Terms of Service

1. Acceptance of Terms

By creating an account, accessing, or using Certivo's electronic signature platform (the "Service"), you agree to comply with and be bound by these Terms of Service. These Terms constitute a legally binding agreement between you ("User," "you," or "your") and Certivo ("Certivo," "we," "us," or "our").

If you are using the Service on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms, and "you" refers to both you individually and the organization.

2. Description of Service

Certivo provides a cloud-based electronic signature platform designed for FDA 21 CFR Part 11 compliance, specifically for clinical research, life sciences, and regulated industries. The Service includes:

• Electronic signature workflows with full audit trails
• Document management and storage
• Two-factor authentication (2FA) for signature events
• Compliance with FDA 21 CFR Part 11, ESIGN Act, and eIDAS regulations
• Digital logs and templates
• Automated workflow features
• Long-term data retention (25 years for compliant records)

3. Account Registration and Eligibility

3.1 Eligibility

You must be at least 18 years old and capable of forming a binding contract to use the Service. By using the Service, you represent that you meet these requirements.

3.2 Account Security

You are responsible for:

• Maintaining the confidentiality of your account credentials
• All activities that occur under your account
• Immediately notifying us of any unauthorized use
• Ensuring your account information is accurate and up-to-date

3.3 Organization Accounts

Organization administrators are responsible for managing team member access, roles, and permissions. You agree to ensure that all users within your organization comply with these Terms.

4. Subscription Plans and Pricing

4.1 Trial Period

4.2 Paid Subscription Plans

Certivo offers the following subscription tiers:

• Basic Plan ($29.99/month): Up to 5 users, 100 documents/month, 25GB storage
• Professional Plan ($79.99/month): Up to 15 users, 500 documents/month, 100GB storage, priority support
• Business Plan ($249.99/month): Up to 50 users, 2000 documents/month, 500GB storage, dedicated support
• Enterprise Plan (Custom Pricing): Custom user limits, document volumes, storage, and dedicated account management

All pricing is in USD and billed monthly unless otherwise specified. Pricing is subject to change with 30 days' notice.

4.3 Payment Terms

• Subscription fees are charged monthly in advance
• Payment is processed through Stripe, our third-party payment processor
• You authorize us to charge your payment method on file
• Failed payments may result in service suspension
• No refunds for partial months or unused features

4.4 Overage Charges

For Professional and Business plans, overage charges apply if you exceed plan limits:

• Additional users: Billed at per-user rates specified in your plan
• Additional documents: Billed per 100 documents over limit
• Overage charges are billed monthly in arrears

5. Acceptable Use

5.1 Permitted Use

You may use the Service for lawful business purposes, including:

• Obtaining legally binding electronic signatures
• Managing clinical trial documentation (paid plans only)
• Maintaining FDA 21 CFR Part 11 compliance
• Workflow automation for document approvals

5.2 Prohibited Conduct

You agree NOT to:

• Upload real patient data, PHI, or production clinical data during trial periods
• Use the Service for any illegal or fraudulent purpose
• Attempt to gain unauthorized access to our systems
• Reverse engineer, decompile, or disassemble the Service
• Remove or modify any proprietary notices
• Use the Service to send spam or unsolicited communications
• Violate any applicable laws or regulations
• Impersonate another person or entity
• Share your account credentials with unauthorized users

6. Data Ownership and Usage

6.1 Your Data

You retain all ownership rights to the content you upload to the Service ("Your Data"). By using the Service, you grant us a limited license to process, store, and transmit Your Data solely to provide the Service.

6.2 Data Security

We implement industry-standard security measures including:

• 256-bit AES encryption at rest
• TLS 1.2+ encryption in transit
• SOC 2 Type II compliance
• Regular security audits and penetration testing
• Role-based access control

6.3 Data Retention

• Paid Subscriptions: Data retained indefinitely (or as required by applicable regulations such as FDA 21 CFR Part 11, which mandates retention for the life of the device or 25 years)
• Trial Accounts: Data retained for 60 days after trial expiration, then permanently deleted
• Canceled Accounts: Data available for export for 60 days after cancellation

6.4 Data Export

You may export Your Data at any time through the Service interface. We provide export functionality in common formats (PDF, CSV, JSON).

7. Compliance and Regulatory Requirements

7.1 FDA 21 CFR Part 11 Compliance

Certivo is designed to meet FDA 21 CFR Part 11 requirements for electronic records and electronic signatures:

• Comprehensive audit trails capturing all user actions
• Two-factor authentication (2FA) for signature events
• Unique user identification and authentication
• Meaning of signature recorded (name, date, purpose)
• Tamper-evident records with cryptographic hashing
• System validation documentation available upon request

7.2 Your Compliance Obligations

While Certivo provides compliant infrastructure, you remain responsible for:

• Ensuring users are properly trained on electronic signature procedures
• Maintaining Standard Operating Procedures (SOPs) for system use
• Conducting periodic user audits
• Maintaining appropriate data backup procedures
• Compliance with all applicable regulations in your jurisdiction

8. Intellectual Property

8.1 Certivo's IP

The Service, including all software, designs, text, graphics, and other content, is owned by Certivo and protected by intellectual property laws. You receive a limited, non-exclusive, non-transferable license to use the Service.

8.2 Feedback

Any feedback, suggestions, or ideas you provide about the Service become the property of Certivo, and we may use them without compensation or attribution.

9. Warranties and Disclaimers

9.1 Service Availability

We strive for 99.9% uptime but do not guarantee uninterrupted access. The Service is provided "AS IS" and "AS AVAILABLE" without warranties of any kind.

9.2 Disclaimer of Warranties

TO THE MAXIMUM EXTENT PERMITTED BY LAW, CERTIVO DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WE DO NOT WARRANT THAT THE SERVICE WILL BE ERROR-FREE OR THAT DEFECTS WILL BE CORRECTED.

10. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, CERTIVO SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS OR REVENUES, WHETHER INCURRED DIRECTLY OR INDIRECTLY, OR ANY LOSS OF DATA, USE, GOODWILL, OR OTHER INTANGIBLE LOSSES.

OUR TOTAL LIABILITY SHALL NOT EXCEED THE AMOUNT YOU PAID US IN THE 12 MONTHS PRECEDING THE CLAIM OR $100, WHICHEVER IS GREATER.

11. Indemnification

You agree to indemnify and hold harmless Certivo, its affiliates, and their respective officers, directors, employees, and agents from any claims, losses, damages, liabilities, and expenses (including legal fees) arising from:

• Your use of the Service
• Your violation of these Terms
• Your violation of any applicable laws or regulations
• Your Data or any content you upload
• Your infringement of any third-party rights

12. Term and Termination

12.1 Term

These Terms remain in effect while you use the Service. Paid subscriptions continue until canceled.

12.2 Cancellation

You may cancel your subscription at any time through your account settings. Cancellations take effect at the end of the current billing period. No refunds for partial months.

12.3 Termination by Certivo

We may suspend or terminate your account if:

• You violate these Terms
• Your payment fails after notice
• We are required to do so by law
• Continuing to provide the Service creates a security risk or liability

12.4 Effect of Termination

Upon termination:

• Your access to the Service will cease
• You have 60 days to export Your Data
• After 60 days, we may permanently delete Your Data (except as required by law for paid accounts)
• Outstanding fees remain due and payable

13. Privacy

Our Privacy Policy (available at certivo.io/privacy) describes how we collect, use, and protect your personal information. By using the Service, you consent to our privacy practices.

14. Changes to Terms

We may modify these Terms at any time. Changes will be effective upon posting to our website. Material changes will be communicated via email or in-app notification at least 30 days before taking effect. Continued use of the Service after changes constitutes acceptance.

15. Governing Law and Dispute Resolution

15.1 Governing Law

These Terms are governed by the laws of the State of Delaware, United States, without regard to conflict of law provisions.

15.2 Arbitration

Any dispute arising from these Terms shall be resolved through binding arbitration in accordance with the American Arbitration Association's rules, except that either party may seek injunctive relief in court to protect intellectual property rights.

15.3 Class Action Waiver

YOU AGREE THAT DISPUTES WILL BE RESOLVED ON AN INDIVIDUAL BASIS ONLY, AND NOT AS A CLASS ACTION OR OTHER REPRESENTATIVE PROCEEDING.

16. Miscellaneous

16.1 Entire Agreement

These Terms, together with our Privacy Policy, constitute the entire agreement between you and Certivo regarding the Service.

16.2 Severability

If any provision is found unenforceable, the remaining provisions will remain in effect.

16.3 No Waiver

Failure to enforce any right or provision does not constitute a waiver of that right or provision.

16.4 Assignment

You may not assign these Terms without our prior written consent. We may assign these Terms in connection with a merger, acquisition, or sale of assets.

16.5 Force Majeure

We are not liable for delays or failures due to circumstances beyond our reasonable control (e.g., natural disasters, war, labor disputes, internet failures).

17. Contact Information

For questions about these Terms, contact us at: