Terms of Service

Effective Date: May 5, 2026

1. DEFINITIONS

2. SERVICES AND ACCESS

2.1 Provision of Services. Subject to the terms of this Agreement, Reap will provide Customer and its Authorized Users access to the Services during the Term.

2.2 Usage Restrictions. Customer shall not, and shall not permit others to:

2.3 Customer Responsibilities. Customer is responsible for:

2.4 Nature of Services — No Healthcare Referrals.The Services constitute administrative, operational, and technology tools designed to support Customer's internal business operations. Nothing in this Agreement shall be construed to: (a) require Customer to refer, recommend, arrange for, or provide any items or services to any individual enrolled in a Federal Healthcare Program; (b) constitute a referral of patients or healthcare services by either party; (c) create a joint venture, partnership, or agency relationship between the parties for purposes of Applicable Healthcare Laws; or (d) require Customer to purchase, lease, order, or arrange for any items or services from Reap other than the Services specified in the Order Form. Customer acknowledges that its decision to use the Services is based on the Services' functionality and utility for Customer's internal operations and is not conditioned on, or in exchange for, any referral of business between the parties.

2.5 Service Modifications.Reap may from time to time modify, replace, or upgrade the Services, including the underlying AI models. Reap will provide Customer with at least thirty (30) days' written notice of any material adverse change to the Services' functionality, accuracy, or performance, except for changes required to comply with applicable law, address a material security risk, or in response to a model provider's deprecation. Reap will maintain a Service Changelog accessible to Customer. Where Reap deprecates a Service feature on which Customer materially relies, Reap will (a) provide at least ninety (90) days' prior written notice, (b) work with Customer in good faith to identify a replacement feature, and (c) if no acceptable replacement is available, allow Customer to terminate the affected Order Form on a pro-rata refund basis.

2.6 Preview Features.Reap may from time to time make features available on a beta, preview, early access, or experimental basis ("Preview Features"), which will be clearly identified as such in the Services. Notwithstanding any other provision of this Agreement:

3. FEES AND PAYMENT

3.1 Fees. Customers shall pay Reap the fees set forth in the applicable Order Form. Unless the Order Form expressly specifies monthly billing, all fees shall be calculated and invoiced on an annual basis. If monthly billing is specified in the Order Form, fees shall be invoiced monthly in advance at the applicable monthly rate stated therein.

3.2 Introductory Pricing.Reap may offer a discounted introductory pricing period ("Introductory Term") for a fixed duration (e.g., 30 or 90 days). The Introductory Term is available only to first-time customers and may not be combined with other offers. Upon expiration of the Introductory Term, pricing will automatically revert to Reap's then-current standard pricing for the selected modules unless otherwise agreed in writing.

3.3 Invoicing and Payment.Fees will be invoiced in advance and are due within thirty (30) days of the invoice date unless otherwise stated. All payments are non-refundable, except as expressly provided in Sections 4.10, 5.2, 5.4, and 10.9 of this Agreement. Late fees of 1.5% per month (or the maximum rate permitted by law, whichever is less) shall apply to any amounts not paid when due. Reap reserves the right to suspend access to the Services upon fifteen (15) days' written notice if amounts remain overdue, provided that Reap shall not suspend access if Customer has disputed the applicable invoice in good faith and the parties are actively working to resolve the dispute.

3.4 Automatic Billing. Customer agrees to automatic monthly billing via the credit card on file unless alternative payment arrangements are specified in the Order Form.

3.5 Taxes.All fees are exclusive of taxes, which shall be the responsibility of the customer, other than taxes on Reap's income.

3.6 Fair Market Value and Anti-Kickback Compliance.

The fees set forth in each Order Form have been negotiated at arm's length and represent fair market value for the Services provided, without regard to the volume or value of any referrals or other business between the parties or involving any Federal Healthcare Program. No fee, discount, rebate, or other remuneration paid or provided under this Agreement is intended to induce or reward the referral of patients, the purchase, lease, or ordering of any item or service reimbursable by a Federal Healthcare Program, or the recommending or arranging for the purchase, lease, or ordering of any such item or service.

Neither party shall knowingly offer, pay, solicit, or receive any remuneration, directly or indirectly, overtly or covertly, in cash or in kind, in exchange for or to induce the referral of an individual to a person for the furnishing of any item or service for which payment may be made in whole or in part under a Federal Healthcare Program.

The parties intend for this Agreement to comply with the Anti-Kickback Statute (42 U.S.C. § 1320a-7b) and all applicable state anti-kickback and fee-splitting statutes. To the extent this Agreement is found not to comply with any such law, the parties agree to negotiate in good faith to amend the applicable provisions to achieve compliance while preserving the economic intent of the arrangement to the maximum extent possible.

3.7 Pricing Independence and State Compliance.

Reap's pricing for the Services is determined independently for each Customer based on the scope of Services, number of facilities, usage volume, and other commercially relevant factors. Nothing in this Agreement grants Customer any right to pricing parity, most-favored-nation pricing, or equivalent pricing with any other customer of Reap. Fees may vary between customers and are treated as Confidential Information of Reap.

To the extent Customer operates in a state that imposes specific requirements on vendor pricing, cost reporting, or fee transparency in connection with facilities that participate in Medicaid or other state healthcare programs, Customer shall notify Reap of any such requirements applicable to this Agreement, and the parties shall cooperate in good faith to ensure compliance. Reap shall provide Customer with commercially reasonable documentation of fees upon written request to support Customer's regulatory reporting obligations, subject to appropriate confidentiality protections.

4. DATA RIGHTS AND PRIVACY

4.1 Customer Data Ownership. As between the parties, Customer owns all rights, title, and interest in Customer Data, including Inputs and Outputs.

4.2 License to Use Data. Customer grants Reap a non-exclusive, worldwide license to use Customer Data solely to provide and support the Services during the Term. Subject to Section 4.3, Customer further grants Reap a non-exclusive, worldwide, royalty-free license to use, reproduce, modify, and display Customer Data in an aggregated and de-identified form for product improvement, development, research, and benchmarking, subject to the following conditions:

4.3 No Training on Customer Data.Reap will not, and will not permit any Subprocessor to, train, fine-tune, or improve any artificial intelligence or machine learning model using Customer Data, Inputs, or Outputs in their identifiable form. Subprocessors that act as cloud storage or infrastructure providers do so only at Reap's direction and do not access Customer Data for any independent purpose. Customer may, at its option and in writing, separately authorize Reap to use de-identified data (meeting the conditions in Section 4.2) to develop, evaluate, and improve Reap's models. Customer may revoke such authorization at any time on thirty (30) days' written notice; revocation will apply prospectively only.

4.4 Output Ownership.As between the parties, Customer owns Outputs, including AI-Generated Outputs. To the extent Reap has any right, title, or interest in AI-Generated Outputs produced from Customer Inputs, Reap assigns all such right, title, and interest to Customer, subject to Reap's retained rights to use the underlying models, software, infrastructure, and de-identified or aggregated data as permitted by this Agreement. Customer acknowledges that AI-Generated Outputs are produced probabilistically and that similar Outputs may be generated for other Reap customers from similar Inputs; nothing in this Section grants Customer any exclusive rights to common, generic, or substantially-similar Outputs.

4.5 PHI and HIPAA Compliance. If Customer Data includes PHI, the parties agree to the Business Associate Agreement in Exhibit A.

4.6 Data Security. Reap shall implement and maintain commercially reasonable administrative, physical, and technical safeguards designed to protect Customer Data, consistent with industry standards for healthcare technology providers and applicable law. These safeguards include encryption of Customer Data at rest and in transit, role-based access controls limiting access to Customer Data to authorized personnel on a need-to-know basis, ongoing vulnerability assessments and security monitoring, and an incident response process that includes timely notification to Customer of any confirmed unauthorized access to Customer Data, in addition to the breach notification requirements in the BAA.

4.7 Security Posture. Reap maintains policies and procedures designed to align with generally accepted industry standards for healthcare SaaS providers. Reap will provide Customer, on reasonable written request and subject to appropriate confidentiality protections, with a summary of its then-current security practices and any third-party attestations or certifications it has obtained. Reap may from time to time pursue additional industry certifications based on commercial demand and product maturity.

4.8 Data Residency.Reap will Process and store Customer Data on infrastructure located in the United States, except (a) where Customer expressly consents in writing to processing or storage outside the United States, or (b) limited remote access by Reap personnel for support, troubleshooting, or disaster recovery, which will be logged and auditable, will not result in Customer Data being persistently stored outside the United States, and will be subject to Reap's standard access controls and the BAA.

4.9 Backup and Disaster Recovery. Reap maintains regular automated backups of Customer Data, encrypted at rest, with backups replicated for disaster recovery purposes within the United States. Reap maintains a documented business continuity and disaster recovery plan and reviews it periodically. Reap will provide a summary of its disaster recovery posture to Customer upon request, subject to appropriate confidentiality protections.

4.10 Subprocessors. Reap maintains a current list of Subprocessors at reap.tech/legal/subprocessors. Customer may subscribe to email notifications of changes by emailing info@getreap.com. Reap will provide at least thirty (30) days' prior written notice before engaging a new Subprocessor that will process Customer Data. If Customer reasonably objects to a new Subprocessor on data security or compliance grounds, the parties shall work in good faith to resolve the objection. If the objection cannot be resolved within thirty (30) days, Customer may terminate the affected Services without penalty upon written notice to Reap and receive a pro-rata refund of any prepaid fees for the unused portion of the Subscription Term. Reap will enter into a written agreement with each Subprocessor imposing data-protection obligations comparable to those in this Agreement (including the BAA, where the Subprocessor will Process PHI), and Reap will remain liable to Customer for the acts and omissions of its Subprocessors as if performed by Reap directly.

5. TERM AND TERMINATION

5.1 Term.This Agreement begins on the Effective Date and continues for an initial period of twelve (12) months (the "Initial Term"). Following the Initial Term, this Agreement shall automatically renew for successive twelve (12) month periods (each, a "Renewal Term") unless either party provides written notice of non-renewal at least ninety (90) days prior to the end of the then-current term. Where the Order Form specifies monthly billing, the Initial Term remains twelve (12) months; monthly billing reflects the invoicing frequency only and does not create a month-to-month arrangement unless the Order Form expressly states otherwise.

Reap shall send Customer a written reminder of the upcoming renewal and the non-renewal deadline at least one hundred twenty (120) days before the end of the then-current term.

5.2 Termination.Either party may terminate this Agreement for cause upon thirty (30) days' written notice if the other party materially breaches this Agreement and fails to cure such breach within such thirty (30) day period. Either party may terminate this Agreement for convenience upon ninety (90) days' written notice.

Upon termination by Customer for Reap's uncured material breach, or upon termination by Reap for convenience, Reap shall refund to Customer any prepaid fees covering the period after the effective date of termination on a pro-rata basis.

5.3 Effect of Termination. Upon termination:

5.4 Opt-Out Period.Notwithstanding Section 5.1, Customer may terminate this Agreement for any reason during the first thirty (30) days following the Effective Date (the "Opt-Out Period") by providing written notice to Reap. Upon such termination, Customer shall pay only for the pro-rata portion of fees attributable to the period of actual use, and Reap shall refund any prepaid fees covering the period after the effective date of termination. This Section 5.4 applies only to the Initial Term and does not apply to Renewal Terms.

5.5 Trials. Any free or discounted trial period is provided as-is and may be terminated or modified at any time by Reap. At least seven (7) days before the end of the Introductory Term, Reap shall send Customer written notice specifying the date the trial ends, the applicable standard pricing, and instructions for cancellation. Unless Customer provides written notice of cancellation prior to the end of the Introductory Term, the Agreement shall continue under the standard fee schedule outlined in the Order Form.

5.6 Transition Assistance and Data Return. Upon expiration or termination of this Agreement for any reason:

6. CONFIDENTIALITY

6.1 Obligations.Each party agrees to: (a) hold the other party's Confidential Information in strict confidence; (b) not disclose Confidential Information to any third party except to employees, agents, or contractors who have a need to know and are bound by confidentiality obligations at least as protective as those in this Agreement; and (c) protect Confidential Information using at least the same degree of care it uses to protect its own confidential information, but in no event less than reasonable care.

6.2 Exclusions.Confidential Information does not include information that: (a) is or becomes publicly available through no fault of the Receiving Party; (b) was already known to the Receiving Party without restriction prior to disclosure; (c) is independently developed by the Receiving Party without use of or reference to the Disclosing Party's Confidential Information; or (d) is received lawfully from a third party without restriction on disclosure.

6.3 Compelled Disclosure. If the Receiving Party is compelled by law, regulation, or legal process to disclose Confidential Information, the Receiving Party shall: (a) promptly notify the Disclosing Party (to the extent legally permitted) to allow the Disclosing Party to seek a protective order; and (b) disclose only the minimum amount of Confidential Information required.

6.4 Return and Destruction.Upon termination of this Agreement or upon the Disclosing Party's written request, the Receiving Party shall promptly return or destroy all Confidential Information in its possession and certify such return or destruction in writing, except to the extent retention is required by applicable law or regulation.

6.5 Survival. The obligations under this Section 6 shall survive termination or expiration of this Agreement for a period of five (5) years, except with respect to trade secrets, which shall be protected for as long as they remain trade secrets under applicable law.

6.6 Feedback.If Customer or any Authorized User provides Reap with feedback, comments, suggestions, or ideas concerning the Services ("Feedback"), Customer hereby grants Reap a perpetual, irrevocable, worldwide, non-exclusive, royalty-free, fully-paid, sublicensable license to use, reproduce, modify, and exploit such Feedback for any purpose, without obligation or attribution to Customer.

7. WARRANTIES AND DISCLAIMERS

7.1 Reap Warranty. Reap warrants that: (a) the Services will materially conform to the applicable Documentation; (b) the Services will be provided in a professional and workmanlike manner consistent with generally accepted industry standards; and (c) Reap will not knowingly introduce any malicious code into the Services.

7.2 Compliance Warranty. Each party warrants that it will comply with all laws and regulations applicable to its performance under this Agreement, including HIPAA and applicable state health information privacy laws.

7.3 Disclaimer.EXCEPT AS EXPRESSLY PROVIDED IN THIS AGREEMENT, THE SERVICES ARE PROVIDED "AS IS." REAP DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

7.4 Regulatory Compliance Warranty. Each party represents and warrants that: (a) it shall not take any action in connection with this Agreement that would constitute a violation of Applicable Healthcare Laws, including without limitation the Anti-Kickback Statute, the Stark Law, or the False Claims Act; (b) neither it nor any of its owners, officers, directors, or employees has been excluded from participation in any Federal Healthcare Program or convicted of a criminal offense related to the provision of healthcare items or services; and (c) it shall promptly notify the other party if it or any of its owners, officers, directors, or employees becomes excluded from participation in any Federal Healthcare Program or is charged with or convicted of a healthcare-related criminal offense during the Term.

7.5 Exclusion Screening. Reap will use commercially reasonable efforts to screen its personnel (including employees and contractors) against the HHS-OIG List of Excluded Individuals/Entities (LEIE) and the GSA System for Award Management (SAM) exclusion list prior to assigning them to perform Services. Reap represents that, to its knowledge, no individual currently performing Services on its behalf has been excluded from participation in any Federal Healthcare Program. If Reap becomes aware that any individual or entity providing Services has been excluded, Reap will (a) promptly remove such individual or entity from the engagement, (b) notify Customer within five (5) business days, and (c) cooperate with Customer in determining whether self-disclosure to OIG or any state agency is appropriate. Customer represents that no individual on its workforce who interacts with the Services is excluded.

8. LIMITATION OF LIABILITY

8.1 General Cap.EXCEPT FOR THE EXCLUDED CLAIMS SET FORTH IN SECTION 8.4, EACH PARTY'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT SHALL NOT EXCEED THE AMOUNTS PAID OR PAYABLE BY CUSTOMER TO REAP IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM (THE "GENERAL CAP").

8.2 Security and HIPAA Super-Cap.NOTWITHSTANDING SECTION 8.1, EACH PARTY'S TOTAL AGGREGATE LIABILITY FOR (A) BREACH OF SECTION 6 (CONFIDENTIALITY), (B) BREACH OF THE BAA OR HIPAA SECURITY RULE OBLIGATIONS, (C) BREACH OF THE SECURITY COMMITMENTS IN SECTION 4.6, OR (D) UNAUTHORIZED DISCLOSURE OF CUSTOMER DATA CAUSED BY A PARTY'S BREACH OF ITS OBLIGATIONS UNDER THIS AGREEMENT, SHALL NOT EXCEED THE GREATER OF THREE (3) TIMES THE AMOUNTS PAID OR PAYABLE BY CUSTOMER TO REAP IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM, OR ONE MILLION U.S. DOLLARS ($1,000,000) (THE "SECURITY SUPER-CAP").

8.3 Exclusion of Consequential Damages. EXCEPT FOR THE EXCLUDED CLAIMS SET FORTH IN SECTION 8.4, NEITHER PARTY SHALL BE LIABLE TO THE OTHER FOR ANY INDIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, REVENUE, DATA, OR BUSINESS OPPORTUNITY, REGARDLESS OF THE THEORY OF LIABILITY, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

8.4 Excluded Claims. The limitations in Sections 8.1, 8.2, and 8.3 shall not apply to:

8.5 AI Output Limitation.WITHOUT LIMITING ANY OTHER PROVISION OF THIS AGREEMENT, REAP WILL HAVE NO LIABILITY FOR LOSSES ARISING FROM CUSTOMER'S RELIANCE ON AI-GENERATED OUTPUTS THAT WERE NOT SUBJECT TO HUMAN REVIEW UNDER SECTION 12, OR FOR LOSSES TO THE EXTENT ATTRIBUTABLE TO HALLUCINATION OR MODEL ERROR IN OUTPUTS THAT CUSTOMER USED WITHOUT INDEPENDENT VERIFICATION. THIS SECTION 8.5 DOES NOT LIMIT REAP'S RESPONSIBILITY FOR BREACH OF ITS SECURITY, CONFIDENTIALITY, OR HIPAA OBLIGATIONS.

9. INDEMNIFICATION

9.1 By Customer.Customer shall indemnify, defend, and hold harmless Reap and its officers, directors, employees, and agents against any third-party claims, losses, damages, and expenses (including reasonable attorneys' fees) arising from:

9.2 By Reap.Reap shall indemnify, defend, and hold harmless Customer and its officers, directors, employees, and agents against any third-party claims, losses, damages, and expenses (including reasonable attorneys' fees) arising from:

9.3 AI Output IP Indemnity.In addition to Section 9.2(a), Reap will defend Customer against any third-party claim alleging that an AI-Generated Output produced by the Services infringes a third party's U.S. copyright, trademark, trade secret, or right of publicity, and will pay damages and reasonable attorneys' fees finally awarded against Customer or agreed in settlement, subject to the conditions and exclusions in this Section 9.3.

Conditions.Customer's right to indemnification under this Section 9.3 is conditioned on Customer (i) using the Services in accordance with the Documentation and Acceptable Use Policy, (ii) not modifying the AI-Generated Output in a manner that introduces the alleged infringement, (iii) not knowingly providing infringing Inputs, (iv) not using the AI-Generated Output as a trademark or in a manner that asserts trademark rights, (v) using available content filters and guardrails enabled by the Services, and (vi) following the indemnification procedural requirements in Section 9.5.

Exclusions.This Section 9.3 does not apply to claims arising from (i) Customer Inputs that themselves infringe a third party's rights, (ii) combinations of AI-Generated Outputs with non-Reap products, services, or data, (iii) the practice of a patented invention contained in an AI-Generated Output, (iv) trademark claims based on Customer's use of an AI-Generated Output as a brand identifier, or (v) Outputs from Preview Features.

Sole Remedy.Sections 9.2(a) and 9.3 state Reap's sole liability and Customer's sole and exclusive remedy for any IP infringement claim related to the Services or AI-Generated Outputs.

9.4 IP Mitigation.If the Services become, or in Reap's reasonable opinion are likely to become, the subject of an infringement claim, Reap may, at its option and expense: (a) procure for Customer the right to continue using the Services; (b) modify the Services to make them non-infringing while preserving substantially equivalent functionality; or (c) terminate the affected Order Form and refund any prepaid fees for the unused portion of the Subscription Term.

9.5 Indemnification Procedures.The party seeking indemnification ("Indemnified Party") shall: (a) promptly notify the indemnifying party ("Indemnifying Party") in writing of any claim (provided that failure to provide prompt notice shall not relieve the Indemnifying Party of its obligations except to the extent it is materially prejudiced by such failure); (b) grant the Indemnifying Party sole control of the defense and settlement of the claim; and (c) provide reasonable cooperation at the Indemnifying Party's expense. The Indemnifying Party shall not settle any claim in a manner that imposes obligations on the Indemnified Party or admits fault on behalf of the Indemnified Party without the Indemnified Party's prior written consent.

10. GENERAL

10.1 Assignment.Neither party may assign this Agreement without the other's prior written consent, except in connection with a merger or sale of all or substantially all assets, provided that the assignee agrees in writing to be bound by the terms of this Agreement.

10.2 Governing Law and Judicial Venue. This Agreement shall be governed by the laws of the State of Florida, without regard to its conflict of laws principles. The exclusive jurisdiction and venue for any judicial proceeding related to the enforcement or confirmation of an arbitration award, or for any action seeking injunctive relief or equitable remedies (which are excluded from arbitration), shall be the state or federal courts located in Miami-Dade County, Florida, and each party hereby consents to the exclusive jurisdiction and venue of such courts.

10.3 Dispute Resolution and Binding Arbitration.

Escalation. Prior to initiating any formal dispute resolution proceeding, the parties shall attempt to resolve the dispute through good-faith negotiation between senior representatives of each party for a period of at least thirty (30) days following written notice of the dispute.

Mediation.If the dispute is not resolved through negotiation, the parties shall attempt to resolve the dispute through mediation administered by the American Arbitration Association ("AAA") under its Commercial Mediation Procedures for a period of at least thirty (30) days before initiating arbitration.

Arbitration. Any dispute, controversy, or claim not resolved through negotiation or mediation shall be finally settled by binding arbitration administered by the AAA under its Commercial Arbitration Rules. The arbitration shall be conducted by a single arbitrator in Miami-Dade County, Florida. The award rendered by the arbitrator shall be final, and judgment may be entered upon it in any court having jurisdiction.

Class Action Waiver.The parties agree that all claims must be brought in the parties' individual capacity, and not as a plaintiff or class member in any purported class or representative proceeding.

10.4 Force Majeure. Neither party shall be liable to the other for any delay or failure to perform any obligation under this Agreement (except for payment obligations) if the delay or failure is due to events which are beyond the reasonable control of such party, including but not limited to, strikes, shortages, riots, acts of war, government action, natural disasters, epidemics or pandemics, or interruption of internet services or utility services. The affected party shall provide prompt notice to the other party and use commercially reasonable efforts to mitigate the effect of the force majeure event. If a force majeure event continues for more than ninety (90) days, either party may terminate this Agreement upon written notice.

10.5 Audit Rights.

Reap's Audit Right.Customer agrees that Reap may, upon at least thirty (30) days' written notice and no more than once per twelve (12) month period, audit Customer's use of the Services to ensure compliance with this Agreement. Customer shall provide reasonable assistance in connection with any audit. If an audit reveals that Customer has underpaid fees to Reap by five percent (5%) or more, Customer shall pay Reap for the reasonable costs of the audit in addition to any underpaid fees.

Customer's Audit Right.Once per twelve (12) month period, on at least thirty (30) days' prior written notice, Customer may, at its expense, conduct (or engage a mutually-agreed independent auditor under NDA to conduct) an audit of Reap's compliance with this Agreement, the BAA, and applicable law, during normal business hours and without unreasonable disruption to Reap's operations. Reap may satisfy this audit obligation by providing Customer, under NDA, with a written summary of its security practices and any third-party attestations, certifications, or controls evidence that Reap then makes available to its enterprise customers. If an audit reveals a material breach of Reap's obligations, Reap shall bear the reasonable costs of the audit.

Regulatory Audit.Reap will cooperate at no charge to Customer with any regulatory audit, inquiry, or investigation by HHS-OIG, OCR, CMS, a state Medicaid agency, a state attorney general, or another regulator with jurisdiction over Customer or Customer Data, including by providing requested records, making personnel reasonably available, and providing notification under the BAA's notice provisions.

10.6 Insurance.Throughout the Term, Reap will maintain commercially reasonable insurance coverage appropriate for a healthcare technology company of its size and stage, including general liability, technology errors and omissions, and cyber liability coverage. Reap will provide a Certificate of Insurance evidencing such coverage on Customer's reasonable written request. The parties may agree to specific coverage levels in the applicable Order Form.

10.7 Publicity.Reap may use Customer's name and logo on Reap's website and in marketing materials to identify Customer as a customer of Reap only with Customer's prior written consent, which may be given or withheld in Customer's sole discretion. Reap shall cease using such name and logo promptly upon Customer's written request.

10.8 Entire Agreement. This Agreement (including any Order Forms, Exhibits, the BAA, the Acceptable Use Policy, the Service Level Agreement, the SMS Terms, and the Reap AI Policy referenced herein) constitutes the entire agreement and supersedes all prior agreements.

10.9 Amendments.Reap may update these Terms from time to time. For any material changes (including changes to pricing, liability limitations, data rights, or termination provisions), Reap shall provide Customer with at least thirty (30) days' prior written notice describing the changes. Material changes shall require Customer's affirmative written consent. If Customer does not consent to a material change, Customer may terminate this Agreement upon written notice within thirty (30) days of receiving notice of the change, and Reap shall refund any prepaid fees covering the period after the effective date of termination on a pro-rata basis. Non-material changes (such as corrections, clarifications, or formatting updates) shall be effective upon posting to Reap's website.

10.10 Notices. All notices required or permitted under this Agreement shall be in writing and shall be deemed given when: (a) delivered personally; (b) sent by email with confirmed receipt; or (c) sent by nationally recognized overnight courier, addressed to the applicable party at the address set forth in the Order Form or such other address as may be designated in writing. Notices to Reap may be sent to info@getreap.com.

10.11 Regulatory Severability and Reformation. If any provision of this Agreement is determined by a court of competent jurisdiction, governmental agency, or regulatory body to violate any Applicable Healthcare Law, such provision shall be automatically reformed to the minimum extent necessary to bring it into compliance with such law while preserving the original economic intent of the parties to the maximum extent permissible. The invalidity or unenforceability of any provision shall not affect the validity or enforceability of any other provision of this Agreement, and the remaining provisions shall continue in full force and effect. In the event any provision cannot be reformed to achieve compliance, such provision shall be severed and the parties shall negotiate in good faith to replace it with a lawful provision that achieves substantially the same economic result.

11. ACCEPTABLE USE

11.1 Compliance and Usage Restrictions. Customer agrees not to use the Services for any purpose that is prohibited by law, this Agreement, or the Acceptable Use Policy. Without limiting the generality of the foregoing, Customer shall not, and shall not permit any Authorized User or third party to:

11.2 Investigations and Enforcement.Reap reserves the right to investigate and take appropriate legal action against any user who, in Reap's reasonable determination, violates this Acceptable Use Policy, including suspension or termination of access to the Services. Reap shall provide Customer with written notice and a reasonable opportunity to cure any violation (except where immediate action is necessary to prevent harm to the Services, other customers, or third parties) before suspending or terminating access.

12. ARTIFICIAL INTELLIGENCE FEATURES

12.1 AI Output Disclaimer.REAP'S AI-POWERED FEATURES (INCLUDING RUBY, ANALYZE, AND ANY OTHER AI-DRIVEN FUNCTIONALITY) GENERATE OUTPUTS USING MACHINE LEARNING MODELS. AI-GENERATED OUTPUTS MAY BE INCOMPLETE, INACCURATE, OR BIASED, INCLUDING THROUGH HALLUCINATION (THE GENERATION OF PLAUSIBLE BUT FACTUALLY INCORRECT CONTENT). AI-GENERATED OUTPUTS ARE PROVIDED FOR DECISION SUPPORT, ADMINISTRATIVE AUTOMATION, AND DOCUMENTATION ASSISTANCE ONLY. THEY ARE NOT INTENDED TO REPLACE PROFESSIONAL CLINICAL, BILLING, OR COMPLIANCE JUDGMENT.

12.2 Customer Verification Obligation. Customer is solely responsible for reviewing and verifying all AI-Generated Outputs before relying on them, submitting them to any third party (including Medicaid, Medicare, or any managed care organization), using them to contact any resident or family member, or incorporating them into any clinical or financial decision. Customer will ensure that qualified personnel are the final decision-makers for all clinical, compliance, and billing determinations, and that the Services are not used to make fully automated decisions without meaningful human review.

12.3 Human-in-the-Loop Review. For any AI-Generated Output that will be (a) submitted to a Federal Healthcare Program (including Medicaid or Medicare), (b) used in a denial or modification of services to a resident, (c) used in a billing or coding determination, or (d) sent to a resident or family member as a communication purportedly from Customer, Customer will ensure such Output is reviewed and approved by a qualified human reviewer before such submission, use, or transmission.

12.4 AI Disclosures. Where the Services generate communications (including SMS, email, or letters) sent to residents, family members, or other consumers, Reap will provide tooling for Customer to include appropriate AI-disclosure language. Customer is responsible for determining what disclosures are required by applicable law (including the Colorado AI Act and any similar state laws) and configuring the Services accordingly.

12.5 AI Risk Management. Reap maintains commercially reasonable practices for evaluating, deploying, and monitoring its AI features, including pre-deployment testing, ongoing review of model performance, human-review tooling, and processes to respond to AI-specific incidents. Reap publishes a Reap AI Policy at reap.tech/legal/ai-policy, which is incorporated by reference into this Agreement and which describes Reap's commitments regarding AI literacy, data sourcing, transparency, and risk management.

12.6 Cooperation with AI Impact Assessments.Reap will reasonably cooperate with Customer's impact assessments under applicable law (including Colorado AI Act deployer obligations, where applicable), including by providing a developer disclosure packet describing the Services' intended uses, known limitations, performance metrics, and data summaries.

13. SMS AND TEXT MESSAGING

13.1 Scope. This Section 13 applies to any messaging features of the Services (including those provided by Ruby) used to send SMS, MMS, or text messages on behalf of Customer to residents, family members, or other recipients. Consumer-facing SMS terms applicable to recipients are published at getreap.com/sms-terms.

13.2 Customer's Responsibilities.Customer is solely responsible for ensuring that all phone numbers provided to or used in connection with the Services have provided prior express written consent under the TCPA and applicable CTIA, A2P 10DLC, and state telemarketing requirements (including any "mini-TCPA" statutes such as Florida CS/SB 1120). Customer represents and warrants that it maintains documented evidence of consent for each phone number for not less than four (4) years and will provide such evidence to Reap upon request.

13.3 Reap's Responsibilities.Reap will: (a) operate the messaging infrastructure in compliance with applicable A2P 10DLC carrier requirements; (b) register Customer's brand and campaign with The Campaign Registry as required; (c) implement standard SHAFT-T (Sex, Hate, Alcohol, Firearms, Tobacco, Threats) content filtering; (d) honor STOP, UNSUBSCRIBE, CANCEL, QUIT, END, and OPTOUT keywords by suppressing the relevant phone number across Customer's account; and (e) honor the HELP keyword with an appropriate response.

13.4 TCPA Indemnification.Customer will indemnify, defend, and hold harmless Reap from any third-party claim arising out of (a) Customer-supplied phone numbers, (b) Customer-authored or Customer-approved message content, (c) Customer's failure to obtain TCPA-compliant consent, or (d) Customer's violation of applicable telemarketing law. This indemnification is not subject to the limitations of liability in Section 8.

13.5 Suspension. Reap may suspend messaging or specific campaigns upon receipt of any carrier complaint, opt-out spike (defined as more than five percent (5%) of recipients opting out within 24 hours of a message), or pattern of delivery failures, with notice to Customer as soon as reasonably practicable.

14. SERVICE AVAILABILITY AND SUPPORT

14.1 Service Availability.Reap will use commercially reasonable efforts to make the Services available on a 24×7 basis, subject to scheduled maintenance, emergency maintenance, and circumstances outside Reap's reasonable control. Reap may from time to time publish a separate Service Level Agreement at reap.tech/legal/sla applicable to specific subscription tiers; where applicable, that SLA is incorporated by reference into the applicable Order Form.

14.2 Scheduled Maintenance. Reap will use commercially reasonable efforts to provide Customer with advance notice of scheduled maintenance and to perform such maintenance outside of typical business hours where reasonable. Emergency maintenance to address security risks may be performed without advance notice.

14.3 Support. Reap will provide commercially reasonable support during business hours (Monday through Friday, 9:00 a.m. to 6:00 p.m. Eastern Time, excluding U.S. federal holidays) by email at support@getreap.com. Reap will use commercially reasonable efforts to respond promptly to support requests and to prioritize requests based on severity, with production-impacting issues receiving the highest priority. Enhanced support tiers (including expanded coverage hours and response time commitments) may be available under separate Order Form terms.

15. HEALTHCARE COMPLIANCE COOPERATION

15.1 Information Blocking and the Cures Act.Reap acknowledges that Customer may be subject to the information-blocking provisions of the 21st Century Cures Act and the implementing regulations at 45 C.F.R. Part 171. Reap will not engage in any practice that constitutes information blocking under those rules. Reap will support Customer's information-blocking compliance by (a) making Electronic Health Information available to authorized requestors in standards-based formats (including FHIR R4 and USCDI v3 or later, where applicable), (b) not imposing fees or technical restrictions on EHI access beyond those permitted by the Cures Act exceptions, and (c) reasonably cooperating with Customer's responses to access, exchange, or use requests from patients, providers, and other actors. Nothing in this Section requires Reap or Customer to disclose information in a manner that would itself violate HIPAA, 42 C.F.R. Part 2, or other applicable law.

15.2 42 C.F.R. Part 2.Reap is not, by default, a "lawful holder" of substance use disorder records under 42 C.F.R. Part 2, and the Services are not designed to receive or process Part 2 records absent a separate Part 2 Addendum or Qualified Service Organization Agreement. Customer represents and warrants that it will not transmit, upload, or otherwise provide Part 2 records to the Services unless and until the parties have executed a written Part 2 Addendum addressing such records. If Customer operates an identifiable unit within a general medical facility that holds itself out as providing substance use disorder diagnosis, treatment, or referral, the parties will, prior to processing any Part 2 records, execute Reap's Part 2 QSOA Addendum.

15.3 Records Retention for Federal Healthcare Programs.Reap will retain Service records, audit logs, and Customer Data related to Medicaid case management, billing, and compliance functions for the longer of (a) ten (10) years after the date of creation, (b) such longer period as required by applicable state Medicaid program rules or by Customer's reasonable written instructions in connection with an audit, investigation, or litigation hold, or (c) such longer period as may be required to respond to a Medicare or Medicaid Recovery Audit, Zone Program Integrity Contractor, OIG, or DOJ inquiry.

15.4 Patient and Resident Rights. Customer, as the Covered Entity, is responsible for responding to all individual requests for access, amendment, accounting of disclosures, and other rights under the HIPAA Privacy Rule. Reap will support Customer by providing access to PHI in the Services through standard export and administrative tooling within ten (10) business days of a written request from Customer (fifteen (15) business days for amendments).

Exhibit A — Business Associate Agreement (BAA)

HIPAA BUSINESS ASSOCIATE AGREEMENT

This Business Associate Agreement ("BA Agreement") is entered into as of the Effective Date of the Agreement by and between the undersigned customer ("Customer") and Reap Tech, Inc. ("Business Associate"), a Florida corporation. This BA Agreement governs the handling of Protected Health Information ("PHI") under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), as amended by the HITECH Act and related regulations.

1. Definitions

Capitalized terms not defined in this BA Agreement shall have the meanings set forth in HIPAA. "Services Agreement" refers to any agreement under which Business Associate provides services to Customer involving PHI.

2. Obligations of Business Associate

3. Permitted Uses and Disclosures

4. Obligations of Customer

5. Term and Termination

6. Compliance with Transaction Standards

Business Associate shall comply with HIPAA transaction and code set rules (45 CFR Part 162) to the extent applicable to Business Associate's performance, and shall require its subcontractors to do the same.

7. Miscellaneous

Exhibit B — Security Practices

The technical, administrative, and physical safeguards summarized in Section 4.6 reflect Reap's current security posture. Reap will provide additional information regarding its security practices to Customer on reasonable written request, subject to appropriate confidentiality protections. Reap may from time to time publish supplemental security documentation; any such documentation, when published and referenced in an Order Form, shall be incorporated into this Agreement by reference.

Contact Us

Reap Tech, Inc
1111b South Governors Avenue, STE 7613, Dover, DE 19904 US
Email: info@getreap.com
Website: getreap.com

If you have any questions, concerns, or requests regarding these Terms of Service, please contact us at the address above.