The URL can be used to link to this page

Home My WebLink AboutP-23-350 Pacific Insurance Network Systems Inc.pdf I DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 1 SERVICE AGREEMENT 2 This Service Agreement ("Agreement") is dated June 30, 2023 and is between Pacific 3 Insurance Network Systems, Inc., a Delaware Corporation ("Contractor"), and the County of 4 Fresno, a political subdivision of the State of California ("County"). 5 Recitals 6 A. WHEREAS, County requires contractors to meet minimum insurance requirements; and 7 B. WHEREAS, County contractors are required to send a certificate of insurance (COI) as 8 evidence coverage is in full force and effect; and 9 C. WHEREAS, County is in need of a certificate of insurance (COI) management software 10 solution; and 11 D. WHEREAS, Contractor represents it has an appropriate COI management software 12 solution; 13 The parties therefore agree as follows: 14 Article 1 15 Contractor's Services 16 1.1 Scope of Services. The Contractor shall perform all of the services provided in 17 Exhibit A to this Agreement, entitled "Order Form, County of Fresno". 18 1.2 Representation. The Contractor represents that it is qualified, ready, willing, and 19 able to perform all of the services provided in this Agreement. 20 1.3 Compliance with Laws. The Contractor shall, at its own cost, comply with all 21 applicable federal, state, and local laws and regulations in the performance of its obligations 22 under this Agreement, including but not limited to workers compensation, labor, and 23 confidentiality laws and regulations. 24 1.4 License Term. Contractor hereby grants County for the Term of this Agreement a 25 non-transferable license, at the costs set forth herein, to use the Contractor's Software Services 26 and Professional Services, as defined in Exhibit A in object code only for County's internal 27 business purposes (and not to process the data of any other entity or agency, except to the 28 extent the other entity or agency uses the County's public facing site). The County shall be 1 I DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 1 entitled, at no additional cost, to Software updates, enhancements, new versions, bug fixes, 2 other improvements to the Software and access to the Software to the extent provided generally 3 to Contractor's other customers, and to technical assistance relating to the Software, for the 4 Term described in this Agreement. 5 1.5 Viruses & Disabling Mechanisms. Contractor shall use commercially reasonable, 6 diligent measures to screen the licensed programs provided under this Agreement to avoid 7 introducing, or coding of, any virus or other destructive programming designed to permit 8 unauthorized access or use by third parties to the software installed on County's systems (as 9 defined in Exhibit A), or to disable or damage the County's systems (each, a "Virus"). Without 10 limiting the rights and remedies of the County, in the event any Virus is introduced into the 11 County's systems through any of the licensed programs provided under this Agreement, 12 whether or not such introduction is attributable to the Contractor (including the Contractor's 13 failure to perform its obligations under this Agreement), the Contractor shall, as soon as 14 practicable, use its diligent, commercially reasonable efforts to assist the County in eliminating 15 the effects of the Virus, and if the Virus causes a loss of operational efficiency or loss of data, 16 and upon the County's request, Contractor will, diligently work as soon as practicable to contain 17 and remedy the problem and to restore lost data resulting from the introduction of such Virus. 18 Contractor shall not insert into any of the licensed programs provided in this Agreement any 19 code or other device that would have the effect of disabling or otherwise shutting down all or 20 any portion of the licensed programs. Contractor shall not invoke such code or other device at 21 any time, including upon expiration or termination of this Agreement for any reason. This 22 section survives the termination of this Agreement. 23 Article 2 24 Compensation, Invoices, and Payments 25 2.1 The County agrees to pay, and the Contractor agrees to receive, compensation for 26 the performance of its services under this Agreement as described in Exhibit A to this 27 Agreement, titled "Order Form, County of Fresno". 28 2 I DocuSign Envelope ID: 180C443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 1 2.2 Maximum Compensation. The maximum compensation payable to the Contractor 2 under this Agreement for the primary three-year term is $38,150. The total maximum 3 compensation for the first potential one-year extension is $16,350. The total maximum 4 compensation for the second potential one-year extension is $16,350. The total maximum 5 compensation payable to the Contractor under this potential five-year Agreement is $59,950. 6 The Contractor acknowledges that the County is a local government entity, and does so with 7 notice that the County's powers are limited by the California Constitution and by State law, and 8 with notice that the Contractor may receive compensation under this Agreement only for 9 services performed according to the terms of this Agreement and while this Agreement is in 10 effect, and subject to the maximum amount payable under this section. The Contractor further 11 acknowledges that County employees have no authority to pay the Contractor except as 12 expressly provided in this Agreement. 13 2.3 Invoices. The Contractor shall submit monthly invoices to the Human Resources- 14 Risk Management Contract Analyst, 2220 Tulare St., Fresno, CA 93721, 15 HRRiskContracts(a)fresnocountyca.go, . The Contractor shall submit each invoice within 60 16 days after the month in which the Contractor performs services and in any case within 60 days 17 after the end of the term or termination of this Agreement. 18 2.4 Payment. The County shall pay each correctly completed and timely submitted 19 invoice within 45 days after receipt. The County shall remit any payment to the Contractor's 20 address specified in the invoice. 21 2.5 Incidental Expenses. The Contractor is solely responsible for all of its costs and 22 expenses that are not specified as payable by the County under this Agreement. 23 Article 3 24 Term of Agreement 25 3.1 Term. This Agreement's Effective Date is June 30, 2023, and terminates on June 29, 26 2026, except as provided in section 4.2, "Extension," or Article 5, "Termination and Suspension," 27 below. 28 3 I DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 1 3.2 Extension. The term of this Agreement will be extended for no more than two, one- 2 year periods upon the occurrence of the following (a) if Contractor seeks a fee increase for the 3 next one-year extension period, Contractor provides County with a new order form at least 90 4 days before the first day of the next one-year extension period, and (b) the County provides 5 written notice at least 60 days before the first day of the next one-year extension period. The 6 extension of this Agreement by the County is not a waiver or compromise of any default or 7 breach of this Agreement by the Contractor existing at the time of the extension whether or not 8 known to the County. 9 Article 4 10 Notices 11 4.1 Contact Information. The persons and their addresses having authority to give and 12 receive notices provided for or permitted under this Agreement include the following: 13 For the County: 14 Director of Human Resources County of Fresno 15 2220 Tulare St. Fresno, CA 93721 16 nrrlsKcontracts(a�fresnocountyca.gov 17 For the Contractor: CEO 18 Pacific Insurance Network Systems, Inc. PO Box 180129 19 Coronado, CA 92178 krose@pinsadvantage.com 20 4.2 Change of Contact Information. Either party may change the information in section 21 5.1 by giving notice as provided in section 5.3. 22 4.3 Method of Delivery. Each notice between the County and the Contractor provided 23 for or permitted under this Agreement must be in writing, state that it is a notice provided under 24 this Agreement, and be delivered either by personal service, by first-class United States mail, by 25 an overnight commercial courier service, by telephonic facsimile transmission, or by Portable 26 Document Format (PDF) document attached to an email. 27 (A) A notice delivered by personal service is effective upon service to the recipient. 28 4 I DocuSign Envelope ID: 180C443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 1 (B) A notice delivered by first-class United States mail is effective three County 2 business days after deposit in the United States mail, postage prepaid, addressed to the 3 recipient. 4 (C)A notice delivered by an overnight commercial courier service is effective one 5 County business day after deposit with the overnight commercial courier service, 6 delivery fees prepaid, with delivery instructions given for next day delivery, addressed to 7 the recipient. 8 (D)A notice delivered by telephonic facsimile transmission or by PDF document 9 attached to an email is effective when transmission to the recipient is completed (but, if 10 such transmission is completed outside of County business hours, then such delivery is 11 deemed to be effective at the next beginning of a County business day), provided that 12 the sender maintains a machine record of the completed transmission. 13 4.4 Claims Presentation. For all claims arising from or related to this Agreement, 14 nothing in this Agreement establishes, waives, or modifies any claims presentation 15 requirements or procedures provided by law, including the Government Claims Act (Division 3.6 16 of Title 1 of the Government Code, beginning with section 810). 17 Article 5 18 Termination and Suspension 19 5.1 Termination for Non-Allocation of Funds. The terms of this Agreement are 20 contingent on the approval of funds by the appropriating government agency. If sufficient funds 21 are not allocated, then the County, upon at least 30 days' advance written notice to the 22 Contractor, may: 23 (A) Modify the services provided by the Contractor under this Agreement; or 24 (B) Terminate this Agreement. 25 5.2 Termination for Breach. 26 (A) Upon determining that a breach (as defined in paragraph (C) below) has 27 occurred, the County may give written notice of the breach to the Contractor. The written 28 5 I DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 1 notice may suspend performance under this Agreement, and must provide at least 30 2 days for the Contractor to cure the breach. 3 (B) If the Contractor fails to cure the breach to the County's satisfaction within the 4 time stated in the written notice, the County may terminate this Agreement immediately. 5 (C) For purposes of this section, a breach occurs when, in the determination of the 6 County, the Contractor has: 7 (1) Obtained or used funds illegally or improperly; 8 (2) Failed to comply with any part of this Agreement; 9 (3) Submitted a substantially incorrect or incomplete report to the County; or 10 (4) Improperly performed any of its obligations under this Agreement. 11 5.3 Termination without Cause. In circumstances other than those set forth above, the 12 County may terminate this Agreement by giving at least 30 days advance written notice to the 13 Contractor. 14 5.4 No Penalty or Further Obligation. Any termination of this Agreement by the County 15 under this Article 5 is without penalty to or further obligation of the County. 16 5.5 County's Rights upon Termination. Upon termination for breach under this Article 17 5, the County may demand repayment by the Contractor of any monies disbursed to the 18 Contractor under this Agreement that, in the County's sole judgment, were not expended in 19 compliance with this Agreement. The Contractor shall promptly refund all such monies upon 20 demand. This section survives the termination of this Agreement. 21 Article 6 22 Independent Contractor 23 6.1 Status. In performing under this Agreement, the Contractor, including its officers, 24 agents, employees, and volunteers, is at all times acting and performing as an independent 25 contractor, in an independent capacity, and not as an officer, agent, servant, employee, joint 26 venturer, partner, or associate of the County. 27 28 6 I DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 1 6.2 Verifying Performance. The County has no right to control, supervise, or direct the 2 manner or method of the Contractor's performance under this Agreement, but the County may 3 verify that the Contractor is performing according to the terms of this Agreement. 4 6.3 Benefits. Because of its status as an independent contractor, the Contractor has no 5 right to employment rights or benefits available to County employees. The Contractor is solely 6 responsible for providing to its own employees all employee benefits required by law. The 7 Contractor shall save the County harmless from all matters relating to the payment of 8 Contractor's employees, including compliance with Social Security withholding and all related 9 regulations. 10 6.4 Services to Others. The parties acknowledge that, during the term of this 11 Agreement, the Contractor may provide services to others unrelated to the County. 12 Article 7 13 Indemnity and Defense 14 7.1 Indemnity. The Contractor shall indemnify and hold harmless and defend the 15 County (including its officers, agents, employees, and volunteers) against all claims, demands, 16 injuries, damages, costs, expenses (including attorney fees and costs), fines, penalties, and 17 liabilities of any kind, except where otherwise expressly stated in this Agreement, to the County, 18 the Contractor, or any third party that arise from or relate to the performance or failure to 19 perform by the Contractor (or any of its officers, agents, subcontractors, or employees) under 20 this Agreement. The County may conduct or participate in its own defense without affecting the 21 Contractor's obligation to indemnify and hold harmless or defend the County. 22 7.2 Survival. This Article 7 survives the termination of this Agreement. 23 Article 8 24 8.1 The Contractor shall comply with the data security requirements in Exhibit J to this 25 Agreement. Exhibit J is attached and incorporated by this reference. 26 27 28 7 I DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 1 Article 9 2 Insurance 3 9.1 The Contractor shall comply with all the insurance requirements in Exhibit C to this 4 Agreement. 5 Article 10 6 Inspections, Audits, and Public Records 7 10.1 Inspection of Documents. The Contractor shall make available to the County, and 8 the County may examine at any time during business hours and as often as the County deems 9 necessary, all of the Contractor's records and data with respect to the matters covered by this 10 Agreement, excluding attorney-client privileged communications. The Contractor shall, upon 11 request by the County, permit the County to audit and inspect all of such records and data to 12 ensure the Contractor's compliance with the terms of this Agreement. 13 10.2 State Audit Requirements. If the compensation to be paid by the County under this 14 Agreement exceeds $10,000, the Contractor is subject to the examination and audit of the 15 California State Auditor, as provided in Government Code section 8546.7, for a period of three 16 years after final payment under this Agreement. This section survives the termination of this 17 Agreement. 18 10.3 Public Records. The County is not limited in any manner with respect to its public 19 disclosure of this Agreement or any record or data that the Contractor may provide to the 20 County. The County's public disclosure of this Agreement or any record or data that the 21 Contractor may provide to the County may include but is not limited to the following: 22 (A) The County may voluntarily, or upon request by any member of the public or 23 governmental agency, disclose this Agreement to the public or such governmental 24 agency. 25 (B) The County may voluntarily, or upon request by any member of the public or 26 governmental agency, disclose to the public or such governmental agency any record or 27 data that the Contractor may provide to the County, unless such disclosure is prohibited 28 by court order. 8 I DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 1 (C)This Agreement, and any record or data that the Contractor may provide to the 2 County, is subject to public disclosure under the Ralph M. Brown Act (California 3 Government Code, Title 5, Division 2, Part 1, Chapter 9, beginning with section 54950). 4 (D)This Agreement, and any record or data that the Contractor may provide to the 5 County, is subject to public disclosure as a public record under the California Public 6 Records Act (California Government Code, Title 1, Division 10, Chapter 3, beginning 7 with section 7920.200) ("CPRA"). 8 (E) This Agreement, and any record or data that the Contractor may provide to the 9 County, is subject to public disclosure as information concerning the conduct of the 10 people's business of the State of California under California Constitution, Article 1, 11 section 3, subdivision (b). 12 (F) Any marking of confidentiality or restricted access upon or otherwise made with 13 respect to any record or data that the Contractor may provide to the County shall be 14 disregarded and have no effect on the County's right or duty to disclose to the public or 15 governmental agency any such record or data. 16 10.4 Public Records Act Requests. If the County receives a written or oral request 17 under the CPRA to publicly disclose any record that is in the Contractor's possession or control, 18 and which the County has a right, under any provision of this Agreement or applicable law, to 19 possess or control, then the County may demand, in writing, that the Contractor deliver to the 20 County, for purposes of public disclosure, the requested records that may be in the possession 21 or control of the Contractor. Within five business days after the County's demand, the 22 Contractor shall (a) deliver to the County all of the requested records that are in the Contractor's 23 possession or control, together with a written statement that the Contractor, after conducting a 24 diligent search, has produced all requested records that are in the Contractor's possession or 25 control, or (b) provide to the County a written statement that the Contractor, after conducting a 26 diligent search, does not possess or control any of the requested records. The Contractor shall 27 cooperate with the County with respect to any County demand for such records. If the 28 Contractor wishes to assert that any specific record or data is exempt from disclosure under the 9 I DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 1 CPRA or other applicable law, it must deliver the record or data to the County and assert the 2 exemption by citation to specific legal authority within the written statement that it provides to 3 the County under this section. The Contractor's assertion of any exemption from disclosure is 4 not binding on the County, but the County will give at least 10 days' advance written notice to 5 the Contractor before disclosing any record subject to the Contractor's assertion of exemption 6 from disclosure. The Contractor shall indemnify the County for any court-ordered award of costs 7 or attorney's fees under the CPRA that results from the Contractor's delay, claim of exemption, 8 failure to produce any such records, or failure to cooperate with the County with respect to any 9 County demand for any such records. 10 Article 11 11 Disclosure of Self-Dealing Transactions 12 11.1 Applicability. This Article 11 applies if the Contractor is operating as a corporation, 13 or changes its status to operate as a corporation. 14 11.2 Duty to Disclose. If any member of the Contractor's board of directors is party to a 15 self-dealing transaction, he or she shall disclose the transaction by completing and signing a 16 "Self-Dealing Transaction Disclosure Form" (Exhibit B to this Agreement) and submitting it to the 17 County before commencing the transaction or immediately after. 18 11.3 Definition. "Self-dealing transaction" means a transaction to which the Contractor is 19 a party and in which one or more of its directors, as an individual, has a material financial 20 interest. 21 Article 12 22 General Terms 23 12.1 Modification. Except as provided in Article 5, "Termination and Suspension," this 24 Agreement may not be modified, and no waiver is effective, except by written agreement signed 25 by both parties. The Contractor acknowledges that County employees have no authority to 26 modify this Agreement except as expressly provided in this Agreement. 27 12.2 Governing Law. The laws of the State of California govern all matters arising from 28 or related to this Agreement. 10 I DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 1 12.3 Jurisdiction and Venue. This Agreement is signed and performed in Fresno 2 County, California. Contractor consents to California jurisdiction for actions arising from or 3 related to this Agreement, and, subject to the Government Claims Act, all such actions must be 4 brought and maintained in Fresno County. 5 12.4 Construction. The final form of this Agreement is the result of the parties' combined 6 efforts. If anything in this Agreement is found by a court of competent jurisdiction to be 7 ambiguous, that ambiguity shall not be resolved by construing the terms of this Agreement 8 against either party. 9 12.5 Days. Unless otherwise specified, "days" means calendar days. 10 12.6 Headings. The headings and section titles in this Agreement are for convenience 11 only and are not part of this Agreement. 12 12.7 Severability. If anything in this Agreement is found by a court of competent 13 jurisdiction to be unlawful or otherwise unenforceable, the balance of this Agreement remains in 14 effect, and the parties shall make best efforts to replace the unlawful or unenforceable part of 15 this Agreement with lawful and enforceable terms intended to accomplish the parties' original 16 intent. 17 12.8 Nondiscrimination. During the performance of this Agreement, the Contractor shall 18 not unlawfully discriminate against any employee or applicant for employment, or recipient of 19 services, because of race, religious creed, color, national origin, ancestry, physical disability, 20 mental disability, medical condition, genetic information, marital status, sex, gender, gender 21 identity, gender expression, age, sexual orientation, military status or veteran status pursuant to 22 all applicable State of California and federal statutes and regulation. 23 12.9 No Waiver. Payment, waiver, or discharge by the County of any liability or obligation 24 of the Contractor under this Agreement on any one or more occasions is not a waiver of 25 performance of any continuing or other obligation of the Contractor and does not prohibit 26 enforcement by the County of any obligation on any other occasion. 27 12.10 Agent for Service of Process. Contractor represents to County that Contractor's 28 agent for service of process is in California, and that such agent's address for receiving such 11 I DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 1 service of process in California, which information Contractor shall maintain with the office of the 2 California Secretary of State, is as follows: 3 Katy Rose, PO Box 180129, Coronado, CA 92178 4 12.11 Entire Agreement. This Agreement, including its exhibits, is the entire agreement 5 between the Contractor and the County with respect to the subject matter of this Agreement, 6 and it supersedes all previous negotiations, proposals, commitments, writings, advertisements, 7 publications, and understandings of any nature unless those things are expressly included in 8 this Agreement. If there is any inconsistency between the terms of this Agreement without its 9 exhibits and the terms of the exhibits, then the inconsistency will be resolved by giving 10 precedence first to the terms of this Agreement without its exhibits, and then to the terms in the 11 following hierarchy, of 2) Exhibit D-Data Security; 3) Exhibit C-Insurance Requirements; 4) 12 Exhibit A-Order Form, and 5) Exhibit B-Self-dealing Disclosure Form. 13 12.12 No Third-Party Beneficiaries. This Agreement does not and is not intended to 14 create any rights or obligations for any person or entity except for the parties. 15 12.13 Authorized Signature. The Contractor represents and warrants to the County that: 16 (A) The Contractor is duly authorized and empowered to sign and perform its 17 obligations under this Agreement. 18 (B) The individual signing this Agreement on behalf of the Contractor is duly 19 authorized to do so and his or her signature on this Agreement legally binds the 20 Contractor to the terms of this Agreement. 21 12.14 Electronic Signatures. The parties agree that this Agreement may be executed by 22 electronic signature as provided in this section. 23 (A) An "electronic signature" means any symbol or process intended by an individual 24 signing this Agreement to represent their signature, including but not limited to (1) a 25 digital signature; (2) a faxed version of an original handwritten signature; or (3) an 26 electronically scanned and transmitted (for example by PDF document) version of an 27 original handwritten signature. 28 12 I DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 1 (B) Each electronic signature affixed or attached to this Agreement (1) is deemed 2 equivalent to a valid original handwritten signature of the person signing this Agreement 3 for all purposes, including but not limited to evidentiary proof in any administrative or 4 judicial proceeding, and (2) has the same force and effect as the valid original 5 handwritten signature of that person. 6 (C)The provisions of this section satisfy the requirements of Civil Code section 7 1633.5, subdivision (b), in the Uniform Electronic Transaction Act (Civil Code, Division 3, 8 Part 2, Title 2.5, beginning with section 1633.1). 9 (D) Each party using a digital signature represents that it has undertaken and 10 satisfied the requirements of Government Code section 16.5, subdivision (a), 11 paragraphs (1) through (5), and agrees that each other party may rely upon that 12 representation. 13 (E) This Agreement is not conditioned upon the parties conducting the transactions 14 under it by electronic means and either party may sign this Agreement with an original 15 handwritten signature. 16 12.15 Counterparts. This Agreement may be signed in counterparts, each of which is an 17 original, and all of which together constitute this Agreement. 18 [SIGNATURE PAGE FOLLOWS] 19 20 21 22 23 24 25 26 27 28 13 I DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 1 The parties are signing this Agreement on the date stated in the introductory clause. 2 PACIFIC INSURANCE NETWORK COUNTY OF FRESNO 3 SYSTEMS, INC. 4 CDocusigned by: Digitally signed by Gary Cornuelle ry p SL Gary Cornuelle Date:2023.06.30 13:06:38-07'00' BEE199A0EEE94C1... 5 Katy mu w, GE-0 Gary E. Cornuelle, Purchasing Manager 6 PO Box 180129 Coronado, CA 92178 7 8 For accounting use only: 9 Org No.: 7288 10 Account No.: 89250100 Fund No.: 1060 11 Subclass No.: 10000 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 14 DocuSign Envelope ID: 180C443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 PINS Page 1 of 7 Exhibit A Reference Number: 20230403-150903658 Order Form: County of Fresno County of Fresno Department of Human Resources 2220 Tulare St. Fresno, CA 93721 Reference: 20230403-150903658 Effective Date: June 30, 2023 Initial Subscription Term: 12 Months Comments: The pricing in this Order Form is effective for the first two (2) annual subscription terms. Years 3-5 are subject to pricing increases per the Service Agreement ("Agreement") terms. Products & Services Name & Description Quantity Unit Net Price Price Annual Subscription - Level 4 1 $9,900.00 $9,900.00 /year Store 3,000 Records, Unlimited Users, / year for 1 year Unlimited Departments Add-on Module: OCR 1 $1,000.00 $1,000.00 /year Optical Character Recognition / year for 1 year DocuSign Envelope ID: 180C443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 PINS Page 2of7 Exhibit A Reference Number: 20230403-150903658 User Onboarding - Public Entity 1 $0.00 $0.00 During the Guided Implementation, PINS shall provide the customer with: 1) A high-level workflow of how the customer's organization will implement PINS into their existing processes. 2) Gathers a list of all users the customer needs set up within their PINS account and configures those users with PINS access & proper permission settings. 3) Builds out the customer's desired department and job structure. 4) Builds out the customer's pre-approved insurance requirement templates & email templates. 5) Guides customer's end-users through 3 hours of webinar-based software training. *Additional training can be purchased at $250 USD/hour. Subtotals Annual subtotal $10,900.00 One-time subtotal $0.00 Total $10,900.00 Purchase terms An Invoice for the payment amount specified in this Order Form will be generated upon signature of the Order Form. Customer shall pay each correctly completed and timely submitted invoice within 45 days after receipt. Customer shall remit any payment to the Contractor's address specified in the invoice. The subscription start date is equal to the Effective Date identified on this Order Form. This Order Form is issued under and subject to the PINS Advantage Master Terms and Conditions in Exhibit A (the "Terms and Conditions"). If any provision of this Order Form conflicts with the Terms and Conditions, then this Order Form shall control only for the quantity, price, and order terms set forth in the Order Form. Prices are final and orders are non--cancellable and non--refundable. Orders are not contingent on, and DocuSign Envelope ID: 180C443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 PINS Page 3of7 Exhibit A Reference Number: 20230403-150903658 Customer has not relied on, the delivery of any future functionality regardless of any communication about PINS future plans. Any terms or conditions contained in any Purchase Order or other similar form shall have no effect even if signed by the parties after the date hereof. Questions? Contact me Brian Snider Sales Operations Manager bsnider@pinsadvantage.com PINS Advantage 973 W Laurel St San Diego, CA 92101 DocuSign Envelope ID: 180C443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 PINS Page 4of7 Exhibit A Reference Number: 20230403-150903658 PINS ADVANTAGE MASTER TERMS AND CONDITIONS 1. Order Form number of certificates, number of designated users, or number of departments indicated on the Order Form 1. Pacific Insurance ("Limits"). As used herein, "Users" means any person Network Systems, Inc., a Delaware corporation ("PINS' ,and Customer have entered into an order form for the granted access to the Software Services by or on behalf of Customer, including, but not limited to, any insurance provision of identified software services (the "Software brokers and/or agents. Subject to the terms of the Services") and professional services (the "Professional Agreement, PINS will use commercially reasonable efforts Services") (collectively, the "Services") to Customer to provide Customer the Services. subject to and governed by these PINSAdvantage Master Terms and Conditions (the "Initial Order Form"). At any 2.2 Subject to the time hereafter Customer and PINS may enter into additional terms hereof, PINS will provide Customer with reasonable order forms, agreements or documents subject to the technical support services in accordance with its standard Agreement for the purchase of additional services (each an practices via electronic mail on weekdays during the hours "Additional Order Form"). The Initial Order Form and any of 9:00 AM through 5:00 PM Pacific time, with the exclusion Additional Order Form shall be referred to herein individually of Federal holidays. PINS will use commercially reasonable as an "Order Form"and collectively as the "Order Forms." efforts to respond to all support requests within one (1) Capitalized terms used but not defined herein shall have the business day. meanings set forth in the Order Forms. 3. RESTRICTIONS AND 1.2 PINS' terms and RESPONSIBILITIES conditions and privacy policy made available through the 3.1 Customer will not, Software Services, as may be updated from time to time, directly or indirectly: reverse engineer, decompile, provided however, the County shall be given 30 days' disassemble or otherwise attempt to discover the source advance written notice of any such updates. ("Usage code, object code or underlying structure, ideas, know-how Terms") are incorporated herein by this reference. The or algorithms relevant to the Software Services or any Order Form, these PINSAdvantage Master Terms and software, documentation or data related to the Software Conditions, and the Usage Terms shall collectively be Services (collectively "Software'; modify, translate, or referred to herein as the "Order Form Terms and create derivative works based on the Software Services or Conditions." In the event of a conflict or inconsistency any Software (except to the extent expressly permitted by between an Order Form, Usage Terms and PINSAdvantage PINS or authorized within the Services); use the Software Master Terms and Conditions, a particular Order Form will Services or any Software for timesharing or service bureau govern over and control the PINSAdvantage Master Terms purposes or otherwise for the benefit of a third-party; or and Conditions and, taken together an order form and remove any proprietary notices or labels. PINSAdvantage Master Terms and Conditions shall govern over and control the Usage Terms. Provided however, the 3.2 Customer may not Order Form, Usage Terms and PINSAdvantage Master remove or export from the United States or allow the export Terms and Conditions, and any particular Order Form shall or re-export of the Software Services, Software or anything be subject to the order of priorities of documents in the related thereto, or any direct product thereof in violation of Agreement under Section 12.10 thereof. any restrictions, laws or regulations of the United States Department of Commerce, the United States Department of 2. SERVICES AND Treasury Office of Foreign Assets Control, or any other SUPPORT United States or foreign agency or authority. As defined in 2.1 Subject to FAR section 2.101, the Software and documentation are Customer's compliance with the Agreement, PINS will make "commercial items" and according to DFAR section the Software Services available to Customer and its Users 252.227-7014(a)(1) and (5) are deemed to be "commercial to the extent set forth in the applicable Order Form, solely computer software" and "commercial computer software for internal use within the United States. PINS shall provide documentation." Consistent with DFAR section 227.7202 the Professional Services listed on the applicable Order and FAR section 12.212, any use modification, Form, if any, in accordance with the specifications set forth reproduction, release, performance, display, or disclosure of in the associated statement of work relating to such such commercial software or commercial software Professional Services. Customer shall not exceed limits on documentation by the U.S. Government will be governed DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 PINS Page 5of7 Exhibit A Reference Number: 20230403-150903658 solely by the terms of the Agreement and will be prohibited the Receiving Party can document (a) is or becomes except to the extent expressly permitted by the terms of the generally available to the public, or(b) was in its possession Agreement. or known by it prior to receipt from the Disclosing Party, or 3.3 Customer (c)was rightfully disclosed to it without restriction by a third represents, covenants, and warrants that Customer will use party, or (d)was independently developed without use of the Software Services only in compliance with the any Proprietary Information of the Disclosing Party, or (e) is Agreement and all applicable laws and regulations. required to be disclosed by law,or(f)is permitted or required Customer hereby agrees to indemnify and hold harmless to be disclosed pursuant to the Agreement. PINS against any damages, losses, liabilities, settlements 4.2 Customer shall and expenses (including without limitation costs and own all right, title and interest in and to the Customer Data attorneys' fees) in connection with any claim or action that and all intellectual property rights related to the Customer arises from an alleged violation of the foregoing or otherwise Data. from Customer's negligent or wrongful use of Software 4.3 PINS may monitor Services. Although PINS has no obligation to monitor Customer's use of the Software Services and collect and Customer's use of the Software Services, PINS may do so compile data and information related to Customer's use of and may prohibit any use of the Software Services it the Software Services that is used by Provider in an believes may be (or alleged to be) in violation of the aggregate and anonymized manner, including to compile foregoing. statistical and performance information related to the 3.4 Customer shall be provision and operation of the Software Services responsible for obtaining and maintaining any equipment ("Aggregated Statistics"). Customer acknowledges that and ancillary services needed to connect to, access or PINS may compile Aggregated Statistics. Customer agrees otherwise use the Software Services, including, without that PINS may (i) make Aggregated Statistics publicly limitation, modems, hardware, servers, software, operating available in compliance with applicable law, and (ii) use systems, networking, web servers and the like (collectively, Aggregated Statistics to the extent and in the manner "Equipment"). Customer shall also be responsible for permitted under applicable law; provided in each case that maintaining the security of the Equipment, Customer such Aggregated Statistics do not identify Customer or account, passwords (including but not limited to Customer's Confidential Information. administrative and user passwords) and files, and for all 4.4 If Customer or any uses of Customer account by Users, with or without of its employees or contractors sends or transmits any Customer's knowledge or consent, and for all uses of the communications or materials to PINS suggesting or Equipment with or without Customer's knowledge or recommending changes to the Services, including without consent. limitation, new features or functionality relating thereto, or 4. CONFIDENTIALITY; any comments, questions, suggestions, or the like PROPRIETARY RIGHTS ("Feedback's, PINS is free to use such Feedback 4.1 Each party (the irrespective of any other obligation or limitation between the "Receiving Party") understands that the other party (the Parties governing such Feedback. "Disclosing Party")has disclosed (to the Receiving Party), 4.5 PINS shall own or may disclose, certain proprietary information relating to and retain all right, title and interest in and to: (a) the each Party's obligations under the Agreement (hereinafter Software Services and Software, and all improvements, referred to as "Proprietary Information"of the Disclosing enhancements or modifications thereto, (b) any software, Party). Proprietary Information of PINS includes non-public applications, inventions, or other technology developed in information regarding features, functionality and connection with the Professional Services or support, (c) all performance of the Services. Proprietary Information of Aggregated Statistics, (d) Feedback, and (e) all intellectual Customer includes non-public data provided by Customer or property rights related to any of the foregoing. Users to PINS in connection with or to enable the provision 5. PAYMENT OF FEES of the Services ("Customer Data"). The Receiving Party agrees: (i)to take reasonable precautions to protect such 5.1 Pricing is outlined Proprietary Information, and (ii) not to use (except in in the applicable Order Form. Subscription Fees ("Fees' performance of the Services or as otherwise permitted will be invoiced on the dates set forth in the Order Form. If herein) or divulge to any third person any such Proprietary Customer exceeds the Limits, PINS shall provide written Information. The Disclosing Party agrees that the foregoing notice of excess use to Customer. If Customer fails to shall not apply with respect to any information after five (5) comply with the Limits within (30) days of receipt of written years following the disclosure thereof or any information that notice, PINS will invoice Customer at the rate designated for DocuSign Envelope ID: 180C443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 PINS Page 6of7 Exhibit A Reference Number: 20230403-150903658 the subscription level reflecting Customer's actual usage days, but thereafter PINS shall certify to Customer that then in effect, prorated from the date of the original written stored Customer Data has been deleted. notice. 7. WARRANTY AND 5.2 PINS reserves the DISCLAIMER right to change the Fees and to institute new Fees at the end PINS shall use reasonable efforts consistent with of the second annual subscription term and each successive prevailing industry standards to maintain the Software term, upon ninety (90)days prior notice to Customer(under Services in a manner which minimizes errors and the notice provisions of Article 4 of the Agreement). If interruptions in the Software Services and shall perform the Customer believes that PINS has billed Customer Professional Services in a professional and workmanlike incorrectly, Customer must contact PINS no later than sixty manner. Software Services may be temporarily unavailable (60) days after the closing date on the first billing statement for scheduled maintenance or for unscheduled emergency in which the error or problem appeared, in order to receive maintenance, either by PINS or by third-party providers, or an adjustment or credit. because of other causes beyond PINS' reasonable control, 5.3 Unpaid amounts but PINS shall use reasonable efforts to provide advance are subject to a finance charge of 1.5% per month on any notice in writing or by e-mail of any scheduled service outstanding balance, or the maximum permitted by law, disruption. HOWEVER, PINS DOES NOT WARRANT THAT whichever is lower, plus all expenses of collection. PINS THE SOFTWARE SERVICES OR THE PROFESSIONAL reserves the right to suspend provision of services with 30 SERVICES WILL BE UNINTERRUPTED OR ERROR days written notice if Customer is overdue on a payment. FREE; NOR DOES IT MAKE ANY WARRANTY AS TO THE Customer shall be responsible for all taxes associated with RESULTS THAT MAY BE OBTAINED FROM USE OF THE Services other than U.S. taxes based on PINS' net income. SERVICES. EXCEPT AS EXPRESSLY SET FORTH IN Except to the extent that Customer provides PINS with a THIS SECTION, THE SERVICES ARE PROVIDED "AS IS" valid exemption certificate, if PINS has the legal obligation AND PINS DISCLAIMS ALL WARRANTIES, EXPRESS OR to pay or collect sales, use,excise, and other taxes for which IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED Customer is responsible, Customer shall be invoiced for and WARRANTIES OF MERCHANTABILITY AND FITNESS agrees to pay all such taxes. FOR A PARTICULAR PURPOSE AND NOW 6. TERM AND INFRINGEMENT. TERMINATION 8. INDEMNITY 6.1 The term of the PINS shall indemnify and hold Customer harmless from Agreement will begin on the Effective Date of the Initial liability to third parties resulting from infringement by the Order Form and continue until all subscriptions granted in Services of any United States patent or any copyright or accordance with all Order Forms subject to the Agreement have expired or terminated ("Term"). The "Subscription misappropriation of any trade secret, provided PINS is Term" under an Order Form will begin on the subscription promptly notified of any and all threats, claims and start date specified in the Order Form and continue for the proceedings related thereto and given reasonable time set forth therein. assistance and the opportunity to assume sole control over defense and settlement. PINS will not be responsible for any 6.2 In addition to any settlement it does not approve in writing. The foregoing other remedies it may have, either party may also terminate obligations do not apply with respect to portions or the Agreement upon thirty (30) days' notice (or without components of the Services (i) not supplied by PINS, (ii) advanced notice in the case of nonpayment), if the other made in whole or in part in accordance with Customer party materially breaches any of the terms or conditions of specifications, (iii) that are modified after delivery by PINS, the Agreement. Customer will pay in full for the Services up (iv) combined with other products, processes or materials to and including the last day on which the Services are where the alleged infringement relates to such combination, provided.All sections of the Agreement which by their nature (v) where Customer continues allegedly infringing activity should survive termination will survive termination, after being notified thereof or after being informed of including, without limitation, indemnification obligations of modifications that would have avoided the alleged Customer, accrued rights to payment, confidentiality infringement, or (vi) where Customer's use of the Services obligations, warranty disclaimers, and limitations of liability is not strictly in accordance with the Agreement. If, due to a claim of infringement, the Services are held by a court of 6.3 Upon any termination, PINS will make all Customer Data available to competent jurisdiction to be or are believed by PINS to be Customer for electronic retrieval for a period of thirty (30) infringing, PINS may, at its option and expense (a) replace or modify the Services to be non-infringing provided that such modification or replacement contains substantially DocuSign Envelope ID: 180C443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 PINS Page 7of7 Exhibit A Reference Number: 20230403-150903658 similar features and functionality, (b) obtain for Customer a license to continue using the Services, or(c) if neither of the foregoing is commercially practicable, terminate the Agreement and Customer's rights hereunder and provide Customer a refund of any prepaid, unused fees for the Services. THE RIGHTS PROVIDED IN THIS SECTION SHALL BE THE EXCLUSIVE REMEDY OF CUSTOMER FOR CLAIMS FOR INFRINGEMENT. LIMITATION OF LIABILITY NOTWITHSTANDING ANYTHING TO THE CONTRARY, EXCEPT FOR BODILY INJURY OF A PERSON, PINS AND ITS SUPPLIERS (INCLUDING BUT NOT LIMITED TO ALL EQUIPMENT AND TECHNOLOGY SUPPLIERS), OFFICERS, AFFILIATES, REPRESENTATIVES, CONTRACTORS AND EMPLOYEES SHALL NOT BE RESPONSIBLE OR LIABLE WITH RESPECT TO ANY SUBJECT MATTER OF THE AGREEMENT OR TERMS AND CONDITIONS RELATED THERETO UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY: (A) FOR ERROR OR INTERRUPTION OF USE OR FOR LOSS OR INACCURACY OR CORRUPTION OF DATA OR COST OF PROCUREMENT OF SUBSTITUTE GOODS, SERVICES OR TECHNOLOGY OR LOSS OF BUSINESS; (B) FOR ANY INDIRECT, EXEMPLARY, INCIDENTAL, OR CONSEQUENTIAL DAMAGES; (C) FOR ANY MATTER BEYOND PINS' REASONABLE CONTROL; OR (D) FOR ANY AMOUNTS THAT, TOGETHER WITH AMOUNTS ASSOCIATED WITH ALL OTHER CLAIMS, EXCEED THE FEES PAID BY CUSTOMER TO PINS FOR THE SERVICES UNDER THE COUNTY AGREEMENT IN THE 12 MONTHS PRIOR TO THE ACT THAT GAVE RISE TO THE LIABILITY, IN EACH CASE, WHETHER OR NOT PINS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. MISCELLANEOUS The Agreement is not assignable, transferable or sublicensable by Customer except with PINS' prior written consent. No agency, partnership, joint venture, or employment is created as a result of the Agreement and Customer does not have any authority of any kind to bind PINS in any respect whatsoever. In any action or proceeding to enforce rights under the Agreement, the prevailing party will be entitled to recover costs and attorneys' fees. DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit B Self-Dealing Transaction Disclosure Form In order to conduct business with the County of Fresno ("County"), members of a contractor's board of directors ("County Contractor"), must disclose any self-dealing transactions that they are a party to while providing goods, performing services, or both for the County. A self-dealing transaction is defined below: "A self-dealing transaction means a transaction to which the corporation is a party and in which one or more of its directors has a material financial interest." The definition above will be used for purposes of completing this disclosure form. Instructions (1) Enter board member's name, job title (if applicable), and date this disclosure is being made. (2) Enter the board member's company/agency name and address. (3) Describe in detail the nature of the self-dealing transaction that is being disclosed to the County. At a minimum, include a description of the following: a. The name of the agency/company with which the corporation has the transaction; and b. The nature of the material financial interest in the Corporation's transaction that the board member has. (4) Describe in detail why the self-dealing transaction is appropriate based on applicable provisions of the Corporations Code. The form must be signed by the board member that is involved in the self-dealing transaction described in Sections (3) and (4). B-1 DocuSign Envelope ID: 180C443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit B (1) Company Board Member Information: Name: Date: Job Title: (2) Company/Agency Name and Address: (3) Disclosure (Please describe the nature of the self-dealing transaction you are a party to) (4) Explain why this self-dealing transaction is consistent with the requirements of Corporations Code § 5233 (a) (5) Authorized Signature Signature: Date: B-2 DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit C Insurance Requirements 1. Required Policies Without limiting the County's right to obtain indemnification from the Contractor or any third parties, Contractor, at its sole expense, shall maintain in full force and effect the following insurance policies throughout the term of this Agreement. (A) Commercial General Liability. Commercial general liability insurance with limits of not less than One Million Dollars ($1,000,000) per occurrence and an annual aggregate of Two Million Dollars ($2,000,000). This policy must be issued on a per occurrence basis. Coverage must include products, completed operations, property damage, bodily injury, personal injury, and advertising injury. The Contractor shall obtain an endorsement to this policy naming the County of Fresno, its officers, agents, employees, and volunteers, individually and collectively, as additional insureds, but only insofar as the operations under this Agreement are concerned. Such coverage for additional insureds will apply as primary insurance and any other insurance, or self-insurance, maintained by the County is excess only and not contributing with insurance provided under the Contractor's policy. (B) Workers Compensation. Workers compensation insurance as required by the laws of the State of California with statutory limits. (C) Employer's Liability. Employer's liability insurance with limits of not less than One Million Dollars ($1,000,000) per occurrence for bodily injury and for disease. (D)Technology Professional Liability (Errors and Omissions). Technology professional liability (errors and omissions) insurance with limits of not less than One Million Dollars ($1,000,000) per occurrence and in the aggregate. Coverage must encompass all of the Contractor's obligations under this Agreement, including but not limited to claims involving Cyber Risks. (E) Cyber Liability. Cyber liability insurance with limits of not less than One Million Dollars ($1,000,000) per occurrence. Coverage must include claims involving Cyber Risks. The cyber liability policy must be endorsed to cover the full replacement value of damage to, alteration of, loss of, or destruction of intangible property (including but not limited to information or data) that is in the care, custody, or control of the Contractor. Definition of Cyber Risks. "Cyber Risks" include but are not limited to (i) Security Breach, which may include Disclosure of Personal Information to an Unauthorized Third Party; (ii) data breach; (iii) breach of any of the Contractor's obligations under this Agreement; (iv) system failure; (v) data recovery; (vi)failure to timely disclose data breach or Security Breach; (vii)failure to comply with privacy policy; (viii) payment card liabilities and costs; (ix) infringement of intellectual property, including but not limited to infringement of copyright, trademark, and trade dress; (x) invasion of privacy, including release of private information; (xi) information theft; (xii) damage to or destruction or alteration of electronic information; (xiii) cyber extortion; (xiv) extortion related to the Contractor's obligations under this Agreement regarding electronic information, including Personal Information; (xv)fraudulent instruction; (xvi) funds transfer fraud; (xvii) telephone fraud; (xviii) network security; (xix) data breach response costs, including C-1 DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit C Security Breach response costs; (xx) regulatory fines and penalties related to the Contractor's obligations under this Agreement regarding electronic information, including Personal Information; and (xxi) credit monitoring expenses. 2. Additional Requirements (A) Verification of Coverage. Within 30 days after the Contractor signs this Agreement, and at any time during the term of this Agreement as requested by the County's Risk Manager or the County Administrative Office, the Contractor shall deliver, or cause its broker or producer to deliver, to the County Risk Manager, at 2220 Tulare Street, 16th Floor, Fresno, California 93721, or HRRiskManagement@fresnocountyca.gov, and by mail or email to the person identified to receive notices under this Agreement, certificates of insurance and endorsements for all of the coverages required under this Agreement. (i) Each insurance certificate must state that: (1) the insurance coverage has been obtained and is in full force; (2) the County, its officers, agents, employees, and volunteers are not responsible for any premiums on the policy; and (3) the Contractor has waived its right to recover from the County, its officers, agents, employees, and volunteers any amounts paid under any insurance policy required by this Agreement and that waiver does not invalidate the insurance policy. (ii) The commercial general liability insurance certificate must also state, and include an endorsement, that the County of Fresno, its officers, agents, employees, and volunteers, individually and collectively, are additional insureds insofar as the operations under this Agreement are concerned. The commercial general liability insurance certificate must also state that the coverage shall apply as primary insurance and any other insurance, or self-insurance, maintained by the County shall be excess only and not contributing with insurance provided under the Contractor's policy. (iii) The technology professional liability insurance certificate must also state that coverage encompasses all of the Contractor's obligations under this Agreement, including but not limited to claims involving Cyber Risks, as that term is defined in this Agreement. (iv) The cyber liability insurance certificate must also state that it is endorsed, and include an endorsement, to cover the full replacement value of damage to, alteration of, loss of, or destruction of intangible property (including but not limited to information or data) that is in the care, custody, or control of the Contractor. (B) Acceptability of Insurers. All insurance policies required under this Agreement must be issued by admitted insurers licensed to do business in the State of California and possessing at all times during the term of this Agreement an A.M. Best, Inc. rating of no less than A: VI I. (C) Notice of Cancellation or Change. For each insurance policy required under this Agreement, the Contractor shall provide to the County, or ensure that the policy requires the insurer to provide to the County, written notice of any cancellation or change in the C-2 DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit C policy as required in this paragraph. For cancellation of the policy for nonpayment of premium, the Contractor shall, or shall cause the insurer to, provide written notice to the County not less than 10 days in advance of cancellation. For cancellation of the policy for any other reason, and for any other change to the policy, the Contractor shall, or shall cause the insurer to, provide written notice to the County not less than 30 days in advance of cancellation or change. The County in its sole discretion may determine that the failure of the Contractor or its insurer to timely provide a written notice required by this paragraph is a breach of this Agreement. (D) County's Entitlement to Greater Coverage. If the Contractor has or obtains insurance with broader coverage, higher limits, or both, than what is required under this Agreement, then the County requires and is entitled to the broader coverage, higher limits, or both. To that end, the Contractor shall deliver, or cause its broker or producer to deliver, to the County's Risk Manager certificates of insurance and endorsements for all of the coverages that have such broader coverage, higher limits, or both, as required under this Agreement. (E) Waiver of Subrogation. The Contractor waives any right to recover from the County, its officers, agents, employees, and volunteers any amounts paid under the policy of worker's compensation insurance required by this Agreement. The Contractor is solely responsible to obtain any policy endorsement that may be necessary to accomplish that waiver, but the Contractor's waiver of subrogation under this paragraph is effective whether or not the Contractor obtains such an endorsement. (F) County's Remedy for Contractor's Failure to Maintain. If the Contractor fails to keep in effect at all times any insurance coverage required under this Agreement, the County may, in addition to any other remedies it may have, suspend or terminate this Agreement upon the occurrence of that failure, or purchase such insurance coverage, and charge the cost of that coverage to the Contractor. The County may offset such charges against any amounts owed by the County to the Contractor under this Agreement. (G)Subcontractors. The Contractor shall require and verify that all subcontractors used by the Contractor to provide services under this Agreement maintain insurance meeting all insurance requirements provided in this Agreement. This paragraph does not authorize the Contractor to provide services under this Agreement using subcontractors. C-3 DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit D Data Security 1. Definitions 12.16 Capitalized terms used in this Exhibit D have the meanings set forth in this section 1. a. "Authorized Employees" means the Contractor's employees who have access to Personal Information or Privileged Information. b. "Authorized Persons" means: (i) any and all Authorized Employees; and (ii) any and all of the Contractor's subcontractors, representatives, agents, outsourcers, and consultants, and providers of professional services to the Contractor, who have access to Personal Information and are bound by law or in writing by confidentiality obligations sufficient to protect Personal Information in accordance with the terms of this Exhibit E. c. "Director" means the County's Director Internal Services/Chief Information officer or their designee. d. "Disclose" or any derivative of that word means to disclose, release, transfer, disseminate, or otherwise provide access to or communicate all or any part of any Personal Information orally, in writing, or by electronic or any other means to any person. e. "Person" means any natural person, corporation, partnership, limited liability company, firm, or association. f. "Personal Information" means any and all information, including any data, provided, or to which access is provided, to the Contractor by or upon the authorization of the County, under this Agreement, including but not limited to vital records, that: (i) identifies, describes, or relates to, or is associated with, or is capable of being used to identify, describe, or relate to, or associate with, a person (including, without limitation, names, physical descriptions, signatures, addresses, telephone numbers, e-mail addresses, education, financial matters, employment history, and other unique identifiers, as well as statements made by or attributable to the person); (ii) is used or is capable of being used to authenticate a person (including, without limitation, employee identification numbers, government-issued identification numbers, passwords or personal identification numbers (PINs), financial account numbers, credit report information, answers to security questions, and other personal identifiers); or (iii) is personal information within the meaning of California Civil Code section 1798.3, subdivision (a), or 1798.80, subdivision (e). Personal Information does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records. g. "Privacy Practices Complaint" means a complaint received by the County relating to the Contractor's (or any Authorized Person's) privacy practices, or alleging a Security Breach. Such complaint shall have sufficient detail to enable the Contractor to promptly investigate and take remedial action under this Exhibit E. h. "Privileged Information" means any and all information, including any data, provided, or to which access is provided, to the Contractor by or upon the authorization of the County or any attorney of the County, under this agreement, including but not limited to any or all of the following: (i) records pertaining to pending litigation to which the County is party, or to claims made pursuant to the Government Claims Act (Gov. Code, Tit. 1, Div. 3.6, beginning with section 810), until the pending litigation or claim has been finally adjudicated or otherwise settled, which are exempt from disclosure under Government D-1 DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit D Data Security Code section 6254, subdivision (b); (ii) any information that is subject to the attorney- client privilege, which includes but is not limited to a "confidential communication between client and lawyer," as that term is defined in Evidence Code section 952, where the County is the client and any attorney of the County is the lawyer, and the Contractor may be serving as a representative of the County, as an intermediate representative for communication between the County and any attorney of the County, or both; or (iii) both (i) and (ii). For purposes of a "confidential communication between client and lawyer" under this Agreement, the Contractor is presumed to be present to further the interest of the County in its consultation with an attorney of the County, reasonably necessary for the transmission of the information or the accomplishment of the purpose for which the attorney of the County is consulted, or both. The Contractor acknowledges that the attorney-client privilege protecting Privileged Information belongs to the County and may only be waived by the County's Board of Supervisors, and may not be waived by any other County official. The Contractor has no right or authority to waive the attorney-client privilege that belongs to the County. i. "Security Safeguards" means physical, technical, administrative or organizational security procedures and practices put in place by the Contractor (or any Authorized Persons) that relate to the protection of the security, confidentiality, value, or integrity of Personal Information. Security Safeguards shall satisfy the minimal requirements set forth in section 3(C) of this Exhibit E. j. "Security Breach" means (i) any act or omission that compromises either the security, confidentiality, value, or integrity of any Personal Information or the Security Safeguards, or (ii) any unauthorized Use, Disclosure, or modification of, or any loss or destruction of, or any corruption of or damage to, any Personal Information. k. "Use" or any derivative of that word means to receive, acquire, collect, apply, manipulate, employ, process, transmit, disseminate, access, store, disclose, or dispose of Personal Information. 2. Standard of Care a. The Contractor acknowledges that, in the course of its engagement by the County under this Agreement, the Contractor, or any Authorized Persons, may Use Personal Information and Privileged Information only as permitted in this Agreement. b. The Contractor acknowledges that Personal Information and Privileged Information is deemed to be confidential information of, or owned by, the County (or persons from whom the County receives or has received Personal Information) and is not confidential information of, or owned or by, the Contractor, or any Authorized Persons. The Contractor further acknowledges that all right, title, and interest in or to the Personal Information or the Privileged Information remains in the County (or persons from whom the County receives or has received Personal Information or Privileged Information) regardless of the Contractor's, or any Authorized Person's, Use of that Personal Information or that Privileged Information. D-2 DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit D Data Security c. The Contractor agrees and covenants in favor of the Country that the Contractor shall: i. keep and maintain all Personal Information and all Privileged Information in strict confidence, using such degree of care under this section 2 as is reasonable and appropriate to avoid a Security Breach; ii. Use Personal Information exclusively for the purposes for which the Personal Information is made accessible to the Contractor pursuant to the terms of this Exhibit E; iii. Use Privileged Information exclusively for the purposes for which the Privileged Information is made accessible to the Contractor pursuant to the terms of this Exhibit E; iv. not Use, Disclose, sell, rent, license, or otherwise make available Personal Information or Privileged Information for the Contractor's own purposes or for the benefit of anyone other than the County, without the County's express prior written consent, which the County may give or withhold in its sole and absolute discretion; V. not, directly or indirectly, Disclose Personal Information to any person (an "Unauthorized Third Party") other than Authorized Persons pursuant to this Agreement, without the express prior written consent the Director; and vi. not, directly or indirectly, Disclose Privileged Information to any person (an "Unauthorized Third Party") other than Authorized Persons pursuant to this Agreement, without the express prior written consent of the County's Board of Supervisors. d. Notwithstanding the foregoing paragraph, in any case in which the Contractor believes it, or any Authorized Person, is required to disclose Personal Information or Privileged Information to government regulatory authorities, or pursuant to a legal proceeding, or otherwise as may be required by applicable law, Contractor shall (i) immediately notify the County of the specific demand for, and legal authority for the disclosure, including providing County with a copy of any notice, discovery demand, subpoena, or order, as applicable, received by the Contractor, or any Authorized Person, from any government regulatory authorities, or in relation to any legal proceeding, and (ii) promptly notify the County before such Personal Information is offered by the Contractor for such disclosure so that the County may have sufficient time to obtain a court order or take any other action the County may deem necessary to protect the Personal Information or the Privileged Information from such disclosure, and the Contractor shall cooperate with the County to minimize the scope of such disclosure of such Personal Information or Privileged Information. e. The Contractor shall remain liable to the County for the actions and omissions of any Unauthorized Third Party concerning its Use of such Personal Information or Privileged Information as if they were the Contractor's own actions and omissions. 3. Information Security D-3 DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit D Data Security a. The Contractor covenants, represents and warrants to the County that the Contractor's Use of Personal Information and Privileged Information under this Agreement does and will at all times comply with all applicable federal, state, and local, privacy and data protection laws, as well as all other applicable regulations and directives, including but not limited to California Civil Code, Division 3, Part 4, Title 1.81 (beginning with section 1798.80), and the Song-Beverly Credit Card Act of 1971 (California Civil Code, Division 3, Part 4, Title 1.3, beginning with section 1747). If the Contractor Uses credit, debit or other payment cardholder information, the Contractor shall at all times remain in compliance with the Payment Card Industry Data Security Standard ("PCI DSS") requirements, including remaining aware at all times of changes to the PCI DSS and promptly implementing and maintaining all procedures and practices as may be necessary to remain in compliance with the PCI DSS, in each case, at the Contractor's sole cost and expense. b. The Contractor covenants, represents and warrants to the County that, as of the Effective Date of this Agreement, the Contractor has not received notice of any violation of any privacy or data protection laws, as well as any other applicable regulations or directives, and is not the subject of any pending legal action or investigation by, any government regulatory authority regarding same. c. Without limiting the Contractor's obligations under section 3(A) of this Exhibit E, the Contractor's (or Authorized Person's) Security Safeguards shall be no less rigorous than accepted industry practices and, at a minimum, include the following: i. limiting Use of Personal Information and Privileged Information strictly to the Contractor's and Authorized Persons' personnel, including technical and administrative personnel, who are necessary for the Contractor's or Authorized Persons' Use of the Personal Information or Privileged pursuant to this Agreement; ii. ensuring that all of the Contractor's connectivity to County computing systems will only be through the County's security gateways and firewalls, and only through security procedures approved upon the express prior written consent of the Director; iii. to the extent that they contain or provide access to Personal Information or Privileged Information, (a) securing business facilities, data centers, paper files, servers, back-up systems and computing equipment, operating systems, and software applications, including, but not limited to, all mobile devices and other equipment, operating systems, and software applications with information storage capability; (b) employing adequate controls and data security measures, both internally and externally, to protect (1) the Personal Information and the Privileged Information from potential loss or misappropriation, or unauthorized Use, and (2) the County's operations from disruption and abuse; (c) having and maintaining network, device application, database and platform security; (d) maintaining authentication and access controls within media, computing equipment, operating systems, and software applications; and (e) installing and maintaining in all mobile, wireless, or handheld devices a secure internet connection, having continuously updated anti-virus software protection and a D-4 DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit D Data Security remote wipe feature always enabled, all of which is subject to express prior written consent of the Director; iv. encrypting all Personal Information at advance encryption standards of Advanced Encryption Standards (AES) of 128 bit or higher when Personal Information is (a) stored on any mobile devices, including but not limited to hard disks, portable storage devices, or remote installation, or (b) transmitted over public networks (the encrypted Personal Information must be subject to password or pass phrase, and be stored on a secure server and transferred by means of a Virtual Private Network (VPN) connection, or another type of secure connection, all of which is subject to express prior written consent of the Director); V. strictly segregating Personal Information and Privileged Information from all other information of the Contractor, including any Authorized Person, or anyone with whom the Contractor or any Authorized Person deals so that Personal Information and Privileged Information is not commingled with any other types of information; vi. having a patch management process including installation of all operating system and software vendor security patches; vii. maintaining appropriate personnel security and integrity procedures and practices, including, but not limited to, conducting background checks of Authorized Employees consistent with applicable law; and viii. providing appropriate privacy and information security training to Authorized Employees. d. During the term of each Authorized Employee's employment by the Contractor, the Contractor shall cause such Authorized Employees to abide strictly by the Contractor's obligations under this Exhibit E. The Contractor shall maintain a disciplinary process to address any unauthorized Use of Personal Information or Privileged Information by any Authorized Employee. e. The Contractor shall, in a secure manner, backup daily, or more frequently if it is the Contractor's practice to do so more frequently, Personal Information and Privileged Information received from the County, and the County shall have access, at their request, to such backups via a secure, remote access connection provided by the Contractor, through the Internet. f. The Contractor shall provide the County with the name and contact information for each Authorized Employee (including such Authorized Employee's work shift, and at least one alternate Authorized Employee for each Authorized Employee during such work shift) who shall serve as the County's primary security contact with the Contractor and shall be available to assist the County twenty-four (24) hours per day, seven (7) days per week as a contact in resolving the Contractor's and any Authorized Persons' obligations associated with a Security Breach or a Privacy Practices Complaint. g. The Contractor shall not knowingly include or authorize any Trojan Horse, back door, time bomb, drop dead device, worm, virus, or other code of any kind that may disable, D-5 DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit D Data Security erase, display any unauthorized message within, or otherwise impair any County computing system, with or without the intent to cause harm. 4. Security Breach Procedures a. Immediately upon the Contractor's awareness or reasonable belief of a Security Breach, the Contractor shall (i) notify the Director of the Security Breach, such notice to be given first by telephone at the following telephone number, followed promptly by email at the following email address: (559) 600-5900 / incidents@fresnocountyca.gov (which telephone number and email address the County may update by providing notice to the Contractor), and (ii) preserve all relevant evidence (and cause any affected Authorized Person to preserve all relevant evidence) relating to the Security Breach. The notification shall include, to the extent reasonably possible, the identification of each type and the extent of Personal Information, Privileged Information, or both, that has been, or is reasonably believed to have been, breached, including but not limited to, compromised, or subjected to unauthorized Use, Disclosure, or modification, or any loss or destruction, corruption, or damage. b. Immediately following the Contractor's notification to the County of a Security Breach, as provided pursuant to section 4(A) of this Exhibit E, the Parties shall coordinate with each other to investigate the Security Breach. The Contractor agrees to fully cooperate with the County, including, without limitation: i. assisting the County in conducting any investigation; ii. providing the County with physical access to the facilities and operations affected; iii. facilitating interviews with Authorized Persons and any of the Contractor's other employees knowledgeable of the matter; and iv. making available all relevant records, logs, files, data reporting and other materials required to comply with applicable law, regulation, industry standards, or as otherwise reasonably required by the County. To that end, the Contractor shall, with respect to a Security Breach, be solely responsible, at its cost, for all notifications required by law and regulation, or deemed reasonably necessary by the County, and the Contractor shall provide a written report of the investigation and reporting required to the Director within 30 days after the Contractor's discovery of the Security Breach. c. County shall promptly notify the Contractor of the Director's knowledge, or reasonable belief, of any Privacy Practices Complaint, and upon the Contractor's receipt of that notification, the Contractor shall promptly address such Privacy Practices Complaint, including taking any corrective action under this Exhibit E, all at the Contractor's sole expense, in accordance with applicable privacy rights, laws, regulations and standards. In the event the Contractor discovers a Security Breach, the Contractor shall treat the Privacy Practices Complaint as a Security Breach. Within 24 hours of the Contractor's D-6 DocuSign Envelope ID: 180C443E-460E-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit D Data Security receipt of notification of such Privacy Practices Complaint, the Contractor shall notify the County whether the matter is a Security Breach, or otherwise has been corrected and the manner of correction, or determined not to require corrective action and the reason for that determination. d. The Contractor shall take prompt corrective action to respond to and remedy any Security Breach and take mitigating actions, including but not limiting to, preventing any reoccurrence of the Security Breach and correcting any deficiency in Security Safeguards as a result of such incident, all at the Contractor's sole expense, in accordance with applicable privacy rights, laws, regulations and standards. The Contractor shall reimburse the County for all reasonable costs incurred by the County in responding to, and mitigating damages caused by, any Security Breach, including all costs of the County incurred relation to any litigation or other action described section 4(E) of this Exhibit E. e. The Contractor agrees to cooperate, at its sole expense, with the County in any litigation or other action to protect the County's rights relating to Personal Information, Privileged Information, or both, including the rights of persons from whom the County receives Personal Information. 5. Oversight of Security Compliance a. The Contractor shall have and maintain a written information security policy that specifies Security Safeguards appropriate to the size and complexity of the Contractor's operations and the nature and scope of its activities. b. Upon the County's written request, to confirm the Contractor's compliance with this Exhibit E, as well as any applicable laws, regulations and industry standards, the Contractor grants the County or, upon the County's election, a third party on the County's behalf, permission to perform an assessment, audit, examination or review of all controls in the Contractor's physical and technical environment in relation to all Personal Information and Privileged Information that is Used by the Contractor pursuant to this Agreement. The Contractor shall fully cooperate with such assessment, audit or examination, as applicable, by providing the County or the third party on the County's behalf, access to all Authorized Employees and other knowledgeable personnel, physical premises, documentation, infrastructure and application software that is Used by the Contractor for Personal Information, Privileged Information, or both, pursuant to this Agreement. In addition, the Contractor shall provide the County with the results of any audit by or on behalf of the Contractor that assesses the effectiveness of the Contractor's information security program as relevant to the security and confidentiality of Personal Information Used by the Contractor or Authorized Persons during the course of this Agreement under this Exhibit E. c. The Contractor shall ensure that all Authorized Persons who Use Personal Information, Privileged Information, or both, agree to the same restrictions and conditions in this Exhibit E. that apply to the Contractor with respect to such Personal Information and Privileged Information by incorporating the relevant provisions of this Exhibit E into a valid and binding written agreement between the Contractor and such Authorized Persons, or amending any written agreements to provide same. D-7 DocuSign Envelope ID: 18OC443E-46OF-4E77-AAOF-ED063D4AFD2D P-23-350 Exhibit D Data Security 6. Return or Destruction of Personal Information. Upon the termination of this Agreement, the Contractor shall, and shall instruct all Authorized Persons to, promptly return to the County all Personal Information and all Privileged Information, whether in written, electronic or other form or media, in its possession or the possession of such Authorized Persons, in a machine readable form used by the County at the time of such return, or upon the express prior written consent of the Director, securely destroy all such Personal Information and all Privileged Information, and certify in writing to the County that such Personal Information and Privileged Information have been returned to the County or disposed of securely, as applicable. If the Contractor is authorized to dispose of any such Personal Information or Privileged Information, as provided in this Exhibit E, such certification shall state the date, time, and manner (including standard) of disposal and by whom, specifying the title of the individual. The Contractor shall comply with all reasonable directions provided by the Director with respect to the return or disposal of Personal Information and Privileged Information and copies of Personal Information and Privileged Information. If return or disposal of such Personal Information or Privileged Information, or copies of Personal Information or Privileged Information, is not feasible, the Contractor shall notify the County according, specifying the reason, and continue to extend the protections of this Exhibit E to all such Personal Information and Privileged Information, and copies of Personal Information and Privileged Information. The Contractor shall not retain any copy of any Personal Information or any Privileged Information after returning or disposing of Personal Information and Privileged Information as required by this section 6. The Contractor's obligations under this section 6 survive the termination of this Agreement and apply to all Personal Information and Privileged Information that the Contractor retains if return or disposal is not feasible and to all Personal Information and Privileged Information that the Contractor may later discover in its possession or control. 7. Equitable Relief. The Contractor acknowledges that any breach of its covenants or obligations set forth in this Exhibit E may cause the County irreparable harm for which monetary damages would not be adequate compensation and agrees that, in the event of such breach or threatened breach, the County is entitled to seek equitable relief, including a restraining order, injunctive relief, specific performance and any other relief that may be available from any court, in addition to any other remedy to which the County may be entitled at law or in equity. Such remedies shall not be deemed to be exclusive but shall be in addition to all other remedies available to the County at law or in equity or under this Agreement. 8. Survival. The respective rights and obligations of the Contractor and the County as stated in this Exhibit E shall survive the termination of this Agreement. 9. No Third Party Beneficiary. Nothing express or implied in the provisions of in this Exhibit E is intended to confer, nor shall anything in this Exhibit E confer, upon any person other than the County or the Contractor and their respective successors or assignees, any rights, remedies, obligations or liabilities whatsoever. 10. No County Warranty. The County does not make any warranty or representation whether any Personal Information or Privileged Information in the Contractor's (or any Authorized Person's) possession or control, or Use by the Contractor (or any Authorized Person), pursuant to the terms of this Agreement is or will be secure from unauthorized Use, or a Security Breach or Privacy Practices Complaint. D-8