This Master Service Agreement (“MSA”) is a legal agreement between you (hospitals) and Biometric Technologies OÜ (hereinafter – Parties).
This MSA governs your acquisition and use of our Remotedoc software (“Software”) directly from Biometric Technologies OÜ or indirectly through a Biometric Technologies OÜ authorized reseller or distributor (a “Reseller”).
Please read this MSA carefully before completing the installation process and using the Remotedoc software. It provides a license to use the Remotedoc software and contains warranty information and liability disclaimers.
If you register for a free trial of the Remotedoc software, this MSA will also govern that trial. By clicking “accept” or installing and/or using the Remotedoc software, you are confirming your acceptance of the Software and agreeing to become bound by the terms of this MSA.
If you are entering into this MSA on behalf of a company or other legal entity, you represent that you have the authority to bind such entity and its affiliates to these terms and conditions. If you do not have such authority or if you do not agree with the terms and conditions of this MSA, do not install or use the Software, and you must not accept this MSA.
This MSA shall apply only to the Software supplied by Biometric Technologies OÜ herewith regardless of whether other software is referred to or described herein. The terms also apply to any Biometric Technologies OÜ updates, supplements, Internet-based services, and support services for the Software, unless other terms accompany those items on delivery. If so, those terms apply.
Biometric Technologies OÜ hereby grants you a personal, non-transferable, non-exclusive license to use the Remotedoc software on your devices in accordance with the terms of this MSA.
You are permitted to load the Remotedoc software (for example a PC, laptop, mobile or tablet) under your control. You are responsible for ensuring your device meets the minimum requirements of the Remotedoc software.
You are not permitted to:
Biometric Technologies OÜ shall at all times retain ownership of the Software as originally downloaded by you and all subsequent downloads of the Software by you. The Software (and the copyright, and other intellectual property rights of whatever nature in the Software, including any modifications made thereto) are and shall remain the property of Biometric Technologies OÜ.
Biometric Technologies OÜ reserves the right to grant licenses to use the Software to third parties.
This MSA is effective from the date you first use the Software and shall continue until terminated. You may terminate it at any time upon written notice to Biometric Technologies OÜ.
It will also terminate immediately if you fail to comply with any term of this MSA. Upon such termination, the licenses granted by this MSA will immediately terminate and you agree to stop all access and use of the Software. The provisions that by their nature continue and survive will survive any termination of this MSA.
This MSA, and any dispute arising out of or in connection with this MSA, shall be governed by and construed in accordance with the laws of Estonia.
For the purposes of this Data Transfer Agreement (“DTA”) the Parties apply the following terms and definitions:
The personal data transferred concern the following category of data subjects:
The Parties warrant and guarantee transfer of personal data to each other on a lawful basis in accordance with requirements of applicable legislation and due notification of data subjects of such transfer if required by applicable legislation in order to achieve one, several or all of the purposes set out below that are relevant for the relationship between the Parties:
The personal data transferred concern the following personal data:
The personal data transferred may be disclosed only to the following recipients or categories of recipients:
Personal Data transferred concern the following categories of sensitive data:
Warranties and guarantees specified in this DTA are the assurances about circumstances pertinent for conclusion of this Agreement.
The Party that failed to fulfill or improperly fulfilled any obligations under this DTA shall compensate documentarily approved losses caused to the other Party in connection with and limited to amounts of legal actions satisfied by court and (or) to amounts of administrative and other types of fines.
Purpose limitation: Personal data may be processed and subsequently used or further communicated only for purposes described in the DTA subsequently authorised by the data subject.
Data quality and proportionality: Personal data must be accurate and, where necessary, kept up to date. The personal data must be adequate, relevant and not excessive in relation to the purposes for which they are transferred and further processed.
Transparency: Data subjects must be provided with information necessary to ensure fair processing (such as information about the purposes of processing and about the transfer), unless such information has already been given by the transferring Party.
Security and confidentiality: Technical and organisational security measures must be taken by the data controller that are appropriate to the risks, such as against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, presented by the processing. Any person acting under the authority of the data controller, including a processor, must not process the data except on instructions from the data controller.
Rights of access, rectification, deletion and objection: As provided in Article 12 of Directive 95/46/EC, data subjects must, whether directly or via a third party, be provided with the personal information about them that an organisation holds, except for requests which are manifestly abusive, based on unreasonable intervals or their number or repetitive or systematic nature, or for which access need not be granted under the law of the country of the transferring Party. Provided that the authority has given its prior approval, access need also not be granted when doing so would be likely to seriously harm the interests of the receiving Party or other organisations dealing with the receiving Party and such interests are not overridden by the interests for fundamental rights and freedoms of the data subject. The sources of the personal data need not be identified when this is not possible by reasonable efforts, or where the rights of persons other than the individual would be violated. Data subjects must be able to have the personal information about them rectified, amended, or deleted where it is inaccurate or processed against these principles. If there are compelling grounds to doubt the legitimacy of the request, the organisation may require further justifications before proceeding to rectification, amendment or deletion. Notification of any rectification, amendment or deletion to third parties to whom the data have been disclosed need not be made when this involves a disproportionate effort. A data subject must also be able to object to the processing of the personal data relating to him if there are compelling legitimate grounds relating to his particular situation. The burden of proof for any refusal rests on the receiving Party, and the data subject may always challenge a refusal before the authority.
Sensitive data: The receiving Party shall take such additional measures (e.g. relating to security) as are necessary to protect such sensitive data.
Automated decisions: For purposes hereof “automated decision” shall mean a decision by the transferring Party or the receiving Party which produces legal effects concerning a data subject or significantly affects a data subject and which is based solely on automated processing of personal data intended to evaluate certain personal aspects relating to him.
The transferring Party uses the algorithms to provide probabilistic risk scoring of the patient health condition utilizing Bayesian networks which use data provided by the patient answering the chatbot questions based on explicit consent of the data subject.
The receiving Party shall not make any automated decisions concerning data subjects, except when: