Master Service Agreement

(B2B Client Agreement for Churches and Charitable Organizations)

This Master Service Agreement (this "Agreement" or "MSA") is entered into by and between ChurchPlan Inc., a corporation organized under the laws of Canada ("ChurchPlan"), and the church, charitable organization, parish, diocese, ministry, or other faith-based entity identified in the accompanying Order Form (the "Client" or "Church").

This Agreement, together with any executed Order Form, the applicable Schedules, and the ChurchPlan End-User Terms of Service, constitutes the entire agreement between the parties with respect to the Platform. In the event of any conflict, the following order of precedence applies: (1) the executed Order Form; (2) this MSA; (3) the Schedules; (4) the End-User Terms of Service.

A Client may become bound by this Agreement either: (a) by executing an Agreement Package (comprising this MSA and a custom Order Form) via DocuSign or equivalent electronic signature platform; or (b) by accepting this Agreement through ChurchPlan's online subscription flow, in which case the provisions of Section 3.1 regarding provisional access and Order Form execution apply.

This Agreement is published at https://www.churchplan.com/master-service-agreement. All ChurchPlan legal documents, including the End-User Terms of Service and Privacy Policy, are available at https://www.churchplan.com/legal.

1. Definitions

In this Agreement, the following terms have the meanings set out below. Capitalized terms not defined herein have the meanings given in the End-User Terms of Service or the applicable Order Form.

2. Platform Access and License

2.1 Grant of License

Subject to the Client's compliance with this Agreement and timely payment of all applicable Fees, ChurchPlan grants the Client a limited, non-exclusive, non-transferable, non-sublicensable license during the Subscription Term to: (a) access and use the Platform solely for the Client's internal religious, charitable, and administrative purposes; (b) permit Authorized Administrators to access and use the Platform in accordance with this Agreement and the End-User Terms of Service; and (c) use the Documentation in connection with the authorized use of the Platform.

2.2 Restrictions

The Client must not, and must not permit any Authorized User or third party to:

• sublicense, resell, transfer, assign, or otherwise make the Platform available to any third party other than Authorized Administrators;
• copy, modify, adapt, translate, reverse engineer, decompile, disassemble, or create derivative works based on the Platform or any part thereof;
• use the Platform to build or support a competing product or service;
• remove, obscure, or alter any proprietary notices, labels, or marks on or within the Platform;
• use the Platform in any way that violates applicable law, the End-User Terms of Service, or this Agreement;
• access or attempt to access any part of the Platform or any other ChurchPlan system not expressly authorized under this Agreement; or
• use automated scripts, bots, or scraping tools to extract data from the Platform without ChurchPlan's prior written consent.

2.3 Authorized Administrators

The individual who completes the Standard Agreement online subscription on behalf of a Client Church is automatically designated as the initial Authorized Administrator with full, unrestricted access to the Platform for the purpose of configuring the system, assigning roles, and setting up the organization. The Client Church is deemed to have authorized this individual by virtue of completing the subscription. At the time of initial subscription, the Platform typically contains no member or donor data; the initial Authorized Administrator designation is a necessary technical precondition for Platform setup and does not imply that ChurchPlan has assessed or approved that individual's suitability for ongoing administrative access.

The Client Church may grant, modify, or revoke the Authorized Administrator designation — including the initial unrestricted designation — for any individual at any time and as many times as its operational needs require. The Authorized Administrator role is assigned exclusively by the Client Church. ChurchPlan does not determine, grant, or revoke Authorized Administrator status. The Client Church is responsible for reviewing and reconfiguring access designations as part of its onboarding process and as its organizational needs evolve.

The Client is responsible for: (a) managing access credentials for all Authorized Administrators; (b) ensuring all Authorized Administrators comply with this Agreement and the End-User Terms of Service; (c) promptly revoking access for any individual who is no longer an Authorized Administrator; and (d) all acts and omissions of its Authorized Administrators in connection with the Platform. The Client is solely responsible for the appropriateness of the access levels it grants to its Authorized Administrators, including administrative and elevated privileges.

2.4 White-Labeling and Branding

Where the Client's Order Form includes white-labeling or custom branding features, the Client may display its own name, logo, and brand elements within the designated areas of the Platform interface. The Client grants ChurchPlan a limited license to use the Client's brand assets solely as necessary to provide the white-labeling functionality. The Client represents that it holds all rights necessary to authorize such use. ChurchPlan retains ownership of the underlying Platform and infrastructure, and the Client must not represent the Platform as its own proprietary technology.

2.5 Acceptable Use

The Client must use the Platform only for lawful religious, charitable, administrative, and community-management purposes consistent with its organizational mandate. The Client must not use the Platform for any purpose that is unlawful, harmful, abusive, or that violates applicable law. Repeated or serious violations of the acceptable use requirements may result in suspension or termination of the Client's access in accordance with Section 15.

The Client must not use the Platform in any way that consumes excessive Platform resources and as a result would cause, or is likely to cause, a material degradation in the performance or availability of the Platform for other clients of ChurchPlan. ChurchPlan may apply reasonable technical measures to limit resource consumption by individual clients for the purpose of maintaining service quality across its client base, and will provide reasonable advance notice before applying such limits unless an immediate degradation risk requires immediate action.

2.6 No Access to Software Code

For the avoidance of doubt, the Client has no right to access the software code (including object code, intermediate code, and source code) of the Platform, either during or after the Subscription Term. Nothing in this Agreement grants the Client any right, title, or interest in the underlying software, algorithms, database schemas, or technical infrastructure of the Platform. This restriction applies regardless of any access the Client may have to Platform data, APIs, exports, or administrative interfaces.

3. Subscription, Fees, and Payment

3.1 Subscription and Agreement Type

The Platform is available to Client Churches through two binding agreement methods:

• Standard Agreement. A Client that accepts this MSA through ChurchPlan's online subscription flow (click-wrap acceptance) enters into a fully binding Standard Agreement. The Client's subscription tier, features, and applicable fees are based on ChurchPlan's published pricing at the time of acceptance. No Order Form is required. The Standard Agreement is not provisional and constitutes the complete agreement between the parties from the date of acceptance. The individual completing the online subscription represents and warrants that they have authority to bind the Client Church to this Agreement and to act as its initial Authorized Administrator.
• Custom Agreement. Where ChurchPlan determines that a custom arrangement is appropriate — typically for larger churches, dioceses, multi-location organizations, or engagements requiring negotiated pricing, custom service levels, or special terms — ChurchPlan issues the Client a custom Order Form. The parties execute a combined Agreement Package (this MSA and the Order Form) via DocuSign or equivalent. Upon execution, the Agreement Package supersedes any prior click-wrap acceptance and constitutes the complete and binding agreement between the parties.

ChurchPlan may offer promotional pricing, volume discounts for multi-site organizations or dioceses, or other fee adjustments on a case-by-case basis, as reflected in the applicable Order Form or confirmed in writing by ChurchPlan. Any such adjustment applies only for the period expressly specified and does not carry over to any renewal term unless confirmed in a new or amended Order Form signed by both parties.

3.2 Order Form Supremacy

The Order Form forming part of the executed Agreement Package sets out the specific subscription tier, Fees, Subscription Term, and any applicable promotional or volume pricing agreed between the parties. In the event of any conflict between this Agreement and an executed Order Form, the Order Form prevails with respect to pricing, tier, term, discounts, and any matter expressly addressed therein. This Agreement prevails in all other respects. An Order Form is binding on ChurchPlan only when executed by an authorized representative of ChurchPlan.

3.3 Payment Terms

Unless otherwise specified in the Order Form: (a) Fees are invoiced annually in advance or as otherwise agreed in the Order Form; (b) all invoices are due and payable within thirty (30) days of the invoice date; (c) all Fees are non-cancellable and non-refundable except as expressly provided in this Agreement; and (d) ChurchPlan reserves the right to suspend access to the Platform for overdue accounts after providing fourteen (14) days' written notice.

3.4 Taxes

All Fees are exclusive of applicable taxes, including sales tax, HST/GST, VAT, and similar levies. The Client is responsible for paying all such taxes arising from transactions under this Agreement, except for taxes on ChurchPlan's net income. Where ChurchPlan is required by law to collect taxes, it will add them to the applicable invoice. The Client must provide valid tax exemption certificates where applicable.

3.5 Payment Processing Fees

All donations, event payments, and other financial transactions processed through the Platform are subject to Processing Fees charged by the applicable third-party payment processor(s). Processing Fees are separate from ChurchPlan's subscription Fees and are governed by the Client's direct agreement with the relevant payment processor (see Section 4.4 for payment processor onboarding requirements). ChurchPlan currently uses Stripe as its sole payment processor. For jurisdictions not served by Stripe, ChurchPlan may engage an alternative processor, in which case that processor's fee structure and terms will apply and the Client will be notified accordingly. The Client acknowledges and agrees that:

• Processing Fees are deducted by the payment processor from the gross transaction amount before funds are settled to the Client. Processing Fees are not charged by ChurchPlan to end-user donors or event attendees.
• Payment processing costs are a standard operating cost of accepting payments in any form — comparable, for example, to the per-item banking fees a Church incurs when depositing donated cheques. ChurchPlan does not introduce a net-new category of cost; it provides a digital payment infrastructure whose costs fall within the same category as the Client's existing banking and payment administration expenses.
• Tax receipts generated through the Platform reflect the full gross donated amount, consistent with applicable tax authority guidance (CRA, IRS, ATO, HMRC, and others). The receipted amount is the donor's total gift — not the net amount received after processor fees. The Client is solely responsible for confirming that this receipting approach is lawful and appropriate in its jurisdiction. Where applicable tax law requires that Processing Fees be disclosed or treated differently for receipt purposes, compliance is the Client's sole responsibility.
• The Client is solely responsible for understanding, accepting, and managing Processing Fees as an operating cost of its fundraising, donation, and event administration programs.
• The Platform is not configured to add surcharges or deductions to the amounts entered by donors or event attendees at the point of payment. The Client must not configure the Platform in any way that results in an unauthorized surcharge being applied to a payment in violation of applicable consumer protection or payment services law.
• Any optional "cover the fee" or donor fee-contribution feature, if made available by ChurchPlan, may only be enabled by the Client in jurisdictions where such features are legally permissible and in accordance with ChurchPlan's guidelines.

3.6 Zero Platform Ticketing Fee

ChurchPlan does not charge a platform service fee, booking fee, or convenience fee on event tickets or event registrations sold through the Platform, under the Client's current subscription tier. This zero-platform-fee commitment applies to ChurchPlan's own charges only and does not limit or cap Processing Fees charged by third-party payment processors, which remain the Client's operating cost responsibility as set out in this Section 3.4. ChurchPlan reserves the right to introduce optional premium event features at additional cost in future subscription tiers, with appropriate advance notice to existing Clients.

3.7 Disputed Invoices

If the Client disputes any invoice in good faith, it must notify ChurchPlan in writing within fifteen (15) days of the invoice date by contacting billing@churchplan.com, specifying the disputed amount and the basis for the dispute. The parties will work in good faith to resolve the dispute within thirty (30) days. Undisputed amounts remain payable on their due date. ChurchPlan will not suspend access to the Platform due to a bona fide disputed amount while the dispute is being resolved in good faith.

3.8 Auto-Renewal

Unless otherwise specified in the Order Form, the Subscription Term will automatically renew for successive periods equal in length to the initial Subscription Term (or one year, whichever is shorter) unless either party provides written notice of non-renewal at least sixty (60) days before the end of the then-current Subscription Term.

3.9 Price Changes

ChurchPlan may adjust its Fees for renewal Subscription Terms by providing the Client with at least sixty (60) days' written notice prior to the end of the then-current Subscription Term. If the Client does not accept a price increase, it may elect not to renew by providing notice of non-renewal in accordance with Section 3.8. Continued use of the Platform following the commencement of a renewal Subscription Term constitutes acceptance of the adjusted Fees.

4. Onboarding, Implementation, and Data Migration

4.1 Onboarding Services

ChurchPlan will provide standard onboarding assistance as described in Schedule C or as specified in the Order Form. Onboarding support includes Platform configuration guidance, basic training for administrative users, and access to Documentation. Additional onboarding, customization, or professional services, if required, may be available for additional fees as agreed in writing.

4.2 Data Migration and Import

The Client may import or migrate existing member, donor, event, and related data into the Platform from legacy systems or third-party software. With respect to any data imported into the Platform, the Client represents, warrants, and covenants that:

• it has obtained all rights, consents, permissions, and legal authorizations required under applicable privacy and data protection law to transfer such data to ChurchPlan for processing;
• all individuals whose Personal Information is imported have been notified of the transfer and its purposes, or such notification is not required under applicable law;
• the data import does not violate any applicable law, regulation, or third-party right;
• all imported data is accurate, complete, and has been lawfully collected by the Client; and
• the Client has conducted any required privacy impact assessments or data protection reviews prior to migration.

ChurchPlan does not independently verify the accuracy, completeness, or lawfulness of data imports and is not responsible for errors, omissions, or legal issues arising from data imported by the Client. The Client indemnifies ChurchPlan for any claims, losses, or liabilities arising from unlawful or unauthorized data imports.

4.3 Data Format and Compatibility

The Client is responsible for preparing its data in formats compatible with ChurchPlan's import tools, as described in the Documentation. ChurchPlan may provide reasonable assistance with data formatting as part of onboarding services but is not responsible for data loss, corruption, or errors arising from incompatible or incorrectly formatted import files.

4.4 Payment Processor Onboarding

As part of Platform onboarding, the Client must establish a direct account relationship with ChurchPlan's payment processor. ChurchPlan currently uses Stripe as its sole payment processor. For jurisdictions not currently served by Stripe, ChurchPlan may engage an alternative payment processor and will notify the Client accordingly before payment features are activated. This requires the Client to: (a) complete the payment processor's identity verification and Know Your Customer (KYC) onboarding process; (b) review and accept the payment processor's own terms of service, which govern the direct relationship between the Client and the processor independently of this Agreement; and (c) provide any documentation required by the processor to activate the Client's payment account.

ChurchPlan facilitates this connection through its Platform integration but is not a party to the agreement between the Client and any payment processor and is not responsible for the processor's terms, decisions, fund holds, reserves, or payout schedules. By proceeding with Platform onboarding, the Client acknowledges that it will enter into a direct legal relationship with the applicable payment processor and agrees to comply with that processor's terms at all times during the Subscription Term. Payment processing features will not be activated until the Client has completed the processor's onboarding requirements. See Section 3.5 for provisions governing Processing Fees.

5. Service Levels, Support, and Maintenance

5.1 Service Level Commitment

ChurchPlan will use commercially reasonable efforts to make the Platform available in accordance with the Service Level Agreement set out in Schedule B. The SLA sets out: (a) ChurchPlan's target uptime percentage; (b) the measurement methodology; (c) scheduled and emergency maintenance windows; (d) incident classification and response targets; and (e) service credits available to the Client for SLA breaches.

5.2 Scheduled Maintenance

ChurchPlan may take the Platform offline for scheduled maintenance during designated low-traffic maintenance windows as described in Schedule B. ChurchPlan will provide reasonable advance notice of scheduled maintenance that is expected to cause significant service disruption. Scheduled maintenance downtime is excluded from uptime calculations.

5.3 Support Services

ChurchPlan will provide the Support Services described in Schedule C during the Subscription Term. Support tiers, response times, and escalation paths are set out in Schedule C. The Client's designated administrator(s) are the primary point of contact for support requests. ChurchPlan is not obligated to provide support for issues caused by: (a) the Client's misuse or misconfiguration of the Platform; (b) third-party software, hardware, or services not provided by ChurchPlan; (c) the Client's failure to use current, supported versions of the Platform; or (d) circumstances outside ChurchPlan's reasonable control.

5.4 Platform Updates and Changes

ChurchPlan may update, modify, or enhance the Platform at any time, including by adding, changing, or removing features. ChurchPlan will provide reasonable advance notice of material changes that may affect the Client's use of the Platform. The Client acknowledges that as a SaaS product, the Platform evolves over time and some changes may be made without prior notice where necessary for security, legal compliance, or infrastructure reasons.

5.5 Third-Party Dependencies

The Platform integrates with third-party services including payment processors, email delivery providers, push notification services, and cloud infrastructure. ChurchPlan is not responsible for downtime, errors, or service disruptions caused by third-party providers, and such disruptions are excluded from SLA calculations where they are beyond ChurchPlan's reasonable control.

6. Data Ownership, Privacy, and Security

6.1 Client Data Ownership

As between the parties, the Client retains all right, title, and interest in and to Client Data. The Client grants ChurchPlan a limited, non-exclusive, worldwide license to access, process, store, transmit, and use Client Data solely as necessary to provide the Platform, perform ChurchPlan's obligations under this Agreement, and fulfill ChurchPlan's legitimate operational purposes (including security, fraud prevention, and legal compliance). ChurchPlan does not acquire any ownership interest in Client Data.

6.2 Data Processing Agreement

To the extent ChurchPlan processes Personal Information on behalf of the Client as a data processor, the parties' rights and obligations with respect to such processing are governed by the Data Processing Agreement set out in Schedule A. The DPA is an integral part of this Agreement. Where required by applicable law (including GDPR Article 28 and equivalent requirements), the DPA constitutes the legally binding data processing agreement between the parties.

6.3 Client Responsibilities as Data Controller

The Client acknowledges that it acts as an independent data controller with respect to the Personal Information of its members, donors, participants, and community. As a data controller, the Client is solely responsible for:

• ensuring it has a lawful basis under applicable law to collect, use, and transfer Personal Information to ChurchPlan for processing;
• providing adequate privacy notices and obtaining all required consents, permissions, and authorizations from individuals whose data it uploads to or processes through the Platform;
• responding to data subject requests (access, correction, deletion, portability, and objection) relating to Client-controlled data;
• complying with all applicable privacy, data protection, and charitable laws in its own jurisdiction and in the jurisdictions of its members and donors;
• maintaining appropriate internal policies and procedures for data governance, security, and breach response; and

Where the Client directs its members or donors to external third-party platforms — including external donation platforms such as PayPal, GoFundMe, Zeffy, or similar services — the Client acknowledges that ChurchPlan has no data processing role in respect of any Personal Information collected by those external platforms. The Client is solely responsible for ensuring that any external platform it endorses or links to meets its own data protection obligations and that its members are informed accordingly. ChurchPlan bears no liability for the data handling practices of external platforms.

• notifying ChurchPlan promptly — and in any event within 48 hours — of any suspected or confirmed data breach involving Client Data hosted on or transmitted through the Platform.

6.4 Security Measures

ChurchPlan implements and maintains the following technical, administrative, and organizational security measures for the Platform:

• Encryption: All data in transit is protected using 256-bit TLS 1.2+ encryption. Data at rest is encrypted using AES-256 or equivalent. Session cookies are secured with HTTP-only and secure flags.
• Authentication and Access Control: The Platform uses role-based access control (RBAC) with the principle of least privilege, supporting roles including members, treasurers, service supervisors, and administrators, each with carefully scoped permissions. All sessions use token-based authentication that expires automatically. Sessions are immediately invalidated when a user's role or permissions change. Passwords are stored using bcrypt hashing — plaintext credentials are never stored. Email verification is required before users can access sensitive features.
• Data Isolation: Each Client's data is fully isolated at the database level. No Client's data is accessible to any other organization on the Platform.
• Payment Security: ChurchPlan does not store credit card numbers or full payment credentials on its servers. All payment processing is handled through ChurchPlan's payment processor (currently Stripe, its sole processor) is PCI-compliant and tokenizes all financial data before it reaches ChurchPlan's systems. Apple Pay and Google Pay are payment methods handled by the processor on the Client's behalf.
• Infrastructure and Availability: The Platform uses containerized deployments on managed cloud infrastructure with automated health checks and real-time error monitoring. Automated daily backups are maintained to ensure data recoverability. Rate limiting is applied to sensitive endpoints including login and email verification to prevent abuse and brute-force attacks.
• File Security: Uploaded files are sanitized and stored on dedicated cloud infrastructure separate from application servers, with enforced file size limits.
• Activity Logging: All authenticated requests are logged, recording user identity, timestamp, action performed, and originating IP address. Logs are immutable and available to ChurchPlan for investigation and to law enforcement and regulatory authorities upon lawful request.
• Child Safety: The Platform includes date-of-birth-based age verification controls and parent/guardian consent workflows for events and activities involving minors.
• SOC 2 Alignment: ChurchPlan aligns its security controls with the SOC 2 framework, maintaining controls around security, availability, and confidentiality.
• Activity Supervisor access: participant data access for Activity Supervisors is scoped at the application level to a single active Activity. Access is automatically revoked when the Activity expires and is removed from active Platform listings. Participant list exports during an Activity produce a one-time file; no persistent remote data access is maintained after Activity expiry.

The detailed technical and organizational measures applicable to ChurchPlan's processing of Personal Information on behalf of the Client are set out in Schedule A (Data Processing Agreement), Section A.6. The Client remains responsible for its own administrative access security, including safeguarding administrator credentials and promptly revoking access for departing personnel.

6.5 Breach Notification

In the event of a data breach affecting Client Data, ChurchPlan will: (a) notify the Client without undue delay upon becoming aware of the breach; (b) provide available information regarding the nature, scope, and likely consequences of the breach; (c) take reasonable steps to contain and mitigate the breach; and (d) cooperate with the Client's breach response and notification obligations. The parties will coordinate in good faith to comply with applicable breach notification requirements in relevant jurisdictions.

6.6 Data Export

During the Subscription Term, the Client may export Client Data using available administrative tools within the Platform. ChurchPlan will provide the Client with reasonable assistance in exporting Client Data at the Client's request. Exported data is subject to the Client's own data governance obligations once outside the Platform environment.

For the criminal and contractual consequences of unauthorised data export by Client administrators, see Section 10.5.

6.7 Return and Deletion of Data

Upon termination or expiry of this Agreement: (a) ChurchPlan will make Client Data available for export by the Client for a period of ninety (90) days following termination; (b) following the export period, ChurchPlan will securely delete or anonymize Client Data in accordance with its data retention policies and applicable law, unless legal obligations require longer retention; and (c) ChurchPlan may retain metadata, logs, and anonymized records as necessary for fraud prevention, system security, legal compliance, and audit purposes.

6.8 Subprocessors

ChurchPlan uses third-party subprocessors to provide the Platform, including cloud hosting, payment processing, email delivery, and support tooling. A current list of material subprocessors is available upon request on a case-by-case basis by contacting privacyofficer@churchplan.com. ChurchPlan treats its subprocessor relationships as commercially sensitive and does not publish this list publicly, which is consistent with applicable privacy law requirements that require availability on request rather than mandatory public disclosure. ChurchPlan will provide the Client with at least thirty (30) days' prior written notice before engaging a new subprocessor that may materially affect the processing of Client Data. The Client may object to a new subprocessor on reasonable grounds relating to data protection within fifteen (15) days of notice. If the parties cannot resolve a legitimate objection, the Client may terminate the Agreement without penalty on ninety (90) days' written notice.

7. Donations, Receipting, and Financial Administration

7.1 ChurchPlan's Role

ChurchPlan provides technology infrastructure that enables the Client to accept donations, manage donor records, and generate tax receipts through the Platform. ChurchPlan does not act as a charitable organization, fundraising agent, trustee, financial intermediary, custodian of donated funds, or registered charity in any jurisdiction. Donated funds are processed directly by the applicable payment processor and settled directly to the Client.

ChurchPlan's zero-platform-fee commitment, tax receipting tools, and data processing obligations apply exclusively to donations and payments processed through the ChurchPlan Platform. Transactions completed through external donation platforms linked to by the Client — such as PayPal, GoFundMe, or Zeffy — are outside ChurchPlan's scope entirely. ChurchPlan has no visibility into, and no responsibility for, such transactions.

7.2 Client Sole Responsibility for Fundraising and Compliance

The Client is solely responsible for all aspects of its fundraising programs conducted through the Platform, including:

• the lawfulness of all fundraising activities and donor communications;
• compliance with applicable charitable fundraising, charitable registration, and consumer protection laws in all relevant jurisdictions;
• determining whether donations qualify for tax receipting under applicable law;
• configuring the Platform's receipting features accurately, including issuer name, legal address, charitable registration number, and authorized signatory;
• determining the receipt issuance method (per-transaction or annual consolidated) and ensuring it complies with applicable law;
• reviewing all receipts generated through the Platform for accuracy and legal sufficiency before delivery to donors;
• issuing corrections, cancellations, or replacement receipts where necessary; and
• maintaining all donation and receipting records for the minimum periods required by applicable tax and charitable law.

7.3 No Pass-Through Surcharges to Donors

The Platform is not configured to add surcharges, processing fees, or deductions to amounts entered by donors at the point of giving. The Client must not configure or use the Platform in any way that imposes a surcharge on a donor's payment in violation of applicable consumer protection, payment services, or charitable fundraising law in the donor's jurisdiction. Any such misconfiguration is a material breach of this Agreement.

7.4 Authorized Signatories and Receipt Configuration

The Client is solely responsible for: (a) the accuracy, authenticity, and legal authority of all signatures, signatory names, and authorized signatory information uploaded to the Platform for use on tax receipts; (b) promptly updating signatory information when an authorized signatory changes; and (c) the legal sufficiency of all receipts issued using the Platform's automated receipting tools. ChurchPlan does not verify signatory authority and bears no liability for receipts issued with inaccurate, outdated, or unauthorized signatory information.

7.5 Split Receipting and Donation Tickets

Where the Client enables split-receipting features (Donation Tickets) through the Platform, the Client is solely responsible for: (a) correctly configuring the fair market value of any participation benefit (the "Advantage"); (b) ensuring the eligible charitable donation portion is accurately calculated and receipted; (c) compliance with all applicable charity and tax laws governing split-receipted transactions; and (d) any corrections or adjustments required by a tax authority. ChurchPlan provides only the technical infrastructure for such configurations and bears no liability for non-compliant split-receipt transactions.

7.6 Refund and Chargeback Policies

The Client is solely responsible for its donation and event payment refund policies. The Client must ensure its refund policies comply with applicable consumer protection law in the jurisdictions where it solicits donations and registrations. ChurchPlan does not issue refunds on the Client's behalf and is not liable for the outcome of chargebacks or payment disputes. The Client must cooperate promptly with ChurchPlan and the applicable payment processor in responding to chargebacks and payment disputes.

8. Intellectual Property

8.1 ChurchPlan's IP

The Platform — including all software, code, databases, interfaces, designs, algorithms, workflows, Documentation, and related technology — is and remains the exclusive property of ChurchPlan and its licensors. Nothing in this Agreement transfers any intellectual property rights in the Platform to the Client. The Client receives only the limited license expressly granted in Section 2.1.

8.2 Client's IP

The Client retains all intellectual property rights in Client Data, the Client's brand assets, and any content, materials, or data it uploads to or generates within the Platform. ChurchPlan acquires no ownership interest in the Client's intellectual property.

8.3 Feedback

If the Client or its Authorized Administrators provide feedback, suggestions, or ideas about the Platform, the Client agrees that ChurchPlan may use such feedback without restriction or compensation, and the Client assigns to ChurchPlan all intellectual property rights in such feedback to the extent permitted by law.

8.4 Usage Data

ChurchPlan may collect and use aggregated, anonymized usage and performance data derived from the Client's use of the Platform for the purpose of improving the Platform, conducting internal research, and generating industry benchmarks. Such data will not identify the Client or any individual and will not be sold to third parties.

8.5 Trademarks and Brand Assets

ChurchPlan names, logos, marks, domain names, slogans, and related branding are owned by ChurchPlan or its licensors. No right or license to use ChurchPlan branding is granted to the Client or its Authorized Administrators except as expressly authorized in writing by ChurchPlan. The Client must not use ChurchPlan's branding in any manner that could imply endorsement, partnership, or affiliation beyond what is expressly authorized under this Agreement.

8.6 Church Content License Grant

The Client retains ownership of all content, branding, materials, announcements, events, settings, and media it uploads or configures through the Platform. By uploading or configuring such content, the Client grants ChurchPlan a limited, non-exclusive, worldwide, royalty-free license to host, store, process, display, and transmit such content solely as necessary to operate the Platform and fulfil ChurchPlan's obligations under this Agreement. This license terminates upon deletion of the content or termination of this Agreement, subject to any applicable backup and retention obligations.

8.7 Restrictions on Intellectual Property Use

The Client must not, and must ensure its Authorized Administrators and Personnel do not, directly or indirectly: (a) copy, reproduce, modify, adapt, translate, or create derivative works from the Platform; (b) reverse engineer, decompile, or disassemble any part of the Platform except where prohibited by law from restricting such activity; (c) bypass access controls, security measures, or authorization mechanisms; (d) sublicense, resell, or commercially exploit the Platform or any data obtained through it without ChurchPlan's prior written consent; (e) extract code, data, structural elements, or proprietary content using bots, scrapers, crawlers, or automated tools not expressly authorized by ChurchPlan; or (f) use the Platform, its data, or its outputs to develop, support, or enhance a competing product or service.

8.8 Artificial Intelligence and Machine Learning Prohibition

The Client must not, and must ensure its Authorized Administrators and Personnel do not, directly or indirectly use any part of the Platform — including its user interfaces, screens, workflows, features, Documentation, data outputs, or visual design — as input to any artificial intelligence, machine learning, large language model, generative AI, or similar automated system for the purpose of: (a) replicating, reverse-engineering, or recreating ChurchPlan's technology, features, or user experience; (b) generating competing software, applications, or services; or (c) circumventing ChurchPlan's intellectual property rights. This prohibition applies regardless of whether the use involves direct copying, screenshot analysis, visual or textual inference, or any other method by which a third-party AI system is used to derive insights from or reproduce ChurchPlan's proprietary work. ChurchPlan reserves all rights to seek injunctive relief, damages, and any other available remedies for violations of this clause.

8.9 Copyright Infringement — Notice Procedure

If the Client believes any content on the Platform infringes its intellectual property rights, it may send a written notice to legal@churchplan.com including: (a) sufficient detail to identify the allegedly infringing material and its location on the Platform; (b) a description of the Client's claimed rights; (c) the Client's contact information; and (d) a good-faith statement that the use is not authorized. ChurchPlan may, in its discretion, remove or disable access to the content and take further appropriate action upon receipt of a valid notice.

9. Confidentiality

9.1 Obligations

Each party ("Receiving Party") agrees to: (a) keep the other party's ("Disclosing Party's") Confidential Information strictly confidential; (b) use Confidential Information only for the purposes of this Agreement; (c) not disclose Confidential Information to any third party without the Disclosing Party's prior written consent, except to employees, contractors, or professional advisors who need to know it for the purposes of this Agreement and are bound by confidentiality obligations at least as protective as those in this Agreement; and (d) protect Confidential Information using at least the same degree of care it uses to protect its own confidential information, but no less than reasonable care.

9.2 Exceptions

The confidentiality obligations do not apply to information that: (a) is or becomes publicly available through no fault of the Receiving Party; (b) was known to the Receiving Party prior to disclosure without confidentiality obligations; (c) is independently developed by the Receiving Party without use of the Disclosing Party's Confidential Information; or (d) must be disclosed by law, regulation, or court order — provided the Receiving Party gives the Disclosing Party prompt prior notice (to the extent permitted by law) and cooperates with any protective order the Disclosing Party seeks.

9.3 Client Data

Client Data is the Confidential Information of the Client. ChurchPlan's obligations with respect to the confidentiality and security of Client Data are governed by this Section 9, Section 6 (Data, Privacy, and Security), and Schedule A (DPA).

9.4 Survival

Confidentiality obligations survive termination or expiry of this Agreement for a period of five (5) years from the date of termination or expiry, at the end of which period they shall cease to have effect. Notwithstanding the foregoing, obligations with respect to trade secrets shall continue for as long as the relevant information remains a trade secret, and obligations with respect to Personal Information shall continue for as long as required by applicable privacy law.

10. Administrative Access and Data Governance

10.1 Administrative Access Controls

The Client is solely responsible for managing administrative access to the Platform, including: (a) granting administrative roles only to individuals who require such access for legitimate operational purposes of the Client Church; (b) ensuring all Authorized Administrators are aware of and comply with the obligations in this Section 10 and with ChurchPlan's published acceptable use requirements; (c) using secure, unique credentials for each administrative account and enabling multi-factor authentication where available; (d) promptly revoking access for any Authorized Administrator who leaves the Client's employ or whose role no longer requires Platform access; (e) maintaining its own internal records of who has been granted administrative access and for what purpose; and (f) ensuring that Activity Supervisors are informed of their data handling obligations, that their access is appropriately scoped to the relevant Activity, and that any participant list downloaded during an Activity is not retained or repurposed after the Activity concludes.

The Authorized Administrator role is assigned exclusively by the Client Church. ChurchPlan does not determine, grant, or revoke administrative access. The Client Church may assign or revoke the Authorized Administrator designation for any individual at any time and as many times as its operational needs require. ChurchPlan is not responsible for unauthorized access, data misuse, or data loss resulting from the Client's failure to maintain appropriate administrative access controls, including the use of compromised, shared, or inadequately protected credentials, or the failure to reconfigure access designations following changes in personnel or organizational structure.

10.2 Permitted Use of Administrative Functions

Authorized administrators must use administrative functions solely for the legitimate operational purposes of the Client Church. Administrators must not: (a) access, export, modify, or delete data without proper organizational authorization; (b) use Personal Information obtained through administrative access for purposes unrelated to the Client Church's operations or the purposes for which it was collected; (c) bypass permission controls, access restrictions, or audit mechanisms built into the Platform; (d) perform unauthorized refunds, cancellations, adjustments, or financial actions; (e) share administrative credentials or access with individuals who are not Authorized Administrators; or (f) use administrative tools in any manner that violates applicable law, this Agreement, or ChurchPlan's published guidelines.

The Client shall implement, enforce, and document internal policies governing the permissible use of administrative access, and shall ensure all administrators are trained on and bound by those policies.

Activity Supervisors have access to participant Personal Information for a specific Activity only. Their access is time-limited and is automatically revoked upon expiry of the Activity, when the Platform removes it from active listings. Activity Supervisors must use participant data solely for the purpose of administering and supervising the relevant Activity. They must not export, share, retain, or repurpose participant data beyond that purpose. Where a participant list is downloaded during an Activity, the Client is responsible for ensuring that list is handled in accordance with applicable privacy law and is not retained beyond the operational needs of the Activity.

10.3 Data Export Controls

Data export functions available through the Platform are provided solely for the Client's legitimate operational and compliance purposes — including data portability, backup, migration, regulatory reporting, and authorized ministry administration. The Client must not use export functions to compile, aggregate, or extract member, donor, or community data for commercial resale, transfer to unauthorized third parties, or any purpose inconsistent with the purposes for which the data was originally collected.

ChurchPlan maintains immutable administrative access logs for all data export events initiated through the Platform. These logs record the identity of the user who initiated the export, the date and time, the categories and volume of data exported, and the originating IP address and device. Export logs cannot be modified or deleted by Client administrators. ChurchPlan will provide export log evidence to the Client, to law enforcement agencies, and to regulatory authorities upon request in connection with any investigation of data misuse or unauthorized access.

10.4 Unauthorised Data Export, Sale, and Criminal Consequences

The unauthorised export, sale, transfer, disclosure, or commercial exploitation of Personal Information obtained through the Platform — including member lists, donor contact details, family records, or any data accessed through administrative functions — constitutes a material breach of this Agreement, entitling ChurchPlan to immediate termination without a cure period under Section 15.3.

Such conduct may also constitute a criminal offence under applicable law. Applicable provisions include, without limitation: (a) Canada — Criminal Code ss. 342.1 and 430; PIPEDA and the Consumer Privacy Protection Act (wilful contravention attracting significant fines); (b) United States — Computer Fraud and Abuse Act; applicable state privacy laws including CCPA/CPRA (civil penalties of up to USD $7,500 per intentional violation); (c) EU and UK — GDPR Article 83(5) (fines of up to EUR 20 million or 4% of global annual turnover); criminal liability under national implementing legislation; (d) Australia — Privacy Act 1988 s.13G; Criminal Code Act 1995. These consequences apply personally to any Authorized Administrator or Activity Supervisor — each holding that designation solely by virtue of assignment by the Client Church or its Authorized Administrators, not by ChurchPlan — independently of any liability of the Client Church as an organization.

ChurchPlan maintains immutable audit logs for all data export events as described in Section 10.3. Any claim that an unauthorised export constitutes a "data breach" attributable to ChurchPlan — where audit logs confirm the export was initiated by an authenticated and authorized user — is factually incorrect and may itself constitute fraud, a false statement to a regulator, or obstruction of justice. ChurchPlan will make its full audit log evidence available to any competent authority investigating such a claim.

The Client shall: (a) implement and enforce internal policies prohibiting unauthorised data export by its Authorized Administrators; (b) cooperate fully with any law enforcement or regulatory investigation of data misuse originating from the Client's Platform account; (c) notify ChurchPlan immediately upon becoming aware of any suspected or actual unauthorised export; and (d) indemnify ChurchPlan against all claims, losses, fines, and costs arising from data misuse by the Client's Authorized Administrators or other personnel, pursuant to Section 12.6.

10.5 Reporting Obligations

The Client shall notify ChurchPlan immediately — and in any event within twenty-four (24) hours — upon becoming aware of: (a) any suspected or confirmed unauthorized export, sale, disclosure, or misuse of Personal Information accessed through the Client's Platform account; (b) any compromise of administrative credentials; (c) any actual or suspected unauthorized access to administrative functions; or (d) any regulatory inquiry, complaint, or investigation relating to the Platform or the data it holds. Notification must be sent to safety@churchplan.com and legal@churchplan.com. Failure to notify ChurchPlan promptly of a known data security incident is a material breach of this Agreement.

The Client shall cooperate fully with ChurchPlan in responding to any data security incident, regulatory inquiry, or law enforcement investigation arising from the Client's use of the Platform, including providing all relevant records, communications, and access logs within the Client's control.

11. Representations and Warranties

11.1 Mutual Representations

Each party represents and warrants to the other that: (a) it has the legal authority to enter into and perform this Agreement; (b) this Agreement has been duly authorized, executed, and constitutes a legally binding obligation; and (c) its performance of this Agreement does not violate any applicable law, regulation, or third-party right.

11.2 ChurchPlan's Warranties

ChurchPlan represents and warrants that: (a) the Platform will perform materially in accordance with the Documentation during the Subscription Term; (b) ChurchPlan will provide the Platform using personnel of reasonable skill and experience; (c) ChurchPlan will implement and maintain security measures consistent with industry standards for SaaS platforms handling charitable and financial data; (d) ChurchPlan holds all rights necessary to grant the license in Section 2.1 and the Platform, as provided, does not infringe any third-party intellectual property rights; and (e) ChurchPlan will use reasonable and current industry-standard tools and practices to maintain the Platform free from viruses, worms, Trojan horses, ransomware, spyware, adware, and other malicious software that such tools are capable of detecting. ChurchPlan does not warrant that the Platform will be entirely free from all security vulnerabilities, as no security system provides absolute protection.

11.3 Client's Warranties

The Client represents and warrants that: (a) it is a bona fide church, charitable organization, or faith-based entity and will use the Platform only for purposes consistent with its organizational mandate; (b) it holds all charitable registrations, licenses, and authorizations required to accept donations and conduct fundraising in its jurisdiction; (c) all Client Data it uploads to the Platform has been lawfully collected and the Client has the right to use and process it as contemplated by this Agreement; (d) it will comply with all applicable laws in connection with its use of the Platform, including privacy, charitable fundraising, consumer protection, and tax laws; and (e) it has accepted, or will accept prior to activating payment features, the terms of service of the applicable payment processor (currently Stripe; or such alternative processor as notified by ChurchPlan for the Client's jurisdiction) and has the legal capacity and authority to enter into that direct relationship on behalf of the Client Church.

11.4 Disclaimer of Warranties

EXCEPT AS EXPRESSLY SET OUT IN THIS SECTION 10, THE PLATFORM IS PROVIDED "AS IS" AND "AS AVAILABLE." CHURCHPLAN MAKES NO OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, OR UNINTERRUPTED OR ERROR-FREE OPERATION. CHURCHPLAN DOES NOT WARRANT THAT THE PLATFORM WILL MEET THE CLIENT'S SPECIFIC REQUIREMENTS OR THAT DEFECTS WILL BE CORRECTED. TO THE EXTENT PERMITTED BY APPLICABLE LAW, ALL IMPLIED WARRANTIES ARE HEREBY DISCLAIMED.

12. Limitation of Liability and Indemnification

12.1 Mutual Exclusion of Indirect Damages

To the maximum extent permitted by applicable law, neither party will be liable to the other for any indirect, incidental, special, consequential, exemplary, or punitive damages, or for loss of revenue, loss of profits, loss of business, loss of data, loss of goodwill, or reputational harm, arising out of or related to this Agreement, even if the other party has been advised of the possibility of such damages.

12.2 Data Loss Exclusion — Conditional on Backup Compliance

Neither party shall be liable to the other in respect of any loss or corruption of any data, database, or software. Notwithstanding the foregoing, this exclusion shall not protect ChurchPlan from liability for data loss or corruption unless ChurchPlan has fully complied with its backup obligations as set out in Schedule B. Where ChurchPlan has failed to maintain required backups and Client Data is lost or corrupted as a direct result of that failure, ChurchPlan's liability for such loss shall be subject to the aggregate liability cap in Section 12.3 rather than this exclusion, and the exclusion of indirect damages in Section 12.1 shall not apply to such claim.

12.3 Aggregate Liability Cap

To the maximum extent permitted by applicable law, each party's total aggregate liability arising out of or related to this Agreement — whether in contract, tort (including negligence), breach of statutory duty, or otherwise — will not exceed the total Fees paid or payable by the Client to ChurchPlan in the twelve (12) months immediately preceding the event giving rise to the claim.

12.4 Exceptions to Limitations

The limitations in Sections 11.1 and 11.3 do not apply to: (a) either party's obligation to pay amounts due under this Agreement; (b) either party's breach of its confidentiality obligations; (c) the Client's indemnification obligations under Section 12.6; (d) damages arising from gross negligence or willful misconduct; (e) death or personal injury caused by negligence; or (f) any other liability that cannot be excluded or limited under applicable law.

12.5 ChurchPlan Indemnification

ChurchPlan will defend, indemnify, and hold the Client harmless from and against third-party claims, damages, and costs (including reasonable legal fees) arising from: (a) the Platform infringing a third party's intellectual property rights; or (b) ChurchPlan's gross negligence or willful misconduct. ChurchPlan's indemnification obligations are conditioned on the Client: (i) promptly notifying ChurchPlan in writing of the claim; (ii) giving ChurchPlan sole control of the defense and settlement; and (iii) providing reasonable cooperation. If the Platform is or is likely to be found to infringe, ChurchPlan may, at its option: modify the Platform to be non-infringing; obtain a license; or terminate the Agreement and refund prepaid Fees for unused subscription periods.

12.6 Client Indemnification

The Client will defend, indemnify, and hold ChurchPlan (and its officers, directors, employees, and agents) harmless from and against third-party claims, damages, and costs (including reasonable legal fees) arising from: (a) the Client's breach of this Agreement; (b) Client Data infringing or misappropriating any third-party right; (c) the Client's unlawful collection or use of Personal Information; (d) the Client's fundraising activities, charitable receipting practices, or financial administration; (e) the Client's events, activities, and programs; (f) the Client's non-compliance with applicable law; or (g) unauthorized use of the Platform by the Client's Authorized Administrators. ChurchPlan will promptly notify the Client of any indemnifiable claim and will provide reasonable cooperation.

13. Audit Rights and Compliance

13.1 Client Access to Logs and Reports

ChurchPlan will make available to the Client, through the Platform's administrative interface, access logs showing administrative actions taken within the Client's account, donation transaction records, and other records relevant to the Client's compliance and audit obligations. The Client is responsible for maintaining its own records as required by applicable law.

13.2 ChurchPlan Audit Rights

ChurchPlan reserves the right to audit the Client's use of the Platform upon reasonable written notice (not less than five (5) business days) to verify compliance with this Agreement, including the license restrictions in Section 2.2 and the acceptable use requirements in Section 2.5. Any such audit will be conducted during normal business hours, will not unreasonably disrupt the Client's operations, and will be conducted no more than once per year absent a specific compliance concern.

13.3 Regulatory Cooperation

Each party will cooperate in good faith with the other's reasonable requests for information or assistance in connection with regulatory audits, government inquiries, or legal proceedings relating to the Platform or Client Data. Costs associated with regulatory cooperation beyond normal administrative support may be addressed by the parties in a separate written agreement.

14. Insurance

14.1 Client Insurance

Throughout the Subscription Term, the Client will maintain, at its own expense: (a) commercial general liability insurance covering bodily injury, property damage, and personal injury with limits of not less than CAD $2,000,000 (or local equivalent) per occurrence; (b) cyber liability and data breach insurance with limits appropriate to the Client's size and data exposure, but not less than CAD $1,000,000; and (c) any other insurance required by applicable law or reasonably required in connection with the Client's Activities administered through the Platform. Upon request, the Client will provide ChurchPlan with certificates of insurance evidencing such coverage.

14.2 ChurchPlan Insurance

ChurchPlan maintains commercial general liability, cyber liability, and errors and omissions (professional liability) insurance appropriate to a SaaS business of its size operating in the charitable and religious sector. Upon written request, ChurchPlan will provide the Client with evidence of its insurance coverage.

15. Term and Termination

15.1 Term

This Agreement commences on the Effective Date and continues for the Initial Subscription Term specified in the Order Form. Unless terminated earlier, the Agreement will renew automatically in accordance with Section 3.7.

15.2 Termination for Convenience

Either party may terminate this Agreement for convenience at the end of any Subscription Term by providing written notice of non-renewal at least sixty (60) days before the end of the then-current Subscription Term. The Client is not entitled to a refund of prepaid Fees upon a termination for convenience.

15.3 Termination for Cause

Either party may terminate this Agreement immediately upon written notice if: (a) the other party materially breaches this Agreement and fails to cure such breach within thirty (30) days of written notice specifying the breach in reasonable detail; (b) the other party becomes insolvent, makes an assignment for the benefit of creditors, or becomes subject to bankruptcy, receivership, or similar proceedings; or (c) the other party ceases to operate as a going concern.

In addition, ChurchPlan may terminate this Agreement for cause if the Client defaults on any subscription payment and fails to cure that default within fourteen (14) days of written notice from ChurchPlan. Subscription payment default is a material breach entitling ChurchPlan to terminate without any further cure period once the fourteen (14) day payment cure window has elapsed. ChurchPlan may also terminate immediately, without any cure period, if the Client is found to have been involved in, facilitated, or failed to prevent the unauthorised export, sale, or criminal misuse of Personal Information through its Platform account, in which case ChurchPlan shall preserve all audit log records for use by law enforcement or regulatory authorities.

15.4 Suspension

ChurchPlan may suspend the Client's access to the Platform (in whole or in part) without terminating this Agreement: (a) immediately, if the Client's use of the Platform poses a security risk, creates legal liability for ChurchPlan, or violates applicable law; (b) on fourteen (14) days' written notice, if the Client fails to pay undisputed Fees when due; or (c) to comply with a legal requirement or government order. ChurchPlan will restore access promptly upon resolution of the suspension cause.

15.5 Effect of Termination

Upon termination or expiry of this Agreement: (a) all licenses granted to the Client under this Agreement terminate immediately; (b) the Client must cease all use of the Platform and delete any Platform software installed on its systems; (c) Client Data will be made available for export in accordance with Section 6.7; (d) each party will promptly return or destroy the other's Confidential Information; (e) provisions that by their nature should survive termination will survive, including Sections 1, 6.7, 7, 8, 9, 10.4, 11, and 16; and (f) accrued payment obligations remain due and payable.

15.6 No Refund on Termination for Client Cause

If this Agreement is terminated by ChurchPlan for cause pursuant to Section 16.3, the Client will not be entitled to a refund of any prepaid Fees. If this Agreement is terminated by the Client for cause pursuant to Section 16.3, ChurchPlan will refund a pro-rated portion of any prepaid Fees for the remaining unused Subscription Term following the effective termination date.

16. Governing Law and Dispute Resolution

16.1 Governing Law

This Agreement is governed by and construed in accordance with the laws of the Province of Ontario and the federal laws of Canada applicable therein, without regard to conflict-of-laws principles. The United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement.

16.2 Dispute Resolution — Negotiation

In the event of any dispute, controversy, or claim arising out of or relating to this Agreement, the parties will first attempt to resolve the matter through good-faith negotiation between senior representatives of each party. Either party may initiate this process by delivering written notice to the other describing the dispute in reasonable detail. The parties will have thirty (30) days from such notice to reach a negotiated resolution, unless they agree in writing to extend this period.

16.3 Mediation

If the dispute is not resolved through negotiation within the period specified in Section 16.2, the parties agree to submit the dispute to non-binding mediation administered by a mediator agreed upon by the parties, or if no agreement is reached within ten (10) business days, appointed by the ADR Institute of Canada. Mediation costs will be shared equally. Either party may withdraw from mediation at any time after the first mediation session.

16.4 Arbitration

If the dispute is not resolved through mediation, it will be finally resolved by binding arbitration administered by the ADR Institute of Canada (or a successor body) in accordance with its National Arbitration Rules. The arbitration will be conducted in English, in Toronto, Ontario (or virtually if the parties agree). The arbitral award will be final and binding on both parties and may be enforced in any court of competent jurisdiction. Nothing in this section prevents either party from seeking urgent injunctive or other equitable relief from a court of competent jurisdiction where necessary to protect its interests pending arbitration.

16.5 Mandatory Local Law

Where the Client is located in a jurisdiction whose mandatory laws require disputes to be resolved in local courts or before a local administrative authority, those mandatory laws apply to the extent legally required. Nothing in this Agreement waives any right the Client may have under applicable mandatory consumer or data protection law.

17. General Provisions

17.1 Entire Agreement

This Agreement (including all Order Forms and Schedules) constitutes the entire agreement between the parties with respect to the Platform and supersedes all prior agreements, representations, negotiations, and understandings, whether oral or written. No pre-contractual representation, promise, or inducement forms part of this Agreement unless expressly included.

17.2 Amendments

No amendment to this Agreement is binding unless made in writing and signed (or electronically accepted) by authorized representatives of both parties. ChurchPlan may update the Schedules, Documentation, and policies incorporated by reference (including the Privacy Policy, DPA, SLA, and Support terms) with reasonable notice. Material changes to Schedules that adversely affect the Client's rights will require the Client's written consent or the right to terminate as provided herein.

17.3 Assignment

The Client may not assign or transfer this Agreement or any of its rights or obligations hereunder without ChurchPlan's prior written consent, not to be unreasonably withheld. ChurchPlan may assign this Agreement without consent in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets, provided the assignee assumes all of ChurchPlan's obligations under this Agreement. Any purported assignment in violation of this section is void.

17.4 Force Majeure

Neither party will be in breach of this Agreement or liable for any delay or failure in performance resulting from causes beyond its reasonable control, including natural disasters, acts of war or terrorism, epidemics or pandemics, labor disputes, acts of government, internet or utility failures, or cyberattacks by third parties. The affected party will notify the other promptly and use reasonable efforts to resume performance. If a force majeure event continues for more than ninety (90) days, either party may terminate the Agreement without liability by providing written notice.

17.5 Severability

If any provision of this Agreement is found to be invalid, illegal, or unenforceable, that provision will be modified to the minimum extent necessary to make it valid and enforceable, and the remaining provisions of this Agreement will remain in full force and effect.

17.6 Waiver

No failure or delay by either party in exercising any right or remedy under this Agreement constitutes a waiver of that right or remedy. A waiver of any breach does not constitute a waiver of any subsequent breach. No waiver is effective unless made in writing.

17.7 Relationship of the Parties

The parties are independent contractors. Nothing in this Agreement creates an agency, partnership, joint venture, employment, or fiduciary relationship between them. Neither party has authority to bind the other contractually or to incur obligations on the other's behalf.

17.8 Notices

All notices under this Agreement must be in writing and delivered by: (a) email to the address specified in the Order Form, with confirmation of receipt; (b) registered mail or courier to the address specified in the Order Form; or (c) such other means as the parties may agree in writing. Notices are effective upon confirmed receipt.

17.9 Publicity

Neither party may issue press releases, case studies, or marketing materials referencing the other party without the other's prior written consent. ChurchPlan may include the Client's name and logo on its customer list and website unless the Client opts out in writing.

17.10 Language

The parties confirm that they have requested that this Agreement and all related documents be drafted in English. Les parties confirment avoir demandé que la présente entente et tous les documents s'y rattachant soient rédigés en anglais.

17.11 Counterparts and Electronic Execution

This Agreement may be executed in counterparts, each of which is an original and all of which together constitute a single instrument. Electronic signatures (including click-through acceptance and digital signatures) are valid and binding to the fullest extent permitted by applicable law, including the Electronic Commerce Act (Ontario) and equivalent legislation.

18. Execution

Client Churches enter into this Agreement through one of two binding methods:

(a) Standard Agreement. By completing ChurchPlan's online subscription flow and accepting these Terms electronically (the "Click-Wrap Acceptance"), the Client enters into a fully binding and complete agreement governed by this MSA in its published form. No Order Form or further execution is required. The Click-Wrap Acceptance constitutes the entire agreement between the parties for all standard subscription engagements and is not provisional.

(b) Custom Agreement. Where ChurchPlan issues a custom Order Form to the Client — typically for larger churches, dioceses, multi-location organizations, or engagements requiring custom pricing or special terms — the parties execute a combined Agreement Package (comprising this MSA and the client-specific Order Form) via DocuSign or equivalent electronic signature platform. Upon execution of the Agreement Package, any prior Click-Wrap Acceptance is superseded in its entirety by the executed Agreement Package, which constitutes the complete and binding agreement between the parties.

The current version of this MSA is published at https://www.churchplan.com/master-service-agreement.

Schedule A — Data Processing Agreement (DPA)

This Data Processing Agreement ("DPA") forms part of the Master Service Agreement between ChurchPlan Inc. ("Data Processor") and the Client ("Data Controller") and governs ChurchPlan's processing of Personal Information on behalf of the Client. This DPA satisfies the requirements of GDPR Article 28, UK GDPR Article 28, and equivalent data processing agreement requirements in applicable jurisdictions.

A.1 Scope and Role

ChurchPlan processes Personal Information on behalf of the Client as a data processor, solely for the purposes of providing the Platform as described in the MSA. The Client is the data controller and determines the purposes and means of processing. ChurchPlan acts only on documented instructions from the Client, as set out in this DPA and the MSA.

A.2 Subject Matter and Duration

ChurchPlan processes Personal Information for the duration of the MSA Subscription Term, plus the post-termination data retention period described in Section 6.7 of the MSA.

A.3 Categories of Data Subjects and Personal Information

A.4 Purposes and Legal Bases

Personal Information is processed solely for the purposes set out in the MSA and this DPA, including: operating the Platform; processing donations and event payments; generating and delivering tax receipts; managing member and community records; supporting Church administrative functions; maintaining security and system integrity; and complying with legal obligations. The legal bases for processing (from the data controller's perspective) are as described in ChurchPlan's Privacy Policy, Section 5.

A.5 Processor Obligations

ChurchPlan, as data processor, will:

• process Personal Information only on the Client's documented instructions, including with regard to transfers of Personal Information to a third country or international organization;
• ensure that persons authorized to process Personal Information have committed to confidentiality or are under an appropriate statutory obligation of confidentiality;
• implement appropriate technical and organizational security measures as described in Section A.6;
• respect the conditions for engaging subprocessors set out in Section A.7;
• assist the Client in fulfilling its obligations to respond to data subject requests under applicable law, taking into account the nature of the processing;
• assist the Client with security obligations, breach notification, data protection impact assessments, and prior consultation with supervisory authorities, to the extent relevant and within ChurchPlan's control;
• at the Client's choice, delete or return all Personal Information after the end of the provision of services, and delete existing copies unless applicable law requires retention; and
• make available to the Client all information necessary to demonstrate compliance with the obligations in this DPA, and allow for and contribute to audits and inspections conducted by the Client or an auditor mandated by the Client, on reasonable advance notice.

A.6 Technical and Organizational Security Measures

ChurchPlan implements the following technical and organizational measures to protect Personal Information processed under this Agreement:

• Encryption of Personal Information in transit using TLS 1.2+ (256-bit) and at rest using AES-256 or equivalent;
• Bcrypt hashing of all user passwords — plaintext credentials are never stored or transmitted;
• Session cookies secured with HTTP-only and secure flags; token-based sessions that expire automatically and are immediately invalidated upon any change to user role or permissions;
• Role-based access controls (RBAC) with the principle of least privilege, with separate permission scopes for members, treasurers, service supervisors, and administrators;
• Email verification required before users access sensitive Platform features;
• Full data isolation at the database level — each Client's data is logically and technically separated from all other Clients;
• PCI-compliant payment processing through tokenizing third-party providers; no storage of credit card numbers or full payment credentials on ChurchPlan's systems;
• Containerized deployments on managed cloud infrastructure with automated health checks and real-time error monitoring;
• Automated daily backups with defined recovery procedures;
• Rate limiting on sensitive endpoints to prevent brute-force and abuse attacks;
• Sanitization and dedicated cloud storage of uploaded files, separate from application servers;
• Immutable audit logging of all authenticated requests, recording user identity, timestamp, action performed, and originating IP address;
• Incident response and breach notification procedures;
• Physical security controls for data centre facilities, managed by cloud infrastructure subprocessors;
• Regular vulnerability assessments and penetration testing;
• Ongoing security awareness training for personnel with access to Personal Information;
• Pseudonymization and anonymization where technically feasible and appropriate;
• Business continuity and disaster recovery procedures; and
• Alignment with the SOC 2 framework for security, availability, and confidentiality controls.

A.7 Subprocessors

The Client hereby grants ChurchPlan general written authorisation to engage third-party sub-processors to assist in the provision of the Platform, subject to the conditions in this Section A.7. ChurchPlan will notify the Client at least thirty (30) days before adding or replacing any sub-processor that processes Client Personal Data, giving the Client the opportunity to object on reasonable data protection grounds within fifteen (15) days of such notice. If the parties cannot resolve a legitimate objection, the Client may terminate this Agreement without penalty on ninety (90) days' written notice. ChurchPlan will impose data processing obligations on each sub-processor that are at least as protective as those in this DPA, and will remain liable to the Client for the performance of each sub-processor's obligations. A current list of sub-processors is available on request by contacting privacyofficer@churchplan.com.

A.8 International Transfers

Where Personal Information is transferred outside the EEA, UK, or other jurisdiction requiring transfer mechanisms, ChurchPlan will ensure that such transfers are covered by: (a) an adequacy decision; (b) Standard Contractual Clauses (EU/UK SCCs or equivalent); (c) binding corporate rules; or (d) another lawful transfer mechanism. Details of transfer mechanisms used are available from privacyofficer@churchplan.com.

A.9 Data Subject Rights Assistance

ChurchPlan will promptly notify the Client upon receiving a data subject request relating to Client Data and will assist the Client in fulfilling the request within the Client's legal response timeframe. ChurchPlan will not respond to data subject requests relating to Client Data directly without the Client's authorization, unless required to do so by applicable law.

A.10 Breach Notification

ChurchPlan will notify the Client without undue delay — and in any event within 72 hours — upon becoming aware of a personal data breach affecting Client Data. The notification will include, to the extent then known: the nature of the breach; the categories and approximate number of data subjects and records affected; the likely consequences; and the measures taken or proposed to address the breach. The Client remains responsible for notifying data subjects and supervisory authorities as required by applicable law.

Schedule B — Service Level Agreement (SLA)

B.1 Uptime Commitment

ChurchPlan will use commercially reasonable efforts to make the Platform available 99.5% of the time in each calendar month, measured on a 24/7 basis and excluding Scheduled Maintenance, Emergency Maintenance, and Excluded Downtime ("Uptime Commitment").

B.2 Definitions

B.3 Incident Response Targets

B.4 Service Credits

If ChurchPlan fails to meet the Uptime Commitment in any calendar month, the Client may request a service credit calculated as follows:

Service credits must be claimed within thirty (30) days of the end of the month in which the SLA breach occurred. Credits are applied to future invoices and are the Client's sole and exclusive remedy for SLA breaches. Service credits do not apply to free trial periods or to Downtime caused by Excluded Downtime events.

B.5 Maintenance Windows

Scheduled maintenance will typically be performed during the following low-traffic windows (Eastern Time): Weekdays: 2:00 AM – 5:00 AM ET; Weekends: 12:00 AM – 6:00 AM ET. ChurchPlan will provide at least 48 hours' notice via in-Platform notification and email for scheduled maintenance expected to cause significant disruption. Emergency maintenance may be performed at any time with notice as promptly as practicable.

B.5 Data Backup and Restoration

ChurchPlan shall maintain the following backup and restoration standards for all Client Platform Data throughout the Subscription Term:

The data loss liability exclusion in Section 12.2 of this Agreement does not protect ChurchPlan where ChurchPlan has failed to maintain backups in accordance with the standards in this Section B.5 and Client Data is lost or corrupted as a direct result of that failure.

Schedule C — Support Services

C.1 Support Tiers

ChurchPlan provides support in accordance with the tier corresponding to the Client's subscription plan, as specified in the Order Form:

C.2 Support Request Process

Support requests should be submitted through the designated support channel for the Client's tier. The Client's designated administrator(s) are the primary points of contact for support. ChurchPlan may request additional information from the Client to diagnose and resolve issues. The Client agrees to provide reasonable cooperation and access necessary for ChurchPlan to provide support.

C.3 Out-of-Scope Support

The following are outside the scope of included Support Services and may be provided for additional fees: custom development or feature development; third-party software integration beyond ChurchPlan's standard integrations; data recovery caused by Client error; training beyond the included sessions; and professional services such as data migration, custom configuration, or consulting. ChurchPlan will provide a fee estimate before undertaking any out-of-scope work.

C.4 Escalation

If the Client is not satisfied with the resolution of a support issue, it may escalate to ChurchPlan's support management team by contacting support@churchplan.com with "Escalation" in the subject line. ChurchPlan will acknowledge escalations within one (1) business day and assign a senior support representative to manage the issue.

ChurchPlan Inc. — Master Service Agreement v2.0 © ChurchPlan Inc. Confidential and Proprietary.

Last updated: April 22, 2026