Pharmacy Software Terms of Use
Pharmacy Software Terms of Use
Pharmacy Software Terms of Use
Last updated: January 29, 2026
These Software Terms of Use (“Terms”) govern access to and use of Mochi Health Corp.'s hosted software platform and related services (the “Mochi Software” or the “Services”) by the Pharmacy or Supplement Supplier (“Supplier”), who has entered into a Mochi Health Pharmacy Agreement or Mochi Health Supplement Supplier Agreement (the “Agreement”). Mochi and Supplier may each be referred to as a “Party” and collectively as the “Parties.” Supplier acknowledges and agrees that it has read, understood, and will be bound by these Terms. The Effective Date of these Terms is the date Supplier (or an authorized individual on Supplier’s behalf) first accepts these Terms pursuant to signing the Agreement or first accesses or uses the Mochi Software, whichever occurs earlier.
Access to the Mochi Software is provided as part of Supplier’s participation under the Agreement. Unless otherwise defined, capitalized terms here have the meanings assigned in the Agreement.
If these Terms conflict with the Agreement, the Agreement controls, except with respect to (i) data security, confidentiality, or handling of patient health information, which are governed by these Terms and the Business Associate Agreement entered into between the Parties (the “BAA”) and (ii) Marketplace Participation (Sections 11–14 below), which govern Supplier’s use of Mochi’s marketplace functionality.
As part of delivering the Services, Mochi may receive, create, maintain, or transmit protected health information (“PHI”) as defined under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The BAA is incorporated by reference and forms part of these Terms, governing how such PHI is used, protected, and disclosed. In the event of any inconsistency between these Terms and the BAA regarding PHI, the BAA will prevail.
1. SAAS SERVICES AND SUPPORT
1.1 Provision of Services. Mochi will use commercially reasonable efforts to provide Supplier with secure, reliable access to Mochi’s hosted software platform described in these Terms. The Services provide Supplier with operational, formulary, and voluntary marketplace functionality, including tools for shipment, labeling, billing, and related workflows in connection with Supplier’s participation in Mochi telehealth platform and related provider network.
1.2 Technical Support. Subject to the terms hereof, Mochi will provide Supplier reasonable technical support services consistent with Mochi’s standard practices.
2. SECURITY REQUIREMENTS
2.1 User Accounts and Passwords. As part of the registration process, Supplier shall identify an administrative user and establish a password for Supplier’s Mochi account, subject to Mochi’s acceptance. Supplier agrees that Supplier and all authorized users shall implement and maintain passwords and other access credentials in accordance with Mochi’s then-current password standards, including, at a minimum: (a) use of unique credentials for each user; (b) passwords that are not easily guessable; and (c) prompt revocation of access rights upon termination or change of role. Mochi reserves the right to refuse registration of, or require the modification or cancellation of, credentials it determines, in its sole discretion, to be insecure or otherwise inappropriate.
2.2 Multi-Factor Authentication (“MFA”). If Mochi implements a mutlti-factor authentication system into the Mochi Software, Supplier shall cause all of Supplier’s users and administrators accessing the Services to authenticate using at least two independent factors. Mochi reserves the right to require prompt implementation of additional security measures as security standards evolve, and will monitor and log all access attempts to the Services.
2.3 Authorized Access and Credential Use. Supplier is responsible for ensuring that only duly authorized individuals are granted access to the Services. Supplier must prohibit credential sharing and promptly notify Mochi of any known or suspected unauthorized use or access, including any security incident, credential compromise, or PHI breach, within twenty-four (24) hours of discovery.
2.4 Additional Security Measures. Mochi may, in its sole discretion, require Supplier to implement further security procedures or controls consistent with prevailing industry standards and applicable regulatory requirements as such standards and requirements evolve. Mochi may require secure authentication and transmission practices for any integrations or connections used to publish or update Marketplace listings, and will maintain appropriate logging to ensure platform integrity.
2.5 Integration with Pharmacy Agreement. Supplier’s obligations under this Section 2 are in addition to, and not in lieu of, any confidentiality, security, or HIPAA-related obligations under the Agreement or the BAA.
3. INTELLECTUAL PROPERTY; DATA OWNERSHIP AND RESTRICTIONS
3.1 IP Ownership. Supplier acknowledges and agrees that Mochi retains all right, title, and interest in and to the Services and any related software, documentation, or technology provided or made available under these Terms, together with all improvements, enhancements, modifications, and derivative works thereto (whether or not created at the request or suggestion of Supplier), and all associated intellectual property rights. Except as expressly set forth herein, no rights or licenses are granted to Supplier with respect to the Services, software, or any intellectual property of Mochi, whether by implication, estoppel, or otherwise. Supplier’s right to access and use the Mochi Software is limited, non-exclusive, non-transferable, and provided solely for Supplier’s internal business use in connection with its performance under the Agreement.
3.2 Use Restrictions. Subject to the limited license granted herein, Supplier shall not, and shall not permit any third party to, directly or indirectly: (i) reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms relevant to the Services or any related software or documentation; (ii) modify, translate, or create derivative works based on the Services or any related software (except to the extent expressly permitted by Mochi or authorized within the Services); (iii) use the Services or any software for timesharing or service bureau purposes or otherwise for the benefit of any third party; or (iv) remove any proprietary notices or labels. Any distributed or installable software is licensed solely for Supplier’s internal use in connection with Supplier’s permitted use of the Services and only during the Term.
3.3 Supplier Data Ownership. Supplier shall own all right, title, and interest in and to Supplier data, including but not limited to all non-public information provided by Supplier in connection with the Services, and all data input or uploaded by Supplier or its authorized users in the course of obtaining the benefit of the Services (“Supplier Data”). To the extent any Supplier Data includes PHI subject to the HIPAA, all rights and obligations as to such PHI shall be governed by the BAA, which shall control in the event of any conflict. Notwithstanding the foregoing, Mochi shall have the right to collect and analyze information and data relating to the provision, use and performance of various aspects of the Services and related systems and technologies, including Supplier Data and data derived therefrom, and Mochi will be free (during and after the term hereof) to collect, use and analyze such information and data for the purpose of improving and enhancing the Services and for other development, internal business purposes, development of new features or offerings, marketing, and diagnostic and corrective purposes in connection with the Services and Mochi’s other offerings, provided that Mochi shall not disclose PHI or identifiable Supplier Data except as permitted herein or by the BAA. Mochi may create de-identified information in accordance with HIPAA and may use and disclose such de-identified information for any lawful business purpose.
3.4 Improvements. Mochi shall own and retain all right, title, and interest in and to (a) the Services and software, all improvements, enhancements, or modifications thereto, (b) any software, applications, inventions, or other technology developed in connection with implementation services or support, and (c) all intellectual property rights related to any of the foregoing. Any feedback, suggestions, or recommendations regarding Mochi’s Services or offerings provided by Supplier may be used by Mochi without restriction or obligation to Supplier, and Supplier hereby assigns all right, title, and interest in and to such feedback to Mochi.
4. Supplier PHI
4.1 Ownership of Data. Ownership and use of Supplier Data, including PHI, shall be as set forth in Section 3.3 and the BAA.
4.2 Mochi Use of Data. Upon expiration or termination of these Terms, and subject to applicable law, Mochi shall provide Supplier with a copy of Supplier Data and any PHI in a mutually agreed, commonly used format. Unless otherwise required by law, or unless Supplier provides written instructions for alternate handling, Mochi shall securely delete and destroy all Supplier Data and PHI in its possession in accordance with HIPAA and applicable privacy laws. Mochi shall confirm such deletion and destruction to Supplier in writing upon request.
5. CONFIDENTIALITY
The Parties understand that during the course of these Terms, each Party (the “Receiving Party”) may acquire knowledge of the other Party’s (the “Disclosing Party”) Confidential Information, as defined below, and shall keep such Confidential Information in strict confidence using the same degree of care as the Receiving Party uses to protect its own Confidential Information and to prevent unauthorized use or disclosure or a reasonable degree of care, whichever is greater (although compliance with this standard shall not be a defense to the breach of the Receiving Party’s obligations under these Terms). Without limiting the generality of the foregoing obligation of the Receiving Party, the Receiving Party agrees that it will not use or exploit any Confidential Information of the Disclosing Party, nor disseminate, disclose or divulge, in whole or in part, any of the Disclosing Party’s Confidential Information to any Person without the prior written consent of the Disclosing Party; provided that the Receiving Party may share Confidential Information with its employees, Affiliates, directors, agents, and third-party contractors who need to know it to fulfill the Receiving Party’s obligations under these Terms and who have agreed in writing to keep such information confidential subject to confidentiality obligations at least as restrictive as those contained in these Terms and, if required by applicable law, have signed a business associate agreement. The Receiving Party’s duty to protect Confidential Information disclosed prior to termination of these Terms will survive the expiration or termination of these Terms indefinitely.
“Confidential Information” means any and all information and data of the Disclosing Party, its Affiliates, or a third party provided by the Disclosing Party concerning its business operations, sales pipeline, Pharmacies, suppliers, patient lists, patient files, personal information of its patients, PHI, end users, and employees, methods and strategies, know how, future products or plans, financial information or condition, pricing, programs, services, business practices, procedures, technology or prospects, in any form or medium whatsoever (including without limitation writings, drawings and electronically stored information and data), whether or not marked or labeled as “confidential”, including, without limitation: (a) business information and data of the Disclosing Party; (b) technical information and data or trade secrets of the Disclosing Party; (c) non-public intellectual property of the Disclosing Party (for example, inventions, discoveries, designs, methods, processes and ideas, whether or not patented or patentable), logos, trade secrets, trade names, trademarks, and service marks (whether or not registered), mask works, works of authorship (whether copyrighted or copyrightable); (d) the terms and conditions of these Terms; and (e) all tangible manifestations (however embodied) of any of the information and data referred to in clauses (a), (b), (c) and (d) above (for example, computer software, firmware, scripts or objects, hardware, programmer’s notes, databases, manuals, training manuals and materials, memoranda, reports, drawings, sketches, flowcharts, models, prototypes, files, films, records, and forms).
Notwithstanding the foregoing, a Receiving Party’s obligations with respect to Confidential Information shall not apply with respect to any information (a) that is or becomes public through no fault of the Receiving Party, (b) that was known to the Receiving Party without restriction prior to disclosure by the Disclosing Party pursuant to these Terms or any other prior written confidentiality agreement between the parties hereto, (c) that is acquired by or becomes known to the Receiving Party without restriction from a third party without use of, reliance on or reference to any of the Disclosing Party’s Confidential Information, or (d) to the extent that the Receiving Party is required to disclose pursuant to any judicial or governmental judgment, writ, decree, or order, so long as the Receiving Party provides prior notice to the Disclosing Party with a reasonable opportunity under the circumstances to seek appropriate protection of the Confidential Information.
The Parties agree that a breach of any provision of this Section will cause the Disclosing Party irreparable harm which cannot be adequately compensated by monetary relief. Accordingly, in the event of any such breach, the Disclosing Party can and will be entitled to seek equitable relief (including but not limited to temporary restraining orders, preliminary and/or permanent injunctions), in addition to any other remedies available at law or in equity, without the necessity of proving irreparable injury or actual damages and without the necessity of having to post a bond.
5.1 Return of Confidential Information. Within fifteen (15) days of the Disclosing Party’s written request, or within thirty (30) days after the expiration or termination of these Terms, the Receiving Party shall, at its option, either (i) return to the Disclosing Party all Confidential Information (and all copies thereof), or (ii) certify the destruction of all such Confidential Information. However, the Receiving Party may retain (a) one (1) archival copy of such Confidential Information solely for its legal or compliance records or to ascertain its continuing obligations hereunder, and (b) electronic copies stored on automatic backup systems, provided that such copies are not readily accessible in the ordinary course of business and remain protected in accordance with this Section.
5.2 Defend Trade Secrets Act Notice. Pursuant to the Defend Trade Secrets Act of 2016, Supplier understands that an individual may not be held criminally or civilly liable under any federal or state trade secret law for the disclosure of a trade secret that: (a) is made (i) in confidence to a federal, state, or local government official, either directly or indirectly, or to an attorney; and (ii) solely for the purpose of reporting or investigating a suspected violation of law; or (b) is made in a complaint or other document that is filed under seal in a lawsuit or other proceeding.
6. WARRANTY DISCLAIMER
Mochi shall use reasonable efforts consistent with prevailing industry standards to maintain the Services in a manner that minimizes errors and interruptions in the Services and shall perform any support or implementation services in a professional and workmanlike manner. Services may be temporarily unavailable for scheduled maintenance or for unscheduled emergency maintenance, either by Mochi or by third-party providers, or because of other causes beyond Mochi’s reasonable control. Mochi shall use reasonable efforts to provide advance notice in writing or by e-mail of any scheduled service disruption.
EXCEPT AS EXPRESSLY SET FORTH IN THESE TERMS, MOCHI DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR FREE, NOR DOES IT MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM USE OF THE SERVICES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICES AND ANY SUPPORT OR IMPLEMENTATION SERVICES ARE PROVIDED “AS IS” AND MOCHI HEREBY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
7. LIMITATION OF LIABILITY
NOTWITHSTANDING ANYTHING TO THE CONTRARY, EXCEPT FOR BODILY INJURY OF A PERSON, MOCHI AND ITS SUPPLIERS (INCLUDING BUT NOT LIMITED TO ALL EQUIPMENT AND TECHNOLOGY SUPPLIERS), OFFICERS, AFFILIATES, REPRESENTATIVES, CONTRACTORS AND EMPLOYEES SHALL NOT BE RESPONSIBLE OR LIABLE WITH RESPECT TO ANY SUBJECT MATTER OF THESE TERMS AND CONDITIONS RELATED THERETO UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY: (A) FOR ERROR OR INTERRUPTION OF USE OR FOR LOSS OR INACCURACY OR CORRUPTION OF DATA OR COST OF PROCUREMENT OF SUBSTITUTE GOODS, SERVICES OR TECHNOLOGY OR LOSS OF BUSINESS; (B) FOR ANY INDIRECT, EXEMPLARY, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES; (C) FOR ANY MATTER BEYOND MOCHI’S REASONABLE CONTROL; OR (D) FOR ANY AMOUNTS THAT, TOGETHER WITH AMOUNTS ASSOCIATED WITH ALL OTHER CLAIMS, EXCEED THE GREATER OF THE MARKETPLACE FEES PAID BY SUPPLIER TO MOCHI FOR THE SERVICES UNDER THESE TERMS IN THE TWELVE (12) MONTHS PRIOR TO THE ACT THAT GAVE RISE TO THE LIABILITY OR $500,000, IN EACH CASE, WHETHER OR NOT MOCHI HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
NOTWITHSTANDING THE FOREGOING, THE ABOVE LIMITATIONS SHALL NOT APPLY TO: (I) LIABILITIES ARISING FROM MOCHI’S WILLFUL MISCONDUCT OR GROSS NEGLIGENCE; (II) LIABILITY FOR BREACH OF MOCHI’S CONFIDENTIALITY OR DATA SECURITY OBLIGATIONS UNDER THESE TERMS OR THE BUSINESS ASSOCIATE AGREEMENT WITH RESPECT TO PHI; OR (III) LIABILITY THAT CANNOT BE LIMITED BY LAW.
8. INDEMNIFICATION
Mochi shall indemnify, defend, and hold harmless Supplier from any liability or expense (including reasonable attorneys’ fees) to third parties arising from a claim that the Services, as provided by Mochi, infringe any United States patent, copyright, or misappropriate a trade secret, provided that (a) Supplier promptly notifies Mochi in writing of any such threat, claim, or proceeding; (b) gives Mochi reasonable assistance and sole control over the defense and settlement (except that Mochi may not settle any claim without Supplier’s written consent unless it unconditionally releases Supplier from all liability). The above obligation does not apply to any portion of the Service: (i) not supplied by Mochi, (ii) made in whole or in part in accordance with Supplier specifications, (iii) that is modified after delivery by Mochi, (iv) combined with other products, processes, or materials where the alleged infringement relates to such combination, (v) where Supplier continues allegedly infringing activity after being notified thereof or after being informed of modifications that would have avoided the alleged infringement, or (vi) where Supplier’s use of the Service is not strictly in accordance with these Terms. If, due to a claim of infringement, the Service is held, or is likely to be held, infringing, Mochi may at its option and expense: (a) modify or replace the Service to be non-infringing, (b) obtain a license for Supplier’s continued use, or (c) if neither (a) nor (b) is commercially practicable, terminate these Terms.
9. HIPAA COMPLIANCE & BUSINESS ASSOCIATE AGREEMENT
Mochi acknowledges that, in providing the Services, it may receive, create, maintain, or transmit PHI on behalf of Supplier. Accordingly, Mochi shall comply with all applicable requirements of HIPAA, including entering into and abiding by the BAA. Mochi shall implement appropriate safeguards to protect the confidentiality, integrity, and availability of PHI and shall report any unauthorized use or disclosure of PHI in accordance with HIPAA and the BAA. Mochi shall ensure that any subcontractor or agent to whom it provides PHI agrees, in writing, to the same HIPAA privacy, security, and breach notification obligations.
10. TERM & TERMINATION
10.1 Term. These Terms commence on the date Supplier first accesses or uses Mochi Software and remain in effect for so long as the Agreement remains active, unless terminated earlier as provided herein.
10.2 Termination. Mochi may suspend or terminate Supplier’s access to Mochi Software immediately upon notice if (a) required to do so by law or regulation, (b) Mochi determines such access poses a security, privacy, or compliance risk, or (c) the Agreement is terminated or expires.
10.3 Effect of Termination. Upon termination, Supplier shall immediately cease using the Mochi Software. Sections relating to confidentiality, data security, HIPAA compliance, limitation of liability, and indemnification shall survive termination. Data return and deletion will be handled per Section 4.2 and BAA.
11. Marketplace Participation
11.1. Voluntary Participation. The voluntary listing functionality within the Mochi Platform allows supplement suppliers and licensed pharmacies, separate from Mochi’s Formulary operations, to independently post information about their available medications and related products (the “Marketplace”). Marketplace functionality is voluntary. By using the Marketplace feature within the Services, Supplier agrees to the additional terms herein. Mochi provides access to the Marketplace solely as a neutral technology service and does not (a) control or endorse any Listing of Supplier, (b) practice pharmacy or provide medical advice, or (c) act as the seller, dispenser, or distributor of record for any item listed or sold through the Marketplace.
11.2 Marketplace Fees. Mochi may charge Supplier fees for Marketplace functionality and related services (“Marketplace Fees”), which may include Listing placement, promotional or marketing opportunities within the Marketplace, or other optional features as agreed in writing between the Parties. The applicable Marketplace Fees for a particular medication listing on the Marketplace shall be Mochi’s standard Marketplace Fee rates as set forth in the Mochi Software at the time that Pharmacy creates an applicable listing or updates the price for such listing through the Mochi Software.
12. Eligibility; Ongoing Verification
12.1 Licensure & Scope. Supplier represents and warrants it: (a) is duly licensed and in good standing in every destination state to which any item that Supplier publishes as a listing of medications or related products (each, a “Listing”) is available or to which shipments will be made; (b) holds all required registrations, including any DEA registration if applicable; and (c) is authorized to list, dispense, and, if applicable, ship the item in the destination state. Supplier is solely responsible for determining whether its activities through the Marketplace cause it to be treated as an online pharmacy, nonresident pharmacy, telepharmacy, mail‑order pharmacy, internet pharmacy, or similar licensure or registration category under applicable law, and for obtaining and maintaining any related registrations, permits, notices, or approvals.
12.2 Documentation. If Supplier is a pharmacy, during onboarding and whenever licenses or credentials renew, Supplier must provide up‑to‑date proof of its pharmacy license, any required DEA registration, current professional and product‑liability insurance, and other relevant accreditations or approvals. Mochi may request updated documentation or conduct re‑verification checks from time to time, but not more often than quarterly unless required by law or to address a specific compliance concern.
12.3 Change Notices. Supplier must notify Mochi within three (3) business days of any license or registration lapse, restriction, investigation, warning letter, recall involvement, or insurance cancellation or non‑renewal. Mochi may temporarily restrict or suspend Marketplace access while it reviews such matters to confirm continued compliance.
12.4 Attestations & Audits. Supplier must promptly provide any reasonable documentation Mochi requests to verify compliance with applicable laws or these Terms, including proof of current licenses, insurance, or product sourcing. Mochi’s audit rights are limited to review of documentation and system data; Mochi does not conduct on-site or clinical inspections unless required by law or regulatory authority.
12.5 Online‑Pharmacy and Telepharmacy Obligations. Without limiting the foregoing, if Supplier’s use of the Marketplace causes Supplier to qualify as an “online pharmacy,” nonresident pharmacy, telepharmacy, mail‑order pharmacy, internet pharmacy, or similar licensure or registration category under applicable law, including, where applicable, under the Ryan Haight Online Pharmacy Consumer Protection Act and related DEA regulations, Supplier is solely responsible for: (a) obtaining and maintaining all required registrations, permits, notifications, and approvals; (b) making any required public disclosures, website postings, or regulatory filings; and (c) complying with all associated requirements. Mochi has no obligation to determine Supplier’s registration status or to monitor or ensure Supplier’s compliance with such requirements.
13. Listings; Prohibited Content; Takedowns
13.1 Supplier as Publisher and Seller of Record. Supplier is solely responsible for all information, content, and materials it submits, uploads, or otherwise makes available through the Marketplace, including but not limited to product names, NDCs, SKUs, strength, dosage form, quantity, images, pricing, destination‑state availability, prescription‑status, warnings, contraindications, side‑effect and safety information, and any patient‑facing educational content (“Listing Content”). Supplier is the seller, dispenser, and publisher of record for all items in its Listings and for all transactions it fulfills, and is solely responsible for compliance with all applicable federal, state, and local laws, professional standards, and payer rules governing such items and transactions. Mochi does not edit or review Listing Content for clinical appropriateness or legal sufficiency and is not the seller, dispenser, or distributor of record for any medication, product, or transaction on the Marketplace.
13.2 Required Fields and Disclosures. Supplier must ensure that every Listing includes all information required by applicable law, by applicable professional standards, and by Mochi’s then‑current written content, data, and disclosure standards for Listings made available to Supplier within the Mochi Software or otherwise in writing, as updated by Mochi from time to time (“Mochi’s Marketplace Content Requirements”), including, as applicable: (a) accurate identification of the product and active ingredients; (b) prescription vs. non‑prescription status and any dispensing or age restrictions; (c) legally required labeling and warnings; (d) contraindications and common side‑effects; (e) storage, handling, and administration instructions; and (f) any required federal or state‑specific disclosures. Supplier is solely responsible for ensuring that Listing Content is accurate, current, and not misleading in any jurisdiction where the item is offered, and Mochi has no obligation to review or verify Listing Content for clinical accuracy or legal sufficiency.
13.3 Prohibited Listings. Supplier may not list, offer, promote, or fulfill through the Marketplace any item that: (a) is adulterated, misbranded, counterfeit, unapproved, or otherwise unlawful; (b) may not lawfully be dispensed or sold in the destination jurisdiction; (c) is subject to a recall, safety alert, or enforcement action; (d) violates any applicable law or third‑party right; or (e) is prohibited under any then‑current written Marketplace policies that Mochi makes available to Supplier within the Mochi Software or otherwise in writing.
13.4 Regulatory Alerts; Recalls. Mochi may integrate and subscribe to any applicable governmental or regulatory authority feeds/alerts to cross-check Listings. If a Listing matches an alert/recall or is otherwise reasonably suspected to be non-compliant, Mochi may immediately hide or remove it, and will notify Supplier and request further documentation. Supplier will cooperate promptly, including providing sourcing/lot documentation and executing any required recall or patient notification.
13.5 Edits, Takedowns, and Suspensions. Mochi may (but is not obligated to) review Marketplace activity using automated tools and/or manual review, and may, in its sole discretion, without prior notice: (a) remove, hide, or modify any Listing or Listing Content; (b) suspend or limit Supplier’s Marketplace access; or (c) require Supplier to provide additional documentation, including but not limited to licensure, sourcing, or lot‑level records, if Mochi reasonably believes a Listing or item is inaccurate, unsafe, non‑compliant, misleading, or otherwise inconsistent with these Terms or applicable law. Mochi’s decision to permit or remove a Listing is administrative only and does not constitute clinical, legal, or regulatory approval of the underlying product or practice.
13.6 Complaint Handling and Regulatory Notices. Supplier is solely responsible for receiving, investigating, and resolving all patient, prescriber, and regulatory complaints and inquiries relating to Supplier’s Listings, items, dispensing, counseling, or pharmacy services, including adverse events, product quality complaints, and recalls. If Mochi receives a complaint or regulatory inquiry relating to Supplier or its Listings, Mochi may forward the communication to Supplier and/or the appropriate regulator. Supplier must cooperate promptly and fully in any recall, market withdrawal, safety alert, or regulatory investigation relating to its Listings or items. Mochi has no duty to monitor for or manage adverse events, recalls, or other safety issues, and any assistance it provides is on an as-is, discretionary basis only.
14. Marketplace Indemnity; Disclaimers
14.1 Indemnity for Listings, Products, and Pharmacy Services. Supplier shall indemnify, defend, and hold harmless Mochi and its respective officers, directors, employees, contractors, and agents, from and against any and all claims, demands, investigations, actions, damages, losses, fines, penalties, costs, and expenses, including reasonable attorneys’ fees, arising out of or related to: (a) Supplier’s Listings or Listing Content; (b) any medications, products, or services dispensed, sold, shipped, or otherwise provided by Supplier, including product liability, failure‑to‑warn, misbranding, adulteration, and consumer‑protection claims; (c) Supplier’s practice of pharmacy, compounding, labeling, counseling, or other professional services, if applicable; (d) Supplier’s failure to maintain required licenses, registrations, including any online‑pharmacy or telepharmacy registration, or insurance; or (e) Supplier’s violation of applicable law or these Terms in connection with its use of the Marketplace. This indemnity applies regardless of whether a patient or regulator asserts that Mochi should be treated as a seller, distributor, or provider of the products or services at issue.
14.2 Platform‑Only Disclaimers. Supplier is solely responsible for all customer service, order fulfillment, and post‑sale support relating to its Listings and items. For Marketplace functionality, Mochi does not (a) guarantee the availability, pricing, quality, or safety of any item listed by Supplier; (b) warrant that Listing Content is accurate, complete, or up to date; or (c) provide any medical, pharmaceutical, or legal advice. To the extent applicable, all clinical decisions, including whether to prescribe, dispense, compound, or substitute any medication, rest solely with the independent prescriber and Supplier. To the fullest extent permitted by law, Mochi disclaims any liability arising from Supplier’s Listings, products, or services, and any use of the Marketplace is at Supplier’s sole risk.
14.3 Marketplace Limitation of Liability. Without limiting Section 7, Mochi’s aggregate liability arising from or related to Supplier’s participation in the Marketplace will not exceed the amount of Marketplace‑specific fees actually paid by Supplier to Mochi for Marketplace functionality in the twelve (12) months preceding the event giving rise to the claim. The foregoing limitations apply to the maximum extent permitted by law.
15. Miscellaneous
15.1 Entire Agreement; Order of Precedence. These Terms, together with the Agreement and the BAA, constitute the entire understanding with respect to the subject matter herein. In the event of a conflict between these Terms and the Agreement, the Agreement controls, except with respect to data-security, confidentiality, marketplace, and HIPAA-related obligations, for which these Terms, and the BAA, control.
15.2 Assignment. Neither Party may assign these Terms or any of its rights or obligations hereunder without the prior written consent of the other Party, provided, however, that Mochi may assign this Agreement in connection with a merger or sale of all or substantially all of Mochi's assets, or by operation of law, without notice to or consent of Supplier.
15.4 Modification. Mochi may update or modify these Terms from time to time. Notice of material changes will be provided by posting an updated version within the Mochi Software or by other reasonable means, such as email. Supplier’s continued access to or use of the Mochi Software after such notice constitutes acceptance of the modified Terms. If Supplier does not agree to the updated Terms, it must stop using the Mochi Software and may not access or use the Services thereafter.
15.5 Waiver. Any waiver of a Party’s rights or obligations under these Terms must be in writing and signed by the waiving Party. No waiver of any provision or default will constitute a continuing waiver or a waiver of any other provision, and all rights and remedies remain cumulative.
15.6 Severability. If any term is found by any court to be void or unenforceable, the remainder of these Terms shall remain valid and enforceable as though such term were absent upon the date of its execution.
15.7 No Conflicts of Interest. Supplier warrants that it is not engaged in, and neither it nor any of its Affiliates, owners, officers, or directors has any direct or indirect ownership or management interest in, any telehealth or digital health platform that would reasonably be expected to compete with the Services offered by Mochi Health or create a conflict of interest with its obligations to Mochi Health under these Terms. Supplier agrees that it shall promptly disclose in writing to Mochi Health any such interest or relationship that exists as of the Effective Date or arises or becomes known during the Term of these Terms.
15.8 Notice. All notices required or permitted under these Terms will be in writing and sent to the other Party as directed below or as otherwise directed in writing by either Party. All such notices will be deemed validly given upon receipt of such notice by certified mail with return receipt requested, Priority Mail with Delivery Confirmation, personal or courier delivery, or e-mail with read-receipt confirmation and sent to the addresses set forth on the signature page to these Terms (as modified from time to time).
15.9 Governing Law and Venue. These Terms and any disputes hereunder will be governed by and construed in accordance with applicable federal law and the internal laws of the State of California without giving effect to any choice or conflict of law provision or rule that would require a different result, consistent with the governing law clause in the Agreement.
15.10 Electronic Acceptance; Authority. Supplier acknowledges and agrees that these Terms may be accepted electronically through an online click‑through or similar process within the Mochi Software. Any individual who clicks “I Agree,” accepts, or otherwise indicates assent to these Terms on behalf of Supplier represents and warrants that they have the authority to bind Supplier to these Terms, and such electronic acceptance will constitute Supplier’s valid and binding agreement to these Terms.
Last updated: January 29, 2026
These Software Terms of Use (“Terms”) govern access to and use of Mochi Health Corp.'s hosted software platform and related services (the “Mochi Software” or the “Services”) by the Pharmacy or Supplement Supplier (“Supplier”), who has entered into a Mochi Health Pharmacy Agreement or Mochi Health Supplement Supplier Agreement (the “Agreement”). Mochi and Supplier may each be referred to as a “Party” and collectively as the “Parties.” Supplier acknowledges and agrees that it has read, understood, and will be bound by these Terms. The Effective Date of these Terms is the date Supplier (or an authorized individual on Supplier’s behalf) first accepts these Terms pursuant to signing the Agreement or first accesses or uses the Mochi Software, whichever occurs earlier.
Access to the Mochi Software is provided as part of Supplier’s participation under the Agreement. Unless otherwise defined, capitalized terms here have the meanings assigned in the Agreement.
If these Terms conflict with the Agreement, the Agreement controls, except with respect to (i) data security, confidentiality, or handling of patient health information, which are governed by these Terms and the Business Associate Agreement entered into between the Parties (the “BAA”) and (ii) Marketplace Participation (Sections 11–14 below), which govern Supplier’s use of Mochi’s marketplace functionality.
As part of delivering the Services, Mochi may receive, create, maintain, or transmit protected health information (“PHI”) as defined under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The BAA is incorporated by reference and forms part of these Terms, governing how such PHI is used, protected, and disclosed. In the event of any inconsistency between these Terms and the BAA regarding PHI, the BAA will prevail.
1. SAAS SERVICES AND SUPPORT
1.1 Provision of Services. Mochi will use commercially reasonable efforts to provide Supplier with secure, reliable access to Mochi’s hosted software platform described in these Terms. The Services provide Supplier with operational, formulary, and voluntary marketplace functionality, including tools for shipment, labeling, billing, and related workflows in connection with Supplier’s participation in Mochi telehealth platform and related provider network.
1.2 Technical Support. Subject to the terms hereof, Mochi will provide Supplier reasonable technical support services consistent with Mochi’s standard practices.
2. SECURITY REQUIREMENTS
2.1 User Accounts and Passwords. As part of the registration process, Supplier shall identify an administrative user and establish a password for Supplier’s Mochi account, subject to Mochi’s acceptance. Supplier agrees that Supplier and all authorized users shall implement and maintain passwords and other access credentials in accordance with Mochi’s then-current password standards, including, at a minimum: (a) use of unique credentials for each user; (b) passwords that are not easily guessable; and (c) prompt revocation of access rights upon termination or change of role. Mochi reserves the right to refuse registration of, or require the modification or cancellation of, credentials it determines, in its sole discretion, to be insecure or otherwise inappropriate.
2.2 Multi-Factor Authentication (“MFA”). If Mochi implements a mutlti-factor authentication system into the Mochi Software, Supplier shall cause all of Supplier’s users and administrators accessing the Services to authenticate using at least two independent factors. Mochi reserves the right to require prompt implementation of additional security measures as security standards evolve, and will monitor and log all access attempts to the Services.
2.3 Authorized Access and Credential Use. Supplier is responsible for ensuring that only duly authorized individuals are granted access to the Services. Supplier must prohibit credential sharing and promptly notify Mochi of any known or suspected unauthorized use or access, including any security incident, credential compromise, or PHI breach, within twenty-four (24) hours of discovery.
2.4 Additional Security Measures. Mochi may, in its sole discretion, require Supplier to implement further security procedures or controls consistent with prevailing industry standards and applicable regulatory requirements as such standards and requirements evolve. Mochi may require secure authentication and transmission practices for any integrations or connections used to publish or update Marketplace listings, and will maintain appropriate logging to ensure platform integrity.
2.5 Integration with Pharmacy Agreement. Supplier’s obligations under this Section 2 are in addition to, and not in lieu of, any confidentiality, security, or HIPAA-related obligations under the Agreement or the BAA.
3. INTELLECTUAL PROPERTY; DATA OWNERSHIP AND RESTRICTIONS
3.1 IP Ownership. Supplier acknowledges and agrees that Mochi retains all right, title, and interest in and to the Services and any related software, documentation, or technology provided or made available under these Terms, together with all improvements, enhancements, modifications, and derivative works thereto (whether or not created at the request or suggestion of Supplier), and all associated intellectual property rights. Except as expressly set forth herein, no rights or licenses are granted to Supplier with respect to the Services, software, or any intellectual property of Mochi, whether by implication, estoppel, or otherwise. Supplier’s right to access and use the Mochi Software is limited, non-exclusive, non-transferable, and provided solely for Supplier’s internal business use in connection with its performance under the Agreement.
3.2 Use Restrictions. Subject to the limited license granted herein, Supplier shall not, and shall not permit any third party to, directly or indirectly: (i) reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms relevant to the Services or any related software or documentation; (ii) modify, translate, or create derivative works based on the Services or any related software (except to the extent expressly permitted by Mochi or authorized within the Services); (iii) use the Services or any software for timesharing or service bureau purposes or otherwise for the benefit of any third party; or (iv) remove any proprietary notices or labels. Any distributed or installable software is licensed solely for Supplier’s internal use in connection with Supplier’s permitted use of the Services and only during the Term.
3.3 Supplier Data Ownership. Supplier shall own all right, title, and interest in and to Supplier data, including but not limited to all non-public information provided by Supplier in connection with the Services, and all data input or uploaded by Supplier or its authorized users in the course of obtaining the benefit of the Services (“Supplier Data”). To the extent any Supplier Data includes PHI subject to the HIPAA, all rights and obligations as to such PHI shall be governed by the BAA, which shall control in the event of any conflict. Notwithstanding the foregoing, Mochi shall have the right to collect and analyze information and data relating to the provision, use and performance of various aspects of the Services and related systems and technologies, including Supplier Data and data derived therefrom, and Mochi will be free (during and after the term hereof) to collect, use and analyze such information and data for the purpose of improving and enhancing the Services and for other development, internal business purposes, development of new features or offerings, marketing, and diagnostic and corrective purposes in connection with the Services and Mochi’s other offerings, provided that Mochi shall not disclose PHI or identifiable Supplier Data except as permitted herein or by the BAA. Mochi may create de-identified information in accordance with HIPAA and may use and disclose such de-identified information for any lawful business purpose.
3.4 Improvements. Mochi shall own and retain all right, title, and interest in and to (a) the Services and software, all improvements, enhancements, or modifications thereto, (b) any software, applications, inventions, or other technology developed in connection with implementation services or support, and (c) all intellectual property rights related to any of the foregoing. Any feedback, suggestions, or recommendations regarding Mochi’s Services or offerings provided by Supplier may be used by Mochi without restriction or obligation to Supplier, and Supplier hereby assigns all right, title, and interest in and to such feedback to Mochi.
4. Supplier PHI
4.1 Ownership of Data. Ownership and use of Supplier Data, including PHI, shall be as set forth in Section 3.3 and the BAA.
4.2 Mochi Use of Data. Upon expiration or termination of these Terms, and subject to applicable law, Mochi shall provide Supplier with a copy of Supplier Data and any PHI in a mutually agreed, commonly used format. Unless otherwise required by law, or unless Supplier provides written instructions for alternate handling, Mochi shall securely delete and destroy all Supplier Data and PHI in its possession in accordance with HIPAA and applicable privacy laws. Mochi shall confirm such deletion and destruction to Supplier in writing upon request.
5. CONFIDENTIALITY
The Parties understand that during the course of these Terms, each Party (the “Receiving Party”) may acquire knowledge of the other Party’s (the “Disclosing Party”) Confidential Information, as defined below, and shall keep such Confidential Information in strict confidence using the same degree of care as the Receiving Party uses to protect its own Confidential Information and to prevent unauthorized use or disclosure or a reasonable degree of care, whichever is greater (although compliance with this standard shall not be a defense to the breach of the Receiving Party’s obligations under these Terms). Without limiting the generality of the foregoing obligation of the Receiving Party, the Receiving Party agrees that it will not use or exploit any Confidential Information of the Disclosing Party, nor disseminate, disclose or divulge, in whole or in part, any of the Disclosing Party’s Confidential Information to any Person without the prior written consent of the Disclosing Party; provided that the Receiving Party may share Confidential Information with its employees, Affiliates, directors, agents, and third-party contractors who need to know it to fulfill the Receiving Party’s obligations under these Terms and who have agreed in writing to keep such information confidential subject to confidentiality obligations at least as restrictive as those contained in these Terms and, if required by applicable law, have signed a business associate agreement. The Receiving Party’s duty to protect Confidential Information disclosed prior to termination of these Terms will survive the expiration or termination of these Terms indefinitely.
“Confidential Information” means any and all information and data of the Disclosing Party, its Affiliates, or a third party provided by the Disclosing Party concerning its business operations, sales pipeline, Pharmacies, suppliers, patient lists, patient files, personal information of its patients, PHI, end users, and employees, methods and strategies, know how, future products or plans, financial information or condition, pricing, programs, services, business practices, procedures, technology or prospects, in any form or medium whatsoever (including without limitation writings, drawings and electronically stored information and data), whether or not marked or labeled as “confidential”, including, without limitation: (a) business information and data of the Disclosing Party; (b) technical information and data or trade secrets of the Disclosing Party; (c) non-public intellectual property of the Disclosing Party (for example, inventions, discoveries, designs, methods, processes and ideas, whether or not patented or patentable), logos, trade secrets, trade names, trademarks, and service marks (whether or not registered), mask works, works of authorship (whether copyrighted or copyrightable); (d) the terms and conditions of these Terms; and (e) all tangible manifestations (however embodied) of any of the information and data referred to in clauses (a), (b), (c) and (d) above (for example, computer software, firmware, scripts or objects, hardware, programmer’s notes, databases, manuals, training manuals and materials, memoranda, reports, drawings, sketches, flowcharts, models, prototypes, files, films, records, and forms).
Notwithstanding the foregoing, a Receiving Party’s obligations with respect to Confidential Information shall not apply with respect to any information (a) that is or becomes public through no fault of the Receiving Party, (b) that was known to the Receiving Party without restriction prior to disclosure by the Disclosing Party pursuant to these Terms or any other prior written confidentiality agreement between the parties hereto, (c) that is acquired by or becomes known to the Receiving Party without restriction from a third party without use of, reliance on or reference to any of the Disclosing Party’s Confidential Information, or (d) to the extent that the Receiving Party is required to disclose pursuant to any judicial or governmental judgment, writ, decree, or order, so long as the Receiving Party provides prior notice to the Disclosing Party with a reasonable opportunity under the circumstances to seek appropriate protection of the Confidential Information.
The Parties agree that a breach of any provision of this Section will cause the Disclosing Party irreparable harm which cannot be adequately compensated by monetary relief. Accordingly, in the event of any such breach, the Disclosing Party can and will be entitled to seek equitable relief (including but not limited to temporary restraining orders, preliminary and/or permanent injunctions), in addition to any other remedies available at law or in equity, without the necessity of proving irreparable injury or actual damages and without the necessity of having to post a bond.
5.1 Return of Confidential Information. Within fifteen (15) days of the Disclosing Party’s written request, or within thirty (30) days after the expiration or termination of these Terms, the Receiving Party shall, at its option, either (i) return to the Disclosing Party all Confidential Information (and all copies thereof), or (ii) certify the destruction of all such Confidential Information. However, the Receiving Party may retain (a) one (1) archival copy of such Confidential Information solely for its legal or compliance records or to ascertain its continuing obligations hereunder, and (b) electronic copies stored on automatic backup systems, provided that such copies are not readily accessible in the ordinary course of business and remain protected in accordance with this Section.
5.2 Defend Trade Secrets Act Notice. Pursuant to the Defend Trade Secrets Act of 2016, Supplier understands that an individual may not be held criminally or civilly liable under any federal or state trade secret law for the disclosure of a trade secret that: (a) is made (i) in confidence to a federal, state, or local government official, either directly or indirectly, or to an attorney; and (ii) solely for the purpose of reporting or investigating a suspected violation of law; or (b) is made in a complaint or other document that is filed under seal in a lawsuit or other proceeding.
6. WARRANTY DISCLAIMER
Mochi shall use reasonable efforts consistent with prevailing industry standards to maintain the Services in a manner that minimizes errors and interruptions in the Services and shall perform any support or implementation services in a professional and workmanlike manner. Services may be temporarily unavailable for scheduled maintenance or for unscheduled emergency maintenance, either by Mochi or by third-party providers, or because of other causes beyond Mochi’s reasonable control. Mochi shall use reasonable efforts to provide advance notice in writing or by e-mail of any scheduled service disruption.
EXCEPT AS EXPRESSLY SET FORTH IN THESE TERMS, MOCHI DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR FREE, NOR DOES IT MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM USE OF THE SERVICES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICES AND ANY SUPPORT OR IMPLEMENTATION SERVICES ARE PROVIDED “AS IS” AND MOCHI HEREBY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
7. LIMITATION OF LIABILITY
NOTWITHSTANDING ANYTHING TO THE CONTRARY, EXCEPT FOR BODILY INJURY OF A PERSON, MOCHI AND ITS SUPPLIERS (INCLUDING BUT NOT LIMITED TO ALL EQUIPMENT AND TECHNOLOGY SUPPLIERS), OFFICERS, AFFILIATES, REPRESENTATIVES, CONTRACTORS AND EMPLOYEES SHALL NOT BE RESPONSIBLE OR LIABLE WITH RESPECT TO ANY SUBJECT MATTER OF THESE TERMS AND CONDITIONS RELATED THERETO UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY: (A) FOR ERROR OR INTERRUPTION OF USE OR FOR LOSS OR INACCURACY OR CORRUPTION OF DATA OR COST OF PROCUREMENT OF SUBSTITUTE GOODS, SERVICES OR TECHNOLOGY OR LOSS OF BUSINESS; (B) FOR ANY INDIRECT, EXEMPLARY, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES; (C) FOR ANY MATTER BEYOND MOCHI’S REASONABLE CONTROL; OR (D) FOR ANY AMOUNTS THAT, TOGETHER WITH AMOUNTS ASSOCIATED WITH ALL OTHER CLAIMS, EXCEED THE GREATER OF THE MARKETPLACE FEES PAID BY SUPPLIER TO MOCHI FOR THE SERVICES UNDER THESE TERMS IN THE TWELVE (12) MONTHS PRIOR TO THE ACT THAT GAVE RISE TO THE LIABILITY OR $500,000, IN EACH CASE, WHETHER OR NOT MOCHI HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
NOTWITHSTANDING THE FOREGOING, THE ABOVE LIMITATIONS SHALL NOT APPLY TO: (I) LIABILITIES ARISING FROM MOCHI’S WILLFUL MISCONDUCT OR GROSS NEGLIGENCE; (II) LIABILITY FOR BREACH OF MOCHI’S CONFIDENTIALITY OR DATA SECURITY OBLIGATIONS UNDER THESE TERMS OR THE BUSINESS ASSOCIATE AGREEMENT WITH RESPECT TO PHI; OR (III) LIABILITY THAT CANNOT BE LIMITED BY LAW.
8. INDEMNIFICATION
Mochi shall indemnify, defend, and hold harmless Supplier from any liability or expense (including reasonable attorneys’ fees) to third parties arising from a claim that the Services, as provided by Mochi, infringe any United States patent, copyright, or misappropriate a trade secret, provided that (a) Supplier promptly notifies Mochi in writing of any such threat, claim, or proceeding; (b) gives Mochi reasonable assistance and sole control over the defense and settlement (except that Mochi may not settle any claim without Supplier’s written consent unless it unconditionally releases Supplier from all liability). The above obligation does not apply to any portion of the Service: (i) not supplied by Mochi, (ii) made in whole or in part in accordance with Supplier specifications, (iii) that is modified after delivery by Mochi, (iv) combined with other products, processes, or materials where the alleged infringement relates to such combination, (v) where Supplier continues allegedly infringing activity after being notified thereof or after being informed of modifications that would have avoided the alleged infringement, or (vi) where Supplier’s use of the Service is not strictly in accordance with these Terms. If, due to a claim of infringement, the Service is held, or is likely to be held, infringing, Mochi may at its option and expense: (a) modify or replace the Service to be non-infringing, (b) obtain a license for Supplier’s continued use, or (c) if neither (a) nor (b) is commercially practicable, terminate these Terms.
9. HIPAA COMPLIANCE & BUSINESS ASSOCIATE AGREEMENT
Mochi acknowledges that, in providing the Services, it may receive, create, maintain, or transmit PHI on behalf of Supplier. Accordingly, Mochi shall comply with all applicable requirements of HIPAA, including entering into and abiding by the BAA. Mochi shall implement appropriate safeguards to protect the confidentiality, integrity, and availability of PHI and shall report any unauthorized use or disclosure of PHI in accordance with HIPAA and the BAA. Mochi shall ensure that any subcontractor or agent to whom it provides PHI agrees, in writing, to the same HIPAA privacy, security, and breach notification obligations.
10. TERM & TERMINATION
10.1 Term. These Terms commence on the date Supplier first accesses or uses Mochi Software and remain in effect for so long as the Agreement remains active, unless terminated earlier as provided herein.
10.2 Termination. Mochi may suspend or terminate Supplier’s access to Mochi Software immediately upon notice if (a) required to do so by law or regulation, (b) Mochi determines such access poses a security, privacy, or compliance risk, or (c) the Agreement is terminated or expires.
10.3 Effect of Termination. Upon termination, Supplier shall immediately cease using the Mochi Software. Sections relating to confidentiality, data security, HIPAA compliance, limitation of liability, and indemnification shall survive termination. Data return and deletion will be handled per Section 4.2 and BAA.
11. Marketplace Participation
11.1. Voluntary Participation. The voluntary listing functionality within the Mochi Platform allows supplement suppliers and licensed pharmacies, separate from Mochi’s Formulary operations, to independently post information about their available medications and related products (the “Marketplace”). Marketplace functionality is voluntary. By using the Marketplace feature within the Services, Supplier agrees to the additional terms herein. Mochi provides access to the Marketplace solely as a neutral technology service and does not (a) control or endorse any Listing of Supplier, (b) practice pharmacy or provide medical advice, or (c) act as the seller, dispenser, or distributor of record for any item listed or sold through the Marketplace.
11.2 Marketplace Fees. Mochi may charge Supplier fees for Marketplace functionality and related services (“Marketplace Fees”), which may include Listing placement, promotional or marketing opportunities within the Marketplace, or other optional features as agreed in writing between the Parties. The applicable Marketplace Fees for a particular medication listing on the Marketplace shall be Mochi’s standard Marketplace Fee rates as set forth in the Mochi Software at the time that Pharmacy creates an applicable listing or updates the price for such listing through the Mochi Software.
12. Eligibility; Ongoing Verification
12.1 Licensure & Scope. Supplier represents and warrants it: (a) is duly licensed and in good standing in every destination state to which any item that Supplier publishes as a listing of medications or related products (each, a “Listing”) is available or to which shipments will be made; (b) holds all required registrations, including any DEA registration if applicable; and (c) is authorized to list, dispense, and, if applicable, ship the item in the destination state. Supplier is solely responsible for determining whether its activities through the Marketplace cause it to be treated as an online pharmacy, nonresident pharmacy, telepharmacy, mail‑order pharmacy, internet pharmacy, or similar licensure or registration category under applicable law, and for obtaining and maintaining any related registrations, permits, notices, or approvals.
12.2 Documentation. If Supplier is a pharmacy, during onboarding and whenever licenses or credentials renew, Supplier must provide up‑to‑date proof of its pharmacy license, any required DEA registration, current professional and product‑liability insurance, and other relevant accreditations or approvals. Mochi may request updated documentation or conduct re‑verification checks from time to time, but not more often than quarterly unless required by law or to address a specific compliance concern.
12.3 Change Notices. Supplier must notify Mochi within three (3) business days of any license or registration lapse, restriction, investigation, warning letter, recall involvement, or insurance cancellation or non‑renewal. Mochi may temporarily restrict or suspend Marketplace access while it reviews such matters to confirm continued compliance.
12.4 Attestations & Audits. Supplier must promptly provide any reasonable documentation Mochi requests to verify compliance with applicable laws or these Terms, including proof of current licenses, insurance, or product sourcing. Mochi’s audit rights are limited to review of documentation and system data; Mochi does not conduct on-site or clinical inspections unless required by law or regulatory authority.
12.5 Online‑Pharmacy and Telepharmacy Obligations. Without limiting the foregoing, if Supplier’s use of the Marketplace causes Supplier to qualify as an “online pharmacy,” nonresident pharmacy, telepharmacy, mail‑order pharmacy, internet pharmacy, or similar licensure or registration category under applicable law, including, where applicable, under the Ryan Haight Online Pharmacy Consumer Protection Act and related DEA regulations, Supplier is solely responsible for: (a) obtaining and maintaining all required registrations, permits, notifications, and approvals; (b) making any required public disclosures, website postings, or regulatory filings; and (c) complying with all associated requirements. Mochi has no obligation to determine Supplier’s registration status or to monitor or ensure Supplier’s compliance with such requirements.
13. Listings; Prohibited Content; Takedowns
13.1 Supplier as Publisher and Seller of Record. Supplier is solely responsible for all information, content, and materials it submits, uploads, or otherwise makes available through the Marketplace, including but not limited to product names, NDCs, SKUs, strength, dosage form, quantity, images, pricing, destination‑state availability, prescription‑status, warnings, contraindications, side‑effect and safety information, and any patient‑facing educational content (“Listing Content”). Supplier is the seller, dispenser, and publisher of record for all items in its Listings and for all transactions it fulfills, and is solely responsible for compliance with all applicable federal, state, and local laws, professional standards, and payer rules governing such items and transactions. Mochi does not edit or review Listing Content for clinical appropriateness or legal sufficiency and is not the seller, dispenser, or distributor of record for any medication, product, or transaction on the Marketplace.
13.2 Required Fields and Disclosures. Supplier must ensure that every Listing includes all information required by applicable law, by applicable professional standards, and by Mochi’s then‑current written content, data, and disclosure standards for Listings made available to Supplier within the Mochi Software or otherwise in writing, as updated by Mochi from time to time (“Mochi’s Marketplace Content Requirements”), including, as applicable: (a) accurate identification of the product and active ingredients; (b) prescription vs. non‑prescription status and any dispensing or age restrictions; (c) legally required labeling and warnings; (d) contraindications and common side‑effects; (e) storage, handling, and administration instructions; and (f) any required federal or state‑specific disclosures. Supplier is solely responsible for ensuring that Listing Content is accurate, current, and not misleading in any jurisdiction where the item is offered, and Mochi has no obligation to review or verify Listing Content for clinical accuracy or legal sufficiency.
13.3 Prohibited Listings. Supplier may not list, offer, promote, or fulfill through the Marketplace any item that: (a) is adulterated, misbranded, counterfeit, unapproved, or otherwise unlawful; (b) may not lawfully be dispensed or sold in the destination jurisdiction; (c) is subject to a recall, safety alert, or enforcement action; (d) violates any applicable law or third‑party right; or (e) is prohibited under any then‑current written Marketplace policies that Mochi makes available to Supplier within the Mochi Software or otherwise in writing.
13.4 Regulatory Alerts; Recalls. Mochi may integrate and subscribe to any applicable governmental or regulatory authority feeds/alerts to cross-check Listings. If a Listing matches an alert/recall or is otherwise reasonably suspected to be non-compliant, Mochi may immediately hide or remove it, and will notify Supplier and request further documentation. Supplier will cooperate promptly, including providing sourcing/lot documentation and executing any required recall or patient notification.
13.5 Edits, Takedowns, and Suspensions. Mochi may (but is not obligated to) review Marketplace activity using automated tools and/or manual review, and may, in its sole discretion, without prior notice: (a) remove, hide, or modify any Listing or Listing Content; (b) suspend or limit Supplier’s Marketplace access; or (c) require Supplier to provide additional documentation, including but not limited to licensure, sourcing, or lot‑level records, if Mochi reasonably believes a Listing or item is inaccurate, unsafe, non‑compliant, misleading, or otherwise inconsistent with these Terms or applicable law. Mochi’s decision to permit or remove a Listing is administrative only and does not constitute clinical, legal, or regulatory approval of the underlying product or practice.
13.6 Complaint Handling and Regulatory Notices. Supplier is solely responsible for receiving, investigating, and resolving all patient, prescriber, and regulatory complaints and inquiries relating to Supplier’s Listings, items, dispensing, counseling, or pharmacy services, including adverse events, product quality complaints, and recalls. If Mochi receives a complaint or regulatory inquiry relating to Supplier or its Listings, Mochi may forward the communication to Supplier and/or the appropriate regulator. Supplier must cooperate promptly and fully in any recall, market withdrawal, safety alert, or regulatory investigation relating to its Listings or items. Mochi has no duty to monitor for or manage adverse events, recalls, or other safety issues, and any assistance it provides is on an as-is, discretionary basis only.
14. Marketplace Indemnity; Disclaimers
14.1 Indemnity for Listings, Products, and Pharmacy Services. Supplier shall indemnify, defend, and hold harmless Mochi and its respective officers, directors, employees, contractors, and agents, from and against any and all claims, demands, investigations, actions, damages, losses, fines, penalties, costs, and expenses, including reasonable attorneys’ fees, arising out of or related to: (a) Supplier’s Listings or Listing Content; (b) any medications, products, or services dispensed, sold, shipped, or otherwise provided by Supplier, including product liability, failure‑to‑warn, misbranding, adulteration, and consumer‑protection claims; (c) Supplier’s practice of pharmacy, compounding, labeling, counseling, or other professional services, if applicable; (d) Supplier’s failure to maintain required licenses, registrations, including any online‑pharmacy or telepharmacy registration, or insurance; or (e) Supplier’s violation of applicable law or these Terms in connection with its use of the Marketplace. This indemnity applies regardless of whether a patient or regulator asserts that Mochi should be treated as a seller, distributor, or provider of the products or services at issue.
14.2 Platform‑Only Disclaimers. Supplier is solely responsible for all customer service, order fulfillment, and post‑sale support relating to its Listings and items. For Marketplace functionality, Mochi does not (a) guarantee the availability, pricing, quality, or safety of any item listed by Supplier; (b) warrant that Listing Content is accurate, complete, or up to date; or (c) provide any medical, pharmaceutical, or legal advice. To the extent applicable, all clinical decisions, including whether to prescribe, dispense, compound, or substitute any medication, rest solely with the independent prescriber and Supplier. To the fullest extent permitted by law, Mochi disclaims any liability arising from Supplier’s Listings, products, or services, and any use of the Marketplace is at Supplier’s sole risk.
14.3 Marketplace Limitation of Liability. Without limiting Section 7, Mochi’s aggregate liability arising from or related to Supplier’s participation in the Marketplace will not exceed the amount of Marketplace‑specific fees actually paid by Supplier to Mochi for Marketplace functionality in the twelve (12) months preceding the event giving rise to the claim. The foregoing limitations apply to the maximum extent permitted by law.
15. Miscellaneous
15.1 Entire Agreement; Order of Precedence. These Terms, together with the Agreement and the BAA, constitute the entire understanding with respect to the subject matter herein. In the event of a conflict between these Terms and the Agreement, the Agreement controls, except with respect to data-security, confidentiality, marketplace, and HIPAA-related obligations, for which these Terms, and the BAA, control.
15.2 Assignment. Neither Party may assign these Terms or any of its rights or obligations hereunder without the prior written consent of the other Party, provided, however, that Mochi may assign this Agreement in connection with a merger or sale of all or substantially all of Mochi's assets, or by operation of law, without notice to or consent of Supplier.
15.4 Modification. Mochi may update or modify these Terms from time to time. Notice of material changes will be provided by posting an updated version within the Mochi Software or by other reasonable means, such as email. Supplier’s continued access to or use of the Mochi Software after such notice constitutes acceptance of the modified Terms. If Supplier does not agree to the updated Terms, it must stop using the Mochi Software and may not access or use the Services thereafter.
15.5 Waiver. Any waiver of a Party’s rights or obligations under these Terms must be in writing and signed by the waiving Party. No waiver of any provision or default will constitute a continuing waiver or a waiver of any other provision, and all rights and remedies remain cumulative.
15.6 Severability. If any term is found by any court to be void or unenforceable, the remainder of these Terms shall remain valid and enforceable as though such term were absent upon the date of its execution.
15.7 No Conflicts of Interest. Supplier warrants that it is not engaged in, and neither it nor any of its Affiliates, owners, officers, or directors has any direct or indirect ownership or management interest in, any telehealth or digital health platform that would reasonably be expected to compete with the Services offered by Mochi Health or create a conflict of interest with its obligations to Mochi Health under these Terms. Supplier agrees that it shall promptly disclose in writing to Mochi Health any such interest or relationship that exists as of the Effective Date or arises or becomes known during the Term of these Terms.
15.8 Notice. All notices required or permitted under these Terms will be in writing and sent to the other Party as directed below or as otherwise directed in writing by either Party. All such notices will be deemed validly given upon receipt of such notice by certified mail with return receipt requested, Priority Mail with Delivery Confirmation, personal or courier delivery, or e-mail with read-receipt confirmation and sent to the addresses set forth on the signature page to these Terms (as modified from time to time).
15.9 Governing Law and Venue. These Terms and any disputes hereunder will be governed by and construed in accordance with applicable federal law and the internal laws of the State of California without giving effect to any choice or conflict of law provision or rule that would require a different result, consistent with the governing law clause in the Agreement.
15.10 Electronic Acceptance; Authority. Supplier acknowledges and agrees that these Terms may be accepted electronically through an online click‑through or similar process within the Mochi Software. Any individual who clicks “I Agree,” accepts, or otherwise indicates assent to these Terms on behalf of Supplier represents and warrants that they have the authority to bind Supplier to these Terms, and such electronic acceptance will constitute Supplier’s valid and binding agreement to these Terms.
Last updated: January 29, 2026
These Software Terms of Use (“Terms”) govern access to and use of Mochi Health Corp.'s hosted software platform and related services (the “Mochi Software” or the “Services”) by the Pharmacy or Supplement Supplier (“Supplier”), who has entered into a Mochi Health Pharmacy Agreement or Mochi Health Supplement Supplier Agreement (the “Agreement”). Mochi and Supplier may each be referred to as a “Party” and collectively as the “Parties.” Supplier acknowledges and agrees that it has read, understood, and will be bound by these Terms. The Effective Date of these Terms is the date Supplier (or an authorized individual on Supplier’s behalf) first accepts these Terms pursuant to signing the Agreement or first accesses or uses the Mochi Software, whichever occurs earlier.
Access to the Mochi Software is provided as part of Supplier’s participation under the Agreement. Unless otherwise defined, capitalized terms here have the meanings assigned in the Agreement.
If these Terms conflict with the Agreement, the Agreement controls, except with respect to (i) data security, confidentiality, or handling of patient health information, which are governed by these Terms and the Business Associate Agreement entered into between the Parties (the “BAA”) and (ii) Marketplace Participation (Sections 11–14 below), which govern Supplier’s use of Mochi’s marketplace functionality.
As part of delivering the Services, Mochi may receive, create, maintain, or transmit protected health information (“PHI”) as defined under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The BAA is incorporated by reference and forms part of these Terms, governing how such PHI is used, protected, and disclosed. In the event of any inconsistency between these Terms and the BAA regarding PHI, the BAA will prevail.
1. SAAS SERVICES AND SUPPORT
1.1 Provision of Services. Mochi will use commercially reasonable efforts to provide Supplier with secure, reliable access to Mochi’s hosted software platform described in these Terms. The Services provide Supplier with operational, formulary, and voluntary marketplace functionality, including tools for shipment, labeling, billing, and related workflows in connection with Supplier’s participation in Mochi telehealth platform and related provider network.
1.2 Technical Support. Subject to the terms hereof, Mochi will provide Supplier reasonable technical support services consistent with Mochi’s standard practices.
2. SECURITY REQUIREMENTS
2.1 User Accounts and Passwords. As part of the registration process, Supplier shall identify an administrative user and establish a password for Supplier’s Mochi account, subject to Mochi’s acceptance. Supplier agrees that Supplier and all authorized users shall implement and maintain passwords and other access credentials in accordance with Mochi’s then-current password standards, including, at a minimum: (a) use of unique credentials for each user; (b) passwords that are not easily guessable; and (c) prompt revocation of access rights upon termination or change of role. Mochi reserves the right to refuse registration of, or require the modification or cancellation of, credentials it determines, in its sole discretion, to be insecure or otherwise inappropriate.
2.2 Multi-Factor Authentication (“MFA”). If Mochi implements a mutlti-factor authentication system into the Mochi Software, Supplier shall cause all of Supplier’s users and administrators accessing the Services to authenticate using at least two independent factors. Mochi reserves the right to require prompt implementation of additional security measures as security standards evolve, and will monitor and log all access attempts to the Services.
2.3 Authorized Access and Credential Use. Supplier is responsible for ensuring that only duly authorized individuals are granted access to the Services. Supplier must prohibit credential sharing and promptly notify Mochi of any known or suspected unauthorized use or access, including any security incident, credential compromise, or PHI breach, within twenty-four (24) hours of discovery.
2.4 Additional Security Measures. Mochi may, in its sole discretion, require Supplier to implement further security procedures or controls consistent with prevailing industry standards and applicable regulatory requirements as such standards and requirements evolve. Mochi may require secure authentication and transmission practices for any integrations or connections used to publish or update Marketplace listings, and will maintain appropriate logging to ensure platform integrity.
2.5 Integration with Pharmacy Agreement. Supplier’s obligations under this Section 2 are in addition to, and not in lieu of, any confidentiality, security, or HIPAA-related obligations under the Agreement or the BAA.
3. INTELLECTUAL PROPERTY; DATA OWNERSHIP AND RESTRICTIONS
3.1 IP Ownership. Supplier acknowledges and agrees that Mochi retains all right, title, and interest in and to the Services and any related software, documentation, or technology provided or made available under these Terms, together with all improvements, enhancements, modifications, and derivative works thereto (whether or not created at the request or suggestion of Supplier), and all associated intellectual property rights. Except as expressly set forth herein, no rights or licenses are granted to Supplier with respect to the Services, software, or any intellectual property of Mochi, whether by implication, estoppel, or otherwise. Supplier’s right to access and use the Mochi Software is limited, non-exclusive, non-transferable, and provided solely for Supplier’s internal business use in connection with its performance under the Agreement.
3.2 Use Restrictions. Subject to the limited license granted herein, Supplier shall not, and shall not permit any third party to, directly or indirectly: (i) reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms relevant to the Services or any related software or documentation; (ii) modify, translate, or create derivative works based on the Services or any related software (except to the extent expressly permitted by Mochi or authorized within the Services); (iii) use the Services or any software for timesharing or service bureau purposes or otherwise for the benefit of any third party; or (iv) remove any proprietary notices or labels. Any distributed or installable software is licensed solely for Supplier’s internal use in connection with Supplier’s permitted use of the Services and only during the Term.
3.3 Supplier Data Ownership. Supplier shall own all right, title, and interest in and to Supplier data, including but not limited to all non-public information provided by Supplier in connection with the Services, and all data input or uploaded by Supplier or its authorized users in the course of obtaining the benefit of the Services (“Supplier Data”). To the extent any Supplier Data includes PHI subject to the HIPAA, all rights and obligations as to such PHI shall be governed by the BAA, which shall control in the event of any conflict. Notwithstanding the foregoing, Mochi shall have the right to collect and analyze information and data relating to the provision, use and performance of various aspects of the Services and related systems and technologies, including Supplier Data and data derived therefrom, and Mochi will be free (during and after the term hereof) to collect, use and analyze such information and data for the purpose of improving and enhancing the Services and for other development, internal business purposes, development of new features or offerings, marketing, and diagnostic and corrective purposes in connection with the Services and Mochi’s other offerings, provided that Mochi shall not disclose PHI or identifiable Supplier Data except as permitted herein or by the BAA. Mochi may create de-identified information in accordance with HIPAA and may use and disclose such de-identified information for any lawful business purpose.
3.4 Improvements. Mochi shall own and retain all right, title, and interest in and to (a) the Services and software, all improvements, enhancements, or modifications thereto, (b) any software, applications, inventions, or other technology developed in connection with implementation services or support, and (c) all intellectual property rights related to any of the foregoing. Any feedback, suggestions, or recommendations regarding Mochi’s Services or offerings provided by Supplier may be used by Mochi without restriction or obligation to Supplier, and Supplier hereby assigns all right, title, and interest in and to such feedback to Mochi.
4. Supplier PHI
4.1 Ownership of Data. Ownership and use of Supplier Data, including PHI, shall be as set forth in Section 3.3 and the BAA.
4.2 Mochi Use of Data. Upon expiration or termination of these Terms, and subject to applicable law, Mochi shall provide Supplier with a copy of Supplier Data and any PHI in a mutually agreed, commonly used format. Unless otherwise required by law, or unless Supplier provides written instructions for alternate handling, Mochi shall securely delete and destroy all Supplier Data and PHI in its possession in accordance with HIPAA and applicable privacy laws. Mochi shall confirm such deletion and destruction to Supplier in writing upon request.
5. CONFIDENTIALITY
The Parties understand that during the course of these Terms, each Party (the “Receiving Party”) may acquire knowledge of the other Party’s (the “Disclosing Party”) Confidential Information, as defined below, and shall keep such Confidential Information in strict confidence using the same degree of care as the Receiving Party uses to protect its own Confidential Information and to prevent unauthorized use or disclosure or a reasonable degree of care, whichever is greater (although compliance with this standard shall not be a defense to the breach of the Receiving Party’s obligations under these Terms). Without limiting the generality of the foregoing obligation of the Receiving Party, the Receiving Party agrees that it will not use or exploit any Confidential Information of the Disclosing Party, nor disseminate, disclose or divulge, in whole or in part, any of the Disclosing Party’s Confidential Information to any Person without the prior written consent of the Disclosing Party; provided that the Receiving Party may share Confidential Information with its employees, Affiliates, directors, agents, and third-party contractors who need to know it to fulfill the Receiving Party’s obligations under these Terms and who have agreed in writing to keep such information confidential subject to confidentiality obligations at least as restrictive as those contained in these Terms and, if required by applicable law, have signed a business associate agreement. The Receiving Party’s duty to protect Confidential Information disclosed prior to termination of these Terms will survive the expiration or termination of these Terms indefinitely.
“Confidential Information” means any and all information and data of the Disclosing Party, its Affiliates, or a third party provided by the Disclosing Party concerning its business operations, sales pipeline, Pharmacies, suppliers, patient lists, patient files, personal information of its patients, PHI, end users, and employees, methods and strategies, know how, future products or plans, financial information or condition, pricing, programs, services, business practices, procedures, technology or prospects, in any form or medium whatsoever (including without limitation writings, drawings and electronically stored information and data), whether or not marked or labeled as “confidential”, including, without limitation: (a) business information and data of the Disclosing Party; (b) technical information and data or trade secrets of the Disclosing Party; (c) non-public intellectual property of the Disclosing Party (for example, inventions, discoveries, designs, methods, processes and ideas, whether or not patented or patentable), logos, trade secrets, trade names, trademarks, and service marks (whether or not registered), mask works, works of authorship (whether copyrighted or copyrightable); (d) the terms and conditions of these Terms; and (e) all tangible manifestations (however embodied) of any of the information and data referred to in clauses (a), (b), (c) and (d) above (for example, computer software, firmware, scripts or objects, hardware, programmer’s notes, databases, manuals, training manuals and materials, memoranda, reports, drawings, sketches, flowcharts, models, prototypes, files, films, records, and forms).
Notwithstanding the foregoing, a Receiving Party’s obligations with respect to Confidential Information shall not apply with respect to any information (a) that is or becomes public through no fault of the Receiving Party, (b) that was known to the Receiving Party without restriction prior to disclosure by the Disclosing Party pursuant to these Terms or any other prior written confidentiality agreement between the parties hereto, (c) that is acquired by or becomes known to the Receiving Party without restriction from a third party without use of, reliance on or reference to any of the Disclosing Party’s Confidential Information, or (d) to the extent that the Receiving Party is required to disclose pursuant to any judicial or governmental judgment, writ, decree, or order, so long as the Receiving Party provides prior notice to the Disclosing Party with a reasonable opportunity under the circumstances to seek appropriate protection of the Confidential Information.
The Parties agree that a breach of any provision of this Section will cause the Disclosing Party irreparable harm which cannot be adequately compensated by monetary relief. Accordingly, in the event of any such breach, the Disclosing Party can and will be entitled to seek equitable relief (including but not limited to temporary restraining orders, preliminary and/or permanent injunctions), in addition to any other remedies available at law or in equity, without the necessity of proving irreparable injury or actual damages and without the necessity of having to post a bond.
5.1 Return of Confidential Information. Within fifteen (15) days of the Disclosing Party’s written request, or within thirty (30) days after the expiration or termination of these Terms, the Receiving Party shall, at its option, either (i) return to the Disclosing Party all Confidential Information (and all copies thereof), or (ii) certify the destruction of all such Confidential Information. However, the Receiving Party may retain (a) one (1) archival copy of such Confidential Information solely for its legal or compliance records or to ascertain its continuing obligations hereunder, and (b) electronic copies stored on automatic backup systems, provided that such copies are not readily accessible in the ordinary course of business and remain protected in accordance with this Section.
5.2 Defend Trade Secrets Act Notice. Pursuant to the Defend Trade Secrets Act of 2016, Supplier understands that an individual may not be held criminally or civilly liable under any federal or state trade secret law for the disclosure of a trade secret that: (a) is made (i) in confidence to a federal, state, or local government official, either directly or indirectly, or to an attorney; and (ii) solely for the purpose of reporting or investigating a suspected violation of law; or (b) is made in a complaint or other document that is filed under seal in a lawsuit or other proceeding.
6. WARRANTY DISCLAIMER
Mochi shall use reasonable efforts consistent with prevailing industry standards to maintain the Services in a manner that minimizes errors and interruptions in the Services and shall perform any support or implementation services in a professional and workmanlike manner. Services may be temporarily unavailable for scheduled maintenance or for unscheduled emergency maintenance, either by Mochi or by third-party providers, or because of other causes beyond Mochi’s reasonable control. Mochi shall use reasonable efforts to provide advance notice in writing or by e-mail of any scheduled service disruption.
EXCEPT AS EXPRESSLY SET FORTH IN THESE TERMS, MOCHI DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR FREE, NOR DOES IT MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM USE OF THE SERVICES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICES AND ANY SUPPORT OR IMPLEMENTATION SERVICES ARE PROVIDED “AS IS” AND MOCHI HEREBY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
7. LIMITATION OF LIABILITY
NOTWITHSTANDING ANYTHING TO THE CONTRARY, EXCEPT FOR BODILY INJURY OF A PERSON, MOCHI AND ITS SUPPLIERS (INCLUDING BUT NOT LIMITED TO ALL EQUIPMENT AND TECHNOLOGY SUPPLIERS), OFFICERS, AFFILIATES, REPRESENTATIVES, CONTRACTORS AND EMPLOYEES SHALL NOT BE RESPONSIBLE OR LIABLE WITH RESPECT TO ANY SUBJECT MATTER OF THESE TERMS AND CONDITIONS RELATED THERETO UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY: (A) FOR ERROR OR INTERRUPTION OF USE OR FOR LOSS OR INACCURACY OR CORRUPTION OF DATA OR COST OF PROCUREMENT OF SUBSTITUTE GOODS, SERVICES OR TECHNOLOGY OR LOSS OF BUSINESS; (B) FOR ANY INDIRECT, EXEMPLARY, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES; (C) FOR ANY MATTER BEYOND MOCHI’S REASONABLE CONTROL; OR (D) FOR ANY AMOUNTS THAT, TOGETHER WITH AMOUNTS ASSOCIATED WITH ALL OTHER CLAIMS, EXCEED THE GREATER OF THE MARKETPLACE FEES PAID BY SUPPLIER TO MOCHI FOR THE SERVICES UNDER THESE TERMS IN THE TWELVE (12) MONTHS PRIOR TO THE ACT THAT GAVE RISE TO THE LIABILITY OR $500,000, IN EACH CASE, WHETHER OR NOT MOCHI HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
NOTWITHSTANDING THE FOREGOING, THE ABOVE LIMITATIONS SHALL NOT APPLY TO: (I) LIABILITIES ARISING FROM MOCHI’S WILLFUL MISCONDUCT OR GROSS NEGLIGENCE; (II) LIABILITY FOR BREACH OF MOCHI’S CONFIDENTIALITY OR DATA SECURITY OBLIGATIONS UNDER THESE TERMS OR THE BUSINESS ASSOCIATE AGREEMENT WITH RESPECT TO PHI; OR (III) LIABILITY THAT CANNOT BE LIMITED BY LAW.
8. INDEMNIFICATION
Mochi shall indemnify, defend, and hold harmless Supplier from any liability or expense (including reasonable attorneys’ fees) to third parties arising from a claim that the Services, as provided by Mochi, infringe any United States patent, copyright, or misappropriate a trade secret, provided that (a) Supplier promptly notifies Mochi in writing of any such threat, claim, or proceeding; (b) gives Mochi reasonable assistance and sole control over the defense and settlement (except that Mochi may not settle any claim without Supplier’s written consent unless it unconditionally releases Supplier from all liability). The above obligation does not apply to any portion of the Service: (i) not supplied by Mochi, (ii) made in whole or in part in accordance with Supplier specifications, (iii) that is modified after delivery by Mochi, (iv) combined with other products, processes, or materials where the alleged infringement relates to such combination, (v) where Supplier continues allegedly infringing activity after being notified thereof or after being informed of modifications that would have avoided the alleged infringement, or (vi) where Supplier’s use of the Service is not strictly in accordance with these Terms. If, due to a claim of infringement, the Service is held, or is likely to be held, infringing, Mochi may at its option and expense: (a) modify or replace the Service to be non-infringing, (b) obtain a license for Supplier’s continued use, or (c) if neither (a) nor (b) is commercially practicable, terminate these Terms.
9. HIPAA COMPLIANCE & BUSINESS ASSOCIATE AGREEMENT
Mochi acknowledges that, in providing the Services, it may receive, create, maintain, or transmit PHI on behalf of Supplier. Accordingly, Mochi shall comply with all applicable requirements of HIPAA, including entering into and abiding by the BAA. Mochi shall implement appropriate safeguards to protect the confidentiality, integrity, and availability of PHI and shall report any unauthorized use or disclosure of PHI in accordance with HIPAA and the BAA. Mochi shall ensure that any subcontractor or agent to whom it provides PHI agrees, in writing, to the same HIPAA privacy, security, and breach notification obligations.
10. TERM & TERMINATION
10.1 Term. These Terms commence on the date Supplier first accesses or uses Mochi Software and remain in effect for so long as the Agreement remains active, unless terminated earlier as provided herein.
10.2 Termination. Mochi may suspend or terminate Supplier’s access to Mochi Software immediately upon notice if (a) required to do so by law or regulation, (b) Mochi determines such access poses a security, privacy, or compliance risk, or (c) the Agreement is terminated or expires.
10.3 Effect of Termination. Upon termination, Supplier shall immediately cease using the Mochi Software. Sections relating to confidentiality, data security, HIPAA compliance, limitation of liability, and indemnification shall survive termination. Data return and deletion will be handled per Section 4.2 and BAA.
11. Marketplace Participation
11.1. Voluntary Participation. The voluntary listing functionality within the Mochi Platform allows supplement suppliers and licensed pharmacies, separate from Mochi’s Formulary operations, to independently post information about their available medications and related products (the “Marketplace”). Marketplace functionality is voluntary. By using the Marketplace feature within the Services, Supplier agrees to the additional terms herein. Mochi provides access to the Marketplace solely as a neutral technology service and does not (a) control or endorse any Listing of Supplier, (b) practice pharmacy or provide medical advice, or (c) act as the seller, dispenser, or distributor of record for any item listed or sold through the Marketplace.
11.2 Marketplace Fees. Mochi may charge Supplier fees for Marketplace functionality and related services (“Marketplace Fees”), which may include Listing placement, promotional or marketing opportunities within the Marketplace, or other optional features as agreed in writing between the Parties. The applicable Marketplace Fees for a particular medication listing on the Marketplace shall be Mochi’s standard Marketplace Fee rates as set forth in the Mochi Software at the time that Pharmacy creates an applicable listing or updates the price for such listing through the Mochi Software.
12. Eligibility; Ongoing Verification
12.1 Licensure & Scope. Supplier represents and warrants it: (a) is duly licensed and in good standing in every destination state to which any item that Supplier publishes as a listing of medications or related products (each, a “Listing”) is available or to which shipments will be made; (b) holds all required registrations, including any DEA registration if applicable; and (c) is authorized to list, dispense, and, if applicable, ship the item in the destination state. Supplier is solely responsible for determining whether its activities through the Marketplace cause it to be treated as an online pharmacy, nonresident pharmacy, telepharmacy, mail‑order pharmacy, internet pharmacy, or similar licensure or registration category under applicable law, and for obtaining and maintaining any related registrations, permits, notices, or approvals.
12.2 Documentation. If Supplier is a pharmacy, during onboarding and whenever licenses or credentials renew, Supplier must provide up‑to‑date proof of its pharmacy license, any required DEA registration, current professional and product‑liability insurance, and other relevant accreditations or approvals. Mochi may request updated documentation or conduct re‑verification checks from time to time, but not more often than quarterly unless required by law or to address a specific compliance concern.
12.3 Change Notices. Supplier must notify Mochi within three (3) business days of any license or registration lapse, restriction, investigation, warning letter, recall involvement, or insurance cancellation or non‑renewal. Mochi may temporarily restrict or suspend Marketplace access while it reviews such matters to confirm continued compliance.
12.4 Attestations & Audits. Supplier must promptly provide any reasonable documentation Mochi requests to verify compliance with applicable laws or these Terms, including proof of current licenses, insurance, or product sourcing. Mochi’s audit rights are limited to review of documentation and system data; Mochi does not conduct on-site or clinical inspections unless required by law or regulatory authority.
12.5 Online‑Pharmacy and Telepharmacy Obligations. Without limiting the foregoing, if Supplier’s use of the Marketplace causes Supplier to qualify as an “online pharmacy,” nonresident pharmacy, telepharmacy, mail‑order pharmacy, internet pharmacy, or similar licensure or registration category under applicable law, including, where applicable, under the Ryan Haight Online Pharmacy Consumer Protection Act and related DEA regulations, Supplier is solely responsible for: (a) obtaining and maintaining all required registrations, permits, notifications, and approvals; (b) making any required public disclosures, website postings, or regulatory filings; and (c) complying with all associated requirements. Mochi has no obligation to determine Supplier’s registration status or to monitor or ensure Supplier’s compliance with such requirements.
13. Listings; Prohibited Content; Takedowns
13.1 Supplier as Publisher and Seller of Record. Supplier is solely responsible for all information, content, and materials it submits, uploads, or otherwise makes available through the Marketplace, including but not limited to product names, NDCs, SKUs, strength, dosage form, quantity, images, pricing, destination‑state availability, prescription‑status, warnings, contraindications, side‑effect and safety information, and any patient‑facing educational content (“Listing Content”). Supplier is the seller, dispenser, and publisher of record for all items in its Listings and for all transactions it fulfills, and is solely responsible for compliance with all applicable federal, state, and local laws, professional standards, and payer rules governing such items and transactions. Mochi does not edit or review Listing Content for clinical appropriateness or legal sufficiency and is not the seller, dispenser, or distributor of record for any medication, product, or transaction on the Marketplace.
13.2 Required Fields and Disclosures. Supplier must ensure that every Listing includes all information required by applicable law, by applicable professional standards, and by Mochi’s then‑current written content, data, and disclosure standards for Listings made available to Supplier within the Mochi Software or otherwise in writing, as updated by Mochi from time to time (“Mochi’s Marketplace Content Requirements”), including, as applicable: (a) accurate identification of the product and active ingredients; (b) prescription vs. non‑prescription status and any dispensing or age restrictions; (c) legally required labeling and warnings; (d) contraindications and common side‑effects; (e) storage, handling, and administration instructions; and (f) any required federal or state‑specific disclosures. Supplier is solely responsible for ensuring that Listing Content is accurate, current, and not misleading in any jurisdiction where the item is offered, and Mochi has no obligation to review or verify Listing Content for clinical accuracy or legal sufficiency.
13.3 Prohibited Listings. Supplier may not list, offer, promote, or fulfill through the Marketplace any item that: (a) is adulterated, misbranded, counterfeit, unapproved, or otherwise unlawful; (b) may not lawfully be dispensed or sold in the destination jurisdiction; (c) is subject to a recall, safety alert, or enforcement action; (d) violates any applicable law or third‑party right; or (e) is prohibited under any then‑current written Marketplace policies that Mochi makes available to Supplier within the Mochi Software or otherwise in writing.
13.4 Regulatory Alerts; Recalls. Mochi may integrate and subscribe to any applicable governmental or regulatory authority feeds/alerts to cross-check Listings. If a Listing matches an alert/recall or is otherwise reasonably suspected to be non-compliant, Mochi may immediately hide or remove it, and will notify Supplier and request further documentation. Supplier will cooperate promptly, including providing sourcing/lot documentation and executing any required recall or patient notification.
13.5 Edits, Takedowns, and Suspensions. Mochi may (but is not obligated to) review Marketplace activity using automated tools and/or manual review, and may, in its sole discretion, without prior notice: (a) remove, hide, or modify any Listing or Listing Content; (b) suspend or limit Supplier’s Marketplace access; or (c) require Supplier to provide additional documentation, including but not limited to licensure, sourcing, or lot‑level records, if Mochi reasonably believes a Listing or item is inaccurate, unsafe, non‑compliant, misleading, or otherwise inconsistent with these Terms or applicable law. Mochi’s decision to permit or remove a Listing is administrative only and does not constitute clinical, legal, or regulatory approval of the underlying product or practice.
13.6 Complaint Handling and Regulatory Notices. Supplier is solely responsible for receiving, investigating, and resolving all patient, prescriber, and regulatory complaints and inquiries relating to Supplier’s Listings, items, dispensing, counseling, or pharmacy services, including adverse events, product quality complaints, and recalls. If Mochi receives a complaint or regulatory inquiry relating to Supplier or its Listings, Mochi may forward the communication to Supplier and/or the appropriate regulator. Supplier must cooperate promptly and fully in any recall, market withdrawal, safety alert, or regulatory investigation relating to its Listings or items. Mochi has no duty to monitor for or manage adverse events, recalls, or other safety issues, and any assistance it provides is on an as-is, discretionary basis only.
14. Marketplace Indemnity; Disclaimers
14.1 Indemnity for Listings, Products, and Pharmacy Services. Supplier shall indemnify, defend, and hold harmless Mochi and its respective officers, directors, employees, contractors, and agents, from and against any and all claims, demands, investigations, actions, damages, losses, fines, penalties, costs, and expenses, including reasonable attorneys’ fees, arising out of or related to: (a) Supplier’s Listings or Listing Content; (b) any medications, products, or services dispensed, sold, shipped, or otherwise provided by Supplier, including product liability, failure‑to‑warn, misbranding, adulteration, and consumer‑protection claims; (c) Supplier’s practice of pharmacy, compounding, labeling, counseling, or other professional services, if applicable; (d) Supplier’s failure to maintain required licenses, registrations, including any online‑pharmacy or telepharmacy registration, or insurance; or (e) Supplier’s violation of applicable law or these Terms in connection with its use of the Marketplace. This indemnity applies regardless of whether a patient or regulator asserts that Mochi should be treated as a seller, distributor, or provider of the products or services at issue.
14.2 Platform‑Only Disclaimers. Supplier is solely responsible for all customer service, order fulfillment, and post‑sale support relating to its Listings and items. For Marketplace functionality, Mochi does not (a) guarantee the availability, pricing, quality, or safety of any item listed by Supplier; (b) warrant that Listing Content is accurate, complete, or up to date; or (c) provide any medical, pharmaceutical, or legal advice. To the extent applicable, all clinical decisions, including whether to prescribe, dispense, compound, or substitute any medication, rest solely with the independent prescriber and Supplier. To the fullest extent permitted by law, Mochi disclaims any liability arising from Supplier’s Listings, products, or services, and any use of the Marketplace is at Supplier’s sole risk.
14.3 Marketplace Limitation of Liability. Without limiting Section 7, Mochi’s aggregate liability arising from or related to Supplier’s participation in the Marketplace will not exceed the amount of Marketplace‑specific fees actually paid by Supplier to Mochi for Marketplace functionality in the twelve (12) months preceding the event giving rise to the claim. The foregoing limitations apply to the maximum extent permitted by law.
15. Miscellaneous
15.1 Entire Agreement; Order of Precedence. These Terms, together with the Agreement and the BAA, constitute the entire understanding with respect to the subject matter herein. In the event of a conflict between these Terms and the Agreement, the Agreement controls, except with respect to data-security, confidentiality, marketplace, and HIPAA-related obligations, for which these Terms, and the BAA, control.
15.2 Assignment. Neither Party may assign these Terms or any of its rights or obligations hereunder without the prior written consent of the other Party, provided, however, that Mochi may assign this Agreement in connection with a merger or sale of all or substantially all of Mochi's assets, or by operation of law, without notice to or consent of Supplier.
15.4 Modification. Mochi may update or modify these Terms from time to time. Notice of material changes will be provided by posting an updated version within the Mochi Software or by other reasonable means, such as email. Supplier’s continued access to or use of the Mochi Software after such notice constitutes acceptance of the modified Terms. If Supplier does not agree to the updated Terms, it must stop using the Mochi Software and may not access or use the Services thereafter.
15.5 Waiver. Any waiver of a Party’s rights or obligations under these Terms must be in writing and signed by the waiving Party. No waiver of any provision or default will constitute a continuing waiver or a waiver of any other provision, and all rights and remedies remain cumulative.
15.6 Severability. If any term is found by any court to be void or unenforceable, the remainder of these Terms shall remain valid and enforceable as though such term were absent upon the date of its execution.
15.7 No Conflicts of Interest. Supplier warrants that it is not engaged in, and neither it nor any of its Affiliates, owners, officers, or directors has any direct or indirect ownership or management interest in, any telehealth or digital health platform that would reasonably be expected to compete with the Services offered by Mochi Health or create a conflict of interest with its obligations to Mochi Health under these Terms. Supplier agrees that it shall promptly disclose in writing to Mochi Health any such interest or relationship that exists as of the Effective Date or arises or becomes known during the Term of these Terms.
15.8 Notice. All notices required or permitted under these Terms will be in writing and sent to the other Party as directed below or as otherwise directed in writing by either Party. All such notices will be deemed validly given upon receipt of such notice by certified mail with return receipt requested, Priority Mail with Delivery Confirmation, personal or courier delivery, or e-mail with read-receipt confirmation and sent to the addresses set forth on the signature page to these Terms (as modified from time to time).
15.9 Governing Law and Venue. These Terms and any disputes hereunder will be governed by and construed in accordance with applicable federal law and the internal laws of the State of California without giving effect to any choice or conflict of law provision or rule that would require a different result, consistent with the governing law clause in the Agreement.
15.10 Electronic Acceptance; Authority. Supplier acknowledges and agrees that these Terms may be accepted electronically through an online click‑through or similar process within the Mochi Software. Any individual who clicks “I Agree,” accepts, or otherwise indicates assent to these Terms on behalf of Supplier represents and warrants that they have the authority to bind Supplier to these Terms, and such electronic acceptance will constitute Supplier’s valid and binding agreement to these Terms.
Personalized care designed for you.
© 2026 Mochi Health
All professional medical services are provided by licensed physicians and clinicians affiliated with independently owned and operated professional practices. Mochi Health Corp. provides administrative and technology services to affiliated medical practices it supports, and does not provide any professional medical services itself.
Personalized care designed for you.
© 2026 Mochi Health
All professional medical services are provided by licensed physicians and clinicians affiliated with independently owned and operated professional practices. Mochi Health Corp. provides administrative and technology services to affiliated medical practices it supports, and does not provide any professional medical services itself.
Personalized care designed for you.
© 2026 Mochi Health
All professional medical services are provided by licensed physicians and clinicians affiliated with independently owned and operated professional practices. Mochi Health Corp. provides administrative and technology services to affiliated medical practices it supports, and does not provide any professional medical services itself.