Guspora^™

This Master Service Agreement ("Agreement") is entered into between Guspora LLC, doing business as Guspora™ ("Provider," "we," "us," or "our"), and the service company or individual ("Service Company," "Customer," "you," or "your") that registers for and uses the Guspora™ platform. By accessing or using the Guspora™ platform, you acknowledge that you have read, understood, and agree to be bound by the terms and conditions of this Agreement.

1. Definitions

• "Platform"means the Guspora™ AI-powered inspection and compliance management software application, including all web-based interfaces, mobile applications, APIs, and related services.
• "Customer Data" means all data, information, documents, images, inspection records, customer lists, equipment records, and other content that the Service Company or its end users upload, enter, transmit, or store through the Platform.
• "End Users"means the Service Company's customers, technicians, and other individuals who access the Platform under the Service Company's account.
• "Services" means the inspection management, compliance tracking, scheduling, reporting, customer portal, AI-assisted inspection, and related features provided through the Platform.
• "AI Agents" means automated or semi-automated Platform functions that draft, recommend, initiate, route, or execute workflow actions under configured guardrails.
• "Agent Action Ledger" means the audit record for AI Agent activity, including action category, risk class, actor or approving user, tenant scope, target record, approval status, timestamp, and related metadata.
• "Default Configuration"means Provider's standard AI Agent guardrails: action risk classification by action category, autonomy ceilings per agent, human approval requirements for high-risk actions, TCPA and CAN-SPAM communication consent enforcement, Agent Action Ledger audit logging, and tenant-scoped data isolation.
• "Modified Configuration" means any Service Company-directed change that lowers approval thresholds, expands autonomy ceilings, modifies or disables consent enforcement, expands data scope, or directs AI Agents outside their intended use cases.
• "NFPA" means the National Fire Protection Association, whose codes and standards are referenced within the Platform for compliance purposes.
• "Confidential Information" means any non-public information disclosed by either party to the other, including business plans, Customer Data, technical specifications, pricing, and proprietary processes.

2. Services

2.1 Scope of Services. Provider shall make the Platform available to the Service Company on a subscription basis. The Platform provides AI-powered inspection management, compliance tracking, customer relationship management, technician dispatch, scheduling, invoicing, and reporting capabilities.

2.2 Service Availability. Provider shall use commercially reasonable efforts to maintain Platform availability of 99.9% uptime, excluding scheduled maintenance windows. Scheduled maintenance will be communicated at least 48 hours in advance when practicable.

2.3 Updates and Modifications. Provider reserves the right to update, modify, or enhance the Platform. Material changes to functionality will be communicated to the Service Company in advance. Provider shall not remove core features without reasonable notice.

2.4 Support.Provider shall provide technical support via email and phone during standard business hours (Monday–Friday, 8:00 AM–5:00 PM Eastern Time), with emergency support available for critical system outages.

2.5 AI Report Usage and Overage.Each paid subscription tier includes a monthly allotment of three hundred (300) AI-generated reports. AI report usage is metered per calendar month and resets at the start of each billing period. Reports generated in excess of the monthly allotment are billed as overage at the Provider's then-current published per-report overage rate. The current rate is published on the Pricing page and within the Service Company's billing portal. Overage charges accrue in real time and are invoiced with the following billing cycle. The Service Company may purchase the GusporaCam hardware add-on, which removes the monthly cap and unlocks unlimited AI reports for the duration of the active GusporaCam subscription. Provider may adjust the per-report overage rate from time to time; any adjustment shall be communicated to the Service Company at least thirty (30) days in advance and shall not apply to reports generated before the effective date of the adjustment.

2.6 Default Operating Configuration.Provider makes AI Agents available in Default Configuration unless the Service Company modifies those guardrails. Provider's accuracy claims, service descriptions, and warranties relating to AI Agents apply only in Default Configuration. AI Agents are probabilistic systems and may produce inaccurate or unexpected outputs even when Default Configuration guardrails are active.

2.7 Customer-Modified Configuration. The Service Company is responsible for outcomes caused by Modified Configuration, including lowered approval thresholds, expanded autonomy ceilings, modified or disabled consent enforcement, expanded data scope, or instructions that direct AI Agents outside intended use cases.

2.8 Agent Activity Record. The Agent Action Ledger is the authoritative record of AI Agent activity in disputes about what an AI Agent drafted, recommended, initiated, routed, sent, or executed.

3. Data Ownership

3.1 Ownership. The Service Company retains all rights, title, and interest in and to all Customer Data. Nothing in this Agreement transfers ownership of Customer Data to Provider.

3.2 License to Process. The Service Company grants Provider a limited, non-exclusive license to access, process, store, and transmit Customer Data solely for the purpose of providing the Services under this Agreement.

3.3 Aggregated Data.Provider may create anonymized, aggregated statistical data derived from Customer Data ("Aggregated Data") that does not identify the Service Company or any individual. Provider may use Aggregated Data for product improvement, benchmarking, and industry research.

3.4 Data Portability.The Service Company may export its Customer Data at any time through the Platform's built-in export tools in standard formats including CSV and JSON.

4. Privacy & Security

4.1 Data Security. Provider implements industry-standard security measures including:

• AES-256 encryption for data at rest
• TLS 1.2+ encryption for data in transit
• Multi-factor authentication support
• Role-based access controls
• Regular security audits and vulnerability assessments
• Automated backup systems with geographic redundancy
• Intrusion detection and monitoring

4.2 Data Hosting. All Customer Data is hosted in the Amazon Web Services (AWS) US-East-1 region (Northern Virginia). Data will not be transferred outside the United States without prior written consent of the Service Company.

4.3 Breach Notification. In the event of a data breach affecting Customer Data, Provider shall notify the Service Company within 72 hours of becoming aware of the breach, provide details of the scope and nature of the breach, and cooperate fully in any investigation and remediation efforts.

4.4 Privacy Compliance. Provider processes Customer Data in accordance with applicable privacy laws, including the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) where applicable. See our Data Privacy Addendum for complete privacy practices.

5. Intellectual Property

5.1 Provider IP.The Platform, including all software, algorithms, AI models, user interfaces, designs, documentation, and related intellectual property, is and shall remain the exclusive property of Provider. Guspora™ and all associated logos and marks are licensed to Provider by Cody Ferguson.

5.2 License Grant.Subject to the terms of this Agreement, Provider grants the Service Company a non-exclusive, non-transferable, revocable license to access and use the Platform during the Term solely for the Service Company's internal business operations.

5.3 Restrictions. The Service Company shall not: (a) reverse engineer, decompile, or disassemble the Platform; (b) sublicense, resell, or distribute the Platform; (c) use the Platform to develop a competing product; or (d) remove any proprietary notices or labels from the Platform.

5.4 Feedback. Any suggestions, ideas, or feedback provided by the Service Company regarding the Platform may be used by Provider without obligation or compensation.

6. Indemnification

6.1 By Provider.Provider shall indemnify, defend, and hold harmless the Service Company from and against any third-party claims arising from: (a) Provider's breach of this Agreement; (b) Provider's negligence or willful misconduct; or (c) infringement of any third-party intellectual property rights by the Platform.

6.2 By Service Company.The Service Company shall indemnify, defend, and hold harmless Provider from and against any third-party claims arising from: (a) the Service Company's use of the Platform in violation of this Agreement; (b) Customer Data uploaded to the Platform; or (c) the Service Company's violation of applicable laws or regulations; (d) Modified Configuration outcomes; (e) communications drafted or sent by AI Agents on the Service Company's behalf; (f) AI Agent-initiated financial actions; or (g) the Service Company's failure to comply with TCPA consent requirements, CAN-SPAM obligations, privacy laws, or professional licensing requirements.

7. Limitation of Liability

7.1 Cap on Liability.TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, PROVIDER'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT SHALL NOT EXCEED THE TOTAL FEES PAID BY THE SERVICE COMPANY TO PROVIDER DURING THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

7.2 Exclusion of Damages. IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, DATA, BUSINESS OPPORTUNITIES, OR GOODWILL, REGARDLESS OF THE CAUSE OF ACTION OR THE THEORY OF LIABILITY.

7.3 Exceptions.The limitations in this Section 7 shall not apply to: (a) breaches of Section 3 (Data Ownership) or Section 4 (Privacy & Security); (b) a party's indemnification obligations; or (c) liability arising from gross negligence or willful misconduct.

7.4 AI Agent Liability Allocation.Provider is not liable for outcomes arising from Modified Configuration. Communications drafted or sent by AI Agents on the Service Company's behalf are the Service Company's communications. Billing, payment, and other financial actions initiated by AI Agents are the Service Company's actions. Compliance assessments and AHJ communications are advisory and do not replace professional judgment, legal advice, engineering judgment, or AHJ authority.

8. Term & Termination

8.1 Term. This Agreement commences on the date the Service Company first accesses the Platform and continues for the initial subscription period selected. The Agreement shall automatically renew for successive periods of equal length unless either party provides written notice of non-renewal at least thirty (30) days prior to the end of the then-current term.

8.2 Termination for Cause.Either party may terminate this Agreement upon thirty (30) days' written notice if the other party materially breaches this Agreement and fails to cure such breach within the notice period.

8.3 Termination for Convenience.Either party may terminate this Agreement for any reason upon sixty (60) days' written notice to the other party.

8.4 Effect of Termination. Upon termination or expiration of this Agreement:

• Provider shall make Customer Data available for export in standard formats (CSV, JSON) for a period of thirty (30) days following the effective date of termination.
• The Service Company shall have the right to request a complete export of all Customer Data during the 30-day post-termination period.
• After the 30-day period, Provider shall permanently and irreversibly delete all Customer Data from its systems, including all backups, within an additional fifteen (15) days.
• Provider shall certify in writing, upon request, that all Customer Data has been deleted.
• All licenses granted under this Agreement shall immediately terminate.

8.5 Survival. Sections 3, 5, 6, 7, and 9 shall survive termination or expiration of this Agreement.

9. General Provisions

9.1 Governing Law. This Agreement shall be governed by and construed in accordance with the laws of the Commonwealth of Kentucky, without regard to its conflict of laws provisions.

9.2 Dispute Resolution. Any disputes arising under this Agreement shall first be subject to good-faith negotiation between the parties. If not resolved within thirty (30) days, disputes shall be submitted to binding arbitration under the rules of the American Arbitration Association, with proceedings conducted in Nelson County, Kentucky.

9.3 Force Majeure. Neither party shall be liable for any failure or delay in performance due to circumstances beyond its reasonable control, including natural disasters, acts of government, internet outages, or cyber attacks.

9.4 Assignment. Neither party may assign this Agreement without the prior written consent of the other party, except in connection with a merger, acquisition, or sale of substantially all assets.

9.5 Entire Agreement. This Agreement, together with the Data Privacy Addendum and Terms of Service, AI Transparency Notice, constitutes the entire agreement between the parties with respect to the subject matter hereof and supersedes all prior agreements, understandings, and representations.

9.6 Severability. If any provision of this Agreement is held invalid or unenforceable, the remaining provisions shall continue in full force and effect.

9.7 Notices. All notices under this Agreement shall be in writing and shall be deemed delivered when sent via email to the addresses on file or by certified mail to the addresses specified by each party.