Pricing
Talk to An Expert

Master Service Agreement

( Legal )

Master Service
Agreement

Rev. May 13th 2026

Cyber Security Solutions, Inc. ("CSS")

About this document

This is a legally binding contract between CSS and the Customer. Signing, accepting or accessing the Solutions means you agree to these terms.

1. Key Terms & Definitions

The following words have specific meanings throughout this Agreement:

1.1 Affiliates

Any company that is controlled by, or under common control with, a Party. Customer’s Affiliates may use the Solutions under this Agreement, provided Customer timely pays all required fees and notifies CSS and remains fully responsible for their compliance.

1.2 Confidential Information

Any information one Party shares with the other that is marked confidential, or that a reasonable person would understand to be confidential given the circumstances. This includes — but is not limited to — this Agreement, pricing, business plans, technical data, Customer Data, product information, and financial information.

1.3 Current Release

The latest commercially released version of the Solutions (not a Beta or pre-release version as identified by CSS to the Customer).

1.4 Customer Data

All data and information that Customer uploads, stores, or processes within the Solutions, including Personal Data, but excluding System Data.

1.5 Documentation

CSS’s current user guides, technical manuals, installation instructions, and similar materials describing how the Solutions work as provided to Customer.

1.6 Enhancements

Updates, patches, bug fixes, and new versions of an existing licensed Solution that CSS officially releases and provides to all customers.

1.7 Evaluation

A limited, internal test of Enhancements or a new solution (“Beta Solution”) by a Customer who may be considering the license of that Beta Solution or implementation of the Enhancement — with no obligation on either side to enter into an agreement for that Beta Solution.

1.8 Intellectual Property Rights

All patents, copyrights, trademarks, trade secrets, moral rights, and any other intellectual property rights recognized in any jurisdiction, including pending applications.

1.9 Partner

An authorized CSS sales agent or reseller.

1.10 Personal Data

Any Customer Data that identifies or could identify a specific person or household.

1.11 Personal Data Processing Addendum

The Personal Data Processing Addendum that is considered incorporated and part of this Agreement that specifically relates to the processing of non-public personal information of individuals by CSS in compliance with applicable laws.

1.12 Restrictions

Limits on how Customer may use the Solutions, as stated in this MSA or in the applicable Solutions Addendum.

1.13 Site

CSS’s website at www.securedbycss.com, or as otherwise defined in a Solutions Addendum.

1.14 Solutions

All products and services offered by CSS and licensed by Customer under this Agreement.

1.15 Solutions Addendum

An addendum to this Agreement describing the specific Solutions Customer subscribes to, related payment terms, and any additional conditions. The Solutions Addendum may also be referred to as the Statement of Work or SOW.

1.16 Subscription Term

The period during which Customer is licensed to use the Solutions, as further described in the Solutions Addendum.

1.17 System Data

De-identified, aggregated data generated by the Solutions — such as usage statistics, performance metrics, threat detections, and system behavioral data. System Data does not include Customer Data.

1.18 Third Party Products

External products, applications, software, or systems that CSS permits to integrate with the Solutions.

1.19 Third Party Service

A third party that manages, installs, or operates the Solutions on Customer’s behalf, or that monitors, supports, or connects Third Party Products to the Solutions.

2. Using the Solutions

2.1 License

CSS grants Customer a limited, non-exclusive license to use the specific Solutions Customer subscribes to — only for the purposes they were designed for, during the Subscription Term, and subject to the Restrictions in the applicable Solutions Addendum. Customer may not reverse-engineer any part of the Solutions.

By using the Solutions, Customer also grants CSS a non-exclusive, royalty-free, worldwide license to use Customer Data and System Data solely to:

  • Provide the Solutions to Customer;
  • Improve the functionality of the Solutions for other CSS customers;
  • Share on an anonymous basis with organizations working to improve data protection methods; and
  • Share with government authorities for potential prosecution of unauthorized access to data systems.

2.2 Following Documentation

Customer must use the Solutions in accordance with the then-current Documentation at all times.

2.3 Third Party Products

If Customer enables or connects any Third Party Products to the Solutions, CSS does not warrant or take responsibility for those products — even if CSS recommends them. Customer’s use of Third Party Products is governed by the terms of those products with the Customer. CSS is not liable for any harm, loss, or cost arising from use of Third Party Products. By enabling Third Party Products, Customer authorizes CSS to share Customer’s login credentials and Customer Data with those products as needed.

2.4 Third Party Services

Customer may allow a Third Party Service provider to access the Solutions, provided that:

  • Customer advises CSS of the identity of the Third Party Service provider;
  • Customer is solely responsible to CSS for that provider’s compliance with this Agreement;
  • The provider uses the Solutions only for Customer’s internal purposes;
  • Customer obtains written confirmation that the provider has been advised of this Agreement’s terms and agrees to comply with such terms; and
  • Customer shall indemnify CSS for any breach of this Agreement by the provider.

3. Evaluations, Beta Programs & Early Adoption

3.1 Evaluation Period

If Customer receives any Enhancement, Beta Solution or the Solutions for testing, the testing period shall be as set by CSS, which period CSS may terminate at any time without notice.

3.2 Evaluation Rules

During an Evaluation, Customer:

  • May only use the Enhancement, Beta Solution or the Solutions for internal testing within Customer’s own environment;
  • May not share the Enhancement, Beta Solution, Solutions or System Data with anyone outside those specifically identified to CSS;
  • Must uninstall the Enhancement, Beta Solution, Solutions and System Data after the Evaluation ends and confirm this in writing to CSS;
  • Acknowledges that all System Data generated during testing period belongs solely to CSS; and
  • Agrees not to share Evaluation results with anyone outside Customer’s organization.

CSS may automatically disable access at the end of, or during, the testing period without notice.

3.3 Beta & Early Adoption Programs

If Customer participates in an Evaluation, Customer acknowledges that these versions are pre-release, may contain bugs or errors, and are provided at CSS’s sole discretion. CSS may end any such program at any time without notice. All results and information from these programs are CSS’s Confidential Information.

3.4 Disclaimer for Evaluations & Beta Use

IMPORTANT: During Evaluations, Beta Solution, or early adoption use, the product and services are provided “AS IS” with no warranties of any kind. CSS is not liable to Customer for any indirect, incidental, special, or consequential damages arising from Customer’s use of or inability to use any systems or Customer Data as a result of an Evaluation, Beta Solution or early adoption use. Notwithstanding, CSS’s maximum liability during any such program is limited to $100.

4. Ownership & Intellectual Property

4.1 Customer Owns Customer Data

Customer retains all rights, title, and interest in and to Customer Data, including all Intellectual Property Rights in that data.

4.2 CSS Owns the Solutions

CSS retains all rights, title, and interest in and to the Solutions, Documentation, System Data, Enhancements, and all derivative works and modifications thereof — including all Intellectual Property Rights.

4.3 No Implied Licenses

Each Party reserves all rights not expressly granted in this Agreement. No licenses are granted by implication, estoppel, or otherwise beyond what is explicitly stated within this Agreement.

5. Fees, Billing & Payments

5.1 Fees & Late Payment

All fees are set out in the applicable Solutions Addendum or this Agreement and are due within the timeframe specified there. If Customer’s payment is overdue and Customer fails to pay within ten (10) days of receiving written notice from CSS, CSS may suspend access to the Solutions without further notice. This non-payment constitutes a material breach of this Agreement. Except as described in Section 11.3, fees are non-refundable.

5.2 Usage Overages (“True-Up”)

If Customer exceeds its subscribed usage levels, CSS may at any time invoice Customer for the excess on a pro-rata basis at the per-unit price in the Solutions Addendum. Customer must pay any such True-Up amount within seven (7) days of receiving the invoice.

5.3 Taxes

Customer is responsible for any sales, use, personal property, or similar taxes that CSS is required to collect and remit to a government authority in connection with Customer’s use of the Solutions. Neither Party is responsible for the other’s income taxes.

6. Privacy & Security

6.1 How CSS Handles Customer Data

CSS will:

  • Only store, process, and access Customer Data to the extent necessary to provide the Solutions and create System Data; and
  • Implement and maintain technical, physical, and organizational safeguards that have been designed to protect Customer Data from unauthorized access, use, alteration, or disclosure.

Customer is solely responsible for managing its own login credentials and controlling who has access to the Solutions or any Customer Data through the Solutions. Any unauthorized access using valid credentials issued by Customer is Customer’s responsibility.

6.2 Personal Data & Data Protection

If Customer Data includes Personal Data, CSS will process it under the terms of the Personal Data Processing Addendum (DPA). The DPA is incorporated into this Agreement by reference. CSS may update the DPA from time to time on sixty (60) days advance written notice to Customer. In the event of any such update Customer shall have thirty (30) days after such notice to terminate the Agreement and any applicable Solutions Addendum. In the event the Customer seeks to terminate, the Parties shall negotiate in good faith a termination schedule with the appropriate fees being paid by the Customer until the termination date.

Notwithstanding the DPA, before uploading any Customer Data into the Solutions the Customer must evaluate whether the terms and conditions of any agreement the Customer may have with any third party allows for such information sharing with CSS, and CSS’s processing obligations (as described in the DPA) are sufficient to protect that information under that agreement and applicable law. Customer must not upload any such information if it determines those measures are insufficient.

7. Confidentiality

7.1 Obligations

Each Party (as “Receiving Party”) agrees to:

  • Keep the other Party’s Confidential Information strictly confidential during the term of this Agreement and for five (5) years after it ends (or indefinitely for trade secrets);
  • Use the same level of care to protect the other Party’s Confidential Information as it uses for its own confidential information — and no less than reasonable care;
  • Use Confidential Information only to fulfill its obligations under this Agreement; and
  • Limit disclosure to directors, officers, employees, and contractors who need to know it and have been advised of the confidentiality obligation.

Either Party may disclose the terms of this Agreement to its legal counsel, accountants, financing sources, and in connection with enforcement, mergers, or acquisitions.

7.2 Exceptions

Confidential Information does not include information that:

  • Is or becomes publicly known through no fault of the Receiving Party;
  • Was already in the Receiving Party’s possession before disclosure;
  • Is independently developed by the Receiving Party without reference to the Confidential Information; or
  • Is received from a third party without any confidentiality restriction.

If required by law or court order to disclose Confidential Information, the Receiving Party must: (a) give the Disclosing Party written notice within 24 hours of receiving the order (unless prohibited by law); and (b) cooperate to allow the Disclosing Party to seek a protective order or other relief. The Receiving Party bears the burden of proving by clear and convincing evidence that an exception applies.

7.3 Remedies for Breach

Both Parties acknowledge that a breach of confidentiality obligations would cause irreparable harm that money damages alone could not adequately compensate. In addition to all other available remedies, the Disclosing Party has the right to seek immediate injunctive relief from any court of competent jurisdiction, without needing to show actual damage, prove inadequacy of legal remedies, or post a bond.

8. Representations, Warranties & Disclaimers

8.1 Mutual Representations

Each Party represents and warrants that:

  • It is a validly existing legal entity in good standing;
  • It has full authority to enter into and perform its obligations under this Agreement;
  • The person signing or agreeing on its behalf is duly authorized;
  • This Agreement is a valid, binding, and enforceable obligation; and
  • It will perform its obligations in compliance with applicable federal and state laws.

Customer additionally warrants that any data it uploads: (a) does not infringe any third party rights or violate any law; and (b) does not contain any malware, viruses, or malicious code.

8.2 CSS Warranty on the Solutions

CSS warrants that the Solutions will substantially conform with the Documentation in all material respects during the Subscription Term. If a material non-conformity is reported, CSS will, at its discretion: (i) provide an error correction or workaround; (ii) replace the non-conforming component; or (iii) if neither is feasible within a reasonable time, terminate the Agreement and issue a pro-rata refund.

This warranty does not apply if: (a) the Solutions are not used in compliance with Documentation; (b) Customer or a third party makes unauthorized modifications; (c) Customer is using a non-current release; (d) the issue is caused by Customer’s misuse; or (e) the issue arises during an Evaluation.

8.3 Disclaimer of Other Warranties

DISCLAIMER: Except as expressly set out in Section 8, CSS makes no representations or warranties, express or implied, including warranties of merchantability, fitness for a particular purpose, accuracy, or non-infringement. CSS does not guarantee that the Solutions will detect all threats, vulnerabilities, malware, or unauthorized access. Reports generated by the Solutions are provided “as-is.”

9. Indemnification

9.1 CSS Indemnifies Customer

CSS will defend Customer and its directors, officers, employees, contractors, and agents (collectively, “Customer Indemnitees”) against any third party claim alleging that Customer’s use of the Solutions — as permitted under this Agreement — infringes a third party’s Intellectual Property Rights or alleging a breach of CSS’s legal obligations. CSS will pay all damages, fees, fines, settlements, and reasonable attorneys’ fees finally awarded or included in a CSS-approved settlement.

To address an infringement claim, CSS may, at its option: (i) obtain a license for Customer to continue using the Solutions; (ii) replace the infringing component; (iii) modify the Solutions to be non-infringing; or (iv) settle the claim without requiring Customer to pay. If none of these options is commercially reasonable, CSS may terminate this Agreement with at least thirty (30) days’ notice (or immediately if continued use would likely infringe) and refund all prepaid unused fees.

CSS’s indemnity does not cover claims arising from: (a) Customer’s negligence or misconduct; (b) Customer’s breach of this Agreement; (c) unauthorized combinations with other software or hardware; (d) unauthorized modifications by Customer or third parties; (e) use of the Solutions contrary to this Agreement; or (f) continued use after CSS provided a non-infringing alternative.

9.2 Customer Indemnifies CSS

Customer will defend CSS and its directors, officers, employees, and agents (collectively, “CSS Indemnitees”) against any third party claim arising from: (a) Customer’s breach of this Agreement or applicable law; (b) Customer’s use of the Solutions with Third Party Products in violation of third party rights; (c) any claim arising from Customer’s obligations under Sections 2.3, 2.4, or the Restrictions; or (d) failure to safeguard account login credentials. Customer will pay all damages, fees, fines, settlements, and reasonable attorneys’ fees finally awarded or included in a Customer-approved settlement.

9.3 Indemnification Procedures

To receive indemnification, the indemnified Party must: (i) promptly notify the indemnifying Party in writing of the claim (delay does not waive the right unless it materially prejudices the defense); (ii) give the indemnifying Party control of the defense and settlement (except that any settlement requiring the indemnified Party to take affirmative action requires its prior written approval); and (iii) provide reasonable cooperation and assistance in the defense.

10. Limitation of Liability

10.1 GENERAL CAP: CSS’s total liability under this Agreement will not exceed the fees Customer paid or owed to CSS in the 12 months preceding the event giving rise to the claim.

10.2 DATA BREACH CAP: For claims arising from Section 6 (Privacy & Security) or related to Customer Data, CSS’s total aggregate liability is capped at the greater of $1,000,000 or the fees paid in the prior 12 months.

11. Term, Termination & What Happens After

11.1 Term & Renewal

This Agreement begins on the Effective Date (as set forth on the signature page) and remains in effect until all active Solutions Addendums expire or are terminated. Each Solutions Addendum sets the Subscription Term.

11.2 Termination for Cause

Either Party may immediately terminate this Agreement (and any corresponding Solutions Addendum) if the other Party: (i) materially breaches and does not cure the breach within thirty (30) days of written notice; or (ii) becomes insolvent, makes an assignment for the benefit of creditors, has a petition for insolvency or bankruptcy filed for it or against it (voluntary or involuntary), or comes under the control of a trustee or receiver.

CSS may also terminate immediately, with notice, if CSS reasonably believes Customer is using (or has allowed the use of) the Solutions in an unauthorized manner likely to cause harm to CSS or any third party.

11.3 Effects of Termination

Upon termination or expiration:

  • All licenses granted to Customer end immediately;
  • All CSS obligations under this Agreement or any Solutions Addendum shall cease immediately;
  • No refunds will be issued for prepaid unused fees — except if Customer terminates due to CSS’s material breach, or if CSS terminates under Sections 8.2 or 9.1 (in which case refunds are pro-rated for the unused Subscription Term);
  • Customer must immediately pay any outstanding fees due through the end of the Subscription Term;
  • Upon written request, each Party must return or destroy the other’s Confidential Information (CSS may retain System Data and information about its performance of the Solutions);
  • Customer must immediately stop using the Solutions and destroy all copies;
  • Customer must uninstall the Solutions within ten (10) days and confirm in writing; and
  • Customer must allow CSS to enter its premises to retrieve any CSS equipment installed there.

CSS may audit Customer’s compliance with these obligations and Customer must provide reasonable access for that purpose upon written request.

Survival Sections 4, 6, 7, 9, 10, 11.3, and 12, as well as all Restrictions, survive termination of this MSA.

12. General Provisions

12.1 Entire Agreement

This Agreement and all referenced documents represent the full agreement between the Parties regarding the Solutions and supersede all prior or contemporaneous agreements, proposals, negotiations, and discussions on this subject — written or oral. In case of conflict, the applicable Solutions Addendum controls over this Agreement.

12.2 Independent Contractors

CSS and Customer are independent contractors. Neither Party is the agent, employee, partner, or representative of the other, and neither has authority to bind or create obligations for the other.

12.3 Governing Law & Dispute Resolution

This Agreement is governed by the laws of the State of Florida, without regard to conflict-of-law principles. Any lawsuits must be filed in state or federal court in Hillsborough County, Florida. Before filing suit, the Parties must first attempt good-faith mediation in Hillsborough County (except for actions to protect Intellectual Property Rights). The prevailing party in any legal proceeding is entitled to reasonable attorneys’ fees and costs.

12.4 Publicity

Customer grants CSS a non-exclusive, royalty-free, worldwide license during the Subscription Term and for twelve (12) months thereafter to use, display, and reproduce Customer’s name, trade names, trademarks, service marks, and logos (collectively, “Customer Marks”) solely for CSS’s marketing and promotional purposes, including without limitation on CSS’s website and customer lists, in case studies, sales presentations, proposals, pitch decks, social media posts, press releases, and investor materials. No prior notice to or consent from Customer is required for such uses. CSS shall use the Customer Marks in accordance with any written brand or trademark usage guidelines that Customer provides to CSS in advance, and shall not use the Customer Marks in a manner that suggests Customer’s endorsement of any specific third party product or service. Customer may revoke this license upon thirty (30) days’ prior written notice to CSS, after which CSS shall cease new uses of the Customer Marks; provided, however, that materials already published, printed, archived, or distributed prior to the effective date of revocation, and third-party-hosted content not within CSS’s reasonable control, are excepted from this obligation. Except as expressly set forth above, neither Party may use the other’s trade names, trademarks, service marks, or logos without prior written consent. Neither Party will challenge the other’s trade names, trademarks, service marks, or logos, or disparage the other Party in any communication that is made publicly or to other persons who seek a comment about the other party.

12.5 Assignment

Neither Party may assign this Agreement or any rights under it without the other Party’s prior written consent (which will not be unreasonably withheld or delayed). Any attempted assignment without consent is void. Either Party may assign this Agreement to a successor of substantially all its business or assets — by merger, sale, or otherwise — with written notice, provided the successor agrees in writing to assume all obligations under this Agreement.

12.6 Export Compliance

The Solutions are subject to U.S. export control laws, including Export Administration Regulations and OFAC sanctions. Customer agrees not to access or use the Solutions from any prohibited jurisdiction (currently Belarus, Cuba, Eritrea, Iran, North Korea, Russia, Syria, and the Crimea region), and not to permit access by any prohibited person or entity. Customer represents that neither it nor any of its officers, directors, 10%+ shareholders, or Affiliates is a prohibited person or is controlled by one.

12.7 Amendments & Waivers

Changes to this Agreement must be in writing and signed by authorized representatives of both Parties. Failure to enforce any right under this Agreement is not a waiver of that right. All rights and remedies are cumulative.

12.8 Notices

All legal notices must be in writing and delivered by hand, overnight courier, confirmed email, or certified mail to the addresses specified in the applicable Solutions Addendum. All notices to CSS must also be emailed to [email protected] on the same date. Either Party may update its notice address with thirty (30) days’ prior written notice. Notice is effective on the earlier of five (5) days after deposit for delivery or the date on the confirmed email or courier receipt.

12.9 Severability

If any provision of this Agreement is found invalid or unenforceable, the remaining provisions remain in full force. The Parties will negotiate in good faith to replace the invalid provision with one that reflects their original intent as closely as possible.

12.10 Force Majeure

Neither Party is responsible for failure to perform (other than payment obligations) caused by events beyond its reasonable control, including acts of God (fire, flood, earthquake, pandemic), civil disturbances, power or telecommunications outages, labor disturbances, cyberattacks, or malicious acts of third parties.

12.11 Counterparts

This Agreement may be signed in counterparts, each of which is an original. Signatures exchanged by email (including Adobe PDF or similar