Terms & Conditions of use

AnalystAssist – Software-as-a-Service Master Agreement

Effective Date: 12 February 2026
Last Updated: 24 March 2026

This Terms and Conditions of Use Agreement (“Agreement”) is entered into between:

Naturecure Academy Ltd, trading as AnalystAssist, a company incorporated in England and Wales with registered office at Wilbees Road, Polegate, East Sussex, BN26 6RU, United Kingdom (“Company”, “AnalystAssist”, “we”, “us”, or “our”),

and

the individual healthcare professional or legal entity registering for or using the Platform (“User”, “Practitioner”, “you”, or “your”).

By registering for, accessing, or using the Platform, you agree to be legally bound by this Agreement. If you do not agree, you must not access or use the Platform.

1. INTERPRETATION AND DEFINITIONS

In this Agreement, the following terms shall have the meanings set out below, unless the context requires otherwise:

1.1 Account – A registered user account granting authenticated access to the Platform.
1.2 Appointment Record – Any appointment entry, scheduling information, calendar data, associated metadata, reminders, linked files, and related content stored within the Platform.
1.3 Client Record – Any patient or client file, record, identifying information, clinical note, intake form, transcript, uploaded file, image, report, attachment, metadata, or associated content stored within the Platform.
1.4 Confidential Information – Non-public information disclosed by one party to the other, including but not limited to technical, business, operational, clinical, or commercial information.
1.5 PHI – Protected Health Information as defined under HIPAA or equivalent laws applicable in the User’s jurisdiction.
1.6 Platform – The AnalystAssist cloud-based healthcare software application, accessible via app.analystassist.com or other authorised access points.
1.7 Free Trial Account – A no-fee, limited-functionality account granted at the discretion of the Company.
1.8 Pro Subscription – A paid recurring subscription tier providing full or expanded access to Platform features.
1.9 Subscription Period – The recurring billing period selected by the User.
1.10 Privacy Policy – The Company’s published Privacy Policy available here.
1.11 References to legislation include amendments, replacements, and successor legislation applicable in the User’s jurisdiction.

2. SCOPE, NATURE OF SERVICE, AND DISCLAIMER

2.1 The Platform is a secure, cloud-hosted software solution designed to support healthcare practitioners in managing clinical documentation, appointments, and patient records.

2.2 The Platform does not:

  • Provide medical advice;

  • Replace professional judgment;

  • Diagnose medical conditions;

  • Guarantee compliance with specific healthcare accreditation schemes;

  • Guarantee uninterrupted availability.

2.3 All clinical responsibility and professional judgment remain solely with the Practitioner.

2.4 The Platform is provided “as is” and “as available.” The Company excludes all warranties, whether express or implied, to the maximum extent permitted by law.

3. ELIGIBILITY AND PROFESSIONAL STATUS

3.1 You represent and warrant that:

  • You are legally authorised to provide healthcare services;

  • You are legally permitted to collect, process, and store health data, including PHI;

  • Your use of the Platform complies with all applicable healthcare, licensing, and regulatory obligations in your jurisdiction;

  • You will maintain all required licences, registrations, and professional certifications.

3.2 Only one (1) Account per individual is permitted unless expressly authorised by the Company in writing.

3.3 The Company reserves the right to refuse registration or suspend Accounts where professional eligibility or compliance is reasonably in doubt.

4. ACCOUNT REGISTRATION, SECURITY, AND FREE TRIALS

4.1 You must provide accurate, complete, and up-to-date information when registering an Account.

4.2 You are solely responsible for:

  • Maintaining confidentiality of login credentials;

  • Ensuring multi-factor authentication where available;

  • Restricting Account access to authorised personnel only.

4.3 You must immediately notify the Company of any suspected unauthorised access or security breach. The Company shall not be liable for losses arising from credential misuse unless caused by our breach.

4.4 Free Trial Accounts:

  • Are provided at the Company’s discretion and may include limitations on features or export functionality;

  • May be revoked, suspended, or deleted at any time without notice;

  • Inactive Free Trial Accounts that have had no login activity for twelve (12) consecutive months will be permanently deleted without prior notice, including all associated data; No warranty is provided for Free Trial Accounts.

  • No warranty is provided for Free Trial Accounts;

  • Eligibility criteria, feature limitations, and availability of Free Trial Accounts may be modified at any time.

4.5 Account Inactivity and Locking:

  • Any Account (whether Free Trial or Pro Subscription) that has had no login activity for one hundred and eighty (180) consecutive days will be automatically locked.

  • Locked Accounts cannot be accessed until reinstated. Users must contact customer support to request reinstatement.

  • The Company reserves the right to verify the identity of the Account holder before reinstating a locked Account.

  • Locking an Account does not delete any data; all Client Records, Appointment Records, and associated data are preserved while the Account is locked.

4.6 Inactive Pro Subscription Accounts:

  • Pro Subscription Accounts that have had no login activity for twenty-four (24) consecutive months may be permanently deleted.

  • The Company will provide at least thirty (30) days' written notice (via the email address associated with the Account) before permanently deleting an inactive Pro Subscription Account.

  • If the Account holder logs in or contacts support within the notice period, the Account will not be deleted.

  • Upon deletion, all Client Records, Appointment Records, uploaded files, images, and linked metadata are permanently and irreversibly removed.

5. ACCEPTABLE USE

You agree not to:
5.1 Use the Platform for unlawful purposes or in violation of applicable laws;

5.2 Upload content that is defamatory, fraudulent, abusive, infringing, or otherwise objectionable;

5.3 Attempt to gain unauthorised access to systems, infrastructure, or other Accounts;

5.4 Introduce malware, ransomware, viruses, or other harmful code;

5.5 Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of the Platform;

5.6 Resell, sublicense, or commercially exploit the Platform without prior written consent;

5.7 Use the Platform to process data in violation of applicable healthcare, privacy, or data protection laws;

5.8 Circumvent subscription controls, payment mechanisms, or security measures;

5.9 Use the Platform in a manner that may impair performance, security, or availability;

5.10 Use any automated means, including but not limited to bots, AI agents, crawlers, scrapers, spiders, scripts, headless browsers, browser automation frameworks (such as Selenium, Puppeteer, or Playwright), or any other automated technology to access, navigate, interact with, extract data from, or monitor the Platform;

5.11 Use AI, machine learning, or other automated tools to systematically map, replicate, reconstruct, or clone the Platform's user interface, design, features, workflows, functionality, or architecture;

5.12 Provide login credentials to, or grant access on behalf of, any automated system, bot, AI agent, or non-human actor;

5.13 Train, fine-tune, or develop any AI model, machine learning model, large language model, or data set using content, data, structure, or interactions obtained from the Platform;

5.14 Circumvent, disable, interfere with, or attempt to bypass any bot detection, rate limiting, firewall, access control, or other security measures implemented by the Company;

5.15 Access the Platform in a manner that generates request volumes substantially exceeding normal human usage patterns.

The Company actively monitors for automated access and employs technical measures including, but not limited to, Web Application Firewall rules, bot detection, behavioural anomaly detection, rate limiting, and honeypot monitoring. Violations may result in immediate Account suspension or termination without prior notice, in addition to any legal remedies available to the Company.

The Company may suspend or terminate Accounts for breach of this clause at its sole discretion.

6. LICENCE GRANT

6.1 Subject to compliance with this Agreement and payment of applicable fees, the Company grants you a limited, non-exclusive, non-transferable, revocable licence to access and use the Platform during an active Subscription Period.

6.2 No ownership rights, title, or interest in the Platform or intellectual property are transferred to you.

6.3 All rights not expressly granted are reserved by the Company.

7. INTELLECTUAL PROPERTY

7.1 The Platform, including source code, object code, databases, designs, workflow structures, architecture, trademarks, user interface design, layout, visual presentation, logos, and documentation, remains the exclusive property of the Company.

7.2 You retain ownership of all Client Records and Appointment Records.

7.3 By using the Platform, you grant the Company a limited licence to process your data solely to provide the service.

7.4 Any feedback, suggestions, or enhancement requests may be used by the Company without restriction or compensation.

7.5 You shall not remove or alter any proprietary notices or labels.

7.6 Users may not reverse engineer, copy, redistribute, resell, or create derivative works of the Platform without express written consent.

7.7 The visual design, user interface layout, interaction patterns, workflow structure, and overall look and feel of the Platform are protected intellectual property. Any reproduction, imitation, or derivative creation of these elements — whether produced manually, through automated tools, or with the assistance of AI — constitutes infringement.

8. SUBSCRIPTIONS, FEES, AND PAYMENT

8.1 Pro Subscriptions are billed via Stripe on a recurring basis according to the Subscription Period.

8.2 You authorise Stripe to charge your selected payment method.

8.3 The Company does not store full cardholder data.

8.4 Subscription fees are exclusive of taxes unless otherwise stated.

8.5 Failed payments may result in suspension of access.

8.6 Subscription fees, tiers, and features may be modified upon reasonable notice by email.

8.7 Upon expiry of a Subscription Period without renewal:

  • Access to the Account is suspended;

  • Data remains stored but inaccessible;

  • The User may request a single temporary 48-hour access window solely for data export, at the Company’s discretion.

8.8 Cancellation and Account closure:

  • Subscriptions remain active until the end of the current period;

  • No partial refunds are issued;

  • Deletion of Account and data is permanent and irreversible.

9. DATA OWNERSHIP, PROCESSING, EXPORT, AND DELETION

9.1 You remain the Controller of all Client Records and Appointment Records.

9.2 You are solely responsible for lawful collection, obtaining consent, and regulatory compliance.

9.3 The Company acts as Processor in relation to patient data.

9.4 The Company shall not:

  • Sell PHI;

  • Use PHI for advertising;

  • Train AI models on PHI;

  • Access PHI except as required for service provision or legal obligations.

9.5 Users may export data at any time; export links are active for seven (7) days unless otherwise stated.

9.6 Upon account closure:

  • All Client Records, Appointment Records, uploaded files, images, and linked metadata are permanently deleted;

  • Backup retention applies only within disaster recovery windows (approximately 14 days for SQL point-in-time restore; up to 3 years for long-term retention backups; 30 days for blob storage backup; 35 days for blob soft delete recovery);

  • Audit logs may be retained for compliance for up to six (6) years.

10. SECURITY AND AUDITING

10.1 The Company implements administrative, technical, and physical safeguards, including but not limited to:

  • TLS encryption;

  • AES-256 encryption at rest;

  • Role-based access control;

  • Multi-factor authentication;

  • Web Application Firewall;

  • Threat detection;

  • Private database endpoints;

  • Secure CI/CD deployment;

  • Automated bot and AI agent detection;

  • Behavioural anomaly monitoring;

  • Rate limiting and request throttling;

  • Honeypot and trap route monitoring.

10.2 Appropriate auditing procedures are implemented for compliance monitoring.

10.3 The Company reserves the right to monitor usage patterns and employ automated detection systems to identify and respond to bot activity, automated scraping, credential sharing, or other anomalous behaviour. Such monitoring may include logging of navigation patterns, request frequency, client-side environment signals, and User-Agent analysis.

10.4 No system guarantees absolute security. The Company is not liable for data corruption, loss, or unauthorised access beyond reasonable control.

11. HIPAA BUSINESS ASSOCIATE STATUS

11.1 Where applicable, the Company acts as a Business Associate.

11.2 A Business Associate Agreement ("BAA") is required prior to processing HIPAA-regulated PHI. The Company's BAA is automatically entered into by qualifying Covered Entities and Business Associates upon acceptance of these Terms. A copy of the BAA is available for download at www.analystassist.com/s/Business-Associate-Agreement.pdf. Covered Entities who require a countersigned copy may contact support@analystassist.com.

11.3 In the absence of an executed BAA, the Platform must not be used for HIPAA PHI.

11.4 The Company's infrastructure sub-processor, Microsoft Azure, provides HIPAA BAA coverage through the Microsoft Product Terms and Data Protection Addendum (DPA). The BAA is automatically effective upon the Company's acceptance of the Azure licensing agreement and does not require a separately signed document. A copy of the Microsoft HIPAA BAA is available from the [Microsoft Service Trust Portal](https://aka.ms/BAA) and is retained on file by the Company.

12. SERVICE AVAILABILITY, OUTAGES, AND DISCONTINUATION

12.1 The Platform may be temporarily unavailable for maintenance, security upgrades, operational reasons, or infrastructure updates.

12.2 Advance notice will be provided where reasonably practicable, when service outages are expected to be over an extended period of time.

12.3 The Company is not liable for outages caused by events beyond reasonable control, including cyberattacks, infrastructure failures, terrorism, computer viruses, or third-party infrastructure failures.

12.4 The Company reserves the right to permanently discontinue the Platform with a minimum of thirty (30) days’ notice. During this period, Users may export data. Paid subscriptions will be refunded on a pro-rata basis for unused periods.

13. COMMUNICATIONS AND NOTICES

13.1 The Company may contact Users regarding Account matters, billing, compliance, security alerts, or service changes.

13.2 Notices may be provided via email, in-Platform notification, or website publication.

13.3 Marketing communications are only sent where permitted by law; Users may unsubscribe at any time.

14. LIMITATION OF LIABILITY

14.1 The Company shall not be liable for:

  • Indirect or consequential losses;

  • Loss of profits or business opportunities;

  • Regulatory penalties incurred by Users;

  • Data loss outside backup windows.

14.2 Aggregate liability is limited to fees paid by the User in the preceding twelve (12) months.

14.3 Nothing excludes liability for fraud, death, or personal injury caused by negligence, or other non-excludable liabilities.

15. INDEMNITY

You shall indemnify, defend, and hold harmless the Company, its officers, directors, employees, and agents from and against all claims, liabilities, damages, losses, and expenses arising from:

  • Professional negligence or malpractice;

  • Regulatory violations;

  • Unlawful processing of data;

  • Breach of this Agreement.

16. SUSPENSION, BLOCKING, AND TERMINATION

16.1 The Company may suspend, block, or terminate Accounts for:

  • Breach of these Terms;

  • Security concerns;

  • Regulatory risk;

  • Non-payment;

  • Insolvency.

16.2 Access ceases immediately upon suspension or termination.

16.3 Blocked Users may submit an appeal; the Company’s decision is final.

16.4 Refunds, if any, are at the Company’s discretion; pro-rata refunds are not guaranteed except in cases of permanent Platform discontinuation.

17. TECHNICAL SUPPORT & UNFORESEEN ISSUES

17.1 The Company shall provide technical support related to the use of the Platform by email during UK standard business hours.

17.2 Every effort will be made to fix technical issues as soon as possible; however, the Company makes no guarantee about the timescale required, and cannot be held liable for impacts to usability of the Platform caused by technical issues related to application code, hosting platform configuration or any other unforeseen technical problem.

18. FORCE MAJEURE

The Company shall not be liable for any delay, failure, or interruption caused by events beyond its reasonable control, including but not limited to natural disasters, cyberattacks, infrastructure failures, governmental action, or acts of terrorism.

19. ASSIGNMENT

19.1 You may not assign or transfer your rights or obligations under this Agreement without the prior written consent of the Company.

19.2 The Company may assign or transfer this Agreement in connection with a merger, acquisition, or sale of assets without restriction.

20. SEVERABILITY

If any provision of this Agreement is held to be invalid, illegal, or unenforceable, the remaining provisions shall remain in full force and effect.

21. WAIVER

Failure to enforce any right or provision of this Agreement shall not constitute a waiver of that right or provision.

22. VARIATION

The Company may amend or update these Terms from time to time. Continued use of the Platform constitutes acceptance of the revised Terms.

23. ENTIRE AGREEMENT

This Agreement, together with the Privacy Policy and any executed BAA or Data Processing Agreement (“DPA”), constitutes the entire agreement between the parties.

No third party shall have rights under the Contracts (Rights of Third Parties) Act 1999.

24. GOVERNING LAW AND JURISDICTION

This Agreement shall be governed by and construed in accordance with the laws of England and Wales.

The courts of England and Wales shall have exclusive jurisdiction over any dispute arising out of or in connection with this Agreement, subject to mandatory statutory rights.