2.1. Customer will not, directly or indirectly: reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms relevant to the Services or any software, documentation or data related to the Services (“Software”); modify, translate, or create derivative works based on the Services or any Software (except to the extent expressly permitted by Company or authorized within the Services); use the Services or any Software for timesharing or service bureau purposes or otherwise for the benefit of a third; or remove any proprietary notices or labels.

2.2. Further, Customer may not remove or export from the United States or allow the export or re-export of the Services, Software or anything related thereto, or any direct product thereof in violation of any restrictions, laws or regulations of the United States Department of Commerce, the United States Department of Treasury Office of Foreign Assets Control, or any other United States or foreign agency or authority. As defined in FAR section 2.101, the Software and documentation are “commercial items” and according to DFAR section 252.227-7014(a)(1) and (5) are deemed to be “commercial computer software” and “commercial computer software documentation.” Consistent with DFAR section 227.7202 and FAR section 12.212, any use modification, reproduction, release, performance, display, or disclosure of such commercial software or commercial software documentation by the U.S. Government will be governed solely by the terms of this Agreement and will be prohibited except to the extent expressly permitted by the terms of this Agreement.

2.3. Customer represents, covenants, and warrants that Customer will use the Services only in compliance with Company’s standard published policies then in effect in the Terms of Services (the “Terms of Service”) and all applicable laws and regulations. Customer hereby agrees to indemnify and hold harmless Company against any damages, losses, liabilities, settlements and expenses (including without limitation costs and attorneys’ fees) in connection with any claim or action that arises from an alleged violation of the foregoing or otherwise from Customer’s use of Services. Although Company has no obligation to monitor Customer’s use of the Services, Company may do so and may prohibit any use of the Services it believes may be (or alleged to be) in violation of the foregoing.

2.4. Customer shall be responsible for obtaining and maintaining any equipment and ancillary services needed to connect to, access or otherwise use the Services, including, without limitation, modems, hardware, servers, software, operating systems, networking, web servers and the like (collectively, “Equipment”). Customer shall also be responsible for maintaining the security of the Equipment, Customer account, passwords (including but not limited to administrative and user passwords) and files, and for all uses of Customer account or the Equipment with or without Customer’s knowledge or consent.

2.5. Customer shall be solely responsible for any content used to communicate with patients. Collectly, Inc. does not moderate any content and uses the content (so called "Templates") composed by a Customer "as-is". Customer is aware of the fact that any content or how this content is used for communicating with patients should not break federal or local laws and/or used for harassing patients. Although Company provides a way for HIPAA and TCPA compliant messaging, Customer still shall be solely responsible for collecting all necessary consents from patients as per FCC, FTC regulations (including, but not limited to TCPA, ECPA, FDCPA) and other laws. Customer is responsible for setting up automated actions (so called "Rules") in a compliant way as per all federal and local laws. Customer is aware it has full control not only over the content of the messages, but also how, and when messages will be sent out to patients. Hence Customer understands Company is only a technological vendor, but not an initiator/maker of calls, texts, emails or push notifications.

2.6. Customer has the right to use Company's products to send URL links to medical statements electronically in a HIPAA-compliant and TCPA-compliant way, however Company does not allow to use its products for first-party or third-party debt collection services. Customer may not use the word “Collectly” or anyhow mention Collectly, Inc. or any of its products or brands in its communication language with patients.

2.7. Customer shall undertake full responsibility to ensure, prior to entering into any agreement for the procurement of the Company’s services or products, that the acquisition and use of any interface or connector designed to facilitate the data exchange between the Company’s product and third-party products utilized by the Customer do not contravene any existing licensing agreements, terms of service, or other contractual arrangements between the Customer and the respective third parties. By executing an agreement for the Company’s services and products, the Customer expressly acknowledges and accepts these terms, and thereby assumes complete liability for any damages arising from the use of the purchased interface or connector in the event that the Company was not duly notified of any potential conflicts prior to the Customer’s subscription to the Company’s services and products.

2.8. Company reserves the right to utilize the Customer's logo and/or name in its marketing and promotional materials. Furthermore, the Customer consents to the Company using their aggregated and anonymized data in its reporting and marketing materials, and also commits to participating in the Company's annual case study.

2.9. The Company reserves the right to change, update, or modify these Terms at any time in its sole discretion. Notice of any such changes will be provided through written or electronic communication. By continuing to use the application, the Customer agrees to be bound by all future amendments to these Terms.

2.10. Information Supplied "As Is": The information provided to the Customer by the patients, or their official representatives, who utilize Collectly's products and services (hereinafter referred to as "the Patients"), including but not limited to, medical forms, demographic, and insurance information, etc., is supplied on an "as is" basis. In the event that the Customer identifies any of this information as incorrect, in whole or in part, the Customer shall not hold the Company liable for such inaccuracies.

3.1. Each party (the “Receiving Party”) understands that the other party (the “Disclosing Party”) has disclosed or may disclose business, technical or financial information relating to the Disclosing Party’s business (hereinafter referred to as “Proprietary Information” of the Disclosing Party). Proprietary Information of Company includes non-public information regarding features, functionality and performance of the Service. Proprietary Information of Customer includes non-public data provided by Customer to Company to enable the provision of the Services (“Customer Data”). The Receiving Party agrees: (i) to take reasonable precautions to protect such Proprietary Information, and (ii) not to use (except in performance of the Services or as otherwise permitted herein) or divulge to any third person any such Proprietary Information. The Disclosing Party agrees that the foregoing shall not apply with respect to any information after five (5) years following the disclosure thereof or any information that the Receiving Party can document (a) is or becomes generally available to the public, or (b) was in its possession or known by it prior to receipt from the Disclosing Party, or (c) was rightfully disclosed to it without restriction by a third party, or (d) was independently developed without use of any Proprietary Information of the Disclosing Party or (e) is required to be disclosed by law. Customer shall own all right, title and interest in and to the Customer Data, as well as any data that is based on or derived from the Customer Data and provided to Customer as part of the Services.

3.2. Company shall own and retain all right, title and interest in and to (a) the Services and Software, all improvements, enhancements or modifications thereto, (b) any software, applications, inventions or other technology developed in connection with Implementation Services or support, and (c) all intellectual property rights related to any of the foregoing.

3.3. Notwithstanding anything to the contrary, Company shall have the right collect and analyze data and other information relating to the provision, use and performance of various aspects of the Services and related systems and technologies (including, without limitation, information concerning Customer Data and data derived therefrom), and Company will be free (during and after the term hereof) to (i) use such information and data to improve and enhance the Services and for other development, diagnostic and corrective purposes in connection with the Services and other Company offerings, and (ii) disclose such data solely in aggregate or other de-identified form in connection with its business. No rights or licenses are granted except as expressly set forth herein.

4.1. Customer will pay Company the then applicable fees described in the Order Form for the Services and Implementation Services in accordance with the terms therein (the “Fees”). If Customer’s use of the Services exceeds the Service Capacity set forth on the Order Form or otherwise requires the payment of additional fees (per the terms of this Agreement), Customer shall be billed for such usage and Customer agrees to pay the additional fees in the manner provided herein. If Customer believes that Company has billed Customer incorrectly, Customer must contact Company no later than sixty (60) days after the closing date on the first billing statement in which the error or problem appeared, in order to receive an adjustment or credit. Inquiries should be directed to Company’s customer support department. Company requires to keep a credit card or an ACH Debit payment methods on file.

4.2. ACH Debit and Stored Card on File are the default payment methods for billing used by the Company. Customer agrees the Company will automatically debit Customer's bank account through ACH Debit or Stored Card on File. Сompany may also choose to bill through stored ACH account (the "Connected Account"), in which case, the Company will automatically charge the Connected Account in Collectly for the full amount of outstanding invoice.

4.3. Company may choose to bill through an invoice, in which case, full payment for invoices issued in any given month must be received by Company seven (7) days after the e-mailing date of the invoice. Unpaid amounts are subject to a finance charge of 1.5% per month on any outstanding balance, or the maximum permitted by law, whichever is lower, plus all expenses of collection and may result in immediate termination of Service. Customer shall be responsible for all taxes associated with Services other than U.S. taxes based on Company’s net income.

4.4. In case a Customer cancels the contract unilaterally, on top of all other fees and the expected revenue itself a Customer is responsible to cover all costs Collectly spent on feature requests initiated and developed specifically for this Customers based on a rate of $250 per engineering hour.

4.5. Company has the right to increase the Collectly fees up to two (2) times a year with a thirty (30) days prior notice by the rate equal to the official inflation rate reported by the U.S. Bureau of Labor Statistics.

4.6. Rate Modifications: Notwithstanding anything to the contrary in the Order Form, Company may, in its sole discretion, during the Initial Service Term, increase or decrease the rates for any of the unit fees (so-called “Pass-Through Fees”) set forth in the Order Form upon fourteen (14) days prior written or electronic notice to Customer via email or inside Collectly products.

5.1. Subject to earlier termination as provided below, this Agreement is for the Initial Service Term as specified in the Order Form, and shall be automatically renewed for additional periods of the same duration as the Initial Service Term (collectively, the “Term”), unless either party requests termination at least one hundred and twenty (120) days prior to the end of the then-current term.

5.2. In addition to any other remedies it may have, either party may also terminate this Agreement upon one hundred and twenty (120) days’ notice (or without notice in the case of nonpayment), if the other party materially breaches any of the terms or conditions of this Agreement. Customer will pay in full for the Services up to and including the last day on which the Services are provided. All sections of this Agreement which by their nature should survive termination will survive termination, including, without limitation, accrued rights to payment, confidentiality obligations, warranty disclaimers, and limitations of liability.

5.3. If Customer decides to change their EHR/PM/Billing system (the “EHR”) within the terms of the Agreement, Company has the right to build the connection with the new EHR before the end of Agreement. In turn, Customer is responsible for providing all possible help to Company, such as but not limited to: providing APIs, direct connection to the database, credentials, and facilitating the relationship between their new EHR vendor and the Company. If Company decides not to build a connection with the new EHR the agreement may be terminated within 30 days after the Customer pays out a penalty equal to the projected revenue the Company was expected to make until the end of the term of the original Agreement and winding down the interface connection of the initial EHR.

5.4. If the Customer ceases to use Collectly's products within the duration of Initial Service Term, or if the Customer's order volume (determined by the number of patients to be engaged) falls below 75% of their net new order volume from the most recent three months, the Company reserves the right to either proportionally raise its prices with a 14-day written notice or charge a penalty fee. This penalty fee can be up to 100% of the anticipated uncollected revenue for the remaining duration of the Initial Service Term, serving as compensation for potential lost revenue.

5.5. In case Customer terminates the agreement and continues to receive payments through Service, the Company has the right to keep charging the Customer the initial rate of the Agreement until the Customer stops receiving payments or engaging patients.

Company shall use reasonable efforts consistent with prevailing industry standards to maintain the Services in a manner which minimizes errors and interruptions in the Services and shall perform the Implementation Services in a professional and workmanlike manner. Services may be temporarily unavailable for scheduled maintenance or for unscheduled emergency maintenance, either by Company or by third-party providers, or because of other causes beyond Company’s reasonable control, but Company shall use reasonable efforts to provide advance notice in writing or by e-mail of any scheduled service disruption. HOWEVER, COMPANY DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR FREE; NOR DOES IT MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM USE OF THE SERVICES. EXCEPT AS EXPRESSLY SET FORTH IN THIS SECTION, THE SERVICES AND IMPLEMENTATION SERVICES ARE PROVIDED “AS IS” AND COMPANY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.

NOTWITHSTANDING ANYTHING TO THE CONTRARY, EXCEPT FOR BODILY INJURY OF A PERSON, COMPANY AND ITS SUPPLIERS (INCLUDING BUT NOT LIMITED TO ALL EQUIPMENT AND TECHNOLOGY SUPPLIERS), OFFICERS, AFFILIATES, REPRESENTATIVES, CONTRACTORS AND EMPLOYEES SHALL NOT BE RESPONSIBLE OR LIABLE WITH RESPECT TO ANY SUBJECT MATTER OF THIS AGREEMENT OR TERMS AND CONDITIONS RELATED THERETO UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY: (A) FOR ERROR OR INTERRUPTION OF USE OR FOR LOSS OR INACCURACY OR CORRUPTION OF DATA OR COST OF PROCUREMENT OF SUBSTITUTE GOODS, SERVICES OR TECHNOLOGY OR LOSS OF BUSINESS; (B) FOR ANY INDIRECT, EXEMPLARY, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES; (C) FOR ANY MATTER BEYOND COMPANY’S REASONABLE CONTROL; OR (D) FOR ANY AMOUNTS THAT, TOGETHER WITH AMOUNTS ASSOCIATED WITH ALL OTHER CLAIMS, EXCEED THE FEES PAID BY CUSTOMER TO COMPANY FOR THE SERVICES UNDER THIS AGREEMENT IN THE 12 MONTHS PRIOR TO THE ACT THAT GAVE RISE TO THE LIABILITY, IN EACH CASE, WHETHER OR NOT COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

If any provision of this Agreement is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that this Agreement will otherwise remain in full force and effect and enforceable. This Agreement is not assignable, transferable or sublicensable by Customer except with Company’s prior written consent. Company may transfer and assign any of its rights and obligations under this Agreement without consent. This Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements, communications and other understandings relating to the subject matter of this Agreement, and that all waivers and modifications must be in a writing signed by both parties, except as otherwise provided herein. No agency, partnership, joint venture, or employment is created as a result of this Agreement and Customer does not have any authority of any kind to bind Company in any respect whatsoever. In any action or proceeding to enforce rights under this Agreement, the prevailing party will be entitled to recover costs and attorneys’ fees. All notices under this Agreement will be in writing and will be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by facsimile or e-mail; the day after it is sent, if sent for next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested. This Agreement shall be governed by the laws of the State of California without regard to its conflict of laws provisions. Any action to enforce or for breach of this Agreement shall be brought exclusively in the state or federal courts located in Los Angeles County, California. The parties shall work together in good faith to issue at least one mutually agreed upon press release within 90 days of the Effective Date, and Customer otherwise agrees to reasonably cooperate with Company to serve as a reference account upon request.

a. “Breach” shall mean the acquisition, access, use or disclosure of PHI in a manner not permitted by the Privacy Rule that compromises the security or privacy of PHI as defined, and subject to the exclusions set forth, in 45 C.F.R. § 164.402.

b. “Business Associate” shall mean Collectly, Inc..

c. “Effective Date” shall mean the date Company agrees to the Terms.

d. “Electronic Protected Health Information” or “Electronic PHI” shall have the same meaning as the term “electronic protected health information” in45 C.F.R. § 160.103, limited to the information that Business Associate creates, receives, maintains, or transmits for or on behalf of Company under the Services Agreement.

e. “Privacy Rule” shall mean the federal privacy regulations, as amended from time to time, issued pursuant to HIPAA and codified at 45 C.F.R. Parts 160 and 164 (Subparts A & E).

f. “Protected Health Information” or “PHI” shall mean “protected health information,” as that term is defined in 45 C.F.R. § 160.103, limited to the information that Business Associate creates, receives, maintains, or transmits for or on behalf of Company under the Services Agreement.

g. “Security Rule” shall mean the federal security regulations, as amended from time to time, issued pursuant to HIPAA and codified at 45 C.F.R. Parts 160 and 164 (Subparts A & C).

h. “Services Agreement” shall mean any present or future agreements, either written or oral, between Company and Business Associate under which Business Associate provides services to Company which involve the access, use or disclosure of PHI.

i. “Unsecured Protected Health Information” or “Unsecured PHI” shall have the same meaning as the term “unsecured protected health information” in 45 C.F.R. §164.402.

a. Use and Disclosure. Business Associate agrees not to use or disclose Protected Health Information other than as permitted by the Services Agreement or this Addendum, or as Required by Law.

b. Appropriate Safeguards. Business Associate agrees to use reasonable and appropriate administrative, physical, and technical safeguards to prevent the use or disclosure of the Protected Health Information other than as provided for by the Services Agreement or this Addendum, consistent with the requirements of the Security Rule (with respect to Electronic PHI). To the extent Business Associate is to carry out one or more of Company's obligation(s) under the Privacy Rule, Business Associate may not use or disclose Protected Health Information in a manner that would violate the Privacy Rule if done by Company.

c. Reporting of Breaches and Impermissible Uses and Disclosures. Business Associate agrees to report to Company any: (i) Breach of Unsecured PHI in accordance with 45 C.F.R. § 164.410; and (ii) use or disclosure of PHI not provided for by this Addendum of which it becomes aware in accordance with 45C.F.R. § 164.504.

d. Reporting of Security Incidents. Business Associate agrees to report to Company any Security Incident of which it becomes aware of in accordance with 45 C.F.R. § 164.314; provided, however, continuing notice is hereby deemed provided, and no further notice will be provided, for Unsuccessful Security Incidents. For purposes of this Addendum, “Unsuccessful Security Incidents” shall include, but not be limited to, pings and other broadcast attacks on a firewall, unsuccessful login attempts, denial of service attacks, port scans, and any combination of the above, provided that no such incident results in an unauthorized access, use, or disclosure of Electronic PHI. Business Associate’s obligation to report under this Section 2(d) is not and will not be construed as an acknowledgement by Business Associate of any fault or liability with respect to any use, disclosure, or Breach.

e. Agents. Business Associate agrees to ensure that any agent, including a subcontractor to whom it provides Protected Health Information, shall agree, in writing, to restrictions and conditions at least as stringent as those that apply to Business Associate under this Addendum, including complying with the applicable Security Rule requirements with respect to Electronic PHI.

f. Company Access and Amendment. All Protected Health Information maintained by Business Associate in a Designated Record Set for Company will be available to Company, upon Company’s request, in a time and manner that reasonably allows Company to comply with the requirements under 45 C.F.R. §§164.524 and 164.526. Business Associate shall not be obligated to provide any such information directly to any Individual or person other than to Company. To the extent an Individual makes an access and/or amendment request directly to Business Associate, Business Associate shall promptly forward the request to Company.

g. Access to Books and Records. Business Associate agrees to make internal practices, books, and records available to the Secretary, in a time and manner designated by the Secretary, for purposes of the Secretary's determining Company’s or Business Associate’s compliance with the Privacy Rule; provided, however, that time incurred by Business Associate in complying with any such request to assess Company’s compliance that exceeds its normal customer service parameters shall be charged to Company at Business Associate's then-current standard hourly rate.

h. Accounting. In the event that Business Associate makes disclosures of Protected Health Information to Individuals or any person other than to Company, it shall document the disclosure as would be required for Company to respond to a request by an Individual for an accounting of disclosures in accordance with 45 C.F.R. §164.528, and shall provide such documentation to Company promptly upon request.

a. Amendment. Each party agrees to take such action as is reasonably necessary to amend this Addendum from time to time as is necessary for Company to comply with the requirements of HIPAA as they may be amended from time to time; provided, however, that if such an amendment would materially increase the cost of Business Associate providing service under this Addendum, Business Associate shall have the option to terminate this Addendum on thirty (30) days advance notice.

b. Survival. Sections 5(c), 6(b), and 6(c) shall survive the termination or expiration of this Addendum.

c. Interpretation. Any ambiguity in this Addendum shall be resolved to permit either Business Associate or Company to comply with HIPAA.

d. Independent Contractor. Business Associate and Company are and shall remain independent contractors throughout the term. Nothing in this Addendum shall be construed to constitute Business Associate and Company as partners, joint venturers, agents or anything other than independent contractors.

e. General.