Terms & Conditions

These Terms & Conditions (“Terms”) govern your access to and use of the Agilis Inspections platform and any related websites, edge functions, mobile interfaces, and APIs operated by Agilis Inc. (collectively, the “Service”). By accessing or using the Service, you agree to these Terms. If you are using the Service on behalf of an organization, you represent that you are authorized to bind that organization, and “you” refers to that organization.

Where your organization has a signed master subscription agreement, Data Processing Addendum, or HIPAA Business Associate Agreement with Agilis Inc., that agreement controls in case of conflict with these Terms.

1. Accounts and access

• Access to the Service is granted on a per-account basis by your organization's administrator and is subject to your organization's internal policies and Agilis's access-control rules.
• Each user must have a unique account. Shared, group, or rotating accounts are prohibited. You may not let another person use your account or transfer your account to anyone else without administrator approval.
• You are responsible for keeping your credentials confidential, for maintaining a current and unique password, for enabling multi-factor authentication where offered, and for all activity that occurs under your account.
• Report lost or compromised credentials, suspected unauthorized access, or other security concerns to agilis@agilisinc.com immediately, and follow the Security Policy for vulnerability reports.
• The Service enforces session idle timeout, account lockout after repeated failed sign-in attempts, server-side identity verification, and other access controls. You agree not to disable, circumvent, or interfere with these controls.

2. Acceptable use

You agree not to, and not to permit any person to:

• access or attempt to access another tenant's data, accounts, or storage;
• probe, scan, or test the security of the Service except as expressly authorized by our Security Policy;
• interfere with, degrade, or disrupt the Service, including by sustained automated scanning, denial-of-service activity, or excessive request rates outside published limits;
• reverse-engineer, decompile, or attempt to extract source code, except to the extent that applicable law expressly permits notwithstanding this restriction;
• upload viruses, malware, or other malicious code, or any content you do not have the right to upload;
• upload protected health information (PHI) outside the scope of an executed Business Associate Agreement, upload cardholder data, or upload other regulated data outside the contractually agreed scope;
• scrape, copy, or systematically extract data from the Service except via interfaces and rate limits we expose for that purpose, and only for your own data;
• use the Service to send unsolicited communications, to harass, defame, or threaten any person, or to violate any law;
• resell, sublicense, or make the Service available to a third party other than your authorized users.

Detection of acceptable-use violations may result in suspension, account termination, audit-log review, and, where warranted, notification to law enforcement.

3. Customer data ownership

As between you and Agilis, your organization owns the inspection records, scoring, comments, uploaded evidence, and other content your users submit (“Customer Data”). You grant Agilis a limited, non-exclusive license to host, process, transmit, display, back up, and otherwise use Customer Data solely to provide, secure, and support the Service for you, to comply with law, and to produce de-identified or aggregated analytics that do not identify you or any individual.

Agilis acts as a processor / service provider / business associate with respect to Customer Data, as described in the Privacy Policy. Agilis does not sell Customer Data and does not use it for advertising or to train third-party generative-AI models. Where the Service offers AI features, inputs are sent to a contracted vendor under terms that prohibit use of those inputs for model training.

4. Agilis intellectual property

The Service, including all software, models, designs, documentation, and the Agilis name and logos, is owned by Agilis Inc. and is protected by intellectual-property laws. Subject to your compliance with these Terms, Agilis grants you a limited, non-exclusive, non-transferable, non-sublicensable right to access and use the Service for your internal business purposes during the term of your subscription. All rights not expressly granted are reserved by Agilis Inc.

Feedback you voluntarily provide about the Service is non-confidential, and you grant Agilis a perpetual, royalty-free license to use it to improve the Service. We will not associate publicly disclosed feedback with you without your permission.

5. AI-assisted features

Some Service features use machine-learning models, including third-party models accessed via API, to produce summaries, suggestions, or compliance review output (“AI Output”). AI Output may be inaccurate or incomplete. You are responsible for reviewing AI Output for accuracy and suitability before relying on it for any compliance, regulatory, clinical, or business decision. Agilis does not warrant that AI Output is correct or fit for any particular purpose, and AI Output does not constitute legal, medical, or other professional advice.

6. Subprocessors and third-party services

Agilis uses a small set of contracted vendors (currently Supabase, Microsoft Azure, GitHub, Resend, and OpenAI) to deliver the Service. Each vendor is reviewed annually under our Vendor Management Policy and is contractually bound to confidentiality, encryption, access-control, and incident-notification obligations. See the Privacy Policy for the current list and tiering.

Vulnerabilities or incidents inside a vendor's own platform are addressed by the vendor; we coordinate and notify affected customers per our Incident Response Plan and the SLAs in your master agreement or BAA.

7. Confidentiality

Each party will protect the other's confidential information using at least the same care it uses to protect its own confidential information of like kind, and will use it only to perform under these Terms. Confidential information does not include information that is or becomes publicly available through no fault of the receiving party, was already known free of confidentiality obligations, or is required to be disclosed by law (in which case the receiving party will, where legally permitted, give the disclosing party prompt notice).

8. Service availability and changes

Agilis works to keep the Service available and performant, but the Service is provided on an “as is” basis and Agilis does not commit to any specific uptime through these Terms. Where you have a signed master agreement with an availability SLA, that SLA controls. We may suspend the Service where necessary to address a security risk, prevent harm to other customers, comply with law, or perform planned maintenance, and we will use commercially reasonable efforts to give advance notice of planned maintenance.

We may add, change, or remove features, and we may discontinue features that are no longer supported. Material removals to active customer surfaces will be communicated to administrators in advance.

9. Vulnerability disclosure and safe harbor

Good-faith security research is welcome under the terms of our Security Policy. If you act in good faith and follow that policy, including avoiding privacy violations, avoiding service disruption, not accessing or retaining customer data beyond what is strictly necessary to demonstrate the issue, and providing a reasonable remediation window before any public disclosure, Agilis will not pursue legal action under these Terms in connection with the research.

10. Term, suspension, and termination

• These Terms apply for as long as you access or use the Service. Your subscription term, renewal, and billing are governed by your master agreement (where one exists) or by your administrator's ordering process.
• We may suspend or terminate access where you materially breach these Terms, where required by law, or to protect the security or integrity of the Service.
• You may stop using the Service at any time by closing your account through your administrator. Customer Data is retained per the retention schedule in the Privacy Policy (a 90- to 180-day grace period after voluntary closure to permit reactivation or export, then permanent deletion).
• On termination, you should export Customer Data using the export feature or via API before the end of the grace period. Sections that by their nature should survive termination (Customer Data ownership, Confidentiality, IP, Disclaimers, Limitation of Liability, Indemnity, Governing Law) survive.

11. Disclaimers

EXCEPT WHERE EXPRESSLY STATED IN A SIGNED AGREEMENT, THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE.” TO THE FULLEST EXTENT PERMITTED BY LAW, AGILIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. AGILIS DOES NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR SECURE AGAINST ALL UNAUTHORIZED ACCESS, OR THAT AI OUTPUT WILL BE ACCURATE.

The Service is a back-of-house facilities-inspection tool. It is not medical advice, clinical decision support, regulatory legal advice, or a substitute for professional judgment. You are responsible for your own compliance with Joint Commission, CMS, state-survey, and other regulatory requirements.

12. Limitation of liability

TO THE FULLEST EXTENT PERMITTED BY LAW, NEITHER PARTY WILL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR FOR ANY LOSS OF PROFITS, REVENUE, GOODWILL, OR DATA, ARISING FROM OR RELATING TO THE SERVICE OR THESE TERMS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Where a master agreement specifies a liability cap, that cap controls. Otherwise, each party's total cumulative liability arising from or related to the Service or these Terms will not exceed the greater of (a) the amounts paid by you to Agilis for the Service in the twelve months preceding the event giving rise to the claim, or (b) one hundred U.S. dollars (USD 100). These limits do not apply to a party's indemnity obligations, breach of confidentiality, infringement of the other party's intellectual property, or to liabilities that cannot be limited under applicable law.

13. Indemnification

You will defend, indemnify, and hold Agilis harmless from third-party claims, damages, and expenses (including reasonable attorneys' fees) arising out of (a) Customer Data you submit, including any claim that it infringes a third party's rights or violates law; (b) your use of the Service in violation of these Terms; or (c) your violation of applicable law. Agilis will defend, indemnify, and hold you harmless from third-party claims that the Service, used in accordance with these Terms, infringes a U.S. patent, copyright, or trade secret, subject to the limitations in Section 12.

14. Compliance with law

Each party will comply with applicable law in its use and operation of the Service, including export-control laws, privacy laws (such as state privacy statutes, GDPR where applicable, and HIPAA where in scope), and anti-corruption laws. You will not use the Service in a country, or by a person, subject to comprehensive U.S. sanctions.

15. Changes to these Terms

We may update these Terms as the Service, our vendors, or applicable law evolves. Material changes are communicated to active customer administrators by email at least 30 days before they take effect, except where a faster change is required by law or to address a security risk. Continued use of the Service after the effective date constitutes acceptance of the updated Terms. The effective date at the top of this page indicates the latest version; prior versions are available on request.

16. Governing law and disputes

These Terms are governed by the laws of the United States and of the state in which Agilis Inc. is organized, without regard to conflict-of-laws principles. The parties submit to the exclusive jurisdiction of the state and federal courts located in that state for any dispute arising out of these Terms, except that either party may seek injunctive relief in any court of competent jurisdiction to protect its confidential information or intellectual property. Where you have a master agreement with Agilis that specifies a different governing law or dispute-resolution process, that agreement controls.

17. Miscellaneous

• Entire agreement. These Terms, together with the Privacy Policy, the Security Policy, and any signed master agreement, are the entire agreement between the parties regarding the Service.
• Assignment. You may not assign these Terms without our prior written consent. Agilis may assign these Terms to an affiliate or in connection with a merger, acquisition, or sale of substantially all of its assets.
• Severability. If any provision is held unenforceable, the remaining provisions remain in full force and the unenforceable provision is reformed only to the extent necessary to make it enforceable.
• No waiver. Failure to enforce a provision is not a waiver of the right to enforce it later.
• Force majeure. Neither party is liable for delay or failure caused by events beyond its reasonable control.
• Independent contractors. The parties are independent contractors. These Terms do not create a partnership, joint venture, or agency relationship.

18. Contact

For questions about these Terms, contact agilis@agilisinc.com. For security reports, follow the Security Policy and the contacts at /.well-known/security.txt.