MEDrecord Terms & Conditions
MEDrecord is committed to protecting your data and facilitating your app development by giving you the possibility to outsource your security and compliance issues as much as the EU laws allow us to do so.
- “Registration to the Service” is the first access to the Service made by You through the registration procedure through Our webpage by choosing Your personal username and password, upon acceptance of these Terms and Conditions;
- “Access to the Service” means the log-in with Your personal username and password through Our webpage;
- “Subscription to the Service” means the subscription with a payment of any of the plans available on the web page, upon acceptance of these Terms and Conditions.
- “Contents” refer to any data or information uploaded into the Cloud;
- “Cloud” means a digital space or a technological platform with high capacity of storage and processing data which have been uploaded;
- “Service” means, collectively, the data storage capacity and the API calls that You have subscribed to;
- “Users” means those employees, contractors, and end users, as applicable, authorized by You or on Your behalf to use the Services in accordance with this Agreement and Your order. For Cloud Services that are specifically designed to allow Your clients, agents, customers, suppliers or other third parties to access the Cloud Services to interact with You, such third parties will be considered “Users” subject to the terms of this Agreement and Your order;
- “You”, “Your”, and “the Customer” refers to the individual or entity that has executed this Agreement;
- “MEDrecord”, “Us”, and “the Service Provider” refers to MEDrecord
- “the Parties” means the subscribers of this Agreement.
Description of the Service
2.1. The Service consists of the provisioning of API calls and data storage capacity, according to the plan You have subscribed. Due to the highly technical nature of its Service, MEDrecord is subject to an obligation of means.
2.2 After the Registration to the Service, Your profile settings, management of subscriptions, access keys, and other personal information can be done through the use of website customers’ area.
2.3. After the Registration to the Service, You will enter a Trial Period in which You can upload Your Contents within the Cloud. The Content uploaded to the Cloud can be viewed, modified and organized by You, through the use of API operations.
2.4 The Trial Period lasts up to 15 (fifteen) days. Once Trial Period expires, You must Subscribe to the Service to continue using it.
2.5 During the Trial Period you will receive the same security and privacy guarantees as once Subscribed. However no refunds credits will be guaranteed and MEDrecord will not be liable for any data loss or damage during the Trial Period.
Subscription, duration and renewal of the Service
3.1. The use of the Service provided by MEDrecord is exclusively reserved to his/her customer, physical (adult) or legal persons, prior registration to the website customers’ area.
3.2 The Subscription to the Service must be done within 15 (fifteen) days after the Registration to the Service, if not otherwise agreed with MEDrecord through contacts by phone, email or any other form of communication.
3.3. The Subscription to the Service is not transferable to third parties.
3.4. This Agreement is valid for the Registration and the Subscription which this Agreement accompanies. It may also be referenced for any purchase that increases the quantity of the original Services subscribed, for any Cloud services options offered by MEDrecord for the original Services subscribed, and for any renewal or auto-renewal of the Services period of the original subscription.
3.5. Based on Your preferences, the Service is subscribed for a predetermined duration of one (1) month, one (1) year, or the different personalized duration agreed between the Parties. The period of time shall automatically be extended for next duration period (Extended Term) at the end of the Initial Term and at the end of each Extended Term, unless You give notice to MEDrecord to terminate this Agreement. You shall communicate Your notice of cancellation through Your web-based Management Console. The cancellation will be effective immediately and no credits will be refunded. Your data will be deleted according to the procedure described in § 6.5 and § 10.4.
3.6. In case of renewal, the Service will be renewed with the options and resources in course of invoicing during the previous month, year or the different duration agreed between the Parties. If you want to modify your Subscription plan, You have to notify your choice through Your web-based Management Console before the end of the Initial Term or each Extended Term.
Service Level Agreement (SLA)
4.1. In the event that any of the components of the Service set out in the table below are unavailable or malfunctions, You must contact MEDrecord at firstname.lastname@example.org.
4.2. MEDrecord will use all reasonable endeavours to provide the compliance with the following parameters:
- MEDrecord will apply all commercially reasonable efforts to deliver its services according to Service Availability threshold of 99.9%. In case of potential incidents, we will recognize the credits detailed at § 4.4;
- MEDrecord will be dedicated to monitoring and updating its service with all zero-day security exploits and updates, and will provide you an assistance for security and emergency issues that are blocking its service delivery 24/7;
- Other non-blocking and non-security related issues will be solved on CET working hours 9:00 – 19:00 on working days;
- With regards to data redundancy MEDrecord provides fail over and redundancy at data level providing RAID 1 storage configuration.
4.3. Planned outage and maintenance will be communicated 5 days in advance and it will be performed with aim of interrupting the service delivery as less as possible.
4.4. For the purpose of the recognition of credits we will monitor our API service unavailability on a monthly basis and refund You based on the following table.
- API service availability from 98.0 to 99.9; refund percentage 10%
- API service availability from 95.0 to 98.0; refund percentage 30%
- API service availability less than 95.0; refund percentage 50%
4.5. The availability refers only to the API availability and it does not include the Management Console availability, or other auxiliary services provided by MEDrecord The planned outage is not included in the Service availability measurements.
4.6. The calculation of the service credits refundable by MEDrecord to You for unavailability and malfunctions of the relevant component of the Service is done by MEDrecord monitoring system.
4.7. Reimbursements made in respect of compensation under this paragraph will be provided as free Service credits from the next subscription period, following the occurrence of the unavailability or service malfunctions for which MEDrecord may be held liable. You may make a claim by sending an email at email@example.com within one (1) month after the unavailability is detected and for which You would seek the compensation provided for in the terms of this paragraph.
4.8. You confirm that the refund of service credits as set out above shall be Your exclusive remedy in relation to any malfunction or non-availability of the Service.
4.9. The total service credits paid by MEDrecord to You in any given month shall in no circumstances exceed the price paid by You for the Service during that month.
Duty of the Customer
5.1. You confirm that you have all the necessary technical knowledge and means to ensure the correct use and administration of the Service.
5.2. You undertake to use the Service in good faith. In case of abnormal use of the Service, MEDrecord reserves the right to terminate the Service according to the provisions of § 10 hereof.
5.3. You are responsible for identifying and authenticating all Your Users, for approving access by such Your Users to the Services, for controlling against unauthorized access by Your Users, and for maintaining the confidentiality of usernames, passwords and account information.
5.4. You are required to accept all security patches, bug fixes and updates (collectively, “Patches”) necessary for the proper function and security of the Services. MEDrecord is not responsible for performance or security issues encountered with the Services that result from Your failure to accept the application of Patches that are necessary for the proper function and security of the Services. Except for emergency or security related maintenance activities, MEDrecord will coordinate with You the scheduling of application of Patches, where possible, based on MEDrecord’s next available standard maintenance window.
5.5. By integrating MEDrecord service on Your device, mobile or fixed, MEDrecord grants You a temporary license to use any proprietary Content of the platform, among which, but not only, logos, distinctive marks, applications, codes and any patents, with the exclusively purpose of using the Services and displaying its contents for personal and non-commercial scopes. The license may be revoked in any time without prior notice by MEDrecord also, but not only, for violations of the provisions of this Agreement caused by the Customer, without any liability for loss, damage and/or temporary or permanent modification of the Content uploaded by You.
5.6. By Registering to the Service, You expressly authorizes MEDrecord to send communications – via e-mail, to the email address supplied by You at the time of registration – having technical and/or maintenance purposes related to the functioning of the Service. You can be allowed to control and manage some communications about the service through MEDrecord platform, by setting filter on the personal page of Your account. By any chance, You are not allowed to block information, spread through any means by MEDrecord, related to security and proper use of cloud services.
Acceptable use of the Service
6.1. You shall not use or permit use of the Services, including by uploading, emailing, posting, publishing or otherwise transmitting any material, including Your Content, Your Applications and Third Party Content, for any purpose that may:
- menace or harass any person or cause damage or injury to any person or property;
- involve the publication of any material that is false, defamatory, harassing or obscene;
- violate privacy rights or promote bigotry, terrorism, racism, hatred or harm;
- promote or manage gambling;
- constitute a sharing of any kind of computer virus;
- constitute an infringement of intellectual property or other proprietary rights, or
- otherwise violate applicable laws, ordinances or regulations.
6.2. In any case, you cannot upload particular categories of data, like genetic data and/or judicial data.
6.3. You are aware the MEDrecord is not required to verify the Content that you upload, unless this is necessary to fulfill a provision of law and/or orders by a judicial or other competent authority. MEDrecord will not operate any preventive control over any Content, not being subject to any general obligation to monitor and therefore it can not be in any way considered responsible for the nature and characteristics of the Content, nor for any errors and/or omissions of the same, as well as for any direct and/or indirect damage, caused to the Customers themselves and/or third parties due to the use of any Content. Therefore, You shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness and ownership of all of Your Content and Your Applications submitted or transmitted through the Service. You undertake to use the Service only for legitimate purposes and allowed by the applicable law, uses and customs, rules of diligence and, in any case, without violate any rights of third parties.
6.4. MEDrecord, by the order of the competent judicial authorities, will remove or disable the access to each Content directly reported to MEDrecord, without any responsibility for the loss of the Content. MEDrecord also reserves the right to suspend or terminate the access to the Service without notice to the author of the infringement.
6.5. For purposes related to the guarantee of the continuity of the Service, MEDrecord reserves the right to keep backup copies of all the Content uploaded by You. Data deleted by You will be removed also from the backup copies as quickly as possible, compatibly with the time required for the backup management. MEDrecord, in accordance the instructions provided by the Data Controller, will remove the backup copies of the Content whether the access to the Service has been terminated and/or the contents have been deleted by the Customer.
Prices, payments methods and billing
7.1 The prices for the MEDrecord Service are available at https://medsafe.io/pricing/. In case of personalized plan, you shall directly contact MEDrecord by sending an email at firstname.lastname@example.org. Pricing could be adjusted by MEDrecord time to time upon thirty (30) days notice. Changes will not increase service prices for more than 15% on a year basis. Changes are not retroactive.
7.2 The prices are quoted inclusive of VAT, with the indication of the applicable VAT, since the Service is exclusively directs to Professionals. The rate indicated on Your order published by MEDrecord does not include charges for additional services or excess volume usage. In case the Service usage exceeds the subscribed plan, You will be charged as described on plans web page. The reference time period for service usage monitoring is monthly for both API calls and storage space.
7.3 MEDrecord accepts payment by credit card or by debit card. Payment is due in advance and may only be made to a full month’s, year’s or the different duration of the Service agreed between the Parties. Payment for the renewal of the Service may be made by credit/debit card. The renewal is made in accordance with the provisions of § 3.5 and § 3.6.
7.4 Any default in payment or improper payment (including without limitation attempted payment of an incorrect or incomplete amount, or which does not contain the required references, or by a mean or a procedure not accepted by MEDrecord) may be rejected by MEDrecord
7.5. Interest at the rate of 1.5% per month (or the rate permitted by law, whichever is less) may be applied to all late payments until your account is current and fees and charges due are paid in full.
7.6. MEDrecord will charge fees on a monthly or yearly basis (or as otherwise agreed between the Parties) throughout the term of this Agreement.
7.7. The Service amount of the Plan subscribed to by You is limited to a maximum volume of data storage and API calls. The Customer may increase or decrease the service amount from the next billing period at any time.
7.8. Despite the plan You have subscribed, MEDrecord reserves the right to remove and/or prevent the uploading of Contents, that although lower than the space made available, have a nature or configurations which may make their management difficult or problematic. Likewise, MEDrecord reserves the right to modify and/or limit the overall space made available of each Customer, without obtaining his/her consent. This does not affect the rights to termination in accordance with § 10, but it does not entitle to compensation.
7.9. Prior to the end of any billing period, MEDrecord may require You to pay the amount of consumed resources and/or options subscribed to during such period at the rates set out on the website https://medsafe.io/pricing/, when the price payable for said resources and/or subscriptions exceeds any credit limit extended by MEDrecord to You.
Modification of the Agreement
MEDrecord reserves the right to update, revise, supplement, and otherwise modify this Agreement, or parts of it, and to impose new or additional rules, policies, terms, or conditions on your use of the Service, at any time. Every modification to the terms and conditions of the Service shall be effective after the communication to You. These general conditions of the Service, and any additions, modifications or upgrades, should be examined by the Customer and will be considered fully accepted by You in the event of failure to exercise the right of withdrawal, according the procedures set forth in § 10 by the date of entry into force of the modifications or additions to the Agreement.
Privacy Level Agreement (PLA)
9.1. In performing the Services, MEDrecord will comply with the European and Italian Data Protection Laws, best practices, guidance, codes of conducts and recommendations on privacy and data protection in the field of cloud computing.
9.2. MEDrecord will act as a data processor, and will act on Your instruction concerning the treatment of Personal Data, as specified in this Agreement and the plan’s subscription, with the limitation set forth in § 6.1. and 6.2. You agree to provide any notices and obtain any consents related to Your use of the Service and MEDrecord’s provision of the Services, including those related to the collection, use, processing, transfer and disclosure of Personal Data.
9.3. All data centres where personal data may be processed (stored, mirrored and back up) are located in The Netherlands. In any case, data will never be transferred outside the European Economic Area.
9.4. In order to provide its Service, MEDrecord may also avail of subcontractors. In case of addition or replacement of the subcontractors that will affect data location, you will be informed, at least 15 days in advance, through the Management Console and by email. You retain, at any time, the possibility to object to such changes or to terminate the Agreement, according to the procedure detailed in § 10.
9.5. MEDrecord will guarantee the highest standards of security for the protection of privacy and personal information of each Customer, as detailed in § 4 (SLA). However, it is important that You note that no computer system, as subjected to tighter control and equipped with the most advanced security measures, can be considered sheltered from violations and/or unauthorized access by third parties. For these reasons, MEDrecord shall not assume any responsibility for any damages suffered by You or Your Users as a result of the loss or the violation of personal data put in place by third parties.
9.6. Since for access to the service You are required to use an access credential system. The choice of a personal password to use and its safe storage is under Your sole responsibility. It constitutes a serious breach of this Agreement, legitimizing the termination of the Service without notice, the disclosure of the password to third parties and/or the use of accounts and/or passwords belonging to other Users. In case of known or suspected violation of his/her account and/or password, the User has a duty to report the incident immediately to MEDrecord via e-mail indicated at email@example.com.
9.7. You are, at any time, entitled to monitor and/or audit to ensure that appropriate privacy and security measures described in this Agreement are met on an ongoing basis. You can download the audit log from Your private console. The audit log reports all accesses and operations on Your data. In this regard, MEDrecord will cooperate with you in order to ensure compliance with applicable data protection provisions. MEDrecord will provide You the electronic access to the Service to allow You to delete, release, correct or block access to specific Personal Data or, if that is not practicable and to the extent permitted by applicable law, follow Your detailed written instructions to delete, release, correct or block access to Personal Data.
9.8. In case of personal data and data security breach affecting Your data processed by MEDrecord and/or its subcontractors, You will be promptly informed within 10 days by email and on Management Console.
9.9. Customers may address any request, questions and/or complaint related to this paragraph (PLA) to:
- Jan-Marc Verlinden (person in charge of the privacy matter), firstname.lastname@example.org;
- Termination, Limitation and Suspension of Service
10.1 Either party may terminate this Agreement, without having any claim to compensation, in case of force majeure.
10.2. In any other case, You may request the termination of the Service through Your web-based Management Console. The termination will be effective from the date of the submission of the request. Therefore, the Service will be charged for the whole billing period (month, year or according to Your personalized plan) and no credits will be refunded, as stated at § 7.
10.3. Even if You have terminated the Agreement, You may always request to re-enroll.
10.4. All contents previously uploaded by the Client who has terminated the Agreement shall be removed by using API or by contacting us at email@example.com. In the later case we will help You to download the content as bulk. The content will be removed without any responsibility by MEDrecord thirty (30) days upon the termination of the Agreement.
10.5. Clients are invited to keep on their devices or elsewhere a copy of backup of all Contents managed through the Cloud.
10.6. Failure to comply with the duties mentioned in § 3.1 (personal conditions of the Customer), 3.2. (obligation to subscribe), 3.3 (prohibition of transfer), 5.2 (good faith), 6.1 (forbidden uses of the Service), 6.2 (forbidden content), and 9.6 (access credentials) shall determine the termination of the Agreement, in accordance with the Dutch Civil Code.
10.7 MEDrecord complies with Data Portability requirements and gives You the possibility to request all your data as bulk download at any time. Downloaded content will be encoded in JSON format according to your API setup.
Ownership of the Contents
11.1. With the upload of Your Contents and Your Applications, You declare to own all them and/or any intellectual property rights in and to. You assume all responsibility regarding their use and/or disclosure, indemnifying and holding MEDrecord safe of any possible claim in this respect.
11.2. MEDrecord or its licensors retain all ownership and intellectual property rights in the Service, including MEDrecord Programs and Software, and derivative works thereof, and in anything developed or delivered by or on behalf of MEDrecord under this Agreement.
12.1. MEDrecord warrants that it will provide and deliver the Service in all material respects as described in this Agreement. If the Services provided to You were not performed as warranted, You must promptly provide written notice to MEDrecord that describes the deficiency in the Services.
12.2. During the free trial period the Services are provided purely “AS IS” without any warranties, express or implied, or representations to you on our part and you may not use Services acquired for trial purposes for any production purposes.
12.3. MEDrecord will use commercially reasonable efforts to meet the stated SLA and quality of service. However MEDrecord does not guarantee that (a) the services will be performed error-free or uninterrupted, or that MEDrecord will correct all services errors, (b) the services will operate in combination with Your content or your applications, or with any other hardware, software, systems, services or data not provided by MEDrecord, and (c) the services will meet your requirements, specifications or expectations. You acknowledge that MEDrecord does not control the transfer of data over communications facilities, including the internet, and that the services may be subject to limitations, delays, and other problems inherent in the use of such communications facilities. MEDrecord is not responsible for any delays, delivery failures, or other damage resulting from such problems. MEDrecord is not responsible for any issues related to the performance, operation or security of the services that arise from Your content, Your applications or third party content.
12.4. For any breach of the services warranty, Your exclusive remedy and MEDrecord’s entire liability shall be the correction of the deficient services that caused the breach of warranty, or, if MEDrecord cannot substantially correct the deficiency in a commercially reasonable manner, You may end the deficient services and MEDrecord will refund to you the fees for the terminated services that you prepaid to MEDrecord for the period following the effective date of termination.
12.5. To the extent not prohibited by law, these warranties are exclusive and all other warranties or conditions, whether express or implied, are expressly excluded, including for software, hardware, systems, networks or environments or for merchantability, satisfactory quality and fitness for a particular purpose.
Governing Law and Jurisdiction
13.1. This Agreement is governed by Dutch law.
13.2 Any controversy arising from this Agreement will be subject to the exclusive jurisdiction of The Hague, The Netherlands.
14.1. If either party should waive any breach of any provision of this Agreement, it shall not thereby be deemed to have waived any preceding or succeeding breach of the same or any other provision hereof.
14.1. If any part of this Agreement is found void and unenforceable, it will not affect the validity of the balance of this Agreement, which shall remain valid and enforceable according to its terms