1. Introduction

1.1 Purpose

These Terms & Conditions (“Terms”, “Agreement”) govern access to and use of the Octor clinical workflow platform, websites, mobile applications, device integrations, APIs, teleconsultation modules, and any associated services (“Services”) provided by Octor Health Tech Private Limited (“Octor”, “we”, “us”, “our”).

1.2 Contractual Relationship

By using the Services, you enter into a legally binding agreement with Octor. If you use Octor on behalf of a clinic, hospital, or healthcare network (“Customer”), you represent that you have the authority to bind that entity.

1.3 Acceptance

If you do not agree to these Terms, discontinue use immediately.

2. Acceptance of Terms

2.1 Electronic Acceptance

Using the Services constitutes electronic acceptance of these Terms.

2.2 Updates

Octor may update or modify these Terms at any time. Continued use constitutes acceptance.

2.3 Supplemental Agreements

Additional documents such as Order Forms, Data Processing Agreements, or SLAs may apply.

3. Eligibility & Authorized Users

3.1 Clinical Professionals

Only licensed doctors, nurses, medical technicians, paramedics, or authorized clinical staff may use clinical features.

3.2 Administrative Staff

Administrative users may access scheduling, billing, or patient intake tools.

3.3 Patients

Patients may participate only through teleconsultation modules or as permitted.

3.4 Identity Verification

Octor may require identity verification for certain features.

4. Account Registration & Security

4.1 Accurate Information

Users must provide accurate and complete registration information.

4.2 Responsibility

Users are responsible for safeguarding login credentials.

4.3 Unauthorized Access

Users must notify Octor of unauthorized access or security breaches.

4.4 Multi-Factor Authentication

Octor may enforce MFA for specific roles or customers.

5. Role of Octor (Controller & Processor Model)

5.1 Octor as Data Controller

• Account-level data
• Authentication metadata
• Usage analytics
• Customer support data

5.2 Octor as Data Processor

Octor acts as Processor for PHI controlled by clinics/hospitals.

5.3 Shared Responsibilities

Customers must:

• Ensure lawful PHI collection
• Configure access controls
• Validate AI-generated notes
• Ensure compliance with telemedicine laws

6. License Grant & Restrictions

6.1 License Grant

Octor grants a limited, non-exclusive, non-transferable, revocable license for internal clinical operations.

6.2 Restrictions

Users may not:

• Copy or reproduce the platform
• Reverse engineer or decompile
• Sell, distribute, or sublicense
• Tamper with device integrations
• Attempt to bypass security
• Use AI outputs as final medical advice without review

6.3 No Ownership Transfer

This Agreement does not transfer ownership.

7. Use of the Services

7.1 Acceptable Use

Users must comply with:

• Medical practice standards
• Healthcare regulations
• Local telemedicine laws

7.2 Device Requirements

Compatible hardware and connectivity are required.

7.3 Updates & Improvements

Octor may update the platform; updates may be required for continued use.

8. Prohibited Uses

Users must NOT:

8.1 Security Violations

• Access accounts without authorization
• Deploy malware, bots, or scraping tools
• Interfere with network operations

8.2 PHI Misuse

• Download or export PHI unlawfully
• Share PHI outside authorized roles

8.3 Abuse of Teleconsultation

• Record sessions without consent
• Impersonate patients or providers

9. Clinical Use & AI Disclaimer

9.1 AI Assistance

Octor offers AI-assisted features including:

• SOAP note drafting
• Summaries
• Transcriptions

9.2 No Medical Judgment

AI outputs:

• Are drafts
• Require human review
• Must not be used as final judgment

9.3 Practitioner Responsibility

Clinicians alone are responsible for medical decisions.

10. Device Integration Terms

10.1 Device Accuracy

Vital accuracy depends on device manufacturer calibration.

10.2 Third-Party Devices

Octor is not liable for:

• Faulty devices
• Incorrect readings
• Outdated calibers

10.3 Connectivity Requirements

Users must ensure proper pairing and permissions.

11. Teleconsultation Terms

11.1 Legal Compliance

Use must comply with telemedicine laws and medical council regulations.

11.2 Identity Verification

Providers must verify patient identity when required.

11.3 Encryption

All sessions use encrypted channels.

12. Third-Party Services & Integrations

12.1 Responsibility

Octor is not responsible for:

• Third-party downtimes
• HIS/EMR errors
• Inaccurate data exchange

12.2 Data Sharing

Only authorized integrations may exchange PHI.

13. Service Availability, Uptime & Maintenance

13.1 No Absolute Guarantee

Octor strives for high availability but cannot guarantee uptime.

13.2 Scheduled Maintenance

Notices will be provided.

13.3 Emergency Downtime

Emergency maintenance may occur without notice.

14. Intellectual Property Rights

14.1 Ownership

All platform code, content, design, and trademarks belong to Octor.

14.2 No Implied Rights

No rights are granted beyond the Agreement.

15. Fees, Billing & Payment Terms

15.1 Enterprise Contracts

Pricing defined in Order Forms.

15.2 No Card Data Collection

Octor does not store or process card numbers.

15.3 Non-Payment

Non-payment may lead to suspension or termination.

16. Confidentiality

16.1 Definition

Confidential Information includes:

• PHI
• Customer data
• Technical information
• Financial details

16.2 Obligations

Both parties must protect Confidential Information.

17. Data Protection & Privacy

17.1 Compliance

Processing follows the Privacy Policy and applicable laws.

17.2 Customer Responsibilities

Customers must:

• Obtain patient consent
• Ensure lawful PHI use

18. Security Obligations

18.1 Octor Responsibilities

• Encryption
• Access controls
• Monitoring
• Secure development practices

18.2 Customer Responsibilities

• Proper device security
• Strong authentication
• Immediate breach reporting

19. Sub-Processors

19.1 Approval

Octor may engage sub-processors for:

• Hosting
• Email delivery
• SMS/OTP
• Monitoring
• Error logging

19.2 Obligations

Sub-processors must implement equivalent security standards.

20. Limitation of Liability

20.1 Exclusions

Octor is not liable for:

• Indirect, incidental, or consequential damages
• Device inaccuracies
• Clinical negligence
• Third-party failures

20.2 Cap on Liability

Liability is limited to fees paid in the past 12 months.

21. Indemnification

Customers agree to indemnify Octor for:

• Violations of these Terms
• Unlawful PHI use
• Misuse of AI features
• Misuse of device integrations

22. Warranties & Disclaimers

22.1 As-Is Basis

Services are provided as-is.

22.2 No Warranty

No warranty for:

• Accuracy
• Availability
• Reliability
• Clinical suitability

23. Termination & Suspension

23.1 Grounds

Octor may suspend/terminate for:

• Violations
• Security issues
• Legal compliance
• Non-payment

23.2 Customer Termination

Customers may terminate as per contract.

24. Effects of Termination

After termination:

• Access revoked
• PHI returned or deleted
• Compliance logs may be retained

25. Governing Law

Indian law governs this Agreement. Courts of Bengaluru, Karnataka have exclusive jurisdiction.

26. Dispute Resolution

26.1 Internal Resolution

Parties should attempt negotiation.

26.2 Mediation

Mediation encouraged if unresolved.

26.3 Arbitration

Arbitration under the Indian Arbitration and Conciliation Act applies.

27. Compliance With Laws

Users must comply with:

• Medical regulations
• Telemedicine guidelines
• Local data protection laws

28. Anti-Bribery, Anti-Corruption & Ethics

Users must not engage in:

• Bribery
• Kickbacks
• Fraud
• Unethical clinical practices

29. Service Level Agreements (SLA)

(Optional — Provided upon request)

30. Business Continuity & Disaster Recovery

Octor maintains:

• Redundant infrastructure
• Failover clusters
• Data backup policies

31. Modifications to Terms

Octor may update Terms anytime. Users will be notified of material changes.