PORTAL TERMS OF USE FOR HEALTHCARE PROFESSIONALS

These terms are a binding contract between you (“Customer”, “you” or “your”) and Firmalab (“Firmalab”, “we” or “us”). These terms and conditions govern your access and use of the web-based portal (the “Services”), which Firmalab operates for use by healthcare professionals, laboratories, and other digital health partners in initiating test orders and accessing test results.

  1. SERVICES AND SUPPORT
    1. Subject to the terms and conditions of these TOU, Firmalab hereby grants you a revocable, non-exclusive, non-transferable, non-sublicensable limited right to access and use the Services during the Term for your internal business operations by Users in accordance with the terms and conditions herein.
    2. Firmalab will use commercially reasonable efforts to provide the Services to Customer. Firmalab will provide Customer with the necessary passwords and access credentials to allow you to access the Services.
    3. Subject to the terms hereof, Firmalab will provide Customer with reasonable technical support services in accordance with Firmalab’s standard practice.
  2. RESTRICTIONS AND RESPONSIBILITIES
    1. Customer has and will obtain no right, title or interest in or to the Services or any software, hardware or other technology that Firmalab provides, directly or indirectly, to allow Customer to access the Services, including any AIP (the “System”), or any Intellectual Property Rights (as defined in Section 4.2) therein except for the limited right to use the Services expressly granted by these TOU, and Customer hereby agrees not to, directly or indirectly:

      (i) reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms relevant to the Services or any software, documentation or data related to the Services;

      (ii) modify, translate, or create derivative works based on the Services or System or any software (except to the extent expressly permitted by Firmalab or authorized within the Services);

      (iii) sell, sublicense, lease, permit or transfer the Services or System (or Customer’s right to use the Services, as contemplated by these TOU) or System to any third party;

      (iv) take any action that would render the operation or use of the Services or the System unlawful;

      (v) make the Services, in whole or in part, available to any person or entity other than Customer, or Customer’s employees, agents, contractors and other service providers authorized by Customer to use the Services on Customer’s behalf and in accordance with these TOU (“User” or “Users”); or

      (vi) grant any user, including Users, any rights to access or use the System or the Services that they would not be allowed to under these TOU (except to the extent expressly permitted by Firmalab) or Applicable Laws (as defined below in Section 2.3(ii)).

    2. Customer represents, covenants, and warrants that Customer will use the System and the Services only in compliance with all Applicable Laws and the terms of these TOU. Customer hereby agrees to indemnify and hold harmless Firmalab and its affiliates, directors, officers, agents and representatives against any damages, losses, liabilities, settlements and expenses (including without limitation costs and attorneys’ fees) (“Losses”) in connection with any claim or action that arises from an alleged violation of the foregoing or otherwise from Customer’s or any User’s use of the System and the Services. Although Firmalab has no obligation to monitor Customer’s use of the Services, Firmalab (either directly or through its authorized agent(s)) may do so and may prohibit any use of the Services it believes may be (or alleged to be) in violation of the foregoing, including by suspending the account of Customer and/or any User(s).
    3. Customer will be solely responsible for all uses of the Services by Users, as well any other users who gain access to the Services through the acts or omissions of Customer or any User, with or without Customer’s knowledge or consent, as well as any protected health information or other information, communications, text, data or other content transmitted through or otherwise included, processed, stored or displayed within, through or on the Services (collectively, “Customer Data”).

      Additionally, Customer shall be responsible for:

      (i) obtaining and maintaining any equipment and ancillary services needed to connect to, access or otherwise use the Services, including, without limitation, hardware, servers, software, operating systems, networking, web servers and the like (collectively, “Customer Equipment”);

      (ii) complying and ensuring that Customer’s and any User’s use of the Services complies with all Applicable Laws as may be required, including but not limited to the administrative simplification provisions of the Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder (“HIPAA”), as well as other laws relating to the maintenance of privacy, security and confidentiality of patient and other health information (collectively, “Applicable Laws”);

      (iii) taking such actions required to preserve and protect the confidentiality of Customer Data, including by maintaining the security of the Customer Equipment, Services, System, and login credentials by ensuring that no person who is not an authorized user is allowed access to the Services or the System, and by implementing and maintaining appropriate administrative, physical and technical safeguards to protect any Customer Data from any unauthorized or prohibited access, disclosure, use or loss, in each case as may be required to comply with all Applicable Laws;

      (iv) ensuring that all Users use the Services and the System in accordance with these TOU; and

      (v) obtaining and maintaining all necessary consents, authorizations or releases from individuals required for transmitting through the Services, or otherwise making available on the System, any Customer Data.

      To the extent Customer is a business associate of Firmalab, as that term is defined under HIPAA, Customer has or will prior to any use of the Services enter into with Firmalab a Business Associate Agreement with respect to any transmitted data, the use of which is or may be governed by HIPAA or other similar Applicable Laws. Customer represents, warrants and covenants that it or the responsible entity has obtained all necessary patient consents under such Applicable Laws for use of the applicable transmitted data as contemplated under these TOU. Customer hereby agrees to indemnify and hold harmless Firmalab and its affiliates, directors, officers, agents and representatives against any Losses in connection with any claim or action that arises from an alleged violation of the foregoing representation, warranty and covenant.

      Customer hereby acknowledges that in granting use of the Services to Customer, Firmalab is relying and will rely on the assurances of Customer as to the identity and credentials of any Users, as well as the purpose for which, and the nature and extent of the information to which, they will have access to the Services. Customer understands that, while the Services will contain certain technical safeguards against unauthorized use, Firmalab is relying to a substantial extent on the representations and undertakings of Customer under these TOU, including representations and undertakings concerning misuse or unauthorized use of the Services.

      Customer will as soon as practicable notify Firmalab of any breach or suspected breach of the security of the Service or the System of which Customer becomes aware, or any unauthorized use or disclosure of any Customer Data, and Customer will take such action to mitigate the breach or suspected breach or unauthorized use or disclosure as Firmalab may direct, and will cooperate with Firmalab in investigating and mitigating any such breach or suspected breach. Customer acknowledges and agrees that any information in or transmitted through the Services under these TOU are not intended to be a substitute for professional medical advice, diagnosis or treatment, and Customer hereby represents and warrants that it will not represent or make any statement that any data management or technology or service received from Firmalab under these TOU, including but not limited to the Services, are or can be used as a substitute to professional medical advice, diagnosis or treatment.

    4. Firmalab employs physical and logical safeguards, consistent with industry best practices, to maintain the security and confidentiality of Customer Data and to protect that information from known or anticipated hazards to its security and integrity, accidental loss, disclosure, and all other unlawful forms of processing of the Customer Data in Firmalab’s control, in accordance with Firmalab’s information and security policies.
    5. Firmalab’s information systems are programmed to perform routine data backups of Customer Data on a segregated backup server or media. Customer Data is backed-up at least daily and sent to secure off-site storage on segregated backup servers for disaster recovery. Firmalab shall use commercially reasonable efforts to continue to provide the Services to Customer in the event of a disaster within Firmalab. Firmalab maintains an up-to-date disaster recovery plan and ensures that its staff are adequately trained to execute the plan in the event of a disaster. In the event of any loss, destruction, damage, or corruption of Customer Data caused by Firmalab’s System or Services, Firmalab will, as its sole obligation and liability and as Customer’s sole remedy, use commercially reasonable efforts to promptly restore the Customer Data from Firmalab’s then most current backup of such Customer Data in accordance with Firmalab’s then most current backup and recovery policy.
    6. Firmalab shall notify Customer within twenty-four (24) hours of learning of the occurrence of a breach or attempted breach of security (physical or otherwise) or access to data, in circumstances where Customer information has been or may have been compromised. Upon request, Firmalab will promptly provide Customer with all information and documentation available in connection with such event.
  3. SUSPENSION
    • Molecular’s Right to Suspend Service: Molecular may temporarily suspend access to the Services for the following reasons:
      1. Threat or attack on Molecular’s intellectual property.
      2. Disruption or security risk due to a user’s actions.
      3. Fraudulent or illegal use of Molecular’s intellectual property.
      4. Customer’s business ceases or undergoes bankruptcy or similar proceedings.
      5. Provision of Services is prohibited by law.
      6. Suspension of third-party services impacting the access to Molecular’s services.
    • Notice and Efforts to Resume Services: Molecular will attempt to notify customers and provide updates during a suspension, resuming access as soon as possible.
    • No Liability: Molecular is not liable for damages resulting from any service suspension.
  4. CONFIDENTIALITY; PRIVACY POLICY; PROPRIETARY RIGHTS; OWNERSHIP AND USE OF DE-IDENTIFIED INFORMATION
    1. Confidentiality:
      • Both parties must protect and not use each other’s proprietary information (like business, technical, or financial info) except in performing the agreed services. Exceptions include publicly available information, prior knowledge, third-party disclosures, or legal requirements.
    2. Ownership: 
      • Customer owns all Customer Data. Molecular retains ownership of the Services and all related intellectual property rights.
    3. Use of Data:
      • Molecular can collect and use data to improve services, enhance the system, or for other development purposes, including sharing de-identified or aggregated data. If Customer provides feedback, it becomes Molecular’s intellectual property.
    4. Privacy Policy:
      • Molecular complies with its Privacy Policy regarding data collection and usage. Customer’s use of the Services indicates acceptance of this policy.
  5. TERM AND TERMINATION
    1. Term:
      • The TOU start on the effective date and continue until terminated.
    2. Termination for Non-Compliance:
      • Molecular can terminate the TOU if the Customer fails to comply. Upon termination, Molecular will make Customer Data available for retrieval for 90 days.
    3. Termination by Molecular:
      • Molecular can terminate or modify the TOU immediately if required by law or if Customer discontinues business or becomes insolvent.
  6. WARRANTY AND DISCLAIMER
    • Molecular warrants reasonable care in providing services, but it doesn’t guarantee uninterrupted or error-free services. Services are provided “as is,” and Molecular disclaims other warranties, including fitness for a particular purpose.
    • Molecular is not liable for interruptions caused by external factors like disasters, epidemics, or civil disturbances.
  7. INDEMNITY
    1. IP Claims:
      • Molecular will defend and settle third-party IP claims against the Customer. However, Molecular won’t be liable for claims related to Customer Data or third-party modifications to the services.
    2. Indemnification Process:
      • Both parties must promptly notify and cooperate in defending claims. Molecular will bear the defense costs unless a settlement restricts Customer’s rights.
  8. LIMITATION OF LIABILITY
    • Molecular isn’t liable for indirect, consequential, or special damages, or for unauthorized access, alteration, or loss of Customer Data. The Customer is responsible for securing their data.
  9. EXPORT REGULATION
    • The Services are subject to US export control laws, and the Customer must comply with them when exporting or making the services available outside the US.
  10. MISCELLANEOUS
    • If any part of the TOU is unenforceable, it will be adjusted to remain valid. Molecular can assign the TOU in connection with a merger or similar event. These TOU represent the full understanding between the parties.
  11. DISPUTES
    • Disputes arising from the TOU will be settled by arbitration in Vancouver, Washington, under the rules of the American Arbitration Association. Both parties must abide by the decision, which is confidential.