Legal, compliance, and cooperation documentation.
This documentation pack is designed for enterprise procurement, regulated delivery, and long-term partnerships. It includes terms, policies, and operational guidance that define how Extender works with clients, regulators, and partners.
These documents are professional templates for review by your legal and compliance teams. We will tailor them to your scope, jurisdiction, and procurement requirements.
Full professional document pack.
Each document below is a standalone module that can be provided to procurement, legal, and security reviewers. Jump directly to the section you need.
Terms of Service
Master terms, scope, payments, IP, and liability.
View documentPrivacy Policy
Personal data collection, use, retention, and rights.
View documentData Processing Addendum
Processor obligations and cross-border safeguards.
View documentSecurity & Compliance
Control framework, audits, incident response.
View documentService Level Agreement
Availability targets, support tiers, escalation.
View documentAcceptable Use Policy
Use restrictions for regulated programs.
View documentCookie Policy
Analytics, preferences, and cookie control.
View documentCooperation & Partnership
Engagement model, governance, and onboarding.
View documentFAQ
Procurement and delivery questions answered.
View documentTerms of Service and Master Services Agreement
These Terms govern all engagements between Extender and the Client. Each engagement is defined through a Statement of Work (SOW) that outlines scope, deliverables, timeline, and commercial terms. If an SOW conflicts with these Terms, the SOW prevails for that specific scope.
Scope and Delivery
Extender provides dedicated execution teams, operational leadership, and managed delivery. All work is performed under agreed governance, reporting, and compliance requirements.
- Clear scope definition, milestone-based delivery, and client approvals.
- Regulatory alignment for fintech, enterprise IT, and gaming programs.
- Named leadership and escalation contacts for every project.
Commercials and IP
Fees are defined in the SOW and billed on a monthly or milestone basis. Unless otherwise stated, the Client owns final deliverables upon full payment, while Extender retains rights to pre-existing tools, templates, and know-how.
Confidentiality and Liability
Both parties agree to mutual confidentiality. Liability is limited to direct damages and capped to the total fees paid under the applicable SOW, unless otherwise required by law or agreed in writing.
Privacy Policy
Extender collects business contact information, communications, and usage data to provide services, respond to requests, and improve delivery. We do not sell personal data and only share data with approved subprocessors under contract.
Data We Collect
- Contact data: name, company, role, email, and phone.
- Project data: scope details, timelines, and communications.
- Usage data: analytics events and device metadata.
Your Rights
Clients can request access, correction, deletion, or export of personal data. Requests are handled within 30 days subject to verification and legal obligations.
Data Processing Addendum (DPA)
The DPA governs Extender's processing of personal data on behalf of the Client. Extender acts as a processor and follows documented instructions from the Client, including cross-border transfer requirements.
Security Measures
- Role-based access control and least-privilege permissions.
- Encryption in transit and at rest where supported.
- Continuous monitoring and vulnerability management.
Subprocessors and Transfers
Extender maintains an approved subprocessor list and will notify the Client of material changes. Cross-border transfers follow contractual safeguards such as SCCs where applicable.
Security & Compliance Overview
Extender operates a security program aligned with recognized control frameworks. Governance, access, and delivery controls are defined per engagement and reviewed quarterly.
Core Controls
- Identity and access management with MFA enforcement.
- Secure SDLC, change approvals, and audit logging.
- Vendor risk assessments and security reviews.
Incident Response
A dedicated incident response lead coordinates containment, client notifications, and post-incident remediation with documented timelines.
Service Level Agreement (SLA)
The SLA defines availability, response, and resolution targets for managed services. Service levels are tailored per SOW and apply to production systems managed by Extender.
Availability Targets
- 99.5% monthly uptime target for managed production workloads.
- Maintenance windows announced at least 72 hours in advance.
- Service credits applied when targets are missed.
Support Tiers
Support coverage spans standard business hours with 24/7 escalation for critical incidents. Response times align to severity and business impact.
Acceptable Use Policy (AUP)
Extender services must be used lawfully and in accordance with applicable regulations for each jurisdiction. Clients are responsible for ensuring they are properly licensed for regulated activities.
Prohibited Use
- Unauthorized access, credential abuse, or data scraping.
- Distribution of malware or malicious automation.
- Unlicensed or unlawful gaming, financial, or crypto activity.
- Violation of sanctions, anti-bribery, or AML obligations.
Cookie Policy
Extender uses cookies and similar technologies to maintain site performance, measure engagement, and improve user experience. You can control cookies through your browser settings.
Cookie Categories
- Essential cookies required for site functionality.
- Analytics cookies used to understand site usage.
- Preference cookies that remember user settings.
Opt-Out
You can disable cookies in your browser. Some features may be limited if essential cookies are blocked.
Cooperation and Partnership Terms
Extender partners with agencies, consultancies, and enterprise teams to deliver complex programs. Cooperation terms align responsibilities, reporting, and governance.
Engagement Model
- Single accountable delivery lead for each program.
- Joint operating cadence with weekly executive updates.
- Shared risk register and compliance checkpoints.
Commercial Governance
Commercial structures include revenue share, fixed delivery fees, or hybrid models. All collaboration terms are documented in a dedicated Partner SOW.
Frequently asked procurement questions.
If you need a signed or customized document pack, email hello@extender.example and we will respond within one business day.
Do you provide a full MSA and SOW template?
Yes. We provide a master services agreement with an SOW template that can be adapted to your procurement requirements and local jurisdiction.
Can you support regulated fintech or gaming delivery?
We build compliance and audit checkpoints into every engagement. Delivery teams are aligned with your regulatory obligations and licensing requirements.
Do you sign NDAs before discovery?
Yes. We can sign mutual or one-way NDAs before proposal workshops or technical discussions.
How do you handle subcontractors?
All subcontractors are vetted, contracted, and bound by the same confidentiality and security requirements. Subprocessor lists are shared on request.
What security evidence do you provide?
We provide a security overview, risk assessment responses, and incident response documentation. Additional evidence can be supplied under NDA.
Do you support data residency requirements?
Yes. We can architect delivery to meet data residency constraints and document all cross-border transfers.
What are typical contract terms?
Most engagements start with a 3-6 month SOW and roll into long-term support. Terms are flexible and tailored to procurement policies.
How fast can you provide a custom doc pack?
Standard document packs are delivered within 48 hours. Custom redlines can be delivered within 3-5 business days.