Effective date: 2026-05-02. Last reviewed: 2026-05-02.
1. Who we are
HealthDash ("HealthDash," "we," "us," "our") is operated by CodeCraft Studios. We provide a white-label e-commerce + clinical operations platform for organizations selling regulated health products and services ("Customers"). These Terms govern any use of our platform.
2. Roles
HealthDash is a Business Associate under HIPAA when our Customers (the Covered Entities) handle Protected Health Information ("PHI") through our platform. PHI handling is governed by our Business Associate Agreement, which overrides any conflicting provision of these Terms.
3. Account & security
- You are responsible for maintaining the confidentiality of your account credentials and for all activity under your account.
- You must promptly notify us at [email protected] of any unauthorized access or suspected security incident.
- We may suspend or terminate accounts engaged in fraud, abuse, or violation of these Terms.
4. Acceptable use
You agree not to use HealthDash to:
- Sell products that violate applicable law in the recipient's jurisdiction.
- Misrepresent regulatory status (e.g., describing a research-only compound as approved for human use).
- Bypass our compliance controls (audit logging, role gating, BAA enforcement).
- Attempt to extract another tenant's data, probe for security vulnerabilities without prior written authorization, or perform load tests beyond your contracted capacity.
See our Acceptable Use Policy for the full list and enforcement procedure.
5. Subscriptions, fees & refunds
Subscription fees, transaction fees, and overage charges are described in your subscription agreement. We bill in advance for the subscription period. Fees paid are non-refundable except as required by applicable law or as set out in our Refund Policy.
6. Intellectual property
HealthDash retains all rights, title, and interest in the platform, including all software, branding, and documentation. You retain all rights, title, and interest in your own data, including patient records, products, and configurations you upload.
7. Data ownership & portability
You own your data. We do not sell your data. On termination of your subscription, you may export your data in standard machine-readable formats (FHIR R4 for clinical data, CSV/JSON for operational data) for 30 days. After 30 days we may delete your data per the retention rules described in the Privacy Policy and BAA.
8. Warranties & disclaimers
The platform is provided "as is" except as expressly warranted in your subscription agreement or BAA. We do not provide medical advice and make no clinical determinations. You are solely responsible for the clinical decisions made by your workforce using our platform.
9. Limitation of liability
To the maximum extent permitted by law, HealthDash's aggregate liability under these Terms is capped at the fees you paid in the 12 months preceding the claim. We are not liable for indirect, consequential, or punitive damages. This limitation does not apply to breach of confidentiality, breach of the BAA, or to liabilities that cannot be limited by law.
10. Governing law
These Terms are governed by the laws of the State of Florida, without regard to conflict-of-laws principles. The courts located in Miami-Dade County, Florida have exclusive jurisdiction.
11. Changes
We may update these Terms from time to time. Material changes will be communicated via email and an in-product banner at least 30 days before they take effect. Continued use after the effective date constitutes acceptance.
12. Contact
Legal: [email protected]
Security: [email protected]
HIPAA Privacy Officer: [email protected]