SOClogix Master Service Agreement
This Security and IT Support Master Services Agreement (“Agreement”) is by and between SOClogix (“we,” “us,” “SOClogix”), and the person or entity signing the security work order (“you” or “Client”). This Agreement is effective as of the latest date shown in the applicable security work order (the “Effective Date”).
This Agreement sets forth the terms and conditions upon which SOClogix will provide services (the “Services”) to Client.
1. Engagement
Client hereby engages SOClogix for the initial term set forth in the security work order, to provide services in support of the scope of work located at the Service Addresses identified therein. All services expire if they are not used and delivered during the Term.
2. Scope of Work
SOClogix will perform the Services included within the Scope of Work defined in the security work order, as required during the Term. SOClogix may perform the Services onsite or offsite, in its discretion. Client agrees not to make unreasonable requests for services. The Scope of Work may be amended only by mutual agreement in writing.
3. Pricing; Additional Services
The Security Services Rate outlined in the security work order covers IT Security Services within the Scope of Work. Additional services requested or required by Client will be billed at SOClogix’s standard rates unless otherwise agreed. The Security Services Rate excludes hardware, software, equipment, supplies, or out-of-pocket expenses unless specifically included.
4. Terms of Payment
Net 30 Terms – Invoices are due thirty (30) days from the invoice date. Late payments accrue interest at 1.5% per month.
50% Down / 50% Completion – Certain engagements require 50% down (non-refundable) and 50% upon completion.
Monthly Recurring Services – Billed automatically via ACH or credit card on the 1st of each month.
Payment Methods – ACH, credit card, or other agreed method; all payments in U.S. dollars.
Disputes – Must be submitted in writing within 15 days of invoice; otherwise, deemed accepted.
Default & Remedies – SOClogix may suspend/terminate services for non-payment and recover legal/collection costs.
Returned Payments – $35 fee per occurrence; more than two failures in six months allows SOClogix to require certified funds.
5. Use of Software
Any software provided by SOClogix is licensed to Client on a personal, non-exclusive, limited, non-transferable, temporary basis. Client may not copy, modify, distribute, or misuse such software or materials.
6. Ownership of Work Product
All intellectual property, including but not limited to code, inventions, processes, trade secrets, and designs developed by SOClogix (alone or jointly with Client) during the Term shall belong to SOClogix. Client receives a perpetual, non-exclusive, royalty-free license to use the Work Product in its internal business operations but may not sell, transfer, or assign such rights without SOClogix’s written consent.
7. Non-Diversion
During the Term and for one year after termination, Client shall not solicit, hire, or engage SOClogix personnel outside of this Agreement. SOClogix may seek injunctive relief in the event of breach.
8. Disclaimer of Warranties
Services are provided “AS IS,” without any express, implied, or statutory warranties, including but not limited to warranties of merchantability, fitness for a particular purpose, non-infringement, or title.
9. Security Breach Notification
SOClogix shall notify Client upon becoming aware of a confirmed unauthorized use or disclosure of Client security information.
10. Limitation of Liability
SOClogix shall not be liable for any incidental, consequential, indirect, exemplary, or special damages, including lost profits, data, or business interruption.
SOClogix shall not be liable for any damages related to data breaches, security incidents, or unauthorized access, except to the extent directly caused by SOClogix’s gross negligence or willful misconduct.
SOClogix’s aggregate liability for all claims under this Agreement shall not exceed the total fees paid by Client in the twelve (12) months preceding the claim.
11. Actions
No action, regardless of form, may be brought more than one (1) year after the event giving rise to the claim.
12. Good Faith
Both Parties shall act in good faith in performing their obligations.
13. Resources
SOClogix may assign suitable personnel or subcontractors as it deems necessary to deliver Services.
14. Offsite Analysis
Client authorizes SOClogix to conduct offsite analysis as needed and to connect its equipment directly to Client’s network. Client assumes all risk from such access.
15. Reporting Requirements
Client is solely responsible for any regulatory or legal reporting obligations, including those relating to breaches, intrusions, or malware.
16. Compelled Disclosure
If SOClogix is legally compelled to disclose Client Data, it will notify Client promptly to allow Client to seek protective measures.
17. Miscellaneous
This Agreement (together with Security Work Orders) constitutes the entire agreement. Amendments must be in writing and signed by both Parties. SOClogix is an independent contractor. If any provision is unenforceable, the remainder shall remain in effect.
18. Order of Precedence
In the event of any conflict between this Agreement and any Security Work Order, this Agreement shall control unless the Security Work Order expressly states otherwise.
19. Confidentiality
Each Party shall protect the other’s Confidential Information using no less than reasonable care.
20. Mutual Indemnification
Mutual – Each Party indemnifies the other for losses arising from its negligence or willful misconduct.
Client-Specific – Client indemnifies SOClogix against claims arising from Client’s:
Failure to implement SOClogix’s security recommendations.
Failure to apply patches or updates.
Disclosure or mishandling of credentials.
Breach or security incident not caused by SOClogix’s gross negligence or willful misconduct.
21. Client Responsibilities
Client shall:
Maintain and verify backups of critical systems and data (unless SOClogix provides backup services).
Safeguard system credentials and notify SOClogix of compromise.
Apply security patches and updates unless otherwise contracted.
Implement and enforce internal security policies.
Ensure third-party vendors follow security best practices.
Remain solely responsible for regulatory compliance (e.g., HIPAA, PCI, GDPR, state breach laws).
Failure to meet these responsibilities releases SOClogix from liability for resulting issues.
22. Insurance
Each Party shall maintain:
Commercial General Liability: $1,000,000 per occurrence / $2,000,000 aggregate.
Professional Liability / Errors & Omissions: $1,000,000 per claim.
Cyber Liability: $1,000,000 per claim.
Certificates available upon request.
23. Termination
Either Party may terminate this Agreement or any Security Work Order for convenience with sixty (60) days’ written notice.
Either Party may terminate immediately for cause if the other Party materially breaches and fails to cure within thirty (30) days.
Client remains liable for all fees accrued through the effective date of termination.
24. Governing Law; Dispute Resolution; Survival
This Agreement shall be governed by Maryland law, without regard to conflicts of law principles.
Disputes shall first be negotiated in good faith for thirty (30) days. If unresolved, disputes shall be resolved by binding arbitration under AAA Commercial Rules in Baltimore, Maryland, before a single arbitrator.
Either Party may seek injunctive relief in Maryland courts to protect Confidential Information or intellectual property.
Survival – Sections 8, 9, 10, 18, 19, 20, 21, 23, and 24 shall survive termination or expiration.
By agreeing to the SOClogix Security Work Order, you acknowledge and accept the terms and conditions of this Master Services Agreement, available at www.soclogix.com/master-service-agreement.