Loading...
The URL can be used to link to this page
Your browser does not support the video tag.
Home
My WebLink
About
CAG2021-319 - Original - Vermont Systems, Inc. - RecTrac Recreation Management System - 07/09/2021
ApprovalOriginator:Department: Date Sent:Date Required: Authorized to Sign: Director or Designee Mayor Date of Council Approval: Grant? Yes No Type:Review/Signatures/RoutingDate Received by City Attorney: Comments: Date Routed to the Mayor’s Office: Date Routed to the City Clerk’s Office:Agreement InformationVendor Name:Category: Vendor Number:Sub-Category: Project Name: Project Details: Agreement Amount: Start Date: Basis for Selection of Contractor: Termination Date: Local Business? Yes No* Business License Verification: Yes In-Process Exempt (KCC 5.01.045) If meets requirements per KCC 3.70.100, please complete “Vendor Purchase-Local Exceptions” form on Cityspace. Notice required prior to disclosure? Yes No Contract Number: Agreement Routing Form For Approvals, Signatures and Records Management This form combines & replaces the Request for Mayor’s Signature and Contract Cover Sheet forms. (Print on pink or cherry colored paper) Visit Documents.KentWA.gov to obtain copies of all agreementsadccW22373_1_20 Budget Account Number: Budget? Yes No Dir Asst: Sup/Mgr: Dir/Dep: rev. 200821 FOR CITY OF KENT OFFICIAL USE ONLY (Optional) * Memo to Mayor must be attached Original Services Agreement for recreation management system replacement, including initial licensing, training, and software. $273,160.00 first day of month of signature 07/09/2021 07/ CAG2021-319 7/12/21 DATE: July 6, 2021 TO: Kent City Council SUBJECT: Software Licensing with Vermont Systems, Inc - Authorize MOTION: I move to authorize the Mayor to sign a five-year Services Agreement with Vermont Systems, Inc., through which the City will obtain training services and access to RecTrac, a recreation scheduling and management software, at a total contract cost not to exceed $273,160, subject to final terms and conditions acceptable to the Information Technology Director and City Attorney. SUMMARY: The Parks and Information Technology departments seek approval of a contract that will authorize access to a software solution, RecTrac, that will enhance the City’s capability to conduct recreation management and provide critical efficiencies to support Parks recreation operations. RecTrac will allow recreation staff to input, manage and maintain customer accounts, memberships, programs, facility rentals, and league scheduling in support of Parks’ operations. The contract includes a “train the trainer” approach where Program Leads will receive remote training in use of the software. The overall project also includes a companion contract with a separate point of sale provider, Card Connect, to support credit card payment processing. However, the companion contract with Card Connect includes a contract cost of approximately $23,100 which does not require Council approval. Staff is still working to negotiate the terms of the Card Connect contract. RecTrac will replace the existing recreation management system (CLASS 8.0) originally implemented in July 1999. CLASS reached end of life at year-end 2018. All self-hosted customers are required to switch to ActiveNet (the company that acquired CLASS) or replace the product with a different system. ActiveNet was evaluated by the Parks Department as a potential solution but Parks found that it provided decreased functionality at an increased cost compared to RecTrac. While there are close to 50 Parks recreation staff who are users of the CLASS system, for costing purposes, Parks estimates access to RecTrac for 25 concurrent users will be sufficient. Under the Services Agreement, Vermont Systems, Inc. will perform the following services in addition to providing software access: account migration, system integration testing, end user training, and system go-live support. Project costs will be fully covered by funds currently budgeted for the Parks System Replacement. No 8.D Packet Pg. 87 new dollars are being requested. The agreement with RecTrac provides for an initial one-year term that will renew automatically on a yearly basis for up to four additional years, for a maximum contract term of five years. The total cost for the first year, including hardware and integration and training services, is $82,272. After the first year, the annual cost thereafter is $41,514 for each of the four remaining years. BUDGET IMPACT: The contract cost is fully-budgeted for the first two years from that portion of the City’s Capital Improvement Budget for Technology Projects dedicated for the “Parks System Replacement.” Project costs in years three through five will be covered by the Parks Department’s maintenance budget. Description Cost Impact Year 1 - Annual Software Licensing $37,740 Year 1 - Services (Non-recurring) $1,750 Year 1 - Implementation and Training Costs $11,600 Year 1 - Hardware and Supplies (One Time) $24,758 Use or Sales Tax as Applicable $6,424 Years 2 - 5 - Annual Software Licensing $150,960 ($37,740 ea. year) Use or Sales Tax Years 2 - 5 $15,096 ($3,774 ea. year) Sub-Total $248,328 Contingency (10%) $24,832 Total Contract Cost $273,160 SUPPORTS STRATEGIC PLAN GOAL: Evolving Infrastructure - Connecting people and places through strategic investments in physical and technological infrastructure. Thriving City - Creating safe neighborhoods, healthy people, vibrant commercial districts, and inviting parks and recreation. Sustainable Services - Providing quality services through responsible financial management, economic growth, and partnerships. ATTACHMENTS: 1.2021-2026_Vermont Systems Inc-RecTrac Services, Including Exhibits (PDF) 06/22/21 Committee of the Whole RECOMMENDED TO COUNCIL BY CONSENSUS RESULT: RECOMMENDED TO COUNCIL BY CONSENSUS Next: 7/6/2021 7:00 PM 8.D Packet Pg. 88 SERVICES AGREEMENT This Services Agreement is entered into as of the last date signed below ___________________ (“Effective Date”) by and between RECTRAC, LLC d/b/a VERMONT SYSTEMS, a Delaware limited liability company having its principal address at 12 Market Place, Essex Junction, VT 05452 (“VS,” “Licensor,” “we,” “our,” or “us”) and the customer identified in Section 1 below (“Customer,” “Licensee,” “you” or “your”) (each a “Party,” and, collectively, the “Parties”). This Services Agreement, including all attachments, schedules, exhibits or Addenda referenced herein, shall collectively comprise the “Agreement” between you and us. Terms not defined below shall have the meanings as set forth in Section 1 of the Terms of Service, included within Exhibit B and incorporated below. 1.CUSTOMER INFORMATION Customer Name (Legal Entity) Doing Business As (if applicable) City of Kent, Washington Office Address 220 Fourth Ave. South, Kent, Washington 98032 Business Address (if business is located somewhere other than the office address) 220 Fourth Ave. South, Kent, Washington 98032 Customer’s General Contact (for all matters under the Agreement)General Contact Phone General Contact Email Mike Carrington 253-856-4607 mcarrington@kentwa.gov Customer’s Billing Contact (for billing matters under the Agreement) Billing Contact Phone Billing Contact Email Lynette Smith 253-856-4602 lsmith@kentwa.gov VS Customer Lead VS Lead Phone VS Lead Email David Wirtz (802) 276-5629 DavidWO@VermontSystems.com 2.TERM Initial Term: 12 months. The Initial Term will commence on the first day of the month in which the software is implemented and available for the Customer’s use and will end 12 consecutive months later. Renewal Term: 12 months. Unless Customer provides written notice of cancellation at least 90 days prior to the expiration of the Initial Term, the Agreement will automatically renew for another 12-month term (“Renewal Term”). Thereafter, the Agreement will automatically renew for successive 12-month Renewal Terms, up to a maximum total Term of five (5) years or until the Agreement is earlier terminated in accordance with Section 4 of the Terms of Service within Exhibit A. 3.SERVICES & FEES You are contracting to receive the Services, and to pay the Fees, as more specifically described in the Order Schedule. The Order Schedule is attached hereto and incorporated by reference herein as Exhibit B. DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 July 9, 2021 4.PAYMENT SERVICES You are choosing the following Payment Services option: ☒ Payment Services Not Included No Payment Services are being offered by VS or through the VS platform. Customer is handling all payment services on its own or through its own third-party payment service provider ☐ Payment Services Included Customer is choosing to use the VS platform and/or payment gateways for Payment Services. Customer is required to enter into a separate Sub-Merchant Agreement made part of the Agreement. 5.HOSTING Customer is choosing the following hosting option: ☐ Customer Hosted Customer hosts data locally, on its own servers. VS has no responsibility for maintaining and/or securing Customer Data on Customer’s servers. ☒ VS Hosted VS hosts Customer Data on VS-controlled and maintained servers. Any VS hosting will be subject to all hosting policies as described in the VS Terms of Service. 6.TERMS OF SERVICE Customer has read, understands and agrees to VS’s Terms of Service, which shall be incorporated and considered part of this Agreement. VS’s Terms of Service is attached hereto as Exhibit A. 7.PRIVACY & SECURITY Customer has read, understands and agrees to VS’s Privacy Policy, which shall be incorporated and considered part of this Agreement. VS’s Privacy Policy is attached hereto as Exhibit C. 8.SERVICE LEVEL COMMITMENTS Customer has read, understands and agrees to VS’s Service Level Agreements, each of which shall be incorporated and considered part of this Agreement. VS’s Service Level Agreement for Hosting Services is attached hereto as Exhibit D. VS’s Service Level Agreement for Support Services is attached hereto as Exhibit E. 9.AGREED SUMMARY OF ABOVE AND ADDITIONAL LISTED EXHIBITS Exhibit A - Terms of Service Exhibit B – Order Schedule Exhibit C - Privacy Policy Exhibit D – Service Level Agreement (Software) Exhibit E – Service Level Agreement (Support) Exhibit F - API Terms of Use Exhibit G - Insurance Addendum Exhibit H - Statement of Work DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Exhibit – I City of Kent Acknowledgements & Sign Offs ACCEPTANCE Customer acknowledges that it has read, understands and accepts the Agreement as written, inclusive of all attachments, schedules or exhibits, as may be revised, and agrees to pay all Fees and all other charges permitted by the Agreement. The individual signing the Agreement on behalf of Customer acknowledges that he/she has the proper legal authority to act on the Customer’s behalf and to bind the Customer to this Agreement. AGREED TO BY CUSTOMER : City of Kent, Washington _______________________________________ ________________ Date _______________________________________ Name Title ACCEPTED BY VERMONT SYSTEMS: RecTrac, LLC _______________________________________ ________________ Scott Strong Date President 06/09/2021 DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Dana Ralph, Mayor 07/09/2021 1 ©2021 Vermont Systems. All Rights Reserved. TERMS OF SERVICE 1. DEFINITIONS. Capitalized terms used but not otherwise defined in theseTerms of Service will have the meaning ascribed to such terms in theServices Agreement or other applicable Addenda.“Addendum” or “Addenda” or “Amendment” means a written documentadded to the Agreement containing new or supplemental terms to whichboth parties have signed an acknowledgement of their assent to its termsthrough their authorized representatives.“Agreement” means the Services Agreement and any attachments,schedules or exhibits referenced therein, which could include the OrderSchedule, Privacy Policy, Terms of Service, Service Level Agreement,Statement of Work, Sub-Merchant Agreement, or any later-signedAddenda.“Billing Period” means the period of time covered by a single recurringdues fee for Services. Unless otherwise noted, a Billing Period will be billedin advance and will cover a period of one (1) year.“Cardholder Data” is a subset of Customer Data and generally includes aPatron’s name, billing address, credit card number, expiration date and CVVcode.“Confidential Information” means any and all information disclosed byeither party to the other which is marked “confidential” or “proprietary,” orwhich the recipient has reason to know is regarded by the disclosing partyas confidential or proprietary. ”Confidential Information” does not includeany information that the receiving party can demonstrate by its writtenrecords: (a) was known to it prior to its disclosure hereunder by thedisclosing party; (b) is or becomes known through no wrongful act of thereceiving party; (c) has been rightfully received from a third party authorized to make such a disclosure; (d) is independently developed by the receivingparty; (e) has been approved for release with the disclosing party’s priorwritten authorization; or (f) is required to be disclosed by court rule, courtorder or as otherwise required by law, and subject to any notice that maybe required herein to enable the other party to seek a protective order orotherwise prevent such disclosure.“Customer” is a VS customer. The Customer is the individual, businessentity, non-profit, military branch, or municipality contracting with us toreceive Services as more specifically identified in the Services Agreement.Customer may also be referred to in the Agreement as “you,” “your” or“Licensee.” “Customer Data” is the content, information or data which you, your EndUsers and/or your Patrons enter into the Software associated with ourServices. Customer Data may include Patron Data, among other types ofdata.“Effective Date” shall have the meaning as set forth in the ServicesAgreement.“End Users” are your authorized users of the Software associated with ourServices. Those licenses associated with a Customer’s concurrent End Userswill be listed in the Order Schedule.“Exhibit” means a document attached and incorporated into the parties’Agreement and made a part thereof.“Fees” mean any and all fees associated with the use of our Services,including (but not limited to) Software Fees, Hosting Fees, Support Fees,any fees associated with our Payment Services, and/or any fees associatedwith Professional Services, as well as any other fees or charges permitted bythe Agreement. Fees may be recurring, non-recurring, or one-time, as morespecifically described in the Order Schedule.“Hardware” means the computer equipment, point-of-sale terminals, orother technical hardware distributed by us or by a reseller on our behalf.Hardware may contain firmware or software.“Hosting Fees” mean the fees associated with the hosting of CustomerData on our VS-controlled servers and systems. “Initial Term” is the initial term for Services, as described in the Services Agreement. “Intellectual Property Rights” means all patents, rights to inventions, utility models, copyright and related rights, trademarks, service marks, trade, business and domain names, rights in trade dress or get-up, rights in goodwill or to sue for passing off, unfair competition rights, rights in designs, rights in computer software, database rights, moral rights, rights in confidential information (including know-how and trade secrets) and any other intellectual property rights, in each case whether registered or unregistered and including all applications for and renewals or extensions of such rights, and all similar or equivalent rights or forms of protection in any part of the world. “Order Schedule” means VSI Quote Number QUE-05215-H8Q9T2 which itemizes the Services we are providing to you and any specific fees you are agreeing to pay us in exchange for those Services. “Patron(s)” mean(s) the individuals who purchase your products and/or services and who otherwise interact with the Software associated with our Services. Patrons are your customers, clients or members. “Patron Data” means information about Patrons entered into the Software by you, your End Users or your Patrons. Patron Data may include (but is not limited to) personally identifiable information and/or Cardholder Data. “Payment Services” means the payment and billing-related services that we may provide to you under the Agreement. Payment Services may be described in the Order Schedule or in a separate Addendum, and your receipt of Payment Services requires that you enter into a separate Sub-Merchant Agreement with us. “Professional Services” are any professional services provided outside of our initial install and setup of the Software associated with our Services. Professional services may include consulting, custom development work, supplemental or onsite training, or other projects. Professional Services will be subject to the provisions of the Agreement, and any future Statement of Work mutually agreed to and signed by the Parties after the Effective Date of the Agreement. “Services” mean any and all of those products and/or services offered by us to you under the Agreement. Services may include products or services related to software, hosting, hardware, support and/or payments. A specific itemization of Services can be found in the Order Schedule. “Services Agreement” means the contract between you and us for Services. The Services Agreement, together with any attachments, schedules or exhibits referenced therein, is broadly referred to as the “Agreement” between you and us. “Software” means our proprietary technology software and any and all associated modules, websites, third party integrations and/or mobile applications (if applicable). “Software Fees” mean those fees associated with your access to and use of our Software or any component thereof. We may charge Software Fees monthly, quarterly or annually, as more specifically described in the Order Schedule. “Sub-Merchant Agreement” means our Sub-Merchant Application and Agreement and Payment Service Terms and Conditions, which govern the terms and conditions under which we are willing to provide our Payment Services. “Support Fees” mean those fees associated with our Support Desk, which enables customer support through live channels like phone and chat. We may charge Support Fees monthly, quarterly or annually, as more specifically described in the Order Schedule. “Renewal Term” means the period which immediately follows the expiration of the Initial Term, as described in the Services Agreement. “Team” includes VS’s employees, officers, directors, owners, attorneys, affiliates or representatives. “Term” means the term for Services and includes both the Initial Term and any Renewal Terms, as applicable. “VS” means RecTrac, LLC d/b/a Vermont Systems and its subsidiaries, successors and assigns. VS’s business address is 12 Market Place, Essex EXHIBIT A 2 ©2021 Vermont Systems. All Rights Reserved. Junction, VT 05452. VS may also be referred to in the Agreement as “Licensor,” “we,” “our,” or “us.” 2.ACCEPTANCE. The Parties accept the terms of this Agreement bysigning the Services Agreement, which is effective as of the last date signed. Each Party expressly acknowledges to the other that the person accepting the Agreement on its behalf has the proper legal authority to bind the respective party. 3.GRANT OF RIGHTS. 3.1 Grant of Rights by VS. Upon the Effective Date, and subject to your timely payment of Fees and remaining in compliance with the Agreement, we grant to you a limited term, worldwide, non-exclusive, non-transferrable, non-assignable license to access and use our Services, including the Software, during the Term solely for the lawful operation of your business. The licensed rights described herein shall be limited to End Users authorized by you to access and use the Software, and your Patrons who have a legitimate right to access and use your products and/or services. The licensed rights conferred herein do not constitute a sale and do not convey to you or any third party any right of ownership in or to our Services, including the Software, or any of our Intellectual Property Rights. Upon termination of the Agreement for any reason, any rights granted by us to you will automatically and without notice terminate. The method and means of providing the Services shall be under our exclusive control, management and supervision, although we will try to give your specific requests due consideration. Any rights not specifically granted under the Agreement are expressly reserved. 3.2 Grant of Rights by Customer. Upon the Effective Date, and subject to our remaining in compliance with the Agreement, you grant to us a limited term, worldwide, non-exclusive license to access and use your Customer Data (including any Patron Data, as applicable) to deliver, monitor and maintain the Services in accordance with the Agreement. Any rights not specifically granted under the Agreement are expressly reserved. 3.3 Excess Use. We will provide you with the number of authorized End User licenses as set forth in the Order Schedule to access and use the Software. You shall have access to functionalities in the Software that can generate reports indicating the number of authorized End Users accessing the Software at any given time. In the event that the number of concurrent End Users exceeds the number of allocated licenses described in the Order Schedule (“Excess Use”), we will notify you by email about such Excess Use and, if you do not reduce the Excess Use within 30 days of such notice, you will be required to pay for any Excess Use with additional licenses, which shall be described in a new invoice and which will automatically update the Order Schedule. 3.4 Prohibited Use. You shall not use our Services in violation of the law, whether local, state or federal (including but not limited to the CAN-SPAM Act, the Telephone Consumer Protection Act, the Do-Not-Call Implementation Act, the Americans with Disabilities Act, or any consumer protection statute); to intentionally bypass a security mechanism in the System(s); to reverse-engineer the System(s), or any component thereof, regardless of the reason why; in a way that adversely impacts the availability, reliability or stability of the System(s), or any component thereof; to intentionally transmit material using the System(s) which contains viruses, Trojan horses, worms or some other harmful computer program; to send unsolicited advertising, marketing or promotional materials, whether by email or text, without the recipient’s legally-valid consent; to commit fraud; to transmit material that infringes on the intellectual property right of others; to transmit material that is harassing, discriminatory, defamatory, vulgar, pornographic, or harmful to others; or in violation of this Agreement. Violation of this Prohibited Use policy may result in immediate suspension or discontinuation of Services, or legal action which could result in civil damages or criminal punishment. 4.TERM; TERMINATION. 4.1 Term. You will be obligated to the Term as described in the Services Agreement, including any auto-renewal provisions. 4.2 Termination for Cause. Prior to expiration of the Initial Term, either you or we may terminate the Agreement for cause (a) upon 30 days written notice to the other party of a material breach if such breach remains uncured at the expiration of such period; (b) immediately if the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors; or (c) immediately if the other party dissolves or ceases to do business in the ordinary course. If our termination of the Agreement is for cause, then you shall remain liable for any Fees covering the remainder of the Initial Term, or a Renewal Term, as applicable, after the effective date of such termination. Termination for cause will not preclude the non-breaching party from exercising any other rights or remedies permitted by law. 4.3 VS’s Termination for Convenience (Without Cause). Neither party shall be permitted to terminate the Agreement for convenience during the Initial Term. Once the Agreement is in a Renewal Term, either party may terminate the Agreement at any time with a 90-day advance written notice. 4.4 Termination Notice. For termination to be considered effective, the terminating party must send its termination notice in writing to the other party’s notice address as provided for in the Agreement. 5.FEES; PAYMENT TERMS. 5.1 Payment of Fees. You agree to pay us all Fees permitted by the Agreement. Fees for specific Services are described in the Order Schedule and may be set up to bill quarterly or annually, as we and you may decide. All Fees are based on Services provided, not on your actual usage. 5.2 Fee Milestones. The total Fees for Services within the defined scope of work associated with the Initial Term will be $55,102.00, which will be paid through milestone payments as described below. At the noted milestone date, VS will invoice the Customer for the stated milestone. Prior to invoicing Customer, VS shall advise Customer in writing that the noted milestone has been reached. Upon receipt, Customer will have 15 business days to accept the noted milestone or to advise VS of any deficiencies requiring correction. If Customer fails to timely accept or reject the noted milestone, acceptance shall be deemed to have occurred. VS will not invoice the customer before the 15-business day acceptance period has concluded. Date Milestone Amount Due Project Kickoff 30% of Order Schedule Total $16,530.60 30 Days from Project Kickoff 30% of Order Schedule Total $16,530.60 60 Days from Project Kickoff 40% of Order Schedule Total $22,040.80 Fees associated for all Services under a Renewal Term will be charged at a rate of $37,740 per Renewal Term. VS shall invoice Customer for a Renewal Term at least 90 days prior to the expiration of the then current Term. 3 ©2021 Vermont Systems. All Rights Reserved. In the event either party terminates the Agreement, except for termination associated with Customer’s breach of the Agreement, Customer is entitled to a pro-rata refund of any Fees paid for Services not received. 5.3 Due Date; Late Fees; Interest. Payment is due within 30 days from the date you receive an accurate invoice from us (the “Due Date”). If you do not pay our invoice by the Due Date, any unpaid balance will accrue interest at the rate of 1.0% per month. 5.4 Error Reporting. Please report any errors that you see on an invoice immediately. If you do not dispute a charge within 30 days after receiving it, you will be considered to have accepted the charge. 5.5 COLT Increase. After the Initial Term, all Fees shall be subject to a cost of living and technology (“COLT”) enhancement increase not to exceed five percent (5%) of then current Fees. VS reserves the right to apply the COLT enhancement to any Fees at the start of each Renewal Term, in its sole and absolute discretion. 5.6 Breach for Non-Payment of Fees. Payment not made within 30 days of the Due Date will result in an automatic breach of the Agreement and start the clock on a 20-day period in which to cure. If payment is still not received by the 51st day after the scheduled Due Date, we reserve the right to suspend Services until all outstanding Fees are paid. Continued non-payment of Fees more than 60 days after the Due Date will result in a default under the Agreement. In the event of default, all payments otherwise due to us under the Agreement will be accelerated and will be considered due and payable by you immediately, as of the date of default. We shall have no obligation to release any of your Customer Data until all outstanding Fees are paid in full. 5.7 Taxes. If you are a tax-exempt organization, then this provision does not apply. We have no obligation to pay your taxes under any circumstances. Taxes may include value-added tax (VAT), a goods and service tax (GST), a sales tax, or use or withholding taxes assessed by a local, state, federal, provincial or foreign government entity (collectively, “Taxes”). Please make sure that you have taken appropriate steps to pay your Taxes. We are obligated to comply with all valid tax liens or levies associated with your business. If we must pay Taxes on your behalf, you agree to indemnify us for any such payments within 30 days from your receipt of a special tax-related invoice. 6.MODIFICATIONS. 6.1 Changing the Terms of Service. The written provisions and terms of the Agreement and all its referenced Exhibits shall supersede all prior verbal statements of any officer of other representative of VS or the Customer, or any Terms of Service or other provisions VS has posted on VS’s website, and such statements or web postings shall not be effective or be construed as entering into, or forming a part of, or altering, in any manner, this Agreement. Any changes to the Agreement or any Exhibits thereto are effective only upon mutual acceptance and signing of a proper Amendment to this Agreement. 6.2 Changing the Order Schedule. You may add or remove Services during the Term at any time provided that we agree to such changes and their associated cost through a written Addendum to the Agreement. 6.3 Other Changes to the Agreement. Except as otherwise described in this Section, no modification of the Agreement will be binding unless in writing and mutually signed by an authorized representative of each Party. 7.CUSTOMER DATA. 7.1 Customer Data Generally. You represent and warrant that you own or have appropriate rights to all of your Customer Data. You shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness, and intellectual property ownership or rights to use of all Customer Data (including Patron Data, as applicable). Except as specifically provided for in the Agreement, we shall not be responsible or liable for the deletion, correction, destruction, damage, loss or failure to store any of your Customer Data. 7.2 Hosting Obligations. Hosting of Customer Data on VS-controlled servers and systems does not come standard with all Agreements; Customers must specifically contract for hosting services and pay all associated Hosting Fees. IF A CUSTOMER DOES NOT SELECT VS’S HOSTING SERVICES, AND INSTEAD CHOOSES TO HOST CUSTOMER DATA ON ITS OWN SYSTEMS AND SERVICES, THEN WE MAKE NO WARRANTIES AND DISCLAIM ALL LIABILITY ASSOCIATED WITH SUCH CUSTOMER DATA OR CUSTOMER’S OWN HOSTING ACTIVITIES, INCLUDING (BUT NOT LIMITED TO) INCIDENTS RESULTING IN DATA BREACH, MISAPPROPRIATION OF CUSTOMER DATA, VIOLATIONS OF PRIVACY RIGHTS, AND/OR ANY OTHER SITUATION RESULTING IN DAMAGES OR MONETARY LOSS ARISING OUT OF OR RELATING TO THE HOSTING OR STORAGE OF CUSTOMER DATA. If Customer chooses us for hosting services, and we actually store Customer Data on a VS-controlled system or service, then, in addition to those terms and conditions described in our Privacy Policy, and provided Customer remains current in its payment of Hosting Fees and otherwise compliant with the Agreement, then we make the following limited representations and warranties with respect to our hosting services: we will, at all times during the Term of the Agreement: (a) maintain a comprehensive data security program which includes reasonable and appropriate technical, organizational and security measures against the destruction, loss, unauthorized access or alteration of Customer Data (including Patron Data, as applicable) which measures will be no less rigorous than the accepted security standards for similarly situated companies in the industry; and (b) provide our hosting services in a good and workmanlike manner; and (c) offer hosting services which, to the best of our knowledge, comply with applicable local, state or federal laws. The limited representations and warranties described herein shall be subject to any other limitations of liability described by the Agreement. 7.3 Return of Customer Data. If we are providing you with hosting services, then you shall have access to your Customer Data (including Patron Data, as applicable) for the duration of the Term, subject to the terms and conditions of the Agreement. Upon termination of the Agreement, or where you properly cancel hosting services during the Term, your access to any VS-hosted Customer Data will continue for a period not to exceed 60 days (unless we specifically agree otherwise). As a public agency, Customer is subject to records retention schedules established under Washington State law. Therefore, the Parties agree that upon termination of the Agreement, or cancellation of your hosting services with us, we will store or hold your Customer Data on our servers at our cost and expense until Customer Data is transferred to you under this subsection, which period shall not exceed 60 days from the termination date of the Agreement. Notwithstanding the foregoing, we reserve the right to maintain a copy of any other record, book, file and other data, as specified in the Agreement and in such detail as shall properly substantiate claims for payment, for a minimum of one (1) year beginning on the first day after the Agreement is properly terminated, or for such longer period as may be necessary for the resolution of any dispute, negotiation, audit, or other inquiry involving the Agreement. 8.SPLASH PAGE. We disclaim all liability with respect to the splash pageincluding (but not limited to) compliance with Section 508 of the Rehabilitation Act of 1973, as amended (29 U.S.C. § 794d), and its implementing regulations set forth at Title 36, Code of Federal Regulations, 4 ©2021 Vermont Systems. All Rights Reserved. part 1194, the Americans with Disabilities Act, or any other applicable federal or state laws or regulations relating to accessibility for persons with disabilities. 9.HARDWARE. We shall provide the Hardware identified in the Order Schedule, which is necessary to access our Services or use our Software. The Hardware identified in the Order Schedule complies with our minimum system requirements. Full payment for Hardware and any related third- party software is due in accordance with the terms of the Agreement Any VS-supplied Hardware will include warranties from the manufacturer or distributor, as applicable, for a specific period, and VS agrees to take all actions that may be necessary to transfer those warranties to the Customer. We offer no warranties on Hardware, other than its ability to properly integrate and perform with our Services. 10.INSTALLATION; TRAINING. We will provide an initial install and set- up of the Software as part of the Fees you pay for Services. Subsequent installation or set-up of additional Services beyond those provided for in the Order Schedule will be subject to additional charges on a “time and materials” basis at our standard rates. We offer access to online training materials, including user reference manuals, installation planning guides, report listings, online help and a sample training database with tutorials. At the time of initial install and set-up of the Software, we will provide you with a “base training” in use of the Software as part of your Fees. The base training will be provided online (remote) or at our office located at 12 Market Place, Essex Junction, Vermont 05452. In addition, VS will provide on-site database building services and on-site end user process training services at the fees and rates provided for in Order Schedule to the Agreement. You may request follow-up or additional trainings at our then- current hourly rates, and subject to scheduling availability. Unless we agree otherwise, any additional training will occur online (remote). You may request on-site training at our then-current day rates, subject to scheduling availability. For additional on-site training, you will be responsible for all VS expenses associated with travel, lodging, meals and other necessary expenses associated with training on-site. If scheduled on-site training is cancelled with less than two (2) weeks’ notice, you will be responsible for any travel expense losses, plus an additional rescheduling fee of $250. On- site training booked over a weekend or holiday may be subject to additional charges. 11.CUSTOMER SUPPORT. 11.1 Standard Support. All Customers receiving our Services will receive “Standard Support” services, which includes online support and access to a VS support documentation library. Online support includes access to an online knowledge database, support videos accessible through the VS website, e-learning content and the ability to participate at no additional cost in periodic live webinars offered from time to time by VS. The VS support documentation library is accessible through the VS website and includes access to user reference manuals, installation planning guides, report listings, online help and a sample training database with tutorials. Customers can print any number of copies needed to train staff and manage their business operation. Customers can access standard support channels online, 24 hours a day, 7 days a week. VS’s standard support services are included with Customer’s payment of Software Fees. 11.2 Premium Support (Support Desk). Customers choosing our “Premium Support” service will receive access to our award-winning “Support Desk,” which, in addition to Standard Support, makes certain channels available to Customers like phone and chat support with a live VS support agent. Premium Support Customers will still receive our base training at the time of Software install and set-up. Customers receiving Premium Support shall be responsible for paying Support Fees as described in the Order Schedule. The Support Desk is open for call-in phone support five (5) days a week, Monday through Friday, 8 am ET to 8 pm ET; real-time chat support is available five (5) days a week, Monday through Friday, 8 am ET to 5 pm ET. Premium Support includes online portal case creation, email assistance and call-back services, and Customer ability to choose remote- in live support services via Zoom or Microsoft Teams. 11.3 Customer Support Not Provided. Regardless of whether you are a Standard Support or Premium Support Customer, we do not provide the following customer support services as part of the Agreement: (a) actual usage of standard hour pager support, 8 pm ET to 8 am ET, Monday through Friday, and Saturday, Sunday and holidays, 24 hours, 7 days a week; (b) travel and out-of-pocket expenses for installation and on-site training services; (c) telephone support related to computer hardware, operating systems, networking, reinstallation and configuration of application software (including VIC), point-of-sale hardware, and access control hardware; (d) telephone support and/or training as a substitute for on-site training or classroom training; (e) VS application software WAN access configuration; (f) customized discovery, programs, development, and maintenance; (g) interfaces to export or import data from or to other application software databases; and (h) extended dedicated support to implement or change certain functions, such as switching from cash to accrual accounting or customizing WebTrac splash page; (i) performing periodic VS software updates if database is on-premises; (j) purchase installation or configuration of SSL certificates for on-premises configurations; and (k) data entry or database management. VS may provide some of these Services under a separate engagement, the terms of which should be agreed upon and documented in a signed Statement of Work. 11.4. Remote Access Authorization. We will provide you with on-going support or updates for the proper functioning of our Services, including the Software, which we can only provide or make available through remote access to your technology systems. By using our Services, or accessing our Software, you expressly authorize us to access your technology systems remotely for the limited purpose of providing you with any support or updates relevant to our Services. Prior to Go-Live, VS will confirm that it can fully access Customers technology systems in order to provide the support and updates necessary to maintain the Services. After Go-Live, you shall be solely liability for the cost, interoperability, proper functioning, and security of any remote access facilities or methods used by you, and we shall not be deemed to be in violation of our obligations to you, nor in breach of the Agreement, as the result of our inability to remotely access your technology systems, unless such inability is attributable to any Software update performed by VS. In such event, VS agrees to assist the Customer in troubleshooting the issue and re-establishing VS’s remote access. Our right of remote access as described herein shall be deemed a continuing right until such time as the Agreement terminates, for any reason. We agree to use commercially reasonable efforts to comply with any of your published security-related protocols when remotely accessing your technology systems. 12.PAYMENT SERVICES. To be eligible for Payment Services, you mustcomplete our Sub-Merchant Application and submit it to Company underwriting for approval. Once accepted, your Sub-Merchant Application with convert to a Sub-Merchant Agreement, inclusive of the Sub-Merchant Application and Agreement (SMAA) and our Payment Service Terms and Conditions, which shall be considered part of the Agreement. 13.PROFESSIONAL SERVICES. [Reserved]. 14.CUSTOM DEVELOPMENT. While we welcome any suggestions orcomments you might have about how we can improve our products and 5 ©2021 Vermont Systems. All Rights Reserved. services, we do not custom develop our Services (including the Software) to suit the business needs of any particular client. We will consider all suggested improvements to the Services, and, as we determine, will incorporate any approved items to our development roadmap. If there is a feature or functionality that you would like to see added to our Services, and you would like the project completed on a certain timeline, you can make a custom development request and, based on our staffing and other considerations, we will scope the project and provide you with a written quote which you can accept or reject. Custom development work will be considered a separate engagement for Professional Services and will become part of the Agreement through a mutually negotiated Statement of Work. Custom development work shall not be considered work-for-hire. We will own and control any product outcome of the engagement and we reserve the right to incorporate any new feature or functionality into our larger product or service offerings. 15.OWNERSHIP RIGHTS. 15.1 What Belongs to VS. We reserve all title and interest to our Intellectual Property Rights. We alone own our Intellectual Property Rights, in addition to any suggestions, ideas, enhancement requests, feedback, recommendations, or other information provided by you or any other party relating to our Services. In addition, we retain all rights, title and interest in and to our Software and any splash page designs that we may create and/or maintain on your behalf and license to you. The Vermont Systems™, VS™ and VS Payments™ names and logos are registered trademarks of Vermont Systems, Inc., and no right or license is granted to use them without our express written permission. 15.2 What Belongs to Customer. With the exception of Patron Data (which remains the property of individual Patrons), you reserve all rights, title and interest to your Customer Data. You own all rights, title and interest to Customer trademarks, service marks and other intellectual property. 15.3 Use of Records and Documents. Original documents, drawings, designs, reports, or any other records developed or created under this Agreement shall belong to and become the property of the Customer. All records submitted by the Customer to VS will be safeguarded by VS. VS shall make such data, documents, and files available to the Customer upon the Customer’s request. VS acknowledges that the Customer is a public agency subject to the Public Records Act codified in Chapter 42.56 of the Revised Code of Washington. As such, VS agrees to cooperate fully with the Customer in satisfying the Customer’s duties and obligations under the Public Records Act. The Customer’s use or reuse of any of the documents, data, and files created by VS for this project by anyone other than the Customer on any other project shall be without liability or legal exposure to VS. 16.CONFIDENTIALITY. Except as otherwise provided for by this section, aparty (the “Receiving Party”) shall not disclose the disclosing party's (the “Disclosing Party”) Confidential Information to any person or entity, except to the Receiving Party's employees who have a need to know the Confidential Information for the Receiving Party to exercise its rights or perform its obligations under the Agreement. Each party may disclose Confidential Information to the limited extent required (a) in order to comply with the order of a court or other governmental body, or as otherwise necessary to comply with applicable law, court rule, or subpoena; provided, that the party making the disclosure pursuant to the order shall first have given written notice to the other party; or (b) to establish a party's rights under this Agreement, including to make required court filings. Each Party's obligations of non-disclosure with regard to Confidential Information are effective as of the Effective Date and will expire one year after the termination of the Agreement; provided, however, with respect to any Confidential Information that constitutes a trade secret (as determined under applicable law), such obligations of non-disclosure will survive the termination or expiration of the Agreement for as long as such Confidential Information remains subject to trade secret protection under applicable law. 17. PROTECTION OF EDUCATIONAL INFORMATION. We understandand acknowledge that in the performance of our Services, we may have access to private and confidential information regarding students, parents, guardians, faculty, donors, employees, staff, alumni (collectively, “Educational Information”) that may be covered by the federal Family Educational Rights and Privacy Act (“FERPA”), or similar state laws. We will not disclose, copy, or modify any Educational Information without your prior written consent, or unless otherwise required by law. We will notify you if we become aware of a possible unauthorized disclosure or use of Educational Information. 18.LIMITED WARRANTIES. We represent and warrant that (a) we ownthe appropriate rights to license and/or sublicense our Services (including the Software); (b) the Services (including the Software) will conform with any then-available published specifications; (c) to the best of our knowledge, our Software is free of any viruses, Trojan horses, malware, spyware, ransomware or other harmful code; and (d) that there have been no violations of copyrights or patent rights in connection with the Services (including the Software) offered. We do not warrant that the Services (including the Software) will be entirely free from defect or error. EXCEPT AS SPECIFICALLY STATED HEREIN, THE SERVICES (INCLUDING THE SOFTWARE) ARE BEING PROVIDED ON AN “AS IS” BASIS, WITHOUT WARRANTY OF ANY KIND. EACH PARTY HEREBY EXPRESSLY DISCLAIMS ALL OTHER WARRANTIES, WHETHER EXPRESS OR IMPLIED. No advice or information, whether written or oral, obtained from us, or any member of our Team, will create any warranty not expressly made. If you are a California resident, you waive California Civil Code § 1542, which says: “A general release does not extend to claims which the creditor does not know or suspect to exist in his favor at the time of executing the release, which if known by him must have materially affected his settlement with the debtor.” 19.LIMITATIONS OF LIABILITY. 19.1 SERVICE LEVEL FAILURE. EXCEPT FOR THOSE SERVICE LEVEL FAILURES THAT RESULT IN A MATERIAL BREACH OF THIS AGREEMENT, YOUR EXCLUSIVE REMEDY FOR A VERMONT SYSTEM-CAUSED SERVICE LEVEL FAILURE, AS DESCRIBED BY THE AGREEMENT, SHALL BE YOUR RIGHT TO TERMINATE THE AGREEMENT FOR CAUSE AND WITHOUT PENALTY FOLLOWING THE EXPIRATION OF ANY APPLICABLE NOTICE AND CURE PERIODS, AND/OR ANY CREDITS TO WHICH YOU MAY BE ELIGIBLE UNDER AN APPLICABLE SERVICE LEVEL AGREEMENT. 19.2 EXCLUDED DAMAGES. WITH THE EXCEPTION OF ALL FEES OWED BY CUSTOMER UNDER THE AGREEMENT, IN NO EVENT SHALL EITHER PARTY BE LIABLE OR RESPONSIBLE TO THE OTHER FOR ANY TYPE OF INCIDENTAL, PUNITIVE, INDIRECT OR CONSEQUENTIAL DAMAGES, INCLUDING BUT NOT LIMITED TO, LOST REVENUE OR LOST PROFITS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, WHETHER ARISING UNDER A THEORY OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE. 19.3 DAMAGE CAP AS TO CITY OF KENT. NOTWITHSTANDING ANY OTHER PROVISION TO THE CONTRARY, OUR MAXIMUM DIRECT LIABILITY TO YOU UNDER THE AGREEMENT SHALL, UNDER NO CIRCUMSTANCES, EXCEED TWO HUNDRED FIFTY THOUSAND DOLLARS ($250,000). 6 ©2021 Vermont Systems. All Rights Reserved. 19.4 DAMAGE CAP AS TO THIRD-PARTY CLAIMS. OUR MAXIMUM AGGREGATE LIABILITY FOR INDEMNIFIABLE THIRD-PARTY CLAIMS (AS FURTHER DESCRIBED IN SECTION 20.2) SHALL, UNDER NO CIRCUMSTANCES, EXCEED THE LIMITS OF THE INSURANCE LIMITS IN PLACE AT THE INCEPTION OF THE AGREEMENT. 19.5 TIME LIMITATION. YOU FURTHER AGREE THAT ANY CLAIM WHICH YOU MAY HAVE AGAINST US MUST BE FILED WITHIN TWO (2) YEARS AFTER SUCH CLAIM AROSE OR WAS DISCOVERED, OTHERWISE THE CLAIM SHALL BE PERMANENTLY BARRED. 19.6 MATERIALITY. THE LIMITATIONS IN THIS SECTION ARE A MATERIAL BASIS OF THE BARGAIN, AND THE TERMS OF THE AGREEMENT WOULD BE DIFFERENT WITHOUT SUCH LIMITATIONS. THE LIMITATIONS IN THIS SECTION ARE INTENDED TO APPLY WITHOUT REGARD TO WHETHER OTHER PROVISIONS OF THE AGREEMENT HAVE BEEN BREACHED OR HAVE PROVEN INEFFECTIVE. MULTIPLE CLAIMS WILL NOT ENLARGE ANY DAMAGES CAP DESCRIBED HEREIN. 20.MUTUAL INDEMNIFICATION. 20.1 INDEMNIFICATION BY THE CITY OF KENT, WA. You shall indemnify and defend us (including any member of our Team) and hold us harmless from and against all liabilities, losses, costs and expenses, including reasonable attorneys’ fees and any fees, fines, penalties or assessments charged by any Regulatory Authority (collectively, “Losses”), in connection with any third-party claims, actions, demands or proceedings (made or threatened), and related to your misuse of the Services (including, without limitation, the Prohibited Uses described by Section 3.4 of this Terms of Service), your default under the Agreement, or your gross negligence or willful misconduct. 20.2 INDEMNIFICATION BY VERMONT SYSTEMS. We will indemnify, defend, and hold you, your directors, officers, agents, employees, and representatives (collectively, “Customer Indemnitees”) harmless from and against all liabilities, losses, costs and expenses, including reasonable attorneys’ fees and any fees, fines, penalties or assessments charged by any Regulatory Authority (collectively, “Losses”), in connection with any third-party claims, actions, demands or proceedings (made or threatened), and related to our negligent acts or omissions in our performance under the Agreement, our fraudulent acts or willful misconduct, or our infringement on the intellectual property rights of a third party. With respect to indemnity based on our infringement on the intellectual property rights of a third party, we may, at our option an expense, either (a) procure from the holder of such intellectual property the right to continue using such intellectual property; or (b) replace or modify the intellectual property as part of our Services so that it becomes non-infringing and remains functionally equivalent. 21.DISPUTE RESOLUTION. [Reserved] 22.NOTICES; GOVERNING LAW; JURISDICTION. 22.1 General. Who you are contracting with under this Agreement, who you should direct notice to under this Agreement, what law will apply in any lawsuit arising out of this Agreement, and which court can adjudicate any such lawsuit to this Agreement are as follows: Who you are contracting with: RecTrac, LLC Notices to be sent to: 12 Market Place Essex Junction, VT 05452 legal@vermontsystems.com Governing law is: Washington Courts having exclusive jurisdiction are: State courts of King County, Washington, or the U.S. District Court for Washington 22.2 Manner of Giving Notice. Except as otherwise specified in this Agreement, all notices, permissions and approvals hereunder shall be in writing and shall be deemed to have been given upon (a) personal delivery; (b) the second business day after mailing; (c) the second business day after sending by confirmed facsimile; or (d) the first business day after sending by email (provided email shall not be sufficient for notices of termination or an indemnifiable claim). Notices to you shall be addressed to the designated contact person identified in the Services Agreement at the email address or physical address listed. 22.3 Agreement to Governing Law and Jurisdiction. This Agreement shall be governed by and construed in accordance with the laws of the State of Washington. If the parties are unable to settle any dispute, difference or claim arising from the parties’ performance of this Agreement, the exclusive means of resolving that dispute, difference or claim, shall only be by filing suit exclusively under the venue, rules and jurisdiction of the King County Superior Court, King County, Washington, unless the parties agree in writing to an alternative dispute resolution process. 22.4 Waiver of Jury Trial. Each party hereby waives any right to jury trial in connection with any action or litigation in any way arising out of or related to this Agreement. 23. GENERAL PROVISIONS. 23.1 Privacy Rights. You are required to comply with our Privacy Policy provided for in the Agreement. 23.2 Minimum System Requirements / Interoperability. It is your responsibility to ensure your computer systems, internet connections, IT infrastructure, peripherals, systems, servers, mobile devices and/or workstations comply with the minimum system requirements necessary to receive our Services. We shall not be responsible for any internet speed or connectivity issues at your location, or other problems related to your technology equipment, including third party internet service or your IT infrastructure. You shall be required to comply with the technical specifications provided for in this Agreement. 23.3 Reference. You agree that, within 30 days of the Effective Date, we may issue a new business press release about our business association and post your logo and a brief description of your business on our website. 23.4 Independent Contractor Relationship. The Parties intend that an Independent Contractor-Employer Relationship will be created by this Agreement. By their execution of this Agreement, and in accordance with Ch. 51.08 RCW, the parties make the following representations: (a) VS has the ability to control and direct the performance and details of its work, the Customer being interested only in the results obtained under this Agreement; (b) VS maintains and pays for its own place of business from which the Customer’s services under this Agreement will be performed; (c) VS has an established and independent business that is eligible for a business deduction for federal income tax purposes that existed before the Customer retained VS’s services, or VS is engaged in an independently established trade, occupation, profession, or business of the same nature as that involved under this Agreement; (d) VS is responsible for filing as they become due all necessary tax documents with appropriate federal and state agencies, including the Internal Revenue Service and the state Department 7 ©2021 Vermont Systems. All Rights Reserved. of Revenue; and (e) VS maintains a set of books dedicated to the expenses and earnings of its business. 23.5 Non-Discrimination Endorsement. In the hiring of employees for the performance of work under this Agreement or any subcontract, VS, its subcontractors, or any person acting on behalf of VS or its subcontractor shall not, by reason of race, religion, color, sex, age, sexual orientation, national origin, or the presence of any sensory, mental, or physical disability, discriminate against any person who is qualified and available to perform the work to which the employment relates. VS shall execute the City of Kent’s Equal Employment Opportunity Policy Declaration, Comply with City Administrative Policy 1.2, and upon completion of the contract work, file a Compliance Statement. 23.6 Export Controls. The Services and any derivatives thereof may be subject to export laws and regulations of the United States and other jurisdictions. Each party represents that it is not named on the United States’ government denied-party list. Additionally, you shall not permit End Users to access or use the Subscription Services while located in a United States embargoed country (currently Cuba, Iran, North Korea, Sudan, Syria or Crimea), or in violation of any United States’ export law or regulation. 23.7 Anti-Bribery. You agree that neither your employees, agents or representatives have received or been offered any illegal or improper bribe, kickback, gift, or thing of value from us, or any member of our Team, in connection with the Agreement. If you learn of any violation of the above restrictions, you agree to promptly notify us. 23.8 Exchange of Information. The Customer will provide its best efforts to provide reasonable accuracy of any information supplied by it to VS for the purpose of completion of the work under this Agreement. 23.9 Right of Inspection. Even though VS is an independent contractor with the authority to control and direct the performance and details of the work authorized under this Agreement, the work must meet the approval of the Customer and shall be subject to the Customer’s general right of inspection to secure satisfactory completion. 23.10 Safety Precautions. VS shall take all necessary precautions and shall be responsible for the safety of its employees, agents, and subcontractors in the performance of the contract work and shall utilize all protection necessary for that purpose. All work shall be done at VS’s own risk, and VS shall be responsible for any loss of or damage to materials, tools, or other articles used or held for use in connection with the work. 23.11 Recyclable Materials. Pursuant to Chapter 3.80 of the Kent City Code, the Customer requires its contractors and consultants to use recycled and recyclable products whenever practicable. A price preference may be available for any designated recycled product. 23.12 Public Records Act. VS acknowledges that the Customer is a public agency subject to the Public Records Act codified in Chapter 42.56 of the Revised Code of Washington and documents, notes, emails, and other records prepared or gathered by VS in its performance of this Agreement may be subject to public review and disclosure, even if those records are not produced to or possessed by the Customer. As such, VS agrees to cooperate with the Customer in satisfying the Customer’s duties and obligations under the Public Records Act at Customer’s cost and expense. 23.13 Business License. Prior to commencing the tasks described in this Agreement, VS agrees to provide proof of a current City of Kent business license pursuant to Chapter 5.01 of the Kent City Code. 23.14 Legal Advice. All Professional Services and other information provided to you in the normal course of our business relationship should be considered for informational purposes only and is not to be taken as legal advice. You are advised to speak with your own independent counsel about all matters of a legal nature. 23.15 Waiver; Cumulative Remedies. No failure or delay by either party in exercising any rights under the Agreement shall constitute a waiver of that right. Other than as expressly stated herein, the remedies provided in the Agreement are in addition to, and not exclusive, of any other remedies of a party at law or in equity. 23.16 Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld). Notwithstanding the foregoing, we may assign this Agreement in its entirety without your consent, to our affiliates or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of our assets not involving one of your direct competitors. Subject to the foregoing, the Agreement shall bind and inure to the benefit of the parties, their respective successors and permitted assigns. 23.17 Force Majeure. Neither Party shall be liable to the other for breach due to delay or failure in performance resulting from acts of God, acts of war or of the public enemy, riots, pandemic, fire, flood, or other natural disaster or acts of government (“Force Majeure Event”). Performance that is prevented or delayed due to a Force Majeure Event shall not result in liability to the delayed party. Both parties represent to the other that at the time of signing this Agreement, they are able to perform as required and their performance will not be prevented, hindered, or delayed by the current COVID-19 pandemic, any existing state or national declarations of emergency, or any current social distancing restrictions or personal protective equipment requirements that may be required under federal, state, or local law in response to the current pandemic. If any future performance is prevented or delayed by a Force Majeure Event, the party whose performance is prevented or delayed shall promptly notify the other party of the existence and nature of the Force Majeure Event causing the prevention or delay in performance. Any excuse from liability shall be effective only to the extent and duration of the Force Majeure Event causing the prevention or delay in performance and, provided, that the party prevented or delayed has not caused such event to occur and continues to use diligent, good faith efforts to avoid the effects of such event and to perform the obligation. Notwithstanding other provisions of this section, VS shall not be entitled to, and the Customer shall not be liable for, the payment of any part of the contract price during a Force Majeure Event, or any costs, losses, expenses, damages, or delay costs incurred by VS due to a Force Majeure Event. Performance that is more costly due to a Force Majeure Event is not included within the scope of this Force Majeure provision. If a Force Majeure Event occurs, the Customer may direct VS to restart any work or performance that may have ceased, to change the work, or to take other action to secure the work or the project site during the Force Majeure Event. The cost to restart, change, or secure the work or project site arising from a direction by the Customer under this clause will be dealt with as a Project Change Request, except to the extent that the loss or damage has been caused or exacerbated by the failure of the VS to fulfill its obligations under this Agreement. Except as expressly contemplated by this section, all other costs will be borne by Customer. 8 ©2021 Vermont Systems. All Rights Reserved. 23.18 Survivability. Even if you terminate the Agreement with us, the following sections of the Agreement will still apply: Terms of Service Section 7.2 (Hosting Obligations); Section 16 (Confidentiality); Section 17 (Protection of Educational Information); Section 18 (Limited Warranties); Section 19 (Limitations of Liability); Section 20 (Mutual Indemnification); Section 22 (Notice; Governing Law; Jurisdiction); Section 23.14 (Legal Advice); Section 23.17 (Force Majeure) and Section 23.22 (Entire Agreement; Priority of Documents). 23.19 Severability. The invalidity or unenforceability of any provision of the Agreement will not affect the validity or enforceability of the other provisions of the Agreement, which provisions will remain in full force and effect. If any provision of this Agreement shall be deemed unenforceable by reason of its extent, duration, scope or otherwise, then the parties contemplate that the court making such determination will alter such provisions so that it is enforced and will enforce it in its altered form for all purposes contemplated by the Agreement. 23.20 Headings. The bolded headings contained in the Agreement are for convenience of reference only, shall not be deemed to be a part of the Agreement and shall not be referred to in connection with the construction or interpretation of the Agreement. 23.21 Construction. For purposes of the Agreement, wherever the context requires, the singular shall include the plural, and vice versa; the masculine gender shall include the feminine and neuter gender, and vice versa; and “and” shall include “or,” and vice versa. Any rule of construction to the effect that ambiguities are to be resolved against the drafting party shall not be applied in the construction or interpretation of the Agreement. 23.22 Entire Agreement; Priority of Documents. The Agreement (including these Terms of Service) and any additional terms or Addenda, as applicable, make up the entire Agreement and supersede all prior agreements, representations, and understandings. All additional terms and/or Addenda will be considered incorporated into the Agreement when you agree to them. If there is an actual conflict or direct inconsistency between any of the attachments, schedules or exhibits referenced in the Services Agreement, then the following shall be the prioritization of documents that should be deemed to control and govern: first, any later-signed Addenda or Statement of Work (as applicable); then the Services Agreement; then the Service Level Agreement (as applicable); then the Terms of Service; then the Privacy Policy. 23.23 Counterparts and Signatures by Fax or Email. This Agreement may be executed in any number of counterparts, each of which shall constitute an original, and all of which will together constitute this one Agreement. Further, upon executing this Agreement, either party may deliver the signature page to the other by fax or email and that signature shall have the same force and effect as if the Agreement bearing the original signature was received in person. 23.24 Consent to Do Business Electronically. By signing the Services Agreement, you consent to do business electronically, which means that you agree that all VS agreements and policies, including amendments thereto and documents referenced therein, as well as any notices, instructions, or any other communications regarding transactions and your agreements with VS may be presented, delivered, stored, retrieved, and transmitted electronically. You must keep us informed of any change in your electronic or mailing address or other contact information. Your electronic signature, including, without limitation clicking “Agree and Continue” or “I Accept” or an action of similar meaning or significance, shall be the legal equivalent of your manual signature. You may withdraw your consent to doing business electronically at any time by contacting us and withdrawing your consent. However, any communications or transactions between us before your withdrawal of such consent, will be valid and binding. Explanation of Quote:RFI - SaaS with Gold Hosting-6/9/21 Update City of KentPrepared For: Steve Barton, Prjoect Manager (Contracted) Contact Email: Contact Name: SBarton@kentwa.gov Joshua Karson (Senior Sales Manager) Toll Free: Email:JoshuaK@VermontSystems.com 877-883-8757 Prepared By: Contact Phone: Direct Phone:802-276-5604 Exhibit B - UPDATED 6/09/2021 Adjusted to remote based training/implementation Kent, WA Notes: Services (recurring)Qty Unit Price Monthly Price VSI Cloud VS Cloud Hosting Standard Service - Gold - First 5 Users Monthly †(188) 1 $875.00 $875.00 $10,500.00 VS Cloud Hosting Standard Service - Gold - Add'l Users Monthly †(189) 20 $45.00 $900.00 $10,800.00 Software Subscription RecTrac/WebTrac Workgroup Base Software (16-25 concurrent users) †(137) 1 $370.00 $370.00 $4,440.00 Activity Registrations †(141)1 $130.00 $130.00 $1,560.00 Facility Reservations †(142)1 $130.00 $130.00 $1,560.00 Pass Management †(143)1 $130.00 $130.00 $1,560.00 POS/Inventory/Tickets †(144)1 $130.00 $130.00 $1,560.00 League Scheduling †(147)1 $130.00 $130.00 $1,560.00 SaaS Each Add'l Concurrent User over 2 †(177)23 $10.00 $230.00 $2,760.00 General Ledger Interface - Custom †(178)1 $90.00 $90.00 $1,080.00 Activity Registration Brochure Custom Interface 1 $30.00 $30.00 $360.00 Tax:$0.00 Total:$37,740.00 Services (non-recurring)Qty Unit Price Price WebTrac Configuration Splash Page Template †(47)1 $1,000.00 $1,000.00 Style Sheet †(48)1 $750.00 $750.00 Tax:$0.00 Total:$1,750.00 Hardware & Supplies Qty Unit Price Price Cash Drawers Star CD3-1616BK58-S2 Cash Drawer Dumb, 16"x16", Blk, 5B/8C, Cable 1 included 1 $125.00 $125.00 Payment Card Readers Credit Card EMV (Chip) Device - Budget Purposes Only † (172) 1 $895.00 $895.00 Receipt Printers Star TSP143IIIU, 40 col Thermal, USB, Cutter †(181)1 $265.00 $265.00 Bar Code Scanners Honeywell MK7580G 1D/2D Genesis Imager, USB Cable † (183) 1 $345.00 $345.00 Digital Cameras Logitech C920 Webcam, HD 1920x1080p, AutoFocus †(187)1 $95.00 $95.00 1www.vermontsystems.com sales@vermontsystems.com Quote Number: QUO-09155-Y5K9N8 06/09/2021 Software Pricing is valid for 120 Days Hardware Pricing is Subject to Change EXHIBIT B Touch Screen Monitors ELO 2202L Touch Monitor 22" LCD Desktop, Black, Full HD (1920 X 1080) †(185) 1 $495.00 $495.00 Supplies Thermal Receipt Paper, 1 Ply, 3.125", 50 Rolls/Case †(184)1 $95.00 $95.00 Shipping (FOB Origin):$137.00 Tax:$0.00 Total:$2,452.00 Training & Expenses Qty Unit Unit Price Price Training - Remonte (estimated)72.0 Hour $125.00 $9,000.00 Dedicated Training Day - Remote (estimated)2.0 Day $800.00 $1,600.00 Discovery Time - Remote 8.0 Hour $125.00 $1,000.00 Tax:$0.00 Total:$11,600.00 TOTALS: Services (recurring) (prorated year 1)$37,740.00 Services (non-recurring)$1,750.00 Hardware & Supplies $2,452.00 Training & Expenses $11,600.00 Total:$53,542.00 For planning purposes, the annual recurring cost will be: $37,740.00 Other Products of Interest: Credit Card EMV (Chip) Device - RENT - Budget Purposes Only (Footnote: 173) $25.00 † Footnotes: 47 Splash Page Options: 14 templates available for 10.3 18 templates available for 3.1 These templates are available on the VSI website for your review. All 18 templates have been created using responsive design. The $1000 fee includes access to one template of your choice along with VSI support to implement the template on your site. This typically takes 2-4 hours. Any time over 4 hours due to change requests will be charged at $125/hour. Any design changes to a template that requires custom programming will be charged at $175/hour. The Splash Page will display using responsive design. If you are licensed for Mobile WebTrac, all WebTrac screens, in addition to the Splash page, will display properly for patrons accessing WebTrac from their mobile device (responsive design). Please contact sales for additional information about Mobile WebTrac. 48 VSI will customize the WebTrac stylesheet to match the appearance of your web site as closely as possible. After you have finalized your WebTrac page specifications, you will be asked to sign an approval form. VSI will provide the stylesheet programming services and then ask you to verify that the results match your specs. If you ask for additional changes following the completion of the initial styling then each major change request is priced at $750.00. Minor & Seasonal change requests are priced at $375.00 each. 2www.vermontsystems.com sales@vermontsystems.com Quote Number: QUO-09155-Y5K9N8 06/09/2021 Software Pricing is valid for 120 Days Hardware Pricing is Subject to Change 137 The SaaS RecTrac/WebTrac Workgroup Base Level Application Software is required for all installations with 16-25 concurrent users. Each application module is priced separately based on the individual functional requirements needed. The base includes 2 Concurrent User Licenses, Systems Management, Report Writer, Incident Reporting, Dashboard, Global Sales, Household Management, Document Center, Audit Log, POS Lite (Donations, Gift Cards), Touch Processing, ID Integration, Advanced Rule & Fee Configuration, Webspeed Agents, Mobile WebTrac, and the Progress Enterprise RDBMS. VS Premium Support Services are included. Other add-ons will be priced separately. Initial Term: 36 months. The Initial Term will commence on the first day of the month in which the software is implemented and available for the Customer’s use and will end 36 consecutive months later. Renewal Term: 12 months. Unless Customer provides written notice of cancellation at least 90 days prior to the expiration of the applicable Term, the Agreement will automatically renew for another 12 month term. 141 ACTIVITY REGISTRATIONS NOTES: >Track all program enrollments > Manage rosters, waitlists, and waivers > Track class attendance and billing > Instructor payment processing > Custom brochure exports This rate represents a minimum one-year subscription commitment. See contract agreement for specific terms. 142 FACILITY RESERVATIONS NOTES: > Manage all your facility schedules > Track overlapping facilities > Grid-based visual booking tool > Check availability of facilities > Integrated with activities, leagues and trainers This rate represents a minimum one-year subscription commitment. See contract agreement for specific terms. 143 PASS MANAGEMENT NOTES: > Standard PMP software enables (optional) capture of photo image during registration and display of photo during Visit Check-In. You can also add the PMP ID software interface to print multi-color plastic photo ID cards. > Create custom ID cards or key fobs > Track attendance and demographics > Track guest and daily entry fees > Capture and display member photos > Automated renewal emails/notifications This rate represents a minimum one-year subscription commitment. See contract agreement for specific terms. 144 POS/INVENTORY/TICKETS NOTES: > Module includes both RecTrac & WebTrac options > Touchscreen-based inventory sales > Complete POS inventory control > Manage tickets, gift cards and service items > UPC barcode integration > Full range of certified POS hardware available for purchase This rate represents a minimum one-year subscription commitment. See contract agreement for specific terms. 3www.vermontsystems.com sales@vermontsystems.com Quote Number: QUO-09155-Y5K9N8 06/09/2021 Software Pricing is valid for 120 Days Hardware Pricing is Subject to Change 147 LEAGUE SCHEDULING NOTES: > Manage league play, teams, and players > Record scores and track standings > Manage single and double elimination tournaments > Roster draft options for team creation This rate represents a minimum one-year subscription commitment. See contract agreement for specific terms. 172 The specific credit card EMV (Chip and Pin) device delivered depends on the PayTrac solution you select. This line item is used as a placeholder for budgeting purposes. The different devices range in price from $595-$895. The device in most cases will be purchased directly from the approved Gateway of your choice. 173 Card Connect offers a rental option for the EMV Chip readers. This line item is used for budgeting purposes, as you would rent or purchase these units directly from the vendor. A great benefit of renting is that it provides a future proof option on the hardware as technology changes and new units are required to take advantage. 177 The base software license fee includes the first two concurrent users. Additional users can be added at any time. Each user has access to all licensed software modules, as authorized in the user-defined menu system. This rate is based on a one year subscription commitment. 178 The Custom General Ledger Interface will create a file consisting of postings made to any GL account with activity in RecTrac for a specified date range. The file format will be in a format that your financial software requires. To determine the type of file and content we provide a questionnaire to be completed and submitted along with your order. Upon receipt we will contact you to discuss the questionnaire and create the Custom GL Interface statement of work (SOW). When interface is ready to be implemented the VS Trainer will configure the VS application for the appropriate vendor interface and will show the Customer how to generate the batch export file. At this point, it is the Customer’s responsibility to contact the financial software vendor to arrange for assistance to import the daily batch file for automatic posting to the general ledger system. The VSI trainer is not responsible for importing the batch files into any third-party application software or for contacting the vendor. IMPORTANT: The RecTrac General Ledger Interface is not and cannot be a cash-receipts interface. 181 Includes power supply, power cord, auto cutter and cable. Wall mountable. 183 Honeywell MK7580G-2 Genesis Bar Code Imager USB Kit, 1D/2D, PDF17, Gray, Type A 3M Cable (9.5' - Cbl-500-300-S00)), Power Supply, EasyID Software option, and VSI Custom Configuration. USB keyboard emulation is standard with optional Serial or Parallel emulation. Standard keyboard emulation used to connect reader to dedicated computer. This scanner can be used for RecTrac Background Visit Check-in by configuring it for Serial Emulation using the same USB cable. This enables the computer to be used for other functions, while it is also being used to scan visitor ID cards. 184 Thermal Receipt Paper, 1 Ply, 50 Roll/Case for Star, Epson, & Ithaca receipt printers. 185 ELO 2202L 22" LCD Desktop, Black, Full HD (1920 X 1080 Resolution), Projective Capacitive, USB Controller, Anti-Glare, Zero Bezel, Mini-VGA and HDMI Video 187 Logitech C920 HD Pro Webcam, HD 1080p up to 1920x1080, HD 720p up to 1280x720p, Wide 78' View, Glass Autofocus Lens, USB 2.0/USB 3.0 Ready, Windows 7/8/10, UVC H.264 Compliant, Tripod Mountable, 2-Year Warranty. 188 The base Hosting Services Fee does NOT include the Vermont Systems application software and Progress software annual maintenance fees. Prior to selecting the hosting option, we require customer to test/verify connectivity from all locations to ensure satisfactory performance. Please contact Vermont Systems Sales for additional information and scheduling, 877-883-8757 - Option #2 or email at: sales@vermontsystems.com. Please refer to Vermont Systems legal page for Privacy Policy information: https://www.vermontsystems.com/legal 4www.vermontsystems.com sales@vermontsystems.com Quote Number: QUO-09155-Y5K9N8 06/09/2021 Software Pricing is valid for 120 Days Hardware Pricing is Subject to Change 189 The Additional User Hosting Services Fee does NOT include the Vermont Systems application software and Progress software annual maintenance fees. Prior to selecting the hosting option, we require customer to test/verify connectivity from all locations to ensure satisfactory performance. Please contact Vermont Systems Sales for additional information and scheduling, 877-883-8757 - Option #2 or email at: sales@vermontsystems.com. 5www.vermontsystems.com sales@vermontsystems.com Quote Number: QUO-09155-Y5K9N8 06/09/2021 Software Pricing is valid for 120 Days Hardware Pricing is Subject to Change 1 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 PRIVACY POLICY We take data privacy seriously. This privacy policy explains who we are, how we collect, share and use Personal Information, and how you can exercise your privacy rights. We recommend that you read this privacy policy in full to ensure you are fully informed . However, to make it easier for you to review the parts of this privacy policy that apply to you, we have divided up the document into sections that are specifically applicable to Customers (Section 2), Patrons (Section 3) and Visitors (Section 4). Sections 1 and 5 apply to everyone. To the extent we provide you with notice of different or additional privacy policies, those policies will govern such interactions with our products and services. 1. THE BASICS A. About VS. RecTrac, LLC d/b/a Vermont Systems (“VS,” “we,” “us,” or “our”) is a technology company that develops, maintains and sells a proprietary club -management software and payments solution, and other related services, for business owners operating primarily in the parks and recreation space. VS’s corporate office is located at 12 Market Place, Essex Junction, VT 05452. B. Key Terms. In this privacy policy, these terms have the following meanings: “Customer” is a VS customer. The Customer is the individual, business entity, non-profit, military branch, or municipality contracting with us to receive Services as more specifically identified in the Services Agreement. “End Users” are a Customer’s authorized and licensed users of the Software, as described in the Order Schedule. “Patron(s)” mean(s) the individuals who purchase a Customer’s products and/or services and who otherwise interact with the Software. Patrons are our Customer’s customers, clients, members or military service members. “Personal Information” means any information that identifies or can be used to identity an individual directly or indirectly. Examples of Personal Information include, but are not limited to, first and last name, date of birth, email address, gender, occupation, demographic information, financial data and transaction history . “Services” mean any and all of those products and/or services offered by us to you under the Agreement. Services may include products or services related to software, hosting, hardware, support and/or payments. “Software” means our proprietary technology software and any associated module(s), website(s), third-party integration(s), and mobile application(s) (if applicable). “Site” means our public-facing website, www.vermontsystems.com, or websites that link to www.vermontsystems.com. “Visitor” means, depending on the context, any person who visits the Site, our offices, or otherwise engages with us at our events or in connection with our marketing or recruitment activities . “You” and “your” means, depending on the context, either a Customer, P atron or a Visitor. EXHIBIT C 2 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 C. Scope of this Privacy Policy. This privacy policy describes our practices and your rights in connection with the Personal Information that we may collect, use or disclose as related to: •our Services; •our Software; •the Site; •our social media pages; •any other products or services offered, or emails sent, that direct you to this privacy policy. By accessing or using any of the VS products or services described above (collectively, “VS Services,” unless referred to individually), you agree to the terms and conditions of this privacy policy. 2. PRIVACY FOR CUSTOMERS This section applies to the Personal Information we collect and process from Customers (or potential Customers) through the VS Services. If you are not a Customer, the Patron or Visitor section of this policy may be more applicable to you and your data. In this section, “you” and “your” will refer to Customers (and potential Customers), including their End Users. A. Information We Collect. The Personal Information that we collect depends on the context of your interactions with the VS Services, the settings associated with your Customer or End User account, the products, services and features that you use, your location, and applicable law . However, the Personal Information we collect broadly falls into the following categories: (i) Information you provide to us. You may provide certain Personal Information to us when you set up your Customer or End User account, access VS Services, consult with our customer service team, send us an email, integrate any of the VS Services with a third -party service or your website, or communicate with us in any other way. This information may include: •Business contact information (such as name, job title, legal entity, trade name, organizat ional information, phone number, email address, and country); •Marketing information (such as your contact preferences); •Site set-up (such as account logins, email addresses, usernames and passwords); •Customer Data (which includes any information associated with your Customer site(s) and Customer Data like photos, rosters and Patron Data). •Troubleshooting and support data (which is data you provide or we otherwise collect in connection with support inquiries we receive from you); •Payment information (including banking information for remit purposes, account and routing numbers, credit card numbers and associated identifiers, and billing address); and •Tax information (including your EIN or tax identification number). 3 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 (ii) Information we collect automatically. When you use the VS Services, we may automatically collect or receive certain information about your device or usage (“Service Usage Data”). In some (but not all) countries, including countries in the European Economic Area (“EEA”), this inf ormation is considered Personal Information under applicable data protection laws. We use cookies and other tracking technologies to collect some of this information. For further information, please review our Cookies Policy available here. Service Usage Data may include: •Device Information. We collect information about the device and applications you use to access the Software, such as your IP address, your operating system, your browser ID, and other information about your system and connection. If you are using a VS mobile application (to the extent that we offer such a product), we may also collect information about the cellular network associated with your mobile device, your mobile device’s operating system or platform, the type of mobile device you use, your mobile device’s name and unique device ID, and information about the features of our mobile application that you accessed. •Log Data. Our web servers keep log files that record data each time a device accesses those servers and the nature of each access, including originating IP addresses and your activity in the VS Services (such as the date/time stamps associated with your usage, pages and files viewed, searches and other actions you take), device event information (such as system activity and err or reports), and hardware settings. We may also access metadata and other information associated with files that you upload into the Software. •Usage Data. We collect usage data about you whenever you interact with the VS Services, which may include the dates and times you accessed the VS Services or your browsing activity on the Site . We also collect information about the performance of the VS Services, including metrics related to Software uptime, usage of our APIs, or the deliverability of emails . If you are using a VS mobile application (to the extent that we offer such a product), we may collect information about how often you use the mobile application and other performance data. This information allows us to improve the operation of the VS Services an d facilitate research and analysis of the VS Services . (iii) Information we collect from other sources. From time to time, we may obtain information about you from third-party sources, such as credit reporting agencies, public databases, social media pla tforms, marketing partners, and/or third-party data providers. Examples of the information we receive from other sources may include credit histories, demographic information (such as age and gender), device information (such as IP addresses), location data (such as city and state), and online behavioral data (such as information about your use of social media websites, page view information and search results and links). We may use this information, alone or in combination with other Personal Information we collect, to assess the credit risk associated with opening a merchant or sub-merchant account for you, to enhance our ability to provide relevant marketing or content to you, to better provide you with VS Services, and to develop and provide you with mor e relevant products, features, and services. B. Use of Personal Information. We may use the Personal Information we collect or receive through the VS Services (alone or in combination with other data we source) for the purposes and on the legal bases iden tified below: •To create, administer and assign permissions to your Customer and/or End User account(s) and provide you with related assistance. 4 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 •To bill and collect money owed to us by you under the terms of our Agreement with you. •To perform our obligations under the Agreement with you for the use of any or all of the VS Services; or, where we have not entered into a contract with you, in accordance with our legitimate interests to operate and administer the VS Services. For example, we may create and administer your Customer and/or End User account(s), fulfill and record payment transactions, and provide you with related assistance. •To send you VS Services alerts in reliance on our legitimate interests in administering the VS Services and providing certain features and functionalities. For example, we may inform you about temporary or permanent changes to the VS Services, send you scheduled maintenance updates, or send you account, security or compliance notifications, such as new features or func tionalities, version updates, releases, abuse warnings, and changes to this privacy policy. •To communicate with you about your site(s), Customer and/or End User account(s), and/or permit customer support to provide you with related support services. •To enforce compliance with our Terms of Service, the Agreement, other posted VS policies, and applicable law, and to protect the rights and safety of our other Customers in reliance on our legitimate interest to protect against misuse or abuse of the VS Services and, as needed, to pursue available remedies. •To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, garnishments or tax liens, and other appropriate legal mechanisms. •To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, and security requirements in reliance on our legitimate interests. •To prosecute and defend a court, arbitration or similar proceeding. •To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements. •To provide, support and improve the VS Services to perform our Agreement with you for the use of VS Services; or, where we have not entered into a contract with you, in reliance on our legitimate interests in administering and improving the VS Services and providing certain features and functionalities. This may include sharing your information with third parties in order to provide and support our VS Services or to make certain features or functionalities of the Software available to you. When we share your Personal Information with third parties, we take steps to protect your information in a manner that is consistent with our obligations under applicab le privacy laws. For further information about how we share your information, please refer to Section 5 below. •To run data analytics or reports in reliance on our legitimate business interests in improving and enhancing our VS Services. For example, we may run a data analytics to better understand Customer, End User and/or Patron use of our VS Services, or to better understand general trends and statistics about the parks and recreation industry or a particular market segment . •To facilitate social sharing functionality if you consent to such activities . 5 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 •To allow you to participate in sweepstakes, contests or similar promotions if you consent to such activities. •To share information with other marketers (and their service providers) to permit them to send you marketing communications consistent with your choices. •To send you VS marketing materials that we believe may be of interest to you if you consent to such activities. C. Third-Party Integrations. We may use the Personal Information we collect or receive through the VS Services, as a data processor or as otherwise stated in this privacy policy, to enable your use of the integrations and plugins you choose to connect to your Customer and/or End User account(s). D. Cookies and Tracking Technologies. We and our third-party partners may use various technologies to collect and store Service Usage Data when you use the VS Services (as discussed above), and this may include using cookies and similar tracking technologies, such as pixels and web beacons . For example, we use web beacons in the emails you send, which enable us to track certain behavior, such as whether the email sent through the VS Services was delivered and opened and whether links within the email were clicked . The use of web beacons allow us to collect information such as the recipient’s IP address, browser, email client type and other similar data as further described above details. We use this information to measure the performance of your email campaigns, to provide analytics information , enhance the effectiveness of the VS Services, and for other purposes described above. E. Your Data Protection Rights. Depending on the country in which you reside, you may have the following data protection rights: •To access; correct; update; port; delete; restrict; or object to our processing of your Personal Information. •You can manage your Customer and/or End User account(s) directly from the VS support portal, or you may contact us directly to seek help with managing such account(s) by emailing us at support@vermontsystems.com. You can also manage information about your Patrons directly from your Customer account(s) to be able to do things like access, correct, update, port or delete information that you receive from your Patrons. Note, if any of your Patrons wish to exercise any of these rights, they should contact you directly . You can also contact us at any time to update your marketing preferences (see Section 5. General Information, C. Your Choices and Opt-Outs below). We take reasonable steps to ensure that the data we collect is reliable for its intended use, accurate, complete and up to date. •The right to complain to a data protection authority about the collection and use of Personal Information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA and UK are available here. •Similarly, if Personal Information is collected or processed on the basis of consent, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Information conducted in reliance on lawful processing grounds other than consent. If we receive a request from one of your Patrons, we will either direct the Patron to reach out to yo u, or, if appropriate, we may (but shall not be required to) respond directly to their request. 6 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 3. PRIVACY FOR PATRONS This section applies to the information we process about our Customers’ Patrons, the Customer being the controller of such data (as a “data controller”) and VS being the processor of such data (as a “data processor”). The Software and our related Services are intended for use by paid Customers and their lawful Patrons . As a result, for much of the Personal Information we collect and process about Patrons through the VS Services, we act as a processor of such information on our Customers’ behalf . We are not responsible for the privacy or security practices of our Customers (including their End Users), nor the third parties which Customers may use or contract with for other services provided to them, which may differ from those set forth in this priva cy policy. Please check with the Customer with whom you have a business relationship about the privacy policy or policies it may have in place. For purposes of this section, "you" and "your" refer to Patrons. A. Information We Collect. The Personal Information that we may collect or receive about you broadly falls into the following categories: (i) Information we receive about Patrons from our Customers. A Customer may provide Personal Information about you to us through the VS Services . When you sign up for a Patron account using the Software, your Personal Information, including your name, email address, address, telephone number and certain payment information, becomes associated with our Customer’s account(s) and the particular location within th at Customer account where you are a customer, client or member of the Customer . You can update your Personal Information directly from your Patron account. (ii) Information we collect automatically. When you interact with a marketing campaign that you re ceive from a Customer or access your Patron account through the Software, we may collect information about your device and your interaction with the marketing email, SMS or the Software . We use cookies and other tracking technologies to collect some of this information. Our use of cookies and other tracking technologies is discussed more below and in more detail in our Cookies Policy available here. •Device Information. We collect information about the device and applications you use to access emails sent through the VS Services, such as your IP address, your operating system, your browser ID, and other information about your system and connection. •Usage Data. It is important to us to ensure the security and reliability of the VS Services that we provide. Therefore, we also collect usage data about your interactions with the VS Services, which may include dates and times you access the Software and your browsing activity on the Site . This information allows us to ensure compliance with our Terms of Service and API Terms of Use, to monitor and prevent service abuse, and to ensure we attain certain usage standards and metrics in relation to the VS Services. We also collect information regarding the performance of the VS Services, including metrics related to Software uptime, periods of slowness, or the deliverability of emails that our Customers may send through the Software. This information allows us to improve the content and operation of the VS Services and facilitate research and perform analysis into the use and performance of the VS Services. (iii) Information we collect from other sources. From time to time, we may obtain information about you from third-party sources, such as social media platforms and third -party data providers. For example, if you choose to connect your social media account to your Patron account, certain information from your social media account may be shared with us, including information that’s part of your or your friend’s profiles . We may also collect Personal Information through the VS Services at the direction of our Customers. 7 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 B. Use of Personal Information. We may use the Personal Information we collect or receive about you in reliance on our (and where applicable, our Customers’) legitimate interests for the following purp oses: •To enforce compliance with our Terms of Service and applicable law . This may include utilizing usage data and developing tools and algorithms that help us prevent violations. •To protect the rights and safety of Customers, third parties and VS . •To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms. •To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, and security requirements in reliance on our legitimate interests. •To prosecute and defend a court, arbitration or similar proceeding. •To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements. •To provide, support and improve the VS Services . For example, this may include sharing your information with third parties in order to provide and support our VS Services or to make certain features or functionalities of the Software available to you. When we share your Personal Information with third parties, we take steps to protect your information in a manner that is consistent with our obligations under applicable privacy laws . For further information about how we share your information, refer to Section 5 below. •To run data analytics or reports. Our data analytics or reporting projects use data from our Customers’ accounts, including Personal Information belonging to Patrons, to provide and improve the VS Services. We use information, like your transactions history or bookings records, for example, so we can make more informed predictions, decisions, and products for our Customers . If you prefer your data not be used in this manner, you can opt out of data analytics and reportin g projects at any time by emailing us at privacy@vermontsystems.com with the subject heading titled “Opt Out from Data Analytics and Reporting Projects .” •To carry out other business purposes. To carry out other legitimate business purposes, as well as other lawful purposes about which we will notify you. C. Cookies and Tracking Technologies. We and our third-party partners may use various technologies to collect and store Service Usage Data when you use the VS Services (as discussed above), and this may include using cookies and similar tracking technologies, such as pixels and web beacons . For example, we use web beacons in the emails sent by our Customers, which enable us to track certain behavior, such as whether the email sent through the Software was delivered and opened and whether links within the email were clicked . The use of web beacons allow us to collect information such as the recipient’s IP address, browser, email client type and other similar data as further described above details . We use this information to measure the performance of your email campaigns, to provide analytics information, enhance the effectiveness of the VS Services, and for other purposes described above. 8 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 D. Your Data Protection Rights. Depending on the country in which you reside, you may have the following data protection rights: •To access; correct; update; port; delete; restrict or object to our processing of your Personal Information. •You also have the right to complain to a data protection authority about our collection and use of your Personal Information . For more information, please contact your local data protection authority. Contact details for a data protection authority in the EEA are available here. As described above, for much of the Personal Information we collect and process about Patrons through the VS Services, we act as a processor on behalf of our Customers. In such cases, if you are a Patron and want to exercise any data protection rights that may be available to you under applicable l aw or have questions or concerns about how your Personal Information is handled by us as a processor on behalf of our individual Customers, you should contact the relevant Customer that is using the VS Services, and refer to their separate privacy policy. If you no longer want to be contacted by one of our Customers through the VS Services, please contact the Customer directly to update or delete your data. If you contact us directly, we may either forward your request to the relevant Customer or provide yo u with the identity of the Customer to enable you to contact them directly. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws . We may ask you to verify your identity in order to help us respond efficiently to your request. 4. PRIVACY FOR VISITORS This section applies to Personal Information that we collect and process when you visit the Site, and in the usual course of our business, such as in connection with our recruitment, events, sales and marketing activities or when you visit our offices. In this section, “you” and “your” will refer to Visitors . A. Information we collect (i) Information you provide to us on the Site or otherwise . Our Site offers various ways to contact us, such as through form submission, email or phone, to inquire about our company, our products and our services . For example, we may ask you to provide certain Personal Information when you express an interest in obtaining information about us or the VS Services, take part in surveys, subscribe to marketing, apply for a role with VS, or otherwise contact us. We may also collect Personal Information from you in person when you attend our events or trade shows, if you visit one of our offices, or via a phone call with one of our sales representatives . You may choose to provide additional information when you communicate with us or otherwise interact with us, and we may keep copies of any such communications for our records . The Personal Information we collect may include: •Business contact information (such as your name, phone number, email address, address and country); •Professional information (such as your job title and company); •Nature of your communication; 9 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 •Marketing information (such as your contact preferences); and •Any other information you choose to provide us when completing any ‘free text’ boxes in our forms. (ii) Information we collect automatically through the Site . When you visit our Site or interact with our emails, we use cookies and similar technologies such as pixels or web beacons, alone or in conjunction with cookies, to collect certain information automatically from your browser or device . In some countries, including countries in the EEA, this information may be considered Personal Information under applicable data protection laws . Our use of cookies and other tracking technologies is discussed more below, and in more detail in our Cookie Policy available here. The information we collect automatically includes: •Device information such as your IP address, your browser, device information, unique device identifiers, mobile network information, request information (speed, frequency, the site from which you linked to us (“referring page”), the name of the website you choose to visit immediately after ours (called “exit page”), information about other websites you have recently visited and the web browser you used. •Usage data such as information about how you interact with our emails, Site, and other websites (such as the pages and files viewed, searches, operating system and system configuration information and date/time stamps associated with your usage). B. Use of Personal Information. We may use information we collect through our Site and in connection with our events and marketing activities (alone or in combination with other data we collect) for a range of reasons in reliance on our legitimate interests, including: •To provide, operate, optimize and maintain the Site; •To send you marketing information, product recommendations and non-transactional communications (for example, marketing newsletters, telemarketing calls, SMS, or push notifications) about us, in accordance with your marketing preferences, includi ng information about our products, services, promotions or events as necessary for our legitimate interest in conducting direct marketing or to the extent you have provided your prior consent. •For recruitment purposes if you have applied for a role with VS . •To respond to your online inquiries and requests, and to provide you with information and access to resources or services that you have requested from us. •To manage the Site, including its proper administration and security. •To manage event registrations and attendance, including sending related communications to you. •To register visitors to our offices for security reasons and to manage non -disclosure agreements that visitors may be required to sign. •To improve the navigation and content of the Site. •To identify any server problems or other IT or network issues. 10 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 • To compile aggregated statistics about site usage and to better understand the preferences of our Visitors. • To help us provide, improve and personalize our marketing activities. • To carry out research and development to improve the VS Services. • To conduct marketing research, advertise to you, provide personalized information about us on and off our Site, and to provide other personalized content based on your activities and interests to the extent necessary for our legitimate interests in supporting our marketing activities or advertising our VS Services or instances where we seek your consent. • To carry out other legitimate business purposes, as well as other lawful purposes, such as data analysis, fraud monitoring and prevention, identifying usage trends and expanding our business activities in reliance on our legitimate interests. • To cooperate with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Information to protect our rights or is necessary for our legitimate interest in protecting against misuse or abuse of our Site and/or VS Services, protecting personal pr operty or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, or responding to lawful requests. C. Public Information and Third-Party Websites • Social media platforms and widgets. The Site includes social media features, such as the Facebook Like button. These features may collect information about your IP address and which page you are visiting on our Site, and they may set a cookie to make sure the feature f unctions properly. Social media features and widgets are either hosted by a third party or hosted directly on our Site . We also maintain presences on social media platforms, including Facebook, Twitter, and Instagram . Any information, communications, or materials you submit to us via a social media platform is done at your own risk without any expectation of privacy . We cannot control the actions of other users of these platforms or the actions of the platforms themselves. Your interactions with those featu res and platforms are governed by the privacy policies of the companies that provide them. • Links to third-party websites. The Site includes links to other websites, whose privacy practices may be different from ours. If you submit Personal Information to any of those sites, your information is governed by their privacy policies . We encourage you to carefully read the privacy policy of any website you visit. • Contests and sweepstakes. We may, from time to time, offer surveys, contests, sweepstakes, or other promotions on the Site or through social media (collectively, "Promotions"). Participation in our Promotions is completely voluntary. Information requested for entry may include Personal Information such as your name, address, date of birth, phone number, e mail address, username, and similar details. We use the information you provide to administer our Promotions . We may also, unless prohibited by the Promotion’s rules or law, use the information provided to communicate with you, or other people you select, about the VS Services. We may share this information with our affiliates and other organizations or service providers in line with this privacy policy and the rules posted for our Promotions. 11 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 D. Cookies and Tracking Technologies. We use cookies and similar tracking technologies to collect and use Personal Information about you, including to serve interest-based advertising. For further information about the types of cookies and tracking technologies we use, why, and how you can control them, please see our Cookies Policy available here. E. Other Data Protection Rights. Depending on the country in which you reside, you may have the following data protection rights: •To access; correct; update; port; delete; restrict or object to our processing of your Personal Information. You can exercise these rights by emailing support@vermontsystems.com. •You may also have the right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA are available here. •Similarly, if we have collected and processed your Personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Information conducted in reliance on lawful processing grounds other than consent . You can also contact us at any time to update your marketing preferences (see Section 5. General Information, C. Your Choices and Opt-Outs below). We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may ask you to verify your identity in order to help us respond efficiently to your request. 5. GENERAL INFORMATION A. How We Share Information. We may share and disclose your Personal Information to the following types o f third parties for the purposes described in this privacy policy . For purposes of this section, “you” and “your” refer to Customers, Patrons and Visitors unless otherwise indicated. (i) Our service providers. Sometimes, we share your information with our third-party service providers working on our behalf for the purposes described in this privacy policy . For example, companies we have hired to help us provide and support our VS Services, including the processing of payments, or assist in protecting and s ecuring our systems and services and other business -related functions. The following is a non-exclusive list of third-party service providers that may process your Personal Information in their capacity as a sub -processor of ours. Please review the relevant privacy policies (links are current as of the date of publication of this privacy policy) for further information about how each third -party handles your Personal Information . Third Party Name Privacy Policy Link Worldpay, LLC https://online.worldpay.com/terms/privacy Elavon, Inc. https://www.elavon.com/privacy-policy.html CardConnect https://cardconnect.com/privacy-policy PlugNPlay http://www.plugnpay.com/privacy-policy/ VeriFone https://www.verifone.com/privacy 12 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 (ii) Any competent law enforcement body, regulatory body, government agency, court or other third party where we believe disclosure is necessary (a) as a matter of applicable law or regulation; (b) to exercise, establish, or defend our legal rights; or (c) to protect your vital interests or those of any other person. (iii) A potential buyer (and its agents and advisors) in the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this privacy policy, including your rights to access and choice. We will notify you of the change by sending you an email or posting a notice on our Site. (iv) Any other person with your consent. NOTE: We do not sell your Personal Information to any third party for promotional or marketing purposes . B. Legal Basis for Processing Personal Information (EEA and UK Persons Only). If you are located in the EEA or UK, our legal basis for collecting and using the Personal Information desc ribed above will depend on the Personal Information concerned and the specific context in which we collect it. However, we will normally collect and use Personal Information from you where the processing is in our legitimate interests and not overridden by your data-protection interests or fundamental rights and freedoms. Our legitimate interests are described in more detail in this privacy policy in the sections above titled “Use of Personal Information,” but they typically include improving, maintaining, providing, and enhancing our technology, products, and services; ensuring the security of the VS Services and our Site; and supporting our marketing activities. If you are a Customer, we may need the Personal Information to perform our Agreement with you . In some limited cases, we may also have a legal obligation to collect Personal Information from you . If we ask you to provide Personal Information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not, as well as of the possible consequences if you do not provide your Personal Information. Where required by law, we will collect Personal Information only where we have your consent to do so. If you have questions or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us at support@vermontsystems.com. C. Your Choices and Opt-Outs (i) Customer Account(s); Customer Site. In order to keep your Personal Information accurate and complete, you can log in to review and update your account information, including contact and billing information, via your Customer and/or End User account(s), as applicable. If you are a Customer and would like to change the way we communicate with you, including a change in your primary point of contact (whether for billing purposes or otherwise), please send us the request at accountsreceivable@vermontsystems.com. (ii) Email. If you do not wish to receive emails sent through the Software, you may opt out at any time by following the opt-out or unsubscribe link contained at the bottom of the email itself. Please note that it may take up to ten (10) days to process your request. Please note that if you opt-out from receiving promotional or marketing emails, you may continue to receive emails with information re lated to your account or our Services . If you do not wish to receive any service -related emails from us, you have the option of deactivating your account. 13 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 (iii) SMS (Text Messages). In order to send text messages through the Software, Customers must enab le this functionality in their site settings. Once enabled, an individual Patron can control his or her “text messaging address” by entering a phone directly from the Patron’s account profile and saving the information . Patron’s must verify opt-in consent by entering and confirming a confirmation code sent to the mobile device listed . To revoke consent to receiving text messages, please notify the Customer or remove the mobile number from the “text messaging address” field in the Patron’s account profile. (iv) Cookies. You may also refrain from providing, or withdraw, your consent for cookies . Your browser’s help function should contain instructions on how to set your computer to accept all cookies, to notify you when a cookie is issued; or to not receive cookies at any time. (v) Third Party Analytics Services. We use Google Analytics in conjunction with our Services . Google Analytics is provided by Google, Inc. You can opt-out from Google Analytics service from using your information by installing the Google Analytics Opt-out Browser tool: tools.google.com/dlpage/gaoptout. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page here. D. Our Security. We take appropriate and reasonable technical and organizational measures designed to protect Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the Personal Information. Unfortunately, even with these safeguards, no data transmission or storage system can be guaranteed to be 100% secure . If you have any questions about the security of your Personal Information, you may contact us at support@vermontsystems.com. Customer and/or End User account(s) require a username and password to login . Customer and End Users must keep their username and password secure, and never disclose it to a third party . Permissions assigned by Customers to authorized staff members (i.e., End Users) should be closely guarded, periodically updated, some level of internal training provided about the security of login credentials . Because the information in a Customer’s account is private, account passwords are hashed, which means we cannot see a Customer’s and/or End User’s password. We cannot resend forgotten passwords either. We will only provide Customer and/or End User with instructions on how to reset them. E. International Transfers (i) We operate in the United States. Our servers and offices are located in the United States, so your information may be transferred to, stored, or processed in the United States. While the data protection, privacy, and other laws of the United States might not be as comprehensive as those in your country, we take many steps to protect your privacy. (ii) Customers, Patrons and Visitors located in Australia. If you are a Customer, Patron or Visitor who accesses VS Services in Australia, this section applies to you . Here are the specific points under the Privacy Act 1988 (“Australian Privacy Act”) you should be aware of: •As stated in the Prohibited Use section of our Terms of Service, information considered to be harassing, discriminatory, defamatory, vulgar, pornographic or harmful to others is not permitted on the VS Services and Customers, End User and Patrons are prohibited from loadi ng any such Personal Information to their account(s). •Please note that if you do not provide us with your Personal Information or if you withdraw your consent for us to collect, use and disclose your Personal Information, we may be unable to provide the VS Services to you. 14 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 •Where we collect Personal Information of our Visitors, the Personal Information we ask you to provide will be information that is reasonably necessary for, or directly related to, one or more of our functions or activities. Please see Section 4 of this privacy policy for examples of the types of Personal Information we may ask Visitors to provide. •Where we say we assume an obligation about Personal Information, we will also require our integration partners and subcontractors to undertake a similar obligation. •We will not use or disclose Personal Information for the purpose of our direct marketing to you unless you have consented to receive direct marketing; yo u would reasonably expect us to use your personal details for marketing; or we believe you may be interested in the material but it is impractical for us to obtain your consent. You may opt out of any marketing materials we send to you through an unsubscribe mechanism. If you have requested not to receive further direct marketing messages, we may continue to provide you with messages that are not regarded as "direct marketing" under the Australian Privacy Act, including changes to our terms, system alerts, and other information related to your account as permitted under the Australian Privacy Act and the Spam Act 2003 (Cth). •Our servers are located in the United States . In addition, we or our sub-processors may use cloud technology to store or process Personal Information, which may result in storage of data outside Australia. It is not practicable for us to specify in advance which country will have jurisdiction over this type of offshore activity . All of our subcontractors, however, are required to comply with the Australian Privacy Act in relation to the transfer or storage of Personal Information overseas. •You may access the Personal Information we hold about you . If you wish to access your Personal Information, please contact us directly by emailing us at support@vermontsystems.com. We will respond to all requests for access within a reasonable time. If you think the information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, we will take reasonable steps, consistent with our obligations under the Australian Privacy Act, to correct that information upon your request. If you find that the information we have is not up to date or is inaccurate or incomplete, please contact us in writing at support@vermontsystems.com so we can update our records. We will respond to all requests for correction within a reasonable time. If you are unsatisfied with our response to a privacy matter, you may consult either an independent advisor or contact the Office of the Australian Information Commissioner for additional help . We will provide our full cooperation if you pursue this course of action. F. Retention of Data. We retain Personal Information where we have an ongoing legitimate business or legal need to do so. Our retention periods will vary depending on the type of data involved, but, generally, we will refer to these criteria in order to determine retention periods: •Whether we have a legal or contractual need to retain the data. •Whether the data is necessary to provide the VS Services. •Whether our Customers have the ability to access and delete the data on their own. •Whether our Customers would reasonably expect that we could retain the data until they remove it or until their account is closed or has been terminated . 15 Template: POL-VS-QM-IT Privacy Policy 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: POL-VS -QM-IT Privacy Policy 09NOV2020-V01 (1) Last Revision: 11/30/2020 G. California Privacy. The California Consumer Privacy Act (“CCPA”) provides consumers with specific rights regarding their Personal Information. You have the right to request that businesses subject to the CCPA (which may include our Customer with whom you have a relationship) disclose certain information to you about their collection and use of your Personal Information over the past 12 months . In addition, you have the right to ask such businesses to delete Personal Information collected from you, subject to certain exceptions . If the business sells Personal Information, you have a right to opt-out of that sale. Finally, a business cannot discriminate against you for exercising a CCPA right. When offering services to Customers, we act as a “service provider” under the CCPA and our receipt and collection of any consumer Personal Information is completed on behalf of our Customers in order for us to provide the VS Services . Please direct any requests for access or deletion of your Personal Information under the CCPA to the Customer with whom you have a direct relationship . VS, for its part, does not sell any of your Personal Information to any third party for promotional or marketing purposes . Consistent with California law, if you choose to exercise your applicable CCPA rights, we will not charge you different prices or provide you a different quality of services. If we ever offer a financial incentive or product enhancement that is contingent upon you providing your Personal Information, we will not do so unless the benefits to you are reasonably related to the value of the Personal In formation that you provide to us. H. Use by Minors. The VS Services are not directed or targeted at children under the age of thirteen (13). We request that minors do not provide Personal Information through the VS Services; instead, any such information on a minor should be submitted to us by the minor’s authorized parent or legal guardian . I. Do Not Track. Certain state laws require us to indicate whether we honor “Do Not Track” settings in your browser. We adhere to the standards set out in this privacy policy and do not monitor or follow any Do Not Track browser requests. J. Changes to this Privacy Policy. We may change this privacy policy at any time and from time to time . The most recent version of the privacy policy is reflected by the version date located at the top of this privacy policy . All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this privacy policy or other notice on t he Site. We encourage you to review this privacy policy often to stay informed of changes that may affect you . Our electronically or otherwise properly stored copies of this privacy policy are each deemed to be the true, complete, valid, authentic, and enforceable copy of the version of this privacy policy that was in effect on each respective date you visited the Site. K. Questions & Concerns. If you have any questions or comments, or if you have a concern about the way in which we have handled any privacy matter, please contact us at support@vermontsystems.com. You may also contact us by postal mail at: RecTrac, LLC d/b/a Vermont Systems Attn: Privacy 12 Market Place Essex Junction, VT 05452 1 Template: CNT-VS-QM-SA SLA Software Hosting - Premium 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: CNT-VS-QM-SA SLA Software Hosting - Premium 09NOV2020-V01 Last Revision: 11/30/2020 SERVICE LEVEL AGREEMENT (SOFTWARE) Terms not specifically described in this PREMIUM Service Level Agreement for Software ("Software SLA") shall have the meanings as set forth in Section 1 of the Terms of Service or elsewhere in the Agreement. 1 ELIGIBILITY. This Software SLA shall apply only to Customers receiving VS 's Software as a "hosted" solution, meaning VS has contracted to host Customer Data on VS-controlled servers and systems. To be eligible for the Software SLA, Customers must be current in their payment of Fees to VS and must remain complaint with the terms and conditions of the Agreement. 2 UPTIME COMMITMENT. VS will use its best efforts to operate and maintain the Software in a professional manner with the objective of maintaining a 99.90% uptime commitment for Services considered "critical" to a Customer's daily business operation. Services considered critical are those which, if unavailable (as defined below), would have an immediate and negative impact on a core business function of the Customer such as its ability to take payments, retrieve Patron Data, or access the Software (a "Critical Service"). Uptime as described is applicable to production environments only. Demo and Testing environments are not included in the SLA calculations. 3 SERVICE INTERUPTION. "Service Interruption" means that one or more Critical Services are unavailable to Customers as the result of a failure in VS-controlled equipment, services or personnel. "Unavailable" means that the Software is unable to transmit, receive, store or retrieve Customer Data, including, without limitation, Patron Data. 4 VS RESPONSE PROTOCOL. VS will commence efforts to resolve a Service Interruption within 60 minutes after VS first learns of the issue. If the root cause for the Service Interruption is solely within VS's power to control, VS will attempt to remedy the Service Interruption within three (3) hours. If, however, the root cause for the Service Interruption involves a third party, or a source outside of VS's direct control, VS will use commercially reasonable efforts to promptly notify such third parties and cooperate with them to resolve any Service Interruptions. 5 CUSTOMER REMEDIES. VS is agreeable to issuing out-of -service credits to a Customer's account where VS fails to maintain its 99.90% uptime commitment. VS will offer out-of-service credits in accordance with the tiered schedule below: Uptime Availability (%) Unavailability Per Calendar Month Credit Percentage 98.0 to 99.89 48 min to 14 hrs 36 min 15% 95.0 to 97.99 14 hrs 41 min to 1 day 12 hrs 31 min 40% 90.0 to 94.99 1 day 12 hrs 35 min to 3 day 1 hr 3 min 70% 89.99 or below 3 days 1 hr 7 min 100% EXHIBIT D 2 Template: CNT-VS-QM-SA SLA Software Hosting - Premium 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: CNT-VS-QM-SA SLA Software Hosting - Premium 09NOV2020-V01 Last Revision: 11/30/2020 To be eligible for an out-of-service credit, Customer must open a support ticket at https://support.vermontsystems.com within thirty (30) days from a Service Interruption. VS will validate reported Service Interruptions through its third-party monitoring tool, Site24x7 (which validates Software availability across multiple locations within the U.S. tracking interruptions to service and their duration). The maximum out- of-service credit that Customer may receive for Unavailability of the Software in any calendar month shall not exceed to total Fees associated with one (1) month of Services (prorated accordingly for Customers billed annually). Any out-of -service credits shall be applied to the Customer's account as an offset against the next month's Fees. No out-of-service credits shall be redeemable for cash; any credits not used by the termination of the Agreement shall be forfeited and waived . 6 EXCLUSIONS. Customer shall not be entitled to an out-of-service credit where a Service Interruption is caused by or associated with (a) a Customer's own acts or omissions; (b) a Force Majeure event (as defined by the Terms of Service); (c) excused downtime for maintenance or upgrades to the Software; (d) a Customer's violation of the Agreement, including (but not limited to) a violation of the Prohibited Use provision of the Terms of Service; and/or (e) a beta release, pilot program or trial service, as determined by VS. 1 Template: CNT-VS-QM-SA SLA Software Support 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: CNT-VS-QM-SA SLA Software Support 09NOV2020-V01 (2) Last Revision: 12/1/2020 SERVICE LEVEL AGREEMENT (SUPPORT) Terms not specifically described in this Service Level Agreement for Support ("Support SLA") shall have the meanings as set forth in Section 1 of the Terms of Service or elsewhere in the Agreement . 1 ELIGIBILITY. This Support SLA shall apply only to Customers receiving VS's Support Desk, including "live" support channels by phone or chat. To be eligible for the Support SLA, Customers must be current in their payment of Fees to VS and must remain complaint with the terms and conditions of the Agreement. 2 CASE PRIORITIES. To provide high quality support and to effectively assign resources to incoming cases, the following four types of case priorities have been identified: Priority 1 Critical Critical business impact occurs on a production system preventing business operations. End Users and Patrons are prevented from working within the Software with no workarounds. Examples include: Software crashes or is goes off-line; functionality critical to business operation not available; data breach or loss of Customer Data. Priority 2 Major Significant business impact occurs on a production system severely impacting business operation. End Users and Patrons are impacted by the issue but may still be able to work in a limited capacity within the Software . Examples include significant performance degradation; functionalities important to business operation not available; loss of Software functionality has an escalating impact on business operations. Priority 3 Medium Minor business impact occurs on a production system that causes a partial or non-critical loss of functionality in the Software . A limited number of End Users and/or Patrons are affected. Priority 4 Low Issues occurring on a non-production system in the Software . Examples include: a question, comment or enhancement. EXHIBIT E 2 Template: CNT-VS-QM-SA SLA Software Support 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: CNT-VS-QM-SA SLA Software Support 09NOV2020-V01 (2) Last Revision: 12/1/2020 3 RESPONSE TIMES. VS will respond and escalate support issues in accordance with the table below . All days referenced below are calendar days, not business days. Priority 1 (within) Priority 2 (within) Priority 3 (within) Priority 4 (within) Initial Response 1 hour 4 hours 5 days - Correction Identified /Pursued 24 hours 7 days As agreed between parties - If Issue Remains Unresolved Escalation Stage 1 – to Support Managers (Status Report Intervals) 12 hours (Every 4 hours) 7 days (Daily) - - Escalation Stage 2 – to Directors (Status Report Intervals) 24 hours (Every 4 hours) 7 days (Daily) Escalation Stage 3 – to President (Status Report Intervals) 72 hours (Every 4 hours) 10 days (Daily) - - 4 CUSTOMER REPORTING CHANNELS; PROCESS. Support Desk Customers experiencing support issues must report customer support concerns through VS 's established support channels, including: •Customer support line available at (877) 883-8757 •Chat support available through the support portal on the Site •For after-hours support, VS pager number at 802-490-1911 All issues or questions reported to support are tracked with a support case that contains at a minimum the Customer account name, contact person, software product and version, module and/or menu selection, detailed description of the issue, and any other pertinent information. Case 3 Template: CNT-VS-QM-SA SLA Software Support 09NOV2020-V01 ©RecTrac, LLC All rights reserved. File Name: CNT-VS-QM-SA SLA Software Support 09NOV2020-V01 (2) Last Revision: 12/1/2020 statuses are viewable on the VS support portal. Each case is stored in a queue and the first available support representative will be assigned to the next case issue based on priority. While reviewing the case issue, the assigned support person will contact the Customer, if additional information is needed. The VS support person will either resolve the issue or advise Customer regarding the status and the course of action being taken to resolve it. All correspondence and actions associated with a case are tracked in the support database. If the issue needs to be escalated to a development resource, Customer will be informed. While issues escalated to development will be scheduled for resolution, they may not be resolved immediately depending on the nature and complexity of the issue. Customer may view the development status at any time. CNT-VS-QM-SA API Terms of Use 09NOV2020-V01 1 ©RecTrac, LLC All rights reserved. CNT-VS-QM-SA API Terms of Use 09NOV2020-V01 (1) Last Revision: 11/30/2020 API TERMS OF USE Thank you for using the Vermont Systems Application Programming Interfaces (the “VS API”). This API Terms of Use (“API TOU”), together with VS’s Terms of Service and Privacy Policy, form a binding contract between you, or the company or legal entity that you represent, and Vermont Systems, Inc. (“VS” or “Company”). As used in this API TOU, “we,” “our,” and “us” refer to VS, and “you” and “your” refer to the individual, company or legal entity that you represent. By accessing and using the VS APIs, you agree to abide by the API TOU and any guidelines or other documentation provided by VS for use in connection with the VS APIs (the “API Documentation”). Terms not specifically defined herein shall have the meanings as set fo rth in Section 1 of the VS Terms of Service. 1. API LICENSE GRANT. Subject to your compliance with the API TOU, in addition to our Terms of Service and Privacy Policy, we grant you a non-exclusive, revocable, non-transferrable and non-sublicensable license to (a) access and use the VS APIs and API Documentation to receive, modify, use and display Patron Data from the Software in your website or native applications for mobile devices (“Your Application”) subject to the permissions of the relevant Patron accounts; (b) use the VS APIs, API Documentation, or Patron Data to develop, test, and support Your Application; and (c) distribute Your Application to Patrons and to allow such Patrons to access your integration of the VS APIs within Your Application. You may not use the VS APIs for any other purpose without VS’s prior written consent. If you are integrating with VS APIs in Your Application, you may charge for Your Application; however, you may not sell, rent, lease, sublicense, redistribute or syndicate access to the VS APIs. 2.TRADEMARK LICENSE GRANT. Subject to your compliance with the API TOU, we grant you a non - exclusive, revocable, non-transferrable and non- sublicensable license to reproduce and display the VS name and logo (the “VS Marks”) in accordance with our trademark guidelines and solely to promote or advertise your integration of the VS APIs in Your Application . 3. RESERVATION OF LICENSED RIGHTS. All of our rights not granted by this API TOU are expressly reserved. 4. LICENSEE OBLIGATIONS. In connection with your use of the VS APIs, you must: (a) obtain the explicit consent of Patrons before collecting, using, posting or sharing any Patron Data obtained through the VS APIs on an Patron’s behalf; (b) comply with the VS Terms of Service and Privacy Policy; (c) comply with any requirements or restrictions imposed on usage of Patron Data by the owner of such data. Although the VS APIs can be used to provide you with access to Patron Data, neither VS’s provision of the VS APIs to you nor your use of the VS APIs overrides any requirements or restrictions place on such Patron Data by the Patron or a third party, including a VS Customer, with a legal interest in the Patron Data; (d) maintain a user agreement or terms of use and a privac y policy for Your Application, which is prominently identified or located where Patrons download or access Your Application. Your privacy policy must meet applicable legal standards and describe the collection, use, storage and sharing of Patron Data in clear, understandable and accurate terms. You must promptly notify us in writing via email to legal@vermontsystems.com of any breaches of your user agreement or privacy policy that impact or may impact users of the VS APIs, the Software or our Site; (e) obtain the consent of an Patron prior to deleting or destroying any of the Patron Data associated with their VS account; and (f) provide attribution to VS as the source of data in accordance with the following guidelines: (i) display a VS Mark so it is clear to the Patron that the data is from VS; (ii) link the logo in such VS Mark to www.vermontsystems.com; and (iii) comply at all times with trademark guidelines provided by VS when using or displaying the VS Marks. 5. USE RESTRICTIONS. You and Your Application may not: (a) access, store or share Patron Data to which the Patron has not granted you explicit access rights; (b) make requests that exceed our rate limit or use the VS APIs in a EXHIBIT F CNT-VS-QM-SA API Terms of Use 09NOV2020-V01 2 ©RecTrac, LLC All rights reserved. CNT-VS-QM-SA API Terms of Use 09NOV2020-V01 (1) Last Revision: 11/30/2020 manner that impacts the stability of VS’s servers or impacts the behavior of other applications using the VS APIs; (c) engage in any activity that compromises, breaks or circumvents any of our technical processes or security measures associated with the VS APIs, the Software or our Sites, or that poses a security vulnerability to any other Patron; (d) request or publish information impersonating an Patron or misrepresenting any Patron or other third party in requesting or publishing information; (e) create or disclose metrics about, or perform any statistical analysis of the VS APIs; (f) display VS’s Marks or Patron Data in a manner that could reasonably imply an endorsement, relationship or affiliation with or sponsorship between you or a third party and VS, other than your permitted use of the VS APIs; (g) display Patron Data on any site that disparages VS or its products or services, or infringes any VS intellectual property or other rights; (h) copy, sell, rent, lease, transfer, assign, sublicense, disassemble, reverse engineer or decompile (except to the limited extent expressly authorized under applicable statutory law), modify or alter any part of the VS APIs; (i) sell, rent, lease, share, transfer, assign, or sublicense any Patron Data or other information or data obtained through the VS APIs, directly or indirectly, to or with any third party, including any data broker, ad network, ad exchange or other advertising or monetization-related party; (j) use the Patron Data in any advertisements or for purposes of targeting advertisements (whether such advertisements appear in Your Application or elsewhere); (k) attempt to cloak or conceal your identify when requesting authorization to use the VS APIs; (l) use the VS API for any application that constitutes, promotes or is used primarily for the purpose of dealing in spyware or any other malicious programs or code, activities that violate any law or regulation, or any rights of any person including, but not limited to, intellectual property rights, and activities that, in VS’s sole judgment, are offensive or might harm VS’s business or its reputation; and (m) access the VS APIs or API Documentation in order to replicate or compete with the VS APIs, the Software, or our Sites . 6. USE LIMITATIONS. VS may limit the maximum Patron Data that may be accessed, the rate at which such Patron Data may be accessed, and/or the number of network calls that Your Application may make via the VS APIs . VS may change such usage limits at any time, and/or may utilize technical measures to prevent over-usage and/or stop usage of the VS APIs by an application after any usage limitations are exceeded. 7.FEES. VS reserves the right to charge you a fee per API call. Any fees associated with your access and/or us e of the VS APIs shall be provided to you in a separate API Fee Schedule. 8. TERMINATION. Your license to utilize the VS APIs and VS Marks shall continue until it is terminated by either party as set forth in this provision. You may terminate this license at any time by discontinuing use of the VS APIs . VS may suspend or terminate your right and license to use all or any of the VS APIs or the API Documentation at any time, with or without cause, and with or without notice to you. Upon termination of your license for any reason, you shall destroy and remove from all computers, hard drives, networks and other storage media all copies of Patron Data and VS Marks. 9. WARRANTY DISCLAIMERS. VS does not represent and warrant that any VS APIs are free of inaccuracies, errors, bugs or interruptions, or are reliable, accurate, complete or otherwise valid. THE VS APIs ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS, WITH NO WARRANTIES OF ANY KIND AND VS EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES AND CONDITIONS, INCLUDING, BUT NOT LIMITED TO, ANY AND ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AVAILABILITY, SECURITY, TITLE AND/OR NON- INFRINGEMENT. WE DO NOT WARRANT THAT THE VS APIs WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE. YOUR USE OF THE VS APIs IS AT YOUR OWN DISCRETION AND RISK, AND YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE THAT RESULTS FROM THE USE OF ANY VS APIs INCLUDING, BUT NOT LIMITED TO, ANY DAMAGE TO YOUR COMPUTER SYSTEM OR LOSS OF DATA. 10. LIMITATION OF LIABILITY. VS SHALL NOT, UNDER ANY CIRCUMSTANCES, BE LIABLE TO YOU FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR EXEMPLARY DAMAGES ARISING OUT OF OR IN CONNECTION WITH USE OF THE VS APIs, WHETHER BASED ON BREACH OF CONTRACT, BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE, PRODUCT LIABILITY OR OTHERWISE), OR ANY OTHER PECUNIARY LOSS, WHETHER OR NOT VS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT WILL OUR AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS API TOU (WHETHER IN CONTRACT OR TORT OR UNDER ANY OTHER THEORY OF LIABILITY) EXCEED $100. CNT-VS-QM-SA API Terms of Use 09NOV2020-V01 3 ©RecTrac, LLC All rights reserved. CNT-VS-QM-SA API Terms of Use 09NOV2020-V01 (1) Last Revision: 11/30/2020 SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF CERTAIN WARRANTIES OR THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES. ACCORDINGLY, SOME OF THE LIMITATIONS IN THIS SECTION MAY NOT APPLY TO YOU. 11. RELEASE AND WAIVER. To the maximum extent permitted by applicable law, you hereby release and waive all claims against VS, and its subsidiaries, affilia tes, parent company, officers, agents, licensors, co -branders or other partners, and employees from any and all liability for claims, damages (actual and/or consequential), costs and expenses (including litigation costs and attorneys’ fees) of every kind and nature, arising from or in any way related to your use of the VS APIs, the Patron Data or the VS Marks. If you are a California resident, you waive your rights under California Civil Code 1542, which states: “A general release does not extend to claims which the creditor does not know or suspect to exist in his favor at the time of executing the release, which if known by him must have materially affected his settlement with the debtor.” You understand that any fact relating to any matter covered by this release may be found to be other than now believed to be true and you accept and assume the risk of such possible differences in fact. In addition, you expressly waive and relinquish any and all rights and benefits that you may have under any other state or federal statute or common law principle of similar effect, to the fullest extent permitted by law. 12. INDEMNIFICATION. To the maximum extent permitted by applicable law, you agree to indemnify, defend and hold harmless VS, and its subsidiaries, affiliates, parent company, officers, agents, attorneys, licensors, co-branders or other partners, and employees from any and all third party claims arising from or in any way related to your use of the VS APIs, including any liability or expense arising from all claims, losses, damages, liabilities, costs and fees (including reasonable attorneys’ fees) of every kind and nature . Notwithstanding anything contained in the preceding sentence, (a) we will always be free to choose our own counsel if we pay for the cost of such counsel; and (b) no settlement may be entered into by you, without our express written consent (such consent not to be unreasonably withheld), if (i) the third party asserting the claim is a government agency, (ii) the settlement arguably involves the making of admissions, (iii) the settlement does not include a full release of liability, or (iv) the settlement includes terms other than a full release of liability and the payment of money. 13. REMEDIES. You acknowledge that your breach of these API TOU may cause irreparable harm to VS, the extent of which would be difficult to ascertain . Accordingly, you agree that, in addition to any other remedies to which VS may be legally entitled, VS shall have the right to seek immediate injunctive relief in the event of a breach of these API TOU by you or any of your officers, employees, consultants or other agents . 14. PUBLICITY. You grant us the right to use your company name and logo as a reference for marketing or promotional purposes on our website and in other public and private communications with our existing or potential developers and customers, subject to your standard trademark usage guidelines as provided to us from time to time. 15. PARTY RELATIONSHIP. You and VS are independent contractors and these API TOU does not create a partnership, franchise, joint venture, agency, fiduciary, or employment relationship between the parties . You shall not have any authority to assume or create any obligation for or on behalf of VS, express or implied , and you shall not attempt to bind VS to any contract without its express consent. 16.DISPUTE RESOLUTION. Many concerns can be resolved by calling us at (877) 883-8757. If a dispute cannot be resolved informally, this provision explains how claims (whether by you against us, or by us against you) will be resolved. 16.1 Definition. “Claim” means any current or future claim, dispute or controversy relating in any way to the API TOU. Claim includes (i) initial claims, counterclaims, cross-claims and third-party claims; (ii) claims based upon contract, tort, fraud, statute, regulation, common law and equity; and (iii) claims by or against any third party using or providing any product, service or benefit in connection with our agreement, the Site or our Services. 16.2 Claim Notice. Prior to beginning a lawsuit, you and we agree to send a notice (a “Claim Notice”) to each party against whom a Claim is asserted. The Claim Notice will give you and us a chance to resolve our dispute informally or in mediation. The Claim Notice must describe the Claim and state the specific relief demanded. Notice to you may be sent to your current mailing address or email address on file. You must provide your name, address and phone CNT-VS-QM-SA API Terms of Use 09NOV2020-V01 4 ©RecTrac, LLC All rights reserved. CNT-VS-QM-SA API Terms of Use 09NOV2020-V01 (1) Last Revision: 11/30/2020 number in your Claim Notice. Your Claim Notice must be emailed to VS, LLC, Subject Line: API Claim Notice, legal@vermontsystems.com. 16.3 Mediation. In mediation, a neutral party helps parties resolve a Claim. The mediation does not decide the Claim but helps the parties reach agreement. Before beginning mediation, you or we must first send a Claim Notice. Within 30 days after sending or receiving a Claim Notice, you or we may submit the Claim for mediation. Mediation fees will be split equally, and the location for mediation shall be mutually decided between you and us. All mediation-related communications are confidential, inadmissible in court and not subject to discovery. All applicable statutes of limitations will be tolled until termination of the mediation. Either you or we may terminate the mediation at any time; the process is non- binding. The submission or failure to submit a Claim to mediation will not affect your or our rights to elect to litigate. 16.4 Exception. If a Claim has an aggregate value of $5,000 or less, or the Claim seeks injunctive relief, then either party may proceed directly to court and shall not be obligated to attend mediation as part of a dispute resolution process. 17. SEVERABILITY. If any provision of these API TOU is found by a court of competent jurisdiction to be invalid, the parties nevertheless agree that the court should endeavor to give effect to the parties’ intentions as reflected in the provision and that the other provisions remain in full force and ef fect. 18. GOVERNING LAW AND VENUE. These API TOU and the relationship between you and VS will be governed by the laws of the State of Vermont without regard to its conflict of law provisions. You and VS agree to submit to the personal jurisdiction of the courts located within the city of Burlington, Vermont. 19.NO WAIVER. VS’s failure to exercise or enforce any right or provision of these API TOU shall not constitute a waiver of such right or provision. 20. SURVIVAL. Sections 9, 10, 11, 12, 13, 16, 18 and 21 will survive the termination or expiration of these API TOU. 21. ENTIRE AGREEMENT. These API TOU, together with the VS Terms of Service and Privacy Policy, constitute the entire agreement between the parties and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. In the event of any inconsistency between these API TOU and the VS Terms of Service and/or Privacy Policy, these API TOU shall control. INSURANCE ADDENDUM This Insurance Addendum (“Addendum”) between RecTrac, LLC d/b/a Vermont Systems (“VS” or “Contractor”) and The City of Kent, Washington (“Customer” or “City of Kent”) is intended to revise the Services Agreement, inclusive of all relevant attachments, schedules, exhibits or Addenda (collectively, “Agreement”) previously or simultaneously executed between the parties by adding to the Agreement the terms and conditions listed below: The Contractor shall procure and maintain for the duration of the Agreement, insurance against claims for injuries to persons or damage to property which may arise from or in connection with the performance of the work hereunder by the Contractor, their agents, representatives, employees or subcontractors. 1.Scope of Insurance. Contractor shall obtain insurance of the types described below: (a)Commercial General Liability; (b)Professional Liability insurance appropriate to the Contractor’s profession; and (c)Cyber Liability insurance. 2.Minimum Amounts of Insurance. Contractor shall maintain the following insurance limits: (a)Commercial General Liability insurance shall be written with limits no less than $1,000,000 each occurrence, $2,000,000 general aggregate. (b)Professional Liability insurance shall be written with limits no less than $1,000,000 per claim and $2,000,000policy aggregate limit. (c)Cyber Liability insurance shall be written with limits no less than $1,000,000 per occurrence and $2,000,000 aggregate. 3.Other Insurance Provisions (a)The Contractor’s insurance coverage shall be primary insurance as respect the City of Kent. (b)The Contractor’s insurance shall be endorsed to state that coverage shall not be cancelled by either party, except after thirty (30) days prior written notice by certified mail, return receipt requested, has been given to the Cityof Kent. 4.Acceptability of Insurers. Insurance is to be placed with insurers with a current A.M. Best rating of not less than A:VII. 5.Verification of Coverage. Contractor shall furnish the City of Kent with original certificates and a copy of theamendatory endorsements. 6.Subcontractors. [Reserved]. 7.Miscellaneous. Except as expressly revised in this Addendum, the Agreement will remain in full force and effect. If there is any conflict of inconsistencies between this Addendum and the Agreement, this Addendum will control.VS’s acceptance may be evidenced by its fulfillment of the Agreement which this Addendum revises. EXHIBIT G SHOULD ANY OF THE ABOVE DESCRIBED POLICIES BE CANCELLED BEFORE THE EXPIRATION DATE THEREOF, NOTICE WILL BE DELIVERED IN ACCORDANCE WITH THE POLICY PROVISIONS. INSURER(S) AFFORDING COVERAGE INSURER F : INSURER E : INSURER D : INSURER C : INSURER B : INSURER A : NAIC # NAME:CONTACT (A/C, No):FAX E-MAILADDRESS: PRODUCER (A/C, No, Ext):PHONE INSURED REVISION NUMBER:CERTIFICATE NUMBER:COVERAGES IMPORTANT: If the certificate holder is an ADDITIONAL INSURED, the policy(ies) must have ADDITIONAL INSURED provisions or be endorsed. If SUBROGATION IS WAIVED, subject to the terms and conditions of the policy, certain policies may require an endorsement. A statement on this certificate does not confer rights to the certificate holder in lieu of such endorsement(s). THIS CERTIFICATE IS ISSUED AS A MATTER OF INFORMATION ONLY AND CONFERS NO RIGHTS UPON THE CERTIFICATE HOLDER. THIS CERTIFICATE DOES NOT AFFIRMATIVELY OR NEGATIVELY AMEND, EXTEND OR ALTER THE COVERAGE AFFORDED BY THE POLICIES BELOW. THIS CERTIFICATE OF INSURANCE DOES NOT CONSTITUTE A CONTRACT BETWEEN THE ISSUING INSURER(S), AUTHORIZED REPRESENTATIVE OR PRODUCER, AND THE CERTIFICATE HOLDER. OTHER: (Per accident) (Ea accident) $ $ N / A SUBR WVD ADDL INSD THIS IS TO CERTIFY THAT THE POLICIES OF INSURANCE LISTED BELOW HAVE BEEN ISSUED TO THE INSURED NAMED ABOVE FOR THE POLICY PERIOD INDICATED. NOTWITHSTANDING ANY REQUIREMENT, TERM OR CONDITION OF ANY CONTRACT OR OTHER DOCUMENT WITH RESPECT TO WHICH THIS CERTIFICATE MAY BE ISSUED OR MAY PERTAIN, THE INSURANCE AFFORDED BY THE POLICIES DESCRIBED HEREIN IS SUBJECT TO ALL THE TERMS, EXCLUSIONS AND CONDITIONS OF SUCH POLICIES. LIMITS SHOWN MAY HAVE BEEN REDUCED BY PAID CLAIMS. $ $ $ $PROPERTY DAMAGE BODILY INJURY (Per accident) BODILY INJURY (Per person) COMBINED SINGLE LIMIT AUTOS ONLY AUTOSAUTOS ONLY NON-OWNED SCHEDULEDOWNED ANY AUTO AUTOMOBILE LIABILITY Y / N WORKERS COMPENSATION AND EMPLOYERS' LIABILITY OFFICER/MEMBER EXCLUDED? (Mandatory in NH) DESCRIPTION OF OPERATIONS below If yes, describe under ANY PROPRIETOR/PARTNER/EXECUTIVE $ $ $ E.L. DISEASE - POLICY LIMIT E.L. DISEASE - EA EMPLOYEE E.L. EACH ACCIDENT EROTH-STATUTEPER LIMITS(MM/DD/YYYY)POLICY EXP(MM/DD/YYYY)POLICY EFFPOLICY NUMBERTYPE OF INSURANCELTRINSR DESCRIPTION OF OPERATIONS / LOCATIONS / VEHICLES (ACORD 101, Additional Remarks Schedule, may be attached if more space is required) EXCESS LIAB UMBRELLA LIAB $EACH OCCURRENCE $AGGREGATE $ OCCUR CLAIMS-MADE DED RETENTION $ $PRODUCTS - COMP/OP AGG $GENERAL AGGREGATE $PERSONAL & ADV INJURY $MED EXP (Any one person) $EACH OCCURRENCE DAMAGE TO RENTED $PREMISES (Ea occurrence) COMMERCIAL GENERAL LIABILITY CLAIMS-MADE OCCUR GEN'L AGGREGATE LIMIT APPLIES PER: POLICY PRO-JECT LOC CERTIFICATE OF LIABILITY INSURANCE DATE (MM/DD/YYYY) CANCELLATION AUTHORIZED REPRESENTATIVE ACORD 25 (2016/03) © 1988-2015 ACORD CORPORATION. All rights reserved. CERTIFICATE HOLDER The ACORD name and logo are registered marks of ACORD HIRED AUTOS ONLY 3/23/2021 Arthur J. Gallagher Risk Management Services, Inc. 201 E. 4th Street, Ste 625 Cincinnati OH 45202 Susan D. Masters, CIC 513-977-3139 susan_masters-oh@ajg.com Continental Insurance Company 35289 CLUBLLC-01 Continental Casualty Company 20443Clubessential Holdings, LLC 4600 McAuley Place Ste 350 Cincinnati OH 42542 Valley Forge Insurance Company 20508 Ascot Specialty Insurance Company Crum & Forster Specialty Insurance Co 44520 1511197301 C X 1,000,000 X 100,000 5,000 1,000,000 2,000,000 X X X 6079684571 11/15/2020 11/15/2021 2,000,000 C 1,000,000 X X Hired PhyDam 6079684568 11/15/2020 11/15/2021 Hired PhyDam 75,000 A X X 2,000,000607968460411/15/2020 11/15/2021 2,000,000 X 10,000 A A X6079684599 6079684585 11/15/2020 11/15/2020 11/15/2021 11/15/2021 1,000,000 1,000,000 1,000,000 E B D Prof/Cyber-CM Crime-3rd Party Excess Prof/Cyber-CM TCM101288 652175238 EOXS2110000601-01 3/23/2021 11/15/2020 3/23/2021 3/23/2022 11/15/2021 3/23/2022 Ea Claim/Agg Ea Claim Ea Claim $5,000,000 $1,000,000 $5,000,000 Complete Named Insured: Clubessential Holdings LLC; CE Management Holdings, LLC; Clubessential, LLC; ClubReady, LLC; LEGP II Blocker(CR), Inc; ClubReady Canada Software ULC; GYM HQ, LLC; FitBPO Solutions, LLC; PrestoSports, LLC; RecTrac, LLC dba Vermont Systems; Immersion Media, Inc. dba ScoreShots; (eff 1/29/21) iKizmet, Inc; Golf Compete, Inc (d/b/a foreUP) OH Employers Defense Liability(Stop Gap): Policy# 6079684571 11/15/2020-11/15/2021 $1,000,000/$1,000,000/$1,000,000 CGL: CNA74872XX(01/15) CNA Technology Broadening Endorsement provides: See Attached... City of Kent, Washington 220 Fourth Ave South Kent WA 98032 ACORD 101 (2008/01) The ACORD name and logo are registered marks of ACORD © 2008 ACORD CORPORATION. All rights reserved. THIS ADDITIONAL REMARKS FORM IS A SCHEDULE TO ACORD FORM, FORM NUMBER:FORM TITLE: ADDITIONAL REMARKS ADDITIONAL REMARKS SCHEDULE Page of AGENCY CUSTOMER ID: LOC #: AGENCY CARRIER NAIC CODE POLICY NUMBER NAMED INSURED EFFECTIVE DATE: CLUBLLC-01 1 1 Arthur J. Gallagher Risk Management Services, Inc.Clubessential Holdings, LLC 4600 McAuley Place Ste 350 Cincinnati OH 42542 25 CERTIFICATE OF LIABILITY INSURANCE -Additional Insured by Contract, Agreement or Permit when required in a written contract with you; -Waiver of Subrogation when required in a written contract with you PKG: CNA62665XX(10/15) CNA Paramount Technology Broadening Endorsement provides: -Employee Dishonesty including ERISA $50,000 Ea Occ Limit/$2,500 Deductible BA: CA2048(10/13) Blanket Additional Insured when required in a written contract with you BA: CA0444(10/13) Blanket Waiver of Subrogation when required in a written contract with you WC: WC000313(04/84) Blanket Waiver of Subrogation when required in a written contract with you where allowed by State law. WC: WC420304B(06/14) Texas Blanket Waiver of Subrogation when required in a written contract with you. Umbrella is follow form regarding underlying: CGL BA WC Prof/Cyber Retention: $50,000; Retro Active 3/23/11 Prof/Cyber: TCM-POL-001 (01/19) C&F TCM Technology E&O, Cyber and Multimedia Liability Insurance Policy coverage form: -pg 6 Automatic Additional Insured status when required by written contract with you; -pg 15 Automatic Waiver of Subrogation where required by written contract with you. Third Party Crime Deductible: $5,000 Excess Prof/Cyber: Underlying Limit $5,000,000; Underlying Retention $50,000; Retro Active 3/23/2020 Effective 8/1/20 endorsements added to provide Additional Insured status regarding Cyber Liability coverage; 30 Day Written Notice of Cancellation regarding Business Auto and General Liability coverage. 11/15/2020 Valley Forge Insurance Company 11/15/2020Valley Forge Insurance Company 11/15/2020Valley Forge Insurance Company 11/15/2020Valley Forge Insurance Company 11/15/2020Valley Forge Insurance Company 11/15/2020Valley Forge Insurance Company Valley Forge Insurance Company 11/15/2020 Valley Forge Insurance Company 11/15/2020 Valley Forge Insurance Company 11/15/2020 11/15/2020Valley Forge Insurance Company 11/15/2020Valley Forge Insurance Company 11/15/2020Valley Forge Insurance Company 11/15/2020Valley Forge Insurance Company 11/15/2020Valley Forge Insurance Company 6079684568 11/15/202011/15/2021 Valley Forge Insurance Company 11/15/2020 11/15/2020 11/15/2020 11/15/2020 6079684568 Valley Forge Insurance Company 11/15/202111/15/2020 11/15/2021 11/15/202011/15/2020 11/15/2021 11/15/202011/15/2021 TCM-POL-001 (01/19) Page 1 of 16 C&F TCM TECHNOLOGY E&O, CYBER AND MULTIMEDIA LIABILITY INSURANCE POLICY In consideration of the premium paid, the Insured’s compliance with the conditions of this Policy and subject to its terms (including all endorsements); and in reliance on the statements made in the Application and the information and documents provided to the Insurer by the Insured, all of which are made a part of this Policy, the Insurer agrees with the Insured as follows: I. INSURING AGREEMENTS Only those Insuring Agreements indicated in Item 3. of the Declarations as PURCHASED shall be applicable to the Insured’s coverage hereunder. If the Declarations do not indicate that a Coverage was purchased, that Coverage of this Policy has not been purchased by the Insured and no coverage shall apply for the corresponding Insuring Agreement(s). Coverage A: Technology E&O and Professional Liability The Insurer will pay on behalf of the Insured such Damages and Claims Expenses in excess of the Deductible that any Insured is legally obligated to pay because of a Claim first made against an Insured during the Policy Period because of a Technology/Professional Error that first takes place on or after the Retroactive Date provided that such Claim is reported to the Insurer in full compliance with the Notice Requirements. Coverage B: Cyber Liability The Insurer will pay on behalf of the Insured such Damages and Claims Expenses in excess of the Deductible that any Insured is legally obligated to pay because of a Claim first made against an Insured during the Policy Period because of a Cyber Event provided that such Claim is reported to the Insurer in full compliance with the Notice Requirements. Coverage C: Multimedia Liability The Insurer will pay on behalf of the Insured such Damages and Claims Expenses in excess of the Deductible that any Insured is legally obligated to pay because of a Claim first made against an Insured during the Policy Period for Multimedia Liability provided that such Claim is reported to the Insurer in full compliance with the Notice Requirements. Coverage D: Breach Costs The Insurer will reimburse the Named Insured for all Breach Costs in excess of the Deductible resulting from an actual or reasonably suspected Cyber Event that the Insured Entity first discovers during the Policy Period and that is reported to the Insurer in full compliance with the Notice Requirements. Provided that when the Named Insured agrees to utilize vendors nominated by the Crum & Forster Cyber Response Team shown in Item 11. of the Declarations, the Insurer shall pay on behalf of the Insured those Breach Costs set forth in the paragraph above applicable to such vendor nominated by the Crum & Forster Cyber Response Team. Coverage E: eCrime Loss The Insurer will indemnify the Named Insured for direct financial loss in excess of the Deductible resulting from an eCrime Event that the Insured Entity first discovers during the Policy Period and that is reported to the Insurer in full compliance with the Notice Requirements. Coverage F: First Party Loss The Insurer will indemnify the Named Insured for First Party Loss in excess of the Deductible resulting from a Cyber Event that the Insured Entity first discovers during the Policy Period and that is reported to the Insurer in full compliance with the Notice Requirements. TCM-POL-001 (01/19) Page 2 of 16 With respect to each Insuring Agreement stated above, the amount that the Insurer is obligated to pay is limited based on the applicable Limit of Liability as described in Section VI., Limits of Liability. In addition, in connection with any Cyber Event that results in Breach Costs or First Party Loss that exceeds the Deductible,the Insurer will also provide Supplemental Payments & Services which shall be part of, and not in addition to, the Aggregate Limit of Liability specified in Item 4. of the Declarations. II. DEFENSE AND SETTLEMENT OF CLAIMS A. Defense of Claims: The Insurer shall have the right and duty to defend, subject to all the provisions, terms and conditions of this Policy, any Claim made against an Insured seeking Damages which are payable under the terms of this Policy, even if any of the allegations of the Claim are groundless, false or fraudulent. Defense counsel shall be mutually agreed between the Named Insured and the Insurer, provided that in the absence of such agreement, the Insurer’s decision will be final. B. Settlement of Claims: The Insurer may not settle any Claim without the written authorization of the Named Insured. If the Named Insured refuses to consent to any settlement or compromise recommended by the Insurer and acceptable to the claimant and elects to contest the Claim , then the Insurer will have the right to withdraw from the further defense of such Claim and the Insurer’s liability for Damages and Claims Expenses shall not exceed: 1. the amount for which the Claim could have been settled, less the remaining Deductible, plus the Claims Expenses incurred up to the time of such refusal; plus 50% of any Claims Expenses incurred after the date such settlement or compromise was recommended to the Insured plus 50% of any Damages above the amount for which the Claim could have been settled. The remaining 50% of such Claims Expenses and Damages must be borne by the Insured at their own risk and uninsured; or 2. the applicable Limit of Liability, whichever is less. The Insured may settle any Claim where the Damages and Claims Expenses do not exceed the Deductible, provided that the entire Claim is resolved and the Insured obtains a full release on behalf of all the Insureds and the Insurer from all claimants. III. DEFINITIONS A.Breach Costs means the following reasonable and necessary expenses incurred by the Insured Entity with respect to a Cyber Event and with the prior written consent of the Insurer, provided that if services are recommended by the Crum & Forster Cyber Response Team shown in Item 11. of the Declarations, and the Named Insured agrees to utilize the applicable vendors nominated by the Crum & Forster Cyber Response Team, then prior consent of the Insurer shall not be required: 1. for an attorney to provide necessary legal advice to the Insured Entity to evaluate the Insured Entity’s legal obligations in connection with an actual or reasonably suspected Cyber Event; 2. for a computer security expert, or experts, to determine the existence, cause and scope of a Cyber Event as well as the costs to contain an ongoing Cyber Event, including the cost to retain a PCI Forensic Investigator if required by a written agreement between the Insured Entity and a financial institution, credit or debit card company, credit or debit card processor, merchant bank or any other entity offering or providing merchant card transaction processing or payment gateway services to the Insured Entity ; 3.to notify individuals or entities whose Protected Information was potentially impacted by a Cyber Event. This shall include costs incurred by the Insured Entity to directly notify individuals on behalf of a third party that has the legal obligation to notify such individuals, provided that such third party agrees to allow the Insured Entity to notify such individuals on their behalf; 4.for a call center to respond to inquiries from individuals that the Insured Entity has notified because their Protected Information was potentially impacted by a Cyber Event; 5.to provide a credit monitoring or identity monitoring product to individuals that the Insured Entity has notified because their Protected Information was potentially impacted by a Cyber Event. Such credit monitoring or identity monitoring product will be provided for a period of 12 months unless the Insured Entity is required by law or regulation to provide such a credit monitoring or identity monitoring product for a longer period of time. TCM-POL-001 (01/19) Page 3 of 16 In that case, such credit monitoring or identity monitoring product will be provided for the period of time required by law or regulation; and 6. for public relations and crisis management costs directly related to mitigating harm to the Insured Entity which are approved in advance by the Insurer. B.Claim means a written demand for money, services, non-monetary relief or injunctive relief, including service of suit or arbitration proceedings made against any Insured. Only as respects Coverage B., Cyber Liability, Claim also means a request for information from, or civil proceeding against, the Insured Entity brought by a Regulatory Body directly arising from an Insured’s actual or alleged violation of any Privacy Law. Multiple Claims arising from the same or a series of related or repeated acts, errors or omissions, or from any continuing acts, errors or omissions, or from a series of related or repeated Technology/Professional Errors or Cyber Events, shall be considered a single Claim for the purposes of this Policy, regardless of the number of claimants or Insureds involved in the Claim. All such Claims shall be deemed to have been made at the time of the first such Claim . C.Claims Expenses means: 1. reasonable and necessary legal fees, costs and expenses directly resulting from the investigation, adjustment, settlement and/or defense of a Claim ; and 2. the premiums for appeal, attachment or similar bonds, but only for bond amounts within the applicable Limits of Liability. The Insurer does not have to furnish these bonds. Claims Expenses do not include: a. salaries, wages, fees, remuneration, overhead, benefits or expenses of an Insured; b.Damages, fines, penalties, fees, or taxes levied or assessed against an Insured; c.fees, costs, or expenses incurred by the Insured prior to the time that a Claim is made or which are paid or incurred without the Insurer’s prior written consent. These unilaterally incurred fees, costs or expenses will not be reimbursed by the Insurer and will not reduce any Deductible under the Policy; or d. the costs and expenses required to comply with any injunctive or other non-monetary, equitable, declaratory, regulatory or administrative relief, including but not limited to specific performance, or any agreement to provide such relief. D.Continuity Date means the date listed in Item 7. of the Declarations. E.Control Group means any principal, partner, corporate officer, director, general counsel (or most senior legal counsel) or risk manager of the Insured Entity and any individual in a substantially similar position. F.Cyber Event means: 1. a Cyber Extortion Threat; 2. an unintentional and unplanned interruption of any computer system; 3. a theft, loss or Unauthorized Disclosure of Protected Information that is in the care, custody or control of an Insured or a third party for whose theft, loss or Unauthorized Disclosure of Protected Information the Insured Entity is legally responsible for; 4. the storage, collection, use or disclosure of Protected Information by or on behalf of the Insured Entity that is in violation of a Privacy Law; 5. the failure to notify a third party of a theft, loss or Unauthorized Disclosure of Protected Information in violation of a Privacy Law; or 6. the access to, or the use of, a computer system by a person or organization that is not authorized to do so. G.Cyber Extortion Threat means a demand made against the Insured Entity for the payment of monies (including a digital currency), marketable goods or services in order to prevent or terminate the: 1. disclosure of Protected Information; 2. introduction of unauthorized, unwanted or harmful program, computer code or script into a computer system. An unwanted or harmful program, computer code or script includes a computer virus, Trojan horses, worms, time or logic bombs, spyware, malware, spiderware, or ransomware; 3. corruption, alerting, deletion or destruction of data or software stored on a computer system; TCM-POL-001 (01/19) Page 4 of 16 4. restriction or hindering of access to a computer system or to data stored on a computer system; 5. interruption or suspension of a computer system; or 6. electronic communication with the Insured Entity’s customers impersonating the Insured Entity in order to obtain Protected Information. H.Cyber Terrorism means any act directed against a computer system by an individual or group(s) of individuals, whether acting alone, on behalf of or in connection with any organization(s) or government(s), to cause unauthorized access to, unauthorized use of, or a targeted denial of service attack or transmission of unauthorized, corrupting or harmful software code to a computer system for the purpose of furthering social, ideological, religious, economic or political objectives, intimidating or coercing a government or the civilian population thereof, or disrupting any segment of the economy that is not accompanied by, directly associated with or coordinated with armed conflict or the use of physical force. I.Damages means a monetary judgment, award or settlement including prejudgment and post-judgment interest, and punitive damages, exemplary damages or any damages which are a multiple of compensatory damages (if insurable under the applicable law most favorable to the insurability of punitive, exemplary or multiple damages), which the Insured becomes legally obligated to pay as the direct result of a covered Claim . Solely with respect to Coverage B., Cyber Liability, Damages also include: 1. civil fines or penalties levied upon an Insured by a Regulatory Body, provided that this does not include amounts for matters uninsurable under the law; 2. any fine, penalty, reimbursement, fraud recovery, or assessment imposed upon or owed by an Insured under the terms of a written agreement between the Insured Entity and a financial institution, credit or debit card company, credit or debit card processor, merchant bank or any other entity offering or providing merchant card transaction processing or payment gateway services to the Insured Entity; provided that this does not include any charge back amounts, interchange fees, discount fees, or other prospective fees owed under such an agreement; and 3. up to $2,500 for the costs and expenses of complying with any injunctive or other non-monetary relief. As respects all coverage parts under this Policy, Damages do not include: a. any amount for which the Insured is not liable or is not legally obligated to pay; b. except as noted in paragraph 1. and 2. above, any fines or monetary penalties or multiples thereof; c. taxes or the loss of tax benefits; d. liquidated damages, but only to the extent that such damages exceed the amount for which the Insured would have been liable in the absence of such liquidated damages agreement; e. matters uninsurable under the laws applicable to this Policy; f. past, present and future earned and unearned royalties, profits, fees, costs, expenses, commissions, and profits unlawfully or unjustly held or obtained including, but not limited to, the return, offset, disgorgement or restitution of such royalties, profits, fees, costs, expenses, commissions, and profits unlawfully or unjustly held or obtained; g. except as noted in paragraph 3. above, the costs and expenses of complying with any injunctive or other non-monetary equitable, declaratory, regulatory or administrative relief including, but not limited to, specific performance, or any agreement to provide such relief; h. costs incurred by an Insured to correct, re-perform or complete any Professional Services or Technology Services;and i. discounts, prizes, awards, coupons or other incentives offered to the Insured’s clients or customers. J. Deductible means the amount listed in Item 5. of the Declarations and described in Section VII. of this Policy. K.Dependent Systems Event means the unintentional and unplanned interruption of computers or associated hardware, software, or firmware, including network devices and backup components owned, leased, operated or controlled by a third party that provides services or products to the Insured Entity pursuant to a written contract. L.eCrime Event means: 1. the loss of the Insured Entity’s money or securities that results solely from a wrongful transfer, payment or delivery of such money or securities by an Insured as a sole result of fraudulent electronic or telephone instructions provided by a third party, that is intended to mislead the Insured through the misrepresentation of TCM-POL-001 (01/19) Page 5 of 16 a material fact which is relied upon in good faith by such Insured, including such loss resulting from business e-mail compromise, social engineering, spear-phishing and e-mail spoofing; 2. the loss of money or securities from an account at a financial institution resulting solely from fraudulent electronic or telephone instructions issued by a third party to a financial institution directing such institution to transfer, pay or deliver money or securities from any account maintained by the Insured Entity at such institution, without the Insured Entity's knowledge or consent; or 3. the act of a third party gaining access to and using the Insured Entity’s telephone system in an unauthorized manner. eCrime Event does not include: a. any loss arising, directly or indirectly from an Insured’s acceptance, deposit or handling of: i. counterfeit currency or bank drafts; ii. a bank draft, check or other financial instrument returned due to insufficient funds; iii. counterfeit securities, bonds or other financial instruments; or iv. counterfeit goods of any kind, including, but not limited to, loss arising from a transfer of money by an Insured to a third party associated with an Insured’s acceptance, deposit or handling of such items; b. any loss arising, directly or indirectly, from loan fraud, mortgage fraud or accounting fraud including, but not limited to, check kiting, money laundering or fraudulent loan schemes. This includes loss arising from a transfer of money by an Insured to a third party associated with any such fraud; c. any actual or alleged use of credit, debit, charge, access, convenience, customer identification or other cards; d. any transfer involving a third party who is not a natural person Insured, but had authorized access to the Insured’s authentication mechanism; e. the processing of, or the failure to process, credit, check, debit, electronic benefit transfers or mobile payments for merchant accounts; f. any accounting or arithmetical errors or omissions, or the failure, malfunction, inadequacy or illegitimacy of any product or service; or g. any fraudulent, dishonest or criminal act committed by any natural person Insured. M.First Party Loss means the value of monies (including money in the form of a digital currency), marketable goods or services paid or delivered under duress by or on behalf of the Insured Entity,with the Insurer’s prior written consent, solely for the purpose of terminating a Cyber Extortion Threat. If the Declarations indicates that the Insured has purchased “Extended” First Party Loss coverage, then First Party Loss also means: 1. the reasonable and necessary costs charged by a vendor designated or approved in writing by the Insurer to restore, replace or recreate software or electronic data to its condition immediately prior to the Cyber Event but only for such costs that are as a direct result of the Cyber Event; 2. the reasonable and necessary expenses incurred by the Insured Entity during the Indemnity Period to continue or maintain normal operations that are over and above those expenses the Insured Entity would have incurred had no Cyber Event occurred; 3. the net profit or loss without interest and before tax that the Insured Entity would have earned or incurred during the Indemnity Period due to the actual interruption or impairment of the Insured Entity’s business operations as a direct result of the Cyber Event, plus the continuing normal operating expenses incurred by the Insured Entity during the Indemnity Period (including payroll), but only to the extent that such operating expenses must necessarily continue during the Indemnity Period; and 4. the cost to repair or replace computer hardware or equipment that is damaged or impaired and must be replaced. First Party Loss does not include, except as described in Section V.,Supplemental Payments & Services,any costs attributed to an upgrade or improvement of electronic data, software or computer systems beyond what existed prior to the Cyber Event unless such upgrade or improvement is reasonable because of improvements in the available technology. N.Indemnity Period means the period of time that begins after the elapse of the Waiting Period indicated in Item 8. of the Declarations and ends 60 days after the time when the Insured Entity could have resumed normal TCM-POL-001 (01/19) Page 6 of 16 operations with the exercise of due diligence and dispatch, not limited by the expiration date of this Policy. Despite any other provisions in this Policy, the maximum Indemnity Period is 180 days. O.Insured means: 1. the Named Insured, each Subsidiary and each Newly Acquired Entity; 2. any past or present employee (including a part time, temporary, leased or season employee), principals, partners, executive officers or directors of an Insured Entity but only while acting within the scope of their duties as such; 3. any past or present natural person independent contractor who performs labor or service for the Insured Entity pursuant to a written contract or agreement, where such labor or service is under the exclusive direction of the Insured Entity, but only while acting in the scope of their duties as such and in the performance of labor or service to the Insured Entity. The status of an individual as an independent contractor shall be determined as of the date of an alleged act, error or omission by any such independent contractor; 4. any spouse or the legally recognized domestic partner (whether by state or federal law) of any person otherwise qualifying as an Insured, but solely with respect to their status as such; 5. in the event of death, incapacity, bankruptcy or insolvency of any Insured, such Insured’s heirs, estate, executors, administrators and legal representative in his or her capacity as such, but only with respect to matters for which the Insured otherwise would have been entitled to coverage under this Policy; and 6. only as respects Coverage A., Technology E&O and Professional Liability, Coverage B., Cyber Liability and Coverage C., Multimedia Liability, any person or entity that the Insured Entity has agreed in writing to add as an additional insured under this Policy prior to the commission of any act for which such person or entity would be provided coverage under this Policy, but only for the vicarious liability of such additional insured for the wrongful acts of an Insured. P.Insured Entity means the Named Insured, each Subsidiary and each Newly Acquired Entity. Q.Insurer means the insurance company listed in the Declarations. R.Loss means Breach Costs,First Party Loss, financial loss from an eCrime Event,Damages and Claims Expenses. S.Multimedia Liability means one or more of the following acts committed by, or on behalf of, the Insured Entity in the course of creating, displaying, broadcasting, publishing, disseminating or releasing Multimedia Material to the public: 1. defamation, libel, slander, product disparagement, trade libel, infliction of emotional distress, outrage, outrageous conduct, or other tort related to disparagement or harm to the reputation or character of any person or organization; 2. a violation of the rights of privacy of an individual, including false light, intrusion upon seclusion and public disclosure of private facts; 3. invasion or interference with an individual’s right of publicity, including commercial appropriation of name, persona, voice or likeness; 4. plagiarism, piracy, or misappropriation of ideas under implied contract; 5. infringement of copyright; 6. infringement of domain name, trademark, trade name, trade dress, logo, title, metatag, or slogan, service mark or service name; 7. improper deep-linking or framing; 8. negligent publication of content; or 9. unfair competition, if alleged in conjunction with any of the acts listed in paragraphs 5. or 6. above. T.Multimedia Material means the content of material published or broadcast by, or on behalf of, the Insured Entity , including any information, words, sounds, numbers, images or graphics included in such content, but will not include computer software or the actual goods, products or services described, illustrated or displayed in such content. U.Named Insured means the entity, individual, partnership or corporation shown in Item 1. of the Declarations. TCM-POL-001 (01/19) Page 7 of 16 V.Newly Acquired Entity means any entity formed or acquired by the Named Insured during the Policy Period and in which the Named Insured has more than 50% of the legal or beneficial interest, provided that if the trailing 12 month revenues for such entity exceed 15% of the Named Insured's annual revenues for the same trailing 12 month period, then only if all of the following conditions are met: 1. within 90 days of the formation of a Newly Acquired Entity, the Named Insured notifies the Insurer in writing of the details of such merger, acquisition, or newly created joint venture or partnership; 2. the Named Insured agrees to any changes in terms and conditions of this Policy related to the Newly Acquired Entity including, but not limited to, the payment of additional premium, if any, charged by the Insurer; and 3. the Insurer has issued a written endorsement specifically noting the addition of the Newly Acquired Entity as a covered Insured under this Policy. W.Notice Requirements means the requirements described in Section VIII. of this Policy. X.Policy Period means the length of time between the effective date shown in Item 2. of the Declarations and the earlier of: 1. the expiration date shown in Item 2. of the Declarations; or 2. the cancellation date of this Policy. Y.Privacy Law means a federal, state or foreign statute or regulation: 1. requiring the Insured Entity to protect the confidentiality or security of Protected Information; 2. requiring notice to a person or organization whose Protected Information was accessed or reasonably may have been accessed by an unauthorized person; or 3. governing the collection, use or storage of Protected Information by the Insured Entity. Z.Professional Services means professional services performed for others by or on behalf of the Insured Entity for a fee or other consideration, but does not include Technology Services, any services involving the creation, development, sale, distribution, installation, licensing or manufacturing of Technology Products, or work or activities performed by or on behalf of the Insured Entity or for the Insured Entity as an accountant, actuary, attorney, architect, surveyor, health care provider, lawyer, insurance or real estate agent or broker, or civil or structural engineer. AA.Protected Information means the following information that an Insured has a legal obligation to safeguard, protect or maintain in confidence: 1. non-public individually identifiable information as defined by any federal, state, local or foreign statute, rule or regulation; 2. an individual’s social security number, taxpayer identification number, unpublished telephone number, driver’s license number, state identification number, passport number, financial account number, credit card number, debit card number or the magnetic strip information from a credit or debit card; and 3. any trade secret, data, design, interpretation, forecast, formula, method, record, report or other item of information of a third party that is not available to the general public. BB.Regulatory Body means any federal, state, local or foreign governmental entity in such entity’s regulatory or official capacity. CC.Retroactive Date means the date listed in Item 6. of the Declarations. DD.Subsidiary means any entity in which the Named Insured as of the effective date of the Policy, either: 1. directly or indirectly owns more than 50% of the issued and outstanding voting equity securities; or 2. controls voting rights representing the present right to vote for election or to appoint more than 50% of the directors or trustees. EE.Supplemental Payments & Services means the amounts described in Section V. of this Policy. TCM-POL-001 (01/19) Page 8 of 16 FF.Technology/Professional Error means: 1. a negligent act, error, omission, misstatement, misleading statement or misrepresentation in rendering or failure to render Professional Services or Technology Services; 2. a negligent act, error, omission, misstatement, misleading statement or misrepresentation that results in a failure of Technology Products to perform the function or serve the purpose intended; 3. an unintentional breach of a contractual obligation to perform Professional Services or Technology Services, or to deliver Technology Products; or 4. an unintentional infringement of copyright committed by the Insured Entity with respect to software Technology Products. GG.Technology Products means any computer or telecommunications hardware or software product, or related electronic product, including software updates, service packs and other maintenance releases provided for such products, that is: 1. created, manufactured or developed by the Insured Entity for others in exchange for a fee or other consideration; or 2. distributed, licensed, leased or sold by the Insured Entity to others in exchange for a fee or other consideration. HH.Technology Services means any of the following services performed by or on behalf of the Insured Entity for others for a fee or other consideration: 1. computer information technology, Internet, network or website analysis, development, programming, installation, integration, networking, hosting, processing, management, operations, data security, maintenance, repair, optimization, support, or training; 2. providing, collecting, recording, caching, compiling, mining, analyzing, storing, hosting, processing, securing, backup, wiping, or destroying software or data; 3. telecommunications services, including Internet, voice, video, web, email, text, data, or broadband services, any call center or customer service support related to such telecommunications services; 4. any services similar to those services described in paragraphs 1-3 above; or 5. any other information technology-related services provided in conjunction with Technology Products. II.Unauthorized Disclosure means the disclosure (including disclosure resulting from phishing) of or access to information in a manner that is not authorized by the Insured Entity and is without knowledge, consent or acquiescence of any member of the Control Group. JJ. Waiting Period means the period starting upon the actual interruption or impairment of the Insured Entity’s business operations caused by a Cyber Event and ending after the number of hours specified in Item 8. of the Declarations. IV. EXCLUSIONS The Insurer shall not be liable to defend, pay, indemnify or reimburse the Insured with respect to any Claim or Loss based upon, resulting from, arising out of, in consequence of, or in any way connected with or involving, directly or indirectly: A. the actual or alleged distribution of unsolicited email, text messages, direct mail, facsimiles or other communications (including, but not limited to, any actual or alleged violation of the Telephone Consumer Protection Act of 1991 or the CAN-SPAM Act of 2003), wire tapping, audio or video recording, or telemarketing, if such distribution, wire tapping, recording or telemarketing is done by or on behalf of an Insured;however this exclusion will not apply to Claims Expenses incurred in defending the Insured against allegations of unlawful audio or video recording; B. any act, error, omission, incident or event committed or occurring prior to the effective date of this Policy if any member of the Control Group on or before the Continuity Date knew or could have reasonably foreseen that such act, error or omission, incident or event might be expected to be the basis of a Claim or Loss; C. any Claim ,Loss, incident or circumstance for which notice has been provided under any prior policy of which this Policy is a renewal or replacement; TCM-POL-001 (01/19) Page 9 of 16 D. any criminal, dishonest, fraudulent, or malicious act or omission, or intentional or knowing violation of the law, if committed by an Insured, or committed by others if an Insured colluded or participated in any such conduct or activity; but this exclusion will not apply to: 1.Claims Expenses incurred in defending any Claim alleging the foregoing until there is a final non-appealable adjudication establishing such conduct, at which time the Named Insured shall reimburse the Insurer for all Claims Expenses incurred defending such Claim ; 2. any natural person Insured, if such Insured did not personally commit, participate in or know about any act, error, omission, incident or event giving rise to such Claim or Loss; and 3. the Insured Entity, provided that no member of the Control Group personally committed, participated in or knew about any act, error, omission, incident or event giving rise to such Claim or Loss; E. any actual or alleged infringement, misuse or abuse of patent or patent rights; F. solely with respect to Coverage B., Cyber Liability, any actual or alleged infringement, use, misappropriation or disclosure of any intellectual property, including but not limited to trade secret misappropriation, copyright infringement, trademark infringement, trademark dilution or trade dress infringement; but this exclusion will not apply to any Claim or Loss resulting from a theft, use or disclosure of Protected Information by a person who is not a past, present or future employee, director, officer, partner or independent contractor of an Insured and without the knowledge, consent or acquiescence of any member of the Control Group; G. any actual or alleged use or misappropriation of any ideas or trade secrets by, or on behalf of, an Insured, or by any other person or entity if such use or misappropriation is done with the knowledge, consent or acquiescence of any member of the Control Group; H. a Claim made by or on behalf of: 1. any Insured; but this exclusion will not apply to a Claim made by an individual that is not a member of the Control Group under Coverage B., Cyber Liability, or a Claim made by any person or entity that the Insured Entity has agreed in writing to add as an additional insured under this Policy; or 2. any business enterprise in which an Insured has greater than 15% ownership interest or made by any parent company or other entity which owns more than 15% of an Insured Entity; I. any loss, transfer or theft of monies, securities or tangible property of the Insured or others in the care, custody or control of an Insured, but this exclusion will not apply to coverage under Coverage E., eCrime Loss; J. nuclear reaction, nuclear radiation, radioactive contamination, radioactive substance, electromagnetic field, electromagnetic radiation, or electromagnetism; K. war, invasion, acts of foreign enemies, hostilities (whether or not war is declared), rebellion, revolution, insurrection, war-like action, coup, usurped powers or military power; but this exclusion will not apply to Cyber Terrorism; L. any economic or trade sanction imposed by the United States including, but not limited to, sanctions administered and enforced by The United States Treasury Department’s Office of Foreign Assets Control (“OFAC”); M. any presence, discharge, dispersal, release or escape of smoke, vapors, soot, fumes, acids, alkalis, toxic chemicals, liquids or gases, oil or other petroleum substances or derivatives, waste materials or other irritants, contaminants, pollutants or any other substances including, but not limited to, asbestos, fungus, mold and lead, which are or may be injurious to public health, property or the environment (“hazardous substances”) or the cost to: 1. clean up or removal of hazardous substances; 2. monitor, assess or evaluate, the presence, discharge, dispersal, escape, release, or threat of same, of hazardous substances; 3. dispose of hazardous substances or take such other action as may be necessary to temporarily or permanently prevent, minimize, or mitigate damage to the public health or welfare or to property or the environment, which may otherwise result; or TCM-POL-001 (01/19) Page 10 of 16 4. directly or indirectly respond to or address any government direction or request that the Insured test for, monitor, clean up, remove, contain, treat, detoxify or neutralize hazardous substances; N. any actual or alleged violation of the federal Fair Debt Collection Practices Act (FDCPA); O. any employment or labor relations policies, practices, acts or omissions, or any actual or alleged refusal to employ any person, or misconduct with respect to employees, whether such Claim is brought by an employee, former employee, applicant for employment, or relative or domestic partner of such person; provided, that this exclusion shall not apply to Coverage B., Cyber Liability, as respects an otherwise covered Claim by a current or former employee of the Insured Entity for Damages arising strictly from a Cyber Event; P. solely with respect to Coverage A., Technology E&O and Professional Liability: 1. any Technology/Professional Error committed or occurring prior to the Retroactive Date; 2. any liability assumed in any hold harmless or indemnity agreement other than a hold harmless or indemnity agreement with respect to intellectual property rights or breaches of the confidentiality of information of any third party; 3. the actual or alleged inaccurate, inadequate or incomplete description of the price of goods, products or services, cost guarantees, cost representations, contract price estimates, or the failure of any goods or services to conform with any represented quality or performance; 4. any gambling, contest, lottery, promotional game or other game of chance; 5. any breach of any express warranty or representation, except for an agreement to perform within a reasonable standard of care or skill consistent with applicable industry standards, or breach of any other contractual obligation which goes beyond an express or implied duty to exercise a degree of care or skill consistent with applicable industry standards; 6. any breach of guarantee, promises of cost savings, profits or return on investment; 7. delay in delivery or performance, or failure to deliver or perform at or within an agreed upon period of time, but this exclusion shall not apply if such delay or failure to deliver or perform is a consequence of a negligent act, error or omission committed during the course of providing Professional Services or Technology Services if the Insured has made diligent efforts to deliver or perform such Professional Services or Technology Services; 8. any costs or expenses incurred or to be incurred by an Insured or others for the withdrawal, recall, inspection, repair, replacement, reproduction, removal or disposal of: (a) Technology Products including, but not limited to, any products or other property of others that incorporate Technology Products; (b) work product resulting from or incorporating the results of Professional Services or Technology Services; or (c) any products or other property on which Professional Services or Technology Services have been performed; 9. any Claim covered under the terms of a commercial general liability insurance policy maintained by the Insured Entity, provided that this shall not apply to Damages or Claims Expenses in excess of the limits of liability of any such insurance policy; or 10. any actual or alleged deceptive trade practices, unfair trade practices, violation of consumer protection laws, antitrust violation, restraint of trade, unfair competition, false advertising, deceptive advertising, misleading advertising or violation of the Sherman Antitrust Act, the Clayton Act or the Robinson-Patman Act, as amended; Q. solely with respect to Coverages B., Cyber Liability, and C., Multimedia Liability: 1. any actual or alleged violation from the failure to properly truncate credit, debit or payment card information on receipts or statements as required by the Fair and Accurate Credit Transactions Act of 2003 (FACTA); 2. any Claim covered under the terms of a commercial general liability insurance policy, or an employment practices liability insurance policy maintained by the Insured Entity, provided that this shall not apply to Damages or Claims Expenses in excess of the limits of liability of any such insurance policy; and 3. the ownership, sale or purchase of, or the offer to sell or purchase stock or other securities, or an actual or alleged violation of a securities law or regulation; R. solely with respect to Coverage C., Multimedia Liability, any: 1. contractual liability or obligation; but this exclusion will not apply to a Claim for misappropriation of ideas under implied contract; 2. actual or alleged obligation to make licensing fee or royalty payments; TCM-POL-001 (01/19) Page 11 of 16 3. costs or expenses incurred or to be incurred by the Insured or others for the reprinting, reposting, recall, removal or disposal of any Multimedia Material or any other information, content or media including, but not limited to, any media or products containing such Multimedia Material, information, content or media; 4.Claim brought by or on behalf of any intellectual property licensing bodies or organizations; 5. actual or alleged inaccurate, inadequate or incomplete description of the price of goods, products or services, cost guarantees, cost representations, contract price estimates, false advertising or the failure of any goods or services to conform with any represented quality or performance; 6. gambling, contest, lottery, promotional game or other game of chance; or 7.Claim made by or on behalf of any independent contractor, joint venturer or venture partner arising out of or resulting from disputes over ownership of rights in Multimedia Material or services provided by such independent contractor, joint venturer or venture partner; S. solely with respect to Coverage E., eCrime Loss: any loss covered under the terms of a commercial crime insurance policy maintained by the Insured Entity, provided that this shall not apply to direct financial loss in excess of the limits of liability of any such insurance policy. T. solely with respect to Coverage F., First Party Loss, any First Party Loss: 1. arising from the seizure, nationalization, confiscation, or destruction of property or data by order of any governmental or public authority; 2. arising from fire, flood, earthquake, volcanic eruption, explosion, lighting, wind, hail, damage by water, landslide, act of God or any other physical event; 3. for additional costs to update, replace, restore, assemble, reproduce, recollect or enhance data or computer systems to a level beyond that which existed prior to a Cyber Event, except as covered under Section V., Supplemental Payments & Services; 4. arising from any failure or malfunction of satellites or of power, utility, mechanical or telecommunications (including, but not limited to, the internet) infrastructure or services that are not under the Insured Entity’s direct operational control; or 5. covered under the terms of a property insurance policy providing coverage for risks of direct physical loss to property maintained by the Insured Entity, provided that this shall not apply to First Party Loss in excess of the limits of liability of any such insurance policy; V. SUPPLEMENTAL PAYMENTS & SERVICES In addition to the amounts described in Section I., Insuring Agreements, of this Policy, in the event of an actual Cyber Event that results in Breach Costs or First Party Loss that exceeds the Deductible,the Insurer shall also pay the following costs but only to reasonably and significantly reduce the possibility of a similar Cyber Event from occurring in the future: A. up to $10,000 for a third party consultant recommended by the Insurer to provide ongoing assistance to the Insured Entity to improve and upgrade computer security; and B. up to $5,000 for the purchase of computer equipment or computer software recommended by such third party consultant recommended by the Insurer. Such payments shall be part of, and not in addition to, the Aggregate Limit of Liability specified in Item 4. of the Declarations. VI. LIMITS OF LIABILITY A. The Aggregate Limit of Liability specified in Item 4. of the Declarations is the most the Insurer will pay for all Loss under this Policy. Once the Aggregate Limit of Liability has been exhausted, the Insurer shall have no further duty to defend the Insured for any Claim which may otherwise be covered by this Policy. B. The eCrime Loss Sublimit of Liability specified in Item 4. of the Declarations is the maximum amount the Insurer is obligated to pay in the aggregate for direct financial loss arising from an eCrime Event. The eCrime Loss Sublimit of Liability shall be part of, and not in addition to the Aggregate Limit of Liability. C. The Dependent Business Sublimit of Liability specified in Item 4. of the Declarations is the maximum amount the Insurer is obligated to pay in the aggregate for First Party Loss arising from a Dependent Systems Event.The TCM-POL-001 (01/19) Page 12 of 16 Dependent Business Sublimit of Liability shall be part of, and not in addition to the Aggregate Limit of Liability. D. The Aggregate Limit of Liability specified in Item 4. of the Declarations is the maximum the Insurer will pay regardless of the number of Insureds, individuals or organizations that make a Claim, the number of Claims made, the number of incidents, or the number of Dependent System Events,Cyber Events,eCrime Events, Supplemental Payments & Services or actual or alleged wrongful acts VII. DEDUCTIBLE The Deductible, as shown in Item 5. of the Declarations, applies separately to each act, incident or event giving rise to Breach Costs,Claims Expenses,Damages, direct financial loss or First Party Loss under Coverages A., B., C., D., E. and F., provided however, that multiple incidents or events arising from the same or a series of related or repeated acts or from any continuing acts, shall be considered a single incident or event for the purposes of this Policy and only one Deductible shall apply to all resulting Loss. The Insurer shall only be obligated to pay any Loss under this Policy in excess of the Deductible , provided that if services are recommended by the Crum & Forster Cyber Response Team shown in Item 11. of the Declarations, and the Insured Entity agrees to utilize only those vendors nominated by the Crum & Forster Cyber Response Team, then the Deductible shall not apply to the following Breach Costs: A. for an attorney to provide necessary legal advice to the Insured Entity to evaluate the Insured Entity’s legal obligations in connection with an actual or reasonable suspected Cyber Event; and B. for a computer security expert, or experts, to determine the existence, cause and scope of a Cyber Event as well as the costs to contain an ongoing Cyber Event, including the cost to retain a PCI Forensic Investigator if required by a written agreement between the Insured Entity and a financial institution, credit or debit card company, credit or debit card processor, merchant bank or any other entity offering or providing merchant card transaction processing or payment gateway services to the Insured Entity. The Deductible shall be borne by the Named Insured. In the event that this Policy provides coverage for Loss in excess of the limits available under other insurance, then the Insurer shall recognize payment by the Insured Entity of any retention or deductible applicable to such other insurance against the Deductible. VIII. NOTICE REQUIREMENTS A. The Named Insured must give the Insurer written notice of any Claim as soon as practicable, but in no event later than: (i) 60 days after the end of the Policy Period; or (ii) the expiration of any applicable Extended Reporting Period. Notice must be provided through the contacts listed in Item 10. of the Declarations. All notices of Claims must provide the following information: the potential claimant(s) by name or description, the names of the Insureds involved, the time, date, location and the description of the specific incident which forms the basis of the Claim including the nature of the potential Damages arising from such specific Claim or incident, the circumstances by which the Insured first became aware of the specific Claim, and the reason the Insured reasonably believes the subject Claim is likely to trigger coverage under this Policy. B. With respect to Breach Costs, the Named Insured must notify the Insurer of any actual or reasonably suspected Cyber Event as soon as practicable after discovery by the Insured but in no event later than 60 days after the end of the Policy Period. Notice may be provided to the Crum & Forster Cyber Response Team shown in Item 11. of the Declarations. Otherwise notice must be provided through the contacts listed in Item 10. of the Declarations. Notice of an actual or reasonably suspected Cyber Event in conformance with this paragraph will also constitute notice of a circumstance that could reasonably be the basis for a Claim . C. With respect a Cyber Extortion Threat, the Named Insured must notify the Insurer via the email address listed in Item 10. of the Declarations as soon as practicable after discovery of a Cyber Extortion Threat but in no event later than 60 days after the end of the Policy Period. The Named Insured must obtain the Insurer’s consent prior to paying any ransom or demand related to a Cyber Extortion Threat. D. With respect to any other First Party Loss or a loss from an eCrime Event, the Named Insured must notify the Insurer through the contacts listed in Item 10. of the Declarations as soon as practicable after discovery of the Cyber Event or eCrime Event.The Named Insured will provide the Insurer a proof of First Party Loss or TCM-POL-001 (01/19) Page 13 of 16 financial loss under the eCrime Loss Coverage. All loss described in this paragraph must be reported, and all proofs of loss must be provided, to the Insurer no later than six months after the end of the Policy Period unless the Insurer has agreed in writing to extend this deadline. E. Any Claim arising out of a Loss that is covered under Coverages D., Breach Costs, E., eCrime Loss or F., First Party Loss, and that is reported to the Insurer in conformance with paragraphs B., C. or D. above will be considered to have been made during the Policy Period. F. With respect to any circumstance that could reasonably be the basis for a Claim ,the Named Insured may give written notice of such circumstance to the Insurer through the contacts listed in Item 10. of the Declarations. Such notice must include: 1. the specific details of the act, error, omission or event that could reasonably be the basis for a Claim ; 2. the injury or damage which may result or has resulted from the circumstance; and 3. the facts by which the Insured first became aware of the act, error, omission or event. If such notice that meets the requirements outlined above is made during the Policy Period, then any subsequent Claim made against the Insured arising out of any circumstance reported to the Insurer will be considered to have been made at the time written notice complying with the above requirements was first given to the Insurer. IX. EXTENDED REPORTING PERIOD As a condition precedent to obtaining an Automatic Extended Reporting Period (AERP) or an Optional Extended Reporting Period (OERP), the full premium of this Policy, premium for any endorsements, and payment of Deductibles must have been paid in full. Neither the AERP nor the OERP reinstate or increase the Limits of Liability. Neither the AERP nor the OERP extend the Policy Period or change the scope of coverage afforded by this Policy. A. Automatic Extended Reporting Period If the Insurer or Named Insured cancel or non-renew this Policy for any reason other than non-payment of premium, non-payment of Deductible, non-compliance with any terms and conditions of this Policy or fraud or material misrepresentation, then the Named Insured shall be entitled to an AERP of 60 days from the date of Policy expiration or cancellation to report Claims in writing to the Insurer which are first made against the Insured during the AERP and which arise from a Technology/Professional Error or a Cyber Event that first occurs before the end of the Policy Period or from Multimedia Material first disseminated before the end of the Policy Period. If the OERP in subsection B. below is purchased, then this AERP shall be included within such OERP and will not further extend such OERP. B. Optional Extended Reporting Period If the Insurer or Named Insured cancel or non-renew this Policy for any reason other than non-payment of premium, non-payment of Deductible, non-compliance with any terms and conditions of this Policy or fraud or material misrepresentation, then the Named Insured shall be entitled to purchase an OERP from the options below. If elected, the OERP will begin on the date the Policy expires or is cancelled and would entitle the Insured to notify the Insurer in writing of Claims which are first made against the Insured during the OERP and which arise from a Technology/Professional Error or a Cyber Event that first occurs before the end of the Policy Period or from Multimedia Material first disseminated before the end of the Policy Period. C. OERP Options 1. 12 months for a premium not to exceed 100% of the annual premium; 2. 24 months for a premium not to exceed 150% of the annual premium; or 3. 36 months for a premium not to exceed 175% of the annual premium. D. In order to purchase the OERP, the Named Insured must provide the Insurer with written notice of its intention to do so no later than 30 days after the expiration or cancellation date of this Policy and must include full payment of premium for the OERP at that time. The entire OERP premium is fully earned and non-refundable as of the date the Named Insured notifies the Insurer of its intent to purchase the OERP and full payment must be made at that time for the OERP to apply. TCM-POL-001 (01/19) Page 14 of 16 X. OTHER CONDITIONS A. Cooperation The Named Insured shall immediately send the Insurer copies of all demands, notices, summonses or legal papers received in connection with a Claim or Loss.The Insured must do whatever is necessary to secure and affect any rights of indemnity, contribution or apportionment that the Insured may have. The Insured shall cooperate with counsel and the Insured shall refrain from discussing any Claim or Cyber Event with anyone other than counsel retained to represent the Insured or the Insurer’s representatives. All Insureds must fully assist and cooperate with the Insurer in the conduct, defense, investigation, negotiation and settlement of any Claim or Loss. At the Insurer’s request, the Insured must submit to an examination under oath, provide the Insurer with written statements as requested by the Insurer, attend meetings and negotiations; and produce and make available all information, records, documents and other materials which the Insurer deems relevant to the Claim or Loss. As respects any Claim,theInsured must attend hearings, depositions, proceedings, trials and appeals; and assist the Insurer in affecting settlements, securing and giving evidence and obtaining the attendance of witnesses, and pursuing or enforcing any right of contribution or indemnity against a person or entity who may be liable to any Insured. Except as otherwise provided in Section II., Defense and Settlement of Claims, Part A., no Insured will, except at its own cost, admit liability, settle a Claim , incur any expense to investigate a Claim, retain attorneys, incur Claims Expenses, assume any other obligation or incur any other expense with respect to a Claim without the Insurer’s prior written consent. Compliance with a statute or regulation that requires notice to government authorities, regulatory authorities or to persons whose personal information may have been accessed by an unauthorized individual, will not be considered an admission of liability for purposes of this clause. B. Due Dispatch The Insured Entity shall make every reasonable effort to restore operations as quickly as possible after a Cyber Event. If the Insured Entity does not resume operations, or does not resume operations as quickly as possible, the Insurer may reduce the payment of First Party Loss to the amount of First Party Loss based on the length of time it would have taken to resume operations as quickly as possible. C.Action Against the Insurer and Bankruptcy 1. No action shall be taken against the Insurer unless, as a condition precedent thereto, the Insureds shall h ave fully complied with all the terms and conditions of this Policy, nor until the amount of the Insured’s obligation to pay Damages for any Claim shall have been fully and finally determined either by judgment against the Insured or by written agreement between the Insureds, the claimant, and the Insurer. 2 . Nothing contained herein shall give any person or entity any right to join the Insurer as a party to any Claim against the Insureds to determine their liability. Nor shall the Insurer be impleaded by the Insureds or their legal representative in any Claim. 3. Bankruptcy or insolvency of the Insured or of the estate of the Insured shall not relieve the Insurer of its obligations nor deprive the Insurer of its rights or defenses under this Policy. D. Cancellation and Nonrenewal 1. This Policy may be canceled by the Named Insured by returning the Policy to the Insurer or its authorized representatives, or the Named Insured can cancel this Policy by written notice to the Insurer, stating at what future date cancellation is to be effective. If the Named Insured cancels, earned premium shall be computed u sing the customary short rate table. Provided, however, the premium shall be deemed fully earned if any Claim or Loss or other circumstance that could reasonably be the basis for a Claim or Loss is reported to the Insurer on or before the date of cancellation. 2. The Insurer can cancel the Policy by written notice to the Named Insured, at the address listed in Item 1. of the Declarations. The Insurer will provide written notice at least 30 days before cancellation is to be effective TCM-POL-001 (01/19) Page 15 of 16 and the earned premium will be computed pro-rata. However, if the Insurer cancels because the Named Insured has failed to pay a premium or Deductible when due, only 10 days written notice of cancellation will be required. 3. This Policy will terminate on the effective date of the cancellation. Return of unearned premium is not a condition of cancellation. Unearned premium will be returned as soon as practicable. 4. The Insurer will not be required to renew this Policy upon its expiration. If the Insurer elects not to renew this Policy, the Insurer will mail to the Named Insured, at the address listed in Item 1. of the Declarations, written notice of nonrenewal at least 30 days prior to the expiration date of this Policy. Any offer of renewal on terms involving a change of Deductible, premium, Limit of Liability, or other terms and conditions shall not constitute, nor be construed as, a failure or refusal by the Insurer to renew this Policy. 5. Proof of mailing of any notice of cancellation or nonrenewal shall be sufficient proof of notice. E. Assignment of the Insured’s Interest The interest of the Insured under this Policy is not assignable to any other person or organization, except with the Insurer’s prior written consent. F. Subrogation If any payment is made under this Policy and there is available to the Insurer any of the Insured’s rights of recovery against any other party, then the Insurer will maintain all such rights of recovery. The Insured will do whatever is reasonably necessary to secure such rights and will not do anything after an incident or event giving rise to a Claim or Loss to prejudice such rights. If the Insured has waived its right to subrogate against a third party through written agreement made before an act, incident or event giving rise to a Claim or Loss has occurred, then the Insurer will waive its rights to subrogation against such third party. Any recoveries will be applied first to subrogation expenses, second to Loss paid by the Insurer, and lastly to the Deductible.Any additional amounts recovered will be paid to the Named Insured. G. Changes Made to this Policy The terms and conditions of this Policy cannot be waived or changed except by specific written endorsement issued by Insurer and made part of the Policy. H. Application The statements contained in the Application, and any and all attachments, constitute the representations of all Insureds and are material. This Policy is issued and continued in force by the Insurer in reliance upon the truth, accuracy and completeness of such representations, which are the basis of this Policy and current as of the date of binding. Upon the binding of coverage, the Application and any and all attachments are incorporated in and form a part of the Policy. No knowledge or information possessed by any Insured shall be imputed to any other Insured, except for material facts or information known to the person or persons who signed the Application. In the event of any material untruth, misrepresentation or omission in connection with any of the particulars or statements in the Application, this Policy shall be void with respect to any Insured who knew of such untruth, misrepresentation or omission or to whom such knowledge is imputed. I. False or Fraudulent Claims If an Insured reports any Claim or Loss knowing such to be false or fraudulent, this Policy shall become void and all insurance coverage hereunder shall be forfeited as to the inception date of this Policy. J. Terms and Conditions of Policy Conformed to Statute Where necessary, the terms and conditions of this Policy will be amended to conform to applicable law. TCM-POL-001 (01/19) Page 16 of 16 K. Change in Risk If, during the Policy Period, an Insured is dissolved, sold, acquired by, merged into, or consolidated with another entity such that the Insured is not the surviving entity; or a third party receiver, conservator, trustee, liquidator, rehabilitator or any similar official is appointed for or with respect to the Insured, then coverage under this Policy shall continue in full force and effect until the expiration date or any earlier cancellation or termination date, but only with respect to events, acts or incidents that occur prior to such consolidation, merger or acquisition. L.Named Insured as Agent The Named Insured will be considered the agent of all Insureds, and will act on behalf of all Insureds with respect to the giving of or receipt of all notices pertaining to this Policy, and the acceptance of any endorsements to this Policy. The Named Insured is responsible for the payment of all premiums and Deductibles and for receiving any return premiums. M. Other Insurance 1. With respect to Coverage D., this Policy shall be primary of any other insurance policy. 2. With respect to Coverages A., B., C., E. and F.: all Loss payable under this Policy shall be in excess of and shall not contribute with other existing insurance including, but not limited to, any insurance under which there is a duty to defend regardless of whether any Loss is collectible or recoverable under such other insurance, unless such other insurance is written specifically excess of this Policy. This Policy shall not be subject to the terms or conditions of any other insurance. N. Policy Territory This insurance applies to Claims made and acts, errors or omissions committed, or Loss occurring anywhere in the world except countries or states against which the United States has implemented trade or diplomatic sanctions. O. Economic and Trade Sanctions or Violations of Law Any Loss, Claim , covered event or other transaction or matter which is uninsurable under any act, statute, rule, regulation, ordinance, common law, or other law of the United States of America concerning trade or economic sanctions or export control laws are not covered under this Policy. P. Entire Agreement The Insureds agree that this Policy, including the Application, Declarations and any endorsements, constitutes the entire agreement between them and the Insurer or any of its agents relating to this insurance. 12 Market Place, Essex Junction, VT 05452 | 877-883-8757 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation 6/8/2021 DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 EXHIBIT H Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 2 Copyright Information © 2021 by Vermont Systems This document is the property of Vermont Systems and is provided in conjunction with an agreement between the customer and Vermont Systems for Licensed Software or Software as a Service (SaaS). The document(s) and software referred to in this publication may not be copied, distributed, electronically transmitted, posted on the web or altered in any way without the express written consent of Vermont Systems. The information contained in this document is subject to change without notice. Vermont Systems 12 Market Place Essex Junction, VT 05452 www.vermontsystems.com DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 3 Contents I. Introduction................................................................................................................................................................. 4 II. Goals & Scope of Work............................................................................................................................................... 5 III. Commitment & Services ............................................................................................................................................ 6 IV. Statement of Work - Project Objectives ................................................................................................................... 9 V. Project Timeline - High Level Project Plan ............................................................................................................... 11 VI. Vermont Systems Project Team Resources ............................................................................................................ 13 VII. Period of Performance ........................................................................................................................................... 14 VIII. Implementation Escalation Process ...................................................................................................................... 15 IX. Project Expected Outcome ..................................................................................................................................... 16 X. Change Request Management ................................................................................................................................. 17 XI. Signatures ................................................................................................................................................................ 18 DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 4 I. Introduction The Statement of Work (SOW) covers the deliverables to implement Vermont Systems software applications; RecTrac, WebTrac, PayTrac, and hardware for the Parks and Recreation Department of the City of Kent, WA (the City/County). The goal of the project is a successful implementation of the RecTrac, WebTrac, and PayTrac recreation and parks software and hardware that are fully hosted by Vermont Systems for the City. Vermont Systems will coordinate with the City to establish a detailed project plan and outline to provide discovery, onsite training and support to ensure that the goal can be met on schedule. Upon contract signature, Vermont Systems will assign: one (1) Implementation Project Manager, one (1) Primary Installation Consultant to work with the City to prepare, plan, train, and support during implementation project. This project includes remote project planning "Discovery" time and onsite and remote training for RecTrac, WebTrac, PayTrac, and Hardware. Vermont Systems consultants/implementation specialists will perform all remote training & project discovery. All onsite training will be performed at Kent, WA facilities. All remote training and onsite training dates will be determined upon completion of signed contract and agreed upon by both parties. The total estimated cost of the project is $53,508.00, as stated in Vermont Systems Quote#QUO-05215-H8Q9T2. Minor adjustments to this amount will likely be processed as we only bill actual trave l expenses. Vermont Systems will bill Kent, WA based on the section 5.1 of Exhibit B of the contract. DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 5 II. Goals & Scope of Work The project goal is to install and configure and train lead users RecTrac, WebTrac, and PayTrac application for use by the City. A single, replicated database will be hosted by Vermont Systems on hosting servers at its’ Eastern/Western data center for use by all the City’s licensed system users with access to the internet. The project scope is inclusive to the City, with assets to include, but not limited to: •Administration Office/Recreation Business Office •Arts Center •Aquatics •Community Centers •League Operations •Fitness Center •Recreation Programs & Classes •Senior Activity Center This includes licensing for 25 concurrent RecTrac users (City staff) across the modules included in quote. Additional project goals and desired outcomes include: 1)To expand on existing software capabilities and make them available to all licensed Kent Parks & Recreation Department users. 2)To provide financial and inventory controls for all transactions processed. 3)To improve Kent Parks & Recreation Department operational efficiency and effectiveness. 4)Improve customer experience for the online, ecommerce (registration/booking/ticketing/ reservation) process. 5)Provide the Kent Parks & Recreation Department with comprehensive reporting and analysis capabilities. 6)Provide PCI-DSS & EMV compliant payment card gateway to a processor. Items not in project scope of work. Vermont Systems will not: A)Provide direct Database management/database build -creation. VS will guide the City Staff on database management and build-creation process. Although VS staff will not be entering the data, they will oversee the initial coding and data input to ensure it meets the business needs of the City. B)Install VIC hardware management tool on workstations. Vermont Systems support will assist IT with a VIC installation plan and provide instructions and plan a tech call on how to install. Vermont Systems will also support any installation issues if they arise if best practices are followed. DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 6 III. Commitment & Services This section outlines the tasks and responsibilities of the project stakeholders, defined as: 1)Vermont Systems 2)Kent Parks and Recreation, WA Vermont Systems Commitment: 1) Software Vermont Systems will provide the City with application software modules and integrated software and hardware options, as listed below (module capabilities are described in greater detail in Vermont Systems literature and on the Vermont Systems web site: https://www.vermontsystems.com/) RecTrac Application Software: Activity Registration Facility Reservations Pass Management - Membership Management Point-of-Sale Inventory Control/Tickets League Scheduling Incident Processing & Reporting Systems Administration Standard System Reports Total 25 Concurrent Users Custom Activity Registration Customer Brochure Interface Custom General Ledger Revenue Interface Vermont Systems LMS (Learning Management System) Content (RecTrac Lab) WebTrac Application Software: Activity Registration Facility Reservations Pass Management Point-of-Sale Inventory/Tickets League Scheduling Mobile WebTrac DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 7 WebTrac Workgroup Agents WebTrac Custom Style Sheet WebTrac Splash Page PayTrac - ERI Payment Card Interface ERI Credit Card Interface Vermont Systems Hosting Services RecTrac & WebTrac - Based on 25 RecTrac Users GOLD Level Hosting Service POS Hardware items, including items as listed in quote. (Referenced in Terms of Service Agreement) Progress Development Software & RDBMS Databas e (all applications) 2) Vermont Systems Services Vermont Systems will provide the following services in the project implementation: •Vermont Systems will provide implementation Project Planning, including an assigned Implementation Project Manager. Vermont Systems will provide access to our project management tool: Teamwork (a web-based application)- to manage the project. The City’s project stakeholders will have full access to this system to track progress. As we process your order, we will set up the tasks necessary to install the system and train your staff in the use of Teamwork. •Vermont Systems will provide initial implementation Discovery planning to include a review of the City’s business processes & database structure planning. •Software Hosting Services (reference SLA Hosting Service – Standard) Staff training for proposed applications: The typical approach is a "train the trainer" type session for City staff designated as "lead users". There is also access to the "RecTrac Lab" which is a Learning Management System (LMS) that users will have access to that include short quizzes at the end. The training will happen in the "Demo" database and should include realistic examples and data. Follow-up Q & A will happen with the Vermont Systems trainer to ensure issues and questions from training are addressed. An Implementation plan will be developed and agreed upon by both parties once the Services Agreement is signed. •RecTrac, WebTrac, PayTrac, and POS Hardware •Ongoing (post "Go Live") application premium support services (reference VS SLA Support & Terms of Service) •Vermont Systems Initial Data Import Vermont Systems provides for the import of the following data for the initial database setup: DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 8 1) Client Records (to include, but not limited to: Name, address, phone, email, age, grade, gender, comments). These are referenced as Household records in RecTrac and the import is called the Household Import Program. 2) Membership Data (to include ID card number, membership type and expiration information). •Data to be imported must be in "neutral" file format, such as CSV, XLS. Kent Parks and Recreation, WA Commitment: •Project Planning Resources assigned – Kent, WA Project Manager •Defined Application System Administrator(s) •Lead and primary application user(s) •Database Structure Planning and information (data) Including, but not limited to: - Financial accounts - Staff user profiles (with permissions) - Program data with fees - Facility data with fees - Membership data with fees - POS items, such as tickets, admissions, food, beverage etc. - League details - Contract and waiver forms - Website style and design requirements •Database admins to enter department data/information into system. •Financial Interface definitions - desired format and layout of revenue and refund interfaces. •Staff /location Internet Access - for all sites & staff that need access to system. •Training room/environment for database training and staff process training •Approve Vermont Systems POS Hardware Quotes for purchase •Establish Account with approved VS credit card gateway & acquire EMV devices. The City will assign a project lead (or team of leaders) to work intimately with the Vermont Systems team, including the Vermont Systems Primary Implementation Consultant. The City will schedule the appropriate staff for remote discovery and on-site & remote training sessions. Vermont Systems will work with key Kent personnel on training dates and times that are mutually agreeable. DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 9 IV. Statement of Work - Project Objectives The primary objective of this project is a successful implementation & use of the Vermont Systems software application for the City. Vermont Systems will coordinate with the City to establish goals and outline for the project with proper preparation and planning, and to provide quality onsite or remote training and support to ensure that the goal can be met on schedule. To ensure that success, there are key project milestones that Vermont Systems has outlined and are listed below: 1)Project Planning •Implementation Project Manager and Implementation Consultant(s) will hold multiple conference & planning calls with the City prior to onsite /remote trainings to discover the City’s business processes and procedures related to Vermont Systems software implementation process. The information mined during the discovery process will become the foundation of the Project plan for the project. •Vermont Systems will provide a project plan, in Teamwork Projects (project management software), to collaborate with the City’s project team. The project plan will be detailed with tasks and milestones for both responsible parties (Vermont Systems and Kent) to ensure project success. The Teamwork application can create an export of the project (excel file) that Vermont Systems can provide to the City on an interval (biweekly is recommended during implementation phase) 2)Project Implementation/Training The City will gather applicable materials and prepare staff before remote or onsite training. This includes outlines of specific City business processes and needs across all functional areas and departments. Detail is critical here, so that Vermont Systems and its implementation team can understand the scope and needs of the various business processes of the City. •Vermont Systems Consultants will train the City’s lead users and system administrators on the setup and management of the application database. The City’s lead users and administrators will learn the software, allowing them to enter data into system properly in the context of the Kent Parks and Recreation business processes. •Vermont Systems Consultants will train the City’s lead users and system administrators on the software daily processing, end of day and reporting procedures. The City’s lead users and administrators, with Vermont Systems Implementation team support and assistance, will then train the City’s staff on the use of the application. Vermont Systems is not always dialed in and engaged during these sessions but can be if Kent elects to use billable hours for this purpose . Follow-up online question and answer sessions with lead users and some end users is common. •Vermont Systems Consultants will support, train, and consult through the implementation period. 3)Project "Go Live" DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 10 •"Go Live" with RecTrac, WebTrac, PayTrac, and hardware. DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 11 V. Project Timeline - High Level Project Plan The project is defined as the implementation, training and use of Vermont Systems software applications for the City. The project is expected to take place over a 3-6 month-year period, starting in MONTH of 202X with a "Go Live" target date of MONTH 202X. The project timeline is based on a multi-phased approach, with four (4) primary phases included: Phase 1 - Planning & Discovery Phase 2 - Database Building & Training Phase 3 - Go Live Phase 4 - Ongoing System Use Each phase has specific requirements and details, relating to the overall project goals, including: Phase 1 - Planning & Discovery: Contract Negotiation: August 24, 2020 – Present Project Kick-off - Introduction Meeting – Remote: July 8, 2021 Project Discovery: July 12, 2021 – July 23, 2021 To include business process review, data analysis, database planning, information gathering, hardware overview/review and initial interface definition and discussion Discovery time - 8 hours of remote phone/online time Phase 2 - Database Building & Training Onsite Database Building - System Setup: August 2, 2021 – August 27, 2021 •Initial & ongoing database building - 1 Trips onsite/ remote (5 days) •There are two different environments. 1) Production 2) Demo The demo is auto populated from Production every Tuesday and Thursday mornings in the hosted environment. Testing and transactional training/reporting will happen primarily in the Demo environment. The data is City specific, so the production and demo are ONLY the cities data. End user Process Training September 1, 2021 – September 30, 2021 •Training staff on system processes – 1 Trips remote/onsite (5 days) Vermont Systems will provide workflow training and consulting during the onsite/remote training for each of the proposed application modules. This would include processes for creating accounts, registering, and transacting with patron accounts, possible updates and cancellations and end of day reporting and cash management processes/best practices. DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 12 Phase 3 - Go Live Ongoing End user process training: October 1, 2021 – October 29, 2021 •Final testing – the City is responsible for final system & hardware testing prior to "Go Live" date "Go Live" Date October, 2021 •Remaining time from Discovery or unused onsite time can be used for additional support during this process Phase 4 - Ongoing System Use RecTrac & WebTrac live operations: November 2021 and beyond •Day to day processing questions & assistance - Vermont Systems Support services •Additional City end-user training (if needed): - 0 hours of additional remote phone/online training included in pricing. Note: With the "Go Live," there will be ongoing follow up and support from Vermont Systems implementation team and support team after "Go Live." At a mutually agreed upon time frame, there will be a transition from the Vermont Systems implementation team as the primary provider of ongoing support to the Vermont Systems support team. DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 13 VI.Vermont Systems Project Team Resources Proposed Vermont Systems Project team will consist of the following staff: Planning & Implementation/Training Phase: Primary Implementation Consultant Name Name@vermontsystems.com Project Manager TBD Name@vermontsystems.com Implementation Manager Brian Hatch brianh@vermontsystems.com Ongoing Support Phase: Vermont Systems Support Team Team www.vermontsystems.com/support/ support@vermontsystems.com Director of Support Cullen Barber cullenb@vermontsystems.com Director of Services - Hosting Chris Tallman christ@vermontsystems.com Sales Related items: Sr. Sales Manager Josh Karson joshk@vermontsystems.com Director of Sales David Wirtz davew@vermontsystems.com DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 14 VII. Period of Performance All work must be scheduled to be completed within the agreed timeframe. The project timeframe has tentatively and initially been outlined with a start date of July 2021 (with the project Kickoff as the starting event) to a "Go Live" date of October 2021. In the initial discovery and planning conversations and final plan discussions, the City and Vermont Systems will agree upon dates. Once the final period of performance dates has been agreed upon, any extensions or modifications to the agreed timeframe will be considered a Project Change Request (PCR) and will be handled in the manner outlined in the Change Request Management section of this SOW. DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 15 VIII. Implementation Escalation Process During the Implementation project, if the City would like to escalate an issue with Vermont Systems, the list below will provide the appropriate route to follow. Role Name Email 1. Primary Implementation Consultant Name name@vermontsystems.com 2. Implementation Project Manager TBD name@vermontsystems.com 3. Implementation Manager Brian Hatch Brianh@vermontsystems.com 4. Director of Services Cullen Barber Cullenb@vermontsystems.com 5. President Scott Strong ScottS@vermontsystems.com DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 16 IX. Project Expected Outcome This section defines the success of the project for both stakeholders (Vermont Systems & Kent, WA). At the highest level, project success is the fulfillment of all the goals and objectives outlined in this Statement of Work. This would include: The installation and setup of the RecTrac database and WebTrac online system Kent Parks & Recreation staff trained and working in the application Hardware setup and functional across City locations Reporting and interfaces to Finance functional and working properly Patron online transactions with WebTrac DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 17 X. Change Request Management A "change request" is a written request to change the scope of this SOW. Project Change Requests (PCRs) submitted by the City or Vermont Systems shall be documented in writing and be referenced explicitly as a Project Change Request. The PCR must describe the change, the rationale for the change, and the effect it will have on the project. PCRs will go into effect only once mutually agreed to in writing by both parties. The City acknowledges that PCRs for requirements outside the scope of this SOW may be subject to additional fees and/or adjustment of the project schedule. DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 Statement of Work, Kent Parks & Recreation, 3.1 Software Implementation RecTrac 3.1 ©2021 by Vermont Systems 18 XI. Signatures __________________________________________ _____________________ Brian Hatch, Implementation Manager Date Vermont Systems __________________________________________ _____________________ Name of City Lead/Administrator, Title Date Kent Parks and Recreation, WA 06/09/2021 DocuSign Envelope ID: 277057C9-C5E2-4EE4-B277-341050EA9E50 CITY OF KENT EQUAL EMPLOYMENT OPPORTUNITY POLICY The City of Kent is committed to conform to Federal and State laws regarding equal opportunity. As such all contractors, subcontractors and suppliers who perform work with relation to this Agreement shall comply with the regulations of the City’s equal employment opportunity policies. The following questions specifically identify the requirements the City deems necessary for any contractor, subcontractor or supplier on this specific Agreement to adhere to. An affirmative response is required on all of the following questions for this Agreement to be valid and binding. If any contractor, subcontractor or supplier willfully misrepresents themselves with regard to the directives outlines, it will be considered a breach of contract and it will be at the City’s sole determination regarding suspension or termination for all or part of the Agreement. The questions are as follows: 1. I have read the attached City of Kent administrative policy number 1.2. 2. During the time of this Agreement I will not discriminate in employment on the basis of sex, race, color, national origin, age, or the presence of all sensory, mental or physical disability. 3. During the time of this Agreement the prime contractor will provide a written statement to all new employees and subcontractors indicating commitment as an equal opportunity employer. 4. During the time of the Agreement I, the prime contractor, will actively consider hiring and promotion of women and minorities. 5. Before acceptance of this Agreement, an adherence statement will be signed by me, the Prime Contractor, that the Prime Contractor complied with the requirements as set forth above. By signing below, I agree to fulfill the five requirements referenced above. By: ____________________________________________________________________________ For: ___________________________________________________________________________ Title: __________________________________________________________________________ Date: _________________________________________________________________________ EXHIBIT I CITY OF KENT ADMINISTRATIVE POLICY NUMBER: 1.2 EFFECTIVE DATE: January 1, 1998 SUBJECT: MINORITY AND WOMEN SUPERSEDES: April 1, 1996 CONTRACTORS APPROVED BY Jim White, Mayor POLICY: Equal employment opportunity requirements for the City of Kent will conform to federal and state laws. All contractors, subcontractors, consultants and suppliers of the City must guarantee equal employment opportunity within their organization and, if holding Agreements with the City amounting to $10,000 or more within any given year, must take the following affirmative steps: 1. Provide a written statement to all new employees and subcontractors indicating commitment as an equal opportunity employer. 2. Actively consider for promotion and advancement available minorities and women. Any contractor, subcontractor, consultant or supplier who willfully disregards the City’s nondiscrimination and equal opportunity requirements shall be considered in breach of contract and subject to suspension or termination for all or part of the Agreement. Contract Compliance Officers will be appointed by the Directors of Planning, Parks, and Public Works Departments to assume the following duties for their respective departments. 1. Ensuring that contractors, subcontractors, consultants, and suppliers subject to these regulations are familiar with the regulations and the City’s equal employment opportunity policy. 2. Monitoring to assure adherence to federal, state and local laws, policies and guidelines. CITY OF KENT EQUAL EMPLOYMENT OPPORTUNITY COMPLIANCE STATEMENT This form shall be filled out AFTER COMPLETION of this project by the Contractor awarded the Agreement. I, the undersigned, a duly represented agent of Company, hereby acknowledge and declare that the before-mentioned company was the prime contractor for the Agreement known as that was entered into on the (date), between the firm I represent and the City of Kent. I declare that I complied fully with all of the requirements and obligations as outlined in the City of Kent Administrative Policy 1.2 and the Declaration City of Kent Equal Employment Opportunity Policy that was part of the before-mentioned Agreement. By: ____________________________________________________________________________ For: ___________________________________________________________________________ Title: __________________________________________________________________________ Date: _________________________________________________________________________