Your Rights

Exercising Your Rights If you are a registered mstIPmanager user, you can exercise the access and erasure rights directly from your account:

Download my data — https://mstipmanager.com/privacy/data-export

Delete my account — https://mstipmanager.com/privacy/data-delete

For all other rights requests (rectification, restriction, objection, withdrawal of consent), contact our Data Protection Officer at [email protected]. We respond within 30 days.

Data Protection Representative

MST may process the personal data of individuals in the European Union, European Economic Area and UK, in either the role of 'data controller' or 'data processor.' MST has appointed DataRep as its Data Protection Representative for the purposes of GDPR in the EU/EEA and The Data Protection Act 2018/US GDPR (as amended) in the UK,and FADP in Switzerland. For instructions on how to contact DataRep, please see our Data Representative - Privacy Contact Information document under Resources.

Legal Representative

MST which may deliver, or target the delivery of, a digital service in European Union and European Economic Area, has appointed DataRep as its Legal Representative for the purposes of the Digital Services Act in the EU/EEA. For instructions on how to contact DataRep, please see our Data Representative – DSA Contact Information document under Resources.

Privacy Policy

Last Updated: September 27, 2021

MST Services include various cloud communications platform applications that provide Customers with tools to manage their intellectual property portfolios. These tools include the storage, organization and management of documents and communications related to Customer Data.

You can contact our Privacy Team in the Office of the Data Protection Officer by either emailing us at [email protected] or, by writing to us at: One Maritime Plaza, Fifth Floor, 720 Water Street, Toledo, Ohio 43604.

MST processes two broad categories of personal information when you use our products and services:

Your personal information as a customer of MST s services information that we refer to as Customer Account Data, and

The personal information of your end users and employees, contractors, partners, etc. who use or interact with your MST services and applications this category contains both your Customer Usage Data (e.g., communications metadata) and your Customer Content (e.g., the contents of communications, documents and other stored data).

MST processes these categories of personal information differently because the direct relationship we have with you, our customer, is different than the indirect relationship we have with your end users.

How MST Processes Your Personal Information

Data protection laws and privacy laws in certain jurisdictions, like the European Economic Area (EEA), differentiate between controllers and processors of personal information. A controller decides why and how to process personal information.

A processor processes personal information on behalf of a controller based on the controller s instructions. When MST processes your Customer Account Data, the MST entity with whom you are contracting is acting as a controller.

Broadly speaking, we use Customer Account Data to further our legitimate interests to:

manage our relationship with you and other customers,

carry out core business operations such as accounting, filing taxes, and fulfilling regulatory obligations and

help detect, prevent, or investigate security incidents, fraud and other abuse and/or misuse of our products and services.

What Personal Information MST collects:

We collect and process your personal information:

When you visit a MST website like mstfirm.com, mstipmanager.com or mstipsolutions.com, or make a request to receive information about MST or our products;

When you contact our Support Team; and

When you sign up for a MST account and use our products and services.

We call this personal information Customer Account Data. We also collect Customer Usage Data from you when you send or receive communications through your use of our services. This data might take different forms, and we might use it for different purposes read on for more information.

Depending on your interactions with us, we might collect the following categories of personal information, and for the following reasons:

We collect Identifiers, like your name and contact information (Customer Account Data), when you sign up or use our products or services and to do things like allow you to use our products, verify your identity, and communicate with you.

We collect Commercial information when we keep track of the services that you purchase from us and our communications history about those services.

We collect Internet and other electronic activity information, such as communications metadata, as you interact with our website or use our services. This metadata may be information about how you interact with our websites and the information on them; what features you use on our service; or it may be your Customer Usage Data as you send communications over the service.

We collect Geolocation information when you use our products or services. Depending on the product or service, this could be location based on your IP address, or, such as if you are using our IoT products and services, based on the cell tower to which a mobile device is connected, or Wi-Fi triangulation.

We collect Professional or employment information, such as your company or employer or your role at your company.

When we re processing your personal information as our customer, we re generally processing Customer Account Data or Customer Usage Data. When we do, we re a controller, as we described above, and this Privacy Statement details the rules that control our use of that data.

In addition, as a processor and a service provider, we process Customer Content that may include personal information from any of those categories, plus others. If you re an end user of a customer of ours, our customer will be able to help you with more details on what categories they re collecting and using.

What Customer Account Data MST Processes When You Visit Our Website or Make a Request for Information about MST and Why

When you visit our website or request more information about MST, we collect information automatically using tracking technologies, like cookies, and through web forms where you type in your information. We collect this information to provide you with what you request through the web form, to learn more about who is interested in our products and services, and to improve navigation experience on our pages. Information You Share Directly: In some places on MST s websites, you can fill out web forms to create an account or make a request. The specific personal information requested on these forms will vary based on the purpose of the form. We will ask you for information necessary for us to provide you with what you request through the form. We may also ask you for additional information to help us understand you better as a customer like your MST use case, your company name, or your role at your company.

Information We Collect Automatically: When you visit MST websites, including our web forms, we and our service providers acting on our behalf automatically collect certain information using tracking technologies like cookies, web beacons, and similar technologies. We use this information to understand how visitors to our websites are using them. This helps us understand how we can improve our websites. In addition, we use tracking technologies to help improve the navigation experience on MST websites. We don t sell this information to third parties. For more details on our use of cookies and tracking technologies, please see our Cookie Notice.

What Customer Account Data MST Processes When You Communicate with Our Support Teams and Why

You may share personal information, like your contact information, with a member of our Support Team when you communicate with them. We keep a record of this interaction.

If you contact our Support Teams, those teams keep a record of that communication, including your contact details and other information you share during the course of the communication. We store this information to help us keep track of the inquiries we receive from you and from customers generally so we can improve our products and services and provide training to team members. This information also helps our teams manage our ongoing relationships with our customers. Because we store a record of these communications, please be thoughtful about what information you share with our Support Teams. While we will take appropriate measures to protect any sensitive information you share with us, it is best to avoid sharing any personal or other sensitive information in these communications not necessary for these teams to assist you.

What Customer Account Data MST Processes When You Sign Up for and Log Into an MST Account and Why

When you sign up for an account with us, we ask for certain information like your contact details and associated employer or company (our Customer) information so we can communicate with you and facilitate your use of our products and services. We also collect some information automatically, like your IP address, when you log in to your account or use an application within our Services. We use this to understand who is using our services and how, and to detect, prevent and investigate fraud, abuse, or security incidents.

Information You Share Directly: When you sign up for an MST account with us, you ll be asked to give us your name, email address, and your company name, and to create a password. We collect this information so we know who you are, we can communicate with you about your account(s), and we can recognize you when you communicate with us through the account portal or otherwise.

When you first sign up for an account, we also ask you for a telephone number so we can communicate a verification code to that telephone number and have you enter the code into our website. This helps us ensure you re actually a human being. An MST team member may also contact you at this number to help you with onboarding unless you tell us you don t want us to contact you.

When you set up two-factor authentication for your account, we ll ask you to enter a telephone number to set up the process. You have the option to use that telephone number as the method for us to communicate verification codes to you to verify that it is you logging into your account.

Similarly, for some of our products, you or your end user, whoever is going to be making use of the product, may have to complete an application form providing details about your company and your intended use of the product, like when you are interested in getting a short code. We ll use this information for the purpose for which it was gathered from you. We may also use it in connection with improving our own internal processes and services or training our team members.

When you use our account portal, we collect your IP address and other data through tracking technologies like cookies, web beacons, and similar technologies. We use this information to understand how customers are using our platform, who those customers are (if they are a company and the IP address is associated with that company), what country they are logging in from (for analytics and export control purposes), and to help improve the navigation experience.

All information we collect when you sign up for a MST account and interact with the MST account portal or our products or services may be used to detect, prevent, or investigate security incidents, fraud, or abuse and misuse of our platform and services. We will also use it, and share it with our service providers, as needed for our operational purposes such as to do things to function as a business and provide our services to you.

Other Customer Account Data We Collect and Why

We may collect information about you, as our customer, from publicly-available sources so we can understand our customer base better.

How Long We Store Your Customer Account Data

MST will store your Customer Account Data as long as needed to provide you with our services and to operate our business. If you ask MST to delete specific personal information from your Customer Account Data, we will honor this request unless deleting that information prevents us from carrying out necessary business functions.

Here is an overview of how long we hold on to Customer Account Data in a form that can be used to identify you, unless there is a specific need or obligation to retain your information longer (like in the case of an open investigation, audit or other legal matter):

Customer Account Data stored in our customer relationship management system(s) is generally stored up to 7 years following closure of your account. Invoice records, including their digital equivalent, may be retained in identifying form by MST for longer periods for accounting, tax, and audit purposes depending on and in accordance with applicable law.

Similarly, where we collect subscriber records, such as a physical address or identity information, in connection with providing our communications products and services, we will retain this data as needed for legal, security and anti-fraud purposes and depending on and in accordance with applicable local law.

We may retain your communications with MST s Customer Support Teams for up to 7 years after your account is closed.

Apart from the above, within 60 days following closure of your account, we will either delete other Customer Account Data or transform it such that it can no longer be used to identify you.

How to Make Choices About Your Customer Account Data

You can make various choices about your Customer Account Data through the account portal, such as accessing it, correcting it, or deleting it, when you log into your MST account. Any other requests about your data you cannot make through these self-service tools, you can request by emailing [email protected].

Closing Your Account and Deletion. To request closure or deletion of your MST account, you can email us at [email protected]. You should know that closure and/or deletion of your MST account will result in you permanently losing access to your account and data in the account. Please note that certain information associated with your account may nonetheless remain on MST s servers in an aggregated form that does not identify you or your end users. Similarly, data, including personal information, associated with your account we are required to maintain for legal purposes or for necessary business operations (see How Long We Store Your Customer Account Data section above) will be retained after account closure until no longer needed.

If you are an end user of an application built on MST s Services and not a direct customer of MST, you should direct requests relating to your personal information to the relevant application provider in accordance with the application provider s own privacy policy.

California Consumer Access and Deletion Rights

For those customers that would like more information about our use of Customer Account Data or Customer Usage Data, you have the ability to request:

that we provide details about the categories of personal information that we collect about you, including how we collect and share it;

that we provide you access to the personal information we collect about you; and

that we delete the personal information we have about you.

Please be aware that when you ask us for these things, we will take steps to verify that you are authorized to make the request.

As part of the services we provide to our customers, we provide you with a number of self-service features at no additional cost, including the ability to access your data, download a copy of your data, delete your data, or restrict the use of your data. If you need more help than that, let our Support team know; we will provide reasonable and timely assistance to assist you.

Please keep in mind that when you ask us for your personal information, or you ask us to delete your personal information, we may need to withhold or retain some of that personal information for security, legal, or anti-fraud reasons. Also, we do need some of the Customer Account Data and Customer Usage Data we have to maintain customer accounts. If you ask us to delete that information, we may not be able to continue providing you our services. This also means that we won t be able to provide access to or delete information about customers who are the point of contact for businesses that use our services. If you would like to request access or deletion, you may email [email protected].

How MST Processes Your End Users Personal Information

Your end users personal information typically shows up on MST s Services in a few different ways:

Communications-related personal information about your end users, like your end users phone numbers for number-based communications, your end users email addresses for email communications, IP addresses for IP-based communications, device status (indicating whether a device is available for messaging), or device tokens for push notifications, show up in our systems when you use or intend to use this information to contact your end user through use of our products and services.

Your end users personal information may show up in friendly names, which are strings you provide, if you choose to include your end users personal information as part of a string.

Your end users personal information may also be contained in the content stored within your applications or content of communications you (or your end users) send or receive using MST s products and services.

We call the information in the first two bullets above Customer Usage Data. The information in the third bullet is what we refer to as Customer Content.

As noted above, data protection law (including privacy law) in certain jurisdictions, like the EEA, differentiate between controllers and processors of personal information. When MST processes Customer Content, we generally act as a processor. When we process Customer Usage Data, we act as a processor in many respects, but we may act as a controller in others. For example, we may need to use certain Customer Usage Data for the legitimate interests of billing, reconciling invoices with vendors, and in the context of troubleshooting and detecting problems with the network.

What Customer Usage Data and Customer Content MST Processes and Why

We use Customer Usage Data and Customer Content to provide services to you and to carry out necessary functions of our business as a communications service provider. We do not sell your end users personal information and we do not share your end users information with third parties for those third parties own business interests.

How Long Do We Store Customer Usage Data and Customer Content and Exercising Choices About End User Personal Information

Details regarding how long your end user personal information may be stored on MST systems and how to delete, access, or exercise other choices about end user data will depend on which MST products and services you are using and how you are using them. For that reason, the documentation for each of our products and services, along with Customer policies, are the best place to find more detailed information about managing end user data collected and stored in connection with your use of our products and services, as well as the particular data retention periods for your use case.

As an MST customer, if the MST product or service you use enables you to store records of your usage on MST, including personal information contained within those records, and you choose to do so, then MST will retain these records for as long you instruct. In some cases, use of extended storage may cost more. If you later instruct us to delete those records, we will do so. Please note that it may take up to 30 days for the data to be completely removed from all systems. In some cases, a copy of those records, including the personal information contained in them, may nonetheless be retained to carry out necessary functions like billing, invoice reconciliation, troubleshooting, and detecting, preventing, and investigating spam, fraudulent activity, and network exploits and abuse. Sometimes legal matters arise that also require us to preserve records, including those containing personal information. These matters include litigation, law enforcement requests, or government investigations. If we have to do this, we will delete the impacted records when no longer legally obligated to retain them. We may, however, retain or use records after they have been anonymized, if the law allows.

When and Why We Share Your Personal Information or Your End Users Personal Information

We do not sell or allow your Customer Account Data to be used by third parties for their own marketing purposes, unless you ask us to do this or give us your consent to do this. Further, we do not sell your end users personal information. We also do not share it with third parties for their own marketing or other purposes, unless you instruct us to do so.

Below are the different scenarios under which we may share your data with third parties.

Other communications service providers for proper routing and connectivity. MST also enables sending or receiving communications through communications service providers. If you choose to use MST to send or receive communications by way of these providers, MST will share communications data with these providers as necessary to route and connect those communications from the sender to the intended recipient. How those communications service providers handle this data is determined by their own policies.

Third-party service providers or consultants. MST engages certain third-party service providers to carry out certain data processing functions on our behalf. These providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances they will appropriately safeguard the data. In addition, MST may use service providers to help us detect potentially fraudulent or malicious accounts or customer activity. These providers may use machine learning as part of its service and certain Customer Account Data MST shares with them may be used in building machine learning models to help detect potential fraud or malicious activity that not only benefits MST, but other customers as well.

Sub-processors. We may share Customer Content with sub-processors who assist in providing the MST services, like our infrastructure provider, or as necessary to provide optional functionality like communications. An up-to-date list of MST's sub-processors is located here.

Compliance with Legal Obligations. We may disclose your or your end users personal information to a third party if (i) we reasonably believe that disclosure is compelled by applicable law, regulation, legal process, or a government request (including to meet national security, emergency services, or law enforcement requirements), (ii) to enforce our agreements and policies, (iii) to protect the security or integrity of our services and products, (iv) to protect ourselves, our other customers, or the public from harm or illegal activities, or (v) to respond to an emergency which we believe in good faith requires us to disclose data to assist in preventing a death or serious bodily injury. If MST is required by law to disclose any personal information of you or your end user, we will notify you of the disclosure requirement, unless prohibited by law. Further, we object to requests we do not believe were issued properly.

Other MST Group Entities. We may share your personal information or your end users personal information within the MST group of companies, such as with a subsidiary of MST, LLC. We and our subsidiaries will only use the information as described in this notice.

Business transfers. If we go through a corporate sale, merger, reorganization, dissolution or similar event, data we gather from you may be part of the assets transferred or shared in connection with the due diligence for any such transaction. In that situation, and that situation only, we might transfer your data in a way that constitutes a sale under applicable law. If we do, we ll let you know ahead of time, and any acquirer or successor of MST may continue to process data consistent with this notice.

Aggregated or de-identified data. We might also share data with third parties if the data has been de-identified or aggregated in a way so it cannot be used to identify you or your end users.

If you re a Californian interested in what personal information we have shared lately for our business purposes, here s a list:

Identifiers

Commercial information

Internet or other electronic activity information

Geolocation information

Professional or employment information

By our business purposes, we mean that we only share personal information as we describe in this section (in other words, with telephony operators, communications providers, and so on).

Transfers of Personal Information Out of the EEA and Switzerland

When you use our account portal, or our other products and services, personal information of you and your end users processed by MST will be transferred to the United States, where our primary processing facilities are located, and possibly to other countries where we or our service providers operate. These transfers will often be made in connection with routing your communications in the most efficient way.

MST employs appropriate safeguards for cross-border transfers of personal data, as required by applicable local law, including Standard Contractual Clauses.

While MST relies on strong transfer mechanisms to protect the data we transfer across borders, we understand that data transfer mechanisms do not operate in a vacuum. MST has taken to safeguard our customers' personal data. Standard Contractual Clauses. MST relies on the European Union Model Clauses, also known as Standard Contractual Clauses to transfer personal information outside the EEA and Switzerland.

MST's Data Protection Addendum. For more information about our cross-border data transfer mechanisms, please see the Data Protection Addendum which is part of your agreement with us. We provide this DPA by default, as an additional layer of protection for all our customers.

Data Collection and Email

For the most part, the SendGrid services collect the same data the MST services collect, and for the same reasons. The SendGrid services also collect some additional data in the form of web beacons placed in the body of emails delivered using the SendGrid platform. This allows us to keep track of whether or not an email has been delivered, opened, clicked on, whether it bounced or was treated as spam.

Automated Decision Making

MST may use automated decision making using a variety of signals derived from account activity to help identify and suspend accounts sending spam or engaged in other abusive or fraudulent activity. Holders of accounts suspended under these circumstances are notified of the suspension and given an opportunity to request human review of the suspension decision.

Handling disputes relating to our data protection practices

We hope we can resolve any disputes relating to our data protection practices between us. You can raise your concern or dispute by emailing our Privacy Team at [email protected] or by writing to us at: MST, One Maritime Plaza, Fifth Floor, 720 Water Street, Toledo, Ohio 43604.

For individuals in the EEA, you have additional rights to make a complaint to a competent data protection authority or commence proceedings in a court of competent jurisdiction in accordance with applicable data protection laws.

If you have a dispute with us relating to our data protection practices, please contact us by email at [email protected].

If we can t resolve the dispute through those channels and you are not in the EEA or Switzerland, the American Arbitration Association (http://www.adr.org) will conduct the dispute resolution proceedings. Please be sure to review our Terms of Service, before you use any of our products and services.

For those in the EEA or Switzerland, if you have a dispute with us relating to our data protection practices or are not satisfied with how we ve addressed your concerns or questions, you may complain to an independent dispute resolution provider, at no cost to you. If you are a resident of the EEA, you also have the right to lodge a complaint with your local data protection authority or the Data Protection Commissioner in Ireland (where our EEA headquarters are based). Irish Data Protection Commissioner Officer of the Data Protection Commissioner Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland Phone: +353 57 868 4757 Fax: +353 57 868 4757 Email: [email protected]

How We Secure Personal Information

We use appropriate technical and organizational measures to protect the security of your personal information both online and offline. These measures vary based on the sensitivity of the personal information we collect, process and store and the current state of technology. We also take measures to ensure service providers that process personal data on our behalf also have appropriate security controls in place.

Please note that no service is completely secure. While we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.

To protect the confidentiality of your account and protect from unauthorized use of your account, we require enabling two-factor authentication for your account. Additionally, you must keep your account password and Auth Token confidential and not disclose them publicly or to unauthorized individuals this includes accidentally distributing them in a binary or checking them into source control. Please let us know right away if you think your password or Auth Token was compromised or misused.

Other Information You May Find Useful

Here s some other information about our privacy practices, such as how we handle certain types of data like children s data or protected health information, how we handle do-not-track signals, what to expect if we make changes to our notice, and the legal bases for processing personal information.

Information from Children

We do not knowingly permit children (under the age of 13 in the US or 16, if you live in the EEA) to sign up for an MST account. If we discover someone who is underage has signed up for a MST account, we will take reasonable steps to promptly remove that person s personal information from our records. If you believe a person who is underage has signed up for a MST account, please contact us at [email protected].

Do-Not-Track Signals

MST does not currently respond to web browser s Do-Not-Track signals.

Changes to Our Privacy Notice

We may change our Privacy Notice from time to time. If we make changes, we ll revise the Effective date at the top of this notice, and we may provide additional notice such as on the MST website homepage, account portal sign-in page, or via the email address we have on file for you. We will comply with applicable law with respect to any changes we make to this notice and seek your consent to any material changes if this is required by applicable law. Legal Basis for Processing Personal Information (EEA only)

If you are from the EEA, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you only where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms, or where we have your consent to do so. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person such as in the case where we request personal information from you in the context of a government audit or in response to a request from law enforcement.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact information provided in the introduction section of this privacy statement.

 

Terms of Service

These Terms of Service are effective immediately if you create your account on or after April 15, 2026. If you have an existing account or previously agreed to a version of our Terms of Service before April 15, 2026, these Terms of Service will be effective as soon as allowable under the terms of your prior agreement and will completely replace any prior version of these Terms of Service to which you agreed. Please be aware that your continued use our services after May 15, 2026 constitutes your acceptance of these Terms of Service.

PLEASE REVIEW THESE TERMS CAREFULLY. ONCE ACCEPTED, THESE TERMS BECOME A BINDING LEGAL COMMITMENT BETWEEN YOU AND MST. IF YOU DO NOT AGREE TO BE BOUND BY THESE TERMS, YOU SHOULD NOT ACCEPT THESE TERMS, CREATE AN ACCOUNT, OR USE THE SERVICES (AS DEFINED BELOW). THE SERVICES ARE INTENDED FOR BUSINESS USE ONLY. IMPORTANT NOTES:

-THESE TERMS LIMIT OUR LIABILITY TO YOU. For more details, go to Section 10.

-IN ADDITION, DISPUTES RELATED TO THESE TERMS OR THE SERVICES GENERALLY MUST BE RESOLVED BY A DISPUTE RESOLUTION PROCESS WHICH MAY LEAD TO BINDING ARBITRATION. For more details, go to Section 13.8.

In these Terms of Service (referred to as these Terms or this Agreement ), the terms you , your , or Customer refer to you. If you are creating an account in order to use the Services on behalf of an organization, then you are agreeing to these Terms for that organization and promising to us that you have the authority to bind that organization to these Terms (and, in which case, the terms you , your , or Customer refer to that organization). The exception to this is if that organization has a separate written agreement with us covering the use of the Services, in which case that agreement will govern such use. The terms we , us, our or MST refer to MacMillan, Sobanski & Todd, LLC, an Ohio corporation, with a place of business at One Maritime Plaza, Fifth Floor, 720 Water Street, Toledo, Ohio 44685. MST or Customer may also be referred to individually as party and together as parties in these Terms. To be eligible to create an account in order to use the Services, you must review and accept these Terms.

When we refer to the Services in these Terms, we mean all products and services provided by us or our Affiliates, as applicable, that are (a) used by you, including, without limitation, products and services that are on a trial basis or otherwise free of charge or (b) ordered by you. The Services may include products and services that provide both (x) platform services, including access to any application programming interface and (y) where applicable, communications services.

The Services includes but may not be limited to an intellectual property management system ( Application ), which may be specified in a Customer Engagement, Agreement, or Addendum, which MST has licensed from another vendor that will be accessed by Customer or its Users pursuant to this Agreement.

The Services includes all services as defined in the Data Protection Addendum available at trust.mstipmanager.com ( Data Protection Addendum ) or in an executed Customer specific DPA. Any capitalized term used but not defined in this Agreement will have the meaning given to it in either a Customer Addendum or the Data Protection Addendum.

When we refer to an Affiliate in these Terms, we mean any entity that directly or indirectly controls or is controlled by, or is under common control with, the party specified. For purposes of this definition, control means direct or indirect ownership of more than fifty percent (50%) of the voting interests of the subject entity.

1. Changes to These Terms

These terms might change. But we ll let you know before we make any significant changes that impact you or your use of our services. We ll let you know 30 days in advance unless we can t because of changes in laws, regulations, or carrier requirements. The updated version of these terms will be posted at trust.mstipmanager.com.

If you keep using our services after these terms have changed and gone into effect, that means you have accepted those changes and they re binding on you. If you don t agree with the changed terms, you must stop using our services immediately.

We may update these Terms from time to time. We will provide you with prior written notice of any material updates at least thirty (30) days in advance of the effective date; provided, however, we may not be able to provide at least thirty (30) days prior written notice of material updates to these Terms that result from changes in laws, regulations, or requirements from telecommunications providers. The updated version of these Terms will be available at trust.mstipmanager.com.

Notices for material updates to these Terms will be given in accordance with Section 13.5 (Notices). Except as otherwise specified by us, updates will be effective and binding upon the date indicated at the top of these Terms. The updated version of these Terms will supersede all prior versions.

Following such notice, your continued use of the Services on or after the date the updated version of these Terms is effective and binding constitutes your acceptance of such updated Terms. If you do not agree to the updated version of these Terms, you must stop using the Services immediately.

2. Account Creation and Information

If you want to use our services, you need to create an account. To create an account, you need to give us some information about yourself. The information you provide must be true and kept up to date.

If you violate these terms, you are not allowed to create new accounts until you fix the violation.

To use the Services, you will be asked to create an account. As part of the account creation process, you ll be asked to provide your email address, create a password, and verify that you are a human being by providing a telephone number to which we will send you a verification code to enter into an online form. When creating an account, you must provide true, accurate, current, and complete information about yourself as requested during the account creation process. You must keep that information true, accurate, current, and complete after you create each account. If you breach these Terms, including, without limitation, your payment obligations in Section 6 (Fees and Payment Terms), you are strictly prohibited from creating new accounts until you remedy such breach in full.

3. Provision of the Services

We want to make our services available for you to use 24/7, but things happen that occasionally make our services unavailable. Please see our service level agreement (SLA) for details.

3.1 Our Responsibilities.

We will (a) make the Services available to you in accordance with these Terms, the documentation included within the Services ( Documentation ), and any applicable ordering document between the parties that specifies mutually agreed upon commercial terms; (b) comply with our Service Level Agreement for the Services ( SLA ) and our Security Policy for the Services, each of which may be updated from time to time; (c) provide the Services in accordance with laws applicable to our provision of the Services to our customers generally (i.e. without regard for your particular use of the Services), subject to your use of the Services in accordance with these Terms and the applicable Documentation; (d) make commercially reasonable efforts to use industry standard measures designed to scan, detect, and delete code, files, scripts, agents, or programs intended to do harm, including, for example, viruses, worms, time bombs and Trojan horses; (e) if applicable, use trained, qualified personnel to provide the Services; and (f) use commercially reasonable efforts to provide you with applicable support for the Services. The Documentation includes the policies, procedures, user manuals, operator instructions, specifications, and other documentation and communications related to the Services and Application supplied to Customer or MST or supplied by MST to Customer in any format, including paper and electronic. You have the choice to use our beta offerings (e.g., services that are in alpha, beta, limited release, etc.), but you don t have to. These are not generally available, and they may have bugs or defects.

3.2 Beta Offerings.

From time to time, we may make Services that are identified as alpha, beta, not generally available, limited release, developer preview, or any similar Services offered by us (collectively, Beta Offerings ) available to you. You may choose to use a Beta Offering in your sole discretion. We may discontinue a Beta Offering at any time, in our sole discretion, or decide not to make a Beta Offering generally available.

We can suspend our services to you for several reasons:

(a) You or your end users violate these terms, including our Acceptable Use Policy;

(b) You send fraudulent traffic using our services or your use of our services negatively impacts the operation of our services;

(c) Legal or regulatory conditions make it impractical for our services to operate;

(d) Your use or your end users' use threatens the security or operability of our services; or

(e) Your information in your account isn t true, accurate, or complete.

We also won t be liable for any consequences that result from the suspension of our services.

3.3 Suspension of Services.

We may suspend the Services immediately upon notice to you for cause if, we in good faith, determine:

(a) that you or an End User (as defined below) materially breaches (or we, in good faith, believe that you or an End User has materially breached) any provision of these Terms or our Acceptable Use Policy;

(b) there is an unusual and material spike or increase in your use of the Services and that such traffic or use is fraudulent or materially and negatively impacting the operating capability of the Services;

(c) that our provision of the Services is prohibited by applicable law or regulation;

(d) there is any use of the Services by you or an End User that in our judgment threatens the security, integrity, or availability of the Services; or

(e) that information in your account is untrue, inaccurate, or incomplete. You remain responsible for the Fees (as defined below).

If we suspend the Services pursuant to this Section 3.3 or Section 6.3 (Fees and Payment Terms), we will have no liability for any damage, liabilities, losses (including any loss of data or profits), or any other consequences that you may incur in connection with any such suspension.

3.4 Changes to the Services.

The features and functions of the Services and our SLA, may change over time; provided, however, we will not materially decrease the overall functionality of the Services. It is your responsibility to ensure Customer Data is compatible with the then-current Services. Although we try to avoid making changes to the Services that are not backwards-compatible, if any such changes become necessary, we will use reasonable efforts to let you know at least sixty (60) days prior to implementation. In the event we make a non-backwards compatible change to a MST Services and such change materially and negatively impacts your use of the Services ( Adverse Change ), (a) you will notify us of the Adverse Change and (b) we may agree to work with you, in our sole discretion, to resolve or otherwise address the Adverse Change, except where we, in our sole discretion, have determined that an Adverse Change is required for security reasons, by telecommunications providers, or to comply with applicable law or regulation.

4. Your Responsibilities

Some dos and don ts to keep in mind when using the services:

(a) You re responsible for all use of our services under your account, including your data;

(b) You won t transfer, resell, or make available to third parties our services, except to your end users as necessary to utilize the Services and Application for your business purposed;

(c) You'll use our services in accordance with these terms, our Acceptable Use Policy, and any laws or regulations;

(d) You ll be responsible for your end users' acts, omissions, and activities;

(e) You'll prevent unauthorized access to or use of our services;

(f) You ll cooperate during information requests; and

(g) You ll comply with your promises in Section 8 (Representations, Warranties, and Disclaimer).

We have no liability for any unauthorized use under your account.

If you re-assign your account to a third-party reseller or other party, you are still responsible for your obligations under these terms.

You will:

(a) be solely responsible for all use of the Services and Documentation under your account, including the quality and integrity of any data and other information made available to us by or for you through the use of the Services under these Terms ( Customer Data );

(b) not transfer, resell, lease, license, or otherwise make available the Services to third parties (except to make the Services available to End Users in connection with the use as permitted under these Terms) or offer them on a standalone basis;

(c) use the Services only in accordance with these Terms, our Acceptable Use Policy, the applicable Documentation and applicable law or regulation;

(d) be solely responsible for all acts, omissions, and activities of anyone who accesses or otherwise uses any Customer Application ( End User ), including End Users compliance with these Terms, our Acceptable Use Policy, the applicable Documentation and applicable law or regulation;

(e) do your best to prevent unauthorized access to or use of the Services and notify us promptly of any such unauthorized access or use;

(f) provide reasonable cooperation regarding information requests from law enforcement, regulators, or telecommunications providers; and (g) comply with the representations and warranties you make in Section 8 (Representations, Warranties, and Disclaimer);

(g) ensure that no cardholder information, personal banking, financial information, nor special or sensitive personal data is transmitted to us or via our Services as part of the provided services.

We will not be liable for any loss or damage arising from unauthorized use of your account.

If you are the party that accepted these Terms and you re-assign your account to a third-party reseller for administration purposes, such account re-assignment will not excuse your obligations under these Terms. Your use of the Services will continue to be subject to these Terms.

5. Affiliates

Your affiliates (namely a parent company or a subsidiary that your company controls) are not permitted to use our services under these terms unless agreed to by all parties. Each of your affiliates must create its own account and accept and agree to these terms.

5.1 Your Affiliates.

Your Affiliates are not permitted to use the Services under these Terms that you accepted unless agreed to by all parties. Each of your Affiliates that wants to use the Services must accept these Terms and the Terms of all other agreement between MST and Customer.

5.2 Our Affiliates.

Our Affiliates may provide the Services, or a portion thereof, to you in accordance with these Terms. We will (a) be responsible for the Services our Affiliates provide and (b) not be relieved of our obligations under these Terms if our Affiliates provide the Services or a portion thereof. We will enforce these Terms relating to the Services our Affiliates provide.

6. Service Fees and Payment Terms

6.1 Service Fees.

Service Fees will be charged for the continued use of your account and any services that you use in accordance with the Service Fees detailed in the Customer Addendum to Terms of Service.

Additionally, we will charge you, and you will pay, in accordance with Section 6.2 (Payment Terms), any and all additional costs, fines, or penalties we incur from a governmental or regulatory body or telecommunications provider as a result of your use of the Services.

6.2 Payment Terms.

Payment obligations are non-cancelable and fees, Taxes, and Communications Surcharges (collectively, "Fees") once paid, are non-refundable.

6.2.1 Invoicing Payment Terms.

If you elect to receive invoices and we approve you for the same, invoices will be sent to you each month. You will pay the Fees due within sixty(60) days of the date of the invoice.

If you ever think that we charged you the wrong amount and you want to dispute it, then let us know, in writing, within 60 days of the billing date for the charge in question. You have to be reasonable when disputing a charge. You must be acting in good faith and cooperating with us to resolve the dispute. Payment terms and conditions may be altered by specific Customer Engagements, Agreements, Addendums.

6.3 Payment Disputes.

You will notify us in writing within twenty (20) days of the date we bill you for any Fees that you wish to dispute. You may withhold the disputed Fees until the dispute is resolved. Where you are disputing any Fees, you must act reasonably and in good faith and will cooperate diligently with us to resolve the dispute. We will not charge you a late fee or suspend the provision of the Services for unpaid Fees that are in dispute, unless you fail to cooperate diligently with us or we determine your dispute is not reasonable or brought in good faith.

7. Ownership, Customer Data, and Confidentiality

What s ours is ours, including our services, the documentation, our confidential information, data that is derived from the use of our services that does not identify or no longer identifies you, your end users, or any natural person, and any feedback you or your end users have about our services. What s yours is yours, including your confidential information and your data.

7.1 Ownership.

As between the parties, we exclusively own and reserve all right, title, and interest in and to the Services, the Documentation, our Confidential Information (as defined below), and any data that is derived from the use of the Services that does not directly or indirectly identify you, End Users, or any natural person and includes (a) data such as volumes, frequencies, bounce rates and Service performance data and (b) subject to any restrictions under applicable laws, data that is anonymized, de-identified, and/or aggregated such that it could no longer directly or indirectly identify you, End Users, or any natural person, and any feedback or suggestions provided by you or an End User regarding the Services. As between the parties, you exclusively own and reserve all right, title, and interest in and to your Confidential Information and Customer Data, subject to our rights to process Customer Data in accordance with these Terms.

We or our affiliates can use and disclose any data that you provide to us in order to provide you with our services according to our promises in these terms and the terms of our Data Protection Addendum and our Privacy Notice.

If you do not agree with our Data Protection Addendum and our Privacy Notice, you must stop using our services immediately.

7.2 Customer Data.

You grant us and our Affiliates the right to process Customer Data as necessary to provide the Services in a manner consistent with these Terms, our Data Protection Addendum, and our Privacy Notice and all other agreements between MST and Customer. If you do not agree with the terms of our Data Protection Addendum or our Privacy Notice, you must stop using the Services immediately.

7.2.1 Customer Data Responsibility. Customer will be solely responsible for creating and modifying Customer Data. MST will have no responsibility for assisting Customer in creating, modifying, or inputting the Customer Data unless otherwise agreed to by the Parties in writing.

Neither party will tell anyone else about or use the confidential information that it got from the other party, except as agreed to in these terms.

7.3 Confidentiality

7.3.1 Definition. Confidential Information means any information or data, regardless of whether it is in tangible form, disclosed by either party ( Disclosing Party ) to the other party ( Receiving Party ) that is marked or otherwise designated as confidential or proprietary or that should otherwise be reasonably understood to be confidential given the nature of the information and the circumstances surrounding disclosure, including, without limitation, Customer Data, security reports and attestations, audit reports, customer lists, pricing, concepts, processes, plans, designs and other strategies, know how , financial, and other business and/or technical information and materials of Disclosing Party and its Affiliates. Confidential Information does not include any information which: (a) is publicly available through no breach of these Terms or fault of Receiving Party; (b) was properly known by Receiving Party, and to its knowledge, without any restriction, prior to disclosure by Disclosing Party; (c) was properly disclosed to Receiving Party, and to its knowledge, without any restriction, by another person without breach of Disclosing Party s rights; or (d) is independently developed by Receiving Party without use of or reference to the Confidential Information of Disclosing Party.

7.3.2 Use and Disclosure. Except as otherwise authorized by Disclosing Party in writing, Receiving Party will not (a) use any Confidential Information of Disclosing Party for any purpose outside of exercising Receiving Party s rights or fulfilling its obligations under these Terms and (b) disclose or make Confidential Information of Disclosing Party available to any party, except to its, its Affiliates , and their respective employees, legal counsel, accountants, contractors, and in our case, subcontractors (collectively, Representatives ) who have a need to know as necessary for Receiving Party to exercise its rights or fulfill its obligations under these Terms. Receiving Party is responsible for its Representatives compliance with this Section 7.3. Representatives will be legally bound to protect Confidential Information of Disclosing Party under terms of confidentiality that are at least as protective as the terms of this Section 7.3. Receiving Party will protect the confidentiality of Confidential Information of Disclosing Party using the same degree of care that it uses to protect the confidentiality of its own confidential information but in no event less than reasonable care. Notwithstanding the foregoing, you may disclose our SOC2 or similar report, which will constitute our Confidential Information, only to an End User or an End User s employee or contract worker who has a need to know for such SOC2 or similar report and is legally bound to terms of confidentiality that are at least as protective as the terms of this Section 7.3.

Either party may disclose the confidential information it got from the other party if required by a law, regulation, subpoena, or a court order, if the parties fulfill certain conditions, such as providing notice (if legally allowed) and reasonable cooperation.

7.3.3 Compelled Disclosure. Receiving Party may disclose Confidential Information of Disclosing Party if so required pursuant to a regulation, law, subpoena, or court order (collectively, Compelled Disclosures ), provided Receiving Party gives Disclosing Party notice of a Compelled Disclosure (to the extent legally permitted). Receiving Party will provide reasonable cooperation to Disclosing Party in connection with a Compelled Disclosure at Disclosing Party s sole expense.

Money alone may not be enough to make either party whole if the other party breaks its promise of confidentiality. So, the parties can seek other remedies (like gag orders), if needed.

7.3.4 Injunctive Relief. The parties expressly acknowledge and agree that no adequate remedy may exist at law for an actual or threatened breach of this Section 7.3 and that, in the event of an actual or threatened breach of the provisions of this Section 7.3, the non-breaching party will be entitled to seek immediate injunctive and other equitable relief, without waiving any other rights or remedies available to it.

8. Representations, Warranties, and Disclaimer

You promise that you are only giving us any data for which you ve given required notices and gotten required permissions, including in a manner as required by law or regulation. In addition, we will only use and disclose this data according to Section 7.2 (Customer Data) above.

8.1 Customer Data.

You represent and warrant that you have provided, and will continue to provide, adequate notices and have obtained, and will continue to obtain, the necessary permissions and consents to provide Customer Data to us for use and disclosure pursuant to Section 7.2 (Customer Data).

8.2 Services.

We represent and warrant that the Services perform materially in accordance with the applicable Documentation, except for the Application which is provided as is. Our sole obligation, and your sole and exclusive remedy, in the event of any failure by us to comply with this Section 8.2 will be for us to, at our option, (a) remediate any material non-conformity or (b) refund to you the Fees you actually paid for the time period during which the affected Services do not comply with this Section 8.2.

Each party swears to follow anti-corruption, anti-money laundering, economic and trade sanctions, export controls, and other international trade laws, regulations, and government orders. Each party also swears that it, or its organization, is not on any government sanctions or restricted party lists of people and organizations that companies like MST are not allowed to do business with.

8.3 Anti-Corruption and International Trade Laws.

Each party (a) warrants that it will conduct business in accordance with all applicable anti-corruption, anti-money laundering, economic and trade sanctions, export controls, and other international trade laws, regulations, and governmental orders (collectively, Anti-Corruption and Trade Laws ) in the jurisdictions that apply directly or indirectly to the Services, including, without limitation, the United States and (b) represents that it has not made, offered, promised to make, or authorized any payment or anything of value in violation of Anti-Corruption and Trade Laws. You will promptly notify us in writing of any actual or potential violation of Anti-Corruption and Trade Laws in connection with the use of the Services and take all appropriate steps to remedy or resolve such violations, including any steps requested by us. You represent that you have obtained and warrant that you will continue to obtain all licenses or other authorizations required to export, re-export, or transfer the Services. Each party represents that it (and, in your case, also End Users) is not on any government prohibited, denied, unverified-party, sanctions, debarment, or exclusion list or export-controlled related restricted party list (collectively, Sanctions Lists ). You will (a) immediately discontinue your use of the Services if you are placed on any Sanctions List and (b) remove an End User s access to the Services if such End User becomes placed on any Sanctions List. You represent that you have not and warrant that you will not export, re-export, or transfer the Services to an entity on any Sanctions List without prior authorization from the applicable governmental authority. Notwithstanding anything to the contrary in this Agreement, either party may terminate this Agreement immediately upon written notice to the other party if the other party is in breach of its obligations in this Section 8.3. If your account is blocked because it is operating in a country or region prohibited under this Section 8.3, you will receive notice of your account being inoperable when you attempt to log into your account in such prohibited country or region.

Except for any of our explicit warranties in this Section 8, we are offering our services as is. You also understand that we are not responsible if anything happens to your data outside of our network or for anything that happens because of your use of our beta offerings, and we won t indemnify for them either.

8.4 DISCLAIMER.

WITHOUT LIMITING A PARTY S EXPRESS WARRANTIES AND OBLIGATIONS UNDER THESE TERMS, AND EXCEPT AS EXPRESSLY PROVIDED IN THIS SECTION 8, THE SERVICES ARE PROVIDED AS IS, AND WE MAKE NO WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, AND WE SPECIFICALLY DISCLAIM ALL IMPLIED WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT TO THE FULLEST EXTENT PERMITTED BY LAW. WE ADDITIONALLY DISCLAIM ALL WARRANTIES RELATED TO THIRD PARTY TELECOMMUNICATIONS PROVIDERS. YOU ACKNOWLEDGE THE INTERNET AND TELECOMMUNICATIONS PROVIDERS NETWORKS ARE INHERENTLY INSECURE. ACCORDINGLY, YOU AGREE WE ARE NOT LIABLE FOR ANY CHANGES TO, INTERCEPTION OF, OR LOSS OF CUSTOMER DATA WHILE IN TRANSIT VIA THE INTERNET OR A TELECOMMUNICATIONS PROVIDER S NETWORK. BETA OFFERINGS ARE PROVIDED AS IS AND AS AVAILABLE WITH NO WARRANTIES WHATSOEVER, AND WE WILL HAVE NO LIABILITY AND NO OBLIGATION TO INDEMNIFY FOR ANY BETA OFFERING WHATSOEVER.

9. Mutual Indemnification

9.1 Indemnification by Us.

9.1.1 Scope of Indemnification.

We will defend you from and against any claim, demand, suit, or proceeding made or brought against you by a third party alleging that our provision of the Services infringes or misappropriates such third party s intellectual property rights ( Infringement Claim ) except claims arising from use of the Application. Application is provided as is. We will indemnify you from any damages, fines or penalties imposed by a government or regulatory body, attorneys fees, and costs awarded against you or for settlement amounts approved by us for an Infringement Claim.

If we think our services may violate someone else s intellectual property rights, then we may try to obtain the right for us to continue to provide our services or modify our services so they are no longer infringing. If we are unable to do either, then we may terminate these terms, close your account, and refund you any unused pre-paid fees.

9.1.2 Infringement Options.

If our provision of the Services has become, or in our opinion is likely to become, the subject of any Infringement Claim, we may at our option and expense: (a) procure the right to continue providing the Services as set forth in these Terms; (b) modify the Services to make them non-infringing; or (c) if the foregoing options are not reasonably practicable, terminate these Terms, or, if applicable, terminate the Services that are the subject of any Infringement Claim, and refund you any unused pre-paid fees.

There are limits on what we indemnify you for. We will not pay for any fines, damages, or costs for:

(a) A claim that was filed because you violated these terms;

(b) Any intellectual property infringement claim that arises from your use of our services in combination with other applications, products, or services; or

(c) Any of our services that are free of charge.

9.1.3 Limitations.

We will have no liability or obligation under this Section 9.1 with respect to any Infringement Claim (a) arising out of your use of the Services in breach of these Terms; (b) arising out of the combination, operation, or use of the Services with other applications, portions of applications, products, or services where the Services would not by themselves be infringing; (c) arising from Services for which there is no charge or arising from use of the Application.

If someone comes after us for:

(a) You or your end users' violation of Section 4 (Your Responsibilities), or

(b) Something related to your software applications or services, then you have to fight those fights and cover the fines, damages, or costs awarded by a court or approved by you as part of a settlement.

9.2 Indemnification by You.

You will defend us, our officers, directors, employees, and Affiliates (collectively, MST Indemnified Parties ) from and against any claim, demand, suit, or proceeding made or brought against a MST Indemnified Party by a third party alleging or arising out of (a) your or any End Users breach of Section 4 (Your Responsibilities) or (b) your or any End Users' use of Services in combination with other products or services not included in Services, infringes or misappropriates such third party s intellectual property rights (collectively, Customer Indemnifiable Claims ). You will indemnify us from any damages, fines or penalties imposed by a government or regulatory body, attorneys fees, and costs awarded against a MST Indemnified Party or for settlement amounts approved by you for a Customer Indemnifiable Claim.

If either party wants to be indemnified by the other for a particular claim, then the party requesting indemnification needs to do certain things namely give notice of the claim, cooperate, and let the party providing the indemnification handle the defense or settlement of the claim. If these things are not done, then the other party may not have to provide the requested indemnification. See the legal language to the right for what is specifically required.

9.3 Conditions of Indemnification.

As a condition of the foregoing indemnification obligations: (a) the indemnified party ( Indemnified Party ) will promptly notify the indemnifying party ( Indemnifying Party ) of any Infringement Claim or Customer Indemnifiable Claim (individually and collectively referred to as a Claim ); provided, however, any failure to give such prompt notice will not relieve Indemnifying Party of its obligations under this Section 9 except to the extent that Indemnifying Party was actually and materially prejudiced by such failure; (b) Indemnifying Party will have the sole and exclusive authority to defend or settle any Claim; and (c) Indemnified Party will reasonably cooperate with Indemnifying Party in connection with Indemnifying Party s activities under this Section 9 at Indemnifying Party s expense. Indemnified Party reserves the right, at its own expense, to participate in the defense of any Claim. Notwithstanding anything to the contrary in this Section 9, Indemnifying Party will not settle any Claims for which it has an obligation to indemnify pursuant to this Section 9 admitting liability or fault on behalf of Indemnified Party, nor create any obligation on behalf of Indemnified Party, without Indemnified Party s prior written consent, which will not be unreasonably withheld, conditioned, or delayed.

9.4 Exclusive Remedy.

This Section 9 states Indemnifying Party s sole liability to, and Indemnified Party s exclusive remedy against, the other party for any third-party claims.

10. Limitation of Liability

Generally speaking, neither party owes the other party for any bad things that might indirectly result from our services or from a failure of a party to carry out its promises under these terms.

10.1 LIMITATION ON INDIRECT, CONSEQUENTIAL, AND RELATED DAMAGES.

IN NO EVENT WILL EITHER PARTY HAVE ANY LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS FOR ANY LOST PROFITS, REVENUES, GOODWILL, OR INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, COVER, LOST DATA, BUSINESS INTERRUPTION, OR PUNITIVE DAMAGES, WHETHER AN ACTION IS IN CONTRACT OR TORT AND REGARDLESS OF THE THEORY OF LIABILITY, EVEN IF A PARTY HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR IF A PARTY S REMEDY OTHERWISE FAILS OF ITS ESSENTIAL PURPOSE. THE FOREGOING DISCLAIMER WILL NOT APPLY TO THE EXTENT PROHIBITED BY LAW.

Generally speaking, any direct damages either party might owe to the other party cannot be more than the amount you ve paid (or should have paid) us in the previous 12-month period starting from when the first incident occurred for the specific services giving rise to the claim.

10.2 LIMITATION OF LIABILITY.

IN NO EVENT WILL THE AGGREGATE LIABILITY OF EITHER PARTY ARISING OUT OF OR RELATED TO THESE TERMS EXCEED THE AMOUNTS PAID OR PAYABLE BY YOU UNDER THESE TERMS FOR THE SERVICES GIVING RISE TO THE LIABILITY DURING THE TWELVE (12) MONTH PERIOD PRECEDING THE FIRST INCIDENT OUT OF WHICH THE LIABILITY AROSE. THE FOREGOING LIMITATION WILL APPLY WHETHER AN ACTION IS IN CONTRACT OR TORT AND REGARDLESS OF THE THEORY OF LIABILITY.

The only exceptions that apply to the limitations in Section 10.1 and Section 10.2 are indirect and direct damages for your violation of Section 4 (Your Responsibilities) or Section 6 (Fees and Payment Terms) or for the claims covered under Section 9 (Mutual Indemnification).

10.3 EXCEPTIONS TO THE LIMITATION OF LIABILITY.

NOTWITHSTANDING ANYTHING TO THE CONTRARY IN SECTION 10.1 (LIMITATION ON INDIRECT, CONSEQUENTIAL, AND RELATED DAMAGES) AND SECTION 10.2 (LIMITATION OF LIABILITY), THE LIMITATIONS IN SECTION 10.1 AND SECTION 10.2 DO NOT APPLY TO (a) YOUR BREACH OF SECTION 4 (YOUR RESPONSIBILITIES); (b) YOUR BREACH OF SECTION 6 (FEES AND PAYMENT TERMS); OR (c) AMOUNTS PAYABLE PURSUANT TO A PARTY S INDEMNIFICATION OBLIGATIONS UNDER SECTION 9 (MUTUAL INDEMNIFICATION).

THE PROVISIONS OF THIS SECTION 10 ALLOCATE THE RISKS PURSUANT TO THESE TERMS BETWEEN THE PARTIES, AND THE PARTIES HAVE RELIED ON THE LIMITATIONS SET FORTH IN THIS SECTION 10 IN DETERMINING WHETHER TO ENTER INTO OR OTHERWISE ACCEPT THESE TERMS.

11. Use of Marks

If you use our services, then we can use your company s name, logo, and description of how you use our services in marketing or promotional materials available to potential clients and partners according to your usage guidelines that you provide to us.

12. Term, Termination, and Survival

These terms become effective on the day you accept them and create an account to use our services.

12.1 Term.

These Terms, as may be updated from time to time, will commence on the date they are accepted by you and continue until terminated in accordance with Section 12.2 (Termination) ( Term ).

Either party may terminate these terms for any reason 30 days after informing the other party in writing. However, if there are any order forms in effect, you may not terminate these terms until those order forms have expired or been terminated.

Termination will result in the closure of all of your accounts.

12.2 Termination.

12.2.1 For Convenience.

Either party may terminate these Terms and close all of your accounts for any reason upon ninety (90) days written notice to the other party except as limited by any term definition or limitation in any Customer Engagement, Addendum or Agreement.

If you significantly violate these terms and don t fix the violation within 15 days of us telling you about the violation, then we may terminate these terms. Similarly, if we significantly violate these terms and don t fix the violation within 15 days of you telling us about the violation, then you may terminate these terms. Please note that your violation of our Acceptable Use Policy is considered a significant violation.

Termination will result in the closure of all of your accounts.

12.2.2 Material Breach.

We may terminate these Terms (including all Order Form(s)) and close all of your accounts in the event you commit any material breach of these Terms and fail to remedy such material breach within fifteen (15) days of the date we provide written notice of such material breach to you. For the avoidance of doubt, your breach of our Acceptable Use Policy, will be considered a material breach of these Terms. You may also terminate these Terms (including all Order Form(s)) in the event we commit a material breach of these Terms and fail to remedy such material breach within fifteen (15) days of the date you provide written notice of such material breach to us.

Either party may also terminate these terms by providing the other party with written notice if the other party goes bankrupt or fails to continue its business.

Termination will result in the closure of all of your accounts.

12.2.3 Insolvency.

Subject to applicable law, either party may terminate these Terms immediately and close all of your accounts by providing written notice in the event of the other party s liquidation, commencement of dissolution proceedings, or any other proceeding relating to a receivership, failure to continue business, assignment for the benefit of creditors, or becoming the subject of bankruptcy.

Some terms live on even after these terms end. That includes your payment obligations and the specific sections mentioned on the right.

12.3 Survival.

Upon termination of these Terms, the terms of this Section 12.3, and the terms of the following Sections will survive (i.e. still apply): Section 3.1(b) (regarding our Security Overview), Section 6 (Fees and Payment Terms), Section 7 (Ownership, Customer Data, and Confidentiality), Section 8.4 (Disclaimer), Section 9 (Mutual Indemnification), Section 10 (Limitation of Liability), and Section 13 (General).

13. General

Just because we don t enforce some part of these terms against you now doesn t mean we can t enforce them against you later. If the various documents that are referred to in these terms seem to be in conflict, we explain which documents will prevail over the other ones.

13.1 No Waiver and Order of Precedence.

No failure or delay by either party in exercising any right or enforcing any provision under these Terms will constitute a waiver of that right, provision, or any other provision. Any waiver must be in writing and signed by each party to be legally binding. Titles and headings of sections of these Terms are for convenience only and will not affect the construction of any provision of these Terms. In the event of any conflict or inconsistency among the following documents, the order of precedence will be: (1) the applicable Order Form, (2) these Terms, (3) our Acceptable Use Policy, (4) any other terms incorporated by reference herein, and (5) the applicable Documentation.

You cannot transfer these terms or any order forms to someone else or another party without our permission first. We can transfer these terms or any order forms to someone else or another party without your permission.

13.2 Assignment.

You will not assign, delegate, or otherwise transfer these Terms, in whole or in part, without our prior written consent. Any attempt by you to assign, delegate, or transfer these Terms without our consent will be null and void. We may assign, delegate, or otherwise transfer these Terms or any applicable Order Form(s), in whole or in part, without your consent. Subject to this Section 13.2, these Terms and any applicable Order Form(s) will be binding on each party and each party s successors and assigns.

These terms don t create any special relationship between the parties, like an employer-employee relationship, joint venture, or a partnership. Nothing will change that. Each party will be responsible for its own employees and agents.

13.3 Relationship.

Each party is an independent contractor in the performance of each and every part of these Terms. Nothing in these Terms is intended to create or will be construed as creating an employer-employee relationship or a partnership, agency, joint venture, or franchise. Each party will be solely responsible for all of its respective employees and agents and its respective labor costs and expenses arising in connection with its respective employees and agents. Each party will also be solely responsible for any and all claims, liabilities, damages, or debts of any type that may arise on account of each of its respective activities, or those of its respective employees and agents, in the performance of these Terms. Neither party has the authority to commit the other party in any way and will not attempt to do so or imply that it has the right to do so.

If any part of these terms is not enforceable, the rest of these terms will still be enforceable.

13.4 Severability.

If any provision of these Terms is held by a court or other tribunal of competent jurisdiction to be unenforceable, that provision will be limited or eliminated to the minimum extent necessary to make it enforceable and, in any event, the rest of these Terms will continue in full force and effect.

If you need to notify us, you must send notices via email to [email protected].

If we need to notify you, we ll notify you via email at the email address designated in your account or via your account portal.

13.5 Notices.

Notices to us under these Terms will be provided via email to [email protected]. Notices to you under these Terms will be provided via (a) email to the email address you designate in your account or (b) your account portal.

If either party can t keep its promises because something happens beyond its control (think earthquake, massive power outage, war, etc.), then that doesn t count as a violation of these terms.

13.6 Force Majeure.

No failure, delay, or default in performance of any obligation of a party will constitute an event of default or breach of these Terms to the extent that such failure to perform, delay, or default arises out of a cause, existing or future, that is beyond the control and without negligence of such party, including action or inaction of governmental, civil, or military authority, fire, strike, lockout, or other labor dispute, flood, terrorist act, war, riot, theft, earthquake, or other natural disaster. The party affected by such cause will take all reasonable actions to minimize the consequences of such cause.

If you re associated with a government entity, these terms apply to your use of our services.

13.7 Government Terms.

We provide the Services, including any related software and technology, for ultimate federal government end use solely in accordance with these Terms. If you (or any End Users) are an agency, department, or other entity of any government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Services, or any related documentation of any kind, including technical data, software, and manuals, is restricted by these Terms. All other use is prohibited and no rights other than those provided in these Terms are conferred. The Services were developed fully at private expense.

If is there is a dispute (except intellectual property disputes), the parties will escalate the dispute internally to see if it can be resolved. If it can t, the parties agree to go to binding arbitration in Toledo, Ohio, unless your legal residence is in the EEA, UK, or Switzerland, Andorra, or Vatican City, in which case we will go to binding arbitration in Dublin, Ireland.

13.8 Dispute Resolution.

In the event of a dispute, claim, or controversy arising out of or in connection with these Terms or the breach, termination, enforcement, interpretation, or validity thereof (other than for disputes, claims, or controversies related to the intellectual property of a party) (collectively, Disputes ), each party s senior representatives will engage in good faith negotiations with the other party s senior representatives to amicably resolve a Dispute. If parties are unable to resolve a Dispute within thirty (30) days after the first request to engage in good faith negotiations or within such other time period as the parties may agree to in writing, then either party may commence binding arbitration under JAMS Comprehensive Arbitration Rules and Procedures. The parties will share equally the fees and expenses of the JAMS arbitrator. The arbitration will be conducted by a sole arbitrator chosen by the mutual agreement of the parties or, failing that, by JAMS under its then prevailing rules. Judgment on the award rendered by the arbitrator may be entered in any court of competent jurisdiction. The arbitrator will have the authority to grant specific performance or any other equitable or legal remedy, including provisional remedies. Each party will be responsible for its own incurred expenses arising out of any dispute resolution procedure. Any arbitration proceedings will take place in (a) Toledo, Ohio if Customer is domiciled in any country outside of the European Economic Area or its regions or territories, the United Kingdom, Switzerland, Andorra, or Vatican City or (b) Dublin, Ireland if Customer is domiciled in any country within the European Economic Area or its regions or territories, the United Kingdom, Switzerland, Andorra, or Vatican City.

If the parties have a dispute, then Ohio laws will apply, unless your legal residence is in the EEA, UK, or Switzerland, Andorra, or Vatican City, in which case the laws of Ireland will apply. We definitely don t want to, but, if the parties have to go to court, then it will be in Toledo, Ohio if Ohio law applies or Dublin, Ireland if the laws of Ireland apply.

13.9 Governing Law and Venue.

Unless unenforceable under applicable law, these Terms will be governed by and interpreted in accordance with the laws of the applicable state or country identified below, without regard to conflicts of laws and principles that would cause the laws of another jurisdiction to apply. These Terms will not be governed by the United Nations Convention on Contracts for the International Sale of Goods. Except as provided in Section 13.8 (Dispute Resolution), any legal suit, action, or proceeding arising out of or related to these Terms or the Services will be instituted in the applicable courts identified below, and each party consents to the personal jurisdiction of these courts.

If Customer is domiciled in:	Governing law:	Courts with personal jurisdiction:
Any country outside of the European Economic Area or its regions or territories, the United Kingdom, Switzerland, Andorra, or Vatican City	State of Ohio	State or federal courts of Toledo, Ohio, United States of America
Any country within the European Economic Area or its regions or territories, the United Kingdom, Switzerland, Andorra, or Vatican City	Ireland	Courts of Dublin, Ireland

Neither party will bring a class action suit against the other party. If, for some reason, a court decides that this Section 13.10 isn t enforceable, then this Section 13.10 will go away.

13.10 Class Action Waiver.

Each party agrees that any Disputes between the parties must be brought against each other on an individual basis only. That means neither party can bring a Dispute as a plaintiff or class member in a class action, consolidated action, or representative action. An arbitrator cannot combine more than one person s or entity s Disputes into a single case and cannot preside over any consolidated class or representative proceeding. Each party agrees the arbitrator s decision or award in one person s or entity s case can only impact the person or entity that brought a Dispute and cannot impact or otherwise be used to decide Disputes with other people or entities, including other MST customers. If a court decides that this Section 13.10 is not enforceable or valid, then this Section 13.10 will be null and void. But, the rest of these Terms will still apply.

This is the only set of terms that governs the parties relationship. Any purchase order or other terms that you provide will not be binding or valid.

13.11 Entire Agreement.

Except as provided in these Terms and any exhibits or attachments, applicable Order Form(s), or other terms incorporated by reference into these Terms, these Terms supersede all prior and contemporaneous proposals, statements, sales materials, presentations, or agreements, oral and written. The parties agree that Section 7.3 (Confidentiality) hereby supersedes and prevails over all prior, contemporaneous, and future non-disclosure or confidentiality agreements between the parties in their entirety. No oral or written information or advice given by us, our agents, or our employees will create a warranty or in any way increase the scope of the warranties or obligations under these Terms. Any term or condition stated in your vendor registration form or registration portal or in any purchase order document or similar document provided by you will be construed solely as evidence of your internal business processes, and the terms and conditions contained thereon will be null and void and have no effect with regard to these Terms between the parties and be non-binding against us even if accepted or signed by us after the date you accept these Terms.

14. Additional Terms

These terms apply to you if your legal residence is in the EEA, UK, or Switzerland.

14.1 If you are domiciled in the European Economic Area (EEA), the United Kingdom, or Switzerland, nothing in these Terms will exclude or limit the liability of either party for (i) gross negligence or intentional misconduct of such party; (ii) death or personal injury caused by such party's negligence; (iii) fraud or fraudulent misrepresentation; or (iv) any other liability to the extent that the same may not be excluded or limited as a matter of applicable law. These terms apply to you if your legal residence is in Germany.

14.2 If you are domiciled in Germany, we warrant that the Services will operate in accordance with the applicable Documentation and will materially comply with any specifications contained the applicable Documentation. The parties agree that to the extent you are entitled to any statutory warranty rights, the applicable statutory warranty period is hereby reduced to twelve (12) months and any and all further warranties are excluded.

These terms apply to you if you are a microenterprise, small enterprise, or not for profit organization in the EEA or UK.

No further action is required on your part. As part of these updates, we have not changed your ability to use our services. You may continue to access your account and use our services as you always have.