MSP Terms + Conditions

Last Revised: January 28th, 2026

1. PURPOSE

Provider agrees to deliver Managed Security & Compliance Services to Client in accordance with the terms of this Agreement to support Client’s governance, risk, and compliance obligations.

2. SERVICES PROVIDED

Provider will deliver the selected Managed Services based on the selected package (Lite, Espresso, or Luxe).

For full bundle details please refer to:
https://www.grcconcierge.com/mspservices

Included Monthly Service Hours

Each program tier includes dedicated monthly hours for compliance support and advisory services:

  • Lite: 9 hours per month with a GRC Engineer

  • Espresso: 15 hours per month with a GRC Engineer

  • Luxe: 20 hours per month with a GRC Engineer and 6 hours per month with a Security Engineer

These hours are intended for flexible use across documentation, audits, vendor reviews, tooling support, and advisory tasks. Unused hours do not roll over month to month unless otherwise agreed in writing.

Additional Hours

If Client requires support beyond the included monthly service hours, additional hours may be purchased in advance as a separate bank of hours, subject to Provider availability and at Provider’s then-current rates. Purchased banks of hours shall be governed by the terms of this Agreement unless otherwise specified in writing.

Out of Scope

Any services outside the managed service offering, including internal audits, will require a separate written agreement.

Term

The initial term of this Agreement is twelve (12) months from the Effective Date (the “Initial Term”), with automatic renewal for successive twelve (12) month terms unless terminated in accordance with this Agreement.

Termination for Convenience

Provider may terminate this Agreement for convenience upon sixty (60) days’ written notice to Client. Client may not terminate this Agreement for convenience.

Termination for Cause

Either party may terminate this Agreement immediately upon written notice if the other party commits a material breach of this Agreement, including failure to meet service obligations or payment delinquency exceeding sixty (60) days.

Termination shall not relieve Client of any payment obligations accrued prior to the effective date of termination.

4. FEES & PAYMENT TERMS

Fees are payable monthly in advance under the annual agreement.

Invoices not paid within thirty (30) days of the invoice date may accrue interest at a rate of 1.5% per month, calculated monthly, until paid in full.

Provider reserves the right to suspend services for accounts materially past due.

5. CLIENT RESPONSIBILITIES

Client agrees to:

  • Provide timely access to systems, tools, and documentation required for service delivery

  • Designate a primary point of contact for compliance-related matters

  • Respond promptly to Provider requests for information, approvals, or confirmations necessary to perform the services

Delays caused by Client may impact delivery timelines and service outcomes.

6. SERVICE LEVEL OBJECTIVE (SLO)

Support Hours

Monday to Friday, 9:00 AM – 5:00 PM EST, excluding statutory holidays.

Response Times

  • High Priority (Security Incident): Response within 2 hours

  • Medium Priority (Compliance Support): Response within 1 business day

  • Low Priority (General Inquiry): Response within 2 business days

7. AUTHORIZATION TO USE THIRD-PARTY SOFTWARE TOOLS

By signing this Agreement, Client authorizes Provider to utilize trusted third-party software tools (“Authorized Tools”) to perform services under this Agreement, including but not limited to vulnerability scans, penetration tests, and related security assessments.

Provider represents that:

  • All Authorized Tools used are industry-recognized and comply with applicable data protection and cybersecurity regulations

  • Scans and tests will be conducted in a secure, controlled, and ethical manner

  • Data collected through Authorized Tools will be used solely for the purposes of delivering services under this Agreement and handled in accordance with Section 9 (Confidentiality)

Client acknowledges that some Authorized Tools may operate from cloud-based or external infrastructures and consents to such use as required for service delivery.

8. OPERATING NAME

The parties acknowledge that WCS North America Inc. is operating under the brand name “GRC Concierge” for the purposes of this Agreement. All rights, obligations, and liabilities under this Agreement shall be binding upon and enforceable against WCS North America Inc.

9. CONFIDENTIALITY

All parties agree to maintain the confidentiality of all non-public information shared during the engagement, in accordance with applicable data protection laws.

10. LIABILITY LIMITATIONS

Provider’s total liability under this Agreement shall not exceed the total fees paid by Client in the six (6) months preceding the event giving rise to the claim.

In no event shall Provider be liable for any indirect, incidental, special, or consequential damages.

11. GOVERNING LAW & DISPUTE RESOLUTION

This Agreement shall be governed by the laws of the Province of Ontario, Canada.

The parties agree to attempt to resolve any dispute arising under this Agreement through mediation prior to commencing litigation.

Upon signing of contract, the parties hereto have executed this Agreement.