Master Services Agreement

Back

MASTER SERVICES AGREEMENT

This Master Services Agreement ("Agreement") governs all Order Forms entered into by and between Emcee Invest, Inc. d/b/a Bits of Stock ("Service Provider") and the entity identified in an applicable Order Form ("Customer"). By executing an Order Form that references this Agreement, Customer agrees to be bound by the terms and conditions of this Agreement. Each Order Form will be deemed to incorporate this Agreement by reference as if fully set forth therein.

1. Definitions

"Platform" means Service Provider's technology platform that enables the delivery of the Programs.

"Programs" means the specific services made available through the Platform, including: (i) Stock Rewards Program; (ii) Investment Services; (iii) Trading Services; and (iv) Educational Services.

"Stock Rewards Program" means the service enabling End Users to receive fractional shares as rewards based on qualifying activities.

"Investment Services" means automated investment services including round-ups and recurring investments.

"Trading Services" means capabilities for End Users to buy and sell securities.

"Educational Services" means investment education resources and tools.

"End Users" means individuals who maintain accounts with Customer and are authorized to access the Programs through Customer Programs.

"Customer Programs" means Customer's digital banking platform, mobile applications, rewards programs, and other services through which Customer makes the Platform available to End Users.

"Order Form" means the document executed by both Parties that specifies the Programs, fees, and any additional terms specific to Customer's use of the Platform.

Additional terms are defined within the relevant sections of this Agreement.

2. Platform and Services

Platform Access and License

Service Provider owns and makes available software and services that facilitate fractional ownership of certain stocks, cryptocurrencies, exchange-traded funds and other investment products through the Platform. The Programs enable End Users to build investment portfolios through Customer Programs. Customer desires to integrate the Platform with its Customer Programs to provide End Users with access to the Programs in accordance with the terms and conditions of this Agreement and as specified in the applicable Order Form.

During the Term, Service Provider grants Customer a limited, non-exclusive, non-transferable license to: (i) access and use the Platform and Programs as specified in the applicable Order Form; (ii) integrate the Platform with Customer Programs through Service Provider's application programming interfaces ("APIs") or other authorized methods; and (iii) market and promote the Programs to End Users as part of Customer Programs. All rights not expressly granted to Customer are reserved by Service Provider.

Customer shall not: (i) sublicense, sell, transfer, assign, distribute or otherwise make the Platform or Programs available to any third party except as expressly permitted herein; (ii) modify, translate, reverse engineer, decompile or create derivative works based on the Platform; (iii) remove any proprietary notices or labels from the Platform; (iv) use the Platform in violation of applicable laws or regulations; or (v) during the Term, develop, promote, market or offer any program, product or service that is substantially similar to or competitive with the Programs. Customer shall ensure that all communications regarding the Programs comply with applicable laws, regulations and industry standards.

Clearing and Custody Services

Customer acknowledges that Service Provider partners with a registered clearing firm to provide execution, clearing, and custody services for the Programs. Customer and its End Users must establish and maintain required accounts with the clearing firm to participate in the Programs.

Service Provider does not hold customer funds or securities. All customer assets are held by the clearing firm in accordance with SEC and FINRA regulations. The clearing firm's terms and conditions, including account agreements and disclosures, will apply to all brokerage services.

Service Provider may change clearing firms upon notice to Customer, provided that such change does not materially adversely affect the Programs.

Documentation and Technical Resources

Service Provider will provide Customer with access to documentation necessary to implement and use the Platform, including API documentation, integration guides, and technical specifications. Service Provider may update such documentation from time to time and will make the current version available through Service Provider's developer portal or other designated access point.

During implementation of the Platform, Service Provider will provide reasonable technical guidance to Customer's development team, including access to integration documentation and sample code, responses to technical queries during implementation, review of Customer's integration approach, and testing environment access and support.

Service Provider will provide Customer with reasonable advance notice of material technical updates, including API version changes, new feature documentation, deprecation notices, and security update requirements. Service Provider will maintain and provide access to technical documentation, integration guidelines, security requirements, and best practices documentation.

All documentation and materials provided under this Section remain Service Provider's Confidential Information and intellectual property.

Service Levels and Support

Service Provider will make the Platform available in accordance with the service levels specified in the applicable Order Form. Service Provider will provide commercially reasonable efforts to maintain the security, availability, and performance of the Platform.

Service Provider will conduct scheduled maintenance during off-peak hours and will provide advance notice of any scheduled maintenance that may materially impact Platform availability.

Service Provider will provide support services as described in the applicable Order Form. At minimum, Service Provider will provide technical support via email at help@bitsofstock.com and will respond to support inquiries in a commercially reasonable timeframe.

Upon Customer's reasonable request, Service Provider will provide reports regarding Platform availability and performance.

3. Customer Responsibilities

Integration and Implementation

Customer shall be responsible for: (a) implementing and maintaining the technical integration with the Platform in accordance with Service Provider's documentation and specifications; (b) designing and maintaining the user interface through which End Users access the Programs; (c) ensuring all integrations comply with Service Provider's security requirements and industry standards.

End User Management

Customer shall be solely responsible for: (a) establishing and maintaining relationships with End Users, including verifying End User identity and eligibility; (b) collecting and maintaining accurate End User information required for Program participation; (c) obtaining all necessary consents from End Users for Program participation and data sharing; (d) promptly notifying Service Provider when End Users become ineligible, revoke consent, or are inactive for more than twelve (12) months; (e) managing all direct communications with End Users regarding the Programs through authorized channels; (f) maintaining records of End User consents and communications in accordance with applicable laws and regulations.

Program Funding and Settlement

Customer shall maintain sufficient funds in its designated brokerage account to cover all Program activities, including but not limited to: (a) stock rewards offered to End Users; (b) round-up investments; and (c) any trading activity. Customer shall ensure funds are available for settlement of transactions according to standard settlement cycles.

Customer acknowledges that Service Provider does not fund any rewards or investments. Customer is solely responsible for depositing and maintaining adequate funds prior to enabling any Programs for End Users. Service Provider may suspend Program availability if Customer fails to maintain adequate funding.

Customer shall comply with all funding and settlement requirements established by the clearing firm. Failure to meet such requirements may result in transaction rejections, Program suspension, or additional fees.

4. Data and Security

Data Rights and Usage

As between the parties, Customer owns all right, title, and interest in End User data provided to Service Provider through Customer Programs ("Customer Data"). Customer grants Service Provider a limited, non-exclusive license to use Customer Data solely to provide and improve the Programs, comply with applicable laws and regulations, and as otherwise permitted in this Agreement or with Customer's written consent.

Service Provider may collect, create, and use data derived from Customer Data in an aggregated and anonymized format ("Aggregate Data") for the purposes of improving the Platform and Programs, developing new products and services, understanding usage patterns and trends, and creating industry benchmarks and analytics. Aggregate Data will not identify Customer or any End User and will be treated as Service Provider's Confidential Information.

Service Provider may provide Customer with analytics and reporting regarding the use of Programs by End Users, including Program adoption rates, engagement metrics, reward redemption data, and other metrics as agreed by the parties. Customer may use these reports for its internal business purposes only.

Security Requirements

Customer shall implement and maintain security controls that meet or exceed the following requirements: (a) encryption of all End User data using AES, Triple DES, or IDEA algorithms with minimum 128-bit encryption for symmetric cryptosystems and 2048-bit for asymmetric systems; (b) implementation of secure password and access management policies; (c) regular security patches and updates for all systems interfacing with the Platform; (d) security monitoring and incident response procedures with required notification to Service Provider within twenty-four (24) hours of any security incident; and (e) documented business continuity and disaster recovery procedures ensuring Platform access is not disrupted for more than two (2) hours. Customer shall conduct regular vulnerability scanning and penetration testing of its systems that interact with the Platform.

Data Protection

Each Party shall comply with all applicable laws, regulations, and industry standards regarding financial services, data privacy, and information security, including but not limited to federal and state securities laws, banking regulations, and privacy regulations governing the collection, use, storage, and transfer of personal information ("Privacy Laws").

Security Incident Response

In the event of any actual or suspected security breach affecting End User data or Platform access ("Security Incident"), the discovering Party shall notify the other Party within twenty-four (24) hours. The notification shall include: (a) the nature and extent of the Security Incident; (b) the End User data potentially affected; (c) actions taken to contain and remediate the Security Incident; and (d) measures being implemented to prevent recurrence.

Customer shall maintain strict credential management procedures, including unique authentication credentials for each authorized user, regular password rotations, prompt deactivation of credentials for terminated personnel, and periodic access reviews. Customer shall document all authorized users and access levels, and provide such documentation to Service Provider upon request.

Both Parties shall cooperate fully in investigating and remediating any Security Incident, including preserving relevant logs and evidence, providing reasonable access to security records and personnel, implementing agreed-upon remediation steps, and complying with applicable breach notification laws. Each Party shall bear its own costs in responding to a Security Incident unless the Security Incident was caused by that Party's breach of this Agreement.

Confidential Information

"Confidential Information" means all non-public information disclosed by one Party ("Disclosing Party") to the other Party ("Receiving Party"), whether orally, visually, or in writing, that is designated as confidential or that reasonably should be understood to be confidential. Service Provider's Confidential Information includes, without limitation, the Platform, Programs, pricing, documentation, technical specifications, and security protocols. Customer's Confidential Information includes, without limitation, End User data, transaction data, and Customer's business plans.

Each Party shall: (a) protect the other Party's Confidential Information using the same degree of care it uses to protect its own confidential information of similar nature and importance, but in no event less than reasonable care; (b) use the other Party's Confidential Information only to perform its obligations or exercise its rights under this Agreement; (c) limit access to the other Party's Confidential Information to its employees, contractors, and advisors who have a need to know and who are bound by confidentiality obligations at least as restrictive as those in this Agreement; and (d) promptly notify the other Party of any unauthorized disclosure or use of its Confidential Information and cooperate to prevent further disclosures.

The confidentiality obligations do not apply to information that: (i) is or becomes publicly available through no fault of the Receiving Party; (ii) was known to the Receiving Party prior to disclosure; (iii) is received from a third party without breach of any obligation owed to the Disclosing Party; or (iv) was independently developed by the Receiving Party without use of the Confidential Information. The Receiving Party may disclose Confidential Information if required by law, provided it gives the Disclosing Party prior notice and an opportunity to seek a protective order.

5. Regulatory and Compliance

Regulatory Compliance

Service Provider represents and warrants that it is properly registered as an investment adviser with the SEC and will maintain all required registrations, licenses, and permits. Service Provider will comply with all applicable laws and regulations in providing the Programs, including securities laws, banking regulations, and privacy laws, and will cooperate with Customer's regulatory examinations relating to the Programs, including providing reasonable access to Service Provider's relevant records, facilities, and personnel.

Service Provider will maintain written policies and procedures reasonably designed to prevent violations of applicable laws, provide required disclosures to End Users as part of the End User Agreements, implement controls to monitor and prevent suspicious or fraudulent activity, and maintain records as required by applicable laws and regulations.

Service Provider will promptly notify Customer of any regulatory inquiries relating to the Programs and cooperate with Customer's reasonable requests for information needed for regulatory compliance. Service Provider will assist Customer in responding to regulatory examinations relating to the Programs and maintain documentation of compliance with regulatory requirements.

Service Provider Management

Service Provider will maintain a vendor management program for critical third-party service providers, conduct appropriate due diligence before engaging critical service providers, require appropriate security and confidentiality obligations in third-party contracts, and monitor third-party performance and compliance.

Service Provider acknowledges that its clearing firm and other critical service providers are essential to the Programs. Service Provider will maintain business continuity plans for critical vendor failures, require critical vendors to meet industry security standards, monitor critical vendor performance and stability, and notify Customer of material changes in critical vendor relationships.

Service Provider remains responsible for all subcontractor actions and omissions and will ensure subcontractors comply with applicable terms of this Agreement. Service Provider will require appropriate confidentiality and security obligations from subcontractors and remove any subcontractor upon Customer's reasonable request based on security or performance concerns.

6. Commercial Terms

Fees and Payment Terms

Customer shall pay Service Provider the fees set forth in the applicable Order Form. All fees are exclusive of taxes and shall be paid in U.S. dollars within fifteen (15) days of invoice date, without any deduction or setoff. Service Provider may invoice platform fees in advance. Service Provider may increase fees upon written notice at least sixty (60) days prior to the start of any Renewal Term.

All amounts payable under this Agreement are exclusive of all sales, use, value-added, withholding, and other taxes and duties. Customer shall pay all taxes associated with the Programs (except for taxes based on Service Provider's net income). Past due amounts will incur a late payment charge of 1.5% per month or the maximum rate permitted by law, whichever is less. Customer shall reimburse Service Provider for all reasonable costs incurred in collecting past due amounts, including attorney's fees.

Term and Termination

The initial term of each Order Form shall be three (3) years from its effective date ("Initial Term"), unless a longer period is specified in the applicable Order Form. Each Order Form shall automatically renew for successive one-year periods (each a "Renewal Term," and together with the Initial Term, the "Term"), unless either Party provides written notice of non-renewal at least sixty (60) days prior to the end of the then-current Term.

Either Party may terminate this Agreement: (a) immediately upon written notice if the other Party becomes insolvent, files for bankruptcy, or ceases operations; (b) upon thirty (30) days written notice of a material breach by the other Party if such breach remains uncured at the end of such notice period; or (c) as otherwise expressly permitted in this Agreement. Service Provider may suspend Customer's access to the Platform immediately upon notice if Customer's use of the Platform poses a security risk or may harm Service Provider or other customers.

Upon termination: (a) all rights granted hereunder shall cease; (b) Customer shall immediately stop using the Platform; (c) each Party shall comply with the confidentiality obligations in Section 4; (d) Customer shall pay all outstanding fees. The following provisions shall survive termination: Sections 4 (Data and Security), 7.2 (Indemnification), 7.3 (Limitation of Liability), and any other provisions that by their nature should survive termination.

7. Legal Terms

Representations and Warranties

Each Party represents and warrants to the other Party that it is duly organized, validly existing, and in good standing under the laws of its jurisdiction of formation. It has full corporate power and authority to enter into this Agreement and to perform its obligations hereunder.

The execution, delivery and performance of this Agreement have been duly authorized by all necessary corporate action. This Agreement constitutes a valid and binding obligation, enforceable against it in accordance with its terms. No consent, approval, or authorization of any governmental authority is required to be obtained by it in connection with the execution and delivery of this Agreement.

NO ADVICE OR RECOMMENDATIONS. Customer understands that Service Provider and its employees do not provide personalized investment recommendations or advice about specific securities or the appropriateness of any transaction. Service Provider does not provide tax, accounting, legal, or other professional advice. End Users should consult with their own professional advisors regarding their individual circumstances.

Indemnification

Service Provider agrees to indemnify, defend, and hold Customer and its officers, directors, employees, and agents (collectively, "Customer Indemnitees") harmless from and against any claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising from: (a) Service Provider's breach of this Agreement; (b) Service Provider's violation of applicable laws or regulations; (c) claims that the Platform or Programs infringe any third party's intellectual property rights; or (d) the gross negligence or willful misconduct of Service Provider or its personnel. Service Provider shall indemnify and defend Customer Indemnitees against any third-party claims, damages, losses, and expenses arising from a Security Incident caused by Service Provider's failure to comply with its security obligations under this Agreement.

Customer agrees to indemnify, defend, and hold Service Provider and its officers, directors, employees, and agents (collectively, "Service Provider Indemnitees") harmless from and against any claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising from: (a) Customer's breach of this Agreement; (b) Customer's violation of applicable laws or regulations; (c) Customer's use of the Platform in violation of this Agreement; or (d) the gross negligence or willful misconduct of Customer or its personnel.

The Party seeking indemnification shall: (a) promptly notify the indemnifying Party in writing of any claim; (b) give the indemnifying Party sole control over the defense and settlement of the claim (provided that the indemnifying Party may not settle any claim without the indemnified Party's written consent unless the settlement unconditionally releases the indemnified Party from all liability); and (c) provide reasonable assistance to the indemnifying Party, at the indemnifying Party's expense. The indemnified Party may participate in the defense at its own expense.

Limitation of Liability

NOTWITHSTANDING ANY OTHER PROVISION SET FORTH HEREIN, NEITHER PARTY SHALL BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOST PROFITS, LOST REVENUES, LOST BUSINESS OPPORTUNITIES, LOSS OF USE OR EQUIPMENT DOWNTIME, ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, REGARDLESS OF THE THEORY OF LIABILITY (INCLUDING NEGLIGENCE) AND EVEN IF THE PARTY KNEW OR SHOULD HAVE KNOWN OF THE POSSIBILITY OF SUCH DAMAGES.

EXCEPT AS PROVIDED BELOW, EACH PARTY'S TOTAL CUMULATIVE LIABILITY ARISING OUT OF OR RELATING TO THIS AGREEMENT, WHETHER BASED ON CONTRACT, TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL THEORY, SHALL BE LIMITED TO USD $1,000,000.

THE LIMITATIONS SET FORTH IN THIS SECTION SHALL NOT APPLY TO: (A) EITHER PARTY'S INDEMNIFICATION OBLIGATIONS; (B) DAMAGES RESULTING FROM EITHER PARTY'S GROSS NEGLIGENCE, WILLFUL MISCONDUCT, OR FRAUD; (C) CUSTOMER'S PAYMENT OBLIGATIONS; (D) DAMAGES RESULTING FROM EITHER PARTY'S BREACH OF ITS CONFIDENTIALITY OBLIGATIONS; OR (E) SERVICE PROVIDER'S BREACH OF ITS SECURITY OBLIGATIONS RESULTING IN A DATA BREACH.

THE PARTIES AGREE THAT THE LIMITATIONS SPECIFIED IN THIS SECTION REPRESENT THE PARTIES' AGREEMENT AS TO THE ALLOCATION OF RISK BETWEEN THE PARTIES AND THAT THE LIMITATIONS WILL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. EACH PARTY ACKNOWLEDGES THAT THE FEES AND LIMITATIONS SET FORTH HEREIN REFLECT THE ALLOCATION OF RISK SET FORTH IN THIS AGREEMENT AND THAT THE OTHER PARTY WOULD NOT ENTER INTO THIS AGREEMENT WITHOUT THESE LIMITATIONS.

General Provisions

Independent Contractors. The Parties are independent contractors. Nothing in this Agreement creates any partnership, joint venture, agency, franchise, or employment relationship between the Parties. Neither Party has the authority to bind or make commitments on behalf of the other Party. Each Party is solely responsible for its personnel, including for all compensation and benefits.

Assignment. Neither this Agreement nor any rights or obligations hereunder may be assigned, transferred, or delegated by either Party without the prior written consent of the other Party; provided, however, that Service Provider may assign this Agreement without consent to: (a) an affiliate; or (b) a successor in connection with a merger, acquisition, or sale of all or substantially all of its assets. Any attempted assignment in violation of this section shall be void.

Entire Agreement. This Agreement, together with all Order Forms and any exhibits or attachments referenced herein, constitutes the complete and exclusive agreement between the Parties regarding its subject matter and supersedes all prior or contemporaneous agreements, understandings, and communications, whether written or oral. This Agreement may only be modified by a written amendment signed by authorized representatives of both Parties. All pre-printed or standard terms of any Customer purchase order or other business processing document shall have no effect.

Waiver and Severability. No waiver of any breach of this Agreement will be effective unless in writing and signed by an authorized representative of the non-breaching Party. Any waiver of a breach shall not constitute a waiver of any other or subsequent breach. If any provision of this Agreement is held to be invalid, illegal, or unenforceable, such provision shall be modified to the minimum extent necessary to make it valid and enforceable. If modification is not possible, such provision shall be severed from this Agreement. The remaining provisions shall remain in full force and effect, and shall be construed to preserve the intended economic benefits and objectives of the original provision.

Governing Law and Venue. This Agreement shall be governed by and construed in accordance with the laws of the State of New York, without regard to its conflict of laws principles. The Parties expressly exclude the application of the United Nations Convention on Contracts for the International Sale of Goods. Each Party irrevocably consents to the exclusive jurisdiction and venue of the state and federal courts located in New York County, New York for any action arising out of or relating to this Agreement. The Parties waive any objection based on forum non conveniens or any other objection to venue therein.

Force Majeure. Neither Party will be liable for delays or failures to perform its obligations under this Agreement (except for payment obligations) to the extent such delay or failure is caused by circumstances beyond its reasonable control, including: (a) natural disasters or acts of God; (b) changes in applicable laws or regulations; (c) acts of war, terrorism, or civil unrest; (d) network or power failures; or (e) unauthorized third-party attacks on systems (collectively, "Force Majeure Events"). The affected Party shall: (i) promptly notify the other Party of the Force Majeure Event; (ii) use reasonable efforts to minimize the impact; and (iii) resume performance as soon as reasonably practicable. If a Force Majeure Event continues for more than thirty (30) consecutive days, either Party may terminate the affected Order Form(s) upon written notice.

Notices. All notices under this Agreement must be in writing and will be deemed given when: (a) delivered personally; (b) sent by confirmed email with a copy sent by other permitted means; or (c) sent by nationally recognized overnight courier or certified mail, return receipt requested.

Notices to Service Provider shall be sent to:
Emcee Invest, Inc.
Attention: Legal
169 Madison Ave STE 2745
New York, NY 10016
Email: help@bitsofstock.com

Notices to Customer shall be sent to the address and contact specified in the applicable Order Form. Either Party may update its notice information by written notice to the other Party. Routine operational communications may be sent via email to the designated business contacts identified in the Order Form.