Version 1.0 · Effective May 20, 2026 · CP Global Dynamics LLC d/b/a Beverly Hills Growth
The short version. This MSA is the master contract between you (the Client) and CP Global Dynamics LLC d/b/a Beverly Hills Growth (the Provider). By purchasing any service via our Stripe checkout, you accept this MSA and the per-tier Statement of Work (SOW) we send within 24 hours of purchase. Both documents together form the complete agreement.
This Master Services Agreement (the "Agreement") is between you, identified by the Stripe customer record created at checkout (the "Client"), and CP Global Dynamics LLC, a California limited liability company doing business as Beverly Hills Growth, 425 N Doheny Dr, Beverly Hills, CA 90210, USA (the "Provider"). The Agreement takes effect on the date of the Client's first successful payment to the Provider (the "Effective Date").
The Provider will perform the services described in one or more Statements of Work ("SOW") executed between the parties. Each SOW identifies the tier (Quick-Start Sprint, Monthly Growth, Growth + AI, or Growth + AI + UGC), the fees, the deliverables, the start date, and any tier-specific terms. The current SOW for your tier is sent to your Stripe-on-file email within 24 hours of purchase and is incorporated into this Agreement by reference. A copy of any prior SOW is available on written request.
Fees are stated on the Provider's pricing page and confirmed at Stripe checkout. Recurring fees auto-renew until cancelled per the Client's right described in the Refund Policy. Fees exclude any applicable sales tax, VAT, or other indirect tax, which the Provider may add at checkout where required. The Client is responsible for any withholding, remittance, or import obligation in the Client's own jurisdiction.
The Agreement runs from the Effective Date until terminated. The Quick-Start Sprint is a single, fixed-scope engagement that completes on delivery. Monthly and annual plans continue until either party cancels with 7 days written notice (annual: through the end of the paid annual period). The Provider may terminate immediately for: (a) non-payment after 5 business days of notice; (b) breach of this Agreement; (c) breach of the Acceptable Use Policy; (d) credible risk of harm to the Provider's team or other clients.
The Client will: (a) provide accurate information; (b) grant Google Business Profile manager access via audit@beverlyhillsgrowth.com; (c) provide website CMS access where on-site work is required; (d) respond to Provider questions within 5 business days; (e) review and approve deliverables within 5 business days of delivery (failure to respond is deemed approval). All credentials are exchanged via secure channel; the Provider never asks for the Client's personal password to any platform, only delegated/agency access.
The Provider's pre-existing tools, code, scripts, templates, methodologies, and know-how remain the Provider's property.
Upon receipt of full payment, the Client receives a perpetual, irrevocable, worldwide, royalty-free license to use the deliverables for the Client's business. The Client may freely use, modify, and distribute the deliverables, except as limited by Section 6.3.
UGC video creative produced under the Growth + AI + UGC plan is licensed to the Client on a term-limited basis by default: the Client may use the videos in advertising campaigns while the subscription is active, plus 12 months after cancellation. A perpetual license is available as a paid upsell. UGC creative that features only synthetic avatars (no real-person likeness) is licensed perpetually by default. UGC creative that features a real-person likeness will not be produced unless the Provider holds a signed model release for each appearing person; the Provider supplies the release template at onboarding.
The Provider may describe the engagement in case studies, in anonymized form by default ("a Beverly Hills nail salon", "a West LA law firm"). The Provider will not use the Client's business name, logo, or identifying photos publicly unless the Client provides separate, dated, written opt-in (a reply by email naming the asset is enough).
Each party will keep confidential any non-public information the other party shares for the purpose of the engagement. The obligation survives termination for 3 years. Standard exceptions apply: information publicly known through no fault of the receiving party, independently developed, lawfully received from a third party, or required to be disclosed by law (with prompt notice to the other party where lawful).
The Provider processes personal data the Client provides in accordance with the Privacy Policy. The current list of sub-processors is published in the Privacy Policy and includes Vercel, Stripe, Resend, Sentry, Google (Gemini API, PageSpeed Insights, Places API), Cloudflare, Telegram, Hunter.io, Apify, jsDelivr, and Google Fonts. The Provider will notify the Client by email at least 30 days before adding any new sub-processor that materially changes the data-processing footprint of the engagement.
If the Client's processing involves EU, UK, or Swiss personal data, the parties may execute a Data Processing Addendum (DPA) incorporating the European Commission's Standard Contractual Clauses (Module 2, controller-to-processor) on the Client's request. The DPA template is available from the Provider.
The Client agrees not to transmit any Protected Health Information ("PHI") as defined by HIPAA to the Provider. The Provider does not sign Business Associate Agreements. Any PHI inadvertently received by the Provider will be deleted within 24 hours and the Client will be notified. The Client indemnifies the Provider against any consequence of PHI transmitted in breach of this Section 9.
Some tiers (Monthly Growth and above) include a review-request system that sends SMS messages to the Client's customers. The Provider provisions the SMS infrastructure (typically a Twilio number); the Client controls the recipient list and the content of the SMS. The Client is the sender of every SMS originated through Provider-provisioned SMS infrastructure for the purposes of the Telephone Consumer Protection Act, 47 U.S.C. § 227, and the implementing regulations at 47 C.F.R. § 64.1200.
The Client represents and warrants that, before any phone number is submitted to a Provider-provisioned SMS system, the Client has obtained and retained prior express written consent ("PEWC") from the recipient as defined by 47 C.F.R. § 64.1200(f)(9). The Client agrees to provide PEWC records to the Provider on request within 5 business days. The Provider will not originate SMS to any recipient for whom the Client cannot or will not produce PEWC records.
The Client indemnifies the Provider against any claim, fine, settlement, or expense arising from the Client's failure to obtain, retain, or document PEWC, including but not limited to TCPA private-right-of-action claims (current statutory damages: $500 to $1,500 per violation), state-attorney-general enforcement actions, and FCC enforcement actions. This indemnity survives termination of this Agreement.
Opt-out handling is a shared responsibility. The Provider-provisioned SMS infrastructure (typically Twilio) honors carrier-level STOP, UNSUBSCRIBE, CANCEL, END, QUIT, and STOPALL replies automatically and suppresses future messages to that number on the Provider-provisioned originating number. The Client remains the controller of the recipient list and must suppress any opted-out number from the Client's own CRM, marketing tools, and any other originating numbers within 1 business day of the opt-out, so the same recipient is not re-messaged from a different source. The Client indemnifies the Provider against any claim, fine, settlement, or expense arising from the Client's failure to propagate an opt-out across the Client's own systems, including continued messaging from any number not provisioned by the Provider. This indemnity survives termination of this Agreement.
This Section 9B applies to Clients subscribed to a Voice Receptionist tier (Starter, Pro, Concierge, Enterprise, or Outbound add-on). The subscription terms, pricing, included minutes, overage rates, setup-fee scope, and uptime targets for each tier are described in Section 4A of the Terms of Service, which is incorporated here by reference.
For Voice Receptionist deployments, Beverly Hills Growth acts as a data processor for caller PII received through the Client-branded agent (caller phone number in E.164 format, call timestamp and duration, AI-generated text summary, and any booking metadata supplied by the caller). The Client is the data controller. Sub-processors specific to the voice service are Retell AI, ElevenLabs, Twilio, and OpenAI, in addition to the general sub-processors listed in Section 8. The Provider will notify the Client by email at least 30 days before adding any new voice-service sub-processor that materially changes the data-processing footprint.
A Business Associate Addendum (BAA) under HIPAA is available on request for Concierge-tier Clients in healthcare verticals (dental, dermatology, medical aesthetics) where the agent may incidentally receive Protected Health Information ("PHI"). A BAA is not auto-included on lower tiers; the Section 9 prohibition on PHI applies on Starter, Pro, and Enterprise tiers without a separately-executed BAA.
Calls handled by the Client-branded agent are recorded for quality and training by default. The Provider supplies a configurable in-call consent prompt for inbound calls under California Penal Code § 632 (two-party consent) and analogous state statutes. The Client is responsible for confirming that the agent's opening greeting and consent prompt are appropriate for every state in which the Client receives calls; the Provider's defaults satisfy California and the majority of comparable two-party-consent states (Connecticut, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Oregon, Pennsylvania, Washington), but the Client should confirm coverage with counsel where the Client receives calls from multiple states.
The Outbound Calling add-on is strictly TCPA-gated. The Client warrants prior express written consent for every recipient phone number, and indemnifies the Provider per Section 14.1 (clauses (a) through (f)) and the SMS-specific indemnity in Section 9A. Outbound calling is not enabled on any Voice Receptionist tier without a separately-executed Outbound add-on engagement.
The Provider notifies the Client by email within 24 hours of confirming any security incident that affects caller data (unauthorized access to the agent's call logs, transcript leak, sub-processor breach affecting voice data). The notice describes the incident, the data categories affected, the corrective steps taken, and the recommended Client-side action. This is in addition to any breach-notification obligation either party has under applicable law (GDPR Art. 33-34, CCPA § 1798.82, etc.).
VOICE_WEBHOOK_SECRET pattern used in our production stack).Some deliverables involve AI assistance. The Provider reviews AI output before delivery. The Client is responsible for final approval of any AI-assisted content the Client publishes externally under the Client's name (including but not limited to ad creative, GBP posts, review responses). The Provider supplies AI-generated UGC creative with labeling instructions for the Client to comply with Meta's, TikTok's, and other platforms' "made with AI" disclosure requirements. Failure of the Client to comply with platform AI-labeling rules is the Client's responsibility. Full disclosure at AI Disclosure.
The Provider performs work on platforms operated by third parties (Google, Meta, TikTok, Stripe, and others). The Provider's work is subject to those platforms' terms and policies. Platform changes (algorithm updates, ad-policy changes, account suspensions) may affect the Provider's ability to deliver and are not a breach of this Agreement. The Provider will use commercially reasonable efforts to adapt to such changes.
The Provider does not guarantee specific search rankings, traffic numbers, lead numbers, sales numbers, or any specific business outcome. Search ranking and ad performance depend on many factors outside the Provider's control. The Provider commits to performing the work described in each SOW, using industry best practices and avoiding any "black-hat" tactic that risks a platform penalty.
The Provider warrants that it will perform the services in a professional and workmanlike manner. Except for that warranty, the services are provided "as is" and "as available" without further warranty of any kind, express or implied. The Provider disclaims all implied warranties of merchantability, fitness for a particular purpose, non-infringement, and accuracy, to the maximum extent permitted by law.
The Client will defend, indemnify, and hold the Provider harmless from any claim arising from: (a) the Client's breach of this Agreement; (b) the Client's violation of any law; (c) any content the Client supplies for the Provider to publish; (d) any third-party claim that the Client's business name, logo, photos, or other materials infringe a right; (e) PHI transmitted in breach of Section 9; (f) SMS origination, opt-out handling, or PEWC documentation in breach of Section 9A.
The Provider will defend the Client against any claim that a deliverable, as provided by the Provider and used unmodified by the Client, infringes a US copyright, trademark, or trade secret. The Provider's total liability under this Section 14.2 is capped at the limits described in Section 15.
To the maximum extent permitted by law, the Provider's total cumulative liability under this Agreement will not exceed the greater of (a) the total amount the Client has paid the Provider in the 3 months immediately preceding the event giving rise to the claim, or (b) one hundred US dollars ($100). Neither party will be liable to the other for indirect, incidental, consequential, special, punitive, or exemplary damages, including lost profits, lost revenue, lost business opportunities, lost data, or business interruption, even if advised of the possibility of such damages.
Neither party is liable for delay or failure caused by events outside the party's reasonable control: natural disaster, war, civil unrest, government action, third-party platform outage, or comparable cause.
Any dispute under this Agreement is resolved by binding individual arbitration as described in Section 16 of the Terms of Service, which is incorporated here by reference. The small-claims carve-out, the IP-injunction carve-out, and the 30-day opt-out from the Terms also apply here.
This Agreement is governed by the laws of California, USA, without regard to its conflict-of-laws principles. Any dispute not subject to arbitration is brought exclusively in the state or federal courts in Los Angeles County, California.
Notices to the Provider go to audit@beverlyhillsgrowth.com. Notices to the Client go to the email address on file in the Client's Stripe customer record. Notices are effective when sent (for email) or 3 business days after posting (for mail).
The parties are independent contractors. Nothing in this Agreement creates an employment, partnership, joint venture, agency, or fiduciary relationship.
The Client may not assign this Agreement without the Provider's written consent. The Provider may assign this Agreement to a successor in interest in connection with a merger, acquisition, or sale of substantially all assets.
This Agreement, together with the applicable SOW, the Privacy Policy, the Terms of Service, the Acceptable Use Policy, the Refund Policy, and the AI Disclosure (each incorporated by reference), is the entire agreement between the parties regarding the services and supersedes any prior or contemporaneous understanding.
If any provision of this Agreement is held invalid or unenforceable, the remainder remains in effect. A party's failure to enforce a right is not a waiver of that right.
By completing any purchase via the Provider's Stripe checkout, the Client accepts this MSA in its then-current form. The current version is the version posted at https://beverlyhillsgrowth.com/msa at the moment of purchase. The Provider may update this MSA from time to time; material changes are communicated by email at least 30 days before they take effect.
Questions about this MSA: audit@beverlyhillsgrowth.com. Mailing address: CP Global Dynamics LLC, 425 N Doheny Dr, Beverly Hills, CA 90210, USA.