Concierge CIO Partners LLC - Payment portal

Statement of Mutual Understanding

Before ordering services or accessing your account via our payment portal, please read and understand the following service agreement:

Access Payment Portal

These terms constitute a Master Service Agreement (MSA) between Concierge CIO Partners LLC ("Provider," "we," "us," or "our") operating as a Unified Guild of IT professionals and you ("Client," "you," or "your").

Agreement

By placing an order or using our services, you agree to these terms, which are incorporated into and prevail over any quote, order, plan, contract, or other arrangement. No representative or affiliate of Concierge CIO Partners LLC has authority to make representations, warranties, or promises beyond these terms. If any provision is invalid or unenforceable, the remaining provisions remain in effect.

Definitions

For the purposes of this Agreement:

Services: The IT stewardship, support, and related activities provided by us as described in this Agreement and site.
Confidential Information: Non-public information including business data, technical info, and client lists.
Intellectual Property (IP): Patents, copyrights, trademarks, trade secrets, and proprietary rights.
Force Majeure Event: Events beyond a party's reasonable control (natural disasters, pandemics, etc.).
Term: The duration of this Agreement as specified herein.
Guild Model: Our Unified Guild approach, emphasizing collective mastery and antifragile design.
Principal Steward: A permanent, sovereign IT leader managing a specific client portfolio.
Technical Fellow: A subject matter expert brought in for specialized expertise.
Mesh: Our collaborative network of peer experts.
Squad: A high-resilience cell of Principal Stewards who cross-train for seamless backup coverage.

Part I: The Covenant of Stewardship

The Concierge CIO Partners Unified Guild Model

We operate as a Unified Guild of vetted Principal Stewards and Technical Fellows, drawing on collective intelligence to provide proactive IT leadership. Our unique model combines the benefits of internal IT and MSPs while eliminating their inherent shortcomings. For a quick, one-minute overview of our business model, please see our Unified Guild Model page, and this post.

Through a simple unit‑based subscription system and automation, the Unified Guild redirects spend to senior expertise, providing Fortune‑500‑level stewardship at a practical price. We are not a Microsoft VAR; we are a force multiplier designed to help you grow your business by ensuring your technology serves your strategy, not the other other way around.

Scope of Services

The Services include managed IT stewardship, security management, cloud productivity tools (e.g., Microsoft 365, Google Workspace...), business continuity planning, on-premises IT management via Hyperconverged Infrastructure (HCI), networking, and consulting, as detailed in the service catalog or any SOW. We emphasize antifragile principles (simplicity, decentralization, modularity, redundancy, and overcompensation) to prevent systemic issues. Exclusions include non-standard hardware support, personal devices, or third-party co-management unless agreed in writing. Services are provided on a best-efforts basis with proactive monitoring, prevention, and knowledge sharing via standardized Run Books for seamless collaboration.

Service Level Agreements (SLAs)

We commit to the following performance standards, guided by our stewardship covenant:

Response Time:	Critical: 1 hour \| Non-critical: 4 hours (9 AM-5 PM ET)
Resolution Time:	Critical: 4 hours \| Non-critical: 24 hours
Uptime:	99.5% availability for managed systems

Remedies: If SLAs are not met, you receive a credit equal to 5% of the monthly fee per incident, up to 20% total. Credits must be requested in writing within 30 days.

Fiduciary Stewardship & Integrity

We commit to our Code of Ethics and Technology Standards as a Covenant of Stewardship, including fiduciary duties (prioritizing your business outcomes and vendor neutrality), architectural integrity (elegant, reversible designs), operational rigor (zero trust, encryption, resilient recovery), and professional ethics (radical candor, confidentiality, humility). We pledge to report incidents immediately and provide honest advice.

Operational Sovereignty

The IT infrastructure we build stays under your ownership and control. We use the dedicated platforms you own, such as Microsoft Intune, so nothing is dependant on our internal systems and no vendor lock‑in is created. If our engagement ends, all access, configurations, credentials, and documentation remain with you, and your environment continues operating without interruption.

Technology Stack & Proficiency

We use a best-of-breed stack with enterprise-grade tools, standard commercial technologies, and open-source solutions to minimize costs, ensure manageability, and promote resilience. Non-standard components are maintained at our standard hourly rate.

Security Sovereignty

To safeguard your continuity and reputation, we manage your environment through isolated, self-hosted, single‑tenant systems rather than the shared platforms used throughout the IT support industry. This structure eliminates the broad monoculture exposure that fuels supply chain attacks. Your security stack, which includes A/V, EDR, MDR, patching, and vulnerability remediation, is delivered through rigorously audited SOC 1 Type II and SOC 2 Type II vendors so that every protective layer meets the standards trusted by Fortune‑level organizations.

Part II: Operating Standards

Now that we have briefly introduced our stewardship model, let’s outline our operating standards.

Service Fees

Concierge CIO services are retainer-based with unit-based pricing for transparency: approximately 75% allocated to senior engineering and 25% to software/infrastructure, benchmarked against industry standards (e.g., below the cost of an internal IT manager for mid-sized firms). A la carte services are billed hourly at $150–$250. All services are pre-paid via subscriptions or charges on this site. Our platform and payment provider are SOC 1/2 compliant. No payment or PII is stored on our servers. Invoices are due within 15 days; late payments incur a 1.5% monthly fee. Prices may increase annually by up to 5% for inflation, with 60 days' notice and clear justification.

Subscription Mechanics

Subscriptions are month-to-month or annual, with auto-renewal after the initial term. Pricing scales with users/devices and features, with tiered discounts for volume. Monthly and annual plans are separate, with distinct setup fees and minima. However, setup fees are waived when converting an existing subscription from a monthly to a yearly plan, or when moving between our AYCE cloud productivity suite plans. Discounts may apply for unused features (e.g., MFP administration); inquire about discount codes.

Minimums and Discounts

Services have minimum volumes and volume discounts. To maintain your volume discount level, you must add users to your existing subscription via our payment portal. Creating a new, separate subscription for the same service will trigger a new minimum volume requirement, and the volume discount calculation will not take into account your prior order(s).

Hardware Stewardship & "White-Glove" Procurement (The Agency Model)

To ensure environment resilience, the Partner (Principal Steward) manages all hardware procurement as a pure agent on behalf of the Client.

No-Fee Agency Model: The Guild and Partner do not resell, mark up, or profit from hardware sales. There are no handling or stewardship fees for procurement. All equipment is purchased in the Client’s name; ownership and warranties reside solely with the Client.
Business-Grade Standards: All managed laptops, desktops, and servers must be business-grade (engineered for 8+ hours of daily use over a 3–5 year lifecycle), SSD-equipped, and covered by a valid manufacturer warranty (3–5 years) including accidental damage protection. They must be running current, supported professional‑grade operating systems.
Exclusions: Software must be currently licensed and supported by the vendor. Work involving unsourced hardware, consumer-grade, personal (BYOD) devices, third-party-owned, or out-of-warranty equipment is excluded from AYCE plans and billed at the standard hourly rate.

High Availability & The Operational Readiness Standard

To ensure your team never experiences downtime due to hardware failure or rapid growth, our managed plans include High Availability Coverage for up to 1.20 physical computers per subscriber.

The Ready-Pool Requirement: To ensure zero-day productivity and capture economies of scale, the Client agrees to maintain a 1.20 PC-to-Full Service User ratio (up to a maximum of 10 "hot-spare" units). This enables batch-configuration. It reduces per-unit setup overhead and ensures the team is not subject to the delays of individual, reactive procurement cycles.
Zero-Downtime Guarantee & SLA Dependency: Resolution SLAs for PC failures are predicated on the existence of this Ready-Pool. Should the PC pool fall below the Standard of Readiness, the Client acknowledges a waiver of the Zero-Downtime Guarantee. In such instances, PC-related interruptions will be subject to standard procurement and shipping timelines.
"White-Glove" Provisioning: PCs are "personality-mapped" to your standards (including OS updates, security software, Productivity Suites, Line-of-Business applications, mapped printers/drives, Outlook signatures, etc) so that a transition is measured in minutes.
Universal Security Stack: Every device capable of being powered on, including spare PCs, kiosk stations, and conference room systems, is protected by our full security and management stack. This ensures that any device is secure, patched, and compliant the moment it is activated.
Configuration Fees: Standard setup fees apply to the initial configuration of new devices. There is no additional fee for re-provisioning or swapping existing devices.
Standalone Security: If your organization requires more than 1.20 devices per subscriber, additional units may be added under our "Standalone Security Bundle" plan to ensure they remain patched, secured, and compliant with your standards.

Security Guardrails

Users operate as standard (non-admin) accounts. Admin access is limited to our team; select users may receive elevation rights if needed, recorded in our risk register. Damage from elevation is billable. Multi-factor or passwordless authentication is required where possible, as part of our operational rigor.

Access Control

Access to resources is restricted on non-company-managed computers and phones. For contractors or BYOD, Azure Virtual Desktop (AVD) is recommended. Company PC users can add AVD for an administration fee.

Risk & Integrity

A break-glass account is provided for emergencies; damage from its use is billable. We may refuse changes compromising stability, with candid explanations. Ignored recommendations for updates or replacements void support for affected systems; resulting damage is billable or outsourced at your expense. Maintain system redundancy (e.g., Internet, hardware) for continuity, in line with antifragility.

Authorized Stakeholder

The client must designate an Authorized Stakeholder (typically the Owner, CEO, or CFO) to act as the primary legal and financial point of contact. This individual holds the ultimate authority for ordering new subscriptions, managing payment methods, and making high-level contractual decisions via our catalog and payment portal.

Primary IT Contacts & Form-Driven Stewardship

While the Authorized Stakeholder manages the "account" via our catalog and payment portal, the client may designate one or more individuals to serve as primary IT contact(s) to handle the day-to-day technical lifecycle through their own login on this site.

Diagnostic and Productivity Role: These individuals are responsible for submitting our structured operational forms for user onboarding, offboarding, group creation, and related operational changes. These forms are guided decision-making tools that prompt the contact to answer critical organizational and security questions upfront. They also allow managers to learn, understand, and leverage the power of their productivity suites. Finally, because they eliminate the friction of back-and-forth discovery, these forms free both you and our Principal Stewards to focus on high-value-added tasks.
Training & Proficiency: As part of our stewardship, we will train your primary IT contact(s) to understand the implications of the questions within these forms. We will provide this guidance as many times as necessary to ensure their proficiency and the security of your environment.
Audit Integrity: To maintain your security posture and a clean audit trail, we do not perform lifecycle or configuration changes based on casual email or phone requests. All requests must be initiated via the appropriate form by a recognized Contact. Notify us immediately via offboarding form for employee departures to revoke access. Delays causing damage are billable.

Third-Party Policy and Access Control

We do not permit third-party vendors to install remote or back-door access software within our clients' networks, nor do we allow them to access your environment at will. This strict policy is a cornerstore of our security posture, as unmonitored third-party access is a leading cause of cyber-attacks and ransomware.

Supervised Access: If a third-party provider requires access for technical support, it will occur exclusively under our watch and with our active participation.
Session Limits: Access is granted only for the limited duration of a specific support session and is revoked immediately upon completion.
Architectural Integrity: By acting as the sole gatekeeper for your infrastructure, we ensure your environment remains standardized, secure, and free from unvetted external tools.

Catalog Scope

Catalog services are sold separately unless specified. Managed services (ongoing) are monthly/annual commitments. Project services (one-time setup) include monitoring if we implement them in AYCE plans.

Project Stewardship

For out-of-scope projects (e.g., ERP), we lead implementation at a discounted hourly rate (code INNET) if providing services. Features are typically included; new systems may not be.

Part III: Standard Legal Protections

The following sections outline the standard legal safeguards and contractual requirements that govern our partnership. While our relationship is built on trust and stewardship, these provisions ensure clarity and professional protection for both organizations.

Intellectual Property Rights

You retain ownership of your pre-existing IP. Any IP developed by us in providing Services (e.g., custom configurations) is owned by us, but we grant you a perpetual, non-exclusive license to use it for your internal purposes. You grant us a license to use your IP as necessary to perform Services. Neither party will infringe the other's IP. We commit to sharing knowledge transparently via documentation.

Confidentiality and Data Protection

Each party agrees to maintain the confidentiality of the other's Confidential Information for three years post-termination. We comply with applicable data protection laws (e.g., CCPA, GDPR if relevant). In case of a data breach, the affected party will notify the other within 48 hours and cooperate on mitigation, with radical candor. You are responsible for your data backups; we provide tools but no guarantees, emphasizing resilient recovery.

Warranties and Representations

We warrant that Services will be performed in a professional manner consistent with industry standards and our Code of Ethics. You warrant that you have authority to enter this Agreement and that your data complies with laws. EXCEPT AS EXPRESSLY STATED, ALL WARRANTIES ARE DISCLAIMED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Indemnification

Each party will indemnify, defend, and hold harmless the other from claims arising from its own gross negligence, willful misconduct, or breach of this Agreement, including reasonable attorneys' fees, approached with mutual respect.

Insurance & Cyber Liability

Each party will maintain adequate insurance, including cyber liability (at least $1 million per occurrence) and professional liability. Proof of insurance will be provided upon request. We provide no cybersecurity guarantees and are not liable for incidents, but commit to proactive prevention. For compromises, we recommend specialists like Coveware. Neglect of recommendations makes cleanup billable.

Force Majeure

Neither party is liable for delays or failures due to a Force Majeure Event, provided they notify the other promptly and resume performance as soon as possible.

Non-Solicitation

During the Term and for one year after, you agree not to solicit or hire our employees without our written consent, respecting our guild's collaborative structure.

Termination Terms

The initial Term is one year from the effective date, with auto-renewal unless terminated with 30 days' notice before term end. Early termination requires payment of remaining fees. We may terminate for your non-payment or breach with 15 days' cure period. Upon termination, we will assist with transition for a fee, including full knowledge handover via shared documentation.

Limitation of Liability

We are not liable for indirect, incidental, or consequential damages (e.g., lost profits, data). Total liability is capped at fees paid in the prior three months (annual plans) or one month (monthly plans). You acknowledge this as essential to the agreement, balanced with our stewardship commitment.

Dispute Resolution and Governing Law

In the spirit of our guild’s emphasis on stewardship and mutual respect, Any disputes shall be resolved through good-faith negotiation, followed by non-binding mediation, and, if necessary, litigation exclusively in the state or federal courts of Tarrant County, Texas. This Agreement is governed by the laws of the State of Texas.

You acknowledge that our partnership is built on trust; should the relationship no longer serve your needs, you maintain the right to terminate our services at any time. However, as with any professional commitment, termination of a subscription prior to its expiration does not waive the obligation to fulfill the remaining payments due for the balance of the committed term.

General Provisions

Professional Status: Concierge CIO Partners LLC operates as an independent contractor. Neither the Provider nor its members shall be considered employees, agents, or joint venturers of the Client for any purpose.

Client Cooperation: Our stewardship is a partnership. Delivery of services is contingent upon timely cooperation, including providing necessary access to facilities, personnel, and data. All fees are exclusive of applicable federal, state, or local taxes.

This Agreement is the entire understanding and supersedes prior agreements. Amendments must be in writing and signed by both parties. You may not assign this Agreement without our consent; we may assign with notice. Notices must be in writing via email or certified mail. Waiver of any breach does not waive future breaches. Sections on IP, Confidentiality, Indemnification, Limitation of Liability, and Dispute Resolution survive termination.

We encourage participation in our Giveback Referral Program to extend our community impact.