Bradra LLC — SaaS Master Subscription Agreement (MSA)

1. Parties

This Master Subscription Agreement (the “Agreement”) is entered into by and between Bradra LLC, a Wyoming limited liability company with principal business address as designated on the applicable Order (“Bradra,” “we,” “us,” or “Provider”), and the entity identified in an Order that references this Agreement (“Customer”). Each a “Party,” together the “Parties.”

2. Structure; Orders

2.1 Orders. Customer may purchase subscriptions, add-ons, numbers, onboarding, or professional services via one or more written or online ordering documents issued by Bradra and accepted by Customer (each, an “Order”). Each Order is incorporated herein by reference. In case of conflict, an Order prevails over this Agreement and the DPA (Annex A) solely for the Services listed in that Order.

2.2 Term. The Agreement commences on the Effective Date (first Order date) and continues until all subscriptions hereunder have expired or been terminated. Each subscription term is stated on the Order.

2.3 Services. Bradra provides a software-as-a-service platform that synchronizes booking data from supported third-party sources and automates post-experience customer outreach and review-collection workflows through messaging channels (the “Services”). Features may evolve; materially adverse changes will be notified per §16.2.

3. Access & Use Rights

3.1 License. During a paid subscription term and subject to this Agreement, Bradra grants Customer a limited, non-exclusive, non-transferable (except as permitted in §15.4), worldwide right to access and use the Services solely for Customer’s internal business purposes and in accordance with the Documentation and Acceptable Use (§5).

3.2 Users. Access is limited to Customer’s employees and individual contractors operating under Customer’s direction (“Authorized Users”). Customer is responsible for its Users’ compliance.

3.3 Trial/Beta. Any trial, beta, or early access functionality is provided AS IS without warranty or SLA and may be discontinued at any time (§11.3).

4. Customer Responsibilities

4.1 Lawful Use; Consents. Customer is solely responsible for obtaining and documenting all notices, consents, and permissions required under applicable law (including EU/UK GDPR, e-privacy/marketing rules, consumer protection, unfair commercial practices, and telecom rules) for Bradra to process Customer Data and to send any electronic communications to end recipients. Bradra will implement and operate automatic opt-out handling and suppression list management within the Services; Customer must not override or circumvent such mechanisms and remains responsible for honoring opt-outs in any communications it sends outside the Services.

4.2 Content & Responses. Customer controls message content and any manual responses; Bradra does not moderate. Customer will ensure that communications are accurate, non-deceptive, non-harassing, and do not “review-gate” (i.e., solicit only positive reviews or steer satisfied recipients differently from dissatisfied recipients). See §5.1(j).

4.3 Accounts/Numbers. Where an Order includes procurement and management of messaging identifiers (e.g., phone numbers, SIMs, or channel accounts) on Customer’s behalf, Customer appoints Bradra as limited agent to register, configure, and administer such identifiers subject to the channel provider’s terms. Customer is the beneficial owner and bears all responsibility for use. Additional terms apply in Annex B (Channel & Number Terms).

4.4 Cooperation. Customer will provide timely access to systems, credentials (where required), and accurate booking data or API keys for supported channel managers/marketplaces. Bradra is not responsible for failures caused by Customer systems or third-party outages.

4.5 Security. Customer is responsible for securing its endpoints, login credentials, and any third-party integrations it enables. Customer must promptly notify Bradra of suspected credential compromise.

5. Acceptable Use; Platform Terms

5.1 Acceptable Use. Customer will not, and will not permit anyone to: (a) misuse the Services or interfere with their operation; (b) reverse engineer; (c) resell or provide the Services to third parties except to its own clients as part of Customer’s tour-operations business; (d) use for unlawful, harmful, or discriminatory purposes; (e) transmit malware; (f) infringe IP or privacy rights; (g) attempt to bypass rate limits or messaging policies; (h) use the Services to make emergency calls; (i) collect or process special category data unless expressly agreed in the DPA; (j) review gate or otherwise manipulate reviews, including by asking only satisfied customers to post a review, providing different review links based on sentiment, or offering incentives contingent on positive reviews; (k) send unsolicited messages absent a valid legal basis and required opt-ins/opt-outs; (l) impersonate a marketplace or platform.

5.2 Third-Party Terms. The Services interoperate with third-party platforms (e.g., WhatsApp, Viator, GetYourGuide, channel managers). Customer must comply with those platforms’ terms, policies, and rate limits. If a platform restricts or bans messaging methods used by Customer, Bradra may suspend the affected functionality to comply.

5.3 Channel Policy (WhatsApp & similar). As of the Effective Date, the Services rely exclusively on unofficial interfaces for WhatsApp personal accounts via device/SIM automation. Customer acknowledges the use of such unofficial interfaces may violate provider terms and may result in throttling, suspension, or termination by the provider. Bradra does not guarantee platform approval or continuity of such channels. Bradra currently does not offer an official Business API option under this Agreement; any future migration to an official provider would require a written amendment. See Annex B.

6. Booking Sync; Unsupported Sources; Refunds

6.1 Sync. Bradra will use commercially reasonable efforts to support booking synchronization from the sources listed on the Order or Documentation. Support may require Customer to obtain credentials or API access.

6.2 Unsupported Sources. If a stated source cannot be reasonably supported after good-faith onboarding efforts, Customer may request a pro-rated refund of subscription fees attributable to the unsupported source for the then-current term; such refund is Customer’s sole remedy. Professional services are non-refundable unless expressly stated.

7. Fees & Payment

7.1 Fees. Fees are as set forth in the Order and are all-inclusive for the subscribed plan. For clarity, messaging costs, numbers/SIMs, and channel usage are included within the applicable plan limits and are not billed separately. Excess usage beyond plan limits, if any, will follow the overage rates (if stated) or require an upgrade.

7.2 Taxes. Fees exclude taxes. Customer is responsible for VAT/GST and other taxes, duties, and telecom levies, if applicable. Where required, Bradra will collect and remit taxes and may rely on Customer-provided VAT numbers or exemption certificates.

7.3 Late Payment. Overdue amounts may accrue interest at 1.5% per month (or the maximum allowed by law), and Bradra may suspend the Services after notice.

8. Intellectual Property; Feedback

8.1 Ownership. Bradra retains all rights, title, and interest in the Services and underlying IP. No rights are granted by implication.

8.2 Customer Data. As between the Parties, Customer owns Customer Data. Customer grants Bradra a limited license to process Customer Data to provide and improve the Services and as otherwise permitted by the DPA.

8.3 Feedback. Feedback may be used by Bradra without restriction.

9. Confidentiality

Each Party will protect the other’s Confidential Information using reasonable measures and use it solely to perform this Agreement. Confidentiality obligations survive 3 years (trade secrets indefinitely).

10. Data Protection

10.1 DPA. Where Customer Data includes personal data subject to Data Protection Laws, the Data Processing Addendum in Annex A forms part of this Agreement and governs such processing.

10.2 Subprocessors & Transfers. Bradra may use subprocessors as listed in its Documentation or website. International transfers are addressed in Annex A (including EU SCCs as applicable).

11. Warranties

11.1 Mutual. Each Party represents it is duly organized and has authority to enter this Agreement.

11.2 Service Warranty. Bradra warrants the Services will materially conform to the Documentation. Customer must notify Bradra of any nonconformity within 30 days; Bradra will use reasonable efforts to remedy. If Bradra cannot remedy material nonconformity in 30 days, Customer may terminate the affected Order for a pro-rated refund of prepaid fees.

11.3 Disclaimers. Except as in §11.2, the Services and Beta/experimental features are provided AS IS. Bradra does not warrant message deliverability, response rates, platform approvals, or third-party availability. Bradra is not a marketplace operator or telecom provider.

12. Indemnities

12.1 By Bradra. Bradra will defend Customer against third-party claims alleging that the Services, as provided by Bradra (excluding Customer Data, configurations, or third-party components), infringe a third party’s IP rights, and will pay damages and costs finally awarded, provided Customer gives prompt notice and reasonable cooperation. Bradra may modify the Services or procure rights; if infeasible, Bradra may terminate the affected functionality with a pro-rated refund.

12.2 By Customer. Customer will defend Bradra against claims arising from (a) Customer Data or message content; (b) use of the Services in violation of §4–§5 or applicable law/platform terms; (c) Customer’s creation or use of messaging accounts, numbers, or SIMs; and will pay damages and costs finally awarded.

13. Limitation of Liability

13.1 Cap. Except for willful misconduct, data protection obligations with regulatory fines attributable to a Party’s breach, or indemnities, each Party’s aggregate liability under this Agreement will not exceed the fees paid or payable by Customer to Bradra for the 12-month period preceding the claim giving rise to liability.

13.2 Exclusion. Neither Party is liable for indirect, incidental, consequential, special, exemplary, or punitive damages, including lost profits, revenues, or data, even if advised of the possibility.

14. Suspension; Termination

14.1 Suspension. Bradra may suspend access immediately for (a) overdue amounts; (b) security risks; (c) suspected violations of §4–§5; or (d) third-party platform/legal requirements.

14.2 Termination for Cause. Either Party may terminate upon 30 days’ notice if the other materially breaches and fails to cure within such period. Termination for convenience is as specified on the Order.

14.3 Effect. Upon termination/expiry, Customer access ceases. Bradra will make Customer Data export available for 30 days (standard format). Sections intended to survive will survive (including §4–§5, §8–§10, §12–§16 and Annexes).

15. General

15.1 Independent Contractors. The Parties are independent.

15.2 Publicity. With consent, either Party may identify the other as a customer/provider in marketing materials.

15.3 Force Majeure. Neither Party is liable for delays due to causes beyond reasonable control.

15.4 Assignment; Change of Control. Either Party may assign this Agreement in connection with a merger, acquisition, or sale of substantially all assets, provided the assignee is not a direct competitor and assumes all obligations. Customer agrees that Customer accounts, numbers, and identifiers administered by Bradra are transferable to Customer or a successor designated by Customer upon termination or upon Customer’s written request, subject to third-party approval and payment of any transfer fees (see Annex B). Bradra may assign to an affiliate.

15.5 Notices. Notices must be in writing to the addresses in the Order and deemed given when received.

15.6 Governing Law; Venue. This Agreement is governed by the laws of the State of Wyoming, excluding conflicts of law rules, and the federal laws of the United States where applicable. Exclusive venue lies in state or federal courts located in Wyoming, USA. The U.N. Convention on Contracts for the International Sale of Goods does not apply. Data protection regulatory matters remain subject to EU/Member State law as applicable under Annex A.

15.7 Order of Precedence. Order → this Agreement → Annexes → Documentation.

15.8 Entire Agreement; Amendments. This Agreement, Annexes, and Orders constitute the entire agreement. Amendments must be in writing (including click-through updates under §16.2).

15.9 Severability; Waiver. If any provision is unenforceable, the remainder remains in effect. No waiver unless in writing.

16. Support; Changes

16.1 Support. Standard business-hours email support is included. No premium support or SLA is offered under this Agreement.

16.2 Changes. Bradra may update this Agreement and Documentation from time to time. Material adverse changes will be notified at least 30 days in advance and will not apply to then-current committed terms unless required by law or platform policy.

Annex A — Data Processing Addendum (DPA)

This DPA forms part of the Agreement when Customer Data includes personal data subject to Data Protection Laws.

A1. Definitions & Roles

Data Protection Laws means EU/EEA, UK, and Swiss data protection laws, including the GDPR and national implementations. Customer is Controller; Bradra is Processor (or Subprocessor where Customer is a Processor). Personal Data, Processing, Controller, Processor, etc., have the meanings in the GDPR.

A2. Subject Matter; Duration; Nature; Purpose; Categories; Data Subjects

  • Subject Matter/Purpose: Provision of the Services (syncing bookings; messaging automation; analytics; support; security; account administration).
  • Duration: Subscription term plus 30 days for export, then deletion.
  • Categories of Data: End-customer identifiers (name, contact details, booking metadata), messaging logs, conversation content, suppression lists, and optional segmentation data; Customer user account data. No special category data is intended.
  • Data Subjects: Customer’s end customers and Authorized Users.

A3. Processing Instructions

Bradra will process Personal Data only per Customer’s documented instructions (this Agreement, Orders, and in-app settings). Bradra notifies Customer if an instruction infringes Data Protection Laws.

A4. Security

Bradra implements appropriate technical and organizational measures (TOMs), including access controls, encryption in transit and at rest (where applicable), network segmentation, logging/monitoring, and employee confidentiality undertakings. A summary of TOMs is provided in Annex C.

A5. Subprocessors

Customer authorizes Bradra to engage subprocessors reasonably required for the Services (infrastructure, messaging, analytics, support). Bradra will impose data protection obligations substantively equivalent to this DPA and will remain responsible for subprocessors. Bradra will provide a mechanism to subscribe to subprocessor updates and an opportunity to object for reasonable grounds; if unresolved, Customer may terminate the affected Services for a pro-rated refund.

A6. International Transfers

To the extent Bradra transfers Personal Data from the EEA/UK/Switzerland to a country lacking an adequacy decision, the Parties agree the EU Standard Contractual Clauses (SCCs 2021/914) (Module 2 Controller→Processor and/or Module 3 Processor→Processor, as applicable) are incorporated by reference, including the Docking Clause. For UK transfers, the UK Addendum (IDTA/Addendum) applies. Annex I/II/III to the SCCs are populated by reference to this Annex A (A2–A4) and Annex C (TOMs) and the Order (Parties’ details). Conflicts are resolved in favor of the SCCs.

A7. Assistance; DPIAs; Requests

Bradra will assist Customer with data subject requests, security incidents, and DPIAs to the extent reasonably necessary and proportionate to the Services.

A8. (Intentionally Omitted)

A9. Deletion or Return

At termination, Bradra will delete or return Personal Data after the export window, subject to legal retention obligations.

A10. Security Incidents

Bradra will notify Customer without undue delay after becoming aware of a Personal Data Breach and will provide available information to assist Customer’s notifications/mitigation.

A11. Liability

Liability under this DPA is governed by §13 of the Agreement except where prohibited by Data Protection Laws.

Annex B — Channel & Number Terms (WhatsApp and Similar Services)

B1. Registration & Ownership. Where Bradra procures or administers messaging identifiers (e.g., SIMs, numbers, or accounts) for Customer, Bradra acts as Customer’s agent to the limited extent of registration, configuration, and maintenance. Customer remains the beneficial owner and responsible user of each identifier. Customer may request transfer at any time (fees may apply; subject to provider approval and compliance checks).

B2. Unofficial Interfaces (Exclusive Use). The Services exclusively use unofficial API or automation methods for WhatsApp personal accounts via device/SIM. Customer acknowledges potential violation of provider terms and the risk of throttling, blocking, or termination. Bradra provides no deliverability or continuity guarantee for such channels and does not offer an official Business API option under this Agreement. Any future migration to an official provider would require a written amendment.

B3. Compliance & Messaging Rules. Customer must comply with applicable platform policies (e.g., anti-spam, consent, opt-out wording, message rate limits, 24-hour session windows, and review solicitation policies). Customer will maintain evidence of lawful basis and consent. Customer must not spoof sender identity.

B4. KYC & Documentation. Providers may require business verification, IDs, or utility bills to issue or port numbers or to activate messaging. Customer will provide all requested KYC promptly. Failure to do so may delay or prevent activation.

B5. Ban Allocation & Remedies.

  • Customer-Caused Ban (Manual Messaging Misconduct). Where the primary cause is Customer’s manual message content or misuse (e.g., harassment, prohibited content, spam), Customer bears responsibility and will pay liquidated damages equal to one (1) month of subscription fees to compensate administrative costs of procuring and onboarding a replacement SIM/identifier. Bradra may, at its discretion, (i) procure a replacement after receipt of the liquidated damages, or (ii) terminate the affected subscription for cause under §14.2.
  • Bradra-Caused Ban (Automated Operations). Where the primary cause is Bradra’s automated messaging operations (excluding factors outside Bradra’s control such as provider policy changes, widespread enforcement waves, or outages), Bradra will bear responsibility by (i) pro-rating fees from the ban date until a replacement SIM/identifier is activated, or (ii) if no replacement is activated within a commercially reasonable time, permitting termination of the affected subscription with a pro-rated refund of prepaid fees.
  • Attribution. The Parties will act in good faith to determine primary cause using available logs and provider notices. If the cause cannot be reasonably determined, neither liquidated damages nor refunds are due, and the Parties will confer on a commercially reasonable path forward.

B6. Porting/Transfer. Upon termination or upon request, and subject to settlement of all fees (including any liquidated damages under B5), Bradra will cooperate to port or transfer numbers/accounts to Customer or its designee, subject to provider processes and lawful ownership proof.

Annex C — Technical & Organizational Measures (Summary)

  • Role-based access control; principle of least privilege.
  • Encryption in transit (TLS 1.2+) and at rest for primary data stores where feasible.
  • Network isolation for production services; secrets management.
  • Logging and monitoring; alerting on anomalous events; regular vulnerability patching.
  • Backups with periodic restore tests; disaster recovery objectives defined in Documentation.
  • Secure development lifecycle; code review; dependency scanning.
  • Employee confidentiality agreements; security and privacy training.

Annex D — (Intentionally Omitted)

No premium support or SLA is offered under this Agreement. Standard business-hours email support is included as set out in §16.

Schedule 1 — Definitions

  • Customer Data: Data submitted to or collected via the Services by or for Customer, including end-customer information, booking data, messages, and logs.
  • Documentation: User guides, policies, and technical documentation provided by Bradra.
  • Order: The ordering document for Services, incorporating this Agreement.
  • Personal Data: As defined by Data Protection Laws.
  • Services: The Bradra SaaS platform and related services described in §2.3 and Orders.

Schedule 2 — Onboarding & Unsupported Source Refund Workflow (Informative)

  1. Discovery & credentials collection; 2. Connection attempt(s); 3. Test sync; 4. If failure persists after reasonable efforts (e.g., 15 business days) and no viable workaround exists, Customer may elect: (a) pro-rated refund for the unsupported source; or (b) credit towards alternative channels.

Schedule 3 — Messaging Compliance Guardrails (Recommended In-Product Controls)

  • Templates are not categorized (no official WhatsApp template system is used).
  • Automatic opt-out handling and suppression lists are operated by Bradra within the Services.
  • Universal review link shown regardless of sentiment; no conditional branching to positive-only paths.
  • Rate limiting and quiet hours by recipient time zone; country-specific rulesets (e.g., France e-privacy).
  • Audit logs for message content, timing, consent provenance, and opt-out processing.