Skip to content

PRIVACY POLicy

Master Wellness Services Agreement

This Master Wellness Services Agreement (collectively with its Exhibits and an applicable order form describing the provided services (“Order Form”) hereto, the “Agreement”) is made and entered into by and between the entity or person executing such Order Form (“Customer”) and Peerfit Inc. d/b/a FitOn Health, a Delaware corporation (“FitOn Health”). Customer and FitOn Health each are referred to individually as a “Party” and collectively as the “Parties.”

Background

Customer wishes for its employees and/or other designated individuals to receive fitness and wellness benefits offered under the FitOn Health program (the “Program”) via the FitOn Health platform (the “Platform”) as further specified in the Order Form, and FitOn Health wishes to provide such benefits subject to the terms of this Agreement. In consideration of the mutual promises contained herein, the receipt and sufficiency of which are hereby acknowledged, the Parties agree as follows:

1.  Services 

1.1. Provision of the Services. Subject to Customer’s full compliance with the terms and conditions of this Agreement, including the Order Form, the FitOn Health Privacy Policy (available at fitonhealth.com/privacy) and the Security Terms attached as Exhibit A, FitOn Health will during the term of the Agreement provide access to services under the Program (the “Services”) to Customer and its employees or other personnel (“Eligible Members”), each as further specified in the Order Form.

1.2 Eligibility. Unless provided otherwise in the Order Form, Customer will provide FitOn Health with either:  (i) an email domain to validate Eligible Members, or (ii) identifying information (such as first name, last name, email address, birthday and/or employee ID number) for each Eligible Member. Customer is responsible for updating the list of Eligible Members to: (x) identify new individuals eligible to participate in the Program, or (y) who no longer are eligible to participate in the Program. The total number of Eligible Members under any Order Form at any time may not be reduced more than thirty percent (30%) of the Eligible Member Range without the prior written consent of FitOn Health.

1.3. Admin Console. During the term of this Agreement, FitOn Health will provide to Customer access to a console and related tools to manage Customer’s and Eligible Members’ use of the Services (the “Admin Console”). Customer shall specify one or more administrators who will have access to the Admin Console and to manage the Services for Customer (“Administrators”).

1.4 Reports. FitOn Health will provide to Customer, solely for Customer’s internal business purposes, reports of Customer’s and Eligible Members’ use of the Services (“Reports”).

1.5 Professional Services. If the Order Form specifies the Services as including any installation, implementation, or customization of the Services, or any coaching (including fitness or wellness coaching), consulting and other professional services ( “Professional Services”), then FitOn Health shall perform such Professional Services per any schedule and consistent with the Professional Services Fee as specified in the Order Form. Unless otherwise specified in the Order Form, FitOn Health shall provide no Professional Services to Customer or any Eligible Member under this Agreement.

1.6 Operation. FitOn Health will reasonably operate, monitor, and maintain the Service for consistent performance, as well as identify and provide corrective action in the event of disruption of the Service.

1.7 Promotion. FitOn Health will provide support for the Program, including information, assistance, implementation and rollout of the Program to Eligible Members. Such support may include: events, printed flyers to be distributed by Customer, email campaigns, and targeted online advertising. Client agrees to provide FitOn Health with reasonable assistance and access to its Eligible Members for the purposes of providing such support, and for educating and encouraging engagement in the Program.

2.  Payment 

2.1. Fees. Customer agrees to pay to FitOn Health all costs, fees, expenses, and other charges as specified in the Order Form (collectively, “Fees”). Accrued Fee obligations are non-cancelable, and Fees paid are non-refundable.

2.2 Invoices. Customer will pay FitOn Health all Fees within thirty (30) days of the date of an invoice for such Fees issued by FitOn Health.

2.3. Late Payment. Any Fees or other amount due to FitOn Health under this Agreement that remains unpaid after its due date will accrue interest at a rate of the lower of: (i) 1.5% per month or (ii) the maximum rate permitted by law, to be calculated from the date such amount was due until the date full payment is received. Customer shall pay to FitOn Health all accrued interest and all costs and expenses of collection (including attorneys’ fees) incurred by FitOn Health for collecting any such past due amounts. FitOn Health may suspend Customers’ and its Eligible Members’ access to the Services upon thirty (30) days’ written notice if Customer fails to make any payment of Fees and other amounts due to FitOn Health. Such Fees will continue to accrue during any such suspension.

2.4 Taxes. Fees due under this Agreement are payable to FitOn Health without deduction for any tax, tariff, duty, or assessment imposed by any government authority (national, state, provincial, or local), including without limitation any sales, use, excise, ad valorem, property, withholding, or value-added tax, whether or not withheld at the source (collectively, “Sales Tax”). Except as forbidden by Applicable Law (as defined below), FitOn Health may require that Customer submit applicable Sales Tax to FitOn Health. FitOn Health’s failure to include any applicable tax in an invoice will not waive or dismiss its rights or obligations pursuant to this Section 2.4. If applicable law requires withholding or deduction of Sales Tax or any other tax or duty, Customer shall separately pay FitOn Health the withheld or deducted amount, over and above Fees due. For the avoidance of doubt, this Section 2.4 does not govern taxes based on FitOn Health’s net income.

3.  Customer's Further Obligations 

3.1 Assistance. Customer will reasonably assist FitOn Health in marketing the Services to Eligible Members, with the goal of increasing use of the Services by such Eligible Members. Customer may not make any representations or warranties concerning the Services or its potential benefits or value, except solely as set forth in program or marketing materials provided by FitOn Health to Customer.

3.2 Access. Customer will only permit the number and type of Eligible Members authorized under the Order Form to access or use the Services. Customer agrees to limit access to and use of the Admin Console solely to Administrators. Customer shall promptly revoke and terminate access to the Services and/or Admin Console for any person who ceases to be employed by Customer or otherwise is no longer authorized under the Order Form. Customer shall monitor such access to the Services to ensure that only authorized personnel have and retain such access. Customer shall use commercially reasonable efforts to protect all usernames and passwords (“Account Information”) from any unauthorized access or use and shall be responsible for all uses of Account Information. Customer shall notify FitOn Health immediately of any known or suspected unauthorized use of Account Information or access to the Services, and shall assist FitOn Health in any efforts to end or prevent such unauthorized use or access. FitOn Health shall not be responsible for Customer’s internal management or administration of the Services to Eligible Members or the Admin Console to Administrators.

3.3 Compliance. Customer shall be responsible for each Eligible Members’ compliance with the FitOn Health Terms of Use at fitonhealth.com/terms in such Eligible Members’ use of and access to the Services.

4.  Intellectual Property; Feedback 

4.1. FitOn Intellectual Property. FitOn Health shall retain all right, title, and interest in and to all intellectual property and proprietary rights relating to the Program, the Platform and the Services, including limitation, all patent rights, copyright rights, mask work rights, trademark rights, trade secret rights, sui generis database rights, industrial design rights and all other intellectual property, industrial property and proprietary rights of any kind recognized anywhere in the world, now or in the future (collectively, “FitOn Health IP”). FitOn Health further retains and will retain all rights in and to all works of authorship or data provided to Customer under this Agreement. This Agreement does not grant to Customer or any Eligible Member any intellectual property license or proprietary rights in or to the Program, the Platform or the Services, except solely to the extent that such rights are necessary for Customer’s or Eligible Members’ use of the Platform and the Services as specifically authorized by this Agreement, including the Order Form. All rights in FitOn Health IP not expressly granted to Customer in this Agreement are retained by FitOn Health. Any software, materials, deliverables or works prepared, delivered or otherwise made available by FitOn Health or any employee or independent contractor of FitOn Health Pursuant to the Services or access to the Platform shall be the sole and exclusive property of FitOn Health and shall not be considered works made for hire. To the extent any ownership interest arises for the benefit of Customer as a matter of law in or to the materials or works prepared by FitOn Health, Customer hereby assigns to FitOn Health as its sole and exclusive property all right, title, and interest in and to such materials and works.

4.2. Feedback. FitOn Health has not agreed to and does not agree to treat as Confidential Information (as defined below) any Feedback (as defined below) that Customer or Eligible Members provide to FitOn Health in any form, and nothing in this Agreement or in the Parties’ dealings arising out of or related to this Agreement will restrict FitOn Health’s right to use, profit from, disclose, publish, keep secret, or otherwise exploit Feedback, without compensating or crediting Customer. “Feedback” means any suggestions, ideas, enhancement requests, feedback, or recommendations that Customer provides to FitOn Health, including without limitation with respect to the Services. Customer hereby grants to FitOn Health a nonexclusive, worldwide, perpetual, irrevocable, transferable, sublicensable, royalty-free, fully-paid-up license to use, practice, disclose, and otherwise exploit any Feedback.

5.  Customer Materials and Data 

5.1. Customer Materials. For the avoidance of doubt, FitOn Health specifically acknowledges that its ownership interest does not extend to any Customer Confidential Information or to any trademarks, logos, information, and other materials provided or identified by Customer to FitOn Health (together, the “Customer Materials”). Customer authorizes FitOn Health to use the Customer Materials solely to provide the Program during the Term. FitOn Health specifically acknowledges and agrees that all right, title, interest and ownership in and to any Customer Materials remains solely with Customer.

5.2 Customer Data. Customer shall retain all ownership in any data provided to FitOn Health by Customer or Administrators (“Customer Data”). Customer agrees to grant and hereby grants to FitOn Health a non-exclusive, royalty-free, sublicensable, fully-paid-up license during the term of the Agreement to: (i) use Customer Data to perform FitOn Health’s obligations to Customer and Eligible Members under this Agreement; and (ii) aggregate and de-identify Customer Data in such a manner that neither Customer nor any individual can be identified from such Customer Data (such resulting data, “Aggregated Data”) solely for providing, developing, improving, or reporting on the Platform or the Services. Customer agrees to grant and hereby grants to FitOn Health a non-exclusive, royalty-free, perpetual, irrevocable, transferable license to use, reproduce, distribute, publicly display, publicly perform, and create derivative works of the Aggregated Data for FitOn Health’s business purposes.

6.  Term and Termination 

6.1. Term. The term of this Agreement including the Order Form shall commence on the Effective Date and continue for an initial period of twelve (12) months (the “Initial Term”), unless earlier terminated as set forth herein. At the end of the Initial Term, this Agreement will automatically renew for an additional twelve (12)-month term (each a “Renewal Term”), and will continue to automatically renew for subsequent Renewal Terms, unless either Party gives the other Party written notice of its intent not to renew this Agreement at least one (1) month prior to the end of such Initial Term or Renewal Term. Any changes to the terms of the Order Form to take effect during a Renewal Term must be mutually agreed upon in writing at least one (1) month prior to such renewal.

6.2. Termination. Either Party may terminate this Agreement including any Order Form hereunder for cause if the other Party materially breaches the Agreement and such breach is incapable of cure or if curable, such Party does not cure such breach within thirty (30) calendar days of receipt of written notice from the non-breaching Party describing such breach. Either may immediately terminate this Agreement upon written notice to the other Party in the event that: (i) the other Party becomes insolvent, enters into receivership, is the subject of a voluntary or involuntary bankruptcy proceeding or makes an assignment for the benefit of creditors; or (ii) a substantial part of the other Party’s property becomes subject to any levy, seizure, assignment or sale for or by any creditor or government agency.

6.3. Effects of Termination. Upon termination or expiration due to nonrenewal of this Agreement, the Services and all of Customer’s rights under this Agreement will immediately terminate, and Customer will pay all outstanding amounts due to FitOn Health. Termination or expiration will not relieve either Party of obligations accrued prior to the date of such termination or expiration. The following Sections survive the expiration or termination of this Agreement:  2, 4, 5, 6.3, 7, 8, 9, 10, 11 and 12.

7.  Confidential Information 

7.1. Definition. “Confidential Information” means all non-public information of provided by Party (the “Disclosing Party”) to the other Party (the “Receiving Party”), whether oral, electronic, visual, or in writing, and whether or not marked confidential, including, but not limited to, information relating to the Disclosing Party’s business (including its pricing, assets, operations and finances), prospective business opportunities, technical and non-technical information, and any patent, copyright, trade secret, trademark and other proprietary information related to the current, future, or proposed products or services of the Disclosing Party. Confidential Information also includes, without limitation, information concerning research, experimental work, development, financial information, vendors, customer information, customer lists, procurement requirements, pricing information, business forecasts, sales and merchandising and marketing plans and information related to the current, future, and proposed products and services of the Disclosing Party. Confidential Information shall not include information that the Receiving Party can demonstrate: (i) at the time of disclosure hereunder is generally available to the public; (ii) after disclosure hereunder, becomes generally available to the public without breach of this Agreement by the Receiving Party; (iii) was disclosed to the Receiving Party by a third party that had the unrestricted right to disclose such information; or (iv) is or has been developed by the Receiving Party (as evidenced by the Receiving Party’s contemporaneously maintained written records) independently of the disclosures by the Disclosing Party.

7.2. Restrictions on Confidential Information. The Receiving Party will use or disclose the Disclosing Party’s Confidential Information solely as necessary to exercise its rights and fulfill its obligations under this Agreement. The Receiving Party will take all necessary precautions to reasonably protect the Disclosing Party’s Confidential Information from disclosed to any person other than the Receiving Party’s employees, affiliates, contractors, agents, or professional advisors who need to know the Confidential Information for the Receiving Party to exercise its rights and fulfill its obligations under this Agreement and who are under a written or professional obligation to abide by these confidentiality obligations.

7.3. Mandated Disclosure. The Receiving Party’s disclosure of Confidential Information pursuant to law or a judicial or administrative order will not be deemed to be a breach of this Agreement, if it (i) provides timely written notice of such disclosure requirement to the Disclosing Party as permitted under Applicable Law), and (ii) reasonably cooperates, at the Disclosing Party’s expense, with the Disclosing Party’s efforts to limit the scope of such disclosure.

7.4.  Equitable Relief. Recipient acknowledges that any unauthorized disclosure or use of Confidential Information will constitute a material breach of this Agreement and cause substantial harm to the Disclosing Party for which damages may not be a fully adequate remedy.  In the event of any such breach, in addition to all other available remedies, the Disclosing Party shall have the right to seek to obtain equitable relief, including an injunction and specific performance (without being required to post a bond or other form of security).

8.  Warranty; Disclaimer; No Medical Use 

8.1. Warranty. Each Party represents and warrants that: (i) it has the right to enter into and fully perform its obligations under this Agreement and to grant the rights granted to the other Party hereunder; (ii) the person signing this Agreement on its behalf has the authority to do so; (iii) it will not improperly use, disclose or induce the other Party to use any proprietary information or trade secrets of any third party with which it has an obligation to keep in confidence; (iv) its performance of this Agreement will not breach any agreement to keep in confidence any proprietary information acquired by it from any third party; and (v) will comply with all laws and regulations, orders, and ordinances, applicable to such Party, including privacy laws and regulations governing such Party and its data privacy practices (“Applicable Law”). FitOn Health further represents and warrants to Customer that any and all information it will provide to Customer pursuant to the Services other than Confidential Information may be divulged and freely used by Customer, without any obligation to any third party, or violation of any right of any third party, and without violation of any law or obligation to pay any royalty, fee, or charge. Customer further represents and warrants that it has complied with Applicable Law in connection with its processing of the Customer Data and has provided all notices, and obtained all rights and permissions required under Applicable Law as may be necessary for FitOn Health to receive and process Customer Data and provide the Services. 

8.2. Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN THIS AGREEMENT, THE SERVICES AND ANY OTHER INFORMATION (INCLUDING THE REPORTS) ARE PROVIDED BY FITON HEALTH “AS IS” AND ON AN “AS AVAILABLE” BASIS WITHOUT WARRANTY OF ANY KIND; AND, FITON HEALTH EXPRESSLY DISCLAIMS ALL OTHER WARRANTIES, EXPRESS, IMPLIED (EITHER IN FACT OR BY OPERATION OF LAW), OR STATUTORY, AS TO ANY MATTER WHATSOEVER (INCLUDING WITH RESPECT TO THE USE OF, OR THE RESULTS FROM THE USE OF, THE SERVICES), INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE, NON-INFRINGEMENT, FITNESS FOR A PARTICULAR PURPOSE OR USE, WARRANTIES IMPLIED FROM A COURSE OF DEALING OR COURSE OF PERFORMANCE OR USAGE OF TRADE, OR THAT THE SERVICES AND ANY OTHER INFORMATION PROVIDED BY FITON HEALTH ARE OR WILL BE SECURE, ERROR-FREE, OR UNINTERRUPTED. CUSTOMER HAS NO RIGHT TO MAKE OR PASS ON ANY REPRESENTATION OR WARRANTY ON BEHALF OF FITON HEALTH TO ANY PERSON.

8.3. No Medical Use. THE PLATFORM AND SERVICES DO NOT PROVIDE OR ASSIST IN PROVIDING ANY MEDICAL DIAGNOSIS, NOR PROVIDE MEDICAL OR HEALTH CARE OR CLINICAL TREATMENT, NOR PRESCRIBE OR ASSIST IN PRESCRIBING ANY MEDICATIONS AND SHOULD IN NO WAY BE CONSIDERED A SUBSTITUTE FOR MEDICAL OR CLINICAL ADVICE OR ACTION TO CURE, TREAT, OR PREVENT DISEASES OR CONDITIONS OF ANY NATURE. CUSTOMER OR ANY ELIGIBLE MEMBER WILL NOT USE THE PLATFORM OR SERVICES IN OR FOR THE TREATMENT OR MANAGEMENT OF ANY DISEASE OR OTHER HEALTH OR MEDICAL CONDITIONS.

9.  Limitation of Liability 

9.1. Exclusion of Consequential and Related Damages; Cap on Monetary Damages. EXCEPT FOR A PARTY’S INDEMNIFICATION OBLIGATIONS, PAYMENT OBLIGATIONS, DAMAGES ARISING FROM THE UNAUTHORIZED USE OF THE OTHER’S INTELLECTUAL PROPERTY, A BREACH OF CONFIDENTIALITY UNDER SECTION 7, GROSS NEGLIGENCE, OR WILLFUL MISCONDUCT, TO THE EXTENT PERMITTED BY APPLICABLE LAW, EVEN IF SUCH DAMAGES COULD HAVE BEEN FORESEEN OR IF A PARTY HAS BEEN APPRAISED OF THE POSSIBILITY OF SUCH DAMAGES, AND REGARDLESS OF WHETHER SUCH DAMAGES ARE ARISING IN CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, BREACH OF ANY STATUTORY DUTY OR OTHERWISE, IN NO EVENT WILL: (A) EITHER PARTY BE LIABLE FOR DAMAGES FOR LOSS OF PROFIT OR REVENUE, DATA THAT IS LOST OR CORRUPTED, LOSS OF GOODWILL, OR ANY OTHER SPECIAL, INCIDENTAL, INDIRECT, PUNITIVE OR CONSEQUENTIAL DAMAGES; AND, (B) EACH PARTY’S TOTAL AND CUMULATIVE LIABILITY, FOR ALL CLAIMS ARISING OUT OF THIS AGREEMENT EXCEED THE TOTAL FEES PAID BY CUSTOMER IN THE TWELVE (12) MONTHS IMMEDIATELY PROCEEDING THE OCCURRENCE OF THE FIRST EVENT GIVING RISE TO A CLAIM UNDER THIS AGREEMENT. NOTWITHSTANDING THE FOREGOING 9.1(B), IN THE EVENT OF BREACH BY A PARTY OF ITS OBLIGATIONS WITH RESPECT TO CONSUMER DATA, PRIVACY, PERSONAL INFORMATION PROTECTION, OR THE SECURITY TERMS TO THIS AGREEMENT, EACH PARTY’S TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED TWO MILLION DOLLARS ($2,000,000), WHICH AMOUNT IS SPECIFICALLY ACKNOWLEDGED BY THE PARTIES TO REPRESENT A REASONABLE ESTIMATION OF POTENTIAL DAMAGES FROM SUCH BREACHES.

9.2. Independent Allocation of the Risk. EACH PROVISION OF THIS AGREEMENT THAT
PROVIDES FOR A LIMITATION OF LIABILITY, DISCLAIMER OF WARRANTIES, OR EXCLUSION OF DAMAGES IS TO ALLOCATE THE RISKS OF THIS AGREEMENT BETWEEN THE PARTIES. THIS ALLOCATION IS REFLECTED IN THE AGREED-UPON COMPENSATION AND IS AN ESSENTIAL ELEMENT OF THE BASIS OF THE BARGAIN BETWEEN THE PARTIES.

10.  Indemnification 

10.1. By FitOn Health. FitOn Health shall indemnify, defend and hold harmless Customer and its directors, officers and employees from and against any and all liabilities resulting from any third-party claim, suit, action, judgment or other proceeding (“Claim”), arising from: (i) any breach by FitOn Health of its representations, warranties and obligations herein; (ii) any allegation that the Platform or the Services violate the valid U.S. intellectual property rights of any third party, provided that such claim does not arise from the use of or combination of the Services with any materials or services not provided by FitOn Health; or (iii) FitOn Health’s gross negligence, fraud, or willful misconduct.

10.2. By Customer. Customer shall indemnify, defend, and hold harmless FitOn Health and its directors, officers and employees from and against any and all liabilities resulting from any Claim arising from:  (i) any breach by Customer of its representations, warranties and obligations herein; (ii) breach by any Eligible Member of the FitOn Health Terms of Use; (iii) any allegation of infringement of the intellectual property rights of any third party arising from the use of or combination of the Platform or the Services with any materials or services not provided by FitOn Health; (iv) any allegation that the Customer Data or other content or information provided to FitOn Health by Customer infringes, misappropriates or violates the rights of any third party or violates Applicable Law; (iv) the classification of Customer’s wellness benefits provided under this Agreement as a workplace wellness program or compliance of such benefits with the Patient Protection and Affordable Care Act, ERISA, COBRA, the Age Discrimination in Employment Act, the Americans with Disabilities Act, Title VII, the Fair Labor Standards Act, state or federal tax laws, state nondiscrimination laws, or rules or regulations pertaining to cafeteria plans. or (vi) Customers’ gross negligence, fraud, or willful misconduct.

10.3. Indemnity Obligations. The indemnifying Party’s obligations under this Section 10 are conditioned upon the indemnified Party:  (i) promptly notifying the indemnifying Party in writing of the Claim sufficient to avoid prejudicing the indemnifying Party; (ii) granting the indemnifying Party sole control of the defense and settlement of the Claim, provided that any such settlement does not bind the indemnified Party to pay any monetary amounts or make any admission; and (iii) providing the indemnifying Party, at the indemnifying Party’s expense, with all assistance, information and authority reasonably required for the defense and settlement of the Claim.

11.  Terms Applicable To Services Including Provision of Credits 

11.1 Definitions.

Credit Allowance” means the number of Credits an Enrolled User can use per month pursuant to a Member Subscription (as defined below). 

Credit Usage” means the number of total Credits used by all Eligible Members in each month.

Credits” means the denomination of FitOn Health’s monthly flexible wellness currency, an allowance of which Enrolled Users (as defined below) may spend to receive Services from third-party wellness solutions providers through the Program.

Eligible Member Range” means the highest total of Eligible Members under this Agreement at any time during the prior 12 calendar months. 

 “Enrolled User” means any Eligible Member who enrolls in a Member Subscription (as defined below) by creating an account through the FitOn Health Platform.

Member Subscription” means any Enrolled User’s monthly subscription for an allowance of Credits to be used each month provided pursuant to this Agreement.

Monthly Fee” means a Fee calculated based upon the number of Eligible Members during the relevant month and the PEPM as specified in such Order Form.

Monthly Minimum Fee” means the minimum Fee as specified in an applicable Order Form to be paid by Customer each month, regardless of the amount of Credit Usage or number of Eligible Members in each such month.

 “Per Eligible Member Per Month” or “PEPM” means the amount paid each month for each Eligible Member in an amount as specified in an applicable Order Form.

11.2. Fee Adjustment. FitOn Health may adjust the PEPM amount specified in an Order Form upon written notice to Customer prior to the effective date of any such adjustment if, in FitOn Health’s sole judgment and discretion, the number of Eligible Members changes to qualify Customer for a different pricing tier.  

11.3. Enrollment. Eligible Members will be required to create an account through the Platform to become an Enrolled User and to receive access to their Member Subscription. Enrolled Users must agree to the FitOn Health Terms of Use and Privacy Policy prior to receiving such access. Each Enrolled User will be responsible for maintaining the confidentiality of their account login information and for all activity associated with their account.

11.4. Eligible Members. Customer is responsible for updating the list of Eligible Members to: (i) add new individuals eligible to participate in the Program, and (ii) removing former Eligible Members no longer eligible to participate in the Program. Customer shall be liable for any Member Subscription for any Enrolled User who is no longer an Eligible Member, unless and until Customer provides notice to FitOn Health of such Enrolled User’s changed status in writing.

11.5. Monthly Credit Allowance. Each Enrolled User may, subject to their compliance with the terms and conditions of the Platform, use Credits in an amount up to the Credit Allowance agreed to between FitOn Health and Customer in an applicable Order Form. Such Credit Allowance may be changed from time to time through the mutual written agreement of the Parties.

11.6. Credit Redemption. Enrolled Users may use Credits provided in an applicable Order Form to purchase wellness experiences from wellness partners participating in the Platform according to the price per experience listed on the Platform as denominated in such Credits. Credits are refundable only in accordance with the cancellation policy listed at fitonhealth.com.

11.7. Member Subscription Cancellation. An Enrolled User may cancel their Member Subscription at any time by providing notice to FitOn Health through the Platform. At such time, the Enrolled User will be ineligible to participate in the Program unless they re-enroll. Customer may cancel an Enrolled User’s Member Subscription at any time by updating the eligibility file provided to FitOn Health through the Platform. Cancellation of a Member Subscription will take effect at the end of such calendar month in which FitOn Health receives such notice of the former Eligible User’s ineligibility from the Customer, and the Enrolled User may use any Credits remaining unused in their Credit Allowance by the end of such calendar month. Customer is responsible for notifying FitOn Health of the termination of any Enrolled User via the eligibility file, and will be responsible for any Member Subscriptions still active at the beginning of a calendar month before Customer provides such notice.

11.8. Term-End Procedures. Beginning on the first day of the month following termination of an Order Form or this Agreement, all Member Subscriptions will terminate. Enrolled Users shall retain the right to use their Credit Allowance for the month during the final month of their Member Subscriptions. Upon termination of this Agreement, Customer will promptly pay all outstanding amounts for Member Subscriptions.

12.  General

12.1. Independent Contractors. This Agreement does not constitute either Party as a partner, joint ventures, employee, agent, or legal representative of the other for any purpose whatsoever.  Neither Party is granted, nor shall it represent that it has been granted, any right or authority to assume or create any obligation or responsibility, express or implied, on behalf of, or in the name of, the other Party, to incur debts or make collections for the other Party or to bind the other Party in any manner whatsoever; it being the intent of the Parties to create the relationship on the part of the other Party of an independent contractor, for whose actions or failure to act, a Party shall not be responsible.

12.2. Assignment. Customer may not assign this Agreement without the written consent of FitOn Health, and any purported assignment without such consent shall be null and void, except that Customer may, without the consent of FitOn Health, assign this Agreement to a successor to all or substantially all of its business that pertains to this Agreement, whether by merger, acquisition, operation of law, sale, or otherwise. Subject to the foregoing, this Agreement will be binding upon and inure to the benefit of the Parties and their successors and permitted assigns.

12.3. Notices. All notices to each Party under this Agreement shall be in writing to the addresses provided for each in any applicable Order Form. Such notices will be effective upon delivery: (i) if via email, to the email address specified below with non-automated notice of receipt, or (ii) if via hard copy, if delivered in person or sent by registered or certified mail, postage prepaid, or by commercial overnight courier with tracking capabilities. Either Party may change its address for receipt of notices by providing notice to the other Party in accordance with this Section 12.3.

12.4. Force Majeure. Excluding any delay in payment of Fees, neither Party will be liable or in breach of this Agreement for any failure or delay in fulfilling or performing any obligation hereunder to the extent such failure or delay is caused by or results from acts or circumstances beyond the reasonable control of such Party including, without limitation, any act of God, flood, fire, storm, earthquake, explosion, governmental action, war, invasion or hostilities (whether war is declared or not), sabotage, terrorist threats or acts, riot, or other civil unrest, national emergency, revolution, insurrection, epidemic, pandemic, quarantine, lock-out, accident, explosion, strike or other labor disputes (whether or not relating to either Party’s workforce), failure or delay of AWS, Oracle Cloud, Google Cloud, Microsoft Azure or other technology service provider, or restraints or delays affecting carriers or inability or delay in obtaining supplies of adequate or suitable materials, materials or telecommunication breakdown or power outage.

12.5. Governing Law. This Agreement shall be deemed to have been made and executed in the State of Delaware and any dispute arising hereunder shall be resolved in accordance with the laws of the United States and the State of Delaware. 

12.6. Dispute Resolution. Any dispute arising under or relating in any way to this Agreement or the breach, termination, enforcement, interpretation or validity thereof, including the determination of the scope or applicability of this agreement to arbitrate, will be resolved exclusively by final and binding arbitration in Wilmington, Delaware before a single arbitrator in English pursuant to the Delaware Rapid Arbitration Rules, except that either Party may bring a claim related to its intellectual property rights or enforce the confidentiality obligations of this Agreement, or seek temporary and preliminary specific performance or injunctive relief, in a court of competent jurisdiction in the state and federal courts located in Los Angeles County, California, without the posting of bond or other security. The non-prevailing Party in any arbitration action or lawsuit arising from or relating to this Agreement will pay the prevailing Party’s reasonable attorneys’ fees, court costs and expenses. In the event of a dispute related to the accuracy of an invoice (“Billing Dispute”), Customer will promptly, but in no event later than thirty (30) days following the date of such invoice, notify FitOn Health in writing of the nature of the Billing Dispute. If no such notice is timely received the invoice is deemed accepted by Customer. While the Parties work to resolve the Billing Dispute, this Agreement will remain in full force and effect, unless otherwise terminated pursuant to this Agreement. Upon resolution of the Billing Dispute, Customer shall promptly pay any undisputed Fees to FitOn Health.

12.7. Remedies Cumulative. Except as explicitly provided, the remedies provided to the Parties under this Agreement are cumulative and will not exclude any other remedies to which a Party may be lawfully entitled.

12.8. Severability. Each provision of this Agreement is separate and distinct and severable from all other provisions. If any provision (or any part thereof) is unenforceable under or prohibited by any present or future law, then such provision (or part thereof) will be amended, and is hereby amended, so as to comply such law, while preserving to the maximum extent possible the intent of the original provision. Any provision (or part thereof) that cannot be so amended will be severed from this Agreement; and, all remaining provisions of this Agreement will remain unimpaired.

12.9. No Third-Party Beneficiaries. Nothing set forth in this Agreement is intended to or will be construed to confer any rights or remedies upon any person that is not a Party to this Agreement, including without limitation Eligible Members.

12.10. Publicity. Neither Party will issue any press releases or make any social media posts referencing the other Party except with the prior written permission of the other Party or as required by Applicable Law. Without limiting the foregoing, FitOn Health may use Customer’s name, logo, or marks for the purpose of marketing the Services to Eligible Members without further approval.

12.11. Amendment and Waiver. No modification, amendment, or waiver of any provision of this Agreement will be effective unless it exists in writing and is signed by the Party against whom the
modification, amendment, or waiver is to be asserted. The delay or failure of a Party at any time to require performance of any obligations of the other Party will not be deemed to be a waiver and will not affect its right to enforce any provision of this Agreement at a subsequent time. One waiver will not imply or be construed to be a waiver of any future breach.

12.12. Entire Agreement. This Agreement including its Exhibits as attached or referenced, as well as any Order Form hereunder constitutes the complete and exclusive statement of all mutual understandings between FitOn Health and Customer with respect to the subject matter hereof, superseding all prior or contemporaneous proposals, communications, and understandings, oral or written. Nothing contained in any purchase order, acknowledgment or invoice will in any way modify or add to the terms or conditions of this Agreement.

Exhibit A - Security Terms 

1.  Organizational Security 

FitOn Health is dedicated to providing a state-of-the-art security program to ensure customers have the highest confidence in the custodianship of their data.

2.  Personnel Security 

FitOn Health’s personnel practices apply to all members of its workforce (“Workers”), including regular employees and independent contractors, who have direct access to FitOn Health’s internal information systems (“Systems”) and/or unescorted access to FitOn Health’s premises. All Workers are required to understand and follow internal policies and standards.

Before receiving initial access to Systems, all Workers must agree to confidentiality terms, pass a background screening, and attend security training. This training covers privacy, security, and data protection topics, including device security, acceptable use, preventing malware, physical security, data privacy, account management, and incident reporting.

Upon a Worker’s termination from FitOn Health, all of that Worker’s access to Systems is removed immediately. FitOn Health enforces Single Sign On to various Systems where applicable, and access to Single Sign On is revoked upon Worker termination. FitOn Health also maintains a record of Workers with the level of access to Systems and the roles assigned to each Worker; this record is audited for accuracy upon a Worker's termination.

3.  Policies and Procedures 

FitOn Health maintains a set of policies, standards, procedures and guidelines (“Security Documents”) that provide the FitOn Health workforce with instructions and rules for operating FitOn Health’s information security management system (ISMS). These security documents help ensure that Customers can rely on Workers to behave ethically and the Platform operates securely. Security documents include, but are not limited to:

  • Fair, ethical, and legal standards of business conduct
  • Acceptable uses of information systems
  • Classification, labeling, and handling rules for all types of information assets
  • Practices for worker identification, authentication, and authorization for access to system data
  • Secure development, acquisition, configuration, and maintenance of systems
  • Workforce requirements for transitions, training, and compliance with ISMS policies
  • Use of encryption
  • Description, schedule, and requirements for retention of security records
  • Planning for business continuity and disaster recovery
  • Classification and management of security incidents
  • Control of changes

4.  Secured by Design 

FitOn Health assesses the security risk of each software development project according to our Secure Development Lifecycle. Before completion of the design phase, the engineering team undertakes an assessment to qualify the security risk of the software changes introduced.

This risk analysis leverages the Open Web Application Security Project (OWASP) Top 10 to categorize every project as High, Medium, or Low risk. Based on this analysis, our engineering team creates a set of requirements that must be met before the resulting change may be released to production.

All code is checked into a version-controlled repository. Code changes are subject to peer review and continuous integration testing. Significant defects identified by this process are reviewed and followed to resolution by the engineering team.

5.  Controlling System Operations 

FitOn Health carefully controls all changes, and especially those to production systems. This includes any and all changes to hardware, software or applications. This also includes modifications, additions or changes to the LAN/WAN, network or server hardware and software.

Changes potentially impacting customer data are documented, tested, and approved before deployment. FitOn Health appoints on-call personnel to run health checks, network scans and vulnerability assessments after the change has taken place to ensure system integrity.

If a change or action affects service levels, such as scheduled maintenance or service upgrades, affected Customers are be notified prior to such scheduled change or action.

6.  File and Change Management 

FitOn Health maintains the configuration of its production servers by using a configuration management system (CMS) that runs frequently to check that only the authorized version is deployed.

7.  Audits, Compliance and 3rd Party Assessments 

FitOn Health has contracts with third parties to conduct external penetration test and vulnerability scans. Reports and findings are available upon request (subject to any applicable confidentiality terms and other conditions included in agreements with our Customers).

8. Audit & Log 

All access to FitOn Health’s internal systems is logged on the application and the infrastructure level. Information logged includes, without limitation, the following:

  • unique identifier (email, id) of user, if available
  • device used
  • timestamp
  • all commands directly initiated by the user
  • all identification and authentication attempts
  • files and resources accessed

In FitOn Health’s hosted environments, control of network devices is achieved by the hosting provider. For that reason, Intrusion Detection/Intrusion Prevention are performed using host-based controls. For example, FitOn Health logs, monitors, and audits system calls and has created alerts for system calls that indicate a potential intrusion. FitOn Health may, immediately upon notice to its customers, suspend access to any service, at its discretion for a threat to the technical security or technical integrity of any services provided to its customers or the FitOn Health platform.

9.  Penetration Testing 

FitOn Health conducts regular application-level internal penetration testing. Results of these tests are shared with FitOn Health’s management. FitOn Health’s engineering team reviews and prioritizes the reported findings and tracks them to resolution.

10.  Legal Compliance 

FitOn Health engages dedicated legal and compliance professionals with extensive expertise in data privacy and security. FitOn Health also has a business code of conduct that documents FitOn Health’s legal, ethical, and socially responsible choices and actions which are fundamental to our values and defines standards for meeting those goals.

11.  Protecting Customer Data 

The focus of FitOn Health’s security program is to prevent unauthorized access to customer data. To this end, we pride ourselves in taking exhaustive steps to identify and mitigate risks, implement best practices, and constantly evaluate ways to improve.

12.  Data and Encryption In Transit and At Rest 

FitOn Health transmits data over public networks using strong encryption. This includes data transmitted between FitOn Health clients and the FitOn Health service. FitOn Health supports the latest recommended secure cipher suites to encrypt all traffic in transit, including use of TLS 1.2 protocols, AES-256 encryption, and SHA2 signatures, as supported by the clients.

FitOn Health utilizes Microsoft Azure as its infrastructure and data storage. Data stored in FitOn Health’s production network is automatically encrypted using AES-256 compliant encryption standards. This applies to all types of data at rest within FitOn Health’s systems – relational databases, file stores, database backups, etc.

The FitOn Health Platform is hosted in data centers maintained by industry-leading service providers. Data center providers offer state-of-the-art physical protection for the servers and related infrastructure that comprise the operating environment for the FitOn Health service. These service providers are responsible for restricting physical access to FitOn Health’s Systems to authorized Workers.

13.  Authorizing Access

To minimize the risks posed to the privacy and security of data, FitOn Health adheres to the “principle of least privilege”, under which Workers are only authorized to access data that they reasonably must handle in order to fulfill their current job responsibilities. To ensure that Workers are so restricted, FitOn Health employs the following measures:

  • All systems used at FitOn Health require users to authenticate, and users are granted unique identifiers for that purpose.
  • FitOn Health employs 2-factor authentication (2FA) for Workers who have access to data and related services, to minimize the risk of unauthorized access or other breach.

14.  Data and Media Disposal

FitOn Health employs measures to ensure Customer data is securely deleted and disposed of. FitOn Health hard deletes all information from currently running production systems. Backups are destroyed regularly consistent with applicable law and regulation. FitOn Health follows industry standards and advanced techniques for data destruction. FitOn Health adheres to policies and standards requiring media be properly sanitized once it is no longer in use. FitOn Health’s hosting provider is responsible for ensuring removal of data from disks allocated to FitOn Health’s use before they are repurposed.