Skip links
Login
Vaistat

Terms & Conditions - APS

Corporate name: Solutions Vaistat Inc. and APSQuébec.inc (“Vaistat”)
Role of service providers: Health Proximity Agent (HPA) — independent contractors
Market: B2B / B2C / B2G
Official language: FRENCH
Version: v2.1 — Effective date: December 30, 2025

Table of Contents

  1. Terms of Use – HPA Service (Vaistat)
    1. Definitions
    2. Nature and scope of the service
    3. Access, accounts, and security
    4. Permitted and prohibited use
    5. Roles and separation of responsibilities
      5A. HPA Code of Conduct
      5B. Eligibility, background, and permits
      5C. Technology compliance and operational security
    6. Information collected
    7. Geolocation (GPS)
    8. Payments and NFC
    9. Data, privacy (Law 25)
    10. Intellectual property
    11. Warranties and disclaimers
    12. Indemnification
      12A. Audits, control, and remediation
      13A. Suspension and termination for cause
    13. Limitation of liability
    14. Governing law and dispute resolution
    15. Changes
    16. Miscellaneous
      18. Confidentiality
      19. Non‑compete
  2. EULA – Vaistat Mobile Application
  3. HPA Annex – Payments, NFC, and handling of funds
  4. Law 25 Addendum / DPA – Roles and responsibilities
  5. Contact

1) Terms of Use – HPA Service (Vaistat)

  1. Definitions
  • “Vaistat”: Solutions Vaistat Inc., provider of a technological coordination platform, non‑medical and not a financial institution.
  • “HPA: Health Proximity Agent (HPA) — independent contractors performing strictly human and logistical assistance.
  • “Client”: any entity or person (B2B/B2C/B2G) accessing the service or commissioning services through Vaistat.
  • “User”: any person authorized by the Client to use the platform or the mobile application.
  • “Client Data”: data provided, imported, or generated by the Client and its Users (including HPA) in the platform and application.
  • “Vaistat mobile application”: the mobile app connected to the service.
  • “Payment providers”: certified third‑party processors handling transactions.
  • “Law 25”: the Québec law modernizing the protection of personal information.
  1. Nature and scope of the service

Vaistat organizes, documents, and secures non‑medical services: delivery of medications, assistance in RI/RPA residences, post‑hospital discharge support (after a medical discharge decision), coordination of HPA missions, and secure processing of payments.
Vaistat is not a healthcare institution: it provides no medical care, issues no diagnosis, and never replaces a licensed health professional.

  1. Access, accounts, and security

The Client/User is responsible for credential confidentiality and device security. Vaistat may suspend or restrict access if there is risk, non‑compliance, or abuse.

  1. Permitted and prohibited use

Prohibited: any medical advice, modification/interpretation of a prescription, reserved acts for regulated health professionals, security bypass, unauthorized data extraction, harassment, disinformation, or processing of personal information without a legal basis.

  1. Roles and separation of responsibilities
  • HPA: provides human/logistical support only (RI/RPA, post‑discharge after a medical decision), no medical advice, no treatment changes, no prescription interpretation.
  • Prescriptions: belong exclusively to pharmacies and licensed professionals.
  • Vaistat: a technological, logistical, and transactional platform; it does not decide any act of health care, is not the owner of funds, and does not hold deposits.
  • No liability of Vaistat: to the extent permitted by law, Vaistat is not liable for acts/omissions of APS, Clients, or Users; for results/errors/decisions from them; or for integrations or decisions by payment providers.

5A. HPA Code of Conduct

5A.1 Professional conduct and respect.
HPA must always maintain professional, respectful, non‑violent, and non‑discriminatory conduct, in compliance with Vaistat/Client policies and applicable laws.

5A.2 Integrity and safety.
APS must refrain from any fraudulent or deceptive behavior and any action that could compromise the safety of persons, data, property, or systems.

5A.3 Conflicts of interest.
APS declares it is subject to no interest that could hinder objective and safe delivery of authorized services.

5A.4 Compliance with Scheduled Times and Missions

5A.4 Compliance with schedules and assigned missions.
The HPA agrees to strictly comply with the schedules and missions listed in the Vaistat application:

  • All missions must be carried out on the dates and times indicated, except in cases of duly justified force majeure.
  • Any modification or cancellation must be immediately reported through the application or to Vaistat support.
  • Repeated failure to comply with scheduled times or missions may result in suspension or termination under Section 13A.

5B. Eligibility, background, and permits

5B.1 No criminal record.
As a condition of eligibility and continued access to the platform, HPA declares it has no non‑rehabilitated criminal conviction relevant to the role (including, without limitation, violence, sexual offenses, fraud, theft, narcotics trafficking, dangerous driving), and no judicial order/condition incompatible with the missions.

5B.2 Background checks.
Vaistat (or the Client) may require pre‑activation and periodic background checks by an accredited third party. Refusal or incompatible findings will result in suspension or termination of access.

5B.3 Permits, licenses, and authorizations.
HPA is solely responsible for holding and maintaining valid permits/licenses/certifications required for missions (e.g., valid driver’s license with appropriate class, auto insurance if necessary for deliveries, RI/RPA authorizations). HPA must promptly inform Vaistat of any suspension, expiration, or restriction.

5B.4 Documentary proof.
Vaistat may request and retain proofs (certificates, license numbers, expiry dates) and deny access in case of absence, forgery, or expiration.

5C. Technology compliance and operational security

5C.1 Technology compliance.
HPA must use Vaistat technology and payment/NFC tools per security instructions (device lock, biometrics, updates), and must not perform reverse engineering, security bypass, or manual storage of financial data.

5C.2 Personal device.
When a personal device is used, HPA ensures proper security (locking, updates, no unauthorized sharing) and accepts reasonable checks (e.g., OS version verification, device lock) to ensure compliance.

5C.3 Logging and traceability.
HPA agrees to logging (mission geolocation, timestamps, technical logs) used exclusively for proof of execution, safety, disputes, and legal/contractual obligations.

5C.4 Mandatory Vaistat Identification Vest

5C.4 Identification and visibility.
For safety and trust purposes, the HPA must wear the official Vaistat identification vest during all missions coordinated through the platform. This requirement ensures:

  • Clear identification for patients, pharmacies, and partners;
  • Enhanced security for the HPA and the individuals served;
  • Compliance with Vaistat’s operational standards.

The vest must be visible at all times during service delivery. Failure to comply may result in suspension of access or termination under Section 13A.

 

  1. Information collected
  • Identity/usage: name, contact details, login identifiers, service execution confirmations.
  • Automatic technical data: device type, OS, IP address, logs — purposes: performance, security, bug remediation.
  1. Geolocation (GPS)

Used during missions for proof of execution, safety, disputes, and obligations. Never used for advertising and never sold. Disabling GPS may prevent delivery of certain essential services.

  1. Payments and NFC

Transactions are secure and traceable, handled via systems and/or certified providers. Vaistat is not a financial institution. Chargebacks/disputes are handled under payment provider policies.

  1. Data, privacy (Law 25)

Hosted in Canada; retained while the account is active or as required by law; deleted/anonymized where possible.
Roles: unless otherwise agreed, the Client is the data controller; HPA acts on behalf of the Client; Vaistat is a technology provider and not a controller/processor of Client/HPA data, except for its own components (governed by a separate DPA).
Contact: support@vaistat.com.

  1. Intellectual property

The Client retains rights to its Data. Vaistat retains its software, interfaces, documentation, and marks. License is limited, non‑exclusive and subject to these Terms.

  1. Warranties and disclaimers

B2B: Service provided “AS IS” and “AS AVAILABLE.”
B2C (Québec): statutory consumer warranties prevail.
B2G: additional obligations (security, privacy, audit) apply only when contractually agreed with the government entity.

  1. Indemnification

12.1 By HPA. HPA shall indemnify and hold Vaistat harmless from any claim, penalty, fine, costs (including legal fees) arising from HPA’s acts/omissions, payment tool usage, breach of these Terms, or violations of law.
12.2 By Client. Client shall indemnify Vaistat for claims relating to Client Data/instructions/configurations, Third‑party integrations, and use of geolocation.
12.3 Misconduct and permits (supplement). HPA shall indemnify Vaistat for claims arising from misconduct, absence/suspension of required permits, non‑compliant use of technology (payments/NFC), or breach of Sections 5A–5C, 12A, 13A.

12A. Audits, control, and remediation

Vaistat (or the Client) may perform/mandate reasonable audits (conduct, permits, technology compliance). Corrective actions may be required; failure to remediate results in suspension or termination. HPA must cooperate and provide documents as requested.

13A. Suspension and termination for cause

Vaistat may immediately suspend HPA access in cases of risk, credible complaint, security incident, expired permit, incompatible criminal background, or breach of payment/NFC rules. Termination without prior notice may follow (subject to mandatory law).

  1. Limitation of liability

To the extent permitted by law, Vaistat’s aggregate liability to the Client is limited to amounts actually paid by the Client to Vaistat during the 12 months preceding the event. Excluded: indirect losses, profits/revenues, reputation, data loss, punitive damages.

  1. Governing law and dispute resolution

Québec (Canada) law; courts of the Judicial District of Montréal (B2B/B2G).
For B2C, mandatory consumer restrictions apply; no forced arbitration or class‑action waiver where contrary to law.

  1. Changes

[30] days prior notice for material changes; continued use constitutes acceptance.

  1. Miscellaneous

Severability; no waiver; assignment only with prior consent (except corporate transactions); language: English (French translation may be provided for information only).

  1. Confidentiality

18.1 Commitment. HPA, Client, and Vaistat must keep confidential all information (personal, sensitive, financial, contractual/technological).
18.2 Limited use. Use only for service execution and in compliance with applicable laws, including Law 25.
18.3 No disclosure. No disclosure/reproduction/transmission/use unless written consent or legal obligation.
18.4 Security. Reasonable technical/organizational safeguards (encryption, access control, logging).
18.5 Duration. Confidentiality survives for 5 years after termination/expiry (or longer if required by law).
18.6 Remedies. Immediate termination, indemnification, and potential civil/criminal proceedings for breaches.

  1. Non‑compete (to the extent permitted by law)

19.1 Covenant. During HPA’s access to the platform and for 12 months after the relationship ends, HPA shall not:

  • develop, operate, or participate in any platform/app/service similar to Vaistat (coordination of non‑medical services, medication delivery, RI/RPA assistance, post‑discharge support, or payment handling for these services);
  • solicit or divert Vaistat’s clients, partners, or users to competing services.


19.2 Territory. Québec, and any area where Vaistat operates (subject to legal limits).
19.3 Exceptions. Non‑competitive activities or separate employment unrelated to Vaistat’s technological/logistical services.
19.4 Remedies. Vaistat may seek damages, injunctive relief, and immediate termination of access.

2) EULA – Vaistat Mobile Application

Acceptance. Installing/using the app constitutes acceptance of this EULA; otherwise, do not install and uninstall.
License. Non‑exclusive, non‑transferable, revocable; no reverse engineering or security bypass.
Accounts/devices/security. Users are responsible for credentials and device security; updates may be required to address vulnerabilities.
Collection. Identity (name, contact), login IDs, execution data (mission confirmations), technical data (device, OS, IP, logs).
Geolocation. Used during missions for proof/safety/disputes/obligations; never for advertising.
Payments/Third parties. Payments (incl. NFC) via secure systems and certified providers; app stores/SDKs/notification services have their own terms/policies; Vaistat is not liable for those third‑party services/decisions.
Non‑medical. The app provides no care, diagnosis, or clinical decision.
Support. Technical support by Vaistat; no clinical support.
Warranty/limitation. App provided “AS IS”; liability limited subject to mandatory rights (especially B2C/Québec).
Termination. License may be revoked upon breach; uninstall required.
Law/language. Québec, Montréal courts (B2B/B2G); EULA in English.

3) HPA Annex – Payments, NFC, and handling of funds

(Signature required from every HPA)

Role. HPA is strictly logistical; not the owner of funds and not a custodian.
Payment security. It is forbidden to store card numbers, photograph banking data, or transmit financial information via non‑secure means.
Bonuses/incentives. Do not constitute salary and create no employment relationship; granted solely for compliant use of tools.
Responsibility. HPA is responsible for any misuse (unauthorized use, failure to follow security instructions, improper handling).
Specific indemnity. HPA indemnifies Vaistat for claims related to payment tool usage, security failures, or violations of provider rules.
Signature.

  • HPA name: ___________________
  • Signature: ___________________
  • Date: ___________________

4) Law 25 Addendum / DPA – Roles and responsibilities

Roles.

  • Client: typically the data controller for mission‑related data.
  • HPA: acts on behalf of the Client (logistical/human), unless HPA determines its own purposes and means (in which case, HPA is controller for that portion).
  • Vaistat: technology provider, not a controller/processor of Client/HPA data, except for its own components (governed by a specific DPA).

Client/HPA obligations.

  • Process only under documented instructions (where applicable).
  • Maintain technical/organizational measures (access control, encryption, logging, vulnerability management).
  • Sub‑processors: equivalent obligations, written agreements, register available.
  • Incident notification: report without undue delay any privacy/security breach.
  • HPA eligibility: background and permits required; checks may be performed; documentary proofs must be provided.

Data subject rights and transparency.

  • Provide reasonable support for access, rectification, deletion (within legal limits).
  • Document purposes, data categories, legal bases, recipients, transfers (if any), and retention periods.

International transfers.

  • Assess and document transfer safeguards (e.g., standard contractual clauses, risk assessments) when required.

End of contract.

  • Return/export of data or deletion/anonymization per instruction and law.
  • Reversibility: accessible format within [30] days.

5) Contact

Support: support@vaistat.com

 

This website uses cookies to improve your web experience.