Master Services Agreement

This Master Services Agreement (“MSA” or “Agreement”) is entered into between Bliss Cyber LLC, a Florida limited liability company (“Bliss Cyber”), and the client identified in a Statement of Work issued under this Agreement (“Client”). This MSA governs all services provided by Bliss Cyber and is incorporated by reference into each Statement of Work (“SOW”). In the event of a conflict between this MSA and an SOW, the SOW controls as to the specific subject matter of that SOW.

1. Definitions

"Agreement"

This MSA and all incorporated SOWs, exhibits, and addenda.

"Services"

All IT support, cybersecurity, implementation, review, website, and related technology services described in an SOW.

"SOW"

A Statement of Work issued under this MSA describing specific services, deliverables, timelines, and fees for a particular engagement.

"Deliverables"

Work product, documentation, configurations, code, reports, and other tangible outputs created by Bliss Cyber specifically for Client under an SOW.

"Confidential Information"

Non-public information disclosed by either party in connection with this Agreement, including client data, business operations, pricing, technical systems, and personnel information.

"Client Data"

All data, content, and information owned, licensed, or controlled by Client that is accessed, processed, or stored by Bliss Cyber in the course of providing Services.

2. Services

Bliss Cyber provides technology and cybersecurity services to businesses and professional organizations. Services are described in individual Statements of Work. The following categories may be offered:

Services are limited to the applicable SOW. Work outside scope requires a new or amended SOW. Bliss Cyber reserves the right to decline engagements outside its areas of competency.

3. Statements of Work

Each engagement is governed by a Statement of Work that specifies services, deliverables, timelines, fees, and any client-specific terms. An SOW becomes effective when signed by authorized representatives of both parties.

• ▸SOWs may not contradict the material terms of this MSA without explicit written agreement by both parties.
• ▸Changes to an active SOW require a written amendment signed by both parties.
• ▸Bliss Cyber may subcontract portions of an engagement with prior written notice, but remains responsible for quality and confidentiality.

4. Fees, Invoicing & Payment

All fees are set forth in the applicable SOW. Unless otherwise specified:

• ▸Retainer fees are invoiced on the 1st of each month and due within 15 days.
• ▸Hourly fees are invoiced monthly in arrears and due within 15 days.
• ▸Project-based fees are invoiced per the milestone schedule in the SOW.
• ▸Emergency response fees are invoiced within 5 business days of the incident.
• ▸All invoices are in US dollars.
• ▸Late payments beyond 15 days accrue a 1.5% monthly late fee.
• ▸Services may be paused if an invoice remains unpaid beyond 30 days.

Bliss Cyber reserves the right to adjust standard rates with 30 days written notice. Rate changes do not apply to the current term of any active SOW unless otherwise agreed.

5. Term & Termination

This MSA is effective from the date of the first SOW executed under it and continues until all active SOWs have been terminated or expired.

5.1 Termination of Individual SOWs

Unless a minimum term is stated in an SOW, each SOW continues on a month-to-month basis. Either party may terminate an SOW at any time, for any reason, with 15 days written notice.

5.2 Termination for Cause

Either party may terminate this MSA or any SOW immediately upon written notice if the other party: (a) materially breaches and fails to cure within 10 business days; (b) becomes insolvent or enters bankruptcy; or (c) fails to pay any undisputed invoice for more than 30 days after the due date.

5.3 Effect of Termination

• ▸All outstanding fees and the current month’s retainer (if already invoiced) are due upon termination.
• ▸Bliss Cyber will complete work reasonably finishable within the notice period unless instructed otherwise.
• ▸Client data, credentials, and configurations will be returned or transferred within a reasonable time.
• ▸Project files are not retained beyond 30 days following effective termination.
• ▸Confidentiality, IP, limitation of liability, and governing law provisions survive termination.

6. Intellectual Property

6.1 Client Ownership

Client owns all Deliverables created specifically for Client under an SOW, upon receipt of full payment. Client retains all ownership of its data, domain names, platform accounts, and third-party licenses held in Client's name.

6.2 Bliss Cyber Retained Rights

Bliss Cyber retains ownership of its methodologies, tools, templates, frameworks, and pre-existing works. Upon full payment, Client receives a perpetual, non-exclusive, non-transferable license to use paid Deliverables for internal business purposes.

6.3 Work in Progress

Bliss Cyber retains ownership of work product for which payment has not been received. Bliss Cyber may withhold delivery of unpaid Deliverables until payment is received.

6.4 Portfolio Use

Bliss Cyber may reference the existence of a client relationship for marketing purposes unless Client requests otherwise in writing.

7. Confidentiality

Both parties agree to hold Confidential Information in strict confidence and not disclose it to third parties without prior written consent, except as required by law or as necessary to perform services.

7.1 Client Data

Bliss Cyber will not disclose, sell, or use Client Data for any purpose other than performing services. Bliss Cyber maintains reasonable administrative, technical, and physical safeguards to protect Client Data.

7.2 Incident Notification

Bliss Cyber will promptly notify Client of any confirmed or reasonably suspected unauthorized access to Client Data resulting from Bliss Cyber's operations.

7.3 Survival

Confidentiality obligations survive termination for three (3) years, except for trade secrets, which are protected indefinitely.

8. Independent Contractor

Bliss Cyber is an independent contractor. Nothing in this Agreement creates any employment, partnership, joint venture, or agency relationship. Bliss Cyber is solely responsible for its own taxes, insurance, and business expenses. Bliss Cyber personnel are not employees of Client and are not entitled to employee benefits from Client.

9. Representations & Warranties

Each party represents that it has full legal authority to enter into this Agreement and that doing so does not violate any other obligation.

Bliss Cyber warrants professional, workmanlike performance consistent with industry standards. Bliss Cyber does not warrant specific security outcomes, compliance certifications, or prevention of all incidents. Cybersecurity services reduce risk — they do not eliminate it. All other warranties are disclaimed to the extent permitted by law.

10. Limitation of Liability

Bliss Cyber's total aggregate liability for any claim is limited to the total fees paid by Client in the three (3) calendar months preceding the event giving rise to the claim.

Bliss Cyber is not liable for any indirect, incidental, consequential, special, or punitive damages — including lost revenue, lost data, business interruption, or reputational harm — regardless of cause. Nothing in this section limits liability for gross negligence, willful misconduct, or any liability that cannot be limited by law.

11. Indemnification

Each party agrees to defend, indemnify, and hold harmless the other party from third-party claims arising out of: (a) breach of this Agreement; (b) gross negligence or willful misconduct; or (c) infringement of a third party's intellectual property rights caused by materials provided by the indemnifying party.

12. Acceptable Use

Client agrees not to use Bliss Cyber's services for any unlawful purpose. Client is responsible for ensuring its personnel use Bliss Cyber-configured systems lawfully. Bliss Cyber reserves the right to immediately suspend services if Client's use poses legal, regulatory, or reputational risk.

13. Force Majeure

Neither party is liable for delays resulting from causes beyond reasonable control, including natural disasters, acts of government, widespread internet outages, or other force majeure events. The affected party will promptly notify the other and use reasonable efforts to resume performance.

14. Governing Law & Dispute Resolution

This Agreement is governed by Florida law. Disputes that cannot be resolved through good-faith negotiation shall be submitted to mediation before litigation. If mediation fails, disputes shall be resolved in the state or federal courts of Escambia County, Florida.

15. General Provisions