Effective Date: May 27, 2026
Version 1.3 · Download PDF · Previous versions
These Master Services Terms govern all services provided by Rollout AI, Inc. (“the Company”) to its clients, including Managed IT, Web Development, and Chief AI Officer services. They are incorporated by reference into each signed Order Form.
How This Agreement Works
These Master Services Terms (“Terms” or “Agreement”) set out the rights and obligations of the Company and each client (“Client”) with respect to all Managed IT, Web Development, and Chief AI Officer services, and any related addenda. The Terms are a standard, non-negotiable published document.
Order Form. Each engagement is initiated by a signed Order Form that: (i) identifies the Company entity and the Client; (ii) selects the applicable products and service plans; (iii) specifies the Client’s environment details; (iv) sets fees; and (v) establishes the Effective Date. The Order Form is the customer-specific document.
Service Schedules. This Agreement contains four service schedules. Schedule A (Managed IT Services), Schedule B (Web Development Services), Schedule C (Chief AI Officer Services), and Schedule D (SOC 2 Implementation Services) each apply only to the extent the corresponding service is selected in the Order Form. By selecting a service on the Order Form, Client agrees to be bound by the applicable schedule(s).
Addenda. Where a specific engagement requires project-specific detail beyond these Terms and the Order Form (such as Chief AI Officer deliverables or SOC 2 audit scope selections), the parties will execute a Statement of Work or Addendum. In the event of a conflict between an Addendum and these Terms, the Addendum controls for the matters it addresses.
Order of Precedence. In the event of a conflict, documents control in the following order: (1) a signed Addendum (for matters specific to that Addendum); (2) the signed Order Form; (3) these Master Services Terms.
Standard Terms. These Terms are published as a standard form and are not subject to negotiation or modification on a per-client basis. Special terms or overrides, if any, are captured exclusively in the Order Form or a signed Addendum.
Schedule A: Managed IT Services
The following services are included in the monthly Managed IT Services fee as set forth in the applicable Order Form. The specific support plan, coverage scope, and baseline counts are defined per client in the Order Form.
A.1 Remote Support
Remote helpdesk support for all Covered Equipment at Covered Locations listed in the Order Form, in accordance with the support plan selected in the Order Form. Support is provided during Standard Business Hours (“SBH”), defined as Monday through Friday, 8:00 AM – 5:00 PM in the timezone of Client’s primary business location as specified in the Order Form, excluding U.S. federal holidays. After-hours emergency support is available at the rates set forth in the Order Form. On-site support, where included, is provided as specified in the Order Form and may be delivered directly by Company personnel or through third-party contractors engaged by the Company.
A.2 Proactive Monitoring & Alerting
24/7 monitoring of Covered Equipment for hardware failures, service interruptions, disk utilization, CPU performance, and security events. Automated service tickets are created and triaged on detection of critical alerts.
A.3 Patch Management
Automated deployment of critical and security patches for Microsoft Windows and macOS operating systems and Microsoft Office / Microsoft 365 applications. Patches are tested and deployed during approved maintenance windows, typically scheduled outside of standard business hours to minimize disruption.
A.4 Endpoint Protection
Business-grade endpoint detection and response (EDR) for all Covered Equipment. Includes real-time threat monitoring, automated remediation, and incident escalation for confirmed threats.
A.5 Security Awareness Training
Mandatory annual security awareness training for all Client end users, delivered through the Company’s managed training platform. Includes simulated phishing campaigns and policy compliance modules.
A.6 Backup & Disaster Recovery
Cloud and/or local backup of Covered Servers on a schedule established during onboarding and documented in the Company’s internal records. Includes quarterly test restores documented and reported to Client. Backup storage capacity is subject to reasonable limits; additional capacity may be quoted separately.
A.7 Cloud Services Management
Administration and support of Client’s cloud productivity environment, including Microsoft 365 and/or Google Workspace as applicable. Covered services include user provisioning and deprovisioning, mailbox administration, file storage and sharing administration (SharePoint/OneDrive or Google Drive), and collaboration tool configuration (Teams, Google Meet/Chat). By default, the Company manages licensing procurement for the covered platform on Client’s behalf. Clients who elect to self-manage licensing must indicate this in the Order Form; the Company will provide administration support only in that case.
A.8 Quarterly Business Reviews & IT Planning
The Company will conduct quarterly business reviews with Client’s designated representative to assess service performance, review the IT environment health, discuss upcoming needs, and align on priorities. The Company will prepare and deliver an annual IT roadmap tailored to Client’s business objectives. Findings and recommendations from quarterly reviews will be documented and shared with Client.
A.9 Monthly Reporting
Monthly executive summary report covering: resolved tickets, patch compliance, backup success rate, security events, and endpoint health.
A.10 Client Responsibilities
We do our best work when clients maintain a healthy, well-managed environment. Client agrees to maintain the following standards throughout the Term to enable consistent, reliable service delivery:
- Designate a primary point of contact authorized to approve changes, access requests, and invoices.
- Ensure all Covered Equipment is less than five (5) years old and covered by an active manufacturer warranty. Equipment reaching five years of age must be replaced. Work to restore or replace equipment over five years will be billed as Additional Services.
- Maintain all server, desktop, and laptop operating systems on a vendor-supported version with at least twelve (12) months of remaining vendor support. Unsupported operating systems must be removed from network access.
- Maintain active manufacturer support contracts for network hardware (routers, switches, firewalls).
- Maintain genuine, licensed, and vendor-supported software for all applications on the network.
- Ensure all wireless data traffic in the environment is securely encrypted.
- Staffing Changes. Notify the Company: (a) within twenty-four (24) hours of any employee termination or departure (to facilitate timely account deprovisioning and access revocation); (b) at least seven (7) business days before any new hire’s start date (to prepare access and onboarding); and (c) within forty-eight (48) hours of any role change that affects system access. Failure to provide timely notice may result in additional billable remediation services and/or security incidents for which the Company is not liable.
- Environment Changes. Provide the Company with at least fourteen (14) days’ prior written notice of any planned changes to Client’s IT environment that may affect the Services, including but not limited to: new systems or cloud platforms, office relocations, significant network infrastructure changes, new business applications, or changes in third-party vendors with system access. Emergency changes should be reported as soon as practicable.
- Support Channels. Submit all support requests through the Company’s designated helpdesk portal, support email address, or support phone number as communicated by the Company. Direct messages or calls to individual Company personnel do not constitute a support request, are not tracked under the SLA, and may not receive timely attention.
- Maintain cyber liability insurance as required by the Agreement Terms.
- Ensure that all end users participate in security awareness training as scheduled by the Company.
- Provide Company personnel with physical and remote access to Covered Equipment as reasonably necessary to perform the Services.
A.11 Change Requests
Minor Change Requests (fewer than eight (8) continuous engineering hours): included within the monthly Services fee. Examples: software deployment to existing devices, user account changes, VLAN modifications, minor configuration updates.
Major Change Requests / Projects (eight (8) or more continuous engineering hours, or a defined start-and-end scope): out-of-scope and billed separately as Additional Services at the hourly rates set forth in the Order Form. All projects require a signed Statement of Work before commencement.
All change requests require written Client approval, whether included in the monthly fee or billed separately.
Schedule B: Web Development Services
Where selected in the Order Form, the Company provides web development services as a subscription retainer. The specific plan, features, and monthly fee are set forth in the Order Form.
Web Development services generally include website and web application maintenance, content updates, and development work within the scope of the selected plan. Plan features are described in the Order Form in effect at the time of signing. The Company may update plan features from time to time; material changes will be reflected in future Order Forms.
Web Development services do not include hosting fees (unless expressly included in the Order Form), third-party software licenses, or domain registration costs, which are Client’s responsibility unless otherwise agreed in writing.
Schedule C: Chief AI Officer Services
This schedule applies where Chief AI Officer (“CAIO”) services are selected in the Order Form. The specific plan tier and monthly fee are set forth in the Order Form; project-specific deliverables, milestones, and scope are defined in a signed Statement of Work or Addendum for each engagement.
C.1 Services
Advisory Services. CAIO advisory services may include: AI strategy development and roadmap planning; AI vendor and platform evaluation and selection; AI governance framework design; AI risk assessment and responsible use policy development; executive advisory and stakeholder communication support; and ongoing AI opportunity identification and analysis. Advisory services do not constitute legal, financial, or regulatory compliance advice.
AI Tool Development. Where included in the applicable Statement of Work, the Company will design, develop, test, and deploy custom AI-powered tools, workflows, automations, and integrations tailored to Client’s business operations.
Maintenance and Support. The Company will provide ongoing maintenance and support for deployed AI tools, including: bug fixes, performance optimization, prompt and model configuration updates, and integration maintenance as underlying third-party APIs evolve. Major feature development beyond the original Statement of Work scope is subject to additional fees.
Delivery and Acceptance. Upon delivery of each AI tool or milestone, Client will have ten (10) business days to review and either accept the deliverable or provide written notice of specific defects. If Client does not provide written defect notice within ten (10) business days, the deliverable is deemed accepted.
C.2 Intellectual Property
All intellectual property created under this schedule belongs exclusively to the Company.
Company Ownership. All AI tools, code, software, algorithms, models, model configurations, fine-tuned weights, prompts, system prompts, workflow designs, automation logic, integrations, and documentation created in connection with CAIO services (“Developed IP”) are the exclusive property of the Company. To the extent any Developed IP qualifies as a work made for hire, it is so designated; to the extent it does not, Client hereby irrevocably assigns all right, title, and interest to the Company.
No Transfer. Nothing in this Agreement constitutes a sale, transfer, or assignment of ownership of any Developed IP to Client. Client’s rights are limited to the subscription license in Section C.3.
Pre-Existing IP. The Company retains all rights in tools, code, frameworks, models, and methodologies developed prior to or independently of this Agreement. Client retains ownership of all data and systems it owned prior to this Agreement and grants the Company a limited license to use such materials solely to deliver CAIO services.
Non-Exclusive Development. Client acknowledges that the Company may develop similar AI tools for other clients. The Company will not disclose Client’s Confidential Information to other clients, but general knowledge, techniques, and patterns refined through work with Client may be applied in other engagements.
C.3 License Grant
Subscription License. Subject to Client’s timely payment of fees and compliance with this Agreement, the Company grants Client a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to access and use the Developed IP solely for Client’s internal business operations, in the form delivered by the Company, and during the Term.
Automatic Suspension on Non-Payment. If Client fails to pay any amount due within ten (10) days of the due date, the AI License is automatically suspended. The Company may disable Client’s access to all AI tools immediately. The license is not reinstated until all outstanding amounts are paid in full.
License Restrictions. Client may not: (i) copy, distribute, sell, sublicense, rent, lease, or transfer the Developed IP; (ii) reverse engineer, decompile, or attempt to derive the source code, model weights, system prompts, or underlying algorithms of any AI tool; (iii) modify or create derivative works based on the Developed IP without the Company’s prior written consent; (iv) use any AI tool to develop a competing product or service; or (v) represent to any third party that Client owns or has developed the AI tools.
C.4 Acceptable Use
Client agrees to use all AI tools solely for Client’s internal business purposes as described in the applicable Statement of Work. Client may not use any AI tool to: generate or distribute defamatory, harassing, or abusive content; engage in deception, fraud, phishing, or impersonation; generate spam or content designed to manipulate public discourse; infringe any third-party intellectual property right; produce content that is illegal under applicable law; circumvent applicable laws or third-party platform terms; or facilitate unauthorized access to computer systems or data.
Human Oversight. Client agrees to maintain appropriate human review and oversight for any consequential business decisions informed by AI tool outputs. AI tools are designed to augment human judgment, not to replace it.
C.5 AI Output Disclaimer
AI tools generate outputs based on statistical models and training data. Such outputs may be inaccurate, incomplete, biased, or inconsistent. The Company makes no warranty that AI tool outputs will be accurate, complete, error-free, or fit for any particular purpose. Client uses AI tool outputs at its own risk. AI language models may generate plausible-sounding but factually incorrect information; Client acknowledges this and agrees to implement appropriate verification procedures before relying on AI-generated claims. If Client operates in a regulated industry, Client is solely responsible for ensuring that its use of AI tools complies with all applicable laws and regulations.
C.6 Data and Third-Party Platforms
Client Data. Client Data remains the property of Client. The Company will use Client Data solely to provide CAIO services and will not disclose it to third parties except as required to operate the AI tools or as required by law.
Third-Party AI Platforms. AI tools may operate on top of third-party AI platforms (e.g., OpenAI, Anthropic, Google, AWS). Client’s use is subject to those platforms’ terms of service and data handling terms. The Company will use enterprise-tier API access where available. The Company will not use Client’s Confidential Information to fine-tune models for other clients without Client’s written consent.
Data Return. Upon termination, the Company will return or make available Client Data within thirty (30) days and delete or destroy it from the Company’s systems within sixty (60) days, except as required by law.
Schedule D: SOC 2 Implementation Services
This schedule applies where SOC 2 Implementation Services are engaged. SOC 2 implementation is an add-on service available to clients on the Managed IT Scale plan. This schedule governs the Company’s provision of SOC 2 implementation services, including compliance program design, operational control implementation, GRC platform access, and third-party audit facilitation. The specific scope, audit type, Trust Service Criteria selections, and fees for each SOC 2 engagement are set forth in a signed Statement of Work or Addendum.
D.1 Services
Readiness Assessment. The Company will conduct an initial SOC 2 readiness assessment to evaluate Client’s current compliance posture against the applicable Trust Service Criteria. The assessment will identify gaps in existing controls, policies, and procedures, and produce a written gap analysis and implementation roadmap delivered to Client within the timeframe specified in the Statement of Work.
Compliance Program Design. Based on the readiness assessment, the Company will design and document a SOC 2-aligned compliance program, including: information security policies and procedures (acceptable use, access control, change management, incident response, vendor management, and business continuity); a risk assessment framework and initial risk register; evidence collection procedures; and a roles and responsibilities matrix for ongoing compliance operations.
Operational Control Implementation. The Company will implement and operationalize the following on Client’s behalf: access review and user access recertification processes; vendor risk management program; security incident response plan and tabletop exercise; business continuity and disaster recovery plan documentation; security awareness training program coordination; and background check and onboarding/offboarding procedure documentation.
GRC Platform. The Company will provision and manage a governance, risk, and compliance (“GRC”) platform for Client’s use during the Term of the SOC 2 engagement. The GRC platform is provided as a white-labeled service by a third-party vendor disclosed to Client upon request. Access is included in the SOC 2 service fee and terminates upon expiration or termination of the SOC 2 engagement.
Audit Facilitation. The Company will coordinate and facilitate Client’s SOC 2 audit with the third-party auditor identified in the Statement of Work, including: auditor onboarding and kickoff coordination; evidence collection and packaging; management response coordination; and audit query support. The auditor is an independent professional services firm and is not an employee, agent, or subcontractor of the Company.
Ongoing Compliance Support. Following completion of the initial audit, the Company will provide quarterly compliance reviews, evidence refresh support, policy update maintenance, and GRC platform management for the duration of the engagement.
D.2 Excluded Services: Engineering Controls
The Company’s services under this schedule are limited to the implementation of operational controls and compliance program design. The following are expressly excluded and will not be provided unless agreed in a separate Statement of Work:
- Configuration and hardening of Client’s cloud infrastructure (AWS, Azure, Google Cloud, or other providers)
- Implementation of technical access controls, IAM policies, or multi-factor authentication within Client’s systems
- Deployment or configuration of logging, monitoring, SIEM, intrusion detection, or vulnerability scanning tools
- Implementation of encryption at rest or in transit within Client’s applications or data stores
- Penetration testing, vulnerability assessments, or code review
- Network segmentation, firewall configuration, or zero-trust architecture implementation
- Any access to Client’s production environment, cloud console, or source code repositories
Client’s Engineering Controls Responsibility. Client acknowledges that SOC 2 certification requires both operational controls (provided by the Company under this schedule) and engineering controls (Client’s sole responsibility). The Company’s obligations are fully satisfied upon delivery of operational controls and audit facilitation regardless of the auditor’s findings regarding Client’s engineering controls.
D.3 Client Responsibilities
Compliance Lead. Client shall designate at least one (1) internal employee or contractor authorized to make compliance decisions, provide evidence, respond to auditor inquiries, and coordinate with the Company. Client shall notify the Company promptly of any change in Compliance Lead.
Timely Participation. Client shall: respond to the Company’s information requests and evidence tasks within five (5) business days; participate in scheduled working sessions and auditor meetings; review and approve documentation within ten (10) business days of delivery; and implement all engineering controls within the agreed timelines.
Pre-Existing Issues. Client shall disclose to the Company, prior to the readiness assessment, any known security incidents, data breaches, regulatory investigations, prior audit findings, or material control deficiencies.
Auditor Cooperation. Client shall cooperate fully with the auditor, including providing timely access to personnel, systems (subject to Section D.2), and documentation as requested.
D.4 No Guarantee of SOC 2 Certification
The Company does not guarantee, represent, or warrant that Client will receive a SOC 2 Type I or Type II report, a clean opinion, or any favorable audit finding. Certification outcomes depend on factors outside the Company’s control, including the adequacy of Client’s engineering controls, the accuracy of information provided by Client, Client’s timely completion of its responsibilities, and the auditor’s independent professional judgment. The Company’s obligations under this schedule are not breached solely by reason of an adverse audit finding.
D.5 Enhanced Confidentiality for Compliance Materials
All policies, procedures, risk assessments, audit evidence, GRC platform data, gap analyses, and audit reports generated under this schedule (“Compliance Materials”) are Client’s Confidential Information. The Company will not disclose Compliance Materials to any third party other than the auditor and, as strictly necessary, the GRC vendor, without Client’s prior written consent. Upon expiration or termination of the SOC 2 engagement, the Company will provide Client with a complete export of Compliance Materials within thirty (30) days and delete or destroy Client’s Compliance Materials from the Company’s systems thereafter.
D.6 Limitation of Liability (SOC 2 Specific)
In addition to the limitation of liability provisions in Section 14, the Company is not liable for: (i) any failure by Client to achieve SOC 2 certification or any particular audit outcome; (ii) any qualified opinion, exception, or adverse finding issued by the auditor; (iii) any loss, penalty, regulatory action, or reputational harm resulting from a failed, delayed, or adverse audit; (iv) any deficiency in Client’s engineering controls or other matters outside the scope of this schedule; or (v) any act or omission of the auditor or the GRC vendor.
Schedule E: Excluded Services
The following are not included in the monthly Services fee and will be quoted and billed as Additional Services at the rates set forth in the Order Form, or as fixed-fee Projects under a separate Statement of Work.
- Projects (as defined in Section A.11 Change Requests)
- Support for software, hardware, or line-of-business applications not listed in the Order Form
- Support for Covered Equipment over five (5) years of age
- Work required to bring Client’s environment into compliance with the Client Responsibilities section, including onboarding remediation
- Support for Unknown Devices (BYOD) not covered under the Order Form
- After-hours emergency support (at the rates set forth in the Order Form)
- Procurement or resale of hardware or software
- Office relocations, new branch offices, or significant infrastructure expansions
- Data recovery beyond the scope of the included backup solution
- Legal hold, eDiscovery, or forensic support
- Regulatory compliance consulting or audit preparation
Schedule F: Service Level Targets
“Initial Response Time” means the elapsed time from ticket creation to first acknowledgment and assignment by a Company technician. Response time targets apply to remote support. Resolution times are targets and depend on issue complexity and Client’s cooperation. “Standard Business Hours” (“SBH”) are as defined in Section A.1 and the Order Form.
| Issue Description | Priority | Initial Response (Business Hours) | Initial Response (After Hours) |
|---|---|---|---|
| Service unavailable: all users and core functions down (e.g., server down, internet out) | P1: Critical | 30 min. | 1 hr. |
| Significant service degradation: large number of users or critical functions affected | P2: High | 2 hrs. | 4 hrs. |
| Limited degradation: small number of users affected; business can continue | P3: Medium | 4 hrs. | 8 hrs. |
| Minor issue: single user affected; business process uninterrupted | P4: Low | 8 hrs. | 24 hrs. |
Agreement Terms
This section, together with the Schedules above, constitutes the entire Master Services Agreement (“Agreement”) between the Company and Client. The specific terms of each engagement, including party identification, support plan, fees, and environment details, are set forth in the signed Order Form, which is incorporated herein by reference.
1. Services
During the Term, the Company will provide Client with the services selected in the applicable Order Form (“Services”), which may include Managed IT Services (Schedule A), Web Development Services (Schedule B), Chief AI Officer Services (Schedule C), and/or SOC 2 Implementation Services (Schedule D), together with any Additional Services agreed to in writing. All services, deliverables, and obligations not expressly set forth in this Agreement are out of scope and will not be provided unless the Company agrees in a separate written Statement of Work. Service-specific details, baseline counts, and fees are defined per client in the applicable Order Form.
2. Duties of the Parties
A. Company. The Company agrees to use commercially reasonable efforts to timely deliver and support the Services in accordance with applicable industry standards and the service level targets set forth in Schedule F. The Company assigns qualified, trained personnel to each engagement and maintains documentation of Client’s IT environment and configurations. The Company also maintains its own business continuity and disaster recovery plan to minimize disruption to service delivery.
B. Client. Client agrees to: (i) maintain a valid payment method on file in accordance with Section 3, including a valid ACH Debit authorization where ACH Debit is the elected Payment Method on the Order Form; (ii) provide the Company with reasonable access to Client’s facilities, computer systems, and personnel as necessary to deliver the Services; (iii) designate an authorized point of contact with authority to approve changes, requests, and invoices; (iv) comply with all Client Responsibilities set forth herein; and (v) provide advance notice of environment changes as described in the Client Responsibilities section. Client acknowledges that delivery of certain Services may require remote access to Client’s computer systems, and Client consents to such access in connection with the performance of the Services.
C. Co-Management and Admin Access. The Company does not co-manage IT environments with Client unless separately agreed in a signed addendum. The Company will not grant Client or Client’s staff administrative access to Company-managed systems, platforms, or tools used to deliver the Services. Where Client or Client’s staff independently take administrative actions on Client’s own systems that affect the Services (including creating or deleting user accounts, changing network configurations, installing software, or modifying security settings), any remediation or support work required as a result will be billed as Additional Services at the rates set forth in the Order Form. The Company is not liable for issues arising from Client’s unauthorized administrative actions.
3. Pricing and Payment
A. Fees. The fees for the Services are set forth in the applicable Order Form. Hourly rates for Additional Services and Out-of-Scope Services are also set forth in the Order Form.
B. Payment Method: ACH Debit Authorization. Where Client elects ACH Debit as the Payment Method on the Order Form, by signing the Order Form Client authorizes the Company to initiate ACH debit transactions from Client’s designated bank account on file for all monthly Services fees on or after each invoice date. Client shall provide a completed ACH authorization form and banking information prior to the Effective Date. This authorization remains in effect for the duration of the Term and may be revoked by providing thirty (30) days’ prior written notice to the Company, after which Client must arrange an alternative payment method acceptable to the Company before the next invoice date. Revocation of ACH authorization ends the ACH Discount described in Section 3.C effective on the next invoice date. The Company is not responsible for any bank fees incurred by Client in connection with ACH debits.
C. ACH Discount. The fees set forth in the Order Form are standard rates payable by Client regardless of payment method. Where Client elects ACH Debit as the Payment Method on the Order Form and maintains a valid ACH authorization on file with the Company, the ACH Discount specified in the Order Form will be applied to all monthly recurring Services fees for the duration that ACH Debit remains the active Payment Method. The ACH Discount does not apply to one-time fees, hardware, software, licensing, or third-party services procured on Client’s behalf. If Client revokes ACH authorization, fails to maintain valid banking information, or elects an alternative payment method (including credit card), the ACH Discount will cease and standard rates will apply beginning on the next invoice date following the change. No surcharge is imposed on credit card or other non-ACH payment methods; such payments are simply not eligible for the ACH Discount.
D. Payment Terms. Monthly Services fees are invoiced in advance and debited or otherwise collected on or after the invoice date. Payment for hardware, software, licensing, and third-party services procured on Client’s behalf is due upon receipt of invoice.
E. Late Payment. Any amount not received within twenty (20) days of the invoice date shall bear interest at eighteen percent (18%) per annum (1.5% per month) from the due date until paid in full, or the maximum rate permitted by applicable law, whichever is less. In the event of account delinquency, the Company may, upon five (5) business days’ written notice to Client, suspend Services until all outstanding amounts are paid in full. Upon reinstatement of suspended Services, a reinstatement fee equal to five (5) days of the then-current monthly Services fee (at a per-diem rate of 1/30th of the monthly fee) will be charged before Services resume. Client shall pay all collection costs, court costs, and reasonable attorneys’ fees incurred by the Company in collecting delinquent amounts.
F. Fee Disputes. Client must notify the Company in writing of any dispute regarding a fee or invoice within thirty (30) days of the invoice date. Disputes not raised within thirty (30) days are deemed waived.
G. Annual Increases. Fees are subject to an annual increase of up to six percent (6%) effective on each anniversary of the Effective Date. The Company will provide at least thirty (30) days’ prior written notice of any such increase.
H. Taxes. All fees are exclusive of applicable federal, state, and local taxes. Client shall pay all such taxes, unless Client provides the Company with a valid tax exemption certificate.
I. Device Count Adjustments. For Managed IT Services, the Company monitors the number of active managed devices through its remote monitoring tools. Client’s monthly invoice will automatically reflect the actual device count as follows: (i) increases in device count take effect on the next monthly invoice; (ii) decreases in device count that are sustained for thirty (30) or more consecutive days will be reflected on the following month’s invoice; and (iii) the minimum billable device count is the lower bound for the applicable plan tier as specified in the Order Form. No amendment or new Order Form is required for device count adjustments that remain within the device range of the Client’s selected plan tier. Adjustments that would require a change in plan tier require a written amendment to the Order Form.
4. Term and Termination
A. Initial Term. This Agreement is effective as of the date both parties have executed the Order Form (“Effective Date”) and continues for an initial term of one (1) year (“Initial Term”).
B. Renewal. Upon expiration of the Initial Term, this Agreement automatically renews for successive one (1)-year periods (“Renewal Terms”) unless either party provides at least ninety (90) days’ prior written notice of non-renewal before the end of the then-current Term.
C. Termination for Convenience. After the Initial Term, either party may terminate this Agreement for convenience upon at least ninety (90) days’ prior written notice. Client shall remain responsible for all monthly fees during the notice period.
D. Termination for Cause. Either party may terminate this Agreement for cause upon written notice if: (i) the other party commits a material breach and fails to cure within twenty (20) days (ten (10) days for non-payment) following written notice specifying the breach; (ii) the other party files or has filed against it a bankruptcy or insolvency petition not dismissed within sixty (60) days; or (iii) with respect to Client, Client or Client’s staff engages in abusive or threatening conduct toward Company personnel, in which case the Company may terminate upon ten (10) days’ notice.
E. Remedies for Early Termination. If the Company terminates for cause, or if Client terminates without cause before the expiration of the then-current Term, Client agrees to pay the Company a termination fee equal to all monthly fees due through the remainder of the then-current Term at the fees in effect as of the date of termination. If Client terminates for cause, Client is responsible only for fees for Services properly delivered up to the effective date of termination.
F. Transition and Offboarding. Upon expiration or termination, each party shall return all equipment, software, and materials provided by the other party, and cooperate in good faith to transition Services. Client shall pay the Company’s then-current hourly rates for any transition assistance requested. The Company will retain Client data for thirty (30) days following termination. Client is solely responsible for transferring its data, redirecting email services (including MX record updates), and establishing replacement solutions prior to termination.
G. Transition from Prior Provider. If Services involve transitioning Client from a previous IT provider, the Company will use commercially reasonable efforts to coordinate with the prior provider. The Company shall not be responsible for issues arising during the transition period and shall have no liability for the state of Client’s environment until the Company is the sole provider of the Services.
5. Ownership
All materials, intellectual property, software tools, scripts, documentation, and other work product developed by the Company prior to or independently of this Agreement (“Company Property”) remain the exclusive property of the Company. Client receives no license to Company Property except as expressly set forth herein. All materials, data, and intellectual property owned by Client prior to the Effective Date (“Client Property”) remain the exclusive property of Client. The Company receives no license to Client Property except as necessary to perform the Services. Any non-third-party software installed or provided by the Company for Client’s use remains the proprietary property of the Company unless otherwise agreed in a signed addendum.
6. Confidential Information
Both parties will share sensitive business and technical information in the course of this engagement. This section governs how we each handle it.
A. Definition. “Confidential Information” means any non-public information disclosed by one party (“Disclosing Party”) to the other (“Receiving Party”) in connection with this Agreement that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and circumstances of disclosure, including without limitation: trade secrets, technical data, business plans, financial information, customer lists, pricing, software and source code, security practices, network configurations, personnel information, and the terms of this Agreement.
B. Exclusions. Confidential Information does not include information that: (i) is or becomes publicly known through no act or omission of the Receiving Party; (ii) was rightfully known to the Receiving Party before disclosure without restriction; (iii) is rightfully received from a third party without restriction; or (iv) is independently developed without use of or reference to the Disclosing Party’s Confidential Information.
C. Obligations. Each party agrees to: (i) hold the other’s Confidential Information in strict confidence using at least the same degree of care it uses for its own confidential information, but no less than reasonable care; (ii) use Confidential Information solely for purposes of performing or receiving the Services; and (iii) not disclose Confidential Information to any third party without prior written consent, except to employees, contractors, or advisors with a need to know who are bound by confidentiality obligations no less protective than those herein.
D. Compelled Disclosure. A Receiving Party may disclose Confidential Information if required by court order or law, provided it: (i) gives prompt written notice before disclosure; (ii) cooperates in seeking a protective order; and (iii) limits disclosure to the minimum required.
E. Survival. Confidentiality obligations survive termination of this Agreement in perpetuity with respect to trade secrets, and for three (3) years with respect to all other Confidential Information.
7. Non-Solicitation of Employees
During the Term and for twelve (12) months following expiration or termination, Client shall not directly or indirectly solicit for employment, hire, or engage any person who: (i) was employed by or contracted with the Company at any time during the preceding twelve (12) months; and (ii) was involved in performing Services for Client. In the event of a breach, Client agrees to pay the Company, as liquidated damages and not as a penalty, a sum equal to twenty-four (24) months’ compensation for each such individual at the rate paid by the Company during the last full month of that individual’s engagement. The Company shall also be entitled to seek injunctive relief to prevent any such violation, without the necessity of proving actual damages or posting a bond.
8. Force Majeure
Neither party shall be liable for failure or delay in performance to the extent caused by circumstances beyond that party’s reasonable control, including: acts of God, natural disasters, pandemic, fire, flood, war, terrorism, civil unrest, labor disputes, government actions, power or telecommunications failures, or internet service provider failures (“Force Majeure Event”). The affected party shall provide prompt written notice and use commercially reasonable efforts to minimize the impact. A Force Majeure Event does not excuse Client’s obligation to pay amounts already due and owing.
9. Representations and Warranties
Each party represents and warrants that: (i) it has the full right, power, and authority to enter into and perform this Agreement; (ii) the execution and performance of this Agreement have been duly authorized by all necessary action; (iii) this Agreement constitutes a valid and binding obligation, enforceable in accordance with its terms; and (iv) the execution and performance of this Agreement do not and will not violate any agreement, order, or law to which such party is a party or by which it is bound.
10. Disclaimer of Warranties
EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE COMPANY MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, WITH RESPECT TO ANY SERVICES, HARDWARE, SOFTWARE, OR THIRD-PARTY SERVICES PROVIDED HEREUNDER. THE COMPANY DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, ERROR-FREE, OR FREE FROM UNAUTHORIZED ACCESS, OR THAT THE SERVICES WILL DETECT OR PREVENT EVERY SECURITY THREAT OR VULNERABILITY. ALL SERVICES ARE PROVIDED “AS IS.”
11. Cybersecurity
A. General Acknowledgment. The parties acknowledge that: (i) cybersecurity threats are continuously evolving and no service can guarantee complete security; (ii) no transmission over the Internet is 100% secure; and (iii) the effectiveness of any cybersecurity services is contingent upon Client implementing and maintaining its own administrative, technical, and physical safeguards.
B. Company Disclaimer. The Company: (i) does not guarantee the security of Client’s information, systems, or networks; (ii) disclaims any representation regarding any specific level of security; (iii) is not liable for the actions or errors of Client’s employees, contractors, or agents with respect to Client’s equipment or systems; and (iv) is not obligated to implement Client’s own safeguards unless specifically agreed in a signed addendum.
C. Client Cyber Insurance. Client represents and warrants that it maintains, at its own expense, cyber liability insurance with limits of no less than One Million Dollars ($1,000,000) per occurrence and in the annual aggregate. Coverage shall include liability arising from: (i) theft, dissemination, or use of confidential or personal data stored or transmitted electronically; and (ii) introduction of malicious code or damage to a third party’s systems or data. Client shall provide evidence of such coverage upon request.
12. BYOD / Unknown Devices
Client is strongly advised not to connect devices not covered under the applicable Order Form (“Unknown Devices”) to Client’s managed network environment. The Company will not be responsible for diagnosing or remediating issues caused by Unknown Devices and is not obligated to provide Services to any Unknown Device. If Client elects to connect Unknown Devices, Client does so at its own risk and the Company’s liability exclusions herein shall fully apply.
13. Third-Party Management Tools and Vendors
The Company relies on certain third-party vendors and software platforms to deliver the Services (e.g., remote monitoring and management tools, endpoint protection, backup, and security awareness platforms). Client acknowledges that these vendor relationships may change from time to time. The Company will endeavor to notify Client of any material changes that may affect Client’s environment. Client is responsible for maintaining its own agreements and licenses with its third-party vendors for line-of-business applications, Client-owned hardware warranties, and Client-selected software not provided by the Company.
14. Limitation of Liability
These liability limits are a fundamental part of our pricing. We want to be transparent about them so there are no surprises.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE COMPANY SHALL NOT BE LIABLE TO CLIENT OR ANY THIRD PARTY FOR ANY INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE SERVICES, INCLUDING WITHOUT LIMITATION LOSS OF PROFITS, LOSS OF DATA, LOSS OF GOODWILL, BUSINESS INTERRUPTION, OR EQUIPMENT DOWNTIME, REGARDLESS OF THE THEORY OF LIABILITY AND EVEN IF THE COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
THE COMPANY’S AGGREGATE LIABILITY TO CLIENT FOR ANY AND ALL CLAIMS ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE SERVICES SHALL NOT EXCEED THE TOTAL FEES PAID BY CLIENT TO THE COMPANY DURING THE SIX (6)-MONTH PERIOD IMMEDIATELY PRECEDING THE FIRST OCCURRENCE OF THE EVENT GIVING RISE TO LIABILITY. CLIENT ACKNOWLEDGES THAT THESE LIMITATIONS WERE A MATERIAL INDUCEMENT FOR THE COMPANY TO ENTER INTO THIS AGREEMENT AT THE AGREED FEES.
15. Indemnification
Client agrees to indemnify, defend, and hold harmless the Company and its principals, officers, directors, employees, and agents from and against any and all claims, liabilities, damages, losses, costs, and expenses (including reasonable attorneys’ fees) arising out of or resulting from: (i) Client’s breach of any provision of this Agreement; (ii) Client’s negligence or willful misconduct; (iii) Client’s violation of any applicable law or regulation; or (iv) any claim by a third party arising from Client’s data, systems, or business operations.
16. General Terms
A. Entire Agreement. This Agreement (including the Order Form and any signed Addenda) constitutes the entire agreement between the parties with respect to its subject matter and supersedes all prior agreements, understandings, and discussions, whether oral or written. No amendment or modification shall be valid unless made in writing and signed by authorized representatives of both parties.
B. Severability. If any provision of this Agreement is found to be unenforceable or invalid, such provision shall be modified to the minimum extent necessary to make it enforceable, and the remainder of this Agreement shall continue in full force and effect.
C. Waiver. No failure or delay in exercising any right or remedy shall constitute a waiver of that right or remedy. A waiver of any provision is effective only if made in writing.
D. Assignment. Neither party may assign this Agreement or any rights or obligations hereunder without the prior written consent of the other party, except that the Company may assign this Agreement in connection with a merger, acquisition, or sale of all or substantially all of its assets upon thirty (30) days’ written notice to Client.
E. Independent Contractors. The parties are independent contractors. Nothing herein shall be construed to create a joint venture, partnership, employment, agency, or franchise relationship.
F. No Third-Party Beneficiaries. This Agreement is for the sole benefit of the parties and their permitted successors and assigns. Nothing herein shall create any rights in any third party.
G. Electronic Execution. This Agreement and Order Forms may be executed in counterparts. Electronic signatures (including DocuSign and similar platforms) are deemed valid and binding to the same extent as original ink signatures.
H. Survival. Sections 5 (Ownership), 6 (Confidential Information), 7 (Non-Solicitation), 14 (Limitation of Liability), 15 (Indemnification), and 17 (Dispute Resolution), and Client’s obligation to pay all amounts due, shall survive expiration or termination of this Agreement.
I. Marketing and Publicity. Client grants the Company a non-exclusive, royalty-free, worldwide license to use Client’s name, logo, and a general description of the services provided as a reference in the Company’s marketing materials, website, case studies, proposals, and public communications. The Company will not make detailed disclosures about Client’s specific IT environment or business operations without Client’s prior written consent. Client may revoke this license at any time by written notice to the Company, effective within thirty (30) days of receipt.
J. Feedback. Any feedback, suggestions, ideas, enhancement requests, or comments that Client provides to the Company regarding the Services or any Company products or services (“Feedback”) shall be deemed non-confidential and the exclusive property of the Company. Client hereby irrevocably assigns to the Company all right, title, and interest in and to any Feedback. The Company is free to use, disclose, reproduce, license, and otherwise exploit Feedback for any purpose without any obligation, compensation, or attribution to Client. Feedback is not Client’s Confidential Information and is not subject to the confidentiality obligations in Section 6.
17. Notices
All notices required or permitted under this Agreement shall be in writing and sent by email to the email address on file for the receiving party as specified in the Order Form (or such updated address as the receiving party has provided in writing). A notice sent by email is deemed delivered on the date it is sent, regardless of whether the receiving party acknowledges receipt. Each party is responsible for keeping its email address current and for notifying the other party promptly of any change. Neither party may claim non-receipt of a notice sent to the correct email address on file. For notices of default, termination, or material breach, the sending party is encouraged (but not required) to also send a copy by nationally recognized overnight courier or certified mail as a precautionary measure.
18. Dispute Resolution
A. Management Resolution. Before initiating any formal proceedings, the parties agree to first refer any dispute, controversy, or claim arising out of or relating to this Agreement (“Dispute”) to their respective authorized representatives for good-faith discussion. The parties shall have thirty (30) days from written notice of a Dispute to resolve it through this process.
B. Arbitration. If Management Resolution fails, the Dispute shall be finally resolved by binding arbitration administered by the American Arbitration Association (“AAA”) under its Commercial Arbitration Rules then in effect, before a single arbitrator with experience in information technology services contracts. The arbitration shall be conducted in Wilmington, Delaware, unless the parties mutually agree otherwise. The arbitrator’s decision shall be in writing, shall provide reasoned findings of fact and conclusions of law, and shall be final and binding. Judgment on the arbitration award may be entered in any court of competent jurisdiction.
C. Governing Law; Venue. This Agreement shall be governed by and construed in accordance with the laws of the State of Delaware, without regard to its conflict of law principles. For any action to compel arbitration, enforce an arbitration award, or seek emergency injunctive relief, the parties consent to the exclusive jurisdiction of the state and federal courts located in New Castle County, Delaware.
D. Prevailing Party Fees. The prevailing party in any arbitration or action to enforce an arbitration award shall be entitled to recover its reasonable attorneys’ fees and costs.
E. Injunctive Relief. Notwithstanding the foregoing, either party may seek emergency injunctive or other equitable relief from a court of competent jurisdiction where necessary to prevent irreparable harm, including in connection with a breach of the confidentiality or intellectual property provisions of this Agreement. Each party expressly waives any requirement that the other party post a bond as a condition of obtaining such relief.
These Master Services Terms are published by the Company and govern all services provided to clients. Nothing in this document constitutes legal advice. Clients are encouraged to seek independent legal counsel before signing an Order Form. Version 1.3, Effective May 27, 2026.