Terms of Use

Last Updated on 09/03/2022

Welcome, and thank you for your interest in Collaborate (as defined below). The present Terms of Use (“Terms”) apply to all users of Collaborate that have been introduced and intended for use by you via our software solution under the name “Collaborate Health Cloud” (“CHC”), which is accessible through our website (www.collaborate247.com) (the “Website”). These Terms are a legally binding contract (the “Agreement”) between you and Collaborate and, along with any documents incorporated by reference herein, govern your access to and use of the CHC, including any information, text, links, graphics, photos, audio, videos, or other materials or arrangements of materials uploaded, downloaded or appearing on the CHC (collectively referred to as “Content”).

You indicate your acceptance of this agreement by clicking a check box or button when you download or install the CHC and each time you access the CHC thereafter. By accessing, registering and/ or using the CHC, you consent to the processing of your personal information by us, as set forth in our Privacy Notice and you agree to be bound by these Terms.

Collaborate Healthcare P.C. is a private company, having its registered seat in Peania, Greece (1st Km, Peanias Markopoulou Ave, 19002 Peania, Greece) with VAT number: EL801163488 and registration number at G.E.MI 150551009000 ("Collaborate" and/ or “we”).

Please read the following Terms carefully.

If you register for a free trial for our Services, this Agreement will also govern that free trial.

Collaborate may revise these Terms from time to time. The changes will not be retroactive and the most current version of the Terms shall be applied. Collaborate will notify you about any material revisions by posting an updated version to the Website. You should visit this page periodically to review the most current Terms. By continuing to access or use Collaborate after those revisions become effective, you agree to be bound by the revised Terms. If you have any questions about these Terms, please contact us at support@collaborate247.com.

1. Definitions

“Collaborate Health Cloud (CHC)” means the hosted and locally installed software solution, application or platform developed by Collaborate which is accessible through the Website, the App Store and the Google Play store, and provides its users with patient management related services (collectively referred to as the “CHC” and/ or “Services”)

“Premium Service” means the paid features and associated services of CHC that are provided to Physicians/ Health Service Providers under an annual Software-as-a-Service (SAAS) contract.


“User” means a Health Service Provider that has been granted access to CHC under this Agreement, or a Patient, or a Caregiver, or a Family Member or a Collaborator that has been granted access to CHC by a Health Service Provider.

  • Health Service Provider/ Physician/ Client means a licensed medical professional or a medical entity that has been granted access to the Services following the subscription and registration (primary account holder) to the CHC.
  • Patient means a person who is under a Health Service Provider’s care and who has been registered in the CHC by that Health Service Provider upon the latter’s relevant request.
  • Caregiver means the person, usually a family member or a paid helper, who systematically provides for the needs of a Health Service Provider’s Patient such as children, elderly people or people who are ill or cannot provide for their own needs, and who has been registered in the CHC by that Health Service Provider upon the latter’s relevant request.
  • Family member means the person, be it the Patient’s relative, spouse, or close friend who has been granted access to CHC by that Patient and at the direction of that Patient with the scope to be informed of that Patient’s health and or assist that Patient in the management of his/her health.
  • Collaborator means the person, be it a professional health service provider or subject matter expert that has been granted access to CHC by a Health Service Provider in order to obtain or share information for purposes of treating a Patient.
(collectively referred to as “Users” and/ or “you”)

“Authorised Users” indicates the natural persons that have been authorized by you to act on your behalf in the course of the provision of the Services to you. In particular it shall mean those users: (i) who are designated by you as “staff”/ “personnel” on the CHC and who have been granted access to the CHC by you in your exercise of reasonable discretion relating to the receipt of the Services and who are:

  • your employees; or
  • other individuals who are not, and are not affiliated with, competitors of Collaborate, and have a valid business associate agreement or other agreement with you;
and (ii) from whom you have obtained reasonable assurances that they will comply with the access and use, and confidentiality terms set forth in this Agreement.

“Personal data” means information about a natural person (or a legal person, where applicable data protection legislation covers such entity) from which that person can be identified. It does not include data whose personal information has been deleted.

“Data concerning Health” means personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his/ her health status.

2. Service Access, Account Creation and Secure Credentials

Warranty. If you are entering this Agreement on behalf of a company or other legal entity, you declare and warrant that you have the authority to bind such entity and its affiliates to these Terms. In particular, you agree that if you create an account on behalf of a legal entity, upon which such entity will be designated as a User of our Services, you have the necessary legal authority and capacity to do so as an authorized agent of that entity. Your agreement to these Terms of Use also binds that entity.

Due Authority. You represent and warrant to Collaborate on a continuing basis throughout the duration of this Agreement that: (i) you have the requisite corporate power and authority to execute and perform your obligations under this Agreement; (ii) the person executing this Agreement on your behalf has the authority to bind you and that such person’s execution of this Agreement does not infringe your bylaws, certificate of incorporation or other comparable document; (iii) the execution of this Agreement does not constitute a material breach of any covenants or agreements by which you or any of your assets are bound; and (iv) neither you nor any of your personnel to your knowledge (A) has been convicted of any crime arising from claims or other transactions, financial relationships, or financial dealings in connection with health care; or (B) has been excluded from any state health care program.

Accurate Account Information. To access the CHC, you must register for an account. When you register for an account, you may be required to provide us with some information about yourself, such as your name, email address, or other contact information. You represent and warrant that the information you provide to us is true, accurate, current and complete and that you will keep it accurate and up-to-date at all times. For more information about the processing of your personal data by us, please refer to the Privacy Notice.

Verification. You agree that we may take steps to verify your identity and credentials at any time. You agree that we may use and disclose personal data about you for such purposes, including making inquiry of third parties concerning your identity and professional and practice credentials. You authorize such third parties to disclose to us such information as we may request for such purposes, and you agree to hold them and us harmless from any claim or liability arising from the request for or disclosure of such information. You agree that we may terminate your access to the CHC at any time if we are unable at any time to determine or verify your qualifications or credentials.

Protecting Your Log-In Credentials. As a registered user, you will have log-in information, including a username and password. Your account is personal to the primary account holder, and you may not share your account and log-in information with, or allow access to your account by, any third party. As you will be responsible for all activity that occurs under your account and access credentials, you should take care to preserve the confidentiality of your username and password, and any device that you use to access the CHC.

Notification in Case of Breach. You agree to notify us immediately of any breach in secrecy of your log-in information. If you have any reason to believe that your account information has been compromised or that your account has been accessed by a third party, you agree to immediately notify Collaborate’s customer support at support@collaborate247.com. You will be solely responsible for the losses incurred by patients due to any unauthorized use of your account that takes place prior to notifying Collaborate that your account has been compromised.

Trial period. If you, as a Health Service Provider, have registered an account for a trial period, you will be provided our Services within a limited time of sixty (60) days period of registering you account. The Services may be accessed by the relevant patients through our user accounts and can have an unlimited duration. If you want to be further provided with the Services, you will need to switch to a Premium Service, and any existing data/ information may be transferred by you onto your paid subscription service.

Additional Use Terms. You shall access the CHC only i) through your Authorized Users acting within the scope of their service for you; ii) on Collaborate’s servers as authorized by Collaborate; (iii) for your internal use; (iv) within the scope and purpose of the Services (not further or otherwise) and (v) from and within Countries of the EU.

You shall ensure that each Authorized User complies with these Terms of Use and your Agreement as well as applicable law. You shall terminate any Authorized User’s access to the CHC: (i) when such person no longer meets the definition of “Authorized User”; (ii) if conduct by such Authorized User breaches any term of these Terms and; or (iii) upon such Authorized User’s indictment, arrest, or conviction of any crime related to claims or other transactions, financial relationships, or financial dealings in connection with health care, and you shall immediately inform Collaborate of any such indictment, arrest, or conviction. You are responsible for all acts and omissions of any Authorized User in connection with such Authorized User’s access and use of the Services. Collaborate may restrict, suspend, or terminate an Authorized User’s access to the CHC if Collaborate determines in its sole discretion that such access has an adverse effect on Collaborate.

Except as expressly permitted under these Terms, you shall not and shall cause your Authorized Users not to: (i) access or use the CHC in connection with the provision of any services to third parties; (ii) resell, rent, license, lease, provide service bureau or timeshare services, transfer, encumber, copy, distribute, publish, exhibit, transmit or otherwise make available to any third party any Collaborate Content or the Collaborate Services; (iii) derive specifications from, reverse engineer, reverse compile, disassemble, translate, record, or create derivative works based on the CHC; (iv) use the CHC in a manner that delays, impairs, or interferes with system functionality for others or that compromises the security or integrity of any data, equipment, software, or system input or output, including but not limited to introduction of any viruses or malware into the CHC; (v) enter data in the CHC that is threatening, harmful, lewd, offensive, defamatory, or that injures or infringes the rights of others; (vi) apply systems to extract or modify information in the CHC using technology or methods such as those commonly referred to as “web scraping,” “data scraping,” or “screen scraping;” (vii) use the CHC or any part or aspect thereof for any unlawful purpose or to mislead or harass anyone; or (viii) use the CHC except as specifically permitted under this Agreement. Use of or access to the CHC not in accordance with these Terms is strictly prohibited. Any violation will cause Collaborate irreparable and immediate harm and Collaborate is entitled to injunctive relief to prevent such violation.

Third-Party Browser Extensions. Extensions are small software programs, developed by third parties, that can modify and enhance the functionality of your browser. Extensions may have privileges, including the ability to read, record and/ or modify your personal data. These extensions are installed by individual users into the browser on their computers and are utilized at users’ own risk. Further, such extensions are not affiliated with Collaborate and Collaborate does not have visibility into which extensions any user may use. Collaborate assumes no risk of loss of data or breach of such data due to your use of browser extensions.

Prior to using the CHC, if you have one (or more) of these extensions enabled in your browsers, Collaborate recommends completely removing all of these extensions immediately as disabling the extensions may not be sufficient to protect your personal data. We recommend that you only access the CHC from supported browsers that have all plugins and extensions removed.

Further, installing any third-party software on your operating system may also subject you to the same risks as using browser extensions. Collaborate has no liability to you due to damages caused by any third-party software, including, without limitations, browser extensions.

3. Communications

By registering to the CHC, you may be receiving certain electronic communications from us as further described in our Privacy Notice. Please read our Privacy Notice to learn more about our electronic communications practices. You agree that any notices, agreements, disclosures, or other communications that we send to you electronically will satisfy any legal communication requirements, including that those communications be in writing.

4. General Payment Terms

Premium features of CHC (Premium Service) will require the Health Service Provider Users to pay fees upon registering for the applicable premium service. Before you pay any fees, you will have an opportunity to review and accept the fees that you will be charged. All fees are in Euros and are non-refundable unless otherwise stated at the time of purchase. Fees vary based on the plan, with different pricing schemes for individual users and organizations.

Price. Collaborate reserves the right to determine pricing for CHC. Collaborate will make reasonable efforts to keep pricing information published on the Website up to date. We encourage you to check our Website periodically for current pricing information, located here: https://collaborate247.com/pricing. Collaborate may change the fees for any feature of the CHC, including additional fees or charges, if Collaborate gives you advance notice of changes before they apply. Collaborate, at its sole discretion, may make promotional offers with different features and different pricing to any Health Service Provider. These promotional offers, unless made to you, will not apply to your offer or these Terms. 


Authorization. You authorize Collaborate to charge all sums for the orders that you make and any level of service you select at the Website or the CHC, to the payment method specified in your account. If you pay any fees with a credit card, Collaborate may seek pre-authorization of your credit card account prior to your purchase to verify that the credit card is valid and has the necessary funds or credit available to cover your purchase.

Subscription Service and Cancellation Policy. Access to the Premium Service of CHC includes automatically recurring payments for periodic charges (“Subscription Service”). If you activate a Subscription Service, you authorize Collaborate to periodically charge, on a going-forward basis and until cancellation of either the recurring payments or your account, all accrued sums on or before the payment due date for the accrued sums. The “Subscription Billing Date” is the date when you purchase your first subscription to the CHC. For information on the “Subscription Fee”, please see our Pricing page. Your account will be charged automatically on the Subscription Billing Date all applicable fees for the next subscription period. The subscription will continue unless and until you cancel your subscription or we terminate it. You must cancel your subscription before it renews in order to avoid billing of the next periodic Subscription Fee to your account. We will bill the periodic Subscription Fee to the payment method you provide to us during registration (or to a different payment method if you change your payment information). You may cancel the Subscription Service by accessing your account settings at the CHC or by sending us a relevant request at: support@collaborate247.com.

Delinquent Accounts: Collaborate may suspend or terminate access to the CHC for any account for which any amount is due but unpaid. In addition to the amount due for the Premium Service, a delinquent account will be charged with fees or charges that are incidental to any chargeback or collection of any of the unpaid amount, including collection fees.

5. Licenses

Permission to Use. Subject to your complete and ongoing compliance with these Terms, Collaborate grants you limited, non-transferable, non-sublicensable, revocable permission to access and use CHC for your personal, internal use during the Term of this Agreement at the level of service for which you have paid all applicable Fees.

Restrictions. Except and solely to the extent such a restriction is impermissible under applicable law, you may not: (a) reproduce, distribute, publicly display, or publicly perform the CHC; (b) make modifications to the CHC; or (c) interfere with or circumvent any feature of the CHC, including any security or access control mechanism. If you are prohibited under applicable law from using the CHC, you may not use it. You may not use the CHC on behalf of any third party, or in a service bureau or similar capacity.

Feedback: If you choose to provide input and suggestions regarding problems with or proposed modifications or improvements to the CHC (“Feedback”), then you hereby grant Collaborate an unrestricted, perpetual, irrevocable, non-exclusive, fully-paid, royalty-free right to exploit the Feedback in any manner and for any purpose, including to improve the Service and create other products and services.

Ownership, Proprietary Rights. The CHC is owned and operated by Collaborate. The visual interfaces, graphics, design, compilation, information, data, computer code (including source code or object code), products, software, services, templates, and all other elements of the CHC (“Materials”) provided by Collaborate are protected by intellectual property and other laws. All Materials included in the CHC are the property of Collaborate. Except as expressly authorized by Collaborate, you may not make use of the Materials. Collaborate reserves all rights to the Materials not granted expressly in these Terms.

6. Third Party Software

The CHC may include or incorporate third party software components that are generally available free of charge under licenses granting recipients broad rights to copy, modify, and distribute those components (“Third Party Components”). Although the CHC is provided to you subject to these Terms, nothing in these Terms prevents, restricts, or is intended to prevent or restrict you from obtaining Third Party Components under the applicable third party licenses or to limit your use of Third Party Components under those third party licenses.

7. Content on Collaborate Health Services, your rights and grant of right in the Content

Certain features of the CHC may permit Users to upload content to the CHC, including medical examination results, health service provider notes or patient photos and other health related content (“data concerning health”) which may be comprised of messages, photos, video, images, data, text, and other types of works (“User Content”) and to share User Content on the CHC with certain users (i.e. Health Service Providers or Family Members) in an effort to maximize patient outcomes. All Content is the sole responsibility of the person who originated such Content; namely you are solely responsible for your use of CHC and for any Content you provide, including compliance with the applicable legislation/ regulation, including, inter alia, on data protection, and intellectual property. You represent and warrant that you have, or have obtained, all rights, licenses, consents, permissions, power and/or authority necessary to grant the rights granted herein for any Content that you submit, post or display on or through the CHC. You agree that such Content will not contain material subject to copyright or other proprietary rights, unless you have necessary permission or are otherwise legally entitled to post the material and to grant us the license described below. You retain your rights to any Content you submit, post or display on or through the CHC. By submitting, posting or displaying Content on or through Collaborate, you grant us a worldwide, non-exclusive, royalty-free license (with the right to sublicense) to use, copy, reproduce, process, adapt, modify, publish, transmit, display and distribute such Content on or through the CHC. In addition, by providing Content to or via the CHC to other users of the CHC, you grant those users a non-exclusive license to access and use that Content as permitted by these Terms and the functionality of the CHC.

8. Using the CHC

By using the CHC, you explicitly agree that you will comply with the applicable legislation/ regulations. The following rules outline, inter alia, what is prohibited on the CHC. In particular, you explicitly affirm, represent, warrant and agree that:
and permissions to authorize Collaborate and users of the CHC to use your User Content as necessary to exercise the licenses granted by you in this Section, in the manner contemplated by Collaborate, the CHC, and these Terms;
a) you are the creator and owner of the User Content, or have the necessary licenses, rights, consents, and permissions to authorize Collaborate and users of the CHC to use your User Content as necessary to exercise the licenses granted by you in this Section, in the manner contemplated by Collaborate, the CHC, and these Terms;
b) your User Content, and the use of your User Content as contemplated by these Terms, does not and will not:

  • infringe, violate, or misappropriate any third party right, including any copyright, trademark, patent, trade secret, moral right, privacy right, right of publicity, or any other intellectual property or proprietary right;
  • slander, defame, libel, or invade the right of privacy, publicity or other property rights of any other person; or
  • cause Collaborate to violate any law or regulation;


c) your User Content could not be deemed by a reasonable person to be objectionable, profane, indecent, pornographic, harassing, threatening, hateful, or otherwise inappropriate.
d) your User Content does not and will not contain Hateful Content, a Threat of Physical Harm, or Harassment.


Notwithstanding the foregoing, we reserve the right to screen, remove, edit, or block any User Content we find in violation of the Terms or that we find, in our sole discretion to be otherwise objectionable, at our sole discretion.

User Content Disclaimer. We are under no obligation to edit or control User Content that you or other users post or publish, and will not be in any way responsible or liable for User Content. Collaborate may, however, at any time and without prior notice, screen, remove, edit, or block any User Content that in our sole judgment violates these Terms or is otherwise objectionable. You understand that when using the CHC you will be exposed to User Content and acknowledge that User Content may be inaccurate, offensive, indecent, or objectionable. You agree to waive, and do waive, any legal or equitable right or remedy you have or may have against Collaborate with respect to User Content. If notified by a user or content owner that User Content allegedly does not conform to these Terms, we may investigate the allegation and determine in our sole discretion whether to remove the User Content, which we reserve the right to do at any time and without notice. For clarity, Collaborate does not permit copyright-infringing activities on the CHC.

Monitoring Content. Collaborate does not control and does not have any obligation to monitor: (a) User Content; (ii) any content made available by third parties; or (iii) the use of the CHC by its users. You acknowledge and agree that Collaborate reserves the right to, and may from time to time, monitor any and all information transmitted or received through the CHC for operational and other purposes. If at any time Collaborate chooses to monitor the content, Collaborate still assumes no responsibility or liability for content or any loss or damage incurred as a result of the use of content. During monitoring, information may be examined, recorded, copied, and used in accordance with our Privacy Policy.

9. Ending the CHC

Notwithstanding the foregoing, we may stop (permanently or temporarily) providing the CHC or any features within the CHC to you in case of non-compliance with these Terms. We also retain the right to create limits on use and storage, at our sole discretion at any time. We may suspend or terminate (deactivate) your account or cease providing you with all or part of the CHC and discontinue your use of these Services at any time for any or no reason, including, but not limited to, if we reasonably consider that: (i) you have violated these Terms, (ii) you create risk or possible legal exposure for us; or (iii) your account should be removed due to unlawful conduct. For the avoidance of doubt, these Terms survive the deactivation or termination of your account.

10. Indemnity

You are responsible for your use of the CHC, and you will defend and indemnify Collaborate from and against every claim brought by a third party, and any related liability, damage, loss, and expense, including reasonable attorneys’ fees and costs, arising out of or connected with: (a) your use of, or misuse of, the CHC; (b) your violation of any portion of these Terms, any representation, warranty, or agreement referenced in these Terms, or any applicable law or regulation; (c) your violation of any third party right, including any intellectual property right or publicity, confidentiality, other property, or privacy right; or (d) any dispute or issue between you and any third party. We reserve the right, at our own expense, to assume the exclusive defense and control of any matter otherwise subject to indemnification by you (without limiting your indemnification obligations with respect to that matter), and in that case, you agree to cooperate with our defense of those claims.

11. Disclaimers. No Warranties

The CHC and all materials and content available through the Service are provided “as is” and on an “as available” basis. Collaborate disclaims all warranties of any kind, whether express or implied, relating to the service and all materials and content available through the service, including: (a) any implied warranty of merchantability, fitness for a particular purpose, title, quiet enjoyment, or non-infringement; and (b) any warranty arising out of course of dealing, usage, or trade. Collaborate does not warrant that the CHC or any portion of the CHC, or any materials or content offered through the CHC, will be uninterrupted, secure, or free of errors, viruses, or other harmful components, and collaborate does not warrant that any of those issues will be corrected.

No advice or information, whether oral or written, obtained by you from the CHC or Collaborate or any materials or content available through the CHC will create any warranty regarding Collaborate or the CHC that is not expressly stated in these Terms. We are not responsible for any damage that may result from the CHC and your dealing with any other CHC user. You understand and agree that you use any portion of the CHC at your own discretion and risk, and that we are not responsible for any damage to your property (including your computer system or mobile device used in connection with the service) or any loss of data, including User Content.

In particular, to the extent permitted by law, we make no warranty or representation and disclaim all responsibility and liability for: (i) the completeness, accuracy, availability, timeliness, security or reliability of Collaborate or any Content; (ii) any harm to your computer system, loss of data, or other harm that results from your access to or use of these Services or any Content; (iii) the deletion of, or the failure to store or to transmit, any Content and other communications maintained by Collaborate; and (iv) whether the Services will meet your requirements or be available on an uninterrupted, secure, or error-free basis. No advice or information, whether oral or written, obtained from we or through the Services, will create any warranty or representation not expressly made herein. In particular:

To the maximum extent permitted by the applicable law, we shall not be held liable for any indirect, incidental, special, consequential or punitive damages, whether incurred directly or indirectly, or any loss of data, use, goodwill or other intangible losses, resulting from: (a) your access to or use of or inability to access or use the Services; (b) any conduct or Content of any third party of the Services, including without limitation, any defamatory, offensive or illegal conduct of you or third parties; (c) any Content obtained from the Services; or (iv) unauthorized access, use or alteration of your content.

You may interact directly on the CHC with one or more physicians to obtain medical treatments, diagnoses and or care, or for other means. Collaborate is not responsible for any medical treatment, diagnoses or care provided or suggested to you by such physicians. In that regard, Collaborate hereby disclaims all representations, warranties, responsibility and liability of any kind (including liability by reason of negligence) regarding any communications between you and Health Service Provider Users (or other Health Service Providers) for purposes of obtaining medical treatment, diagnosis or care from the use of this Website and/ or the CHC. Collaborate operating this Website and/ or the CHC as a convenience for you and for the Health Service Providers. Collaborate is not licensed to render medical advice to you on any topic or for any purpose and disclaims liability for any diagnoses or treatments recommended to you by a Health Service Provider User or other Health Service Provider that uses this Website and/ or the CHC.

12. Privacy

Collaborate is the data controller of the processing of personal data that falls within the Scope of the following Notices: (A) The Privacy Notice. You understand that through your use of the Services you consent to the collection and use of your information described therein. This Notice describes how Collaborate handles the information you provide to Collaborate when you use the CHC, namely while being a CHC User. (B) The Notification regarding the processing of personal data of non-registered Patients. Collaborate may process personal data relating to non-registered in the CHC natural persons (Patients) which are being inserted into the CHC by a registered user, i.e., a Health Service Provider, in which case the data processing is governed and construed in accordance with this Notification. Each Health Service Provider (CHC User) grants its explicit permission to Collaborate to create and maintain statistical information relating to the use of the CHC and process personal data for such purpose, as detailed in the above Notification.

Other than the above, Collaborate acts as a data processor with regard to data processing activities which are being conducted on behalf of its Clients, namely the Health Service Providers, or and as the case may be as a business associate with respect to Clients’ personal data pertaining to U.S. patients that qualifies as Protected Health Information (PHI) under the federal Health Insurance Portability and Accountability Act of 1996, 42 U.S.C. § 1320d-1320d-8 (“HIPPA”), as amended and in force. In the former case, both Collaborate and You (the Health Service Provider) are obliged to comply with the provisions of the Data Protection Agreement which is attached in the Addendum A, while for processing activities that concern PHI the Addendum B of the Terms shall apply. Both the Addendum A and B form an integral part of this Agreement.

13. Miscellaneous

Assignment. Collaborate may assign or subcontract rights and obligations arising out of these Terms to third parties, in which case Collaborate will notify you of this. You are not permitted to assign or purport to assign to third parties any right derived from you account without Collaborate’s prior written consent which Collaborate may grant or refuse in its sole discretion.

Governing law and jurisdiction: These Terms and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with their subject matter, are governed by the laws of Greece subject only to any applicable mandatory law in the country in which you reside. You agree that the courts of Athens, Greece, shall have non-exclusive jurisdiction to settle any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with these Terms or their subject matter or formation subject only to any applicable mandatory law in the country in which you reside or choice of jurisdiction provisions that cannot be varied by contract.

ADDENDUM A
Data Processing Agreement according to Art. 28 GDPR1

This Data Protection Agreement (“Agreement”) is an addendum to the Terms of Use (available at www.collaborate247.com/terms ) and defines the specific additional terms and conditions under which Collaborate, acting as a data processor (“Processor”), processes personal data on behalf of its client, the Health Service Provider, acting the latter as a data controller (“Controller”).

This Agreement is subject to the terms and conditions outlined in the Terms of Use (“Main Contract”).

1 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). The definitions of the GDPR apply accordingly.

§1. Main Contract, Subject Matter and Duration of the Agreement, Nature and Purpose of Data Processing, Types of Personal Data and Categories of Data Subjects

1.1 The main contract to which this Agreement is linked (Main Contract), the subject matter of the Agreement, the nature and purpose of the data processing, the types of personal data and the categories of data subjects are described in Annex 1.

1.2 This Agreement shall – unless otherwise agreed – become effective once signed by both Parties and shall apply as long as the Main Contract is in force.

§2. Instructions in respect of processing of Data, Information Duty

2.1 The Processor shall process the personal data only on documented instructions from the Controller, including with regard to transfers of personal data to a third country (outside the European Economic Area) or an international organization unless required to do so by Union or Member State law to which the Processor is subject; in such a case, the Processor shall inform the Controller of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest.

2.2 The Processor shall immediately inform the Controller if, in its opinion, an instruction issued by the Controller infringes the provisions of the GDPR or any other applicable data protection provision.

§3. Commitment to Confidentiality

The Processor shall engage for the implementation of this Agreement only persons authorised to process the personal data, who have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

§4. Security of Processing / Technical and Organizational Measures acc. to Art. 32 GDPR

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the Processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed.

§5. Engaging Another Processor (Sub-Processor)

5.1 The Controller provides a general written authorization to the Processor to engage another Processor (Sub-Processor), whereby neither specific written consent of the Controller nor notification to the Controller of any intended changes concerning the addition or replacement of the Sub-Processor(s) is required.

5.2 The Processor shall impose on the engaged Sub-Processor by way of a contract or other legal act the same data protection obligations, which are set out in this Agreement, in particular providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of the GDPR. The Processor shall remain fully liable to the Controller for the compliance of the data protection obligations of the Sub-Processor, including but not limited to the case where the Sub-Processor fails to comply with the data protection obligations set out in this Agreement.

5.3 Any transfer to a third country (incl. giving access to personal data) either by Processor itself or any Sub-Processor is subject to a prior specific written approval, by the Controller.

§6. Cooperation & Support Obligation

6.1 Taking into account the nature of the processing, the Processor assists the Controller by appropriate means as well as by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Controller’s obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR (Art. 12 - 23 GDPR).

6.2 In case of a data subject request, a direct communication with the data subject shall only take place with the prior written permission of the Controller. The Processor shall forward all inquiries related to the data subject’s rights to the Controller immediately in writing.

§7. Assistance in Ensuring Compliance with the Obligations of the Controller

7.1 Taking into account the nature of processing and the information available to the Processor, the Processor assists the Controller in ensuring compliance with the obligations pursuant to Art. 32 to 36.

7.2 Within the scope of Art. 28 (3) f) GDPR and taking into account the nature of processing and the information available to the Processor, the Processor supports the Controller in carrying out a data protection impact assessment pursuant to Art. 35 GDPR and, if applicable, also when consulting with the supervisory authority pursuant to Art. 36 GDPR. Upon request of the Controller, Processor shall disclose to the Controller all necessary and required information and documentations.

7.3 In the event of a personal data breach, Processor will immediately notify the Controller accordingly and will support the Controller by all necessary means in performing his notification duties pursuant Art. 28 (3) (f) GDPR.

7.4 The Processor assists and supports the Controller in ensuring compliance with the obligation of Art. 25 GDPR (Data protection by design and by default). The Processor complies, especially in terms of its tools, products, applications or services, with the principles of data protection by design and by default.

§8. Deletion and Return of Personal Data

Insofar as there are no legal provisions that require retention of personal data, the Processor shall, upon termination of the Agreement, release the processed personal data to the Controller in a readable, editable and commonly used form, unless the Controller instructs the Processor to delete the personal data. In case of instruction to delete the Processor submits written proof thereof.

§9. Demonstrate Compliance with the Obligations and Contributing to Audits

The Processor makes available to the Controller all information necessary to demonstrate compliance with the obligations laid down in Art. 28 GDPR. The Processor allows for and contributes to audits, including inspections, conducted by the Controller or an auditor mandated by the Controller. The Controller shall have the right to verify the compliance of Processor with this Agreement in its business operation by on-the-spot checks, which will be generally notified to Processor in sufficient time.

§10. Further Obligations

10.1 Where required by law, Processor shall appoint in writing a data protection officer according to Art. 37 GDPR and a representative according to Art. 27 GDPR. The respective contact details of the appointed data protection officer will be communicated to Controller.

10.2 The Processor shall maintain a record of all categories of processing activities carried out on behalf of a Controller, in accordance with the provisions of Art. 30 GDPR.

§11. Other Provisions

11.1 The liability of the Parties for data protection violations is regulated in Art. 82 GDPR. The rights and remedies of the Controller under this Agreement shall not be subject to any limitation of actions or any other limiting provisions (e.g. limitation of liability) set forth in the Main Contract.

11.2 In the event of contradictions, inconsistencies, discrepancies between this Agreement and the Main Contract, the provisions of this Agreement shall take precedence over the provisions of the Main Contract.

11.3 Any modification of this Agreement must be in writing.

11.4 Irrespective of the provisions concerning the duration of this Agreement and the Main Contract, both Parties shall be entitled to a termination of both in the event of violations of the data protection provisions laid down in this Agreement.


Last Updated on 3/03/2021
This Agreement may be modified in accordance with the Terms of Use. The latest version of this Agreement may be found at http://www.collaborate247.com/terms.


collaborate247

ADDENDUM B
Business Associate Agreement

The present Business Associate Agreement (“BAA”) is an addendum to the Terms of Use (available at www.collaborate247.com/terms ) and defines the specific additional terms and conditions where Collaborate is acting as a business associate or subcontractor with respect to Client Personal Data pertaining to U.S. patients that qualifies as Protected Health Information under the federal Health Insurance Portability and Accountability Act of 1996, 42 U.S.C. § 1320d-1320d-8 (“HIPPA”), as amended and in force. For the purposes of this BAA, Collaborate will be referred to as “Business Associate” and the Client, i.e., the Health Service Provider will be referred to as “Covered Entity”.

§1. Definitions

The following terms shall have the meaning ascribed to them in this Section. Terms used but not otherwise defined in this BAA shall have the same meaning as those terms in the HIPPA rules (as defined below):

  1. (A) “Breach” shall have the same meaning as the term “Breach” at 45 CFR 164.402.
  2. (B) “Business Associate” shall have the same meaning as the term “Business Associate” at 45 CFR 160.103 and, as used in this BAA, refers to Business Associate in its capacity as an entity that creates, receives, maintains or transmits Protected Health Information in providing services to a Covered Entity.
  3. (C) “Covered Entity” shall have the same meaning as the term “Covered Entity” at 45 CFR 160.103 and, as used in this BAA, refers to the Covered Entity identified above.
  4. (D) “HIPPA Rules” shall mean the federal Standards for Privacy of Individually Identifiable Health Information, 45 CFR Parts 160 subpart A and 164 subparts A and E (the “Privacy Rule”); the federal Security Standards for the Protection of Electronic Protected Health Information, 45 CFR Parts 160 subpart A and 164 subparts A and C (the “Security Rule”); and the Notification in the Case of Breach of Unsecured Protected Health Information, 45 CFR Part 164 subpart D (the “Breach Notification Rule”).
  5. (E) “Individual” shall have the same meaning as the term “Individual” at 45 CFR 160.103 and shall include a person who qualifies as a personal representative in accordance with 45 CFR 164.502(g).
  6. (F) “Protected Health Information (PHI)” shall have the same meaning as the term “Protected Health Information” at 45 CFR 160.103.

§2. Obligations and Activities of Business Associate

With respect to each use and disclosure of PHI, Business Associate agrees as follows:

  1. a. not use or disclose PHI other than permitted or required by the BAA or as required by law;
  2. b. use appropriate safeguards and comply, where applicable, with subpart C of 45 CFR Part 164 with respect to electronic PHI, to prevent use or disclosure of the information other than as provided for by this BAA;
  3. c. report to the Covered Entity any use or disclosure of PHI not provided for by this BAA of which it becomes aware;
  4. d. in accordance with 45 CFR 164.502(e)(1)(ii), ensure that any subcontractors that create, receive, maintain, or transmit PHI on behalf of Business Associate agree to the same restrictions and conditions that apply to Business Associate with respect to such PHI;
  5. e. make available PHI in a designated record set to the Covered Entity as necessary to satisfy the Covered Entity’s obligations under 45 CFR 164.524;
  6. f. make available PHI for amendment and incorporate any amendments to PHI as necessary to satisfy the Covered Entity’s obligations under 45 CFR 164.526;
  7. g. make available the PHI required to provide an accounting of disclosures in accordance with 45 CFR 164.528;
  8. h. to the extent Business Associate is to carry out the Covered Entity’s obligations under 45 CFR 164 subpart E, comply with the requirements of this subpart that apply to the Covered Entity in the performance of such obligation;
  9. i. make its internal practices, books and records relating to the use and disclosure of PHI received from, or created or received by the Business Associate on behalf of, the Covered Entity, available to the Secretary for purposes of determining the Covered Entity’s compliance with 45 CFR 164 subpart E;

§3. Permitted Uses and Disclosures by the Business Associate

In accordance with the limitations in this BAA, Business Associate may use or disclose PHI as necessary to perform functions on behalf of and/ or provide services to the Covered Entity to the extent such uses or disclosures as permitted by the Privacy Rule, as it may be amended from time to time.

§4. Specific Use and Disclosure Provisions

4.1 Without prejudice to the limiting provisions of this BAA, the Business Associate may use PHI for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate, to the extent such use is permitted by the Privacy Rule, as it may be amended from time to time.

4.2 Without prejudice to the limiting provisions of this BAA, the Business Associate may disclose PHI for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate, provided that such disclosure: (i) is required by law; (ii) the Business Associate obtains reasonable assurances from the person to whom the PHI is disclosed that it will be held confidentially and used or further disclosed only as required by law or for the purposes for which it was disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware in which the confidentiality of the PHI has been breached or (iii) is otherwise permitted by the Privacy Rule, as it may be amended from time to time.

4.3 In accordance with 45 CFR 164.504(e)(2)(i)(B), the Business Associate may use PHI to provide data aggregation services relating to the health care operations of the Covered Entity.

§5. Obligations of the Covered Entity

The Covered Entity shall:

  1. a. Notify the Business Associate of any limitation(s) in the Covered Entity’s notice of privacy practices, in accordance with 45 CFR 164.520, to the extent that such limitation may affect the Business Associate’s use or disclosure of PHI.
  2. b. Notify the Business Associate of any changes in, or revocation of, the permission of an individual to use or disclose his/ her PHI, to the extent that such changes may affect the Business Associate’s use or disclosure of PHI.
  3. c. Notify the Business Associate of any restriction to the use or disclosure of PHI that the Covered Entity has agreed to or is required to abide by under 45 CFR 164.522, to the extent that such restriction may affect the Business Associate’s use or disclosure of PHI.

§6. Permissible Requests by the Covered Entity

The Covered Entity shall not request the Business Associate to use or disclose PHI in any manner that would not be permissible under Subpart E of 45 CFR 164 if done by the Covered Entity.

§7. Termination

7.1 Irrespective of the provisions concerning the duration of this BAA and the Main Agreement to which the BAA is linked, both Parties shall be entitled to a termination in the event of violations of the provisions laid down in this BAA.

7.2 At termination of this BAA, the Business Associate shall return or destroy all PHI received from, or created or received by the Business Associate on behalf of, the Covered Entity in accordance with HIPPA Rules. This provision shall apply to PHI in the possession of subcontractors of the Business Associate. The Business Associate shall retain no copies of PHI.

7.3 In the event the Business Associate determines returning or destroying the PHI is infeasible, the Business Associate shall extend the protection of this BAA to such PHI and limit further uses and disclosures to those purposes that make the return or destruction of the PHI feasible.

§8. Miscellaneous

Any ambiguity in this BAA shall be interpreted to permit compliance with the HIPPA Rules.

Ready to boost your practice?

Try out today or contact sales to schedule a demo.