Legal Agreement
Master Terms of Use Agreement
Last Updated: July 12, 2026
CASKSTACK MASTER TERMS OF USE AGREEMENT
Last Updated: July 12, 2026
Welcome to CaskStack. Please read this Terms of Use Agreement ("Agreement") carefully before activating your tenant workspace. By executing the onboarding process, completing registration, or utilizing any portion of the CaskStack multi-tenant platform, your organization ("Partner" or "Tenant") agrees to be bound by all terms, boundaries, and disclaimers outlined herein.
SECTION 1: DESCRIPTION OF SERVICES & PLATFORM ACCESS
- (a) SaaS Delivery Model: CaskStack grants the Tenant a limited, non-exclusive, non-transferable, revocable license to access our cloud-native Direct-to-Consumer (DTC) CRM, marketing automation interfaces, and integrated compliance technical guardrails.
- (b) Account Isolation & Security Framework: Access is provisioned via isolated database query scopes (using our global
OrganizationScopematrix) to guarantee strict cryptographic and structural boundaries between independent beverage producers. The Tenant is entirely responsible for safeguarding all administrative passwords, team credentials, and API access keys contextually mapped to their unique subdomain. - (c) Super-Admin Impersonation: The Tenant explicitly acknowledges that platform infrastructure operators ("Super Admins") retain technical capabilities to securely log into tenant environments for troubleshooting, database diagnostics, or emergency operational assistance. Whenever active session context switching is triggered, a highly visible, high-contrast system banner will permanently indicate that access is currently running under an impersonated state.
SECTION 2: PROFESSIONAL DISCLAIMER & SAFE HARBOR
- (a) Not Legal Counsel or Compliance Officers: CaskStack provides a software-as-a-service (SaaS) platform featuring automated regulatory middleware, geographic parameter scoping, and marketing compliance tools ("Compliance-as-Code Engine"). The Partner explicitly acknowledges and agrees that CaskStack is a software provider and is not a licensed attorney, law firm, certified compliance officer, or regulatory consultant. No interaction with, or output generated by, the CaskStack platform creates an attorney-client relationship or a formal fiduciary duty of compliance representation.
- (b) Technical Guardrails Only: Any compliance indicators, ZIP code intercepts, automated marketing review metrics, visual sensitivity scans, or demographic logs provided by CaskStack are software-driven technical tools designed solely to assist the Partner’s internal staff. They do not constitute authoritative legal advice, binding statutory interpretations, or absolute legal insulation.
- (c) Partner’s Ultimate Responsibility: The Partner retains final, absolute operational and legal liability for all digital campaigns dispatched, age-verification gateway configurations deployed, product tags established, and alcoholic beverages shipped under their respective state and federal permits. It is the Partner’s sole statutory obligation to verify that their actions satisfy all local, state (including state alcoholic beverage control agency rules), and federal (TTB) laws. Wineries, breweries, and craft distilleries must independent-source legal validations before executing production campaigns in complex out-of-state distribution zones.
SECTION 3: INTEGRATED DATA PIPELINES & THIRD-PARTY INTEGRATIONS
- (a) External API Syncing Dependency: The platform natively syncs data bidirectionally with chosen downstream transactional engines, compliance injectors, point-of-sale systems, and third-party logistics firms (including Vinoshipper, Commerce7, and WineDirect integrations).
- (b) Rate-Limiting & Transmission Dropouts: CaskStack acts as an analytics and intelligence layer mapping customer context. CaskStack disclaims all liability for transaction lag, synchronization dropouts, third-party API rate-limiting blocks, or stock level alignment variances rooted in external system failures. Wineries must maintain fully clear, active accounts and valid API keys with their chosen integration drivers.
SECTION 4: DATA OWNERSHIP, COMPLIANCE LEASES, & AUDIT RECORD RETENTION
- (a) Proprietary Data Ownership: The Tenant retains all native rights, ownership, and title over subscriber list profiles, custom email layout templates, historical contact records, and transactional logs uploaded directly to the platform.
- (b) Systems Insights Usage: The Tenant grants CaskStack a non-exclusive, aggregated, anonymized, royalty-free license to parse standard system performance metrics, deliverability logs, and compliance validation trends to optimize systemic infrastructure security and machine logic models.
- (c) Federal Record Retention Mandate (3-Year Deferred Purge): Under the Federal Audit Mandate (27 CFR § 24.300), wine and spirits permittees are strictly required to maintain production, tax, shipping, and sales records for a minimum of three (3) years. Consequently, the Tenant acknowledges that CaskStack cannot instantly purge transaction histories or database records upon account closure. Closed accounts will transition to a read-only, suspended state, and full database hard deletion will be programmatically deferred until the 3-year statutory audit lifecycle is satisfied.
- (d) Data Portability: To maintain compliance with CCPA/GDPR parameters, Tenants requesting full data export payloads during active cycles will receive securely packaged, zipped, password-protected CSV archives delivered via temporary, cryptographically signed URLs.
SECTION 5: ACCEPTABLE USE POLICY & MESSAGING INTENT
- (a) Prohibited Actions: Wineries are strictly forbidden from utilizing CaskStack to systematically bypass localized option dry-county restrictions, deliberately inject fraudulent ZIP codes to bypass regional volume caps, or execute un-vetted spirits shipments to jurisdictions where Direct-to-Consumer spirits transit is statutorily prohibited.
- (b) High-Volume Broadcaster Mandate: All automated drip sequences, AI-generated email campaigns, and SMS outreach programs dispatched through platform servers (via Mailgun, Postmark, or tied carriers) must comply fully with international commercial communications parameters (CAN-SPAM Act, TCPA, and regional 10DLC carrier registrations). Sending deceptive content, utilizing un-aligned domains lacking SPF/DKIM validation, or purposefully executing campaigns that breach the industry standard 73.8% Legal Drinking Age (LDA) list demographic rules will trigger an immediate account review and potential suspension.
SECTION 6: BILLING, CAPACITY CONSTRAINTS, & DYNAMIC OVERAGES
- (a) Subscription Commitment: Payment for the CaskStack SaaS platform is billed on a tier-based advance cycle according to chosen account matrices (Pilot, Boutique, Estate, Reserve, Grand Cru, or Enterprise).
- (b) Dynamic Overage Mechanics: Pricing plans enforce rigid hard capacity thresholds regarding active contact databases, connected logistics fulfillment nodes, and analytical token consumption pools. Automated background synchronization sweeps or messaging volumes exceeding pre-allocated limits will dynamically draw from available credit balances or generate modular overage fees appended directly to the end of the active billing cycle.
SECTION 7: INTELLECTUAL PROPERTY & FEEDBACK LICENSING
- (a) Monopolization: All platform frameworks, source code directories, relational database schemas, structural "Compliance-as-Code" validation models, glassmorphic dark mode styling tokens, and internal proprietary software logic remain the absolute, exclusive intellectual property of CaskStack.
- (b) Feedback License: Any technical feature suggestions, code optimization tips, database adjustments, or interface improvement requests submitted by Partner teams to our developer boards may be implemented directly into the main application architecture with zero financial restriction or copyright compensation obligations owed to the Tenant.
SECTION 8: LIMITATION OF LIABILITY & INDEMNIFICATION
- (a) Cap on Actionable Damages: Under no operational context will CaskStack, its core developers, or parent nodes be held legally liable for secondary, incidental, punitive, or consequential damages resulting from platform utilization. This includes, but is not limited to, the direct loss of state or federal alcohol shipping privileges, heavy regulatory fines issued by state boards or the TTB, localized tax assessment penalisations, or systemic loss of brand revenue due to external dependency downtime.
- (b) Complete Indemnification Clause: The Partner agrees to defend, fully indemnify, and hold harmless CaskStack and its staff from any third-party claims, legal expenditures, state enforcement penalties, or cash damages stemming directly or indirectly from the Partner’s failure to maintain active shipping permits, authenticate local delivery parameters, or appropriately secure target location approvals before running distribution pipelines.