These Terms of Service, alongside our Privacy Policy, govern your use of the MedReviews websites as a medical professional or patient.
Please review these Terms of Service and Privacy Policy, as your consent is the only way to receive our services.
In some cases, you may use third party services, which have additional terms.
MedReviews is a service which allows you to publish your professional portfolio and receive reviews.
We are not responsible for the contents of third party submissions, such as user reviews.
If you’re a patient, then some portions of these terms shall not be applicable to you, such as payments and data processing.
Our liability for the services provided and the products downloaded is limited, and our services are provided on an AS-IS basis. We cannot ensure that the results from the services shall be optimal or warrant that they would be satisfactory. We do not warrant for response times and provide responses to support services via email on a timely basis.

Registration, Accepting These Terms.
When enrolling into the service, you represent and warrant that you are over 18 years of age, or if you are a corporation, you obtained all required permits from the authorized signatory.
If you are a patient posting a review, then these terms shall apply to you as well, but you will not be required to sign-up.
SignupYou may sign up using your email, phone number and name. You may be requested with your phone number and email address to verify your identity.
We may also use your email address and phone number for sending newsletters and updates, as we explain in the privacy policy. We may send you an email to verify your ownership of the account.
Accepting These Terms. You are required to accept and provide your consent to these terms before using the services, before submitting your personal data in forms and when contacting us for support queries. Without your acceptance of these terms we may not be able to provide you with the services governed under these terms.

The Service
The Services comprise of our review engine, which allows doctors to obtain reviews and ask patients to review their services, our portfolio presentation, which allows doctors to present their services, our contact forms, that allow potential customers to contact doctors and to schedule appointments and our messaging service.
We may also offer tailored services, such as publishing of articles, promoting your services via social networks or adding other languages. They will be billed separately.
For providing some of the services, we may require access to your accounts via regular API or using your credentials. It is your sole responsibility to keep these credentials secure and you are the only person responsible for the use of these credentials.

Providing Us With Patient Details
If you’re a doctor and you provide us with any patient details, we require that they execute a consent form that allows you to provide us with the entire details we process on your behalf, including obtaining the type of treatment they received, their contact information and their consent to provide us with a review of your services and that such review may be public. We require that you only provide us with authentic, consensual, details and not of persons who did not receive any service from you.
Should you require that we execute a data processing addendum to provide these details, the addendum to these terms shall apply.
If you believe that the data you submit to us is covered by other legal frameworks, such as the US Health Insurance Portability and Accountability Act of 1996 then you should only submit it after obtaining the right permits under law, as well as consent from the applicable parties.

Content Policy
This content policy applies both to the content you submit through the service for us to use, share with others via the service or third parties, and for content others submit that you may use. For the avoidance of any doubt, this applies both to reviews and content submitted by doctors.
By either providing us with visual, textual, audiovisual, or other material or by using our service to share content, You hereby accept this content policy as set forth. You acknowledge that any violation of the content policy may cause termination of your service, removal of your content and legal action by both ourselves and the person whose rights were infringed.
For the purpose of this policy, the term Content shall refer to images and/or text and/or videos used by yourself while creating content through the service and published through it.

License
You hereby warrant that you are the sole owner and proprietor of any Content you distribute through the service, or that you are allowed to post it under this content policy. You hereby grant us an irrevocable, permanent, unlimited, world-wide, royalty-free, sublicensable, non-exclusive license to use your Content according to the functionality of service and through other third party services, including the creation of derivative works and the creation of three dimensional works. If you share your Content via a third party service, then you grant each person you share your Content with the right to send this Content to third parties, and to display, store or use this Content via such third party and according to its terms of service.
If there are any rights including trademark, patents, copyrights, or trade secrets in the ideas you submitted, then you waive them in respect to the ability of anyone to use them following your submission.

Our License To You
We provide you, as our user, a limited, non-transferrable, non-sublicensable, license to use all the images and works made available via the services in relation to the service and through its functionality.

Offensive Content
You hereby warrant that your Content is not offensive and does not infringe the right of any third party, including, but not only:

1. Intellectual Property Infringing. Your content does not infringe any third party copyright, design, patent, trademark, trade secrets or any other intellectual property rights.
2. Pornography Your Content does not contain any text, image or depiction including extreme nudity, profanity, sexual activity, sexual innuendos, sexually offensive or otherwise obscene. We may allow artistic nudity and non-pornographic use of exposed bodies.
3. Slanderous Your Content does not slander, defame or otherwise harm the good name of others.
4. Hate Speech and Racism Your Content does not include any hate speech or racist opinions, as well as does not incite others to violent acts against persons solely based on their inclusion in a specific group.

Warranty
You hereby warrant that you are either the sole proprietor or a designated licensee of your Content and that no other party's rights are infringed or violated by your use of the content and the Service. You moreover warrant that no legal claim, dispute or lawsuit was filed against You or threatened against You for publishing content through the service.

Notice & Takedown.
If you believe that any content hosted or posted using our services may infringe or violate any of your rights or applicable law; do contact us at info@medreviews.com and we will investigate such a complaint. Following the complaint, we will let the user who submitted the content know about it, and might inquire about its posting. Please note that our moderation, restoration or deletion of content does not mean that we are liable for the content in any form or under any law.

Payments
Prices for our services are as described and published on our website and the applicable page, or provided to you before collection of payment in writing.
Except as stated in these Terms of Service, the payments are non-refundable and shall be paid immediately and as a condition for the provision of the services.
Payment shall be made via credit card, PayPal or any other form acceptable by us.
Billing is recurring; this means that billing begins on the day you registered for our service and ends on the last calendar day that month; billing cycles shall be on the first day of each month.
Payment for tailored or premium services, such as publishing of articles, social media presence management or other services shall be added to the monthly payment or billed separately.
In cases where you agreed to a minimal term as a commitment period and terminated your relationship with us prior to the end of such commitment period, we may retain all funds pre-paid for such period, and refuse to allow early termination.
Requests for termination of the service shall be submitted at least five (5) days before the end of each billing cycle in order to be in effect before the next cycle.
Payments for setup fees are non-refundable and paid in advance.
As the paid service is provided solely for businesses, the Consumer Protection Act of 1981 shall not govern our relationship

Refunds
All refunds are provided according to the following guidelines:

• Any payment is non-refundable unless otherwise stated;
• Refunds are provided in case of non-delivery of the service;
• Refunds are provided in case we could not provide you with our services.

However, we may refuse to provide a refund, or provide a refund even outside the scope of our guidelines in case we believe such action is in place. Refunds may be provided by future credit or via cash refunds using PayPal, wire transfer or refund via credit card, at our discretion.

Support Services
Support email only; we will make reasonable efforts to respond within reasonable times.

Warranty
We supply the services on an “as-is” and “as-available” basis. Your use of the services is at your own risk and under your liability. We make no warranty that (i) the services will meet your requirements and (ii) the services will be uninterrupted, timely, secure, or error-free and (iii) the results that may be obtained from the use of the services will be accurate or reliable and (iv) the quality of any products, services, information, or other material purchased or obtained through the service will meet your expectations, or (v) any errors in the service will be corrected.

Liability
For no case and for no reason shall we be held liable for any damage, direct or indirect, consequential, exemplary, physical or special, to you, any other user or any third party due to its misperformance of duties herein. We provide Service on an AS-IS basis and shall not be held liable, to the extent permitted by law, by any case of misconduct, negligence, gross negligence, malice or any other mean, to any damages or loss of property, including loss of your funds, damages to property, reputation and business reputation, user account information including login information, loss of profit, loss of good name, all resulting from the use or inability to use services.
Reviews do not mean any liability by us. We are not responsible for their content or accuracy.

Indemnity
You hereby warrant and agree to hold us harmless and to indemnify us for any damage, loss, expense, legal expense or cost incurred as a result of your use of the services in direct violation of these terms of service, including any false representation.

Terminating The Service
We shall have the right to terminate your use of the service or to terminate the service at any time and by providing a one day prior notice.
Moreover we may terminate your use of the service at any time and without prior written notice in any case where you breached these terms and such breach may cause us irreparable harm.
We may suspend the services or any of its functionality, or disable features, if we believe that some fraud or error occurred.

Availability
We might disable the service from time to time for scheduled backups, maintenance or upgrades. In some extreme cases, where urgent maintenance is required, we may disable the service immediately and without notice.

Amending These Terms
We may amend these terms from time to time, provided that you shall be informed through electronic communication on such an amendment and shall be granted the option to terminate your agreements with us by providing a prior written notice. If you do not have a user account, we need not notify you on such amendments, as they will have no retroactive effect on your rights and obligations.

Severability
If, for any reason, a competent court shall find that one of the terms of these Terms of Service or the Privacy Policy is invalid, unenforceable or otherwise illegal, it shall have no effect on the other terms and stipulations of this agreement.

Governing Laws, Jurisdiction, No Class Action
The laws of the state of Israel shall exclusively govern these terms of service. The parties agree to the exclusive jurisdiction of the state and federal courts located in Tel-Aviv County.
You undertake to initiate only suits on your behalf and not to file any class action lawsuit against us.
Exhibit A, Data Processing Addendum

MedReviews DPA (Data Processing Addendum)
MedReviews takes the security of your data very seriously. As part of our effort, we process personal data in accordance with the General Data Protection Regulation (“GDPR”), the EU/US Privacy Shield principles (“Privacy Shield”), the laws of the US governing the handling of various types of personal data, and industry standards.
To better protect personal data, we are providing this Data Processing Amendment (DPA) to govern MedReviews’ and your handling of personal data. This DPA forms part of MedReviews’ Terms of Service and its Privacy Policy.

1. Definitions It is important that all parties understand what data and whose data is protected under this DPA. The following definitions explain the scope of this DPA and the commitment for data protection.
   1. “MedReviews”, “we”, “us”, or “our” refers to the provider of the MedReviews website and services.
   2. “You” or “Customer” refers to the company or organization that signs up to use the MedReviews service.
   3. “Party” refers to MedReviews and/or the customer, depending on the context.
   4. “Personnel” refers to those individuals who are employed by or are under contract to perform a service on behalf of one of the parties. Personnel may have rights in their personal data (including business contact information) if they reside in the EU.
   5. “Data Subjects” refers to individuals residing in the EU who are consumers or users of MedReviews services (also “consumers”).
   6. f. “Personal Data” is given the same meaning as in the GDPR which we summarize here as: any data relating directly or indirectly to an identifiable data subject. Personal data does not include any data that is anonymized, aggregated, de-identified and/or compiled on a generic basis and which does not name or identify a specific individual, directly or indirectly.
   7. “Processing” is given the same meaning as in the GDPR, which we summarize as including:
      1. i. collecting, recording, using, storing, amending, adapting, disclosing, transferring or transmitting,
      2. ii. structuring, using, combining, deleting or destroying, personal data (“Process” and “Processed” shall have similar meanings).
   8. h. “Controller” is given the same meaning as in the GDPR, which we summarize as the party that determines the purposes and means of the processing of personal data – the customer is the controller with respect to consumer personal data. Each party may be the controller of personal data it processes about the other’s personnel.
   9. i. “Processor” is the party that processes personal data on behalf of the controller – MedReviews is the processor of the personal data we process about your consumers.
   10. j. “Incident” means: (a) a complaint or a request with respect to the exercise of an individual’s rights under the GDPR; (b) an investigation into or seizure of the personal data by government officials, or a specific indication that such an investigation or seizure is imminent; or (c) any breach of the security and/or confidentiality as set out in this DPA leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, the personal data, or any indication of such breach having taken place or being about to take place. Our mission to protect personal data
2. Each party agrees that personal data shall be treated as confidential information under this DPA. In addition, each party shall at all times comply with applicable laws relating to data protection in the relevant jurisdiction with respect to each other’s personal data.
3. Personal Data shall remain the property of the disclosing party. MedReviews acknowledges that customer is the controller and maintains control over data subject’s personal data.
4. MedReviews will process customer’s personal data only to the extent strictly necessary for the purpose of providing the services in accordance with the Terms of Service and any further written instructions from the customer that are mutually agreed upon in writing.
5. MedReviews agrees that:
   1. it will implement and maintain a reasonable and appropriate security program comprising adequate security, technical and organizational measures to protect against unauthorized, unlawful or accidental processing, use, erasure, loss or destruction of, or damage to, customer personal data;
   2. it will not modify, alter, delete, publish or disclose any customer personal data to any third party, nor allow any third party to process such personal data on MedReviews’s behalf unless the third party is bound to similar confidentiality and data handling provisions;
   3. only its personnel who “need-to-know” will be given access to customer personal data to the extent necessary to perform its obligations under the Terms of Service it shall provide adequate training to its staff and ensure that they comply with the obligations in this DPA; and
   4. it will only process customer personal data to the extent necessary to perform its obligations under the Terms of Service, upon written instructions of the customer (only as mutually agreed upon), and in accordance with applicable laws.
6. Upon termination of your account you may contact MedReviews and instruct to delete or anonymize the personal data it has stored. MedReviews will then complete your personal data deletion/anonymization.
7. Customer efforts and MedReviews’ assistance
   1. Customer warrants that it has all necessary rights to provide to MedReviews the personal data for processing in connection with the provision of the MedReviews Services.
   2. To the extent required by applicable law, customer is responsible for ensuring that any data subject consents that may be necessary to this processing are obtained, and for ensuring that a record of such consents is maintained, including any consent to use personal data that is obtained from third parties. Should such consent be revoked by a data subject, customer is responsible for communicating the fact of such revocation to MedReviews, and MedReviews remains responsible for implementing any customer instruction with respect to the further processing of that personal data, or, as may be in accordance with any of MedReviews’s legal obligations.
8. Customer understands, as a controller, that it is responsible (as between customer and MedReviews) for:
   1. determining the lawfulness of any processing, performing any required data protection impact assessments, and accounting to regulators and individuals, as may be needed;
   2. making reasonable efforts to verify parental consent when data is collected on a data subject under 16 years of age;
   3. providing relevant privacy notices to data subjects as may be required in your jurisdiction, including notice of their rights and provide the mechanisms for individuals to exercise those rights;
   4. responding to requests from individuals about their data and the processing of the same, including requests to have personal data altered, corrected, or erased, and providing copies of the actual data processed;
   5. implementing your own appropriate technical and organizational measures to ensure and demonstrate processing in accord with this DPA;
   6. notifying individuals and any relevant regulators or authorities of any incident as may be required by law in your jurisdiction.
9. MedReviews shall assist the customer by implementing appropriate technical and organizational measures, insofar as this is reasonably and commercially possible (in MedReviews’s sole determination and discretion), in fulfilling customer’s obligations to respond to individuals’ requests to exercise rights under the GDPR.
10. MedReviews shall make available to the customer information reasonably necessary to demonstrate compliance with MedReviews’s obligations under this DPA.
11. Incident management
    1. When either party becomes aware of an incident that impacts the processing of personal data, it shall promptly notify the other about the incident and shall reasonably cooperate in order to enable the other party to perform a thorough investigation into the incident, to formulate a correct response, and to take suitable further steps in respect of the incident.
    2. Both parties shall at all times have in place written procedures which enable them to promptly respond to the other about an incident. Where the incident is reasonably likely to require a data breach notification under applicable laws, the party responsible for the incident shall notify the other no later than 24 hours of having become aware of such an incident
    3. Any notifications made under this section shall be made to info@medreviews.com (when made to MedReviews) and to our point of contact with you (when made to the customer), and shall contain:(i) a description of the nature of the incident, including, where possible, the categories and approximate number of individuals concerned and the categories and approximate number of records concerned; (ii) the name and contact details of the point of contact where more information can be obtained; (iii) a description of the likely consequences of the incident; and (iv) a description of the measures taken or proposed to be taken to address the incident including, where appropriate, measures to mitigate its possible adverse effects.
12. Liability and indemnity
    1. Each party indemnifies the other and holds them harmless against all claims, actions, third party claims, losses, damages and expenses incurred by the indemnified party and arising directly or indirectly out of or in connection with a breach of this DPA.
13. Duration and termination
    1. 1. This DPA shall come into effect on May 25, 2018 and shall continue until it is changed or terminated in accordance with the Terms of Service.
    2. Termination or expiration of this DPA shall not discharge the parties from the confidentiality obligations herein.
14. Incorporation of the Standard Contractual Clauses.
    1. The parties hereby incorporate the EU Standard Contractual Clauses of 2021, with the following choices and references.
    2. In respect to section 7, “Docking”, the parties agree that Docking is an option to the SCC. Module Two is selected. However, if other activities shall apply, the relevant module shall be incorporated.
    3. In respect to section 9, Option 2, of a general written authorization for sub-processors is agreed to undertake between the parties.
    4. In respect to section 11, complaints may be lodged with the relevant authority.
    5. In respect to section 17 an 18, the governing law shall be Ireland.
    6. In respect to the APPENDIX, the following shall be incorporated: The Data Importer and Exporter details are as stated in this DPA.
    7. The Categories of Data Subject are the Customer’s end-users and customers.
    8. The Categories of Personal Data transferred are as required and specified in MedReviews’ privacy policy.
    9. The frequency of the transfer is upon demand
    10. The nature of processing is as stated in the Privacy Policy and Data Processing Agreement.
    11. The purpose of processing is as stated in the Privacy Policy and Data Processing Agreement.
    12. The period of processing is as stated in the Privacy Policy and Data Processing Agreement
    13. The sub-processors are as stated in the Privacy Policy and Data Processing Agreement.
    14. The supervisory authority is the Irish data protection committee.
    15. The Sub-processors are as stated in the Privacy Policy.
    16. In respect to ANNEX II, The technical and organizational measures to ensure the security of the data are as stated in the Privacy Policy.