DOVE COMMUNICATIONS, INC.
Service-Specific Terms
Version 1.0 • Effective Date: February 1, 2026 • CSLB #715876 | BSIS ACO #8206 | CPUC U-1772-C / DVF
1. Purpose and Relationship to Other Documents
These Service-Specific Terms supplement the applicable Master Services Agreement between Dove Communications, Inc. (“Dove”) and the customer identified in the applicable Quote, Order Form, Statement of Work, or similar ordering document (“Client”).
This document contains multiple service-specific sections. Only the sections applicable to the services purchased by Client under the applicable Quote apply to Client’s purchase and use of the Services.
These Service-Specific Terms are intended to allocate service-line-specific operational, legal, and risk responsibilities. They apply only to the applicable service category and do not expand Dove’s liability beyond the liability limitations, disclaimers, exclusions, and risk allocations set forth in the Master Services Agreement, unless Dove expressly agrees otherwise in a writing signed by Dove.
If there is a conflict among the governing documents, the following order of precedence will apply unless the Quote expressly states otherwise:
1. the applicable Quote / Order Form / Statement of Work;
2. these Service-Specific Terms, but only for the applicable service category;
3. the Master Services Agreement; and
4. Dove’s then-applicable Privacy Policy and other incorporated policies, to the extent relevant.
Capitalized terms not defined in this document have the meanings given in the Master Services Agreement.
2. General Cross-Service Provisions
2.1 Third-Party Dependencies
Many Services depend on third-party carriers, licensors, software publishers, cloud providers, monitoring centers, manufacturers, internet providers, platform operators, and other upstream vendors. Client acknowledges that Dove may resell, facilitate, configure, administer, or support such third-party services without being the direct provider of those underlying services.
By way of non-exhaustive example only, Third Party Providers used or facilitated by Dove in the delivery of Services may include, depending on the Services purchased:
• Telecom, VoIP, SIP, and Carrier Services: AT&T, Verizon, T-Mobile, Spectrum, Comcast/Xfinity, Cox, Frontier, Lumen / Level 3, Cogent, Starlink, Google Fiber, BigLeaf, Cloudflare, Bandwidth, Twilio, Sangoma, VoIP Innovations, BCM One, NetSapiens, ClearlyIP, Clearfly, SIPtrunk, RingCentral, Nextiva, Dialpad, Vonage, GoTo / Jive, 8×8, Intermedia, Five9, SkySwitch, SIPPIO, Sinch, ThinQ, Crown Castle, CSI Compliance Solutions (VoIP tax/regulatory remittance), and similar carriers, SIP/VoIP providers, SBC providers, 10DLC and SMS aggregators, number registries, and messaging-platform vendors;
• VoIP Phones, Endpoints, and Audio: Yealink, Polycom / HP Poly, Grandstream, Fanvil, Cisco, Avaya, Mitel, NEC, Sangoma, Wildix, Jabra, Logitech, Crestron, Q-SYS, Sonos, Valcom (paging), and similar telephony hardware, headset, paging, and conferencing manufacturers;
• Security, Surveillance, Access Control, Alarm, and Monitoring: Brivo, Alarm.com, Honeywell / Resideo, Johnson Controls / Tyco / Software House (C•CURE), HID Global, Allegion, Paxton, DoorKing, QuickPass, IQ / Qolsys, ButterflyMX, Swiftlane, 2N, Single Wire, ADT, Rapid Response, CMS (Central Monitoring Service), TMS (Total Monitoring Service), Allied Monitoring, CHeKT, Dynamark, NMC, Verkada, Yale (smart locks), Eagle Eye Networks, Avigilon, Axis, Hanwha Vision, Genetec, Geovision, Lorex, LT Security (LTS), Panasonic, Sony, Uniview / UNV, Turing Vision, ExacqVision, Eclipse Surveillance, Open Eye, Ring, DoorBird, Holovision, Deep Sentinel, CHeKT, and similar access-control, intrusion-alarm, life-safety-signal, central-monitoring, camera, NVR, video-surveillance, and AI-video-analytics providers;
• Network, Firewall, Wi-Fi, and Wireless: Cisco, Cisco Meraki, SonicWall, Fortinet, Palo Alto Networks, Watchguard, Checkpoint, Ubiquiti / UniFi / UISP, Aruba, Netgear, Linksys, Araknis Networks (SnapOne), OvrC, WattBox, Hostifi, For2Fi, Zyxel, and similar network, firewall, switch, router, access point, and wireless infrastructure providers;
• Productivity, Cloud, and Software Subscriptions: Microsoft (Microsoft 365 / Office 365, Azure, Azure DevOps, OneDrive, SharePoint, Teams, Skype, Authenticator, Bitlocker, NCE licensing), Google (Google Workspace, Google Cloud Platform), Apple (Apple Business Manager), Adobe, AWS, Otava, US Signal, Cox Edge, UBX Cloud, Right Networks, Citrix, VMware / Broadcom, Synology / Synology C2, ESXi, and similar productivity, IaaS, PaaS, SaaS, and cloud subscription providers;
• Cybersecurity, Endpoint, Email, and Awareness: SentinelOne, Sophos, Huntress, Webroot, Trend Micro, Symantec / Broadcom, Microsoft Defender, Bitdefender, Guardz, Mesh Security, Cyberguard 360, Barracuda, Proofpoint, Mailprotector, OpenText, Cisco Umbrella, OpenDNS, DNS Filter, SafeDNS, Cloudflare, JumpCloud, Auth0, LastPass, 1Password, Passportal, Authanvil / Kaseya MFA, ID Agent (Dark Web ID), KnowBe4 (where applicable), and similar EDR / XDR, SOC / MDR, email-security, DNS-filtering, identity, MFA, password-management, and security-awareness-training providers;
• MSP Tooling, RMM, Backup, and Disaster Recovery: ConnectWise (Manage / Automate / Control / ScreenConnect / SIEM), Datto, Kaseya / Kaseya 365, NinjaOne, N-able / N-central, Continuum, Auvik, Domotz, Site24x7, Uptime Robot, Sentry, ScalePad, IT Glue, Hudu, ITBOOST, Veeam, Macrium, Acronis, BitTitan, Skykick, AnyDesk, TeamViewer, LogMeIn / GoTo, RapidFire Tools, and similar RMM, PSA, documentation, monitoring, observability, backup, replication, and BDR providers;
• AI, Machine Learning, and Automated Services: OpenAI (ChatGPT and APIs), Anthropic (Claude), Microsoft Copilot, Google Gemini / DeepMind, Perplexity, Read AI, Retell AI, Synthesia, Resplendent Data, AWS Bedrock, and similar AI / ML / generative-AI / transcription / video-analytics / automated-decision-support providers;
• Hardware Manufacturers and Distributors: Dell, HP / HPE, Lenovo, Apple, Intel, Samsung, Western Digital, Crucial / Micron, Synology, CyberPower, TrippLite / Eaton, APC / Schneider, Brother, Lexmark, Sharp, Xerox, Toshiba, Epson, Ingram Micro, TD SYNNEX / Tech Data, ScanSource, D&H, ADI Global, Anixter, Graybar, Wesco, Jenne, B&H, Microcenter, NewEgg Business, PAX8, Brooklyn Low Voltage Supply, TeleDynamics, VoIP Supply, Vertical Cable, FS.com, and similar hardware manufacturers, distributors, and resellers;
• Web, Hosting, DNS, and Email-Delivery: GoDaddy, Network Solutions, Register.com, Wix, WordPress / Automattic, Cpanel, Exact Hosting, Rackspace, DYN / Oracle DNS, SSLs.com, SMTP2Go, SendGrid (Twilio), eFax, Pangea, OpenText, Mailchimp (only when deployed for Client), and similar domain, DNS, hosting, SSL, SMTP, and email-delivery providers when deployed for Client’s benefit.
Vendor List Is Illustrative; Subject to Change. The above list is illustrative only and not exhaustive. Dove may add, remove, replace, substitute, or change any Third Party Provider, product, platform, model, or vendor at any time, in Dove’s sole discretion, and without amendment to this document, the Master Services Agreement, or any Quote, provided that the change does not materially diminish the Services that Dove is contractually obligated to provide. The actual Third Party Providers, products, and platforms used for Client’s specific Services will be those reflected in the applicable Quote, ticket, work order, or operational records, and may change over the course of the engagement. Naming or omitting a specific provider in this section does not create any commitment to use, retain, or refrain from using that provider, and does not limit the scope of Section 7.4 (Pass-Through Charges and Price Increases) of the Master Services Agreement, which applies to all Third Party Provider charges regardless of whether the provider is listed above. Dove’s internal back-office tools (including accounting, marketing, payment processing, financing, internal collaboration, and similar tools that do not directly deliver Services to Client) are not included in this list and are not Third Party Providers for purposes of this section.
Unless Dove expressly agrees otherwise in writing:
• Third-party services are provided on an as available and as provided by the applicable upstream provider basis;
• Dove does not control third-party availability, routing, coverage, response times, policy changes, feature changes, or service discontinuation;
• Third-party provider terms, policies, end user license terms, acceptable use rules, carrier requirements, and operational limitations may apply;
• Dove may pass through third-party fees, surcharges, carrier charges, usage-based charges, regulatory recovery fees, licensing fees, and similar charges as permitted under the Master Services Agreement and applicable Quote.
Third-Party Carriers, Master Agents, and Upstream Providers. Telecom, internet, VoIP, SMS, cybersecurity, help desk, cloud, software, subscription, and carrier-related services may be provided or fulfilled through one or more Third-Party Providers, including carriers, aggregators, master agents, distributors, software vendors, security vendors, cloud providers, help desk providers, and channel marketplaces.
Client understands that Dove may recommend or facilitate Third-Party Services based on Client’s stated needs, available provider options, pricing, service availability, provider requirements, and Dove’s business judgment. Dove may receive compensation from one or more Third-Party Providers or channel partners in connection with those Third-Party Services. Client is encouraged to review the applicable Third-Party Provider’s terms and may request additional information regarding the role Dove is playing in a particular transaction.
Dove does not control Third-Party Providers and is not responsible for their network availability, service quality, installation intervals, dispatch windows, circuit delivery, number porting delays, support responsiveness, cybersecurity performance, help desk performance, cloud uptime, software functionality, product roadmap, provider-imposed fees, or service changes. Any credits, remedies, refunds, service levels, or warranties for Third-Party Services are limited to those actually offered by the applicable Third-Party Provider and passed through to Client by Dove where available.
The inclusion of any provider in this illustrative list does not mean that Dove currently resells, supports, recommends, or maintains an active relationship with that provider for every customer or every service. The actual provider(s) applicable to Client’s Services are those identified in the applicable Quote, invoice, service record, provider portal, or operational documentation.
Certain products, manufacturers, or platforms may be restricted or prohibited for use in government, federally funded, critical infrastructure, NDAA-covered, or other regulated projects. Client is responsible for notifying Dove in writing before order placement if Client is subject to NDAA, FAR, DFARS, grant, public works, procurement, cybersecurity, or supply-chain restrictions. Dove is not responsible for selecting products that satisfy such restrictions unless those requirements are expressly disclosed in writing and incorporated into the Quote.
Dove may recommend Third Party Providers, products, or services based on information available to Dove at the time, Client’s stated requirements, provider availability, commercial terms, technical compatibility, and Dove’s business judgment. Dove does not guarantee that any recommended provider, product, platform, carrier, software, subscription, hardware, or service will be the lowest cost, continuously available, error-free, uninterrupted, fully secure, or suitable for all of Client’s business, legal, regulatory, insurance, or technical requirements.
Dove’s recommendations, referrals, quotes, and provider comparisons are provided for Client’s convenience and are not fiduciary, financial, procurement, legal, or regulatory advice. Client remains responsible for selecting the provider, platform, and services that meet its business, legal, regulatory, financial, and technical needs.
2.2 Customer Responsibilities
Client is responsible for:
• Reviewing each Quote for service scope and assumptions;
• Maintaining accurate account, contact, escalation, and location information;
• Obtaining and maintaining all required notices, authorizations, disclosures, postings, and consents for its use of the Services;
• Providing a suitable site environment, electrical power, internet connectivity, network readiness, and physical access as required for the applicable Services;
• Maintaining commercially reasonable insurance appropriate to its business, premises, personnel, data, and selected Services.
2.3 No Expansion of Professional or Regulatory Obligations
Unless expressly stated in a Quote, Dove does not provide legal advice, regulatory compliance advice, engineering-of-record services, licensing advice, or certification that Client’s use of any Service complies with law. Client remains solely responsible for its own compliance obligations, including those relating to privacy, telecom, emergency communications, recording, surveillance, biometrics, labor and employment, data protection, accessibility, marketing, consumer protection, professional or occupational licensing, site-specific permits, and industry-specific rules. If Services are used, installed, monitored, administered, or accessed across multiple jurisdictions, Client is solely responsible for determining whether any permit, registration, filing, consent, or in-state or out-of-state business, contractor, alarm, guard, monitoring, telecom, or other professional license is required for Client’s intended use or operation. Dove makes no representation that any Service is available, lawful, or sufficient for use in every jurisdiction or that Dove, any subcontractor, or any upstream provider holds any license or registration except to the extent expressly stated in a Quote or required on a non-waivable basis by applicable law.
A. Telecom / VoIP / SMS Terms
A.1 Scope
This Section applies to services involving voice, hosted or cloud telephony, VoIP, SIP, messaging, SMS, MMS, numbers, porting, call recording, campaigns, contact-center communications, softphones, mobile apps, and related telecom or messaging functionality.
A.2 VoIP Is Not Traditional Telephone Service
Client acknowledges that internet-based and cloud-based voice services differ from traditional wireline telephone service and may not function in the same manner as a traditional landline.
Without limitation:
• Emergency calling functionality may differ from traditional 911 service;
• Physical location may not be automatically detected or correctly routed;
• Service may depend on internet connectivity, local networking, electrical power, compatible devices, registered location data, and third-party carrier systems;
• Service may be interrupted, delayed, degraded, filtered, blocked, or unavailable.
A.3 E911 and Registered Location Obligations
Client is solely responsible for:
• Registering and maintaining an accurate physical service location, and where applicable a sufficiently specific dispatchable location, for each applicable device, user, softphone, extension, or endpoint requiring E911 support;
• Promptly updating registered location information before any move, relocation, reconfiguration, change in service use location, change in floor, suite, room, or similar dispatchable-location detail, or change affecting a nomadic, mobile, or remote user;
• Ensuring that each user understands how E911 works, how to place an emergency call, any required prefix or direct-dial method, any on-site notification workflow, and the limitations of the applicable configuration;
• Providing Dove written notice of location changes, user changes, deployment changes, and requested testing at least three (3) business days before the applicable change or at least three (3) business days before any anticipated move, relocation, or reconfiguration, or as otherwise required by Dove or the underlying provider.
• Complying with all applicable direct-dialing, on-site notification, dispatchable location, multi-line telephone system, and related emergency-calling obligations, including requirements associated with Kari’s Law, RAY BAUM’s Act, FCC rules, state utility requirements, and similar laws, to the extent applicable to Client’s environment, devices, locations, and use cases;
Client acknowledges that:
• E911 functionality may not work correctly unless the registered address is accurate and current;
• A 911 call may be routed to the wrong location, a non-staffed line, an administrative line, or a call center that does not receive correct location information;
• Emergency responders may be sent to the registered address rather than the caller’s actual location;
• E911 may not be available outside the United States or in every usage scenario;
• Softphones, virtual numbers, customer-provided devices, or unsupported devices may not support E911 at all.
• After initial activation and after any address change for Dove-provided VoIP services, verifying the correct emergency address is on file by dialing 933 from the registered device. Dialing 933 is a non-emergency test call that confirms the address information associated with the line. Dove is not responsible for E911 failures where Client has not verified its registered address using the 933 test.
Dove does not warrant that any configuration, device, softphone, MLTS, notification workflow, direct-dialing setup, dispatchable-location record, testing protocol, or emergency-calling setup satisfies all requirements of Kari’s Law, RAY BAUM’s Act, FCC rules, state utility requirements, building requirements, or other applicable law unless expressly stated in a Quote.
For covered California telecom or interconnected VoIP Services, Dove Communications, Inc. operates under California Public Utilities Commission Utility ID 1772, Utility Type DVF. Client acknowledges that California-specific taxes, surcharges, public purpose program charges, 911-related charges, communications-program charges, and other utility or regulatory assessments may apply to covered Services and may be billed or passed through as permitted under the Master Services Agreement and applicable Quote. Client shall provide such service-location, end-user, and usage information as may be reasonably requested to support California regulatory, taxation, surcharge, emergency-calling, or service-registration requirements applicable to the covered Services.
Dove will configure emergency-calling features in accordance with the applicable Quote and the information provided by Client. Client remains responsible for providing complete and accurate location and user information, maintaining current records, and ensuring that its premises, users, devices, and operations comply with applicable emergency-calling requirements.
A.4 Power, Internet, Suspension, and Outage Limitations
Client acknowledges that voice and emergency calling functionality may fail or become impaired due to:
• Power failure;
• Internet or broadband outage;
• LAN, Wi-Fi, router, firewall, switching, or ISP failures;
• Account suspension or termination;
• Platform outages;
• Congestion, latency, or routing issues;
• Customer-side misconfiguration or relocation;
• Number-porting issues;
• Third-party carrier or regulatory issues.
Client must maintain alternative means of requesting emergency assistance and must not rely on VoIP or related services as the sole means of contacting emergency services.
A.5 User Notice Duties
Client shall:
• Notify all employees, users, contractors, guests, tenants, and other authorized users of the limitations of VoIP and E911 functionality and of applicable emergency-calling procedures;
• Affix or maintain any required stickers, labels, signage, or notices for desk phones, common-area phones, and user devices;
• Ensure internal policies and training address emergency calling procedures and limitations.
Client shall also maintain accurate internal emergency response procedures, on-site notification contacts, and device-to-location mapping appropriate for its environment, including multi-line telephone systems, softphone deployments, hybrid work users, and nomadic users, and shall perform or cooperate with reasonable testing and validation of emergency-calling configurations as needed after moves, deployments, or material changes.
A.6 Number Porting and Number Availability
Telephone numbers, DIDs, toll-free numbers, and messaging-enabled numbers are subject to carrier availability, porting rules, account validation, ownership verification, and third-party restrictions.
Dove does not guarantee:
• That any requested number can be ported;
• The timing of porting;
• Uninterrupted service during porting;
• That a number will remain available;
• That messaging or campaign approval will continue after porting;
• That carrier records are accurate or current.
Client shall cooperate with all porting requirements and is responsible for delays, rejections, or service issues caused by incorrect account data, freezes, unauthorized ports, missing authorizations, or third-party carrier actions.
A.7 Carrier and Upstream Provider Dependencies
Telecom and messaging services may depend on one or more third-party carriers, messaging aggregators, upstream voice providers, cloud platforms, and regulatory databases.
Dove is not responsible for:
• Carrier network failures or outages;
• Spam labeling, call blocking, or call authentication failures;
• Caller ID reputation issues;
• CNAM delays or inaccuracies;
• Messaging throughput limits;
• Campaign registration delays;
• Telecom fraud caused by carrier-side vulnerabilities or third-party compromise;
• Suspension or blocking imposed by carriers or messaging providers.
A.8 Toll Fraud, Abuse, and Security
Client is responsible for securing its telecom environment, including:
• Passwords, PINs, voicemail credentials, admin credentials, and API credentials;
• User permissions and role-based access;
• International dialing restrictions and fraud controls;
• Prompt review of call records and unusual activity;
• User training to reduce phishing, vishing, smishing, social engineering, and account compromise.
Dove is not liable for toll fraud, unauthorized usage, international charges, premium charges, fraudulent messaging, or related losses except to the extent caused by Dove’s gross negligence or willful misconduct and only to the extent such liability cannot be excluded under the governing agreement.
A.9 SMS / MMS / Text Messaging / A2P / 10DLC
If Client purchases or uses any texting, messaging, campaign, or application-to-person messaging functionality, including 10DLC or similar registered messaging programs, Client acknowledges that such services are heavily dependent on carrier rules, brand and campaign registration requirements, content restrictions, consent requirements, throughput limits, vetting standards, and constantly changing industry standards.
Client is solely responsible for:
• Obtaining, documenting, and maintaining all required opt-ins, consents, and authorizations;
• Honoring STOP, HELP, unsubscribe, opt-out, and similar instructions;
• Maintaining required campaign descriptions and message samples;
• Ensuring all message content, sender identity, targeting, recipient lists, suppression practices, and calling or texting workflows comply with law and carrier rules;
• Registering brands, campaigns, numbers, and use cases where required, including 10DLC and similar registration frameworks;
• Retaining proof of consent, required disclosures, message logs as required by law, and opt-out compliance records;
• Complying with applicable marketing, autodialer, robocall, telemarketing, privacy, consumer-protection, state mini-TCPA, and messaging-program requirements.
• Promptly providing accurate business information, website information, sample messages, privacy-policy links, help and opt-out language, and other materials reasonably requested for carrier, aggregator, registry, or campaign-registration review.
Client further acknowledges and agrees that Dove does not provide legal advice regarding the TCPA, TSR, state mini-TCPA laws, CTIA guidelines, carrier or aggregator rules, 10DLC requirements, registry requirements, SHAFT or other prohibited-content categories, or campaign eligibility. Client is solely responsible for determining whether each message, campaign, workflow, number, and use case is lawful and properly registered before transmission.
A.10 Prohibited Messaging and Communications Content
Client shall not use the Services to transmit, facilitate, or support:
• Unlawful, deceptive, fraudulent, misleading, or impersonation-based communications;
• Spam or unsolicited messages;
• Prohibited campaign categories;
• Phishing, smishing, malware, or credential-harvesting content;
• Harassing, abusive, discriminatory, defamatory, or threatening content;
• Content that violates carrier rules, platform policies, or acceptable use requirements;
• Content requiring special approvals that have not been obtained.
Dove may suspend, limit, reject, disable, or terminate messaging or telecom services if Dove or an upstream provider believes, in good faith, that Client’s traffic, content, or usage violates law, policy, security requirements, or carrier rules.
A.11 Carrier Filtering, Blocking, Suspension, and Campaign Review
Client acknowledges that calls and messages may be:
• Filtered;
• Delayed;
• Blocked;
• Mislabeled as spam;
• Rate-limited;
• Suspended;
• Rejected during campaign review or re-review.
Dove does not guarantee campaign approval, throughput, delivery, inbox placement, routing, message completion, sender verification, or number reputation. Carrier, aggregator, registry, or platform fees, surcharges, fines, penalties, review fees, re-registration fees, throughput charges, brand or campaign vetting fees, and similar third-party charges related to messaging services, including 10DLC and similar programs, may be passed through to Client as permitted under the Master Services Agreement and Quote, whether imposed before, during, or after activation, transmission, suspension, appeal, reinstatement, or re-review.
Messaging services are not guaranteed to be continuously available or suitable for time-sensitive, emergency, life-safety, fraud-alert, one-time-password, multi-factor-authentication, or other high-risk communications unless expressly stated in a Quote. Registration approval, throughput, number reputation, sender verification, and delivery outcomes may change at any time based on carrier, aggregator, registry, handset, platform, or anti-abuse decisions outside Dove’s control. Carriers, aggregators, registries, and platform providers may suspend, block, throttle, de-register, reject, or permanently disable campaigns, numbers, sender identities, use cases, or messaging functionality at any time, with or without advance notice, based on their policies, vetting decisions, content reviews, complaint ratios, traffic patterns, trust scores, payment status, or legal or regulatory concerns, and Dove is not liable for such actions or for related delays in reinstatement.
A.12 Recording, Monitoring, and Consent
If Client uses call recording, voicemail transcription, AI summaries, message archiving, monitoring, analytics, or similar features, Client is solely responsible for determining whether one-party, two-party, all-party, or other consent is required in each applicable jurisdiction, including under the California Invasion of Privacy Act and comparable state wiretap, recording, workplace-monitoring, and privacy laws.
Client is solely responsible for:
• Providing all legally required notices;
• Obtaining all required consents;
• Configuring recording and retention settings appropriately;
• Determining and applying an appropriate consent standard for interstate, multi-state, mobile, remote-work, forwarded-call, and cross-border scenarios; and
• Complying with all applicable federal, state, local, labor, privacy, communications, and sector-specific rules.
Dove does not determine whether any beep tone, banner, script, pre-call announcement, user training, policy, consent workflow, retention setting, or other notice or consent mechanism used by Client is legally sufficient.
A.13 Taxes, Surcharges, and Regulatory Fees
Client shall pay all applicable:
• Telecom taxes;
• Utility-user taxes;
• 911 and 988 fees;
• Federal, state, and local surcharges;
• Universal service charges;
• Carrier cost-recovery charges;
• Regulatory recovery fees;
• Messaging registration fees;
• Porting and activation fees;
• Usage-based carrier fees;
• Similar governmental or provider-imposed charges.
Such amounts may change over time and may be passed through by Dove as permitted under the Master Services Agreement and Quote.
A.14 Telecom Acceptable Use
Client shall not use telecom or messaging Services:
• In violation of law or regulation;
• To evade carrier rules or traffic restrictions;
• For traffic pumping, robocall abuse, snowshoeing, spoofing, phishing, or unlawful campaign activity;
• For emergency, life-critical, or high-risk applications where service interruption could reasonably result in death, personal injury, or major property damage, unless expressly agreed by Dove in writing.
B. Security / Alarm / Access Control / Video Monitoring Terms
B.1 Scope
This Section applies to alarm systems, intrusion systems, fire-related signal handling where applicable, access control, cameras, video surveillance, video verification, interactive video monitoring, remote viewing, monitoring services, cloud video, cloud access systems, AI-enabled analytics, environmental monitoring, and related physical-security services.
B.2 No Guarantee; Not Insurance
Dove is not an insurer. The Services are not insurance and are not a substitute for insurance.
Client acknowledges that:
• No alarm, surveillance, access control, video analytics, AI, or monitoring solution can guarantee prevention, detection, interruption, or elimination of all incidents, losses, crimes, intrusions, emergencies, or safety events;
• Systems and services may fail to detect, classify, identify, verify, or prevent events;
• Recordings, clips, images, signals, audio, metadata, and analytics may be incomplete, unavailable, delayed, corrupted, or unusable;
• Dispatch, intervention, and emergency response are outside Dove’s control.
Client shall maintain insurance appropriate to its premises, assets, operations, recordings, business interruption risks, cyber risks, privacy risks, and security program.
B.3 Permits, Registration, and AHJ Compliance
Client is solely responsible for:
• Obtaining and maintaining all required alarm permits, registrations, responder approvals, and site-specific authorizations;
• Complying with all AHJ requirements;
• Paying all false alarm fines, permit fees, registration fees, inspection fees, and related charges;
• Satisfying any enhanced-call-verification or video-verification requirements imposed by law enforcement or other agencies.
Dove may modify, delay, limit, or decline forms of monitoring, dispatch, verification, or response if required by law, AHJ direction, emergency responder policy, carrier constraints, or platform limitations.
For covered California alarm, monitoring, access control, CCTV, or security-related Services, Dove Communications, Inc. maintains California Alarm Company Operator licensing under BSIS ACO License No. 8206, to the extent applicable to the Services provided. Where required by applicable law, Dove personnel performing covered alarm functions will hold the applicable alarm agent registration, qualified manager association, guard card, or other registration required for their assigned role. Upon written request, and to the extent required or permitted by law, Dove will identify applicable licensing or registration information for covered Services.
California contractor licensing information for covered installation, cabling, low-voltage, integration, service, repair, or similar construction-related work, where applicable, is as follows: Dove Communications, Inc. California Contractors State License Board license number: 715876. Client acknowledges that the scope of work authorized under such license may depend on the specific services, trade classification, site conditions, and applicable law, and Dove does not provide legal advice regarding permit, design-professional, or trade-classification requirements for Client’s project.
B.3A Fire and Life-Safety Limitations
Dove does not provide fire alarm, fire life-safety, sprinkler monitoring, elevator emergency communication, or other regulated life-safety services unless expressly stated in a Quote and only to the extent Dove or the applicable Third Party Provider holds the required license, registration, or authorization. Any references to emergency, alarm, or life-safety-related functionality in these Terms or in a Quote apply only to the specific Services expressly purchased and do not expand Dove’s licensing, monitoring, inspection, testing, or code-compliance obligations.
B.4 Alarm, Monitoring, and Video Surveillance Liability Cap
To the fullest extent permitted by law, and notwithstanding anything to the contrary in the Master Services Agreement or any Quote except to the extent a Quote expressly states a lower cap for the applicable Service, for any claim, loss, damage, or liability arising out of or relating to alarm Services, monitoring Services, video surveillance Services, video verification, remote guarding, dispatch handling, signal transmission, event response, cloud recording, remote viewing, access control, or related physical-security Services, Dove’s aggregate liability shall not exceed the lesser of (a) the total amount of recurring service fees actually paid by Client to Dove for the affected Service during the three (3) months immediately preceding the event giving rise to the claim, or (b) $2,500; provided that if no recurring service fee applies to the affected Service, Dove’s liability for that Service will be limited to $1,000. This cap applies regardless of the theory of liability and specifically applies to claims involving missed signals, failed or delayed notification, failed or delayed dispatch, false alarm handling, failed video capture or retention, failed recording or playback, communication pathway failure, equipment failure, cloud or monitoring-center outage, responder action or inaction, and alleged failure of the Services to prevent or reduce loss, damage, injury, or interruption.
Client acknowledges that the fees charged for the applicable alarm, monitoring, and video-related Services are based on the limited liability set forth in these Service-Specific Terms, that Dove is not an insurer and is not assuming responsibility for the nature or extent of any loss or injury that may occur, and that Client has the option to obtain broader protection through insurance maintained by Client.
B.5 False Alarms, Misuse, and Customer Responsibility
Client is responsible for:
• All false alarms caused by misuse, poor training, environmental conditions, configuration choices, or customer-side actions;
• All fines, penalties, and fees arising from false alarms;
• Proper user training, passwords, arming/disarming procedures, and site readiness.
Excessive false alarms, misuse, abuse, tampering, or unsafe use of the Services may constitute a material breach.
B.6 Call Lists, Contacts, and Response Protocols
Client shall provide and keep current:
• Authorized call lists;
• Emergency contacts;
• Escalation trees;
• After-hours contacts;
• Access instructions;
• Response protocols;
• Passwords, passphrases, and validation procedures;
• Opening and closing schedules where applicable.
Dove may rely on the most recent information in its records and is not responsible for delays, failed contact attempts, or incorrect outcomes caused by outdated or incomplete customer information.
B.7 Dispatch and Response Limitations
Where monitoring or event handling is included, Dove or its monitoring partners may use reasonable efforts consistent with the selected service and written response protocol, but Dove does not guarantee:
• That any signal, clip, image, audio event, or analytic event will be received;
• That an event will be correctly interpreted;
• That an emergency condition will be recognized;
• That Client or any listed contact will be reached;
• That emergency personnel will be notified;
• That emergency personnel will respond, arrive on time, or take any particular action;
• That any video, signal, or clip will satisfy verification requirements;
• That intervention or talk-down will occur or be effective.
B.8 Emergency Responder Limitations
Client acknowledges that emergency responders, law enforcement, fire departments, guard services, and other responders:
• May refuse to respond;
• May delay response;
• May require permits or enhanced verification;
• May rely on their own policies and discretion;
• May force entry or cause property damage;
• May not accept video or analytics as sufficient verification.
Dove is not liable for responder action, inaction, delay, refusal, forced entry, property damage, bodily injury, or failure to prevent loss.
B.9 Monitoring Center and Third-Party Platform Dependencies
Monitoring, cloud video, cloud recording, remote access, hosted access control, hosted analytics, mobile apps, and related functionality may depend on third-party monitoring centers, cloud platforms, recording providers, manufacturers, carriers, app providers, and other third parties.
Dove does not guarantee:
• Continuous availability of any monitoring center, cloud platform, or mobile application;
• Uninterrupted remote access or viewing;
• Successful retention, retrieval, playback, or export;
• Chain of custody;
• Evidentiary integrity;
• Compatibility with all networks or devices;
• That third-party providers will maintain features, APIs, or support.
Monitoring Event Limits and Overage Charges. Third-Party monitoring centers impose limits on the number and type of events included in the base monitoring fee for each account. Events subject to monitoring center usage limits or per-event charges may include, without limitation: alarm signals, supervisory signals, trouble signals, test signals (including 24-hour, weekly, and monthly timer tests), open/close reports, runaway or excessive repeated signals, video activations, video verification events, live talk-down sessions, dispatch requests, false alarm events, cellular data usage, data overages, and any other signal or event processed by the monitoring center or its third-party connectivity platforms.
Third-Party monitoring centers and their connectivity vendors (including but not limited to AlarmNet, Connect24, Telguard, CHeKT, Videofied, CMS, Verkada, Rapid Response, TMS (Total Monitoring Service), and similar platforms) may also impose charges for add-on services, upgraded service tiers, radio or cellular connectivity, internet monitoring, IP account monitoring, video monitoring (including per-camera and per-activation tiers), AES radio service, elevator or emergency line monitoring, interactive services, GPS tracking, data plans, and other supplemental services required to support Client’s monitoring configuration.
If Client’s monitored location generates events, activations, data usage, or service consumption exceeding the volume, tier, or allocation specified in the applicable Quote or the monitoring center’s standard included allocation, Dove may pass through to Client all additional per-event, per-signal, per-activation, per-camera, per-dispatch, data overage, tier upgrade, and other usage-based charges assessed by the monitoring center or its connectivity vendors, plus Dove’s reasonable administrative fee. Dove will use commercially reasonable efforts to notify Client of excessive event activity or data usage, but Client is solely responsible for addressing the underlying cause of excessive alarms, false alarms, runaway signals, repeated signals, or data consumption. Continued excessive event volume or data usage may result in automatic plan upgrades, monitoring center surcharges, fines, account suspension, or service restrictions imposed by the monitoring center, connectivity vendor, or applicable jurisdiction, for which Dove is not responsible.
Specific event allocations, data allowances, video activation tiers, and applicable overage rates will be set forth in the applicable Quote or communicated to Client at the time of service activation. Client acknowledges that monitoring center and connectivity vendor pricing is subject to change, and Dove may adjust monitoring-related fees in accordance with MSA §7.4 (Third-Party Price Increases and Pass-Through Charges).
Client Testing and Issue Notification. Client is solely responsible for regularly testing all alarm, monitoring, video, and security equipment to ensure proper signal transmission to the applicable monitoring center. Client must test the system promptly after initial installation, after any service, repair, reprogramming, firmware update, communication pathway change, or relocation of equipment. Client must immediately notify Dove in writing of any system malfunction, communication failure, false alarm pattern, signal transmission issue, or any condition that may affect the monitoring center’s ability to receive and process signals. Dove is not responsible for monitoring failures attributable to Client’s failure to test, maintain, or promptly report issues with the system, communication pathway, or equipment.
Monitoring Center Right to Suspend, Place on Test, or Discontinue Service. Third-Party monitoring centers reserve the right, in their sole discretion, to place any account on test mode, transition an account to a different service type, or place an account out of service if the account generates excessive, runaway, or unresolved alarm activity, false alarms, or repeated signals that are not corrected within a reasonable time after notice. Monitoring centers may also suspend or discontinue service for accounts with improper panel programming, incompatible signal formats, undefined or unrecognized signals, failed communication pathways, or non-payment by Dove attributable to Client’s non-payment. Client acknowledges that Dove has no control over the monitoring center’s decision to suspend, restrict, or discontinue monitoring for any account, and Dove is not liable for any loss, damage, or consequence arising from such suspension or discontinuation.
Monitoring Center Liability Limitations — Pass-Through. Client acknowledges that each Third-Party monitoring center operates under its own agreement with Dove, and that such agreements contain significant limitations on the monitoring center’s liability, including but not limited to: maximum liability caps (which may be as low as $500 per occurrence), broad disclaimers of warranties, exclusions of indirect, incidental, special, consequential, and punitive damages, one-year statutes of limitations for claims, releases and waivers of subrogation, indemnification obligations imposed on Dove (as the dealer), and limitations on the monitoring center’s duty to respond to, verify, or dispatch on alarm signals. These monitoring center liability limitations are incorporated by reference and pass through to Client to the same extent they apply between Dove and the monitoring center. In no event shall Dove’s liability to Client for any claim arising out of or relating to monitoring services exceed the lesser of (a) the liability cap set forth in the applicable monitoring center agreement between Dove and the monitoring center, or (b) the monitoring-related liability cap set forth in Section 24 of the MSA and this Service-Specific Terms. Client’s sole recourse for monitoring center failures is limited to any credits, remedies, or refunds that the monitoring center actually provides to Dove, which Dove will pass through to Client where available.
B.10 Communication Pathways and Infrastructure Dependencies
Security and monitoring services may depend on one or more communication pathways, including:
• Internet;
• Wired telephone;
• Cellular;
• Radio;
• Broadband;
• LAN/WAN infrastructure;
• On-premises storage or head-end equipment.
Signals, video, audio, clips, metadata, and commands may fail or degrade because of:
• Pathway outages;
• Congestion;
• Poor bandwidth;
• Weather;
• Electrical events;
• Carrier de-prioritization;
• Obsolete pathways;
• Changes in carrier or FCC requirements;
• Disabled or suspended services.
Client is responsible for paying for and maintaining required communication pathways and related services unless expressly included in a Quote.
B.11 Power, Internet, and Equipment Failure
Monitoring, recording, access control, analytics, remote access, and alarm signaling may not function during:
• Power failures;
• Battery failures;
• Internet Service Provider (ISP) outages;
• Local network outages;
• Switch, router, firewall, or server failures;
• Cloud outages;
• Storage failures;
• Customer-side reconfiguration;
• Equipment tampering;
• Environmental interference.
B.12 Cameras, Video, Audio, Recording, and Privacy
Client is solely responsible for:
• Lawful camera placement;
• Lawful audio use, recording, interception, transcription, monitoring, and analytics;
• Appropriate signage and disclosures;
• All required notices and consents for video, audio, recording, monitoring, analytics, biometric, and related processing;
• All employment, workplace, visitor, tenant, and consumer notices;
• Avoiding use where a person has a reasonable expectation of privacy;
• Ensuring the Services are not used for unlawful surveillance, discrimination, harassment, invasion of privacy, or other unlawful purposes.
If Client operates across multiple states or jurisdictions, Client is solely responsible for determining which notice, consent, labor, tenant, biometric, surveillance, recording, or privacy rules apply at each site and for each monitored interaction.
Dove does not determine whether Client’s use of cameras, audio, video, analytics, biometrics, or recordings complies with law.
B.13 Cloud Retention, Export, and Evidentiary Limitations
Unless expressly stated in a Quote:
• Retention periods and cloud availability are not guaranteed;
• Export, retrieval, and playback success are not guaranteed;
• Chain of custody is not guaranteed;
• Recordings may not be complete or admissible;
• Metadata and timestamps may vary;
• Cloud retention may depend on subscription level, bandwidth, health of local devices, storage availability, vendor policy, account status, and vendor-side deletion or overwrite practices.
Dove is not responsible for loss of evidentiary value, inability to export, inability to retrieve or play back recordings, overwritten data, vendor-deleted data, incomplete clips, or failure of law enforcement, insurers, employers, or courts to accept any recording or analytic output.
B.14 AI Analytics and Event Classification
Security-related analytics, image review, filtering, automation, and AI-enabled features may generate:
• False positives;
• False negatives;
• Hallucinations;
• Misclassifications;
• Delayed or inconsistent outputs.
Such tools may assist with event review or workflow but do not guarantee:
• Correct identification;
• Prevention of loss;
• Dispatch;
• Deterrence;
• Intervention;
• Evidentiary sufficiency.
B.15 Access Control Credentials and Identity Administration
Client is responsible for:
• Issuing, revoking, and managing cards, fobs, mobile credentials, PINs, access groups, schedules, and permissions;
• Protecting credentials from misuse;
• Promptly removing access for terminated or unauthorized persons;
• Validating identity and authority of all users;
• Maintaining accurate door schedules and user lists.
Dove is not liable for unauthorized use caused by lost credentials, customer-side access decisions, tailgating, piggybacking, credential sharing, or failure to revoke access.
B.16 Site Conditions and Customer Environment
Client shall provide and maintain a suitable environment for the Services, including:
• Adequate lighting;
• Clear camera views;
• Sufficient bandwidth;
• Suitable storage;
• Environmental protection;
• Secure head-end or equipment areas;
• Lawful premises access;
• Unobstructed mounting locations;
• Reasonable maintenance of the premises.
Outdoor and harsh-environment deployments are inherently affected by lighting, weather, glare, dust, insects, vibration, temperature swings, humidity, and similar conditions outside Dove’s control.
B.17 Customer Testing, Inspection, and Maintenance
Unless expressly included in a Quote, Client is responsible for routine end-user testing, site inspection, operational verification, and customer-side maintenance.
Client shall promptly report malfunctions, communication failures, site changes, door hardware issues, power issues, and environmental changes affecting the Services.
B.18 Operational Limitations and Client Responsibilities
Subscription-Based Services. Many cloud-camera, access-control, video-monitoring, and security-platform Services (including Eagle Eye Networks, Verkada, Brivo, Alarm.com, and similar platforms) require an active subscription, license, or recurring service fee to operate. Subscription fees include licensing, ongoing software updates, platform development, and access. Cameras, controllers, and devices may not function, may be unable to record, or may lose cloud or remote access if the subscription lapses, is suspended, is canceled, or is not renewed. Client is responsible for maintaining all required subscriptions for the duration the Services are needed.
Static IP and Network Requirements. Many camera, access-control, alarm-monitoring, and remote-management Services require a static IP address, port forwarding, specific firewall rules, sufficient upload bandwidth, or VLAN configuration for connectivity, monitoring, and remote access. Procuring and maintaining the required network configuration, IP addressing, internet bandwidth, and ISP relationship is Client’s responsibility unless Dove expressly agrees otherwise in writing. Loss of static IP, ISP changes, network reconfiguration by Client or third parties, or insufficient bandwidth may interrupt or disable the Services.
Smartphone, Mobile App, and OS Compatibility. Smartphone or tablet access to camera, alarm, access-control, or VoIP Services requires cellular data or Wi-Fi connectivity and a compatible mobile operating system version. Compatibility with specific Android, iOS, or other mobile operating system versions is determined by the third-party platform or app provider and may change without notice. Older devices, unsupported operating system versions, jailbroken or rooted devices, beta operating systems, and certain mobile carriers may not be compatible. Dove is not responsible for app, OS, push-notification, or device-compatibility issues outside its control.
Live View vs. Active Monitoring. Unless the Quote expressly includes active monitoring, video verification, remote guarding, or central-station services, video-surveillance and camera Services provide Client-accessed live view and recorded playback only. “Live view” means Client may access live and recorded video through smart devices or web portals; it does NOT include 24/7 active monitoring, dispatch, response, or video verification by Dove or any monitoring center. Active monitoring, remote guarding, talk-down, video verification, or response services must be expressly stated in the Quote to be included.
Default Feature Programming. Quoted pricing includes default factory or manufacturer-recommended feature programming for the products quoted. Custom programming, advanced configurations, special integrations, custom workflows, custom analytics rules, custom event triggers, custom user roles, advanced reporting, AHJ-specific configurations, or any non-default feature programming is not included in the base Quote and will be billed separately at Dove’s then-current rates or by change order.
B.19 Insurance
Because security and monitoring services cannot eliminate risk, Client shall maintain commercially reasonable insurance, including as appropriate:
• Property insurance;
• Business interruption insurance;
• Cyber/privacy coverage;
• Media liability;
• General liability; • Errors and omissions (E&O) insurance;
• Workers’ compensation and employer’s liability where applicable;
• Any other coverage reasonably appropriate for Client’s premises and risk profile.
C. MSP / Cybersecurity / Computer Network / Cloud Terms
C.1 Scope
This Section applies to managed IT services, managed services, help desk, network administration, endpoint management, server management, patching, monitoring, cloud administration, backup-related services, security tooling, co-managed environments, remote support, and related cybersecurity or computer-network services.
C.2 Shared Responsibility Model
Client acknowledges that secure, available, and resilient IT operations require shared responsibility.
Dove may provide recommendations, tools, monitoring, maintenance, or response services, but Client remains responsible for:
• Executive oversight and internal approvals;
• User conduct;
• Policy decisions;
• Data classification;
• Access approvals;
• Legal and regulatory obligations;
• Selecting acceptable risk tolerances;
• Implementing business continuity processes and any customer-side controls not expressly included in a Quote.
C.3 No Guarantee Against Cyber Incidents, Outages, or Data Loss
No technology or managed service is fully effective against all malware, ransomware, social engineering, credential theft, insider misuse, zero-day exploitation, vendor-side compromise, cloud outages, configuration errors, or data loss.
Dove does not guarantee that:
• Cyber incidents will be prevented, detected, quarantined, or remediated;
• All malicious activity will be blocked;
• All impacted data will be recoverable;
• All outages will be avoided;
• All vulnerabilities will be identified;
• All recovery objectives or restoration expectations will be met unless expressly stated in writing.
Dove is not responsible, liable, or accountable for any cyber incident, security breach, data loss, ransomware attack, malware infection, phishing compromise, unauthorized access, service outage, system failure, or data corruption that occurs in Client’s environment, regardless of whether Dove was providing managed IT, cybersecurity, monitoring, cloud, network, or related services at the time of the incident. Dove’s provision of managed services does not make Dove a guarantor, insurer, or warrantor of Client’s security posture, and the occurrence of a security incident does not, by itself, establish that Dove failed to perform its obligations or breached the applicable standard of care.
Client agrees that it will not assert, and will not encourage or support any third party in asserting, any claim against Dove arising out of or relating to a cyber incident, data breach, data loss, privacy violation, or security failure affecting Client’s environment unless Client has a good-faith basis to allege that the incident was directly caused by Dove’s gross negligence or willful misconduct. Client will defend, indemnify, and hold harmless Dove from claims arising from Client’s environment except to the extent finally determined to have been caused by Dove’s gross negligence or willful misconduct.
C.4 Backups and Disaster Recovery
Unless expressly included in a Quote and specifically identified by service scope, frequency, retention, and covered systems:
• Dove does not provide a full disaster recovery solution or a comprehensive backup program;
• Basic backups, snapshots, synchronization tools, mirrored storage, or platform-native backup features are not a substitute for a dedicated backup and disaster recovery program;
• Data integrity verification, retention validation, recovery testing, immutable-copy strategies, point-in-time objectives, restoration procedures, and business continuity planning may be outside scope.
Client remains responsible for validating that its backup, retention, recovery, restore-testing, continuity, resilience, source-system coverage, credential security, immutable-copy strategy, off-site replication, and business interruption measures satisfy its legal, contractual, operational, and business requirements.
Dove does not guarantee that any backup will run on schedule, capture all data, remain free from corruption, satisfy any particular recovery point objective or recovery time objective, or be recoverable after ransomware, deletion, credential compromise, encryption, vendor failure, retention expiration, customer-side changes, administrator error, source-data corruption, excluded workloads, or limitations in third-party or platform-native backup functionality.
C.5 Patching and Updates
Dove may install or facilitate updates, patches, hotfixes, service packs, firmware updates, configuration changes, security mitigations, emergency mitigations, and vendor-recommended changes as part of the Services, subject to the scope of the applicable Quote, maintenance windows, Client dependencies, and third-party platform limitations.
Client acknowledges that:
• Patches and updates are created by third parties;
• Updates may introduce incompatibility, downtime, regressions, changed functionality, or failed integrations;
• Dove cannot guarantee that any patch or update will perform as intended;
• Dove may delay, sequence, or defer installation where compatibility, operational stability, maintenance-window, approval, or other reasonably warranted concerns justify caution;
• Unsupported devices, inaccessible systems, vendor limitations, or customer refusals may limit patching effectiveness.
If Client delays, declines, or restricts recommended patches, updates, replacements, mitigations, or maintenance windows, Client assumes the resulting risks, and Dove is not responsible for vulnerabilities, instability, compatibility issues, outages, or losses attributable to that delay, decline, or restriction.
C.6 Unsupported, Obsolete, and Legacy Devices
Client understands that unsupported, obsolete, end-of-life, or legacy hardware and software may create instability, vulnerabilities, or integration problems.
If Client elects to keep such devices or software in the environment, Dove may:
• Exclude them from coverage;
• Limit service obligations;
• Require special pricing;
• Require replacement as a condition to continued service.
Dove is not responsible for issues arising from the continued use of unsupported or legacy systems.
C.7 Administrative / Root Access
Dove strongly discourages uncontrolled administrative, privileged, global, tenant, domain, local administrator, super-user, break-glass, emergency, shared, or root access by persons outside Dove’s managed process.
If Client grants, retains, shares, duplicates, or requires such access for Client personnel, another MSP, another consultant, a vendor, or any other third party, or if Client withholds exclusive administrative control needed for Dove to implement agreed safeguards, then:
• Client assumes responsibility for the risks associated with such access, including credential compromise, unauthorized changes, privilege misuse, and disputed approvals;
• Dove may limit service commitments;
• Dove may rely on its own records to determine whether an action was performed or authorized by Dove;
• Dove is not responsible for issues traceable to non-Dove administrative activity, customer-controlled privileged credentials, or third-party changes except to the extent expressly caused by Dove.
C.8 Co-Managed Environments
In co-managed environments, Dove is not responsible for the acts, omissions, judgments, security posture, or changes made by:
• Internal IT personnel;
• Customer administrators;
• Other MSPs;
• Software vendors;
• Cloud administrators;
• Security consultants;
• Telecom providers;
• Infrastructure providers.
Where overlapping responsibilities exist, Client must ensure clear allocation of ownership. Unless expressly stated otherwise in writing, Dove may rely on Client-designated owners for decision-making and approvals.
C.9 Third-Party Tools, SaaS, and Cloud Dependencies
Managed and cybersecurity services may depend on third-party tools, SaaS platforms, cloud providers, hosting providers, hyperscalers, endpoint tools, identity services, firewalls, SIEM platforms, ticketing systems, remote access tools, monitoring agents, marketplaces, and other third-party infrastructure or software services.
Dove does not guarantee uninterrupted availability, compatibility, pricing stability, feature continuity, API continuity, or security posture of third-party tools or cloud services.
C.10 Incident Response Scope Limitations
Unless expressly included in a Quote, incident response services are limited.
Monitoring, alerts, and detection features do not necessarily include:
• Forensic investigation;
• Breach notification analysis;
• Legal privilege coordination;
• Malware eradication;
• Rebuild or restoration work;
• Executive reporting;
• Regulatory reporting;
• Evidence preservation;
• Tabletop exercises;
• Communications strategy.
Additional response or remediation work may be out of scope and separately billable.
C.11 Compliance; No Legal Advice
Dove’s services may support Client’s efforts but are not, by default, a legal or regulatory compliance solution.
Client remains responsible for determining whether its environment, policies, controls, retention settings, logs, alerts, backups, authentication controls, encryption choices, surveillance practices, and telecom practices comply with applicable law, contract obligations, cyber-insurance conditions, and internal policies.
C.12 Remote Access, Agents, and Monitoring Software
Dove may deploy remote access tools, software agents, monitoring tools, scripts, management platforms, update tools, or security agents to deliver the Services.
Client authorizes Dove to install, configure, update, and remove such tools as reasonably necessary to provide the Services, subject to the scope of the applicable Quote.
Client shall not disable, tamper with, or interfere with such tools without Dove’s consent if doing so would impair service delivery.
Client acknowledges that Dove’s MSP, cybersecurity, cloud, and related managed services are limited to the specific systems, environments, tenants, subscriptions, devices, tools, and workflows expressly identified in the applicable Quote. Unless expressly stated otherwise in a Quote, Dove is not responsible for uncovering every misconfiguration, monitoring every log source, maintaining every asset, administering every cloud setting, reviewing every alert, or supporting shadow IT, personal devices, unapproved applications, unsupported integrations, or assets outside Dove’s documented management scope.
C.13 Customer Licensing and Minimum Requirements
Client is responsible for:
• Maintaining valid licenses, subscriptions, and entitlements for customer-owned software and systems unless expressly provided by Dove;
• Ensuring supported hardware, supported operating systems, and minimum technical requirements are met;
• Timely renewing required software, certificates, domains, subscriptions, and support contracts;
• Implementing customer-side security and operational recommendations where required to maintain supportability.
If Client does not meet minimum requirements, Dove may suspend, limit, or reprice affected services.
C.14 Data, Privacy, and Customer Content
Client remains responsible for:
• The legality of data submitted to or processed within the environment;
• Data classification and retention decisions;
• Obtaining required rights and consents for data Dove accesses or processes;
• Complying with privacy, employment, and sector-specific obligations.
C.15 High-Risk Use Restriction
Unless expressly agreed by Dove in writing, MSP, cybersecurity, backup, and cloud services are not designed or warranted for environments where failure could reasonably be expected to result in death, bodily injury, or catastrophic property or environmental damage.
C.16 No Cybersecurity Services Unless Expressly Sold
Dove does not provide cybersecurity monitoring, endpoint protection, threat detection, vulnerability management, penetration testing, security assessments, security operations center (SOC) services, incident response, managed detection and response (MDR), security information and event management (SIEM), data loss prevention, email security, identity and access management, or any other cybersecurity-related services unless expressly identified and described in an accepted Quote. The inclusion of general managed IT, MSP, help desk, network administration, patching, backup, cloud administration, or similar services in a Quote does not imply or include any cybersecurity service unless the Quote specifically identifies and prices cybersecurity services. Client is solely responsible for procuring its own cybersecurity protections if cybersecurity services are not expressly included in the applicable Quote.
C.17 Cybersecurity Limitation of Liability and Hold Harmless
Even where Dove provides cybersecurity-related services under an accepted Quote, Client acknowledges and agrees that:
• No cybersecurity service, tool, platform, software, monitoring solution, or managed security program can guarantee prevention, detection, or containment of all cyber threats, attacks, breaches, intrusions, ransomware, malware, phishing, social engineering, insider threats, zero-day exploits, advanced persistent threats, data exfiltration, denial-of-service attacks, credential compromise, or other security incidents;
• Dove does not guarantee, warrant, or represent that Client’s systems, networks, data, endpoints, cloud environments, applications, or users will be secure, breach-free, or free from unauthorized access, even when Dove’s cybersecurity services are active and functioning as designed;
• Dove’s cybersecurity services are limited to the specific scope, tools, environments, and coverage levels described in the applicable Quote, and do not extend to systems, networks, devices, cloud tenants, applications, or users not expressly covered;
• Dove is not an insurer, guarantor, or indemnitor against cyber losses, data breaches, regulatory fines, privacy violations, business interruption, reputational harm, or other consequences of security incidents, regardless of whether Dove’s cybersecurity services were active at the time of the incident;
• Client is solely responsible for maintaining cyber insurance, data breach insurance, business interruption insurance, errors and omissions insurance, and any other insurance coverage appropriate for Client’s risk profile, regulatory obligations, and industry requirements.
C.18 Client Hold Harmless for Security Incidents
To the maximum extent permitted by applicable law, Client agrees to defend, indemnify, and hold harmless Dove Communications, Inc., its officers, directors, employees, agents, subcontractors, and affiliates from and against any and all claims, demands, actions, suits, proceedings, losses, damages, liabilities, costs, and expenses (including reasonable attorneys’ fees and costs of litigation or arbitration) arising out of or relating to any security incident, data breach, cyberattack, ransomware event, unauthorized access, data loss, data exfiltration, privacy violation, regulatory investigation, regulatory fine, or other cyber-related event affecting Client’s systems, networks, data, or operations, regardless of whether Dove provided managed IT, cybersecurity, cloud, network, or related services to Client at the time of the incident, except to the extent finally determined to have been caused by Dove’s gross negligence or willful misconduct.
This indemnification and hold harmless obligation applies whether the security incident arises from: Client’s own acts or omissions; Client’s employees, contractors, users, or vendors; third-party threat actors; social engineering or phishing; Client’s failure to implement Dove’s recommendations; Client’s failure to maintain adequate insurance; Client’s failure to patch, update, or maintain systems within Client’s control; Client’s failure to restrict administrative access; shadow IT or unapproved applications; or any other cause not solely attributable to Dove’s gross negligence or willful misconduct.
Client further agrees that Dove’s total liability for any claim arising out of or relating to cybersecurity services, managed IT services, or related services is subject to and limited by the liability caps set forth in MSA §24 (Limitation of Liability), and that Client waives and releases all claims exceeding those caps.
C.19 Client, Employee, and Guest Conduct; Content Usage; Security Incidents Caused by Users
Dove is not responsible, liable, or in any way accountable for the actions, conduct, content access, content usage, communications, transmissions, downloads, uploads, storage, or online activity of Client, Client’s employees, contractors, agents, authorized users, guests, visitors, tenants, or any other person who accesses Client’s network, systems, devices, internet connection, Wi-Fi, VPN, cloud environments, email, applications, or any technology infrastructure managed, supported, monitored, or provided by Dove.
Without limiting the foregoing, Dove is not responsible for:
• Any access to, viewing, downloading, uploading, streaming, sharing, distribution, or storage of adult content, obscene material, offensive content, defamatory content, discriminatory material, harassing or threatening communications, violent or extremist material, illegal content, or otherwise objectionable material by Client, Client’s employees, contractors, guests, visitors, or any user of Client’s systems or network;
• Any access to or use of gambling, gaming, cryptocurrency, darknet, peer-to-peer, file-sharing, social media, streaming, or other websites, platforms, applications, or services, whether legal or illegal, by any user of Client’s systems or network;
• Any security incident, data breach, malware infection, ransomware attack, phishing compromise, credential theft, unauthorized access, or other cyber event caused by, contributed to, or facilitated by the actions, negligence, or misconduct of Client, Client’s employees, contractors, guests, visitors, or any user of Client’s systems or network, including but not limited to clicking malicious links, opening infected attachments, sharing credentials, disabling security tools, bypassing security controls, connecting unauthorized devices, installing unapproved software, or failing to follow Dove’s security recommendations;
• Any violation of law, regulation, company policy, acceptable use policy, employment law, privacy law, intellectual property law, export control, or industry regulation arising from user conduct on Client’s systems or network;
• Any claim, demand, fine, penalty, investigation, enforcement action, lawsuit, or regulatory proceeding brought against Client or Dove by any person, entity, government agency, regulatory body, or law enforcement authority arising from user conduct, content usage, or security incidents on Client’s systems or network.
Client is solely responsible for establishing, implementing, communicating, and enforcing its own acceptable use policies, content filtering policies, internet usage policies, employee conduct policies, guest access policies, network access controls, and security awareness training. Even where Dove provides content filtering, web filtering, DNS filtering, firewall management, endpoint protection, email filtering, or similar tools as part of a managed service, such tools cannot block or filter all objectionable, illegal, or malicious content, and Dove does not guarantee that any filtering or security tool will be fully effective.
Client agrees to defend, indemnify, and hold harmless Dove from and against any and all claims, losses, damages, liabilities, costs, and expenses (including attorneys’ fees) arising out of or relating to the conduct, content usage, or online activity of Client, Client’s employees, contractors, guests, visitors, or any user of Client’s systems, network, or technology infrastructure.
D. AI / Machine Learning / Automation Terms
D.1 Scope
This Section applies to AI-enabled, generative AI, machine learning, automated decision-support, summarization, transcription, analytics, anomaly detection, event classification, content generation, image analysis, monitoring, recommendation, or workflow tools provided, embedded, facilitated, or supported by Dove.
D.2 AI Outputs Are Probabilistic and Limited
Client acknowledges that AI outputs may be:
• Incomplete;
• Inaccurate;
• Stale;
• Misleading;
• Biased;
• Non-explainable;
• Inconsistent;
• Hallucinated;
• Inappropriate for the intended use.
Dove does not warrant or guarantee the accuracy, completeness, fairness, legality, explainability, reliability, or suitability of any AI output.
D.3 False Positives, False Negatives, Bias, and Hallucinations
AI systems may generate:
• False positives;
• False negatives;
• Misidentifications;
• Omissions;
• Fabricated content;
• Unsupported inferences;
• Biased or skewed results.
These issues may arise from model design, training data, thresholds, environmental conditions, prompts, incomplete inputs, changing platform behavior, or third-party provider updates.
D.4 No Substitute for Human Review or Professional Judgment
AI outputs are tools only and are not a substitute for:
• Human review;
• Managerial judgment;
• Legal advice;
• Security decision-making;
• Emergency response judgment;
• Professional engineering or technical analysis;
• Employment or disciplinary review;
• Regulatory compliance analysis.
Client shall review, validate, and independently assess AI-assisted outputs before relying on them for material decisions.
D.5 Customer Responsibility for Inputs, Instructions, and Use
Client is solely responsible for:
• All prompts, instructions, training inputs, uploaded content, and data submitted to AI-enabled services;
• Reviewing outputs before use;
• Determining whether use of AI is lawful and appropriate for its business;
• Implementing policies and safeguards for employee and end-user use of AI;
• Obtaining all required rights, consents, and notices for any data used with AI-enabled services.
D.6 Third-Party AI Providers and Model Changes
AI-enabled services may rely on third-party models, platforms, vendors, or upstream services. Those providers may:
• Retrain models;
• Change output behavior;
• Modify safety controls;
• Add or remove features;
• Change data handling, retention, training, or human-review practices;
• Suspend or discontinue services;
• Impose new usage restrictions;
• Change pricing.
Dove is not responsible for such third-party changes beyond Dove’s direct control.
D.7 Data Handling and Sensitive Uses
Client shall not use AI-enabled services for prohibited or sensitive purposes in violation of law or policy, including where such use would improperly process sensitive personal information, biometric data, health information, confidential recordings, regulated data, employment-screening data, or other protected data without appropriate safeguards, human review, and legal authorization.
Client shall not rely solely on AI-enabled outputs for legal determinations, employment actions, emergency decisions, disciplinary decisions, credit decisions, eligibility determinations, security response, or other high-impact decisions without appropriate human review and independent judgment.
D.8 No Guaranteed Detection or Prevention
Where AI is used for monitoring, security, messaging review, anomaly detection, event scoring, or analytics, Dove does not guarantee that AI will correctly detect, classify, escalate, prioritize, or prevent any event, incident, threat, or business issue.
D.9 Evolving Technology
Client acknowledges that AI technologies evolve rapidly and may become obsolete, restricted, or legally constrained. Dove may modify, suspend, replace, or discontinue AI-enabled features where commercially, technically, legally, or operationally necessary.
Client is solely responsible for establishing and enforcing its own governance, review, approval, disclosure, testing, escalation, and acceptable-use rules for AI-enabled features; determining whether any AI-assisted workflow is appropriate for regulated, high-impact, customer-facing, employment-related, safety-related, evidentiary, or legally significant use; and ensuring that appropriate human oversight is applied before relying on AI-generated or AI-assisted outputs. Dove does not undertake to monitor evolving AI-specific laws, regulations, guidance, or industry frameworks on Client’s behalf, and Client assumes the risks arising from its selection, enablement, or use of AI-enabled features except to the extent expressly stated in a Quote.
D.10 No AI Services Unless Expressly Sold
Dove does not provide artificial intelligence, machine learning, generative AI, automated analytics, AI-enabled monitoring, transcription, summarization, content generation, anomaly detection, event classification, image analysis, or any other AI-related services unless expressly identified and described in an accepted Quote. The inclusion of managed IT, cybersecurity, monitoring, cloud, help desk, or similar services in a Quote does not imply or include any AI service unless the Quote specifically identifies and prices AI-related services. Client is solely responsible for procuring its own AI tools and services if AI is not expressly included in the applicable Quote.
D.11 AI Limitation of Liability and Not Responsible
Dove is not responsible, liable, or accountable for any loss, damage, claim, fine, penalty, injury, business interruption, reputational harm, regulatory action, or other consequence arising from or related to:
• Any AI output, recommendation, classification, summary, transcription, detection, alert, score, prediction, or generated content that is inaccurate, incomplete, misleading, biased, hallucinated, delayed, or otherwise deficient;
• Any decision made by Client, Client’s employees, contractors, or agents in reliance on AI outputs, whether or not Dove recommended or facilitated the AI tool or service;
• Any AI-generated content that is offensive, defamatory, discriminatory, infringing, legally noncompliant, or otherwise harmful;
• Any failure of AI to detect, classify, prevent, escalate, or respond to a threat, incident, anomaly, or event;
• Any regulatory investigation, fine, enforcement action, or lawsuit arising from Client’s use of AI tools or AI-generated outputs, including claims under privacy laws, anti-discrimination laws, employment laws, consumer protection laws, or industry-specific regulations;
• Any third-party AI provider outage, model change, API deprecation, pricing change, feature removal, security incident, or discontinuation of service.
Dove’s provision of AI-related services does not make Dove a guarantor, insurer, warrantor, or fiduciary with respect to AI outputs, and the occurrence of an AI-related error or incident does not, by itself, establish that Dove failed to perform its obligations.
D.12 Client Hold Harmless for AI
To the maximum extent permitted by applicable law, Client agrees to defend, indemnify, and hold harmless Dove Communications, Inc., its officers, directors, employees, agents, subcontractors, and affiliates from and against any and all claims, demands, actions, suits, proceedings, losses, damages, liabilities, costs, and expenses (including reasonable attorneys’ fees) arising out of or relating to:
• Client’s use of, reliance on, or decisions based on AI outputs, AI-generated content, AI recommendations, or AI-enabled tools provided, facilitated, or supported by Dove;
• Client’s failure to implement appropriate human review, oversight, governance, or validation of AI outputs before acting on them;
• Client’s deployment, configuration, or use of AI tools in a manner that violates applicable law, regulation, or third-party rights;
• Any claim by Client’s employees, contractors, customers, users, or third parties arising from AI-generated outputs, automated decisions, or AI-assisted processes;
• Any regulatory investigation, fine, or enforcement action arising from Client’s use of AI services.
This indemnification applies regardless of whether Dove provided, recommended, configured, or managed the AI tool or service, except to the extent finally determined to have been caused by Dove’s gross negligence or willful misconduct. Dove’s total liability for any AI-related claim is subject to the liability caps in MSA §24.
E. Suspension, Restrictions, and Protective Actions
In addition to any rights under the Master Services Agreement or Quote, Dove may suspend, restrict, disable, or limit affected Services if Dove reasonably believes that:
• Client is using the Services unlawfully;
• Client is violating carrier, platform, provider, or acceptable use rules;
• Continued service creates security, fraud, abuse, privacy, or legal risk;
• Emergency communication or monitoring records are inaccurate or unsafe;
• Client has failed to maintain required prerequisites, permits, notices, consents, registrations, or technical minimums;
• An upstream provider has suspended, blocked, or restricted applicable functionality.
F. Customer Indemnity for Service-Line-Specific Risks
Without limiting any indemnity obligations in the Master Services Agreement, Client shall defend, indemnify, and hold harmless Dove and its affiliates, personnel, subcontractors, licensors, carriers, monitoring partners, and upstream providers from claims arising from or relating to:
• Client’s failure to maintain accurate E911 or call list information;
• Client’s messaging consent, campaign, content, opt-in, opt-out, or telecom compliance failures;
• Client’s recording, surveillance, biometric, privacy, employment, CIPA, or notice and consent failures;
• Client’s misuse of access control, video, AI, or remote access;
• Unlawful or noncompliant use of the Services by Client or its users;
• Customer-furnished data, prompts, content, or instructions.
• Any cybersecurity incident, data breach, ransomware attack, malware infection, phishing compromise, credential theft, unauthorized access, data exfiltration, or other security event affecting Client’s systems, networks, data, or operations, regardless of whether Dove was providing managed IT, cybersecurity, monitoring, or related services at the time of the incident;
• Client’s failure to implement Dove’s security recommendations, apply patches or updates, maintain adequate cybersecurity insurance, restrict administrative access, train employees on security awareness, or address known vulnerabilities;
• Security incidents caused by or contributed to by Client’s employees, contractors, guests, visitors, vendors, or any user of Client’s systems or network, including clicking malicious links, sharing credentials, disabling security tools, connecting unauthorized devices, or installing unapproved software;
• Any regulatory investigation, fine, penalty, enforcement action, or third-party claim arising from a security incident or data breach in Client’s environment;
• Content accessed, downloaded, uploaded, stored, or transmitted by Client, Client’s employees, contractors, guests, or users on Client’s systems or network, including adult content, illegal material, infringing content, or otherwise objectionable material.
G. Survival
All provisions of these Service-Specific Terms that by their nature should survive termination will survive, including provisions concerning payment obligations, indemnity, liability allocation, privacy and recording responsibilities, use restrictions, accrued charges, and rights relating to third-party fees, subscriptions, and committed procurements.
H. Acknowledgment
By accepting the applicable Quote, Client acknowledges that:
• It has reviewed, or had a reasonable opportunity to review, these Service-Specific Terms;
• Only the sections applicable to the services ordered will apply;
• The Services involve technical, operational, legal, and third-party dependencies outside Dove’s control;
• Client remains responsible for its own compliance, business decisions, notices, consents, insurance, and customer-side environment.