Maira Service Policies Exhibit
Document Name: Maira Service Policies Exhibit Document Code: SERVICE-POLICIES Version: v2026-04-28
This Service Policies Exhibit (this Exhibit) is incorporated into the Maira Master Services Agreement and the applicable Order Form.
1. Lawful and Authorized Use
Customer and its Authorized Users may use the Services only for lawful internal business purposes and only in a manner consistent with the Agreement, the Documentation, and this Exhibit.
Customer may not, and may not permit any Authorized User or third party to, use the Services to: (a) violate any applicable law, regulation, court order, or third-party right; (b) infringe, misappropriate, or otherwise violate intellectual property, privacy, publicity, confidentiality, employment, or contractual rights; (c) transmit, store, or make available malware, spyware, ransomware, viruses, worms, Trojan horses, or any other malicious code; (d) probe, scan, test, or exploit vulnerabilities in the Services or any connected system without express written authorization; (e) interfere with, disrupt, degrade, overburden, or impair the integrity, security, or performance of the Services or any third-party environment; (f) evade authentication, security controls, usage limits, billing controls, monitoring, logging, or approval controls; (g) impersonate any person or entity, misrepresent identity, or falsify the source of information; (h) access or use the Services in a manner intended to build or support a competing product or service; or (i) use the Services in any way that could reasonably create material legal, regulatory, reputational, or security risk for Maira, its customers, or third parties.
2. Content and Data Restrictions
Customer may not use the Services to process, generate, transmit, or store: (a) unlawful content or content used for unlawful activity; (b) content that is defamatory, fraudulent, deceptive, harassing, threatening, or abusive in violation of law; (c) child sexual abuse material or other content whose possession, transmission, or processing is prohibited by law; (d) export-controlled information, sanctions-restricted data, classified government information, or similar regulated data unless expressly authorized in writing by Maira; (e) Restricted Data unless expressly approved in writing by Maira in the applicable Order Form or other signed writing; or (f) customer or third-party credentials, tokens, or secrets in a manner not reasonably necessary for the intended workflow.
Customer is responsible for ensuring that it has all rights, permissions, notices, and lawful bases necessary to submit data to the Services and to instruct the Services to interact with third-party systems or individuals.
3. AI and Agentic Use Restrictions
Because the Services may generate outputs, draft communications, assist with workflow execution, and support agentic activity, Customer may not use the Services to: (a) make fully automated high-stakes decisions about legal rights, employment, compensation, credit, insurance, housing, healthcare, education, or access to essential services without appropriate human review and legal compliance controls; (b) provide legal, accounting, investment, medical, mental health, or other regulated professional advice directly to third parties without qualified human review; (c) engage in deception, undisclosed impersonation, or the simulation of real persons in a manner that is unlawful or misleading; (d) send spam, unlawful telemarketing, unlawful robocalls, unlawful texts, or other communications in violation of marketing, privacy, or communications laws; (e) conduct unlawful surveillance, unauthorized scraping, credential harvesting, or unauthorized monitoring of communications or systems; (f) use the Services to create false evidence, fabricated business records, forged approvals, or deceptive logs; or (g) bypass or disable a human review checkpoint, approval gate, or permission boundary that is part of the Services or the customer's own control framework.
4. Third-Party Platforms and Integrations
Customer may use the Services with third-party platforms only if Customer has the right to do so and only in accordance with the applicable third-party terms. Customer may not use the Services to exceed third-party platform permissions, violate third-party platform rules, or access data that Customer is not authorized to access.
Customer remains responsible for all actions taken using Customer's integrations, accounts, credentials, APIs, or connected systems.
5. Support Framework
Maira will provide support for the Services in accordance with the support or supervision level, if any, purchased in the applicable Order Form. Support may include issue intake, troubleshooting, user guidance, commercially reasonable bug triage, and service communications.
Unless otherwise stated in the applicable Order Form, standard support is provided during Maira's normal business hours on business days. Higher-touch support, monitoring, or supervision commitments apply only if expressly purchased in the applicable Order Form.
Maira may prioritize support according to issue severity, business impact, and available information.
| Severity | General Description |
|---|---|
| Critical | A production issue materially preventing core use of the purchased Services for multiple users or materially impairing core service operations. |
| High | A significant impairment of an important function with no reasonable workaround. |
| Medium | A defect or issue that affects use but permits continued operation through a workaround or partial functionality. |
| Low | A question, cosmetic issue, documentation issue, minor defect, or enhancement request. |
Unless otherwise stated in the applicable Order Form, Maira will use commercially reasonable efforts to respond to support requests within reasonable timeframes based on severity and the purchased support profile. Any target response times discussed in sales materials, onboarding materials, or other informal communications are non-binding unless expressly stated in an Order Form.
6. Planned Maintenance and Changes
Maira may perform planned maintenance, updates, and improvements from time to time. Where reasonably practicable, Maira will use commercially reasonable efforts to provide advance notice of material planned maintenance expected to materially affect core service availability.
7. Support Exclusions
Support does not include, unless expressly purchased in the applicable Order Form or a statement of work, custom development, customer-specific workflow design beyond standard scope, third-party vendor management, data cleanup, migration work, on-site services, legal review, business process outsourcing, or strategic consulting.
8. Customer Cooperation
Customer will provide reasonably sufficient information to enable Maira to investigate and respond to issues, including relevant screenshots, examples, timestamps, user details, configuration information, and reproduction steps where available.
9. Monitoring and Enforcement
Maira may monitor use of the Services for security, integrity, support, legal compliance, and abuse prevention purposes. If Maira reasonably believes Customer has violated this Exhibit, Maira may investigate, require corrective action, remove or disable access to affected content or features, suspend access to the affected portion of the Services, or exercise any other rights available under the Agreement or applicable law.
10. No Standalone Service Credit Commitment Unless Expressly Added
This Exhibit does not create uptime guarantees, service credits, or remedies for downtime unless the applicable Order Form expressly incorporates a separate service level commitment.