MHEALTHAZ APIs Terms of Use

 

Thank you for developing with MHEALTHAZ!

By accessing or using MHEALTHAZ APIs, including within a software application, website, tool, service, or product you create or offer to Customers (your "Application"), you are agreeing to these terms and to comply with any accompanying documentation that applies to your use of the MHEALTHAZ APIs ("API Terms") with MHEALTHAZ Corporation ("MHEALTHAZ", "we", "us", or "our"). You represent and warrant to us that you have the authority to accept these API Terms on behalf of yourself, a company, and/or other entity, as applicable. We may change, amend or terminate these API Terms at any time. Your use of the MHEALTHAZ APIs after any change or amendment means you agree to the new API Terms. If you do not agree to the new API Terms or if we terminate these API Terms, you must stop using the MHEALTHAZ APIs.

1. Defined Terms

a) "Customer(s)" means the licensee of a MHEALTHAZ online service ("MHEALTHAZ Offering") and if the licensee is an organization, includes their administrators and end users.

b) "MHEALTHAZ APIs" means (i) any form of machine accessible application programming interface that MHEALTHAZ makes available which provides access to a MHEALTHAZ Offering, including all associated tools, elements, components and executables therein, (ii) any MHEALTHAZ sample code that enables interactions with a MHEALTHAZ Offering, and (iii) documentation that MHEALTHAZ makes available to help enable your access to the MHEALTHAZ APIs.

c) "MHEALTHAZ email protocols and APIs" may include and means any online APIs in the MHEALTHAZ APIs, individually or in any combination, when used to provide access to a MHEALTHAZ Offering.

d) The MHEALTHAZ APIs include:

1.    the MHEALTHAZ FHIR API (documented, for example, at https://docs.mhealthaz.com/MHEALTHAZFHIR.html);

2.    any other MHEALTHAZ APIs that enable access to data in MEDAZ, MAIAPP or MHEALTHAZ;

2. Scope and Application Registration

a) These API Terms govern your use of MHEALTHAZ APIs except:

1.    if you have entered into another agreement with MHEALTHAZ that expressly supersedes these API Terms and governs your use of specific MHEALTHAZ APIs, or

2.    for any APIs other than the APIs listed in section 1.d) of these terms, if you access APIs that present accompanying terms ("Accompanying Terms") and you have accepted those Accompanying Terms, then those Accompanying Terms will apply to your access of those APIs.

b) Registration for your Application may be required pursuant to documentation. If registration is required, you must register your Application with MHEALTHAZ. Your registration must be accurate and kept up-to-date by you at all times. Once you have successfully registered an Application, you will be given access credentials for your Application. "Access Credentials" means the necessary security keys, secrets, tokens, and other credentials to access the MHEALTHAZ APIs. The Access Credentials enable us to associate your Application with your use of the MHEALTHAZ APIs. All activities that occur using your Access Credentials are your responsibility. Access Credentials are non-transferable and non-assignable. Keep them secret. Do not try to circumvent them.

3. MHEALTHAZ APIs License and Guidelines

a) MHEALTHAZ APIs License Subject to your compliance with all of the API Terms, MHEALTHAZ grants you a limited, non-exclusive, non-assignable, non-transferable, revocable license to use the MHEALTHAZ APIs to develop, test, and support your Application, and allow Customers to use your integration of the MHEALTHAZ APIs within your Application. You may use the MHEALTHAZ APIs only as expressly permitted in these API Terms. Violation of these API Terms may result in the suspension or termination of your use of the MHEALTHAZ APIs.

b) MHEALTHAZ APIs Guidelines

You may NOT:

1.    Use the MHEALTHAZ APIs in a way that could impair, harm or damage MHEALTHAZ, the MHEALTHAZ APIs, any MHEALTHAZ Offering, or anyone's use of the MHEALTHAZ APIs or any MHEALTHAZ Offerings;

2.    Use the MHEALTHAZ APIs to disrupt, interfere with, or attempt to gain unauthorized access to services, servers, devices, or networks connected to or which can be accessed via the MHEALTHAZ APIs;

3.    Use the MHEALTHAZ APIs, or any information accessed or obtained using the MHEALTHAZ APIs, for the purpose of migrating Customers away from a MHEALTHAZ Offering, except in connection with use of the MHEALTHAZ APIs by your Application or unless expressly permitted by MHEALTHAZ pursuant to a duly executed written agreement;

4.    Scrape, build databases or otherwise create copies of any data accessed or obtained using the MHEALTHAZ APIs, except as necessary to enable an intended usage scenario for your Application;

5.    Request from the MHEALTHAZ APIs more than the minimum amount of data, or more than the minimum permissions to the types of data, that your Application needs for Customers to use the intended functionality of your Application;

6.    Use an unreasonable amount of bandwidth, or adversely impact the stability of the MHEALTHAZ APIs or the behavior of other apps using the MHEALTHAZ APIs;

7.    Attempt to circumvent the limitations MHEALTHAZ sets on your use of the MHEALTHAZ APIs. MHEALTHAZ sets and enforces limits on your use of the MHEALTHAZ APIs (e.g., limiting the number of API requests that you may make or the number of users you may serve), in its sole discretion;

8.    Use MHEALTHAZ APIs in any manner that works around any technical limitations of the MHEALTHAZ APIs or of the accessed MHEALTHAZ Offering, or reverse engineer, decompile or disassemble the MHEALTHAZ APIs, except and only to the extent that applicable law expressly permits, despite this limitation;

9.    Use the MHEALTHAZ APIs, or any data obtained using the MHEALTHAZ APIs, to conduct performance testing of a MHEALTHAZ Offering unless expressly permitted by MHEALTHAZ pursuant to a duly executed written agreement;

10. Use the MHEALTHAZ APIs, or any data obtained using the MHEALTHAZ APIs, to identify, exploit or publicly disclose any potential security vulnerabilities;

11. Request, use or make available any data obtained using the MHEALTHAZ APIs outside any permissions expressly granted by Customers in connection with using your Application;

12. Use or transfer any data accessed or obtained using the MHEALTHAZ APIs, including any data aggregated, anonymized or derived from that data (collectively the "MHEALTHAZ APIs Data") for advertising or marketing purposes including (i) targeting ads, or (ii) serving ads. For purposes of clarity, this prohibition on using MHEALTHAZ APIs Data for advertising or marketing purposes does not extend to using other data, such as (i) the number of users of your Application, (ii) a user identifier you independently receive from a user (e.g., an email address you receive when a user enrolls to use your Application, a device identifier, or an advertising identifier), or (iii) a product or service identifier that identifies a MHEALTHAZ Offering;

13. Make your Application available for use in a manner that circumvents the need for users to obtain a valid license to the MHEALTHAZ application or service that is accessed through the MHEALTHAZ APIs;

14. Redistribute or resell, or sublicense access to, the MHEALTHAZ APIs, any data obtained using the MHEALTHAZ APIs, or any other MHEALTHAZ Offering accessed through the MHEALTHAZ APIs; or

15. Misrepresent expressly, by omission, or implication, the need for users to obtain a valid license to the MHEALTHAZ application or service that is accessed through the MHEALTHAZ APIs;

16. Falsify or alter any unique referral identifier in, or assigned to an Application, or otherwise obscure or alter the source of queries coming from an Application to hide a violation of this agreement; or

17. Use the MHEALTHAZ APIs or allow any user to use the Application in a way that violates applicable law, including:

1.    Illegal activities, such as child pornography, gambling, piracy, violating copyright, trademark or other intellectual property laws.

2.    Intending to exploit minors in any way.

3.    Accessing or authorizing anyone to access the MHEALTHAZ APIs from an embargoed country as prohibited by the U.S. government.

4.    Threatening, stalking, defaming, defrauding, degrading, victimizing or intimidating anyone for any reason.

5.    Violating applicable privacy laws and regulations.

18. Use the MHEALTHAZ APIs in a way that could create, in MHEALTHAZ's sole discretion and judgment, an unreasonable risk to Customers from a security or privacy perspective.

c) Accessing the Exchange and Outlook Services through MHEALTHAZ protocols and APIs

Unless you have use permissions expressly and specifically granted by Customers in connection with using your Application, you may not use MHEALTHAZ APIs for any purpose other than:

1.    syncing email messages, calendar events, and contacts, or

2.    backing up email messages, calendar events, and contacts.

3.    Accessing data to which you have patient consent and the patient has not opted out.

4. Security

You warrant that your Application has been developed to operate with MHEALTHAZ API content in a secure manner. Your network, operating system and the software of your servers, databases, and computer systems (collectively, "Systems") must be properly configured to securely operate your Application and store content collected through your Application (including the MHEALTHAZ API content). Your Application must use reasonable security measures to protect the private data of your users.

We may use technology to detect, prevent or limit the impact of any issues caused by your Application (before, after, or instead of suspension of your access). This may include, for example, (i) filtering to stop spam, (ii) performing security or privacy monitoring regarding scraping, denial of service attacks, user impersonation, application impersonation, or illicit consent grant(s), or (iii) limiting or terminating your access to the MHEALTHAZ APIs.

You will permit MHEALTHAZ reasonable access to your Application for purposes of monitoring compliance with these API Terms. You will respond to any questions by MHEALTHAZ about your compliance with these API Terms.

Without limiting the foregoing, upon request by MHEALTHAZ, you will provide us (or an independent auditor acting on our behalf) with up to two full-feature client account-level instances to access your Application (and/or other materials relating to your use of the API) as reasonably requested by us to verify your compliance with these API Terms (including, in particular, your security and privacy obligations under these API Terms).

We may restrict or terminate access to the APIs or perform an audit (including by hiring an independent auditor acting on our behalf) of your Application if you fail to provide adequate information and materials (including up to two full-featured instances of your Application) to verify your compliance with these Terms.

You must have a process to respond to any vulnerabilities in your Application, and in the case of any vulnerabilities related to your Application's connection to the MHEALTHAZ APIs discovered by you or reported to you by a third party, you agree that you will provide vulnerability details to the MHEALTHAZ Security Response Center (secure@MHEALTHAZ.com).

In the event of a data breach by you resulting from any aspect of the MHEALTHAZ APIs involving your Application or any data collected through your Application, you will promptly contact the MHEALTHAZ Security Response Center (secure@MHEALTHAZ.com) and provide details of the data breach. You agree to refrain from making public statements (e.g., press, blogs, social media, bulletin boards, etc.) without prior written and express permission from MHEALTHAZ in each instance as it relates to the MHEALTHAZ APIs.

The rights and requirements of this section -- 4. Security -- will survive for five (5) years following any termination of these API Terms.

5. Your Compliance with Applicable Privacy and Data Protection Laws

You must comply with all laws and regulations applicable to your use of the data accessed through the MHEALTHAZ APIs, including without limitation laws related to privacy, biometric data, data protection and confidentiality of communications. Your use of the MHEALTHAZ APIs is conditioned upon implementing and maintaining appropriate protections and measures for your service and Application, and that includes your responsibility to the data obtained through the use of the MHEALTHAZ APIs. For the data you obtained through the MHEALTHAZ APIs, you must:

a) obtain all necessary consents before processing data and obtain additional consent if the processing changes ("Data Access Consents"),

b) In the event you're storing data locally, ensure that data is kept up to date and implement corrections, restrictions to data, or the deletion of data as reflected in the data obtained through your use of the MHEALTHAZ APIs,

c) implement proper retention and deletion policies, including deleting all data when your user abandons your Application, uninstalls your Application, closes its account with you, or abandons the account,

d) maintain and comply with a written statement available to Customers and users that describes your privacy practices regarding data and information you collect and use ("Your Privacy Statement"), and that statement must be as protective as the MHEALTHAZ Privacy Statement, and

e) When your Application allows end users to sign in with a MHEALTHAZ account and MHEALTHAZ is not providing the user interface for the sign in, your Privacy Statement must provide a link to the MHEALTHAZ account or such other location(s) as we may specify from time to time, with a clear indication that Customers and end users can go to the MHEALTHAZ site(s) to revoke Data Access Consents at any time. If Customers or end users must take additional steps to disable your Application's access to Customer or end user data, then Your Privacy Statement must clearly indicate to Customers and end users the additional steps required to disable access.

Nothing in the Agreement shall be construed as creating a joint controller or processor-sub processor relationship between you and MHEALTHAZ.

6. Changes to the MHEALTHAZ APIs and API Terms

WE MAY CHANGE OR DISCONTINUE THE AVAILABILITY OF SOME OR ALL OF THE MHEALTHAZ APIs AT ANY TIME FOR ANY REASON WITH OR WITHOUT NOTICE. Such changes may include, without limitation, removing or limiting access to specific API(s), requiring fees or setting and enforcing limits on your use of additions to the MHEALTHAZ APIs. We may also impose limits on certain features and services or restrict your access to some or all of the MHEALTHAZ APIs. We may release subsequent versions of the MHEALTHAZ APIs and require that you use those subsequent versions, at your sole cost and expense.

Any version of the MHEALTHAZ APIs designated as "preview", "pre-release" or "beta" ("Preview API"), may not work in the same way as a final version. We may change or not release a final or commercial version of a Preview API in our sole discretion.

WE MAY MODIFY THESE API TERMS AT ANY TIME, WITH OR WITHOUT PRIOR NOTICE TO YOU. YOUR CONTINUED USE OF THE MHEALTHAZ APIs FOLLOWING THE RELEASE OF A SUBSEQUENT VERSION OF THESE API TERMS WILL BE DEEMED YOUR ACCEPTANCE OF ANY MODIFICATIONS TO THESE API TERMS.

7. Feedback

If you give feedback about the MHEALTHAZ APIs to MHEALTHAZ, you give to MHEALTHAZ, without charge, the right to use, share and commercialize your feedback in any way and for any purpose. You will not give feedback that is subject to a license that requires MHEALTHAZ to license its software or documentation to third parties because MHEALTHAZ includes your feedback in them. These rights survive these API Terms.

8. Confidentiality

You may be given access to certain non-public information, software, and specifications relating to the MHEALTHAZ APIs ("Confidential Information"), which is confidential and proprietary to MHEALTHAZ. You may use Confidential Information only as necessary in exercising your rights granted under these API Terms. You may not disclose any Confidential Information to any third party without MHEALTHAZ's prior written consent. You agree that you will protect any Confidential Information from unauthorized use, access, or disclosure in the same manner that you would use to protect your own confidential and proprietary information.

9. Disclaimer of Warranties, Limitation of Liability and Indemnity

a) Disclaimer of Warranties

WE MAKE NO WARRANTIES, EXPRESS OR IMPLIED, GUARANTEES OR CONDITIONS WITH RESPECT TO YOUR USE OF THE MHEALTHAZ APIs. YOU UNDERSTAND THAT USE OF THE MHEALTHAZ APIs IS AT YOUR OWN RISK AND THAT WE PROVIDE THE MHEALTHAZ APIs ON AN "AS IS" BASIS "WITH ALL FAULTS" AND "AS AVAILABLE" TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAW, WE EXCLUDE ANY IMPLIED WARRANTIES, INCLUDING FOR MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, WORKMANLIKE EFFORT, AND NON-INFRINGEMENT. YOU MAY HAVE CERTAIN RIGHTS UNDER YOUR LOCAL LAW. NOTHING IN THESE API TERMS ARE INTENDED TO AFFECT THOSE RIGHTS, IF THEY ARE APPLICABLE. WE DO NOT GUARANTEE THE MHEALTHAZ APIs WILL FUNCTION WITHOUT INTERRUPTION OR ERRORS IN FUNCTIONING. IN PARTICULAR, THE OPERATION OF THE MHEALTHAZ APIs MAY BE INTERRUPTED DUE TO MAINTENANCE, UPDATES, OR SYSTEM OR NETWORK FAILURES. WE DISCLAIM ALL LIABILITY FOR DAMAGES CAUSED BY ANY SUCH INTERRUPTION, ERRORS IN FUNCTIONING, OR THAT DATA LOSS WILL NOT OCCUR.

b) Limitation of Liability

IF YOU HAVE ANY BASIS FOR RECOVERING DAMAGES (INCLUDING BREACH OF THESE API TERMS), YOU AGREE THAT YOUR EXCLUSIVE REMEDY IS TO RECOVER, FROM MHEALTHAZ OR ANY AFFILIATES, RESELLERS, DISTRIBUTORS, SUPPLIERS (AND RESPECTIVE EMPLOYEES, SHAREHOLDERS, OR DIRECTORS) AND VENDORS, ONLY DIRECT DAMAGES UP TO USD $5.00 COLLECTIVELY. YOU CAN'T RECOVER ANY OTHER DAMAGES OR LOSSES, INCLUDING, WITHOUT LIMITATION, DIRECT, CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT, INCIDENTAL, OR PUNITIVE. These limitations and exclusions apply even if this remedy doesn't fully compensate you for any losses or fails of its essential purpose or if we knew or should have known about the possibility of the damages. To the maximum extent permitted by law, these limitations and exclusions apply to any claims related to these API Terms or your use of the MHEALTHAZ APIs.

c) Indemnification

You will defend, hold harmless, and indemnify MHEALTHAZ from any claim or action brought by a third party, including all damages, liabilities, costs and expenses, and reasonable attorney fees, to the extent resulting from, alleged to have resulted from, or in connection with your breach of the obligations herein or infringement of MHEALTHAZ's or third party's intellectual property.

d) No Injunctive Relief

In no event shall you seek or be entitled to rescission, injunctive or other equitable relief, or to enjoin or restrain the operation of the MHEALTHAZ APIs, content or other material used or displayed through the current MHEALTHAZ website or successor site.

e) No Third-Party Beneficiaries

There are no third-party beneficiaries to this Agreement.

10. Termination

a) We may suspend or immediately terminate these API Terms, any rights granted herein, and/or your license to the MHEALTHAZ APIs, in our sole discretion at any time, for any reason. You may terminate these API Terms at any time by ceasing your access to the MHEALTHAZ APIs.

b) Upon termination, all licenses granted herein immediately expire and you must cease use of the MHEALTHAZ APIs. You must also comply with Customer's instruction to return or delete any data accessed or obtained through the MHEALTHAZ APIs, unless expressly permitted by MHEALTHAZ or prohibited by law. Neither party will be liable to the other for any damages resulting solely from termination of these API Terms.

11. General Terms

a) Applicable Law

1.    United States. If you reside in the United States, Delaware state law governs the interpretation of these API Terms and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort.

2.    Outside the United States. If you reside in any other country, the laws of that country apply.

b) Support. Because the MHEALTHAZ APIs are provided "as is," we may not provide support services for them. You are solely responsible for the quality of your Application and providing support for your Application.

c) Assignment and Delegation. You may not assign or delegate any rights or obligations under these API Terms, including in connection with a change of control. Any purported assignment and delegation shall be ineffective. We may freely assign or delegate all rights and obligations under these API Terms, fully or partially without notice to you.

d) Reservation of Rights. All rights not expressly granted herein are reserved by MHEALTHAZ. You acknowledge that all intellectual property rights within the MHEALTHAZ APIs remain the property of MHEALTHAZ and nothing within these API Terms will act to transfer any of these intellectual property rights to you.

e) MHEALTHAZ and you are independent contractors. Nothing in this Agreement shall be construed as creating an employer-employee relationship, processor-subprocessor relationship, a partnership, or a joint venture between the parties.

f) No Waiver. Either party's failure to act with respect to a breach of these API Terms does not waive either party's right to act with respect to that breach or subsequent similar or other breaches.

g) Survival. Sections of these API Terms that, by their terms, require performance after the termination or expiration of these API Terms will survive, such as, for example, the rights and requirements of section 4. Security.

h) Modifications. We may modify these API Terms at any time with or without individual notice to you. Any modifications will be effective upon your continued use of the MHEALTHAZ APIs.

iEntire Agreement. These API Terms and any documents incorporated into these API Terms by reference, constitute the entire agreement between you and us regarding the MHEALTHAZ APIs and supersede all prior agreements and understandings, whether written or oral, or whether established by custom, practice, policy or precedent, with respect to the subject matter of these API Terms. If any provision of these API Terms is found to be illegal, void, or unenforceable, the unenforceable provision will be modified so as to render it enforceable to the maximum extent possible.