EYE CLOUD PRO MASTER SERVICES AGREEMENT

Last Updated 2/14/2025

 

PLEASE CAREFULLY REVIEW THE FOLLOWING TERMS AND CONDITIONS OF THIS MASTER SERVICES AGREEMENT (the “AGREEMENT”).  THIS AGREEMENT IS A LEGALLY BINDING CONTRACT BETWEEN YOU (“CUSTOMER,” “YOU” OR “YOUR”) AND FULLSTEAM SOFTWARE HOLDINGS LLC DBA EYE CLOUD PRO SOFTWARE. its affiliates, subsidiaries, directors, officers, employees, agents, and representatives (COLLECTIELY “EYE CLOUD PRO,” “WE” OR “OUR”) to purchase access to the SOFTWARE (DEFINED BELOW) and the related services that Eye Cloud Pro provideS to YOU under a separate ordering document OR SIGNED PROPOSAL referred to herein as an “Order Form” (together with the SOFTWARE, the “Services”). This Agreement governs the use of the Services EYE CLOUD PRO provides to you and your use of the SOFTWARE. Capitalized terms used but not defined herein shall have the meanings ascribed to them in any applicable Order Form.YOU ACKNOWLEDGE THAT YOU HAVE READ THIS AGREEMENT AND UNDERSTAND IT, AND THAT BY ACCESSING, VIEWING OR USING THE SOFTWARE (AS DEFINED BELOW) YOU AGREE TO BE BOUND BY ALL OF THE TERMS AND CONDITIONS OF THIS AGREEMENT.  YOU FURTHER AGREE THAT THIS AGREEMENT IS THE COMPLETE AND EXCLUSIVE STATEMENT OF THE RIGHTS AND LIABILITIES OF THE PARTIES ARISING OR RELATING TO THE SOFTWARE AND/OR SERVICE OFFERINGS UNDER THIS AGREEMENT.  IF YOU DO NOT WISH TO BE BOUND BY THE PROVISIONS OF THIS AGREEMENT, YOU MAY NOT ACCESS, VIEW OR USE OUR SOFTWARE AND/OR SERVICES.

 

We may revise and update the terms and conditions of this Agreement at any time by posting revisions to the Site and your continued use of the Software or Services indicates your agreement any such revised terms and conditions. All changes are effective immediately when we post them to the Site (as indicated in the “Last Updated” date) and apply to all access to and use of the Software or Services thereafter. Accordingly, we urge you to regularly review this Agreement as the terms and conditions herein are binding on you. We may update the content on the Software from time to time, but its content is not necessarily complete or up-to-date. Any of the material on the Software may be out of date at any given time, and we are under no obligation to update such material. The Software are offered and available to users who are eighteen W(18) years of age or older. By using the Software or the Services, you represent and warrant that you are of legal age to form a binding contract with Eye Cloud Pro and meet all of the foregoing eligibility requirements. If you do not meet all of these requirements, you may not access or use the Software or the Services.

 

The “Effective Date” of this Agreement is the date which is the earlier of (a) Customer’s initial access to the Eye Cloud Pro Software through any online provisioning, registration, or order process, or (b) the effective date of the first Order Form. This Agreement governs Customer’s initial purchase on the Effective Date as well as any future purchases made by Customer that reference this Agreement.

 

  • SOFTWARE

 

The software (“Software”), which is one of our products, is licensed to you and is provided on a non-exclusive, non-transferable basis, and may not be transferred, shared, copied, modified, or enhanced without the advance written authorization of Eye Cloud Pro.  The “Software” means  collectively and individually, https://eyecloudpro.com/ and any of its subdomains (collectively, the “Site”) and any websites, software, platforms, exchanges, successor platforms and exchanges, software, portals, applications, and Application Programming Interfaces (“API”s), programs,  components, functions, screen designs, reporting data, and report formats owned or operated by Fullsteam Software Holdings or Eye Cloud Pro, and all updates, upgrades, and other derivative works, upgrades, releases, fixes, patches, etc. related to the software that Eye Cloud Pro develops, deploys, or makes available to Customer during the term of this Agreement, as they may be modified, relocated and/or redirected from time to time, to receive, or review data and results of the Services. The Software also includes significant elements, including its organization, algorithms, and logic, which Eye Cloud Pro has maintained as Confidential Information, which constitute trade secrets of Eye Cloud Pro, and which are protected by U.S. trademark, patent and/or copyright law and international treaty.  This Agreement does not grant you any ownership right or title to, or interest in the Software or any part thereof, and Eye Cloud Pro retains all such rights, title, and interest. The Software, and related source code, web beacons, pixels, and any and all materials relating thereto, including all associated intellectual property rights, shall remain at all times the sole, exclusive property of Eye Cloud Pro.  Customer agrees and acknowledges that the Software and Services may contain the valuable trade secrets and proprietary information of Eye Cloud Pro and its licensors.

 

1.1. Grant of Access. Subject to the terms and conditions of this Agreement, Eye Cloud Pro grants to Customer a limited, non-exclusive, revocable, non-transferable, and non-sublicensable right for Customer’s authorized employees, agents, representatives, consultants, and contractors (“Authorized Users”) to access and use the Services and the Software during the Term for Customer’s internal business purposes only in accordance with the Documentation (as defined below). Eye Cloud Pro reserves the right to modify or discontinue the Software or Services (or any part thereof) at any time with or without notice. Eye Cloud Pro shall not be liable to Customer or to any third party for any modification, price change, suspension or discontinuation of the Software or Services.  The Software may allow Customer to designate different types of Authorized Users, which may have different pricing, functionality, and use restrictions, as described in the Documentation or applicable Order Form. Authorized Users must agree to this Agreement prior to accessing or using the Software or they may not access or use the Services or Software. Each Authorized User must keep its login credentials confidential and not share them with anyone else. Customer is responsible for its Authorized Users’ compliance with this Agreement and actions taken through their accounts. This Agreement does not permit access to the Software by persons who are not Authorized Users. We may impose reasonable conditions on Customer’s use of the Services, including, without limitation, requiring the use of Eye Cloud Pro’s preferred payment processing provider. Eye Cloud Pro reserves the right to increase fees if they elect to support payment processing providers that are not Eye Cloud Pro’s preferred payment processing providers.

1.2. Reservation of Rights. Access to the Software is provided on a limited term and basis. All rights not specifically granted to Customer hereunder are reserved by Eye Cloud Pro. Nothing herein shall prevent Eye Cloud Pro from promoting, providing, licensing, or sublicensing the Eye Cloud Pro Software or providing the Software to other parties. Customer shall promptly notify Eye Cloud Pro of any determination, discovery, or notification that any person or entity is or may be misusing or infringing the Software, including without limitation if it becomes aware of any compromise of its Authorized Users’ login credentials.

1.3.      Professional Service Deliverables. All work product, customizations, improvements, and/or enhancements to the Services performed by Eye Cloud Pro for Customer pursuant to this Agreement or as identified on any separate Order Form executed by the parties (collectively, “Professional Service Deliverables”), shall be owned exclusively by Eye Cloud Pro, unless otherwise provided in the corresponding Order Form. If, by operation of law or otherwise, any Professional Service Deliverables are not owned exclusively by Eye Cloud Pro immediately upon creation thereof, Customer agrees to assign, and hereby irrevocably assigns, to Eye Cloud Pro exclusive ownership of such Professional Service Deliverables and expressly disclaims any ownership rights thereto. Customer will cooperate with Eye Cloud Pro to confirm and/or execute such assignments and Eye Cloud Pro ownership of Professional Service Deliverables.

1.4.      Feedback. If Customer provides Eye Cloud Pro with feedback or suggestions regarding the Services or Software (“Feedback”), then Eye Cloud Pro may use Feedback without restriction or obligation. In addition, Customer hereby irrevocably assigns ownership of any and all Feedback to Eye Cloud Pro and will cooperate with Eye Cloud Pro to confirm and/or execute such assignments and Eye Cloud Pro’s ownership of Feedback.

1.5.      Aggregate Data.  As between Customer and Eye Cloud Pro, Eye Cloud Pro owns all rights, title, and interest in and to Aggregate Data.  Accordingly, Eye Cloud Pro may, during the Term and thereafter, use, display, transmit, modify and prepare derivative works of Aggregate Data in any media for any lawful purpose, including maintaining and improving the Services and Software. “Aggregate Data” means any information, reports, commentaries, market testing outputs, consumer testing outputs, data analyses, test results, consumer, insights or other data accessed, compiled, collected, stored or used by Eye Cloud Pro in connection with the Services, or the Software which is aggregated and does not include personally identifiable information. The source of this Aggregate Data is not identifiable.

1.6.      Third-Party Providers. Customer’s use of any Third-Party Provider shall be subject to the terms and conditions of Customer’s agreement with such third party, and Customer is solely responsible for its compliance with such terms and conditions. Customer acknowledges that the Eye Cloud Pro does not control, is not responsible for, and will not be liable in any way for Customer’s use of any Third-Party Provider. Customer further acknowledges that any Customer data loss, downtime or periodic unavailability of the Eye Cloud Pro Software due to Third-Party Providers’ system maintenance, upgrades, or any other reason is outside of Eye Cloud Pro’s control. “Third-Party Provider” shall mean any platform, software, add-on, service, code (including open source) or product not provided by Eye Cloud Pro that Customer chooses to integrate or enable for use with the Eye Cloud Pro Software.

1.7.      Documentation. Subject to the terms and conditions of this Agreement, Eye Cloud Pro grants to Customer a limited, non-exclusive, non-transferable, revocable, and non-sublicensable right and license to use and make copies of the usage guidelines and standard technical documentation for the Eye Cloud Pro Software as may be provided or made available online or in writing by Eye Cloud Pro (the “Documentation”). The Documentation is for Customer’s internal use only, for archival purposes, and for training and education of Authorized Users, provided that all proprietary notices of Eye Cloud Pro and its licensors, if any, are reproduced and retained. Eye Cloud Pro reserves the right to modify the Documentation in Eye Cloud Pro s sole determination without prior notice to Customer.

1.8.      Prohibitions. Use of and access to the Software is permitted only by Customer and its Authorized Users. Under no circumstances may Customer or any Authorized User modify, decompile, reverse compile, disassemble, reverse engineer, decrypt, or otherwise seek to recreate the source code of the  Software, modify or adapt the Software in any way, use the Software to create a derivative work, or grant any other person or entity the right or access to do so, without the Eye Cloud Pro’s advance written consent. Except as expressly authorized by this Agreement, and without limiting the foregoing, Customer and Authorized Users will not (a) modify, copy, duplicate, reproduce, unbundle, license, sublicense, sell, assign, transfer, display, distribute, lend, rent, lease, sublease, or make available the Services or any portion thereof to any third party; (b) provide, transmit, disclose, divulge, or make available to, or permit use of the Services by, any third party or entity or machine; (c) use the Services in a service bureau, out-sourcing or other arrangement to process or administer data on behalf of any third party; (d) publish, post, upload, or otherwise transmit any unlawful, false, offensive, defamatory, or infringing data or any data that contains any viruses, Trojan horses, worms, time bombs, corrupted files or other computer programming routines that damage, detrimentally interfere with, surreptitiously intercept, or expropriate any systems, data, personal information, or property of another; (e) use or knowingly permit the use of any security testing tools in order to prove, scan, or attempt to penetrate or ascertain the security of Eye Cloud Pro, the Software, or the Services without the prior written consent of Eye Cloud Pro; (f) attempt to gain any unauthorized access to the Software or Services or Eye Cloud Pro customer data or attempt any unauthorized alteration or modification thereof; (g) use or launch, or knowingly permit the use or launch of, any automated system, including, without limitation, “robots,” “spiders,” or “offline readers,” that access the Software or Service; or (h) any use of the Software or Services or the information contained therein in violation of any applicable law or regulation. You may not modify the Software in any manner whatsoever. 

1.9. Suspension. Eye Cloud Pro may, at its sole discretion, suspend Customer’s use of the Software and/or Services if Eye Cloud Pro determines that (a) Customer or Authorized Users breached Section 2, (b) Customer’s account is 30 days or more overdue for payment after being notified, or (c) Customer’s use of the Software risks harm to other customers of Eye Cloud Pro or the security, availability, or integrity of the Software.

 

1.10. Integration Services. If Eye Cloud Pro provides Customer with integration capabilities (including but not limited to API services) linking  the Services (“Integration Services”) with joint customers or third parties including third party service providers collectively referred to (“Integration End Users”), such Integration Services are subject to the terms of this Agreement and an applicable Order Form/SOW hereunder and, unless otherwise set forth specifically in writing by Eye Cloud Pro, Customer shall be responsible for obtaining the consent from Integration End Users for any Eye Cloud Pro transfer, exchange or processing of Integration End User data including personal information. If Eye Cloud Pro provides Integration Service, Eye Cloud Pro grants Customer the non-exclusive, non-sublicensable right to use the Integration Services for the sole purpose of providing Client Services or such third party services to Integration End Users. Eye Cloud Pro reserves the right to charge Customer for Integration Services. Customer is solely responsible for using the Integrated Services in compliance with applicable law. Eye Cloud Pro is not responsible in any way whatsoever for claims by third parties related to Customer’s use of the Integrated Services. Customer agrees to indemnify, defend, settle, or pay, at its own cost and expense, including the payment of reasonable attorneys’ fees, any claim or action against the Eye Cloud Pro and its  respective officers, directors, employees, agents, successors and assigns (each an ” Eye Cloud Pro Indemnitee”), for third-party claims arising from (i) Customer’s use of the Integration Services;  (ii) Customer’s failure to obtain Integration End User’s consent in relation thereto; and (iii) any data security incidents or breaches arising from Customer’s use of the Integration Services.

 

 

 

  1. INDEMNIFICATION

 

2.1. Eye Cloud Pro Indemnification. If the Software becomes, or in Eye Cloud Pro’s opinion is likely to become, the subject of an infringement or misappropriation claim, Eye Cloud Pro may, at its option and expense, (a) procure for you the right to continue using the Software, (b) replace or modify the Software with Software that provides substantially the same functionality, features, and performance so that it becomes non-infringing, or (c) if neither of the foregoing actions is commercially feasible, terminate this Agreement with respect to the infringing material and refund to you any prepaid, unused fees for the terminated portion of the Services. Eye Cloud Pro’s obligations in this Section do not apply (1) to infringement resulting from Customer’s modification of the Services or Software or use of the Services or Software in combination with items not provided by Eye Cloud Pro (including Third-Party Providers), (2) to infringement resulting from use of the Services other than the most recent release, (3) to unauthorized use of the Services, or (4) if Customer settles or makes any admissions about a claim without Eye Cloud Pro’s prior written consent. This Section sets out Customer’s exclusive remedy and Eye Cloud Pro’s entire liability regarding infringement of third-party intellectual property rights.

  • Customer Indemnification. Customer will indemnify, defend, and hold harmless Eye Cloud Pro, its affiliates and their respective officers, directors, agents and employees from and against any and all third-party Claims to the extent such Claims arise from or relate to: (1) Customer Data; (2) Customer’s breach of the Agreement; (3) Customer’s gross negligence or willful misconduct; (4) modification to the Services, Software, or any deliverables made by or at the direction of Customer and designed solely in accordance with specifications provided by Customer, with no input by Eye Cloud Pro; (5) Customer’s violation of applicable law; and/or (6) any infringement of intellectual property rights of a third party.

 

  • Indemnification Procedure. When seeking indemnification pursuant to this Agreement, the party seeking indemnification shall (1) promptly notify the indemnifying party in writing of the Claim provided that any failure or delay to provide to such notice shall not affect a party’s obligation to indemnify to the extent the indemnifying party is materially prejudiced by such failure or delay (2) give the indemnifying party reasonable information and cooperation required to defend such suit, claim or proceeding, and (3) allow the indemnifying party to control the defense of any such Claim and all negotiations for its settlement or compromise; provided, however, the indemnifying party shall not settle any claim without the indemnified party’s prior written consent, which shall not be unreasonably withheld or delayed. The indemnified party may be represented in the defense of any such claim, at the indemnified party’s expense, by counsel of its selection. The indemnified party shall have no liability for settlements made or costs incurred without its consent. The absence of insurance shall not diminish any responsibility of either party’s obligation to indemnify under the Agreement.

 

  1. WARRANTIES AND DISCLAIMER OF WARRANTIES

 

  • Limited Warranty. Customer and Eye Cloud Pro warrant that each party has the corporate power and authority to enter into and carry out the terms of the Agreement. Customer warrants that during the Term it shall comply with all applicable laws and regulations as it relates to Customer’s use of the Software or Services.

 

  • Warranty Disclaimer. EXCEPT AS STATED EXPRESSLY PROIVDED IN SECTION 3, THE EYE CLOUD PRO SOFTWARE, THE DOCUMENTATION, AND ANY PROFESSIONAL SERVICES PROVIDED BY EYE CLOUD PRO UNDER THIS AGREEMENT ARE PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. TO THE FULLEST EXTENT ALLOWED UNDER APPLICABLE LAW, EYE CLOUD PRO EXPRESSLY DISCLAIMS ALL OTHER WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED OR OTHERWISE, WITH RESPECT TO THE EYE CLOUD PRO SOFTWARE AND THE SERVICES, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, FITNESS FOR A PARTICULAR PURPOSE, TITLE COMPLETENESS, ACCURACY, OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. EYE CLOUD PRO EXPRESLY DISCLAIMS THAT CUSTOMER’S USE OF THE SERVICES OR EYE CLOUD PRO SOFTWARE WILL BE UNINTERUPPTED OR ERROR-FREE, WILL MEET CUSTOMER’S PARTICULAR REQUIREMENTS, OR WILL MAINTAIN CUSTOMER DATA WITHOUT LOSS. EYE CLOUD PRO IS NOT LIABLE FOR DELAYS, FAILURES OR PROBLEMS INHERENT IN USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS OR OTHER SYSTEMS OUTSIDE EYE CLOUD PRO’S CONTROL, INCLUDING THE FAILURE TO PROMPTLY IMPLEMENT THE LATEST RELEASE OF THE SERVICE BY OR AT THE DIRECTION OF CUSTOMER. CUSTOMER MAY HAVE OTHER STATUTORY RIGHTS, BUT ANY STATUTORILY REQUIRED WARRANTIES WILL BE LIMITED TO THE SHORTEST LEGALLY PERMITTED PERIOD. CUSTOMER ALONE IS RESPONSIBLE FOR ANY COMMUNICATION, MESSAGE, OR OTHER CONTENT THAT ITS AUTHORIZED USERS POST, EYE CLOUD PROLOAD, SUBMIT, TRANSMIT, OR SHARE VIA THE SERVICES OR THE EYE CLOUD PRO SOFTWARE, INCLUDING ALL CUSTOMER DATA.

 

EYE CLOUD PRO MAKES NO REPRESENTATION OR WARRANTY THAT THE PRODUCTS AND/OR SERVICES WILL BE SECURE OR FREE FROM BUGS, VIRUSES, INTERRUPTION, ERRORS, IDENTITY THEFT, THREAT OF HACKERS OR OTHER PROGRAM LIMITATIONS.   EYE CLOUD PRO DOES NOT AGREE TO PROVIDE MODIFICATIONS, ENHANCEMENTS, IMPROVEMENTS OR BUG CORRECTIONS, EVEN IF ERRORS IN THE PRODUCTS AND/OR SERVICES ARE REPORTED TO EYE CLOUD PRO.

 

  1. LIMITATION OF LIABILITIES

 

EYE CLOUD PRO SHALL NOT BE LIABLE FOR ANY SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, BUSINESS INTERRUPTION, ETC.) ARISING FROM THE USE, OR THE INABILITY TO USE THE PRODUCTS AND/OR SERVICES, EVEN IF EYE CLOUD PRO HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. TO THE FULLEST EXTENT ALLOWED UNDER APPLICABLE LAW, EYE CLOUD PRO’S ENTIRE AGGREGATE LIABILITY, AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY, FOR ANY CLAIM OR CAUSE OF ACTION ARISING UNDER THIS AGREEMENT OR ANY OTHER AGREEMENT BETWEEN THE PARTIES SHALL NOT EXCEED THE TOTAL FEES PAID BY CUSTOMER TO EYE CLOUD PRO,  PURSUANT TO THE APPLICABLE ORDER FORM IN THE SIX (6) MONTH PERIOD IMMEDIATELY PRECEEDING THE EVENT GIVING RISE TO THE CLAIM OR CAUSE OF ACTION.

 

 

  1. LIMITATIONS ON CLAIM

Any cause of action you may have with respect to your use of Eye Cloud Pro products or services must be commenced within one hundred eighty (180) days after the cause of action arises.

 

  1. TERM AND TERMINATION

 

  • Term. This Agreement starts on the Effective Date and continues until expiration or termination of all applicable Order Forms or until terminated as authorized in this Section 6, whichever occurs first.

 

  • Termination for Cause. Either party may terminate this Agreement (including all Order Forms) if the other party (a) fails to cure a material breach of this Agreement (including a failure to pay fees) within 30 days after receipt of written notice of such breach by the other party, (b) ceases operation without a successor, or (c) seeks protection under a bankruptcy, receivership, trust deed, creditors’ arrangement, composition or comparable proceeding, or if such a proceeding is instituted against that party and not dismissed within 60 days.

 

  • Early Termination by Customer. If Customer terminates the Agreement prior to the expiration of the applicable Order Form, then Customer shall forfeit all pre-paid fees, and for those arrangements in which the fees are not paid in advance, Customer shall pay Eye Cloud Pro an amount equal to the monthly fee multiplied by the number of months remaining in the Term.
  • Termination by Eye Cloud Pro. Without limiting its other remedies at law or in equity, Eye Cloud Pro may, at any time in its sole discretion, immediately discontinue, suspend, terminate, or block your and any user’s access to Eye Cloud Pro’s products and services.

 

  1. CONTROLLING LAW, JURISDICTION, AND INTERNATIONAL USERS

 

This Agreement shall be governed by and construed in accordance with the laws of the State of Delaware, without giving effect to applicable principles of conflicts of law to the extent that the application of the laws of another jurisdiction would be required thereby. In case of any dispute related to this Agreement, the parties hereto agree to submit to personal jurisdiction in the State of Delaware.  Furthermore, the parties hereby irrevocably and unconditionally submit to the exclusive jurisdiction of any court of the State of Delaware or any federal court sitting in the State of Delaware for purposes of any suit, action or other proceeding arising out of this Agreement.  THE PARTIES HEREBY IRREVOCABLY WAIVE ANY AND ALL RIGHTS TO A TRIAL BY JURY IN ANY ACTION, SUIT OR OTHER PROCEEDING ARISING OUT OF OR RELATING TO THE TERMS, OBLIGATIONS AND/OR PERFORMANCE OF THIS AGREEMENT.

 

  1. ENTIRE AGREEMENT AND SEVERABILITY

 

This Agreement, including Exhibit A, the Business Associate Agreement, constitutes the entire agreement between Eye Cloud Pro, and you and it supersedes all prior or contemporaneous communications and proposals, whether electronic, oral, or written, between you and Eye Cloud Pro with respect to Eye Cloud Pro’s Software and/or Services. If for any reason a court of competent jurisdiction finds any provision of this Agreement or portion of it to be unenforceable, that provision shall be enforced to the maximum extent permissible so as to effect the intent of this Agreement, and the remainder of this Agreement shall continue in full force and effect. 

 

  1. USE OF CUSTOMER DATA

 

 

  • Aggregate Data. As between Customer and Eye Cloud Pro, Eye Cloud Pro owns all rights, title, and interest in and to Aggregate Data. Accordingly, Eye Cloud Pro may, during the Term and thereafter, use, display, transmit, modify and prepare derivative works of Aggregate Data in any media for any lawful purpose, including maintaining and improving the Services and the Software. “Aggregate Data” means any information, reports, commentaries, market testing outputs, consumer testing outputs, data analyses, test results, consumer, insights or other data accessed, compiled, collected, stored or used by Eye Cloud Pro in connection with the Services, or the Software which is aggregated and does not include personally identifiable information. The source of this Aggregate Data is not identifiable.

 

  • Customer Data. Use of the Services or Software may involve the receipt, processing, and storage of data, information, or material input by Customer, Authorized Users, and Customer’s end user customers who use the Software (“End Users”) (collectively, “Customer Data”). Customer affirms, represents, and warrants that Customer owns or has the necessary licenses, rights, consents, and permissions to collect, use, and authorize Eye Cloud Pro to use all Customer Data in the manner contemplated hereunder and to transfer to and process such Customer Data. Customer further represents and warrants that the use of Customer Data does not violate or infringe any applicable law, any third-party rights, or any terms or privacy policies that apply to the Customer Data.

 

  • License to Customer Data. Customer hereby grants to Eye Cloud Pro the worldwide, non-exclusive, right to use, copy, store, transmit, display, modify and create derivative works of Customer Data, as necessary to provide the Services or Software under this Agreement. Further, Customer agrees that Eye Cloud Pro may use and develop Aggregated Data, using the Customer Data, for any lawful purpose.

 

  • Accuracy of Customer Data. Customer is solely responsible for the accuracy, content, currency, completeness, and delivery of the Customer Data provided by Customer, Authorized Users, and Customer’s End Users.
  1. EYE CLOUD PRO’S ACCESS AND MODIFICATIONS TO THE SOFTWARE/SERVICES

 

At all times while Eye Cloud Pro’s Software and/or Services are in the possession or use by you, third party vendor or otherwise, Eye Cloud Pro shall have the authority to have unfettered access to the Eye Cloud Pro Software and/or Services for quality assurance purposes which include but are not limited to troubleshooting crashes and evaluating performance issues with the Software or Services. Eye Cloud Pro may, in its sole discretion, add, discontinue, or modify or replace all or part of the Eye Cloud Pro Software and/or Services. 

 

  1. ELECTRONIC COMMUNICATIONS AND ASSENT TO USE OF PRODUCT

You agree that the receipt and use of Eye Cloud Pro Software and/or Services constitutes your acceptance to the terms and conditions of this Agreement as it may be modified from time to time.  Further, you agree to pay for the Software and/or Services of Eye Cloud Pro that you have received at the rates and amounts as set forth by Eye Cloud Pro. You further agree that electronic communications between the parties is sufficient for purposes of a binding agreement regarding use of Eye Cloud Pro Software and/or Services and no further writings or signatures are required.

 

  1. PAYMENT.
    • Fees and Expenses. All fees and other amounts, including without limitation, expenses (“Fees”) are as described in each applicable Order Form and Eye Cloud Pro may adjust the fees at any time with thirty (30) days’ notice and Customer may terminate the Agreement if it does not accept fee change within such 30 day period. Unless the Order Form provides otherwise, all Fees, not subject to a good faith dispute, are due within 30 days of the invoice date. To the extent that Customer disputes any invoice, Customer must provide Eye Cloud Pro notice of such dispute in writing within ten (10) business days of the invoice date, or Customer shall waive any claim with respect to such invoice. Late payments are subject to a service charge of 1.5% per month, or the maximum amount allowed by law, whichever is more. All Fees are nonrefundable and non-cancellable, except as expressly provided in this Agreement, and are exclusive of taxes­­. In the event of nonpayment or any shortfall in fees paid, Customer authorizes Eye Cloud Pro and its Affiliates to increase fees, dues, assessments, and/or debit any of Customer’s accounts, including those accounts associated with a payment processing agreement between Customer and Eye Cloud Pro. As used in this Section Affiliate of a party means any corporation or other entity that such party directly or indirectly controls, is controlled by, or is under common control with. In this context, a party “controls” a corporation or other entity if it or any combination of it or any combination of it and/or its Affiliates owns more than fifty percent (50%) of the voting rights for (i) the board of directors, or (ii) other mechanism of control for such corporation or other entity.
    • License Fee; Non-Integrated Payment Processing Fee; Payment; Licensed Locations. The License Fee shall be due and payable monthly, in advance, on the first day of each calendar month, provided that the first month’s License Fee shall be pro-rated based on the number of remaining days in the calendar month after the Effective Date. The license hereunder is granted with respect to the physical store location(s) set forth on your Order Form. Each such location, together with any successor location resulting from a relocation, a “Licensed Location”. Licensee must be enrolled in and processing payments through Licensor’s integrated payments processing tool within the earlier of (i) sixty (60) days after the effective date of their Order Form for first-time Licensee use of Software hereunder, or (ii) thirty (30) days after the Effective Date of this Agreement. Unless Licensor determines in its sole discretion that Licensee qualifies for a temporary or ongoing exemption, Licensor may charge a non-integrated payment processing fee if Licensee does not process payments through Licensor’s integrated payment solution within the required timeframe. Applicable Non-Integration payment processing fees shall be charged a minimum (subject to increases and any other applicable fees) of: (i) $200/month/site for Eye Cloud Pro, (ii) $200/month/site for Eye Cloud Retail, and (iii) $150/month/site for Eye Cloud Doctor. Licensor reserves the right to apply such fee in its sole discretion, and to apply, modify, increase, decrease the Non-Integration Payment Processing fee at any time subject to revision here in and posting of a revised Agreement pursuant to Section 13.10.   Licensee shall be solely responsible for and agrees to pay any and all sales, use, communications, excise, or similar tax or duty, and any other tax not based on Licensor’s net income.

 

  1. TAXES

You shall be solely responsible for and agree to pay, indemnify, and hold Eye Cloud Pro harmless from any and all sales, use, communications, excise, or similar tax or duty, and any other tax not based on Eye Cloud Pro’s net income, including penalties and interest and any associated professional fees, and all other imposts levied upon or chargeable with respect to the use, license, sale, or delivery of the services or other deliverables in respect of this Agreement, and any costs associated with the collection or withholding of any of the foregoing items.

 

  1. CUSTOMER OBLIGATIONS
    • Customer Contact. Customer will cooperate with Eye Cloud Pro in all matters relating to the Services and appoint a primary contact who will have the authority to act on behalf of Customer for matters pertaining to this Agreement. Customer will provide access to Customer’s premises, or access to Customer Data, reasonably needed for Eye Cloud Pro to perform the Services. If Customer fails to do so, Eye Cloud Pro’s obligation to provide the Services will be excused until access is provided and the parties agree on an updated timeline.
    • Accessibility. As it relates to the Services and/or Customer’s use of the Eye Cloud Pro Software, Customer is solely responsible for compliance with all applicable accessibility laws, rules, and regulations, including, but not limited to, Title III of the Americans with Disabilities Act (“ADA”), and (if applicable) New York’s state and city level Human Rights Act and California’s Unruh Civil Rights Act.
    • PCI Requirements. Customer is solely responsible for compliance with any applicable PCI-DSS requirements and Eye Cloud Pro has no obligation to assist with PCI-DSS requirements in any way. Any assistance provided by Eye Cloud Pro or its employees, contractors, agents, representatives or other related persons, at your request or otherwise, is provided without warranty or liability.
    • Customer agrees to use reasonable efforts to prevent unauthorized persons from having access to the Services or any equipment providing the Services. Eye Cloud Pro and Customer agrees to notify the other party promptly upon becoming aware of any unauthorized access or use of the Services or Customer Data by any third party.

 

 

 

  1. INTELLECTUAL PROPERTY

 

The Eye Cloud Pro Confidential Information, Services, Documentation, Eye Cloud Pro Marks, marketing, training, and other services or materials provided by Eye Cloud Pro, and all Intellectual Property Rights therein and related thereto, are the exclusive property of Eye Cloud Pro (“Eye Cloud Pro Property”).  All rights in and to the Eye Cloud Pro Property are reserved by Eye Cloud Pro.  Except for the limited rights expressly granted hereunder, nothing in this Agreement shall be deemed to grant, by implication, estoppel, or otherwise, a license under any of Eye Cloud Pro’s Intellectual Property Rights in or to Eye Cloud Pro Property. 

 

  1. CONFIDENTIALITY

 

  • Confidential Information. Except as expressly provided herein, the parties agree that the receiving party shall not publish or otherwise disclose and shall not use for any purpose any non-public information about the disclosing party’s business or activities that is proprietary and confidential that is furnished to it by the disclosing party pursuant to the Agreement which (i) if disclosed in tangible form is marked “Confidential” or with other similar designation to indicate its confidential or proprietary nature, or (ii) if disclosed orally is indicated orally to be confidential or proprietary by the disclosing party at the time of such disclosure, or (iii) is confirmed in writing as confidential or proprietary by the disclosing party within a reasonable time after such disclosure, or (iv) by its nature or the circumstances surrounding its disclosure should reasonably be regarded as confidential (collectively, “Confidential Information”). Notwithstanding the foregoing, Confidential Information shall not include information that, in each case as demonstrated by written documentation: (i) was properly in receiving party’s possession or properly known by it, without restriction, prior to receipt from the disclosing party; (ii) was rightfully disclosed to receiving party by a third party without restriction; (iii) is, or becomes generally available to the public or otherwise part of the public domain, other than through any act or omission of the receiving party (or any subsidiary, agent or employee of the receiving party) in breach of the Agreement; (iv) was independently developed by the receiving party without reference to or use of any Confidential Information disclosed by the disclosing party; or (v) is approved in writing by the disclosing party for release.

 

  • Return of Confidential Information. Upon termination of the Agreement for any reason or upon request of the disclosing party at any time, the receiving party will (i) promptly return to the disclosing party the original and all copies of all Confidential Information or, in lieu thereof, certify that all such Confidential Information has been destroyed; and (ii) destroy all notes and copies thereof made by receiving party containing any Confidential Information, provided that neither party shall be obligated to return or destroy Confidential Information to the extent necessary to fulfill its obligations and to enforce its rights under the Agreement or to the extent otherwise required by law, regulation, legal, regulatory or judicial process, rule or practice governing professionals or any internal compliance policy or procedure relating to the safeguarding or backup storage of data; provided that any such Confidential Information so not returned or destroyed shall remain subject to the confidentiality and use covenants contained herein, without regard to term.

 

  • Confidentiality and Non-Use. As receiving party, each party will (a) hold in confidence and not disclose Confidential Information to third parties except as permitted in this Agreement, and (b) only use Confidential Information to fulfill its obligations and exercise its rights in this Agreement. The receiving party shall use reasonable care to protect the Confidential Information using at least the same degree of care the receiving party uses to protect its own Confidential Information of a similar nature, but in no event with less than reasonable care. The receiving party may disclose Confidential Information to its employees, agents, contractors and other representatives having a legitimate need to know (including, for the EYE CLOUD PRO, the subcontractors referenced herein), provided it remains responsible for their compliance with this Section and they are bound to confidentiality obligations no less protective than this Section.

 

  • Each party agrees that unauthorized use or disclosure of Confidential Information may cause substantial harm for which money damages alone are an insufficient remedy. Each party may seek appropriate equitable relief, including an injunction (without the necessity of posting any bond or surety), in addition to other available remedies, for breach or threatened breach of this Section.

 

  • Permitted Disclosures. Nothing in this Agreement prohibits either party from making disclosures, including of Customer Data and other Confidential Information, to the extent such disclosure is reasonably necessary for: (i) exercising the rights granted to it and fulfilling its obligations under the Agreement, provided such disclosure is only made to the receiving party’s employees, agents, consultants, or representatives with a need to know such Confidential Information and who are bound by a confidentiality agreement or other duty of confidentiality no less restrictive than the duties in this Section; (ii) complying with applicable law, rules, or regulations; or (iii) submitting information to tax or other governmental authorities. If a party is required to make any disclosure of the disclosing party’s Confidential Information in accordance with subsections (ii) and (iii) above, to the extent it can legally do so, it will give reasonable advance written notice to the disclosing party of such intended disclosure, and will use its reasonable efforts to secure confidential treatment of such information prior to its disclosure (such as seeking, or allowing the disclosing party a reasonable opportunity to seek,  a protective orders or otherwise).

 

  1. NON-SOLICITATION.

During the Term of this Agreement and for a period of twelve (12) months thereafter, Customer shall not, directly or indirectly, in any manner solicit or induce for employment any person who performed any work under this Agreement on behalf of Eye Cloud Pro or its affiliates who is in the employment of the Eye Cloud Pro or its affiliates.

 

 Neither party may publicly announce this Agreement except with the other party’s prior written consent or as required by Law. However, Eye Cloud Pro may include Customer and its trademarks in its customer lists and promotional materials but will cease use at Customer’s written request.

 

  1. GENERAL PROVISIONS

 

 

  • Relationship of the Parties. The parties are independent contractors, not agents, partners, or joint venturers.

 

  • Assignment. Customer may not assign this Agreement without the prior written consent of Eye Cloud Pro. Any non-permitted assignment is void. This Agreement will bind and inure to the benefit of each party’s permitted successors and assigns.

 

 

  • Notices. Except as set out in this Agreement, notices under this Agreement must be in writing and will be deemed received (a) immediately upon personal delivery or delivery via email, (b) the business day following delivery via nationally-recognized overnight courier service, or (c) the third business day following delivery via first-class registered or certified mail. Notices should be addressed to the signatory and address on the first page of this Agreement, or the contact information associated with Customer’s account provided at registration, as applicable. Eye Cloud Pro and Customer may update their contact information for notice by providing notice to the other party. The Eye Cloud Pro may also send operational notices to Customer electronically, including through the Software or Services.

 

  • Equitable Relief. Customer and Eye Cloud Pro agree that a breach of this Agreement may cause irreparable injury and damage, and that the non-breaching party will be entitled to injunctive and other equitable relief to prevent a breach, in addition to any other remedy to which the non-breaching party might be entitled.

 

  1. PERMISSIONS FOR CALLS, MESSAGING, AND/OR EYE CLOUD PROPAY

 

In the event that you choose to use the Eye Cloud Pay program for patient payments, you represent and warrant that you have a current relationship with each person to whom an email or text message, concerning payment, is to be sent. You are solely responsible for ensuring that the program is utilized in a manner that complies with local, state, and federal laws, rules and regulations. To the extent the Software or Eye Cloud Pay includes email, calling, and/or text messaging features which enable Customer to text third parties via the Software, Customer is solely responsible for ensuring that the email, calling and/or text message feature(s) of the Software are utilized in a manner that complies with all applicable local, state, and federal laws, rules and regulations governing the sending of emails, calls, and/or text messages.  This includes, but is not limited to, compliance with applicable email and telemarketing laws such as the CAN-SPAM Act and Telephone Consumer Protection Act (“TCPA”), 47 U.S.C. § 227, the EU ePrivacy Regulation, and comparable state laws. Customer also represents and warrants that each third party to whom Customer calls or texts has specifically granted Customer permission to send such messaging; and that opt-out options are provided to such third parties pursuant to applicable law, rule, or regulation. Customer is solely responsible for the content of any messaging by Customer via the Software to third parties, and under no circumstances shall Eye Cloud Pro be identified by Customer as the sender of such messaging.  Customer acknowledges it is responsible for obtaining any and all permissions required to use the Software and Services calls, text messaging, or email features.

 

 

 

  • . Subcontractors. Eye Cloud Pro may use subcontractors and permit them to exercise Eye Cloud Pro’s rights under the Agreement.

 

  • Waivers and Severability. Waiver by a party of any breach of any provision of the Agreement must be in writing and signed by the waiving party’s authorized representative and cannot be implied from conduct. If any provision of this Agreement is held invalid, illegal or unenforceable, it will be limited to the minimum extent necessary, so the rest of this Agreement remains in effect.

 

 

  • Third Parties. Except as expressly provided herein, this Agreement does not create or establish any rights or beneficiaries for any person or entity that is not a party to this Agreement.

 

  • Customer acknowledges that the Services are subject to export control and economic sanctions restrictions imposed by the U.S. government and import restrictions by certain foreign governments (collectively “Trade Laws”). In using or accessing the Services, Customer will not and will not allow any third party to use the Services in violation of any Trade Laws or remove or export from the U.S. or allow the export or re-export of any part of the Service or any direct product thereof to any location, party or end-use which the U.S. government or any agency thereof requires an export license or other governmental approval at the time of export or re-export without first obtaining such license or approval. Customer represents and warrants that it and any of its Authorized Users: (i) are not listed on any U.S. government list of prohibited or restricted parties, including the U.S. Treasury Department list of Specially Designated Nationals and Blocked Persons, or the U.S. Commerce Department Denied Persons List or Entity List; (ii) are not an entity or person who is organized under the laws of, ordinarily resident in, or controlled by the government of, any country or region (1) that is subject to a U.S. government embargo or comprehensive sanction, (2) to which the U.S. has prohibited export transactions, or (3) that has been designated by the U.S. government as a “terrorist supporting” country; (iii) will not use the Services for the manufacture, design or development of nuclear, chemical or biological weapons or missile technology, or for terrorist activity; and (iv) will not submit to the Service any information controlled under the U.S. International Traffic in Arms Regulations or listed on the Commerce Control List unless approved in writing by Eye Cloud Pro. Customer will notify Eye Cloud Pro promptly if it or any Authorized User becomes subject to any order or restriction listed in this Section.

 

  • Open Source and Third-Party Software. The Services may incorporate third-party open source software (“OSS”), as listed in the Documentation or provided by Eye Cloud Pro upon request. Customer’s internal use of the unmodified Services in the form provided and as authorized in this Agreement will not require Customer to comply with the terms of OSS licenses.

 

  • Government End-Users. Elements of the Software or Services may be commercial computer software. If the user or licensee of the Software Services is an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Service or any related documentation of any kind, including technical data and manuals, is restricted by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. The Software and Services were developed fully at private expense. All other use is prohibited.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

EXHIBIT A

 

BUSINESS ASSOCIATE AGREEMENT

 

This Business Associate Agreement (“Agreement”) is made and entered into as an integral part of the Master Services Agreement to which it is attached.

 

  1. Definitions. Terms used, but not otherwise defined in this Agreement, shall have the same meaning as those terms in the Privacy Rule, Security Rule, and HITECH Act.
  2. Agent. “Agent” shall have the meaning as determined in accordance with the federal common law of agency.
  3. Breach. “Breach” shall have the same meaning as the term “breach” in 45 CFR §164.402.
  4. Business Associate. “Business Associate” shall mean a person or entity who, on behalf of a covered entity, performs or assists in performance of a function or activity involving the use or disclosure of individually identifiable health information, such as data analysis, claims processing or administration, utilization review, and quality assurance reviews, or any other function or activity regulated by the HIPAA Administrative Simplification Rules, including the Privacy Rule. Business associates are also persons or entities performing legal, actuarial, accounting, consulting, data aggregation, management, administrative, accreditation, or financial services to or for a covered entity where performing those services involves disclosure of individually identifiable health information by the covered entity or another business associate of the covered entity to that person or entity.
  5. Covered Entity. “Covered Entity” shall mean (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards.
  6. Data Aggregation. “Data Aggregation” shall have the same meaning as the term “data aggregation” in 45 CFR §164.501.
  7. Designated Record Set. “Designated Record Set” shall have the same meaning as the term “designated record set” in 45 CFR §164.501.
  8. Disclosure. “Disclosure” and “Disclose” shall have the same meaning as the term “Disclosure” in 45 CFR §160.103.
  9. Electronic Health Record. “Electronic Health Record” shall have the same meaning as the term in Section 13400 of the HITECH Act.
  10. Health Care Operations. “Health Care Operations” shall have the same meaning as the term “health care operations” in 45 CFR §164.501.
  11. HIPAA Rules. “HIPAA Rules” shall mean the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Part 160 and Part 164.
  12. HITECH Act. “HITECH Act” shall mean The Health Information Technology for Economic and Clinical Health Act, part of the American Recovery and Reinvestment Act of 2009 (“ARRA” or “Stimulus Package”), specifically DIVISION A: TITLE XIII Subtitle D—Privacy, and its corresponding regulations as enacted under the authority of the Act.
  13. Individual. “Individual” shall have the same meaning as the term “individual” in 45 CFR §160.103 and shall include a person who qualifies as a personal representative in accordance with 45 CFR §164.502(g).
  14. Minimum Necessary. “Minimum Necessary” shall mean the Privacy Rule Standards found at §164.502(b) and §164.514(d)(1).
  15. Privacy Rule. “Privacy Rule” shall mean the Standards for Privacy of Individually Identifiable Health Information at 45 CFR Part 160 and Part 164, Subparts A and E.
  16. Protected Health Information. “Protected Health Information” shall have the same meaning as the term “protected health information” in 45 CFR §160.103, limited to the information created, received, maintained or transmitted by Business Associate on behalf of Covered Entity.
  17. Required By Law. “Required By Law” shall have the same meaning as the term “required by law” in 45 CFR §164.103.
  18. Secretary. “Secretary” shall mean the Secretary of the Department of Health and Human Services or his or her designee.
  19. Security Incident. “Security Incident” shall have the same meaning as the term “Security Incident” in in 45 CFR §164.304.
  20. Security Rule. “Security Rule” shall mean the Standards for Security of Electronic Protected Health Information at 45 C.F.R. parts §160 and §164, Subparts A and C.
  21. Subcontractor. “Subcontractor” shall mean a person or entity “that creates, receives, maintains, or transmits protected health information on behalf of a business associate” and who is now considered a business associate, as the latter term is defined in in in 45 CFR §160.103.
  22. Subject Matter. “Subject Matter” shall mean compliance with the HIPAA Rules and with the HITECH Act.
  23. Unsecured Protected Health Information. “Unsecured Protected Health Information” shall have the same meaning as the termunsecured protected health information” in 45 CFR §164.402.
  24. Use. “Use” shall have the same meaning as the term “Use” in 45 CFR §164.103.
  25. Obligations and Activities of Business Associate.
  26. Business Associate agrees to not Use or Disclose Protected Health Information other than as permitted or required by this Agreement or as Required By Law.
  27. Business Associate agrees to use appropriate safeguards to prevent Use or Disclosure of Protected Health Information other than as provided for by this Agreement. Business Associate further agrees to implement administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of any electronic Protected Health Information, as provided for in the Security Rule and as mandated by Section 13401 of the HITECH Act.
  28. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a Use or Disclosure of Protected Health Information by Business Associate in violation of the requirements of this Agreement. Business Associate further agrees to report to Covered Entity any Use or Disclosure of Protected Health Information not provided for by this Agreement of which it becomes aware, and in a manner as prescribed herein.
  29. Business Associate agrees to report to Covered Entity any Security Incident, including all data Breaches or compromises, whether internal or external, related to Protected Health Information, whether the Protected Health Information is secured or unsecured, of which Business Associate becomes aware.
  30. If the Breach, as discussed in paragraph 2(d), pertains to Unsecured Protected Health Information, then Business Associate agrees to report any such data Breach to Covered Entity within ten (10) business days of discovery of said Breach; all other compromises, or attempted compromises, of Protected Health Information shall be reported to Covered Entity within twenty (20) business days of discovery. Business Associate further agrees, consistent with Section 13402 of the HITECH Act, to provide Covered Entity with information necessary for Covered Entity to meet the requirements of said section, and in a manner and format to be specified by Covered Entity.
  31. If Business Associate is an Agent of Covered Entity, then Business Associate agrees that any Breach of Unsecured Protected Health Information shall be reported to Covered Entity immediately after the Business Associate becomes aware of said Breach, and under no circumstances later than one (1) business day thereafter. Business Associate further agrees that any compromise, or attempted compromise, of Protected Health Information, other than a Breach of Unsecured Protected Health Information as specified in 2(e) of this Agreement, shall be reported to Covered Entity within ten (10) business days of discovering said compromise, or attempted compromise.
  32. Business Associate agrees to ensure that any Subcontractor, to whom Business Associate provides Protected Health Information, agrees to the same restrictions and conditions that apply through this Agreement to Business Associate with respect to such information. Business Associate further agrees that restrictions and conditions analogous to those contained herein shall be imposed on said Subcontractors via a written agreement that complies with all the requirements specified in §164.504(e)(2), and that Business Associate shall only provide said Subcontractors Protected Health Information consistent with Section 13405(b) of the HITECH Act. Further, Business Associate agrees to provide copies of said written agreements to Covered Entity within ten (10) business days of a Covered Entity’s request for same.
  33. Business Associate agrees to provide access, at the request of Covered Entity and during normal business hours, to Protected Health Information in a Designated Record Set to Covered Entity or, as directed by Covered Entity, to an Individual, in order to meet Covered Entity’s requirements under 45 CFR §164.524, provided that Covered Entity delivers to Business Associate a written notice at least three (3) business days in advance of requesting such access. Business Associate further agrees, in the case where Business Associate controls access to Protected Health Information in an Electronic Health Record, or controls access to Protected Health Information stored electronically in any format, to provide similar access in order for Covered Entity to meet its requirements the HIPAA Rules and under Section 13405(c) of the HITECH Act. These provisions do not apply if Business Associate and its employees or Subcontractors have no Protected Health Information in a Designated Record Set of Covered Entity.

 

  1. Business Associate agrees to make any amendment(s) to Protected Health Information in a Designated Record Set that Covered Entity directs or agrees to pursuant to 45 CFR §164.526, at the request of Covered Entity or an Individual. This provision does not apply if Business Associate and its employees or Subcontractors have no Protected Health Information from a Designated Record Set of Covered Entity.
  2. Unless otherwise protected or prohibited from discovery or disclosure by law, Business Associate agrees to make internal practices, books, and records, including policies and procedures (collectively “Compliance Information”), relating to the Use or Disclosure of Protected Health Information and the protection of same, available to the Covered Entity or to the Secretary for purposes of the Secretary determining Covered Entity’s compliance with the HIPAA Rules and the HITECH Act. Business Associate further agrees, at the request of Covered Entity, to provide Covered Entity with demonstrable evidence that its Compliance Information ensures Business Associate’s compliance with this Agreement over time. Business Associate shall have a reasonable time within which to comply with requests for such access and/or demonstrable evidence, consistent with this Agreement. In no case shall access, or demonstrable evidence, be required in less than five (5) business days after Business Associate’s receipt of such request, unless otherwise designated by the Secretary.
  3. Business Associate agrees to maintain necessary and sufficient documentation of Disclosures of Protected Health Information as would be required for Covered Entity to respond to a request by an Individual for an accounting of such Disclosures, in accordance with 45 CFR §164.528.
  4. On request of Covered Entity, Business Associate agrees to provide to Covered Entity documentation made in accordance with this Agreement to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 C.F.R. §164.528. Business Associate shall provide said documentation in a manner and format to be specified by Covered Entity. Business Associate shall have a reasonable time within which to comply with such a request from Covered Entity and in no case shall Business Associate be required to provide such documentation in less than three (3) business days after Business Associate’s receipt of such request.
  5. Except as provided for in this Agreement, in the event Business Associate receives an access, amendment, accounting of disclosure, or other similar request directly from an Individual, Business Associate shall redirect the Individual to the Covered Entity.
  6. To the extent that Business Associate carries out one or more of Covered Entity’s obligations under the HIPAA Rules, the Business Associate must comply with all requirements of the HIPAA Rules that would be applicable to the Covered Entity.
  1. A Business Associate must honor all restrictions consistent with 45 C.F.R. §164.522 that the Covered Entity or the Individual makes the Business Associate aware of, including the Individual’s right to restrict certain disclosures of protected health information to a health plan where the individual pays out of pocket in full for the healthcare item or service, in accordance with HITECH Act Section 13405(a).
  2. Permitted Uses and Disclosures by Business Associate.
  3. Except as otherwise limited by this Agreement, Business Associate may make any Uses and Disclosures of Protected Health Information necessary to perform its services to Covered Entity and otherwise meet its obligations under this Agreement, if such Use or Disclosure would not violate the Privacy Rule, or the privacy provisions of the HITECH Act, if done by Covered Entity. All other Uses or Disclosures by Business Associate not authorized by this Agreement, or by specific instruction of Covered Entity, are prohibited.
  4. Except as otherwise limited in this Agreement, Business Associate may Use Protected Health Information for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate.
  5. Except as otherwise limited in this Agreement, Business Associate may Disclose Protected Health Information for the proper management and administration of the Business Associate, provided that Disclosures are Required By Law, or Business Associate obtains reasonable assurances from the person to whom the information is Disclosed that it will remain confidential and used, or further Disclosed, only as Required By Law, or for the purpose for which it was Disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.
  6. Except as otherwise limited in this Agreement, Business Associate may Use Protected Health Information to provide Data Aggregation services to Covered Entity as permitted by 45 CFR §164.504(e)(2)(i)(B). Business Associate agrees that such Data Aggregation services shall be provided to Covered Entity only wherein said services pertain to Health Care Operations. Business Associate further agrees that said services shall not be provided in a manner that would result in Disclosure of Protected Health Information to another covered entity who was not the originator and/or lawful possessor of said Protected Health Information. Further, Business Associate agrees that any such wrongful Disclosure of Protected Health Information is a direct violation of this Agreement and shall be reported to Covered Entity immediately after the Business Associate becomes aware of said Disclosure and, under no circumstances, later than three (3) business days thereafter.
  7. Business Associate may Use Protected Health Information to report violations of law to appropriate Federal and State authorities, consistent with §164.502(j)(1).
  8. Business Associate shall make Uses, Disclosures, and requests for Protected Health Information consistent with the Minimum Necessary principle as defined herein.
  9. Obligations and Activities of Covered Entity.
  10. Covered Entity shall notify Business Associate of the provisions and any limitation(s) in its notice of privacy practices of Covered Entity in accordance with 45 CFR §164.520, to the extent that such provisions and limitation(s) may affect Business Associate’s Use or Disclosure of Protected Health Information.
  11. Covered Entity shall notify Business Associate of any changes in, or revocation of, permission by an Individual to use or disclose Protected Health Information, to the extent that the changes or revocation may affect Business Associate’s use or disclosure of Protected Health Information.
  12. Covered Entity shall notify Business Associate of any restriction to the use or disclosure of Protected Health Information that Covered Entity has agreed to in accordance with 45 CFR §164.522, and also notify Business Associate regarding restrictions that must be honored under section 13405(a) of the HITECH Act, to the extent that such restrictions may affect Business Associate’s Use or Disclosure of Protected Health Information.
  13. Covered Entity shall notify Business Associate of any modifications to accounting disclosures of Protected Health Information under 45 CFR §164.528, made applicable under Section 13405(c) of the HITECH Act, to the extent that such restrictions may affect Business Associate’s use or disclosure of Protected Health Information.
  14. Covered Entity shall provide Business Associate, within thirty (30) business days of Covered Entity executing this Agreement, a description and/or specification regarding the manner and format in which Business Associate shall provide information to Covered Entity, wherein such information is required to be provided to Covered Entity as agreed to by Business Associate in paragraph 2(e) of this Agreement. Covered Entity reserves the right to modify the manner and format in which said information is provided to Covered Entity, as long as the requested modification is reasonably required by Covered Entity to comply with the HIPAA Rules or the HITECH Act, and Business Associate is provided sixty (60) business days notice before the requested modification takes effect.
  15. Covered Entity shall provide Business Associate, within thirty (30) business days of Covered Entity executing this Agreement, a description and/or specification regarding the manner and format in which Business Associate shall provide information to Covered Entity, wherein such information is required to be provided to Covered Entity as agreed to by Business Associate in paragraph 2(l) of this Agreement. Covered Entity reserves the right to modify the manner and format in which said information is provided to Covered Entity, as long as the requested modification is reasonably required by Covered Entity to comply with the HIPAA Rules or the HITECH Act, and Business Associate is provided sixty (60) business days notice before the requested modification takes effect.
  16. Covered Entity shall not require Business Associate to Use or Disclose Protected Health Information in any manner that would not be permissible under the HIPAA Rules if done by the Covered Entity.

 

  1. Term and Termination.
  2. Term. The Term of this Agreement shall begin as of the Effective Date and shall terminate when all of the Protected Health Information provided by Covered Entity to Business Associate, or created or received by Business Associate on behalf of Covered Entity, is destroyed or returned to Covered Entity, or, if it is infeasible to return or destroy Protected Health Information, protections are extended to such information, in accordance with the termination provisions in this Agreement.
  3. Termination for Cause by Covered Entity. Upon Covered Entity’s knowledge of a material breach of this Agreement by Business Associate, Covered Entity shall give Business Associate written notice of such breach and provide reasonable opportunity for Business Associate to cure the breach or end the violation. Covered Entity may terminate this Agreement, and Business Associate agrees to such termination, if Business Associate has breached a material term of this Agreement and does not cure the breach or cure is not possible. If neither termination nor cure is feasible, Covered Entity shall report the violation to the Secretary.
  4. Termination for Cause by Business Associate. Upon Business Associate’s knowledge of a material breach of this Agreement by Covered Entity, Business Associate shall give Covered Entity written notice of such breach and provide reasonable opportunity for Covered Entity to cure the breach or end the violation. Business Associate may terminate this Agreement, and Covered Entity agrees to such termination, if Covered Entity has breached a material term of this Agreement and does not cure the breach or cure is not possible. If neither termination nor cure is feasible, Business Associate shall report the violation to the Secretary.
  5. Effect of Termination.
  6. Except as provided in paragraph (2) of this section, upon termination of this Agreement for any reason, Business Associate shall return or destroy all Protected Health Information received from, or created or received by Business Associate on behalf of Covered Entity. This provision shall also apply to Protected Health Information that is in the possession of Subcontractors of Business Associate. Business Associate shall retain no copies of the Protected Health Information.
  7. In the event that Business Associate determines that returning or destroying the Protected Health Information is infeasible, Business Associate shall provide to Covered Entity, within ten (10) business days, notification of the conditions that make return or destruction infeasible. Upon such determination, Business Associate shall extend the protections of this Agreement to such Protected Health Information and limit further uses and disclosures of such Protected Health Information to those purposes that make the return or destruction infeasible, for so long as Business Associate maintains such Protected Health Information.
  8. Entire Agreement.
  9. This Agreement sersedes all other prior and contemporaneous written and oral agreements and understandings between Covered Entity and Business Associate regarding this Subject Matter. It contains the entire Agreement between the parties.
  10. This Agreement may be modified only by a signed written agreement between Covered Entity and Business Associate.
  11. All other agreements entered into between Covered Entity and Business Associate, not related to this Subject Matter, remain in full force and effect.
  12. Governing Law.
  13. This Agreement and the rights of the parties shall be governed by and construed in accordance with Federal law as it pertains to the Subject Matter. This Agreement shall be governed by and construed in accordance with the laws of the State of Delaware, without giving effect to applicable principles of conflicts of law to the extent that the application of the laws of another jurisdiction would be required thereby. In case of any dispute related to this Agreement, the parties agree to submit to personal jurisdiction in the State of Delaware.  Furthermore, the parties hereby irrevocably and unconditionally submit to the exclusive jurisdiction of any court of the State of Delaware or any federal court sitting in the State of Delaware for purposes of any suit, action or other proceeding arising out of this Agreement.  THE PARTIES HEREBY IRREVOCABLY WAIVE ANY AND ALL RIGHTS TO A TRIAL BY JURY IN ANY ACTION, SUIT OR OTHER PROCEEDING ARISING OUT OF OR RELATING TO THE TERMS, OBLIGATIONS AND/OR PERFORMANCE OF THIS AGREEMENT. 
  14. Miscellaneous.
  15. Regulatory References. A reference in this Agreement to a section in the Privacy Rule, Security Rule, or HITECH Act means the section as in effect or as amended.
  16. The Parties agree to take such action as is necessary to amend this Agreement from time to time as is necessary for Covered Entity and Business Associate to comply with the requirements of the Privacy Rule, Security Rule, the Health Insurance Portability and Accountability Act of 1996 (Pub. L. No. 104-191), and the HITECH Act, and its corresponding regulations.
  17. The respective rights and obligations of Business Associate under Section 5(d) of this Agreement shall survive the termination of this Agreement.
  18. Any ambiguity in this Agreement shall be resolved to permit Covered Entity and Business Associate to comply with the Privacy Rule, Security Rule, the Health Insurance Portability and Accountability Act of 1996 (Pub. L. No. 104-191), and the HITECH Act, and its corresponding regulations.
  19. Severability. If any provision or provisions of this Agreement is/are determined by a court of competent jurisdiction to be unlawful, void, or unenforceable, this Agreement shall not be unlawful, void or unenforceable thereby, but shall continue in effect and be enforced as though such provision or provisions were omitted.