MASTER SERVICE AGREEMENT

1.1 Provider: [Provider Company Name], a [corporation/GmbH] organized under the laws of [Jurisdiction], with principal offices at [Address] (the "Provider").

1.2 Customer: [Customer Company Name], a [corporation/GmbH] organized under the laws of [Jurisdiction], with principal offices at [Address] (the "Customer").

"Authorized Users" means individuals who are authorized by Customer to use the Service, for whom subscriptions have been purchased, and who have been supplied user identifications and passwords.

"Customer Data" means all electronic data or information submitted by Customer to the Service.

"Documentation" means the Provider's user manuals, handbooks, and guides relating to the Service provided by Provider to Customer either electronically or in writing.

"Personal Data" has the meaning given in GDPR Article 4(1).

"Service" means the software-as-a-service application(s) specified in the applicable Order Form, together with any updates, modifications, or enhancements thereto.

"Service Level Agreement" or "SLA" means the service level commitments set forth in Exhibit A.

3.1 Grant of Rights. Subject to the terms of this Agreement and Customer's payment of all Fees, Provider hereby grants Customer a non-exclusive, non-transferable right during the Subscription Term to:

3.2 Usage Restrictions. Customer shall not, and shall not permit any third party to:

3.3 Customer Responsibilities. Customer shall:

4.1 Fees. Customer shall pay Provider the fees set forth in the Order Form (the "Fees"). Unless otherwise specified:

4.2 Payment Terms.

4.3 Taxes. All Fees are exclusive of taxes. Customer is responsible for all sales, use, VAT, GST, and similar taxes, except for taxes based on Provider's income (see EU VAT Directive for cross-border SaaS taxation).

5.1 Uptime Commitment. Provider commits to [99.9%] Monthly Uptime Percentage for the Service, measured as follows:

5.2 Scheduled Maintenance. Provider shall provide at least [72] hours' advance notice of scheduled maintenance. Scheduled maintenance windows: [Sundays 02:00-06:00 UTC]. Scheduled maintenance does not count toward Downtime.

5.3 Service Credits. If Provider fails to meet the Monthly Uptime Percentage, Customer is entitled to Service Credits as follows:

5.4 Support. Provider shall provide technical support during [Business Hours: 9:00-18:00 CET, Monday-Friday] via email at [support@provider.com]. Response times:

6.1 Data Processing Agreement. The parties acknowledge that Customer is the Controller and Provider is the Processor of Personal Data processed through the Service, as defined in GDPR Article 4. The Data Processing Agreement attached as Exhibit B is incorporated by reference.

6.2 Provider Obligations (per GDPR Article 28). Provider shall:

6.3 Security Measures. Provider maintains the following security controls:

6.4 Sub-processors. Customer authorizes Provider to engage the sub-processors listed in Exhibit C. Provider shall notify Customer at least [30] days before adding or replacing sub-processors. Customer may object to new sub-processors within [14] days.

7. INTELLECTUAL PROPERTY & CONFIDENTIALITY

8. WARRANTIES & DISCLAIMERS

9. TERMINATION & EFFECTS

10. LIABILITY & INDEMNIFICATION

11. GOVERNING LAW & DISPUTE RESOLUTION

6.5 Data Location. Customer Data shall be stored and processed in: [EU/EEA / specific data centers]. International transfers comply with EU Standard Contractual Clauses.

7.1 Provider IP. Provider retains all right, title, and interest in the Service, Documentation, and all related intellectual property rights. No rights are granted except as expressly set forth herein.

7.2 Customer Data. As between the parties, Customer retains all right, title, and interest in Customer Data. Customer grants Provider a limited license to use Customer Data solely to provide the Service.

7.3 Feedback. If Customer provides suggestions, ideas, or other feedback regarding the Service ("Feedback"), Provider may use such Feedback without restriction or obligation to Customer.

8.1 Definition. "Confidential Information" means any non-public information disclosed by one party to the other that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information.

8.2 Obligations. The receiving party shall: (a) protect Confidential Information using the same degree of care it uses for its own confidential information (but no less than reasonable care); (b) not use Confidential Information except as necessary to perform under this Agreement; and (c) not disclose Confidential Information to third parties except to employees, contractors, and advisors who need to know and are bound by confidentiality obligations.

8.3 Exceptions. Confidential Information does not include information that: (a) is or becomes publicly available through no fault of the receiving party; (b) was rightfully known prior to disclosure; (c) is rightfully obtained from a third party without breach of confidentiality; or (d) is independently developed without use of Confidential Information.

8.4 Duration. Confidentiality obligations survive for [3/5] years after termination of this Agreement, except for trade secrets which remain protected indefinitely (see EU Trade Secrets Directive).

9.1 Provider Warranties. Provider warrants that:

9.2 Customer Warranties. Customer warrants that:

9.3 Disclaimer. EXCEPT AS EXPRESSLY PROVIDED HEREIN, PROVIDER MAKES NO WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. PROVIDER DOES NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED OR ERROR-FREE.

10.1 Exclusion of Consequential Damages. EXCEPT FOR BREACHES OF SECTION 8 (CONFIDENTIALITY), GROSS NEGLIGENCE, OR WILLFUL MISCONDUCT, NEITHER PARTY SHALL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, DATA, BUSINESS, OR GOODWILL.

10.2 Cap on Liability. EXCEPT FOR BREACHES OF SECTION 8 (CONFIDENTIALITY), GROSS NEGLIGENCE, OR WILLFUL MISCONDUCT, EACH PARTY'S TOTAL CUMULATIVE LIABILITY UNDER THIS AGREEMENT SHALL NOT EXCEED THE TOTAL FEES PAID OR PAYABLE BY CUSTOMER DURING THE [12] MONTHS PRECEDING THE CLAIM.

10.3 German Law Compliance. For contracts governed by German law, the limitations in Sections 10.1 and 10.2 do not apply to (a) liability for damages arising from injury to life, body, or health, (b) liability for gross negligence or intentional misconduct, or (c) liability under Product Liability Act (ProdHaftG).

11.1 Provider Indemnification. Provider shall defend, indemnify, and hold harmless Customer from and against any third-party claim that the Service infringes any patent, copyright, trademark, or trade secret, and shall pay all damages finally awarded against Customer or agreed in settlement.

11.2 Customer Indemnification. Customer shall defend, indemnify, and hold harmless Provider from and against any third-party claim arising from (a) Customer Data, (b) Customer's breach of this Agreement, or (c) Customer's violation of applicable law.

11.3 Conditions. The indemnifying party's obligations are conditioned on: (a) prompt written notice of the claim; (b) sole control of the defense and settlement; and (c) reasonable cooperation from the indemnified party.

12.1 Term. This Agreement commences on the Effective Date and continues for [12/24/36] months (the "Initial Term"), and shall automatically renew for successive [12]-month periods (each, a "Renewal Term") unless either party provides written notice of non-renewal at least [60/90] days prior to the end of the then-current term.

12.2 Termination for Cause. Either party may terminate this Agreement:

12.3 Effect of Termination. Upon termination:

12.4 Survival. Sections 7, 8, 9.3, 10, 11, 12.3, 12.4, and 13 shall survive termination.

13.1 Governing Law. This Agreement shall be governed by the laws of [Germany / Delaware], without regard to conflicts of law principles. For EU customers, GDPR and applicable EU regulations shall apply to data protection matters.

13.2 Dispute Resolution. Disputes shall be resolved by:

13.3 Force Majeure. Neither party shall be liable for delays or failures in performance resulting from circumstances beyond its reasonable control, including acts of God, natural disasters, war, terrorism, riots, embargoes, acts of civil or military authorities, fire, floods, accidents, strikes, or shortages of transportation, facilities, fuel, energy, labor, or materials.

13.4 Assignment. Neither party may assign this Agreement without the other party's prior written consent, except that either party may assign this Agreement to an affiliate or in connection with a merger, acquisition, or sale of all or substantially all of its assets.

13.5 Entire Agreement. This Agreement, including all Exhibits and Order Forms, constitutes the entire agreement between the parties and supersedes all prior agreements, understandings, and representations.

13.6 Amendments. This Agreement may only be amended in writing signed by both parties.

13.7 Severability. If any provision is found unenforceable, the remaining provisions shall continue in full force and effect.

13.8 Notices. Notices shall be in writing and sent to the addresses set forth above, or as updated by written notice. Notices are effective upon receipt.

See Section 5 for SLA terms. Additional metrics and procedures may be specified here.

The Data Processing Agreement pursuant to GDPR Article 28 is attached separately or available at: [URL]