Last Modified: 11 March 2025
PLEASE READ THESE TERMS CAREFULLY.
The Neon Sensitive Data Terms (“Sensitive Data Terms”) apply to your use of the Platform and information considered sensitive under applicable law. These terms only apply to customers who have signed a Business Associate Agreement (“BAA”) with Neon. In case of and to the extent applicable, any conflict or inconsistency with the other terms of the Agreement, these Sensitive Data Terms will take precedence over the other terms of the Agreement.
Capitalized terms used herein and not otherwise defined here will have the meanings assigned to them in the Agreement.
1. DEFINITIONS
1.1 “Covered Services” means the features and services supporting Permitted Sensitive Data and expressly included in the ‘Covered Services Table’ of the Sensitive Data Terms.
1.2 “Documenation” means Neon’s documentation related to HIPAA, the use of the Platform and the Services, posted on the Website otherwise provided to the Covered Entity.
1.3 “Permitted Sensitive Data” means any information expressly permitted under the ‘Covered Services Table’.
1.4 “Prohibited Sensitive Data” means i) any information belonging to a sensitive category of information under applicable law relating to privacy or data protection not expressly permitted under Permitted Sensitive Data, and ii) any use of Permitted Sensitive Data outside the scope of the Covered Services or otherwise processed outside of the express and authorized scope of these terms.
1.5 “Website” means an interface of the Platform compiled of all web documents (including images, CSS, and HTML files) made available via https://neon.tech or its sub-domains or domains under other top domains that are owned by Neon.
2. COVERED SERVICES
You agree to use only the Covered Services for the categories of Permitted Sensitive Data detailed in the ‘Covered Services Table.’
| COVERED SERVICES TABLE Permitted Features and Data | |
| COVERED SERVICES | PERMITTED SENSITIVE DATA |
| Neon’s Platform and HIPAA offering with a signed BAA. | * Protected Health Information (PHI) subject to the Health Insurance Portability and Accountability Act (HIPAA)). This includes health information in the US such as patient information, provider information and medical history. |
4. SERVICE TERMS
4.1 Permitted and Prohibited Use. Permitted Sensitive Data can only be used within the Subscription Service in accordance with Documentation, these terms and any signed Business Associate Agreement. Exceeding the permitted scope of the Neon Sensitive Data Terms it may result in suspension or termination under the Neon Terms of Service or Neon Master Service Agreement.
4.2 Third Party Products. If you choose to integrate with or otherwise use third party products in connection with the Subscription Service, you acknowledge that Customer Data hosted or processed by such third-party products are hosted in accordance with policies maintained by those third-parties.
4.3 Customer Obligations. You are responsible for assessing and determining whether your use of the Subscription Services meets your compliance obligations. Your obligations also include, at your own cost and expense, to supply your own personnel and resources (or that of your designated third party service provider) to support, at a minimum, (i) management and oversight of Sensitive Data within your Neon Account; (ii) subject access request responses associated with Sensitive Data maintained within your Neon Account; (iii) inquiries, obligations, or other lawful orders set forth by enforcement officials under applicable law or regulation; and (iv) adherence to Neon’s Documentation.
4.3.1 Permitted Sensitive Data Identification. The Covered Services functionality relies on the use of sensitive data properties, and you agree to i) appropriately identify sensitive data and ii) only process Permitted Sensitive Data within the Covered Services.
4.4 Neon Obligations. We agree to continue providing the physical, administrative, and technical security controls reflected in the existing terms of the Agreement. You can learn more about the Neon security controls at the Neon Trust Center available at www.trust.neon.tech.
4.5 Sensitive Information Data Breaches. As detailed in the BAA, we maintain security incident management policies and procedures as specified in the “Security Measures” section of our BAA.
4.6 BAA Security and Notice. We maintain security incident management policies and procedures as specified in the “Business Associate’s Obligations” section of our BAA, and we will notify you as detailed in those terms if the BAA applies to you.
5. DISCLAIMER OF WARRANTIES
Neon MAKES NO WARRANTY THAT ANY OF THE COVERED SERVICES WILL MEET YOUR REQUIREMENTS AND/OR THAT THE COVERED SERVICES WILL BE UNINTERRUPTED, TIMELY OR ERROR-FREE.
6. MISCELLANEOUS
6.1 Changes to Sensitive Data Terms. We may make changes to these Sensitive Data Terms to increase the Covered Services, or Permitted Sensitive Data allowed under these terms without notifying you; other updates to these terms will be made in accordance with the Agreement. You understand and agree that if you use the features under the Sensitive Data Terms after the updated date, we will treat your use as acceptance of the updated Sensitive Data Terms.
6.2 Conflict. All other terms in the Agreement remain unchanged. In case and to the extent of any conflict or inconsistency with the terms of the Agreement, these Sensitive Data Terms will take precedence over the terms of the Agreement. For customers who store Protected Health Information subject to HIPAA, the BAA will take precedence over the terms of the Agreement, including any other terms within these Sensitive Data Terms, to the extent of such conflict or inconsistency.
6.3 Survival. These Sensitive Data Terms, and the BAA as applicable, will also survive the expiration or termination of the Agreement.