Terms & Conditions
1. SERVICES
TheraLyze Inc. ("TheraLyze," "we," "us," or "our") shall provide to Customer ("Customer," "you," or "your") AI-powered pharmacovigilance case intake software as a service ("Services") as described in each statement of work, order form, or subscription agreement ("Order Form"). The Services include document processing, AI-powered data extraction, case management workflows, medical coding, narrative generation, E2B(R3) XML file generation, and integration capabilities with safety databases. Customer shall provide all relevant information, instructions, and access to Customer's information technology systems reasonably required for TheraLyze to provide the Services.
2. LICENSE AND OWNERSHIP
2.1 License Grant
Subject to Customer's compliance with these Terms and payment of applicable fees, TheraLyze grants Customer a limited, non-exclusive, non-transferable, non-sublicensable license to access and use the Services internally and solely for Customer's own pharmacovigilance operations during the subscription term.
2.2 TheraLyze Materials
"TheraLyze Materials" means all software, algorithms, AI models, data models, documentation, source code, object code, tools, methodologies, user interface designs, concepts, and other materials owned by or licensed to TheraLyze prior to, independently of, or in conjunction with its performance of the Services, and all intellectual property rights therein. TheraLyze Materials shall remain the sole and exclusive property of TheraLyze and its licensors. TheraLyze does not grant, and Customer does not receive, any ownership interest in TheraLyze Materials except for the limited license explicitly granted under these Terms.
2.3 Customer Data
Customer retains all ownership rights in data, documents, and information uploaded to the Services ("Customer Data"). By using the Services, Customer grants TheraLyze a limited license to process Customer Data solely to provide the Services to Customer. TheraLyze shall process Customer Data only in accordance with these Terms, applicable Order Forms, Customer's written instructions, and applicable law.
2.4 AI Model Training Restriction
TheraLyze will not use Customer Data to train, improve, develop, or enhance AI models for use with other customers or for any purpose other than providing Services to Customer. Customer Data remains isolated and is processed only to fulfill Customer's specific service requests. This restriction applies to all Customer Data in both sandbox and production environments.
2.5 Feedback
If Customer provides TheraLyze with feedback or suggestions regarding the Services or TheraLyze Materials, Customer agrees that such feedback will be shared on a non-confidential, non-proprietary basis and TheraLyze may use or not use such feedback to modify or enhance future services without any obligation to Customer. TheraLyze shall retain sole and exclusive ownership of the Services and TheraLyze Materials as modified using such feedback.
2.6 Proprietary Notices
Customer shall not remove, alter, modify, or deface any confidential, copyright, trademark, or other proprietary notices contained on, affixed to, encoded, or recorded in any TheraLyze Materials, and shall preserve all copyright and other proprietary notices with respect to all TheraLyze Materials.
3.RESTRICTIONS
Customer shall not, and shall not permit any third party to: (a) reverse engineer, decompile, disassemble, or analyze the Services or TheraLyze Materials for the purpose of re-identifying methodologies, algorithms, processes, or procedures; (b) access or derive source code for any licensed software; (c) use the Services to build a competitive product or service; (d) remove or modify any proprietary notices in the Services; (e) use the Services in violation of applicable laws or regulations; (f) share access credentials with unauthorized third parties; (g) attempt to gain unauthorized access to TheraLyze systems or networks; or (h) use the Services beyond the scope of the license granted herein. Any access to TheraLyze Materials by third parties shall be subject to TheraLyze's prior written consent and execution of appropriate access agreements.
4. FEES AND PAYMENT
4.1 Subscription Fees
Customer agrees to pay subscription fees as specified in the applicable Order Form. Unless otherwise specified, Customer shall pay invoiced amounts within thirty (30) days from the invoice date.
4.2 Free Sandbox and Trial
Free sandbox accounts include ten (10) case processing credits for evaluation purposes. Sandbox data is subject to automatic deletion per TheraLyze's data retention policy. Use of a free sandbox does not constitute acceptance of a paid subscription and requires separate Order Form execution for production use.
4.3 Late Payment
If Customer fails to pay any amount when due, Customer shall pay, in addition to the invoice amount, interest at a rate equal to one point five percent (1.5%) per month or the maximum amount permitted under applicable law, whichever is less, beginning thirty-five (35) days from the invoice date until such amounts are paid in full.
4.4 Taxes
All fees are exclusive of applicable taxes, duties, levies, and other governmental charges, which shall be Customer's responsibility, except for taxes based on TheraLyze's net income.
5. DATA PROTECTION AND SECURITY
5.1 Compliance
TheraLyze processes data in compliance with the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), Good Pharmacovigilance Practices (GxP), and other applicable data protection regulations. For detailed information on data processing practices, see TheraLyze's Privacy Policy and Data Processing Agreement available at theralyze.ai/privacy and theralyze.ai/dpa.
5.2 Security Measures
TheraLyze maintains ISO 27001:2022 and SOC 2 Type II certified security controls. All Customer Data is encrypted using AES-256 encryption at rest and TLS 1.3 encryption in transit. Services are hosted exclusively in European Union data centers (EU-West-1 Ireland and EU-Central-1 Frankfurt) with multi-availability zone redundancy for high availability and disaster recovery. Access to the Services is controlled through multi-factor authentication and role-based access control mechanisms.
5.3 Data Isolation
Each customer receives a dedicated, isolated environment with complete tenant separation at the database partition level. Customer Data is never shared across tenants or used for cross-customer analysis. All processing occurs within Customer's dedicated partition with separate customer-managed encryption keys where applicable.
5.4 AI Model Training Prohibition
Customer Data is never used to train, improve, or develop AI models for use by TheraLyze with other customers or for any commercial purpose. TheraLyze uses pre-trained AI models that process Customer Data for extraction and analysis purposes only, without any learning, model updates, fine-tuning, or knowledge transfer based on Customer's information. This prohibition applies to all Customer Data in sandbox, trial, and production environments without exception.
5.5 Data Location and Transfer
All data processing occurs exclusively within the European Union. Primary hosting infrastructure is located in EU-West-1 (Ireland) with backup and disaster recovery capabilities in EU-Central-1 (Frankfurt, Germany). No data transfers to third countries outside the European Union occur unless explicitly requested by Customer in writing and protected by European Commission-approved Standard Contractual Clauses or equivalent data transfer mechanisms.
5.6 Data Retention and Deletion
Sandbox data is automatically deleted after ten (10) days from upload or can be deleted immediately by Customer at any time through the user interface. Production data is retained according to Customer's subscription terms and applicable regulatory requirements, typically ten (10) years for pharmacovigilance data under EU GVP Module VI. Customer maintains full control over all data and may request deletion at any time through the case management interface, user settings, or by contacting support at theralyze.ai. Upon deletion request, TheraLyze will permanently delete all Customer Data within thirty (30) days and provide written certification of deletion upon request.
5.7 Customer Responsibilities
Customer is responsible for: (a) obtaining all necessary consents and authorizations to upload and process data through the Services; (b) ensuring compliance with applicable pharmacovigilance regulations including ICH E2B(R3), FDA, and EMA requirements; (c) maintaining security of access credentials and promptly notifying TheraLyze of any unauthorized access; (d) reviewing all AI-generated outputs for accuracy and medical appropriateness before use; and (e) making all final regulatory decisions regarding adverse event reporting and submission.
6. CONFIDENTIALITY
6.1 Confidential Information
Each party agrees not to communicate, disclose, or provide to any third party any information provided by one party to the other in connection with the Services which is identified at the time of disclosure as confidential or which, by its nature or type, reasonably should be regarded as confidential ("Confidential Information"), except as expressly permitted in these Terms. Customer acknowledges that TheraLyze Materials, including all software, algorithms, methodologies, and technical specifications, are Confidential Information of TheraLyze.
6.2 Standard of Care
Each party agrees to protect the Confidential Information of the other party using the same degree of care used to protect its own confidential information, but in no event less than a reasonable degree of care. Each party shall limit access to Confidential Information to employees, contractors, and advisors who have a legitimate need to know and who are bound by confidentiality obligations at least as protective as those contained herein.
6.3 Exceptions
Confidentiality obligations do not apply to information that: (a) is or becomes publicly available through no fault or breach by the receiving party; (b) was independently developed by the receiving party without reference to Confidential Information of the disclosing party; (c) was rightfully received from a third party without confidentiality obligations; provided, however, that Customer Data shall not be subject to these exceptions and shall remain confidential under all circumstances.
6.4 Permitted Disclosures
Nothing in these Terms restricts a party from disclosing Confidential Information where disclosure is compelled by court order, subpoena, or governmental authority of competent jurisdiction, provided that the disclosing party provides prompt written notice to the other party (unless legally prohibited) and cooperates to obtain protective treatment of such information.
7. TERM AND TERMINATION
7.1 Term
These Terms commence when Customer first accesses the Services and continue until terminated in accordance with this Section 7. Individual subscriptions shall have terms as specified in the applicable Order Form.
7.2 Subscription Renewal
Unless otherwise specified in an Order Form, subscriptions automatically renew for successive twelve (12) month periods at TheraLyze's then-current rates, unless either party provides written notice of non-renewal at least sixty (60) days prior to the end of the then-current term.
7.3 Termination for Convenience
Either party may terminate a subscription upon thirty (30) days' prior written notice to the other party. Prepaid subscription fees are non-refundable except as provided in Section 7.6.
7.4 Termination for Cause
Either party may terminate these Terms or any Order Form immediately upon written notice if the other party: (a) materially breaches these Terms or the Order Form and fails to cure such breach within thirty (30) days after receiving written notice; (b) breaches any license restrictions, confidentiality obligations, intellectual property rights, data protection provisions, or payment obligations; (c) becomes insolvent, makes an assignment for the benefit of creditors, or has a receiver or administrator appointed; or (d) ceases business operations.
7.5 Effect of Termination
Upon termination or expiration: (a) Customer's license to use the Services and TheraLyze Materials terminates immediately; (b) Customer shall immediately cease all use of TheraLyze Materials and Services; (c) TheraLyze will delete Customer Data in accordance with Customer's written instructions or applicable data retention policies within thirty (30) days; (d) Customer shall provide TheraLyze with written instructions regarding data export or deletion within fifteen (15) days of termination; (e) Customer remains responsible for all fees incurred through the effective termination date; and (f) TheraLyze will provide Customer with an export of Customer Data in E2B(R3) XML format upon request and written certification of data deletion.
7.6 Refund for Service Discontinuation
If TheraLyze discontinues the Services with respect to all customers and Customer has prepaid fees for Services not yet provided, Customer shall receive a pro-rata refund of prepaid fees for the discontinued Services calculated from the discontinuation date through the end of the prepaid period.
7.7 Survival
The following sections survive termination or expiration: Section 2 (License and Ownership), Section 3 (Restrictions), Section 4 (Fees and Payment), Section 5 (Data Protection), Section 6 (Confidentiality), Section 8 (Warranties and Disclaimers), Section 9 (Limitation of Liability), Section 10 (Pharmacovigilance Responsibilities), and Section 11 (General Provisions).
8. WARRANTIES AND DISCLAIMERS
8.1 Limited Warranty
TheraLyze warrants that the Services will substantially conform to TheraLyze's published documentation available at theralyze.ai/docs during the subscription term. Customer's exclusive remedy and TheraLyze's sole liability for breach of this warranty shall be for TheraLyze to use commercially reasonable efforts to correct any material non-conformance properly reported by Customer in writing within sixty (60) days of discovery.
8.2 Disclaimer of Warranties
EXCEPT AS EXPRESSLY PROVIDED IN SECTION 8.1, THE SERVICES, DELIVERABLES, AND THERALYZE MATERIALS ARE PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS WITHOUT WARRANTIES OF ANY KIND. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THERALYZE EXPRESSLY DISCLAIMS ALL WARRANTIES, REPRESENTATIONS, CONDITIONS, AND GUARANTEES WITH RESPECT TO THE SERVICES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, SATISFACTORY QUALITY, ACCURACY, OR RELIABILITY.
8.3 No Medical or Regulatory Advice
TheraLyze is a technology platform provider and does not provide medical advice, pharmacovigilance services, or regulatory consulting. The Services are tools to assist with data processing and case management, but all medical decisions, causality assessments, regulatory submissions, and compliance determinations remain the sole responsibility of Customer and must be made by qualified pharmacovigilance professionals.
8.4 Regulatory Compliance Responsibility
While TheraLyze designs Services to support GxP-compliant workflows and provides tools for regulatory compliance, Customer remains solely responsible for ensuring that its use of the Services complies with all applicable pharmacovigilance regulations, including but not limited to ICH E2B(R3) standards, FDA regulations under 21 CFR Parts 312 and 314, EMA guidelines, and local competent authority requirements. Customer is responsible for validating the Services for its intended use in accordance with applicable computer system validation requirements.
9. LIMITATION OF LIABILITY
9.1 No Consequential Damages
TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THERALYZE SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING WITHOUT LIMITATION LOST BUSINESS, LOST OR ANTICIPATED SAVINGS, LOST PROFITS, LOST REVENUE, LOST DATA, LOST GOODWILL, BUSINESS INTERRUPTION, OR THIRD PARTY CLAIMS, WHETHER FORESEEABLE OR NOT, ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OR THE SERVICES, EVEN IF THERALYZE HAS BEEN ADVISED, KNEW, OR SHOULD HAVE KNOWN OF THE POSSIBILITY OF SUCH DAMAGES, AND REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT, INCLUDING NEGLIGENCE, STRICT LIABILITY, OR OTHERWISE.
9.2 Liability Cap
TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THERALYZE'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS, WHETHER IN CONTRACT, TORT, OR UNDER ANY OTHER THEORY OF LIABILITY, SHALL NOT EXCEED THE TOTAL FEES PAID BY CUSTOMER TO THERALYZE UNDER THE APPLICABLE ORDER FORM DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.
9.3 Exceptions to Limitations
Nothing in these Terms excludes or limits either party's liability for: (a) death or personal injury caused by its negligence; (b) fraud or fraudulent misrepresentation; (c) willful misconduct or gross negligence; (d) breach of confidentiality obligations regarding Customer Data; (e) indemnification obligations under Section 11.8; or (f) any other liability that cannot be excluded or limited under applicable law.
9.4 Essential Purpose
Customer acknowledges that the fees reflect the allocation of risk set forth in these Terms and that TheraLyze would not enter into these Terms without these limitations on its liability. The parties agree that the limitations of liability set forth in this Section 9 shall apply even if any limited remedy fails of its essential purpose.
10. PHARMACOVIGILANCE RESPONSIBILITIES
10.1 No Pharmacovigilance Service Provider
TheraLyze is a software technology provider, not a pharmacovigilance service provider, contract research organization, or medical professional. TheraLyze: (a) is not retained for the purpose of identifying, evaluating, or reporting adverse events to regulatory authorities; (b) does not provide pharmacovigilance services as defined under applicable regulations; (c) does not have independent regulatory reporting obligations; (d) does not monitor Customer Data for safety signals or emerging risks; and (e) shall not be deemed to have breached these Terms or be liable for damages if TheraLyze fails to identify or report any adverse event, safety signal, or other pharmacovigilance information.
10.2 Customer Pharmacovigilance Obligations
Customer acknowledges and agrees that Customer remains solely and exclusively responsible for: (a) reviewing all AI-generated outputs for medical accuracy, completeness, and appropriateness; (b) making all pharmacovigilance decisions including causality assessments, seriousness determinations, and expectedness evaluations; (c) ensuring compliance with all applicable adverse event reporting timelines, including fifteen (15) day expedited reporting requirements for serious and unexpected events; (d) submitting Individual Case Safety Reports (ICSRs) and other required reports to competent authorities; (e) maintaining a pharmacovigilance system in accordance with applicable regulations; (f) conducting ongoing safety surveillance, signal detection, and benefit-risk assessments; (g) having qualified persons review all case processing and make final determinations; and (h) validating the Services for its intended use in accordance with applicable computer system validation requirements.
10.3 No Adverse Event Monitoring
Under no circumstances shall TheraLyze be obligated or expected to search for, identify, monitor, evaluate, or report any adverse events, safety signals, or pharmacovigilance information based on Customer Data or TheraLyze's databases. Any adverse event information processed through the Services is processed solely at Customer's direction for Customer's use in fulfilling Customer's own regulatory obligations.
10.4 Qualified Person Oversight
Customer represents and warrants that all use of the Services and all decisions made based on AI-generated outputs are subject to review and approval by qualified persons as defined under applicable pharmacovigilance regulations, including but not limited to Qualified Persons for Pharmacovigilance (QPPVs) under EU regulations or equivalent positions under other jurisdictions.
11. GENERAL PROVISIONS
10.1 No Pharmacovigilance Service Provider
TheraLyze is a software technology provider, not a pharmacovigilance service provider, contract research organization, or medical professional. TheraLyze: (a) is not retained for the purpose of identifying, evaluating, or reporting adverse events to regulatory authorities; (b) does not provide pharmacovigilance services as defined under applicable regulations; (c) does not have independent regulatory reporting obligations; (d) does not monitor Customer Data for safety signals or emerging risks; and (e) shall not be deemed to have breached these Terms or be liable for damages if TheraLyze fails to identify or report any adverse event, safety signal, or other pharmacovigilance information.
10.2 Customer Pharmacovigilance Obligations
Customer acknowledges and agrees that Customer remains solely and exclusively responsible for: (a) reviewing all AI-generated outputs for medical accuracy, completeness, and appropriateness; (b) making all pharmacovigilance decisions including causality assessments, seriousness determinations, and expectedness evaluations; (c) ensuring compliance with all applicable adverse event reporting timelines, including fifteen (15) day expedited reporting requirements for serious and unexpected events; (d) submitting Individual Case Safety Reports (ICSRs) and other required reports to competent authorities; (e) maintaining a pharmacovigilance system in accordance with applicable regulations; (f) conducting ongoing safety surveillance, signal detection, and benefit-risk assessments; (g) having qualified persons review all case processing and make final determinations; and (h) validating the Services for its intended use in accordance with applicable computer system validation requirements.
10.3 No Adverse Event Monitoring
Under no circumstances shall TheraLyze be obligated or expected to search for, identify, monitor, evaluate, or report any adverse events, safety signals, or pharmacovigilance information based on Customer Data or TheraLyze's databases. Any adverse event information processed through the Services is processed solely at Customer's direction for Customer's use in fulfilling Customer's own regulatory obligations.
10.4 Qualified Person Oversight
Customer represents and warrants that all use of the Services and all decisions made based on AI-generated outputs are subject to review and approval by qualified persons as defined under applicable pharmacovigilance regulations, including but not limited to Qualified Persons for Pharmacovigilance (QPPVs) under EU regulations or equivalent positions under other jurisdictions.
10. PHARMACOVIGILANCE RESPONSIBILITIES
10.1 No Pharmacovigilance Service Provider
TheraLyze is a software technology provider, not a pharmacovigilance service provider, contract research organization, or medical professional. TheraLyze: (a) is not retained for the purpose of identifying, evaluating, or reporting adverse events to regulatory authorities; (b) does not provide pharmacovigilance services as defined under applicable regulations; (c) does not have independent regulatory reporting obligations; (d) does not monitor Customer Data for safety signals or emerging risks; and (e) shall not be deemed to have breached these Terms or be liable for damages if TheraLyze fails to identify or report any adverse event, safety signal, or other pharmacovigilance information.
10.2 Customer Pharmacovigilance Obligations
Customer acknowledges and agrees that Customer remains solely and exclusively responsible for: (a) reviewing all AI-generated outputs for medical accuracy, completeness, and appropriateness; (b) making all pharmacovigilance decisions including causality assessments, seriousness determinations, and expectedness evaluations; (c) ensuring compliance with all applicable adverse event reporting timelines, including fifteen (15) day expedited reporting requirements for serious and unexpected events; (d) submitting Individual Case Safety Reports (ICSRs) and other required reports to competent authorities; (e) maintaining a pharmacovigilance system in accordance with applicable regulations; (f) conducting ongoing safety surveillance, signal detection, and benefit-risk assessments; (g) having qualified persons review all case processing and make final determinations; and (h) validating the Services for its intended use in accordance with applicable computer system validation requirements.
10.3 No Adverse Event Monitoring
Under no circumstances shall TheraLyze be obligated or expected to search for, identify, monitor, evaluate, or report any adverse events, safety signals, or pharmacovigilance information based on Customer Data or TheraLyze's databases. Any adverse event information processed through the Services is processed solely at Customer's direction for Customer's use in fulfilling Customer's own regulatory obligations.
10.4 Qualified Person Oversight
Customer represents and warrants that all use of the Services and all decisions made based on AI-generated outputs are subject to review and approval by qualified persons as defined under applicable pharmacovigilance regulations, including but not limited to Qualified Persons for Pharmacovigilance (QPPVs) under EU regulations or equivalent positions under other jurisdictions.
12. CONTACT INFORMATION
For questions regarding these Terms, the Services, or to report any issues, contact TheraLyze at:
General Inquiries: support@theralyze.ai
Legal Matters: legal@theralyze.ai
Data Protection: dpo@theralyze.ai
Security Issues: security@theralyze.ai
Sales and Enterprise: sales@theralyze.ai
Mailing Address:
TheraLyze Inc.
4695 Chabot Dr Suite 200
Pleasanton, CA 94588
United States
Website: theralyze.ai
BY ACCESSING OR USING THE THERALYZE SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THESE TERMS OF SERVICE. IF YOU DO NOT AGREE TO THESE TERMS, DO NOT ACCESS OR USE THE SERVICES.