Terms of Service

1. Acceptance

By creating a Sanolith account or using the service, you agree to these Terms of Service on behalf of yourself and any organization you represent. If you do not agree, do not use the service. The service is the HIPAA-aligned LLM workspace described on sanolith.com and documented on our security page.

2. PHI and the BAA gate

Sanolith is built to process Protected Health Information (PHI), but PHI use is gated by a signed Business Associate Agreement (BAA):

• A BAA is available on every paid tier. You must have an executed BAA in place before your organization uploads or processes real PHI.
• Self-service trial / personal-tenant use is intended for non-PHI evaluation. Do not upload real PHI to a tenant that does not yet have a BAA in force.
• Frontier hosted models (e.g., Claude, GPT) are available on tiers where the underlying provider is covered by a BAA; the redactor, audit ledger, and tenant isolation apply regardless of the model you route to.

3. Acceptable use

You agree not to:

• attempt to bypass, disable, or probe the PHI redactor, tenant isolation, audit logging, or access controls;
• access or attempt to access another tenant's data, or use the service to exfiltrate data you are not authorized to access;
• use the service in violation of applicable law, including HIPAA where it applies to you, or to provide medical advice without the appropriate clinical and regulatory oversight;
• reverse engineer, resell, or sublicense the service except as expressly permitted in an order form; or
• upload malware or use the service to harm the platform or other customers.

Outputs of an LLM may be inaccurate. You are responsible for clinical review of any output before it is used in patient care. The service is a tool for your workforce, not a substitute for professional judgment.

4. Your data

You retain all rights to the documents, prompts, and content you upload ("tenant content"). Tenant content is stored within your tenant boundary and is not shared with other tenants or used to train shared models. Where you train a per-tenant fine-tuned model (a "Sano adapter"), your tenant owns the resulting weights; Sanolith is the custodian under your BAA, not the owner. You can export or delete tenant content from the portal at any time. Our handling of tenant content and PHI is described in the Privacy Policy.

5. Fees and tiers

Paid tiers are billed at the per-team flat rate shown at pricing or in your order form. Fees are non-refundable except as required by law or expressly stated in an order form. We may change list pricing prospectively; changes do not affect the committed term of an active order form.

6. Service levels and support

Support and availability commitments depend on your tier. Enterprise order forms may include a specific uptime SLA, a named contact, and 24/7 incident response; absent a signed SLA, the service is provided on a commercially reasonable best-effort basis. Our incident-response commitments (initial-assessment and breach-notification targets) are described on the security page and, for PHI, in your BAA.

7. Confidentiality and security

Each party will protect the other's confidential information. Sanolith maintains the technical, administrative, and physical safeguards documented on the security page, including encryption in transit and at rest, least-privilege access, and an append-only audit ledger.

8. Warranties and disclaimers

Except as expressly stated in an order form or BAA, the service is provided "as is" and "as available," without warranties of any kind, whether express or implied, including merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that LLM outputs are accurate, complete, or suitable for any particular clinical decision.

9. Limitation of liability

To the maximum extent permitted by law, neither party is liable for indirect, incidental, special, consequential, or punitive damages. Each party's aggregate liability arising out of or related to these terms is limited to the fees paid or payable for the service in the 12 months preceding the claim, except for breaches of the BAA governing PHI, which are governed by the liability terms of that BAA.

10. Term and termination

You may stop using the service and delete your account at any time from the portal. We may suspend or terminate access for a material breach of these terms, including attempts to compromise tenant isolation or misuse PHI. On termination, you receive a full export within 30 days and your tenant data is purged from production and backups within 60 days, per the BAA. A certified destruction report is available on request.

11. Changes to these terms

We may update these terms; the "last updated" date at the top reflects the current version. For material changes that affect PHI handling or fees, we will notify tenant admins. Continued use after a change constitutes acceptance.

12. Contact

Legal questions: [email protected]. General: [email protected].