Note: By registering an account or using the Platform, you acknowledge that you have read, understood, and agree to be bound by these Terms.
1. LEGAL STATUS AND ROLES (POPIA)
1.1. Compliance: Both parties agree to comply with the Protection of Personal Information Act, No. 4 of 2013 ("POPIA") and any other applicable data protection legislation in South Africa. 1.2. Responsible Party: You acknowledge that as the Healthcare Professional/Medical Practice, you are the "Responsible Party" (as defined in POPIA) in respect of all Patient Personal Information processed on the Platform. You are solely responsible for determining the purpose of and means for processing such data. 1.3. Operator: HPSuite+ acts as an "Operator" (as defined in POPIA), processing Personal Information on your behalf and according to your instructions through the Platform’s automated processes. 1.4. Patient Consent: You warrant that you have obtained all necessary consents from your patients to collect, process, and store their Special Personal Information (health data) on a third-party PWA/SaaS platform, or that you have a valid legal basis for such processing under POPIA.
2. DATA SECURITY AND BREACH NOTIFICATION
2.1. Security Measures: HPSuite+ implements industry-standard technical and organizational measures to secure data (including encryption and access controls). However, you acknowledge that no system is 100% secure. 2.2. User Responsibility: You are responsible for maintaining the confidentiality of your login credentials. Any activity occurring under your account is deemed your responsibility. 2.3. Breach Notification: In the event of a suspected or actual data breach, HPSuite+ will notify you without undue delay as required by Section 22 of POPIA. As the Responsible Party, it remains your legal obligation to notify the Information Regulator and the affected Data Subjects (patients).
3. LIMITATION OF LIABILITY
3.1. Liability Exclusion: To the maximum extent permitted by law, HPSuite+ shall not be held liable for any loss, damage, or compromise of personal information resulting from:
- Unauthorized access to your account due to weak passwords or credential mismanagement.
- Interception of data during transmission over networks not controlled by HPSuite+.
- Acts or omissions by third-party sub-processors (e.g., cloud hosting providers), provided HPSuite+ has exercised reasonable care in selecting such providers.
3.2. Indirect Damages: HPSuite+ shall not be liable for any indirect, incidental, special, or consequential damages, including loss of profits, data, or goodwill. 3.3. Clinical Decisions: HPSuite+ is a clinical management tool and does not provide medical advice. You remain solely responsible for all clinical decisions and patient outcomes.
4. INDEMNITY
4.1. Indemnification: You hereby indemnify, defend, and hold harmless HPSuite+ and its affiliates, directors, and employees from and against any and all claims, liabilities, damages, and costs (including legal fees on an attorney-and-client scale) arising from:
- Your breach of POPIA or any privacy laws.
- Any claim brought by a patient or third party related to the processing of their personal information on your behalf.
- Any medical malpractice or negligence claims related to your use of the Platform.
5. DATA RETENTION AND TERMINATION
5.1. Retention: You are responsible for ensuring that patient records are retained for the legally required period under HPCSA guidelines. 5.2. Termination: Upon termination of your subscription, HPSuite+ will provide you with a reasonable opportunity to export your data. Thereafter, HPSuite+ may delete your data in accordance with our data retention policy and POPIA requirements.
6. GOVERNING LAW
These Terms are governed by and construed in accordance with the laws of the Republic of South Africa. Any disputes shall be subject to the exclusive jurisdiction of the South African courts.
|
