End User License Agreement
including Data Processing Agreement — Effective July 3, 2026 — Version 1.0
1. Acceptance of Agreement
This End User License Agreement (together with the embedded Data Processing Agreement at Part B, the “Agreement”) is a binding contract between Pradas.ai LLC, a Florida limited liability company with its principal place of business at 5600 Collins Ave 14E, Miami Beach, FL 33140 (“Pradas,” “we,” “us,” or “our”), and the individual or legal entity that purchases, subscribes to, accesses, or otherwise uses the Services (“Customer,” “you,” or “your”).
By (a) clicking “I Agree,” “Accept,” or a similar button presented in any Pradas.ai onboarding flow; (b) signing an order form, statement of work, or proposal that references this Agreement; (c) paying any invoice from Pradas.ai; or (d) accessing or using any portion of the Services, you represent that you have read, understood, and accepted this Agreement, and that you have authority to bind Customer to it. If you do not agree, you must not access or use the Services.
This Agreement supplements and works alongside the Pradas.ai Terms of Service published at https://go.pradas.ai/terms-of-service and the Pradas.ai Privacy Policy published at https://go.pradas.ai/privacy-policy. In the event of an irreconcilable conflict between this Agreement and those documents, this Agreement controls for paid subscribers; the Terms of Service control for visitors and unauthenticated users.
2. Definitions
“Authorized User” means an individual employee, contractor, or agent of Customer who is provisioned access to the Services under Customer’s account and within the user-seat limits of Customer’s Plan.
“AI Agent(s)” means the AI-powered features made available through the Services, including without limitation Kai (the AI voice receptionist), Conversation AI, Ask AI, Reviews AI, Funnel/Website AI, Content AI, and the Workflow AI Assistant.
“AI Output” means any content, text, audio, transcript, suggestion, summary, score, or other material generated by an AI Agent in response to inputs supplied by Customer, End Users, or Pradas.ai.
“Customer Data” means all data, content, information, and materials that Customer or its Authorized Users upload to, submit through, generate within, or otherwise provide to the Services, including business records, prompt configurations, knowledge base content, and CRM records, but excluding End User Data to the extent it relates to a natural person.
“End User” means a natural person who interacts with Customer through the Services — including without limitation callers, lead-form submitters, chat participants, SMS recipients, and appointment bookers — whose personal information is collected, stored, or processed through Customer’s account.
“End User Data” means personal information (as defined by applicable data protection law) relating to End Users that is processed through the Services.
“Order Form” means any written or electronic order, proposal, statement of work, or checkout confirmation that identifies the plan, add-ons, fees, term, and effective date applicable to Customer.
“Plan” means the subscription tier purchased by Customer, including DIY Starter, DIY Growth, DIY Pro, Managed Starter, Managed Growth, Managed Pro, the HIPAA Add-On, the SEO Website Design Add-On, the AI Employee Add-On, CRM Capacity Add-On Blocks, or any other tier or add-on offered by Pradas.ai from time to time.
“Platform” means the underlying software-as-a-service platform on which the Services are delivered, currently operated by HighLevel, Inc.
“Services” means the AI receptionist, CRM, automation, communications, configuration, hosting, support, and related services that Pradas provides to Customer under an Order Form, including all AI Agents, Customer’s sub-account on the Platform, and any deliverables produced for Customer.
“Sub-processor” means any third party engaged by Pradas to process End User Data on Customer’s behalf, as further described in Part B (Data Processing Agreement).
3. License Grant; Reservation of Rights
3.1 License to Customer.
Subject to Customer’s continued compliance with this Agreement and timely payment of all fees, Pradas grants Customer a limited, non-exclusive, non-transferable, non-sublicensable, revocable license, during the Term, to access and use the Services solely for Customer’s internal business operations and only through Authorized Users up to the seat limit of Customer’s Plan.
3.2 License to Pradas Materials.
Pradas may make available to Customer pre-built workflows, snapshots, prompt templates, knowledge base structures, AI Agent configurations, training materials, and similar assets (collectively, the “Pradas Materials”). Pradas grants Customer a limited, non-exclusive, non-transferable license to use the Pradas Materials solely within Customer’s sub-account on the Platform and solely for the purposes for which they were provided. Customer may not copy, export, redistribute, republish, or use the Pradas Materials outside the Services.
3.3 Reservation of Rights.
Except for the limited license expressly granted in this Section 3, all rights in and to the Services and Pradas Materials are reserved by Pradas and its licensors. No rights are granted by implication, estoppel, or otherwise. Customer obtains no ownership interest in the Services, the Platform, the AI Agents, or any underlying intellectual property.
4. Accounts, Authorized Users, and Access
4.1 Account Provisioning.
Pradas will provision a sub-account on the Platform for Customer. Customer is responsible for designating Authorized Users, maintaining the confidentiality of credentials, and promptly disabling access for any Authorized User who is no longer entitled to it.
4.2 Seat Limits.
Each Plan includes a stated maximum number of Authorized Users. Customer must remain within its seat limit at all times. If Customer exceeds the limit, Pradas may invoice Customer for the next higher Plan tier on a prorated basis, or suspend additional users, at Pradas’s discretion.
4.3 Security of Credentials.
Customer is responsible for all activity that occurs under its account, whether or not authorized by Customer, except to the extent caused by Pradas’s gross negligence or willful misconduct. Customer must notify Pradas without undue delay of any suspected unauthorized access.
5. Acceptable Use
Customer agrees that it will not, and will not permit any Authorized User or End User to:
- Use the Services in violation of any applicable law, regulation, court order, or third-party right.
- Use the Services to send unsolicited commercial communications, including in violation of the U.S. Telephone Consumer Protection Act (TCPA), the CAN-SPAM Act, Canada’s Anti-Spam Legislation (CASL), CTIA Messaging Principles & Best Practices, A2P 10DLC requirements, or any analogous foreign law.
- Use the Services to make calls to numbers on a do-not-call list without a documented exemption, or to record calls without making any legally required disclosure to the call participants.
- Use the AI Agents to impersonate a specific real human in a manner that is deceptive, defamatory, or that violates the rights of publicity or privacy of any person.
- Configure an AI Agent to deny that it is an AI when a counterparty directly and unambiguously asks whether they are speaking with a human or an AI, or in any jurisdiction that requires affirmative AI disclosure (including without limitation California Business and Professions Code §17941, the “Bot Disclosure Law,” where applicable).
- Upload, transmit, store, or generate any content that is unlawful, infringing, defamatory, obscene, sexually explicit involving minors, or that incites violence or unlawful discrimination.
- Upload protected health information (PHI), payment card data subject to PCI-DSS, government-issued identification numbers, or other regulated data into the Services, unless Customer has purchased the HIPAA Add-On (for PHI only) and executed any required supplemental agreements, including a Business Associate Agreement.
- Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, underlying ideas, or models of the Services, the Platform, or any AI Agent.
- Resell, rent, lease, sublicense, or provide the Services to any third party as a stand-alone offering, or operate the Services as a service bureau, except that Customer’s use of the Services to communicate with its own End Users in the ordinary course of Customer’s business is permitted.
- Use the Services to develop, train, or improve any competing AI model, voice agent, conversational agent, or CRM product.
- Introduce malware, conduct penetration testing without prior written authorization, scrape, frame, or otherwise overload the Services.
- Remove, obscure, or alter any proprietary notices in the Services or Pradas Materials.
Pradas may, at its discretion, investigate any suspected violation of this Section 5 and suspend or terminate access in accordance with Section 8.
6. Fees, Billing, and Refunds
6.1 Fees.
Customer will pay the fees set forth in the applicable Order Form or, if no Order Form is in place, the fees published on the Pradas.ai pricing page at the time of subscription. Fees are quoted in U.S. Dollars and are exclusive of taxes, which Customer is responsible for except for taxes on Pradas’s net income.
6.2 Billing Cycle.
Subscription fees recur monthly in advance on the same calendar day each month (or the next available billing day if the date does not exist in a given month). Setup fees, where applicable, are billed once at the start of the Term and are non-refundable once configuration work has commenced. Pay-per-usage charges accrue as incurred and are billed in the following billing cycle.
6.3 Payment Method.
Customer authorizes Pradas (and its payment processors) to charge the payment method on file for all amounts due. Failed payments may result in suspension of Services after five (5) business days’ notice, and unpaid balances may bear interest at the lesser of 1.5% per month or the maximum rate permitted by law.
6.4 Refunds.
Except where expressly stated otherwise in this Agreement or required by applicable law, all fees are non-refundable. Cancellation by Customer prior to the next renewal date will stop future charges but will not entitle Customer to a refund of fees already paid.
6.5 Pricing Changes.
Pradas may modify the fees for any Plan with at least thirty (30) days’ prior notice. Changes take effect on Customer’s next renewal. Existing Customers in good standing will be grandfathered at their then-current Plan pricing until any modification permitted by this Section.
7. Free Trial
From time to time, Pradas may offer a free trial of a specific Plan (currently, a fourteen (14) day free trial on DIY Starter). During the trial period, the Services are provided AS-IS, without warranty of any kind, and Pradas may limit functionality, volume, or duration. Unless Customer cancels before the end of the trial period, Customer’s payment method will be charged the recurring fee for the selected Plan. Free trials are limited to one per Customer and per organization; multi-trial use is grounds for suspension.
8. Term, Renewal, Cancellation, and Termination
8.1 Term.
Except as otherwise stated in an Order Form, each Plan is sold on a month-to-month basis. The “Term” begins on the Effective Date of the Order Form and continues until terminated by either party in accordance with this Section.
8.2 HIPAA Add-On Term.
The HIPAA Add-On requires a minimum twelve (12) month commitment, or annual prepay at the published prepay rate. Termination during the HIPAA term is permitted only for material breach by Pradas not cured within thirty (30) days of written notice, or as required by law.
8.3 SEO Website Design Add-On.
The setup fee for the SEO Website Design Add-On is non-refundable once design or development work begins. The monthly maintenance portion is month-to-month and may be cancelled with written notice.
8.4 Cancellation by Customer.
Customer may cancel a month-to-month Plan at any time via written notice to hello@pradas.ai (or as otherwise instructed by Pradas). Cancellation takes effect at the end of the then-current billing cycle. Customer remains responsible for fees through the effective date of cancellation, including any usage-based charges that have accrued.
8.5 Termination for Cause.
Either party may terminate this Agreement immediately upon written notice if the other party (a) materially breaches this Agreement and fails to cure the breach within thirty (30) days of written notice (or ten (10) days for non-payment); (b) becomes insolvent, makes an assignment for the benefit of creditors, files for bankruptcy protection, or ceases business operations; or (c) engages in conduct that, in the non-breaching party’s reasonable judgment, exposes the other party to legal liability.
8.6 Suspension.
Pradas may suspend access to the Services, in whole or in part, without prior notice if Pradas reasonably believes that (a) Customer is in violation of Section 5 (Acceptable Use); (b) Customer’s use threatens the security, availability, or integrity of the Services or the Platform; (c) Pradas is required to do so by law, regulator, telecommunications carrier, or court order; or (d) Customer’s account is more than ten (10) days delinquent.
8.7 Effect of Termination.
Upon any termination or expiration of this Agreement: (i) all licenses granted to Customer immediately terminate; (ii) Customer’s access to the Services will be disabled; (iii) Pradas will make Customer Data and End User Data available for export in a commercially reasonable format for a period of thirty (30) days following the effective date of termination, after which Pradas may delete such data in accordance with Part B; and (iv) any provisions that by their nature should survive termination — including Sections 3.3, 5, 6 (for accrued amounts), 9.1, 9.5, 12, 13, 14.3, 15, 16, 17, 18, and 19, and Part B as applicable — will survive.
9. AI Services — Specific Terms
9.1 Nature of AI Output.
AI Output is generated by probabilistic machine learning models. It can be inaccurate, incomplete, misleading, biased, or unsuitable for a given purpose. Pradas does not warrant that AI Output is accurate, error-free, fit for any particular purpose, or compliant with any specific law applicable to Customer’s industry. Customer is solely responsible for reviewing AI Output before relying on it for any consequential decision, and for ensuring that AI Output communicated to End Users is appropriate, accurate, and lawful.
9.2 Configuration Responsibility.
Customer is responsible for the prompts, knowledge base content, scripts, and configurations applied to AI Agents in Customer’s account (whether configured by Customer directly under a DIY Plan, by Pradas under a Managed Plan, or by Customer following Pradas’s recommendations). Customer must review and approve configurations before they are deployed to live communications with End Users. On Managed Plans, Pradas’s configuration work is performed at Customer’s direction and on Customer’s behalf.
9.3 Voice Cloning and Persona.
If Customer enables a custom-voice AI Agent or uploads voice samples for voice-clone training, Customer represents and warrants that it has obtained all necessary written consents from any individuals whose voice is captured, and that such use complies with all applicable biometric privacy laws (including the Illinois Biometric Information Privacy Act, Texas CUBI, Washington HB 1493, and analogous statutes). Customer will indemnify Pradas against any claim arising from a failure to obtain such consents.
9.4 AI Disclosure.
Customer will comply with any applicable law or regulation requiring disclosure that a communication is generated by an AI system, including by configuring AI Agents to truthfully identify themselves as AI on direct inquiry. Pradas’s default Kai configuration truthfully identifies itself as an AI assistant when asked; Customer is responsible for adding any affirmative up-front disclosure required by Customer’s jurisdiction or industry.
9.5 Ownership of AI Output.
As between Pradas and Customer, and subject to any third-party AI provider terms, Customer owns the AI Output generated specifically in response to Customer’s inputs through Customer’s account. Pradas makes no representation that AI Output is original, unique, or non-infringing, and similar or identical output may be generated for other customers.
9.6 Model Improvement.
Pradas does not use Customer Data or End User Data to train general-purpose AI models for the benefit of third parties. To the extent any Sub-processor offers a model-training opt-out, Pradas will exercise it for Customer’s account by default. See Part B, Section B.6 for the current Sub-processor list and known data-handling practices.
10. Customer Responsibilities for Telephony, SMS, and Email
10.1 Consent.
Customer is solely responsible for obtaining and documenting all consents required by applicable law before initiating outbound calls, SMS messages, or email communications to End Users, including prior express written consent where required for marketing communications, and for honoring opt-out requests promptly.
10.2 Call Recording.
The Services record inbound and certain outbound calls. Customer is responsible for providing any disclosure required by applicable wiretap or call-recording laws, including two-party (all-party) consent jurisdictions (e.g., California, Florida, Illinois, Pennsylvania, Washington, and others). Pradas’s default Kai greeting does not include a recording disclosure; Customer must add one where required.
10.3 SMS Compliance.
Customer will (a) register and maintain its own A2P 10DLC brand and campaigns where applicable; (b) honor STOP/HELP keyword responses; (c) include the sender identity and opt-out instructions in initial and recurring messages as required by carrier rules and the CTIA Messaging Principles & Best Practices; (d) not send SHAFT-restricted content (Sex, Hate, Alcohol, Firearms, Tobacco) without all required approvals; and (e) not send content classified as prohibited by the underlying telecommunications carriers or messaging aggregators.
10.4 Email Compliance.
Customer will comply with the CAN-SPAM Act, CASL (where applicable), and any other applicable email marketing law, including by providing accurate sender identification, a functional unsubscribe mechanism, and a valid postal address.
10.5 Indemnity for Compliance Failures.
Customer’s failure to comply with this Section 10 is grounds for immediate suspension and a basis for Customer’s indemnification obligations in Section 15.
11. Third-Party Services and Platform
11.1 The Platform.
The Services are delivered through the Platform operated by HighLevel, Inc. Customer’s use of the Services is subject to the Platform’s own terms of service, acceptable use policy, and privacy policy, copies of which are available from Pradas on request. The Platform is responsible for storage, telephony routing, and a number of underlying technical functions; Pradas does not control the Platform and is not liable for outages, defects, or changes in the Platform that are outside Pradas’s reasonable control.
11.2 Third-Party Telephony.
Outbound and inbound calls, SMS messages, and number provisioning are handled through one or more telecommunications providers (currently Twilio and/or LeadConnector through the Platform). Carrier-imposed surcharges, regulatory fees, and pass-through costs are billed at cost or at Pradas’s standard usage rate, as applicable.
11.3 Third-Party AI Providers.
AI Agents are powered by one or more third-party AI/LLM providers, including those listed in Part B.6, as updated from time to time. Pradas will use commercially reasonable efforts to select providers whose terms permit Pradas to deliver the Services consistent with this Agreement; however, those providers’ terms (including data handling, content policies, and acceptable use) apply in addition to this Agreement.
11.4 Integrations.
If Customer enables an integration with a third-party application (e.g., Facebook Lead Ads, Google Calendar, Stripe, Zapier), Customer authorizes Pradas to exchange data with that third party on Customer’s behalf to deliver the requested functionality. Pradas is not responsible for the practices of any third party.
12. Intellectual Property and Feedback
12.1 Pradas IP.
Pradas (and its licensors, including the Platform operator) own all right, title, and interest in and to the Services, the Platform, the AI Agents, Pradas Materials, and all related software, models, prompts, workflows, snapshots, configurations, trade secrets, and other intellectual property. Nothing in this Agreement transfers any of those rights to Customer.
12.2 Customer Data.
Customer retains all right, title, and interest in and to Customer Data and End User Data, subject to the licenses granted in Part B (Data Processing Agreement) and elsewhere in this Agreement. Customer grants Pradas a worldwide, non-exclusive, royalty-free license to host, copy, transmit, display, process, and otherwise use Customer Data and End User Data solely (a) to provide and improve the Services for Customer, (b) to enforce this Agreement, and (c) as required by law.
12.3 Feedback.
If Customer provides Pradas with suggestions, ideas, enhancement requests, or other feedback, Pradas may use that feedback without restriction, attribution, or compensation. Feedback is not Confidential Information of Customer.
12.4 Aggregated and De-identified Data.
Pradas may generate aggregated, anonymized, and de-identified data and metrics derived from Customer’s use of the Services for the purposes of operating, improving, securing, marketing, and analyzing the Services, provided that such data does not identify Customer, any Authorized User, or any End User.
13. Confidentiality
13.1 Definition.
“Confidential Information” means any non-public information disclosed by one party to the other in connection with this Agreement that is identified as confidential at the time of disclosure or that, given the nature of the information and the circumstances of disclosure, should reasonably be understood to be confidential. Confidential Information includes pricing, technical specifications, the structure of Pradas Materials, and Customer Data.
13.2 Obligations.
The receiving party will (a) use Confidential Information only to perform under this Agreement; (b) protect Confidential Information using the same degree of care it uses to protect its own confidential information (and in no event less than a reasonable standard of care); and (c) limit access to its employees, contractors, and agents who need it and who are bound by confidentiality obligations no less protective than those in this Section.
13.3 Exceptions.
Confidential Information does not include information that (i) is or becomes publicly available without breach of this Agreement; (ii) was rightfully known to the receiving party prior to disclosure; (iii) is rightfully obtained from a third party without restriction; or (iv) is independently developed without use of or reference to the disclosing party’s Confidential Information.
13.4 Compelled Disclosure.
The receiving party may disclose Confidential Information to the extent required by law, provided that, where legally permitted, it gives the disclosing party prompt notice and reasonable cooperation to seek a protective order.
14. Warranties; Disclaimers
14.1 Mutual Warranties.
Each party represents and warrants that (a) it has full power and authority to enter into and perform this Agreement; and (b) its performance will not violate any other agreement to which it is a party.
14.2 Customer Warranties.
Customer further represents, warrants, and covenants that (a) it owns or has all necessary rights and consents in and to Customer Data and End User Data to upload, transmit, and process such data through the Services; (b) it will use the Services only in accordance with this Agreement and all applicable laws; (c) it has all consents required by Section 10 (Telephony, SMS, Email) and Section 9.3 (Voice Cloning); and (d) it will not include in any AI Agent prompt, knowledge base, or configuration any content that infringes a third party’s intellectual property, publicity, or privacy rights.
14.3 Disclaimer.
EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE SERVICES, THE PLATFORM, THE AI AGENTS, AI OUTPUT, AND PRADAS MATERIALS ARE PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. PRADAS DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. PRADAS DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, SECURE, OR ERROR-FREE, THAT DEFECTS WILL BE CORRECTED, OR THAT ANY SPECIFIC BUSINESS RESULT WILL BE ACHIEVED.
15. Indemnification
15.1 Indemnification by Customer.
Customer will defend, indemnify, and hold harmless Pradas, its affiliates, and their respective officers, directors, employees, and agents from and against any third-party claims, losses, liabilities, damages, fines, penalties, costs, and expenses (including reasonable attorneys’ fees) arising out of or relating to (a) Customer Data or End User Data, including any allegation that Customer’s processing of such data through the Services violates law or the rights of a third party; (b) Customer’s violation of Sections 5, 9.3, 10, or 14.2; (c) any communication initiated through Customer’s account, including telephone calls, SMS messages, or emails; (d) any allegation that the configuration, prompts, or content Customer supplies to an AI Agent is unlawful, infringing, or otherwise wrongful; and (e) Customer’s use of the Services in violation of this Agreement.
15.2 Indemnification by Pradas.
Pradas will defend, indemnify, and hold harmless Customer from and against any third-party claim alleging that the Services as provided by Pradas (excluding Customer Data, End User Data, Customer configurations, third-party components, AI Output, and any combination of the Services with other products or services not provided by Pradas) infringe a U.S. patent, copyright, or trademark. This is Pradas’s sole liability and Customer’s exclusive remedy for any claim of infringement.
15.3 Procedure.
The indemnified party must (a) promptly notify the indemnifying party in writing of the claim; (b) give the indemnifying party sole control of the defense and settlement, provided that no settlement may impose obligations on the indemnified party without its written consent; and (c) provide reasonable cooperation, at the indemnifying party’s expense.
16. Limitation of Liability
16.1 Exclusion of Indirect Damages.
TO THE FULLEST EXTENT PERMITTED BY LAW, NEITHER PARTY WILL BE LIABLE TO THE OTHER FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR FOR ANY LOSS OF PROFITS, REVENUE, GOODWILL, DATA, OR BUSINESS OPPORTUNITY, ARISING OUT OF OR RELATING TO THIS AGREEMENT, REGARDLESS OF THE THEORY OF LIABILITY AND EVEN IF THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
16.2 Cap on Direct Damages.
EACH PARTY’S TOTAL CUMULATIVE LIABILITY ARISING OUT OF OR RELATING TO THIS AGREEMENT WILL NOT EXCEED THE AMOUNTS PAID OR PAYABLE BY CUSTOMER TO PRADAS UNDER THIS AGREEMENT DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM. THE FOREGOING CAP DOES NOT APPLY TO (A) CUSTOMER’S PAYMENT OBLIGATIONS; (B) CUSTOMER’S INDEMNIFICATION OBLIGATIONS UNDER SECTION 15.1; OR (C) A PARTY’S FRAUD, GROSS NEGLIGENCE, OR WILLFUL MISCONDUCT.
16.3 Allocation of Risk.
The parties agree that the limitations in this Section 16 reflect a reasonable allocation of risk and that, without them, the fees for the Services would be substantially higher.
17. Governing Law; Dispute Resolution
17.1 Governing Law.
This Agreement is governed by the laws of the State of Florida, without regard to its conflict-of-laws principles. The United Nations Convention on Contracts for the International Sale of Goods does not apply.
17.2 Venue.
Subject to Section 17.3, the parties consent to the exclusive jurisdiction and venue of the state and federal courts located in Miami-Dade County, Florida for any dispute arising out of or relating to this Agreement, and each party waives any objection to personal jurisdiction or forum non conveniens.
17.3 Binding Arbitration; Class Waiver.
Any dispute, controversy, or claim arising out of or relating to this Agreement — except for (a) claims for injunctive or equitable relief, (b) claims of intellectual property infringement or misappropriation, and (c) claims within the jurisdiction of small-claims court — will be finally resolved by binding arbitration administered by the American Arbitration Association under its Commercial Arbitration Rules, by a single arbitrator, seated in Miami-Dade County, Florida. Judgment on the award may be entered in any court of competent jurisdiction. EACH PARTY WAIVES ANY RIGHT TO A JURY TRIAL AND TO PARTICIPATE IN ANY CLASS, COLLECTIVE, OR REPRESENTATIVE ACTION. Each party bears its own attorneys’ fees except where the arbitrator or applicable law provides otherwise.
17.4 Injunctive Relief.
Notwithstanding the foregoing, either party may seek temporary or preliminary injunctive relief in any court of competent jurisdiction to protect its intellectual property or Confidential Information.
18. Notices
All notices under this Agreement must be in writing. Notices to Pradas must be sent to hello@pradas.ai with a copy mailed to 5600 Collins Ave 14E, Miami Beach, FL 33140. Notices to Customer may be sent to the email address on file for Customer’s account or to the billing contact named on the most recent Order Form. Notices are deemed given on the day of email delivery (absent bounce or error) or three business days after mailing.
19. Miscellaneous
19.1 Entire Agreement.
This Agreement, together with any Order Form, the Pradas.ai Terms of Service, and the Pradas.ai Privacy Policy, constitutes the entire agreement between the parties regarding its subject matter and supersedes all prior or contemporaneous agreements, proposals, or representations, written or oral.
19.2 Order of Precedence.
In the event of conflict, the order of precedence is: (1) any executed Business Associate Agreement (for PHI processed under the HIPAA Add-On); (2) any signed Order Form; (3) this Agreement, including Part B; (4) the Pradas.ai Terms of Service; and (5) the Pradas.ai Privacy Policy.
19.3 Modifications.
Pradas may modify this Agreement from time to time. Material changes will be posted at https://pradas.ai/legal/eula (or such other URL as Pradas designates) and Customer will be notified by email at least thirty (30) days before the effective date. Continued use of the Services after the effective date constitutes acceptance.
19.4 Assignment.
Customer may not assign or transfer this Agreement, in whole or in part, without Pradas’s prior written consent. Pradas may assign this Agreement in connection with a merger, acquisition, reorganization, or sale of substantially all of its assets without consent.
19.5 Independent Contractors.
The parties are independent contractors. Nothing in this Agreement creates a partnership, joint venture, agency, fiduciary, or employment relationship.
19.6 Force Majeure.
Neither party will be liable for any delay or failure to perform (other than payment obligations) caused by events beyond its reasonable control, including acts of God, war, terrorism, civil unrest, government action, labor disputes, fires, floods, epidemics, internet or telecommunications failures, and acts or omissions of upstream providers, including the Platform operator and AI/LLM providers.
19.7 Severability.
If any provision of this Agreement is held unenforceable, that provision will be modified to the minimum extent necessary to make it enforceable, and the remaining provisions will continue in full force and effect.
19.8 No Waiver.
A party’s failure to enforce any provision is not a waiver of its right to do so later.
19.9 Export and Sanctions.
Customer represents that it is not located in, and will not use the Services in, any country subject to U.S. embargo, and that it is not listed on any U.S. government list of restricted or denied parties.
19.10 Headings.
Section headings are for convenience only and do not affect interpretation.
PART B — DATA PROCESSING AGREEMENT
This Data Processing Agreement (the “DPA”) is incorporated into and forms part of the End User License Agreement between Pradas and Customer. It governs Pradas’s processing of personal information on Customer’s behalf in connection with the Services. Capitalized terms not defined here have the meanings given in the main body of the Agreement.
B.1 Definitions for this DPA
“Applicable Data Protection Law” means all data protection and privacy laws applicable to a party’s processing of personal information under this DPA, including, as applicable: the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the “CCPA/CPRA”); the EU General Data Protection Regulation (Regulation (EU) 2016/679, the “GDPR”); the UK GDPR and Data Protection Act 2018; the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”), where applicable; the U.S. Telephone Consumer Protection Act (“TCPA”); and applicable U.S. state privacy laws (including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and others).
“Controller” means the entity that determines the purposes and means of processing personal information. With respect to End User Data, Customer is the Controller (or “Business” under CCPA/CPRA).
“Personal Information” means any information that identifies, relates to, describes, or could reasonably be linked to an identified or identifiable natural person, and includes “personal data” (GDPR) and “personal information” (CCPA/CPRA).
“Processor” means an entity that processes Personal Information on behalf of a Controller. With respect to End User Data, Pradas is the Processor (or “Service Provider” under CCPA/CPRA).
“Processing” means any operation performed on Personal Information, including collection, recording, storage, retrieval, use, disclosure, transmission, and deletion.
“Security Incident” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information processed under this DPA. A “Security Incident” does not include unsuccessful attempts to penetrate computer defenses that do not result in actual access (e.g., pings, scans, port probes).
B.2 Roles of the Parties
Pradas acts as a Processor (and, under CCPA/CPRA, a “Service Provider”) to Customer with respect to End User Data. Customer acts as the Controller (or “Business”) for End User Data and is solely responsible for determining the lawfulness, purposes, and means of processing, including establishing a valid legal basis for processing and providing required notices to End Users.
Pradas may also act as an independent Controller for certain limited Personal Information processed for its own purposes — for example, account contacts, billing contacts, support communications, and analytics relating to use of the Services by Authorized Users — as described in Pradas’s Privacy Policy. This DPA does not apply to that limited controller-to-controller processing.
B.3 Scope and Subject Matter of Processing
B.3.1 Subject Matter.
Processing of End User Data necessary to provide the Services to Customer, including AI receptionist, AI chat, CRM, automation, telephony, messaging, appointment scheduling, and reporting.
B.3.2 Duration.
The duration of the Agreement (including any post-termination data retention period described in Section 8.7 of the main Agreement and Section B.9 of this DPA).
B.3.3 Nature and Purpose of Processing.
Hosting; capturing inbound and outbound communications (voice, SMS, email, web chat); transcription; AI-generated response drafting and execution; storage in the CRM; routing to workflows; transmission to integrated third-party services authorized by Customer; analytics and reporting; security and abuse-prevention monitoring.
B.3.4 Categories of Data Subjects.
End Users of Customer, which may include leads, prospects, customers, suppliers, and other contacts of Customer’s business; Customer’s Authorized Users; and any natural persons whose information is uploaded to or generated within Customer’s account.
B.3.5 Categories of Personal Information.
- Identifiers: name, phone number, email address, mailing address.
- Communications: call audio recordings, call transcripts, SMS message content, email content, chat messages, voicemail.
- Commercial information: appointment bookings, service interests, lead source, purchase history (if tracked by Customer).
- Inferences and AI-derived data: lead scoring, sentiment, AI summaries, and other AI Output relating to a person.
- Technical data: IP address, browser type, device information, page interactions (collected in connection with forms and web chat).
- Special categories (only if the HIPAA Add-On is purchased and a BAA is executed): protected health information, as further described in Section B.10.
Customer will not submit, and Pradas does not knowingly process: financial account numbers, government-issued identification numbers, biometric identifiers (except where Customer has enabled voice cloning and provided consents in accordance with Section 9.3 of the main Agreement), precise geolocation, or personal information of children under 13.
B.4 Customer Obligations as Controller
- Customer will (a) establish a valid legal basis for each processing activity it directs Pradas to perform; (b) provide and maintain accurate privacy notices to End Users; (c) obtain and document all required consents (including TCPA prior express written consent for marketing calls and SMS, CASL consent where applicable, and call-recording consent in two-party states); (d) honor data subject rights requests and forward to Pradas any requests requiring Pradas’s assistance; and (e) instruct Pradas in writing if it requires specific processing restrictions beyond those provided in the Services by default.
- Customer warrants that its instructions to Pradas (whether given through configuration of the Services or otherwise) comply with Applicable Data Protection Law and do not require Pradas to violate any such law.
B.5 Pradas Obligations as Processor
B.5.1 Documented Instructions.
Pradas will process End User Data only on documented instructions from Customer. This Agreement, the Order Form, and Customer’s use of the configuration controls available in the Services constitute Customer’s documented instructions. Pradas will inform Customer if, in its opinion, an instruction violates Applicable Data Protection Law.
B.5.2 Confidentiality.
Pradas will ensure that personnel authorized to process End User Data are subject to a duty of confidentiality.
B.5.3 Security.
Pradas will implement and maintain appropriate technical and organizational measures designed to ensure a level of security appropriate to the risk, including (where applicable to data processed directly by Pradas): encryption of Personal Information in transit; access controls and role-based permissions; logging and monitoring; secure software development practices; vendor risk management; and personnel training. Many of these controls are implemented by the Platform; Pradas will rely on the Platform’s certifications and contractual commitments where appropriate.
B.5.4 No Sale or Sharing.
Pradas will not (a) sell or share (as those terms are defined under CCPA/CPRA) End User Data; (b) retain, use, or disclose End User Data outside of the direct business relationship with Customer; or (c) use End User Data to train general-purpose AI models for the benefit of third parties. Pradas certifies that it understands the restrictions in this Section and will comply with them.
B.5.5 Assistance with Data Subject Rights.
Taking into account the nature of the processing, Pradas will provide reasonable assistance to enable Customer to respond to verifiable requests from data subjects to exercise their rights of access, correction, deletion, portability, restriction, objection, and similar rights under Applicable Data Protection Law. Where the Services include self-service controls (e.g., the ability to delete a contact or export contact data), Customer will use those controls in the first instance.
B.5.6 Assistance with DPIAs and Regulator Engagement.
Pradas will provide Customer with reasonable assistance, at Customer’s cost, in fulfilling Customer’s obligations to conduct data protection impact assessments and to engage with supervisory authorities.
B.6 Sub-processors
B.6.1 General Authorization.
Customer authorizes Pradas to engage Sub-processors to process End User Data, subject to the terms of this Section.
B.6.2 Sub-processor Obligations.
Pradas will impose, through a written contract, data protection obligations on each Sub-processor that are no less protective than those in this DPA, and will remain liable to Customer for the acts and omissions of its Sub-processors as if they were its own.
B.6.3 Current Sub-processors.
As of the Effective Date, Pradas engages the Sub-processors listed below. This list reflects, and is kept consistent with, the Platform operator’s published sub-processor list at https://www.gohighlevel.com/sub-processors. The current Pradas list is maintained at https://pradas.ai/legal/subprocessors.
B.6.4 Updates to the Sub-processor List.
Pradas will provide Customer with at least thirty (30) days’ advance notice of any addition or replacement of a Sub-processor by updating the list above and notifying Customer (by email to the account contact and/or by posting to https://pradas.ai/legal/subprocessors). Customer may object in writing within fifteen (15) days of notice on reasonable data-protection grounds. If the parties cannot resolve the objection in good faith, Customer may terminate the affected Services without penalty by giving written notice within thirty (30) days; this is Customer’s sole remedy for a sub-processor objection.
B.7 International Data Transfers
Where Pradas transfers End User Data originating in the European Economic Area, the United Kingdom, or Switzerland to a recipient in a country that has not received an adequacy decision, the parties agree to rely on (a) the Standard Contractual Clauses adopted by the European Commission (Module 2 — Controller to Processor — or Module 3 — Processor to Sub-processor — as applicable); (b) the UK International Data Transfer Addendum to the EU SCCs; and (c) the Swiss Federal Data Protection and Information Commissioner’s approved clauses, as applicable. These transfer mechanisms are incorporated by reference into this DPA and will apply with Pradas as “data importer” and Customer as “data exporter.”
B.8 Security Incidents
Pradas will notify Customer without undue delay, and in any event within seventy-two (72) hours, after becoming aware of a Security Incident that affects Customer’s End User Data. The notice will include, to the extent then known, the nature and likely impact of the incident, categories and approximate number of data subjects and records affected, measures taken to mitigate, and a point of contact. Pradas will provide reasonable updates as the investigation progresses. Notification by Pradas is not an acknowledgment of fault or liability.
B.9 Return and Deletion of Data
Within thirty (30) days after termination or expiration of the Agreement, and at Customer's written request: (a) Pradas will make Customer Data and End User Data available for export in a commercially reasonable format; and (b) Pradas will, except to the extent retention is required by law or for the establishment, exercise, or defense of legal claims, delete or anonymize Customer Data and End User Data from systems under Pradas's direct control, and instruct Sub-processors to do the same. Backup copies on standard rotation schedules may persist for an additional period until naturally overwritten; such backups remain subject to the confidentiality and security obligations in this DPA.
B.10 Special Provisions for Protected Health Information (HIPAA Add-On)
Customer must not submit protected health information ("PHI," as defined under HIPAA) to the Services unless (a) Customer has purchased the HIPAA Add-On and is current on all fees; (b) the parties have executed a Business Associate Agreement ("BAA") substantially in Pradas's standard form; and (c) Customer has completed the compliance scoping call described in the pricing documentation. The BAA, once executed, governs PHI processing and, with respect to PHI only, supersedes any conflicting provisions of this DPA. Pradas reserves the right to refuse to onboard PHI or to suspend processing if Customer attempts to submit PHI without a current BAA in place.
B.11 Records and Audits
Pradas will maintain records of its processing activities sufficient to demonstrate compliance with this DPA and Applicable Data Protection Law. Upon reasonable advance written notice and no more than once per twelve-month period (unless required by a regulator), Pradas will make available to Customer information reasonably necessary to demonstrate compliance, which may include third-party audit reports (such as SOC 2 or ISO 27001 reports relating to Pradas or the Platform). On-site audits by Customer are not contemplated; if Applicable Data Protection Law strictly requires one, the parties will agree on a scope and schedule that respects the security and continuity of the Services, with audit costs borne by Customer.
B.12 CCPA / CPRA Service Provider Terms
With respect to Personal Information that constitutes "personal information" under CCPA/CPRA, Pradas is a "Service Provider" to Customer (the "Business"), and Pradas:
- Will process such Personal Information solely for the "business purposes" of providing the Services as set out in this Agreement;
- Will not "sell" or "share" such Personal Information;
- Will not retain, use, or disclose such Personal Information outside the direct business relationship between Pradas and Customer, except as permitted by CCPA/CPRA;
- Will not combine such Personal Information with personal information received from other sources, except as permitted by CCPA/CPRA;
- Will notify Customer if Pradas determines it can no longer meet its obligations under CCPA/CPRA, and will permit Customer to take reasonable steps to stop and remediate unauthorized use; and
- Will provide assistance reasonably necessary for Customer to respond to verifiable consumer requests under CCPA/CPRA.
B.13 Order of Precedence within the DPA
In the event of a conflict within this DPA, the following order of precedence applies: (1) the executed BAA (for PHI only); (2) the Standard Contractual Clauses and any UK Addendum (for transfers governed by GDPR/UK GDPR); (3) the body of this DPA; and (4) the main Agreement.