Demandforce Terms & Conditions
1. Accepting the agreement
2. License grant & restrictions
Demandforce hereby grants you, during the Term of this Agreement, the non-exclusive, non-transferable, worldwide right to use the Service, solely for your own internal business purposes, subject to the terms and conditions of this Agreement. All rights not expressly granted to you are reserved by Demandforce and its third party licensors or suppliers (collectively, the "Licensors").
You shall not (i) license, sublicense, sell, resell, transfer, assign, distribute or otherwise commercially exploit or make available to any third party the Service or the content provided by or on behalf of Demandforce through the Service (the “Content”) in any way; (ii) modify or make derivative works based upon the Service or the Content; (iii) create Internet "links" to the Service or "frame" or "mirror" any Content on any other server or wireless or Internet-based device; or (iv) reverse engineer or access the Service in order to (a) build a competitive product or service, (b) build a product using similar ideas, features, functions or graphics of the Service, or (c) copy any ideas, features, functions or graphics of the Service.
You agree that Demandforce may publish, modify and amend any and all Content appearing within demandforce.com, demandforced3.com, and all other internet domains or content feeds owned, managed, or controlled by Demandforce, including Content consisting of promotions, advertisements and listings for non-competing local businesses, or products and services offered by Demandforce.
3. Ownership of intellectual property rights and Customer Data
You acknowledge and agree that, subject to the license grants contained in this Agreement, Demandforce, or its licensors, retains all right, title and interest, including all related intellectual property rights, in and to the Demandforce technology, the Content and the Service and any suggestions, ideas, enhancement requests, feedback, recommendations (collectively, “Feedback”) or other information provided by you or any other party relating to the Service. You retain all right, title and interest to any and all patient or customer data, including consumer review data, captured by the Demandforce system ("Customer Data") or provided to Demandforce, subject to Demandforce's right to use such Customer Data to provide the Service to you. This Agreement is not a sale and does not convey to you any rights of ownership in or related to the Demandforce Service, Demandforce technology, Demandforce Content, or Demandforce intellectual property except for the limited licenses granted to you under this Agreement. Any and all software, algorithms, applications, source codes, structures, sequences, routines, sub-routines and related programming, engineering or technological matter developed or created by Demandforce or its licensors (and all copyrights, patents, trademarks and other proprietary rights related thereto) shall remain the sole, exclusive and perpetual property of Demandforce or its licensors. Demandforce works with third parties to offer its customers additional products and services from time to time. Demandforce collects anonymized, aggregate data in order to provide such additional product and services to you and you agree to permit us to use such anonymized, aggregate data.
The trademarks, trade names, service names or logos associated with the Service (collectively, the "Marks") are trademarks of Demandforce or its licensors, and no right or license is granted to use them. You hereby acknowledge Demandforce or its licensors' perpetual and exclusive ownership of and title to the Marks and the goodwill attaching thereto. You agree not to use or attempt to register any Mark that is confusingly or deceptively similar to the Marks.
4. Customer responsibility and passwords; Third-party software
You are solely responsible for any and all activity occurring under your user accounts and shall abide by all applicable local, state, national and foreign laws, treaties and regulations in connection with your use of the Service, including those related to data privacy, international communications and the transmission of technical or personal data. You also will choose a password and a user name. You are entirely responsible for maintaining the confidentiality of your password and account. You agree to notify Demandforce immediately of any unauthorized use of your account or any breach of security. Demandforce will not be liable for any loss that you may incur as a result of someone else using your password or account, either with or without your knowledge. You warrant and represent that: (i) the content to be transmitted by or on your behalf does not constitute SPAM; (ii) the content to be transmitted by or on your behalf is not illegal, threatening, hateful, vulgar, obscene, libelous or defamatory and does not and will not infringe upon any trademark, patent, copyright, trade secret or other proprietary, publicity or privacy right of any third party; and (iii) you have complied and will comply with all applicable laws and regulations respecting your execution and performance of this Agreement. If you are using any Content featuring a model or property with a subject that would be unflattering or unduly controversial to a reasonable person, you must accompany such use with a statement that indicates that (a) the Content is being used for illustrative purposes only and (b) any person depicted in the Content is a model.
The Demandforce Service receives data from third-party software systems, which you will designate in the process of setting up the Demandforce Service. If you elect to change, upgrade or materially alter the third party software system from which Demandforce receives data, Demandforce does not guarantee that all Customer Data or Service functionality will be preserved. You are responsible for communicating any changes in data structure, management system, or hardware upgrades that may impact Demandforce's ability to receive and process Customer Data. In addition, you are responsible for providing Demandforce with accurate instructions and information regarding the third party systems and databases with which the Service will interface, and you bear all responsibility for incomplete, inaccurate or otherwise faulty information regarding third party systems and databases belonging to you as conveyed to Demandforce in connection with set up or maintenance of the Service.
5. Customer data and account information
Demandforce does not own any Customer Data, information or material that you submit to the Service in the course of using the Service. Except in accordance with this Agreement, if applicable, or as required by law, Customer Data in identifiable form will not be disclosed, sold, assigned, licensed or otherwise disposed of by Demandforce to any third party. You, not Demandforce, shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness, and intellectual property ownership or right to use of all Customer Data, and, except as provided in this Agreement or as required by law, Demandforce shall not be responsible or liable for the deletion, correction, destruction, damage, loss or failure to store any Customer Data, or for the improper or erroneous upload or extraction of any Customer Data. Demandforce reserves the right to withhold, remove and/or discard Customer Data without notice for any breach, including, without limitation, your non-payment as specified in this Agreement. Upon termination for cause, your right to access or use Customer Data immediately ceases, and, except as set forth in the Section titled “Listing services”, below, Demandforce shall have no obligation to maintain or forward any Customer Data. Notwithstanding the foregoing, if you are part of a franchise organization which has or later executes an agreement with Demandforce, and the franchisee has granted the franchisor access to their data, your Customer Data may be shared with your franchisor, and/or franchise association.
Demandforce may, but has no obligation to, monitor any content created by you using the Service. Demandforce may disclose any information necessary or appropriate to satisfy Demandforce’s legal obligations, protect Demandforce or its customers, or operate the Service properly. Demandforce, in its sole discretion, may refuse to post, remove, or require you to remove, any of your content, in whole or in part, alleged to be unacceptable, undesirable, inappropriate, or in violation of this Agreement. Demandforce may, in its discretion, also require you to place all or any portion of your content behind password protection. If Demandforce has requested you content be or have placed behind password protection, you may not publish the password or similar information in any way that limits the effectiveness of the password. If Demandforce requests that you place any of your content behind password protection and you fail to do so promptly, Demandforce may (a) place such content behind password protection itself, or (b) immediately terminate this Agreement.
6. Limited liability
IN NO EVENT SHALL DEMANDFORCE, ITS PARENT, SUBSIDIARIES, OFFICERS, DIRECTORS, EMPLOYEES, LICENSORS, PARTNERS OR AFFILIATES BE LIABLE FOR, EVEN IF DEMANDFORCE HAS BEEN ADVISED OR WARNED OF THE POSSIBILITY OF SUCH DAMAGES: (I) ANY INDIRECT, INCIDENTAL, UNFORESEEABLE, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES; (II) ANY DAMAGES FOR LOSS OF PROFITS, LOSS OF EARNINGS OR LOSS OF BUSINESS OPPORTUNITIES; (III) COSTS OF PROCUREMENT OR SUBSTITUTE GOODS OR SERVICES; (IV) LOSS OF DATA OR OTHER OF YOUR CONTENT RESULTING FROM DELAYS, NON-DELIVERIES, MISDELIVERIES, SECURITY BREACHES TO, SERVICE INTERRUPTIONS TO, OR ERRORS OR OMISSIONS RESPECTING THE SERVICE OR THE OPERATION OF DEMANDFORCE OR ITS LICENSORS' NETWORKS; OR (V) LOSSES OR LIABILITIES DUE IN WHOLE OR IN PART TO INADVERTENT, PREMATURE OR UNAUTHORIZED RELEASE OR DISCLOSURE OF INFORMATION BY YOU VIA DEMANDFORCE OR ITS LICENSORS' NETWORKS. THE TOTAL CUMULATIVE LIABILITY OF DEMANDFORCE TOGETHER WITH ITS PARENT, SUBSIDIARIES, OFFICERS, DIRECTORS, EMPLOYEES, LICENSORS, PARTNERS AND AFFILIATES TO YOU OR ANY THIRD PARTIES IN ANY CIRCUMSTANCE ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE SERVICE IS LIMITED TO THE AMOUNT OF FEES YOU PAY TO DEMANDFORCE IN THE TWELVE (12) MONTHS PRIOR TO THE ACTION GIVING RISE TO LIABILITY. The foregoing limitations will apply even if Demandforce has been notified of the possibility of such damages and notwithstanding the failure of the essential purpose of any limited remedy. No action or claim relating to this Agreement shall be made against Demandforce or its parent, Licensors, subsidiaries, officers, directors, employees, partners or affiliates by YOU or on YOUR behalf more than TWELVE (12) months after the event giving rise to such action or claim.
You agree to indemnify and hold Demandforce (including its parent, subsidiaries, affiliates, officers, directors, agents, and employees, contractors, sub-contractors, licensors, and partners) harmless from any claim, demand, judgment, liability, damage, cost and expense, including reasonable attorneys’ fees, made by any third party due to or arising out of your breach or alleged breach of this Agreement or the documents it incorporates by reference, or your violation of any applicable law, rule or regulation or the rights of a third party (including without limitation any negligent, willful, tortious or illegal conduct by you affecting a third party).
Unless otherwise agreed by Demandforce, this Agreement will be in force for a term of twelve (12) months (“Initial Term”) beginning on the start date of your subscription for the Service. Upon completion of the Initial Term, this Agreement will AUTOMATICALLY RENEW on a month-to-month basis (“Renewal Term”). If you choose not to renew after the Initial Term is complete, you must notify Demandforce at least fifteen (15) days prior to the end of the Initial Term. If you want to cancel during a Renewal Term, you must provide Demandforce at least fifteen (15) days’ prior notice, during which time you will continue to have access to the Demandforce Service. At the end of that notice period, you will cease to have access to the Demandforce Service and you will be billed for final Demandforce Services through the end of that month, if such fees have not already been paid.
10. Billing & pricing
Demandforce charges and collects in advance for use of the Service. No refunds will be available for fees you have paid. Demandforce will automatically renew and bill your credit card or issue an invoice to you every month for monthly licenses and fees, or in an otherwise mutually agreed upon manner. You expressly agree that Demandforce is authorized to charge you (i) a recurring monthly fee for any applicable Service billed on a monthly basis automatically, (ii) any other fees for the Service you may purchase, and (iii) any applicable taxes in connection with your use of the Service to the payment card you provide and to reimburse us for all collection costs and interest for any overdue amounts. If the payment card you provide expires and you do not provide new payment card information or cancel your account, you authorize us to continue billing you for all fees associated with the remaining duration of your service agreement and you agree to remain responsible for any uncollected fees. If your card expires or we cannot collect the fees for any reason, you have 30 days to provide a new valid credit or debit card for us to charge. If you do not provide new card information within 30 days, Demandforce will suspend the Services and will only reinstate them once you pay us what you owe plus interest which will accrue at a rate of 1.5% per month.
The renewal charge will be equal to the then-current license fee in effect at the time of renewal. The pricing during any automatic Renewal Term will renew at the then current rate and Demandforce will give you notice of a pricing increase at least thirty (30) days before the end of that prior Term, in which case the pricing increase will be effective upon Renewal and thereafter in the new Term.
You may be allowed space and a monthly bandwidth allowance. This allowance varies depending on the hosting package you purchase. Should your account pass the allocated amount, Demandforce reserves the right to suspend the account until the start of the next allocation, suspend the account until more bandwidth is purchased at an additional fee, suspend the amount until you upgrade to a higher level package, terminate the account or charge you an additional fee for the overages. Unused bandwidth in one month cannot be carried over the next month.
Fees for other services will be charged on an as-quoted basis, including but not limited to:
10.1 Email Finder product.
Demandforce works with a third-party provider to gather email addresses for individuals in your customer database for which you do not currently have email addresses on file. By opting in to use Demandforce's email finder product you will be subject to the monthly service fee once email finder begins for that calendar month; email finder begins once Demandforce has passed your data to the Demandforce third-party provider. The fees are based on per-valid email returned each month from the provider.
10.2 Postcard product.
By opting in to use Demandforce's postcard product, you will be subject to the service fees charged per printed postcard. You assume full responsibility that any custom content you submit is correct, and in the event that you submit incorrect information, misspellings, grammatical errors, etc., you agree to pay any and all associated correction fees.
10.3 Listing service.
The Listing Service (defined below) is provided free of charge. Demandforce reserves the right to terminate the Listing Service as to you or any other customer at any time for any reason or no reason.
10.4 Demandforce Connect for Facebook service.
Demandforce Connect for Facebook is an add-on service subject to a separate monthly subscription fee, as well as certain installation fees, as quoted on our website, and which are subject to change from time to time. Demandforce Connect for Facebook services require a valid Demandforce subscription to be in place. By electing to subscribe to Demandforce Connect for Facebook, you agree to pay all monthly subscription fees through the remainder of the Term of your Demandforce Agreement, billed in accordance with our normal monthly billing procedures. Your subscription to Demandforce Connect for Facebook will automatically renew at the then current rate, along with any renewal of your Demandforce subscription, unless you provide us with written notice of cancellation not less than thirty (30) days prior to the end of the then-current Term. Demandforce bears no responsibility for, and makes no warranty as to, the content published on your Facebook pages, or any other matter related to your use, or that of others, of Facebook, its applications, features and functions.
Unless otherwise stated, the Demandforce fees do not include any taxes, levies, duties or similar governmental assessments of any nature, including but not limited to value-added, sales, use or withholding taxes, assessable by any local, state, provincial, federal or foreign jurisdiction, plus interest, penalty and additions thereon (collectively, "Taxes"). You are responsible for paying all Taxes applicable to your purchase or use of Demandforce products or services. If Demandforce has the legal obligation to pay or collect Taxes (or an amount in respect of Taxes) for which you are responsible under this paragraph, the appropriate amount shall be invoiced to and paid by you, unless you provide Demandforce with a valid tax exemption certificate authorized by the appropriate taxing authority. Demandforce is responsible solely for taxes based on its income.
11. Credit card authorization
By submitting your credit/debit card ("Bank Card") data to Demandforce, you authorize Demandforce in its complete discretion to submit a financial transaction(s) to your issuing bank for settlement. You agree that once Demandforce has approved or declined your transaction, Demandforce has fully performed under the terms of this Agreement. You agree to contact Demandforce in the event that you desire to cancel any recurring charge, prior to the next billing cycle. Should you fail to contact Demandforce, you agree to indemnify and hold Demandforce harmless from any losses or damages that you suffer as a result of a recurring charge. Demandforce may be contacted at: email@example.com or Demandforce, Inc., 22 4th Street, 12th Floor, San Francisco, CA 94103, (415) 904-8080. If you think that there is an error on your account, including an incorrect amount or unauthorized transaction, you agree to contact Demandforce prior to the next billing cycle. Upon proper notification, Demandforce, in its sole discretion may issue a credit to your Bank Card.
12. Representations & warranties
You represent and warrant that you have the power and authority to enter into this Agreement and you have not falsely identified yourself or your corporate entity, or provided any false information to gain access to the Service, and that all Bank Card and other billing information that you have provided is correct. THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE". EXCEPT AS EXPLICITLY SET FORTH ABOVE, DEMANDFORCE IS NOT PROVIDING ANY WARRANTIES AND REPRESENTATIONS REGARDING THE SERVICE, CONTENT OR TECHNOLOGY, AND DEMANDFORCE AND ITS PARENT, LICENSORS, DISTRIBUTORS, PARTNERS AND AFFILIATES (COLLECTIVELY, THE “AFFILIATES”) DISCLAIM ALL WARRANTIES AND REPRESENTATIONS OF ANY KIND WITH REGARD TO THE SERVICE, CONTENT AND TECHNOLOGY, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT OF THIRD PARTY RIGHTS, FREEDOM FROM VIRUSES OR OTHER HARMFUL CODE, OR FITNESS FOR ANY PARTICULAR PURPOSE. FURTHER, DEMANDFORCE, ITS PARENT, ANY THIRD PARTIES ACTING ON ITS BEHALF, AND ITS AFFILIATES WILL NOT BE LIABLE FOR ANY DELAY, DIFFICULTY IN USE, INACCURACY OF INFORMATION, COMPUTER VIRUSES, MALICIOUS CODE OR OTHER DEFECT IN THE SERVICE, OR FOR ANY OTHER PROBLEMS EXPERIENCED BY YOU DUE TO CAUSES BEYOND DEMANDFORCE'S OR ITS PARENT, ANY THIRD PARTIES ACTING ON ITS BEHALF, OR ITS AFFILIATES’ CONTROL.
FURTHER, DEMANDFORCE EXPRESSLY DISCLAIMS ANY AND ALL RESPONSIBILITY AND LIABILITY WITH RESPECT TO SEPARATE AGREEMENTS YOU MAY MAKE WITH PATIENTS, CONSUMERS OR SITE USERS, AND YOU WILL LOOK SOLELY TO SUCH PERSONS AND/OR ENTITIES WITH RESPECT TO ANY AND ALL CLAIMS ARISING OUT OF SUCH AGREEMENTS. YOU WILL BE SOLELY RESPONSIBLE FOR THE PROFESSIONAL AND TECHNICAL SERVICES YOU PROVIDE. DEMANDFORCE HAS NO LIABILITY FOR THE CONSEQUENCES TO YOU OR YOUR PATIENTS, CONSUMERS OR SITE USERS OF YOUR USE OF THE SERVICE.
DEMANDFORCE OFFERS NO ASSURANCE THAT YOUR USE OF THE SERVICE UNDER THE TERMS OF THIS AGREEMENT WILL NOT VIOLATE ANY LAW OR REGULATION APPLICABLE TO YOU. DEMANDFORCE AND ITS LICENSORS MAKE NO REPRESENTATION OR WARRANTIES THAT THE SERVICE OR THE CONTENT ARE APPROPRIATE OR AVAILABLE FOR USE IN ALL GEOGRAPHIC LOCATIONS. IF YOU USE THE SERVICE OR THE CONTENT OUTSIDE THE UNITED STATES OF AMERICA, YOU ARE SOLELY RESPONSIBLE FOR COMPLIANCE WITH ALL APPLICABLE LAWS, INCLUDING WITHOUT LIMITATION EXPORT AND IMPORT REGULATIONS OF OTHER COUNTRIES.
IN ADDITION, YOU ACKNOWLEDGE AND AGREE THAT ANY DATA, INFORMATION, CONTENT OR MATERIALS CONTAINED IN OR MADE AVAILABLE IN CONNECTION WITH THE SERVICE IS NOT INTENDED AS A SUBSTITUTE FOR, THE KNOWLEDGE, EXPERTISE, SKILL AND JUDGMENT, TAX, LEGAL OR OTHER PROFESSIONALS. THE SERVICE DOES NOT PROVIDE TAX OR LEGAL ADVICE. YOU ARE RESPONSIBLE FOR OBTAINING SUCH ADVICE.
13. Exclusions not applicable
Certain states and/or jurisdictions do not allow the exclusion of implied warranties or limitation of liability for incidental or consequential damages, so the exclusions set forth in this Agreement may not apply to you. In such event, Demandforce’s liability under this Agreement will be limited to the greatest extent permitted by applicable law in such jurisdiction.
14. Email compliance
You agree to comply with all elements of CAN-SPAM and safe sender email practices. This includes but is not limited to including unsubscribe links, your full contact information in all correspondence, and not releasing private and/or confidential information. You may only use email services for those customers with whom you have an existing business relationship and which have indicated that they accept correspondence from you. You may not attempt to spoof sender domains, send spam or other offending email practices including those covered in the Section titled “ Customer responsibility and passwords; third-party software” of this Agreement. Because of carrier technologies, Demandforce makes no expressed or implied warranty of individual message receipt. Demandforce is not liable for any issues that arise associated with the content that you provide or unforeseen liabilities of it being delivered.
15. Text message compliance
The Telephone Consumer Protection Act (TCPA) is a federal law regulating the way consumers are contacted by telephone, fax, and text message. The TCPA regulations apply to the text and automated landline messages you are able to send through the Demandforce Service to communicate with your customers and patients.
TCPA regulations require that companies obtain consent from consumers prior to sending any sort of text or automated telephone messages. For HIPAA covered entities, requirements for how consent is obtained are different depending on whether the messaging only contains health-related information or if it includes marketing-focused content. The TCPA regulations are described below to help you understand the restrictions . Demandforce automates text message communications, but you are responsible for ensuring that the recipients of those communications have provided prior express written consent to receive them.
Consent for Informational Health Care Messages :
For HIPAA covered entities sending informational only health-related messages, the patient’s consent can be written, electronic or verbal. With these guidelines, you can send your patients informational messages about their health care. Such health-related informational messages include appointment reminders, follow-up care outreach/recall/re-care reminders, eyewear notifications (where applicable), and other similar health care messages without marketing content.
The Demandforce Service includes default templates that meet the requirements for information-only content. However, Demandforce Service messages can be personalized by you and your staff, so we encourage you to educate yourself on TCPA guidelines by visiting the U.S. Federal Communications Commission website prior to making any modifications to the default templates.
Consent for Marketing-Focused Messages:
The Demandforce Service can also be used to send or automate marketing-focused messages, which are subject to more stringent TCPA regulations. Messages with any sort of marketing content require that your patient provide you with “express written consent”, which may be obtained in an electronic format. The prior express written consent must identify that you may be sending text messages related to your goods and services using automated technology and that your customer affirmatively agrees to receive such messages. The prior express consent must include your customers’ written or electronic acceptance. Specifically, by entering a cell phone number into your management system or the Demandforce system and not opting such cell phone out of the Demandforce text message feature, you are directing Demandforce to automatically send text message reminders and other communications to such cell phone and certifying that the user of such cell phone consents to the receipt of those messages.
To help you remain TCPA compliant, the Demandforce Service includes features that permit you to obtain that consent for any text message marketing you conduct so that marketing-focused messages are only delivered to patients who have given appropriate consent.
TCPA regulations require you to honor patient requests to opt-out of future telephone, fax, or text messages. The Demandforce Service allows you to honor these requests on an individual basis. A patient may also opt-out of text messages at any time by replying with the word STOP to any text message sent through the Demandforce Service. You are responsible for all liability for any failure to receive consent or failure to opt users out of the text message feature.
TCPA regulations require you to identify your practice by name and telephone number in all text messages you send to patients. The Demandforce Service enables you to comply with this rule by requiring you to include identifying tokens in all text message templates. You will not be able to send any text messages that do not contain complete and proper identification. Additionally, you may not attempt to spoof sender domains, send spam or other offending text message practices including those covered in the Section titled “Customer responsibility and passwords; third-party software” of this Agreement.
Demandforce makes no expressed or implied warranty of individual message receipt. Standard text message rates apply for all text message services. Demandforce shall not be liable for any issues that arise associated with the content that you provide or unforeseen liabilities of it being delivered. You shall be solely liable to comply with applicable laws and regulations within your jurisdiction in connection with telecommunication (e.g., email and text) messages that you send to your customers.
For more information about your responsibilities under the TCPA, please visit the U.S. Federal Communications Commission website .
16. For Canada-based businesses subject to commercial electronic message requirements:
You must comply with CASL requirements including, but not limited to, providing identification, making available an unsubscribe (opt-out) mechanism, and obtaining consent from the message recipient. You are responsible for applying all consent, identification, and opt-out requirements. For text messages, you agree to adopt the double opt-in process wherein 1) you may only use text message services for those customers with whom you have an existing business relationship and which have indicated that they accept correspondence from you and 2) the customers must reply to an opt-in message from their handset. For reliable delivery, you must adhere to message limitations including length and delivery, including that portion of the message which indicates who is sending the message, along with a mailing address, plus either a contact phone number, email address or contact page URL. You may not attempt to spoof sender domains, send spam or other offending text message practices including those covered in the Section titled “ Customer responsibility and passwords; third-party software” of this Agreement. Because of carrier technologies, Demandforce makes no expressed or implied warranty of individual message receipt. Standard text message rates apply for all text message services. Demandforce uses “short code” technology to engage in 2-way sms communication with consumers and does not guarantee delivery to all mobile carriers if short code technology is not accepted. Demandforce shall not be liable for any issues that arise associated with the content that you provide or unforeseen liabilities of it being delivered. You agree to make your internal practices, books, and records, including policies and procedures and information, relating to this Agreement, available to Demandforce for the purposes of Demandforce determining your compliance with the obligation to secure consent for your customers to receive marketing messages and other communications (email, text, or other). Such information shall be made available in a time and manner reasonably requested by Demandforce.
17. Listing Services
Demandforce may offer a complimentary listing service (the "Listing Service") under which your business information and customer reviews (collectively, the "Business Information") are submitted to search engines, indexes and web sites. You agree to participate in the Listing Service, and allow Demandforce to make this data available and provide registration services to third party sites. It is up to third party sites to accept the submissions, and Demandforce makes no warranty as to such sites' willingness to do so. For so long as you continue to subscribe to the Service, Demandforce will make a good faith attempt to ensure accuracy and confidentiality of the information we provide to third party sites under the Listing Service. We have no control of third party web sites or resources that are provided by companies or persons other than that of Demandforce. Additional tools may be available from the third parties to provide additional updates to your information, but if you use such services, Demandforce is not liable for any claim arising out of the combination of such services with the information provided by the Listing Service. If you no longer have an active subscription, Demandforce may remove you from the listing. In addition to the terms set forth in this Agreement, you agree to abide by the terms set forth in our Public Review Policy, as the same may be amended from time to time by Demandforce, the terms of which are available at www.demandforce.com. Demandforce may terminate your participation in the Listing Service, or this Agreement, at any time in the event that Demandforce determines that you are not in compliance with the Public Review Policy. Upon termination of this Agreement by either party, the Business Information and any consumer reviews may remain in any data feeds provided to third parties under the Listing Service but is subject to removal at any time as determined by Demandforce. You may request explicit removal of the Business Information from such data feeds in writing. Upon request, at any time during your active subscription to the Service and up to the date of any termination of this Agreement, Demandforce will provide you with an electronic copy of your Business Information, including consumer reviews.
18. Data Consent for Services
In connection with the provision of technical support, training and other Services, you agree that Demandforce may remotely log-in to your computers, devices and systems for purposes of providing the support, training or other Services, including, without limitation, technical trouble shooting, answering questions, benchmarking and providing training to you or your personnel. Remote login may be conducted through the use of third party entities. You further agree that Demandforce may also remotely log-in at any time as necessary or appropriate to maintain our Services.
Demandforce reserves the right to log off accounts that inactive for an extended period of time.
In addition, Demandforce may quarantine suspected messages. Demandforce also may modify any domain and user settings with or without notice, including without limitation, altering settings so that spam or bulk email is denied, rather than being quarantined, to avoid space capacity issues which jeopardize the technical or economic viability of the services offered, or the system used to implement the services.
You agree that Demandforce may automatically check the version of a Service that you are utilizing and may provide updates or upgrades remotely via the Internet. You consent to the receipt of updates or upgrades by means of download to your computers and systems.
You agree to keep your computers powered on during the Services runtimes that you specify. You must add Demandforce or its third party affiliate to the “allowed” list of programs and ensure that your firewall and anti-virus software programs do not block us. Additionally, your practice management software must always be accessible by Demandforce. It is your responsibility to contact Demandforce if you are upgrading or changing your computer systems.
19. Giving Us Access to Other Accounts and Services
The Service may require you to give Demandforce access to or require you to provide login information and password information for accounts or services you may have with third party providers. When you provide this information to Demandforce or give Demandforce access to these third party accounts, you agree that you have read all contracts and written agreements governing such access, login information and passwords and that you have all the necessary contractual and legal rights to give Demandforce such access, login information and passwords. In addition, for certain Services, Demandforce grants you permission to create and submit content on your behalf to press release news outlets, directories, search engines, social media outlasts, and other destinations.
20. Call Recording
Demandforce may record calls between you and our agents regarding the Service (“Service Calls”) and in connection with the Service, incoming calls, on your behalf as a Service, from, among others, your prospective clients (the “Inbound Calls” and, collectively with Service Calls, “Call Recording”). You consent to Call Recording and acknowledge you are responsible for notifying Call Recording to your employees and agents who may be recorded in a Service Call or Inbound Call (the “Recorded Persons”) and complying with all applicable laws, rules and regulations regarding call recording and privacy. It is your sole responsibility to provide and/or obtain, and you covenant that you will provide and/or obtain, all notices and permissions relating to Recorded Persons as may be required by applicable laws and regulations. You acknowledge and agree that if you collect information from Recorded Persons that may be subject to a privilege (including, but not limited to, attorney-client or doctor-patient privilege), you assume the full risk of using a third party provider for Call Recording, including any preclusion of the application of such privilege with respect to information exchanged during the Call Recording with the Records Persons.
21. Pre-Release or Trial Services
If the Service is a pre-commercial release or beta version (“Pre-release Service”), then this section applies. The Pre-release Service is a pre-release version, does not represent a final product from Demandforce, and may contain bugs, errors, and other problems that could cause system or other failures and data loss and may only be used for testing purposes. Demandforce may never commercially release the Pre-release Service. Demandforce may alter features, licensing terms, or other characteristics of any version of the Pre-release Service that it releases. If you received the Pre-release Service pursuant to a separate written agreement, (“Test Agreement”) for Pre-release Service, your use of the Service is also governed by the Test Agreement. If there is a conflict between this Agreement and the Test Agreement, the Test Agreement controls. You may not disclose, publish or disseminate any information regarding the Pre-release Service to anyone, including but not limited to any new features or faults to any Internet forums. YOUR USE OF PRE-RELEASE SOFTWARE IS AT YOUR OWN RISK. THE SECTIONS RELATED TO WARRANTY DISCLAIMERS AND LIABILITY LIMITATIONS ALSO APPLY TO THE PRE-RELEASE SERVICE.
If you registered for a trial use of the Service ("Trial Period"), you must decide to purchase the Service within the Trial Period in order to retain any content that you have posted or uploaded during the Trial Period, if available. If you do not purchase the Service by the end of the Trial Period, any applicable content will no longer be available to you. To be very clear, after using the Service during the Trial Period, if you decide not to purchase the full version of the Service, you will not be able to access or retrieve any of the data you added/created during the Trial Period.
22. Governing law; venue; dispute and waiver of class action
a. Governing law. This Agreement will be interpreted, construed, and enforced in all respects in accordance with the laws of the State of California, without reference to its choice of law principles to the contrary.
b. Venue. You will not commence or prosecute any action, suit, proceeding or claim arising under or by reason of this Agreement other than in the state or federal courts located in Los Angeles County, California. You irrevocably consent to the jurisdiction and venue of the courts identified in the preceding sentence in connection with any action, suit, proceeding, or claim arising under or by reason of this Agreement and hereby waive the right to challenge the jurisdiction of such courts on grounds of lack of personal jurisdiction or forum nonveniens or to otherwise seek a change of venue. This choice of venue is intended to be mandatory, and not permissive, in nature. You hereby waive any right to a jury trial in any proceeding arising out of or related to this Agreement. You agree that regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to use of the Service or this Agreement must be filed within one (1) year after such claim or cause of action arose or be forever barred. The United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement. A printed version of this Agreement and of any related notice given in electronic form shall be admissible in judicial or administrative proceedings based upon or relating to this Agreement to the same extent and subject to the same conditions as other business documents and records originally generated and maintained in printed form.
a. If any provision of this Agreement is found to be invalid or unenforceable, then the remainder of this Agreement will have full force and effect, and the invalid provision will be modified, or partially enforced, to the maximum extent permitted to effectuate the original objective.
b. This Agreement will bind and inure to the transferee of a party’s business, and will be enforceable in the event of a change in ownership or control.
c. This Agreement constitutes the entire agreement between the parties with respect to the subject matter hereof and merges and supersedes all prior agreements, understandings, negotiations, and discussions. Neither of the parties will be bound by any conditions, definitions, warranties, understandings, or representations with respect to the subject matter hereof other than as expressly provided herein.
d. Failure by either party to enforce any term of this Agreement will not be deemed a waiver of future enforcement of that or any other term in this Agreement or any other agreement that may be in place between the parties. A waiver will not be effective unless it is in writing and signed by the party against whom the waiver is being enforced.
e. Demandforce reserves the right to modify the terms of this Agreement from time to time, at its sole discretion; and your continued use of the Demandforce Service or products constitutes your acceptance of such modified terms.
f. The section headings contained in this Agreement are for reference purposes only and will not affect in any way the meaning or interpretation of this Agreement.
g. This Agreement is not intended to confer any right or benefit on any third party, and no action may be commenced or prosecuted against a party by any third party claiming as a third-party beneficiary of this Agreement or any of the transactions contemplated by this Agreement. No oral explanation or oral information by either party hereto will alter the meaning or interpretation of this Agreement.
h. With respect to any acquisition or use of the Service by or for any unit or agency of the United States Government (the “Government”), the Service shall be classified as “commercial computer software” as that term is defined in the applicable provisions of the Federal Acquisition Regulation (the “FAR”) and supplements thereto, including the Department of Defense (DoD) FAR Supplement (the “DFARS”). The Service was developed entirely at private expense, and no part of the Service was first produced in the performance of a Government contract. If the Service is supplied for use by the DoD, the Service is delivered subject to the terms of this Agreement and either (i) in accordance with DFARS 227.7202-1(a) and 227.7202-3(a), or (ii) with restricted rights in accordance with DFARS 252-227-7013 (c)(l)(ii)(OCT 1988), as applicable. If the Service is supplied for use by a Federal agency other than the DoD, the Service is restricted computer software delivered subject to the terms of this Agreement and (i) FAR 12.212(a); (ii) FAR 52.227-19; or (iii) FAR 52.227-14(ALT III), as applicable. The manufacturer/Service provider is Demandforce, Inc., 22 4th Street, 12th Floor, San Francisco, California 94103.
(i) You acknowledge that the Service is subject to the U.S. Export Administration Regulations (15 CFR, Chapter VII) and that you will comply with these regulations. You will not export or re-export this Service, directly or indirectly, to: (1) any countries that are subject to U.S. export restrictions; (2) any end user who has been prohibited from participating in U.S. export transactions by any federal agency of the U.S. government; or (3) any end user who you know or have reason to know will utilize them in the design, development or production of nuclear, chemical or biological weapons. You further acknowledge that this Service may include technical data subject to export and re-export restrictions imposed by U.S. law.
(j) Foreign Corrupt Practices Act. You agree to fully comply with the provisions of the United States Foreign Corrupt Practices Act (“FCPA”) and/or the Organization for Economic Cooperation and Development (“OECD”) prohibiting foreign bribery and improper payments. Without limiting the generality of the foregoing, you represent and warrant that you have not and shall not at any time during the Term of the Agreement pay, give, or offer or promise to pay or give, any money or any other thing of value, directly or indirectly, to or for the benefit of: (i) any government official, political party, or candidate for political office; or (ii) any other person, firm, corporation or other entity, with knowledge that some or all of that money or other thing of value will be paid, given, offered or promised to a government official, political party or candidate for political office, for the purpose of obtaining or retaining any business, or to obtain any other unfair advantage, in connection with Demandforce’s business. Further, you agree to maintain complete and accurate books and records for compliance with this sub-section titled “Foreign Corrupt Practices Act” in the event Demandforce has reason to suspect or is placed on notice that you are in violation of this sub-section, or as required by law.
(k) Additional Terms for Third Party Software. BY USING THE DEMANDFORCE SERVICE SOFTWARE, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE.
The Demandforce Service contains third party software (“Third Party Code”), as identified below and which is subject to the additional license terms set forth by such Third Party Code licensors. You agree that you:
a. will use the Third Party Code only as an integral component of the Demandforce Service;
b. will not use the Third Party Code for development, compilation, debugging and similar design-time purposes;
c. will not reverse-compile or decompile, analyze, reverse-engineer, reverse-assemble or disassemble, unlock or otherwise attempt to discover the source code or underlying algorithms of the Third Party Code or attempt to do any of the foregoing in relation to the object code of the Third Party Code; and
d. will not modify, adapt, translate or create any derivative works of the Third Party Code or merge the Third Party Code into any other software.
(1) log4net.dll, file version: 220.127.116.11 – Copyright 2015 Apache Software Foundation; Licensed under the Apache License
(2) Newtonsoft.json.dll, file version: 18.104.22.16823 - Copyright (c) 2007 James Newton-King; the MIT License. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
(3) log4net.dll, file version: 22.214.171.124. - Copyright 2015 Apache Software Foundation. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: http://www.apache.org/licenses/LICENSE-2.0
(4) Stateless.dll, file version: 126.96.36.199. - Copyright 2015 Nicholas Blumhardt. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: http://www.apache.org/licenses/LICENSE-2.0
(5) Microsoft.Bcl.Async.1.0.168 and Microsoft.Net.Http.2.2.28. – Copyright 2015 Microsoft Corporation. Licensed under the Microsoft Licenses Bcl.Async.1.0.168 and Http.2.2.28 (the “Licenses”); you may not use these files except in compliance with the Licenses.
Because this software is “as is,” Microsoft may not provide support services for it.
DISCLAIMER OF WARRANTY. THE SOFTWARE IS LICENSED “AS-IS.” YOU BEAR THE RISK OF USING IT. MICROSOFT GIVES NO EXPRESS WARRANTIES, GUARANTEES OR CONDITIONS. YOU MAY HAVE ADDITIONAL CONSUMER RIGHTS OR STATUTORY GUARANTEES UNDER YOUR LOCAL LAWS WHICH THIS AGREEMENT CANNOT CHANGE. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, MICROSOFT EXCLUDES THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
FOR AUSTRALIA – YOU HAVE STATUTORY GUARANTEES UNDER THE AUSTRALIAN CONSUMER LAW AND NOTHING IN THESE TERMS IS INTENDED TO AFFECT THOSE RIGHTS.
LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM MICROSOFT AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP TO U.S. $5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES.
You may obtain a copy of the Licenses at: http://www.microsoft.com/net/dotnet_library_license.htm
The following sections apply only if you are subject to the HIPAA Security and Privacy Rule.
24. HIPAA and Laws
In accordance with the provisions of the Health Insurance Portability and Accountability Act of 1996, and the regulations promulgated thereunder, including the Privacy Rule and Security, as amended (“HIPAA”), you agree to follow and abide to the following (all undefined terms in Sections 18 and 19 have their meaning defined by the HIPAA regulations):
· Ensuring that your use of the Services complies with applicable law, including but not limited to laws relating to maintenance of privacy, security, and confidentiality of patient and other health information.
· Implement and maintain appropriate administrative, physical and technical safeguards to protect information within the Services.
o Such safeguards must comply with federal, state, and local requirements, including the Privacy Rule and the Security Rule.
· Maintain appropriate security with regard to all personnel, systems, and administrative processes used by you or members of your workforce to transmit, store and process electronic health information through the use of the Services.
· By using the Service, you consent to the terms of the Business Associate Agreement set forth below and you agree to protect any information received through such communication services in accordance with the terms of such business associate agreement.
Specially Protected Information:
Demandforce applies the standards of the Privacy Rule in permitting access to the Service.
· You acknowledge that other federal and state laws impose additional restrictions on the use and disclosure of certain types of health information, or health information pertaining to certain classes of individuals.
· You agree that you are solely responsible for ensuring that personal health information is subject to the restrictions of the Privacy Rule and applicable law. In particular, you will:
o not make available to other users through the Service any information in violation of any restriction on use or disclosure (whether arising from your agreement with such users or under law);
o obtain all necessary consents, authorizations or releases from individuals required for making their personal health information available to Demandforce; and
o include such statements (if any) in your notice of privacy practices as may be required.
Demandforce is committed to maintaining the confidentiality of information entrusted to us, especially individually identifiable personal and health information. Demandforce follows its HIPAA policies and procedures. Some acquired companies, including their products and services may operate under their own privacy policies until Demandforce integrates their privacy practices with ours. You are responsible for determining if the Service meets your compliance standards.
25. Demandforce’s Use of Protected Health Information
The Service may include use of your patients’ Protected Health Information that you or your personnel input or upload onto the Service or that Demandforce receives on your behalf from your authorized service providers or our third party partners (“Your Health Information”). Y ou retain all rights with regard to Your Health Information, and Demandforce will only use such information as expressly permitted in this Agreement and our Business Associate Agreement. You authorize Demandforce, as your business associate, to use and disclose Your Health Information as follows:
- Demandforce will permit access to Your Health Information by business associates to whom you have consented to provide access to the Services and who have otherwise agreed to integrate with our systems pursuant to appropriate assurances (i.e. practice management integration vendor). You acknowledge that once Demandforce has granted access rights to another provider or covered entity (or their respective business associates), Demandforce has no control over the uses and disclosures that the business associate makes of Your Health Information, and the recipient may be subject to its own legal or regulatory obligations (including HIPAA) to retain such information and make such information available to patients, governmental authorities and others as required by applicable law or regulation.
- Demandforce may “De-Identify” (means health information that has been de-identified in accordance with the provisions of the Privacy Rule) Your Health Information and use and disclose de-identified information as provided by Section 26.
- Demandforce may create limited data sets from Your Health Information, and disclose them for any purpose for which you may disclose a limited data set; and you hereby authorize Demandforce to enter into data use agreements on your behalf for the use of limited data sets, in accordance with applicable law and regulation.
- Demandforce may use Your Health Information in order to prepare analyses and reports, such as activity or quality-metrics reports, or any other reports the Service makes available, in order to render these reports to you. Preparation of such analyses and reports may include the use of data aggregation services relating to your treatment and health care operations, which Demandforce may perform using Your Health Information. Such reporting will be done in a manner that does not make any disclosure of Your Health Information that you would not be permitted to make.
- Demandforce may use Your Health Information for the proper management and administration of the Service and our business, and to carry out its legal responsibilities. Demandforce may also disclose Your Health Information for such purposes if the disclosure is required by law, or Demandforce obtains reasonable assurances from the recipient that it will be held confidentially and used or further disclosed only (a) as required by law (as such term is defined in 45 CFR §164.103), or (b) for the purpose for which it was disclosed to the recipient, and the recipient notifies Demandforce of any instances of which it is aware in which the confidentiality of the information has been breached. Without limiting the foregoing, Demandforce may permit access to the system by our contracted system developers under appropriate confidentiality agreements.
- Demandforce may use Your Health Information and Directory Information (defined below) to contact your patients on your behalf for certain Services, including (a) for treatment and health care operations messages, including sending appointment requests and reminders or post-visit treatment satisfaction surveys; (b) to request authorization on your behalf from your patients to use or disclose their health information for any purpose for which use or disclosure may be made with an appropriate authorization, including marketing purposes; and (c) to provide information about health-related products or services that you provide, or that Demandforce provides on your behalf as your business associate.
· From time to time Demandforce may incorporate information it receives from your authorized service providers; (including any third party product or services) or our third party partners into the Service provided to you. Such information may include, without limitation, clinical information such as lab results, imaging results, eligibility information, and prescription history; and shall, upon incorporation into the Service, be treated as “Your Health Information” for all purposes hereunder. You hereby authorize Demandforce to request and receive such information on your behalf from such authorized service providers or Demandforce’s third party partners.
26. De-Identified Information
In consideration of Demandforce’s provision of the Service, you hereby transfer and assign to Demandforce all right, title and interest in and to all De-Identified Information that Demandforce makes from Your Health Information pursuant to Section 19. You agree that Demandforce may use, disclose, market, license and sell such De-Identified Information for any purpose without restriction, and that you have no interest in such information, or in the proceeds of any sale, license, or other commercialization thereof. You acknowledge that the rights conferred by this Section are the principal consideration for the provision of the Service, without which Demandforce would not enter into this Agreement.
27. Individuals’ Rights
You are solely responsible for affording individuals their rights with respect to relevant portions of Your Health Information, such as the rights of access and amendment. You will not undertake to afford an individual any rights with respect to any information in the Service other than Your Health Information.
Business Associate Agreement (“BAA”)
This Business Associate Agreement (this “BAA”) is entered into by and between Demandforce, Inc. (“Demandforce”) and you (“Healthcare Provider”) who entered into the Agreement for the Service. This BAA applies with respect to any and all Protected Health Information (PHI) that may be collected, accessed, used, processed or disclosed pursuant to Demandforce’s performance and Healthcare Provider's receipt of services under the Agreement.
Pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as updated and amended by Subtitle D of the Health Information Technology for Economic and Clinical Health Act ( the “HITECH Act”), Demandforce may from time to time act as a business associate in the performance of services for Healthcare Provider under the Agreement. In such event, the Healthcare Provider is a covered entity. Pursuant to this BAA, Demandforce and Healthcare Provider agree to access, use, process and disclose any such PHI in compliance with the requirements of HIPAA and the HITECH Act.
By accepting the terms of the Agreement or by using any service made available under the terms of the Agreement, Healthcare Provider accepts the term and conditions of this BAA. Please note that Demandforce reserves the right, at our sole discretion, to change this BAA from time to time. Healthcare Provider's continued use of the services provided under the Agreement after any such change takes effect will be deemed to constitute Healthcare Provider's acceptance of and agreement to the revisions to this Agreement.
1. Definitions . Capitalized terms not defined in this BAA will be defined as provided in HIPAA, the HITECH ACT and their implementing rules.
2. Uses and Disclosures of PHI.
2.1 Demandforce may from time to time disclose PHI to Healthcare Provider in conjunction with Healthcare Provider's receipt of services under the Agreement. For purposes of this BAA, "Protected Health Information" (PHI) is limited to PHI, as defined in HIPAA, HITECH and their implementing rules, that is accessed, used, processed or disclosed pursuant to the Agreement.
2.2 Neither party will access, use, process or disclose such PHI for any purpose other than as permitted under this BAA. Each party may access, use, process and disclose the PHI it receives for the proper management and administration of such party, to perform its obligations under and receive the benefits of the service delivered under the Agreement and to otherwise carry out its legal responsibilities; provided, however, that in all cases such use is permitted under applicable law. Either party may disclose PHI if the disclosure is required by law. Either party may also disclose PHI for the proper management and administration of the business of such party, provided it obtains reasonable assurances from the person to whom the information is disclosed that it will be held confidentially and used or further disclosed only as required by law and for the purpose for which it was disclosed.
2.3 Each party will maintain appropriate safeguards including, but not limited to, administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of the PHI.
2.4 If either party becomes aware of any unauthorized access to or use, processing or disclosure of unsecured PHI, it will so notify the other party. Such notice will contain: (i) the date of discovery of the unauthorized access, use, processing or disclosure; (ii) a listing of the identification of individuals and/or classes of individuals who are subject to the unauthorized access, use, processing or disclosure; and (iii) a general description of the nature of the unauthorized access, use, processing or disclosure. The party responsible for such unauthorized access, use, processing or disclosure will perform an appropriate risk assessment to determine whether the PHI has been compromised. In performing the risk assessment, such party will consider a combination of factors such as: (a) the nature and extent of the PHI affected, (b) the unauthorized person who impermissibly used the PHI or to whom the PHI was impermissibly disclosed; (c) whether PHI was acquired or viewed and (d) the extent to which the risk to the PHI has been mitigated. The results of such risk assessment will be provided to the other party. Demandforce is not responsible for monitoring Healthcare Provider’s own access to or use, processing or disclosure of PHI.
2.5 In the event of an unauthorized access to or use, processing or disclosure of unsecured PHI, the party responsible for such unauthorized access to or use, processing or disclosure of unsecured PHI will use reasonable efforts to mitigate, to the extent practicable, any harmful effect arising from such unauthorized access to or use, processing or disclosure of unsecured PHI.
2.6 The parties will cooperate with respect to any required notifications that must be made to the individuals or the media with respect to any unauthorized access to or use, processing or disclosure of unsecured PHI.
2.7 With respect to any subcontractor or agent to whom either party provides PHI, the disclosing party will first contractually obligate such subcontractor or agent to agree to protect such PHI pursuant to terms and conditions at least as protective as the terms of this Business Associate Agreement.
2.8 Demandforce may de-identify any and all PHI that is in its possession or control provided that Demandforce implements de-identification criteria in accord with applicable law. De-identified information does not constitute PHI and is not subject to the terms of this BAA.
3. Compliance with Law
3.1 Each party is responsible for its own compliance with any and all existing or subsequent laws, whether by statute, regulation, common law, or otherwise, related to its access to or use, processing or disclosure of PHI. Healthcare Provider agrees that it will have and maintain appropriate consents from data subjects, as may be necessary, for Demandforce to access, use, process and disclose PHI in accordance with its delivery of services under the Agreement and as otherwise permitted under this BAA.
3.2 The parties will provide each other only the minimum amount of PHI necessary for us to perform the Service described in the Agreement.
3.3 Upon request by the Department of Health and Human Services (“HHS”), each party will make available to HHS the internal practices, books, and records of such party relating to the use and disclosure of PHI for purposes of ensuring compliance with the provisions of HIPAA and the HITECH Act.
3.4 In the event that Demandforce receives an inquiry from an individual for access to or the right to amend PHI, it will advise Healthcare Provider of that communication and the request. The parties will cooperate in making PHI available to the individual and in making the requested amendment of PHI. The Healthcare Provider will retain and make available on request information required to provide an accounting of disclosures in accordance with the provisions of HIPAA and the HITECH Act.
4. Termination and Destruction of PHI.
4.1 In the event that either party reasonably determines that the other has accessed, used, processed or disclosed unsecured PHI in a manner inconsistent with a material term of this Agreement, it will provide written notice of such breach to the other party and specify in reasonable detail any such breach. Upon receipt of such written notice, the receiving party will have 30 days to achieve compliance with this BAA or to establish a reasonable schedule for compliance with this BAA. In the event that a party fails or refuses to comply with this obligation, the other party may terminate this BAA upon written notice. If either party reasonably determines that the other party has accessed, used, processed or disclosed PHI in a manner inconsistent with this BAA following written notice of a prior breach, the non-breaching party may immediately terminate the Agreement.
4.2 Within thirty (30) days of termination of this BAA, Demandforce will return to Healthcare Provider, or destroy, the PHI made available to Demandforce by the Healthcare Provide that is in its control and take reasonable steps to ensure that Demandforce has no means of identifying or reidentifying individuals who are the subject of such PHI. Demandforce will also obligate any subcontractor to return to Demandforce, or destroy, any such PHI in the subcontractor's control.
4.3 In the event that Demandforce is unable to return or destroy the PHI in its control, Demandforce will continue to protect such PHI from further disclosure.
5. Limitation of Liability. UNDER NO CIRCUMSTANCES WILL DEMANDFORCE OR ITS AFFILIATES, OR ANY OF ITS OR THEIR RESPECTIVE DIRECTORS, OFFICERS, SHAREHOLDERS, PROPRIETORS, PARTNERS, EMPLOYEES, AGENTS, REPRESENTATIVES, SERVANTS, ATTORNEYS, PREDECESSORS, SUCCESSORS OR ASSIGNS, BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOST PROFITS AND DAMAGES THAT RESULT FROM INCONVENIENCE, DELAY, OR LOSS OF USE) ARISING OUT OF ITS ACCESS TO OR USE, PROCESSING OR DISCLOSURE OF PHI, EVEN IF IT OR THEY HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages; thus, this limitation may not be applicable.
6. Indemnification. Healthcare Provider will defend, indemnify, and hold harmless Demandforce and its affiliates, and its and their respective directors, officers, shareholders, proprietors, partners, employees, agents, representatives, servants, attorneys, predecessors, successors and assigns, from and against any and all claims, proceedings, damages, injuries, liabilities, losses, costs and expenses (including reasonable attorneys' fees and litigation expenses), relating to or arising from Healthcare Provider's (i) unauthorized access to or use, processing or disclosure of PHI, (ii) breach of this Agreement or (iii) violation of applicable law.
7. Notices. All notices and other communications required or permitted to be given by Demandforce to you under this Agreement will be deemed to be properly given on the date when sent by email to the email address for you last recorded by Demandforce or sent by postal mail or private courier to the postal address for you last recorded by Demandforce. All notices and other communications required or permitted to be given by you to us under this BAA will be deemed to be properly given on the date when sent by postal mail or private courier to 909 N. Sepulveda Blvd., 11th Floor, El Segundo, CA 90245, Attention: Legal Department.
8. Miscellaneous . This BAA contains the final and entire agreement regarding the subject matter hereof and supersedes all previous and contemporaneous oral or written agreements. The failure by either party to enforce any right or provision of this BAA will not constitute a waiver of that provision or of any other provision of this BAA. If any provision of this BAA is determined to be invalid or unenforceable by a court, such provision will be deemed severable and the remainder of this Agreement will remain in full force and effect. This BAA may not be assigned by you. Both parties agree that this BAA, as well as any and all claims arising from this BAA will be governed by and construed in accordance with federal law and the laws of the State of California, without reference to its conflicts of law rules, and the parties irrevocably submit to the exclusive jurisdiction and venue of the courts of Los Angeles County, California and the Central District Court of California, respectively. The parties are independent contractors and this BAA does not create an agency, partnership or joint venture.
If you have questions regarding this Agreement, or wish to obtain additional information, please send an e-mail to firstname.lastname@example.org.
© 2016 Demandforce Inc. All rights reserved. February 1, 2016