Last updated: October 10, 2025 • Version: v1.2

SKYTEK Master Services Agreement

This Master Services Agreement (“Agreement” or “MSA”) governs the provision of information technology, managed services, cybersecurity, cloud services, consulting, and related professional services (“Services”) provided by SKYTEK Solutions, LLC, a Florida limited liability company, with its principal office located at 5850 Coral Ridge Drive, Suite 207, Coral Springs, FL 33076 (“SKYTEK”), to any client (“Client”) who receives Services from SKYTEK.

By executing a SKYTEK proposal, quote, order form, Statement of Work (“SOW”), service renewal, or by otherwise receiving Services from SKYTEK, the Client agrees to be bound by the terms of this MSA. SKYTEK and the Client may be referred to individually as a “Party” and collectively as the “Parties.”

1. Purpose and Scope
This Agreement establishes the overarching terms and conditions under which SKYTEK will provide Services to the Client and, where applicable, Client’s subsidiaries or affiliates (“Client Affiliates”). Specific Services, deliverables, pricing, responsibilities, and engagement-specific terms will be defined in one or more SOWs, order forms, proposals, or service quotes issued by SKYTEK and accepted by the Client (“Service Agreements”). Each Service Agreement is incorporated by reference into this MSA and shall be governed by this MSA unless otherwise explicitly stated.

Services provided under this Agreement may include, without limitation:

• 24×7 IT Helpdesk and End-User Support
• Cloud, Infrastructure, and Systems Management
• Cybersecurity, Monitoring, and Compliance Services
• Network, Identity, and Domain Services
• Strategic IT Consulting, Projects, and Professional Services

No work shall be performed and no fees shall be incurred unless expressly authorized in a fully executed SOW. Each SOW shall operate under and be subject to the terms of this MSA. In the event of a conflict between this MSA and an SOW, the SOW shall control with respect to the subject matter of that SOW.

2. Relationship of the Parties
SKYTEK shall perform all Services as an independent contractor. Nothing in this Agreement shall be interpreted as creating any partnership, joint venture, fiduciary duty, employer-employee relationship, or agency between the Parties. Neither Party has authority to bind the other in any manner unless expressly stated in a written instrument executed by both Parties. This Agreement is non-exclusive, and SKYTEK may provide services to other clients, including services identical or similar to those described in this Agreement, provided SKYTEK continues to comply with its confidentiality obligations.

3. Mutual Cooperation
Client agrees to provide timely access, accurate information, system credentials, personnel availability, and all necessary resources required for SKYTEK to perform the Services. SKYTEK’s obligations are expressly conditioned on Client’s cooperation and fulfillment of its responsibilities. Any delay, failure, or inaccuracy in Client-provided information or access shall relieve SKYTEK of any corresponding performance timelines, obligations, service levels, or liabilities. Both Parties agree to act in good faith; however, SKYTEK shall at all times retain discretion over its internal security practices, tools, methods, and service delivery framework.

4. Incorporation and Order of Precedence
This MSA, together with any exhibits, policies referenced herein, and duly executed Statements of Work (“SOWs”), constitutes the entire agreement between the Parties regarding the Services. No terms, purchase orders, or other Client-issued documents shall modify or supersede this MSA unless expressly agreed upon in a mutually executed amendment. In the event of a conflict between this MSA and any SOW, the terms of this MSA shall prevail unless the SOW explicitly identifies the specific MSA section being modified.

5. Agreement Term
This Agreement shall commence on the Effective Date and shall continue in effect on a perpetual basis unless terminated in accordance with this Agreement. Either Party may request modifications to the Agreement with at least sixty (60) days’ prior written notice; however, no modification shall be binding unless executed in writing by both Parties. Absent mutual written amendment, all terms and conditions of this Agreement shall remain continuously in full force and effect without expiration.

Purpose of the Agreement
The purpose of this Master Services Agreement (“Agreement” or “MSA”) is to establish a perpetual, enterprise-level framework under which SKYTEK Solutions, LLC (“SKYTEK”) may provide information technology, managed services, consulting, cybersecurity, and related professional services to the client identified in the Agreement (“Client”) and, where applicable, its subsidiaries and affiliates (“Client Affiliates”). This MSA enables Client and its Affiliates to obtain Services from SKYTEK under a unified contractual structure, without the need for separate master agreements for each entity.

Client or any Client Affiliate may procure Services by executing a Statement of Work (“SOW”) with SKYTEK. The entity executing the SOW shall be solely responsible for all obligations, approvals, and payments associated with that SOW, and shall have the right to enforce the terms of this MSA solely with respect to its own ordered Services. SKYTEK shall perform the Services described in each SOW in accordance with this MSA, the applicable SOW, and any referenced policies, fee schedules, or Service Level Agreements (“SLAs”) expressly incorporated by reference. Each SOW must:
(a) be executed by SKYTEK and the Client or applicable Client Affiliate;
(b) reference this Master Services Agreement; and
(c) define the specific Services, deliverables, fees, service levels (if any), and timelines applicable to that engagement.

In the event of any conflict between this MSA and an SOW, the terms of this MSA shall control, unless the SOW expressly identifies the specific MSA provision being superseded and states the Parties’ intent to override that provision.

The scope of onboarding, transition activities, and service prerequisites for each engagement shall be detailed in the applicable SOW. No additional services, responsibilities, schedule impacts, or fees shall apply unless agreed to in a mutually executed, written change order or amended SOW. SKYTEK shall not be responsible for, nor shall it perform, any system changes, configurations, or modifications to the Client’s production environment unless such activities are expressly authorized in the applicable SOW.

This MSA is intended to streamline and standardize SKYTEK’s delivery of IT services across Client’s environment, ensuring consistency, operational efficiency, and a scalable security-focused technology strategy. By consolidating services under this Agreement, the Client benefits from reduced administrative overhead, improved governance, and faster access to SKYTEK’s expertise, while SKYTEK retains consistent operational, security, and compliance alignment throughout the engagement.

Confidentiality

2.1 Definition of Confidential Information
“Confidential Information” means all non-public, proprietary, sensitive, or security-related information disclosed by a Party (“Provider”) to the other Party (“Recipient”) in connection with this Agreement, whether disclosed orally, visually, or in written, electronic, or other tangible form. Confidential Information includes, without limitation: business plans, financial data, operational information, systems, networks, passwords, access credentials, technical data, system designs, diagrams, configurations, security processes, scripts, source code, software, tools, monitoring systems, automation logic, intellectual property, and documentation related to SKYTEK’s service delivery methods, technologies, and platforms.

Confidential Information does not include information that the Recipient can demonstrate through written evidence:
(a) is or becomes publicly available through no breach of this Agreement;
(b) was lawfully in Recipient’s possession prior to disclosure by Provider;
(c) is received from a third party without a duty of confidentiality;
(d) is independently developed by Recipient without use of or reference to Provider’s Confidential Information; or
(e) must be disclosed pursuant to law, regulation, subpoena, or government order, provided that Recipient (where legally permitted) gives Provider prompt written notice and reasonably cooperates in seeking a protective order or other limitation on disclosure.

2.2 Confidentiality Obligations
Recipient shall:
(i) protect all Confidential Information using at least the same degree of care it uses to protect its own confidential materials, and in no event less than a commercially reasonable standard;
(ii) use Provider’s Confidential Information solely for purposes of performing its obligations under this Agreement; and
(iii) restrict disclosure of Provider’s Confidential Information only to its employees, agents, subcontractors, and advisors who have a legitimate “need to know” and who are bound by written confidentiality obligations at least as protective as those in this Agreement. Recipient shall be responsible for any breach of this Section by its personnel, agents, or subcontractors.

Recipient shall not disclose Provider’s Confidential Information to any third party without Provider’s prior written consent, and shall maintain appropriate administrative, technical, and physical safeguards to prevent unauthorized use, disclosure, or access. At Provider’s written request, Recipient shall promptly return or securely destroy all Confidential Information, except for (a) electronic backup copies retained in accordance with automated archival systems, and (b) copies retained as required by law. Any retained Confidential Information will remain subject to this Section until destroyed in the ordinary course of business.

2.3 Injunctive Relief; Survival
Recipient acknowledges that unauthorized disclosure or misuse of Confidential Information, particularly SKYTEK’s security methods, tools, and intellectual property, may cause irreparable harm for which monetary damages may be inadequate. Accordingly, the Provider shall be entitled to seek injunctive relief, specific performance, or other equitable remedies in addition to any other rights available at law or in equity.

Confidentiality obligations under this Section shall survive termination of this Agreement for five (5) years, except that SKYTEK’s proprietary technology, intellectual property, and security-related information shall remain confidential in perpetuity.

2.4 Responsibility for Personnel and Subcontractors
Each Party shall be responsible for the actions of its employees, agents, and authorized subcontractors in connection with this Agreement. SKYTEK may utilize subcontractors to perform portions of the Services, and SKYTEK shall remain responsible for Service delivery and subcontractor performance. “Authorized subcontractors” means third parties formally engaged by a Party to support the Services under this Agreement or an applicable SOW.

SKYTEK shall ensure its authorized subcontractors are bound by written confidentiality and data protection obligations no less protective than those in this Agreement. SKYTEK shall retain full control over the management, direction, and performance of its subcontractors, and nothing in this Agreement shall create any contractual relationship between Client and any SKYTEK subcontractor. Client acknowledges and agrees that SKYTEK may disclose Confidential Information to its authorized subcontractors strictly as necessary to perform the Services, and SKYTEK shall remain responsible for such subcontractors’ compliance.

A Party shall not be liable for a breach by its personnel or subcontractors unless such breach results from that Party’s failure to exercise commercially reasonable oversight, due diligence, or control. If disclosure of Confidential Information is required by law, the disclosing Party shall provide notice (to the extent legally permissible) and disclose only what is legally required.

2.5 Data Security
SKYTEK shall implement and maintain commercially reasonable administrative, technical, and physical safeguards designed to protect Client data from unauthorized access, loss, alteration, or disclosure (“Security Measures”). SKYTEK shall comply with applicable data protection laws and maintain core security practices such as multi-factor authentication, strong credential standards, regular patching, and data backup procedures, unless otherwise specified in an applicable SOW.

SKYTEK shall maintain a Business Continuity and Disaster Recovery program and will use commercially reasonable efforts to restore services in accordance with recovery objectives set forth in the applicable SOW or SLA. Client acknowledges that no system, network, or service can be guaranteed to be fully secure or error-free, and SKYTEK makes no guarantee against cybersecurity threats, zero-day attacks, ransomware, or unauthorized third-party actions.

In the event SKYTEK confirms an actual unauthorized access, disclosure, or loss of Client data caused by SKYTEK’s systems under its direct control (a “Security Incident”), SKYTEK shall notify Client without undue delay and, where feasible, within twenty-four (24) hours of confirmation. SKYTEK shall investigate, mitigate, and take commercially reasonable steps to contain the incident, and shall cooperate with Client as legally permissible. Nothing in this section shall require SKYTEK to obtain Client approval before making legally required notifications to regulators, law enforcement, insurance providers, or affected individuals.

3. Limitation of Liability
To the fullest extent permitted by law, SKYTEK’s total aggregate liability for any and all claims arising out of or relating to this Agreement, any SOW, or the Services — including but not limited to data loss, system unavailability, business interruption, Security Incidents, negligence, contract claims, warranty claims, indemnity claims, or any alleged failure of Services — shall not exceed the total fees paid to SKYTEK by Client under the applicable SOW during the three (3) months immediately preceding the event giving rise to the claim, or the amount actually recovered under SKYTEK’s applicable insurance policy, whichever is less.

In no event shall SKYTEK be liable for any:
(a) indirect, incidental, consequential, exemplary, special, enhanced, or punitive damages;
(b) loss of profits, revenue, data, business, savings, or goodwill;
(c) downtime, delays, or service interruptions; or
(d) claims arising from third-party actions, zero-day vulnerabilities, force majeure events, or Client’s failure to follow SKYTEK recommendations, security standards, or required configurations.

Client agrees that these limitations are a fundamental basis of the bargain and apply even in the event of SKYTEK’s negligence, strict liability, or alleged failure of essential purpose. These limitations shall survive termination or expiration of this Agreement.

4. Definitions
For purposes of this Agreement, the following terms apply:

“Administrative, Technical, and Physical Security Measures”
means commercially reasonable administrative, technical, and physical safeguards designed to protect Client Data against unauthorized access, consistent with industry practices and applicable law. SKYTEK will maintain such safeguards, but Client acknowledges that no system or service can be guaranteed to be fully secure, error-free, or immune from cyberattacks.

“Client Data”
means information provided by Client to SKYTEK or processed by SKYTEK on Client’s behalf in the course of delivering Services. Client Data does not include aggregated, anonymized, de-identified, behavioral, or statistical data generated by SKYTEK in the course of providing Services, all of which shall be owned exclusively by SKYTEK.

“Security Incident”
means a confirmed unauthorized access to Client Data caused by SKYTEK’s systems under SKYTEK’s direct control that materially compromises the confidentiality, integrity, or availability of such data. For clarity, unsuccessful attempts, phishing events, brute-force attempts, malware blocked by security tools, scans, alerts, or events originating from Client’s environment or third-party platforms shall not constitute a Security Incident.

“Security Incident Related Costs”
means Client’s reasonable, direct, and documented out-of-pocket costs legally required for regulatory breach notifications that result directly and solely from a Security Incident caused by SKYTEK’s proven negligence, subject to the liability cap in Section 3. SKYTEK shall not be responsible for forensic costs, litigation costs, business losses, internal labor costs, or costs incurred without SKYTEK’s prior written approval.

“System”
means any network, device, application, platform, or cloud environment operated and controlled by SKYTEK that is materially used to perform Services under this Agreement.

5. Intellectual Property

5.1 Ownership of SKYTEK Materials
SKYTEK retains all rights, title, and interest in and to all tools, software, scripts, playbooks, templates, automation, workflows, methodologies, processes, configurations, system designs, monitoring systems, documentation, training materials, intellectual property, know-how, and other materials used, created, or developed by SKYTEK in the course of providing the Services, whether pre-existing or developed during the term of this Agreement (“SKYTEK Materials”). SKYTEK Materials are and shall remain the exclusive property of SKYTEK.

5.2 License to Client
SKYTEK grants Client a limited, non-exclusive, non-transferable, revocable, royalty-free license to use SKYTEK Materials solely for Client’s internal business purposes and only for the duration of this Agreement. Client shall not copy, modify, reverse-engineer, sublicense, disclose, publish, or provide SKYTEK Materials to any third party without SKYTEK’s prior written consent. Upon expiration or termination of this Agreement, all rights granted to Client under this Section shall immediately terminate, and Client shall return or destroy all SKYTEK Materials in its possession.

5.3 Custom Deliverables
Any custom software or deliverable expressly commissioned under a separate SOW and paid for in full may be owned by Client only if the SOW explicitly states such transfer of ownership. Notwithstanding the foregoing, SKYTEK retains a perpetual, irrevocable, royalty-free license to reuse, improve, or incorporate such deliverables, concepts, or methods into SKYTEK’s business, services, tools, or offerings without restriction. Under no circumstances shall SKYTEK be restricted from developing or providing similar work, deliverables, or services to other clients.

5.4 Trade Secrets and Confidentiality
All SKYTEK Materials, configurations, security designs, and operational methodologies constitute SKYTEK trade secrets and SKYTEK Confidential Information. Client shall not assert ownership or authorship of SKYTEK’s work, tools, or configurations at any time.

6. Limitation of Liability

6.1 Liability Cap
To the fullest extent permitted by law, SKYTEK’s total aggregate liability for any and all claims arising out of or relating to this Agreement, any SOW, or the Services — including without limitation claims relating to data loss, downtime, business interruption, cybersecurity events, Security Incidents, breach, negligence, or indemnification — shall not exceed the total fees paid by Client to SKYTEK under the applicable SOW during the three (3) months immediately preceding the event giving rise to the claim, or the amount recovered under SKYTEK’s applicable insurance policy, whichever is less.

This limitation applies regardless of the number of claims, claimants, or theories of liability.

6.2 Exclusion of Damages
In no event shall SKYTEK be liable for any indirect, incidental, consequential, exemplary, special, statutory, multiplied, or punitive damages, including but not limited to lost profits, loss of revenue, loss of business, loss of goodwill, loss of data, downtime, or business interruption — even if SKYTEK has been advised of the possibility of such damages.

These exclusions apply to all causes of action, including confidentiality claims, indemnification claims, and Security Incidents, except to the extent prohibited by law.

6.3 Applicability and Survival
The limitations and exclusions in this Section apply:
(a) to all legal and equitable theories (contract, tort, negligence, statute, strict liability, or otherwise);
(b) even if any remedy fails of its essential purpose; and
(c) shall survive termination or expiration of this Agreement.

7. Indemnification

7.1 Indemnification by SKYTEK (Narrow and Limited)
SKYTEK shall indemnify, defend, and hold harmless the Client from third-party claims to the extent arising from:
(a) SKYTEK’s willful misconduct or proven fraud in the performance of the Services; or
(b) a third-party claim that SKYTEK’s proprietary SKYTEK Materials, as delivered and unmodified, directly infringe a third-party U.S. intellectual property right.

SKYTEK shall have no indemnification obligation for claims arising out of or related to:
(i) Client’s data, systems, configurations, instructions, or materials;
(ii) third-party software, tools, or services (including those recommended, procured, or configured by SKYTEK);
(iii) modifications not made by SKYTEK;
(iv) any Security Incident or cyber event, except to the limited extent caused by SKYTEK’s willful misconduct; or
(v) acts, omissions, access, or misuse by Client, its users, vendors, or contractors.

If any SKYTEK Materials are found or believed by SKYTEK to infringe, SKYTEK may, at its option and expense: (1) procure the right for Client to continue using them; (2) replace or modify the materials to be non-infringing; or (3) terminate the affected portion of the Services with no further liability.

7.2 Indemnification by Client (Broad and Primary)
Client shall indemnify, defend, and hold harmless SKYTEK, its officers, employees, agents, and subcontractors from and against any and all claims, damages, liabilities, losses, costs, and expenses (including reasonable attorney’s fees) arising out of or relating to:
(a) Client’s data, systems, or environment, including Security Incidents or data breaches originating from or affecting Client systems, users, or third parties;
(b) Client’s negligence, misuse, or willful misconduct;
(c) Client’s breach of this Agreement or failure to follow SKYTEK recommendations or security requirements;
(d) claims relating to Client-provided data, instructions, configurations, integrations, or access; or
(e) disputes between Client and any third party arising from the Services or Client’s business operations.

7.3 Indemnification Procedure
The Party seeking indemnification (“Indemnified Party”) shall provide the other Party (“Indemnifying Party”) with prompt written notice of any indemnifiable claim. The Indemnifying Party shall control the defense and settlement of the claim, provided that:
(i) the Indemnified Party may participate in the defense at its own expense, and
(ii) no settlement may be entered into without the Indemnified Party’s prior written consent if the settlement imposes any obligation or admission of liability on the Indemnified Party.

The Parties shall reasonably cooperate in the defense of any such claim.

8. Dispute Resolution
The Parties shall use good faith efforts to resolve any dispute arising out of or relating to this Agreement through executive-level discussions before initiating litigation. Nothing in this Section shall restrict either Party from seeking immediate injunctive or equitable relief to protect its Confidential Information, intellectual property, or service delivery.

Each Party irrevocably submits to the exclusive jurisdiction of the state and federal courts located in Broward County, Florida, and waives any objection to venue or forum non conveniens. The Parties agree to participate in remote or virtual proceedings whenever reasonably practicable to minimize cost and disruption.

Client shall not withhold, offset, or delay payment of any undisputed amounts due under this Agreement during a dispute. All undisputed invoices must be paid in accordance with this Agreement while the dispute is pending.

9. Force Majeure

9.1 Scope
Neither Party shall be liable for any failure or delay in performance (other than payment obligations) due to causes beyond its reasonable control, including but not limited to acts of God, natural disasters, war, terrorism, labor disputes, civil unrest, pandemics, government restrictions, supply chain failures, utility or network outages, denial-of-service attacks, cybersecurity events, or failures of third-party hosting, telecommunications, or cloud providers (“Force Majeure Event”).

9.2 Notice and Mitigation
The affected Party shall provide prompt written notice identifying the Force Majeure Event and its anticipated impact, and shall use commercially reasonable efforts to resume performance as soon as practicable. Obligations not affected by the Force Majeure Event shall continue in full force.

9.3 Extended Events
If a Force Majeure Event prevents material performance for more than one hundred twenty (120) consecutive days, the non-affected Party may terminate only the impacted SOW upon thirty (30) days’ written notice. The MSA shall remain in full force and effect. Neither Party shall have any liability for such termination other than Client’s obligation to pay for Services rendered and costs incurred prior to termination.

9.4 Payments Continue
Client shall remain responsible for payment of:
(a) all Services performed prior to or during the Force Majeure Event, and
(b) ongoing fixed or recurring fees for Services or resources that SKYTEK continues to maintain, provide, or incur during the Force Majeure period.

10. Payment Terms

10.1 Invoicing and Payment
Unless otherwise stated in an applicable SOW, SKYTEK shall invoice monthly in advance for recurring services and in arrears for time-and-materials or project deliverables. All undisputed invoices are due and payable within Net-30 days from the invoice date. Client shall not unreasonably withhold or delay acceptance of deliverables.

10.2 Disputed Amounts
If Client disputes any portion of an invoice, Client shall (a) pay all undisputed amounts by the due date and (b) provide written notice of the specific disputed charges within fifteen (15) days of receipt. The Parties shall work in good faith to resolve the dispute within thirty (30) days. Failure to timely dispute an invoice constitutes acceptance.

10.3 Late Payments; Suspension Rights
Any undisputed invoice not paid when due shall accrue interest at the rate of 1.5% per month (or the maximum allowed by law, if lower). SKYTEK may suspend Services, with prior written notice, for any invoice that remains unpaid for more than fifteen (15) days after notice of non-payment. Suspension of services shall not be deemed a breach by SKYTEK.

10.4 No Offset or Withholding
Client shall not withhold, offset, or delay payment of any undisputed fees, including during any dispute, termination period, or Force Majeure event.

10.5 Non-Refundable Fees
All fees paid are non-refundable unless expressly stated otherwise in the applicable SOW.

11. Term and Termination

11.1 Term
This Agreement shall commence on the Effective Date and shall continue on a perpetual basis unless terminated in accordance with this Section. Each SOW shall remain in effect for the duration stated therein.

11.2 Renewal
This MSA renews automatically without expiration. The Parties may update terms only through a mutually executed written amendment.

11.3 Termination for Cause
Either Party may terminate this Agreement or an SOW for material breach that remains uncured for thirty (30) days after written notice. SKYTEK may terminate immediately for:
(a) Client’s breach of confidentiality, security, or acceptable-use obligations;
(b) Client’s violation of law; or
(c) Client’s failure to pay undisputed amounts within thirty (30) days of due date.

11.4 Termination for Convenience
Either Party may terminate this MSA or any SOW for convenience with ninety (90) days’ prior written notice. Upon such termination:

• Client shall pay SKYTEK for all Services rendered, all work in progress, all remaining recurring fees through the notice period, and any committed or non-cancellable third-party costs; and
• If termination affects an active SOW, Client shall pay an early termination fee equal to the lesser of:
  (i) three (3) months of the recurring fees under the SOW, or
  (ii) the remaining balance of the SOW term.

11.5 Effect of Termination
Upon termination, all amounts owed to SKYTEK shall become immediately due. Prepaid fees are non-refundable except where Services have not yet been delivered and no resources have been allocated. SKYTEK shall have no obligation to retain Client data or provide offboarding assistance beyond ten (10) business days, unless Client enters into a paid offboarding or transition SOW.

11.6 Survival
Any provisions that by nature should survive — including confidentiality, intellectual property, indemnification, limitations of liability, payment obligations, and dispute resolution — shall survive termination or expiration.

12. Independent Contractor; No Agency

SKYTEK is and shall remain an independent contractor. Nothing in this Agreement shall be construed to create an employment, partnership, fiduciary, joint-venture, or agency relationship between SKYTEK and Client. SKYTEK personnel are not and shall not be deemed employees of Client.

SKYTEK shall be solely responsible for compensation, direction, supervision, taxes, insurance, and compliance obligations for its personnel. Client shall have no authority or responsibility for SKYTEK’s personnel and shall not attempt to control the manner, method, or means by which SKYTEK performs the Services, other than providing requirements and outcomes defined in an applicable SOW.

Neither SKYTEK nor its personnel are authorized to act on behalf of, bind, or make commitments for Client unless expressly authorized in a mutually executed written instrument. SKYTEK may provide similar services to other clients, provided that Client Confidential Information is not used or disclosed and no conflict of interest exists.

13. Warranty

13.1 SKYTEK Limited Warranty
SKYTEK warrants that:
(a) it has the authority to enter into this Agreement;
(b) the Services will be performed in a professional and workmanlike manner consistent with industry standards for similar managed IT services; and
(c) SKYTEK personnel assigned to perform Services shall possess the skills and qualifications reasonably necessary to perform their assigned duties.

13.2 Warranty Exclusions
EXCEPT AS EXPRESSLY PROVIDED IN THIS SECTION, SKYTEK DISCLAIMS ALL OTHER WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, ERROR-FREE OPERATION, DATA SECURITY, SYSTEM PERFORMANCE, OR UNINTERRUPTED SERVICE. SKYTEK does not warrant or guarantee that:
(i) security incidents, breaches, or cyberattacks will be prevented;
(ii) third-party systems, software, or services will perform without defect; or
(iii) the Services will meet Client’s legal, compliance, business, or regulatory requirements unless expressly stated in an SOW.

13.3 Sole Remedy
Client’s exclusive remedy for breach of the SKYTEK warranty shall be reperformance of the non-conforming Services. If SKYTEK cannot substantially cure a material non-conformity within a reasonable period, Client may terminate the affected SOW and receive a refund of fees paid for the non-conforming Services not yet performed. This is Client’s sole and exclusive remedy.

14. Insurance

14.1 SKYTEK Insurance Requirements
SKYTEK shall maintain, at its own expense and during the term of this Agreement, insurance coverage consistent with its corporate insurance program. SKYTEK currently maintains the following minimum insurance coverage:

(a) Commercial General Liability (CGL) — $1,000,000 per occurrence / $2,000,000 general aggregate
This policy provides third-party liability coverage for bodily injury, personal injury, and property damage arising from SKYTEK’s business operations, including premises/operations and products/completed operations liability.

(b) Automobile Liability (Hired & Non-Owned Auto) — $1,000,000 combined single limit per accident
This policy provides liability coverage for bodily injury and property damage caused by vehicles not owned by SKYTEK but used in the course of business, including employee-owned, leased, rented, or hired vehicles.

(c) Umbrella / Excess Liability — $1,000,000 per occurrence / $1,000,000 aggregate
This policy provides an additional layer of liability protection above the limits of the underlying CGL and Auto Liability policies. It is intended to provide coverage for high-severity or catastrophic claims once underlying limits are exhausted.

14.1a Certificates of Insurance
Upon written request, SKYTEK shall provide the Client with a certificate of insurance as evidence of the coverage listed above. All insurance shall be maintained with carriers rated A- or better by AM Best (or equivalent).

14.1b Additional Insured Status
The Client shall not be named as an additional insured except where legally required and only to the extent of SKYTEK’s proven negligence. Any additional insured status must be mutually agreed upon in writing.

14.2 Client Insurance Requirements
Client shall, at its sole cost, maintain Cyber Liability / Data Breach / Ransomware Insurance with minimum limits of no less than $1,000,000 to cover costs associated with ransomware, cyberattacks, data loss, regulatory obligations, breach notifications, restoration, business interruption, and related financial impacts. At SKYTEK’s reasonable request, Client shall provide evidence of this coverage. Failure of Client to maintain such insurance does not create liability for SKYTEK.

14.3 Cyber Events and Ransomware Liability Disclaimer
Client acknowledges and agrees that no system, network, or service can be guaranteed to be secure or immune from cybersecurity threats, ransomware, malware, zero-day exploits, or unauthorized access. SKYTEK shall not be held liable for any ransomware event, data breach, business interruption, system downtime, loss of data, or other cyber-related damages or losses, except to the limited extent caused by SKYTEK’s willful misconduct as determined by a court of competent jurisdiction.

Client accepts full responsibility for its own cybersecurity posture, including (but not limited to) user behavior, endpoint security, access controls, backup validation, and compliance with SKYTEK’s recommendations. Any ransomware impact, loss, or recovery cost shall be handled under Client’s cyber insurance policy, not by SKYTEK.

15. Audit Rights
SKYTEK shall maintain records reasonably necessary to demonstrate its material compliance with this Agreement. Upon at least thirty (30) days’ prior written notice, Client may, no more than once per twelve (12) months, conduct a limited audit solely to verify SKYTEK’s compliance with the specific, material obligations of this Agreement.

Any audit shall:
(a) be conducted during normal business hours;
(b) not interfere with SKYTEK’s business operations or service delivery to other clients;
(c) be limited strictly to records related to Services performed under this Agreement; and
(d) exclude SKYTEK’s internal systems, proprietary methodologies, tools, monitoring logic, source code, financials, internal security controls, other client data, SOC runbooks, or intellectual property not exclusively related to the Client.

Audits shall be conducted by the Client or a mutually agreed independent auditor, and all auditors must execute SKYTEK’s confidentiality and facility/security requirements. SKYTEK may redact, restrict, or withhold access to information outside the approved audit scope. SKYTEK may, at its discretion, provide audit responses through reports, attestations, or read-only demonstrations in lieu of direct system access.

Each Party shall bear its own costs for any audit. If a material and verifiable breach of a material obligation is found, SKYTEK will remedy it within a commercially reasonable timeframe. SKYTEK will only bear reasonable audit costs if (and only if) the audit reveals a material, unremedied breach directly caused by SKYTEK.

16. Subprocessors
SKYTEK may engage subcontractors and subprocessors to support delivery of the Services. SKYTEK shall remain responsible for the performance of subprocessors under this Agreement, subject to the limitation that SKYTEK shall only be liable to the extent any failure results from SKYTEK’s lack of reasonable oversight or due diligence.

SKYTEK shall ensure subprocessors are bound by confidentiality and data-protection obligations no less protective than those in this Agreement. SKYTEK shall provide a list of material subprocessors upon written request.

Client acknowledges that SKYTEK may utilize standard enterprise infrastructure and service providers (including Microsoft, Azure, AWS, M365, security vendors, and data-center platforms) without obtaining Client approval, provided such vendors maintain generally recognized industry security certifications (e.g., ISO 27001, SOC 2, or equivalent).

If SKYTEK engages a new subprocessor that will materially process Client Data, SKYTEK shall provide ten (10) business days’ prior notice. Client may object only on reasonable, documented security grounds. If the Parties cannot resolve the objection, Client’s sole remedy shall be to terminate the affected SOW, not the MSA, upon written notice. No fees shall be refunded, and all accrued and committed fees remain payable.