NABLA TECHNOLOGIES, INC.

Master Subscription Agreement

Table of content
Master Subscription Agreement
Business Associate Agreement

This Master Subscription Agreement (“Agreement”) is effective as of the effective date of the first Order Form executed by the Customer that references this Agreement (“Effective Date”), by and between Nabla Technologies, Inc. (“Nabla”) and the entity identified as ‘Customer’ in such Order Form.

When used herein, the term “Agreement” includes the body of this Agreement, all Order Forms (as defined below), and all attachments thereto or referenced herein. In the event of a conflict between this Agreement and/or an Order Form or other attachment, the terms set forth in the body of this Agreement will govern, subject always to the terms of the Business Associate Agreement between the Parties. Nabla and Customer may be referred to in this Agreement individually as a “Party” and together as the “Parties.” For purposes of this Agreement, “Order Form” means one or more ordering documents executed by Nabla and Customer which reference this Agreement and are incorporated into this Agreement by reference.

1. Term

The term of this Agreement shall commence upon the Effective Date and continue in full force until terminated in accordance with its terms (the “Term”). If there is no Order Form currently in effect, either party may terminate this Agreement upon written notice to the other party. Each Order Form will terminate upon expiration of the applicable subscription period, unless expressly stated otherwise therein or in this Agreement.

2. Service

2.1. Service Access

Subject to the terms and conditions of this Agreement, including Customer’s payment of Fees (as defined below), Nabla grants to Customer and its End Users a non-exclusive, non-transferable, non-sublicensable license to access and use the Nabla technology services identified in an applicable Order Form (the “Service”) and the Documentation (as defined below), during the Term, solely for Customer’s internal business purposes. For purposes of this Agreement, “End Users” means Customer’s employees, contractors, representatives, clinicians, practitioners, and health care professionals, as applicable, providing clinical care and medical services who are authorized to access and use the Service on Customer’s behalf. Customer Affiliates may use the Services by executing an Order Form which is governed by the terms of this Agreement. This will establish a new and separate agreement between the Customer Affiliate and Nabla.

2.2. Restrictions

Customer and its End Users may only use the Service as described in this Agreement and in the then-current documentation, specifications, and instructions regarding the Service, including online help screens contained within the Service, made generally available by Nabla to its customers and modified from time to time (the “Documentation”). Customer is responsible for ensuring its End Users comply with all relevant terms of this Agreement, and any failure to comply with this Agreement by an End User will constitute a breach by Customer. Except as expressly authorized by this Agreement, Customer will not, and will not allow any End User or other third party to, (a) permit any third party to access or use the Service other than an End User, (b) decompile, disassemble, modify, translate,Nabla Technologies, Inc. | Confidential 1distribute, reverse engineer, or otherwise attempt to derive the trade secrets embodied in the Service, except to the extent expressly permitted by applicable international, foreign, federal, state, or local laws, rules, or regulations (collectively, “Applicable Laws”), (c) rent, sell, or lease any rights in the Service in any form to any person, (d) use the Service or any Nabla Confidential Information to develop a competing product or service or build a product using similar ideas, features, functions, or graphics of the Service, (e) use the Service, or allow the transfer, transmission, export, or re-export of the Service or portion thereof, in violation of any export control laws or regulations administered by the U.S. Commerce Department or any other government agency, or (f) remove, minimize, block, or modify any copyright, trademark, proprietary rights, disclaimer, digital watermark, or warning notice included on or embedded in any part of the Documentation or Service, including any screen displays, or any other materials provided by Nabla hereunder. Customer may not access the Service for purposes of monitoring its availability, performance, functionality, or any other benchmarking or competitive purpose. Customer may use the Service only for its internal business purposes and shall not: (i) run any auto-responder or send spam or otherwise duplicative or unsolicited messages; (ii) send or store infringing, obscene, threatening, libelous, or otherwise unlawful or tortious material, including material harmful to children or that violates a third-party’s privacy rights; (iii) send or store material containing software viruses, worms, Trojan horses, or other harmful computer code, files, scripts, agents, or programs; (iv) interfere with or disrupt the integrity or performance of the Service or the data contained therein; or (v) attempt to gain unauthorized access to Service or its related systems or networks. Under no circumstances will Nabla be liable or responsible for any use, or any results obtained by the use, of the Service in conjunction with any content, services, software, or hardware that are not provided by Nabla, including any services or advice provided by Customer and its applicable End Users, including health care services, insurance claims processing, or medical advice, where applicable. All such use will be at Customer’s sole risk and liability. Nabla reserves the right to modify the Service for any reason, without notice and without liability to Customer or any End User, to comply with Applicable Law.

3. Support; Security

3.1. Support

During the Term, Nabla will provide Customer with support in connection with Customer’s authorized use of the Service. Nabla will use commercially reasonable efforts to meet the Response Times (as defined below) for support requests based on the severity of the applicable issue, as determined by Nabla in good faith. Response Times are as follows:

  • Critical. Issues that render the Service inoperative for multiple users will
    receive the highest priority and will be acknowledged on a 24/7 basis, with
    an initial response target of fifteen (15) to thirty (30) minutes
  • High-Priority. Issues that materially degrade the performance of the Service
    or materially restrict Customer’s use of the Service will be acknowledged
    within one (1) business day during Nabla’s then-current business hours.
  • Low-Priority. Issues with a non-material impact on Customer’s use of the
    Service will be acknowledged within three (3) business days during Nabla’s
    then-current business hours.

For purposes of this Section, “Response Time” means the period between Nabla’s receipt of a properly submitted support request and Nabla’s initial acknowledgment thereof and does not include time to resolution. Nabla will have no support obligations with respect to issues arising from: (a) use of the Service other than in accordance with this Agreement or the Documentation; (b) Customer’s systems, networks, hardware, software, or internet connectivity; (c) third-party services, software, or integrations not provided by Nabla; (d) Beta Products; or (e) Force Majeure Events.

3.2. Availability

Nabla shall take commercially reasonable measures to ensure the Service is available for access and use by Customer and End Users at least 99% of the time, except during regularly scheduled and emergency maintenance and Force Majeure Events. In the event the Service is unavailable, Nabla shall take commercially reasonable measures to correct the interruption as promptly as practicable.

3.3. Security Measures

Nabla maintains the security of the Service and Customer Data in
accordance with the documentation (including third-party certifications) set forth on the Nabla Trust Center, available at https://trust.nabla.com/ (“Trust Center”), which may be updated from time to time. Customer may sign up for notifications or alerts for changes to the Trust Center, and Nabla shall have no obligation or liability arising from Customer’s failure to do so.

3.4. Malicious Code

Nabla shall use commercially reasonable efforts to screen the Service for viruses, Trojan horses, worms, and other similar intentionally harmful or destructive code.

4. Subsequent Versions and New Offerings

Nabla may modify and update the terms of this Agreement, the Documentation, or the Service from time to time in its discretion, provided that in no event shall any updates, new releases, or versions of the Service materially degrade Customer’s use thereof. Unless otherwise specified by Nabla, changes
become effective for Customer upon renewal of the then-current subscription period or upon the effective date of a new Order Form after the updated version of this Agreement goes into effect. Nabla may provide notice of updates by email, through the Service, or by posting a notice on its website. If, during a subscription period, Nabla makes available to its customers generally any update, version, or release of the Service, Nabla shall provide the update, version, or release to Customer at no additional charge. For the avoidance of doubt, Nabla may charge additional fees for new products, functions, features, or modules not included in the Service purchased by Customer under an Applicable Order Form.

5. Service-Specific Terms

Certain products, features, functions or modules offered by
Nabla may be subject to supplemental terms and conditions (each, a “Product Schedule”). Such Product Schedules shall become binding on Customer and incorporated into this Agreement upon mutual execution of an applicable Order Form. In the event of a conflict between the terms of this Agreement and those of an applicable Product Schedule, the terms of the Product Schedule shall control solely with respect to the relevant product or module and solely to the extent of such conflict.

7. Customer Data

7.1. Ownership of Customer Data.

Customer is responsible for all data Customer or its End Users place on, process through, or generate through use of the Service (“Customer Data”). Nabla does not endorse, approve, monitor, or vet any Customer Data placed on or generated through the Service or otherwise made available through or to Nabla or the Service in any way. All Customer Data is the responsibility of Customer, and Nabla shall not be liable for any reason for the contents, legality, appropriateness, accuracy, integrity, or use of any Customer Data. Customer warrants that Customer Data does not and will not infringe the intellectual property, publicity, or privacy rights of any person and is not defamatory, obscene, or in violation of Applicable Law.

7.2. Grant of License to Customer Data

As between Customer and Nabla, Customer shall own all right, title, and interest in and to the Customer Data. Except for PHI (which shall be governed by the BAA attached hereto), Customer grants Nabla a non-exclusive, worldwide, royalty-free license to use the Customer Data for purposes of performing this Agreement. Customer is responsible for obtaining all rights, permissions, and authorizations with respect to the Customer Data for use as contemplated under this Agreement. Customer acknowledges and agrees that Nabla may collect limited clinician information derived from Customer Data regarding End Users for the purpose of providing metrics, analytics, or other insights about usage of the Service to Customer, subject to the BAA.

8. Service Fees

8.1 Fees and Payment Terms

Customer agrees to pay the fees associated with the Service, as set forth in the relevant Order Form (“Fees”). The Fees are not a portion of the professional or other service fees charged by Customer to patients or customers for Customer’s products and services. Fees are due regardless of whether or not Customer has collected fees from its customers, patients, or third-party payors, and shall not be subject to any offset or deduction of any kind for any reason related to Customer's collected fees. Except as specifically provided hereunder, all Fees are non-refundable and all Order Forms are non-cancelable. Customer will pay all invoices by ACH, wire transfer, or credit card, in accordance with the schedule set forth in the Order Form. Payments not made in accordance with this Agreement will be subject to late charges equal to the lesser of (a) ten percent (10%) per annum (calculated and compounded on a monthly basis) of the overdue amount, or (b) the maximum amount permitted under Applicable Laws. Nabla may modify Nabla Technologies, Inc. | Confidential 5 the fees once per subscription year after the first subscription year by providing sixty (60) days advanced written notice to Customer.

8.2. Taxes

Customer shall be responsible for those sales, use, and similar taxes associated with its use of the Service, excluding taxes based on Nabla’s real property, personal property, income, or personnel. If Customer claims exemption from any such taxes, Customer shall provide Nabla with a valid and properly completed exemption or resale certificate (or other supporting documentation reasonably acceptable to Nabla) prior to invoicing.

8.3. Other Nabla Products and Services

All other Nabla products and services requested by Customer shall be provided upon mutual agreement of the Parties and shall be subject to Customer’s payment of Fees, as set forth in an applicable Order Form.

8.4. Beta Features

FROM TIME TO TIME, CUSTOMER MAY HAVE THE OPTION TO PARTICIPATE IN A PROGRAM WITH NABLA WHERE CUSTOMER GETS TO USE ALPHA OR BETA PRODUCTS, FUNCTIONS, FEATURES OR MODULES (COLLECTIVELY, “BETA PRODUCTS”) OFFERED BY NABLA. THE BETA PRODUCTS ARE NOT GENERALLY AVAILABLE AND ARE PROVIDED “AS IS”. NABLA DOES NOT PROVIDE ANY INDEMNITIES, SERVICE LEVEL COMMITMENTS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, TITLE, NON-INFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE, IN RELATION THERETO. CUSTOMER OR NABLA MAY TERMINATE CUSTOMER’S ACCESS TO THE BETA PRODUCTS AT ANY TIME.

9. Medical Use

9.1 No Provision of Medical Advice or Services

Nabla provides a technology service for professional service providers, including health care organizations and health care providers, to capture and transfer data. Notwithstanding anything contained herein to the contrary, the Parties acknowledge and agree that Nabla does not, and shall not, provide health care, clinical, treatment, or diagnostic services and that Nabla does not practice medicine, provide insurance claims processing services, perform medical coding or billing services, or serve as a standalone electronic medical records system. All clinical and health care management and health care decisions shall be made by the appropriate members of the Customer’s professional and provider care team. Nabla does not provide, and any use of the Service by Customer or End User does not constitute, any medical advice, legal advice, or representations in any way regarding any legal or medical issues associated with Customer or End Users or services offered by Customer or End Users, including any compliance obligations or steps necessary to comply with any international, federal, state, and local laws, statutes, regulations, and rules, or the directives, orders, policies, guidelines, and codes of practice and conduct issued by any government or third party. Customer should seek legal counsel regarding any legal and compliance issues, and should not rely on any materials or content associated with the Service or its Documentation in determining Customer’s compliance obligations under law. Customer and all End Users understand and agree Nabla is not providing, and the use of the Service does not amount to the provision of, medical services. Use of the Service is not a substitute for medical treatment and does not guarantee any specific outcome. Without limiting the generality of the foregoing, Nabla specifically disclaims and does not guarantee that use of the Service will ensure appropriate medical treatment treat the transmission of any disease or condition, result in accurate diagnosis, or reimbursement by any payor.

9.2 Medical Records; Data Hosting and Storage; HIPAA

Customer is responsible for retaining, storing, and creating backups for any and all Customer Data that Customer or an End User enters into or generates through use of the Service. Customer is responsible for storing and maintaining any and all records, including any medical records, to the extent Customer is a healthcare professional. Nabla and Customer each agree to comply with all Applicable Law relating to the maintenance, uses, and disclosures of protected health information, including the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations, to the extent applicable to each Party. The Parties will comply with the Business Associate Agreement (“BAA”) attached hereto as Attachment A. In the event of any conflict between the terms of this Agreement and those set forth in the BAA, the terms of the BAA shall prevail with respect to protected health information.

9.3 Billing and Collection

With respect to any service for which a claim for payment or reimbursement may be submitted to a patient, health plan, governmental agency, third party payor and/or other financially-responsible parties, Customer and not Nabla shall have the sole and exclusive responsibility to bill and collect from such patients, health plans, governmental agencies, third party payors and other financially-responsible parties. Nabla may not, and shall not, bill any patient, governmental agencies, or third party payor for Customer or any End User’s use of the Service or the services rendered by or to Customer or any End User. In billing and collecting for services associated with the Service, as between Nabla and Customer, Customer shall be responsible for all billing, coding, documentation, claims submission, and collections associated with its operations, including the determination of whether or not the use of the Service is covered by health plans, governmental agencies, third party payors, or other financially-responsible parties, to the extent applicable to Customer’s business and use of the Service. Nabla shall not be responsible to refund, reimburse, offset, or indemnify Customer for any claim denials, audits, adjustments, or overpayments in connection with Customer’s billing related to the Service. Customer shall comply with all billing laws, regulations, instructions, interpretative guidelines and other requirements established by governmental and commercial payors when billing for the Service. Customer further agrees to hold Nabla harmless and indemnify Nabla from any responsibility or claim of any kind relating to Customer’s billing, coding, documentation, or reimbursement practices in connection with the Service.

10. Representations and Warranties

10.1. Mutual Warranties

Each party represents and warrants that: (a) it has full power, capacity, and authority to enter into this Agreement and to make the grant of rights set forth herein.

10.2. Customer Warranty

Customer represents and warrants that: (a) neither Customer nor any End Users shall make any representations with respect to Nabla, the Service, or this Agreement (including that Nabla is a warrantor or co-seller or provider of any Customer services); (b) all information, including professional credential verification, provided by Customer or its End Users to Nabla during Service implementation and registration is complete and accurate information and that Customer shall keep such information up-to-date at all times during the Term; and (c) neither Customer nor any of its respective officers, directors, employees, or contractors is or has ever been: (i) convicted of a criminal offense related to health care or the provision of items and services payable by a federal or state health care program (for example, Medicare and Medicaid); (ii) assessed civil money penalties for an offense related to health care or to the provision of items or services payable by a federal or state health care program; (iii) excluded from participation in any federal or state health care program; or (iv) excluded by any federal agency from receiving federal contracts. Customer shall notify Nabla immediately of any breach of any representation or warranty in this Section or any other Section under this Agreement or of any information or situation which could reasonably lead to a breach of this Section.

10.3. Nabla Warranty

Nabla represents and warrants that (a) the Service will operate in substantial conformity with the Documentation; and (b) any support services shall be provided in a professional, workmanlike manner. In the event of a breach of the warranty in this Section 10.3 (Nabla Warranty), Nabla’s sole and exclusive liability and Customer’s sole and exclusive remedy will be for Nabla to correct the defect in the Service or, in the event Nabla is unable through reasonable efforts to correct the defect in the Service within sixty (60) calendar days from receipt of notice from Customer of the failure of the Service to comply with the warranty, Customer may elect to terminate this Agreement and receive a pro-rated refund of any pre-paid, unused recurring fees for the non-conforming aspect of the Service.

10.4. Disclaimer of Warranties

EXCEPT AS PROVIDED IN SECTION 10.3 (NABLA WARRANTY), THE SERVICE IS PROVIDED “AS IS,” “AS-AVAILABLE”. EXCEPT AS PROVIDED IN SECTION 10.3 (NABLA WARRANTY), NABLA AND ITS VENDORS AND LICENSORS DISCLAIMS ALL OTHER WARRANTIES, EXPRESS AND IMPLIED, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. NABLA DOES NOT WARRANT THAT THE SERVICE WILL MEET CUSTOMER’S REQUIREMENTS OR THAT THE OPERATION OF THE SERVICE WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT DEFECTS IN THE SERVICE WILL BE CORRECTED. NABLA MAKES NO REPRESENTATION OR WARRANTY REGARDING THE ACCURACY OR RELIABILITY OF ANY RESULTS OR OUTPUT GENERATED BY THE SERVICE. NO ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY NABLA OR NABLA’S AUTHORIZED REPRESENTATIVES SHALL CREATE A WARRANTY OR IN ANY WAY INCREASE THE SCOPE OF THIS WARRANTY. THE SERVICE INCLUDES AND RELIES UPON THE USE OF ARTIFICIAL INTELLIGENCE, MACHINE LEARNING, OR OTHER ALGORITHMIC TECHNOLOGIES. CUSTOMER ACKNOWLEDGES AND AGREES THAT ANY OUTPUT GENERATED THROUGH SUCH TECHNOLOGIES IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY, MAY BE INCOMPLETE OR INACCURATE, AND DOES NOT CONSTITUTE LEGAL, MEDICAL, BILLING, OR COMPLIANCE ADVICE. NABLA MAKES NO REPRESENTATION OR WARRANTY THAT ANY CODING SUGGESTIONS OR DOCUMENTATION OUTPUTS GENERATED BY THE SERVICE WILL BE ACCURATE, COMPLETE, OR COMPLIANT WITH ANY LAWS OR PAYOR REQUIREMENTS. CUSTOMER IS SOLELY RESPONSIBLE FOR REVIEWING, VALIDATING, AND DETERMINING THE APPROPRIATENESS OF ANY GENERATED OUTPUT PRIOR TO USE, INCLUDING FOR PURPOSES OF CLINICAL DECISION-MAKING, MEDICAL BILLING, OR CLAIM SUBMISSION. CUSTOMER IS RESPONSIBLE FOR ENSURING HUMAN REVIEW OF ALL GENERATED DATA AND FOR ANY MEDICAL ADVICE, HEALTH CARE SERVICES, AND INSURANCE CLAIMS PROCESSING MADE BY ITS END USERS.

11. Proprietary Rights; Data Use

11.1 Service

Nabla shall own and retain all right, title, and interest in and to (a) the Service, all improvements, enhancements, customizations, configurations, or modifications thereto, (b) any software, applications, inventions, algorithms, or other technology developed in connection with the provision or use of the Service or support services, (c) any and all ideas, processes, techniques, designs, architecture, and “know-how” embodying the Service, (d) the Documentation, and (e) all intellectual property rights related to any of the foregoing. Under no circumstances will Customer be deemed to receive title to any portion of the Service, title to which at all times will vest exclusively in Nabla. This is not a “work made for hire” agreement, as that term is defined in Section 101 of Title 17 of the United States Code. Customer will preserve the Service from any liens, encumbrances, and claims of any individual or entity. Customer will not use any Nabla intellectual property, data, or Confidential Information to contest the validity of any intellectual property rights of Nabla or its licensors, and any such use of the foregoing will constitute a material, non-curable breach of this Agreement.

11.2. Feedback

Customer may provide suggestions, comments, or other feedback about Nabla’s products and services or regarding Customer’s use of or output from the Service (collectively, “Feedback”) to Nabla. Feedback is voluntary and Nabla is not required to hold it in confidence. Customer acknowledges and agrees that the provision and operation of the Service under this Agreement, and Nabla may use Feedback for product development and improvement, including for problem resolution, troubleshooting, product functionality, corrective diagnostics, enhancements, and fixes. To the extent a license is required under Customer’s intellectual property rights to make use of the Feedback, Customer grants Nabla an irrevocable, non-exclusive, perpetual, fully-paid-up, royalty-free license to use Feedback.

11.3 Usage Data

Subject to compliance with the BAA, Nabla shall have the right to collect, copy, and analyze data and other information relating to the provision, use, and performance of various aspects of the Service and related systems and technologies, as well as limited clinician information derived from Customer Data regarding End User use of the Service, to (a) use such data and information to improve and enhance the Service and for other development, diagnostic, and corrective purposes in connection with the Service and other Nabla offerings, and (b) disclose such data solely in aggregated or other de-identified form in connection with the Service. No rights or licenses are granted except as expressly set forth herein.

11.4. Third Party Data

The Service and Documentation may contain material, data, or information provided by third parties (“Third Party Data”). Nabla does not control Third Party Data and is not responsible for its content. Nabla’s inclusion of Third Party Data in the Service does not imply any endorsement of the information and Nabla makes no representations or warranties with respect to any Third Party Data.

12. Confidentiality

12.1. Confidential Information

Each Party (the “Receiving Party”) understands that the other Party (the “Disclosing Party”) has disclosed or may disclose business, technical, or financial information relating to the Disclosing Party’s business (hereinafter referred to as “Confidential Information” of the Disclosing Party). Confidential Information of Nabla includes non-public information regarding features, functionality, and performance of the Service. The Receiving Party agrees: (a) to take reasonable precautions to protect Confidential Information, and (b) not to use (except in the provision of the Service, or as otherwise permitted herein) or divulge to any third person any Confidential Information. The Disclosing Party agrees that the foregoing shall not apply with respect to any information that the Receiving Party can document (i) is or becomes generally available to the public, (ii) was in its possession or known by it prior to receipt from the Disclosing Party, (iii) was rightfully disclosed to it without restriction by a third party, (iv) was independently developed without use of any Confidential Information of the Disclosing Party, or (v) is required to be disclosed by law, provided such disclosure is made in accordance with Section 12.2 (Compelled Disclosures). Each Party’s Confidential Information shall remain the sole and exclusive property of that Party.

12.2. Compelled Disclosures

To the extent required by applicable law or by lawful order or requirement of a court or governmental authority having competent jurisdiction over the Receiving Party, the Receiving Party may disclose Confidential Information in accordance with the law or order or requirement, subject to the following conditions: as soon as possible after becoming aware of the law, order or requirement and prior to disclosing Confidential Information pursuant thereto, the Receiving Party will so notify the Disclosing Party in writing and, if possible, the Receiving Party will provide the Disclosing Party notice not less than five (5) business days prior to the required disclosure. The Receiving Party will use reasonable efforts not to release Confidential Information pending the outcome of any measures taken by the Disclosing Party to contest, otherwise oppose or seek to limit such disclosure by the Receiving Party and any subsequent disclosure or use of Confidential Information that may result from such disclosure. The Receiving Party will cooperate with and provide assistance to the Disclosing Party regarding such measures. Notwithstanding any such compelled disclosure by the Receiving Party, such compelled disclosure will not otherwise affect the Receiving Party’s obligations hereunder with respect to Confidential Information so disclosed.

12.3. Non-Exclusive Equitable Remedy

Each Party acknowledges and agrees that due to the unique nature of Confidential Information there can be no adequate remedy at law for any breach of its obligations hereunder, that any such breach or threatened breach may allow a Party or third parties to unfairly compete with the other Party resulting in irreparable harm to such Party, and therefore, that upon any such breach or any threat thereof, each Party will be entitled to appropriate equitable remedies, and may seek injunctive relief from a court of competent jurisdiction without the necessity of proving actual loss, in addition to whatever remedies either of them might have at law or equity. Any breach of this Section 12 (Confidentiality) will constitute a material breach of this Agreement and be grounds for immediate termination of this Agreement in the exclusive discretion of the non-breaching Party.

12.4. Confidentiality of the Agreement

Except as otherwise permitted hereunder, no Party shall disclose the terms of this Agreement to any third party without the other Party’s prior written consent, except that, subject to confidentiality obligations no less restrictive than those set forth in this Agreement, a Party may disclose the existence and terms of this Agreement to third parties for purposes of providing due diligence information to potential investors in or financing resources to such Party.

12.5. Return or Destruction of Confidential Information

Upon termination or expiration of this Agreement, at the Disclosing Party’s option, the Receiving Party shall return to the Disclosing Party or certify as destroyed all Confidential Information of the Disclosing Party. In addition, the foregoing destruction and return obligation will be subject to any retention obligations imposed on Receiving Party by law or regulation.

13. Indemnification

12.1. Nabla Indemnity

Nabla agrees to defend Customer and its directors, officers, agents, employees, members, subsidiaries, and successors in interest from and against any third-party claim alleging that Customer’s authorized use of the Service infringes that third party’s United States patent, copyright, or trade secret, and pay resulting costs, damages and expenses finally awarded in judgment or mutually agreed to in settlement, provided that Customer: (a) gives Nabla prompt written notice of any claim; and (b) allows Nabla to control, and fully cooperate with Nabla (at Nabla’s sole expense) in the defense and all related negotiations. Nabla shall not enter into any stipulated judgment or settlement that purports to bind Customer without Customer’s express written authorization, which shall not be unreasonably withheld or delayed. Nabla shall have no obligation to indemnify Customer to the extent the claimed infringement arises from or is based on (i) the Customer Data, (ii) use of the Service in combination with any hardware, software, products, data, or other materials not provided by Nabla, or (iii) violation of law or this Agreement by Customer or any End Users. Customer agrees that if its use of the Service becomes, or in Nabla’s opinion is likely to become, the subject of an infringement claim, Customer shall permit Nabla either to procure the right for Customer to continue to use the Service or to replace or modify the Service with technology of comparable quality and performance capabilities to become non-infringing. If in Nabla’s sole discretion, neither alternative is reasonably possible, Nabla may elect to immediately terminate this Agreement and return a prorated portion of any pre- paid, unused fees for the Service. The provisions of this Section 13.1 (Nabla Indemnity) state the sole and exclusive obligations and liability of Nabla and its licensors and suppliers, and Customer’s sole and exclusive remedy for any claim of intellectual property infringement arising out of or relating to this Agreement, and are in lieu of any implied warranties of non-infringement and title, all of which are expressly disclaimed.

12.2. Customer Indemnity

Customer agrees to defend Nabla and its directors, officers, agents, employees, members, subsidiaries, and successors in interest from and against any third-party claim, action, investigation, proceeding, liability, loss, damage, fine, cost, or expense, including attorneys’ fees, experts’ fees, and court costs, arising out of or relating to Customer Data, provided that Nabla: (i) gives Customer prompt written notice of any claim; and (ii) allows Customer to control, and fully cooperate with Customer (at Customer’s sole expense) in, the defense and all related negotiations. Customer shall not enter into any stipulated judgment or settlement that purports to bind Nabla without Nabla’s express written authorization, which shall not be unreasonably withheld or delayed.

14. Disclaimer of Consequential Damages; Limitation of Liability

IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER PARTY OR ANY THIRD PARTY FOR ANY LOSS OF PROFITS, LOSS OF SALES, TRADING LOSSES, LOSS OF BUSINESS, BUSINESS INTERRUPTION, LOSS OF DATA, OR LOSS OF BUSINESS INFORMATION, OR OTHER INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR SPECIAL LOSS OR DAMAGES, INCLUDING EXEMPLARY AND PUNITIVE DAMAGES OF ANY KIND OR NATURE ARISING OUT OF OR CONNECTED IN ANY WAY WITH THIS AGREEMENT, CUSTOMER’SUSE OF OR INABILITY TO USE THE SERVICE, OR FOR ANY CLAIM BY ANY OTHER PARTY, EVEN IF A PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. EXCEPT FOR (I) EITHER PARTY’S INDEMNIFICATION OBLIGATIONS UNDER THIS AGREEMENT, (II) CUSTOMER’S UNAUTHORIZED USE, DISCLOSURE, OR MISUSE OF NABLA’S CONFIDENTIAL INFORMATION, (III) CUSTOMER’S BREACH OF THE USE RESTRICTIONS SET FORTH IN THIS AGREEMENT OR MISUSE OF THE SERVICE, AND (IV) NABLA’S LIABILITY FOR CLAIMS ARISING UNDER THE BAA (“ BAA CLAIMS”), THE TOTAL AGGREGATE LIABILITY OF EITHER PARTY TO THE OTHER PARTY OR ANY THIRD PARTY ARISING OUT OF THIS AGREEMENT OR USE OF THE SERVICE IN CONNECTION WITH ANY CLAIM OR TYPE OF DAMAGES, LOSSES, AND CAUSES OF ACTION (WHETHER IN CONTRACT, TORT, OR OTHERWISE), SHALL NOT EXCEED THE AMOUNT OF THE FEES PAID OR PAYABLE DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE LIABILITY (“GENERAL LIABILITY CAP”). THIS LIMITATION OF LIABILITY SHALL APPLY EVEN IF THE EXPRESS WARRANTIES SET FORTH ABOVE FAIL THEIR ESSENTIAL PURPOSE. NOTWITHSTANDING THE FOREGOING, THE TOTAL AGGREGATE LIABILITY OF NABLA TO THE CUSTOMER OR ANY THIRD PARTY ARISING OUT OF ANY BAA CLAIMS SHALL NOT EXCEED THREE TIMES (3X) THE GENERAL LIABILITY CAP.

15. Termination

15.1. Default

Each Party shall have the right to terminate this Agreement upon thirty (30) days written notice (or with ten (10) days notice in the case of nonpayment) in the event the other Party materially breaches any provision hereof and fails to cure such breach in the foregoing notice period. This Agreement may be terminated upon written notice by either Party, immediately, if (a) a receiver is appointed for the other Party or its property, (b) the other Party becomes insolvent or unable to pay its debts as they mature in the ordinary course of business, makes a general assignment for the benefit of its creditors, or suspends the transaction of its usual business for a period in excess of thirty (30) days, (c) any proceedings (whether voluntary or involuntary) are commenced against the other party under any bankruptcy or similar law and such proceedings are not vacated or set aside within sixty (60) calendar days from the date of commencement thereof, or (d) either Party is listed by a federal agency as being disbarred, excluded, terminated, or otherwise ineligible for federal program participation.

15.2 Suspension

Nabla may, in its sole discretion, immediately suspend or terminate Customer’s access to the Service for any of the following reasons: (a) to prevent damages or risk to, or degradation of, the Service; (b) if necessary to comply with any law, regulation, court order, or other governmental request; (c) to otherwise protect Nabla from potential legal liability arising from Customer’s use of the Service; or (d) in the event an invoice remains unpaid for more than forty-five (45) days from the invoice date. Nabla will use reasonable efforts to provide Customer with notice prior to or promptly following any suspension. Nabla will promptly restore access to the Service as soon as the event giving rise to suspension has been resolved. This Section will not be construed as imposing any obligation or duty on Nabla to monitor use of the Service.

15.3. Effect of Termination

Upon termination or expiration of this Agreement for any reason: (a) Customer and all End Users’ access to and use of the Service and Documentation will cease; (b) Nabla will cease to provide the Service; and (c) Customer will pay to Nabla all fees due to Nabla incurred hereunder through the effective date of termination or expiration, provided that in the event Nabla terminates this Agreement under Section 15.1 (Default) above, all fees due by Customer under the relevant Order Form shall be accelerated and become due and payable immediately upon termination.

15.4. Survival

The following Sections shall survive any termination or expiration of this Agreement: 8 (Service Fees); 9 (Medical Use); 10.4 (Disclaimer of Warranties); 11 (Proprietary Rights; Data Use); 12 (Confidentiality); 13 (Indemnification); 14 (Disclaimer of Consequential Damages; Limitation of Liability); 15.3 (Effect of Termination); 15.4 (Survival); and 16 (General).

16. General

16.1. Affiliates, Subcontractors, and Vendors

Some or all aspects of the Service may be provided by Nabla’s affiliates, agents, subcontractors, and information system Nabla Technologies, Inc. | Confidential 12vendors. The rights and obligations of Nabla may be, in whole or in part, exercised or fulfilled by the foregoing entities.

16.2. Assignment

Neither Party shall assign this Agreement without the prior written consent of the other Party, which consent shall not be unreasonably withheld. Notwithstanding the foregoing, each Party may assign this Agreement, without the other Party’s consent, to any affiliate, or in the event of a merger, acquisition, or sale of all or substantially all of its assets. Upon any permitted assignment under this Agreement, the assigning Party shall notify the other Party in writing. All the terms and provisions of this Agreement will be binding upon and inure to the benefit of the Parties, their successors, assigns, and legal representatives.

16.3. Publicity

Nabla may identify Customer as a customer and use Customer’s name and logo in its customer listings, websites, press releases, and other promotional materials, subject to compliance with any trademark guidelines provided by Customer.

16.4. Independent Contractor

Nabla is an independent contractor and is not an agent or employee of, and has no authority to bind, Customer by contract or otherwise. Further, it is not the intention of this Agreement or of the Parties to confer a third- party beneficiary right of action upon any third party or entity whatsoever, and nothing in this Agreement will be construed so as to confer upon any third party or entity other than the Parties hereto a right of action under this Agreement or in any manner whatsoever.

16.6. Insurance

Each Party, at its sole cost and expense, shall maintain appropriate insurance in accordance with industry standards. As evidence of insurance coverage, upon the other Party’s reasonable request, each Party shall deliver certificates of insurance issued by its insurance carrier showing such policies in force during the Term of this Agreement.

16.6. Force Majeure

Except for the payment of fees hereunder, if either Party cannot perform any of its obligations because of any act of God, court order, war, act of terrorism, or any other cause not within the Party’s reasonable control (a “Force Majeure Event”), then the non-performing Party will: (i) immediately notify the other Party; (ii) take reasonable steps to resume performance as soon as possible; and (iii) not be considered in breach during the duration of the Force Majeure Event.

16.3. Dispute Resolution

In the event of any dispute, controversy or claim of any kind or nature arising under or in connection with this Agreement (a “Dispute”), each Party will appoint a representative to negotiate in good faith in an effort to resolve the Dispute, without the necessity of any formal proceeding relating thereto. If a Dispute is not resolved by the Parties within ninety (90) days after a Dispute notice is issued, either Party may take any available action in law or in equity. Nothing in this Section shall prevent a Party from seeking equitable relief before commencing or during the foregoing informal dispute resolution processes.

16.8. Governing Law; Venue

This Agreement will be governed by and construed in accordance with the laws of the State of New York. Any action at law or in equity arising out of or directly or indirectly relating to this Agreement may be instituted only in the federal or state courts located in the State of New York. The Parties consent and submit to the personal jurisdiction of those courts for the purposes of any action related to this Agreement, and to extraterritorial service of process. The Parties agree that the United Nations Convention on Contracts for the International Sale of Goods (1980) is specifically excluded from application to this Agreement.

16.9. Compliance

Each Party agrees to comply with all Applicable Laws in performing its obligations hereunder, and Customer agrees that Customer is solely responsible for ensuring its own compliance with all Applicable Laws related to Customer’s business practices, which include the applicable federal and state anti-kickback and self-referral laws and regulations. The Parties acknowledge that although Nabla is obligated to provide the Service as specified in this Agreement, there is no obligation of Nabla to refer patients to Customer or any affiliate of Customer, and there is no obligation of Customer to refer patients to any person or business entity. Notwithstanding the unanticipated effect of any of the provisions herein, the Parties intend to comply with 42 U.S.C. § 1320a-7b(b) (commonly known as the Anti- Kickback Statute), 42 U.S.C. § 1395nn (commonly known as the Stark Law) and any other federal or state law provision governing fraud and abuse or self-referrals, as such provisions may be amended from time to time. This Agreement will be construed in a manner consistent with compliance with such statutes and regulations, and the Parties hereto agree to take such actions necessary to construe and administer this Agreement accordingly. The Parties hereto represent, covenant, and agree that the fees due to Nabla under this Agreement have been determined through good faith and arm’s length bargaining to be commercially reasonable. The sole purpose of the payments to Nabla hereunder is to pay fair market value for services actually rendered by Nabla to Customer through the Service under this Agreement. No amount paid hereunder is intended to be, nor shall be construed as, an inducement or payment for referral of, or recommending referral of, patients by Nabla (or its employees and agents) to Customer (or its employees or agents) or by Customer (or its employees and agents) to Nabla (or its employees and agents). In addition, fees charged hereunder do not include any discount, rebate, kickback, or other reduction in charge. This Agreement shall be interpreted and construed at all times in a manner consistent with applicable laws and regulations governing the financial relationships among individuals and entities that provide or arrange for the provision of items or services that are reimbursable by governmental health care programs or other third party payors.

16.10. Access to Books and Records

To the extent that the provisions of Section 1861(v)(1)(I) of the Social Security Act are applicable to this Agreement, the Parties agree to make available, upon the written request of the Secretary of the Department of Health and Human Services or upon the request of the Comptroller General, or any of their duly authorized representatives, this Agreement, and other books, records, and documents that are necessary to certify the nature and extent of costs incurred by them for services furnished under this Agreement. If any services are performed by way of subcontract with another organization and the value or cost of such subcontracted service is Ten Thousand Dollars ($10,000) or more over a twelve (12) month period, such subcontract shall contain and the respective Party shall enforce a clause to the same effect as this Section. The availability of the Parties’ books, documents, and records shall be subject at all times to all applicable legal requirements, including such criteria and procedures for seeking and obtaining access that may be promulgated by the Secretary. The obligations hereunder shall extend for four (4) years after the furnishing of such services. The Parties shall notify each other of any such request for records.

16.11. Waivers

All waivers hereunder must be made in writing by a duly authorized representative of the Party against whom the waiver is to operate, and failure at any time to require the other Party’s performance of any obligation under this Agreement shall not affect the right subsequently to require performance of that obligation. Any waiver, in whole or in part, of any provision of this Agreement will not be considered to be a waiver of any other provision.

16.12. Severability

If any term of this Agreement is found to be unenforceable or invalid for any reason, all other terms will remain in full force and effect.

16.13. Construction

All headings used in this Agreement are for reference purposes only and are not part of this Agreement. All personal pronouns used herein, whether used in the feminine, masculine, or neuter gender, shall include all other genders, and the singular shall include the plural and vice versa. Unless otherwise expressly stated, the words “herein,” “hereof,” and “hereunder” and other words of similar import refer to this Agreement as a whole and not to any particular Section, Subsection, or other subpart. The words “include,” “includes,” “included,” “including,” “without limitation,” or the phrase “e.g.” shall not be construed as terms of limitation and shall, in all instances, be interpreted as meaning “including, but not limited to.”

16.4. Attachments

All Order Forms and other terms and addenda that are referenced herein on or are executed by the Parties and reference this Agreement after the Effective Date are hereby incorporated by reference.

16.15. Entire Agreement

This Agreement, as to its subject matter, exclusively and completely states the rights, duties, and obligations of the Parties and supersedes all prior and contemporaneous representations, letters, proposals, discussions, and understandings by or between the Parties. This Agreement may only be amended in a writing signed by both Parties. Any additional or conflicting terms set forth in any purchase order, supplier handbooks, or similar documentation issued by Customer shall be null and void and shall not form part of the agreement between the Parties.

16.16. Notices

All notices under this Agreement will be in writing and will be deemed to have been duly given when received, if delivered personally; the day after it is sent, if sent for next day delivery by recognized overnight delivery service; upon receipt, if sent by certified or registered mail, return receipt requested; and upon acknowledgment of receipt of electronic transmission, if sent by email. All notices to Customer shall be sent the address and email address set forth in the applicable Order Form. Notices to Nabla under this Agreement shall be sent to the following address:

Nabla Technologies, Inc.

14 NE 1st avenue, Suite 1205, Miami, FL 33132

Attn: Legal

legal@nabla.com

Either Party may change its address or designee for notification purposes by giving notice to the other Party in accordance with this Section.

16.17. Legal Fees

If any dispute arises between the Parties with respect to the matters covered by this Agreement that leads to a proceeding to resolve such dispute, the prevailing Party in such proceeding will be entitled to receive its reasonable attorneys’ fees, expert witness fees, and out-of-pocket costs incurred in connection with such proceeding, in addition to any other relief it may be awarded.

16.18. Agreement Drafted By All Parties

This Agreement is the result of arm’s length negotiations between the Parties and shall be construed to have been drafted by all Parties such that any ambiguities in this Agreement shall not be construed against either Party.

16.19. Electronic Signatures and Facsimiles Binding

This Agreement and related documents may be accepted in electronic form (e.g., by an electronic or digital signature or other means of demonstrating assent) and electronic acceptance will be deemed binding between the Parties. Customer acknowledges and agrees it will not contest the validity or enforceability of this Agreement, including under any applicable statute of frauds, because they were accepted and/or signed in electronic form. Customer further acknowledges and agrees that it will not contest the validity or enforceability of an electronically transmitted or signed copy of this Agreement and related documents on the basis that it lacks an original handwritten signature. Electronically transmitted signatures shall be considered valid signatures as of the date hereof. Computer maintained records of a Party when produced in hard copy form shall constitute business records and shall have the same validity as any other generally recognized business records.

ATTACHMENT A

Business Associate Agreement

This Business Associate Agreement (“BAA”) is effective as of the Effective Date of the Master Subscription Agreement provided hereof. Customer may be referred to as a “Covered Entity”, Nabla Technologies, Inc. as a “Business Associate”, each as a “Party” and collectively, the “Parties”. Customer’s execution of an Order Form that references the Master Subscription Agreement constitutes Customer’s agreement to this BAA.

RECITALS

WHEREAS, Business Associate performs certain services for or on behalf of Covered Entity, and in performing said services, Business Associate creates, receives, maintains, or transmits Protected Health Information (“PHI”);

WHEREAS, the Parties intend to protect the privacy and provide for the security of the PHI Disclosed (as defined below) by Covered Entity to Business Associate, or created, received, maintained, or transmitted by Business Associate, when providing services. Such PHI will be protected in compliance with the Health Insurance Portability and Accountability Act (“HIPAA”), the Health Information Technology for Economic and Clinical Health Act (Public Law 111-005) (the “HITECH Act”) and its implementing regulations and guidance issued by the Secretary of the U.S. Department of Health and Human Services (“Secretary”) (collectively, the “HIPAA Regulations”); and WHEREAS, Covered Entity is required under the HIPAA Regulations to enter into a Business Associate Agreement that meets certain requirements with respect to the Use (as defined below) and Disclosure of PHI, which are met by this BAA. Accordingly, to the extent Business Associate is functioning as a “business associate” as defined in the HIPAA Regulations, Business Associate agrees to comply with this BAA. In consideration of the Recitals and for other good and valuable consideration, the receipt and adequacy of which is hereby acknowledged, the Parties agree as follows:

1. DEFINITIONS

The following terms shall have the respective meanings set forth below. Capitalized terms used in this BAA and not otherwise defined shall have the meanings ascribed to them in the HIPAA Regulations.

1.1. “Breach”

shall have the meaning given to such term under 45 C.F.R. § 164.402.

1.2. “Designated Record Set”

shall have the meaning given to such term under 45 C.F.R. § 164.501.

1.3. "Disclose” and “Disclosure"

mean, with respect to PHI, the release, transfer, provision of access to, or divulging in any other manner of PHI outside of Business Associate or to other than members of its Workforce, as set forth in 45 C.F.R. § 160.103.

1.4. “Electronic PHI” or “e-PHI

means PHI that is transmitted or maintained in electronic media, as set forth in 45 C.F.R. § 160.103.

1.5. “Protected Health Information” and “PHI

mean any information, whether oral or recorded in any form or medium, provided by Covered Entity to Business Associate, that: (a) relates to the past, present or future physical or mental health or condition of an individual; the provision of health care to an individual, or the past, present or future payment for the provision of health care to an individual; (b) identifies the individual (or for which there is a reasonable basis for believing that the information can be used to identify the individual); and (c) shall have the meaning given to such term under 45 C.F.R. § 160.103. Protected Health Information includes e-PHI.

1.6. “Required by Law”

shall have the meaning given to such term under 45 C.F.R. § 164.103.

1.7. “Security Incident”

shall have the meaning given to such term under 45 C.F.R. § 164.304.

1.8. “Services”

shall mean the services or functions performed by Business Associate for or on behalf of Covered Entity pursuant to any service agreement(s) between Covered Entity and Business Associate which may be in effect now or from time to time (“Agreement”), or, if no such agreement is in effect, the services or functions performed by Business Associate that constitute a “business associate” relationship, as set forth in 45 C.F.R. § 160.103.

1.9. “Unsecured PHI”

shall have the meaning given to such term under 42 U.S.C. § 17932(h), 45 C.F.R. § 164.402, and guidance issued pursuant to the HITECH Act including, but not limited to the guidance issued on April 17, 2009 and published in 74 Federal Register 19006 (April 27, 2009) by the Secretary.

1.10. “Use” or “Uses

mean, with respect to PHI, the sharing, employment, application, utilization, examination or analysis of such PHI within Business Associate’s internal operations, as set forth in 45 C.F.R. § 160.103.

1.11. “Workforce”

shall have the meaning given to such term under 45 C.F.R. § 160.103.

2. OBLIGATIONS OF BUSINESS ASSOCIATE

2.1. Permitted Uses and Disclosures of PHI

Business Associate shall not Use or Disclose PHI created, received, maintained, or transmitted for or on behalf of Covered Entity except to perform the Services required by the Underlying Agreement, or as permitted by this BAA or Required by Law. Business Associate shall not Use or Disclose PHI in any manner that would constitute a violation of the HIPAA Regulations if so Used or Disclosed by Covered Entity. Without limiting the generality of the foregoing, Business Associate is permitted to (i) Use and Disclose PHI for the proper management and administration of BusinessAssociate or to carry out the legal responsibilities of Business Associate, provided that with respect to any such Disclosure either: (a) the Disclosure is Required by Law; or (b) Business Associate obtains agreement from the person to whom the PHI is to be Disclosed that such person will hold the PHI in confidence and will not Use or further Disclose such PHI except as Required by Law and for the purpose(s) for which it was Disclosed by Business Associate to such person, and that such person will notify Business Associate of any instances of which it is aware in which the confidentiality of the PHI has been breached; (ii) Use PHI in connection with the Health Care Operations of Covered Entity; and (iii) Use PHI to create de-identified information in accordance with the requirements outlined in the HIPAA Regulations for (a) product improvement, development, and support, (b) technical support, (c) audit, corrective actions and diagnostics, and (d) other operational purposes in connection with the Services. PHI that has been de- identified will no longer be subject to the terms of this BAA.

2.2. Adequate Safeguards of PHI

Business Associate agrees to use appropriate safeguards and comply, where applicable, with Subpart C of 45 C.F.R. Part 164 with respect to e-PHI, to prevent use or disclosure of the information other than as provided for by this BAA.

2.3. Mitigation

Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a Use or Disclosure of PHI by Business Associate in violation of the requirements of this BAA.

2.4. Reporting Breaches, Security Incidents, and Non-Permitted Uses or Disclosures

Business Associate shall notify Covered Entity of any Use or Disclosure by Business Associate or its Subcontractors that is not permitted by this BAA and each Security Incident, including Breaches of Unsecured PHI, within five (5) business days of discovery. Notwithstanding the foregoing, Business Associate and Covered Entity acknowledge the ongoing existence and occurrence of attempted but ineffective Security Incidents that are trivial in nature, such as pings and other broadcast service attacks, and Covered Entity acknowledges and agrees that no additional notification to Covered Entity of such ineffective Security Incidents is required, as long as no such incident results in unauthorized access, Use or Disclosure of PHI. If Business Associate determines that a Breach of Unsecured PHI has occurred, Business Associate shall provide a written report to Covered Entity without unreasonable delay and no later than thirty (30) calendar days after discovery of the Breach. To the extent that information is available to Business Associate, Business Associate’s written report to Covered Entity shall be in accordance with 45 C.F.R. § 164.410(c). If a Breach, Security Incident, or Use or Disclosure of PHI not permitted by this BAA was the fault of Business Associate, Business Associate shall reimburse Covered Entity for the direct, reasonable, out- of-pocket costs of providing legally required notifications to affected individuals.

2.5. Delegated Responsibilities

To the extent that Business Associate carries out one or more of Covered Entity’s obligations under Subpart E of 45 C.F.R. Part 164, Business Associate must comply with the requirements of Subpart E that apply to Covered Entities in the performance of such obligations.

2.6. Availability of Internal Practices, Books, and Records to Government

Business Associate agrees to make its internal practices, books and records relating to the Use and Disclosure of Covered Entity’s PHI available to the Secretary for purposes of determining Covered Entity’s compliance with the HIPAA Regulations.

2.7. Access to and Amendment of Protected Health Information

To the extent that Business Associate maintains a Designated Record Set on behalf of Covered Entity, Business Associate shall (i) make the PHI it maintains (or which is maintained by its Subcontractors) in such Designated Record Set available to Covered Entity for inspection and copying to enable Covered Entity to fulfill its obligations under 45 C.F.R. § 164.524 within fifteen (15) business days of a written request by Covered

Entity; and (ii) amend the PHI it maintains (or which is maintained by its Subcontractors) in such Designated Record Sets to enable the Covered Entity to fulfill its obligations under 45 C.F.R. § 164.526 within fifteen (15) business days of a written request by Covered Entity.

2.8. Accounting

Business Associate agrees to document such disclosures of PHI and information related to such disclosures as would be required for Covered Entity to respond to a request by an individual for an accounting of disclosures of PHI in accordance with 45 C.F.R. § 164.528. Business Associate shall provide to Covered Entity or, at the request of Covered Entity directly to an individual, in the time and manner designated by Covered Entity, but in no event longer than fifteen (15) days after Business Associate’s receipt of a written request from Covered Entity, information collected in accordance this Section 2.8 of this BAA, to permit Covered Entity to respond to a request by an individual for an accounting of disclosures of PHI in accordance with 45 C.F.R. § 164.528.

2.9. Use of Subcontractors

Business Associate shall require each of its Subcontractors that creates, receives, maintains, or transmits PHI on behalf of Business Associate, to execute a written agreement that includes substantially the same restrictions and conditions that apply to Business Associate under this BAA with respect to PHI.

2.10. Minimum Necessary

Business Associate (and its Subcontractors) shall, to the extent practicable, limit its request, Use, or Disclosure of PHI to the minimum amount of PHI necessary to accomplish the purpose of the request, Use or Disclosure, in accordance with 42 U.S.C. § 17935(b) and 45 C.F.R. § 164.502(b)(1) or any other guidance issued thereunder.

3. TERM AND TERMINATION

3.1. Term

The term of this BAA shall be effective as of the Effective Date and shall remain in effect until all of the PHI provided by Covered Entity to Business Associate, or created or received by Business Associate on behalf of Covered Entity, is destroyed or returned to Covered Entity, or, if it is infeasible to return or destroy PHI, protections are extended to such information, in accordance with Section 3.3.

3.2. Termination for Cause

In addition to and notwithstanding the termination provisions set forth in any Underlying Agreement, upon Covered Entity’s or Business Associate’s knowledge of a material breach or violation of this BAA by the other Party, the non-breaching Party shall notify the breaching Party of the breach in writing, and provide an opportunity for the breaching Party to cure the breach or end the violation within thirty (30) days of such notification; provided that if the breaching Party fails to cure the breach or end the violation within such time period to the satisfaction of the non-breaching Party, the non-breaching Party may immediately terminate this BAA upon written notice to the breaching Party

3.3. Disposition of PHI Upon Termination

Upon termination or expiration of this BAA, Business Associate shall either return or destroy all PHI received from, or created or received by Business Associate on behalf of Covered Entity, that Business Associate still maintains in any form and retain no copies of such PHI. If return or destruction is not feasible, Business Associate shall continue to extend the protections of this BAA to the PHI for as long as Business Associate retains the PHI and limit further Uses and Disclosures of such PHI to those purposes that make the return or destruction of the PHI infeasible.

4. MISCELLANEOUS

4.1. Covered Entity’s Obligations

Covered Entity shall notify Business Associate in writing of any of the following, to the extent that such limitation, change, revocation, or restriction may affect Business Associate’s Use or Disclosure of PHI: (i) any limitation(s) in Covered Entity’s notice of privacy practices; (ii) any changes in, or revocation of, permission by an individual to Use or Disclose PHI; or (iii) any restriction to the Use or Disclosure of PHI that Covered Entity has agreed to in accordance with 45 C.F.R. § 164.522. Covered Entity will obtain any consent or authorization that may be required by the HIPAA Regulations, or applicable state law, prior to furnishing Business Associate with PHI.

4.2. Amendment to Comply with Law

To the extent applicable, amendments or modification to the HIPAA Regulations may require amendments to certain provisions of this BAA. Amendments shall only be effective if executed in writing and signed by a duly authorized representative of each Party, except to the extent required to comply with the HIPAA Regulations, in which case Nabla may update this BAA upon written notice to Covered Entity.

4.3. Relationship to Underlying Agreement Provisions

In the event that a provision of this BAA is contrary to a provision of an Underlying Agreement, the provision of this BAA shall control. Otherwise, this BAA shall be construed under, and in accordance with, the terms of such Underlying Agreement, and shall be considered an amendment of and supplement to such Underlying Agreement.

4.4. Notices

All notices, requests, and demands, or other communication to be given under this BAA to a Party will be made via electronic mail to the address given in the Underlying Agreement, unless otherwise set forth below. If to Covered Entity: email set forth in the applicable Order Form

If to Business Associate: dpo@nabla.com

4.5. Relationship of Parties

Notwithstanding anything to the contrary in any Underlying Agreement, Business Associate is an independent contractor and not an agent of Covered Entity under this BAA. Business Associate has the sole right and obligation to supervise, manage, contract, direct, procure, perform or cause to be performed all Business Associate obligations under this BAA.

4.6. Interpretation

This BAA shall be interpreted as broadly as necessary to implement and comply with the HIPAA Regulations. The Parties agree that any ambiguity in this BAA shall be resolved in favor of a meaning that complies and is consistent with such laws and regulations.

4.7. Regulatory References

A reference in this BAA to a section in the HIPAA Regulations means the section as in effect or as amended, and for which compliance is required.

4.8. No Third Party Beneficiaries

Nothing expressed or implied in this BAA is intended to confer, nor shall anything herein confer, upon any person other than the Parties and the respective successors or assigns of the Parties, any rights, remedies, obligations, or liabilities whatsoever.

Nabla Technologies, Inc. | Confidential