General Terms and Conditions
1 The Subscription Agreement
The Subscription Agreement references and fully incorporates the following documents:: (i) the Service Order that describes the Services the Customer is buying, along with related fees; (ii) these General Terms and Conditions containing the general terms and conditions applicable to all Services, (iii) the specific Product Terms and Conditions containing the additional terms for the particular Datica Services Customer is buying, and (iv) the Acceptable Use Policy. The term “Subscription Agreement” or “Agreement” in any of these documents refers to collectively to all of the documents outlines above.
The Agreement is effective as of the time that Customer signs the form of Agreement prepared by Datica, or accepts the Agreement as part of Datica’s online order process and registration. This Agreement’s terms may only be modified in writing where the Service Order specifically states the specific section, or term of this Agreement that is being modified.
2 Defined Terms
“Datica Materials“ means all command line tools, devices, documents, data, know-how, methods, processes, sample code, software, software libraries, and other inventions, works, technologies and materials, including any and all Service software, computer hardware, programs, reports and specifications, WDSLs, client software and deliverables provided or used by Datica in connection with performing the Services, in each case developed or acquired by Datica independently of this Agreement.
“Datica Services” or “Services” means any or all of the products and services offered by Datica and as identified in Customer’s underlying Service Order.
“Customer” or “Datica Customer” means a current contractually bound customer of Datica.
“Customer Content” means information, however described, including patient data, submitted or received by Customer or End Users through the Services, including matter transmitted, processed, or stored by Datica in performing the Services or otherwise received by Datica under this Agreement.
“Customer Application” shall mean the software or application that Customer uploads on Provider’s Services.
”Permitted Uses” means access and use of the Services by Customer for the benefit of Customer for Customer’s internal and external business operations within Customer’s network of clients, providers and patients.
“Professional Services” means those ancillary services provided by Provider in connection with the delivery of Services to the Customer but invoiced as a separate line item from the Services itself such as, by way of example, set up, implementation, training, customization and other professional services.
3 Reservation of Rights.
Customer is entitled to access Services solely in accordance with the terms of this Agreement. Datica and its third party suppliers and partners hereby reserve all rights, title and interest in and to Services, including without limitation all software used to provide the Services and any associated Services and all logos and trademarks reproduced through Datica’s system. This Agreement does not grant Customer any intellectual property rights in, or to Services, or any of its components. Datica reserves all rights not expressly granted in this Agreement or any Service Order.
4 Customer Responsibilities
4.1 Use of Datica Services
Customer will use Datica’s Services in order to host or develop Customer Applications on behalf of itself. Prior to using the Services, Customer represents and warrants that: (a) it has all rights, license and clearances necessary to use the Services, (b) the Services shall be accessed by Customer and its authorized users only. Customer will be solely responsible for all use (whether or not authorized) of the Datica Services and Datica Materials under its account, including for the quality and integrity of data that it uploads to the Services.
4.2 End User
An “End User” is an employee or contractor that Customer authorizes to access the Services. Customer will ensure that End Users comply with the terms of this Agreement. Customer will promptly notify Datica if it becomes aware of any breach of the terms of this Agreement that may affect Datica, or other Datica Customers. As between Customer and Datica, Customer will be solely responsible for the acts and omissions of End Users. Customer will take all reasonable precautions to prevent unauthorized access to or use of the Services and notify Datica promptly of any such unauthorized access or use.
4.3 Customer Content
To enable Datica to provide the Services, Customer grants to Datica a non-exclusive, royalty-free, worldwide license during the term of the Agreement to use, transmit, distribute, modify, reproduce, display, and store Customer Content only to perform the Services and as permitted by the Agreement. Datica will not disclose Customer’s Confidential Information to any third party, except: (i) with Customer’s consent, (ii) as required by law or court order, or (iii) as permitted under the Agreement.
Between Customer and Datica, Customer owns all Customer Content. Customer agrees that Datica may create, collect, and use data derived from Customer Content or that results from Customer’s and End Users’ use of the Services, including performance data about Customer’s and End Users’ access and use of the Services and patient data, so long as such data is de-identified to reasonably avoid identifying Customer or an individual. Such data will belong to Datica and may be used and disclosed to operate, analyze, improve, provide, and market Datica products and services. Customer agrees Datica may use, store, transmit, distribute, modify, copy, display, sublicense, and create derivative works of such de-identified Customer Content and other data even after this Agreement ends.
Customer will not rent, lease, lend, sell, sublicense, assign, distribute, publish, or otherwise make available the Services to third parties and/or use or authorize the use of Services or Datica Materials in any manner or for any purpose that is unlawful. Customer will ensure that the Services provided hereunder are used in accordance with all applicable laws, regulations and third party rights, as well as the terms of this Agreement. Customer agrees not to:
4.4.1 Access (or attempt to access) the administrative interface of Services by any means other than through the interface that is provided by Datica in connection with the Services unless it has been specifically allowed to do so in a separate written agreement with Datica;
4.4.2 Attempt to disable or circumvent any security mechanisms used by Datica or any Datica applications excepting situations where Customer notifies Datica, in writing (with email accepted) of any such testing;
4.4.3 Engage in any activity that intentionally interferes with or disrupts Services (or the servers and networks which are connected to the Services);
4.4.4 Rent, lease, lend, sell, sublicense, assign, distribute, publish, transfer or otherwise make Services available to any third party, except as expressly permitted by this Agreement;
4.4.5 Use or authorize the use of Services in any manner or for any purpose that is unlawful under applicable law and/or by any unauthorized user - and in the event of any such unauthorized access or use, promptly to notify Datica; and
4.4.6 Attempt to reverse compile, disassemble, reverse engineer all or any part of Services or underlying software. Customer may use Services only to develop and run its Customer Applications on Services, and shall not develop Customer Applications to simulate or act as a single Application or otherwise access the Services in a manner intended to avoid incurring fees.
4.4.7 Access the Services for the purpose of bringing an intellectual property infringement claim against Datica or for the purpose of creating a product or service competitive with the Services.
4.5 Customer Compliance
Customer shall comply with all applicable privacy laws, regulations and established industry standards pertaining to the protection and disclosure of personally identifiable information. Customer represents and warrants that, except to the extent caused by the Services or Datica, Customer’s Application and any associated services, products, materials, Uploaded data, content, and information used by Customer in connection with this Agreement as well as Customer’s access to and use of the Services do not, and will not, during the term of this Agreement operate in any manner that would violate any applicable law or regulation, including those under HIPAA and HITECH.
Customer agrees to pay the fees for Services set forth in the applicable Service Order, and as executed by both parties.
5.2 Net of Taxes
All payments required by this Agreement exclude all sales, value-added, use, and other taxes and obligations, all of which Customer shall pay in full, except for taxes based on Datica’s income or assets. Customer shall be solely responsible for all sales, service, commercial, gross receipts, privilege, surcharges, value-added, use, excise, consumption and any other taxes, license fees duties and charges of any kind, if any, whether charged to or against Datica, imposed by any applicable government, national or local on any amounts payable by Customer under this Agreement or any Service Order, other than any taxes imposed on, or with respect to, Datica’s income, revenues, gross receipts, personnel, real or personal property or other assets.
5.3 Invoicing and Payment
Datica shall invoice Customer for all fees for Services thirty (30) days in advance and payments are due on the 1st of each month. All payments must be made in U.S. dollars. Payment obligations are non-cancelable and fees paid are non-refundable. In addition to all other remedies available under this Agreement or at law (which Datica does not waive the exercise of any rights hereunder), if Customer is overdue on any payment and fails to cure such non-payment within ten (10) days of written notice of the non-payment, then Datica may assess, and Customer will pay, a late fee of the lesser of 1.5% per month or the maximum amount allowable by law. Datica may also suspend the Services associated with Customer’s account until such non-payment is corrected.
6 Ownership and Confidentiality
6.1 Ownership Rights
As between the parties, Datica exclusively owns and reserves all right, title and interest in and to the Services, Datica Materials and Datica’s Confidential Information. As between the parties, Customer exclusively owns and reserves all right, title and interest in and to the Customer Uploaded Data, Customer Applications, and Customer’s Confidential Information.
6.2 Use of Marks
You agree that Datica, in its sole discretion, may use your trade names, trademarks, service marks, logos, domain names and other distinctive brand features in presentations, marketing materials, customer lists, financial reports, use cases, and Web site listings (including links to your website) for the purpose of advertising or publicizing your use of the Datica Services.
6.3 Use of Ideas
You may choose to or we may invite you to submit comments or ideas about the Services, including without limitation about how to improve the Services or our products (“Ideas”). By submitting any Idea, you agree that your disclosure is gratuitous, unsolicited and without restriction and will not place Datica under any fiduciary or other obligation, and that we are free to use the Idea without any additional compensation to you, and/or to disclose the Idea on a non-confidential basis or otherwise to anyone.
“Confidential Information” means this Agreement and any information or data, regardless of whether it is in tangible form, disclosed by either party that is marked or otherwise designated as confidential or proprietary or that should otherwise be reasonably understood to be confidential given the nature of the information and the circumstances surrounding disclosure. “Confidential Information” does not include any information which: (i) is publicly available through no fault of receiving party; (ii) was properly known to receiving party, without restriction, prior to disclosure by the disclosing party; (iii) was properly disclosed to receiving party, without restriction, by another person without violation of disclosing party’s rights; or (iv) is independently developed by the receiving party without use of or reference to the disclosing party’s Confidential Information.
6.4.2 Use and Disclosure
Each party agrees that it will use the Confidential Information of the other party solely in accordance with the provisions of this Agreement and it will not disclose such information to any third party without the other party’s prior written consent, except as otherwise permitted hereunder. Each party agrees to exercise due care in protecting the Confidential Information from unauthorized use and disclosure. Each party may disclose the Confidential Information of the other party, in whole or in part to its employees, representatives, actual or potential investors and subcontractors who have a need to know and are legally bound to keep such information confidential consistent with the terms of this Section. Either party may disclose the Confidential Information of the other party as required by law, upon prior written notice to the other party (where allowed by law); provided that such party will use its reasonable efforts to minimize such disclosure to the extent permitted by applicable law.
WITHOUT LIMITING DATICA’S EXPRESS OBLIGATIONS HEREUNDER, DATICA HEREBY DISCLAIMS ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, TITLE, NON-INFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE AND WARRANTIES RELATED TO THIRD-PARTY EQUIPMENT, MATERIAL, SERVICES, OR SOFTWARE. DATICA’S SERVICES AND PROPERTIES ARE PROVIDED “AS IS” TO THE FULLEST EXTENT PERMITTED BY LAW. TO THE EXTENT SUCH DISCLAIMER CONFLICTS WITH APPLICABLE LAW, THE SCOPE AND DURATION OF ANY APPLICABLE WARRANTY WILL BE THE MINIMUM PERMITTED UNDER SUCH LAW.
8 Third Party Indemnification
8.1 Infringement Indemnity
8.1.1 Defense. Datica will defend, indemnify and hold Customer harmless against any claim, demand, suit, or proceeding (“Claim”) made or brought against Customer by a third party alleging that the use of the Services as permitted hereunder infringes or misappropriates a third party copyright, trade secret, trademark or United States patent. Datica will pay all costs, reasonable legal fees and any settlement amounts agreed to be paid by Datica or damages awarded against Customer in connection with any such Claim.
8.1.2 Infringement Options. If the use of the Services by Customer has become, or in Datica’s opinion is likely to become, the subject of any claim of infringement, Datica may at its option and expense: (i) procure for Customer the right to continue using the Datica Services as set forth herein; (ii) modify the Datica Services to make such services non-infringing; or (iii) if the foregoing options are not reasonably practicable, terminate this Agreement and refund Customer any unused pre-paid fees
8.1.3 Limitations. Datica will have no liability or obligation with respect to any Claim if such Claim is caused in whole or in part by: (i) use of the Services by Customer not in accordance with this Agreement; or (ii) the combination, operation or use of the Services with other applications, portions of applications, products or services where the Services would not by itself be infringing. This Section states Datica’s entire and exclusive obligation, and Customer’s exclusive remedy, for any claim of any nature related to infringement or misappropriation of intellectual property
8.1.4 Indemnification by Customer. Except as stated in Section 8.1 above, Customer will defend, indemnify and hold Datica harmless against any Claim arising out of or relating to Customer’s activities under this Agreement and Customer’s acts or omissions in connection with the provision and access and use of the Services, including without limitation, any intellectual property or privacy claims relating to the Customer’s Application, Customer Uploaded Data and any violation by Customer or End Users of the provisions of Section 4.4(Restrictions). Customer will pay all costs, reasonable legal fees and any settlement amounts agreed to be paid by Customer or damages awarded against Datica in connection with any such Claim.
8.1.5 Conditions of Indemnification. As a condition of the foregoing obligations: (a) the indemnified party (“Indemnified Party”) will promptly notify the indemnifying party (“Indemnifying Party”) of any Claim; (b) the Indemnifying Party will have the sole and exclusive authority to defend or settle any such Claim (provided that, the Indemnifying Party will obtain the Indemnified Party’s consent in connection with any act or forbearance required by the Indemnified Party, which consent will not be unreasonably withheld); and © the Indemnified Party will reasonably cooperate with the Indemnifying Party in connection with the Indemnifying Party’s activities hereunder, at the Indemnifying Party’s expense.
9 Exclusion of Damages; Limitation of Liability
EXCEPT FOR LIABILITY ARISING FROM VIOLATIONS OF SECTION 4.4 (RESTRICTIONS) OR 6 (OWNERSHIP AND CONFIDENTIALITY), UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT, CONTRACT, OR OTHERWISE, WILL EITHER PARTY BE LIABLE TO THE OTHER FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES OF ANY CHARACTER, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, LOST PROFITS, LOST SALES OR BUSINESS, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, LOST DATA, OR FOR ANY AND ALL OTHER DAMAGES OR LOSSES, EVEN IF SUCH PARTY HAS BEEN ADVISED, KNEW OR SHOULD HAVE KNOWN OF THE POSSIBILITY OF SUCH DAMAGES. EXCEPT AS DESCRIBED IN THIS PARAGRAPH, UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN TORT, CONTRACT, OR OTHERWISE, WILL DATICA BE LIABLE TO CUSTOMER FOR ANY DIRECT DAMAGES, COSTS, OR LIABILITIES IN EXCESS OF THE AMOUNTS PAID BY CUSTOMER DURING THE TWELVE MONTHS PRECEDING THE INCIDENT OR CLAIM. THE FOREGOING LIMITATION WILL NOT APPLY TO DATICA’S OBLIGATIONS UNDER SECTION 88 (INDEMNIFICATION). THE PROVISIONS OF THIS SECTION 9 ALLOCATE THE RISKS UNDER THIS AGREEMENT BETWEEN THE PARTIES, AND THE PARTIES HAVE RELIED ON THE LIMITATIONS SET FORTH HEREIN IN DETERMINING WHETHER TO ENTER INTO THIS AGREEMENT.
The term of this Agreement will commence on the date this Agreement is fully signed by the Customer and Datica and remains in effect until terminated.
Either party may terminate this Agreement in the event the other party commits any material breach of this Agreement and fails to remedy such breach within fifteen (15) days after written notice of such breach. Datica may also suspend the Services immediately upon notice for cause if: (a) Customer violates (or gives Datica reason to believe it has violated) any provision of the Datica Acceptable Use Policy; (b) if Customer is in breach of Section 5 of this Agreement, provided that the suspension will continue only for so long as reasonably necessary for Customer to remedy the breach; © if Datica determines, in its sole discretion, that its provision of any of the Datica Services is prohibited by applicable law, or has become impractical or unfeasible for any legal or regulatory reason; or (d) subject to applicable law, upon Customer’s liquidation, commencement of dissolution proceedings, disposal of Customer assets or change of control, a failure to continue business, assignment for the benefit of creditors, or if Customer become the subject of bankruptcy or similar proceeding. If Customer terminates this Agreement or an applicable Order Form due to Datica’s breach, Datica will refund a pro-rata share of any pre-paid fees. If all Service Order Forms under this Agreement have expired or been terminated, either party may terminate this Agreement for convenience by providing written notice. Upon expiration of this Agreement or a Service Order, Customer will notify its Users that their access to the Services has terminated, and Datica may withhold, remove or discard any content, data, or other information that Customer Users post or upload to Datica’s system while using the Services. Datica is not obligated to store, maintain or provide a copy of any content or data that Customer or its Users made available or provided when using the Services.
Upon termination or expiration of this Agreement, Customer’s payment obligations, the terms of this Section 10 and the terms of the following Sections will survive: Section 4.3 (Use of Data), Section 4.1 (Use of Datica Services), Section 4.4 (Restrictions), Section 6 (Ownership and Confidentiality), Section 7 (Disclaimer), Section 8 (Indemnification), Section 9 (Exclusion of Damages; Limitation of Liability) and Section 11 (Miscellaneous).
11.1 Compliance with Laws
Each party will comply with the applicable laws and regulations relating to their respective activities under this Agreement.
Neither party hereto may assign or otherwise transfer this Agreement, in whole or in part, without the other party’s prior written consent, except that either party may assign this Agreement without consent to a successor to all or substantially all of its assets or business. Any attempted assignment, delegation, or transfer by either party in violation hereof will be null and void
11.3 Amendment Waiver
No modification to this Agreement, nor any waiver of any rights, will be effective unless consented to in a writing signed by both parties. Any waiver of any breach or default by either party will not constitute a waiver of any other right or any subsequent breach or default. Failure or delay by either party to enforce any provision of this Agreement will not be deemed a waiver of future enforcement of that or any other provision.
Each party is an independent contractor in the performance of each and every part of this Agreement. Each party will be solely responsible for all of its employees and agents and its labor costs and expenses arising in connection therewith and for any and all claims, liabilities or damages or debts of any type whatsoever that may arise on account of its activities, or those of its employees or agents, in the performance of this Agreement. Neither party has the authority to commit the other party in any way and will not attempt to do so or imply that it has the right to do so.
In the event that any provision of this Agreement is held by a court or other tribunal of competent jurisdiction to be unenforceable, such provision will be limited or eliminated to the minimum extent necessary to render such provision enforceable and, in any event, the remainder of this Agreement will continue in full force and effect.
11.6 Governing Law: Venue
This Agreement shall be governed by and construed in accordance with the internal laws of the State of California without reference to the conflict of laws provisions thereof. For any disputes relating to the interpretation, execution or enforcement of this Agreement or arising from the dealings between Provider, Customer and any third parties under this Agreement shall be dealt with under the exclusive jurisdiction and venue of the courts of the State of California, sitting in San Francisco County, or the United States Federal Court for the District of California, and the parties irrevocably submit for all purposes to the jurisdiction of each such court.
11.7 Dispute Resolution
The parties will attempt to resolve any dispute related to this Agreement through good faith and informal negotiations. If initial negotiation does not resolve the dispute, each party will escalate the dispute to the executive sponsor of this Agreement to attempt to resolve the dispute. If the parties are unable to resolve the dispute through negotiation, the parties will select a mutually agreed mediator in a mutually agreed location to attempt to resolve the dispute. In the event of any adjudication of any dispute under this Agreement, the prevailing party in such action may seek to recover reimbursement of its attorneys’ fees and related costs by the other party. Any breach of confidentiality obligations in this Agreement, or any unauthorized use of the services or a party’s intellectual property by the other party, may cause irreparable harm
Any notice required or permitted to be given hereunder will be given in writing to the party at the address specified in this Agreement or in any Service Order by personal delivery, certified mail, return receipt requested, or by overnight delivery.
11.9 Electronic Signature
Original signatures transmitted and received via electronic transmission of a scanned document (via secure email or a service such as provided by DocuSign) are true and valid signatures for all purposes hereunder and shall bind the parties to the same extent as that or an original signature. This Agreement may be executed in multiple counterparts, each of which shall be deemed to constitute an original but all of which together shall constitute only one document.
11.10 Other Terms
This Agreement supersedes all prior and contemporaneous proposals, statements, sales materials or presentations and agreements, oral and written. No oral or written information or advice given by Datica, its agents or employees will create a warranty or in any way increase the scope of the warranties in this Agreement. There will be no force or effect to any different terms of any related purchase order or similar form even if signed by the parties after the date hereof.
11.11 Force Majeure
A party is not liable under this Agreement for non-performance caused by events or conditions beyond that party’s control (each, a “Force Majeure Event”) if the party makes reasonable efforts to perform. Either party may terminate this Agreement on written notice to the other party if the Force Majeure Event continues more than 30 days.
11.12 Export Regulations
Customer agrees to comply with all applicable export and re-export control laws and regulations, including the Export Administration Regulations (“EAR”) maintained by the United States Department of Commerce. Specifically, Customer covenants that it shall not, directly or indirectly, sell, export, re-export, transfer, divert, or otherwise dispose of any software, source code, or technology (including products derived from or based on such technology) received from Provider under this Agreement to any country (or national thereof) subject to antiterrorism controls or U.S. embargo, or to any other person, entity, or destination prohibited by the laws or regulations of the United States, without obtaining prior authorization from the competent government authorities as required by those laws and regulations. Customer agrees to indemnify, to the fullest extent permitted by law, Provider from and against any fines or penalties that may arise as a result of Customer’s breach of this provision.
11.13 Entire Agreement: Counterparts
The Exhibits attached hereto are incorporated herein by this reference, are an integral part of the Agreement, and will be read and interpreted together with the Agreement as a single document. This Agreement (including all Exhibits and addendums attached hereto), together with the Service Orders and any applicable non-disclosure agreements, sets forth the complete, exclusive and final statement of the agreement between the parties as to the subject matter hereof and supersedes all prior and contemporaneous agreements, understandings, negotiations and discussions, whether oral or written, between the parties regarding such subject matter. This Agreement may only be modified, amended, or any rights under it waived, by a written document executed by the Parties. This Agreement may be executed in two or more counterparts, each of which will be deemed an original, but all of which together shall constitute one and the same instrument.
Last updated: 22nd May, 2014
Datica Acceptable Use Policy
This Acceptable Use Policy describes actions that Datica prohibits when any person uses the Datica Services (“Services”), including parties (â€œCustomerâ€) to a separate agreement with Datica who use the Datica Services. In the event of a conflict between this Acceptable Use Policy and an underlying Agreement with a Customer, the underlying Agreement shall govern.
The Datica Services may not be used in any illegal, abusive or other manner that interferes with the business or activities of any other party, including being used in violation of HIPAA. The following list gives examples of prohibited actions, including types of email and content. This list is provided by way of example and should not be considered exhaustive.
Attempting to bypass or break any security mechanism on any of the Datica Services or using the Datica Services in any other manner that poses a security or service risk to Datica or any of its users or customers.
- Testing or reverse-engineering the Datica Services in order to find limitations, vulnerabilities or evade filtering capabilities.
- Removing any copyright, trademark or other proprietary rights notices contained in or on the Services;
- Reformatting or framing any portion of the web pages that are part of the Services administration display without Datica’s permission.
- Using the Datica Platform in connection with illegal peer-to-peer file sharing.
- Launching or facilitating, whether intentionally or unintentionally, a denial of service attack on any of the Datica Services or any other conduct that adversely impacts the availability, reliability or stability of the Datica Services.
Reusing, without explicit permission, documentation, policies, or other content provided by Datica.
Utilizing Datica Services in a way that knowingly violates HIPAA rules.
- Content that infringes a third party’s rights (e.g., copyright) according to applicable law;
- Excessively profane content;
- Any hate-related or violent content or contains any other material, products or services that violate or encourage conduct that would violate any criminal laws, any other applicable laws, or any third party rights;
- Content advocating racial or ethnic intolerance; Content intended to advocate or advance computer hacking or cracking;
- Other illegal activity, including without limitation illegal export of controlled substances or illegal software;
- Illegal drug paraphernalia;
- Malicious content, sending, uploading, distributing or disseminating or offering to do the same with respect to any unlawful, defamatory, harassing, abusive, fraudulent, infringing, obscene, or otherwise objectionable content;
- Other material, products or services that violate or encourage conduct that would violate any criminal laws, any other applicable laws, or any third-party rights.
- Transmitting any material that contains viruses, trojan horses, worms or any other malicious, harmful, or deleterious programs.
- Using the Datica Services in any manner that violates any applicable industry standards, third party policies or requirements that Datica may communicate to its users.
- Engaging in any unsolicited advertising, marketing or other activities, including, without limitation, any activities that violate anti-spam laws and regulations including, but not limited to, the CAN SPAM Act of 2003.
- Using the Datica Services in connection with any unsolicited or harassing messages (commercial or otherwise).
- Using Datica Services to engage in fraudulent activity with respect to third parties.
- Violating or facilitating the violation of any local or foreign law, including laws regarding the transmission of data or software.
- Taking any action to encourage or promote any activity prohibited under this Acceptable Use Policy.
- Transmitting any material that infringes the intellectual property rights or other rights of third parties.
- Transmitting any material that is libelous, defamatory, discriminatory or otherwise malicious or harmful to any person or entity.
- Creating a false identity or forged email address or header, or otherwise attempting to mislead others as to the identity of the sender or the origin of a message, imitating or impersonating another person or his, her or its email address, or creating false accounts for the purpose of sending spam.
- Unauthorized data mining any web property (including Services) to find email addresses or other user account information.
- Sending unauthorized email via open, third-party servers.
- Sending emails to users who have requested to be removed from an applicable mailing list.
- Selling, exchanging or distributing to a third party the email addresses of any person without any legally required consent to such disclosure.
- Sending unsolicited emails to significant numbers of email addresses belonging to individuals and/or entities with whom Customer or its Authorized Users have no preexisting relationship in violation of applicable law.
Customer Content on the Services and Take Down Obligations
- Customer agrees to promptly take down any content that violates this Acceptable Use Policy, including pursuant to a take-down request from Datica. In the event that Customer elects not to comply with a request from Datica to take down certain Content, Datica reserves the right to directly take down such Customer Content or to disable Applications upon reasonable prior written notice.
- In the event that Customer becomes aware of any violation of this Agreement by a user of one of Customer’s applications, Customer shall promptly terminate such users’ account on the Customer application. Datica reserves the right to disable Customer’s applications in response to a violation or suspected violation of this Agreement.
- Customer agrees that it is solely responsible for (and that Datica has no responsibility to it or to any third party for) the Customer application or any content that it creates, transmits or displays while using the Datica Services and for the consequences of its actions (including any loss or damage which Datica may suffer) by doing so, except to the extent caused by the Services or Datica.
- Customer agrees that Datica has no responsibility or liability for the deletion or failure to store any Customer content and other communications maintained or transmitted through use of the Service. Last Updated: May 15,
BaaS Terms and Conditions
In addition to the General Terms and Conditions, your use of the Datica Backend As A Service (BaaS) is subject to the following additional terms and conditions:
1 Additional Defined Terms
“Disk Encryption” means that “data at rest” are encrypted on the hard disk(s) on which Customer Application is deployed.
“Encryption In-transit” means that any and all network traffic to and from the Customer Application within the Datica Platform shall be encrypted.
“Protected Health Information” or “PHI” or “ePHI” shall have the same meaning as the term “protected health information” in 45 CFR § 160.103, limited to the information received by Datica from or on behalf of a Customer.
All BaaS Customers will have Disk Encryption enabled by default. All network traffic will have Encryption In-transit enabled by default. Datica Encryption Policies are outlined in detail here.
Subject to the Terms, the Backend as a Service (BaaS) is provided to you without charge up to certain usage limits. Usage over these limit requires the purchase of additional resources or services.
Last updated: 22nd May, 2014
PaaS Terms and Conditions
In addition to the General Terms and Conditions, use of the Datica Platform As A Service (PaaS) is subject to the following additional terms and conditions:
1 Additional Defined Terms
“Audit Logging” means a secure storage Service for Customer Application and System logs that may be used for audit purposes. Specifics of the amount of log data stored and archival needs shall be separately defined by the underlying Service Order.
“Disk Encryption” means that “data at rest” are encrypted on the hard disk(s) on which Customer Application is deployed.
“Encryption In-transit” means that any and all network traffic to and from the Customer Application within the Datica Platform shall be encrypted.
“Protected Health Information” or “PHI” or “ePHI” shall have the same meaning as the term “protected health information” in 45 CFR § 160.103, limited to the information received by Datica from or on behalf of a Customer.
“System Monitoring“ means monitoring services of Customer System. Some potential examples included, but are not limited to, tracking System performance, utilization, access controls, file integrity, and intrusion detection.
All PaaS Customers will have Disk Encryption enabled by default. All network traffic will have Encryption In-transit enabled by default. Datica Encryption Policies are outlined in detail here.
3 Logging Services
Audit Logging will be enabled on request by Customer. Only the most recent fourteen (14) days of log data will be indexed and available. Older logs will be archived. Datica Auditing Policies are outlined in detail here.
4 Monitoring Services
All deployments will have System Monitoring enabled by default. Additional access and enablement of custom monitoring rules can be enabled on request; Datica reserves the right to charge additional fees for custom monitoring rules. Datica Auditing Policies are outlined in detail here.
The term of the Subscription Agreement shall be twelve (12) months and payable monthly from the Service Order Effective Date. Following the initial term, the Service Order shall automatically renew for an additional 12 months at the prices then in effect for Services unless either party provides sixty (60) days’ prior written notice of its intent not to renew prior to the expiration of the then current term. Provider may terminate this Service Order in accordance with the Subscription Agreement. Customer may terminate the Service Order under which such Services were ordered by providing written notice to Provider at least sixty (60) days prior to the termination effective date. Customer shall have no right to terminate the Service Order unless the termination effective date is at least sixty (60) days after the Service Order Effective Date.
Last updated: 23nd May, 2014
Managed Integration Terms and Conditions
In addition to the General Terms and Conditions, your use of the Datica Managed Integration Service (MIS) is subject to the following additional terms and conditions:
1 Additional Defined Terms
“Disk Encryption” means that “data at rest” are encrypted on the hard disk(s) on which MIS is deployed.
“Encryption In-transit” means that any and all network traffic within the Datica Platform shall be encrypted.
“Protected Health Information” or “PHI” or ”ePHI“ shall have the same meaning as the term “protected health information” in 45 CFR § 160.103, limited to the information received by Datica from or on behalf of a Customer.
All MIS Customers will have Disk Encryption enabled by default. All network traffic will have Encryption In-transit enabled by default. Datica Encryption Policies are outlined in detail here.
The term of the Subscription Agreement and all subsequent Service Orders for MIS customers shall be twelve (12) months and payable monthly from the Service Order Effective Date. Following the initial term, the Service Order shall automatically renew for an additional 12 months at the prices then in effect for Services unless either party provides one-hundred, eighty (180) days’ prior written notice of its intent not to renew prior to the expiration of the then current term. Customer may terminate the Service Order by providing written notice to Datica at least one-hundred, eighty (180) days prior to the termination effective date. Customer shall have no right to terminate the Service Order unless the termination effective date is at least one-hundred, eighty (180) days after the Service Order Effective Date.
Last updated: 1st May, 2015
Service Level and Support Agreement
1 Defined Terms
“Business Day” means Monday through Friday excluding national United States holidays.
“Business Hours” means 9:00 a.m. to 5:00 p.m. Central standard time of a Business Day.
“Integrating Organization” means an organization with which Customer (via Datica) has an active interface.
“Authorized User” means individuals authorized to use a Service.
“Interface” means a secure bridge connecting a Customer and their Integrating Organization that transfers specific data in a particular direction (inbound to the Customer or outbound to the Integrating Organization), optionally based on a standard format e.g. HL7 ADT.
“Production Integration” means a specific Interface that has completed testing and is being used to transmit production data and electronic Patient Health Information (ePHI).
“Error” means a failure of a Service, including without limitation a failure to conform to the documentation, resulting in the inability to use, or material restriction in the use of a Service.
“Update” means either a Service modification or addition that, when made or added to the Service, corrects an Error, or a procedure or routine that, when observed in the regular operation of the Service, eliminates the practical adverse effect of the Error.
2 Service Availability and Service Availability Credits
Datica will use commercially reasonable efforts to make the Services Available as described below:
|Availability Requirement||The monthly availability percentage is ninety nine point nine percent (99.9%) as measured over the course of each calendar month during the Term, excluding interruptions described below.|
|Scheduled Downtime||10:00 pm – 11:00 pm CST weekly on Saturdays, or as Datica otherwise notifies Customer no less than twenty-four (24) hours in advance, but in no event shall Scheduled Downtime exceed two (2) hours in any given week. Any such outages in excess of this amount shall be considered Unplanned Outages (defined below).|
|Unplanned Outages||Maximum two (2) hours over a reference period of one (1) month. Datica will promptly notify Customer of any Unplanned Outage, including a description of the Unplanned Outage and the expected or estimated time until normal operations will resume.|
|Exceptions to Availability||No period of Service degradation or inoperability will be included in calculating Availability to the extent caused by:
(1) outages caused by the failure of public network or communications components;
(2) Customer’s misuse of Services; including their Integrating Organizations or their Authorized Users;
(3) unauthorized use or misuse by Customer or anyone using any of the Customer passwords, unless Customer has not taken industry standard steps to protect the Services from unauthorized access, intrusion, and disruption;
(4) failures of Customer or any of its Authorized Users’ internet connectivity;
(5) Scheduled Downtime as set forth above;
(6) Force Majeure Event;
(7) disabling, suspension or termination of the Services.
2.1 Customer Reporting
Customer shall report any Service degradation or impaired ability to use the Services, included unscheduled system downtime and any Error to Datica’s maintenance email (firstname.lastname@example.org) promptly, but not more than twenty-four (24) hours upon becoming aware or receiving notice of such Service downtime, error, bug, or defect.
2.1 Sole Remedies for Failure to Meet the Service Availability commitment
For each calendar month in which a Service has Availability of:
2.1.1 less than 99.9% but above 95%, Datica shall, upon Customer’s request made within thirty (30) days of the end of the calendar month, provide Customer with a written plan for improving Datica’s Service Availability to attain the 99.9% availability as defined in Section 4 and Datica shall promptly implement such plan;
2.1.2 between 95% and 90%, Datica shall, upon Customer’s request made within thirty (30) days of the end of that calendar month, provide Customer with a service credit in an amount equal to one half of one month of the specific Service and the action plan under subpart (1) above;
2.1.3 less than 90%, Datica shall, upon Customer’s request made within thirty (30) days of the end of that calendar month, provide Customer with a service credit in an amount equal to one month of the specific service and the action plan under subpart (a) above. Customer may also terminate this Agreement upon thirty (30) days’ written notice (which notice must be given within sixty (60) days of the end of the calendar month in which the Service Availability was less than 90%.
Customer shall not exercise the rights in this Section 2.1 without a reasonable basis or belief that the applicable Service Availability commitment was not satisfied. If Customer believes that Datica has failed to achieve an Uptime commitment in any given month, Customer shall provide written notice to Datica and Datica shall promptly provide a report that contains true and correct information detailing Datica’s actual Service Availability performance. THIS SECTION 2.1 SETS FORTH CUSTOMER’S SOLE AND EXCLUSIVE REMEDY, AND DATICA’S ENTIRE LIABILITY, SOLELY FOR ANY FAILURE TO MEET THE SERVICE AVAILABILITY COMMITMENT.
3 Service Maintenance
3.1 Updates and Service Errors
Datica shall maintain the Services to optimize Availability. Such maintenance services shall include providing to Customer all updates, bug fixes, enhancements, new releases and other improvements to the Services that Datica makes at no additional charge to its other similarly situated customers.
Datica shall make commercially reasonable efforts to provide an Update designed to solve or bypass a reported Error. Datica shall reasonably determine the priority level of Errors, pursuant to the following protocols and take the following actions as provided in Section 3.2.
3.2 Support Service Level Requirements
3.2.1 Severity 1 Errors: Datica shall promptly initiate the following procedures: (1) assign personnel to correct the Error on an expedited basis; (2) provide ongoing communication on the status; and (3) begins to provide a temporary workaround or fix. A Severity One Error means the (i) production system is severely impacted or completely shut down, or (ii) system operations or mission-critical Services are down.
3.2.2 Severity 2 Errors: Datica shall assign a Datica personnel to begin an Update, and provide additional, escalated procedures as reasonably determined necessary by Datica Support Services staff. Datica exercises commercially reasonable efforts to provide a workaround or include a fix for the Severity 2 Errors in the next update or release. A Severity Two Error means (i) the production system is functioning with limited capabilities, or (ii) is unstable with periodic interruptions, or (iii) mission critical Services, while not being affected, has experienced system interruptions.
3.2.3 Severity 3 Errors: Datica may include an Update in the next release. A Severity Three Error means there (i) are errors in fully operational production systems, (ii) is a need to clarify procedures or information in documentation, or (iii) is a request for a product enhancement.
3.3 Support Requests and Response Time Service Levels**
Datica will respond to Customer reports of a problem based on the severity. Upon receipt of a request for support or report of a problem, Datica will respond to Customer with an assigned level of priority based on the response times shown in the following table.
|Service Category||Examples||Initial Response Time|
|Priority One: Urgent. A crisis has occurred - a system is down, a major operational function is unavailable or a critical interface has failed||Production system is down or crashing frequently. A business critical operation cannot be performed||< 1 business hours|
|Priority Two: High. Any problem critical to Customer success and requiring immediate resolution||Any problem critical to Customer success and requiring immediate resolution||< 4 business hours|
|Priority Three: Normal. Priority three situations include problems to be resolved as soon as possible. Most of these have acceptable workarounds, or the Product recovers by itself.||Errors in production systems but still fully functional. Malfunction in non-critical functions||< 1 business day|
|Priority Four: Low. Priority four situations are technical questions or problems requiring resolution - many of which are of “how to” nature||Need clarification of procedures or information in documentation. Attributes or options do not operate as stated. Product enhancement requests. Documentation is incorrect||< 2 business days|
4 Support Services Responsibilities
4.1 Online and email support
Datica shall provide email support during Business Hours and shall provide online access to technical support bulletins and forums, to the full extent Datica makes such resources available to its other customers.
4.2 Phone support
Datica shall provide phone support during Business Hours.
4.3 Correction of Service Errors
Datica shall correct all Service Errors in accordance with the Support Service Level Requirements as specified in Section 3.2.
4.4 Response and Resolution of Support Requests
Datica shall respond to and resolve Support requests as specified in this Section 4.
4.5 Conditions for providing support
Datica’s obligation to provide support services is conditioned upon the following: (a) the Customer and, where applicable the Integrating Organization, making reasonable efforts to solve the problem; and (b) the Customer and Integrating Organization providing Datica with reasonably sufficient information and resources to correct the problem as well as reasonable access to the personnel, hardware, and any additional systems involved in discovering and resolving the problem.
4.6 Exclusions from Datica’s support services
Datica is not obligated to provide support services in the following situations: (a) the problem is caused by Customer’s or Integrating Organization’s negligence, hardware malfunction or other causes beyond the reasonable control of Datica; (b) the problem is with third party software not made available through or used by Datica; © the problem is with an individual user’s desktop or browser software; (d) Customer has not paid services fees under the Agreement when due, or Customer or Integrating Organization has failed to install updates or follow written instructions provided to it by Datica regarding the Production Interface.
5 Integration as a Service Support
5.1 Resolution Times
Upon notification and submission of all required information, Datica will resolve requests from Customer to modify Production Integrations within the following time periods:
|Request Type||Examples||Resolution Time|
|Minor Format Modification||Data items (e.g. dates, phone numbers, and SSNs) need different format. JSON object arrangement or naming conventions modified.||< 5 business days|
|Major Format Modification||New / rewritten source or destination API. Different data needs to be gathered/shared.||Due to high variability and possible complexity of changes, customer and Datica will discuss and agree to a resolution plan and deadline.|
|Endpoint/Connection Change||Customer or Integrating Organization need to change endpoints or IP addresses.||< 10 business days (excluding work efforts required by Customer or Integration Organization)|
5.2 Sole Remedies for Failure to Meet the Interface Support Request commitment.
For each twelve (12) month period in where Datica does not meet the above Initial Response or Resolution time periods for an issue. 5.2.1 For each missed request, Datica shall, upon Customer’s request made within thirty (30) days of the date the request was missed, provide Customer with a service credit in an amount equal to half of one month of the specific Production Integration’s Service fee. 5.2.2 For the third missed request within a twelve (12) month period of time, Datica shall, upon Customer’s request made within thirty (30) days of the date the request was missed, provide Customer with a service credit in an amount equal to one month of the specific Production Integration’s Service fee. Customer may also terminate this Agreement upon thirty (30) days’ written notice (which notice must be given within sixty (60) days of the date the missed request).
Last updated: 30th November, 2015
Datica Health, Inc. (“Datica” or the “Company”) is committed to protecting the privacy of your information. This Privacy Statement describes Datica’s Web site privacy practices.
1 Web Site Covered
This Privacy Statement covers the information practices of http://datica.com.
2 Information Collected
Datica offers a variety of services that are collectively referred to as the “Services.” Datica collects information from individuals who visit the Company’s Web site (“Visitors”) and individuals who register to use the Services (“Customers”).
When expressing an interest in obtaining additional information about the Services or registering to use the Services, Datica requires you to provide the Company with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, Datica requires you to provide the Company with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”). Datica may also ask you to provide additional information, such as company annual revenues, number of employees, or industry (“Optional Information”). Required Contact Information, Billing Information, and Optional Information are referred to collectively as “Data About Datica Customers.”
As you navigate the Company’s Web site, Datica may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on the Company’s Web site (such as the Web pages viewed and the links clicked).
3 Use of Information Collected
The Company uses Data About Datica Customers to perform the services requested. For example, if you fill out a “Contact Me” Web form, the Company will use the information provided to contact you about your interest in the Services.
The Company may also use Data About Datica Customers for marketing purposes. For example, the Company may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding the Company and its partners, such as information about promotions or events.
Datica uses credit card information solely to check the financial qualifications of prospective Customers and to collect payment for the Services.
Datica uses Web Site Navigational Information to operate and improve the Company’s Web site. The Company may also use Web Site Navigational Information alone or in combination with Data About Datica Customers to provide personalized information about the Company.
4 Web Site Navigational Information
Datica uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Web site (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information that may be collected on the Company’s Web site and how this information may be used.
If you have chosen to identify yourself to Datica, the Company uses session cookies containing encrypted information to allow the Company to uniquely identify you. Each time you log into the Services, a session cookie containing an encrypted, unique identifier that is tied to your account is placed your browser. These session cookies allow the Company to uniquely identify you when you are logged into the Services and to process your online transactions and requests. Session cookies are required to use the Services.
Datica uses persistent cookies that only the Company can read and use to identify browsers that have previously visited the Company’s Web site. When you purchase the Services or provide the Company with personal information, a unique identifier is assigned you. This unique identifier is associated with a persistent cookie that the Company places on your Web browser. The Company is especially careful about the security and confidentiality of the information stored in persistent cookies. For example, the Company does not store account numbers or passwords in persistent cookies. If you disable your Web browser’s ability to accept cookies, you will be able to navigate the Company’s Web site, but you will not be able to successfully use the Services.
Datica may use information from session and persistent cookies in combination with Data About Datica Customers to provide you with information about the Company and the Services.
4.2 Web Beacons
Datica may use Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web site and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, Datica may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web site. Datica uses Web beacons to operate and improve the Company’s Web site and email communications.
Datica may use information from Web beacons in combination with Data About Datica Customers to provide you with information about the Company and the Services.
4.3 Flash Cookies
Datica may use local shared objects, also known as Flash cookies, to store your preferences or display content based upon what you view on our site to personalize your visit. Third parties, with whom the Company partners to provide certain features on our site or to display advertising based upon your Web browsing activity, use Flash cookies to collect and store information.
Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Cookie management tools provided by your browser will not remove Flash cookies. To learn how to manage privacy and storage settings for Flash cookies click here.
4.4 IP Addresses
When you visit Datica’s Web site, the Company collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, Datica uses IP addresses to monitor the regions from which Customers and Visitors navigate the Company’s Web site.
4.5 Third Party Cookies
From time-to-time, Datica engages third parties to track and analyze usage and volume statistical information from individuals who visit the Company’s Web site. Datica may also use other third-party cookies to track the performance of Company advertisements. The information provided to third parties does not include personal information, but this information may be re-associated with personal information after the Company receives it.
5 Public Forums, Refer a Friend, and Customer Testimonials
Datica may provide bulletin boards, blogs, or chat rooms on the Company’s Web site. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Datica is not responsible for the personal information you choose to submit in these forums.
Customers and Visitors may elect to use the Company’s referral program to inform friends about the Company’s Web site. When using the referral program, the Company requests the friend’s name and email address. Datica will automatically send the friend a one-time email inviting him or her to visit the Company’s Web site. Datica does not store this information.
Datica may post a list of Customers and testimonials on the Company’s Web site that contain information such as Customer names and titles. Datica obtains the consent of each Customer prior to posting any information on such a list or posting testimonials.
6 Sharing of Information Collected
Datica may share Data About Datica Customers with the Company’s service providers so that these service providers can contact Customers and Visitors who have provided contact information on our behalf. Datica may also share Data About Datica Customers with the Company’s service providers to ensure the quality of information provided. Unless described in this privacy statement, Datica does not share, sell, rent, or trade any information provided with third parties for their promotional purposes.
From time to time, Datica may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Datica, the Company may share Data About Datica Customers collected in connection with your purchase or expression of interest with our joint promotion partner(s). Datica does not control our business partners’ use of the Data About Datica Customers we collect, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service.
Datica uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on the Company’s behalf.
Datica reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.
7 Communications Preferences
Datica offers Customers and Visitors who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may send a request specifying your communications preferences to email@example.com. Customers cannot opt out of receiving transactional emails related to their account with Datica or the Services.
8 Correcting and Updating Your Information
Customers may update or change their registration information by logging in to their accounts at https://datica.com. Requests to access, change, or delete your information will be handled within 30 days.
Datica uses appropriate administrative, technical, and physical security measures to protect Data About Datica Customers.
10 Changes to this Privacy Statement
Datica reserves the right to change this Privacy Statement. Datica will provide notification of the material changes to this Privacy Statement through the Company’s Web site at least thirty (30) business days prior to the change taking effect.
11 Contacting Us
Questions regarding this Privacy Statement or the information practices of the Company’s Web site should be directed to firstname.lastname@example.org or by mailing Datica Privacy, 111 South Hamilton Street #30, Madison, WI 53703.
Last updated May 29th, 2014.