Terms of Service

Last updated: 12/01/2022

1. Introduction

By accessing or using the software and/or signifying your acceptance to these Terms of Service, you agree to be bound by this agreement as and/or on behalf of the person/entity listed in the account creation, sign up or similar form (“Registration Form”), the account owner and the practice. You represent and warrant that you have full authority to bind the account owner and the practice to these Terms of Service. If you do not agree to these Terms of Service and do not have the necessary authority, you may not access or use the Service (as defined in terms of Service) offered by iSpeax Tech, Inc (referred to as “iSpeax”, “iSpeax Marketplace”, “Platform”, “Software”, “Service”, or “Us” or “We”).

These Terms of Service (“Agreement” or “Terms of Service”) are binding between the account owner(s) (referred to as “Account Owner”, “You”, “Your” or “Yourself”) and iSpeax. The Terms of Service will govern your and any team members’ use of the Service, including the rights and obligations associated with user data placed in the Service, and the intellectual property rights related to it. An account will be created to access the Service, and by accessing, using, subscribing, purchasing, or downloading the Service or any content from the website, you agree to follow and be bound by these terms and any other terms in any other agreements you enter into with iSpeax Tech, Inc. If you do not agree with these Terms of Service, you and any team members may not use the website or the Service.

If you know or suspect that a team member has violated the Terms of Service, you are responsible for revoking their access rights immediately. Similarly, if you become aware that a team member no longer possesses the necessary licenses or credentials or is no longer affiliated with you, you must immediately revoke their access rights.

NOTICE OF ARBITRATION AGREEMENT AND CLASS ACTION WAIVER: THIS AGREEMENT INCLUDES A BINDING ARBITRATION CLAUSE AND A CLASS ACTION WAIVER THAT WILL AFFECT YOUR RIGHTS IN RESOLVING ANY DISPUTES WITH ISPEAX TECH, INC. PLEASE READ IT CAREFULLY.

These Terms of Service apply to your and any team members' use of the Service and all transactions made through the website in the use of the Service. You indicate your agreement to these Terms of Service by any action that demonstrates your assent, including clicking on any button containing phrases such as “I agree”, “Start my free trial”, “Join Now”, “Sign Up”, “Create my account” or similar, accessing the website, establishing an account, or using the Service, whether you have read these Terms of Service or not. By clicking any such button or accessing, downloading, or using, any content from our website, software or platform, you inidcate your approval and agreement to these Terms of Service. It is recommended that you print a copy of these Terms of Service for your records.

iSpeax may modify these Terms of Service at any time, and the changes will take effect immediately upon notification as described in Section 30. By continuing to access or use the Service after the effective date of any change, you agree to be bound by the modified Terms of Service.

2. Definitions

"Account Owner" refers to the person or entity responsible for setting up the account and all associated activities and obligations, including payment and deletion of the account. This also includes all users and team members within the account who are jointly and severally responsible for the account obligations. The term "Account Owner" can also refer to multiple individuals or entities. 

"Content" refers to the goalbank, progress report templates, present levels templates, session notes templates, worksheets, lesson plans, digital downloads, articles, libraries, or any other content provided by iSpeax Tech, Inc's Service.

"Dispute" refers to any disagreement, legal action, or controversy between the user and iSpeax Tech, Inc regarding the Service, transactions, communication, or this agreement.

 "HIPAA" refers to the Health Insurance Portability and Accountability Act of 1996 and the Health Information Technology for Economic and Clinical Health Act and their relevant regulations. 

"Intellectual Property Rights" refers to legal rights for copyrights, trademarks, patents, and other proprietary information. 

"Payment Data" refers to personal or financial information collected from a payment method, such as credit card information.

"Protected Health Information" or "PHI" refers to protected health information defined by HIPAA's Privacy Rule.

"Servers" refer to the computers hosting iSpeax Tech, Inc's Service. 

"Service" refers to iSpeax Tech, Inc's technology and software platforms, including the caseload management system, iSpeax website services, and other related Services.

"iSpeax Software" refers to the software provided to the user by iSpeax Tech, Inc.

"Stripe Payment Processing Services" refer to the Services that enable payment management and processing, as well as business Services and analytics. 

"Team Member" refers to the Account Owner's staff, contractors, or authorized Service providers who have access to the account. 

"Transaction Data" refers to customer information, user data, payment data, and transaction information collected by the Service. 

"User Data" refers to any data submitted or collected by the Service, including Protected Health Information and Transaction Data. 

"User" refers to the Account Owner, Team Member, or the Account Owner's or Team Member's clients. 

"Website" refers to the websites and Services offered by iSpeax Tech, Inc, including related domains, subdomains and mobile applications available through https://ispeax.com, https://store.ispeax.com, https://app.ispeax.com.

3. Verifying Account 

By agreeing to these Terms of Service, you certify that you are at least 18 years old or the minimum legal age in your jurisdiction if it is higher. You have the legal capacity to enter into this agreement on behalf of the Account Owner. To access the Service, you must submit to account verification by iSpeax and provide accurate identification information as requested. You are responsible for securing your and your Users' account information, including user names and passwords. By accepting these Terms of Service, you and the Account Owner are responsible for obtaining consent from the parents or legal guardians to store, collect or share any data and information about any child who is under the age of 18. 

4. Creating Account

To use the Service, you need to create an Account with iSpeax. You must supply accurate and up-to-date information about yourself and the person creating the Account (known as "Registration Data") during the registration process and keep it accurate using the account management tools provided. ISpeax will assign you as the Account Owner. You and your team members must each choose a username for identification under your account.

5. Account Use

As the Account Owner, you are accountable for all actions taken through your Account, including those of Team Members and Users, and for the activities carried out through your username. You are also responsible for ensuring that any User you add to your account or grant access to your Account, such as related Service providers, special eduction staff, administrators or other professionals servicing the student within your organization, are authorized and have permissions to access sensitive data or personally identifiable information of your students or clients. If any fraudulent activity, violation of laws, regulations, or these Terms of Service occurs in connection with your Account, whether by you or someone else, iSpeax reserves the right to suspend or terminate your access to the Service and Account as outlined in Section 22. You will also be held financially responsible for any consequences incurred by iSpeax as a result of these actions. You, as the Account Owner, acknowledge that you are solely responsible for ensuring that the use of the Service by yourself and any individuals granted access to your Account through you (collectively, "Users"), complies with all applicable laws, including the Health Insurance Portability and Accountability Act (HIPAA). You represent and warrant that you have entered into all necessary Business Associate Agreements (BAAs) with any Users or third-party service providers that may handle protected health information as part of their use of the Service. iSpeax shall not be held responsible for any violations of HIPAA or other privacy laws by yourself or any Users.

6. Password Use

As the Account Owner, You must select a secure password when establishing Your Account with iSpeax. It is Your responsibility to keep Your password confidential, and any damages, claims, losses or other harm resulting from the disclosure of Your password, authorization of its disclosure, or unauthorized use of Your password or Account by any person, are Your sole responsibility. Do not respond to any online request for Your password, except during the log-in process to the Service. iSpeax does not store information or has access to Account Owner’s passwords. Sharing Your password with others is done at Your own risk.

Each user accessing Your Account must have a unique username and password. Team Members and Users are prohibited from sharing their login credentials and any such sharing may result in suspension or termination of access for the User and Account Owner, and/or additional charges, as determined by iSpeax.

7. Pricing and Billing

iSpeax Tech, Inc. provides the Service for the fees and charges set forth on the Website at /pricing/ or any other location on the Website. All listed prices exclude all Sales Taxes and such Sales Taxes shall be borne solely by the Account Owner and paid to iSpeax Tech, Inc. Additionally, where applicable, the Account Owner is responsible for all Sales Taxes, and iSpeax Tech, Inc. reserves the right to collect Sales Taxes retroactively. We may add new services for additional fees and charges, or prospectively modify fees and charges for existing services (including prospectively charging fees for the Service not previously charged for) on notice as provided herein. You are responsible for ensuring payment in advance for all paid aspects of the Service and ensuring that your payment methods accepted by iSpeax Tech, Inc., including Stripe, are valid and sufficient for such purposes. In the event that any payment is declined, we may suspend or terminate your use and your Account's use, as provided in Section 22. The agreement with respect to other services and fees due to iSpeax Tech, Inc. incorporates by reference these Terms of Service, as well as any specific terms and conditions presented to you. There will be no refund on termination or expiration of the Agreement. All payments made to iSpeax Tech, Inc. will be earned by iSpeax Tech, Inc. as of the date of payment, and there will be no refund for partial use of the Service or credits at any time.

8. Modification of Service

iSpeax may change, add, or remove parts of the Service at any time for reasons such as meeting legal requirements, abiding by laws and regulations, improving security and functionality, fixing errors, or other purposes, at its sole discretion.

9. Personal Information, User Data, Use of Information, Data Deletion, Protected Health Information (PHI)

Our Privacy Policy explains how we use and share Personal Information, like the Payment and Registration Data you provide, and any other Personal Information we receive when you ask us for more information about our service or receive updates and promotions from us. It's important to note that our Privacy Policy does not apply to any Personal Information within the User Data we collect and process only on your behalf when we provide the Service.

When you use our Service, iSpeax will not sell any Personal Information contained in User Data. We'll only use or disclose the Personal Information you provide us about your clients and clients for the purpose of fulfilling our obligations under these Terms of Service, including providing and improving the Service under these Terms of Service. We won't use or disclose Personal Information about your clients and clients outside of our direct business or contractual relationship with you or the legal entity under which you practice or are employed.

We won't use any PHI that is not permitted by these Terms of Service, the BAA (as defined below), or that is prohibited by applicable law, including but not limited to HIPAA and FERPA

It's your responsibility to comply with all privacy and data protection laws and ensure that you've provided all necessary notices and obtained all necessary consents (including with respect to third parties' access) from your Users, clients, and clients. You must ensure that the User (including without limitation your clients and clients) have agreed to the collection of their User Data (including PHI) and access of their User Data by you, us, and, where applicable, other third parties.

If we receive a subpoena, court order, or other legal requests that require us to disclose any of your clients' or clients' User Data (including PHI), or any of your data or information or any User Data, we'll let you know about it before we disclose the PHI or other data or information or any User Data, unless a court of competent jurisdiction orders us not to do so or law enforcement requests that we do not notify you or our legal counsel advises us that prior notification is not required or in violation of applicable law.

If this Agreement is terminated for any reason, you can use the export feature in the Service to retrieve your User Data contained within the Service before the account termination date. You'll need to make sure you export a file or files containing the User Data contained within the Service before the account termination date, and preserve User Data (including PHI) for your clients and clients pursuant to federal and state law. We'll destroy the User Data for your Account as provided in Section 22 of these Terms of Service.

10. No Responsibility for Third Party Websites

We may provide links to third-party websites, servers, and online services or environments through the Service. These are not owned or controlled by iSpeax. We want you to know that we're not responsible or liable for the content, policies, or practices of these third-party websites, servers, or online services or environments. Please make sure to review the terms of use and privacy policies of any third-party websites, servers, or online services, or environments you visit.

11. User Data and Your Rights and Obligations

When you upload or submit User Data to the Service, you agree that you have all necessary Intellectual Property Rights, licenses, consents, and permissions to use and authorize iSpeax to use, retain, copy, and process the User Data as contemplated by this Agreement. By uploading or submitting User Data to the Service, and permitting your users (including clients and clients) to upload Transaction Data into the Service, you automatically grant iSpeax (and its affiliates) a non-exclusive, worldwide, royalty-free, sublicensable, and transferable license to use, reproduce, distribute, prepare derivative works of, perform, and display User Data and Transaction Data (including User Data and Transaction Data that is created, collected, or generated by the Service or iSpeax using the User Data and Transaction Data you submit) solely for the purposes of providing the Service.

The license also grants iSpeax the right to copy, analyze and use any of your User Data and Transaction Data as deemed necessary or desirable for purposes of debugging, testing, or providing support or development services in connection with the Service and future improvements to the Service. This license is known as the “Service Data License”. The Service Data License granted to iSpeax with respect to your content will survive the termination of your Account to permit iSpeax to retain server copies of particular instances of your User Data, including copies stored in connection with back-up, debugging, and testing procedures.

You acknowledge that you are responsible for all information and User Data you and those under your Account input into the Service, including changes made to the client or student progress notes, whether previously locked or unlocked. You also acknowledge that the practice of unlocking any previously locked notes may be a violation by you and your team members of applicable professional standards and/or applicable law.

You also agree that the Service may automatically log all of your activity within the Service, including the changes to progress notes. Such activity may be audited by Account Owners, account administrators, regulators, or others. It is your responsibility to comply with various laws and regulations, including but not limited to HIPAA and FERPA, which require you to preserve the availability, accuracy, integrity, and confidentiality of PHI and personally identifiable information.

Furthermore, you provide iSpeax (and its affiliates) an irrevocable, perpetual royalty-free, assignable license, authority, and permission to obtain, copy, and use, at iSpeax’s request, from payment processors, banks, card and ACH processors and gateway providers that support the Service, all of your Transaction Data and User Data for purposes of providing you with the Service.

In summary, by using the Service, you agree to grant iSpeax a license to use your User Data and Transaction Data, and acknowledge your responsibilities to comply with laws and regulations, including HIPAA. Additionally, iSpeax may log and audit all of your activity within the Service, and you grant iSpeax permission to obtain, copy, and use your Transaction Data and User Data from payment processors and gateway providers.

12. Payment Processing and Billing

In order to use the Stripe Payment Processing Services for billing and payment processing, you need to agree to the Stripe Connected Account Agreement (https://stripe.com/us/connect-account/legal), as well as any other relevant agreements that are available to you during enrollment or afterward. Until you agree to these agreements, no transactions will occur in your iSpeax account. iSpeax may conduct certain activities related to the Stripe Payment Processing Services, such as handling disputes and adjusting account balances. Additionally, you may be charged certain fees for using the Stripe Payment Processing Services. You agree to comply with all terms and conditions of your Stripe Connected Account Agreement and not process payments from prohibited businesses. Stripe may suspend or terminate the Stripe Payment Processing Services in accordance with the terms of the Stripe Connected Account Agreement. iSpeax may share your Transaction Data, Payment Data, and other information with Stripe, and you give permission to iSpeax to work with and interact with Stripe to facilitate interoperability between the services. You must provide accurate and complete information about your practice and business to iSpeax to use payment processing services. If required by law, iSpeax may send you tax forms and notices electronically with your consent. You authorize iSpeax to debit any outstanding amounts due and owing as a result of chargebacks, disputes, and other refunds or credits from your deposit accounts. If non-sufficient funds are available for these debits, iSpeax may increase fees, suspend the Service, or terminate this Agreement. In the event of non-payment of any sums due, iSpeax may withdraw funds from your biller accounts, offset or net settle these sums against future deposits, or withhold future deposits until such sums are paid in full. If there is a chargeback, you will be responsible for refunding the fee imposed on iSpeax by the payment processor. iSpeax reserves the right to suspend your Stripe account in the event of excessive disputes or chargebacks, withhold payment for review of suspicious or fraudulent activity, and refund transactions classified as fraudulent after investigation.

13. Service Interruption

iSpeax may need to temporarily interrupt or suspend the Service, with or without prior notice, to protect the Service's integrity or functionality or for maintenance purposes. You understand and agree that iSpeax is not liable for any interruption or suspension of the Service, and neither You nor any Team Members or Users will be entitled to any refunds of fees or other compensation for interruption or suspension of service. Additionally, if there is any loss of User Data, iSpeax will not be liable for any resulting damage or harm.

14. Intellectual Property Rights

iSpeax holds the Intellectual Property Rights in the Service, which includes the iSpeax Software, Websites, Servers, and iSpeax trademarks, service marks, trade names, logos, domain names, taglines, and trade dress. You acknowledge that these Intellectual Property Rights are separate from any rights You may have in User Data uploaded or submitted to the Service. iSpeax and its licensors own all right, title, and interest in the Service, including all Intellectual Property Rights therein, other than User Data. You are granted a limited license to access and use the Service as set forth in these Terms of Service, and you agree not to copy, alter, sell, sublicense, rent, translate, or reverse engineer the iSpeax Software.

You may provide suggestions, ideas, or feedback to iSpeax regarding the Website, products, or Service, and iSpeax will be free to use all Feedback provided for any purpose. You are also granted a limited license to use any of the iSpeax mobile applications and to access the Website via a single mobile device or computer that You own or control for Your own personal use. You agree not to commercially exploit the iSpeax mobile application, modify or make derivative works based upon the Website or iSpeax mobile application, create Internet “links” to the Website, frame or mirror the iSpeax mobile application, or reverse engineer the iSpeax mobile application.

You are prohibited from: (i) licensing, sublicensing, selling, reselling, transferring, assigning, distributing, or otherwise commercially exploiting or making available to any third party the iSpeax mobile application in any way; (ii) modifying or creating derivative works based on the Website or iSpeax mobile application; (iii) creating Internet “links” to the Website or “frame” or “mirror” the iSpeax mobile application on any other server or wireless or Internet-based device; (iv) reverse engineering or accessing the iSpeax mobile application in order to (a) design or build a competitive product or service, (b) design or build a product using similar ideas, features, functions, or graphics of the Website or iSpeax mobile application, or (c) copy any ideas, features, functions, or graphics of the Website or iSpeax mobile application; or (v) launching an automated program or script, including but not limited to, web spiders, web crawlers, web robots, web ants, web indexers, bots, viruses, or worms, or any program that may make multiple server requests per second or unduly burden or hinder the operation and/or performance of the Website or iSpeax mobile application.

15. Templates and Content Use

iSpeax grants You a non-exclusive, non-transferable license to allow Your Team Members to use the Content available to You, including sample templace and documentation. Any fees for such access, if applicable, are listed at /pricing and are subject to change with notice as provided in these Terms of Service. The Content provided by iSpeax and its licensor (if applicable), are meant for illustrative purposes only. They do not constitute professional services or expert forms. As the user, You and Your Team Members must apply your own expertise to the Content and make any necessary revisions. The Content is not guaranteed to help You meet clinical documentation requirements, and You are solely responsible for your own clinical documentation.

THE SAMPLE DOCUMENTATION, TEMPLATES, CONTENT, GOALBANK, DATASETS AND ALL INFORMATION THEREIN ARE PROVIDED “AS IS” WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES OR REPRESENTATIONS OF ANY KIND, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR QUALITY, ACCURACY, COMPLETENESS, AND/OR SUITABILITY. You acknowledge that neither You nor Your Team Members may resell, transfer, sublicense, or make the Content available to third parties in any way, including as part of a hosted environment.

16. Terms of Service Conduct and Violations

In using iSpeax, you agree not to engage in any behavior that violates any laws, regulations, rules, or the rights of any third party, including intellectual property rights. This includes posting, displaying, or transmitting any information or data, User Data, or Transaction Data that is unauthorized or illegal. You also agree not to impersonate any person or entity without their consent or engage in any conduct that may harm the Service or the interests or rights of other users.

Uploading, publishing, or submitting any User Data that is protected by intellectual property rights or subject to proprietary rights, including trade secret or privacy rights, is also prohibited, unless you, your team member, or user is the owner of such rights or has permission from the rightful owner to upload or submit the User Data and to grant iSpeax all of the license rights granted in this Agreement. iSpeax will not be liable for any claims, losses, or damages arising out of or in connection with your use of any User Data and you agree to defend (at iSpeax's option), indemnify, and hold iSpeax harmless for any such claims. Additionally, engaging in malicious, disruptive, or other conduct that impedes or interferes with other Users' normal use of the Service or attempting to gain unauthorized access to any other User's Account or password is strictly prohibited.

Your iSpeax account, as well as your team members' and users' accounts, may be immediately suspended or terminated without refund or compensation at the discretion of iSpeax if any of these Terms of Service are violated.

17. Releases

You agree not to hold iSpeax liable for the Content, actions, or inactions of You or other Users of the Service or of other third parties. By accessing the Service, you release iSpeax (and its officers, directors, shareholders, agents, subsidiaries, and employees) from any claims, demands, losses, liabilities, and damages (actual and consequential) of every kind and nature, known and unknown, arising out of or in any way connected with any dispute You have or claim to have with one or more other users of the Service or with other third parties, including whether or not iSpeax becomes involved in any resolution or attempted resolution of the dispute. If You are a resident of California, You waive California Civil Code Section 1542 (as may be amended). The statute currently provides: “A general release does not extend to claims that the creditor or the releasing party does not know or suspect to exist in his or her favor at the time of executing the release and that, if known by him or her, would have materially affected his or her settlement with the debtor or release party.” If You are a resident of another jurisdiction, You waive any comparable statute or doctrine.

18. Disclaimer of Express and Implied Warranties

iSpeax provides the Service, including but not limited to the Software, the Websites, the Servers, and Virtual Visits Telehealth Service, as well as your Account, on an "as is" basis. iSpeax expressly disclaims all warranties, whether written or oral, express, implied, or statutory, including but not limited to any implied warranty of title, non-infringement, merchantability, or fitness for a particular purpose. iSpeax does not guarantee the value or compensable worth of any Content, including User Data, on its servers. You assume all risk of loss from using the Service on this basis. iSpeax does not ensure continuous, error-free, secure, or virus-free operation of the Service, the Software, the Websites, the Servers, or your Account. You acknowledge that you are not entitled to refunds or other compensation based on iSpeax's failure to provide any of the foregoing, except as explicitly provided in this Agreement. Some jurisdictions may not allow the disclaimer of implied warranties, and the foregoing disclaimer may not apply to you to the extent prohibited by law.

iSpeax does not guarantee that the mere use of the Software will ensure compliance with HIPAA, FERPA or any other applicable law. You are solely responsible for maintaining administrative, technical, and physical safeguards to ensure the confidentiality, availability, and integrity of your PHI, and for otherwise complying with HIPAA, FERPA and all applicable laws.

19. Limitation of Liability 

Under no circumstances shall iSpeax or any of its directors, officers, employees, equity owners, managers, subsidiaries, agents or licensors be liable to You or any third party for any special, incidental, indirect, consequential, reliance, punitive or exemplary damages, or comparable equitable remedy. This includes, but is not limited to, damages for lost data or lost profits, arising out of or in connection with the Service, iSpeax software, the websites, the servers, your account, or this agreement, whether in contract, tort, strict liability, or otherwise. This is true regardless of whether or not iSpeax was advised that such damages might or could occur, and notwithstanding the failure of essential purpose of any remedy. iSpeax's cumulative liability to You will not exceed one hundred fifty dollars (U.S. $150.00). Some jurisdictions may not permit these limitations of liability, so to the extent that any such limitation is found to be impermissible, such limitation may not apply to You.

20. Indemnification

At iSpeax's request, the other party agrees to defend, indemnify, and hold harmless iSpeax, its officers, directors, shareholders, employees, subsidiaries, and agents from all damages, liabilities, claims, and expenses, including without limitation attorneys' fees and costs, arising from:

(i) any breach or alleged breach by the other party or its Team Members or Users of these Terms of Service, including without limitation their representations and warranties relating to their data and User Data;

(ii) claims, losses, and causes of action asserted by any Users, including without limitation their clients or patients;

(iii) use of the iSpeax Telehealth, Directory Service or Professional Website service; or

(iv) the other party's acts, omissions, or use of the Service, including without limitation their negligent, willful, or illegal conduct.

In any matter in which the other party has agreed to indemnify iSpeax, without the express written consent of iSpeax, they may not settle any matter or admit liability if, upon doing so, they are admitting liability or fault on the part of iSpeax. iSpeax reserves the right to assume the exclusive defense and control of any matter otherwise subject to indemnification by the other party, and in such case, the other party agrees to cooperate with iSpeax's defense of such claim.

21. Legal Relationship between You and iSpeax

By participating in the Service and creating or uploading Content in the Service, you acknowledge that you are not an employee of iSpeax and do not expect to be compensated by iSpeax for such activities. You agree not to make any claim inconsistent with these acknowledgments. This Agreement does not create an agency, partnership, joint venture, or franchise relationship between you and iSpeax. Furthermore, there are no intended or implied third-party beneficiaries under this Agreement.

22. Account Suspension and Termination

You may terminate this Agreement anytime by closing your Account for any reason. If you do so, iSpeax will have no further obligation or liability to you under this Agreement or otherwise, except as provided in Section 9. However, you may not suspend your own Account. If you do suspend your Account, it will be deemed terminated in accordance with Sections 9 and 22, which cover the deletion of your User Data upon termination.

iSpeax may suspend or terminate your Account without notice if you violate this Agreement, fail to pay required fees and charges, or for any other reason deemed desirable or advisable to comply with applicable legal requirements or to protect the rights or interests of iSpeax or any third party. In such cases, iSpeax may, at its sole discretion, provide a grace period prior to termination without waiving its right to terminate immediately upon such events.

You acknowledge that you will not be entitled to compensation or a refund for any interruption, suspension, or termination, and iSpeax will have no liability to you, your Team Members, or Users in connection with any such action.

23. Termination of Account and Termination of Licenses

Upon termination of your Account, all licenses granted by iSpeax for the use of the Website, Software, and the Service will automatically terminate. Additionally, all User Data in your Account will be retained for no more than thirty (30) days after the termination or expiration of your Account or this Agreement and deleted after the expiration of that thirty (30) day period.

It is your responsibility to export all account data and ensure the secure preservation of PHI for your clients in compliance with federal and state law and ethical requirements. During the thirty (30) day time frame following the termination or expiration of your Account, your access to the Service will be limited to downloading your User Data.

24. Termination of the Account and Unpaid Fees

In the event that iSpeax terminates your Account, or if you terminate your Account, you will not receive a refund of any amounts previously paid, and you will remain responsible for any charges incurred or unpaid amounts owed to iSpeax.

25. Survival of Terms after Termination

The following provisions will survive any termination of this Agreement: Sections 2, 3, 5, 7, 9, 12, 14, and 17 through 33. You will not be entitled to any refund upon termination or expiration of this Agreement

26. Disputes Resolution

In the event of any dispute between you and iSpeax (excluding claims for injunctive relief), other than disputes regarding the validity, enforceability, or scope of this dispute resolution provision, the dispute shall be resolved by binding arbitration under the American Arbitration Association Commercial Arbitration Rules, with the arbitration taking place in the State of Delaware. If any dispute is determined not to be subject to arbitration, you agree to submit to the exclusive jurisdiction and venue of the state and federal courts located in the State of Delaware.

You and iSpeax agree that this Agreement and your relationship shall be governed by the Federal Arbitration Act and the laws of the State of Delaware, without regard to conflict of law principles or the United Nations Convention on the International Sale of Goods. Either party may apply for injunctive or other equitable relief to protect or enforce its intellectual property rights in any court of competent jurisdiction where the other party resides or has its principal place of business. 

Class actions, class arbitrations, private attorney general actions, consolidation of disputes with other arbitrations, or any other proceedings in which either party acts or proposes to act in a representative capacity or as a private attorney general are not permitted and are waived by you. An arbitrator shall have no jurisdiction to hear such claims. If a court or arbitrator determines that the class action waiver in this section is unenforceable, the waiver will not apply to those parts of the dispute that are exempted from arbitration. Those parts will be severed and proceed in a court of law, with the remaining parts proceeding in arbitration. If any other provision of this dispute resolution section is found to be illegal or unenforceable, that provision shall be severed, and the remainder of this section shall remain in full force and effect.

27. Disclaimer to Warranties as to Use of Service Outside of the United States

iSpeax is a service based in the United States. We do not provide any warranty or representation that any aspect of the Service, Website Service, or Telehealth is suitable for use outside of the United States or for persons located outside of the United States. Users who access the Service from other locations are responsible for complying with applicable local laws.

The Software is subject to export laws and restrictions that are applicable. It is your responsibility to comply with all applicable export laws and regulations when using the Service or any related software.

28. Assignment of Agreement and Account

You may not assign this Agreement or your Account without the prior written consent of iSpeax. You may not transfer or sublicense any licenses granted by iSpeax under this Agreement without our prior written consent.

iSpeax reserves the right to assign this Agreement, in whole or in part, along with all related rights, licenses, benefits, and obligations, without restriction, including the right to sublicense any rights and licenses under this Agreement without your consent.

29. Integration, Interpretation of Section Headings, and Severability

This Agreement, along with the agreements, understandings, and policies referenced herein, constitutes the entire agreement and understanding between you and iSpeax regarding the subject matter herein and supersedes any prior or contemporaneous agreements or understandings. iSpeax reserves the right to modify this Agreement and the Terms of Service at any time, provided that you receive notification as described in Section 30. If you do not agree with any future changes, you should discontinue using the Service. Your continued use of the Service will signify your acceptance of this Agreement and any changes to it.

You acknowledge that no other written, oral, or electronic communications will modify or supplement this Agreement, and you agree not to make any claims inconsistent with this understanding or to rely on communications that are not part of this Agreement. The section headings and descriptive summary sentences at the beginning of each section are for convenience only and do not affect the interpretation of this Agreement.

If any provision of this Agreement is held to be unlawful, void, or unenforceable by a court of competent jurisdiction, that provision shall be deemed severable from these terms and shall not affect the validity or enforceability of the remaining provisions.

30. Notices

iSpeax may provide notice to you and obtain consent from you (1) through the Website, (2) by electronic mail at the email address associated with your Account, and/or (3) by written mail communication to you at the address associated with your Account. You must send all notices required or permitted under this Agreement to iSpeax Tech, Inc, c/o Compliance Department, 310 Alder Road, Dover, Delaware, 19904.

31. Business Associate Agreement

To comply with the requirements of HIPAA to the extent applicable, you and iSpeax agree to be bound by the terms and provisions of the iSpeax Business Associate Agreement found at /baa (the "BAA"), which is incorporated in full by reference. If any provision of this Agreement potentially or actually conflicts with the provisions of the Business Associate Agreement regarding the treatment of Protected Health Information, the terms of the Business Associate Agreement shall prevail.

32.Transfer of User Data and Account Ownership

You are solely responsible for providing access to User Data and sharing it among Users, Team Members, Account Owners, patients, clients, and their family members in compliance with applicable laws. If any Team Member who has access to the Service under the Account is unable to provide services to any User due to death, disability, or incapacitation, then the Account Owner is responsible for arranging the transfer of User Data or modifying access in compliance with applicable laws and Section 5 of these Terms of Service. This may involve providing identity verification or executing necessary authorizations required by iSpeax or applicable regulations or licensing bodies. iSpeax reserves the right to decline the transfer of User Data or modify access if the above is not provided in accordance with applicable law.

In the event that the Account Owner dies or becomes incapacitated, iSpeax will attempt to identify an appropriate individual to transfer the Account Owner role according to applicable laws or regulations. If an appropriate individual is identified, the Account Owner role will be transferred to that individual as outlined above.

We recommend that Account Owners create clear directions regarding access to and transfer of User Data in the event of their death, disability, or incapacitation and share them with a qualified and trusted individual in advance.

Requests for transfer of the Account Owner role, whether by the Account Owner or by an individual legally designated to assume Ownership, must be initiated by emailing privacy@ispeax.com. You acknowledge that User Data that is PHI may only be accessed or transferred to an appropriate party in accordance with HIPAA rules and applicable state regulations.

33. Consent to Electronic Communications

We provide Users with information by email or posting through the Website. The emails and other communications You will receive include those relating to billing, account verification, platform and Service training (sometimes called “on-boarding materials), survey requests (for product and customer service improvement purposes), marketing and promotions, and administrative announcements (including related to these Terms of Service, our Privacy Policy, or security incident notifications). You understand that by using the Service and agreeing to these Terms of Service, iSpeax will send to you the foregoing communication types and You hereby waive any right to opt out of such communications to the extent permitted by applicable law. You are responsible for obtaining either requisite consent or ceasing email communication to a patient or client in the event that such patient or client opts out of receipt of any such communications. For notice of claims of copyright infringement on or regarding this site can be reached as follows: 310 Alder Road, Dover, Delaware 19904

Privacy Policy 

Effective date: 12/01/2022

 1. Introduction

Welcome to iSpeax Tech, Inc

iSpeax Tech, Inc (“us,” “we”, or “our”) operates https://ispeax.com, https://store.ispeax.com, https://app.ispeax.com (hereinafter referred to as “Service”).

Our Privacy Policy governs your visit to www.ispeax.com and iSpeax software application and explains how we collect, safeguard and disclose information that results from your use of our Service. 

We use your data to provide and improve Service. By using Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.

Our Terms and Conditions (“Terms”) govern all use of our Service and together with the Privacy Policy constitutes your agreement with us (“agreement”).

 2. Definitions

 SERVICE means https://ispeax.com, https://store.ispeax.com, https://app.ispeax.com websites and software operated by iSpeax Tech, Inc

PERSONAL DATA means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession). 

USAGE DATA is data collected automatically either generated by the use of Service or from Service infrastructure itself (for example, the duration of a page visit).

COOKIES are small files stored on your device (computer or mobile device).

DATA CONTROLLER means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.

DATA PROCESSORS (OR SERVICE PROVIDERS) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.

DATA SUBJECT is any living individual who is the subject of Personal Data.

THE USER is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.

3. Information Collection and Use 

We collect several different types of information for various purposes to provide and improve our Service to you.

4. Types of Data Collected

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:

  1. Email address
  1. First name and last name 
  1. Phone number 
  1. Cookies and Usage Data 

We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link.

Usage Data

We may also collect information that your browser sends whenever you visit our Service or when you access Service by or through a mobile device (“Usage Data”). 

This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access Service with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Tracking Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.

Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service. 

Examples of Cookies we use:

Session Cookies: We use Session Cookies to operate our Service. 

Preference Cookies: We use Preference Cookies to remember your preferences and various settings.

Security Cookies: We use Security Cookies for security purposes.

Advertising Cookies: Advertising Cookies are used to serve you with advertisements that may be relevant to you and your interests.

5. Use of Data

iSpeax Tech, Inc uses the collected data for various purposes:

  1. to provide and maintain our Service; 
  1. to notify you about changes to our Service;  
  1. to allow you to participate in interactive features of our Service when you choose to do so;  
  1. to provide customer support;  
  1. to gather analysis or valuable information so that we can improve our Service; 
  1. to monitor the usage of our Service;
  1. to detect, prevent and address technical issues; 
  1. to fulfill any other purpose for which you provide it; 
  1. to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection; 
  1. to provide you with notices about your account and/or subscription, including expiration and renewal notices, email-instructions, etc.; 
  1. to provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information; 
  1. in any other way we may describe when you provide the information;
  1. for any other purpose with your consent. 

6. Retention of Data 

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

7. Transfer of Data

Your information, including Personal Data, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

iSpeax Tech, Inc will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other personal information.

8. Disclosure of Data

We may disclose personal information that we collect, or you provide:

  1. Disclosure for Law Enforcement. Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities.
  1. Business Transaction. If we or our subsidiaries are involved in a merger, acquisition or asset sale, your Personal Data may be transferred.
  1. Other cases. We may disclose your information also:
  1. to our subsidiaries and affiliates; 
  1. to contractors, service providers, and other third parties we use to support our business; 
  1. to fulfill the purpose for which you provide it;
  1. with your consent in any other cases; 

9. Security of Data 

The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

10. Your Data Protection Rights Under General Data Protection Regulation (GDPR) 

If you are a resident of the European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR. – See more at https://eur-lex.europa.eu/eli/reg/2016/679/oj  

We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please email us at privacy@ispeax.com. 

In certain circumstances, you have the following data protection rights:

  1. the right to access, update or to delete the information we have on you;
  1. the right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete; 
  1. the right to object. You have the right to object to our processing of your Personal Data; 
  1. the right of restriction. You have the right to request that we restrict the processing of your personal information;
  1. the right to data portability. You have the right to be provided with a copy of your Personal Data in a structured, machine-readable and commonly used format; 
  1. the right to withdraw consent. You also have the right to withdraw your consent at any time where we rely on your consent to process your personal information; 

Please note that we may ask you to verify your identity before responding to such requests. Please note, we may not able to provide Service without some necessary data.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

11. Your Data Protection Rights under the California Privacy Protection Act (CalOPPA) 

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivable the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. – See more at: https://consumercal.org/about-cfc/cfc-education-foundation/california-online-privacy-protection-act-caloppa-3/ 

According to CalOPPA we agree to the following:

  1. users can visit our site anonymously; 
  1. our Privacy Policy link includes the word “Privacy”, and can easily be found on the page specified above on the home page of our website;
  1. users will be notified of any privacy policy changes on our Privacy Policy Page; 
  1. users are able to change their personal information by emailing us at privacy@ispeax.com.  

Our Policy on “Do Not Track” Signals:

We honor Do Not Track signals and do not track, plant cookies, or use advertising when a Do Not Track browser mechanism is in place. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.  

You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

12. Your Data Protection Rights under the California Consumer Privacy Act (CCPA) 

If you are a California resident, you are entitled to learn what data we collect about you, ask to delete your data and not to sell (share) it. To exercise your data protection rights, you can make certain requests and ask us: 

  1. What personal information we have about you. If you make this request, we will return to you:
  1. The categories of personal information we have collected about you.
  1. The categories of sources from which we collect your personal information.
  1. The business or commercial purpose for collecting or selling your personal information.
  1. The categories of third parties with whom we share personal information 
  1. The specific pieces of personal information we have collected about you.
  1. A list of categories of personal information that we have sold, along with the category of any other company we sold it to. If we have not sold your personal information, we will inform you of that fact.
  1. A list of categories of personal information that we have disclosed for a business purpose, along with the category of any other company we shared it with.

Please note, you are entitled to ask us to provide you with this information up to two times in a rolling twelve-month period. When you make this request, the information provided may be limited to the personal information we collected about you in the previous 12 months.

  1. To delete your personal information. If you make this request, we will delete the personal information we hold about you as of the date of your request from our records and direct any service providers to do the same. In some cases, deletion may be accomplished through de-identification of the information. If you choose to delete your personal information, you may not be able to use certain functions that require your personal information to operate.  
  1. To stop selling your personal information. We don't sell or rent your personal information to any third parties for any purpose. You are the only owner of your Personal Data and can request disclosure or deletion at any time. 

Please note, if you ask us to delete or stop selling your data, it may impact your experience with us, and you may not be able to participate in certain programs or membership services which require the usage of your personal information to function. But in no circumstances, we will discriminate against you for exercising your rights.

To exercise your California data protection rights described above, please send your request(s) by one of the following means:

By email: privacy@ispeax.com

By visiting this page on our website: http://ispeax.com/contact 

Your data protection rights, described above, are covered by the CCPA, short for the California Consumer Privacy Act. To find out more, visit the official California Legislative Information website. The CCPA took effect on 01/01/2020. 

13. Service Providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers”), provide Service on our behalf, perform Service-related services or assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

14. Analytics

We may use third-party Service Providers to monitor and analyze the use of our Service. 

Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network.

For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en

We also encourage you to review the Google's policy for safeguarding your data: https://support.google.com/analytics/answer/6004245. 

15. Behavioral Remarketing

iSpeax Tech, Inc uses remarketing services to advertise on third party websites to you after you visited our Service. We and our third-party vendors use cookies to inform, optimise and serve ads based on your past visits to our Service.

Google Ads (AdWords)

Google Ads (AdWords) remarketing service is provided by Google Inc. 

You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads 

Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.

For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en

Facebook

Facebook remarketing service is provided by Facebook Inc.

You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950 

To opt-out from Facebook's interest-based ads, follow these instructions from Facebook: https://www.facebook.com/help/568137493302217

Facebook adheres to the Self-Regulatory Principles for Online Behavioural Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings.

For more information on the privacy practices of Facebook, please visit Facebook's Data Policy: https://www.facebook.com/privacy/explanation

16. Payments 

We may provide paid products and/or services within Service. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

The payment processors we work with are: 

Apple Store In-App Payments:

Their Privacy Policy can be viewed at: https://www.apple.com/legal/privacy/en-ww/ / https://support.apple.com/en-us/HT203027 

Stripe:

Their Privacy Policy can be viewed at: https://stripe.com/us/privacy

Plaid:

Their End User Privacy Policy, Cookie Policy and Privacy Statement can be viewed at https://plaid.com/legal/.

Square:

Their Privacy Policy can be viewed at: https://squareup.com/us/en/legal/general/privacy  

17. Links to Other Sites 

Our Service may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

18. Children's Privacy

Our Services are not intended for use by children under the age of 13 (“Children”). 

We do not knowingly collect personally identifiable information from Children under 13. If you become aware that a Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.

19. Changes to This Privacy Policy 

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update “effective date” at the top of this Privacy Policy. 

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

 20. Contact Us

 If you have any questions about this Privacy Policy, please contact us:

By email: privacy@ispeax.com.

ISPEAX HIPAA BUSINESS ASSOCIATE AGREEMENT

This HIPAA Business Associate Agreement (“HIPAA BAA”) is made between iSpeax Tech, Inc., (“iSpeax”) and the Account Owner(“Covered Entity” or “Customer” ) as an agreement to the iSpeax Terms of Use (the “Terms of Use”). This HIPAA BAA is effective as the date Customer created iSpeax account and accepted this HIPAA BAA electronically.

In accordance with this HIPAA BAA, Customer may disclose to iSpeax certain "Protected Health Information" subject to the Health Insurance Portability and Accountability Act of 1996, as codified at 42 U.S.C. Section 1320d-6 and 1320d-9 (“HIPAA”) and any current and future regulations promulgated thereunder, including, without limitation, the federal privacy regulations contained in 45 C.F.R. Parts 160 and 164 Subparts A and E (“Privacy Rules”), the federal security standards contained in 45 C.F.R. Part 160 and 164 Subparts A and C (“Security Rules”), and the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”) contained in Section 13402 of Title XIII of the American Recovery and Reinvestment Act of 2009 (“ARRA”) (all are collectively referred to herein as the “The Regulations”).

iSpeax and Customer hereby agree to the terms and conditions of this HIPAA BAA in compliance with the The Regulations.

1. Definitions

1.1. The terms of this HIPAA BAA are incorporated herein by reference as part of the Terms of Use to comply with the Regulations.

1.2. Required by law shall have the same meaning as in the term “required by law” in 45 CFR § 164.103.

1.3. “Security Rule” shall mean the Security Standards for the protection of Electronic Protected Health Information, located at 45 CFR Part 160 and Subparts A and C of Part 164

iSpeax BAA v1.0 1

1.4. “Privacy Rule” shall mean the Standards for Privacy of Individually Identifiable Health Information at 45 CFR part 160 and part 164, subparts A and E.

1.5. Unless otherwise specified, all terms used in this HIPAA BAA have the meaning set forth in the Privacy Rules and Security Rules.

1.6. “Form Hosting Services” shall mean the building of forms to collect user data including PHI data that will be stored by iSpeax.

2. Business Associate Obligations

2.1. Permitted Uses and Disclosures. iSpeax shall not, and shall ensure that its directors, officers, admin users, employees, contractors do not, use or disclose Protected Health Information ("PHI") created, received, maintained, or transmitted for the customer in any manner that would violate HIPAA. iSpeax acknowledges and agrees that it will not use or disclose PHI other than as permitted or required by this HIPAA BAA or as required by law. Except as otherwise limited in this HIPAA BAA, iSpeax may use or disclose PHI to perform functions, and activities, for the sole purpose of the proper management and administration of Form Hosting Services or services for (or on behalf of) the customer as specified in the Agreement, provided that such use or disclosure would not violate the HIPAA Privacy Rule if done by customer.

2.2. Use/Disclosure for Administrative Activities. Notwithstanding Section 2.1, iSpeax may use and/or disclose PHI for management and administrative activities of iSpeax or to comply with the legal responsibilities of iSpeax; provided, however, that with respect to any such disclosure: (i) the disclosure is required by law; or (ii) iSpeax obtains reasonable assurances from the third party that receives the PHI that the third party will treat the PHI confidentially and will only use or further disclose the PHI in a manner consistent with the purposes that the PHI was provided by iSpeax, and contact support any breach of the confidentiality of the PHI to iSpeax.

iSpeax BAA v1.0 2

2.3. Use of PHI for Data Aggregation. Except as otherwise limited in this HIPAA BAA, iSpeax may use PHI to provide Data Aggregation services to Customers consistent with 45 C.F.R. §164.504(e)(2) (i)(B).

2.4. Safeguards. iSpeax will implement appropriate safeguards, which include Data Encryption and Encryption In-Transit services and, with respect to Electronic PHI, comply with the applicable provisions of 45 C.F.R Part 164, Subpart C, to prevent any Use or Disclosure of PHI other than as provided for by this HIPAA BAA.

2.5. Subcontractors of iSpeax. iSpeax acknowledges and agrees to enter into written contracts with any agent or independent contractor that creates, receives, maintains, or transmits PHI on behalf of the iSpeax with regards to services provided by iSpeax pursuant to the Agreement (collectively, "Subcontractors"). Such contracts shall obligate Subcontractor to abide by substantially the same terms and conditions as are required of iSpeax and agree to implement reasonable and appropriate safeguards to protect PHI under this HIPAA BAA.

2.5.1 Amazon Web Services, iSpeax uses Amazon Web Services to provide highly available, highly scalable and highly secure hosting for both services and data. iSpeax has entered into a HIPAA BAA with Amazon covering all aspects of iSpeax hosting via Amazon Web Services.

2.6. Restrictions. iSpeax acknowledges and agrees to comply with any requests for restrictions on certain disclosures of PHI to which Customer has agreed in accordance with 45 C.F.R. § 164.522 and of which iSpeax has been notified by Customer.

iSpeax BAA v1.0 3

2.7. HIPAA Enabled Account Usage. Customer acknowledges and agrees that PHI shall only be managed or transferred using the Customer’s HIPAA Enabled Account. Use of Non-HIPAA Enabled Account with the Business Associate for the transmission of PHI is strictly prohibited.

2.7.1. Data Export. Customer acknowledges and agrees that iSpeax shall not be responsible for PHI after It is exported from iSpeax HIPAA Enabled Account and It shall be Customer’s responsibility to use and protect exported PHI according to The Regulations. This covers all data export services provided by iSpeax.

2.7.3. Data Sharing. Customer acknowledges and agrees that PHI shared via iSpeax by HIPAA Enabled Account shall abide by iSpeax Terms of Service and The Regulations. It will be Customer's sole responsibility after it is shared or transferred. Also, Customer complies that it is Customer’s sole responsibility to protect data in further circumstances that indicates The Regulations. This covers all data sharing services provided by iSpeax.

2.7.4. Third Party Integrations. Customer acknowledges and agrees to only use third party integrations if;

a) Customer has a BAA or related agreements in place with the Third Party Service Provider consistent under The Regulations, or;
b) Third Party Service Provider publicly announces HIPAA compliance in all the services provided, or;
c) iSpeax announces HIPAA Compliant Integration with Third Party Service.

iSpeax BAA v1.0 4

2.8. Performance of Covered Entity's Obligations. To the extent iSpeax has agreed to carry out one or more of Customer's obligations under 45 C.F.R. Part 164, Subpart E, iSpeax shall comply with the requirements of Subpart E that apply to Customer in the performance of such obligations. The parties agree and acknowledge that Business Associate has not agreed to carry out any of Covered Entity's obligations under 45 C.F.R. Part 164, Subpart E.

2.9. Access and Amendment. iSpeax shall notify the Customer of receipt of a request received by iSpeax for access to, or amendment of, PHI. The Customer shall be responsible for responding or objecting to such requests.

2.9.1. Access. Upon request, iSpeax acknowledges and agrees to furnish Customer with copies of the PHI maintained by iSpeax in a Designated Record Set in the time and manner designated by Customer to enable Customer to respond to an individual request for access to PHI under 45 C.F.R. § 164.524.

2.9.2. Amendment. Upon request and instruction from Customer, iSpeax shall make available PHI for amendment and incorporate any amendments to such PHI in accordance with 45 C.F.R. §164.526 and related laws and regulations.

2.10. Accounting. iSpeax acknowledges and agrees to document disclosures of PHI as would be required for Customer to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 C.F.R. §164.528 and, if required by and upon the effective date of, Section 13405(c) of the HITECH Act and related regulatory guidance; and provide to Customer information collected in accordance with this Section. In the event an individual delivers the initial request for an accounting directly to iSpeax, iSpeax shall forward such request to Customer.

iSpeax BAA v1.0 5

2.11. Security Obligations. iSpeax shall implement the administrative, physical, and technical safeguards set forth in 45 C.F.R. §§ 164.308, 164.310, and 164.312 that reasonably and appropriately protect the confidentiality, integrity, and availability of any Electronic PHI that iSpeax creates, receives, maintains, or transmits on behalf of Customer, and, in accordance with 45 C.F.R. § 164.316, implement and maintain reasonable and appropriate policies and procedures to enable iSpeax to comply with the requirements set forth in Sections 164.308, 164.310, and 164.312.

2.12. Access by Secretary of U.S. Department of Health and Human Services. iSpeax agrees to allow the Secretary of the U.S. Department of Health and Human Services (the "Secretary") access to its books, records, and internal practices with respect to the disclosure of PHI for the purposes of determining the Customer's or iSpeax’s compliance with HIPAA.

3. Notification Obligations

3.1. Unauthorized Use or Disclosure of PHI. iSpeax shall report to Customer in writing, within ten business days, any use or disclosure of PHI not provided for by this HIPAA BAA of which iSpeax becomes aware.

3.2. Security Incident. iSpeax shall report to Customer in writing, within ten business days, any Security Incident affecting Electronic PHI of Customer of which iSpeax becomes aware. The Parties agree that this Section satisfies any notice requirements by iSpeax of the ongoing existence and occurrence of attempted but Unsuccessful Security Incidents (as defined below) for which no additional notice to Customer shall be required. For purposes of this HIPAA BAA, “Unsuccessful Security Incidents” include: (a) “pings” on an information system firewall; (b) port scans; (c) attempts to log on to an information system or enter a database with an invalid password or user name; (d) denial-of-service attacks that do not result in a server being taken offline; or (e) malware (e.g., a worm or virus) that does not result in unauthorized access, use, disclosure, modification, or destruction of Electronic PHI.

iSpeax BAA v1.0 6

3.3. Breach of Unsecured PHI. iSpeax will notify Customer of any Breach of Unsecured PHI in accordance with 45 C.F.R. §164.410. The notice required by this Section will be written in plain language and will include, to the extent possible or available, the following:

3.3.1. The identification of each individual whose Unsecured PHI has been, or is reasonably believed by iSpeax to have been, accessed, acquired, used, or disclosed during the Breach

3.3.2. A brief description of what happened, including the date of the Breach and the date of discovery of the Breach, if known;

3.3.3. A description of the types of Unsecured PHI that were involved in the Breach (such as whether full name, Social Security number, date of birth, home address, account number, diagnosis, disability code, or other types of information were involved);

3.3.4. Any steps Individuals should take to protect themselves from potential harm resulting from the Breach;

3.3.5. A brief description of what is being done to investigate the Breach, mitigate the harm, and protect against future Breaches; and

3.3.6. Contact procedures for Individuals to ask questions or learn additional information which shall include a toll-free number, an e-mail address, Web site, or postal address, if Customer specifically requests iSpeax to establish contact procedures.

iSpeax BAA v1.0 7

4. Covered Entity's Obligations
 

4.1. Notice of Privacy Practices. Customer shall, upon request, provide iSpeax with its current notice of privacy practices adopted in accordance with HIPAA.

4.2. Limitations in Notice of Privacy Practices. Customer shall notify iSpeax of any limitations in the notice of privacy practices of Customer under 45 C.F.R. § 164.520, to the extent that such limitation may affect iSpeax’s use or disclosure of PHI.

4.3. Restrictions or Changes in Authorization. Customer shall not agree to any non-mandatory restrictions on the use or disclosure of Protected Health Information if such restriction could affect iSpeax’s permitted or required uses and disclosures of PHI hereunder except upon iSpeax’s express, written consent. Customer shall notify iSpeax of any changes, revocations or restrictions of the use or disclosure of PHI if such changes, revocations or restrictions affect iSpeax’s permitted or required uses and disclosures of PHI hereunder including, without limitation, any revocation of any authorization for the use or disclosure of PHI.

4.4. Requests for Use and Disclosure. Customer shall not request that iSpeax collect, access, use, maintain or disclose PHI, or act in any manner, contrary to or in violation or breach of the Regulations or this HIPAA BAA.

4.5. Appropriate Use. iSpeax is a software company providing an automated student and client management platform for special educators, therapists, and educational organizations. Our platform streamlines special education data collection, tracking, reporting, and management, providing dedicated dashboards for administrators, therapists, and teachers. Users can efficiently manage caseloads, caseload assignments, schedules, goals, notes, progress, and lesson plans with integrated video conferencing tools.


iSpeax BAA v1.0 8

4.6. Communications Made Outside of iSpeax, Inc. Customer acknowledges and agrees that texting and other communications of protected health information that Customer request iSpeax to relay outside of the iSpeax pose heightened privacy and security risks. Customer further acknowledges and agrees that it is Customer’s sole responsibility to determine, as part of its HIPAA Risk Analysis, whether to prohibit or permit such communications and, to the extent such communications are permitted, to implement appropriate safeguards (including policies, procedures and training of all authorized users) to manage these risks to a reasonable and appropriate level consistent with HIPAA.

5. Termination

5.1. Termination upon Material Breach. Upon Customer's knowledge of a material breach of this HIPAA BAA by iSpeax, Customer shall notify iSpeax of such breach in reasonable detail and provide an opportunity for iSpeax to cure the breach or violation, or if cure is not possible, Customer may immediately terminate this HIPAA BAA.

5.2. Return or Destruction of PHI. Upon termination of this HIPAA BAA, iSpeax will return to Customer all PHI received from Customer or created or received by iSpeax on behalf of Customer which iSpeax maintains in any form or format, and iSpeax will not maintain or keep in any form or format any portion of such PHI. Alternatively, iSpeax may destroy all such PHI and provide written documentation of such destruction.

5.3. Alternative Measures. If the return or destruction of PHI is not feasible upon termination of the HIPAA BAA, then iSpeax acknowledges and agrees that it shall extend its obligations under this HIPAA BAA to protect the PHI and limit the use or disclosure of PHI to those purposes that make the return or destruction of PHI infeasible.

iSpeax BAA v1.0 9

6. Third Party Beneficiaries

6.1. No Third-Party Beneficiary Rights. Nothing expressed or implied in this HIPAA BAA is intended or shall be interpreted to create or confer any rights, remedies, obligations, or liabilities whatsoever in any third party.

7. Miscellaneous

 7.1. Survival. Customer and Business Associate’s respective rights and obligations under this HIPPA BAA shall survive the termination of the Agreement.

7.2. Interpretation. Any ambiguity in the iSpeax Terms shall be resolved to permit Customer to comply with HIPAA and the Privacy Rule.


iSpeax BAA v1.0 10

FERPA & FERPA Compliance

iSpeax Tech, Inc. is a service provider to educational agencies and institutions (EAs) and receives personally identifiable information (PII) contained within student records provided by the EAs. iSpeax Tech, Inc. only receives data essential for its team and associates to deliver its services. These data exchanges are sanctioned under the Family Educational Rights and Privacy Act (FERPA). Acting as a service provider to the EA, iSpeax Tech, Inc. accesses this data under the same conditions as in-school staff members in line with FERPA regulations, 34 CFR §99.31(a)(1)(i)(B). iSpeax Tech, Inc. is given data access due to its legitimate educational interest, as this information is paramount for performing the outsourced function. It operates under the EA’s strict guidance when using and maintaining the shared educational records, adhering to its contract terms. It observes the conditions on the use and redisclosure of educational data that all school officials must follow as detailed in 34 CFR §99.33. iSpeax Tech, Inc. ensures that only authorized personnel with genuine educational reasons, in line with the original intent of data acquisition, can access PII from the educational records it maintains on the EA’s behalf.

Under the guidelines of 34 CFR §99.33(a) and (b), iSpeax Tech, Inc. is prohibited from redisclosing PII without parental or student consent unless permitted by a FERPA exception and recorded by the institution. For instance, if an EA instructs iSpeax Tech, Inc. to facilitate the transfer of student records between systems, such a disclosure would be made.

iSpeax Tech, Inc. neither sells nor uses education records for targeted marketing. There are no advertisements within its offerings; hence, no behavioral or targeted advertising occurs. It only utilizes data to fulfill the service obligations to educational institutions. However, iSpeax Tech, Inc. may analyze de-identified, non-PII data internally to enhance its offerings.

Employing cutting-edge security measures, iSpeax Tech, Inc. upholds data security and privacy. This includes state-of-the-art security systems, strict physical access regulations, thorough employee training on FERPA, HIPAA, HITECH Act, and other privacy laws, and comprehensive background checks. The Chief Technology Officer at iSpeax Tech, Inc. oversees data security compliance. Data encryption during transfer and storage is ensured through SSL and AWS RDS & S3 with AES-256 bit encryption. All data storage occurs within the US.

iSpeax Tech, Inc. does not claim ownership over student or district-originated data within its products. The EA retains ownership and control over this data.

If a third party seeks education record access, iSpeax Tech, Inc. will promptly notify the EA. Access will only be granted if mandated by due process, court order, subpoena, or if directed by the EA. Should any such legal demands be received, iSpeax Tech, Inc. will inform the EA unless prohibited by law.

Should an EA be unable to allow a student or parent/guardian to review student records, iSpeax Tech, Inc. can aid at the EA's discretion and expense. Any data modifications requested by parents, guardians, or students within our platforms will be managed according to the EA's FERPA-aligned procedures.

If a data breach or unintended PII disclosure occurs, iSpeax Tech, Inc. will act swiftly to mitigate any potential harm. The senior leadership of the affected EA will be notified, ideally the Superintendent or equivalent, typically within 48 hours. The EA and iSpeax Tech, Inc. will collaborate to decide on the best course of action.

Upon termination of services or products and upon EA’s written request or contract terms, iSpeax Tech, Inc. will destroy all student records in its systems in a secure manner. If there's no written request from the EA, iSpeax Tech, Inc. retains student data for 6 years.

For queries related to content or privacy regarding any applications used, contact the respective agency or institution.

iSpeax Tech, Inc. may periodically update this policy in response to evolving legislative requirements. Policy alterations that reduce privacy protections will only be made with written consent from the EA.

HIPAA Compliance

Student records shared with iSpeax Tech, Inc. by the EA within its platforms are classified as “education records” under FERPA and not “protected health information” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). FERPA protections mean the HIPAA Privacy Rule does not cover student health information in educational records. However, in its commitment to uphold all privacy standards, iSpeax Tech, Inc. ensures its operations align with HIPAA regulations.