These current consolidated Master SaaS Terms v 1.2 were published on 3rd February 2026.

A reference to 'Supplier', 'we', 'us', or 'our' within these Master Saas terms and associated documents referred herein means Upvio Healthtech Pty Ltd (ABN 35 657 030192)

IMPORTANT DISCLAIMER: EXCEPT AS EXPRESSLY SET OUT IN OUR AGREEMENT (INCLUDING CLAUSE 8) AND TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, WE DO NOT MAKE ANY PROMISES OR GIVE ANY WARRANTIES ABOUT OUR SERVICES. IN PARTICULAR, WE DO NOT WARRANT THAT: (i) THE SERVICES OR THE CONTENT (INCLUDING USER GENERATED CONTENT) IS VIRUS FREE, AND WE ACCEPT NO RESPONSIBILITY FOR ANY INFECTION BY VIRUS OR OTHER CONTAMINATION OR BY ANYTHING WHICH HAS DESTRUCTIVE PROPERTIES; (ii) ANY OF THE CONTENT OR THE SERVICES ARE ACCURATE AND/OR COMPLETE AND/OR FIT FOR A PARTICULAR PURPOSE; (iii) ANY OF THE CONTENT OR THE SERVICES PROVIDE YOU WITH LEGAL, FINANCIAL OR PROFESSIONAL ADVICE OF ANY KIND; AND (iv) ALTHOUGH WE WILL DO OUR BEST TO PROVIDE CONSTANT, UNINTERRUPTED ACCESS TO THE SERVICES, WE DO NOT GUARANTEE THIS. WE ACCEPT NO RESPONSIBILITY OR LIABILITY FOR ANY INTERRUPTION OR DELAY TO THE SERVICES.

IMPORTANT AI DISCLAIMER: THE AI SERVICES USE MACHINE LEARNING, COMPUTER VISION AND OTHER ALGORITHMIC / STATISTICAL INFERENCE TECHNIQUES TO GENERATE AI OUTPUT FROM AI INPUT. AI OUTPUT IS INHERENTLY PROBABILISTIC AND MAY INCLUDE ERRORS, FALSE POSITIVES, FALSE NEGATIVES, SPURIOUS CORRELATIONS OR OTHER INACCURACIES. AI OUTPUT MAY BE MATERIALLY AFFECTED BY INPUT SENSITIVITY AND REAL-WORLD CONDITIONS (INCLUDING LIGHTING, MOVEMENT, CAMERA/DEVICE LIMITATIONS, USER BEHAVIOUR, ENVIRONMENTAL CONDITIONS, SIGNAL NOISE/ARTEFACTS, AND “OUT-OF-DISTRIBUTION” INPUTS) AND MAY THEREFORE BE INACCURATE, INCOMPLETE, MISLEADING, NOT UP TO DATE, OR UNSUITABLE FOR YOUR PARTICULAR PURPOSES. YOU MUST NOT RELY ON AI OUTPUT AS A SOLE OR PRIMARY BASIS FOR ANY DECISION OR ACTION (INCLUDING ANY CLINICAL, MEDICAL, DIAGNOSTIC, TREATMENT, SAFETY-CRITICAL OR EMERGENCY USE), AND YOU MUST APPLY APPROPRIATE HUMAN OVERSIGHT, VERIFICATION AND PROFESSIONAL JUDGEMENT. THE AI SERVICES (INCLUDING ANY VITALS-RELATED OR EMOTIONAL/BEHAVIOURAL INSIGHT FUNCTIONALITY) ARE PROVIDED FOR INFORMATIONAL, ENGAGEMENT, INSIGHT AND/OR GENERAL WELLNESS PURPOSES ONLY AND ARE NOT INTENDED TO DIAGNOSE, TREAT, MITIGATE, CURE, PREVENT OR MONITOR ANY MEDICAL OR MENTAL HEALTH CONDITION, NOR TO PERFORM ANY FUNCTION THAT WOULD RENDER THEM A REGULATED MEDICAL DEVICE IN ANY JURISDICTION. THE PERFORMANCE AND OUTPUTS OF AI SERVICES MAY CHANGE OVER TIME DUE TO UPDATES, RE-TRAINING, RE-CALIBRATION, BUG FIXES, SECURITY PATCHES OR MODEL DRIFT, AND WE DO NOT GUARANTEE CONSISTENCY OR REPEATABILITY OF OUTPUTS ACROSS TIME, USERS, DEVICES OR ENVIRONMENTS. WE DO NOT WARRANT THAT AI SERVICES ARE FREE FROM BIAS OR WILL PERFORM EQUALLY ACROSS ALL POPULATIONS, SKIN TONES, DEMOGRAPHICS OR USE CONDITIONS. FOR CAMERA-BASED AI SERVICES, RAW VIDEO FRAMES ARE PROCESSED TRANSIENTLY IN REAL TIME TO EXTRACT SIGNAL FEATURES AND GENERATE AI OUTPUT AND ARE NOT STORED OR MADE ACCESSIBLE AS PART OF THE SERVICES EXCEPT AS EXPRESSLY SET OUT IN OUR PRIVACY POLICY AND/OR DATA PROTECTION ADDENDUM (E.G., WHERE REQUIRED BY LAW OR STRICTLY NECESSARY FOR SECURITY OR TROUBLESHOOTING WITH APPROPRIATE SAFEGUARDS.

FEES ARE PAYABLE EITHER MONTHLY OR ANNUALLY IN ADVANCE AND ARE NON-REFUNDABLE. BY AGREEING TO THESE TERMS, YOU AGREE TO PAY THE FEES (INCLUDING IN THE EVENT THAT YOU SUBSEQUENTLY DO NOT USE THE SUBSCRIBED SERVICES). FOR MORE INFORMATION, PLEASE READ CLAUSE 4.1, CLAUSE 7, CLAUSE 9.2, CLAUSE 9.3, AND CLAUSE 17 OF THIS AGREEMENT BEFORE PURCHASING OUR SERVICES.

WE MAKE NO PROMISES THAT OUR SERVICES IS APPROPRIATE OR AVAILABLE FOR USE IN YOUR COUNTRY. THOSE WHO PROCURE OUR SERVICES DO SO ON THEIR OWN INITIATIVE AND AT THEIR OWN RISK. WE WILL BE ABLE TO CONFIRM, BASED ON PRIOR EXPERIENCE, WHETHER OUR SERVICES ARE AVAILABLE IN YOUR COUNTRY AT THE TIME WE ENTER INTO THIS AGREEMENT, BUT WE DO NOT GUARANTEE THAT THE SERVICES WILL BE AVAILABLE FOR THE DURATION OF THE AGREEMENT SHOULD ANY AUTHORITY OR GOVERNMENT BAN OR RESTRICT US FROM PROVIDING SERVICES IN YOUR COUNTRY.

WE DRAW YOUR ATTENTION TO THE INDEMNITY PROVISIONS OUTLINED WITHIN CLAUSE 4, AND THE LIMITATION OF LIABILITY PROVISIONS OUTLINED WITHIN CLAUSE 17.

IF YOU ARE A US CUSTOMER, WE DRAW YOUR ATTENTION TO OUR HIPAA PRIVACY AND SECURITY POLICY, WHICH OUTLINES OUR COMPLIANCE WITH THE REQUIREMENTS UNDER THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT 1996 (‘HIPAA’).

1. DEFINITIONS AND INTERPRETATION

1. The definitions and rules of interpretation set out in ‎the Schedule shall apply to our Agreement.

IN OUR AGREEMENT:

2. By ticking the acceptance box when creating an account, or at checkout, or purchasing, paying for, accessing or using any part of the Services (including any AI Services), the Customer enters into a legally binding agreement with the Supplier as set out within these Master SaaS Terms which incorporates the additional terms set out within clause 1.3 below (our ‘Agreement’)
3. Our Agreement comprises of these Master Saas Terms, together with:

1. the Subscription Details;
2. the Addendums;
3. the Policies;
4. the HIPAA Business Associate Agreement at Annex A (where applicable); and
5. the Documentation.

4. Each time a Customer (including via an automated online sign‑up flow) purchases, renews, upgrades, downgrades or otherwise changes its subscription to any part of the Services (including purchasing additional Credits or other usage‑based entitlements), the applicable Subscription Details (as defined in the Schedule) are incorporated into and form part of our Agreement.
5. Unless our Agreement expressly states otherwise, if there is any conflict between documents forming part of our Agreement, the following order of priority applies (highest first);

1. the Subscription Details;
2. the Addendums and Annex A (to the extent applicable);
3. the Policies;
4. these Master SaaS Terms; and
5. the Documentation.

6. Subject to clause 1.5 above, later versions of documents prevail over earlier ones if there is any conflict or inconsistency between them.
7. Any obligation of the Supplier under our Agreement to comply or ensure compliance by any person or the Services with any law shall be limited to compliance only with laws within the Subscribed Territory as generally applicable to businesses and to providers of software as a service solution. Such obligations shall not be construed to create any obligation on the Supplier (or anyone acting on its behalf) or any part of the Services to comply with any laws or regulations which apply solely to specific commercial or other activities (such as insurance, legal advice or banking or other professional services) or which apply solely to a specific commercial or non-commercial sector (or part thereof) (such as the public, legal, accountancy, actuarial, insurance, banking or financial service sectors).

2. RIGHTS OF USE

1. Upon Order Acceptance and subject to the terms of our Agreement, the Supplier grants the Customer a non-exclusive, non-transferable, personal right to:

1. use each Subscribed Service during Service Hours; and
2. copy and use the Documentation as strictly necessary for its use by Authorised Users of the Subscribed Services,

within the relevant Subscribed Territory during the Subscribed Service Period for the Permitted Purpose.

2. The Customer acknowledges that access to the Subscribed Services may take up to three Business Days from Order Acceptance to initially set up and that use of the Subscribed Services is at all times subject to the Customer’s compliance with our Agreement and the requirements identified in our Agreement (including all minimum system requirements).
3. The Customer acknowledges that the Services do not include:

1. any services, systems or equipment required to access the internet (and that the Customer is solely responsible for procuring access to the internet and for all costs and expenses in connection with internet access, communications, data transmission and wireless or mobile charges incurred by it in connection with use of the Services);
2. dedicated data back up or disaster recovery facilities (and the Customer should ensure it at all times maintains backups of all Customer Data); or
3. legal, accounting or other professional or regulated services and that, except as expressly stated in our Agreement, no assurance is given that the Services will comply with or satisfy any legal or regulatory obligation of any person.

4. Where the Subscribed Services include any AI Services, the Customer acknowledges and agrees that:

1. the AI Services and all AI Output are provided for informational, insight and/or general wellness purposes only;
2. for camera-based AI Services, raw video frames are processed transiently in real time to extract signal features and generate AI Output and are not stored or made accessible as part of the Services, except as expressly set out in the Privacy Policy and/or Data Protection Addendum (for example, where required by law or strictly necessary for security/troubleshooting with appropriate safeguards);
3. AI Output may be affected by many factors (including lighting, movement, device limitations, user behaviour, environmental conditions, and the nature/quality of the AI Input) and therefore may be incomplete, inaccurate, misleading, not up to date, or not suitable for the Customer’s particular purposes;
4. the AI Services are not a substitute for professional judgement, professional advice, or clinical assessment, and are not intended for diagnosis, treatment decisions, clinical monitoring, emergency use, or any other use as a regulated medical device; and
5. the Supplier does not provide medical advice, clinical advice or other professional advice through the AI Services, and the Customer remains solely responsible for all decisions, actions and outcomes arising from its (and its Authorised Users’ / end users’) use of the AI Services and any AI Output.

5. The Customer shall (and shall ensure each of its Authorised Users shall):

1. use the AI Services strictly in accordance with the Documentation, the Acceptable Use Policy, and any on-screen instructions and disclosures provided by the Supplier from time to time;
2. not use (and not permit any third party to use) any AI Output as a substitute for professional medical advice, diagnosis or treatment, or in connection with any emergency situation or where delay or error could reasonably be expected to result in death, personal injury, or serious harm;
3. implement and maintain appropriate policies, procedures and human oversight to verify AI Output where reliance could reasonably be expected, and to ensure that AI Output is appropriately contextualised before being communicated to any individual;
4. ensure that any individual whose data is included in AI Input (including any biometric data or other personal data) is provided with clear information regarding the nature and limitations of the AI Services and that all legally required consents, notices and lawful bases are obtained and maintained in accordance with applicable law; and
5. not make, publish or communicate any statement (including to any end user) that suggests that the AI Services are a regulated “medical device” or are intended for diagnosis, treatment, mitigation, cure, prevention or monitoring of disease, unless and to the extent the Supplier has expressly confirmed otherwise in writing for the relevant jurisdiction and use case.

6. In the event the Customer breaches clause 2.5 above, then without limiting any other right or remedy, the Supplier may immediately suspend the Customer’s (and/or any relevant Authorised User’s) access to the AI Services and/or the Subscribed Services, and such breach will be treated as a material breach of this Agreement.

3. AUTHORISED USERS

1. The Customer shall ensure that only Authorised Users use the Subscribed Services and that such use is at all times in accordance with our Agreement. The Customer shall ensure that Authorised Users are, at all times while they have access to the Subscribed Services, the employees or contractors of the Customer or the Authorised Affiliates.
2. The Customer shall keep a list of all Authorised Users and shall notify the Supplier within two Business Days if any updates to any list of Authorised Users are made or required, including when Authorised Users cease to be employed or engaged by a relevant entity such that they are no longer entitled to be Authorised Users. Where termination of such relationship is known in advance, the Supplier shall provide such information as soon as reasonably possible prior to such termination of that relationship, together with the date such person shall cease to be an Authorised User.
3. The Customer shall ensure that the number of Authorised Users for each Subscribed Service do not exceed the number of Purchased Authorised Users Accounts for the relevant Subscribed Service at any time. The Customer is entitled to remove one individual as an Authorised User and replace them with another individual in accordance with the terms of our Agreement, but Authorised User accounts cannot be shared or used by more than one individual at the same time.
4. Without prejudice to any other right or remedy of the Supplier, in the event the Customer is in breach of clause ‎3.3 then:

1. the warranties in clause ‎8.1 shall cease to apply for the duration of the period during which the Customer is in breach of clause ‎3.3; and
2. the Customer shall be liable to pay for the number of Authorised Users above the number of Purchased Authorised Users Accounts for that Subscribed Service for the relevant period during which infringement occurred in accordance with the Supplier’s Standard Pricing Terms.

5. The Customer shall:

1. be liable for the acts and omissions of the Authorised Users and the Authorised Affiliates as if they were its own;
2. only provide Authorised Users with access to the Services via the online login page provided by the Supplier and shall not provide access to (or permit access by) anyone other than an Authorised User; and
3. procure that each Authorised User (and each Authorised Affiliate) is aware of, and complies with, the obligations and restrictions imposed on the Customer under our Agreement, including all obligations and restrictions relating to the Supplier’s Confidential Information.

6. The Customer warrants and represents that it, and all Authorised Users and all others acting on its or their behalf (including systems administrators) shall, keep confidential and not share with any third party (or with other individuals except those with administration rights at the Customer and its Authorised Affiliate’s organisation as necessary for use of the Service) their password or access details for any Subscribed Service.
7. The Customer shall (and shall ensure all Authorised Affiliates and Authorised Users shall) at all times comply with the Acceptable Use Policy and all other provisions of our Agreement.
8. If any password has been provided to an individual that is not an Authorised User, the Customer shall, without delay, disable any such passwords and notify the Supplier immediately.
9. The Customer shall comply (and shall ensure all Authorised Affiliates and Authorised Users comply) with all applicable laws, rules, and regulations governing export that apply to the Services, the Customer Data and the Documentation (or any part), and shall not export or re-export, directly or indirectly, separately or as a part of a system, the Services, the Customer Data or the Documentation (or any part) to, or access or use the Services, the Customer Data or the Documentation (or any part) in, any country or territory for which an export licence or other approval is required, without first obtaining such licence or other approval. Without prejudice to the Supplier’s obligations under the Data Protection Addendum, the Customer shall be solely responsible for ensuring its access, importation and use of the Services, the Customer Data and Documentation in or into any part of the Subscribed Territory or elsewhere complies with all export and other laws.
10. Clauses ‎3.5 to ‎3.9 (inclusive) shall survive termination or expiry of our Agreement.

4. INDEMNITY

1. THE CUSTOMER SHALL INDEMNIFY, KEEP INDEMNIFIED AND HOLD HARMLESS THE SUPPLIER (ON THE SUPPLIER’S OWN BEHALF ON BEHALF OF EACH OF THE SUPPLIER’S AFFILIATES) FROM AND AGAINST ANY LOSSES, CLAIMS, DAMAGES, LIABILITY, UNPAID FEES (IN ALL CIRCUMSTANCES INCLUDING WHERE SUCH UNPAID FEES RESULT FROM A DISPUTE RAISED BY THE CUSTOMER VIA A THIRD PARTY PAYMENT PROVIDER), DATA PROTECTION LOSSES, COSTS (INCLUDING LEGAL AND OTHER PROFESSIONAL FEES) AND EXPENSES INCURRED BY IT (OR ANY OF ITS AFFILIATES) AS A RESULT OF THE CUSTOMER’S BREACH OF THIS AGREEMENT.
2. THIS CLAUSE ‎4 SHALL SURVIVE TERMINATION OR EXPIRY OF THIS AGREEMENT.

5. SUPPORT

1. Support Services are provided in accordance with (and subject to) the applicable Subscription Service Specific Terms and/or the Subscription Details.
2. The Supplier shall use reasonable endeavours to notify the Customer in advance of scheduled maintenance, but the Customer acknowledges that it may receive no advance notification for downtime caused by Force Majeure or for other emergency maintenance.

6. CHANGES TO SERVICES AND TERMS

1. The Supplier may at its absolute discretion make, and notify the Customer of, updated versions of the documents referred to in clause ‎1.2 or other documents referred to in any part of our Agreement (excluding in each case the Subscription Details and Annex A (HIPAA Business Associate Agreement)) from time to time by notifying the Customer by email (Update Notification). The Supplier shall comply with its related obligations in the Data Protection Addendum and the HIPAA Privacy and Security Policy.
2. The document(s) subject to such Update Notification shall replace the preceding version of the same document(s) for the purposes of our Agreement from the date 10 Business Days’ after Update Notification of such revised document(s) (the Update) (or at such later date as the Supplier may specify).
3. In the event that the Customer reasonably believes that any Update materially impacts it negatively in any manner it may by notice elect to terminate our Agreement in respect of all impacted Subscribed Services provided it exercises such right prior to such Update taking effect pursuant to clause ‎6.2 on not less than 10 Business Days prior written notice and notifies the Supplier at the time of exercising such right of the negative impact which has caused it to exercise this right. In the event of such termination the Customer shall receive a refund of any pre-paid Fees in respect of such terminated Services.
4. The Customer acknowledges that the Supplier shall be entitled to modify the features and functionality of the Services. The Supplier may, without limitation to the generality of this clause ‎6.4, establish new limits on the Services (or any part), including limiting the volume of data which may be used, stored or transmitted in connection with the Service, remove or restrict application programming interfaces or make alterations to data retention periods, provided such changes are introduced by Update to the relevant impacted contractual documents. The Supplier shall comply with its related obligations in the Data Protection Addendum and the HIPAA Privacy and Security Policy.
5. In respect of the HIPAA Business Associate Agreement set out at Annex A:

1. if the Customer is a Covered Entity or Business Associate (as those terms are defined under HIPAA) and the Customer’s use of the Services involves the creation, receipt, maintenance or transmission of Protected Health Information, then the HIPAA Business Associate Agreement at Annex A applies automatically and forms part of our Agreement;
2. the Customer must not provide the Supplier with any Protected Health Information unless clause 6.5.1 applies;
3. the Customer shall promptly notify the Supplier in writing if it intends to use the Services to create, receive, maintain or transmit Protected Health Information; and
4. to the extent of any conflict between Annex A and any other part of our Agreement in relation to Protected Health Information, Annex A prevails.

7. FEES

1. The Customer shall pay the Fees at the rates and in the manner set out in the Pricing Terms and/or the Subscription Details.
2. The Customer shall pay the Subscription Fees to the Supplier in advance, either monthly or annually (and re-occurring monthly/annually on the same day that the Customer made the initial payment).
3. The Supplier will invoice the Customer for the Subscription Fees which will be made available to the Customer within the billing area of the platform, and the Customer may decide whether or not to review the invoices provided by the Supplier.
4. In the event that the Customer requires any Implementation Services, such Fees shall be payable in advance by the Customer.
5. The Supplier will charge and/or invoice the Customer (including via the billing area of the platform) for any Add-On Fees, Implementation Fees, Usage Fees and/or Credits in accordance with the Pricing Terms and/or Subscription Details.
6. Where the Pricing Terms and/or Subscription Details provide that certain AI Services are measured using Credits, the following applies:

1. Credits may be included in a plan or purchased separately through the Services;
2. use of the relevant AI Services will consume Credits at the rate shown in-product and/or in the Pricing Terms;
3. if the Customer does not have sufficient Credits, the Supplier may restrict or suspend access to the relevant AI Services until additional Credits are purchased; and
4. Credits are non-transferable and non-refundable, and any expiry/rollover rules are as set out in the Pricing Terms and/or Subscription Details.

7. The Fees are exclusive of VAT, GST or any other applicable tax chargeable in the Customer’s jurisdiction which shall be payable by the Customer at the rate and in the manner prescribed by law.
8. Fees payable to the Supplier under our Agreement shall be paid electronically via credit/debit card, PayPal, or Stripe (or under any other method made available to the Customer by the Supplier from time-to-time).
9. The Customer acknowledges that the Subscription Fees, Usage Fees/Credits, and Add-on Fees (and any other fees) whether the Customer has elected to pay annually or monthly are non-refundable. The Customer further acknowledges that the Subscription Fees, Usage Fees/Credits, and Add-on Fees (as applicable) shall be paid by the Customer until the Agreement is terminated, or as otherwise agreed by the Supplier, including in circumstances that the Customer does not use any of the Subscribed Services. For the avoidance of doubt, where Usage Fees are charged through a credit system (Credits), the Customer may be required to purchase Credits in advance in order to access and/or use usage-based features (including AI scans and other AI-enabled usage). Purchased Credits are non-refundable, are not legal tender, and have no cash value (except to the extent required by law).
10. In the event that the Customer fails to pay any Fees due under this Agreement, the Supplier shall have the right to suspend the Subscribed Services in accordance with clause 18, and terminate this Agreement immediately, and:

1. Supplier shall keep the Customer’s Subscribed Services active for a period of 14 days, and if the Customer fails to pay within such period, the Supplier shall de-activate the Customer’s account, and cease providing Subscribed Services to the Customer; and
2. Supplier shall have the right to charge interest on overdue invoices at the rate of 4% per year above the base rate of BARCLAYS BANK PLC, calculated from the date when payment of the invoice becomes due for payment up to and including the date of actual payment whether before or after judgment.

11. In the event that the Supplier terminates this Agreement in accordance with this clause 7.10 above (for non-payment) the Supplier shall store any Customer data stored for a period of 30 days before irretrievably deleting it.
12. The Supplier shall be entitled to increase the Fees for any and all Services at any time by notice to the Customer provided that the Supplier shall not be entitled to increase the Fees on less than six weeks prior notice or more than once every 12 months.

8. WARRANTIES

1. Subject to the remainder of this clause ‎8, the Supplier warrants that:

1. each Subscribed Service shall operate materially in accordance with its Description when used in accordance with our Agreement under normal use and normal circumstances during the relevant Subscribed Service Period; and
2. it shall provide each of the Services with reasonable care and skill.

2. The Customer acknowledges that clause ‎8.1 does not apply to Free or Trial Services or to Support Services provided in connection with the same. Without prejudice to the Supplier’s obligations under our Agreement in respect of Protected Data, Free or Trial Services and Support Services provided in connection with the same are provided ‘as is’ and without warranty to the maximum extent permitted by law.
3. The Services may be subject to delays, interruptions, errors or other problems resulting from use of the internet or public electronic communications networks used by the parties or third parties. The Customer acknowledges that such risks are inherent in cloud services and that the Supplier shall have no liability for any such delays, interruptions, errors or other problems.
4. If there is a breach of any warranty in clause ‎8.1 the Supplier shall at its option: use reasonable endeavours to repair or replace the impacted Services within a reasonable time or (whether or not it has first attempted to repair or replace the impacted Service) refund the Fees for the impacted Services which were otherwise payable for the period during which the Supplier was in breach of any such warranty (provided such period is at least 10 consecutive days). To the maximum extent permitted by law, this clause ‎8.4 sets out the Customer’s sole and exclusive remedy (however arising, whether in contract, negligence or otherwise) for any breach of any of the warranties in clause ‎8.1.
5. The warranties in clause ‎8.1 are subject to the limitations set out in clause ‎17 and shall not apply to the extent that any error in the Services arises as a result of:

1. incorrect operation or use of the Services by the Customer, any Authorised Affiliate or any Authorised User (including any failure to follow the Documentation or failure to meet minimum specifications);
2. use of any of the Services other than for the purposes for which it is intended;
3. use of any Services with other software or services or on equipment with which it is incompatible;
4. any act by any third party (including hacking or the introduction of any virus or malicious code);
5. any modification of Services (other than that undertaken by the Supplier or at its direction); or
6. any breach of our Agreement by the Customer (or by any Authorised Affiliate or Authorised User).

6. The Supplier may make Non-Supplier Materials available for the Customer’s use in connection with the Services. The Customer agrees that:

1. the Supplier has no responsibility for the use or consequences of use of any Non-Supplier Materials;
2. the Customer’s use of any Non-Supplier Materials shall be governed by the applicable terms between the Customer and the owner or licensor of the relevant Non-Supplier Materials;
3. the Customer is solely responsible for any Non-Supplier Materials used in connection with the Services and for compliance with all applicable third party terms which may govern the use of such Non-Supplier Materials; and
4. the continued availability, compatibility with the Services and performance of the Non-Supplier Materials is outside the control of the Supplier and the Supplier has no responsibility for any unavailability of or degradation in the Services to the extent resulting from the availability, incompatibility or performance of any of the Non-Supplier Materials;

7. The Customer acknowledges that no liability or obligation is accepted by the Supplier (howsoever arising whether under contract, tort, in negligence or otherwise):

1. that the Subscribed Services shall meet the Customer’s individual needs, whether or not such needs have been communicated to the Supplier;
2. that the operation of the Subscribed Services shall not be subject to minor errors or defects; or
3. that the Subscribed Services shall be compatible with any other software or service or with any hardware or equipment except to the extent referred to as compatible within the Documentation.

8. Other than as set out in this clause ‎8, and subject to clause ‎17.7, all warranties, conditions, terms, undertakings or obligations whether express or implied by statute, common law or otherwise and including any implied terms relating to quality, fitness for any particular purpose or ability to achieve a particular result are excluded to the extent permitted by law.

9. CUSTOMERS RESPONSIBILITIES

1. The Customer shall (and shall ensure all Authorised Affiliates and Authorised Users shall) at all times:

1. comply with all applicable laws relating to the use or receipt of the Services, including laws relating to privacy, data protection and use of systems and communications;
2. maintain the confidentiality and security of their login credentials and ensure that Authorized Affiliates and Authorized Users do the same;
3. be responsible for all activities that occur under their account, including any unauthorized use of the Service;
4. not use the Services to infringe upon the intellectual property rights of any third party;
5. not use the Services for any illegal or fraudulent purpose or in a manner that could damage, disable, overburden, or impair the Service;
6. not modify, adapt, translate, or reverse engineer the Service or any part thereof;
7. not sell, resell, sublicense, distribute, or lease the Service or any part thereof;
8. promptly notify the Supplier of any security breaches or unauthorized access to the Service;
9. be responsible for ensuring that their systems and equipment meet the minimum requirements for using the Service; and
10. be responsible for backing up their data and ensuring that they have the ability to recover their data in the event of a loss or corruption.

2. The Customer shall not, at any time, raise a dispute without first raising such dispute with the Supplier first; and
3. The Customer shall not seek a refund from any third-party payment provider (such as Stripe) and it hereby acknowledges and agrees that it shall have no right to request a refund of any Fees properly due to the Supplier, in any circumstances.

10. INTELLECTUAL PROPERTY

1. All Intellectual Property Rights in and to the Services (including in all Applications, Documentation and all Supplier Provided Materials) belong to and shall remain vested in the Supplier or the relevant third-party owner. To the extent that the Customer, any of its Affiliates or any person acting on its or their behalf acquires any Intellectual Property Rights in the Applications, Documentation, Supplier Provided Materials or any other part of the Services, the Customer shall assign or procure the assignment of such Intellectual Property Rights with full title guarantee (including by way of present assignment of future Intellectual Property Rights) to the Supplier or such third party as the Supplier may elect. The Customer shall execute all such documents and do such things as the Supplier may consider necessary to give effect to this clause ‎10.1.
2. Except as expressly stated in the Subscription Details (or elsewhere in our Agreement), the Supplier has no obligation to deliver any copies of any software to the Customer in connection with our Agreement or the Services.
3. The Customer and Authorised Users may be able to store or transmit Customer Data using one or more Subscribed Service and the Subscribed Services may interact with Customer Systems. The Customer hereby grants a royalty-free, non-transferable, non-exclusive licence for the Supplier (and each of its direct and indirect sub-contractors) to use, copy and other otherwise utilise the Customer Data and Customer Systems to the extent necessary to perform or provide the Services or to exercise or perform the Supplier’s rights, remedies and obligations under our Agreement.
4. To the extent Non-Supplier Materials are made available to, or used by or on behalf of the Customer, any Authorised Affiliate or any Authorised User in connection with the use or provision of any Subscribed Service, such use of Non-Supplier Materials (including all licence terms) shall be exclusively governed by applicable third party terms notified or made available by the Supplier or the third party and not by our Agreement. The Supplier grants no Intellectual Property Rights or other rights in connection with any Non-Supplier Materials.
5. The Supplier may use any feedback and suggestions for improvement relating to the Services provided by the Customer, the Authorised Affiliates or any Authorised User without charge or limitation (Feedback). The Customer hereby assigns (or shall procure the assignment of) all Intellectual Property Rights in the Feedback with full title guarantee (including by way of present assignment of future Intellectual Property Rights) to the Supplier at the time such Feedback is first provided to the Supplier.
6. The Customer hereby waives (and shall ensure all relevant third parties have waived) all rights to be identified as the author of any work, to object to derogatory treatment of that work and all other moral rights in the Intellectual Property Rights assigned to the Supplier under our Agreement.
7. As between the parties, the Supplier owns (and the Customer assigns to the Supplier, by way of present assignment of future rights, to the extent such rights arise) all Intellectual Property Rights in and to the AI System and the AI Services, including any Updates, enhancements, improvements and derivative works, and any learnings, configurations or modifications made in the course of providing the AI Services (except to the extent comprised of Customer Data).
8. Nothing in our Agreement transfers to the Customer any right, title or interest in or to the AI System or the AI Services other than the limited rights expressly granted under clause 2 (and any other express licence granted by the Supplier in writing).
9. The Customer may use AI Output solely for the Customer’s Permitted Purpose and only in connection with the Customer’s authorised use of the Subscribed Services.
10. To the extent (if any) that AI Output attracts Intellectual Property Rights, the Supplier grants the Customer a non-exclusive, non-transferable, non-sublicensable (except to the Customer’s end users strictly as required for the Permitted Purpose), revocable licence to use that AI Output for the Permitted Purpose during the Subscription Term.
11. For clarity, AI Output does not include, and the Customer has no rights to access, extract or use, the AI System or any underlying model, weights, parameters, source code, methods, training data or Supplier Provided Materials used to generate AI Output.
12. Without limiting clause 10.2, the Customer shall not (and must ensure that its Authorised Users shall not):

1. use the AI Services, AI Output, Documentation or any part of the Services to develop, train, fine-tune, validate or improve any algorithmic, machine learning or artificial intelligence model or system that competes with (or could reasonably be used to compete with) the Supplier or the Services;
2. systematically scrape, harvest, query, probe or extract AI Output (including through automated means) in order to derive, reconstruct, approximate, replicate or discover the AI System, its functionality, performance characteristics, underlying models, or any Supplier Confidential Information;
3. represent AI Output as clinical, diagnostic or medically determinative, or otherwise remove, obscure or fail to communicate any disclaimers or limitations provided by the Supplier in relation to the AI Services; or
4. use the AI Services or AI Output in any way that violates the Acceptable Use Policy or applicable law.

13. The Supplier may process Customer Data and AI Input to provide the Subscribed Services (including to generate AI Output), to maintain and secure the Services, and to comply with its legal obligations, in accordance with our Agreement (including any Data Protection Addendum) and the Privacy Policy.
14. The Supplier may create and use de-identified and aggregated data derived from Customer Data and/or AI Input/AI Output (including usage, performance, reliability, security, and diagnostic logs) for the Supplier’s legitimate business purposes, including to improve, develop, test and enhance the Services and the AI Services, provided that such data does not identify the Customer or any individual and cannot reasonably be re-identified.
15. The Supplier may use AI tools (including machine learning and/or generative AI systems) in the performance of the Services, provided that the Supplier maintains appropriate measures designed to preserve confidentiality and security and does not disclose the Customer’s Confidential Information or personal data to third-party AI tools except as permitted under our Agreement (including via approved Sub-processors) and in accordance with the Data Protection Addendum.
16. EXCEPT FOR THE RIGHTS EXPRESSLY GRANTED IN OUR AGREEMENT, THE CUSTOMER, ANY AUTHORISED USER, ANY CUSTOMER AFFILIATE AND THEIR DIRECT AND INDIRECT SUB-CONTRACTORS, SHALL NOT ACQUIRE IN ANY WAY ANY TITLE, RIGHTS OF OWNERSHIP, OR INTELLECTUAL PROPERTY RIGHTS OF WHATEVER NATURE IN THE SERVICES (OR ANY PART INCLUDING THE APPLICATIONS OR DOCUMENTATION) AND NO INTELLECTUAL PROPERTY RIGHTS OF EITHER PARTY ARE TRANSFERRED OR LICENSED AS A RESULT OF OUR AGREEMENT.
17. This clause ‎10 shall survive the termination or expiry of our Agreement.

11. DEFENCE AGAINST INFRINGEMENT CLAIMS

1. Subject to clauses ‎11.2 and ‎11.5, the Supplier shall:

1. defend at its own expense any claim brought against the Customer by any third party alleging that the Customer’s use of the Services infringes any copyright, database right or registered trade mark, registered design right or registered patent (an IP Claim); and
2. pay, subject to clause ‎11.3, all costs and damages awarded or agreed in settlement or final judgment of an IP Claim.

2. The provisions of clause ‎11.1 shall not apply unless the Customer:

1. promptly (and in any event within 5 Business Days) notifies the Supplier upon becoming aware of any actual or threatened IP Claim and provides full written particulars;
2. makes no comment or admission and takes no action that may adversely affect the Supplier’s ability to defend or settle the IP Claim;
3. provides all assistance reasonably required by the Supplier subject to the Supplier paying the Customer’s reasonable costs; and
4. gives the Supplier sole authority to defend or settle the IP Claim as the Supplier considers appropriate.

3. The provisions of clause ‎17 shall apply to any payment of costs and damages awarded or agreed in settlement or final judgment of an IP Claim under clause ‎11.1.
4. In the event of any IP Claim the Supplier may elect to terminate our Agreement immediately by written notice and promptly refund to the Customer on a pro-rata basis for any unused proportion of Fees paid in advance. This clause ‎11.4 is without prejudice to the Customer’s rights and remedies under clauses ‎11.1.
5. The Supplier shall have no liability or obligation under this clause ‎11 in respect of (and shall not be obliged to defend) any IP Claim which arises in whole or in part from:

1. any modification of the Services (or any part) without the Supplier’s express written approval;
2. any Non-Supplier Materials;
3. any Customer Data;
4. any Free or Trial Services (or any Support Services provided in connection with them);
5. any Open Source Software;
6. any breach of our Agreement by the Customer;
7. installation or use of the Services (or any part) otherwise than in accordance with our Agreement and the User Manual; or
8. installation or use of the Services (or any part) in combination with any software, hardware or data that has not been supplied or expressly authorised by the Supplier.

6. Subject to clause ‎17.7, the provisions of this clause ‎11 set out the Customer’s sole and exclusive remedy (howsoever arising, including in contract, tort, negligence or otherwise) for any IP Claim.

12. CUSTOMER SYSTEMS AND CUSTOMER DATA

1. Customer Data shall at all times remain the property of the Customer or its licensors.
2. Except to the extent the Supplier has direct obligations under data protection laws, the Customer has outlined how it shall treat Customer data within the Data Protection Addendum, and (as applicable) the HIPAA Privacy and Security Policy and HIPAA Business Associate Agreement.
3. If the Supplier becomes aware of any allegation that any Customer Data may not comply with the Data Protection Addendum, the Acceptable Use Policy, or (if applicable) the HIPAA Privacy and Security Policy and the HIPAA Business Associate Agreement or any other part of our Agreement the Supplier shall have the right to permanently delete or otherwise remove or suspend access to any Customer Data which is suspected of being in breach of any of the foregoing from the Services and/or disclose Customer Data to law enforcement authorities (in each case without the need to consult the Customer). Where reasonably practicable and lawful the Supplier shall notify the Customer before taking such action.
4. Except as otherwise expressly agreed in our Agreement, the Supplier shall not be obliged to provide the Customer with any assistance extracting, transferring, or recovering any data whether during or after the Service Period. The Customer acknowledges and agrees that it is responsible for maintaining safe backups and copies of any Customer Data, including as necessary to ensure the continuation of the Customer’s and Authorised Affiliates’ businesses. The Customer shall, without limitation, ensure that it backs up (or procures the back up of) all Customer Data regularly (in accordance with its, its Authorised Affiliates and its Authorised User’s needs) and extracts it from each Subscribed Service prior to the termination or expiry of our Agreement or the cessation or suspension of any of the Services.
5. The Supplier routinely undertakes regular backups of the Subscribed Services (which may include Customer Data) for its own business continuity purposes. The Customer acknowledges that such steps do not in any way make the Supplier responsible for ensuring the Customer Data does not become inaccessible, damaged or corrupted. To the maximum extent permitted by applicable law, the Supplier shall not be responsible (under any legal theory, including in negligence) for any loss of availability of, or corruption or damage to, any Customer Data.
6. Unless otherwise agreed by the parties in writing, the Customer hereby instructs that the Supplier shall within 90 days of the earlier of the end of the provision of the Services (or any part) relating to the processing of the Customer Data securely dispose of such Customer Data processed in relation to the Services (or any part) which have ended (and all existing copies of it) except to the extent that any applicable laws requires the Supplier to store such Customer Data. The Supplier shall have no liability (howsoever arising, including in negligence) for any deletion or destruction of any such Customer Data undertaken in accordance with our Agreement.

13. CONFIDENTIALITY AND SECURITY OF CUSTOMER DATA

1. The Supplier shall maintain the confidentiality of the Customer Data and shall not without the prior written consent of the Customer or in accordance with our Agreement, disclose or copy the Customer Data other than as necessary for the performance of the Services or its express rights and obligations under our Agreement.
2. The Supplier shall implement technical and organisational security measures in accordance with the Information Security Addendum. The Supplier maintains an information security programme and controls designed to align with recognised security standards and assurance frameworks, including ISO/IEC 27001 and SOC 2 (Trust Services Criteria). The Supplier is working towards obtaining, and where obtained will maintain, ISO/IEC 27001 certification and a SOC 2 Type II independent audit/attestation (or a materially equivalent assurance). On reasonable written request and subject to appropriate confidentiality obligations, the Supplier will provide the Customer with reasonable evidence of the Supplier’s then-current certification/attestation status (for example, copies of relevant certificates and/or a SOC report or executive summary, where available and permitted to be shared).
3. The Supplier:

1. undertakes to disclose the Customer Data only to those of its officers, employees, agents, contractors and direct and indirect sub-contractors to whom, and to the extent to which, such disclosure is necessary for the purposes contemplated under our Agreement or as otherwise reasonably necessary for the provision or receipt of the Services, and
2. shall be responsible to the Customer for any acts or omissions of any of the persons referred to in clause ‎13.3.1 in respect of the confidentiality and security of the Customer Data as if they were the Supplier’s own.

4. The provisions of this clause ‎13 shall not apply to information which:

1. is or comes into the public domain through no fault of the Supplier, its officers, employees, agents or contractors;
2. is lawfully received by the Supplier from a third party free of any obligation of confidence at the time of its disclosure;
3. is independently developed by the Supplier (or any of its Affiliates or any person acting on its or their behalf), without access to or use of such Confidential Information; or
4. is required by law, by court or governmental or regulatory order to be disclosed,

provided that clauses ‎13.4.1 to ‎13.4.3 (inclusive) shall not apply to Protected Data.

5. This clause ‎13 shall survive the termination or expiry of our Agreement for a period of ten years.
6. To the extent any Customer Data is Protected Data, the Supplier shall ensure that such Customer Data may be disclosed or used only to the extent such disclosure or use does not conflict with any of the Supplier’s obligations under the Data Protection Addendum (or, if applicable) the HIPAA Privacy and Security Policy and HIPAA Business Associate Agreement. Clauses ‎13.1 to ‎13.5 (inclusive) are subject to this clause ‎13.6.

14. SUPPLIERS CONFIDENTIAL INFORMATION

1. The Customer shall maintain the confidentiality of the Supplier’s Confidential Information and shall not without the prior written consent of the Supplier, disclose, copy or modify the Supplier’s Confidential Information (or permit others to do so) other than as necessary for the performance of its express rights and obligations under our Agreement.
2. The Customer undertakes to:

1. disclose the Supplier’s Confidential Information only to those of its officers, employees, agents and contractors to whom, and to the extent to which, such disclosure is necessary for the purposes contemplated under our Agreement;
2. procure that such persons are made aware of and agree in writing to observe the obligations in this clause ‎14; and
3. be responsible for the acts and omissions of those third parties referred to in this clause ‎14.2 as if they were the Customer’s own acts or omissions.

3. The Customer shall give notice to the Supplier of any unauthorised use, disclosure, theft or loss of the Supplier’s Confidential Information immediately upon becoming aware of the same.
4. The provisions of this clause ‎14 shall not apply to information which:

1. is or comes into the public domain through no fault of the Customer, its officers, employees, agents or contractors;
2. is lawfully received by the Customer from a third party free of any obligation of confidence at the time of its disclosure;
3. is independently developed by the Customer, without access to or use of the Supplier’s Confidential Information; or
4. is required by law, by court or governmental or regulatory order to be disclosed provided that the Customer, where possible, notifies the Supplier at the earliest opportunity before making any disclosure.

5. The parties agree that the terms of this clause 14 shall survive the termination or expiry of our Agreement for a period of ten years.

15. MONITORING COMPLIANCE

1. During the Service Period and for seven years thereafter the Customer shall maintain full and accurate records relating to Authorised Users’, the Customer’s and Authorised Affiliates’ use of the Services under our Agreement.
2. The Customer shall allow and procure for the Supplier (and any representatives of the Supplier) access to its premises and the premises of Authorised Affiliates to:

1. inspect use of the Services; and
2. audit (and take copies of) the relevant records of the Customer and the Authorised Affiliates,

in each case to the extent necessary to verify that the Customer is in compliance with its obligations under our Agreement.

3. Unless otherwise agreed in writing, the inspection and audit referred to in clause ‎15.2 shall be undertaken:

1. during the Customer’s normal business hours on Business Days;
2. subject to the provision by the Supplier of a minimum of five (5) Business Days’ notice; and
3. not more than twice in any calendar year.

4. At the Supplier’s request from time to time the Customer shall promptly (and in any event within two Business Days of such request) provide the Supplier with copies of the records referred to in clause ‎15.1.
5. The Supplier may monitor, collect, store and use information on the use and performance of the Services (including Customer Data) to detect threats or errors to the Services and/or Supplier’s operations and for the purposes of the further development and improvement of the Supplier’s services, provided that such activities at all times comply with the Privacy Policy, the Data Protection Addendum and (if applicable) the HIPAA Privacy and Security Policy and HIPAA Business Associate Agreement.
6. This clause ‎15 shall survive termination or expiry of our Agreement for a period of 12 months.

16. RELIEF

To the maximum extent permitted by law, the Supplier shall not be liable (under any legal theory, including negligence) for any breach, delay, or default in the performance of our Agreement to the extent the same (or the circumstances giving rise to the same) arises or was contributed to by any Relief Event.

17. LIMITATION OF LIABILITY

1. THE EXTENT OF THE SUPPLIER’S LIABILITY UNDER OR IN CONNECTION WITH OUR AGREEMENT (REGARDLESS OF WHETHER SUCH LIABILITY ARISES IN TORT, CONTRACT OR IN ANY OTHER WAY AND WHETHER OR NOT CAUSED BY NEGLIGENCE OR MISREPRESENTATION OR UNDER ANY INDEMNITY) SHALL BE AS SET OUT IN THIS CLAUSE ‎17.
2. Subject to clauses ‎17.2, ‎17.4 and ‎17.7, the Supplier’s aggregate liability in respect of each individual Subscribed Service (and all support services provided in connection with the same) (howsoever arising under or in connection with our Agreement) shall not exceed the greater of:

1. An amount equal to the Subscription Fees for the relevant Subscribed Service paid to the Supplier by the customer in the 12-month period immediately preceding the first incident giving rise to any claim under our Agreement; or
2. An amount equal to 12 times the Subscription Fees for the relevant Subscribed Service due or paid to the Supplier for the first month of the relevant Subscribed Service period.

3. Subject to clauses ‎17.4 and ‎17.7, the Supplier’s aggregate liability in respect of each individual Free or Trial service (and all support services provided in connection with the same) (howsoever arising under or in connection with our agreement) shall not exceed $1,000 AUD.
4. Subject to clause ‎17.7, the Supplier’s total aggregate liability howsoever arising under or in connection with our Agreement shall not exceed the greater of:

1. An amount equal to the Fees for all Services paid to the Supplier in the 12-month period immediately preceding the first incident giving rise to any claim under our Agreement; or
2. An amount equal to 12 times the fees due or paid to the Supplier for the Services provided in the first month of the Service period.

5. Subject to clause ‎17.7, the Supplier shall not be liable for consequential, indirect or special losses.
6. Subject to clause ‎17.7, the Supplier shall not be liable for any of the following (whether direct or indirect):

1. AI Output;
2. Loss of profit;
3. Destruction, loss of use or corruption of data;
4. Loss or corruption of software or systems;
5. Loss or damage to equipment;
6. Loss of use;
7. Loss of production;
8. Loss of contract;
9. Loss of commercial opportunity;
10. Loss of savings, discount or rebate (whether actual or anticipated); and/or
11. Harm to reputation or loss of goodwill.

7. Notwithstanding any other provision of this agreement, the Supplier’s liability shall not be limited in any way in respect of the following:

1. Death or personal injury caused by negligence;
2. Fraud or fraudulent misrepresentation; or
3. Any other losses which cannot be excluded or limited by applicable law.

8. This clause ‎17 shall survive the termination or expiry of our Agreement.

18. SUSPENSION

1. The Supplier may suspend access to the Services (or any part) to all or some of the Customer and Authorised Users if:

1. the Supplier suspects that there has been any misuse of the Services or breach of our Agreement;
2. the Customer fails to pay any sums due to the Supplier by the due date for payment; or
3. required by law, by court or governmental or regulatory order.

2. Where the reason for the suspension is suspected misuse of the Services or breach of our Agreement, without prejudice to its rights under clause ‎20, the Supplier will take steps to investigate the issue and may restore or continue to suspend access at its discretion.
3. In accordance with clause 7.10, suspensions under clause ‎18.1.2, access to the Services will be restored promptly after the Supplier receives payment in full and cleared funds within 14 days of the due date for payment.
4. Fees shall remain payable during any period of suspension notwithstanding that the Customer, Authorised Affiliates or some or all of the Authorised Users may not have access to the Services.

19. RENEWALS

1. Each Subscribed Service Period begins on Order Acceptance and continues for the initial term selected by the Customer in the Subscription Details (the ‘Initial Term’). At the end of the Initial Term, the relevant Subscribed Service Period will automatically renew for successive renewal periods of the same length as the Initial Term (each a ‘Renewal Period’), unless either party gives notice of non‑renewal in accordance with clause 19.2. This clause 19 does not apply to Free or Trial Services, which do not renew unless expressly stated in the Subscription Details.
2. If either party wishes for a Subscribed Service Period to expire at the end of the then‑current Initial Term or Renewal Period, it may prevent renewal by giving notice to the other party at least 45 days before the end of that period. If notice is not served within that timeframe, the Subscribed Service Period shall renew in accordance with clause 19.1.

20. TERM AND TERMINATION

1. Our Agreement comes into force on Order Acceptance and shall continue for the Service Period unless terminated earlier in accordance with this clause 20, or where notice is provided in accordance with clause 19.2.
2. The Supplier may terminate our Agreement immediately at any time by giving notice in writing to the Customer if:

1. the Customer commits a material breach of our Agreement, and such breach is not remediable;
2. the Customer commits a material breach of our Agreement which is not remedied within 14 Business Days of receiving written notice of such breach; or
3. the Customer has failed to pay any amount due under our Agreement on the due date and such amount remains unpaid within 14 Business Days after the other party has received notification that the payment is overdue.

3. The Supplier may terminate, suspend, or amend the provision of Free or Trial Services (and all related Support Services) at any time with or without notice.
4. Any breach by the Customer of the Acceptable Use Policy or of clauses ‎3, 9 or 10 shall be deemed a material breach of our Agreement which is not remediable.

21. CONSEQUENCES OF TERMINATION

1. Immediately on termination or expiry of our Agreement (for any reason), the rights granted by the Supplier under our Agreement shall terminate and the Customer shall (and shall procure that each Authorised User and Authorised Affiliate shall):

1. stop using the Services; and
2. destroy and delete or, if requested by the Supplier, return any copies of the Documentation in its possession or control (or in the possession or control of any person acting on behalf of any of them).

2. Termination or expiry of our Agreement shall not affect any accrued rights and liabilities of either party at any time up to the date of termination or expiry and shall not affect any provision of our Agreement that is expressly or by implication intended to continue beyond termination.
3. If the HIPAA Business Associate Agreement at Annex A applies, then the obligations on the Supplier in respect of the return and/or destruction of Customer Data contained within Annex A shall prevail over any conflicting provisions within our Agreement.

22. ENTIRE AGREEMENT

1. Our Agreement constitutes the entire agreement between the parties and supersedes all previous agreements, understandings and arrangements between them in respect of its subject matter, whether in writing or oral.
2. Each party acknowledges that it has not entered into our Agreement in reliance on, and shall have no remedies in respect of, any representation or warranty that is not expressly set out in our Agreement.
3. Nothing in our Agreement shall limit or exclude any liability for fraud.

23. NOTICES

1. Any notice given by a party under our Agreement shall be:

1. in writing and in English;
2. signed by, or on behalf of, the party giving it (except for notices sent by email); and
3. sent to the relevant party at the address set out in clause ‎23.3.

2. Notices may be given, and are deemed received:

1. by hand: on receipt of a signature at the time of delivery;
2. by post: at 9.00 am on the fifth Business Day after posting;
3. by email: on receipt of a read receipt email from the correct address.

3. Notices shall be sent to:

1. in the case of those to the Supplier, to [email protected].

4. This clause does not apply to notices given in legal proceedings or arbitration.

24. VARIATION

1. No variation of our Agreement shall be valid or effective unless it is:

1. an Update made in accordance with our Agreement; or
2. made in writing, refers to our Agreement and is duly signed or executed by, or on behalf of, each party.

25. ASSIGNMENT AND SUBCONTRACTING

1. Except as expressly provided in our Agreement, the Supplier may at any time assign, sub-contract, sub-licence (including by multi-tier), transfer, mortgage, charge, declare a trust of or deal in any other manner with any or all of its rights or obligations under our Agreement.
2. Except as expressly permitted by our Agreement, the Customer shall not assign, transfer, sub-contract, sub-licence, mortgage, charge, declare a trust of or deal in any other manner with any or all of its rights or obligations under our Agreement (including the licence rights granted), in whole or in part, without the Supplier’s prior written consent.

26. SET OFF

Each party shall pay all sums that it owes to the other party under our Agreement without any set-off, counterclaim, deduction or withholding of any kind, save as may be required by law.

27. NO PARTNERSHIP OR AGENCY

The parties are independent and are not partners or principal and agent and our Agreement does not establish any joint venture, trust, fiduciary or other relationship between them, other than the contractual relationship expressly provided for in it. Neither party shall have, nor shall represent that it has, any authority to make any commitments on the other party’s behalf.

28. SEVERANCE

1. If any provision of our Agreement (or part of any provision) is or becomes illegal, invalid or unenforceable, the legality, validity and enforceability of any other provision of our Agreement shall not be affected.
2. If any provision of our Agreement (or part of any provision) is or becomes illegal, invalid or unenforceable but would be legal, valid and enforceable if some part of it was deleted or modified, the provision or part-provision in question shall apply with such deletions or modifications as may be necessary to make the provision legal, valid and enforceable. In the event of such deletion or modification, the parties shall negotiate in good faith in order to agree the terms of a mutually acceptable alternative provision.

29. WAIVER

1. No failure, delay or omission by either party in exercising any right, power or remedy provided by law or under our Agreement shall operate as a waiver of that right, power or remedy, nor shall it preclude or restrict any future exercise of that or any other right, power or remedy.
2. No single or partial exercise of any right, power or remedy provided by law or under our Agreement shall prevent any future exercise of it or the exercise of any other right, power or remedy.
3. A waiver of any term, provision, condition or breach of our Agreement shall only be effective if given in writing and signed by the waiving party, and then only in the instance and for the purpose for which it is given.

30. COSTS AND EXPENSES

Each party shall pay its own costs and expenses incurred in connection with the negotiation, preparation, signature and performance of our Agreement (and any documents referred to in it).

31. THIRD PARTY RIGHTS

A person who is not a party to our Agreement shall not have any rights under any applicable law to enforce any of its provisions.

32. AUTHORITY

Each party represents and warrants to the other that it has the right, power and authority to enter into our Agreement and grant to the other the rights (if any) contemplated in our Agreement and to perform its obligations under our Agreement.

33. GOVERNING LAW

Our Agreement and any dispute or claim arising out of, or in connection with, it, its subject matter or formation (including non-contractual disputes or claims) shall be governed by, and construed in accordance with, the laws of Australia.

34. JURISDICTION

The parties irrevocably agree that the courts of Australia shall have exclusive jurisdiction to settle any dispute or claim arising out of, or in connection with, our Agreement, its subject matter or formation (including non-contractual disputes or claims).

1. 
   DEFINITIONS AND INTERPRETATION

1. In our Agreement:

Addendums	means each of the following: the addendum identifying certain respective rights and obligations of the parties’ in respect of personal data and privacy under our Agreement (as Updated from time to time) (the Data Protection Addendum); and the addendum identifying certain of the parties’ respective rights and obligations in respect of security under our Agreement (as Updated from time to time) (the Information Security Addendum);
Add-On Fees	means the Fees payable by the Customer for add-on services, additional features or increased limits purchased by the Customer, as set out in the Pricing Terms and/or Subscription Details;
Affiliate	means, in respect of any entity, any entity that directly or indirectly controls, is controlled by or is under common control with that entity
AI Input	means any data, content, information, images, video, audio, files, prompts, instructions or other materials that are submitted, uploaded, transmitted, made available to, or otherwise processed by the AI Services (including any Customer Data);
AI Output	means any output, result, score, estimate, insight, recommendation, summary, report, visualisation or other information generated, returned or otherwise produced by the AI Services in response to any AI Input (including any vitals, physiological markers, wellness markers and/or wellness indices, and other general wellness, emotional or computer-vision insights);
AI Services	means any functionality of the Services that uses or is described as artificial intelligence (‘AI’), machine learning, algorithmic processing, computer vision, signal processing, predictive analytics or similar techniques, including (without limitation) Vitals AI and, where enabled for the Customer, Empathic AI, together with any Updates, enhancements or replacements made available by the Supplier from time to time;
AI System	means all models, algorithms, methods, software, architecture, weights, parameters, features, pipelines, workflows, user interfaces, processes and other technology (including any Supplier Provided Materials) used by or on behalf of the Supplier to provide the AI Services, together with any Updates, improvements or derivative works;
Applications	means the software or applications used by or on behalf of the Supplier to provide the Subscribed Services;
Authorised Affiliates	means, in respect of the relevant Subscribed Service, the Customer’s Affiliates (if any) that the Customer is permitted to allow to use that Subscribed Service under the Customer’s Subscription Details (or as otherwise agreed in writing by the Supplier).;
Authorised Users	means, in respect of the relevant Subscribed Service, the named users authorised by the Customer to use that Subscribed Service in accordance with the terms of our Agreement;
Business Day	means a day other than a Saturday, Sunday or bank or public holiday in Australia;
Customer	means the entity or individual entering into our Agreement as customer, being the party that completes the online sign-up process (or otherwise accepts our Agreement) and uses the Services;
Customer Data	means all data (in any form) that is provided to the Supplier or uploaded or hosted on any part of any Subscribed Service by the Customer or by any Authorised User (but excluding Feedback as defined in clause ‎10.5);
Customer Systems	means all software and systems used by or on behalf of the Customer, the Customer’s Affiliates, any of its or their direct or indirect sub-contractors, or any Authorised User in connection with the provision or receipt any of the Services or that the Services otherwise, link, inter-operate or interface with or utilise (in each case whether directly or indirectly);
Credits	means pre-purchased usage credits that may be applied toward the Customer’s access to, and/or use of, usage-based features of the Services (including AI scans and other AI-enabled usage via Empathic AI, Vitals AI or any other AI Services), in the quantities and at the rates described in the Pricing Terms and/or Supplier’s Standard Pricing Terms made available on its site and/or platform (as applicable);
Data Protection Losses	has the meaning given to that term in the Data Protection Addendum;
Documentation	means: the description of the relevant Subscribed Service (the Description); in respect of each Subscribed Service, the relevant instructions as to how to use that part of the Services made available by the Supplier (as Updated from time to time);
Empathic AI	means the Supplier’s AI Services (where enabled for the Customer) that analyse non-identifying visual cues and/or other AI Input using computer vision and/or other signal processing to generate general engagement, wellbeing, behavioural and/or emotional insight outputs;
Fees	means the Add-On Fees, the Implementation Fees, the Subscription Fees and the Usage Fees (as applicable) payable to the Supplier under our Agreement;
Force Majeure	means an event or sequence of events beyond a party’s reasonable control preventing or delaying it from performing its obligations under our Agreement (provided that an inability to pay is not Force Majeure), including any matters relating to transfer of data over public communications networks and any delays or problems associated with any such networks or with the internet;
Free or Trial Service	means any Subscribed Service identified as being provided on a trial basis or provided without charge (for the duration of the period during which it is provided on such basis) the features, permissions and Services contained within such may be updated or amended from time-to-time by the Supplier;
HIPAA Privacy and Security Policy	means the Suppliers policy outlining its compliance with the Health Insurance Portability and Accountability Act 1996, available at https://upvio.com/terms-and-conditions.
Intellectual Property Rights	means any and all copyright, rights in inventions, patents, know-how, trade secrets, trademarks and trade names, service marks, design rights, rights in get-up, database rights and rights in data, semiconductor chip topography rights, utility models, domain names and all similar rights and, in each case: whether registered or not; including any applications to protect or register such rights; including all renewals and extensions of such rights or applications; whether vested, contingent or future; and wherever existing.
Implementation Fees	means the Fees payable by the Customer for any implementation or integration of the Subscribed Services, as set out in the Pricing Terms and/or Subscription Details (if applicable);
Master SaaS Terms	means the terms set out in the clauses and other provisions of this document (including ‎the schedule), as Updated from time to time;
Materials	means all services, data, information, content, Intellectual Property Rights, websites, software and other materials provided by or on behalf of the Supplier in connection with the Services, but excluding all Customer Data;
Non-Supplier Materials	means Materials provided, controlled or owned by or on behalf of a third party the use of which is subject to a separate agreement or licence between the Customer and the relevant third party (including such Non-Supplier Materials which may be linked to, interact with or used by the Services) and all other Materials expressly identified as Non-Supplier Materials in our Agreement;
Open Source Software	means any software subject to a version of the General Public Licence, together with any other ‘open source’ software falling within the Open Source Definition issued by the Open Source Initiative (www.opensource.org/docs/osd) at the date of our Agreement and any ‘free software’ as defined by the Free Software Foundation (www.gnu.org/philosophy/free-sw.html) at the date of our Agreement;
Order Acceptance	means the date and time when the Customer accepts our Agreement (for example by ticking a box indicating acceptance when creating an account, or otherwise indicating acceptance in an online sign-up flow) and the Supplier activates the Customer’s access to the Services (and, where the Customer subscribes to paid Services, Order Acceptance occurs at the time of the Customer’s initial payment of the applicable Fees);
Permitted Downtime	means: scheduled maintenance which the Supplier shall use reasonable endeavours to undertake outside of normal working hours; emergency maintenance; or downtime caused in whole or part by Force Majeure.
Permitted Purpose	means use solely for the Customer’s internal business operations and, in respect of each Subscribed Service, also for the internal business of operations of any Authorised Affiliates permitted under the Customer’s Subscription Details, in each case in accordance with the applicable Documentation and our Agreement. Permitted Purpose expressly excludes any of the following to the maximum extent permitted by law: copying, reproducing, publishing, distributing, redistributing, broadcasting, transmitting, modifying, adapting, editing, abstracting, storing, archiving, displaying publicly or to third parties, selling, licensing, leasing, renting, assigning, transferring, disclosing (in each case whether or not for charge) or in any way commercially exploiting any part of any Subscribed Service or Documentation; permitting any use of any Subscribed Service or Documentation in any manner by any third party (including permitting use in connection with any timesharing or service bureau, outsourced or similar service to third parties or making any Subscribed Service or Documentation (or any part) available to any third party or allowing or permitting a third party to do any of the foregoing (other than to the Authorised Affiliates for the Permitted Purpose)); combining, merging or otherwise permitting any Subscribed Service (or any part of it or any Application) to become incorporated in any other program or service, or arranging or creating derivative works based on it (in whole or in part); or attempting to reverse engineer, observe, study or test the functioning of or decompile the Applications or the Services (or any part), except as expressly permitted under our Agreement.
Policies	means each of the following: the Supplier’s policy on acceptable use of the Services (as Updated from time to time), which as at Order Acceptance is the latest version available at https://upvio.com/terms-and-conditions (the Acceptable Use Policy); the Supplier’s privacy policy in relation to the Services (as Updated from time to time), which as at Order Acceptance is the latest version available at https://upvio.com/privacy-policy (the Privacy Policy); and the Supplier’s policy on its compliance with the Health Insurance Portability and Accountability Act 1996 Services (as Updated from time to time), which as at Order Acceptance is the latest version available at https://upvio.com/terms-and-conditions (the HIPAA Privacy and Security Policy)
Pricing Terms	means the Supplier’s pricing, fees, billing and usage/credit terms for the Services, as made available to the Customer at checkout and/or within the Customer’s billing portal (and as Updated from time to time in accordance with our Agreement);
Protected Data	has the meaning given in the Data Protection Addendum;
Purchased Authorised User Accounts	means, in respect of each Subscribed Service, the number of Authorised User accounts the Customer has purchased and/or is otherwise entitled to use under its Subscription Details at any given time;
Relief Event	means: any breach of our Agreement by the Customer; or any Force Majeure;
remote photoplethysmography (rPPG)	means a camera-based technique that analyses subtle changes in light absorption/reflectance in images (for example, from facial skin regions) to extract physiological signal features;
remote ballistocardiography (rBCG)	means a camera-based technique that measures subtle micro-movements (for example, of the head) associated with cardiac ejection, which may be captured and analysed for timing patterns and to estimate cardiovascular metrics such as heart rate variability and mechanical pulse dynamics;
Renewal Period	has the meaning given in clause ‎19.1;
Service Hours	means 24 hours a day, seven days a week excluding Permitted Downtime;
Service Period	means the period beginning on Order Acceptance and ending with the last of the Subscribed Service Periods;
Services	means the Subscribed Services and the Support Services;
Special Terms	means any additional terms agreed in writing between the Supplier and Customer that are expressly stated to override part of our Agreement;
Subscribed Service Period	means, in respect of each Subscribed Service, the period during which that Subscribed Service is provided under the Subscription Details (including the Initial Term and any Renewal Periods);
Subscribed Services	means each part of the Services, and the AI Services to which the Customer has subscribed or otherwise been granted access under the Subscription Details (and Subscribed Service shall refer to each respective service separately);
Subscribed Territory	means the territory specified in the Subscription Details or, if no territory is specified, the territories in which the Supplier makes the relevant Subscribed Services generally available from time to time;
Subscription Details	means the plan/package and the commercial information applicable to the Customer’s subscription to the Services, including the Subscribed Services enabled, Fees, billing cycle, term, user limits, included usage/credits and any applicable usage rates, as presented to the Customer during online checkout and/or in the Customer’s billing portal, as updated when the Customer changes plan or purchases additional Services/usage.
Subscription Fee	means, in respect of each Subscribed Service, the fees payable by the Customer in consideration of that Subscribed Service as set out in the Pricing Terms;
Supplier	means Upvio Healthtech Pty Ltd (ABN 35 657 030192) whose registered office is at Level 8, 905 Hay St, Perth, Western Australia, 6000; and
Supplier Provided Materials	means all of the Materials provided or made available by or on behalf of the Supplier, but excluding all Customer Data and all Non-Supplier Materials;
Supplier’s Confidential Information	means all information (whether in oral, written or electronic form) relating to the Supplier’s business which may reasonably be considered to be confidential in nature including information relating to the Supplier’s technology, know-how, Intellectual Property Rights, assets, finances, strategy, products and customers. All information relating to the Pricing Terms, the Description and any other technical or operational specifications or data relating to each Subscribed Service shall be part of the Supplier’s Confidential Information;
Supplier’s Standard Pricing Terms	means the Supplier’s standard pricing terms for each part of the Services, as amended by the Supplier from time to time;
Support Services	means, in respect of the relevant Subscribed Service, the support services provided by the Supplier to the Customer;
Update	has the meaning given in clause ‎6.2, and Updated shall be construed accordingly;
Usage Fees	means the fees payable by the Customer for usage-based consumption of certain features of the Services (including AI scans, Empathic AI and Vitals AI usage (if applicable), SMS services, forms, and/or any other usage-based services made available by the Supplier from time to time), including where such usage is charged by reference to pre-purchased Credits and/or other usage-based charging methods made available by the Supplier from time to time.
Update Notification	has the meaning given in clause ‎6.1;
VAT	means value added tax, any other tax imposed in substitution for it; and
Vitals AI	means the Supplier’s AI Services (where enabled for the Customer) that use a device camera to extract physiological signal features and generate physiological and/or generate physiological and/or wellness markers and/or wellness indices and related insights and related insights from AI Input, including using rPPG and rBCG and related computer vision techniques.

2. In our Agreement, unless otherwise stated:

1. the table of contents, background section and the clause, paragraph, schedule or other headings in our Agreement are included for convenience only and shall have no effect on interpretation;
2. the Supplier and the Customer are together the parties and each a party, and a reference to a party includes that party’s successors and permitted assigns;
3. words in the singular include the plural and vice versa;
4. any words that follow ‘include’, ‘includes’, ‘including’, ‘in particular’ or any similar words and expressions shall be construed as illustrative only and shall not limit the sense of any word, phrase, term, definition or description preceding those words;
5. a reference to ‘writing’ or ‘written’ includes any method of reproducing words in a legible and non-transitory form (including email);
6. a reference to legislation is a reference to that legislation as amended, extended, re-enacted or consolidated from time to time and a reference to legislation includes all subordinate legislation made from time to time under that legislation; and
7. a reference to any action, remedy, method of judicial proceeding, court, official, legal document, legal status, legal doctrine, legal concept or thing shall, in respect of any jurisdiction other than Australia, be deemed to include a reference to that which most nearly approximates to the Australian equivalent in that jurisdiction.

ANNEX A
HIPAA BUSINESS ASSOCIATE AGREEMENT

This Annex A applies (and is incorporated into our Agreement) where the Customer is a Covered Entity or Business Associate and the Customer’s use of the Services involves the creation, receipt, maintenance or transmission of Protected Health Information. If the Customer is not using the Services in connection with Protected Health Information, this Annex A does not apply.

RECITALS

1. This HIPAA Business Associate Agreement contained within this Annex A constitutes a business associate relationship under HIPAA and its implementing privacy and security regulations at 45 C.F.R. Parts 160 and 164 (the “HIPAA regulations"). It is entered into by the Parties in addition to the Master Software as a Service (SaaS) Terms and is intended to form a legally binding agreement between the Parties.
2. Customer wishes to disclose to Upvio certain information pursuant to the terms of this Annex A, some of which may constitute Protected Health Information ("PHI") and confidential information protected by federal and/or state laws.
3. As set forth in this Annex A, Upvio is the Business Associate of Customer and provides services, arranges, performs, or assists in the performance of functions or activities on behalf of the Customer and creates, receives, maintains, transmits, uses, or discloses PHI.
4. Customer and Upvio desire to protect the privacy and provide for the security of PHI and confidential information created, received, maintained, transmitted, used, or disclosed pursuant to this Annex A, in compliance with HIPAA and HIPAA regulations and other applicable laws.
5. The terms used in this Annex A, but not otherwise defined, shall have the same meanings as those terms in the HIPAA regulations.

1. DEFINITIONS AND INTERPRETATION

1. In this Annex A:

HIPAA	means the Health Insurance Portability and Accountability Act;
Master SaaS Terms	means the Master Software as a Service Terms entered into between the Customer and Upvio which governs the terms and conditions of the services provided by Upvio to the Customer;
Protected Health Information or PHI	means any information, whether oral or recorded in any form or medium that relates to the past, present, or future physical or mental condition of an individual, the provision of health and dental care to an individual, or the past, present, or future payment for the provision of health and dental care to an individual;
Secretary	means the Secretary of the U.S. Department of Health and Human Services; and
Security Incident	means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of PHI, or confidential information that is essential to the ongoing operation of the Business Associate’s organization and intended for internal use; or interference with system operations in an information system.

2. Permitted Uses and Disclosures of PHI by Upvio

1. Except as otherwise indicated in this Annex A, Upvio may use or disclose PHI only to perform functions, activities or services specified in the Master SaaS Terms, for, or on behalf of the Customer, provided that such use or disclosure would not violate HIPAA.

2. Except as otherwise indicated in this Annex A, Upvio may use and disclose PHI for:

1. the proper management and administration of Upvio;
2. to carry out its obligations under the Master SaaS Terms;
3. to carry out the legal responsibilities and duties of Upvio;
4. to carry out data aggregation in combining PHI created or received by Upvio to permit data analysis that relate to the health care operations of the Customer.

3. Responsibilities of Upvio

1. Upvio agrees:

1. not to use or disclose PHI other than as permitted or required by this Annex A or as required by law;
2. to implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the PHI, including electronic PHI, that it creates, receives, maintains, uses, or transmits on behalf of the Customer;
3. to prevent use or disclosure of PHI other than as provided for by this Annex A;
4. develop and maintain a written information privacy and security policy that includes administrative, technical, and physical safeguards appropriate to the size and complexity of Upvio’s operations and the nature and scope of its activities;
5. to take any and all steps necessary to ensure the continuous security of all computerized data systems containing PHI;
6. to mitigate, to the extent practicable, any harmful effects known to Upvio of a use or disclosure of PHI by Upvio or its subcontractors in violation of the requirements of this Annex A;
7. to ensure that any agents, including subcontractors, to whom Upvio provides PHI received from or created or received by Upvio on behalf of the Customer, agree to the same restrictions and conditions that apply to Upvio with respect to such PHI, including implementation of reasonable and appropriate administrative, physical, and technical safeguards to protect such PHI;
8. to provide the Customer access as it may require, in the timely manner upon reasonable notice, to the PHI provided by the Customer, or as directed by the Customer to an individual, in accordance with 45 C.F.R. § 164.524;
9. to notify the Customer as soon as it becomes aware of a Security Incident and take prompt and corrective actions to mitigate any risks or damages involved with the Security Incident and protect the operating environment; and
10. take any action required by applicable federal and state laws and regulations to prevent unauthorised disclosure of PHI.

4. Investigation of a Security Incident

1. The Customer shall immediately investigate any Security Incident or suspected Security Incident and identify, as soon as reasonably possible:

1. what data elements were involved, and the extent of the data involved in the breach;
2. a description of the unauthorized persons known or reasonably believed to have improperly used or disclosed PHI;
3. a description of where the PHI is believed to have been improperly transmitted, sent, or utilized;
4. a description of the probable causes of the improper use or disclosure; and
5. whether Civil Code § 1798.29 or § 1798.82 or any other federal or state laws requiring individual notifications of breaches are triggered.

2. Upvio shall notify any affected individuals following a Security Incident when such notification is required under federal or state laws or regulations.

5. Training

1. Upvio shall use reasonable endeavours to train its employees regarding the use of PHI in accordance with HIPAA requirements.

6. Obligations of Customer

1. The Customer shall:

2. at all times comply with HIPAA and any other applicable federal and state laws and regulations in its operations and in its collection of PHI.

1. provide Upvio with the Notice of Privacy Practices that the Customer produces in accordance with 45 C.F.R. § 164.520, as well as any changes to such notice;
2. provide Upvio with any changes in, or revocation of, permission by an Individual to use or disclose PHI, if such changes affect Upvio’s permitted or required uses and disclosures;
3. notify Upvio of any restriction to the use or disclosure of PHI that the Customer has agreed to in accordance with 45 C.F.R. § 164.522, to the extent that such restriction may affect Upvio’s use or disclosure of PHI;
4. notify Upvio (within 2 days of request) of any patient (or patient’s representative) preferences (or changes to) regarding method of or how to communicate with the patient; and
5. not request Upvio to use or disclose PHI in any manner that would not be permissible under HIPAA or the HIPAA regulations.

7. Indemnity

1. THE CUSTOMER SHALL INDEMNIFY, KEEP INDEMNIFIED AND HOLD HARMLESS UPVIO FROM AND AGAINST ANY LOSSES, CLAIMS, DAMAGES, LIABILITY, COSTS (INCLUDING LEGAL AND OTHER PROFESSIONAL FEES) AND EXPENSES INCURRED BY IT (OR ANY OF ITS AFFILIATES) AS A RESULT OF THE CUSTOMER’S BREACH OF THIS ANNEX A OR ANY USE OF THE PHI PROVIDED BY THE CUSTOMER.

THIS CLAUSE 7 SHALL SURVIVE TERMINATION OR EXPIRY OF OUR ANNEX A.

8. Confidentiality and Security of PHI

1. Upvio shall maintain the confidentiality of all PHI provided to it by the Customer.

2. Upvio shall implement technical and organisational security measures in accordance with its Information Security Addendum and HIPAA Privacy and Security Policy.

3. Upvio undertakes to disclose the PHI only to those of its officers, employees, agents, contractors, and direct and indirect sub-contractors to whom, and to the extent to which, such disclosure is necessary for the purposes contemplated under our Annex A or as otherwise reasonably necessary for the provision or receipt of the services under the Master SaaS Terms.

9. Audit Inspections and Enforcement

1. Upvio shall, upon two months’ prior written notice, permit the Customer to carry out an inspection of its facilities, books, and records to monitor compliance with this Annex A.

2. The Customer shall only be entitled to carry out the inspection rights contained within clause 9.1 above once in any 12-month period.

3. Upvio shall promptly remedy any violation of any provision of this Annex A and certify the same.

10. Termination

1. Upvio may terminate our Annex A immediately at any time by giving notice in writing to the Customer if:

1. the Customer commits a material breach of this Annex A, or the Master SaaS Terms and such breach is not remediable; or
2. the Customer has failed to pay any amount due under the Master SaaS Terms on the due date and such amount remains unpaid within 14 Business Days after the other party has received notification that the payment is overdue.

11. Consequences of Termination

1. Immediately on termination of this Annex A (for any reason), the rights granted by Upvio to the Customer shall terminate and the Customer shall (and shall procure that each Authorised User and Authorised Affiliate shall):

1. stop using the services and stop sharing PHI with Upvio;
2. Upvio shall destroy and delete or, if requested by the Customer or if required under HIPAA or applicable federal or state laws or regulations, return PHI to the Customer.

End.