Terms of Service / 利用規約

2.1 Scope

These Terms of Service (the “Terms”) govern access to and use of Curelina (the “Service”) provided by Asmario LLC (“we”, “us”, “our”). If you use the Service on behalf of a healthcare organization or other entity (the “Customer”), you represent you have authority to bind Customer to these Terms.

2.2 Order of precedence

The following documents collectively form the “Agreement”:

1. Order Form / Master agreement / other written agreement (including any SLA, if applicable)
2. Addenda (e.g., HIPAA Business Associate Agreement (“BAA”), security addendum)
3. data-processing-addendum.md (the “DPA”)
4. These Terms

If there is a conflict, the order of precedence is generally 1 → 2 → 3 → 4.

However, for data-processing matters (privacy, retention/deletion, processor obligations), the DPA governs unless the parties expressly agree otherwise in writing. If a BAA applies to PHI, then for PHI-related matters the BAA governs to the extent agreed by the parties.

2.3 Definitions (excerpt)

• Authorized Users: Customer employees, contractors, and other users authorized by Customer.
• Customer Data: Data uploaded to or generated within the Service by Customer (including attachments, images, and comments).
• Service Data: Logs, audit logs, and metadata generated by us to operate and secure the Service.
• Personal Data: Information protected under applicable privacy laws, including health/sensitive data where applicable.
• PHI: “Protected Health Information” as defined by HIPAA, to the extent applicable.

2.4 Service overview and important notes

The Service supports healthcare operational workflows (e.g., sterilization/equipment management, incident reporting, maintenance management, traceability). The Service is not intended for emergency response, diagnosis, treatment, or clinical decision-making. Customer and Authorized Users remain responsible for all medical decisions and professional judgments.

2.5 Accounts, authentication, and access control

Customer is responsible for Authorized Users’ actions and for keeping credentials secure. We may require reasonable changes to authentication or access controls to protect the Service.

2.6 Notices

We may provide notices via the admin console, email to the registered address, website postings, or other reasonable means. Customer is responsible for keeping contact details current.

2.7 Customer Data (including potential PHI)

2.8 HIPAA (U.S.) and BAA

If Customer is a HIPAA Covered Entity or Business Associate, or otherwise intends to use the Service to process PHI, the parties will enter into a BAA, and PHI will be handled in accordance with the BAA. Customer must not upload PHI before a BAA is in place. We may use subprocessors (cloud, OCR, monitoring, etc.) with reasonable safeguards and contractual controls as described in the DPA and/or applicable addenda.

2.9 Suspension or restriction

We may suspend or restrict the Service for reasons including: breach, non-payment, security risk, legal or governmental request, maintenance, or incident response. Where practicable, we will provide notice and use reasonable efforts to minimize operational impact (except for emergencies or legal constraints). To the extent permitted by law, we are not liable for damages arising from such suspension or restriction except in cases of willful misconduct or gross negligence.

2.10 Intellectual property

We own all rights in the Service. Customer owns Customer Data. We may create and use aggregated and de-identified statistical datasets for service improvement and R&D; any resulting models/know-how belong to us. Such use is limited to data that cannot identify or re-identify an individual or any specific healthcare organization/facility.

2.11 Fees and payment

Fees are governed by the selected plan (including plan details displayed in the Service) and/or any Order Form. We may use third-party billing and payment services. Payment terms, refunds, and billing/payment procedures are governed by the selected plan, the Order Form, and such service providers’ terms. If payment is not confirmed, we may, after reasonable notice to Customer, suspend or restrict the Service or terminate the Agreement.

2.12 Confidentiality

Each party will protect the other party’s non-public information and use it only for the Agreement’s purpose.

2.13 Disclaimers

The Service is provided “as is” without warranties to the extent permitted by law.

2.14 Limitation of liability

Our total liability is capped at the greater of (i) fees paid in the prior 12 months or (ii) JPY 100,000, except where liability cannot be limited under applicable law or in cases of willful misconduct or gross negligence (and may be adjusted in an Order Form). To the extent permitted by law, we are not liable for lost profits or indirect, special, incidental, or consequential damages.

2.15 Maintenance and changes

We may perform maintenance or change specifications with reasonable prior notice where practicable; emergency changes may occur without prior notice.

2.16 Term and termination

Term, termination, and post-termination handling of data are governed by the Order Form and the DPA.

2.17 Changes to the Terms

We may update these Terms with reasonable prior notice for material changes.

2.18 Audit

Where available, we may provide third-party audit reports or security documentation (e.g., SOC 2 or ISO) within reasonable limits and subject to confidentiality and security constraints.

2.19 Anti-social forces

Each party represents it is not an anti-social force (or equivalent prohibited organization) and will not associate with such entities.

2.20 Force majeure

We are not liable for failures due to force majeure (including cloud outages) to the extent permitted by law.

2.21 Governing law and venue

Governing law: Japan
Venue: Fukuoka District Court shall have exclusive jurisdiction as the court of first instance.

2.22 Language

These Terms may be provided in Japanese and English. If there is a conflict between language versions, the Japanese version prevails.