Master Subscription Agreement

MASTER SUBSCRIPTION AGREEMENT

Last Updated: April 13, 2026

This Master Subscription Agreement ("Agreement") is entered into by and between Jataka Inc. ("Company", "we", "us", or "our"), and the entity placing an order for or accessing the Service ("Customer", "you", or "your"). By executing an Order Form that references this Agreement or by accessing or using the Services, Customer agrees to the terms of this Agreement.

DEFINITIONS

"Authorized User" means an employee, contractor, or agent of Customer whom Customer has authorized to use the Services.

"Confidential Information" means all non-public information disclosed by one party to the other, designated as confidential or reasonably understood to be confidential, including Customer Data, source code, and Jataka's platform technology.

"Customer Data" means all code, metadata, text, and data connected to Customer's Salesforce environment that Customer submits or grants access to the Services.

"Order Form" means Jataka's approved ordering document or online purchasing flow.

"Output" means the code snippets, metadata modifications, scripts, or Pull Requests generated by the Services and provided to Customer.

"Services" means Jataka's cloud-based DevSecOps platform, autonomous AI agents, APIs, and associated software.

"Sub-processor" means any third-party data processor engaged by Jataka, including cloud providers and LLM APIs (e.g., Google Cloud, Neo4j, OpenAI/Anthropic/Gemini).

"Subscription Term" means the duration of Customer's authorized access to the Services as set forth in an Order Form.

PROVISION OF SERVICES

2.1 Access and Usage. Subject to Customer's compliance with this Agreement and payment of all applicable fees, Jataka grants Customer a limited, non-exclusive, non-transferable right to access and use the Services during the Subscription Term solely for Customer's internal business operations.

2.2 Restrictions & Acceptable Use. Customer shall not: (a) reverse engineer, decompile, or disassemble the Services; (b) use the Services to build a competitive product; (c) bypass or breach any security device or protection used by the Services; or (d) use the Services to generate, distribute, or test malicious code, malware, or exploit vulnerabilities in third-party systems without authorization.

2.3 Autonomous Version Control (GitOps) Authorization. The Services include autonomous code refactoring and technical debt remediation. Customer explicitly authorizes Jataka to interface with Customer's version control systems (e.g., GitHub) via API to create branches, upload blobs/trees, and open Pull Requests. Jataka will not merge code directly into production branches; Customer retains sole responsibility for reviewing, testing, and merging all Jataka-generated Pull Requests.

2.4 Suspension. Jataka may temporarily suspend Customer's access to the Services if: (i) Customer's account is 30 days or more overdue; or (ii) Customer's use violates Section 2.2 or poses an imminent security risk. Jataka will use commercially reasonable efforts to provide notice before suspending.

2.5 Third-Party Integrations. The Services interoperate with third-party platforms (e.g., Salesforce, GitHub). Jataka is not responsible for the operation of any third-party platforms nor the availability of their APIs. If a third party ceases to make its API available on reasonable terms, Jataka may cease providing the corresponding features without entitling Customer to a refund or credit.

2.6 Fair Use & Rate Limiting. To ensure platform stability and manage LLM API costs, Jataka reserves the right to enforce reasonable rate limits on automated queries and code generation requests. If Customer's usage significantly exceeds standard enterprise usage patterns, Jataka will notify Customer to discuss a capacity upgrade.

DATA, SECURITY, AND AI PROCESSING

3.1 Data Processing and Storage. Jataka's Service requires mapping the architectural state of Customer's Salesforce environment. Customer grants Jataka permission to ingest and persist Salesforce metadata, test execution logs, and UI test video recordings in Jataka's encrypted databases. Customer will use commercially reasonable efforts not to upload or grant access to live consumer Personally Identifiable Information (PII) or production transaction data.

3.2 Security Standards & Breach Notification. Jataka will maintain industry-standard administrative, physical, and technical safeguards to protect the security and integrity of Customer Data. In the event of a confirmed security breach resulting in the unauthorized disclosure of Customer Data, Jataka will notify Customer without undue delay, and in no event later than seventy-two (72) hours after discovery.

3.3 Data Processing Agreement (DPA). To the extent Customer Data includes personal information subject to applicable data protection laws, processing will be governed by Jataka's DPA located at jataka.io/dpa.

3.4 AI Processing & LLMs. Jataka utilizes enterprise-grade third-party Large Language Models (LLMs) as Sub-processors. Jataka maintains strict zero-data-retention agreements with these Sub-processors, ensuring Customer Data is processed ephemerally and is not used to train third-party public models.

INTELLECTUAL PROPERTY

4.1 Jataka Property. Jataka retains all rights, title, and interest in and to the Services, underlying technology, AI prompts, algorithms, and all associated intellectual property rights.

4.2 Customer Property. Customer retains all rights, title, and interest in and to Customer Data. Customer grants Jataka a temporary, limited license to process Customer Data solely as necessary to provide the Services.

4.3 Output Ownership. Subject to Customer's compliance with this Agreement, Customer shall own all rights, title, and interest in and to the Output (e.g., the resulting code or Pull Requests) once merged or deployed by Customer into its own environments.

4.4 Open Source Disclaimer. Customer acknowledges that AI Output may resemble existing open-source code. Customer is solely responsible for utilizing its standard internal processes (e.g., software composition analysis) to ensure merged Output complies with Customer's internal open-source licensing policies.

4.5 Feedback. Jataka may use any Feedback provided by Customer without restriction or obligation, and shall own all intellectual property rights in any enhancements to the Services based on such Feedback.

CONFIDENTIALITY

5.1 Definition & Obligations. Each party agrees to protect the other party's Confidential Information using the same degree of care it uses to protect its own (but no less than a reasonable degree of care). The receiving party will not disclose the disclosing party's Confidential Information to any third party except to its employees, contractors, and Sub-processors who need to know such information and are bound by confidentiality obligations.

5.2 Exclusions. Confidential Information does not include information that: (i) is or becomes publicly known through no fault of the receiving party; (ii) was rightfully known by the receiving party prior to disclosure; (iii) is independently developed without use of the disclosing party's Confidential Information; or (iv) is rightfully obtained from a third party without restriction.

FEES AND PAYMENT

6.1 Fees. Customer will pay all fees specified in Order Forms. Payment obligations are non-cancelable and fees paid are non-refundable.

6.2 Invoicing & Late Payments. Jataka will invoice Customer in advance. Invoiced charges are due Net 30 days from the invoice date. Late payments may accrue interest at the rate of 1.5% per month or the maximum rate permitted by law, whichever is lower.

6.3 Payment Disputes. If Customer reasonably and in good faith disputes an invoice, Customer must notify Jataka in writing within fifteen (15) days of receipt of the invoice.

6.4 Taxes. Fees do not include any Taxes. Customer is responsible for paying all Taxes associated with its purchases hereunder. If Customer is required by law to withhold any Taxes from its payments to Jataka, Customer must provide Jataka with an official tax receipt and increase the payment amount so that Jataka receives the full amount it would have received without the withholding.

TERM AND TERMINATION

7.1 Term & Auto-Renewal. This Agreement commences on the effective date of the Order Form. Subscriptions will automatically renew for additional periods equal to the expiring Subscription term unless either party gives the other written notice of non-renewal at least thirty (30) days before the end of the relevant term. Jataka reserves the right to increase the Fees for any renewal term by providing written notice to Customer at least sixty (60) days prior to the end of the then-current Subscription Term.

7.2 Termination for Cause. Either party may terminate this Agreement upon thirty (30) days written notice if the other party materially breaches this Agreement and fails to cure such breach within the notice period.

7.3 Return and Deletion of Data. Upon termination, Customer's access to the Services will cease. Within thirty (30) days following termination, Jataka will securely delete all Customer Data in its possession, unless legally prohibited.

7.4 Survival. Sections 1, 2.2, 4, 5, 6, 7.3, 7.4, 8.3, 9, 10, and 11 shall survive termination.

WARRANTIES AND DISCLAIMERS

8.1 Mutual Warranty. Each party represents and warrants that it has the legal power and authority to enter into this Agreement.

8.2 Advisory Nature of Service. Customer acknowledges that Jataka is an automated DevSecOps and static analysis tool. While Jataka strives for accuracy, AI agents may produce false positives, false negatives, or logically flawed code. Customer is solely responsible for reviewing, testing, and verifying any code, security patches, pull requests, or metadata deletions suggested by the Service before deploying them to a production environment.

8.3 DISCLAIMER. EXCEPT AS EXPRESSLY PROVIDED HEREIN, THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE." JATAKA SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.

LIMITATION OF LIABILITY

9.1 EXCLUSION OF CONSEQUENTIAL DAMAGES. IN NO EVENT WILL EITHER PARTY BE LIABLE FOR ANY LOST PROFITS, REVENUES, DATA, OR FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES.

9.2 LIABILITY CAP. EXCEPT FOR THE EXCLUSIONS LISTED IN SECTION 9.3, IN NO EVENT SHALL EITHER PARTY'S AGGREGATE LIABILITY ARISING OUT OF THIS AGREEMENT EXCEED THE TOTAL AMOUNT PAID BY CUSTOMER HEREUNDER FOR THE SERVICES GIVING RISE TO THE LIABILITY IN THE TWELVE (12) MONTHS PRECEDING THE FIRST INCIDENT OUT OF WHICH THE LIABILITY AROSE.

9.3 EXCLUSIONS. The limitations set forth in Section 9.2 shall not apply to: (i) a party's indemnification obligations under Section 10; (ii) a breach of Confidentiality under Section 5; or (iii) damages arising from a party's gross negligence or willful misconduct.

INDEMNIFICATION

10.1 Jataka Indemnification. Jataka will defend Customer against any claim made by a third party alleging that the use of the Services (the Platform itself, excluding AI-generated Output) infringes that third party's intellectual property rights, and will indemnify Customer for any damages and costs finally awarded. Jataka's indemnification obligations do not extend to AI-generated Output or code suggestions, which Customer is solely responsible for reviewing, testing, and verifying before deployment in accordance with Section 4.4 (Open Source Disclaimer).

10.2 Customer Indemnification. Customer will defend Jataka against any claim made by a third party alleging that Customer Data infringes the rights of that third party or violates applicable laws, and will indemnify Jataka for any damages and costs finally awarded.

10.3 Procedure. The indemnified party must: (i) promptly give written notice of the claim to the indemnifying party; (ii) give the indemnifying party sole control of the defense and settlement of the claim; and (iii) provide all reasonable assistance at the indemnifying party's expense.

GENERAL PROVISIONS

11.1 Governing Law & Jurisdiction. This Agreement shall be governed by the laws of the State of Delaware, without regard to its conflict of laws principles. Any legal actions arising under this Agreement shall be brought exclusively in the state or federal courts located in Delaware. EACH PARTY WAIVES ANY RIGHT TO JURY TRIAL IN CONNECTION WITH ANY ACTION OR LITIGATION IN ANY WAY ARISING OUT OF OR RELATED TO THIS AGREEMENT. Any proceedings to resolve or litigate any dispute will be conducted solely on an individual basis. Neither party will seek to have any dispute heard as a class action or in any other proceeding in which either party acts or proposes to act in a representative capacity.

11.2 Publicity. Jataka may use Customer's company name and logo on its website and promotional materials. Customer may opt-out or revoke this right at any time by providing written notice to Jataka.

11.3 Force Majeure. Neither party will be liable for delay or failure to perform its obligations (except for payment obligations) due to events beyond its reasonable control.

11.4 Export Compliance. Customer represents that it is not named on any U.S. government denied-party list and will not permit users to access the Services in a U.S.-embargoed country.

11.5 Assignment. Neither party may assign this Agreement without the other party's prior written consent, except in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets.

11.6 Severability and Waiver. If any provision is deemed void, the remaining provisions will remain in effect. No failure or delay in exercising any right constitutes a waiver.

11.7 Notices. Notices to Jataka must be sent via email to legal@jataka.io. Notices to Customer will be sent to the email address provided on the Order Form.

11.8 Entire Agreement. This Agreement constitutes the entire agreement between the parties and supersedes all prior agreements regarding its subject matter.