This Notice of Privacy Practices (this “Notice”) applies to the software and information services we offer
through our website located at https://kestramedical.com, our devices, applications, platform, software,
websites, APIs, products, services, and communications sent as part of, in connection with, or relating to
such software and information services (our “Services). We have developed this Notice from industry
guidelines and standards, and national and international laws and requirements. We are committed to
protecting the privacy of patients, customers, and partners.

About Kestra Medical Technologies, Inc.

At Kestra Medical Technologies, Inc. (“Kestra”), it is our mission to provide innovative, intuitive medical
technologies to protect and support at-risk patients. At the heart of Kestra is an uncompromising
commitment to the highest quality our customers expect and patients trust.

Throughout this Notice, “Kestra” refers to Kestra Medical Technologies, Inc., including its affiliated
companies and subsidiaries (also referred to as “we” and “us”). You can find information on how to
contact us below in Section “Contact Information”. You can also find additional contact and location
information on our website at: https://www.kestramedical.com/contact/.

Information We Collect and How We Collect It

When you use our Services, Kestra collects information about you, including:

• Name, date of birth, and contact information, such as your postal address, email address, and
  phone number;


• Demographic information such as age and gender;


• Health insurance information such as current coverages including co-pays, premiums and plan
  identification numbers;


• Health condition and treatment information, such as medications, prescription identifiers,
  diagnoses, and medical history;


• Characteristics of protected classifications under state or federal/national law, such as race or
  nationality;


• Individual preferences and characteristics, such as smoker status and physical activity;


• Device and online identifiers;


• Electronic Funds Transfer (EFT) information and banking information; and,


• Any other information you choose to provide, such as during telephone interviews with our
  agents.

Kestra collections information in the following ways:

• Directly from you, for example, when you submit information through our Services,
  complete one of our webforms or applications, or communicate with a Kestra agent;


• Passively collected from a device used to access Kestra Services, including websites and
  webforms; and,


• From insurance and patient support organizations.

We collect information from you when you:

• Enter information on our Services, such as when you register for our Services, use our Services
  to send a message to someone else, or complete a form;
• Upload a document, image, or other data file on our Services;
• Contact us; or
• Make a customer service request or attend one of our training sessions.

Contact Information

To provide our Services and communicate with customers, patients, care providers, and others, we need
to collect certain personal data identifying who you are, including information such as your e-mail address,
phone number, and your mailing address. If you contact us, we may keep a record of that
correspondence.

Emergency Contact Information

Some Kestra Services present an option to provide contact information in the event of an emergency.
The information requested includes data identifying who they are, such as their name, relation to you,
e-mail address, residence address, and phone number(s).

Payment Information

Some Kestra Services support payments and transactions with third parties requiring you to provide
certain information for identification and verification of billing and payment. Depending on the Services
you use, we may also collect information including credit or debit card account information, or other
forms of payment ("Payment Card Information"). By submitting your Payment Card Information, you
expressly consent to the sharing of your information with third-party payment processers and other
third-party services (including but not limited to vendors who provide fraud detection services to us and
other third parties). These third parties may store your Payment Card Information for future use in our
Services. We do not store your Payment Card Information, nor do we have direct control or
responsibility for your Payment Card Information. The third-party services that we utilize are
contractually obligated to keep your Payment Card Information secure and confidential.

Health Insurance Information

To provide Services, Kestra collects health insurance information such as current coverages including co-
pays, premiums, and plan identification numbers. This information may be provided by insurance support
organizations. In such cases, the insurance support organization may retain the information and disclose it
to other persons in accordance with their own privacy policies and terms.

Career Data

Kestra partners with Workable to aid career registrants and Kestra in identifying, recruiting, and hiring
qualified candidates. You can find the Workable Privacy Policy here:
https://www.workable.com/privacy.

Surveys, Feedback, and Informational Programs

You may be contacted for surveys, feedback, or information programs to help improve your experience
or certain features of our Services. You may choose to provide us with additional information while
participating. Participation in surveys and like requests are voluntary.

Device Information

Some Kestra Services collect data to record health and product data. Examples of data collected are
steps you take, heart rate, and active minutes. The data collected varies depending on which device you
use. When your device syncs with our applications or software, data recorded on your device is
transferred from your device to our servers. You should have received detailed information on what
data is collected on your device. If you need this information, please contact us.

Cookies and Similar Technologies

We and our partners collect information about you and your Devices through cookies, web beacons, and
similar technologies. A "cookie" is a small data file sent from a website and stored on your Device to
identify your Device in the future and allow for an enhanced personalized user experience based on
your previous activity on the website. A "session cookie" disappears after you close your web browser or
may expire after a fixed period. A "persistent cookie" remains after you close your web browser and
may be accessed every time you use our Services. We and our partners may use both session and
persistent cookies on our Services. You should consult your web browser to modify your cookie settings.

On our generally public websites (e.g., https://kestramedical.com), we specifically use Google Analytics
cookies which enables us to collect certain data about your visits to our website, including:

• Your IP address;
• The pages on our website that you visit;
• The time you spend on certain pages on our website; and
• Various other statistics such as user agent string, browser version, and OS version.

Google’s ability to share and use your information collected via Google Analytics is restricted by the
commitments made in the Google Analytics Terms of Service and the Google Privacy Policy . Some third
parties may allow you to opt-out of targeted advertising based on this information. You can find more
information about these opt-outs from the Network Advertising Initiative (NAI) and the Digital Advertising Alliance (DAA) .

Information from Other Sources

We may receive or proactively gather information about you from other sources and add it to
information we otherwise have about you for any purpose described in this Notice. This may include
situations where a third party seeks to communicate with you through the Services or establish an
"Integration".

Children’s Information

Kestra Services are not directed to minors. We do not knowingly collect or solicit Personal Data from
children under 18. If you are a child under 18, please do not attempt to register for or otherwise use the
Services or send us any Personal Data. If we learn we have collected Personal Data from a child under
18, we will delete that information as quickly as possible. If you believe that a child under 18 may have
provided us Personal Data, please contact us immediately.

How We Use or Share Your Information

We collect and process personal data about you where we have lawful basis. We may use the
informationwe collect for the following purposes:

• To develop, operate, improve, deliver, maintain, and protect our Services including new Services
  functionality and features;


• Responding to questions and communications, or obtaining your feedback about our Services;


• Administering and logging your participation in informational programs, including webinars and
  other classes, and any product or support matters that may arise from our Services or Programs;


• Preparing and delivering announcements about features, functionality, terms of use, or other
  aspects of our Services or your interests and informing you about offers for services or products
  we believe may be of interest to you, including from third parties;


• Providing you with more relevant content, including clinical support tools, assessments or
  medical-related information or services, patient support programs, advertising, or other
  programs appearing on our Services or third-party services;


• Analyzing usage trends and patterns and measuring the effectiveness of content, programs,
  advertising, or the features or functionality of the Services, including emails that may be sent by
  us to you;


• Preparing reports for any of the purposes described in this Notice, including for current or future
  sponsors, providers, or other partners to show utilization or trends about the use of our
  products and Services. Such reports may include demographic or other general user
  information, but will not include personally identifiable information unless the recipient has
  agreed to confidentiality obligations;


• Safeguarding, protecting, and securing our Services, the information we collect, and the rights of
  us, our users or third parties, and to comply with legal requirements, including applicable laws,
  rules, regulations, contractual obligations, Terms of Use and our policies;


• Use of your Payment Card Information as stated in the "Payment Information" Section above;


• Verify your identity and detect and prevent fraud or other unauthorized or illegal activity;


• Any other purpose described in this Notice or your User Agreement; or


• When we otherwise have your permission.

De-identified Information

Section 164.514(a) of the HIPAA Privacy Rule provides the standard for de-identification of protected
health information. Under this standard, health information is not individually identifiable if it does not
identify an individual and if the covered entity has no reasonable basis to believe it can be used to
identify an individual. The HIPAA Privacy Rule does not restrict the use or disclosure of de-identified
health information, as it is no longer considered protected health information.

Kestra reserves the right to use de-identified information for the purposes of research and conducting
business in compliance with Section 164.514(a) of the HIPAA Privacy Rule as the minimum efforts taken,
using either Expert Determination §164.514(b)(1) or Safe Harbor §164.514(b)(2), to de-identify
information. You can find more information about these practices on the US Health and Human Services
Website: https://www.hhs.gov/hipaa/for-professionals/privacy/special-topics/de-identification/index.html .

How We Protect Your Information

The privacy and security of your nonpublic personal information and data while using our Services is
very important to us. Our Services employ a variety of reasonable technical safeguards to protect the
confidentiality, integrity, and availability of this information. We conduct robust risk and security
assessments for partners and providers we work with.

Third-party Websites and Integrations

Our Services may provide, or third parties may provide, links to other websites or resources. This Privacy
Notice applies only to our websites. It does not apply to services offered by third parties, including
websites and other online services to which our websites may display links. When you click on such
links, you may be visiting websites or interactive services operated by third parties, who have their own
information collection practices. We do not have control over how any third party collects or uses
information, so we recommend that you review their privacy policies to learn of their practices.

How Long We Retain Your Information

We keep your personal information for no longer than necessary for the business need for which the
personal information is processed. The length of time for which we retain personal information
depends on the purposes for which we collect and use it and/or as required to comply with applicable
laws and to establish, exercise, or defend our legal rights.

We may be required under applicable laws or regulations to retain information about you for extended
periods of time or indefinitely. We may also have independent obligations under applicable laws or
regulations to retain some information indefinitely. For disaster recovery and business continuity
purposes, we retain copies of data for those purposes in compliance with our Disaster Recovery and
Business Continuity Plans.

Your Rights Over Your Information

Accessing and Exporting Your Data. You have the right to request inspection and to receive a copy of a
record of your personal information. If we maintain the record electronically, you have the right to
request the copy be in the electronic format of your choice. If we cannot readily provide your record in
that format, we will provide your record in an electronic format that you and we have agreed to.

Editing and Deleting Your Data. If you feel the personal information that we maintain about you is
incorrect or incomplete, you have the right to request amendment to your personal information. You
may also request the deletion of your data. It may take up to 90 days to delete all of your information.
We may preserve data for legal reasons as outlined in section “How We Use or Share Your Information.”

Objecting to Data Use. You have a right to request a restriction or limitation on the personal
information we use or disclose about you for treatment, payment, and health care operations activities
or disclosures to individuals involved in your care. It may take up to 90 days to reasonably accommodate
the restriction or limitations request.

California Privacy Disclosures

Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of
websites and web applications and services that you do not wish such operators to track certain of your
online activities over time and across different websites. Our Services do not currently support Do Not
Track requests. To find out more about “Do Not Track,” you can visit www.allaboutdnt.com.

Categories of Information We Collect, Use, and Disclose for Business Purposes

As described in the “Information We Collect and How We Collect It” section, we collect the categories of
personal information listed below. We receive this information from you, your use of our Services, third
parties (such as your physician or insurance company), and as otherwise described in this policy. We use
and disclose these categories of information for the business purposes described in the “Information We
Collect and How We Collect It” section. The categories are:

• Identifiers, like your name or username, email address, mailing address, phone number, IP
  address, account ID, device ID, cookie ID, emergency contact information, and other similar
  identifiers.
• Demographic information, such as your gender, age, health information, and physical
  characteristics or description, which may be protected by law.
• Commercial information, including your payment information and records of the Services or
  devices you use, obtained, or considered including insurance information.
• Biometric information, such as your active minutes or health data, including the number of
  steps you take, heart rate, and any similar information to which you grant us access. This also
  includes physical characteristics and measurements required for proper device fitting.
• Internet or other electronic network activity information, such as the usage data we receive
  when you access or use our Services. This includes information about your interactions with the
  Services and about the devices and computers you use to access the Services.
• Geolocation data, including GPS signals, device sensors, Wi-Fi access points, and cell tower IDs,
  if you have granted us access to that information.
• Electronic, visual, or similar information, such as your profile photo, graphs, or charts of
  recorded data.
• Professional or employment related information, including any information (like your name,
  email address, or similar information) related to recruiting or seeking employment with Kestra.
• Other information that you provide that you provide, including emergency contact information; information for
  features of the Services, for example, an alarm; messages on the Services; and information
  recorded by your device which may vary depending on the device you use.
  
• Inferences drawn from any of the above, including distance you traveled, sleep insights, health,
  and activity goals.

Sale of Data

The following list contains the types of personal identifiers that we may have solid in the previous 12
months:

• None

Response Timing and Format

• We will respond to a request within forty-five (45) days of its receipt. If we require more time
  (up to 90 days), we will inform you of the reason and extension period in writing.
• Any disclosures we provide will only cover the 12-month period preceding the verifiable
  individual’s request’s receipt. If applicable, the response we provide will include reasons we
  cannot comply with a request. For data portability requests, we will select a format to provide
  your personal information that is usable and should allow you to transmit the information from
  one entity to another entity.
• We do not charge a fee to process or respond to your verifiable consumer request unless it is
  excessive, repetitive, or unfounded. If we determine that the request warrants a fee, we will tell
  you why we made that decision and provide you with a cost estimate before completing your
  request.

European Economic Area and UK Disclosure

Kestra is headquartered in the United States and, regardless of where you use our Services or otherwise
provide information to us, your information will usually be transferred to, maintained, and processed by
Kestra and our service providers in the United States or other jurisdictions in which we or they operate.
Please note that privacy laws, regulations, and standards in the jurisdictions in which your information
may be maintained and processed may not be equivalent to the laws in your country of residence and
such information may be subject to lawful access by U.S. or other foreign courts, law enforcement, and
governmental authorities.

If you are based in the UK or the EU, if we provide any personal information about you to any non-
European Economic Area (“EEA”) or UK members of our group or suppliers, we will take appropriate
measures to ensure that the recipient protects your personal information adequately in accordance with
this Privacy Notice. These measures will include the following permitted in Articles 45 and 46 of the
EU’s General Data Protection Regulation:

• in the case of US based entities, entering into European Commission approved standard
  contractual arrangements with them; or


• in the case of entities based in other countries outside the EEA, entering into European
  Commission approved standard contractual arrangements with them.

Contact Information

If you have questions or are concerned that any of your privacy rights have been violated, wish to
exercise any of your rights described in this Notice, or ask questions about those rights, please contact
us at:
Phone: (800) 957-0028
Email: privacy@kestramedical.com
Mailing:

• ATTN: PRIVACY OFFICER
• KESTRA MEDICAL TECHNOLOGIES, INC.
• 3933 LAKE WASHINGTON BLVD., SUITE 200
• KIRKLAND, WA 98033
• UNITED STATES OF AMERICA

You also have the right to complain to the Secretary of Health and Human Services at:

• OFFICE OF CIVIL RIGHTS
• U.S. DEPARTMENT OF HEALTH AND HUMAN SERVICES
• 2201 SIXTH AVENUE
• SEATTLE, WA 98121
• UNITED STATES OF AMERICA

We may update this Notice from time to time, and so you should review this page periodically. When we
change this Notice in a material way, we will update the “last modified” date below with a brief
description of the material change. Changes to this Notice are effective when they are posted on this
page.

Privacy Notice Updates

Effective April 16, 2021

Your access to the Kestra CareStationTM remote monitoring system available at https://carestation.kestramedical.com ("the System") is subject to the following Terms of Use, which may be updated by Kestra Medical Technologies, Inc. and its affiliates (“Kestra”, "us", "we") from time to time without notice to you. As used herein, "your", "you", "company", and "user" refer to the organization, company, hospital, etc. agreeing to these Terms of Use. By accessing or using the System, you agree that you have read, understand, and agree to the Terms of Use, as they may be amended from time to time, as well as to the terms of our Privacy Policy, which is hereby incorporated into these Terms of Use and available at https://www.kestramedical.com/notice-of-privacy-practices You are responsible for periodically reviewing these Terms of Use for applicable changes. Your use of the System after posting by us of any changes to these Terms of Use constitutes your acceptance to those changes.

In addition, Kestra reserves the right to modify, limit, interrupt, suspend or discontinue some or all of the services and features of the System (collectively “Changes”) without notice or liability to you. The Changes may be temporary or permanent, and can include additions to this Terms of Use that are separate agreements between you and Kestra, or other additions that can be posted or accessible at the System website https://carestation.kestramedical.com.

Confidential and Proprietary Information. The documentation and access to the System provided to you are confidential and proprietary information of Kestra. By accepting the documentation or accessing the System you agree to the following:

• (i) you will not share the documentation or access to the System with third parties;


• (ii) you will not make copies of the documentation or capture images or recordings while using the System;


• (iii) you will keep the documentation and access to the System under your direct control and confidential when using the documentation and the System; and


• (iv) you will store the documentation in a secure manner when you are not using the documentation.

License. The System, its proprietary software, documentation, reports generated by the System, and certain intellectual property associated with the system are owned by Kestra. Any software and documentation provided to you must be returned to Kestra after completing the term of your agreement with Kestra. Subject to your compliance with these Terms of Use, Kestra grants you a nonexclusive license to use the System, reports, proprietary software, and intellectual property solely for providing medical care to your patients.

You agree you will only use the System as authorized in your agreement with Kestra. By using the System, you acknowledge that ownership of the System, proprietary software, and documentation remains with Kestra, and you agree you will use the System, proprietary software, documentation, and intellectual property only during the term in your agreement with Kestra.

Open Source Software. Certain software components (referred to herein as “Open Source Components”) that are used with or in the System are owned by their authors and licensed to Kestra under various open source license agreements. As required by the terms of these open source license agreements, Kestra offers to make the source code corresponding to the Open Source Components available upon request.

NO WARRANTY FOR OPEN SOURCE COMPONENTS

TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE OPEN SOURCE COMPONENTS ARE PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE OR ANY WARRANTY AGAINST INFRINGEMENT OR ANY VIOLATION OF INTELLECTUAL PROPERTY RIGHTS COVERING THE OPEN SOURCE COMPONENTS. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW WILL ANY PARTY, INCLUDING KESTRA MEDICAL TECHNOLOGIES INC OR ITS AFFILIATES, BE LIABLE FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE OPEN SOURCE COMPONENTS (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY ANY PARTY FOR A FAILURE OF THE OPEN SOURCE COMPONENTS TO OPERATE WITH ANY OTHER PROGRAMS).

Prohibited Actions. Except as expressly permitted under applicable law that cannot be waived, you agree you will NOT perform, aid, or condone any party in performing any of the following:

• (i) disabling or circumventing access controls of the System or allowing access to the System by a person who is not authorized by you or Kestra;


• (ii) copying or reproducing any part of the System including the software and documentation;


• (iii) removing or destroying any proprietary copyright notices or other legends and labeling that are part of the System including the software and documentation, and including such notices, legends, labeling on reports generated by the System;


• (iv) removing or downloading the software from the System;


• (v) reverse engineering the System including the software (reverse engineering as used herein includes but is not limited to modifying, decompiling, sniffing, or reconstructing the system software);


• (vi) using the System in a way that violates any applicable law or regulation, including privacy, HIPAA, and data security laws;


• (vii) using the System to stalk, harass, impersonate or otherwise violate the rights of a patient or other third party, including without limitation using the System to send any communication to any other party that is defamatory, obscene, “spam” or any unsolicited communication;


• (viii) using the System to distribute any computer virus, ransomware, worm, or other software component not authorized by Kestra;


• (ix) accessing the System from a country or territory in which the System is not approved or is illegal.

If you fail to comply with these Terms of Use, Kestra may terminate your access to the System without notice to you. After such termination, the non-exclusive license described above will be terminated, and you will no longer be authorized to use or access the System.

Privacy Policy. By accessing or using the System, you agree that you have read, understand, and agree to the Privacy Policy available at https://www.kestramedical.com/notice-of-privacy-practices, which may be updated by Kestra from time to time without notice to you. You are responsible for periodically reviewing the Privacy Policy for applicable changes. Your use of the System after posting by us of any changes to the Privacy Policy constitutes your acceptance to those changes.

Force Majeure. You agree that Kestra will not be liable for any failure or delay in performing the services of the System due to any of the following causes: acts of God, natural catastrophes, weather conditions, fires, accident, riots, civil disobedience, war, terrorist act, epidemic, pandemic, quarantine, failure of communication networks, failure of cloud services, computer hacking including ransomware, governmental acts or omissions, changes in laws or regulations, national strikes, embargoes or inability to obtain raw materials or energy, and other causes beyond the reasonable control of Kestra.

Indemnification. You agree to defend and indemnify Kestra and its officers, directors, employees, consultants, affiliates, subsidiaries and agents from and against any claim brought by a third party, and any related liability, damage, loss, and expense, including reasonable attorneys’ fees and costs, arising out of or in connection with your misuse of the System including reports or data provided by the System; your gross negligence, bad faith or willful misconduct; non-compliance with this Terms of Use, or any applicable law or regulation; and your violation of any third party right by unintended use of the System improperly or in combination with systems or components not provided by Kestra.

Additions. Your access to and use of the System is subject to all additional provisions and terms applicable to the System that Kestra may post on or link to from System website https://carestation.kestramedical.com , and any related agreements between you and Kestra (collectively “Additions”). All Additions are hereby incorporated by reference into this Terms of Use. As between Additions and this Terms of Use, the Additions shall control if there is a conflict.

Third-Party Websites and Services. The System may provide links to other web sites operated by third parties. These links are being provided as a convenience; they do not constitute an endorsement or an approval by Kestra of any of the products, services, advice or opinions provided by the third party web sites. Kestra bears no responsibility for the accuracy, legality or content of the third party web sites, including those linked by the third party web sites. Further, Kestra makes no representation and makes no warranty regarding any aspect of such third party web site including without limitation their operation, availability, content, hyperlinks, support, maintenance, and security.

The System may enable you to upload information to or download information from third party applications or services (“Information Transfers”). By making an Information Transfer using the System, you agree that you are authorized and permitted under applicable law to make such Information Transfer, and further, you agree and authorize Kestra to make such Information Transfers for you in accordance with the Privacy Policy. Enabling an Information Transfer using the System does not constitute an endorsement or an approval by Kestra of any of the products, services, advice or opinions provided by the corresponding third party service. Kestra bears no responsibility for the accuracy, legality or content of any third party service. Further, Kestra makes no representation and makes no warranty regarding any aspect of a third party service, including without limitation the operation, availability, content, hyperlinks, support, maintenance, and security of the third party service. By using the System for such Information Transfers you hereby authorize and grant Kestra a perpetual, irrevocable non-exclusive license to use content of such Information Transfers and disclose it to third parties in accordance with the Privacy Policy.

Subcontractors. You agree that Kestra may use third parties to perform, maintain, or assist in implementing or maintaining the System or any portion of the System, including without limitation analyzing physiological data uploaded to the System, training users of the System, fitting patients with medical devices associated with the System, invoicing payers, and web service providers engaged in implementing the System.

Limited Warranty. Kestra Medical Technologies, Inc. warrants that for a period of ninety (90) days from the beginning of the applicable warranty period (as described below), the System will function substantially in accordance with the functions and features described in the Documentation delivered with the System when properly installed, and that for a period of ninety days from the beginning of the applicable warranty period (as described below) the other media bearing the System will be free of defects in materials and workmanship under normal use. The above warranties do not apply to defects resulting from misuse, neglect, or accident, including without limitation: operation outside of the environmental or use specifications, or not in conformance with the instructions for any part of the System including software, or accessories; improper or inadequate maintenance by the user; installation of the System or interfacing, or use in combination with System or products not supplied or authorized by Kestra; and modification or repair of the products not authorized by Kestra.

Warranty Period Commencement Date. The applicable warranty period for the System begins on the date the user first uses the System.

KESTRA MAKES NO OTHER WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, WITH RESPECT TO THE SYSTEM OR DOCUMENTATION, INCLUDING BUT NOT LIMITED TO WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE OR MERCHANTABILITY OR THAT THE SYSTEM OR DOCUMENTATION IS NON-INFRINGING. ALL OTHER WARRANTIES ARE EXPRESSLY DISCLAIMED.

WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, KESTRA MAKES NO WARRANTIES THAT THE SYSTEM WILL MEET YOUR REQUIREMENTS, THAT OPERATION OF THE SYSTEM WILL BE UNINTERRUPTED OR ERROR FREE OR WILL CONFORM EXACTLY TO THE DOCUMENTATION, OR THAT KESTRA WILL CORRECT ALL PROGRAM ERRORS. KESTRA’S SOLE LIABILITY AND RESPONSIBILITY FOR BREACH OF WARRANTY RELATING TO THE SYSTEM OR DOCUMENTATION SHALL BE LIMITED, AT KESTRA’S SOLE OPTION, TO (1) CORRECTION OF ANY ERROR IDENTIFIED TO KESTRA IN A WRITING FROM YOU IN A SUBSEQUENT RELEASE OF THE SYSTEM, WHICH SHALL BE SUPPLIED TO YOU FREE OF CHARGE, (2) ACCEPTING A RETURN OF THE PRODUCT AND REFUNDING THE PURCHASE PRICE UPON RETURN OF THE PRODUCT AND REMOVAL OF ALL COPIES OF THE SYSTEM FROM YOUR PHONES, COMPUTERS AND STORAGE DEVICES, (3) REPLACEMENT OF THE DEFECTIVE SYSTEM WITH A FUNCTIONALLY EQUIVALENT SYSTEM AT NO CHARGE TO YOU, OR (4) PROVIDING A REASONABLE WORK AROUND WITHIN A REASONABLE TIME.

THESE ARE YOUR SOLE AND EXCLUSIVE REMEDIES FOR ANY BREACH OF WARRANTY. WARRANTY CLAIMS MUST BE MADE WITHIN THE APPLICABLE WARRANTY PERIOD. LIMITATION OF LIABILITY IN NO EVENT SHALL KESTRA OR ITS AGENTS, CONSULTANTS, CONTRACTORS OR SUPPLIERS BE RESPONSIBLE OR LIABLE, WHETHER IN CONTRACT, TORT, WARRANTY OR UNDER ANY STATUTE (INCLUDING WITHOUT LIMITATION ANY TRADE PRACTICE, UNFAIR COMPETITION OR OTHER STATUTE OF SIMILAR IMPORT) OR ON ANY OTHER BASIS FOR SPECIAL, INDIRECT, INCIDENTAL, MULTIPLE, PUNITIVE, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE POSSESSION OR USE OF, OR THE INABILITY TO USE, THE SYSTEM OR DOCUMENTATION, EVEN IF KESTRA IS ADVISED IN ADVANCE OF THE POSSIBILITY OF SUCH DAMAGES, INCLUDING WITHOUT LIMITATION DAMAGES ARISING FROM OR RELATED TO LOSS OF USE, LOSS OF DATA, DOWNTIME, OR FOR LOSS OF REVENUE, PROFITS, GOODWILL OR BUSINESS OR OTHER FINANCIAL LOSS. IN ANY CASE, THE ENTIRE LIABILITY OF KESTRA AND ITS AGENTS, CONSULTANTS, CONTRACTORS AND SUPPLIERS UNDER THIS LICENSE, OR ARISING OUT OF THE USE OF THE SYSTEM, SHALL NOT EXCEED IN THE AGGREGATE THE PURCHASE PRICE OF THE LICENSE OR LICENSES TO THE SYSTEM. SOME STATES, COUNTRIES OR JURISDICTIONS LIMIT THE SCOPE OF OR PRECLUDE LIMITATIONS OR EXCLUSION OF REMEDIES OR DAMAGES, OR OF LIABILITY, SUCH AS LIABILITY FOR GROSS NEGLIGENCE OR WILLFUL MISCONDUCT, AS OR TO THE EXTENT SET FORTH ABOVE, OR DO NOT ALLOW IMPLIED WARRANTIES TO BE EXCLUDED. IN SUCH STATES, COUNTRIES OR JURISDICTIONS, THE LIMITATION OR EXCLUSION OF WARRANTIES, REMEDIES, DAMAGES OR LIABILITY SET FORTH ABOVE MAY NOT APPLY TO YOU. HOWEVER, ALTHOUGH THEY SHALL NOT APPLY TO THE EXTENT PROHIBITED BY LAW, THEY SHALL APPLY TO THE FULLEST EXTENT PERMITTED BY LAW. YOU MAY ALSO HAVE OTHER RIGHTS THAT VARY BY STATE, COUNTRY OR OTHER JURISDICTION.

General. This Agreement shall be governed by laws of the State of Washington, U.S.A., exclusive of its conflict of laws provisions. This Agreement contains the complete agreement between the parties with respect to the subject matter hereof, and supersedes all prior or contemporaneous agreements or understandings, whether oral or written. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, that provision will be enforced to the maximum extent permissible, and the remaining provisions of this Agreement will remain in full force and effect. The controlling language of this Agreement, and any proceedings relating to this Agreement, shall be English. You agree to bear any and all costs of translation, if necessary. The headings to the sections of this Agreement are used for convenience only and shall have no substantive meaning. All questions concerning this Agreement shall be directed to: Kestra Medical Technologies, Inc., 3933 Lake Washington Blvd., Suite 200, Kirkland, WA 98033 U.S.A., Attention: Legal Department. Unpublished rights reserved under the copyright laws of the United States of America.