Professional User Terms of Service

Effective: March 30, 2026
Updated: March 30, 2026
Version 1.1

(For SOA Vault & HealthLink Secure Agents/Doctors)

Last Updated: March 30, 2026

1. Agreement to Terms

These Professional User Terms of Service (“Terms”) constitute a binding legal agreement between Ardor Service LLC d/b/a Informed + Choice (“Company,” “we,” or “us”) and you (“Customer,” “Agent,” or “Provider”). These Terms govern your access to the HealthLink Secure platform for Medicare SOA and ACA compliance workflows (collectively, the “Services”).

BY CLICKING “I AGREE” OR ACCESSING THE SERVICES, YOU AGREE TO BE BOUND BY THESE TERMS.

2. HIPAA Compliance & Business Associate Agreement

To the extent you use the Services to store, transmit, or process Protected Health Information (PHI), you agree to be bound by the Business Associate Agreement (BAA) located at https://informedpluschoice.com/legal/baa, which is hereby incorporated by reference into these Terms.

3. Subscription & Fees

3.1 Fees

You agree to pay the subscription fees specified at checkout (e.g., $9.99/month for SOA Vault). All fees are non-refundable except as required by law.

3.2 Auto-Renewal

Subscriptions automatically renew until you cancel.

3.3 Cancellation

You may cancel at any time. Upon cancellation, your ability to create new documents will cease, but access to existing records will be governed by the Data Retention Policy below.

4. Your Responsibilities

4.1 Compliance

You are solely responsible for ensuring your use of the Services complies with all applicable laws, including CMS Marketing Guidelines, HIPAA, and the Telephone Consumer Protection Act (TCPA).

If you use our audio recording features, YOU WARRANT that you have obtained all necessary consents from all parties on the call, as required by your state’s wiretapping laws. You agree to indemnify Company for any claims arising from your failure to obtain consent.

You are responsible for verifying the identity of any individual to whom you send a digital signing link.

5. Data Retention & Offboarding

5.1 CMS Retention

You acknowledge that CMS regulations may require you to retain Scope of Appointment (SOA) and audio records for ten (10) years.

5.2 Scope of This Section

This Section 5.2 through 5.10 applies specifically to records, files, documents, audio recordings, PDFs, signatures, audit-ready artifacts, and related materials that are saved to or maintained in the Vault portion of the Services (“Vault Artifacts”).

5.3 Export Right Upon Termination

Upon expiration or termination of the applicable order form, subscription, or access term, you may, during the thirty (30) days following the effective date of termination, access the export functionality of the Services solely for the purpose of retrieving Vault Artifacts and Customer-required records from the Vault. During that post-termination period, we may permit you to access export functionality even if you no longer have active paid entitlement to use the operational features of the Services.

5.4 Standard Export Format

Unless otherwise stated in an order form or other written agreement, our standard offboarding deliverable is a manifest-first export identifying the records and artifacts available for retrieval, together with time-limited authenticated download access to individual artifacts or grouped export packages made available in our standard format. We are not required to provide direct bucket access, unrestricted raw storage access, or any particular third-party import format unless expressly agreed in writing.

5.5 Included Export; Additional Services

One standard export for the applicable customer workspace or tenant is included in the ordinary offboarding process. Any nonstandard export packaging, custom mapping, physical media delivery, migration assistance, expedited handling, or other professional-services support will be billed at our then-current professional-services rates unless otherwise stated in an order form or other written agreement.

5.6 Deletion Requires Prior Export and Express Request

We will not process a request to delete regulated records, Customer Data, or PHI-bearing Vault Artifacts as part of offboarding unless (a) we have first made the applicable export available to you, and (b) you thereafter submit an express deletion request through our designated process. Silence, account inactivity, or termination alone does not constitute a deletion instruction.

5.7 Customer Responsibility After Export

Once you have downloaded or had a reasonable opportunity to retrieve the export we make available, you are solely responsible for retaining, storing, and producing any records that you are required to maintain under applicable law, regulation, contractual obligation, payer requirement, audit requirement, or complaint-response obligation. We do not assume your ongoing recordkeeping obligations after completion of offboarding except to the limited extent we are independently required to retain data by applicable law, security policy, legal hold, or the parties’ written agreement.

5.8 Retained Records; Limited Residual Data

Notwithstanding anything to the contrary, we may retain: (i) billing and payment records; (ii) audit logs, access logs, export logs, deletion attestations, and system security records; (iii) legal-hold materials; (iv) records retained to comply with applicable law, regulation, subpoena, court order, payer requirement, or governmental request; and (v) minimal metadata, tombstone records, hashes, and other residual records reasonably necessary to preserve system integrity, prove prior processing history, prevent duplicate restoration, or document deletion or redaction activity. Any such retained records remain subject to applicable confidentiality, security, and use restrictions.

5.9 Manner of Deletion

Following a valid deletion request, we may delete, redact, minimize, or render inaccessible applicable Vault Artifacts from active application stores in accordance with our standard offboarding and retention procedures. You acknowledge that immediate deletion from all systems may not be technically possible where data is subject to immutable storage controls, legal holds, fraud-prevention or security controls, or backup and archival lifecycle processes, and that we may complete deletion or redaction through a controlled privileged process rather than through ordinary runtime access paths.

5.10 Suspension of Access After Offboarding Window

After the expiration of the post-termination export window, we may disable your access to the Services and any export interface, except to the extent otherwise required by law or expressly agreed in writing.

5.11 Priority of BAA

If the parties have entered into a Business Associate Agreement, then with respect to Protected Health Information, the Business Associate Agreement will control to the extent of any conflict between that agreement and this Section.

6. Prohibited Uses

You will not:

  • Use the Services for any illegal purpose, including insurance fraud or unauthorized marketing.
  • Attempt to reverse engineer the platform or scrape data.
  • Use any PHI accessed via the Services to train Artificial Intelligence (AI) models.

7. Disclaimer of Warranties

THE SERVICES ARE PROVIDED “AS IS.” WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. WE DO NOT WARRANT THAT THE SERVICES WILL MEET CMS AUDIT REQUIREMENTS FOR EVERY SPECIFIC CARRIER OR SCENARIO.

8. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, OUR LIABILITY SHALL NOT EXCEED THE AMOUNT YOU PAID US IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.

9. Indemnification

You agree to defend, indemnify, and hold harmless Informed + Choice from any claims, damages, or fines (including HIPAA fines or TCPA damages) arising out of your misuse of the Services, your violation of laws, or your failure to obtain necessary beneficiary consents.

Related Policies

Privacy Policy Terms & Conditions All Legal Documents Contact DPO