 48 C.F.R. § 227.7204, with respect to the Department of Defense and their contractors, or (b) 48 C.F.R. § 12.212, with respect to all other US Government users and their contractors.
      • Equitable Relief. Each Party acknowledges and agrees that a breach or threatened breach by such Party of any of its obligations under Section 5 or, in the case of Customer, Section 2(c), would cause the other Party irreparable harm for which monetary damages would not be an adequate remedy and agrees that, in the event of such breach or threatened breach, the other Party will be entitled to equitable relief, including a restraining order, an injunction, specific performance, and any other relief that may be available from any court, without any requirement to post a bond or other security, or to prove actual damages or that monetary damages are not an adequate remedy. Such remedies are not exclusive and are in addition to all other remedies that may be available at law, in equity, or otherwise.

    EXHIBIT A

    BUSINESS ASSOCIATE AGREEMENT

    This Business Associate Agreement (the “Agreement”) is hereby made by and between Company and Customer as defined in the Software as a Service Terms (“SaaS Terms”).  For purposes of this Agreement, “Business Associate” refers to Company and “Covered Entity” refers to Customer.  Each individually is a “Party” and together they are “Parties.”

    Article I.  The purpose of this Agreement is to comply with the Health Insurance Portability and Accountability Act of 1996, as amended by sections 13400 through 13424 of the Health Information Technology for Economic Clinical Health Act (“HIPAA”), the associated regulations, 45 CFR Part 160 and Part 164, Subparts A and E (“Privacy Regulations”) and 45 CFR Parts 160, 162, and 164, Subpart C (“Security Regulations”), as may be amended, and other guidance that may be issued by the federal Department of Health and Human Services (all of the above laws, rules, regulations and guidance are collectively referred to herein as “HIPAA Rules”).

    Article II. Covered Entity and Business Associate have entered into this Agreement because Covered Entity may disclose or provide access to Protected Health Information (“PHI”) to Business Associate in connection with services provided to Covered Entity and may create, maintain or disclose PHI on behalf of Covered Entity (the “Services”).

    Article III. The HIPAA Rules require Covered Entity to obtain written assurances from any business associate that the business associate will appropriately safeguard the PHI.

    Now, therefore, in consideration of the mutual promises set forth below and other good and valuable consideration, the sufficiency and receipt of which is hereby acknowledged, the Parties agree as follows:

     

    Definitions.  Terms used, but not otherwise defined, in this Agreement shall have the same meaning as those terms in the HIPAA Rules.

    Permitted Uses and Disclosures, and Obligations of Business Associate and Covered Entity.

    2.1  Business Associate may use or disclose PHI to perform functions, activities or services for, or on behalf of, Covered Entity as specified in the HIPAA Rules, this Agreement and any underlying agreements between the Parties or as otherwise required by law.  Business Associate will not use or disclose PHI in a manner (i) inconsistent with Covered Entity’s or its own obligations under the HIPAA Rules, or (ii) that would violate the HIPAA Rules if disclosed or used in such a manner by Covered Entity.

    2.2 Business Associate hereby acknowledges and agrees that it will comply with the requirements on business associates set forth in the HIPAA Rules commencing on the applicable effective date of each such provision and that such requirements are incorporated by reference into this Agreement.

    2.3  Business Associate may use PHI for the proper management and administration of the Business Associate or to carry out the legal responsibilities of Business Associate, provided the disclosures are (i) required by law, or (ii)(a) Business Associate obtains reasonable assurances from the person to whom the information is disclosed that the information will remain confidential and used or further disclosed only as required by law or for the purposes for which it was disclosed to the person and (b) the person notifies Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.

    2.4 Business Associate agrees to limit its uses and disclosures and requests for PHI to the minimum necessary required to perform its obligations in accordance with 45 CFR §164.502(b).

    2.5 To the extent Business Associate is to carry out one or more of Covered Entity’s obligations under Subpart E of 45 CFR Part 164, Business Associate agrees to comply with the requirements of Subpart E that apply to Covered Entity in the performance of such obligation(s).

    2.6 Covered Entity shall: (i) not disclose PHI to Business Associate except to the extent permitted under the Privacy Regulations; (ii) limit disclosure to the minimum necessary for purposes of the services provided by Business Associate; and (iii) not request Business Associate to take any action that it would not be permitted to take under the HIPAA rules.

    2.7 Business Associate is permitted to provide data aggregation services relating to the Health Care Operations of Covered Entity.  “Data Aggregation” means the combining of PHI that Business Associate received from Covered Entity with the PHI that Business Associate received from another covered entity to permit data analyses that relate to the Health Care Operations of the respective covered entities.

    2.8 Covered Entity grants Business Associate the right to collect and de-identify PHI in accordance with the HIPAA Rules to allow Business Associate to (a) use such information to improve and enhance the Services and for other development, improvement, diagnostic, and corrective purposes in connection with the Services and other Business Associate offerings, and (b) disclose such de-identified information in an aggregated format, without identifying Covered Entity, in connection with its business activities.

    Safeguards for the Protection of PHI.

    3.1 Business Associate will implement and maintain commercially appropriate security safeguards to ensure that PHI, including electronic PHI, is not used or disclosed by Business Associate, its employees, agents or subcontractors in violation of this Agreement.

    3.2 Business Associate agrees to implement administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of any electronic PHI that is created, received, maintained or transmitted by Business Associate under this Agreement.  Business Associate will comply with the applicable requirements of the Security Regulations.

    Reporting and Mitigating the Effect of Unauthorized Uses and Disclosures.

    4.1 Reporting.

    4.1.1 Unauthorized Uses and Disclosures Including Breaches.  Business Associate agrees to report in writing to Covered Entity any use or disclosure of the PHI not provided for by this Agreement of which it becomes aware, including breaches of unsecured PHI as required at 45 CFR 164.410.  The Parties agree, however, that Business Associate need not report to Covered Entity any use or disclosure of information if Business Associate: (a) reasonably determines that such a use or disclosure is not a breach under 45 CFR §164.402; (b) documents its determination that the use or disclosure is not  breach in a manner that satisfies the requirements under 45 CFR §164.402 (including performing a risk assessment where appropriate) and provides such documentation to Covered Entity upon request.  With respect to a breach of unsecured PHI, Business Associate shall notify Covered Entity within five (5) business days of discovery of any such breach.  No later than thirty (30) days after the discovery of the Breach, or promptly thereafter as information becomes available, Business Associate shall further provide Covered Entity with the information required under 45 CFR 164.410.

    4.1.2 Security Incidents.  If Business Associate creates, receives, maintains or transmits electronic PHI on Covered Entity’s behalf, Business Associate will report to Covered Entity within five (5) business days any security incident of which it becomes aware.  A “Security Incident” means an incident as defined under 45 CFR §164.304, except that Business Associate and Covered Entity agree that attempted but unsuccessful Security Incidents that are trivial in nature need not be reported.

    4.2 Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of the requirements of this Agreement.

    Use by and Disclosure to Subcontractors, Agents, and Representatives.  Business Associate will require that any agents, vendors, or subcontractors of Business Associate to whom it provides PHI that is subject to this Agreement, agree to the same restrictions and conditions that apply to Business Associate with respect to such information, and Business Associate will enter into appropriate Business Associate Agreements with any subcontractors it may use in providing its services.

    Individual Rights and Accounting of Disclosures

    6.1 As directed by the Covered Entity, if Business Associate maintains PHI on behalf of Covered Entity, Business Associate shall make available PHI to the individual in accordance with 45 CFR §164.524 and incorporate any amendments to the PHI.  If Business Associate maintains PHI in an electronic health record, Business Associate agrees to provide an electronic copy to the individual upon request.

    6.2 Business Associate shall document all disclosures of PHI and any information related to such disclosures as would be required for Covered Entity to respond to a request by an individual for an accounting of disclosures of PHI in accordance with the HIPAA Rules.

    6.3 Business Associate agrees to provide to Covered Entity, in a time and manner designated by Covered Entity, information to permit Covered Entity to respond to a request by an individual for an accounting of disclosures of PHI in accordance with the HIPAA Rules.

    Audit, Inspection and Enforcement.  With reasonable notice, Business Associate agrees to make internal practices, books and records, including policies and procedures relating to the use and disclosure of PHI received from Covered Entity, or created or received by Business Associate on behalf of Covered Entity, available to the Secretary of the Department of Health and Human Services (“Secretary”) for purposes of determining Covered Entity’s and Business Associate’s compliance with HIPAA, and this Agreement.

    Obligations of Covered Entity to Inform Business Associate of Privacy Practices and Restrictions.

    8.1 Covered Entity shall provide Business Associate with its Notice of Privacy Practices in accordance with the HIPAA Rules, as well as any changes to such Notice.

    8.2 Covered Entity shall notify Business Associate of any changes in, or revocation of, any Authorizations by individuals to use or disclose PHI, if such changes affect Business Associate’s permitted or required uses and disclosures.

    8.3 Covered Entity shall notify Business Associate of any restriction to the use or disclosure of PHI that Covered Entity has agreed to in accordance with the HIPAA Rules if the restriction affects Business Associate’s permitted or required uses and disclosures.

    1. Term and Termination.

    9.1 Term.  This Agreement shall be effective as of the date of execution of this Agreement or the effective date of the underlying agreement and shall terminate when all the PHI provided by Covered Entity to Business Associate or created or received by Business Associate on behalf of Covered Entity, is destroyed or returned to Covered Entity.  If it is infeasible to return or destroy PHI, the protections herein are extended to such information, in accordance with the termination provisions in Section 9.3.

    9.2 Termination for Cause.  If either Party is determined to have materially breached the HIPAA Rules or this Agreement, the non-breaching Party may terminate the Agreement if the breaching Party fails to cure the breach within thirty (30) days’ written notice from the non-breaching Party.

    9.3 Effect of Termination.  Upon termination of this Agreement, if feasible, Business Associate will return or destroy all PHI received from Covered Entity or created or received by Business Associate on behalf of Covered Entity that Business Associate still maintains in any form and retain no copies of such information, or if such return or destruction is not feasible, Business Associate shall extend the protections of this Agreement to the information retained and limit further uses and disclosures to those purposes that make the return or destruction of the information infeasible.

    1. Miscellaneous.

    10.1 Regulatory References.  A reference in this Agreement to the HIPAA Rules means the HIPAA rules in effect or as amended.

    10.2 Amendment.  This Agreement cannot be amended except by the mutual written agreement of Business Associate and Covered Entity.

    10.3 Waiver.  A waiver of a breach of this Agreement shall not be deemed to be a waiver of a breach of any other provision of this Agreement, or of a future waiver of any subsequent breach of the same provision.

    10.4 No Third-Party Beneficiaries.  This Agreement is intended for the sole benefit of Business Associate and Covered Entity and does not create any third-party beneficiary rights, except as to the extent that the HIPAA Rules validly require the Secretary of the Department of Health and Human Services or any other person to be a third-party beneficiary to this Agreement.

    10.5 Independent Contractors.  The Parties are and shall be independent contractors to one another, and nothing herein shall be deemed to cause this Agreement to create an employment, agency, partnership or joint venture between the Parties.

    10.6 Survival.  The respective rights and obligations of Business Associate and Covered Entity under Sections 3, 4, 5, 6, 7, 8 and 9 of this Agreement will survive termination of the Agreement indefinitely regardless of the cause giving rise to termination.

    10.7 Notices.  Any notice to be given under this Agreement to a Party shall be made in accordance with the notice provision detailed in the SaaS Terms.

    10.8 Entire Agreement.  This Agreement constitutes the entire understanding among the Parties with respect to its subject matter.  If the terms of this Agreement are inconsistent with the terms of any present or future underlying service or sale agreement between the Parties, the terms of this Agreement shall control.

    10.9 Interpretation.  Any ambiguity in this Agreement shall be resolved to permit the Parties to comply with the HIPAA Rules.

    10.10 Choice of Law.  This Agreement and all matters arising out of and relating to this Agreement shall be governed by the laws of the State of New Hampshire, without regard to any statute or case law on choice of laws.

    10.11 Severability.  If any provision of this Agreement is held by a court of competent jurisdiction to be invalid or unenforceable, the remainder of the provisions of this Agreement will remain in full force and effect.

    10.12 Changes to HIPAA Rules.  The Parties acknowledge that HIPAA has undergone and continues to undergo changes.  These changes may be further clarified in future regulations or guidance. Each Party agrees to comply with the HIPAA Rules and to negotiate in good faith to modify this Agreement as reasonably necessary to comply with changes to the HIPAA Rules, as they become effective; provided, however, that if the Parties are unable to reach agreement on such a modification, either Party shall have the right to terminate this Agreement upon thirty (30) days prior written notice to the other Party.