Terms of Service

1. Definitions

"Clinic" means a medical clinic, group practice, or other healthcare provider that subscribes to the Service.

"Clinic Account" means the workspace inside the Service that holds the Clinic's records and team.

"Clinic Owner" means the natural person who creates a Clinic Account or to whom administrative ownership has been transferred.

"Clinic User" means an authorised individual the Clinic Owner has invited (clinician, nurse, receptionist, billing staff, or other authorised role).

"Patient" means an individual whose health information the Clinic records in the Service.

"Customer Data" means all data the Customer or its Clinic Users enter, upload, or generate inside the Service, including patient records, encounter notes, prescriptions, lab orders, attachments, schedule entries, and clinic configuration.

"Documentation" means our published guides, in-app help, and the legal pages at mediflow.ph/legal.

"Subscription" means the paid plan the Customer purchases, identified at checkout.

2. Eligibility

You must be at least 18 years old and legally capable of entering into a contract under Philippine law to register an account. The Service is intended for use by licensed medical practitioners and the staff they authorise; the Clinic Owner is responsible for ensuring that each Clinic User has the licence, role, or authorisation that the Clinic's regulator requires for the work the Clinic User performs inside the Service.

The Service is offered to clinics in the Philippines. We may extend availability to other jurisdictions in the future; until we do, you should not rely on us for compliance with non-Philippine healthcare regulations.

3. The Service

MediFlow is a clinic management platform. It supports patient registration, queue and appointment management, encounter documentation (general consultation, OB-GYN, dental, pediatrics, family medicine, with more specialty modules to follow), prescription writing, lab and imaging orders, basic medicine and consumables inventory, schedule management, internal team messaging, and PDF document generation for clinical and administrative output. The Service is delivered as a hosted platform; you do not need to install or maintain server software.

We do not provide medical, legal, accounting, or regulatory advice. The Service supports clinical work; clinical decisions remain with the attending clinician. Documentation is illustrative and not a representation that the Service satisfies any particular regulator's compliance checklist.

We may add, change, or remove features. Where a change materially reduces a feature you rely on, we will notify the Clinic Owner in the Service or by email at least 30 days in advance, except for security or legal-compliance changes that need a faster timeline.

4. Account registration and security

To use the Service, you create an account with an email address and a password. You must provide accurate registration information and keep it current. You are responsible for keeping your credentials confidential and for all activity under your account.

The Clinic Owner is responsible for managing roles inside the Clinic Account, including invitations, role changes, and removals. The Clinic Owner remains responsible for any actions a Clinic User takes inside the Clinic Account.

Two-factor authentication is enforced on every infrastructure-level account that MediFlow personnel hold (cloud hosting, edge and CDN, domain registrar, transactional email, source-control). In-app two-factor authentication for Clinic Users is rolled out as part of the pre-launch delivery sequence and becomes mandatory for accounts with broad access (clinic admin, billing, audit, support, transactional email, file attachments, HR) at launch. We strongly recommend that every Clinic User turn it on as soon as it is offered.

If you suspect an account compromise (a leaked password, a missing device, an unfamiliar login), change the password immediately and email security@mediflow.ph (or help@mediflow.ph if the security mailbox is not yet active) so we can lock the account, rotate sessions, and assist the Clinic Owner with the breach assessment under our Personal Data Breach Response Procedure.

5. Subscriptions, fees, and billing

Subscription pricing, billing period, and payment method are presented at checkout and confirmed by email. By subscribing, you authorise us to charge your nominated payment method through PayMongo Philippines, Inc., our payment processor, on each renewal until the Subscription is cancelled.

PayMongo collects payer card and account data directly through its hosted-checkout flow. MediFlow does not receive or store cardholder data. PayMongo is a separate Personal Information Controller for the data it collects there, under its own terms and privacy policy. See Section 5 of the Privacy Policy for the role split.

We issue BIR-registered receipts for payments. You agree to receive electronic receipts where the BIR rules allow.

Fees are stated in Philippine pesos and are exclusive of any tax that the law requires us to add. Where a tax becomes payable, we will add it on the invoice.

Cancellation takes effect at the end of the current billing period unless the law requires earlier termination. We do not refund unused time on a cancelled Subscription except where required by law or where we agree to a refund in writing as a goodwill gesture.

If a payment fails, we will retry on a published schedule and notify the billing contact. If the failure is not resolved, the Clinic Account moves to a read-only state, and after 60 calendar days the data lifecycle described in Section 11 begins.

6. Acceptable use

You agree not to use the Service to:

• (a) violate any law or regulation, including the Data Privacy Act, the Cybercrime Prevention Act (RA 10175), the Anti-Photo and Video Voyeurism Act (RA 9995), and the Comprehensive Dangerous Drugs Act (RA 9165);
• (b) record health information for an individual without the legal basis to do so under Sections 12 and 13 of RA 10173, including without parental or legal-guardian consent for minors as required by NPC Advisory No. 2022-02;
• (c) attempt to access another Clinic's data, escape tenant isolation, probe the Service for vulnerabilities outside an authorised programme, or interfere with other users;
• (d) upload malicious code, spam, or content that infringes another person's rights or invades another person's privacy;
• (e) use the Service for advertising, mass marketing, or unsolicited messaging that is not part of legitimate clinical operations;
• (f) reverse-engineer the Service, copy its code or design except as the law expressly allows, scrape it at a rate that affects other users, or use it to build a competing product;
• (g) resell, sublicense, or redistribute access to the Service without our prior written consent; or
• (h) bypass storage or rate limits, or share a single Clinic User account between multiple individuals.

We may suspend or terminate access without notice if your use threatens patient safety, violates the law, or risks the integrity of the Service.

7. Customer Data and your responsibilities as a Clinic

The Clinic is the Personal Information Controller for patient and clinical records entered into its Clinic Account. MediFlow is the Personal Information Processor for those records and processes them only on the Clinic's documented instructions. Section 1 of the Privacy Policy explains the role split.

As Clinic Owner, you are responsible for:

• (a) collecting valid consent and any other legal basis required for processing patient health information under Sections 12 and 13 of RA 10173;
• (b) the accuracy, completeness, and clinical correctness of the records your Clinic Users enter;
• (c) issuing patient privacy notices and managing patient queries about access, correction, deletion, blocking, portability, and objection (we will assist under the Clinic DPA);
• (d) ensuring that each Clinic User is authorised, properly trained, and bound to confidentiality consistent with healthcare professional rules;
• (e) reporting personal data breaches to MediFlow promptly so the Clinic can meet its 72-hour NPC notification window; and
• (f) executing the Clinic DPA before storing patient records, and re-executing it on material change.

You retain ownership of Customer Data. You grant MediFlow a non-exclusive, royalty-free licence to host, copy, transmit, display, and process Customer Data solely to provide and support the Service and to meet our obligations under the Clinic DPA. The licence ends when Customer Data is deleted under Section 11 below. We do not use Customer Data for any purpose unrelated to providing the Service.

8. Privacy and data protection

We process personal information in accordance with the MediFlow Privacy Policy and, for patient records, the Clinic-MediFlow Data Processing Agreement. Both documents form part of these Terms.

A summary of the points clinics most often ask about:

• We host primarily in Singapore on Vultr; transactional email goes through Resend in the United States; TLS, DNS, and edge mitigation run on Cloudflare's global edge.
• We support a Philippine-only mail path on request.
• Two-factor authentication is enforced on our infrastructure accounts and rolls out for in-app accounts before commercial launch.
• A pre-deployment security review covering OWASP Top-10 categories runs on every release; a formal third-party penetration test is scheduled before commercial launch.
• We notify Clinic PICs of a breach within 24 hours of discovery so the Clinic can meet its 72-hour NPC obligation.
• Our Data Protection Officer can be reached at dpo@mediflow.ph (Affidavit of Designation duly notarised on 22 April 2026).

9. Intellectual property

The MediFlow name, logo, software, designs, written content, and Documentation are owned by MediFlow Medical Services or its licensors and are protected by intellectual property laws. We grant you a limited, revocable, non-transferable, non-exclusive licence to use the Service for the Customer's internal clinical operations during the Subscription. No other licence is granted, expressly or by implication.

You may submit feedback, suggestions, or bug reports. You agree that we may use feedback without obligation, provided we do not identify you publicly without your consent.

10. Service availability

We aim to keep the Service available at all times, but we do not promise that the Service will always be uninterrupted, error-free, or fit for any specific use. We may take the Service offline for scheduled maintenance, security work, or unforeseen incidents. Where we can, we announce planned maintenance through the Service or by email at least 48 hours in advance.

We do not currently publish a contractual uptime commitment. Where we agree to one in writing for a specific Customer (for example, in a separate enterprise agreement), that document controls.

11. Suspension, termination, and data lifecycle

You may cancel your Subscription at any time through the billing area or by emailing help@mediflow.ph. Cancellation takes effect at the end of the current billing period; the Clinic Account remains active until the period ends.

We may suspend or terminate access if you breach these Terms, if a payment fails and is not resolved within the published retry window, if a regulator orders us to, or if continued operation poses a risk to patient safety, the Service, or other users. We will give notice and a chance to cure where the circumstances allow.

After termination, the data lifecycle in our Privacy Policy Section 7 applies:

• (a) a 60-calendar-day grace window during which the Clinic Owner can export Customer Data;
• (b) hard-delete from production after the grace window;
• (c) backup purge inside the 90-calendar-day backup rotation;
• (d) statutory floors override the schedule where the law requires longer retention (PDEA on controlled-substance prescriptions, BIR on receipts, Labor Code on engagement records, and similar).

If a Clinic Owner's account is to be deleted, ownership should be transferred to another authorised person beforehand. We do not transfer ownership ourselves except on a verified, documented request from the parties involved.

12. Confidentiality

Each party will keep the other's confidential information confidential and use it only to perform under these Terms. "Confidential information" includes Customer Data, business and pricing information, and the technical details of the Service. Confidential information does not include information that becomes public through no fault of the receiving party, was already lawfully known to the receiving party, was independently developed without reference to the disclosed information, or is required to be disclosed by law (in which case the receiving party gives prompt notice where lawful).

13. Disclaimers

The Service is provided "as is" and "as available". To the maximum extent the law allows, we disclaim all warranties not expressly granted in these Terms, including warranties of merchantability, fitness for a particular purpose, non-infringement, and uninterrupted operation.

The Service is a clinical management tool, not a substitute for the professional medical judgment of a licensed clinician. We do not guarantee any clinical outcome. The attending clinician is responsible for reviewing the records and treatment plan before relying on them.

14. Limitation of liability

To the maximum extent the law allows:

• (a) Neither party is liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or for lost profits, lost revenue, lost goodwill, or lost data, even if advised of the possibility of those damages.
• (b) Our aggregate liability under or relating to these Terms in any twelve-month period is limited to the amount you paid us for the Service in the twelve months immediately preceding the event giving rise to the claim.
• (c) The limitation does not apply to liability for death or personal injury caused by negligence, fraud, willful misconduct, or any liability that the law does not allow to be excluded or limited.

15. Indemnity

You agree to indemnify and hold MediFlow harmless from any third-party claim, loss, or expense (including reasonable legal fees) arising from (i) your use of the Service in breach of these Terms, (ii) Customer Data the Clinic uploaded without legal basis, (iii) a breach of the Clinic's obligations under the Clinic DPA, or (iv) infringement of a third party's rights through your use of the Service.

We will indemnify you against a third-party claim that the Service, used as documented, infringes a Philippine intellectual property right, on the standard conditions: prompt notice, exclusive control of defence, and reasonable cooperation. We may, at our option, modify or replace the affected component, secure a licence, or terminate the affected Subscription with a pro-rated refund.

16. Force majeure

Neither party is liable for delay or failure caused by events beyond reasonable control, including natural disaster, fire, flood, typhoon, earthquake, epidemic, war, civil unrest, government action, labour dispute, or failure of public infrastructure or third-party services. The affected party will give prompt notice and take reasonable steps to resume performance.

17. Notices

We send notices to the email addresses on the Clinic Account, including the Clinic Owner's address and the billing-contact address. You send notices to help@mediflow.ph for general matters and dpo@mediflow.ph for privacy and data-subject-rights matters. Postal notices may be sent to MediFlow Medical Services (DTI BN 8059068), Philippines; the registered address is provided on a verified request.

18. Governing law and venue

These Terms are governed by the laws of the Republic of the Philippines, without regard to conflict-of-laws rules. Any dispute that the parties cannot resolve in good faith within 30 days of written notice shall be brought in the proper courts of Nueva Ecija, Philippines, to which both parties consent.

Nothing in this section limits a Customer's statutory right to lodge a complaint with the National Privacy Commission under RA 10173.

19. Changes to these Terms

We may update these Terms when our processing changes, when a sub-processor changes, when statutory requirements change, or when our annual compliance review surfaces a material correction. Material updates are announced through the Service or by email at least 30 days before they take effect, except where the law or a regulator requires a faster timeline. Continued use of the Service after the effective date is acceptance of the updated Terms. The version table at the top lists the effective date and the version it replaces.

20. Miscellaneous

Entire agreement. These Terms, the Privacy Policy, and (where applicable) the Clinic DPA together form the entire agreement on the subject and supersede prior discussions.

Order of precedence. If there is a conflict, the order is: (i) a separately signed master agreement, (ii) the Clinic DPA, (iii) these Terms, (iv) the Privacy Policy, (v) the Documentation.

Assignment. You may not assign these Terms without our prior written consent. We may assign these Terms in a merger, acquisition, or sale of substantially all assets, on notice.

Severability. If a provision is unenforceable, the rest remains in effect, and the unenforceable provision is read down to the minimum extent the law allows.

No waiver. Failure to enforce a provision is not a waiver of our right to enforce it later.

Independent contractors. The parties are independent contractors. These Terms do not create a partnership, agency, joint venture, or employment relationship.

21. Contact

Support: help@mediflow.ph

Data Protection Officer: dpo@mediflow.ph

Postal: MediFlow Medical Services (DTI BN 8059068), Philippines

Authoritative source documents: MediFlow Privacy Policy v2.0; Clinic-MediFlow Data Processing Agreement v2.0; MediFlow Privacy Manual v1.0; Personal Data Breach Response Procedure v1.0; Compliance Addendum v1.1 (23 April 2026).