Master Service Agreement‍

For good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, the parties agree as follows:

1. Provider Services

The Client hereby orders from the Provider, and the Provider will provide web development services, described in the attached Statements of Work (“SOW”) which is hereby incorporated within this Agreement. The Provider will follow the Client’s guidelines and needs to the best of its abilities.

2. Terms and Expiration

The term of this Agreement shall be from the effective date and includes the “Duration” referenced in the SOW. Unless earlier terminated as provided in this Agreement or unless extended, this Agreement shall terminate one (1) year following the Effective Date. The effective date is the date of signing this Agreement.

3. Payments and timeline

Payments and timeline are detailed in the SOW which is hereby incorporated within this agreement. All payments will be in USD. All invoices must be paid in full within 10 days after the date of the invoice.

4. Interest on Late Payments.

Any amount not paid when due will bear interest from the due date until paid at a rate equal to [1]% per month ([12]% annually) or the maximum allowed by Law, whichever is less.

5. Cooperation

The Parties shall cooperate in good faith with one another, including the execution and delivery of necessary documents requested by the Provider. The Client hereby agrees to provide sufficient information to the Provider, so the Provider can render Services. As such, the Client will provide a point of contact to the Provider, which will provide the Provider with any necessary instructions regarding the scope of work/services to be done by the Provider. The Client hereby agrees to respond to all the Provider inquiries within 8 working hours.

6. Client Representative.

The Client will provide one (1) representative to communicate with the Provider (regarding art direction, text images, functionality, etc.) to streamline the process and prevent miscommunication. In the event the Client changes its designated representative, the Provider must be notified in writing of the change, and all prior approval up to the time of notification of the representative change shall remain valid. Subsequent edits and change orders to previously approved work are out of scope and will be billed at the rate outlined in the SOW.

7. Cancellation and Change Policy

Either Party can terminate this Agreement in case of breach of this contract by the other Party or in the case of the Party’s own bankruptcy, other сancellation conditions are described in the SOW. Any waiver, alteration, or modification of any of the provisions of this Agreement or cancellation or replacement of this Agreement shall not be valid unless in writing and signed by the parties.

8. Expenses

The Client shall pay all expenses reasonably incurred by the Provider in the course of performing services under this Agreement, as mutually agreed upon in advance by the parties hereto. These expenses may include business trips expenses, purchasing 3rd party components and graphics required for work and other similar items.

9. Confidentiality

The Provider shall keep confidentiality of all provided information of the Client marked in written as “Confidential”. This information might be related to the Client business itself, the Client subsidiaries and Client customers.

Confidential Information shall not include any information that:

• is already lawfully known by the Provider when it is received;
• is independently discovered by the Provider;
• is now or hereafter becomes generally available to the public;
• is disclosed after the Provider obtains prior written approval from the Client for such disclosure.

The Provider shall ensure that any other parties to whom work has been delegated will sign an appropriate secrecy undertaking.

10. Non-Solicitation

During the term of this Agreement and for 5 years after any termination of this Agreement, the Parties will not directly or indirectly solicit, induce, recruit, encourage or otherwise endeavor to cause or attempt to cause any employee, agent, employees, and clients of agent or consultant of the Party to terminate their relationship with the Party. If an employee, agent, employees, and clients of agent or consultant of one Party terminates their relationship, the other Party will not start any direct relationships with them for 1 year since the relationships termination.

A contractual penalty for violation of this clause is the amount of $50,000 (in words: fifty thousand US dollars) for each violation.

11. Intellectual Property Rights

After receiving full payment under this Agreement, the Provider assigns to the Client its entire right, title, and interest to Deliverables created or developed by the Provider for the Client under this Agreement, including all patents, copyrights, trade secrets, and other proprietary rights.

12. Relationship

The Provider is retained by the Client solely for the purposes and to the extent set forth in this Agreement, and the Provider’s relationship to the Client shall during the terms of this Agreement be that of an independent contractor. The Provider may use a third party (“Consultant”) to perform this Agreement.

13. Assignment

Any attempt to assign or transfer any rights, duties, or obligations herein shall render such attempted assignment or transfer null and void.

14. Liability

In no event shall the Provider be liable for any damages arising from the use of the software developed under the terms of this Agreement.

15. Publicity

The Parties can’t use the name, trademark, logo, or other identifying materials of either Party in any publicity, advertising, or promotional material, make press releases, or public disclosures describing the general nature of the Services provided hereunder unless it’s agreed with both parties.

16. Recording of Conversations

Each party to this Agreement acknowledges and agrees to the call recording of conversations between the parties to this Agreement.

17. Force Majeure

The Client hereby releases the Provider from its duties in the case of a fire, earthquake, power outage, or any other natural disaster or act of God that makes it impossible for the Provider to complete its services. In such cases, the Client hereby acknowledges and holds the Provider harmless in case of the possibility of data loss.

18. Data protection

This Section of the Agreement sets out the framework and obligation for the personal data transfer and further processing of Personal Data between Parties, namely:‍

For the purposes of performance of this Agreement the Client as a Personal Data controller transfers to the Provider as a Personal Data processor and if applicable under this Agreement the Provider transfers to the Client in return some Personal Data, in particular, names, surnames, corporate emails and other identification data of its contact persons (Client employees, Client independent consultants, Client subsidiaries or Client customers, etc.), unless another scope of Personal Data is agreed by the Parties in the SOW Personal Data. The Client shall implement the measures that ensure that no Personal Data that is unnecessary for the provision of services herein is transferred to the Provider. The Provider may provide to the Client a list of personal data needed to provide services herein and/or if necessary, get access to the Client’s systems and process the amount of data available in that system. In this case, the Provider shall process only the data that is necessary to perform a specific task in the framework of performance of this Agreement adhering to the principle of data minimization in accordance with Article 5 (1) (c) of the GDPR (UK GDPR).

The Client shall provide the Provider with Personal Data that is adequate, relevant and strictly limited to what is necessary for the provision of relevant services under this Agreement, adhering to the principle of data minimization in accordance with Article 5 (1) (c) of the GDPR (UK GDPR). The Client shall as well provide data sanitization that is minimization, anonymization, pseudonymization or depersonalization and/or filtering of Personal Data/database, eliminating of all data that is not strictly limited to what is necessary for the provision of services under this Agreement, before transferring it to the Provider, unless otherwise is agreed by the Parties in the SOW. In case the Parties do not agree on the exact list of data needed for the provision of services herein, the Client shall provide data limitation and sanitization of data as specified in this clause immediately after receiving the relevant request from the Provider.

The Client hereby agrees to indemnify and hold the Provider harmless from any claims that data subjects or any third persons may have against the Provider if it could be determined that as a result of the Client’s failure to comply with the principle of data minimization in accordance with Article 5 (1) (c) of the GDPR (UK GDPR) their rights have been violated and damages have been inflicted. The Client agrees to indemnify the Provider for any damages and penalties if any that may be assessed by any government agency in connection with the Client’s failure to comply with the principle of data minimization in accordance with Article 5 (1) (c) of the GDPR (UK GDPR).

The Parties process the Personal Data only for the purposes of providing web development services under this Agreement and SOW, unless otherwise instructed by the Client or required by the applicable laws (including, without limitation, anti-money laundering, financial and debt recovery laws).

Both Parties undertake to adhere to all relevant requirements of the applicable data protection laws. Each Party is independently liable for the violations of the mentioned requirements, including the requirement to ensure the lawfulness of the processing.

Unless otherwise is required by the applicable laws, the Provider agrees to process the Personal Data only on the documented instructions from the Client, including with regard to transfers of the Personal Data outside of the European Economic Area. The Provider may take all necessary actions for the processing of Personal Data, if such actions are necessary for the proper provision of services under this Agreement. Where the processing is required by law, the Provider shall inform the Client of such legal requirement before processing, unless that law prohibits so on the important grounds of public interest. For the purposes of this Agreement, the documented instructions shall include written and electronic documents or communications.

Unless otherwise agreed by the Parties, the processing of the Personal Data by the Provider shall take place only within the term of validity of the Agreement. After the termination or expiration of the Agreement, the Provider, upon request and at the choice of the Client, deletes or returns all the Personal Data to the Client, and deletes existing copies unless Union or Member State law requires storage of the Personal Data.

The Personal Data classifies as “Confidential” according to Section 9 of this Agreement.

The Provider shall take all the necessary measures to ensure the security of processing of the Personal Data as required pursuant to Article 32 of the GDPR and relevant clauses of UK GDPR. In case the Provider becomes aware of any data breach, intended or actual on its side, it undertakes to promptly notify the Client and provide it with all relevant information in its possession.

The Client herewith agrees that the Provider shall have the right to disclose the Personal Data to other parties to whom provision of services or work has been delegated (“Sub-processors”) for the purposes stated herein and that the Provider shall have the right to transfer the Personal Data outside of the country of the registration to the extent necessary for the Provider’s compliance with this Agreement, and the Client hereby consents to such disclosure and transfer in case it is necessary for the provision of services.

In case it is necessary for the provision of services the Provider shall engage any Sub-processors from a list of such Sub-processors agreed in relevant SOW upon general authorization of the Client. The Provider shall inform the Client of any intended changes of that list through the addition or replacement of sub-processors via the written and/or electronic documents, documents, or communications. Provider shall be entitled to engage specialists that are part of the Provider’s team whose names will be available for the Client in the project management system that the Parties use for the purposes of this Agreement. In case there are no objections to the specialists of the Provider engaged this way the Client is deemed to provide his authorization to engage such specialists. The Client may also provide the prior authorization for the engagement of any Sub-processor before such engagement if there is a relevant request from the Provider or the Client. When engaging Sub-processors to the processing of the shared Personal Data, the Provider ensures that all the requirements of Article 28 of the GDPR (UK GDPR) are met. Furthermore, the Provider undertakes not to transfer the Personal Data to third countries in the absence of the appropriate safeguards to such transfer or the decision of the European Commission proving that the third country in question ensures an adequate level of data protection. The Provider shall provide that the Sub-processors engaged comply with the same data protection obligations as those binding the Provider under this Agreement and the applicable legislation.

The Client hereby authorizes the Provider to provide data to the Provider’s sub-contractors solely for the purposes of the provision of services under the Agreement, provided that the Provider’s subcontractors form the core team of specialists of the Provider that ensure the rendering of services within the usual course of the Provider’s business and on condition that such transfers are performed in accordance with the requirements set in this Agreement and applicable laws.

The Provider shall assist the Client in ensuring compliance with the security obligations pursuant to Articles 32 to 36 of the GDPR and relevant clauses of UK GDPR taking into account the nature of processing and the information available to the Provider. These measures shall cover the appropriate technical and organizational measures to ensure the security of the data, including protection against a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to that data.‍

The Provider shall also assist the Client by appropriate technical and organisational measures, insofar as this is possible, for the fulfillment of the Client’s obligation to respond to requests for exercising the data subject’s rights to access, erase, correct, block, or delete the Personal Data.

The Provider shall make available to the Client all information necessary to demonstrate compliance with the obligations laid down in the applicable data protection laws and, for such purposes, allows for and contributes to audits, including inspections, conducted by the Client or another auditor mandated by the Client on the Client’s cost.

19. Governing Law

This Agreement shall be governed by and construed in accordance with English law. The courts of England shall have exclusive jurisdiction to adjudicate any dispute arising under or in connection with this Agreement.

20. Written Notice

Email is an acceptable form of communication under each and every provision of this Agreement.

21. Signatures