This Master Services Agreement (the “Agreement” or “MSA”) is entered into by and between the parties identified below and is effective as of the Effective Date.
CompanyCA Solutions LLC, a Wyoming limited liability company (“CA Solutions,”
“Company,” “we,” “us,” or “our”)
Company Address30 N Gould St Ste R # 45751, Sheridan, Wyoming 82801, United States
Client Legal Name [CLIENT LEGAL NAME] , a [STATE/PROVINCE] [ENTITY TYPE] (“Client,” “you,” or “your”)
Client Address[CLIENT ADDRESS]
Effective Date[EFFECTIVE DATE]
Company Primary Contact[NAME, TITLE] · info@ca-solutions.group · +1 (716) 347-9866
Client Primary Contact[NAME, TITLE, EMAIL, PHONE]
Company Notice AddressCA Solutions LLC, 30 N Gould St Ste R # 45751, Sheridan, WY 82801, Attn:
Contracts · info@ca-solutions.group
Client Notice Address[CLIENT NOTICE ADDRESS, ATTN, EMAIL]
Related DocumentsStatements of Work; Change Orders; Data Processing Addendum (Exhibit B); Business
Associate Agreement (if executed); Order Forms; the Privacy Policy and AI Disclaimer published at ca-solutions.group
CA Solutions is a technology services firm that designs, builds, integrates, deploys, and supports websites and web applications, custom artificial-intelligence agents and chatbots, workflow orchestration, customer-relationship- management (CRM) and backend automation, secure retrieval-augmented generation (RAG) and knowledge systems, custom software, client portals and dashboards, communications automation, and related consulting, discovery, and support services for business clients in the United States and Canada. Client wishes to engage CA Solutions to provide certain of those services, and CA Solutions wishes to provide them, on the terms of this Agreement together with one or more Statements of Work. The parties therefore agree as follows.
Capitalized terms have the meanings given below or where first defined in this Agreement, a Statement of Work, or a Change Order.
“Agreement” means this MSA together with all Exhibits, Statements of Work, Change Orders, Order Forms, and addenda incorporated by reference. “Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with a party, where “control” means ownership of more than fifty percent (50%) of the voting equity or the power to direct management. “AI Systems” means artificial-intelligence and machine-learning components used or delivered under this Agreement, including generative models, large language models, embeddings and vector stores, classification, transcription, summarization, retrieval systems, agentic and tool-calling systems, chatbots, and third-party AI application programming interfaces (APIs). “Applicable Law” means all laws, statutes, regulations, rules, orders, and binding governmental guidance applicable to a party’s performance or receipt of the Services in the relevant jurisdiction, including the United States and Canada. “Authorized Users” means Client’s employees, contractors, and agents whom Client authorizes to access or use the Services or Deliverables. “Business Associate Agreement” or “BAA” means a separate agreement governing Protected Health Information under the U.S. Health Insurance Portability and Accountability Act (HIPAA), executed only if expressly agreed in a Statement of Work. “Change Order” means a written instrument executed under Section 7 that modifies the scope, schedule, fees, or other terms of a Statement of Work. “Client Data” means all data, records, content, and materials made available to CA Solutions by or on behalf of Client, including Client Input Data and Personal Information processed for Client. “Client Input Data” means documents, databases, prompts, files, CRM records, lead and contact lists, messages, business rules, and other materials Client submits for configuration, automation, analysis, migration, retrieval, AI processing, or software development. “Confidential Information” has the meaning in Section 12. “Deliverables” means the work product CA Solutions is engaged to create specifically for Client under a Statement of Work, as accepted under Section 17. “Documentation” means user, technical, or operational materials CA Solutions provides describing the Deliverables or their use. “Fees” means the amounts payable for the Services as set out in a Statement of Work, Order Form, or invoice, including one-time package fees, recurring maintenance and support fees, usage-based fees, and pass-through costs. “Force Majeure Event” has the meaning in Section 31. “Intellectual Property Rights” means all patent, copyright, trademark, trade-secret, database, moral, and other intellectual-property rights worldwide. “Personal Information” means information that identifies, relates to, describes, or could reasonably be linked to an identified or identifiable individual or household, as defined under Applicable Law (including “personal data” and “personal information” under U.S. state privacy laws and Canadian privacy laws). “Professional Services” means consulting, discovery, design, development, integration, configuration, deployment, training, and support services performed by CA Solutions.
“Regulated Data” means data subject to heightened legal protection, including Protected Health Information, payment- card data, consumer financial data, biometric identifiers, precise geolocation, government identifiers, children’s data, and similar categories. “Services” means the Professional Services, Deliverables, maintenance, support, and other services described in Section 5 and in each Statement of Work. “Statement of Work” or “SOW” means a written ordering document executed under Section 6 describing specific Services. “Subprocessor” means a third party engaged by CA Solutions to process Personal Information on Client’s behalf. “Third-Party Services” means software, platforms, APIs, models, hosting, and other services provided by third parties and used in connection with the Services.
This MSA states the general terms governing the relationship. Specific Services are ordered through SOWs and modified through Change Orders. If a conflict exists, the following order of precedence controls solely as to the conflicting term, unless a document expressly states that it overrides this MSA by referencing this Section:
CA Solutions will provide the Services described in each SOW, which may include any of the following.
5.1 Website and Web Application Services Design, development, configuration, migration, hosting coordination, and maintenance of marketing websites, landing pages, and web applications.
5.2 Custom AI Agents and Chatbots Design and deployment of conversational agents, assistants, and chatbots that may use third-party AI models, retrieval, and tool-calling, subject to Section 10.
5.3 Workflow Orchestration Design and implementation of automated workflows that connect applications, trigger actions, route data, and orchestrate business processes.
5.4 CRM and Backend Automation Configuration and automation of CRM systems, pipelines, records, notifications, and backend integrations.
5.5 Secure RAG and Knowledge Systems Implementation of retrieval-augmented generation, knowledge bases, embeddings, and vector stores configured to retrieve from Client-approved sources.
5.6 Custom Software, Portals, and Dashboards Development of custom software, client and customer portals, dashboards, and reporting interfaces.
5.7 Communications Automation Implementation of email, SMS, MMS, RCS, WhatsApp, voice, and chat communication workflows, subject to Section 15 and the SMS/WhatsApp Consent Capture Processes.
5.8 Consulting, Discovery, and Workflow Audits Discovery sessions, workflow audits, technical blueprints, and advisory services.
5.9 Maintenance and Support Ongoing maintenance, monitoring, updates, and support, typically delivered under a recurring monthly maintenance and support plan associated with a service package, as described in the applicable SOW and in Section 18.
5.10 Exclusions from Scope Except as expressly stated in a SOW, the Services do not include legal, accounting, tax, medical, insurance, or other licensed professional advice; guaranteed business results; third-party license or usage fees; data-quality remediation; content creation; regulatory filings; penetration testing; or work outside the agreed scope. Out-of-scope work requires a Change Order.
6.1 SOW Execution Each SOW is effective when signed by both parties (including by electronic signature) and incorporates this MSA by reference.
6.2 SOW Required Fields Each SOW should identify the parties, the Services, Deliverables, milestones, acceptance criteria, Client dependencies, assumptions, out-of-scope items, Fees and payment schedule, term, and any data-protection or communications- compliance details.
6.3 Deliverables Deliverables are as described in the SOW and are subject to the acceptance process in Section 17.
6.4 Milestones Milestones and target dates are estimates that depend on timely Client cooperation, access, content, approvals, third- party availability, and payment.
6.5 Acceptance Criteria Acceptance criteria define when a Deliverable conforms in all material respects to the SOW.
6.6 Client Dependencies The SOW identifies access, credentials, API keys, licenses, content, data, consents, and reviews that Client must provide.
6.7 Assumptions The SOW states assumptions on which Fees and timelines are based; material changes to those assumptions may require a Change Order.
6.8 Out-of-Scope Work Work not described in the SOW is out of scope and requires a Change Order and additional Fees.
6.9 Relationship Between MSA and SOW The MSA governs all SOWs. A SOW may supplement the MSA but may modify it only by expressly referencing the section being modified and stating the parties’ intent to modify it for that SOW.
7.1 Change Request Process Either party may request a change to a SOW by written notice describing the requested change and its rationale.
7.2 Change Order Approval A change becomes binding only when both parties execute a Change Order. Until then, CA Solutions will continue performing the existing scope.
7.3 Emergency Changes For urgent changes needed to preserve security, availability, or compliance, the parties may authorize work by email and document it in a Change Order promptly thereafter.
7.4 Regulatory Changes If a change in Applicable Law, platform policy, or carrier rule requires modifications, the parties will negotiate a Change Order in good faith; CA Solutions is not responsible for non-compliance caused by Client’s refusal to adopt a required change.
7.5 Third-Party Platform Changes Changes required by Third-Party Services (including API changes, deprecations, model changes, or policy changes) may require a Change Order.
7.6 Pricing and Timeline Adjustments Change Orders may adjust Fees, payment schedules, milestones, and timelines to reflect the change.
Client is responsible for:
and connect third-party accounts.
stated in the SOW.
endpoint security, and internal policies.
data.
protection, employment, healthcare, financial, communications, marketing, accessibility, and sector-specific rules.
consequential contexts.
customers, contacts, and end users.
with generally accepted industry practices.
DPA for systems within CA Solutions’ control.
10.1 AI System Definitions AI Systems are defined in Section 3 and further described in each SOW and in Exhibit E (AI Governance Addendum).
10.2 Probabilistic Outputs AI Systems are probabilistic and may produce inaccurate, incomplete, biased, outdated, unsafe, offensive, or unexpected outputs. CA Solutions does not warrant the accuracy, completeness, or fitness of any AI output.
10.3 No Professional Advice AI outputs are not legal, medical, financial, tax, accounting, engineering, insurance, employment, credit, housing, or other professional advice and must not be relied upon as a substitute for qualified human judgment.
10.4 No Worker Replacement Representation The Services are intended to assist operations and communications, not to replace professional workers, licensed personnel, or responsible human decision-makers. CA Solutions makes no representation that any AI System will replace personnel.
10.5 Human Oversight Client must maintain meaningful human review and supervision of AI outputs, customer-facing responses, workflow actions, and automated communications.
10.6 High-Risk and Consequential Decisions Unless expressly approved in a SOW, Client must not use the Services as the sole, final, or determinative basis for consequential decisions affecting individuals, including decisions about employment, credit, education, housing, insurance, healthcare, legal rights, government benefits, identity verification, or access to essential services.
10.7 AI Disclosure Obligations Client is responsible for any disclosures required by Applicable Law that individuals are interacting with, or are subject to, an AI System, including emerging state and provincial AI-transparency and chatbot-disclosure requirements.
10.8 Model Training Restrictions CA Solutions will not use Client Input Data to train, fine-tune, or improve third-party foundation models except with Client’s express written authorization, and will, where available, configure AI Subprocessors to disable training on Client data and to limit retention.
10.9 Prompt Injection and AI Security Risks AI Systems may be susceptible to prompt injection, data exfiltration, jailbreaking, and similar risks. The parties will implement reasonable guardrails as described in the SOW; no safeguard eliminates these risks entirely.
10.10 Testing and Monitoring The SOW will state testing and monitoring responsibilities. Client is responsible for ongoing monitoring after acceptance unless a support plan provides otherwise.
10.11 AI Incident Handling The parties will reasonably cooperate to investigate and remediate AI incidents (such as harmful, unlawful, or materially erroneous outputs) within the agreed scope.
10.12 AI Governance Baseline Exhibit E sets out a baseline AI governance framework, including human-in-the-loop controls, disclosure practices, logging, and prohibited uses.
11.1 Roles of the Parties Where CA Solutions processes Personal Information on Client’s behalf, Client is the controller or business and CA Solutions is the processor or service provider. The Data Processing Addendum (Exhibit B) governs such processing and is incorporated by reference.
11.2 Client Instructions CA Solutions will process Personal Information only on Client’s documented instructions, including as set out in this Agreement and each SOW, except as required by Applicable Law.
11.3 Personal Information Each party will comply with privacy and data-protection laws applicable to its role in the United States and Canada.
11.4 Regulated Data Restrictions Client must not submit Regulated Data unless the applicable SOW, the DPA, and (for Protected Health Information) a BAA expressly authorize it and define required safeguards.
11.5 Data Minimization Client will provide only the Personal Information reasonably necessary for the Services.
11.6 Data Subject Requests CA Solutions will provide reasonable assistance to Client in responding to verified individual privacy-rights requests, as further described in the DPA.
11.7 Security Measures CA Solutions will maintain the security measures in Exhibit A and the DPA for data within its control.
11.8 Subprocessors CA Solutions may engage Subprocessors subject to the DPA, including notice and objection rights and flow-down obligations.
11.9 Cross-Border Transfers CA Solutions is based in the United States and may process data in the United States and other jurisdictions where its providers operate; transfer mechanisms are addressed in the DPA.
11.10 Data Return and Deletion On termination, CA Solutions will return or delete Client Personal Information as described in the DPA, subject to legal- retention and backup exceptions.
11.11 Breach Notification CA Solutions will notify Client of a Security Incident affecting Client Personal Information within its control without undue delay and as described in the DPA.
12.1 Confidential Information “Confidential Information” means non-public business, technical, financial, operational, customer, or security information disclosed by one party (“Discloser”) to the other (“Recipient”) that is marked confidential or that a reasonable person would understand to be confidential.
12.2 Exclusions Confidential Information does not include information that is or becomes public through no fault of Recipient, was rightfully known without confidentiality obligation, is independently developed without use of the Confidential Information, or is rightfully received from a third party.
12.3 Use Restrictions Recipient will use Confidential Information only to perform or receive the Services.
12.4 Disclosure Restrictions Recipient will protect Confidential Information with at least reasonable care and limit access to personnel and contractors with a need to know who are bound by confidentiality obligations.
12.5 Required Disclosures Recipient may disclose Confidential Information if required by law, provided it gives reasonable prior notice where lawful and cooperates in seeking protective treatment.
12.6 Residual Knowledge Nothing prevents CA Solutions from using general skills, know-how, and experience retained in the unaided memory of its personnel, provided no Confidential Information is disclosed.
12.7 Return or Destruction On request or termination, Recipient will return or destroy Confidential Information, subject to legal-retention and routine-backup exceptions.
13.1 CA Solutions Background IP CA Solutions retains all rights in its pre-existing and independently developed software, code libraries, prompts, templates, tools, methodologies, workflows, know-how, architecture, and reusable components (“Company IP”).
13.2 Client Materials Client retains all rights in Client Input Data and Client-provided materials and grants CA Solutions a limited license to use them to provide the Services.
13.3 Deliverables Subject to full payment of all undisputed Fees and to this Section, CA Solutions grants Client a non-exclusive, non- transferable, perpetual license to use the Deliverables for Client’s internal business purposes. Custom assignment of specified Deliverables may be agreed in a SOW.
13.4 Reusable Components Deliverables may incorporate Company IP and reusable components; CA Solutions retains ownership of, and may continue to use, such components, and grants Client a license to use them solely as embedded in the Deliverables.
13.5 Open-Source Software Deliverables may include open-source software governed by its own licenses; Client’s use is subject to those licenses.
13.6 Third-Party Materials Third-party materials and Third-Party Services are licensed under their own terms, and Client is responsible for compliance with those terms.
13.7 AI Outputs To the extent permitted by Applicable Law and third-party model terms, Client may use AI outputs generated for Client after payment. Client understands that AI outputs may not be protectable, may not be unique, and may be similar to outputs provided to others.
13.8 Similar Outputs CA Solutions may develop the same or similar work product for other clients, provided it does not use or disclose Client’s Confidential Information.
13.9 Feedback CA Solutions may freely use feedback and suggestions provided by Client without restriction or obligation.
13.10 Portfolio and Case Study Rights Subject to Section 26, CA Solutions may describe the general nature of the Services in its portfolio, subject to Client’s Confidential Information.
14.1 Client-Provided Accounts Client is responsible for its own third-party accounts, licenses, billing, and administrator access.
14.2 CA Solutions-Provided Accounts Where CA Solutions provisions third-party services on Client’s behalf, related costs are passed through and the third party’s terms apply.
14.3 Third-Party Terms Third-Party Services are governed by their own terms, service levels, data practices, and usage limits.
14.4 API Limits and Changes CA Solutions is not responsible for third-party API limits, changes, deprecations, or model behavior outside its reasonable control.
14.5 Platform Policy Compliance Client is responsible for compliance with applicable platform policies for Client’s programs and content.
14.6 Service Availability CA Solutions does not guarantee the availability of Third-Party Services.
14.7 Pass-Through Costs Third-party costs (including hosting, AI API usage, messaging, and domain fees) are Client’s responsibility unless a SOW states otherwise.
Where the Services include automated communications, Client is responsible for lawful campaign design and compliance, and CA Solutions will implement consent and messaging workflows only within the written scope. The SMS/WhatsApp Consent Capture Processes are incorporated by reference.
15.1 Email Marketing Client must comply with the U.S. CAN-SPAM Act and, for Canadian recipients, Canada’s Anti-Spam Legislation (CASL), including consent, sender identification, and functioning unsubscribe mechanisms.
15.2 SMS, MMS, and RCS Client must comply with the Telephone Consumer Protection Act (TCPA), FCC rules, applicable state telemarketing laws, CTIA messaging principles, carrier requirements, and CASL for Canadian recipients, including obtaining required prior express or prior express written consent and honoring opt-out requests made by any reasonable means.
15.3 WhatsApp Business Messaging Client must comply with the WhatsApp Business Messaging Policy and applicable Meta terms, including obtaining opt- in permission before messaging recipients and respecting opt-outs, and is responsible for template-category use and any platform restrictions (including restrictions on marketing templates to certain regions).
15.4 Voice Calls and Robocalls Client must comply with TCPA, FCC, and state requirements applicable to autodialed, prerecorded, or artificial-voice calls.
15.5 Consent Records Client must obtain and retain adequate consent records, including the date, time, source, and disclosure language presented at the time of consent.
15.6 Opt-Out and Suppression Lists Client must honor opt-outs and maintain suppression lists; CA Solutions supports suppression workflows only within the agreed scope.
15.7 Message Content Approval Client is responsible for the lawfulness and accuracy of message content.
15.8 Client Campaign Responsibility CA Solutions is not responsible for Client’s unlawful lists, missing consent, non-compliant content, failure to honor opt- outs, carrier filtering, platform rejection, or program suspension.
CA Solutions offers tiered service packages, each of which may include a one-time build/package Fee plus a recurring monthly maintenance and support Fee, as selected in the applicable SOW or Order Form.
Selected Package[PACKAGE TIER 1 / 2 / 3]
One-Time Package Fee[$AMOUNT]
Recurring Monthly Maintenance &[$AMOUNT / MONTH]
Support Fee
Billing Cycle[MONTHLY / ANNUAL]
16.1 Fees Client will pay the Fees stated in each SOW, Order Form, or invoice.
16.2 Deposits Unless a SOW states otherwise, project work may require an upfront deposit before work begins.
16.3 Milestone Payments Milestone payments are due on the dates or events stated in the SOW.
16.4 Subscription Fees Recurring maintenance and support Fees are billed in advance for each billing cycle and continue until the plan is terminated under Section 23.
16.5 Usage-Based Fees Usage-based Fees (such as AI API usage or messaging volume) are billed as incurred or passed through.
16.6 Expenses Pre-approved out-of-pocket expenses are reimbursable.
16.7 Taxes Fees are exclusive of taxes; Client is responsible for applicable sales, use, GST/HST, and similar taxes, excluding taxes on CA Solutions’ net income.
16.8 Late Payments Undisputed amounts not paid when due accrue interest at the lesser of 1.5% per month or the maximum rate permitted by law.
16.9 Suspension for Nonpayment CA Solutions may suspend Services for amounts more than [NUMBER] days overdue after reasonable notice.
16.10 Disputed Invoices
Client must dispute an invoice in good faith and in writing within[NUMBER] days of receipt; undisputed amounts
remain due.
17.1 Delivery Method CA Solutions will deliver Deliverables as described in the SOW.
17.2 Review Period Client will review each Deliverable within the review period stated in the SOW (or [NUMBER] business days if not stated).
17.3 Acceptance A Deliverable is accepted when Client approves it in writing, uses it in production, or does not provide a written, specific notice of material nonconformity within the review period.
17.4 Rejection Procedure To reject, Client must provide written, specific reasons describing the material nonconformity.
17.5 Corrections CA Solutions will use reasonable efforts to correct material nonconformities and re-deliver for review.
17.6 Production Launch Approval Client is responsible for production-readiness, legal, accessibility, content, and security review and for approving production launch.
18.1 Support Channels Support is provided through the channels stated in the applicable plan (e.g., email and ticketing).
18.2 Support Hours Standard support hours are [e.g., Mon–Fri, 9am–5pm MT] , excluding holidays, unless a plan states otherwise.
18.3 Severity Levels Issues are classified by severity (e.g., Critical, High, Medium, Low) as defined in the plan.
18.4 Response Targets Target response times are stated in the plan and are targets, not guarantees, unless a written service-level commitment states otherwise.
18.5 Excluded Support Support excludes new features, out-of-scope work, third-party failures, and issues caused by Client systems or misuse, which may require a Change Order.
18.6 Maintenance Windows CA Solutions may schedule maintenance windows with reasonable notice where practicable.
18.7 Version Updates Maintenance may include reasonable updates; major upgrades may require a Change Order.
19.1 Mutual Authority Each party represents it has authority to enter this Agreement.
19.2 Services Warranty CA Solutions warrants that the Services will be performed in a professional and workmanlike manner consistent with industry practices. Client’s exclusive remedy for breach of this warranty is re-performance of the affected Services, provided Client notifies CA Solutions within [NUMBER] days of the affected performance.
19.3 Disclaimer of Implied Warranties EXCEPT AS EXPRESSLY STATED IN THIS AGREEMENT, THE SERVICES AND DELIVERABLES ARE PROVIDED “AS IS” AND “AS AVAILABLE.” TO THE MAXIMUM EXTENT PERMITTED BY LAW, CA SOLUTIONS DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON- INFRINGEMENT, ACCURACY, UNINTERRUPTED OPERATION, AND ERROR-FREE PERFORMANCE.
19.4 No Guaranteed Business Results CA SOLUTIONS DOES NOT GUARANTEE ANY BUSINESS RESULT, REVENUE, RANKING, LEAD, SALE, OR CONVERSION.
19.5 No Guaranteed Legal Compliance CA SOLUTIONS DOES NOT GUARANTEE THAT THE SERVICES OR DELIVERABLES WILL CAUSE CLIENT TO BE IN COMPLIANCE WITH ANY LAW; CLIENT IS RESPONSIBLE FOR LEGAL COMPLIANCE APPLICABLE TO ITS BUSINESS.
19.6 No Guaranteed AI Accuracy CA SOLUTIONS DOES NOT GUARANTEE THE ACCURACY, COMPLETENESS, SAFETY, ORIGINALITY, OR FITNESS OF ANY AI OUTPUT, MESSAGE DELIVERABILITY, OR PLATFORM APPROVAL.
20.1 Excluded Damages TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY WILL BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, INCLUDING LOST PROFITS, LOST REVENUE, DATA LOSS, BUSINESS INTERRUPTION, OR REPUTATIONAL HARM, EVEN IF ADVISED OF THE POSSIBILITY.
20.2 Liability Cap TO THE MAXIMUM EXTENT PERMITTED BY LAW, CA SOLUTIONS’ TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT AND THE SERVICES WILL NOT EXCEED THE GREATER OF (A) THE TOTAL FEES PAID BY CLIENT UNDER THE STATEMENT OF WORK GIVING RISE TO THE CLAIM, OR (B) THE FEES PAID BY CLIENT TO CA SOLUTIONS FOR THE AFFECTED SERVICES DURING THE THREE (3) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE LIABILITY.
The dual cap reflects CA Solutions’ variable engagement model: project/package builds (capped by SOW fees) and recurring monthly maintenance and support plans (capped by the trailing three-month fees).
20.3 Data Loss and Security Incidents CA Solutions’ liability for data loss or security incidents is subject to the cap in Section 20.2, except as provided in Section 20.6.
20.4 AI Output Risks CA Solutions is not liable for harm arising from AI outputs that Client failed to review or supervise as required by Section 10.
20.5 Third-Party Services CA Solutions is not liable for acts, omissions, outages, or changes of Third-Party Services outside its reasonable control.
20.6 Exceptions to Limitations The exclusions and cap do not apply to a party’s indemnification obligations, breach of confidentiality, infringement or misappropriation of the other party’s Intellectual Property Rights, a party’s gross negligence or willful misconduct, or Client’s payment obligations, in each case to the extent such limitation is prohibited by Applicable Law.
21.1 Client Indemnity Client will defend, indemnify, and hold harmless CA Solutions and its members, managers, employees, contractors, and Affiliates from third-party claims, damages, fines, penalties, costs, and reasonable attorneys’ fees arising from Client Input Data; Client instructions or configurations; Client’s misuse of the Services; unauthorized or unlawful data processing; failure to obtain required consent or provide required notices; automated communications sent by or for Client; violation of law or third-party rights; end-user claims related to Client’s business; and failure to review, supervise, or correct AI outputs.
21.2 Company Indemnity CA Solutions will defend, indemnify, and hold harmless Client from third-party claims that the Deliverables, as delivered by CA Solutions and used as permitted, infringe a third party’s U.S. or Canadian Intellectual Property Rights, excluding claims arising from Client Materials, Client modifications, Third-Party Services, AI outputs, or use outside the agreed scope.
21.3 IP Claims If a Deliverable is alleged to infringe, CA Solutions may, at its option, procure the right to continue use, modify the Deliverable, or replace it; if none is commercially reasonable, CA Solutions may terminate the affected SOW and refund unamortized prepaid Fees for the affected Deliverable.
21.4 Data and Privacy Claims Responsibility for data and privacy claims follows the roles and allocations in the DPA and this Agreement.
21.5 Communications Compliance Claims Client indemnifies CA Solutions for claims arising from Client’s communications programs, lists, consent, and content.
21.6 Indemnification Procedure The indemnified party will give prompt notice, allow the indemnifying party to control the defense (with counsel reasonably acceptable), and provide reasonable cooperation; no settlement imposing liability on the indemnified party may be made without its consent.
22.1 Required Coverage CA Solutions will maintain commercially reasonable insurance appropriate to the Services, in the types and amounts stated in a SOW where required.
22.2 Cyber Liability Cyber-liability coverage of [$AMOUNT] per occurrence, where required by a SOW.
22.3 Technology Errors and Omissions Technology E&O coverage of [$AMOUNT] , where required by a SOW.
22.4 Professional Liability Professional-liability coverage as stated in a SOW, where required.
22.5 Certificates of Insurance On reasonable request, CA Solutions will provide a certificate of insurance evidencing required coverage.
23.1 Agreement Term This MSA begins on the Effective Date and continues until terminated under this Section. Termination of the MSA does not terminate active SOWs unless stated.
23.2 SOW Term Each SOW has the term stated in it. Recurring maintenance and support plans renew automatically for successive monthly terms unless either party gives at least [NUMBER] days’ notice of non-renewal.
23.3 Termination for Convenience
Either party may terminate a SOW for convenience on[NUMBER] days’ written notice; Client will pay for Services
performed and non-cancellable commitments through the effective date of termination.
23.4 Termination for Cause Either party may terminate this Agreement or a SOW for the other party’s material breach not cured within thirty (30) days of written notice, or immediately for insolvency or unlawful use.
23.5 Effect of Termination On termination, Client will pay all amounts due, and each party will return or destroy the other’s Confidential Information subject to retention exceptions.
23.6 Transition Assistance On request, CA Solutions will provide reasonable transition assistance at its then-current rates under a short transition SOW.
23.7 Survival Sections concerning definitions, confidentiality, data protection, intellectual property, fees accrued, warranties/ disclaimers, limitation of liability, indemnification, insurance (as to prior periods), dispute resolution, governing law, and any term that by its nature should survive will survive termination.
During the term and for twelve (12) months after, neither party will knowingly solicit for employment the other party’s personnel directly involved in the Services, excluding general advertising and responses to it. This Section does not restrict either party’s lawful hiring of persons who apply independently.
CA Solutions is an independent contractor. Nothing creates a partnership, joint venture, agency, or employment relationship, and neither party may bind the other.
Neither party will use the other’s name, logo, or trademarks in marketing without prior written consent, except that CA Solutions may identify Client as a client and describe the general nature of the Services in its portfolio unless Client opts out in writing.
CA Solutions will maintain reasonable records relating to the Services. On reasonable prior notice, not more than once per year (absent a Security Incident or legal requirement), Client may request reasonable compliance information or, where provided in the DPA, an audit, subject to confidentiality and CA Solutions’ security policies.
Each party will comply with Applicable Law in performing or receiving the Services. Client is responsible for compliance with laws specific to Client’s industry, data, and communications programs.
Each party will comply with applicable U.S. and Canadian export-control and economic-sanctions laws. Client represents it is not subject to sanctions and will not use the Services in violation of such laws.
Where a SOW includes accessibility requirements (e.g., WCAG conformance targets), CA Solutions will use reasonable efforts to meet them. Client is responsible for ongoing accessibility and anti-discrimination compliance of its sites, content, and decisioning, including any obligations under the Americans with Disabilities Act and applicable Canadian accessibility laws.
Neither party is liable for delay or failure to perform (other than payment obligations) caused by events beyond its reasonable control, including acts of God, natural disasters, war, terrorism, civil unrest, labor disputes, governmental action, internet or utility failures, cyberattacks, and failures or changes of Third-Party Services (each, a “Force Majeure Event”). The affected party will use reasonable efforts to mitigate and resume performance.
32.1 Good-Faith Escalation Before commencing litigation (other than for injunctive relief), the parties will escalate the dispute to senior representatives who will attempt to resolve it in good faith within thirty (30) days of written notice.
32.2 Mediation If the dispute is not resolved, the parties may, by mutual agreement, submit it to non-binding mediation before a mutually acceptable mediator, with costs shared equally.
32.3 Litigation Election If the dispute remains unresolved, either party may bring an action in the state or federal courts located in Wyoming, consistent with Section 33. The parties do not elect mandatory arbitration; either party may pursue available judicial remedies.
32.4 Injunctive Relief Either party may seek injunctive or equitable relief in any court of competent jurisdiction to protect Confidential Information or Intellectual Property Rights without first completing escalation or mediation.
32.5 Attorneys’ Fees In any action arising out of this Agreement, the prevailing party is entitled to recover its reasonable attorneys’ fees and costs to the extent permitted by law.
This Agreement is governed by the laws of the State of Wyoming, without regard to its conflict-of-law rules and excluding the U.N. Convention on Contracts for the International Sale of Goods. The parties consent to the exclusive jurisdiction and venue of the state and federal courts located in Wyoming, subject to Section 32.
Notices must be in writing and sent to the notice addresses in Section 1 by personal delivery, nationally recognized courier, or email with confirmation. Notices are effective on receipt (or, for email, on confirmed delivery during business hours).
Neither party may assign this Agreement without the other’s prior written consent, except that either party may assign to an Affiliate or in connection with a merger, acquisition, or sale of substantially all assets, on notice. This Agreement binds permitted successors and assigns.
If any provision is held unenforceable, it will be modified to the minimum extent necessary, and the remaining provisions will remain in effect.
No waiver is effective unless in writing, and no failure or delay in exercising a right operates as a waiver.
This Agreement, together with its Exhibits, SOWs, Change Orders, and incorporated policies, is the entire agreement between the parties on its subject matter and supersedes prior proposals and understandings. Pre-printed terms on Client purchase orders are of no effect.
This Agreement may be executed in counterparts and by electronic signature, each of which is an original and together one instrument.
The parties execute this Agreement as of the Effective Date.
CA SOLUTIONS LLC[CLIENT LEGAL NAME]
SignatureSignature
NameName
TitleTitle
DateDate
The following Exhibits are incorporated by reference:
Exhibit Title Description
A Standard Security Technical and organizational measures for data within CA Solutions’ control. Measures
B Data Processing Governs processing of Personal Information (provided as a separate executed
Addendumdocument).
C Support Terms Support channels, hours, severity levels, and response targets for the selected plan.
D Acceptable Use Policy Prohibited uses of the Services and Deliverables.
E AI Governance Addendum Baseline AI governance, human-oversight, disclosure, and prohibited-use controls.
Exhibit A — Standard Security Measures (Summary) Access controls and least-privilege permissions; authentication (including multi-factor for administrative access); encryption in transit and, where supported, at rest; secure configuration and secrets management; logging and monitoring; vulnerability management; secure development practices; vendor/subprocessor review; and an incident- response process. Full measures are detailed in the DPA, Exhibit B.
Exhibit D — Acceptable Use Policy (Summary) Client and Authorized Users must not use the Services to violate law or third-party rights; create malware, phishing, spam, or deceptive content; facilitate fraud, unlawful discrimination, harassment, or unsafe conduct; process data without authority or required consent; deploy AI in prohibited, discriminatory, deceptive, or unsafe ways; send automated communications without required consent, identification, opt-out, or suppression controls; submit Regulated Data outside an approved scope; or interfere with, overload, or reverse-engineer the Services or Third-Party Services.
Attorney note: Exhibits A–E should be finalized as standalone schedules. The current regulatory landscape reflected here is current as of June 2026 and includes: the vacatur of the FCC “one-to-one” TCPA consent rule (11th Cir., Jan. 2025); the FCC consent-revocation rule allowing opt-out by any reasonable means (effective Apr. 11, 2025, with the “revoke-all” portion subject to waiver through Jan. 31, 2027); twenty U.S. state comprehensive privacy laws; and Quebec’s Law 25 (fully in force, including data portability since Sept. 22, 2024, with a private right of action). Confirm current law at execution.
Download PDF