ENTECH IT SOLUTIONS

MASTER SERVICES AGREEMENT

Last Updated: February 21st, 2026

This Master Services Agreement (“Agreement”) governs all services, subscriptions, hardware, software, consulting, advisory work, and related deliverables provided by EnTech IT Solutions, LLC (“Provider,” “EnTech,” “we,” or “us”) to the accepting customer (“Client,” “you”).

By approving a Quote, signing a Statement of Work (“SOW”), submitting payment, or allowing Provider to begin work, Client agrees to this Agreement.

1. Order of Precedence

In the event of conflict, documents control in the following order:

1. Addenda (e.g., Microsoft 365 Addendum, Compliance Addendum)

2. SOW / Quote / Order Form

3. Exhibits

4. This MS

2. Scope of Services

Provider will deliver only those services expressly described in an accepted Quote or Statement of Work (“SOW”), including but not limited to managed services, project work, hourly professional services, consulting, advisory services, hardware procurement, software licensing, and subscriptions.

Provider may subcontract portions of the Services but remains responsible for performance under this Agreement.

Provider does not provide legal advice and does not guarantee regulatory compliance outcomes, including CMMC, NIST, HIPAA, or other frameworks.

Any services requested outside the defined scope of a Quote or SOW shall be billed at Provider’s then-current hourly rates unless otherwise agreed in writing. Email approval or written authorization from Client shall constitute sufficient authorization for additional billable work.

Provider’s advisory services for compliance frameworks (including but not limited to CMMC, NIST, HIPAA, or other regulatory frameworks) are consultative in nature. Client remains solely responsible for regulatory compliance determinations, policy implementation, personnel conduct, audit outcomes, and ongoing compliance maintenance.

Application to Project and Hourly Services

All hourly, time-and-materials, project-based, fixed-fee, consulting, and advisory services are subject to this Agreement in full, including but not limited to limitation of liability, warranty disclaimers, indemnification, arbitration, non-solicitation, and payment provisions. No project or hourly engagement shall modify, supersede, or override this Agreement unless expressly stated in a written amendment signed by both parties.

Plain English: If you email us “yes, proceed” on extra work, that approval counts, and this Agreement still applies to the whole engagement.

3. Quote Validity and Variation

Quotes are valid only for the period stated therein.

Provider may modify or withdraw a Quote prior to acceptance.

Quotes are based on vendor pricing and availability at time issued. Provider may adjust pricing or substitute equivalent products if vendor costs change, products become unavailable, or scope is modified prior to

Order acceptance.

Lead times are estimates only and not guarantees.

4. Term and Termination

4.1 Term

This Agreement remains effective while Client receives Services or maintains active Subscriptions.

4.2 Termination for Convenience

Either party may terminate recurring managed services with sixty (60) days’ written notice.

4.3 Termination for Cause

Either party may terminate for material breach not cured within thirty (30) days of written notice.

4.4 Subscription Survival

Termination does not relieve Client of financial obligations for committed subscription terms, including Microsoft annual commitments or other vendor-enforced minimum terms.

4.5 Offboarding

Transition assistance is billable at Provider’s standard rates unless otherwise included in an SOW.

4.6 Project Termination

Project-based, time-and-materials, or fixed-fee services may not be terminated once work has commenced without payment for:

• Work performed

• Committed vendor costs

• Scheduled labor

• Non-cancelable expenses incurred through the termination date

Termination of a project does not relieve Client of obligations for subscription commitments, prepaid services, or vendor-enforced minimum terms associated with the project.

5. Fees, Billing, and Automatic Payment

5.1 Billing Structure

Recurring services are billed monthly in advance.

Professional services are billed as incurred unless otherwise specified.

5.2 Mandatory Automatic Billing (ACH Preferred)

Recurring services and subscriptions require automatic billing.

Client authorizes Provider to initiate recurring ACH or card charges for all amounts due.

Provider may offer discounted pricing for ACH. Card payments may incur a disclosed processing adjustment.

Authorization remains in effect during active service and survives termination to collect outstanding balances and committed obligations.

5.3 Failed Payments

Client must cure failed payments within five (5) business days.

Provider may suspend services without waiving committed subscription obligations.

5.4 Chargebacks

Client agrees not to initiate chargebacks for authorized recurring charges. Improper chargebacks remain Client’s responsibility including recovery costs and administrative fees.

5.5 Expense Reimbursement

Client shall reimburse Provider for reasonable out-of-pocket expenses including travel, lodging, meals, tolls, parking, shipping, third-party vendor costs, and related project expenses.

5.6 Application to Project and Hourly Services

All hourly, time-and-materials, project-based, fixed-fee, consulting, and advisory services are subject to this Agreement in full, including limitation of liability, arbitration, indemnification, non-solicitation, warranty disclaimers, payment terms, and all other provisions. No engagement will modify this Agreement unless expressly stated in a written amendment signed by both parties.

5.7 Project Deposits

Provider may require a deposit prior to commencing project or fixed-fee services. Deposits are non-refundable once project scheduling, procurement, resource allocation, or vendor commitments have occurred.

Unless otherwise agreed in writing, deposits shall be invoiced and due prior to project commencement.

6. Late Payment; Interest; Suspension

Unpaid amounts accrue interest at the lesser of:

• 1.5% per month; or

• The maximum rate permitted by Colorado law.

Provider may suspend services after written notice.

Suspension does not relieve Client of committed subscription obligations.

7. Annual Rate Escalation

Recurring service fees may increase annually by the greater of:

• 5%; or

• CPI increase.

Vendor-imposed increases may be passed through with notice and are not capped by CPI limitations.

8. Minimum Monthly Commitment

Client agrees to maintain a minimum recurring monthly service commitment as specified in the applicable SOW or Quote.

Reduction below the minimum does not reduce financial obligation during the active term.

9. Hardware, Goods, Delivery, and Risk

Risk transfers upon delivery.

Title remains with Provider until paid in full.

Client must inspect Goods within seven (7) calendar days of delivery.

Failure to provide written notice constitutes acceptance.

Provider may assess restocking or cancellation fees, including vendor-imposed charges.

Custom or special-order goods may be non-returnable.

10. Retention of Title and Recovery

Until full payment is received:

• Title remains with Provider

• Client shall not resell unpaid goods

• Client shall keep unpaid goods identifiable and insured

• Provider may recover unpaid goods upon reasonable notice

Client shall cooperate in recovery efforts.

11. Client Responsibilities

Client shall:

• Provide timely access to systems, personnel, credentials, and facilities

• Maintain supported hardware and valid licensing

• Maintain appropriate backups unless contracted

• Maintain commercially reasonable cyber insurance

• Implement recommended security controls

Delays caused by Client may result in schedule extensions and additional charges.

12. Service Limitations; Fitness for Purpose

Technology services involve testing, troubleshooting, and evolving vendor systems.

Provider does not guarantee:

• Absolute system compatibility

• Continuous availability

• Specific regulatory outcomes

• Perfect security outcomes

Client assumes responsibility for business decisions based on Provider recommendations.

13. Cybersecurity and Backup Limitations

No system is 100% secure.

Provider does not guarantee prevention of all incidents.

Backup solutions may fail due to corruption, ransomware, encryption, credential compromise, vendor failure, misconfiguration, or force majeure.

Client remains responsible for business continuity planning.

If Client declines recommended safeguards in writing, Provider shall not be liable for incidents such safeguards were intended to mitigate.

14. Security Incident Cost Allocation

Client is responsible for:

• Forensic investigations

• Legal review

• Regulatory notification

• Credit monitoring

• Extortion payments

• PR response

Unless caused solely by Provider’s gross negligence or willful misconduct.

15. Vendor and Subscription Pass-Through

Vendor terms (including Microsoft NCE and similar programs) are binding on Client.

Seat reductions, cancellation windows, and minimum terms are governed by vendor policy.

Annual commitments remain enforceable even if Provider services terminate early.

Provider is not liable for vendor enforcement actions or vendor outages.

16. Intellectual Property

Client retains ownership of its data.

Provider retains ownership of tools, templates, scripts, methodologies, documentation frameworks, and proprietary processes.

Custom deliverables are licensed for internal use upon full payment.

17. Confidentiality

Both parties shall protect Confidential Information using commercially reasonable safeguards and limit disclosure to authorized personnel.

18. Data Retention Upon Termination

Provider may delete Client data thirty (30) days after termination unless otherwise agreed in writing.

Client is responsible for exporting data prior to termination.

19. Warranties Disclaimer

Except as expressly stated, Provider disclaims all implied warranties including merchantability and fitness for a particular purpose to the fullest extent permitted by law.

20. Limitation of Liability

This limitation applies to all claims under this Agreement, whether arising from managed services, professional/hourly services, project or fixed-fee services, consulting/advisory services, subscriptions, hardware or software procurement, or any combination thereof.

To the fullest extent permitted by Colorado law:

Provider’s total aggregate liability shall not exceed the lesser of:

• Fees paid in the three (3) months preceding the claim; or

• $15,000.

Provider shall not be liable for indirect, incidental, consequential, special, punitive, exemplary, or lost profits damages.

The liability cap does not apply to fraud or willful misconduct.

21. Indemnification

Client shall indemnify Provider for claims arising from:

• Misuse of services

• Violation of law

• Client-provided data

• Failure to maintain licenses

• Failure to maintain required safeguards

• Regulatory penalties arising from Client conduct

Provider indemnifies Client only for damages caused solely by Provider’s gross negligence or willful misconduct.

22. Personal Guarantee (Optional for SMBs)

For privately held entities with fewer than 25 employees, Provider may require a personal guarantee as a condition of service.

Guarantor agrees to be personally liable for unpaid amounts including subscription commitments.

23. Non-Solicitation (12 Months)

Client shall not solicit Provider employees during the term and for twelve (12) months thereafter.

Liquidated damages equal to 100% of the employee’s annual compensation apply upon breach.

24. Arbitration and Class Action Waiver

Any dispute arising under or related to this Agreement shall be resolved by binding arbitration administered by the American

Arbitration Association (AAA) under its Commercial Arbitration Rules.

Arbitration shall occur in Arapahoe County, Colorado.

Each party waives the right to trial by jury and agrees not to

participate in any class or collective action.

Each party shall bear its own attorneys’ fees unless the arbitrator awards fees to the prevailing party.

Nothing herein prevents Provider from seeking injunctive relief in a court of competent jurisdiction for breach of confidentiality, intellectual property, non-solicitation, or payment obligations.

25. Force Majeure

Provider shall not be liable for delays or failure to perform caused by events beyond reasonable control, including vendor failures, cyberattacks, supply chain disruption, government actions, natural disasters, or labor disruptions.

26. Governing Law

Colorado law governs. Venue lies in Colorado.

27. Notices

Written notice includes: email (with read receipt) to official legal/billing address, certified mail, or overnight courier to the physical address.

Notices under this Agreement shall be delivered by email or certified mail.

Legal notices to Provider shall be sent to:

EnTech IT Solutions, LLC

2 W Dry Creek Circle, Suite 100

Littleton, CO 80120

Email: [email protected]

Notices to Client shall be sent to the last known business contact information on file.

28. Modification

Provider may update this Agreement with thirty (30) days’ notice.

Changes apply prospectively to renewals and new work.

29. Severability

If any provision of this Agreement is held to be invalid, illegal, or unenforceable, the remaining provisions shall remain in full force and effect. The invalid provision shall be modified only to the extent necessary to make it enforceable while preserving its intent.

30. Assignment

Client may not assign or transfer this Agreement without Provider’s prior written consent.

Provider may assign this Agreement to a successor entity, affiliate, or purchaser of substantially all assets without Client consent.

31. Entire Agreement

This Agreement, together with all SOWs, Quotes, and Exhibits, constitutes the entire agreement between the parties and supersedes all prior proposals, discussions, representations, and understandings.

Client acknowledges it has not relied on any representations not expressly stated herein.

EXHIBIT A – Secure Shield Managed Services Structure

Basic / Pro / Complete tiers as defined in SOW.

After-hours services billable unless included.

60-day written termination notice required.

EXHIBIT B – Pricing and Billing Structure

Managed Services billed per-user or per-device as specified in SOW.

Onboarding fees as quoted.

Professional Services billed hourly at Provider’s then-current rate unless fixed fee specified.

After-hours rates as quoted.

Call-out or dispatch fees may apply.

Prepaid service blocks expire at end of service period and are non-refundable unless agreed otherwise.

Estimates for project or hourly services are non-binding projections.

Actual time required may vary based on system condition, client cooperation, third-party vendor delays, legacy infrastructure complexity, or unforeseen technical conditions.

Payment Method: ACH Preferred | Card Accepted.

EXHIBIT C – Goods and Returns

Quotes valid 30 days unless stated otherwise.

Lead times are estimates only.

Freight may apply.

Manufacturer warranties control.

Return/cancellation fees may apply.

Risk transfers upon delivery.

Title retained until paid.

Inspection required within 7 days.

EXHIBIT D – Microsoft 365 Subscription Addendum

Annual commitments are binding 12-month financial obligations.

Billing frequency does not alter commitment term.

Seat reductions restricted per vendor policy.

Non-refundable once provisioned.

Autopay required.

Vendor enforcement policies control.

EXHIBIT E – Support Request Process

Service requests must be submitted via one of the following:

Phone: 720-704-3318

Email: [email protected]

Portal: https://entechit.myportallogin.com/

Requests sent directly to technicians are not considered logged until entered into the ticketing system.

After-hours work is billable unless included in the applicable SOW.

EXHIBIT F – Compliance Advisory Addendum (CMMC / NIST)

Provider offers advisory and implementation assistance only.

Provider does not certify compliance or guarantee audit outcomes.

Client retains ultimate responsibility for regulatory compliance, internal controls, documentation, and personnel behavior.