Master Subscription Agreement

This Master Subscription Agreement ("Agreement") is between Grid Interface, LLC, a corporation ("Grid Interface" or "Provider") and the entity accepting the terms of this Agreement ("Client," "You," or "Your") and governs Customer's access to and use of the Services and Provider's provision of the Services. This Agreement is effective on the date of Customer's acceptance of this Agreement (the "Effective Date").

By using Provider's Services, you accept and agree to be bound and abide by our Privacy Policy incorporated herein by reference ("Privacy Policy") available at https://www.gridinterface.io/privacy-policy/. If you do not want to agree to our Privacy Policy, you must not access or use Provider's Services.

1. Definitions

1.1 Agreement

"Agreement" means, collectively, this Provider SaaS Subscription Agreement agreed to by the parties, as well as any attached or referenced exhibits or schedules, and amendments to this Agreement, each of which is incorporated into the Agreement by this reference.

1.2 Anonymized Data

"Anonymized data" is data that has been processed to remove or modify personally identifiable information (PII) so that it can't be linked to a specific person.

1.2 Customer

"Customer" means the company, organization, other entity, or individual on behalf of which this Agreement is accepted, as described above.

1.3 Customer Data

"Customer Data" means all electronic data or information submitted, uploaded, imported, processed through, collected from, made available by, produced by or resulting from Customer and its authorized users' use of the Services during the Term to or through the Provider's Services for processing, and the outputs and modifications to that data obtained from such processing. Customer Data may include Input and Output subject to the license granted by Customer to Provider. Customer Data does not include Usage Data or Aggregated Data. Customer Data may also include the (i) name(s), email addresses of any person logging in to the Services, and (ii) any information ("third party data") from Customer's customers that can personally identify someone including any social security numbers, birth dates, financial information, payment information, driver license numbers, payroll information, and telephone numbers.

All Customer Data has been designed, created and provided solely by Customer or by third parties on its behalf without the participation or involvement of Provider. Customer is responsible for any actions it takes with respect to Customer Data, including uploading it to the Services or using the Services to share or otherwise make available such Customer Data to third parties. Customer is responsible for ensuring that it has all the rights and permissions needed for both Customer and Provider to use the Customer Data in connection with the Services. Customer shall provide notices to, and obtain any consents from, third parties as required by applicable law, rule or regulation in connection with Provider's processing of Customer Data via the Services. Provider shall not be liable to Customer or any third parties for any loss, damage or expense whatsoever and howsoever arising from any Customer Data entered into the Services by Customer or by an entity on its behalf. Customer shall have the sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness of and copyright permissions for all Customer Data entered into or inputted into the Services. Provider assumes no responsibility for the accuracy, ownership, or usefulness to Customer of the Customer Data.

Provider will ensure that the Services employs Transport Layer Security (TLS) version 1.2 or higher for securing data in transit between the Services and the Customer's systems. However, the Provider shall not be responsible for the security of the Customer's local systems, networks, or any other infrastructure used by the Customer to access or view data from the Services. Provider is prohibited from selling any of the Customer Data.

1.4 Documentation / FAQ

"Documentation" or "FAQ" means the online help materials describing the features and functionality of the Services and located at support.gridinterface.io that Provider provides for use with the Services, as may be updated by Provider from time to time.

1.5 Intellectual Property Rights

"Intellectual Property Rights" means patents, patent Services, copyrights, trademarks, service marks, trade names, domain name rights, know-how and other trade secret rights, and all other intellectual property rights and similar forms of protection.

1.6 Order Form

"Order Form" means a document signed by and between both Provider and Customer (including Affiliates of either party that enter into an Order Form) that references this Agreement and details the Services or Professional Service(s) to be provided by Provider, the fees associated therewith, and any other transaction-specific provisions.

1.7 Provider

"Provider" means Grid Interface, LLC, 42717 Hawthorn Street, Murrieta, CA 92562.

1.8 Services

"Services" means Provider's (i) hosted SaaS application and (ii) AI Feature (collectively the "Services") accessible by Authorized Users and Administrative Users solely for the internal business operations of Customer during the Term as ordered by Customer on Provider's website. The Services is a platform called GridCom. GridCom uses APIs to connect VoIP provider and agency management system (AMS) into one platform. This platform translates, transcribes, summarizes and measures consumer sentiment. It then uses the API to the AMS to make pushing information to and from the AMS seamless and more efficient. The AI Feature translates, transcribes, summarizes and measures consumer sentiment using the call recordings provided by API from the customer's VoIP provider. The functionality and description of the features of the Services are contained in our FAQs. The Services cannot be used for the employee hiring process that occurs in the State of California.

The Services include various artificial intelligence-based features ("AI Feature") that connect with various third-party Large Language Models ("LLMs") including WhisperAI, Gemini, and OpenAI to transcribe and summarize calls. By using the Services, you are subject to OpenAI, WhisperAI and Gemini's Terms of Use. You agree that Provider has no liability for the actions or omissions of OpenAI, WhisperAI and Gemini. Provider is not responsible, has no liability and offers no warranties for the acts or omissions of LLMs, including with respect to Inputs or Outputs.

1.9 Software

"Software" shall mean all of the underlying software used to build or create the Services.

1.10 Subscription Term(s)

"Subscription Term(s)" means the subscription period(s) specified in Paragraphs 6 and 7 in this Agreement during which Authorized Users may use the Services, subject to the terms of the Agreement.

1.11 Usage Data

"Usage Data" means any content, data, or information that is collected about how Provider's Clients use the Services.

1.12 Users

"Users" means Customer's employees, independent contractors, and other individuals who are authorized by Customer to use the Services on behalf of Client. Customer may permit its and its Affiliates' independent contractors and employees to become Users in order to access and use the Services in accordance with this Agreement; provided that Customer will be liable for the acts and omissions of all Customer Affiliates and Users. Customer shall take, and shall ensure that its Users take, commercially reasonable efforts to maintain the confidentiality of all User log-in account credentials ("User IDs") and shall immediately notify Provider of any unauthorized use of User IDs or any other breach of security relating to the Services known to Client.

1.13 Provider Training Data

"Provider Training Data" means the dataset or sets of data that are used by Provider to train and improve the performance of its AI algorithms and models offered by the Provider's Services. This Agreement does not transfer to Customer any ownership of Provider's Training Data or any right to access or use Provider's Training Data.

1.14 Prompt / Prompts

"Prompt" or "Prompts" means a statement or question designed to elicit a specific response from the AI Feature. A Prompt may contain personal information.

2. Provision of the Services

2.1 Services; Access Right

Provider shall host and make the Services available to Customer during the Subscription Term(s) as described in Provider's FAQs and website. Provider shall host the Services and may update the content, functionality, and user interface of the Services from time to time in its sole discretion. Some features and functionality may be available only with certain versions or editions of the Services, or subject to additional fees or additional provisions.

Provider shall also:

• Provide standard updates and general enhancements to the Software at no additional charge.
• Ensure that the Services employs Transport Layer Security (TLS) version 1.2 or higher for securing data in transit between the Services and the Customer's systems. Provider shall not be responsible for the security of the Customer's local systems, networks, or any other infrastructure used by the Customer to access or view data from the Services.
• Maintain sufficient resources, including personnel and infrastructure, to support the Services and ensure its proper functioning. Provider shall provide the Customer with access to technical support during Provider's standard business hours.

2.2 Access and Usage Restrictions

Customer has a non-exclusive, non-sublicensable, non-transferable right to access and use the Services under this Agreement during the applicable Subscription Term, solely for Customer's internal business purposes. Unless otherwise specifically permitted in this Agreement, Customer shall not: (a) sublicense, sell, transfer, assign, distribute or otherwise grant access to the Services in a manner that allows access or use by an individual who is not an Authorized User; (b) copy, modify or create derivative works based on the Services; (c) reverse engineer or decompile the Services; (d) copy any features, functions or graphics of the Services; (e) use the Services to develop machine learning models or related technology; (f) access or use the Services except as expressly permitted under this Agreement; or (g) use the Services to send or store infringing, obscene, threatening, or otherwise unlawful material, or in violation of applicable laws.

2.3 Availability & Support

Provider warrants 96% uptime for the Services and components specific to and wholly controlled by Provider, excluding scheduled maintenance or upgrade time. For any period that the SLA is not met, Provider will provide a pro-rated refund to Customer for the portion of the service package affected, provided that Customer promptly notifies Provider in writing and Provider verifies the service outage. Provider will notify Customer's registered administrative user by email a minimum of seven (7) days in advance of scheduled maintenance.

Support response times are as follows:

• Critical: Acknowledged within two hours during standard business hours; within 24 hours outside business hours.
• High: Acknowledged within 24 hours of receiving the initial report.
• Normal: Acknowledged within one business day during standard business hours.
• Low: Acknowledged within two business days.

Email support is monitored 8:00 A.M. to 5:00 P.M. Monday–Friday EST. Emails received outside of office hours will be collected; however, no action can be guaranteed until the next working day. Service requests are responded to within 0–8 hours (during business hours) for Critical or High priority issues, and within 48 hours for Normal or Low priority issues.

2.3.2 Issue Escalation

If an issue cannot be resolved satisfactorily with the dedicated Account Manager, the Account Manager and his/her Supervisor from Provider shall, as soon as practicable, contact the Director in the division impacted and work to set up a "root cause" analysis meeting to determine how such issue can be avoided by revising processes, implementing training, and/or changing systems.

2.3.3 Limitation of Liability for SLA

The service credits described in this Section shall be the Customer's sole and exclusive remedy for the Provider's failure to meet the Uptime Guarantee. In no event shall the Provider be liable for any damages, losses, or liabilities arising from or related to the unavailability or inaccessibility of the Services, except as expressly provided in this Agreement.

2.4 Security and Integrity of Customer Data

Customer acknowledges that it retains administrative control over to whom it grants access to the Customer Data hosted in the Services. During the Subscription Term, Provider shall maintain reasonable administrative and technical safeguards designed for the physical protection, confidentiality, and integrity of Customer Data. The Customer Data is encrypted in transit and at rest. Provider will not use Customer Data except to provide the Services, or to prevent or address service or technical problems, as permitted in this Agreement or as instructed by Client.

2.5 Third-Party Integrated Services and Sub-Processor Services

Third-Party Integrated Services and Sub-Processor Services are third-party products or services that are provided and managed by third-party providers and interoperate with the Services. Customer consents to Third-Party Integrated Services and Sub-Processor Services being integrated with the Services. Provider does not provide any warranties or guarantees in its use of Third-Party Integrated Services and Sub-Processor Services that interoperate with the Services.

3. Customer Responsibilities

Customer has exclusive control and responsibility for determining what data and content Customer's authorized users, employees, third-party users, and third parties submit into the Services and for obtaining all necessary consents and permissions for submission of Customer Data and processing instructions to Provider. Customer is further responsible for the quality and legality of all Customer Data, and for the acts and omissions of Authorized Users and employees in accessing and using the Services. Customer shall use reasonable measures to prevent, and shall promptly notify Provider of, any known or suspected unauthorized use of the Services or Authorized User access credentials.

3.1 Assessing the AI Feature

Customer agrees that it is solely Customer's responsibility to: (a) inform its users and any other users of any relevant Customer policies and practices and any settings that may impact the processing of Content; (b) obtain any rights, permissions or consents from Customer's users and any authorized users that are necessary for the lawful use of Content and the operation of the Services; (c) ensure that the transfer and processing of Input is lawful; and (d) respond to and resolve any dispute with you and any other user relating to or based on Customer's failure to fulfill these obligations.

3.2 Customer Obligations

Customer shall:

• Implement and maintain appropriate security measures, including firewalls, intrusion detection and prevention systems, antivirus software, and access controls, to protect the Customer's systems and networks used for accessing the Services.
• Ensure that all individuals accessing the Services through the Customer's systems and networks are properly authorized and trained in the handling of sensitive data, including data subject to HIPAA regulations. Customer acknowledges that the security and protection of data accessed through the Services, particularly data subject to HIPAA regulations, is the Customer's responsibility once the data is transmitted from the Services to the Customer's systems or networks.
• Promptly notify Provider of any security breaches or unauthorized access to the Customer's systems or networks that may affect the security of data accessed through the Services, and cooperate with Provider in investigating and remediating any such incidents.
• Make Customer personnel reasonably available for project meetings.
• Grant all necessary system security access to Provider's technical resources, in accordance with Customer's security policies.
• Notify Provider in the event of any errors within the Services by providing accurate and complete information to facilitate prompt resolution. Critical issues must be reported as being critical using the appropriate process.
• Designate authorized personnel to communicate with the support team and coordinate any necessary actions. Any unauthorized personnel will be denied access, and no information will be provided to them.
• Notify Provider of any and all system interruptions or catastrophes, whatever the cause.
• Maintain staff that has successfully completed training offered by Provider.

3.3 Definitions and Ownership for Input, Output and Content

Input: Any data, text, images, audio, or other materials submitted by Customer to the Services for processing. Customer is responsible for the Input entered into the Services, including ensuring that it does not violate any applicable law or these Terms. Customer represents and warrants that it has all rights, licenses, and permissions needed to provide Input to Provider's Services.

Output: Any immediate result generated by the Services in response to Customer Input.

Content: Any materials derived from or generated by the Services, including Output, analytics, summaries, or other transformations of Input, whether in raw or processed form.

Ownership: As between Customer and Provider, and to the extent permitted by applicable law, Customer retains all right, title, and interest in Input, Output, and Content with the exception that Provider owns all right, title, and interest in and to: (i) the Services, AI models, software, workflows, architecture, algorithms, and underlying technology used to generate Output; (ii) any Output that includes data derived from Provider's proprietary algorithms or statistical models; and (iii) all aggregated data.

Similarity of Content. Due to the nature of the Services and artificial intelligence generally, Output may not be unique and other users may receive similar Output.

Limitations of Outputs. It is Customer's responsibility to evaluate whether Outputs are appropriate for Customer's use case, including where human review is appropriate, before using or sharing Outputs. Customer acknowledges, and must notify its Users, that factual assertions in Outputs should not be relied upon without independently checking their accuracy, as they may be false, incomplete, misleading or not reflective of recent events or information.

3.3 Artificial Intelligence

Client agrees and acknowledges that: (a) the quality of outputs resulting from predictive algorithms depends largely from the quality of the inputs; (b) the predictive algorithms analyze the Input based on pre-determined and pre-identified parameters; (c) the choice of parameters and the types of Customer Data inputted may carry assumptions, bias and limitations which will affect the effectiveness, quality, representativeness and accuracy of the outputs; (d) the algorithms do not replace decision-making — they are intended to provide additional knowledge to support judgment by natural individuals, not to replace it. Client remains responsible for any judgments and decisions taken as a result of the outputs; and (e) Customer is solely responsible for identifying and complying with applicable laws regarding the use of artificial intelligence technologies in Customer's business processes.

3.4 Accuracy

When using the Services, Customer understands and agrees that:

• Output may not always be accurate. Customer should not rely on Output as a sole source of truth or factual information, or as a substitute for professional advice.
• Customer must evaluate Output for accuracy and appropriateness for its use case, including using human review as appropriate, before using or sharing Output from the Services.
• Customer must not use any Output relating to a person for any purpose that could have a legal or material impact on that person, such as making credit, educational, employment, housing, insurance, legal, medical, or other important decisions about them.
• The Services may provide incomplete, incorrect, or offensive Output that does not represent Provider's views.

4. Licensing of the Services, Input, Output and Content

4.1 License Grant

Customer grants Provider a non-exclusive, worldwide, royalty-free and fully paid perpetual license to use, host, copy, process, modify, and create derivative works of the Customer Inputs, Output, and Content: (a) as necessary for purposes of providing the Services and fulfilling its obligations under this Agreement; (b) in order to operate, maintain, and improve the Services, including model training, analytics, or development of derivative models, features or services; and (c) for Provider's own internal business purposes for operational and accuracy needs, and using anonymized data to glean industry benchmarks, research, statistics, reporting or trends.

Customer also hereby grants to Provider a non-exclusive, sub-licensable, royalty-free, worldwide, perpetual, irrevocable, fully transferable, royalty-free and fully paid right and license to use or incorporate into the Services any suggestions, ideas, feedback, recommendations or other information provided by Customer or its Authorized Users with respect to the Services ("Feedback"). For avoidance of doubt, Feedback is not Confidential Information of Client.

Provider is prohibited from marketing or selling the Input, Output and Content with any third parties. Provider may commercialize, license, sell, or otherwise exploit any models, algorithms, features, insights, or derivative works developed using Input, Output and Content, including in products or services offered to third parties, provided that such use is based on aggregated and de-identified data and does not intentionally disclose Customer's Confidential Information.

Customer may use Output and Content for any purpose, including commercial purposes, subject only to applicable law and terms of this Agreement.

4.2 Subprocessors and Affiliates

Provider may disclose and make Customer Data available to its affiliates and authorized subprocessors, including cloud infrastructure providers, analytics providers, and data labeling services, for the purposes set forth in this Agreement. Provider shall remain responsible for compliance with its data protection obligations with respect to such subprocessors.

4.3 Derived Data — Commercial Use

"Derived Data" means data created through processing, transformation, analysis, aggregation, anonymization, or other modification of Customer Data. Provider owns all right, title, and interest in and to any Derived Data created from Customer Data. Provider may use Derived Data for any lawful purpose without restriction, including model training and improvement, commercial exploitation, publication in research papers or technical documentation, sharing with third parties including partners and researchers, and creating and distributing derivative works.

4.4 Data Retention

Notwithstanding any termination or expiration of this Agreement, Provider may retain Customer Data, derived data, and model artifacts indefinitely for model training, improvement, security, compliance, audit, backup, and recordkeeping purposes, subject to applicable law. Customer acknowledges and agrees that deletion obligations shall not apply to data incorporated into trained models or aggregated datasets.

4.5 Waiver of Certain Rights

To the maximum extent permitted by applicable law, Customer irrevocably waives and agrees not to assert any moral rights, database rights, or similar rights in or to any models, derivative works, or datasets created by Provider using Customer Data, and agrees that Provider shall be the sole and exclusive owner thereof.

4.6 Ownership of the Services

Customer agrees that all rights, title, and interest in and to all intellectual property rights in the Services and Documentation — including the software code and source code, the underlying technology used to generate Output and Content, key performance indicators (KPIs), and all Usage Data — are protected under copyright, trademark and other laws and are retained and owned exclusively by Provider or its licensors.

4.7 Intellectual Property Protection; Trade Secrets

Customer acknowledges and agrees that Provider's machine learning models, algorithms, architectures, system designs, training methodologies, parameter weights, embeddings, prompts, documentation, and all related improvements and derivatives (collectively, the "Models") constitute valuable proprietary information and trade secrets of Provider. Provider retains all right, title, and interest in and to the Models and all intellectual property rights therein.

Except as expressly permitted herein, Customer shall not, and shall not permit any third party to, directly or indirectly: (a) access, copy, reverse engineer, decompile, disassemble, derive source code from, or otherwise attempt to discover the underlying structure, design, parameters, weights, or functioning of the Services and Models; (b) benchmark, test, evaluate, or analyze the Services or Models for purposes of competitive comparison, public disclosure, or publication without Provider's prior written consent; (c) use the Services or any outputs to develop, train, validate, or improve any competing products, services, or models; or (d) engage in model extraction, model inversion, training data reconstruction, prompt harvesting, automated querying, or any other activity intended to infer, replicate, or reproduce the Models.

Customer acknowledges that any breach of this Section would cause irreparable harm to Provider for which monetary damages would be inadequate, and Provider shall be entitled to injunctive relief and all other remedies available at law or in equity. The obligations and restrictions set forth in this Section shall survive any termination or expiration of this Agreement for so long as the Models or related information remain confidential or constitute trade secrets under applicable law.

4.8 Usage Data — Definition & Ownership

"Usage Data" means data and information generated from Customer's access to or use of the Services, including system logs, telemetry, metadata, analytics, performance metrics, feature utilization statistics, error reports, and diagnostic information, excluding Customer Content, Inputs, Outputs, Personal Data, and Confidential Information, and which does not identify Customer or any individual. As between the parties, Provider retains all right, title, and interest in and to Usage Data.

4.9 Aggregated Data — Definition & Ownership

"Aggregated Data" means data, analytics, metrics, or insights derived from Usage Data or operation of the Services that has been aggregated, anonymized, or de-identified such that it cannot reasonably be used to identify Customer, any individual, or any specific customer usage patterns. Provider exclusively owns all Aggregated Data, including all intellectual property rights therein.

4.10 Permitted Uses of Usage Data and Aggregated Data

Provider may collect, retain, use, disclose, and exploit Usage Data and Aggregated Data for any lawful business purpose related to the Services, including service operation, analytics, benchmarking, security, capacity planning, product development, service improvement, and the development, training, testing, validation, and enhancement of artificial intelligence and machine learning models, provided that such data remains aggregated and anonymized and is not used to identify Customer or any individual.

4.11 Non-Identification

Provider shall not intentionally attempt to re-identify Aggregated Data or disclose Aggregated Data in a manner that identifies or could reasonably be used to identify Customer or any individual.

4.12 Survival

Provider's rights in Usage Data and Aggregated Data are perpetual and shall survive termination of this Agreement. Except as expressly stated herein, no restrictions on Provider's use of Usage Data or Aggregated Data shall be implied by law, regulation, course of dealing, or otherwise.

4.13 Regulatory Alignment

The parties acknowledge that Provider's ownership and use of Usage Data and Aggregated Data as set forth in this Section are intended to comply with and support applicable artificial intelligence governance frameworks, including the New York RAISE Act, California automated decision-making technology requirements, and the Colorado Artificial Intelligence Act, by limiting model training and analytics to aggregated and de-identified data, maintaining reasonable safeguards against re-identification, and preserving transparency, accountability, and risk-mitigation principles consistent with such laws.

5. Billing and Payment

Customer can choose monthly or yearly subscription fee plans. Customer is responsible to pay Provider for all monthly or yearly Fees to subscribe to use the Services as set forth on Provider's website at https://app.gridinterface.io. Payment for all fees shall be due upon the Effective Date and payment shall be made in U.S. Dollars. Fees are based on the Services purchased and not actual usage. Payment obligations are non-cancelable and fees paid are non-refundable. Fees for any additional Services purchased during the Contract Term will be prorated for the remaining time of the monthly or yearly period in which they were purchased.

5.1 Billing

Provider accepts payment in the form of credit cards and ACH transactions. Provider uses a third-party payment processor to bill you through a payment account linked to your Account (your "Billing Account") for use of the Services. The processing of payments will be subject to the terms, conditions and privacy policies of the Payment Processor in addition to this Agreement. Provider is not responsible for errors by the Payment Processor.

Payment Method. The terms of your payment will be based on your Payment Method and may be determined by agreements between you and the financial institution, credit card issuer or other provider of your chosen Payment Method.

Change in Amount Authorized. If the amount to be charged to your Billing Account varies from the amount you preauthorized (other than due to the imposition or change in the amount of state sales taxes), you have the right to receive, and Provider shall provide, notice of the amount to be charged and the date of the charge before the scheduled date of the transaction.

Reaffirmation of Authorization. Your non-termination or continued use of a Payment Service reaffirms that Provider is authorized to charge your Payment Method for that Paid Service.

You can change your payment method yourself by logging into the Provider's Services and visiting the subscription section. You shall maintain a valid payment method at all times until the termination of services (not upon notice of cancellation). Breach of these provisions shall entitle the Provider to immediately suspend the Services.

5.2 Taxes

Fees are exclusive of all applicable taxes, levies, or duties, and Customer is responsible for payment of all of those taxes, levies, or duties, excluding taxes based solely on Provider's income. Customer shall pay all fees free and clear of, and without reduction for, any applicable transaction taxes, including but not limited to sales and use taxes, VAT, GST, gross receipts taxes, withholdings and other similar transaction charges. If Customer is exempt from Transaction Taxes, Customer shall provide proof of the exemption to Provider without undue delay upon execution of the applicable Order Form.

5.3 Effect of Nonpayment

This Agreement and Customer's access to the Services may be suspended or terminated if Customer fails to make timely payment of undisputed fees when due. Unpaid amounts may be subject to interest at the lesser of one and one-half percent (1.5%) per month or the maximum permitted by law plus collection costs. Suspension will not relieve Customer's obligation to pay amounts due.

5.4 Future Features and Functionality

Customer acknowledges that purchases under this Agreement or any Order Form are not contingent on the delivery of future features or functionality.

6. Term and Termination

6.1 Term; Renewals

Monthly subscription terms renew on the same day of the month as the subscription starts. Annual subscriptions renew one year from the Effective Date. Customer must provide ten (10) days' notice to terminate if on the monthly term subscription plan. Annual terms shall automatically renew unless either party gives the other written notice of non-renewal at least thirty (30) days prior to the expiration of the then-current term.

6.2.1 Termination for Cause

This Agreement shall terminate upon any breach of the Terms by Customer or its Authorized Users, in accordance with the Terms.

6.2.3 Effect of Termination

Upon termination, (i) Customer shall cease any and all use of the Services and shall relinquish to Provider or destroy any and all parts of the Services in Customer's control, and (ii) all rights, licenses, consents and authorizations granted by Provider to Customer will immediately terminate.

6.2.4 Suspension of Services

Provider may suspend delivery of the Services, without liability, if: (i) Customer fails to pay any amounts due hereunder, and nonpayment continues for more than thirty (30) days from when notice is given; (ii) Provider reasonably believes that the Services are being used in violation of this Agreement; (iii) Customer does not cooperate with Provider's reasonable investigation of any suspected violation of this Agreement; or (iv) required by law. Provider shall use commercially reasonable efforts to give Customer reasonable notice of a suspension unless immediate suspension is necessary to protect Provider or its Clients from imminent significant operational or security risk.

6.2.5 Customer's Right to Terminate

If Customer discovers any material defect with the Services, Customer must notify Provider in writing and, as Customer's sole and exclusive remedy, Provider will either use reasonable efforts to correct any such defect within sixty (60) days of the date the defect was reported or create a workaround. If Provider is unable to correct or fix the defect and the defect renders the Software unusable, Customer shall be entitled to terminate the Agreement; however, Provider shall not issue any pro-rata refund of Subscription Fees for the remaining term of the Agreement.

6.2.6 Treatment of Customer Data After Expiration or Termination

Upon expiration or termination, Provider shall, at Customer's written request and at no additional charge, promptly return to Customer all Customer Data in Provider's possession in a commercially reasonable and readable format within ten (10) days after the effective date of termination or expiration, unless a shorter period is required by applicable law.

Following completion of Customer's data export (or if Customer does not request export), Provider shall permanently delete and securely destroy all Customer Data from Provider's systems, including all copies, extracts, and backups, within thirty (30) days after termination or expiration, except to the extent retention is required by applicable law. Provider shall ensure deletion includes any Customer Data stored or processed by Provider's subcontractors, cloud providers, and subprocessors.

Provider shall be permitted to retain aggregated and usage data for purposes of providing the Services, maintaining and improving the Services including model training and analytics, and for Provider's own internal business purposes for operational and accuracy needs.

Upon Customer's written request, Provider shall provide a written certification signed by an authorized officer confirming the completion of the return and deletion obligations described in this Section. If any Customer Data is retained in disaster recovery or archival backup systems that cannot reasonably be deleted in the ordinary course, Provider shall (i) maintain such Customer Data in encrypted form, (ii) restrict access solely to disaster recovery purposes, (iii) not restore or access such Customer Data except in connection with a disaster recovery event, and (iv) permanently delete such Customer Data within ninety (90) days after termination.

6.3 Effect of Termination; Survival

Upon early termination by Customer for Provider's uncured material breach, Customer is entitled to a prorated refund of prepaid fees for the remaining period. Upon early termination by Provider, fees for the duration of the applicable Subscription Term shall become immediately due and payable by Client. Sections 1, 3, 4, 5, 6.2.6, 6.3, 7, 8, 9, 10, and 11 shall survive termination.

7. Representations and Warranties

7.1 By Each Party

Each party represents and warrants that it has the power and authority to enter into this Agreement and that its respective provision and use of the Services is in compliance with laws applicable to each party.

7.2 By Provider

Access to the Services. Provider warrants that the Services will perform materially in accordance with the Documentation and this Agreement. Provider does not warrant that the Services will be completely error-free or uninterrupted. If Customer notifies Provider of a reproducible error in the Services within 30 days after experiencing such error, Provider shall, at its own expense: (a) use commercially reasonable efforts to correct or provide a workaround for such error; or (b) if Provider is unable to correct or provide a workaround within 60 days after receiving notice, Customer may terminate this Agreement and Provider shall refund amounts paid by Customer on a pro-rata basis for the period during which the Services was not usable.

Malicious Code. Provider warrants that, to the best of its knowledge, the Services is free from, and Provider shall not knowingly or intentionally introduce, software viruses, worms, Trojan horses or other harmful code.

7.3 By Customer

Customer represents and warrants that it has obtained all necessary consents and permissions from data subjects for the submission and processing of Customer Data before submission to the Services.

7.5 Disclaimer for Input and Output — No Warranty of Fairness

Provider makes no representation or warranty that: (a) Services outputs will be unbiased, fair, or non-discriminatory; (b) Services are suitable for any particular use case or decision-making context; (c) Services comply with any specific fairness criteria or anti-discrimination laws; (d) Services outputs will have consistent performance across different demographic groups; or (e) bias testing or fairness audits have been performed on base models.

Customer must: (a) independently assess whether Services are appropriate for Customer's use case; (b) conduct its own bias testing and fairness validation; (c) implement appropriate safeguards and human oversight; (d) ensure compliance with applicable laws and regulations; and (e) accept full risk of deployment decisions.

7.6 Disclaimer — Customer Data

To the maximum extent permitted by law, Customer acknowledges that Provider is not responsible for the integrity of the Customer Data processed through the Services, including without limitation, its completeness, accuracy, validity, authorization for processing and integrity over time, and shall not be liable for any damages arising out of such Customer Data.

7.7 Disclaimer — Third-Party Integrated Services

To the maximum extent permitted by law, Customer acknowledges that Provider is not responsible for the use of any third-party products, LLMs, third-party integrated services, and sub-processor integrated services that interoperate with the Services.

7.8 Disclaimer — Account Credentials

Customer is responsible for ensuring that its users are keeping their credentials to access their accounts confidential and secured, including by following information security best practices regarding passwords. If accounts are compromised as a result of Customer's users' negligence, Provider shall not be responsible for any damages resulting from this negligence.

8. Indemnification

8.1 Provider Indemnification

Provider shall defend, indemnify and hold Customer harmless from and against any damages and costs (including reasonable attorneys' fees) finally awarded against Customer resulting from any claim from an unaffiliated Third-Party specifically alleging that the Services directly infringes or misappropriates a valid copyright, trademark, or trade secret of a Third-Party. Provider shall have no indemnification obligation for claims arising from: (a) Customer's use of the Services other than as permitted under this Agreement; (b) the combination of the Services with any Customer Data or Third-Party products; or (c) modification of the Services by any party other than Provider.

If Provider becomes aware of an infringement claim, Provider may, at its sole option: (i) obtain for Customer the right to continue use of the Services; (ii) replace or modify the Services so that it is no longer infringing; or (iii) if neither (i) nor (ii) is reasonably available, terminate the Services and refund to Customer a prorated amount of prepaid fees for the remaining period in the then-current Subscription Term.

8.2(a) Customer Indemnification

Customer shall defend any claim, suit, or action against Provider brought by a Third-Party to the extent that such claim is based upon: (i) Provider's use of any Customer Data in accordance with this Agreement; (ii) Customer's use of any Customer Data; (iii) Customer and its users' use of the Services; (iv) Customer's use and modification of the Outputs; (v) any gross negligence or willful misconduct by Customer; (vi) Customer's breach or alleged breach of this Agreement; (vii) any claim that Customer's confidential information infringes the intellectual property rights of any third parties; or (viii) Customer's failure to obtain consents and permissions from data subjects for the submission and processing of personal data, Customer Data and Content in the Services.

8.2(b) Customer Indemnification for Input Data Bias

Customer shall indemnify, defend, and hold harmless Provider and its affiliates, and their respective officers, directors, employees, agents, and contractors from and against any and all claims, demands, suits, proceedings, losses, damages, liabilities, settlements, costs, and expenses arising from or related to: (a) bias in Customer Input Data; (b) outputs generated by the Services that reflect, incorporate, or amplify bias from Customer Input Data; (c) any discriminatory decisions or outcomes based on Services outputs; (d) downstream harm resulting from biased outputs; (e) regulatory violations arising from Customer Input Data or Customer's use of Services; (f) employment claims alleging discriminatory decisions based on biased Services outputs; (g) consumer protection claims; (h) civil rights violations; (i) Customer's failure to adequately test, validate, or monitor for bias; and (j) Customer's use of Services for high-stakes decisions without appropriate safeguards.

8.3 Indemnity Process

Each party's indemnification obligations are conditioned on the indemnified party: (a) promptly giving written notice of the claim to the indemnifying party; (b) giving the indemnifying party sole control of the defense and settlement of the claim; and (c) providing to the indemnifying party all available information and assistance. Neither party may settle any claim that includes a financial or specific performance obligation on, or admission of liability by, the party against whom the claim is brought without that party's prior written consent.

9. Limitation of Liability

No Liability for Input-Derived Bias: To the maximum extent permitted by law, Provider shall have no liability to Customer or any third party for: (a) bias present in or arising from Customer Input Data; (b) outputs that reflect, incorporate, or amplify such bias; (c) decisions, actions, or outcomes based on such outputs; (d) downstream harm resulting from biased outputs; (e) regulatory fines, penalties, or sanctions related to Customer Input Data bias; or (f) reputational damage to Customer resulting from biased outputs. In the event Provider is found liable for bias not attributable to Customer Input Data, Provider's total liability shall not exceed the fees paid by Customer in the 12 months preceding the claim.

Provider is not responsible nor has any liability if you suffer any damages of any kind from your use of the products and services offered by any LLMs that are integrated into the Services.

9.2 Conditions

The exclusions and limits in this "Limitation of Liability" section reflect the parties' allocation of risk and will apply under any legal theory, even where a party was aware of the possibility of such damages, the damages were foreseeable, and/or any remedies hereunder fail of their essential purpose.

9.3 Third-Party Products

Customer assumes the entire cost of any damages it may incur or suffer of any kind resulting from Customer's use of any Third-Party Products, or Provider's use of Third-Party Products, Third-Party Integrated Services, and Third-Party Subprocessor Services, that interoperate with the Services.

9.4 Limitations Fair and Reasonable

Each party acknowledges that the limitations of liability stated in this Section 9 reflect the allocation of risk between the parties under this Agreement, and that in the absence of those limitations of liability, the economic terms of this Agreement would be significantly different.

10. Confidentiality and Sensitive Data

10.1 Confidentiality

"Confidential Information" means this Agreement, the Services, Provider pricing information, Provider technical information, Customer Data and any other information disclosed by one party ("Discloser") to the other ("Recipient") related to the provision or use of the Services that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Recipient may use Discloser's Confidential Information solely to perform Recipient's obligations or exercise its rights under this Agreement. Recipient will not disclose, or permit to be disclosed, Discloser's Confidential Information to any Third-Party without Discloser's prior written consent, except that Recipient may disclose Discloser's Confidential Information solely to Recipient's employees and subcontractors who have a need to know and who are bound in writing to keep that information confidential.

The foregoing will not apply to any information that: (a) was in the public domain at the time it was communicated to the Recipient; (b) entered the public domain after communication through no fault of the Recipient; (c) was in the Recipient's possession free of any obligation of confidence at the time it was communicated; (d) was rightfully communicated to the Recipient free of any obligation of confidence after the time it was communicated; (e) was developed by employees or agents of the Recipient independently of and without reference to any information communicated to the Recipient; or (f) is expressly permitted to be disclosed under the terms of this Agreement.

10.2 Compelled Disclosure

The Recipient shall not be in violation of Section 10.1 for a disclosure that was in response to a valid order by a court or other governmental body, as long as the Recipient provides the Discloser with prior written notice of the disclosure to permit the Discloser to seek confidential treatment of that information.

11. General

11.1 Notices

Notices to a party will be sent by email to an individual who has the authority and can bind each company.

11.2 Assignment

Neither party may assign any of its rights or obligations under this Agreement, whether by operation of law or otherwise, without the other party's prior written consent (not to be unreasonably withheld).

11.3 Governing Law

By using Provider's Website or Services, you agree that the laws of the State of California, without regard to principles of conflict of laws, will govern this Agreement and any dispute of any sort that might arise between you and Provider.

11.4 Disputes / Arbitration

11.5 & 11.15 Restrictions

Customer must comply with all applicable foreign, federal, state, provincial, and local laws, including privacy, data protection and access to information laws, when using the Services. Customer is responsible for complying with all telephone recording laws and requirements, including notifying parties that telephone calls are being recorded when required. Customer is also responsible for, as applicable, complying with the Telephone Consumer Protection Act (TCPA), the telemarketing provisions of the Canadian Competition Act, and Canada's Anti-Spam Legislation (CASL), including ensuring that all voice calls, text messages and any other commercial electronic messages are sent with the recipients' valid consent and include prescribed information and an effective unsubscribe mechanism.

Except as may be expressly permitted by applicable law, Customer will not, and will not permit anyone else to:

• Use the Services for any illegal purpose or in violation of any local, state, provincial, national, or international law.
• Harass, threaten, demean, embarrass, or otherwise harm any other user of the Services.
• Violate, or encourage others to violate, any right of a third party, including by infringing or misappropriating any third-party intellectual property right.
• Use the Services in violation of any applicable advertising and marketing laws such as CAN-SPAM, the TCPA, the FTC's Telemarketing Sales Rule, or Canada's Anti-Spam Legislation (CASL).
• Import or transfer to the Services any data that is sensitive financial information (including credit card numbers), health information, medical information, pharmaceutical information, any personal information about children under 13 years of age, or other sensitive or regulated information.

11.6 Export Laws

Each party shall comply with the export laws and regulations of the United States and other applicable jurisdictions in providing and using the Services. Customer represents that it is not named on any U.S. government denied party list, and shall not make the Services available to any user or entity that is located in a country subject to a U.S. government embargo, or listed on any U.S. government list of prohibited or restricted parties.

11.7 Remedies

Unless stated otherwise in this Agreement, the parties' rights and remedies under this Agreement are cumulative. Where Customer controls any Affiliate, Provider is entitled to remedies from Customer for the obligations and liabilities of Affiliates who subscribe to a payment plan under this Agreement.

11.8 Independent Contractors

The parties are independent contractors. No joint venture, partnership, employment, or agency relationship exists between Customer and Provider as a result of this Agreement or use of the Services.

11.9 U.S. Government End Users

If Customer is the U.S. Federal Government, Provider provides the Services, including related software and technology, in accordance with FAR 12.211 (Technical Data) and FAR 12.212 (Software) and, for Department of Defense transactions, DFAR 252.227-7015 (Technical Data — Commercial Items) and DFAR 227.7202-3 (Rights in Commercial Computer Software or Computer Software Documentation).

11.10 Waiver; Modification

The failure of a party to enforce any right or provision in this Agreement will not constitute a waiver of that right or provision unless the waiver is in writing signed by the waiving party. No modification hereof will be effective unless in writing and signed by both parties.

11.11 Severability

If any provision of this Agreement is unenforceable, that provision will be changed and interpreted to accomplish the objectives of that provision to the greatest extent possible under applicable law and the remaining provisions will continue in full force and effect.

11.12 Entire Agreement; Execution

This Agreement constitutes the entire understanding and agreement between the parties with respect to the subject matter addressed herein and supersedes any and all prior or contemporaneous oral or written communications with respect to such subject matter. No modification, termination or waiver of any provisions of this Agreement shall be binding upon a Party unless in writing signed by an authorized officer of the relevant Party(ies).

11.13 Force Majeure

Neither party will be liable to the other for a failure or delay in its performance of any of its obligations under this Agreement (except for the payment of amounts due) to the extent that such failure or delay is caused by circumstances beyond its reasonable control or by events such as fire, riot, flood, labor disputes, natural disaster, regulatory action, internet or telecommunications failures, terrorist acts, or other causes beyond such party's reasonable control, provided that the non-performing party gives notice of such condition and continues or resumes its performance as soon as reasonably possible.

11.14 No Third-Party Beneficiaries

This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any Third-Party. Only the parties to this Agreement may enforce it.

11.16 Customer Obligations Regarding Third-Party Personal Information

In the event that Customer or its Clients upload personal information or data to the Services that can identify someone individually, Customer understands and agrees that it will: (i) obtain written consent from third parties permitting Customer to upload and submit third-party data or personal information into the Services, and permitting Provider to maintain and process all such third-party data or personal information; (ii) not market, sell, share or license the Customer Data, third-party data or personal information to any third parties; (iii) maintain administrative, physical and technical safeguards designed for the protection, confidentiality and integrity of Customer Data and third-party data and personal information; and (iv) maintain Terms of Use and Privacy Policy Agreements on its public-facing websites which must include language that Customer shall protect third-party data and personal information and shall not market, share, sell or license any such data to any third parties not a party to this Agreement.

12. Compliance with Applicable State AI Laws

Provider shall comply with all applicable state laws and regulations governing artificial intelligence systems and related technologies, including without limitation: (a) California's AI transparency and safety laws; (b) New York's Responsible AI Safety and Education Act (RAISE Act) and other state laws that impose requirements on the governance, transparency, safety reporting, and risk mitigation practices for advanced or frontier AI models; and (c) the Colorado Artificial Intelligence Act (CAIA), which imposes obligations on developers and deployers of high-risk AI systems, including reasonable care to prevent algorithmic discrimination, risk assessments, documentation, and transparency obligations with respect to AI systems that make or substantially influence consequential decisions affecting Colorado residents.

Provider will provide Customer with reasonable cooperation and documentation (including policies, procedures, impact assessments, model documentation, risk analyses, and audit results) as needed to support Customer's compliance with such state AI laws to the extent Customer's use of the Services implicates such laws.

AI Regulatory Compliance (NY, CA, CO)

Customer acknowledges that its access to and use of the artificial intelligence features, models, tools, and services provided under this Agreement may be subject to federal, state, and local artificial intelligence, consumer protection, privacy, and algorithmic accountability laws and regulations, including but not limited to: (i) the New York RAISE Act; (ii) applicable California artificial intelligence, automated decision-making, privacy, and consumer protection laws and regulations, including the CCPA; and (iii) the Colorado Artificial Intelligence Act.

Customer shall be solely responsible for ensuring that its use, deployment, configuration, training, fine-tuning, integration, and reliance upon outputs of the AI Services complies with all applicable AI Laws. Without limiting the foregoing, Customer represents, warrants, and covenants that it shall, as applicable:

• Conduct and document any required impact assessments, risk assessments, bias evaluations, or algorithmic reviews relating to its AI use cases;
• Implement and maintain reasonable policies, procedures, technical safeguards, and governance controls to ensure lawful, ethical, transparent, and non-discriminatory use of AI systems;
• Ensure appropriate human oversight, monitoring, and accountability for any automated or AI-assisted decisions;
• Provide all required disclosures, notices, explanations, opt-out mechanisms, or consent to end users, regulators, or affected individuals;
• Respond to and remediate reasonably foreseeable risks of algorithmic discrimination, unfair treatment, or material harm arising from its AI use; and
• Maintain records and documentation sufficient to demonstrate compliance with applicable AI Laws upon request by a competent regulatory authority.

AI Regulatory Indemnification

Customer shall defend, indemnify, and hold harmless Provider and its affiliates, officers, directors, employees, and agents from and against any and all claims, regulatory inquiries, investigations, enforcement actions, penalties, fines, damages, losses, and expenses (including reasonable attorneys' fees) arising out of or relating to Customer's failure to comply with the AI Laws or Customer's deployment or use of the AI Services.

Regulatory Risk Suspension

Provider may suspend or terminate Customer's access to the AI Services upon reasonable notice if Provider determines that Customer's use of the AI Services creates a material risk of non-compliance with the AI Laws or exposes Provider to regulatory, legal, or reputational harm.

AI Compliance Audit Rights

Upon reasonable notice and no more than once annually (unless required by a regulator or in connection with a suspected material violation), Provider may audit or require Customer to provide written certifications, reports, or documentation reasonably necessary to verify Customer's compliance with the AI Laws and its obligations under this Agreement. Such audit may include, as applicable, review of Customer's AI governance policies, impact or risk assessments, bias or discrimination evaluations, human oversight procedures, user disclosures, and records relating to Customer's deployment and use of the AI Services. Audits may be conducted by Provider or an independent third party designated by Provider and shall be subject to reasonable confidentiality obligations.

Customer shall cooperate in good faith with any audit and promptly remediate any identified non-compliance at its own expense. If an audit reveals a material violation of the AI Laws or this Agreement, Customer shall reimburse Provider for the reasonable costs of the audit and Provider may exercise its suspension or termination rights under this Agreement.

Nothing in this Section shall be construed to impose on Provider any obligation to monitor, supervise, or ensure Customer's compliance with the AI Laws, nor shall an audit or failure to audit limit Customer's responsibility or liability for compliance.