Master Service Agreement

This Master Service Agreement ("MSA" or "Agreement") is entered into between Proof AI, Inc., a Texas corporation ("Provider"), and the entity or individual identified in the applicable Order Form ("Customer"). This Agreement governs the provision of the Proof AI platform and related services. This MSA supplements the Terms of Service and applies to enterprise and custom-plan engagements where an executed Order Form references this agreement.

1. Definitions

• "Authorized Users" means employees, contractors, and agents of Customer who are authorized to access the Services under Customer's subscription.
• "Confidential Information" means any non-public information disclosed by either party, including technical, business, financial, and operational information, marked as confidential or reasonably understood to be confidential.
• "Customer Data" means all data, content, and materials uploaded, created, or processed by Customer or its Authorized Users through the Services.
• "Documentation" means the user guides, API documentation, and technical specifications provided by Provider for the Services.
• "Effective Date" means the date on which the applicable Order Form is executed by both parties.
• "Order Form" means each written order executed by the parties that references this Agreement and specifies the Services, fees, term, and other particulars.
• "Professional Services" means implementation, customization, training, integration, or consulting services described in a Statement of Work.
• "Services" means the Proof AI cloud-based field service intelligence platform, APIs, mobile applications, and related hosted services as described in the applicable Order Form.
• "SLA" means the Service Level Agreement attached hereto or referenced in the applicable Order Form.

2. Scope of Services

2.1 Platform Access

Provider shall make the Services available to Customer in accordance with this Agreement and the applicable Order Form. The Services include the features, functionality, and capacity specified in the Order Form.

2.2 Updates and Enhancements

Provider may update, modify, or enhance the Services from time to time. Updates that materially reduce functionality will be communicated to Customer with at least 30 days' notice. New features may be offered as add-ons or included in the Customer's plan at Provider's discretion.

2.3 Professional Services

If Professional Services are included in an Order Form or Statement of Work, Provider shall perform them with reasonable skill and care in accordance with the agreed-upon timeline and deliverables.

3. Customer Obligations

• Provide accurate and complete information during onboarding and throughout the term.
• Ensure all Authorized Users comply with this Agreement, the Terms of Service, and all applicable laws.
• Maintain the confidentiality and security of account credentials.
• Cooperate in good faith with Provider's reasonable requests related to service delivery, troubleshooting, and security.
• Promptly notify Provider of any security incident, unauthorized access, or suspected breach.

4. Fees and Payment

4.1 Fees

Customer shall pay all fees specified in the applicable Order Form. Setup fees, subscription fees, and usage-based charges (if any) are as set forth therein.

4.2 Invoicing

Provider will invoice Customer as specified in the Order Form. Unless otherwise agreed, all invoices are due net 30 from the date of invoice.

4.3 Taxes

All fees are exclusive of taxes. Customer is responsible for all applicable taxes, levies, and duties (excluding Provider's income taxes).

4.4 Late Payment

Overdue payments bear interest at the lesser of 1.5% per month or the maximum rate permitted by law. Provider may suspend access to the Services upon 15 days' written notice of non-payment.

5. Data Protection and Security

5.1 Data Ownership

As between the parties, Customer exclusively owns all Customer Data. Provider acquires no rights in Customer Data except the limited license to process it in order to deliver the Services.

5.2 Data Processing Agreement

If Customer Data includes personal data subject to GDPR, CCPA, or similar data protection laws, the parties shall execute a Data Processing Agreement ("DPA") which shall be incorporated into this Agreement by reference.

5.3 Security Measures

Provider shall implement and maintain administrative, physical, and technical safeguards designed to protect Customer Data, including:

• Encryption of data in transit (TLS 1.3) and at rest (AES-256)
• Multi-tenant data isolation via Row-Level Security (RLS) at the database level
• Role-based access controls with principle of least privilege
• Immutable audit logging of all data access and administrative actions
• Regular vulnerability assessments and security testing
• Incident response procedures with customer notification within 72 hours of a confirmed breach

5.4 Sub-Processors

Provider may engage sub-processors to deliver the Services (including Stripe, Twilio, Supabase, Vercel, OpenAI, and Resend). Provider shall maintain a current list of sub-processors and notify Customer of material changes. Customer may object to a new sub-processor within 30 days of notification.

6. Service Level Agreement

6.1 Uptime Commitment

Provider commits to 99.9% monthly uptime for the Services, measured as the percentage of total minutes in a calendar month during which the Services are available, excluding scheduled maintenance.

6.2 Scheduled Maintenance

Provider shall schedule maintenance windows during off-peak hours (typically 12 AM – 6 AM CT) and provide at least 48 hours' advance notice. Emergency maintenance for critical security issues may be performed with shorter notice.

6.3 Service Credits

If Provider fails to meet the uptime commitment in any calendar month, Customer is entitled to service credits as follows:

Monthly Uptime	Service Credit
99.0% – 99.9%	5% of monthly fees
95.0% – 99.0%	10% of monthly fees
Below 95.0%	25% of monthly fees

Service credits are the Customer's sole and exclusive remedy for failure to meet the uptime commitment. Credits must be requested within 30 days of the affected month and are applied against future invoices.

7. Confidentiality

7.1 Obligations

Each party shall: (a) protect the other party's Confidential Information with at least the same degree of care it uses for its own confidential information (no less than reasonable care); (b) not disclose Confidential Information to any third party except as permitted herein; and (c) use Confidential Information only for purposes of performing this Agreement.

7.2 Exceptions

Confidential Information does not include information that: (a) is or becomes publicly available without breach; (b) was rightfully known prior to disclosure; (c) is independently developed without use of Confidential Information; or (d) is received from a third party without restriction.

7.3 Compelled Disclosure

A party may disclose Confidential Information if required by law, regulation, or court order, provided that the disclosing party gives the other party prompt notice (to the extent legally permitted) to allow the other party to seek a protective order.

8. Representations and Warranties

8.1 By Provider

Provider represents and warrants that: (a) it has the right to provide the Services; (b) the Services will perform materially in accordance with the Documentation; (c) Professional Services will be performed with reasonable skill and care; and (d) the Services will comply with all applicable laws.

8.2 By Customer

Customer represents and warrants that: (a) it has the right and authority to enter into this Agreement; (b) its use of the Services will comply with all applicable laws; and (c) it has all necessary rights, consents, and permissions for any data it uploads or processes through the Services.

8.3 Disclaimer

EXCEPT AS EXPRESSLY SET FORTH HEREIN, THE SERVICES ARE PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.

9. Indemnification

9.1 By Provider

Provider shall indemnify and defend Customer against third-party claims alleging that the Services infringe a valid patent, copyright, or trademark. If the Services are found to infringe, Provider may, at its option: (a) obtain a license for continued use; (b) modify the Services to be non-infringing; or (c) terminate the affected Order Form and refund prepaid fees on a pro rata basis.

9.2 By Customer

Customer shall indemnify and defend Provider against third-party claims arising from: (a) Customer Data; (b) Customer's use of the Services in violation of this Agreement or applicable law; or (c) any dispute between Customer and its end users, subcontractors, or homeowners.

10. Limitation of Liability

NEITHER PARTY SHALL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT.

EACH PARTY'S TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED THE TOTAL FEES PAID OR PAYABLE BY CUSTOMER UNDER THE APPLICABLE ORDER FORM IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.

The limitations in this Section shall not apply to: (a) breaches of confidentiality obligations; (b) indemnification obligations; (c) willful misconduct or fraud; or (d) Customer's payment obligations.

11. Term and Termination

11.1 Term

This Agreement commences on the Effective Date and continues until all Order Forms have expired or been terminated. Each Order Form specifies an initial term and renewal terms.

11.2 Termination for Cause

Either party may terminate this Agreement or an Order Form if the other party: (a) materially breaches and fails to cure within 30 days of written notice; or (b) becomes insolvent, files for bankruptcy, or ceases operations.

11.3 Termination for Convenience

Either party may terminate an Order Form for convenience upon 90 days' written notice, effective at the end of the then-current term.

11.4 Wind-Down

Upon termination: (a) Customer's access to the Services will cease at the end of the applicable period; (b) Provider shall make Customer Data available for export for 90 days; (c) after 90 days, Provider shall permanently delete Customer Data in accordance with its data retention policies; (d) Sections 5, 7, 8.3, 9, 10, 12, and 13 shall survive termination.

12. Dispute Resolution

12.1 Escalation

The parties shall attempt to resolve any dispute first through good-faith negotiation between designated representatives, then through executive escalation. If the dispute is not resolved within 60 days, either party may initiate arbitration.

12.2 Arbitration

All disputes shall be resolved by binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules. The arbitration shall be conducted by a single arbitrator in Houston, Texas. The arbitrator's decision shall be final and binding.

12.3 Governing Law

This Agreement is governed by the laws of the State of Texas, without regard to conflict-of-law provisions.

13. General Provisions

• Entire Agreement: This Agreement, together with all Order Forms, Statements of Work, and referenced policies (including the Privacy Policy and Terms of Service), constitutes the entire agreement between the parties.
• Amendments: This Agreement may only be amended by a written instrument signed by both parties, except that Provider may update referenced policies (Privacy Policy, Terms of Service) with 30 days' notice.
• Severability: If any provision is held invalid, the remaining provisions continue in full force.
• Waiver: No waiver of any provision shall be deemed a waiver of any other provision or of the same provision on a future occasion.
• Assignment: Neither party may assign this Agreement without the other party's prior written consent, except in connection with a merger, acquisition, or sale of substantially all assets.
• Independent Contractors: The parties are independent contractors. Nothing herein creates a partnership, joint venture, or employment relationship.
• Force Majeure: Neither party shall be liable for failure to perform due to circumstances beyond reasonable control, including acts of God, war, terrorism, pandemics, government orders, or failures of third-party infrastructure.
• Notices: All notices shall be in writing and sent to the addresses specified in the Order Form, or by email to legal@proofco.ai for Provider.
• Counterparts: Order Forms may be executed in counterparts, including electronic signatures, each of which shall be deemed an original.

14. Contact