Please read these platform terms ("Platform Terms") carefully before using the services offered by Pamela AI Holding B.V., a private company with limited liability incorporated under the laws of the Netherlands, having its registered office at Concertgebouwplein 15, 1071 LL in Amsterdam, The Netherlands ("Pamela", "we", or "us").

By (1) executing one or more order forms with Pamela which reference these Platform Terms (each, an "Order Form"), (2) clicking a box indicating acceptance, or (3) using the services, you ("Customer") agree to be bound by these Platform Terms (together with all Order Forms, the "Agreement").

If you accept these terms on behalf of a legal entity, you represent that you have the authority to bind that entity. If you do not agree to these terms or do not have such authority, you must not use the services.

If you are using free services or trials, the applicable provisions of this Agreement apply to those services as well.

1. Definitions

"Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity.

"Authorized User" means Customer's employees, contractors, or agents who are authorized by Customer to access and use the services under this Agreement.

"Client-Side Software" means any software provided by Pamela to Customer for use with the services (e.g., web, mobile, or desktop application).

"Customer Data" means all content, audio recordings, transcripts, clinical notes, metadata, or other information submitted, captured, or generated via the services by or on behalf of Customer.

"Documentation" means the official user documentation for the services, made available by Pamela.

"Free Services" means services provided free of charge, including trials and beta programs.

"Personal Data" has the meaning set out in the General Data Protection Regulation (EU) 2016/679 ("GDPR").

"Sensitive Data" includes health data, biometric data, data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or any other special category of personal data under Article 9 of the GDPR.

"Services" means the Pamela platform and AI tools used to assist healthcare professionals with clinical documentation through ambient listening, transcription, and AI-powered note enhancement, as described in the Order Form or online product pages.

"Third-Party Services" means services provided by subprocessors used by Pamela to deliver the services, including but not limited to AWS (including Amazon Bedrock), Anthropic (Claude, via AWS Bedrock), Deepgram, AssemblyAI, and ElevenLabs. Pamela also uses proprietary models for audio and voice processing.

"Usage Data" means data collected about how the services are accessed and used, including technical diagnostics and performance metrics.

2. Access and Use of the Services

2.1. Right to Use

Pamela grants Customer a limited, non-exclusive, non-transferable, and non-sublicensable right to access and use the services during the subscription term solely for internal business purposes.

2.2. Account Management

Each Authorized User must use their own login credentials. Sharing accounts is prohibited. Customer is responsible for all use and must ensure compliance.

2.3. Usage Restrictions

Customer must not:

Reverse engineer, decompile, or extract source code;

Interfere with performance or security;

Use the services as a substitute for professional clinical judgment — Pamela assists with documentation, not clinical decision-making;

Process Sensitive Data without permission and compliance;

Violate applicable Dutch or EU law;

Use for automated decision-making with legal effect without oversight.

2.4. Service Levels and Updates

Pamela may update or enhance services. Free Services are provided "as-is" with no guaranteed uptime.

3. Data Protection and Security

3.1. Compliance

Pamela processes personal data in line with the GDPR, subject to a Data Processing Agreement (DPA). Pamela is ISO 27001 and NEN 7510 compliant, currently in the process of getting certified.

3.2. Hosting and Subprocessors

Pamela uses:

AWS (EU regions) for hosting and infrastructure,

AWS Bedrock for AI model hosting and inference,

Anthropic (Claude) for AI-powered note enhancement, accessed via AWS Bedrock,

Deepgram for transcription,

AssemblyAI for transcription,

ElevenLabs for voice processing,

Proprietary models for audio processing and voice.

Additional subprocessors may be engaged to support AI processing and related services. An up-to-date list of subprocessors is available upon request.

3.3. Sensitive Data

The services are designed for use by healthcare professionals and may involve the processing of health data (Article 9 GDPR). Pamela processes such data under appropriate technical and organizational safeguards, including encryption, access controls, and Data Processing Agreements. Customer is responsible for ensuring a valid legal basis for any Sensitive Data processed through the services.

3.4. Data Location and Transfers

Data is stored exclusively in the EEA. If transferred, safeguards like Standard Contractual Clauses (SCCs) apply.

3.5. Security Measures

Encryption at rest (AES-256) and in transit (TLS), role-based access controls, audit logging, and internal policies align with Article 32 GDPR. All personnel with data access undergo background screening, including VOG (Certificate of Good Conduct) verification.

4. Intellectual Property

4.1. Pamela Ownership

All IP in the services (software, APIs, models, etc.) belongs to Pamela, except Customer Data.

4.2. Customer Data Ownership

Customer retains full rights to their data. Pamela processes only to deliver the service.

4.3. Feedback License

Customer grants Pamela a perpetual, royalty-free license to use feedback or suggestions.

5. Customer Responsibilities

5.1. Compliance with Laws

Customer is responsible for:

GDPR, ePrivacy, Dutch labor laws,

DPIAs (where needed under Article 35 GDPR).

5.2. Consent and Legality

Customer must ensure that patients and other relevant parties are appropriately informed about the use of AI-assisted documentation tools, in accordance with applicable law and professional guidelines.

5.3. Account and Access Security

Customer must secure credentials and report breaches.

5.4. Prohibited Conduct

Do not:

Build competing tools,

Infer or process sensitive personal data unlawfully,

Use the services as a replacement for professional clinical judgment or direct patient care decisions.

5.5. Third-Party Integrations

Customer assumes all compliance responsibility for integrations.

6. Fees and Payment

6.1. Billing

Pamela charges as per the Order Form. Prices exclude VAT unless stated.

6.2. Payment Terms

Invoices are payable within 14 days unless agreed otherwise.

6.3. Late Payment

Late payments incur:

Statutory interest (Article 6:119a BW),

Recovery costs,

Potential service suspension after 14+ days.

6.4. Plan Changes

Upgrades: immediate,

Downgrades: end of billing cycle.

6.5. No Refunds

All payments are non-refundable unless legally required.

7. Term and Termination

7.1. Term

Effective upon first use and continues until termination.

7.2. Customer Termination

Can cancel anytime; effective end of billing period.

7.3. Pamela Termination

Pamela may suspend/terminate if:

Terms are violated,

Payment is overdue 30+ days,

Security risks arise,

Fair Use Policy is breached,

Legally required.

7.4. After Termination

Access revoked; data deleted within 30–90 days. Anonymized data may be retained.

8. Disclaimers and Liability

8.1. No Warranty

Pamela provides services "as is":

No guarantees on accuracy, uptime, or legal fitness. Pamela is a documentation assistant, not a medical device. Outputs do not constitute medical advice or clinical recommendations.

8.2. Customer Responsibility

Customer must review all outputs before use in clinical documentation. Pamela does not validate clinical content.

8.3. Liability Limit

No indirect or consequential damages,

Liability capped at 12-month fees paid,

Does not limit liability for intent/gross negligence (Art. 6:162 BW).

9. Governing Law and Jurisdiction

9.1. Dutch Law

Governing law is Dutch. CISG does not apply.

9.2. Amsterdam Jurisdiction

Disputes go to Amsterdam courts, unless mandatory law says otherwise.

9.3. EU Consumers

Consumers in the EU may use local authorities or courts.

9.4. Language

Dutch version prevails if discrepancies arise.

10. Data Protection and Privacy

10.1. Roles

Pamela = data processor (Customer Data), data controller (account info).

10.2. Compliance

Pamela complies with GDPR; Customer must collect/share data lawfully.

10.3. Subprocessors

Includes AWS (including Amazon Bedrock), Anthropic (Claude, via AWS Bedrock), Deepgram, AssemblyAI, ElevenLabs, and Pamela's proprietary audio and voice models, as well as additional subprocessors as engaged from time to time. Subprocessors maintain appropriate security certifications (ISO 27001 or SOC 2). A current list is available upon request.

10.4. Permitted Use

The services are designed to assist healthcare professionals with clinical documentation. The services do not replace professional clinical judgment. Customer is responsible for all clinical decisions.

10.5. Data Security

Measures include encryption (AES-256 at rest, TLS in transit), role-based access controls, audit logging, monitoring, and backups.

10.6. Data Retention

Default storage: 90 days. Deletion is permanent and includes backup purge within 30 days.

11. Confidentiality

11.1. Obligation

Non-public info is confidential. Use only as needed for the Agreement.

11.2. Exceptions

Not confidential if:

Already known,

Publicly available,

Lawfully obtained elsewhere,

Required by law.

11.3. Duration

Confidentiality survives 3 years post-termination (or longer if required).

12. Miscellaneous

12.1. Assignment

Customer needs Pamela's consent to transfer rights. Pamela can assign during corporate changes.

12.2. Force Majeure

No liability for events beyond control (e.g., war, cyberattack, strikes).

12.3. Amendments

Pamela may update these Terms. Continued use = acceptance.

12.4. Severability

If a clause is invalid, the rest stays in effect.

12.5. No Waiver

Failure to enforce a clause isn't a waiver.

12.6. Entire Agreement

These Terms + DPA + Order Forms = full agreement.

12.7. Contact

Email: privacy@trypamela.ai Address: Concertgebouwplein 15, 1071 LL, Amsterdam, The Netherlands