Master Service Agreement

Valletto LLC · Business-to-Business
Effective Date: January 30, 2026

This Master Service Agreement ("Agreement") is entered into as of the date Customer accepts this Agreement electronically or executes an Order Form (the "Effective Date"), by and between:

Valletto LLC ("Valletto," "we," "us," or "our"), a limited liability company organized under the laws of Florida with its principal place of business at 1111 Brickell Avenue, Suite 1000, 10th Floor, Miami, Florida 33131

AND

Customer (as identified in the applicable Order Form), a valet service company that operates valet parking and related hospitality services ("Customer," "you," or "your").

Recitals

WHEREAS, Valletto has developed a proprietary software platform that enables valet companies to manage valet operations, guest check-in, vehicle tracking, payments, employee workflows, and related services (the "Platform");

WHEREAS, Customer operates a valet service business and desires to use the Platform to manage its valet operations; and

WHEREAS, the parties wish to set forth the terms and conditions under which Valletto will provide access to the Platform and related services.

NOW, THEREFORE, in consideration of the mutual covenants and agreements contained herein, and for other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the parties agree as follows:

1. Definitions

1.1 Definitions. The following terms have the meanings set forth below:

• "Authorized Users" means Customer's employees, contractors, and agents who are authorized by Customer to use the Platform on Customer's behalf.
• "Company Subdomain" means the unique subdomain assigned to Customer in the format {customername}.valletto.io that identifies Customer's branded instance of the Platform.
• "Customer Data" means all data, information, and content submitted to or generated through the Platform by or on behalf of Customer, including but not limited to guest information, vehicle data, employee records, operational logs, photographs, timestamps, payment data, and configuration settings.
• "Documentation" means Valletto's standard user guides, help documentation, and technical specifications for the Platform, as updated from time to time.
• "Guest" means an end-user customer who uses Customer's valet services and interacts with the Platform to submit vehicle information, receive SMS updates, or complete payment transactions.
• "Order Form" means an ordering document executed by both parties that specifies the Services to be provided, pricing, subscription term, and other commercial terms.
• "Platform" means Valletto's proprietary cloud-based software platform for valet operations management, including all features, functionality, APIs, integrations, and updates made available to Customer during the Subscription Term.
• "Services" means access to and use of the Platform, together with any support services, training, or professional services provided by Valletto as set forth in an Order Form or this Agreement.
• "Subscription Fees" means the fees payable by Customer for access to the Services as set forth in the applicable Order Form.
• "Subscription Term" means the initial term and any renewal terms during which Customer has paid for and is authorized to access the Services, as specified in the applicable Order Form.

2. Access and Use of the Platform

2.1 Grant of Access

Subject to the terms and conditions of this Agreement and Customer's payment of all applicable Subscription Fees, Valletto grants Customer a non-exclusive, non-transferable, non-sublicensable right to access and use the Platform during the Subscription Term solely for Customer's internal valet operations and strictly in accordance with this Agreement and the Documentation.

2.2 Company Subdomain

Valletto will provide Customer with a Company Subdomain that will serve as Customer's branded instance of the Platform. Customer acknowledges that:

• The Company Subdomain will display Customer's business name, branding, contact information, and policies;
• Customer is solely responsible for the accuracy, legality, and completeness of all content displayed on the Company Subdomain, including business name, contact details, service policies, pricing information, and terms of service presented to Guests;
• Valletto has no responsibility for the content Customer chooses to display on the Company Subdomain; and
• Customer must ensure all content complies with applicable laws, including consumer protection laws, accessibility requirements, and advertising regulations.

2.3 Authorized Users

Customer may permit Authorized Users to access and use the Platform on Customer's behalf. Customer is responsible for:

• Determining which individuals are Authorized Users and ensuring they are properly trained;
• Maintaining the confidentiality and security of all user credentials;
• All acts and omissions of Authorized Users, including any violations of this Agreement; and
• Promptly notifying Valletto of any unauthorized access or security breach.

2.4 Usage Restrictions

Customer shall not, and shall ensure that Authorized Users do not:

• Use the Platform for any purpose other than Customer's lawful valet operations;
• Reverse engineer, decompile, disassemble, or attempt to derive the source code of the Platform;
• Modify, adapt, translate, or create derivative works based on the Platform;
• Remove, alter, or obscure any proprietary notices on the Platform;
• Use the Platform to store or transmit malicious code, viruses, or harmful materials;
• Attempt to gain unauthorized access to the Platform or related systems;
• Use automated scripts, bots, scrapers, or similar tools to access the Platform;
• Interfere with or disrupt the integrity or performance of the Platform;
• Access the Platform for the purpose of building a competitive product or service;
• Sublicense, resell, rent, lease, or otherwise make the Platform available to third parties; or
• Use the Platform in violation of any applicable law or regulation.

2.5 Compliance with Laws

Customer is solely responsible for ensuring that its use of the Platform and all valet operations comply with all applicable federal, state, and local laws, regulations, and industry standards, including but not limited to:

• Labor and employment laws (including wage and hour laws, tip pooling regulations, overtime requirements, and minimum wage laws);
• Data protection and privacy laws (including GDPR, CCPA, CPRA, and state privacy laws);
• Telecommunications laws (including TCPA, 10DLC requirements, and carrier regulations);
• Payment card industry standards (PCI-DSS);
• Accessibility laws (including ADA Title III and state accessibility requirements);
• Consumer protection and advertising laws;
• Insurance and liability coverage requirements; and
• Any laws or regulations specific to the hospitality, parking, or valet industries.

3. Customer Responsibilities

3.1 Valet Operations

Customer acknowledges and agrees that:

• Customer is solely responsible for all valet operations, including vehicle check-in, handling, parking, storage, movement, retrieval, damage inspections, key management, and all physical aspects of valet services;
• Valletto provides software tools only and does not operate valet services, employ valet staff, make operational decisions, or exercise control over Customer's valet operations;
• Valletto does not take custody of vehicles and has no responsibility for vehicle condition, loss, theft, damage, or Guest property; and
• All claims, disputes, or issues relating to vehicle condition, timing, employee conduct, service quality, or operational decisions must be resolved directly between Customer and the affected Guest or third party.

3.2 Employee Management

Customer is solely responsible for:

• Hiring, training, supervising, and managing all valet personnel;
• Ensuring employees are properly trained on the Platform;
• Ensuring employees comply with all applicable employment laws;
• Employee conduct, performance, and compliance with safety procedures;
• Background checks, licensing, and credentialing as required by law or venue agreements; and
• Responding to employee misconduct or service failures.

3.3 Insurance Requirements

Customer shall maintain, at its own expense, the following insurance coverage during the Subscription Term and for twelve (12) months thereafter:

• Commercial General Liability Insurance with minimum limits of $1,000,000 per occurrence and $2,000,000 aggregate;
• Garage Keepers Legal Liability Insurance or similar coverage for vehicles in Customer's care, custody, or control, with minimum limits of $1,000,000 per occurrence;
• Workers' Compensation Insurance as required by applicable law; and
• Cyber Liability Insurance with minimum limits of $1,000,000 per occurrence (optional but recommended).

Customer shall:

• Name Valletto LLC as an additional insured on all policies (except workers' compensation and cyber liability) and provide Valletto with certificates of insurance upon request and annually thereafter; and
• Notify Valletto at least thirty (30) days prior to any cancellation, non-renewal, or material change to required coverage.

3.4 Data Accuracy

Customer is responsible for the accuracy, quality, and legality of all Customer Data, including:

• Guest information (names, phone numbers, vehicle details);
• Employee data (contact information, role assignments, permissions);
• Operational configurations (pricing, tip pooling rules, location settings);
• Content displayed on the Company Subdomain; and
• Any notes, photos, or documentation uploaded to the Platform.

3.5 Tip Pooling and Wage Law Compliance

Customer acknowledges that:

• The Platform provides tools for configuring tip distribution and tip pooling calculations, but does not determine legal compliance or provide legal advice;
• Customer is solely responsible for configuring tip pooling rules in compliance with the Fair Labor Standards Act (FLSA), state wage and hour laws, and all applicable labor regulations;
• Valletto makes no representation or warranty that any tip distribution configuration or formula complies with applicable wage laws, tip credit requirements, or labor regulations;
• Customer must consult with employment counsel to ensure tip pooling, tip allocation, and wage calculations comply with federal, state, and local requirements; and
• Customer indemnifies Valletto for any claims, penalties, or damages arising from wage and hour violations, tip pooling disputes, or labor law non-compliance.

4. Fees and Payment

4.1 Subscription Fees

Customer shall pay Valletto the Subscription Fees set forth in the applicable Order Form. Unless otherwise stated in the Order Form:

• Subscription Fees are based on [monthly/annual] billing cycles;
• Fees are non-refundable except as expressly provided in this Agreement;
• Fees do not include applicable taxes, which shall be Customer's responsibility; and
• Valletto may adjust Subscription Fees upon thirty (30) days' written notice, effective upon renewal of the Subscription Term.

4.2 Payment Terms

All Subscription Fees are due and payable in accordance with the payment terms specified in the Order Form. Unless otherwise agreed:

• Payment is due within thirty (30) days of the invoice date;
• Customer authorizes Valletto to charge the payment method on file;
• Late payments are subject to interest at the rate of 1.5% per month or the maximum rate permitted by law, whichever is lower; and
• Valletto may suspend access to the Platform if payment is more than fifteen (15) days overdue.

4.3 Transaction Fees

Customer acknowledges that:

• Payment processing fees (credit card, debit card, digital wallet transactions) are charged separately by third-party payment processors (e.g., Stripe) and are not included in Subscription Fees;
• Customer is responsible for all payment processing fees incurred through Guest transactions;
• Valletto does not control or receive payment processing fees; and
• Payment processing terms are governed by the applicable payment processor's terms of service.

4.4 Taxes

All Subscription Fees are exclusive of applicable sales, use, value-added, goods and services, withholding, and other taxes or duties imposed by any jurisdiction ("Taxes"). Customer is responsible for all Taxes (excluding taxes based on Valletto's net income). If Valletto is required to collect or remit Taxes, such amounts will be invoiced to Customer.

5. Proprietary Rights

5.1 Valletto Ownership

As between the parties, Valletto retains all right, title, and interest in and to:

• The Platform, including all software, code, algorithms, APIs, interfaces, designs, and functionality;
• The Valletto name, logo, trademarks, and branding;
• All Documentation and training materials;
• Aggregated and anonymized usage data and analytics derived from Customer's use of the Platform; and
• Any improvements, modifications, or derivative works to the Platform.

Customer acknowledges that the Platform is licensed, not sold, and Customer acquires no ownership rights in the Platform.

5.2 Customer Data Ownership

As between the parties, Customer retains all right, title, and interest in and to Customer Data. Customer grants Valletto a worldwide, non-exclusive, royalty-free license to use, store, process, display, and transmit Customer Data solely to the extent necessary to:

• Provide the Services to Customer;
• Maintain, improve, and optimize the Platform;
• Generate aggregated and anonymized analytics and usage statistics;
• Comply with legal obligations; and
• Enforce this Agreement.

5.3 Aggregated Data

Valletto may collect, analyze, and use aggregated and anonymized data derived from Customer's use of the Platform for product development, benchmarking, analytics, and marketing purposes, provided such data does not identify Customer or any individual Guest.

5.4 Feedback

If Customer provides Valletto with any suggestions, enhancement requests, recommendations, or other feedback regarding the Platform ("Feedback"), Customer hereby assigns to Valletto all rights in such Feedback, and Valletto may use and incorporate such Feedback without restriction or obligation to Customer.

6. Data Protection and Privacy

6.1 Data Processing Relationship

The parties acknowledge that:

• Customer is the data controller with respect to Guest information and operational data processed through the Platform;
• Valletto is the data processor acting on Customer's documented instructions; and
• Valletto processes personal data solely to provide the Services and does not independently determine the purposes or means of processing Guest data.

6.2 Privacy Compliance

Each party shall comply with all applicable data protection and privacy laws, including GDPR, CCPA, CPRA, and state privacy laws. Customer is solely responsible for:

• Providing required privacy notices to Guests and Authorized Users;
• Obtaining necessary consents for data collection and processing;
• Responding to data subject access requests, deletion requests, and privacy inquiries;
• Ensuring lawful processing of Guest and employee data; and
• Maintaining privacy policies and practices that comply with applicable laws.

6.3 Data Processing Addendum

To the extent applicable data protection laws require, the parties agree to execute Valletto's standard Data Processing Addendum (DPA), which is incorporated by reference and available at [insert URL or upon request].

6.4 Data Security

Valletto implements and maintains administrative, physical, and technical safeguards designed to protect Customer Data from unauthorized access, use, or disclosure, including:

• Encryption of data in transit and at rest;
• Role-based access controls;
• Regular security audits and vulnerability assessments;
• Intrusion detection and monitoring systems;
• Secure cloud infrastructure with industry-standard providers; and
• Employee security training and background checks.

6.5 Data Breach Notification

In the event Valletto becomes aware of a data security breach involving unauthorized access to or disclosure of Customer Data ("Security Incident"), Valletto shall:

• Notify Customer without undue delay and no later than seventy-two (72) hours after becoming aware of the Security Incident;
• Provide Customer with reasonably available information regarding the nature and scope of the Security Incident;
• Take reasonable steps to mitigate the effects of the Security Incident; and
• Cooperate with Customer's reasonable investigation and remediation efforts.

Customer is solely responsible for compliance with data breach notification laws applicable to Guests and for providing required notifications to affected individuals and regulatory authorities.

6.6 Data Retention and Deletion

Upon termination or expiration of this Agreement:

• Customer may request a copy of Customer Data within thirty (30) days of termination by contacting support@valletto.io;
• Valletto will provide Customer Data in a commonly used electronic format;
• Valletto will delete or anonymize all Customer Data within ninety (90) days of termination, except as required by law or to the extent contained in backups, which will be deleted in accordance with Valletto's standard backup retention policies; and
• Valletto may retain aggregated and anonymized data indefinitely.

7. SMS Messaging and 10DLC Compliance

7.1 SMS Functionality and Purpose

The Platform facilitates SMS messaging strictly for operational valet service updates. SMS functionality is limited exclusively to transactional and service-related communications, including but not limited to:

• Check-in confirmations and vehicle intake notifications;
• Vehicle status updates (parking location, vehicle movement, readiness);
• Retrieval notifications and timing updates;
• Payment confirmations and digital receipts;
• Urgent or time-sensitive operational communications; and
• Service-related instructions or information.

Customer acknowledges that SMS delivery is subject to carrier limitations, network congestion, service interruptions, and technical factors outside of Valletto's control, and Valletto makes no warranty regarding message delivery time or reliability.

7.2 Customer as Sender of Record

Customer acknowledges and agrees that:

• Customer is the "Sender of Record" for all SMS messages sent through the Platform under applicable TCPA, 10DLC, and carrier regulations;
• Customer is solely responsible for compliance with the Telephone Consumer Protection Act (TCPA), Telephone Consumer Protection Regulations (47 C.F.R. § 64.1200), 10DLC (10-Digit Long Code) carrier requirements, CTIA Messaging Principles and Best Practices, wireless carrier policies, and all federal, state, and local telecommunications laws;
• Valletto acts as a technical facilitator only and does not control message content, recipient lists, messaging practices, opt-in procedures, or compliance decisions;
• Valletto does not determine who receives messages or the content of messages and has no editorial control over Customer's messaging practices; and
• All SMS-related compliance obligations, including registration, opt-in procedures, opt-out handling, and recordkeeping, are Customer's sole responsibility.

7.3 Required Opt-In Procedures and Disclosures

Customer shall ensure that all Guests affirmatively opt in to receive SMS messages before any messages are sent. Customer must:

• Display clear and conspicuous opt-in language on intake forms, check-in interfaces, physical signage, or digital touchpoints that states: "I agree to receive SMS updates about my valet service. Message and data rates may apply. Message frequency varies by session. Reply STOP to unsubscribe or HELP for assistance."
• Include the required no-sharing disclosure on all opt-in interfaces: "Your contact number will not be shared with third parties for their marketing or other purposes."
• Obtain affirmative consent through one of the following methods: (i) Electronic checkbox or button (clearly labeled and not pre-checked); (ii) Written signature on intake forms; (iii) Verbal consent with documented confirmation; or (iv) Other legally compliant consent mechanisms.
• Ensure opt-in language is conspicuous and not buried in fine print, terms of service, or lengthy disclosures;
• Maintain records of consent for each Guest, including timestamp, method of consent, and opt-in language presented;
• Display opt-in language at physical locations (valet stands, check-in counters, signage) where Guests submit phone numbers in person; and
• Not use pre-checked boxes, implied consent, or passive consent mechanisms that do not meet TCPA requirements for prior express consent.

7.4 Message Frequency and Content Requirements

Customer acknowledges that:

• Message frequency may vary depending on valet operations, session duration, and operational events;
• Messages must be limited to transactional, service-related content directly related to the Guest's valet session;
• Messages may not include marketing, promotional, advertising, or unrelated content;
• Standard carrier messaging rates apply and are the responsibility of the Guest; and
• Customer must accurately represent expected message frequency in opt-in disclosures.

7.5 STOP/HELP Command Compliance

Customer is solely responsible for:

• Honoring STOP/HELP commands in accordance with TCPA and carrier requirements;
• Processing opt-out requests immediately (within the timeframe required by law, typically within 10 days but immediately where technically feasible);
• Sending confirmation messages when a Guest opts out (e.g., "You have been unsubscribed from valet SMS updates. Reply HELP for assistance.");
• Providing help/support information when a Guest replies HELP (e.g., contact information, support instructions);
• Not sending additional messages after a Guest has opted out, except for a single opt-out confirmation message; and
• Maintaining opt-out records to prevent re-enrollment without fresh consent.

The Platform provides technical tools to facilitate STOP/HELP processing, but Customer remains solely responsible for compliance with opt-out requirements and legal obligations.

7.6 10DLC Registration and Carrier Compliance

Customer acknowledges that:

• 10DLC registration may be required by wireless carriers for SMS messaging using 10-digit long codes;
• Customer is responsible for ensuring Valletto or its SMS providers have completed any required 10DLC registration, campaign registration, or carrier vetting processes;
• Carrier policies and requirements may change without notice, and Customer is responsible for maintaining compliance with updated requirements;
• Carriers may filter, block, or deprioritize messages based on compliance assessments, content analysis, or spam detection algorithms;
• Valletto makes no warranty that messages will not be filtered or blocked by carriers; and
• Customer must respond promptly to carrier inquiries, compliance reviews, or suspension notices.

7.7 Prohibited Uses

Customer shall not use the SMS functionality to:

• Send marketing, promotional, advertising, or solicitation messages;
• Send messages to individuals who have not provided prior express consent;
• Send messages at unreasonable hours (before 8:00 AM or after 9:00 PM local time, or as otherwise prohibited by law);
• Send messages with excessive frequency or outside the scope of operational necessity;
• Share, sell, rent, or disclose Guest phone numbers to third parties for any purpose;
• Use purchased, scraped, or third-party phone number lists;
• Send messages containing misleading, deceptive, or fraudulent content;
• Send messages that violate TCPA, CAN-SPAM, state privacy laws, or carrier policies;
• Use SMS functionality for purposes unrelated to valet operations; or
• Circumvent opt-out requests or continue messaging Guests who have opted out.

7.8 No Sharing of Phone Numbers

Valletto does not share Guest phone numbers with third parties for marketing, advertising, or unrelated purposes. Customer agrees not to share Guest phone numbers except:

• As necessary to provide valet services (e.g., contact Guest for vehicle retrieval);
• As required by law, subpoena, or court order;
• With Customer's own service providers (e.g., insurance companies) solely for service-related purposes; or
• With Guest's affirmative consent for specific additional purposes.

7.9 TCPA Liability and Statutory Damages

Customer acknowledges that:

• TCPA violations carry statutory damages of $500 to $1,500 per violation (per unlawful text message);
• Class action lawsuits are common for TCPA violations, and a single compliance failure affecting multiple Guests can result in millions of dollars in liability;
• Valletto could be named as a co-defendant in TCPA litigation even though Customer is the Sender of Record;
• Customer's failure to obtain proper consent or honor opt-out requests creates significant legal and financial risk for both parties; and
• Customer is solely responsible for all TCPA-related liability, penalties, settlements, and legal costs.

7.10 Indemnification for SMS Violations

Customer shall indemnify, defend, and hold harmless Valletto Indemnitees from any Claims arising from or relating to:

• TCPA violations, including failure to obtain prior express consent;
• Spam complaints, carrier violations, or messaging policy violations;
• Failure to honor STOP/HELP commands or opt-out requests;
• Sending messages at prohibited hours or with excessive frequency;
• Misleading or deceptive message content;
• Sharing or selling Guest phone numbers to third parties;
• 10DLC non-compliance or carrier registration failures;
• State-specific telecommunications law violations (e.g., Florida Telephone Solicitation Act, California's Telephone Consumer Privacy Act);
• FCC or FTC enforcement actions related to SMS messaging;
• Class action lawsuits arising from SMS messaging practices; or
• Any other violations of telecommunications laws or regulations.

7.11 Recordkeeping and Compliance Documentation

Customer is solely responsible for maintaining records sufficient to demonstrate TCPA compliance, including:

• Consent records for each Guest (timestamp, method, opt-in language);
• Opt-out requests and processing timestamps;
• Message logs and delivery records;
• Copies of opt-in disclosures and signage; and
• Documentation of compliance policies and employee training.

Customer must retain such records for a minimum of four (4) years or as required by applicable law.

8. Payment Processing

8.1 Third-Party Payment Processors

Customer acknowledges that:

• Valletto is not a payment processor, money transmitter, or financial institution;
• All payment transactions are processed by third-party payment processors, including Stripe, Inc. and other providers selected by Customer or Valletto;
• Valletto does not hold, escrow, or control funds at any time;
• Payment processing is governed by the terms of service and policies of the applicable payment processor; and
• Valletto has no responsibility or liability for payment processing, chargebacks, refunds, payment reversals, or transaction disputes.

8.2 Payment Processor Relationship

Customer is responsible for:

• Establishing and maintaining accounts with payment processors as required;
• Complying with payment processor terms of service and policies;
• Providing accurate payment and tax information;
• Handling chargeback disputes and refund requests;
• Maintaining PCI-DSS compliance to the extent applicable; and
• Paying all payment processing fees charged by payment processors.

8.3 Payment Processing Disclaimers

Valletto makes no warranty regarding:

• Payment processor uptime, availability, or reliability;
• Speed or success of payment transactions;
• Payment processor fees or fee changes;
• Payment processor policy changes or account suspensions; or
• Compliance with PCI-DSS or other payment industry standards.

9. Support and Uptime

9.1 Support Services

Valletto will provide Customer with standard technical support via email at support@valletto.io during normal business hours (9:00 AM - 6:00 PM Eastern Time, Monday - Friday, excluding U.S. federal holidays). Support services include:

• Assistance with Platform functionality and features;
• Troubleshooting technical issues;
• Guidance on Platform configuration and workflows; and
• Bug reporting and resolution.

9.2 No Service Level Agreement (SLA)

Customer acknowledges that:

• Valletto does not guarantee any specific uptime, availability, or performance levels for the Platform;
• The Platform is provided "as is" and "as available" without uptime warranties;
• Scheduled and unscheduled maintenance may occur, resulting in temporary service interruptions; and
• Valletto will use commercially reasonable efforts to provide advance notice of scheduled maintenance but is not obligated to do so.

9.3 Beta and Experimental Features

The Platform may include features, modules, or functionality that are designated as "beta," "experimental," "preview," or "early access." Customer acknowledges that:

• Beta features are provided for testing and feedback purposes only;
• Beta features may be incomplete, unstable, or subject to errors;
• Valletto makes no warranties regarding beta feature performance, accuracy, or reliability;
• Beta features may be modified, discontinued, or removed at any time without notice;
• Customer uses beta features at its own risk; and
• Valletto has no liability for issues arising from beta features.

10. Disclaimers and Limitations of Liability

10.1 Disclaimers

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:

• THE PLATFORM AND ALL SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT ANY WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY;
• VALLETTO DISCLAIMS ALL WARRANTIES, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, SYSTEM AVAILABILITY, DATA ACCURACY, COMPLETENESS, OR SECURITY;
• VALLETTO DOES NOT WARRANT THAT THE PLATFORM WILL BE ERROR-FREE, UNINTERRUPTED, SECURE, OR FREE FROM VIRUSES OR OTHER HARMFUL COMPONENTS;
• VALLETTO DOES NOT WARRANT THAT ANY AUDIT DATA, LOGS, TIMESTAMPS, PHOTOGRAPHS, OR OPERATIONAL RECORDS GENERATED BY THE PLATFORM ARE ACCURATE, COMPLETE, OR ADMISSIBLE AS LEGAL EVIDENCE;
• VALLETTO DOES NOT WARRANT THAT SMS MESSAGES WILL BE DELIVERED TIMELY OR AT ALL;
• VALLETTO DOES NOT WARRANT THAT PAYMENT PROCESSING WILL BE AVAILABLE, RELIABLE, OR ERROR-FREE; AND
• ANY ADVICE, INFORMATION, OR MATERIALS OBTAINED FROM VALLETTO OR THROUGH THE PLATFORM DOES NOT CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT.

10.2 Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:

• INDIRECT DAMAGES WAIVER: IN NO EVENT SHALL VALLETTO BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOST PROFITS, LOST REVENUE, LOSS OF BUSINESS, LOSS OF DATA, BUSINESS INTERRUPTION, REPUTATIONAL HARM, OR COST OF SUBSTITUTE SERVICES.
• AGGREGATE LIABILITY CAP: VALLETTO'S TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED THE GREATER OF: (i) FIFTY U.S. DOLLARS (USD $50.00); OR (ii) THE TOTAL SUBSCRIPTION FEES PAID BY CUSTOMER TO VALLETTO IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.
• VALLETTO SHALL HAVE NO LIABILITY FOR: (i) Payment processor outages, failures, errors, or service interruptions; (ii) SMS delivery failures caused by carrier limitations, network congestion, or service disruptions; (iii) Cloud infrastructure or hosting provider failures; (iv) Internet or telecommunications outages; (v) Third-party service disruptions beyond Valletto's reasonable control; or (vi) Acts or omissions of Customer, Authorized Users, or Guests.
• VALLETTO SHALL HAVE NO LIABILITY FOR: (i) Vehicle damage, loss, theft, or Guest property claims; (ii) Employee misconduct or performance issues; (iii) Service quality, timing, or operational decisions made by Customer; (iv) Wage and hour violations or labor law non-compliance; (v) TCPA violations or SMS compliance failures; (vi) Data inaccuracies caused by Customer or Authorized Users; or (vii) Any claims arising from Customer's valet operations.

10.3 Essential Purpose

Customer acknowledges that the disclaimers and limitations of liability set forth in this Section 10 are essential elements of the bargain between the parties, reflect a reasonable allocation of risk, and form the basis for determining the Subscription Fees charged under this Agreement.

11. Indemnification

11.1 Customer Indemnification

Customer shall indemnify, defend, and hold harmless Valletto, its affiliates, and their respective officers, directors, employees, contractors, agents, successors, and assigns (collectively, "Valletto Indemnitees") from and against any and all third-party claims, demands, lawsuits, actions, proceedings, losses, damages, liabilities, settlements, judgments, costs, and expenses (including reasonable attorneys' fees and costs) (collectively, "Claims") arising out of or relating to:

• Valet operations, operational decisions, vehicle handling, employee conduct, service quality, timing, damage claims, theft, or loss;
• Wage and hour violations, including minimum wage violations, overtime disputes, tip pooling claims, tip credit violations, misclassification claims, or labor law non-compliance;
• SMS or TCPA violations, spam complaints, carrier violations, or messaging compliance failures;
• Data privacy violations, including GDPR, CCPA, CPRA, or state privacy law non-compliance, unauthorized data collection, or failure to provide required privacy notices;
• Content displayed on Customer's Company Subdomain, including false advertising, consumer protection violations, trademark infringement, or defamatory statements;
• ADA Title III violations or accessibility compliance failures related to Customer's content, policies, or practices;
• Payment processing disputes, chargebacks, refund claims, or financial transaction issues;
• Customer's violation of any applicable law, regulation, or third-party right;
• Acts or omissions of Customer's Authorized Users, employees, or agents;
• Inaccurate, incomplete, or misleading Customer Data; or
• Customer's breach of any representation, warranty, or covenant under this Agreement.

11.2 Valletto Indemnification

Valletto shall indemnify, defend, and hold harmless Customer from and against Claims arising solely from an allegation that Customer's authorized use of the Platform infringes a third party's U.S. patent, copyright, or trademark, provided that:

• Customer promptly notifies Valletto in writing of the Claim;
• Customer grants Valletto sole control of the defense and settlement of the Claim; and
• Customer provides reasonable cooperation in the defense.

If the Platform becomes, or in Valletto's opinion is likely to become, the subject of an infringement claim, Valletto may, at its option:

• Procure the right for Customer to continue using the Platform;
• Replace or modify the Platform to make it non-infringing; or
• Terminate this Agreement and refund any prepaid Subscription Fees for the unused portion of the Subscription Term.

Valletto shall have no obligation for any infringement claim arising from:

• Modification of the Platform by anyone other than Valletto;
• Use of the Platform in combination with non-Valletto products or services;
• Customer Data or content provided by Customer; or
• Customer's continued use of the Platform after Valletto notifies Customer to discontinue use.

11.3 Indemnification Procedures

The indemnified party shall:

• Promptly notify the indemnifying party in writing of any Claim;
• Grant the indemnifying party sole control of the defense and settlement of the Claim (provided that the indemnifying party may not settle any Claim without the indemnified party's consent if such settlement imposes obligations on or admits liability on behalf of the indemnified party); and
• Provide reasonable cooperation in the defense at the indemnifying party's expense.

12. Term and Termination

12.1 Subscription Term

This Agreement commences on the Effective Date and continues for the initial Subscription Term specified in the Order Form, unless earlier terminated. The Subscription Term will automatically renew for successive renewal periods of the same duration unless either party provides written notice of non-renewal at least thirty (30) days prior to the end of the then-current Subscription Term.

12.2 Termination for Convenience

Either party may terminate this Agreement for convenience by providing the other party with at least thirty (30) days' prior written notice. Customer remains obligated to pay all Subscription Fees for the remainder of the then-current Subscription Term, and no refunds will be provided for early termination.

12.3 Termination for Cause

Either party may terminate this Agreement immediately upon written notice if the other party:

• Materially breaches this Agreement and fails to cure such breach within thirty (30) days after receiving written notice of the breach (or ten (10) days for payment breaches); or
• Becomes insolvent, files for bankruptcy, makes an assignment for the benefit of creditors, or undergoes dissolution or liquidation.

12.4 Termination by Valletto

Valletto may suspend or terminate Customer's access to the Platform immediately upon notice if:

• Customer's account is more than fifteen (15) days overdue;
• Customer violates usage restrictions or acceptable use policies;
• Customer engages in fraudulent, abusive, or illegal activity;
• Customer's use of the Platform poses a security risk or violates third-party rights;
• Valletto is required to do so by law or court order; or
• Providing the Services becomes prohibited or impractical due to legal, regulatory, or operational reasons.

12.5 Effect of Termination

Upon termination or expiration of this Agreement:

• Customer's right to access and use the Platform immediately ceases;
• Customer shall immediately cease all use of the Platform and Documentation;
• Valletto may disable Customer's Account and Company Subdomain;
• Customer Data will be handled in accordance with Section 6.6;
• Customer remains obligated to pay all outstanding Subscription Fees and other amounts owed;
• Neither party shall be relieved of obligations accrued prior to termination; and
• Sections 4 (Fees), 5 (Proprietary Rights), 6.6 (Data Deletion), 10 (Disclaimers and Limitations), 11 (Indemnification), 12.5 (Effect of Termination), 13 (Confidentiality), and 14 (General Provisions) shall survive termination.

13. Confidentiality

13.1 Definition

"Confidential Information" means all non-public information disclosed by one party ("Disclosing Party") to the other party ("Receiving Party"), whether orally, in writing, or in any other form, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure, including but not limited to business plans, pricing, customer lists, technical information, trade secrets, and proprietary information.

13.2 Obligations

The Receiving Party shall:

• Use Confidential Information solely for purposes of performing under this Agreement;
• Protect Confidential Information using the same degree of care it uses to protect its own confidential information, but no less than reasonable care;
• Not disclose Confidential Information to third parties without the Disclosing Party's prior written consent, except to employees, contractors, or advisors who have a legitimate need to know and are bound by confidentiality obligations at least as protective as those in this Agreement; and
• Return or destroy all Confidential Information upon termination or at the Disclosing Party's request.

13.3 Exceptions

Confidential Information does not include information that:

• Is or becomes publicly available through no breach of this Agreement;
• Was rightfully in the Receiving Party's possession prior to disclosure;
• Is rightfully received from a third party without breach of confidentiality obligations;
• Is independently developed by the Receiving Party without use of the Confidential Information; or
• Must be disclosed pursuant to law, regulation, or court order, provided the Receiving Party provides prompt notice to the Disclosing Party and cooperates in any effort to obtain protective treatment.

14. General Provisions

14.1 Relationship of Parties

The parties are independent contractors. Nothing in this Agreement creates an agency, partnership, joint venture, employment, or fiduciary relationship between the parties. Neither party has authority to bind the other or incur obligations on the other's behalf.

14.2 Assignment

Customer may not assign or transfer this Agreement or any rights or obligations hereunder without Valletto's prior written consent. Valletto may assign this Agreement without consent in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. Any attempted assignment in violation of this Section is void. This Agreement binds and inures to the benefit of each party's permitted successors and assigns.

14.3 Force Majeure

Neither party shall be liable for any delay or failure to perform due to causes beyond its reasonable control, including acts of God, natural disasters, war, terrorism, riots, embargoes, acts of civil or military authorities, fire, floods, accidents, pandemics, strikes, or shortages of transportation facilities, fuel, energy, labor, or materials, provided the affected party promptly notifies the other party and uses commercially reasonable efforts to resume performance.

14.4 Notices

All notices required or permitted under this Agreement shall be in writing and delivered by email, certified mail, or nationally recognized overnight courier to the addresses specified in the Order Form or as updated by either party upon written notice. Notices are deemed effective upon receipt (or two (2) business days after sending if sent by mail).

14.5 Governing Law and Jurisdiction

This Agreement shall be governed by and construed in accordance with the laws of the State of Florida, without regard to its conflict of laws principles. Any disputes arising under or relating to this Agreement shall be resolved exclusively in the state or federal courts located in Miami-Dade County, Florida, and each party irrevocably consents to the personal jurisdiction of such courts.

14.6 Dispute Resolution and Arbitration

(a) Mandatory Arbitration: Except as provided in subsection (f) below, any dispute, claim, or controversy arising out of or relating to this Agreement or the breach, termination, enforcement, interpretation, or validity thereof (collectively, "Disputes") shall be determined by binding arbitration administered by the American Arbitration Association ("AAA") in accordance with its Commercial Arbitration Rules then in effect.

(b) Arbitration Procedures:

• The arbitration shall be conducted by a single arbitrator mutually agreed upon by the parties or, if the parties cannot agree within thirty (30) days, appointed by the AAA;
• The arbitration shall be conducted in Miami, Florida, or remotely via videoconference at the arbitrator's discretion;
• The arbitrator shall apply Florida law and the terms of this Agreement;
• The arbitrator's decision shall be final and binding and may be entered as a judgment in any court of competent jurisdiction;
• Each party shall bear its own attorneys' fees and costs, and the parties shall equally share the arbitrator's fees and administrative costs unless the arbitrator determines otherwise.

(c) Class Action Waiver: THE PARTIES AGREE THAT EACH PARTY MAY BRING DISPUTES AGAINST THE OTHER PARTY ONLY IN AN INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS, CONSOLIDATED, OR REPRESENTATIVE PROCEEDING. THE ARBITRATOR MAY NOT CONSOLIDATE MORE THAN ONE PARTY'S CLAIMS AND MAY NOT OTHERWISE PRESIDE OVER ANY FORM OF A REPRESENTATIVE OR CLASS PROCEEDING.

(d) Jury Trial Waiver: TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THE PARTIES HEREBY WAIVE ANY RIGHT TO JURY TRIAL WITH RESPECT TO ANY DISPUTE ARISING UNDER OR RELATING TO THIS AGREEMENT.

(e) Opt-Out Right: Customer may opt out of this arbitration agreement by providing written notice to Valletto at legal@valletto.io within thirty (30) days of the Effective Date. Opting out of arbitration does not affect any other terms of this Agreement.

(f) Exceptions to Arbitration: Notwithstanding the foregoing, either party may: (i) Bring an individual action in small claims court if the claim qualifies; (ii) Seek injunctive or equitable relief in a court of competent jurisdiction to prevent the actual or threatened infringement, misappropriation, or violation of intellectual property rights; (iii) Seek court intervention to compel arbitration or confirm an arbitration award.

14.7 Export Controls

Customer shall not export, reexport, or transfer the Platform or any technical data derived therefrom in violation of U.S. export laws and regulations, including the Export Administration Regulations and sanctions administered by the Office of Foreign Assets Control. Customer represents that it is not located in, under the control of, or a national or resident of any country subject to U.S. embargo and is not listed on any U.S. government list of prohibited or restricted parties.

14.8 Government End Users

If Customer is a U.S. government entity, the Platform qualifies as "commercial computer software" and "commercial computer software documentation" as defined in FAR 12.212 and DFARS 227.7202. Use, reproduction, and disclosure are subject to the terms of this Agreement.

14.9 Entire Agreement

This Agreement, together with any Order Forms, exhibits, and addenda, constitutes the entire agreement between the parties regarding the subject matter hereof and supersedes all prior or contemporaneous understandings, agreements, representations, and warranties, whether written or oral. This Agreement may only be amended by a written document signed by authorized representatives of both parties.

14.10 Waiver

No waiver of any provision of this Agreement shall be effective unless in writing and signed by the party against whom enforcement is sought. No waiver shall be deemed a continuing waiver or waiver of any other provision.

14.11 Severability

If any provision of this Agreement is held to be invalid, illegal, or unenforceable, the remaining provisions shall remain in full force and effect, and the invalid provision shall be modified to the minimum extent necessary to make it valid and enforceable while preserving the parties' intent.

14.12 Counterparts and Electronic Signatures

This Agreement may be executed in counterparts, each of which shall be deemed an original and all of which together shall constitute one instrument. Electronic signatures and electronically delivered documents shall have the same force and effect as original signatures and manually delivered documents.

14.13 Publicity

Neither party may issue press releases or make public announcements regarding this Agreement without the other party's prior written consent. Valletto may identify Customer as a customer and use Customer's name and logo on Valletto's website and in marketing materials, subject to Customer's trademark usage guidelines.

14.14 Headings

Section headings are for convenience only and do not affect the interpretation of this Agreement.

15. Contact Information

For questions, support requests, or notices regarding this Agreement:

Valletto LLC
1111 Brickell Avenue
Suite 1000, 10th Floor
Miami, FL 33131

Email:

• General inquiries: info@valletto.io
• Legal notices: legal@valletto.io
• Technical support: support@valletto.io
• Privacy inquiries: privacy@valletto.io

Website: https://valletto.io

Acceptance

By clicking "I Accept," executing an Order Form, or accessing or using the Platform, Customer acknowledges that it has read, understood, and agrees to be bound by the terms and conditions of this Master Service Agreement.