Master Service Agreement

California-Specific Terms

This Master Service Agreement includes provisions required under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). These provisions apply when Provider processes Personal Information of California residents on Customer's behalf.

1. Parties and Effective Date

This Master Service Agreement ("Agreement") is entered into by and between AI Receptionist ("Provider," "we," "us," or "our") and the organization or individual accepting these terms ("Customer," "you," or "your").

This Agreement becomes effective on the date you first access or use the Services, or upon execution of a contract referencing this Agreement ("Effective Date").

2. Services Description

Provider offers an AI-powered phone answering and receptionist platform that includes:

• AI Voice Agent — Automated phone answering with natural language understanding
• Appointment Scheduling — Calendar integration and booking management
• Call Transcription — Speech-to-text conversion and call summaries
• SMS/Messaging — Automated text message responses and notifications
• Dashboard Access — Web-based management interface

3. Customer Responsibilities

Customer agrees to:

• Provide accurate and complete account information
• Maintain the security of account credentials
• Use the Services only for lawful business purposes
• Obtain necessary consents from California callers regarding call recording
• Comply with CCPA/CPRA obligations applicable to its business
• Notify Provider of data subject requests requiring Provider assistance

4. Fees and Billing

Customer agrees to pay the fees associated with the selected subscription plan. Fees are billed in advance. Payment is processed via Stripe. California state and local taxes apply where required. Government customers may request Net-30 payment terms.

5. California Consumer Privacy Act (CCPA/CPRA) Provisions

5.1 Definitions

For purposes of this Section 5, terms such as "Business," "Service Provider," "Contractor," "Personal Information," "Processing," "Sale," "Share," and "Consumer" have the meanings set forth in the CCPA, as amended by the CPRA.

5.2 Service Provider Status

When processing Personal Information on Customer's behalf, Provider acts as a "Service Provider" as defined under CCPA Section 1798.140(ag). Provider processes Personal Information only for the specific business purposes set forth in this Agreement and as further directed by Customer.

5.3 Processing Restrictions

Provider agrees that it will NOT:

• Sell or Share Personal Information received from Customer
• Retain, use, or disclose Personal Information for any purpose other than providing the Services
• Retain, use, or disclose Personal Information outside the direct business relationship with Customer
• Combine Personal Information received from Customer with Personal Information received from other sources, except as permitted by CCPA regulations

5.4 Categories of Personal Information

Provider may process the following categories of Personal Information on Customer's behalf:

• Identifiers (name, phone number, email address)
• Audio information (call recordings, voice data)
• Commercial information (appointment requests, business inquiries)
• Internet/electronic activity (call metadata, usage logs)

5.5 Consumer Rights Assistance

Provider will assist Customer in responding to Consumer requests to exercise their rights under CCPA/CPRA, including requests to:

• Know what Personal Information is collected
• Delete Personal Information
• Correct inaccurate Personal Information
• Opt-out of sale/sharing (not applicable as Provider does not sell/share)
• Limit use of sensitive Personal Information

Customer must notify Provider of Consumer requests at privacy@aireceptionist.com. Provider will respond within ten (10) business days with available information or confirmation of deletion.

5.6 Subcontractors

Provider may engage subcontractors to assist in providing the Services. Provider will ensure any subcontractor processing Personal Information is bound by obligations at least as restrictive as those in this Section 5.

5.7 Compliance Certification

Provider certifies that it understands and will comply with the restrictions and obligations set forth in this Section 5 and the CCPA/CPRA.

5.8 Right to Audit

Customer may, upon reasonable notice and subject to confidentiality obligations, audit or inspect Provider's processing activities to verify compliance with this Section 5. Provider will cooperate with reasonable audit requests.

6. Security Commitments

Provider implements reasonable security measures as required by CCPA Section 1798.81.5, including:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• Access controls limiting data access to authorized personnel
• Regular security assessments
• Incident response procedures

7. Data Retention

Provider retains Personal Information only as long as necessary to provide the Services or as required by law. Upon termination:

• Customer may request data export within 30 days
• Provider will delete Personal Information within 90 days unless legally required to retain
• Deletion confirmation available upon request

8. Security Incident Notification

If Provider becomes aware of a security incident affecting Personal Information, Provider will:

• Notify Customer without unreasonable delay (within 72 hours where feasible)
• Provide information about the nature of the incident, data affected, and remediation steps
• Cooperate with Customer's notification obligations under California Civil Code Section 1798.82

9. Term and Termination

This Agreement continues until terminated. Customer may terminate by cancelling the subscription. Either party may terminate for material breach with 30 days notice to cure. Upon termination, Provider will delete or return Personal Information as directed by Customer.

10. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, PROVIDER'S TOTAL LIABILITY SHALL NOT EXCEED THE FEES PAID IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM. THIS LIMITATION DOES NOT APPLY TO LIABILITY ARISING FROM PROVIDER'S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT IN HANDLING PERSONAL INFORMATION.

11. General Provisions

Governing Law: This Agreement is governed by California law. The CCPA/CPRA provisions are subject to enforcement by the California Privacy Protection Agency.

Entire Agreement: This Agreement, together with the Data Processing Addendum and Privacy Policy, constitutes the entire agreement between the parties.

Amendments: Updates to CCPA provisions will be made as regulations change. Customer will be notified of material changes.

12. Contact Information

Related Documents