Master Services Agreement

Agreement means this Master Services Agreement, together with any applicable order forms, statements of work, and addenda incorporated by reference. Customer means the entity that has accepted this Agreement. Cisora means CISORA LLC, a Delaware limited liability company.

Services means the AI agent observability, security monitoring, and compliance platform made available at cisora.io, including any APIs, SDKs, and support services described in an applicable order form. Customer Data means all data, content, and information submitted by Customer to the Services. Confidential Information means any non-public information disclosed by one party to the other that is designated as confidential or that reasonably should be understood to be confidential.

Subject to Customer's compliance with this Agreement and payment of all applicable fees, Cisora grants Customer a limited, non-exclusive, non-transferable right to access and use the Services during the subscription term for Customer's internal business purposes.

Cisora will make commercially reasonable efforts to maintain Service availability of at least 99.5% uptime per calendar month, excluding scheduled maintenance windows. Cisora reserves the right to modify or discontinue any feature of the Services with 30 days' notice for material changes.

Customer may not sublicense, resell, or otherwise make the Services available to third parties without Cisora's prior written consent. Authorized users are limited to Customer's employees and contractors acting on Customer's behalf.

Customer is responsible for all activity occurring under its account, including ensuring that authorized users comply with this Agreement. Customer shall maintain the security and confidentiality of its API keys and account credentials and promptly notify Cisora of any suspected unauthorized access.

Customer agrees not to use the Services to violate any applicable law or regulation; to reverse engineer, decompile, or disassemble any component of the Services; to transmit malware or interfere with the integrity of the Services; or to scrape or harvest data from the platform.

Customer agrees to pay all fees set forth in the applicable order form. Unless otherwise specified, fees are invoiced monthly in arrears and are due within 30 days of invoice date (NET-30). Enterprise customers may negotiate NET-60 payment terms.

Cisora supports invoice billing via ACH transfer, wire transfer, and credit card (via Stripe). All fees are quoted in USD and are non-refundable except as expressly set forth in this Agreement. Cisora reserves the right to suspend access for accounts more than 15 days past due.

Cisora may adjust subscription pricing at the start of each renewal term with at least 60 days' prior written notice. Usage-based charges (if applicable) are calculated based on metered usage reported by the platform.

Cisora retains all intellectual property rights in and to the Services, including all software, algorithms, models, documentation, and improvements thereto. This Agreement does not grant Customer any rights to Cisora's intellectual property except the limited license set forth in Section 2.

Customer retains all intellectual property rights in Customer Data. Customer grants Cisora a limited, worldwide license to process and use Customer Data solely to provide and improve the Services as described in the Data Processing Addendum. Cisora does not use Customer Data to train AI models or for any purpose beyond service delivery.

Each party agrees to protect the other's Confidential Information using at least the same degree of care used to protect its own confidential information, and in no event less than reasonable care. Neither party will disclose the other's Confidential Information to third parties without prior written consent, except to employees and contractors who need it to perform obligations under this Agreement and are bound by equivalent confidentiality obligations.

Confidentiality obligations do not apply to information that: is or becomes publicly available through no fault of the receiving party; was rightfully known by the receiving party before disclosure; is independently developed without reference to Confidential Information; or is required to be disclosed by law or court order, provided the disclosing party is given reasonable advance notice.

Cisora implements and maintains commercially reasonable technical and organizational security measures designed to protect Customer Data from unauthorized access, disclosure, alteration, or destruction. Cisora's current security practices are described at cisora.io/security.

In the event of a confirmed security breach affecting Customer Data, Cisora will notify Customer within the timeframe required by applicable law, and in no event later than 72 hours after becoming aware of the breach. The parties will cooperate in good faith to mitigate any harm resulting from such a breach.

Cisora warrants that: (a) it has the right to enter into this Agreement; (b) the Services will perform materially in accordance with the applicable documentation; and (c) Cisora will not knowingly introduce malware or unauthorized code into the Services.

EXCEPT AS EXPRESSLY SET FORTH ABOVE, THE SERVICES ARE PROVIDED "AS IS" AND CISORA DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. CISORA DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY'S AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT SHALL EXCEED THE FEES PAID BY CUSTOMER TO CISORA IN THE 12-MONTH PERIOD PRECEDING THE CLAIM.

IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, DATA, OR GOODWILL, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THESE LIMITATIONS APPLY REGARDLESS OF THE LEGAL THEORY ON WHICH THE CLAIM IS BASED.

This Agreement commences on the effective date and continues until terminated. Either party may terminate this Agreement for convenience with 30 days' written notice. Either party may terminate immediately upon written notice if the other party materially breaches this Agreement and fails to cure such breach within 30 days of written notice.

Upon termination: Customer's access to the Services will cease; Cisora will make Customer Data available for export for 30 days before deletion; and each party will promptly return or destroy the other's Confidential Information. Sections that by their nature should survive termination will do so, including Sections 5, 6, 8, 9, and 11.

This Agreement is governed by the laws of the State of Delaware, United States, without regard to its conflict of law principles. The parties consent to exclusive jurisdiction and venue in the state and federal courts located in Delaware. The United Nations Convention on Contracts for the International Sale of Goods does not apply.

Any dispute arising from this Agreement shall first be submitted to good-faith negotiation between senior representatives of the parties for a period of 30 days before either party may initiate formal legal proceedings. This Agreement constitutes the entire agreement between the parties with respect to its subject matter and supersedes all prior or contemporaneous agreements.