Versions Compared

Version Old Version 3 New Version 4
Changes made by

Nick Reilly

Nick Reilly

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

    • Real-time technical and operational assistance to Customer’s designated personnel via telephone, e-mail, and web support.
    • Application of upgrades, patches, error corrections, and bug fixes during normal scheduled maintenance periods.
    • Updates to SaaS Product documentation.
    • Telephone support services to Customers
    • Access to Customer Data, upon Customer single request per study, on a compact disc (CD), or digital versatile disc (DVD) containing PDFs for all sites and subjects.

1.3  Data Management

Syntactx manages all Services in accordance with standard information security policies and applicable standard operating procedures (“SOPs”) and as outlined below:  

    • Security (physical, network, and application): Syntactx maintains, monitors, and uses reasonable safeguards based on industry accepted security frameworks to protect against the unauthorized, accidental or unlawful destruction, loss, disclosure, alteration or transfer of Customer Data. 
    • Retention: Customer shall have access to the SaaS Product during the term of Customer’s Agreement, and upon termination or expiration of the Agreement, for retrieving Customer Data in durable formats.
    • Privacy: Syntactx complies with all laws and regulations applicable to the provision of SaaS Product and processing of Customer Data. Syntactx maintains appropriate technical and organizational security measures to ensure protection of Customer Data.  
    • Disaster Recovery: Syntactx uses cloud-based data centers. Syntactx maintains a disaster recovery facility in a separate, geographically distinct location, in the event Syntactx hosting services at the primary location(s) are unavailable. Syntactx maintains policies and procedures regarding its disaster recovery and avoidance procedures, damage assessment, and incident handling.

2.  SERVICE LEVELS

As part of its delivery of Services to its Customers, Syntactx shall meet the following Service Levels:

2.1  Availability

Services will be Available at 99% where Availability is calculated as the actual monthly uptime when the Services are available, divided by scheduled monthly uptime and expressed as a percentage.   Regularly scheduled maintenance will be excluded when calculating Availability and will be conducted from <<??>>, except as otherwise notified by Syntactx. Any unavailability caused by circumstances beyond Our reasonable control, including, for example, an act of God, act of government, flood, fire, earthquake, civil unrest, act of terror, strike or other labor problem (other than one involving Our employees), Internet service provider failure or delay, Non-SFDC Application, or denial of service attack will also be excluded.

2.2  Response Times

Syntactx will respond to missed Service Levels and Services errors or outages in accordance with the following levels of severity, each as reasonably determined by Syntactx:

...

* The response times are measured from when Customer notifies Syntactx about a performance problem with a Syntactx SaaS Product and Syntactx’s issuance of a trouble ticket number to Customer.

3.  CUSTOMER CUSTOMER RESPONSIBILITIES 

Customer shall designate two (2) of its personnel to act as sole liaison between Customer and Syntactx. Customer must report Severity Level 1 and 2 issues by telephone. In addition, Customer shall provide Syntactx with documentation of any error or deficiency and provide Syntactx with the necessary instructions and data required to reproduce the error or deficiency reported by Customer and all other reasonable support and assistance requested by Syntactx as necessary to discover the cause or a cure for the reported error or deficiency of the Syntactx Services.

4.   EXCLUSIONS

In no event will Syntactx be responsible for failure to meet the Service Levels for any of the following reasons: (i) Customer’s breach of the Agreement, (ii) causes resulting from Customer’s or any third party’s acts, errors or omissions or any systems, hardware or software not provided by, or identified by Syntactx or Syntactx’s service provider as being compatible with the Syntactx Services (including Customer telecommunications carrier or internet service provider). In addition, the Service Level commitments and response times are not applicable to Customer’s use of Syntactx Services in a non-production or test environment, beta, or pilot use.

5.  REGULATORY REGULATORY AND AUDIT POLICIES

These Regulatory and Audit Policies (“Regulatory Policies”) are applicable to Customers who have been given access to those Syntactx Services that are subject to regulatory health authority review pursuant to the terms and conditions contained within the applicable agreement (the “Agreement”) between Syntactx and each Customer. Unless otherwise noted, these Regulatory Policies are subject to the terms of the Agreement and capitalized terms contained herein shall have the meanings set forth in the Agreement.

5.1  Client Client Audit Rights And Regulatory Inspections

During the Term, Syntactx agrees to permit Customer representatives to examine or audit the Services performed hereunder at Syntactx’s worldwide corporate headquarters upon at least forty-five (45) days notice during regular business hours, to determine whether the Services are being conducted in accordance with the Agreement and all applicable laws, rules and regulations.   In each twelve (12) month period, Client shall be entitled to conduct one (1) audit without charge by Syntactx.   If such audit would require subsequent audit(s) as may be necessary to verify corrective action(s), such audit(s) shall be at no charge to Client.   Any information of Syntactx or its subcontractors obtained or observed during such examination or audit shall be deemed Syntactx’s Confidential Information.

5.2  Regulatory Regulatory Inspections And Inquiries

...

Furthermore, Syntactx has a formal, contractual agreement with its infrastructure-as-a-service (IaaS) third-party hosting provider that documents the provider's commitment to support regulatory investigations (e.g., inspections) of Syntactx, as well as regulatory investigations of Syntactx Customers employing Services, including provision of relevant documents, information and records to Syntactx.   In the event Syntactx requires further input to satisfy a regulatory investigation, the provider will use commercially reasonable efforts (taking into account potential risks to their systems, services, or intellectual property) to assist Syntactx in responding to the regulatory authority's questions.

5.3  Regulatory Regulatory Matters

Syntactx will use commercially reasonable efforts to provide Syntactx Services in conformance with generally accepted standards of good clinical practice (GCP) and/or good post-marketing study practice (GPSP) and all applicable laws, rules, and regulations relating to the conduct of any clinical trial and/or post-marketing study. In particular, Syntactx complies with GCP and GPSP regulatory requirements related to internal or self-inspection by way of the Develop and Release Software Product standard operating procedure (SOP) (specifically for known product issues) and the Quality Incident Management SOP (for data, security, software, hosting, and other operational incidents), which SOPs describe how issues and incidents (discovered by internal or self-inspection, as well as reported by Customer) are identified, tracked, and managed internally. These known product issues and quality incidents are communicated with Customers and regulatory authorities as required.

Syntactx has established and agrees to maintain a quality management system and educational/training system that is compliant with regulatory expectations. Syntactx has established and agrees to maintain a system of self-inspection, with a record that such inspection has occurred.

5.4  Debarred Debarred Persons

Syntactx is not using and will not knowingly use the services of any person debarred under any country-specific debarment lists (in particular 21 U.S.C. § 335a of the FDA regulations) in any capacity in connection with the performance of Syntactx Services.   In addition, Syntactx is not using and will not knowingly use the services of any person or affiliate person/firm for whom convictions subject to debarment have occurred in the past five (5) years in any capacity in connection with the performance of Syntactx Services.   If, at any time during the Term of the Agreement, Syntactx becomes aware that it or any person employed or engaged by it or an affiliate person/firm in any capacity in connection with the performance of Syntactx Services for Customer has been or is in the process of being debarred or is convicted of any offense subjecting it or any person to debarment, subject to applicable law, Syntactx will notify Customer promptly in writing and such person will cease providing Syntactx Services.

6.  UPDATES UPDATES & NOTICES 

Syntactx may amend its obligations under these Terms of Service. Customer will be notified in advance of any change of material impact to Syntactx’s obligations under this Policy within thirty (30) days of such change.

...