Terms of Service

Last Updated: August 9, 2025

Welcome to Cliniq! These Terms of Service ("Terms") are a binding legal agreement between you, a licensed medical practitioner ("User," "you," "your"), and Grassr Solutions ("Cliniq," "we," "us," or "our"), governing your use of the Cliniq web application, software, and all related services (collectively, the "Service").

By creating an account, or by accessing or using the Service, you agree to be bound by these Terms and our Privacy Policy. If you do not agree to these Terms, you may not use the Service.

1. Eligibility and Account Security

  • Eligibility: To use the Service, you must be a medical practitioner with a valid, current license and be in good standing within your jurisdiction of practice. By using the Service, you represent and warrant that you meet this requirement.

  • Account Registration: You agree to provide accurate, current, and complete information during registration and to keep this information updated.

  • Account Security: You are fully responsible for safeguarding your account credentials (username and password) and for all activities that occur under your account. You must notify us immediately of any suspected or actual unauthorized use of your account. Cliniq is not liable for any loss that you may incur as a result of someone else using your password or account, either with or without your knowledge.

2. User Responsibilities and Professional Conduct

  • Compliance with Laws: You are solely responsible for ensuring that your use of the Service complies with all applicable laws, regulations, and professional ethical guidelines. This includes, but is not limited to, the Data Privacy Act of 2012 (DPA), rules of the Department of Health, and your professional code of conduct.

  • Patient Data and Consent: You are the Personal Information Controller (PIC) for all patient data you input into the Service ("Patient Data"). You represent and warrant that you have obtained all necessary patient consents and have a legal basis for collecting, processing, and storing their information within the Service. You are solely responsible for the accuracy, quality, and legality of all Patient Data.

  • Professional Judgment: The Service is an administrative and decision-support tool. It is NOT a substitute for your independent professional medical judgment, skill, or experience. You are solely responsible for all diagnoses, treatments, prescriptions, and all other aspects of your clinical practice and patient care.

3. Third-Party Integrations

The Service may allow you to connect with third-party applications, such as Google Calendar ("Third-Party Services"). Your use of any Third-Party Service is subject to the following:

  • Your Discretion and Risk: Your use of a Third-Party Service is at your own discretion and risk.

  • Google Calendar Synchronization: If you choose to connect your Google Calendar, you grant Cliniq permission to access your calendar data as described in our Privacy Policy. You are responsible for ensuring that your use of the Google Calendar integration complies with all applicable regulations, including HIPAA. For HIPAA compliance, you must have a Google Workspace account that is covered by a valid Business Associate Agreement (BAA) with Google.

  • Third-Party Terms: You agree to comply with the applicable terms and conditions of any Third-Party Service you use. Cliniq is not a party to your agreement with the provider of the Third-Party Service.

  • No Liability: Cliniq is not responsible for and disclaims all liability related to any Third-Party Service, including its content, functionality, security, availability, or any data processing that occurs outside of the Cliniq platform.

4. Specific Terms for the AI Assistant

The Service includes an AI Assistant feature designed to analyze consultation notes and suggest potential differential diagnoses. You acknowledge and agree to the following:

  • Informational Tool Only: The AI Assistant is a supplementary, informational tool only. It is not a diagnostic device and has not been approved as such by the FDA or any medical authority.

  • No Substitute for Professional Judgment: The output of the AI Assistant is not medical advice and must not be used as a substitute for your own clinical evaluation and judgment.

  • Risk of Inaccuracy: The AI-generated suggestions may be inaccurate, incomplete, or inappropriate for a specific patient. You must independently verify all information.

  • Sole Responsibility: You are solely and exclusively responsible and liable for all clinical decisions, actions, and outcomes, regardless of whether you used the AI Assistant. You agree to hold Cliniq harmless from any claims arising from your reliance on the AI Assistant's output.

5. Responsibility for Exported and Printed Data

The Service allows you to print or export Patient Data. You acknowledge and agree that:

  • Cessation of Digital Security: Once Patient Data is printed, downloaded, or otherwise exported from the Service's secure digital environment, it is no longer protected by Cliniq's security measures.

  • Your Sole Responsibility: You, as the PIC, assume sole and complete responsibility for the security, safeguarding, storage, transport, and eventual proper disposal of any physical or locally-stored electronic copies of Patient Data, in compliance with all applicable laws.

  • No Liability: Cliniq shall have no liability for any breach, loss, or unauthorized disclosure of Patient Data that occurs after it has been exported or printed from the Service by you or your staff.

6. Fees and Payment

  • Subscription Fees: The Service is offered on a subscription basis. You agree to pay all applicable fees as described on our pricing page or in your service agreement. All fees are quoted in Philippine Pesos (PHP) unless otherwise stated.

  • Billing and Renewal: We will bill you in advance on a recurring basis (e.g., monthly or annually). Subscriptions automatically renew unless you cancel your subscription through your account settings prior to the renewal date.

  • No Refunds: All fees are non-refundable, except as required by law.

  • Taxes: You are responsible for paying all applicable taxes associated with your subscription.

7. Intellectual Property

All rights, title, and interest in and to the Service (excluding your Patient Data), including its software, design, branding, and "look and feel," are and will remain the exclusive property of Grassr Solutions.

8. Termination

  • Termination by You: You may cancel your subscription and terminate these Terms at any time through your account settings.

  • Termination by Us: We reserve the right to suspend or terminate your access to the Service at any time, with or without cause or notice, for any reason, including for a breach of these Terms.

  • Effect of Termination: Upon termination, your right to use the Service ceases immediately. We will provide you with a reasonable opportunity (e.g., 30 days) to export your Patient Data. After this period, we will permanently delete your account and all associated Patient Data from our production systems.

9. Warranty Disclaimer and Limitation of Liability

This section is a crucial part of these Terms and limits our liability to you. Please read it carefully.

9.1. Warranty Disclaimer

THE SERVICE, INCLUDING THE AI ASSISTANT, ANY THIRD-PARTY SERVICES, AND ANY DELIVERABLES ARE PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT ANY WARRANTY OF ANY KIND. GRASSR SOLUTIONS EXPLICITLY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT, AND NON-INFRINGEMENT. WE MAKE NO WARRANTY THAT THE SERVICE WILL BE UNINTERRUPTED, SECURE, OR ERROR-FREE, OR THAT THE RESULTS OR SUGGESTIONS (INCLUDING FROM THE AI ASSISTANT) WILL BE ACCURATE, RELIABLE, OR COMPLETE.

9.2. Limitation of Liability

IN NO EVENT SHALL GRASSR SOLUTIONS OR ITS AFFILIATES, OFFICERS, EMPLOYEES, OR AGENTS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, EXEMPLARY, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, LOSS OR CORRUPTION OF DATA, OR OTHER PECUNIARY LOSS) ARISING OUT OF THE USE OF OR INABILITY TO USE THE SERVICE, ANY THIRD-PARTY SERVICES, OR ANY DELIVERABLES, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS DISCLAIMER APPLIES TO ALL ASPECTS OF THE SERVICE AND THIS AGREEMENT.

OUR AGGREGATE LIABILITY TO YOU FOR ANY AND ALL CLAIMS ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OR THE SERVICE, WHETHER IN CONTRACT, TORT, OR OTHERWISE, IS LIMITED TO THE TOTAL AMOUNT OF FEES PAID BY YOU TO CLINIQ DURING THE SIX (6) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

10. Indemnification

You agree to defend, indemnify, and hold harmless Grassr Solutions, its officers, directors, employees, and agents from and against any and all claims, damages, obligations, losses, liabilities, costs, or debt, and expenses (including but not limited to attorney's fees) arising from: (i) your use of and access to the Service; (ii) your violation of any term of these Terms; (iii) your violation of any law, regulation, or third-party right, including any right of privacy or intellectual property right; (iv) any claim that your Patient Data caused damage to a third party (including a patient); or (v) your use of any Third-Party Service.

11. Modifications to the Terms

We may modify these Terms at any time. If we make material changes, we will notify you by email or through the Service. Your continued use of the Service after such changes become effective constitutes your acceptance of the new Terms.

12. Governing Law and Dispute Resolution

These Terms shall be governed by and construed in accordance with the laws of the Republic of the Philippines, without regard to its conflict of law principles. Any dispute, controversy, or claim arising out of or relating to these Terms shall be settled through binding arbitration in Davao City, Philippines. The arbitration shall be conducted in English.

13. General Provisions

  • Entire Agreement: These Terms, along with the Privacy Policy, constitute the entire agreement between you and Grassr Solutions regarding the Service.

  • Severability: If any provision of these Terms is held to be invalid or unenforceable, that provision will be enforced to the maximum extent permissible, and the remaining provisions will remain in full force.

  • Contact Information: For any questions about these Terms, please contact us at cliniq@grassr.solutions.

Privacy Policy

Last Updated: August 9, 2025

Welcome to Cliniq. Grassr Solutions ("Cliniq," "we," "us," or "our") is committed to protecting the privacy and security of information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you, a licensed medical practitioner ("User," "you," "your"), use our web application and services (collectively, the "Service").

This policy is designed to help you comply with your obligations under the Republic Act No. 10173, also known as the Data Privacy Act of 2012 (DPA), and its implementing rules and regulations.

By creating an account and using the Service, you acknowledge that you have read, understood, and agree to the collection, processing, and use of information in accordance with this policy. This Privacy Policy should be read in conjunction with our Terms of Service.

1. The Roles of the Parties under the Data Privacy Act (DPA)

To understand our respective data protection obligations, it is crucial to define our roles:

  • You (The User/Practitioner): For all data related to your patients that you input, upload, or manage within the Service ("Patient Data"), you are the "Personal Information Controller" (PIC) as defined by the DPA. This means you determine the purposes for which and the manner in which Patient Data is processed. You are solely responsible for ensuring the legality of processing and for obtaining all necessary patient consents.

  • Cliniq (The Service Provider): For this same Patient Data, Cliniq acts as the "Personal Information Processor" (PIP). We process this data strictly on your behalf and according to your instructions for the sole purpose of providing, maintaining, and securing the Service as detailed in these terms. For users subject to HIPAA, we act as a "Business Associate."

  • Your Account Information: For your own account and billing information that you provide to us, Cliniq is the PIC.

2. Information We Collect

A. Information You Provide to Us (Your Data)

  • Account Information: When you register, we collect your full name, email address, phone number, clinic/practice details, PRC license number, and a secure password.

  • Billing Information: To process subscription payments, our third-party payment processors (e.g., PayMongo, Stripe, PayPal) collect billing details, such as credit/debit card information and billing addresses. We do not store your full credit card information on our servers.

B. Information We Process on Your Behalf (Patient Data)

As a core function of the Service, you will provide Patient Data, which may include Sensitive Personal Information under the DPA. This may include, but is not limited to:

  • Demographic information (Name, Date of Birth, Gender, Address, Contact Details)

  • Medical History, Consultation Notes, Diagnoses, Prescriptions, and Lab Results

  • Appointment Schedules

  • Patient Photographs

You represent and warrant that you have a legal basis and have obtained all necessary consents from your patients to collect, process, and disclose their Patient Data using our Service.

C. Information from Third-Party Integrations You Authorize

  • Google Calendar Data: If you choose to connect your Google Calendar to the Service, we will collect data via the Google API to enable the synchronization. This includes information about your calendar events such as event titles, start and end times, and your free/busy status. We access this information on a read-only basis to display your external events within your Cliniq schedule.

D. Information from Your Use of the Service

  • Usage Data: We automatically collect metadata and analytics on how you interact with the Service, such as features used, clicks, session duration, and other actions. This helps us improve the Service.

  • Device and Log Information: We collect technical information from your device, including IP address, browser type, operating system, and error logs.

  • Cookies: We use cookies and similar technologies to operate the Service, authenticate your session, and remember your preferences.

3. How We Use Information

A. How We Use Your User Information (as a PIC)

  • To provide, operate, secure, and maintain the Service.

  • To process your subscription payments and manage your account.

  • To send you technical notices, security alerts, and administrative messages.

  • To respond to your support requests and inquiries.

  • To monitor and analyze usage and trends to improve our Service.

B. How We Use Patient Data (as a PIP)

Our use of Patient Data is strictly limited by our role as your Personal Information Processor. We will only process Patient Data to:

  • Provide, maintain, and secure the Service as directed by you.

  • Troubleshoot technical issues or provide support at your explicit request.

  • Process it through the AI Assistant feature to generate potential differential diagnoses, solely for your review within your account.

We will NEVER use, sell, rent, or share Patient Data for our own commercial purposes, such as advertising, data mining, or research, without your explicit, separate consent. Patient Data is NOT used to train our AI models for the benefit of other users.

C. How We Use Information from Third-Party Integrations

  • Google Calendar Data: We use the data accessed from your Google Calendar for the sole purpose of displaying your external appointments on your Cliniq calendar. This helps you view your availability and avoid scheduling conflicts. We do not store, share, or use this information for any other purpose. Cliniq will not write or push any Patient Data from the EMR into your Google Calendar.

4. How We Share Information

We do not sell your personal information or Patient Data. We may share information only in these limited circumstances:

  • With Third-Party Integrations You Authorize: When you connect a Third-Party Service like Google Calendar, we share a secure token with Google to authorize the connection, but we do not share your Patient Data with them.

  • With Service Providers: We engage third-party vendors to perform services on our behalf, such as cloud hosting (Google Cloud Platform) and payment processing. These providers are contractually bound to maintain the confidentiality and security of the data and are prohibited from using it for any other purpose.

  • For Legal Compliance: We may disclose information if we believe in good faith that it is required by law, subpoena, or other legal process, or to protect the rights, property, or safety of Cliniq, our users, or the public.

  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you via email and/or a prominent notice on our Service of any change in ownership.

  • With Your Consent: We may share information for other purposes with your explicit consent.

5. Data Security

We implement robust administrative, physical, and technical security safeguards designed to protect the information we process, in compliance with the DPA. These measures include:

  • Encryption of data in transit (TLS) and at rest.

  • Strict access controls and principles of least privilege.

  • Use of a secure cloud infrastructure provider (Google Cloud) covered by a Business Associate Amendment.

  • Regular security reviews and updates.

However, no security system is impenetrable. We cannot guarantee the absolute security of your information. You are also responsible for maintaining the security of your account by using a strong password and protecting it from unauthorized use.

Scope of Security: Our security safeguards apply only to data stored digitally within the Cliniq platform. Once data is exported, downloaded, or printed by you, it is no longer under our protection. You, as the PIC, are solely responsible for implementing your own security measures to protect physical or locally-stored copies of Patient Data.

6. Data Retention

We retain your User account information as long as your account is active or as needed to comply with our legal obligations.

We retain Patient Data on your behalf as long as your account is active. Upon termination of your account, you will be given a reasonable period (e.g., 30-60 days) to export your Patient Data. After this period, we will permanently and securely delete your account and all associated Patient Data from our production systems in accordance with our data destruction policies.

Data accessed via third-party integrations like Google Calendar is not permanently stored on our systems and is deleted when the session ends or when you disconnect the integration.

7. Your Rights and Choices

A. For Users (Practitioners)

You have the right to access, update, or correct your own account information at any time. You can also request the deletion of your account by contacting us.

B. Regarding Your Patients' Rights

As the PIC, you are responsible for honoring the rights of your patients (Data Subjects) under the DPA, which include the rights to be informed, to access, to object, to erasure or blocking, to rectification, and to data portability. Cliniq, as your PIP, will provide you with the necessary tools within the Service to help you respond to your patients' requests (e.g., exporting or deleting a patient's record). If we receive a request directly from one of your patients, we will direct them to contact you.

C. Managing Third-Party Integrations

You can connect or disconnect Third-Party Services like Google Calendar at any time through your account settings. Disconnecting an integration will revoke our access and stop any further data synchronization from that service.

8. HIPAA and International Use

Our Service is designed with security principles that align with HIPAA's technical safeguards. If you are a "Covered Entity" under the U.S. Health Insurance Portability and Accountability Act (HIPAA), you are responsible for determining if you require a Business Associate Agreement (BAA) with Grassr Solutions. Please contact us to initiate this process.

For integrations like Google Calendar, you are responsible for ensuring your use is HIPAA compliant. This requires you to have a Google Workspace account and an executed Business Associate Agreement (BAA) with Google that covers the use of Google Calendar. Using a personal/consumer Google account for this feature is not HIPAA compliant.

Your information is processed and stored on secure cloud servers which may be located outside of the Philippines. We rely on the robust data protection agreements and security certifications of our cloud provider (Google Cloud) to ensure that your data is treated securely and in accordance with this Privacy Policy.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a notice within the Service prior to the change becoming effective.

10. Contact Us

For any questions about this Privacy Policy or our privacy practices, please contact our Data Protection Officer at:

  • Grassr Solutions

  • Email: cliniq@grassr.solutions

  • Address: Davao City, Philippines