These terms are effective as of January 1, 2026. Orders placed on or after this date are governed by these terms unless a separate written agreement applies.
Master Agreement
Exhibits
This Master Services Agreement (this "Master Agreement") is entered into between SOVA Systems, Inc., a California corporation ("SOVA" or "we"), and the entity identified on the applicable Order Form ("Customer" or "you"). SOVA and Customer may each be referred to as a "Party" and collectively as the "Parties."
Customer Identity and Contracting Structure. "Customer" means solely the legal entity that executes the applicable Order Form or Transaction Document. Customer may operate under a franchise, license, management agreement, or service contract with a parent company, franchisor, brand owner, or contracting principal (a "Principal Entity"), or Customer may itself be a service provider deploying the SOVA Offerings at facilities owned or operated by its own clients ("End Clients"). In either case:
(a) A Principal Entity is not a party to this Agreement and has no rights or obligations hereunder unless the Principal Entity separately executes this Agreement or a written joinder.
(b) End Clients at whose facilities the SOVA Offerings are deployed are not parties to this Agreement. Customer is solely responsible for ensuring that its use of the SOVA Offerings at End Client facilities complies with this Agreement and all applicable laws.
(c) Customer represents and warrants that it has the legal authority to enter into this Agreement on its own behalf and that no approval or consent from any Principal Entity or End Client is required for Customer to be bound by the terms of this Agreement.
Customer shall identify its Principal Entity (if any), End Clients (if applicable), and the applicable site(s) or location(s) on the Order Form.
Under this Master Agreement, Customer may license or access SOVA software and/or software appliances (collectively, the "Software"), procure hardware or hardware appliances related to the Software ("Hardware"), software as a service ("SaaS"), and/or request maintenance and support of the Software and/or Hardware ("Support") or consulting services or education ("Services") through one or more Order Forms and/or Statements of Work ("SOW"). The Software, Hardware, Support, SaaS, and Services shall be collectively known as "SOVA Offerings" (each a "SOVA Offering"), and the Order Forms and SOWs may be collectively referred to as "Transaction Documents."
While this Master Agreement sets forth the relationship between Customer and SOVA and details certain terms applicable to the Parties' relationship, each specific SOVA Offering is subject to additional terms and conditions. The additional terms applicable to each SOVA Offering are set forth in the following modules attached to this Master Agreement as exhibits (collectively, the "Specific Program Documentation," each an "SPD"):
This Master Agreement, the SPDs attached hereto as exhibits, any Transaction Documents, and any additional exhibits and/or addenda to the foregoing make up the entire Agreement between Customer and SOVA for the SOVA Offerings (the "Agreement"). If there is a conflict between this Master Agreement, the Specific Program Documentation, and/or any Transaction Documents, the descending order of priority shall be as follows: First, this Master Agreement; second, any Exhibit to this Master Agreement; and third, any Transaction Document.
Any other agreements, proposals, purchase orders, representations or understandings, made verbally or in writing, and any other policies, terms and/or conditions, whether hosted online by SOVA, referenced in any document by hyperlink, or otherwise made available to Customer or any Customer personnel, that purport to apply to any SOVA Offering, are superseded in their entirety by the Agreement.
Subject to payment of applicable fees, SOVA grants Customer a non-exclusive, non-transferable, revocable license to access and use the applicable SOVA Offering for Customer's internal business operations through the time period set forth in this Agreement or the applicable Transaction Document(s) in accordance with the terms of this Agreement.
Site and Location Limitation. The license and right to use the SOVA Offerings are limited to the physical site(s), location(s), and — where applicable — End Client(s) and Principal Entity or brand — identified on the applicable Order Form. Customer shall not use the SOVA Offerings for operations at, or in connection with, any other site, location, brand, or entity under Customer's corporate umbrella (including affiliated or commonly owned properties in different geographical regions) unless such use is expressly covered by a separate Order Form or a written amendment to this Agreement. Use of the SOVA Offerings at or for sites, locations, brands, or regions not identified on the Order Form is outside the scope of the rights granted hereunder and may constitute a material breach as set forth below.
"Authorized Users" means those individuals whom Customer authorizes to access a particular SOVA Offering, including: (a) Customer's own employees and agents; (b) third-party contractors, subcontractors, or service providers engaged by Customer to perform services on Customer's behalf or at Customer's direction ("Third-Party Personnel"); and (c) employees of End Clients who require access to the SOVA Offerings as part of Customer's service delivery, where identified on the Order Form.
Third-Party Personnel who are employed by or affiliated with a competitor of SOVA (including any entity that develops, markets, or sells software products that are competitive with or substantially similar to any SOVA Offering) may be designated as Authorized Users only where: (i) Customer has directed such Third-Party Personnel to use the SOVA Offerings in the course of performing services for Customer or Customer's End Clients; and (ii) such Third-Party Personnel are subject to the confidentiality and use restrictions set forth in this Agreement. Customer shall ensure that such Third-Party Personnel do not use any information, knowledge, or access gained through the SOVA Offerings to develop, enhance, or improve any competing product or service. Customer is fully responsible for any breach of this Agreement by Third-Party Personnel as set forth below.
In exchange for this license or right to use, Customer agrees to undertake reasonable efforts to protect the integrity and security of the SOVA Offerings as set forth herein.
Customer agrees that it will not, and will ensure that its Authorized Users (including Third-Party Personnel) do not: (i) provide, sub-license, or transfer the SOVA Offerings to third parties other than to Authorized Users; (ii) make any use of the SOVA Offering for which Customer has not paid or which is not otherwise reasonably contemplated by the Agreement; (iii) claim any rights in the SOVA Offering other than the rights set forth in the Agreement; (iv) modify the SOVA Offerings except as contemplated herein or in the Documentation; (v) reverse engineer, decompile, or attempt to extract source code from the SOVA Offerings, except to the extent expressly permitted by applicable law; (vi) use the SOVA Offerings for unlawful surveillance or in a manner that violates any applicable law; (vii) attempt unauthorized access to SOVA infrastructure; (viii) export or use the SOVA Offering in violation of U.S. or other applicable laws and regulations; (ix) demonstrate, display, screenshot, screen-record, or otherwise disclose the SOVA Offerings — including but not limited to user interface screens, dashboards, reports, workflows, features, or functionality — to any competitor of SOVA, any vendor of competing products or services, or any other unauthorized third party (provided, however, that authorized use of the SOVA Offerings by Third-Party Personnel in the ordinary course of performing services for Customer as contemplated by this Agreement shall not constitute a violation of this clause, so long as such Third-Party Personnel do not disclose SOVA Confidential Information or SOVA Proprietary Elements to their employer's product development, engineering, or competitive intelligence functions); (x) perform or disclose any benchmark or performance tests on the SOVA Offerings without SOVA's prior written consent; (xi) use any information, knowledge, or familiarity with the SOVA Offerings gained through access as an Authorized User to inform the design, development, enhancement, or marketing of any product or service that competes with any SOVA Offering; or (xii) use the SOVA Offerings for or at any site, location, brand, or geographical region not identified on the applicable Order Form unless such use is covered by a separate Order Form or written amendment (see Site and Location Limitation above).
A breach by Customer or any Authorized User of the obligations set forth in clauses (ix), (x), (xi), or (xii) above shall constitute a material breach of this Agreement entitling SOVA to exercise its rights under Section 25 (Term and Termination), including Termination for Cause, and to seek injunctive relief without the requirement of posting a bond or proving actual damages, in addition to any other remedies available at law or in equity.
Customer Responsibility for Authorized Users and Third-Party Personnel. Customer is responsible for all acts and omissions of its Authorized Users — including Third-Party Personnel — in connection with the SOVA Offerings, including but not limited to compliance with the restrictions set forth in this Section, the confidentiality obligations set forth in Section 5, and the intellectual property protections set forth in Section 19. Customer shall ensure that all Authorized Users are made aware of and agree to abide by the terms of this Agreement applicable to their use of the SOVA Offerings. Where Authorized Users include Third-Party Personnel employed by or affiliated with a competitor of SOVA, Customer shall use commercially reasonable efforts to ensure that such Third-Party Personnel do not transmit SOVA Confidential Information or knowledge of SOVA Proprietary Elements to their employer's product development, engineering, or competitive intelligence teams or functions. Any breach of this Agreement by an Authorized User — including a Third-Party Personnel member — shall be deemed a breach by Customer. Customer shall, upon becoming aware of any unauthorized use or disclosure of the SOVA Offerings by an Authorized User or former Authorized User, promptly notify SOVA in writing and take all reasonable steps to prevent further unauthorized use or disclosure.
Geographic and Usage Signals; Audit of Site Usage. SOVA stores Internet Protocol (IP) addresses and other technical signals to ensure authorized access to the SOVA Offerings and to protect the security and integrity of the platform. Access by Authorized Users from geographical regions that differ from the site(s) or location(s) identified on the Order Form may generate signals that SOVA reviews. Such signals can reflect benign activity — for example, an employee of Customer accessing the portal from a different region while traveling or working remotely — and do not by themselves indicate a breach. However, when a login or session from a different geographical region results in the addition or creation of operational data through the SOVA Offerings (including but not limited to incident reports, shift reports, daily activity reports, guard tour data, inspection reports, lost and found entries, or other records that imply use of the platform for a site or operation not covered by the Order Form), SOVA may treat such activity as a signal that the platform is being used for sites, locations, brands, or operations beyond the rights granted under this Agreement. In that event, SOVA may conduct an audit of site usage. If SOVA reasonably determines that Customer has used the SOVA Offerings for sites, locations, brands, or geographical regions not identified on the Order Form and not otherwise authorized by a separate Order Form or written amendment, such use shall constitute a material breach of this Agreement, entitling SOVA to exercise its rights under Section 25 (Term and Termination), including Termination for Cause, and to pursue any other remedies available at law or in equity. Customer shall cooperate in any such audit by providing information reasonably requested by SOVA to verify the scope of use.
Any right that is not granted to Customer under this Agreement is reserved to SOVA.
The technical documentation and user manuals provided to all customers for each SOVA Offering ("Documentation") are located on the https://support.sovasystems.com website. SOVA represents and warrants that the SOVA Offerings will materially conform to the specifications in the Documentation.
The SOVA platform provides operational and security management software used across a wide range of industries and environments, including but not limited to hospitality properties, entertainment venues, sporting complexes, corporate campuses, insurance and risk management operations, contract security providers, public utilities, government facilities, and public-access venues. The platform may include functionality for:
The system may include:
The specific SOVA Offerings procured by Customer are set forth in the applicable Transaction Document(s).
SOVA understands that the technology Customer uses to run its business is important, and SOVA stands behind the quality of the SOVA Offerings. Without limiting the warranties set forth in the applicable SPDs, the following warranties apply to the specific type of SOVA Offering starting from the effective date of the applicable Transaction Document:
Each Party may during the Term of the Agreement have access to the other Party's confidential information ("Confidential Information"). Confidential Information shall mean all non-public information which the receiving Party knows, or reasonably should know, the disclosing Party considers confidential, including but not limited to Personal Information, Customer Data, SOVA IP, security configurations, pricing, business plans, and technical specifications (each as defined herein or below). Neither Party will at any time or in any manner (without the other Party's prior written authorization), either directly or indirectly, use for any purpose other than the performance of its obligations or the exercise of its rights under this Agreement, or otherwise disclose, any of the other Party's Confidential Information.
Each Party will afford the other Party's Confidential Information no less protection than its own most confidential information (and in any event no less protection than reasonable care), and treat the Confidential Information as strictly confidential. This provision shall continue to be effective after the expiration or termination of the Agreement. Upon expiration or termination of this Agreement, each Party will promptly return to the other Party all of such Party's Confidential Information, whether physical or electronic, subject to Section 23 (Data Disposal).
Except where prohibited by law, the following is not considered Confidential Information: (i) information which is rightfully in a Party's possession, or becomes known to a Party through proper means, in either case wholly independent of this Agreement; (ii) information which is independently developed without use or reference to the Confidential Information of the other Party; (iii) information that becomes publicly available through no fault of the receiving Party; or (iv) information that is received from a third party who is not under an obligation of confidentiality with respect to such information.
Customer retains all right, title, and interest in and to all information and/or data that Customer or its Authorized Users provide, upload, or generate through use of the SOVA Offerings ("Customer Data"). Customer Data is Customer's Confidential Information.
Customer Data may include, without limitation:
SOVA processes Customer Data solely for the purpose of providing the SOVA Offerings in accordance with this Agreement. During the Subscription Term, Customer Data will be accessible to Customer through the SOVA platform in accordance with the Documentation. Upon termination, Customer Data will be made available for export solely in standard SQL format as described in Section 26 (Data Export). Customer acknowledges that the SOVA platform's user interface, reporting capabilities, dashboards, and data visualization features are part of the SOVA Offerings and are not included in any data export.
SOVA shall not access Customer's user accounts or Customer Data stored within such user accounts ("SaaS Customer Data"), except to the minimum extent necessary in response to Customer support requests. SOVA will collect, modify, and analyze metadata and/or operations data which does not contain any Customer Data or other Customer Confidential Information, such as log files and transaction counts, solely for the purpose of maintaining and improving the SOVA Offerings.
SOVA is a technology platform provider. SOVA does not review, monitor, moderate, verify, or manage Customer Data uploaded to the SOVA Offerings. Customer has sole control over what data is uploaded to the platform, and Customer assumes full and exclusive responsibility for all Customer Data and all content uploaded, submitted, transmitted, or stored by Customer or its Authorized Users through the SOVA Offerings (collectively, "Customer Content").
Lawfulness of Customer Content. Customer represents, warrants, and covenants that all Customer Content:
(i) is lawful under all applicable federal, state, local, and international laws and regulations, including but not limited to laws governing privacy, data protection, employment, intellectual property, export controls, and criminal law;
(ii) does not infringe, misappropriate, or violate any third party's intellectual property rights, privacy rights, publicity rights, or any other proprietary rights;
(iii) does not contain child sexual abuse material ("CSAM"), non-consensual intimate images, content that exploits minors, or any other content whose possession or distribution is prohibited by law;
(iv) does not contain content that is defamatory, threatening, harassing, or that constitutes incitement to violence or discrimination in violation of applicable law;
(v) has been collected, obtained, and uploaded in compliance with all applicable laws, including any required notices to and consents from individuals whose personal information or images are included in the Customer Content; and
(vi) complies with all applicable U.S. export control and sanctions laws and regulations, including the Export Administration Regulations (15 CFR Parts 730-774), the International Traffic in Arms Regulations (22 CFR Parts 120-130), and regulations administered by the Office of Foreign Assets Control ("OFAC"). Customer shall not upload, transmit, or store any Customer Content that is subject to export restrictions, classified, or controlled under any applicable export control regime unless Customer has obtained all required authorizations and has provided written notice to SOVA of the nature of such restrictions.
Prohibited Uploads. Customer shall not, and shall ensure that its Authorized Users do not, upload, submit, or transmit to the SOVA Offerings:
(i) executable code, scripts, macros, or any software programs, regardless of format, except for standard document and image file types supported by the Documentation;
(ii) files intentionally designed to exploit vulnerabilities, overload system resources, or compromise the security or integrity of the SOVA Offerings or SOVA's infrastructure;
(iii) content that contains viruses, malware, ransomware, spyware, Trojan horses, worms, or any other malicious code or harmful components; or
(iv) data or files that exceed any file size, format, or type restrictions specified in the Documentation.
No SOVA Liability for Customer Content. SOVA shall have no liability whatsoever for Customer Content, including but not limited to the accuracy, completeness, legality, reliability, or appropriateness of any Customer Content. SOVA is not responsible for any claims, damages, losses, or liabilities arising from Customer Content, including claims by third parties whose personal information, images, or intellectual property is included in Customer Content. Customer acknowledges that SOVA has no obligation to pre-screen, review, flag, filter, modify, refuse, or remove any Customer Content, and that SOVA's processing of Customer Content in the course of providing the SOVA Offerings does not constitute endorsement, verification, or approval of such content.
SOVA Right to Suspend or Remove. Notwithstanding the foregoing, in the event SOVA becomes aware (through any means, including third-party notice, legal process, or law enforcement contact) that Customer Content may violate applicable law, this Agreement, or the rights of any third party, SOVA reserves the right to:
(i) notify Customer and request prompt removal of the offending content;
(ii) if Customer fails to remove the offending content within forty-eight (48) hours of SOVA's written notice (or immediately in the case of content that is unlawful on its face, including CSAM), suspend Customer's access to the SOVA Offerings or the affected portion thereof until the issue is resolved; and
(iii) where required by law, court order, or law enforcement directive, remove or disable access to the offending content without prior notice to Customer, provided that SOVA shall notify Customer as soon as legally permitted.
Exercise of these rights shall not constitute a breach of this Agreement by SOVA, and SOVA shall have no liability for any suspension or removal undertaken in good faith pursuant to this provision. Customer shall remain obligated to pay all fees during any suspension resulting from Customer's breach of this Section.
In the event SOVA or its agents Process ("Process" and its variants for purposes of this Section includes, without limitation, access, collect, record, organize, use, store, adapt, alter, retrieve, consult, transfer, disclose, or destroy) any information relating to an identified or identifiable natural person on behalf of Customer (collectively, "Personal Information"), SOVA in connection with this Agreement shall and shall cause its agents and personnel that Process such Personal Information to:
(a) European Union law, the law of any current or future Member State of the European Union ("EU Law"), including the General Data Protection Regulation (EU 2016/679) ("GDPR"); (b) the United Kingdom General Data Protection Regulation and Data Protection Act 2018; (c) the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"); (d) any other U.S. state privacy laws applicable to the Processing, including but not limited to the Virginia Consumer Data Protection Act, Colorado Privacy Act, Connecticut Data Privacy Act, and any successor statutes; and (e) any biometric privacy laws applicable to the Processing, including the Illinois Biometric Information Privacy Act ("BIPA"), the Texas Capture or Use of Biometric Identifier Act, and any similar legislation.
(a) Purpose: For the purpose of providing the SOVA Offerings to Customer as set forth in this Agreement; (b) Term: For the Term of this Agreement; and (c) Types of Personal Information: full name, email address, telephone number, photographic facial image, biometric facial templates (where applicable), geolocation data, Internet Protocol (IP) address, unique device identifier, government-issued identification information (where collected by Customer through the SOVA Offerings), arrival and departure timestamps, and vehicle information.
(a) as required or permitted by this Agreement; (b) with Customer's prior written consent; or (c) pursuant to an order or requirement of a court of law, administrative agency, or other governmental body, provided that SOVA gives reasonable notice to Customer to contest such order or requirement.
(a) requests for information or complaints about the Processing of Personal Information; (b) requests for access to or transfer of the Personal Information; or (c) requests for Personal Information to be deleted or corrected or its Processing to be restricted.
(a) with Customer's prior written consent; and (b) subject to any additional requirements of Customer (which may, for the avoidance of doubt, require SOVA to ensure such parties as are reasonably specified by Customer enter into the appropriate standard contractual clauses in the form approved by the European Commission or other applicable transfer mechanism).
SOVA shall also:
(a) provide Customer with the following information: (i) a description of the nature of the Breach, including the volume and type of Personal Information affected and the categories and approximate number of individuals concerned; (ii) the likely consequences of the Breach; (iii) a description of the measures taken or proposed to be taken to address the Breach including, where appropriate, measures to mitigate its possible adverse effects; and (iv) the identity and contact details of SOVA's data protection officer or other contact point where more information can be obtained; (b) perform an investigation to learn the cause of the Breach; (c) promptly take any proposed steps communicated in accordance with Clause C(3)(a)(iii) above and all further steps necessary to remedy the event and prevent the Breach's reoccurrence; and (d) cooperate with Customer in the preparation of any legally required notifications to affected individuals or regulatory authorities.
SOVA shall permit Customer or its designated representative (the "Auditor") to access any of SOVA's or its agents' or Sub-Processors' premises, personnel, and relevant records as may be reasonably required in order to:
(a) Customer shall use its reasonable endeavors to ensure that the conduct of each audit does not unreasonably disrupt SOVA or delay the provision of services by SOVA and that, where possible, individual audits are coordinated with each other to minimize any disruption. Subject to Customer's obligations of confidentiality, SOVA shall provide Customer or Auditor with all reasonable co-operation, access, and assistance in relation to each audit. Customer shall provide at least five (5) business days' notice of its intention to conduct an audit unless such audit is conducted in respect of a suspected fraud or data Breach, in which event no notice shall be required. The parties shall bear their own costs and expenses incurred in respect of compliance with their obligations under this Clause (D), unless the audit identifies a material default of SOVA in complying with its obligations under this Section, in which case SOVA shall reimburse Customer for all its reasonable costs incurred in the course of the audit. (b) If an audit identifies that SOVA is failing to comply with any of its obligations under this Section, without prejudice to the other rights and remedies of Customer, SOVA shall take the necessary steps to comply with its obligations at no additional cost to Customer within a time period agreed upon by the Parties, not to exceed thirty (30) days. (c) The Parties may agree in writing that a third-party report or certification (e.g., a SOC 2 Type II report, ISO 27001 certification, or equivalent) provided by SOVA will satisfy the above audit requirements.
SOVA represents and warrants that it shall comply with the terms of the foregoing Section.
Customer may collect personal information through the SOVA platform in connection with its operations. Personal information collected may include:
Customer determines what personal information is collected and how it is used. SOVA acts solely as a technology service provider and data processor. Customer is responsible for: (i) providing legally required notices to data subjects; (ii) obtaining any required consent from data subjects; and (iii) complying with all applicable privacy laws in each jurisdiction in which it operates.
The SOVA Offerings may include visitor management functionality allowing Customers to record visitor information when individuals enter Customer's or its End Client's facilities ("Customer Facilities"). Visitor data may include:
The platform may also include optional functionality enabling Customers to generate facial recognition templates ("Facial Maps") derived from visitor photographs. These templates may be used for purposes such as:
Customer acknowledges that biometric features are optional and disabled by default unless affirmatively enabled by Customer. The SOVA platform functions fully without these features. Customer alone determines whether biometric functionality is enabled and is solely responsible for:
(a) determining whether its use complies with applicable laws in its jurisdiction, including but not limited to the Illinois Biometric Information Privacy Act (BIPA), the Texas Capture or Use of Biometric Identifier Act, the Washington biometric privacy law, the California Consumer Privacy Act/CPRA, and any similar legislation;
(b) providing all required notices to individuals whose biometric data is collected;
(c) obtaining all required consents before enabling biometric functionality;
(d) establishing and publishing data retention schedules for biometric data as required by applicable law; and
(e) ensuring timely deletion of biometric data in accordance with applicable retention requirements.
SOVA shall provide Customer with the technical capability to delete Facial Maps and associated biometric data at any time through the SOVA platform. SOVA shall permanently delete biometric data upon Customer's instruction and shall confirm such deletion in writing upon request.
The SOVA Offerings may include artificial intelligence ("AI") features designed to assist operational workflows. These features may include:
AI features are optional enhancements and may be disabled by Customer at any time through the SOVA platform or by written request to SOVA. The SOVA platform functions fully without AI features. Customer determines whether such functionality is used.
AI-generated outputs are provided for informational and operational assistance only and must be reviewed by qualified human personnel before any operational, legal, evidentiary, or regulatory use. SOVA does not guarantee the accuracy, completeness, or reliability of AI-generated results. AI outputs do not constitute professional advice of any kind. Customer acknowledges that AI systems may produce inaccurate, incomplete, or misleading outputs and that Customer bears sole responsibility for any decisions made in reliance on AI-generated content.
SOVA shall implement the following safeguards with respect to AI Processing of Customer Data:
Customer acknowledges that biometric data collection and processing may be regulated by law in certain jurisdictions. Customer is solely responsible for compliance with all laws governing biometric identifiers, including but not limited to those identified in Section 9 above. Customer shall not enable or use biometric features of the SOVA Offerings in any jurisdiction where such use would violate applicable law without first ensuring full legal compliance, including obtaining all required notices, consents, and establishing required data retention and destruction schedules.
Customer agrees to defend, indemnify, and hold harmless SOVA, its officers, directors, employees, agents, and affiliates from and against any and all claims, demands, actions, liabilities, losses, damages, judgments, settlements, penalties, fines, costs, and expenses (including reasonable attorneys' fees) arising out of or relating to Customer's collection, use, storage, retention, disclosure, or destruction of biometric data through the SOVA Offerings, including but not limited to any claims arising under BIPA or any similar biometric privacy statute, except to the extent such claim arises from SOVA's breach of its obligations under this Agreement or SOVA's gross negligence or willful misconduct.
SOVA shall: (i) process biometric data solely as instructed by Customer and in accordance with this Agreement; (ii) store biometric data using encryption at rest and in transit; (iii) restrict access to biometric data to authorized personnel on a need-to-know basis; (iv) provide Customer with the technical means to delete biometric data; and (v) permanently delete biometric data upon termination of this Agreement, subject to Section 23 (Data Disposal), unless instructed otherwise by Customer.
Customer may use the SOVA platform to record package deliveries and shipments. Information recorded may include sender name, recipient name, carrier name, tracking number, and delivery timestamps. Such information is processed solely for package management operations and constitutes Customer Data subject to the protections of this Agreement.
Where Customer subscribes to the Lost and Found module (including optional shipping and payment integrations), the terms set forth in Exhibit G (Lost and Found SPD) apply. Exhibit G covers lost and found data, third-party payment and shipping integrations, and Customer responsibilities. Exhibit G applies only when Customer has subscribed to the Lost and Found module as set forth on the Order Form; customers who do not use that module are not bound by Exhibit G.
The platform may include functionality allowing Customers to document employee incidents or workplace accidents. Reports may include employee names, incident descriptions, witness statements, photographs, and related documentation. Customer is responsible for compliance with applicable employment, workplace safety, and privacy laws when using these features.
SOVA offers an optional infrastructure configuration designed to support HIPAA compliance requirements. Where requested by Customer:
(a) the Parties may execute a Business Associate Agreement ("BAA"); and
(b) Customer environments may be provisioned within a HIPAA-capable infrastructure environment.
Unless a BAA has been executed, the SOVA Offerings are not intended for storage or processing of Protected Health Information ("PHI") as defined under HIPAA. Customer shall not submit PHI to the SOVA Offerings unless a BAA is in effect.
Customer acknowledges that the SOVA Offerings are technology tools designed to assist Customer personnel with operational and security management functions. SOVA does not provide:
The SOVA Offerings cannot prevent crime, injury, theft, fire, flood, or other safety incidents. The SOVA Offerings are not a substitute for trained security personnel, emergency services, or other professional services.
Customer remains solely responsible for:
SOVA shall have no liability for any loss, injury, death, or property damage occurring at Customer Facilities or End Client sites, regardless of whether the SOVA Offerings were in use at the time, except to the extent directly caused by SOVA's breach of its obligations under this Agreement, gross negligence, or willful misconduct.
Customer acknowledges that certain functionality within the SOVA Offerings, including but not limited to facial recognition, visitor tracking, geolocation monitoring, and video or image capture, may be subject to surveillance, wiretapping, eavesdropping, or monitoring laws in applicable jurisdictions. Customer is solely responsible for:
(a) determining whether the use of any SOVA Offering functionality constitutes "surveillance" or "monitoring" under applicable law;
(b) complying with all applicable surveillance, monitoring, and recording consent laws, including two-party consent requirements where applicable;
(c) posting all required notices and signage at Customer Facilities;
(d) obtaining all required consents from individuals who may be subject to monitoring; and
(e) implementing appropriate access controls to restrict access to monitoring data to authorized personnel.
SOVA shall have no liability for Customer's failure to comply with applicable surveillance laws.
Customer acknowledges that data, reports, images, recordings, and other outputs generated through the SOVA Offerings (collectively, "Operational Records") are created through automated and semi-automated systems and may contain errors, omissions, or inaccuracies.
SOVA makes no representations or warranties regarding the suitability of Operational Records for use as evidence in any legal, regulatory, administrative, disciplinary, or insurance proceeding. Customer is solely responsible for:
(a) determining whether Operational Records meet the evidentiary standards and chain-of-custody requirements applicable in the relevant jurisdiction or proceeding;
(b) independently verifying the accuracy and completeness of any Operational Records before relying upon them; and
(c) maintaining its own records, documentation, and evidence preservation procedures.
SOVA shall have no liability arising from any Party's reliance on Operational Records in any proceeding.
SOVA acknowledges that all data, analytics, outputs, products, results, deliverables, materials, and the like generated through Customer's use of the SOVA Offerings (collectively the "Work Product"), and all Intellectual Property Rights in the Work Product, will be the sole property of Customer, subject to the paragraphs below.
SOVA owns all right, title, and interest to (including all Intellectual Property Rights in) the SOVA Offerings, including all software, source code, object code, algorithms, AI models, machine learning models, database schemas, data structures, user interface designs, system architecture, APIs, documentation templates, report formats, and any modifications or derivatives thereof, except (i) with respect to Work Product as set forth above and (ii) to the extent any such modification or derivative incorporates Customer Confidential Information ("SOVA IP").
Customer acknowledges and agrees that it acquires no Intellectual Property Rights whatsoever in or to the SOVA Offerings, the SOVA platform, or any component thereof by virtue of this Agreement, any Transaction Document, or Customer's use of the SOVA Offerings. Customer's rights are limited solely to the license granted in Section 2 and the data ownership rights set forth in Section 6 and Section 19(E). No implied licenses are granted under this Agreement.
"Intellectual Property Rights" means all worldwide copyrights, trademarks, service marks, trade secrets, inventions, patents, patent applications, moral rights, know-how, software, developments, designs, processes, formulas, contract rights, and other proprietary rights, whether or not patentable, and any and all applications for, and extensions, divisions, reissuances of, any of the foregoing.
Ownership of the Work Product will inure to the benefit of Customer from the date of creation or fixation in a tangible medium of expression, as applicable, and such Work Product will be immediately delivered to Customer upon Customer's request. Customer and SOVA agree that with the exception of SOVA IP, all copyrightable aspects of the Work Product will be considered a "work made for hire" within the meaning of the Copyright Act of 1976, as amended. With the exception of SOVA IP, if and to the extent that the Work Product, or any part thereof, is found as a matter of law not to be a "work made for hire" within the meaning of the Copyright Act of 1976, as amended, SOVA hereby expressly assigns, and agrees to assign, to Customer exclusively all right, title, and interest in and to the Work Product, and all copies thereof, and the Intellectual Property Rights in the Work Product, without further consideration, free from any claim, lien for balance due, or rights or retention thereto on the part of SOVA.
To the extent any SOVA IP is used or embodied in Work Product or otherwise delivered to Customer hereunder, SOVA shall not be deemed to have assigned its intellectual property rights in such SOVA IP to Customer, but SOVA hereby grants to Customer a non-exclusive, non-transferable, royalty-free license to use, copy, display, and transmit (including electronically and wirelessly) such SOVA IP solely to the extent necessary for Customer to receive the full benefit of its ownership of the Work Product during the term of this Agreement. This license shall automatically terminate upon expiration or termination of this Agreement for any reason. Upon termination of this license, Customer shall cease all use of SOVA IP and shall not retain, copy, or create derivative works from any SOVA IP.
Customer retains all right, title, and interest in and to Customer Data and any other Customer Confidential Information, and nothing herein shall be interpreted to constitute an assignment of any such Customer Confidential Information.
For the avoidance of doubt, any outputs generated by AI features of the SOVA Offerings using Customer Data as input shall be deemed Work Product owned by Customer. SOVA retains ownership of the underlying AI models, algorithms, and technologies used to generate such outputs. Customer acknowledges that similar or identical AI-generated outputs may be generated for other SOVA customers using different input data, and such outputs do not constitute Customer's Confidential Information.
Customer acknowledges that the SOVA Offerings embody valuable trade secrets and proprietary technology of SOVA, including but not limited to the platform's user interface designs, workflow logic, report templates, dashboard layouts, data visualization methods, database architecture, and system design (collectively, "SOVA Proprietary Elements"). Customer shall not, and shall not permit any third party to, directly or indirectly:
(i) copy, reproduce, or create derivative works based on any SOVA Proprietary Elements, including but not limited to the look and feel, screen layouts, navigation structure, report formats, or workflow designs of the SOVA Offerings;
(ii) use knowledge of SOVA Proprietary Elements gained through access to the SOVA Offerings to develop, create, or commission any software, application, or system that is competitive with, substitutes for, or is substantially similar to any SOVA Offering;
(iii) reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, proprietary database architecture, algorithms, or trade secrets of any SOVA Offering from exported data, API responses, system behavior, or any other source, except to the extent expressly permitted by applicable law that cannot be waived by contract; or
(iv) engage any third party to perform any of the activities described in clauses (i) through (iii) above.
For the avoidance of doubt, nothing in this Section restricts Customer's right to access, view, query, analyze, or use its own Customer Data — whether during the Subscription Term or following a data export under Section 26 — using Customer's own independently procured SQL-compatible database management systems, business intelligence tools, or other general-purpose software. Customer's ownership of Customer Data and right to use that data for its internal business purposes is not limited by this Section. This Section protects only SOVA's proprietary technology, trade secrets, and copyrighted works, and does not restrict Customer's lawful use of its own data.
Customer grants to SOVA for its use a worldwide, non-exclusive, royalty-free license to aggregate or compile data generated by the SOVA Offerings related to Customer's use of the SOVA Offerings with similar usage data of other SOVA customers, so long as such aggregation or compilation omits any data that would enable the identification of Customer, its clients, or any individual, company, or organization, and provided SOVA does not review the content when performing such aggregation and compilation ("Aggregated Data"). For clarity, Aggregated Data shall not include Customer's Confidential Information, including but not limited to Customer Data or biometric data.
SOVA shall have a worldwide, perpetual, royalty-free license to use, modify, distribute, and create derivative works based on such Aggregated Data. As between Customer and SOVA, SOVA shall own all compilations of the Aggregated Data, including all reports, statistics, or analyses created or derived therefrom. SOVA shall not attempt to re-identify any individual, Customer, or organization from Aggregated Data.
SOVA shall defend, indemnify, and hold harmless Customer and each of its affiliates, agents, subcontractors, members, officers, directors, employees, successors, and assigns (collectively, "Customer Indemnitees") from and against any claim, loss, cost, damage, liability, or expense (including reasonable attorneys' fees) (collectively, a "Claim") which any Customer Indemnitee directly or indirectly incurs, or which are threatened or asserted against any Customer Indemnitee, with respect to:
(i) personal injury or property damage suffered or caused by any act or failure to act of SOVA, its subcontractors, or any of their employees, personnel, or agents in connection with any SOVA Offering;
(ii) any breach of SOVA's representations or warranties hereunder;
(iii) violations of applicable laws and regulations regarding biometric data by SOVA or its Sub-Processors in contravention of SOVA's obligations under this Agreement;
(iv) any actual or alleged infringement or other violation of any third-party Intellectual Property Rights based upon the SOVA Offerings;
(v) any Breach of Personal Information caused by SOVA's failure to comply with its data security obligations under this Agreement; or
(vi) any violation of applicable Data Protection Laws by SOVA in its capacity as data processor.
SOVA's indemnification obligations with respect to Claims of personal injury or property damage shall not apply to Claims arising from: (i) failure in Customer's internal telephonic or data networks in delivering time-sensitive or otherwise urgent messages or alerts sent to or from a SOVA Appliance, if such failure is deemed to be a causal factor in the Claim; (ii) the modification of the SOVA Offerings by anyone other than SOVA or at SOVA's direction; or (iii) the use of the SOVA Offerings in a manner not permitted or reasonably contemplated by this Agreement or the applicable Documentation.
If any third party makes a Claim against Customer based on infringement of Intellectual Property Rights by a SOVA Offering, SOVA shall (without prejudice to any other rights and/or remedies Customer may have), at its option: (i) terminate the infringing part of the SOVA Offering and refund the applicable fees associated with the infringement; (ii) replace the infringing SOVA Offering(s), without additional charge, with functionally equivalent and non-infringing items; (iii) modify the SOVA Offering(s) to avoid the infringement; or (iv) obtain, at SOVA's expense, appropriate permission(s) for Customer to continue to use the SOVA Offering(s).
SOVA's indemnification obligations with respect to Claims of Intellectual Property Rights infringement shall not apply to Claims arising from: (i) the combination of SOVA Offerings with products or services not reasonably contemplated by this Agreement or the applicable Documentation; (ii) the modification of the SOVA Offerings by anyone other than SOVA or at SOVA's direction; or (iii) the use of the SOVA Offerings in a manner not permitted or reasonably contemplated by this Agreement or the applicable Documentation (if such use caused the applicable infringement).
Except to the extent prohibited by law, Customer shall indemnify, defend, and hold harmless SOVA, its officers, directors, employees, agents, and affiliates from and against any and all third-party claims, demands, actions, liabilities, losses, damages, judgments, settlements, penalties, fines, costs, and expenses (including reasonable attorneys' fees) arising from:
(i) Customer Content, including but not limited to claims that Customer Content is unlawful, infringes or violates any third party's intellectual property rights, privacy rights, or other rights, or violates any applicable law or regulation;
(ii) Customer's provision of Customer Data to SOVA for the purpose of SOVA providing the SOVA Offerings;
(iii) Customer's collection, use, storage, or processing of biometric data through the SOVA Offerings as set forth in Section 11;
(iv) Customer's failure to comply with applicable surveillance or monitoring laws as set forth in Section 17;
(v) Customer's violation of any applicable export control, sanctions, or trade compliance law or regulation in connection with Customer Content or Customer's use of the SOVA Offerings;
(vi) any government investigation, enforcement action, regulatory proceeding, or third-party claim arising from the nature, content, or legality of Customer Content; or
(vii) any claim that Customer Content uploaded to the SOVA Offerings caused harm, damage, or injury to any third party or to SOVA's systems, infrastructure, or reputation.
A party seeking indemnification hereunder shall: (i) promptly give the indemnifying Party written notice of the claim (although delay in providing such written notice shall not diminish the indemnifying Party's indemnification obligations except to the extent such delay materially prejudices the indemnifying Party); (ii) give the indemnifying Party sole control of the defense and settlement of the claim (provided that the indemnifying Party may not settle or resolve any claim unless such settlement or resolution unconditionally and without further obligation releases the indemnified party of all liability); and (iii) provide the indemnifying Party with all reasonable assistance, at the indemnifying Party's cost.
SOVA represents and warrants that SOVA's performance of its obligations under this Agreement, the SOVA Offerings, and Customer's use of the SOVA Offerings (provided Customer's use is in accordance with the terms hereof and consistent with the use(s) reasonably contemplated herein and/or in the Documentation) will at all times comply with all applicable laws.
SOVA represents and warrants that SOVA's technology shall not deliver any viruses, Trojan horses, trap doors, back doors, Easter eggs, worms, time bombs, cancelbots, ransomware, or other computer programming routines that are intended to damage, detrimentally interfere with, surreptitiously intercept, or expropriate the contents of any databases and/or the normal operation of any computer systems ("Virus"). To protect against the introduction of Viruses, SOVA shall follow commercially reasonably prudent procedures and use then-current commercially available Virus detection mechanisms to test that such software at the time of delivery is free (within the limitations of such commercially available virus detection mechanisms) of all Viruses. SOVA agrees that, in the event any such Virus is found to have been introduced by it due to its failure to comply with the Virus detection standards set forth in this Section, then SOVA shall make the necessary modifications to such infected software required to cure such Virus and to remedy any damage or other deleterious effects caused by such Virus.
SOVA represents and warrants that it shall at all times utilize reasonable and appropriate practices and technologies common and prevalent in SOVA's industry and the cloud computing industry (including, to the extent applicable, encryption, firewall protection, intrusion detection and prevention tools, and network management applications) to protect, safeguard, and secure Customer Data and Customer Confidential Information against unauthorized access, use, and disclosure.
SOVA represents, warrants, and covenants that it shall use industry-standard tools to actively monitor for any attempted unauthorized access to, or use or disclosure of, Customer Data and Customer Confidential Information and shall immediately take all necessary and appropriate actions in the event any such attempt is discovered, including, without limitation: (i) promptly notifying Customer of any material or significant breach of security with respect to any such materials (a "Security Breach"); (ii) performing an investigation to learn the cause of the Security Breach; (iii) taking appropriate measures to prevent such a Security Breach in the future; and (iv) resolving any such Security Breach and fully cooperating with Customer in complying with any notification requirements that may result from such Security Breach. SOVA also represents and warrants that it shall document and maintain adequate retention process and policies for all Security Breaches in accordance with all applicable legal and regulatory requirements.
SOVA represents and warrants that all Services provided under this Agreement shall be performed: (i) by persons with the proper skill, training, and background; (ii) consistent with generally accepted industry standards of the information technology industry; and (iii) in a professional, workmanlike, timely, and efficient manner.
SOVA represents and warrants that SOVA will at all times utilize reasonable and appropriate practices and technologies common and prevalent in SOVA's industry and the cloud computing industry to avoid causing damage to Customer's computer systems or other technology. SOVA agrees that, in the event SOVA causes damage to Customer's computer systems or other technology, it shall be financially responsible for all necessary repairs required to fully cure such damage and restore Customer's computer systems and other technology to their state of existence prior to such damage.
SOVA represents, warrants, and covenants that if, in connection with its performance under this Agreement, it shall receive, access, transmit, store, or process data relating to a payment card bearing the logo of a member of the Payment Card Industry ("PCI") Security Standards Council or to the person to whom such payment card is issued ("Cardholder Data"), SOVA shall be responsible for maintaining the confidentiality and security of such Cardholder Data. SOVA warrants, represents, and covenants that it will, at all times during the term hereof and thereafter, in accessing, transmitting, storing, or processing Cardholder Data, or providing technology that accesses, transmits, stores, or processes Cardholder Data, comply with (and ensure that all technology provided complies with) the standards and measures required under the then-current version of the PCI Data Security Standards ("PCI DSS"), including, without limitation, all associated audit and certification requirements, and with any other applicable requirements as may be promulgated from time to time by the PCI Security Standards Council, by any member thereof, or by any entity that functions as an acquirer with respect to a payment card bearing the logo of a PCI member.
In addition, if SOVA, in connection with its performance under this Agreement, uses or provides (i) any payment applications that store, process, or transmit Cardholder Data as part of authorization or settlement, or (ii) any personal identification number (PIN) entry terminals used for payment card transactions, SOVA represents and warrants that it will ensure that such payment applications or PIN entry terminals, as the case may be, comply with applicable PCI security standards and requirements, including but not limited to the PIN Entry Device Security Requirements and the Payment Application Data Security Standard.
Customer will be entitled to audit SOVA's compliance with the warranties and representations contained in this paragraph, and SOVA shall provide to Customer, upon request, an Attestation of Compliance certifying SOVA's compliance with the warranties and representations contained in this paragraph. Not in limitation of any other of its obligations hereunder, SOVA shall ensure that any software, hardware, or other materials used by SOVA, or provided or made available to Customer, in connection with SOVA's performance hereunder, shall comply, and shall not prevent Customer from complying, with all applicable PCI standards and requirements.
SOVA represents and warrants that: (i) all AI features are designed to operate as described in the Documentation and in Section 10 of this Agreement; (ii) biometric features operate only when affirmatively enabled by Customer; (iii) PII Scrubbing functions are maintained and updated by SOVA on a commercially reasonable basis; and (iv) SOVA will promptly notify Customer of any material changes to the AI processing workflows, third-party AI providers, or PII Scrubbing methodologies used in connection with the SOVA Offerings.
SOVA maintains industry-standard security safeguards designed to protect Customer Data and Personal Information, including:
SOVA shall maintain a written information security program and shall review and update such program at least annually. SOVA shall provide Customer with a summary of its security program and any material changes thereto upon reasonable request.
SOVA shall be responsible for providing reasonable security for its website users that is at least the industry standard. SOVA shall take reasonable security precautions to prevent unauthorized access to the information or communications of any user of the SOVA Offerings.
Given the nature of technology, SOVA does not represent that the SOVA Offerings will be error-free or that all errors will be corrected. EXCEPT AS SET FORTH IN THIS AGREEMENT, NO OTHER WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THIRD-PARTY WARRANTIES, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR SUITABILITY AND/OR THE WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE ARE MADE BY SOVA. SOVA MAKES NO WARRANTIES HEREUNDER WITH RESPECT TO ANY HARDWARE EQUIPMENT THAT SOVA MAY SUPPLY. SOVA WILL PASS THROUGH TO CUSTOMER ALL HARDWARE WARRANTIES FOR PRODUCTS PURCHASED UNDER AN APPLICABLE TRANSACTION DOCUMENT.
EXCEPT WITH RESPECT TO EITHER PARTY'S INDEMNIFICATION OBLIGATIONS HEREUNDER, EITHER PARTY'S CONFIDENTIALITY OBLIGATIONS HEREUNDER, EITHER PARTY'S DATA PRIVACY AND PROTECTION OBLIGATIONS HEREUNDER, CLAIMS ARISING FROM BIOMETRIC DATA PROCESSING, CLAIMS ARISING FROM A SECURITY BREACH, OR IN THE CASE OF EITHER PARTY'S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT (COLLECTIVELY, "EXCLUDED CLAIMS"), BOTH PARTIES AGREE THAT THE OTHER SHALL ONLY BE LIABLE FOR DIRECT DAMAGES, AND THAT CONSEQUENTIAL, SPECIAL, INDIRECT, INCIDENTAL, OR PUNITIVE DAMAGES SHALL NEVER APPLY.
The Parties agree that this is not intended to exclude or restrict liability of either Party where the law does not permit Customer or SOVA to do so. The Parties also agree that, except with respect to Excluded Claims, the direct damages cannot exceed: (i) two (2) times the fees paid and owed under the applicable Transaction Document for the Software, Hardware, Support, or Services that gave rise to the breach or incident; or (ii) if SaaS, then fees from the Transaction Document for the twelve (12) month period trailing the breach date (the "General Liability Cap").
Super Cap for Data and Security Claims. Notwithstanding anything to the contrary in this Agreement, in no event shall SOVA's total aggregate liability for any and all claims arising out of or relating to a breach of Section 5 (Confidentiality), Section 7 (Data Privacy and Protection), Section 11 (Biometric Data Responsibility), or any Security Breach exceed the lesser of: (a) three (3) times the total fees paid by Customer to SOVA in the twelve (12) months preceding the incident giving rise to the liability; or (b) one million dollars ($1,000,000).
This Master Agreement shall commence on the Effective Date and continue in effect until the date on which this Master Agreement is terminated (the "Agreement Term"). The term of any specific SOVA Offering shall be as set forth in the applicable Transaction Document (the "SOVA Offering Term" or "Subscription Term"). Termination of this Master Agreement will automatically terminate any Transaction Document entered into hereunder then in effect. Except as expressly set forth in the applicable termination notice, termination of any individual Transaction Document entered into hereunder or any individual SOVA Offering within a Transaction Document shall have no effect on the validity or effectiveness of this Master Agreement, any other Transaction Document, or any other SOVA Offering, which shall remain in effect until such time as they expire or are otherwise terminated pursuant to their terms.
If either Party materially breaches the Agreement, the affected Party will provide notice to the other Party promptly in writing. If the issue cannot be reasonably resolved within thirty (30) days of written notice, the non-breaching Party may terminate the Master Agreement, the applicable Transaction Document, or the applicable SOVA Offering within the Transaction Document (in the non-breaching Party's sole discretion) ("Termination for Cause"). Either Party may also terminate this Master Agreement, any Transaction Document, or any individual SOVA Offering upon ninety (90) days' written notice to the other Party ("Termination for Convenience").
Affiliation Change Termination. Where the Order Form identifies a Principal Entity or End Client, this Agreement shall automatically terminate with respect to the applicable site(s) or location(s) in the event that: (a) Customer is no longer operating under the brand, franchise, license, or management agreement of the identified Principal Entity or its affiliates; or (b) Customer's service contract with the identified End Client expires or is terminated, such that Customer no longer provides services at the applicable site(s). Customer shall promptly notify SOVA in writing upon any such change. Upon such automatic termination, the data export and disposal provisions of Sections 26 and 27 shall apply.
In the event of early termination by Customer, or any Termination for Convenience by SOVA, Customer will be entitled to a refund of any pre-paid unused fees. In the event of any termination, all rights granted under the Agreement will immediately terminate and each Party will return or destroy all Confidential Information of the other Party in its possession, subject to Sections 26 (Data Export) and 27 (Data Disposal).
Upon termination or expiration of this Agreement, and upon Customer's written request submitted within sixty (60) days of the effective date of termination, SOVA will provide Customer with a SQL extraction of Customer Data held on SOVA servers. Data exports:
Data exports are provided in the form of standard SQL database tables and raw data. Customer acknowledges and agrees that exported data consists of structured database records in standard SQL format and cannot be viewed, navigated, or used without a SQL-compatible database management system or equivalent tool independently procured and maintained by Customer at Customer's sole expense. SOVA has no obligation to provide any application, user interface, viewer, dashboard, reporting tool, data visualization software, or any other means of accessing, displaying, organizing, or interpreting exported data. SOVA has no obligation to provide technical support, data migration assistance, or consulting services in connection with Customer's use of exported data, except as may be separately agreed in a Transaction Document at SOVA's then-current professional services rates.
Customer may view and use its exported Customer Data for its internal business purposes using Customer's own independently procured tools. Customer's use of exported data remains subject to the protections of SOVA's proprietary technology set forth in Section 19(G) (Protection of SOVA Proprietary Technology; Restrictions on Derivative Works).
During the Subscription Term, Customer may request partial or full production environment data extracts up to a maximum of two (2) times per calendar year, as further described in the SaaS SPD. Customer may request additional data extracts during the Subscription Term and shall reimburse SOVA for the reasonable cost of performing such additional extracts.
SOVA reserves the right to permanently delete Customer Data ninety (90) days after the effective date of termination of the Agreement, provided that SOVA has: (a) given Customer written notice of its intent to delete at least thirty (30) days prior to deletion; and (b) afforded Customer the opportunity to request a data export pursuant to Section 26.
Upon deletion, SOVA shall use cryptographically secure deletion methods and shall certify in writing to Customer that all Customer Data, including backups and archived copies, has been permanently destroyed. SOVA may retain Customer Data beyond the ninety (90) day period only to the extent required by applicable law or regulation, in which case SOVA shall notify Customer of the legal basis for such retention and shall delete the data promptly upon expiration of the applicable retention requirement.
Biometric data, including Facial Maps and facial recognition templates, shall be permanently deleted upon termination of the Agreement unless Customer instructs SOVA to delete such data at an earlier date.
SOVA agrees not to use the name(s), logo(s), trademark(s), service mark(s), or other identification of Customer or any of Customer's affiliates without the prior written consent of Customer. SOVA shall also not disclose to third parties in any manner the existence or the contents of this Agreement without Customer's prior written consent. These prohibitions shall apply to, but not be limited to, SOVA's press releases, advertisements, marketing materials, website content, case studies, or literature regarding its services and clients.
SOVA shall carry and maintain during the term of this Agreement:
(i) Commercial General Liability insurance endorsed to include products and completed operations, all forms of intellectual property infringement, and contractual liability, in a minimum amount of one million dollars ($1,000,000) per occurrence and two million dollars ($2,000,000) in the aggregate;
(ii) Automobile Liability insurance with combined single limit of not less than one million dollars ($1,000,000) per occurrence for injuries, including accidental death and property damage;
(iii) Technology Errors and Omissions and Cyber Liability insurance (including coverage for data breaches, network security liability, privacy liability, and regulatory proceedings) with a minimum limit of two million dollars ($2,000,000) per occurrence and in the aggregate;
(iv) Workers' Compensation insurance in statutory amounts if using SOVA employees on-site; and
(v) Umbrella/Excess Liability insurance with a minimum limit of two million dollars ($2,000,000) per occurrence and in the aggregate, providing coverage excess of the policies described above.
All insurance policies shall be placed with carriers rated A-VII or better by A.M. Best. Upon request, SOVA shall provide Customer with certificates of insurance which shall specifically identify Customer as an additional insured (except for Workers' Compensation). SOVA shall provide Customer with at least thirty (30) days' prior written notice of any cancellation or material modification of any required insurance coverage.
Assignment. Neither Party may assign or subcontract this Agreement, in whole or in part, without the prior written approval of the other Party. Customer may, however, assign this Agreement upon written notice in the event of a corporate reorganization, merger, acquisition, change in ownership or control, or change in the entity operating the applicable site(s) identified on the Order Form.
Waiver. Any failure or delay by either Party to exercise or partially exercise any right, power, or privilege hereunder shall not be deemed a waiver of any other rights, powers, or privileges under this Agreement.
Amendments; Updates to Operational Policies.
(a) Material Terms. No modifications or amendments to the material terms of this Agreement — including but not limited to pricing, fees, payment terms, service level commitments, liability limitations, indemnification obligations, intellectual property rights, data ownership, or termination rights — shall be valid unless in writing signed by duly authorized representatives of both Parties.
(b) Operational Policies. SOVA may from time to time update the following operational components of the Agreement to reflect changes in law, industry standards, security requirements, or SOVA's service delivery practices: (i) the Customer Content Responsibility and Acceptable Use provisions of Section 6; (ii) the Documentation; (iii) the data security safeguards described in Section 23, provided that any update maintains security standards no less protective than those in effect at the time of execution; (iv) the AI & Biometric Governance Policy (Exhibit F); and (v) the Support SPD (Exhibit D), provided that updates do not result in a material reduction in the level of support for which applicable fees have been paid (collectively, "Operational Policies").
SOVA shall provide Customer with at least thirty (30) days' prior written notice of any update to Operational Policies, including a summary of the changes and the effective date. Notice shall be provided by email to the contact identified on the Order Form and, where applicable, by posting the updated policy on the SOVA support website. If Customer objects to a proposed update, Customer shall notify SOVA in writing within the thirty (30) day notice period, and the Parties shall negotiate in good faith to resolve the objection. If the Parties cannot reach agreement within thirty (30) days following Customer's objection, Customer may terminate the affected SOVA Offering without penalty upon written notice.
Customer's continued use of the SOVA Offerings after the effective date of an Operational Policy update shall constitute acceptance of the updated terms. Customer acknowledges that certain updates to Operational Policies may be required by changes in applicable law or regulation, and that such legally required updates shall take effect on the date required by law regardless of the notice period described above.
Independent Contractor. Nothing in this Agreement shall be construed as creating an employer-employee or agency relationship, a partnership, or a joint venture between the Parties.
Notices. Any notice hereunder shall be given in writing, and delivered by hand, commercial courier, or U.S. Mail (or equivalent postal service), to the address for the applicable Party first set forth in the applicable Transaction Document. Notices may also be delivered by electronic mail to the address specified in the applicable Transaction Document, provided that the sending Party receives confirmation of receipt.
Force Majeure. Neither Party shall be liable for any delay or failure to perform its obligations under this Agreement (other than payment obligations) where such delay or failure results from an event beyond the affected Party's reasonable control, including but not limited to war, terrorism, civil unrest, acts of God, epidemics, pandemics, government orders, fire, flood, earthquake, labor disputes, failure of third-party telecommunications or power supply, or cyberattacks not caused by the affected Party's negligence ("Force Majeure Event"). The affected Party shall promptly notify the other Party and use reasonable efforts to mitigate the impact. If a Force Majeure Event continues for more than sixty (60) days, either Party may terminate the affected SOVA Offering upon written notice.
Anti-Corruption. Each Party represents and warrants that it has not and will not, in connection with this Agreement, make, offer, authorize, or promise any payment, gift, or anything of value to any government official, political party, or public international organization in violation of the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act 2010, or any other applicable anti-corruption law.
Counterparts. This Agreement may be executed in counterparts, each of which shall be deemed an original and all of which together shall constitute one and the same instrument. Electronic signatures shall be deemed valid and binding.
Severability. If any provision of this Agreement is held to be invalid, illegal, or unenforceable, the remaining provisions shall remain in full force and effect, and the invalid provision shall be modified to the minimum extent necessary to make it valid and enforceable while preserving the Parties' original intent.
Entire Agreement. This Agreement, including all Exhibits and Transaction Documents, constitutes the entire agreement between the Parties with respect to the subject matter hereof and supersedes all prior or contemporaneous agreements, understandings, negotiations, and discussions, whether oral or written.
This Agreement shall be governed by and construed in accordance with the laws of the State of California, without regard to its conflict of law provisions. In the event of any dispute, claim, or controversy arising out of or relating to this Agreement, the Parties agree to first attempt resolution through good-faith negotiation for a period of thirty (30) days following written notice of the dispute. If the dispute cannot be resolved through negotiation, any disputes shall be subject to the exclusive jurisdiction of the state and federal courts located in San Diego County, California. Each Party irrevocably consents to the personal jurisdiction of such courts and waives any objection based on forum non conveniens.
The following Sections shall survive any termination or expiration of this Agreement: Section 5 (Confidentiality), Section 6 (Customer Data — including Customer Content Responsibility and Acceptable Use), Section 7 (Data Privacy and Protection), Section 10(C) (AI Output Disclaimer), Section 11 (Biometric Data Responsibility and Indemnification), Section 16 (Security Technology Disclaimer), Section 17 (Surveillance Law Compliance), Section 18 (Operational Evidence Disclaimer), Section 19 (Intellectual Property) — including without limitation Section 19(B) (SOVA IP) and Section 19(G) (Protection of SOVA Proprietary Technology; Restrictions on Derivative Works), Section 20 (Anonymized and Aggregated Data), Section 21 (Indemnification), Section 24 (Limitations of Liability and Dispute Resolution), Section 26 (Data Export — solely with respect to the restrictions on use of exported data), Section 27 (Data Disposal), Section 28 (Trademarks and Publicity), Section 29 (Insurance — for the duration of any applicable statute of limitations), Section 30 (Miscellaneous), Section 31 (Governing Law and Jurisdiction), and this Section 32.
SOVA SYSTEMS, INC.
By: ___________________________
Name: _________________________
Title: __________________________
Date: __________________________
CUSTOMER:
Entity Name: ___________________
By: ___________________________
Name: _________________________
Title: __________________________
Date: __________________________
This SaaS Specific Program Documentation ("SaaS SPD") supplements the Master Agreement by providing additional standards and features that apply to the SOVA Web SaaS offering provided to Customer (the "SOVA SaaS Offering") and defining parameters for billing, data location, security, service levels, backup, and data extracts. Capitalized terms not defined herein have the meanings given in the Master Agreement.
This SaaS SPD defines additional parameters for the SOVA SaaS Offering pertaining to:
The SOVA SaaS Offering may include the following, as set forth on the Order Form:
SOVA Core Web App
Add-On Components (as applicable), including but not limited to:
Details regarding each applicable Add-On Component are set forth in the Documentation.
Licensing metrics. The SOVA SaaS Offering and related mobile access are licensed based on (a) the number of Authorized Users and (b) the number of Devices (mobile devices that access or authenticate to the SOVA Offerings), each as set forth on the Order Form. A license to SOVA Core Web for a specified number of Authorized Users includes licenses to each of the Add-On Components for the same specified number of Authorized Users, unless otherwise stated on the Order Form. The applicable billing structure (Authorized Users, Devices, or both) and the pricing model are specified on the Order Form.
Billing structures. SOVA offers different billing structures depending on Customer size, use case, and the options selected on the Order Form. The structure that applies to Customer is identified on the Order Form.
Fees, payment terms, and any device caps or inclusions are as specified on the Order Form. SOVA may invoice Customer for use in excess of the licensed Authorized Users or Devices at SOVA's then-current rates or as set forth on the Order Form.
Invoicing and payment timing. SOVA sends invoices in advance of the due date, depending on whether payment terms are net 30, net 60, or as otherwise set forth on the Order Form. For annual subscription clients, payment is due on January 1 for the applicable service year; for monthly clients, payment is due on the first day of each month for that month. Payment grants Customer use of the platform for the subsequent term (the month or year, as applicable). Invoices are generally sent thirty (30) to sixty (60) days before the due date to allow Customer time to process payment by the due date.
All Locations: Customer data on deployed systems and in backups resides within the United States. SOVA reserves the right to change the location of data within the United States or to add or use data center regions as needed for service delivery; any such change that would result in data being stored outside the United States will be communicated to Customer in accordance with the Master Agreement Section 7 (Data Privacy and Protection).
Versions. SOVA will deploy Customer on the latest generally available version of the service.
Environments. SOVA will provision Customer with one production environment and one non-production (staging/alpha) environment. Production is used for real-time daily operations; non-production is for development and testing only. Customer may switch between environments via a toggle in the web UI, and the UI displays clear indicators showing which environment the user is currently in. The non-production (alpha) environment is an active testing environment. SOVA makes no warranty that the alpha site will be free from bugs, that it will not result in data loss, or that it will be available at any time; it may be taken down or modified without notice. SOVA is not responsible for any incorrect, incomplete, or missing data that Customer or its Authorized Users may add, modify, or rely upon in the alpha environment.
Beta Features. SOVA may make new features available ("Beta Features") in the production environment. Customer understands that Beta Features may not work as expected and are provided for feedback only. Beta Features should not be relied upon for regular use and may be discontinued at any time without notice. SOVA agrees that inclusion of Beta Features will not have a detrimental effect on the SOVA SaaS Offering. Notice of Beta Features and deployment dates will be maintained on the support website.
SLA Scope. The SLA section below applies only to the production environment and excludes Beta Features unless subsequently incorporated into a generally available release.
An annual best-practices audit and penetration test is performed by a qualified third party. At no point does this expose Customer data to that third party; the tests are performed on an isolated, equivalent platform that does not have access to Customer data. This section is without prejudice to SOVA's security and data protection obligations set forth in the Master Agreement (including Sections 7, 22, and 23).
The SOVA SaaS Offering is an actively developed platform. From time to time, limited or partial issues may occur (for example, a specific report or feature failing to load) while the site as a whole remains operational. Such limited, partial outages do not constitute "unavailability" for purposes of the SLA; the SLA measures material unavailability of the platform as a whole, as further defined in Section 7.
SOVA commits to the Service Level Availability set forth in the table below for the SOVA SaaS Offering during the Subscription Term. If availability in any calendar quarter falls below the "Service Availability Default" threshold, Customer may be entitled to the remedies outlined in this SaaS SPD.
| Components / Capabilities | Target SLA (calendar quarter) | Service Availability Default (calendar quarter) |
|---|---|---|
| SOVA Core Web | 99.5% | 99.0% |
| Add-On Components | 99.5% | 99.0% |
SOVA measures SLA as follows:
Excluded from SLA calculation: (i) Force Majeure Events; (ii) Scheduled Downtime (as defined in Section 13.1 below); (iii) outages caused by Customer networks, domain name server issues, or Customer's use of the SOVA SaaS Offering not in accordance with the Documentation; (iv) outages caused by third-party services (e.g., Payment Processor, Shipping Provider) where the SOVA platform integration is functioning as designed; (v) partial or limited outages where the platform as a whole remains accessible (e.g., a specific report, feature, or module fails to load or respond while the remainder of the SOVA SaaS Offering is operational).
If a Service Availability Default occurs in a calendar quarter, as evidenced by SOVA's records, Customer is entitled to a service credit as set forth below. Credits will be applied to the next billing period or as otherwise agreed.
| Type of Service | Definition | Credit |
|---|---|---|
| SOVA Core Web | Quarterly availability below 99.0% | One (1) month of fees for the affected component |
Cap. Customer may receive no more than two (2) months of service credits in any calendar year for SLA defaults.
If Customer and SOVA confirm that the service has been unavailable below the default threshold (99.0% quarterly) during two (2) consecutive calendar quarters, Customer may terminate its subscription to the SOVA SaaS Offering without additional charges or termination fees. In that event, Customer is entitled to a refund of fees not yet applied as of the effective date of termination, and SOVA shall relieve Customer of its obligation to pay fees for the remainder of the Subscription Term. The remedies in this Section and Section 8 are Customer's sole and exclusive remedies under this SaaS SPD for failure to meet Service Level Availability; SOVA has no further liability for such failure.
SOVA commits to the following during the Subscription Term:
The SOVA SaaS Offering is supported by a disaster recovery plan. Key measures:
| What is Covered | Recovery Time Objective (RTO) | Recovery Point Objective (RPO) |
|---|---|---|
| SOVA Core Web and Add-On Components | 24 hours | 24 hours |
RTO = duration within which the service must be restored after a major interruption. RPO = maximum period of data loss from the service due to a major interruption.
During the Subscription Term, Customer may request partial or full production environment data extracts up to a maximum of two (2) times per calendar year, as set forth in the Master Agreement Section 26. Additional extracts may be requested at SOVA's then-current professional services rates. Data extracts are provided in SQL format and are placed in a secure location; Customer is furnished access to download. Data extracts consist of database tables and raw data and require a SQL-compatible system or equivalent to view and use; see Master Agreement Section 26 and Section 19(G).
Authorized Use Limitation means the usage limitation measured by the billing metric (e.g., number of Authorized Users) specified in the Order Form. No Authorized Use Limitation applies unless expressly stated on the Order Form.
Device means a mobile device that accesses or authenticates to the SOVA SaaS Offering (e.g., for use with the SOVA Mobile Application). The number of licensed Devices is set forth on the Order Form and may be a billing metric under the applicable billing structure (Section 2 above).
SaaS Listing means the operating parameters and availability standards for the SOVA SaaS Offering set forth in Sections 1–12 of this Exhibit A.
Scheduled Downtime means planned maintenance requiring service interruption. SOVA will provide at least seventy-two (72) hours' advance notice of Scheduled Downtime. Scheduled Downtime will not exceed two (2) hours per month, unless otherwise agreed.
SOVA grants Customer a non-exclusive, non-transferable right for Customer and its Authorized Users to access and use the SOVA SaaS Offering in accordance with the Master Agreement and the Documentation. Upon subscription start, SOVA will send access and connection information to Customer's technical contact identified on the Order Form.
Targeted availability levels and remedies are as stated in this SaaS SPD. Exclusions from SLA calculation are set forth in Section 7 above.
Fees are stated on the Order Form and depend on the applicable billing structure (Annual Subscription Model or Per-Device Monthly Model) as set forth in Section 2. SOVA may invoice Customer at Order Form rates for use in excess of the Authorized Use Limitation or the licensed number of Devices. Customer's purchase is not contingent on SOVA providing any future features or functionality, except that SOVA will provide during the Subscription Term the version and functionality of the SOVA SaaS Offering then generally available.
Payment is due within thirty (30) days of receipt of invoice. Late payments accrue interest at 1% per month or the maximum rate permitted by law, whichever is lower. Fees are exclusive of taxes; Customer pays applicable VAT, GST, sales tax, and similar taxes, excluding taxes on SOVA's net income. SOVA will include applicable taxes on invoices.
If Customer orders through an authorized SOVA partner or reseller, the Master Agreement applies to Customer's use of the SOVA Offering.
SOVA may make changes or updates to the SOVA SaaS Offering or infrastructure (e.g., storage, security, hosting within the data region). Such changes may require Scheduled Downtime as defined in Section 13.1. Support is provided in accordance with Exhibit D (Support SPD).
Customer exclusively owns all rights, title, and interest in Customer Data. Customer Data is stored and processed in the data region specified in Section 3. SOVA's access to Customer Data and security obligations are as set forth in the Master Agreement Sections 6, 7, and 23. SOVA is not responsible for unauthorized access, alteration, theft, or destruction of Customer Data arising from Customer's or its Authorized Users' actions or omissions in breach of the Agreement or Documentation. Customer's ability to recover lost data due to Customer misconduct is limited to restoration from the most recent backup.
Customer shall comply with the restrictions and obligations set forth in the Master Agreement Section 2 (including the prohibitions on benchmarking, unauthorized disclosure to competitors, and security testing). A breach of those obligations is a material breach of the Agreement. Customer shall not: (i) make the SOVA SaaS Offering available to unauthorized third parties; (ii) send or store malicious code or malware; (iii) interfere with or disrupt the SOVA SaaS Offering; (iv) attempt unauthorized access to SOVA systems; (v) use the SOVA SaaS Offering to provide services to third parties except as permitted by the Agreement; (vi) remove or modify SOVA or licensor proprietary notices; or (vii) perform penetration testing, vulnerability scanning, or other security testing not authorized in the Documentation.
The Master Agreement Section 20 (Anonymized and Aggregated Data) applies to the SOVA SaaS Offering and is incorporated by reference.
SOVA warrants that the SOVA SaaS Offering will materially conform to the Documentation during the Subscription Term. If SOVA breaches this warranty, SOVA will, at its option, use reasonable efforts to cure the defect, replace with conforming functionality, or, if neither is practicable, permit Customer to terminate the subscription and receive a refund of pre-paid unused fees for the remainder of the term. Customer must report any breach with reasonable specificity in writing within thirty (30) days of occurrence or discovery to obtain these remedies.
EXCEPT AS SET FORTH ABOVE, SOVA MAKES NO OTHER WARRANTIES. TO THE EXTENT PERMITTED BY LAW, ALL IMPLIED WARRANTIES (INCLUDING MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE) ARE DISCLAIMED. SOVA DOES NOT WARRANT THAT THE SOVA SAAS OFFERING WILL MEET CUSTOMER'S REQUIREMENTS OR THAT USE WILL BE UNINTERRUPTED OR ERROR-FREE.
Customer acknowledges that the SOVA SaaS Offering may be subject to U.S. export control laws. Customer agrees to comply with all applicable import and export laws and will not export, re-export, or transfer the SOVA SaaS Offering in violation of U.S. or other applicable law, or for any purpose connected with weapons of mass destruction or missile applications.
*End of Exhibit A*
This Software SPD supplements the Master Agreement by providing additional standards and features that apply to the SOVA Software offering provided to Customer (the "SOVA Software Offering"), including mobile applications and related software. Capitalized terms not defined herein have the meanings given in the Master Agreement.
Program Name: SOVA Mobile Application (and related SOVA software components as identified on the Order Form).
The SOVA Software's specifications and operating environment are set forth in the Documentation applicable to the SOVA Software Offering.
The SOVA Mobile Application is licensed by the number of Devices.
"Device" means a single device provided by SOVA pursuant to an Order Form or otherwise listed in Customer's SaaS directory where access to the SOVA SaaS Offering can be authenticated, authorized, or administered by the SOVA Mobile Application.
The SOVA Software Offering may include functionality to aid in the geographic location and characterization of IP addresses (e.g., latitude, longitude, city, state, country) and characteristics of the IP connection (e.g., connection type, line speed, routing type, anonymizer status). Any data or reports generated through this functionality constitute Customer Data. SOVA may use such functionality and any resulting reports solely for the purpose of detecting and preventing fraudulent activity.
The SOVA Software Offering may include technology that (1) aids in the detection of falls and (2) determines if a device is motionless. When a trigger event or "Response Condition" exists, as determined by the SOVA software, emails, text messages, and phone calls may be sent from the device to a list of pre-determined recipients. Use of these optional features (collectively, "Motion Services") constitutes acceptance of these terms.
Limitation of Motion Services. Fall detection technology may detect up to approximately 90% of falls when properly configured and maintained. Customer's Devices should be tested regularly to ensure sensors are capable of detecting falls. Device damage or age can reduce sensitivity. No fall detection technology is 100% accurate. SOVA is not responsible for the promptness, sufficiency, or adequacy of any responder's action. Customer is responsible for ensuring that communication preferences for notifying responders are kept current in the mobile application and in the web SaaS portal. SOVA does not dispatch responders to Customer's location in response to a distress signal from a mobile device.
The Fall Detection System cannot prevent death or personal injury. It relies on the availability of Customer's wireless network and GPS data. SOVA makes no warranty regarding the adequacy, design, or proper functioning of those systems. Failure of one or both can render the Fall Detection System non-functional. SOVA accepts no responsibility for equipment misuse, weather, wireless network failures or coverage, or other events beyond SOVA's control. Motion Services may fail to operate properly. These limitations are in addition to the Security Technology Disclaimer set forth in the Master Agreement Section 16.
Where the SOVA Software Offering includes optional biometric facial recognition functionality, all terms governing biometric data — including compliance with laws, Customer responsibilities (enabling/disabling, consent, retention, deletion, lawful use), privacy, security, and SOVA's obligations — are set forth in the Master Agreement Sections 9 and 11 and Exhibit F (SOVA AI & Biometric Governance Policy). Those sections and Exhibit F apply in full to biometric features in the Software; this SPD does not duplicate them. In the event of conflict, the Master Agreement and Exhibit F control.
SOVA acknowledges that third-party software components are used in the SOVA Software Offerings. SOVA represents that all such third-party software is used in accordance with the licensors' terms and that Customer's use of the SOVA Software Offerings in accordance with this Agreement will not misappropriate or violate any third-party Intellectual Property Rights.
Where Customer procures Hardware or Appliances (devices that bundle or run the SOVA Software Offering), the terms of Exhibit C (Hardware SPD) apply.
*End of Exhibit B*
This Hardware SPD supplements the Master Agreement by providing additional standards and features that apply to the SOVA Hardware offering provided to Customer (the "SOVA Hardware Offering"). Capitalized terms not defined herein have the meanings given in the Master Agreement.
"Hardware" means a single SOVA-supplied device.
"Appliance" means Hardware that is bundled with and operates the SOVA Software Offering licensed by SOVA to Customer, and either pre-installed on the Hardware or downloaded by Customer onto the Hardware in accordance with this Agreement and the applicable Documentation.
Customer will own the Hardware upon SOVA's receipt of the applicable fees, free of any liens or encumbrances, subject to the terms and conditions of the Agreement.
The SOVA platform is designed to run on most Android devices equipped with an NFC reader, including many modern smartphones. Customer may use compatible devices obtained from SOVA or from third-party retailers or other sources, subject to the licensing and use terms of this Agreement and the applicable SPDs.
SOVA offers Hardware and Appliances to Customer as a convenience. Devices meeting the platform's technical requirements (as set forth in the Documentation) may often be purchased from retailers or other channels at a lower price than SOVA's offered price. SOVA's pricing for Hardware and Appliances reflects the cost of ordering, receiving, inventory management, and accounting for devices supplied through SOVA; Customer may choose to procure compatible devices elsewhere if it prefers to avoid such overhead.
No obligation to replace. SOVA is not responsible for replacing lost, stolen, damaged, or defective Hardware or Appliances. Replacement of devices—whether due to damage, loss, theft, defect, or any other cause—is Customer's responsibility. Any request by Customer for SOVA to replace a device is at SOVA's sole discretion and, if agreed, may be subject to additional fees and SOVA's then-current replacement terms.
Manufacturer's warranty prevails. Except as expressly set forth in Section 6 below with respect to Appliances and forward compatibility, all warranties and remedies for Hardware and Appliances are those provided by the manufacturer. SOVA does not extend or guarantee any manufacturer warranty. Customer's sole warranty recourse for defective or non-conforming Hardware (other than the limited Appliance warranty in Section 6) is against the manufacturer in accordance with the manufacturer's warranty terms.
Optional device insurance. When Customer purchases Hardware or Appliances through SOVA, Customer may have the option to procure device insurance or extended protection covering loss, theft, or damage. Such insurance is optional, is not included in the base purchase price unless expressly stated on the Order Form, and is subject to the applicable insurer's terms. SOVA does not underwrite or administer device insurance; any claims are between Customer and the insurer.
So long as Customer remains active on SOVA Support offerings applicable to the Appliance's SOVA Software Offering component, SOVA will take Customer's initial request for assistance and provide limited support assistance by telephone for the Hardware. Third-party warranty coverage for Hardware beyond that offered by the manufacturer, if desired, is Customer's responsibility to procure and maintain at Customer's expense. Such optional coverage may supplement the manufacturer's warranty. A copy of any third-party support or warranty coverage may be provided to Customer following execution of an Order Form.
Except as otherwise set forth in this Agreement, Hardware is provided on an "AS IS" basis and SOVA makes no warranties, including but not limited to warranties of merchantability, satisfactory quality, or fitness for a particular purpose. SOVA has no obligation to support any modifications to the Hardware not performed by SOVA or SOVA's agents, or if the Hardware or Appliance is not used in accordance with this Agreement or the Documentation.
SOVA warrants that an Appliance purchased via an Order Form will function according to the applicable Documentation with the then-current version of the mobile SOVA Software Offering and will continue to be forward compatible with updates to the SOVA Software Offerings for a minimum of twenty-four (24) months beyond the Effective Date of the Order Form. After that period, SOVA has no obligation to replace Appliances or provide additional Appliances if future SOVA Software Offering versions or releases require different Appliances in order to function according to the Documentation. Appliances may be adequate to operate the SOVA Software Offerings beyond the term of any third-party warranty purchased by Customer; SOVA recommends that Customer upgrade Hardware every three (3) years to help maintain suitable processor performance. Hardware upgrades may be purchased from local retailers or from SOVA directly.
*End of Exhibit C*
This Support SPD supplements the Master Agreement by providing additional standards and features that apply to the SOVA Support offering provided to Customer (the "SOVA Support Offering"). Capitalized terms not defined herein have the meanings given in the Master Agreement. Updates to this Support SPD may be made by SOVA in accordance with the Master Agreement Section 30 (Amendments and Operational Policies); such updates will not result in a material reduction in the level of support for which applicable fees have been paid.
"Available Functionality" means the functionality that is generally available and provided by SOVA as part of the SOVA Offering as described in the applicable Documentation.
"Client Technologies" means any software (i) not provided by SOVA under this Agreement and (ii) installed in Customer workstations or other Customer environments, such as drivers and software for printers, webcams, barcode scanners, and similar devices.
"Incident" means a reproducible error or problem with the SOVA Offering that prevents the Available Functionality from operating in accordance with the Documentation.
"Non-Production" means a test, sandbox, staging, or development environment for a SOVA Offering where untested changes are performed outside of a Production environment.
"Production" means the live SOVA Offering environment where the Available Functionality processes data on a real-time basis.
"SaaS Maintenance" means the maintenance of the SOVA SaaS Offering provided under the Agreement and in accordance with this Support SPD.
"Support Contacts" means the named individuals designated by Customer to serve as liaisons with SOVA Support for each active SOVA Offering, as set forth in Section 4(c) below.
Customer is eligible to receive Support as defined in this SPD only if Customer has an active Agreement and remains current on all applicable SOVA SaaS Offering and maintenance fees due and payable to SOVA. At SOVA's sole discretion, SOVA may make other fee-based tiers of maintenance available that provide customized or more comprehensive enhanced maintenance; fees for such additional services may be collected only following a properly executed Change Order or Order Form signed by both Parties.
Maintenance for SOVA SaaS Offerings consists of infrastructure and application support, provided by SOVA in its reasonable judgment, so that (i) the applicable SOVA Offering provided under the Agreement may operate satisfactorily, and (ii) where applicable, any Customer-installed SOVA Software Offerings necessary for the delivery of such SOVA SaaS Offering operate satisfactorily and according to the Documentation. Support will be provided in a timely and professional manner by qualified support engineers in accordance with this Support SPD.
The applicable Transaction Document identifies the type of SaaS Maintenance purchased for each SOVA SaaS Offering, the duration of such maintenance (the "Maintenance Term"), and the applicable fees. Support includes:
SOVA will use reasonable efforts to meet the Service Level Objectives stated in the table below and will provide continuous efforts to resolve Severity 1 Incidents. For Severity 1 Incidents, SOVA will work 24x7x365 until the Incident can be downgraded to a lower severity. For Severity 1 Incidents, Customer's Support Contact(s) must be available via telephone and online to provide SOVA with relevant information, data gathering, and testing necessary to resolve the Incident. Severity 2–4 Incidents may be logged 24x7x365 by telephone or via the online support channel and will be responded to during published business hours per the table below.
| Incident Severity | Initial Response Time |
|---|---|
| 1 | 1 hour* |
| 2 | 2 business hours** |
| 3 | 4 business hours** |
| 4 | 8 business hours** |
*Applies to issues submitted by telephone. **During normal business hours (8:00 a.m. – 6:00 p.m. PST).
Severity definitions:
| Severity | Business Impact | Description |
|---|---|---|
| 1 | Critical | System down or SOVA Offering unavailable; severe impact on Production; service outage or widespread unavailability of business-critical features; serious performance degradation affecting a large group of end users; no workaround available. |
| 2 | High | Service available but functionality significantly restricted; Available Functionality not working; no workaround available. |
| 3 | Low/Minor | Service available and generally usable; minor operational issue; may be isolated to specific end users. |
| 4 | Minimum | Minor defect with no impact on service, or general enquiry (how-to, informational). |
(a) Support requests must contain all pertinent information, in English, including but not limited to: Customer or site identification, Incident severity, SOVA Offering name, area (Production or Non-Production, identified by URL), Incident description, and a technical contact familiar with Customer's environment. Customer must make reasonable efforts to communicate with SOVA to verify the existence of the problem and provide information about the conditions under which the problem can be reproduced.
(b) For Severity 1 Incidents, Customer's Support Contact(s) must be available via telephone and online to provide SOVA with relevant information, data gathering, and testing necessary to resolve the Incident.
(c) Customer shall designate one (1) primary and up to four (4) backup named individuals as Support Contacts for each active SOVA Offering. Support Contacts should be trained in the use and application of the Available Functionality and should be responsible for maintaining any required SOVA client software or have direct access to those who do. SOVA may, at its sole discretion, agree to additional Support Contacts. Customer must notify SOVA Support whenever the list of Support Contacts changes (e.g., by opening a support ticket at https://support.sovasystems.com).
(d) Customer may be required to upgrade to third-party-supported applications and operating systems as specified by SOVA in the Documentation to continue receiving SaaS Maintenance. If Customer implements Client Technologies, Customer is responsible for the successful installation and implementation of such technologies within the recommended environments specified in the Documentation. Customer will use telephone, SOVA Support Online, or other channels SOVA may designate to notify SOVA of system availability issues or to request in-scope maintenance and support.
The following are not included in SaaS Maintenance: consulting services; system design assistance; product training or education; termination or migration assistance; installation or upgrade of Client Technologies. Customizations to the Available Functionality may be provided under a separate fee-based agreement.
SOVA is not obligated to provide technical support for: Client Technologies; SOVA Software not used in accordance with the Documentation; configuration modifications to the Available Functionality (other than those made by or at the direction of SOVA); training; customer-generated scripts, custom reports, or other content; custom code not part of the Available Functionality; or problems associated with software running on unsupported hardware, operating systems, or third-party software per the Documentation. Such services may be available on a fee basis. Customer may be required to upgrade to supported third-party software, hardware, or configurations as set forth in the Documentation to continue receiving technical support.
SOVA may, at its sole discretion, accept standard service catalog requests and coordinate their execution within the lead times indicated in the service catalog for the specific SOVA SaaS Offering; see the Documentation for details.
*End of Exhibit D*
This Release and Upgrade Policy describes SOVA SaaS Offering release and upgrade cycles, Customer notification, timing, and version requirements. It is incorporated into and forms part of the Master Agreement. Capitalized terms not defined herein have the meanings given in the Master Agreement.
SOVA SaaS Offerings reduce deployment time and ongoing application and infrastructure management costs. New features and functionality are enabled by updates and upgrades applied by SOVA in accordance with this policy, providing Customers maximum value while minimizing downtime.
In a SaaS environment, older versions are not supported and will no longer be available after new releases. Customers should review with SOVA any custom configurations when Major Releases occur (as outlined below) to ensure continued usability and effectiveness.
SOVA's release management for SOVA SaaS Offerings is designed to provide stability, quality, and predictability while allowing timely resolution of problems and delivery of new features or enhancements. SOVA SaaS Offerings typically follow three release types:
| Release Type | Scope | Frequency | Notification | Customer Obligations |
|---|---|---|---|---|
| Major Release | New application functionality; architectural changes | Typically twice a year | Typically 1 month | Test functionality and customizations; upgrade to current GA release |
| Minor Release | Smaller feature updates, patches, OS/infrastructure changes | Typically monthly | Typically 1 week | Upgrade to current GA release |
| Hot-Fix | Urgent fixes for stability or security | As required | Typically hours; target 72 hours when possible | Remain on current GA release |
Definitions:
Where a Release will materially change the administrator or user experience, SOVA will use reasonable efforts to provide Customer a Non-Production site to observe and test the new release before it moves to Production. SOVA will reasonably endeavor to provide such access for a period of thirty (30) days. If the nature of the changes requires Customer to work with SOVA on customizations for newly introduced elements, a reasonable period to complete such work will be agreed and Non-Production access may be extended accordingly. SOVA will provide advance notice of Major and Minor Releases with reference to the applicable release notes and the URL of the Non-Production site.
SOVA publishes intended schedules for Major and Minor Releases in advance, including date and expected duration. Schedules are provided via email and notifications are posted in the SOVA client portal per the timelines above. For Hot-Fix Releases, SOVA will attempt to provide at least seventy-two (72) hours' advance notice and will administer releases in a manner designed to reduce disruption.
Customizations: Where Customer desires SOVA to perform customizations for new elements of a Major Release, Customer is responsible for identifying requirements during the Non-Production preview and engaging SOVA or otherwise enabling their customizations (personalization, report changes, etc.) to be applied to the new release.
Deprecated features: A deprecated feature is one that appears in prior or existing versions and is not recommended for continued use or is superseded. SOVA makes commercially reasonable efforts to post notices of deprecations one (1) month in advance and reserves the right to deprecate, modify, or remove features in new versions; SOVA's policy and practice is to avoid deprecating or removing features that are currently in use by our customers.
SOVA follows a documented change management policy for the review, approval, testing, and rollout of changes to the Production environment, so as to reduce service interruption while maintaining compliance with applicable policies and procedures, including information security.
*End of Exhibit E*
This policy describes governance principles, technical safeguards, and operational requirements relating to artificial intelligence and biometric features available within the SOVA platform. This Exhibit is incorporated into and forms part of the Master Services Agreement.
This policy applies to all AI and biometric features within the SOVA Offerings, including but not limited to:
Artificial intelligence and biometric identification features are optional capabilities that may be enabled or disabled by Customer at any time. The SOVA platform functions fully without these optional technologies. SOVA shall clearly identify in the Documentation and within the platform interface which features utilize AI processing or biometric data collection.
AI tools within the SOVA Offerings may assist with:
All AI-generated outputs must be reviewed and approved by authorized human personnel before operational use. AI outputs shall be clearly labeled or identified as AI-generated within the platform.
SOVA shall not use AI features to: (a) make automated decisions with legal or similarly significant effects on individuals without human review; (b) conduct real-time mass surveillance beyond the scope of features explicitly described in the Documentation; or (c) generate or infer sensitive personal characteristics (such as race, ethnicity, political opinions, religious beliefs, sexual orientation, or health conditions) unless such functionality is explicitly described in the Documentation and enabled by Customer.
Where AI processing involves transmission of Customer Data to external systems, SOVA shall implement preprocessing techniques designed to identify and replace personally identifiable information with anonymized tokens prior to transmission ("PII Scrubbing"). PII Scrubbing shall target, at a minimum: names, email addresses, phone numbers, government identification numbers, and addresses.
SOVA acknowledges that automated PII Scrubbing may not be 100% effective in all circumstances. SOVA shall use commercially reasonable efforts to maintain and improve PII Scrubbing accuracy over time. Customer acknowledges the inherent limitations of automated PII detection.
SOVA shall maintain logs of data categories submitted for AI processing and shall make such logs available to Customer upon request. Logs shall be retained for the duration of the Subscription Term and for twelve (12) months thereafter.
Biometric facial templates ("Facial Maps") are mathematical representations derived from photographs using algorithmic analysis. Facial Maps cannot be used to reconstruct the original photograph. Facial Maps are stored separately from the source photograph within the SOVA platform.
Biometric data, including Facial Maps, shall be:
Customer controls the retention period for biometric data through the SOVA platform. Customer may delete individual Facial Maps or all biometric data at any time. Upon deletion through the platform, SOVA shall permanently remove the biometric data from all production systems within thirty (30) days and from backup systems within ninety (90) days.
SOVA shall not use biometric data for any purpose other than providing the SOVA Offerings to Customer as instructed by Customer. Biometric data shall not be included in Aggregated Data, shared with third parties, or used for research, development, or training of AI models.
SOVA shall exercise due diligence in selecting third-party AI providers and shall ensure that such providers meet security and privacy standards consistent with this Agreement.
SOVA shall maintain written agreements with all third-party AI providers that include, at a minimum:
SOVA shall disclose to Customer upon request the identity and general description of third-party AI providers used to process Customer Data. SOVA shall provide Customer with at least thirty (30) days' prior written notice of any change in third-party AI providers.
Customers may request documentation describing:
SOVA shall respond to such requests within fifteen (15) business days.
SOVA shall periodically review and update its AI and biometric governance practices to reflect changes in applicable law, industry standards, and technological developments. SOVA shall provide Customer with notice of material changes to this policy at least thirty (30) days in advance.
In the event of a security incident, data breach, or unauthorized access involving AI processing systems or biometric data, SOVA shall follow the breach notification and response procedures set forth in Section 7(C) of the Master Agreement, with the following additional requirements:
*End of Exhibit F*
This Lost and Found SPD sets forth the terms governing the Lost and Found module and related shipping and fulfillment services available through the SOVA platform. This exhibit applies only when Customer has subscribed to the Lost and Found module (including optional shipping and payment integrations) as set forth on the Order Form. Customers who do not use the Lost and Found module are not bound by this exhibit. This Exhibit is incorporated into and forms part of the Master Services Agreement when applicable. Capitalized terms not defined herein have the meanings given to them in the Master Agreement.
Customer may record information relating to lost, found, or unclaimed property, including claimant name, mailing address, phone number, email address, item description, and photographs of recovered property. Such information constitutes Customer Data.
To support compliance with applicable privacy regulations and data retention requirements, SOVA may, upon Customer's instruction or in accordance with data retention schedules agreed upon with Customer, periodically purge certain personal information associated with lost and found records after defined retention periods. SOVA shall provide Customer with reasonable advance notice before any automated purge of Customer Data and shall provide Customer with the ability to export such data prior to purge.
The SOVA platform includes optional functionality enabling Customer to manage the return of lost, found, or unclaimed property to item owners through integrated shipping services. This functionality is a convenience feature that connects Customer with third-party payment processors, shipping carriers, and optional insurance providers. SOVA is a technology platform facilitating this workflow; SOVA is not a shipping company, carrier, insurer, or fulfillment service.
The shipping workflow consists of the following steps. The responsible party for each step is identified below:
| Step | Description | Responsible Party |
|---|---|---|
| 1 | Item owner submits a shipping request through the SOVA platform | Item owner |
| 2 | Item owner selects shipping speed, carrier, and provides destination address | Item owner |
| 3 | Item owner reviews and accepts shipping terms, carrier terms, and insurance terms (if applicable) during the checkout workflow | Item owner |
| 4 | Item owner provides payment via Payment Processor-hosted payment fields | Item owner / Payment Processor |
| 5 | SOVA platform generates shipping label via Shipping Provider API | SOVA (automated) |
| 6 | Customer retrieves the item, packages it appropriately, affixes the shipping label, and tenders the item to the carrier | Customer |
| 7 | Carrier transports and delivers the item | Carrier |
| 8 | If insurance was purchased, any claims are processed through the Insurance Provider | Item owner / Insurance Provider |
SOVA provides the technology platform that facilitates steps 1 through 5 above. SOVA's responsibilities are limited to:
(a) maintaining the shipping request workflow within the SOVA platform;
(b) integrating with the Shipping Provider's API to generate shipping labels and provide carrier rate quotes;
(c) integrating with the Payment Processor to process payments;
(d) making available the option for item owners to purchase shipping insurance through the Insurance Provider (via the Shipping Provider); and
(e) providing tracking information received from the Shipping Provider and carriers within the platform.
SOVA does not:
Customer acknowledges and agrees that it is solely responsible for:
Processing shipments promptly after a shipping label is generated. Shipping labels have a limited validity period determined by the carrier (typically 7–30 days depending on carrier and service level). Customer shall tender items to the carrier within a commercially reasonable time after label generation and, for expedited shipments, within the timeframe necessary to meet the selected delivery commitment.
Properly packaging items in accordance with the applicable carrier's packaging requirements and guidelines. Items must be packaged to withstand normal handling during transit. SOVA has no liability for damage resulting from inadequate packaging.
Ensuring that no item tendered for shipment violates applicable carrier restrictions or applicable law, including but not limited to hazardous materials, firearms, controlled substances, or items prohibited by the carrier or by federal, state, or local law.
Verifying the accuracy of the destination address provided by the item owner before tendering the item to the carrier. Customer should use commercially reasonable efforts to confirm that the intended recipient will be available at the destination address to receive the shipment, particularly for expedited shipments.
Maintaining records of when items were tendered to the carrier, including carrier receipt confirmation or scan data, to support any subsequent carrier claims or insurance claims.
All payments for shipping services are processed by the Payment Processor (currently Stripe, Inc., or such replacement processor as SOVA may designate from time to time). SOVA does not receive, transmit, process, or store cardholder data at any point. The payment workflow operates as follows:
(i) The item owner enters payment information into Payment Processor-hosted payment fields embedded in the SOVA checkout page. These fields are rendered in a secure iframe controlled by the Payment Processor.
(ii) Cardholder data is transmitted directly from the item owner's browser to the Payment Processor's PCI DSS Level 1 certified servers.
(iii) The Payment Processor processes the payment and returns a tokenized transaction reference to SOVA.
(iv) SOVA records only the tokenized reference, transaction amount, and transaction status. SOVA never receives or stores the card number, CVV, or expiration date.
By virtue of this architecture, SOVA's PCI compliance scope is limited to SAQ-A (Self-Assessment Questionnaire A), applicable to merchants that fully outsource cardholder data processing. SOVA does not meet the definition of a service provider that stores, processes, or transmits cardholder data. Customer acknowledges that SOVA's PCI DSS representations and warranties in Section 22(G) of the Master Agreement relate to any cardholder data that SOVA may process in connection with other SOVA Offerings and do not create an obligation for SOVA to handle cardholder data in connection with the shipping payment workflow, as no cardholder data passes through SOVA's systems in this workflow.
Refund requests, chargebacks, and payment disputes related to shipping payments are processed through the Payment Processor in accordance with the Payment Processor's policies and applicable card network rules. SOVA will cooperate with Customer in responding to chargeback inquiries by providing relevant transaction and shipping records maintained within the SOVA platform. Customer acknowledges that SOVA cannot process refunds directly and that all refund processing flows through the Payment Processor.
Shipping labels and carrier services are provided through the Shipping Provider's API (currently Shippo, Inc., or such replacement provider as SOVA may designate from time to time). SOVA does not maintain direct contractual relationships with shipping carriers for the purpose of Customer shipments. Carrier rates, service levels, transit times, and delivery guarantees displayed in the SOVA platform are obtained from the Shipping Provider and are subject to the applicable carrier's terms, tariffs, and conditions.
SOVA's responsibility for any shipment ends when the applicable carrier obtains physical possession of the item. From that point forward, the shipment is governed by the carrier's terms of service, tariff, and applicable law (including the Carmack Amendment for domestic shipments and applicable international conventions for international shipments, as applicable).
SOVA has no liability for carrier performance, including late delivery, non-delivery, misdelivery, loss, theft, or damage occurring after the carrier obtains possession. Customer's and item owners' remedies for carrier failures are governed by the applicable carrier's terms of service, tariff, and published limits of liability.
The SOVA platform may offer item owners the option to purchase shipping insurance provided by the Insurance Provider (currently X-Cover, integrated through the Shipping Provider, or such replacement insurance provider as may be made available from time to time). Insurance is optional and is not required to use the shipping functionality.
Insurance coverage, terms, conditions, exclusions, deductibles, coverage limits, and claims procedures are governed solely by the Insurance Provider's terms and conditions, which are presented to and must be accepted by the item owner during the shipping checkout workflow. SOVA is not a party to any insurance policy purchased through the platform.
SOVA does not underwrite, administer, adjust, or manage insurance policies or claims. SOVA's sole role is to make the insurance option available within the checkout workflow. SOVA has no liability for any denial of coverage, claim dispute, delay in claim processing, or insufficiency of coverage under any insurance policy purchased through the platform.
The following scenarios illustrate the allocation of responsibility under this Exhibit. These are provided for clarity and do not limit the general liability provisions of this Exhibit or the Master Agreement.
If Customer fails to process and tender a shipment to the carrier within the timeframe necessary to meet a delivery commitment (e.g., an expedited shipment is not tendered for several days after label generation), any resulting consequences — including late delivery of time-sensitive items such as medication, travel documents, electronics, or personal effects — are Customer's sole responsibility. SOVA has no liability for such delays.
If an item owner provides a destination address where they will be temporarily located (e.g., a hotel, vacation rental, or business location) and the item arrives after the recipient has departed, resulting in the destination refusing delivery and the carrier returning the item to the origin:
(i) Customer is responsible for all costs associated with re-shipping the item to the correct destination;
(ii) Customer is responsible for communicating with the item owner to obtain an updated address;
(iii) SOVA has no liability for the original delivery attempt, the return, or the re-shipment; and
(iv) item owners may seek recourse through the carrier's terms of service or, if applicable, their Insurance Provider policy.
If an item is lost or damaged after the carrier obtains possession:
(i) Customer and/or the item owner may file a claim with the carrier subject to the carrier's published limits of liability;
(ii) if shipping insurance was purchased, the item owner may file a claim under the applicable Insurance Provider policy; and
(iii) SOVA has no liability for the loss or damage.
If a carrier fails to deliver within its published service commitment:
(i) Customer and/or the item owner may seek a refund or credit from the carrier in accordance with the carrier's money-back guarantee policy (if applicable);
(ii) if shipping insurance was purchased, the item owner may file a claim under the applicable Insurance Provider policy; and
(iii) SOVA has no liability for the carrier's failure to meet its published delivery commitment.
SOVA MAKES NO WARRANTIES, WHETHER EXPRESS OR IMPLIED, REGARDING THE SHIPPING SERVICES, CARRIER PERFORMANCE, DELIVERY TIMELINES, SHIPPING INSURANCE COVERAGE, OR THE PERFORMANCE OF ANY THIRD-PARTY SERVICE PROVIDER INTEGRATED WITH THE SOVA PLATFORM FOR SHIPPING PURPOSES. SOVA disclaims all warranties of merchantability, fitness for a particular purpose, and non-infringement with respect to shipping services. SOVA's sole obligation is to maintain the technology integrations with the Payment Processor, the Shipping Provider, and the Insurance Provider in reasonable working order.
Customer shall indemnify, defend, and hold harmless SOVA from and against any claims, losses, damages, liabilities, costs, and expenses (including reasonable attorneys' fees) arising from:
(i) Customer's failure to timely process, package, or tender shipments;
(ii) Customer's shipment of prohibited or restricted items;
(iii) any dispute between Customer and an item owner regarding lost, damaged, delayed, or mis-delivered shipments;
(iv) any claim by an item owner that the shipping process was misrepresented to them, except to the extent caused by a defect in the SOVA platform; or
(v) any regulatory action arising from Customer's shipping practices.
*End of Exhibit G*
*End of Master Services Agreement*