Loading...
The URL can be used to link to this page
Your browser does not support the video tag.
Home
My WebLink
About
CAG2024-461 - Original - Go1 USA, LLC - Premium Pro e-Learning - 11/1/24
FOR CITY OF KENT OFFICIAL USE ONLY Sup/Mgr: Agreement Routing Form DirAsst: • For Approvals,Signatures and Records Management Dir/Dep: KENT This form combines&replaces the Request for Mayor's Signature and Contract Cover (optional) WASHINGTON Sheet forms. (Print on pink or cherry colored paper) Originator: Department: Kari Endicott Human Resources Date Sent: Date Required: c 09/30/2024 9/30/2024 Q Mayor or Designee to Sign. Date of Council Approval: Q Interlocal Agreement Uploaded to Website n/a Budget Account Number: Grant? Yes No�✓ Budget?❑✓ Yes E]No Type: N/A Vendor Name: Category: Got Contract Vendor Number: Sub-Category: Original 0 Project Name: OProject Details: C 40 C Basis for Selection of Contractor: � Agreement 99 $33.09 Other E � *Memo to Mayormustbe attached � Start Date: 1 1 1/1/2024 Termination Date: 10/31/2026 lm a Local Business? Yes ✓�No*if meets requirements per KCC 3.70.100,please complete"Vendor Purchase-Local Exceptions"form on Cityspace. Business License Verification: ❑Yes In-Process F1 Exempt(KCC 5.01.045) FlAuthorized Signer Verified Notice required prior to disclosure? Contract Number: CAG2024-461 F—]Yesl:]No Comments: a Learning Content Provider. 0 � c in = 3 0 N a Date Received:City Attorney: Date Routed:MayQr;s,Offj�eq City CI-- S-0f i e 9/90/24 adccW22373_7_20 Visit Documents.KentWA.gov to obtain copies of all agreements vv// rev.20221201 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC KENT AGREEMENT FOR SOFTWARE AS A SERVICE WASHINGTON This Software as a Service (SAAS) Agreement (Agreement) is between the City of Kent (City), a Washington Municipal Corporation located at 220 Fourth Avenue South, Kent, WA 98032 and Goi USA LLC (Vendor or Go1), organized under the laws of the State of Delaware with its principal place of business at 548 Market St PMB 40720, San Francisco, California 94104-5401 US, effective on the last date signed below. Goi is a content aggregator providing City with a single access point to content. Where there is any inconsistency between this Agreement and the Order Form, attached hereto as Exhibit A. In the event of a conflict between Exhibits and this Agreement, the Order Form and then the Agreement shall control. 1. Grant of License to Access and Use Service. For the term of this Agreement including any renewals, Vendor hereby grants to City, including to authorized End Users, a limited, revocable, non-exclusive, non-sublicensable, non-assignable, royalty-free, and worldwide license to access and use the Goi Services as set out in this Agreement and the applicable Order Form, solely for the purpose of the education or training of City or End Users through the Services, in accordance with the Agreement or restrictions associated with Courses. Vendor reserves all other rights not expressly granted herein (the "Services"or"Go1 Services"). City shall refrain from taking any steps such as reverse assembly or reverse compilation, to derive a source code equivalent to the Services as further described in Section 9.4. 2. License Term. The initial term of this Agreement shall be 2 years from the License Term Start Date identified in the order form (Initial Term) with the option for the City to renew annually thereafter for an additional 1 year(s) (each, a Renewal Term). The City shall have the sole option to renew by written notice prior to the expiration of the Initial Term or any Renewal Term. Vendor shall send an offer of renewal at least 30 days before expiration of the Initial Term or any Renewal Term. Any reference in this Agreement to "days" shall mean "calendar days" unless a different meaning is expressly stated. 3. Subscription Fees/Taxes. 3.1 Fee. Fees for Licensed Users, as defined in the Product Description, attached hereto as Exhibit B, and any premium support services. Fees charged under this Agreement are not to exceed $99,833.09 except by agreement of the parties. 3.2 Payment. Got Services are invoiced annually in advance, on the License Term start date and each anniversary of that date. City agrees to pay the fees within 30 days from the issue date of the invoice. All invoices will only be delivered electronically to City. Goi may charge interest at a monthly rate equal to the lesser of 1.5% per month or the maximum rate permitted by applicable law on any overdue Fees, from the due date until the date the overdue amount (plus applicable interest) is paid in full. Any Fees that are unpaid as of the date of termination or expiration, will be immediately due and payable. 3.3 Undisputed Fees. Undisputed invoices shall be due and payable within 30 days of invoice receipt. City shall notify Vendor in writing of any disputed amount within 15 business days of appropriate receipt of the applicable invoice. Portions of invoices that are subject to a good faith billing dispute shall not be considered delinquent for purposes of this Agreement. Disputed billings are subject to Section 16, Dispute Resolution. AGREEMENT FOR SOFTWARE AS A SERVICE Page 1 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC 3.4 Taxes. All contract amounts shall be inclusive of sales or other applicable taxes, and invoices shall include all tax obligations stated separately from the contract amounts. City shall pay all applicable sales, use, value added or similar taxes to Vendor and Vendor shall remit all such taxes, if imposed by local and/or state authorities on all software, and other taxable goods and services procured by the City under this Agreement. 3.5 Card Payment Program. The Vendor may elect to participate in automated credit card payments provided for by the City and its financial institution. This Program is provided as an alternative to payment by check and is available for the convenience of the Vendor. If the Vendor voluntarily participates in this Program, the Vendor will be solely responsible for any fees imposed by financial institutions or credit card companies. The Vendor shall not charge those fees back to the City. 3.6 Go1 may increase the Fees by the greater of three percent (3%) or CPI of list price for any renewal following the Initial Term. Any discounts apply during the initial License Term only. 4. System Availability and Support Services. a. Support. During the License Term and in accordance with this Agreement, Got will provide End Users with access to the Goi Content, and use of the Goi Services, up to the Service Capacity, as described the applicable Order Form. Got will provide support services to City in accordance with its support policy attached hereto as Exhibit C. b. Update, Modification or Discontinuance of the Got Services. (i) As a content aggregator providing City with a single access point to content, Goi may update or modify the Courses, materials, or Services (other than City Data and related materials), or discontinue their availability at any time, in accordance with Goi's separate arrangements with its content providers. Goi does not guarantee content provider or Course availability and expressly disclaims issues arising from content providers or Courses including any embedded links or URL to third party sites. (ii) In circumstances where Courses have been materially modified, or discontinued, and this results in a material adverse effect on your receipt of the Services, Got will use commercially reasonable efforts to source substantially similar replacement Courses; where Goi is unable to source a substantially similar replacement Course the Customer may, acting reasonably, terminate the Course. Customer's subscription to the remainder of the Services it subscribes to from Goi under the Agreement will remain in place and will not be impacted by the termination described in this clause. S. Representation and Warranties. 5.1 Mutual Representations and Warranties. Each Party represents and warrants to the other Party that (a) such Party has the required power and authority to enter into this Agreement and to perform its obligations hereunder, and shall have obtained and maintain all licenses, permits and certifications required for such Party in connection with the performance of such Services; (b) the execution of this Agreement and performance of its obligations hereunder do not and will not violate any other agreement to which it is a party; and (c) this Agreement constitutes a legal, valid and binding obligation when signed by both Parties. 5.2 Vendor Warranties and Representations. Vendor represents and warrants that the Services will be performed in a professional and workmanlike manner, consistent with applicable industry standards and the corresponding specifications set forth in this Agreement. 5.3 Limited Warranty and Remedy for Services. Vendor represents and warrants that it AGREEMENT FOR SOFTWARE AS A SERVICE Page 2 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC shall perform all Services required pursuant to this Agreement in a professional manner, with high quality. Vendor represents and warrants that the Services, as delivered to and paid for by the City, will substantially conform to the applicable Product Description during the License Term subject to section 5.4 below. City will notify Vendor of a claim under this warranty within 30 days of the date on which the condition giving rise to the claim first appeared. To the extent permitted by law, City's sole and exclusive remedy, and Vendor's sole liability under or in connection with this warranty is described below in Section 5.4. 5.4 No warranty or representation a. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, SUBJECT TO 5.3, G01 MAKES NO OTHER WARRANTY, REPRESENTATION OR GUARANTEE, WHETHER EXPRESS OR IMPLIED: (i) AS TO THE USEFULNESS OF THE SERVICES OR MATERIALS, NOR ANY OF THE PRODUCTS AND SERVICES PROMOTED ON THE WEBSITE OR APP OR VIA LINKED WEBSITES OR COMMUNICATED TO CITY BY VENDOR; (ii) AS TO THE APPROPRIATENESS OF THE COURSES OR MATERIALS PROVIDED TO CITY BY VENDOR OR ITS EMPLOYEES, CONTRACTORS, AGENTS OR REPRESENTATIVES; (iii) AS TO THE QUALITY, ACCURACY, RELIABILITY, CURRENCY, PERFORMANCE, COMPLETENESS OR FITNESS FOR PURPOSE OF ANY PART OF THE SERVICES, THE WEBSITE, THE APP, THE COURSES, THE MATERIALS AND OTHER INFORMATION COMMUNICATED TO CITY BY G01 OR ITS EMPLOYEES, CONTRACTORS, AGENTS OR REPRESENTATIVES; (iv) THAT USE OF THE WEBSITE, THE APP, OR THE SERVICES WILL BE UNINTERRUPTED; (v) AS TO THE RESULTS THAT MAY BE OBTAINED FROM USE OF THE SERVICES; OR (vi) THAT THE WEBSITE, THE APP, THE MATERIALS OR THE FACILITIES THAT MAKE THE WEBSITE, THE APP AND THE MATERIALS AVAILABLE, WILL NOT CAUSE DAMAGE, OR ARE FREE FROM ANY MALICIOUS CODE OR ANY OTHER DEFECTS OR ERRORS. b. THE SOLE AND EXCLUSIVE REMEDY FOR BREACH OF ANY EXPRESS OR IMPLIED WARRANTY OR CONDITIONS THAT CANNOT BE EXCLUDED IS RESTRICTED, AT GOYS OPTION, TO: (i) THE RE-SUPPLY OF THE RELEVANT SERVICES; (ii) THE COST OF THE RE-SUPPLY OF THE RELEVANT SERVICES; OR (iii) THE PROPORTIONAL AMOUNT PAID BY CITY TO G01 IN RESPECT OF THE SERVICES. 5.5 Responsibility. At all times during the License Term of this Agreement, at each party's cost, the parties shall comply with all applicable laws and Applicable Data Protection Laws. 6. City Data/Vendor Obligations. 6.1. Ownership. (a) The information and materials that City submits, uploads or transfers, or causes to be submitted, uploaded, or transferred to the SAAS or Services (City's Data) remains the proprietary property of the person or entity supplying it (or their affiliated and/or third-party providers and suppliers, as is relevant). City owns all right, title, and interest in the City Data and has obtained all AGREEMENT FOR SOFTWARE AS A SERVICE Page 3 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC necessary permissions and consent for such City Data and Go1's use in accordance with this Agreement will not infringe the intellectual property rights of any third party. (b) City grants Goi a limited, worldwide, royalty free, non-exclusive, non-transferable right to use the City Data during the License Term for the purpose of delivering the Services. (c) Goi may use City Data to improve and enhance the Services and for other development including diagnostic and corrective purposes in connection with the Services and other Goi offerings. We may disclose such data in aggregate or other lawful de-identified form. 6.2. Data Protection. Vendor shall maintain and handle all of City's Data with commercially reasonable physical, electronic, and procedural safeguards to protect and preserve the confidentiality and security of City's Data. If Applicable Data Protection Laws apply to any data used as part of the Services, then the relevant provisions of the Goi Data Processing Agreement shall apply, attached hereto as Exhibit D, and such provisions are incorporated into this Agreement by reference. 6.3. Collection and use of personal information (a) Got will collect and use personal information in accordance with the Got Privacy Policy, attached hereto as Exhibit E. Goi may retain and use Personal Data (as defined in the Goi Privacy Policy) of End User(s), including, without limitation, their name, business address, email address, contact details and Courses undertaken or scheduled and contact, deal directly with, and/or offer Courses to End User(s). (b) City agrees to not supply Got with any sensitive personal information or special categories of data. 7. Intellectual Property Ownership. Vendor (and its Licensors, where applicable) shall own all right, title and interest, including all related Intellectual Property Rights, in and to the SAAS and Service, the Got Content, the Course, materials, and in its software, applications, inventions or other technology developed in connection with the provision of support and all intellectual property rights in or related to anything in this section 7 (Go1 IP). This Agreement, does not convey to City any rights of ownership in or to Go1's IP or Intellectual Property Rights owned by Vendor and its Licensors, where applicable. This Agreement does not contemplate custom development on behalf of the City of Kent of software or technology. S. Non-Disclosure of Confidential Information. The Parties' obligations regarding non- disclosure of Confidential Information is contained in the attached and incorporated Exhibit F. All Confidential Information is and shall remain the property of its owner to the extent consistent with applicable law. The disclosure of Confidential Information to the other party does not grant to it any express or implied right to or under any patents, copyrights, trademarks, or trade secret information except as otherwise provided herein. 9. City Obligations. 9.1 Hardware Obligations. City shall be responsible for (a) obtaining and maintaining all computer hardware, software, and communications equipment needed to internally access the Service, and (b) paying all third-party access charges incurred while using the Service. 9.2 Anti-Virus Obligations. City will use commercially reasonable efforts to safeguard against computer infection, viruses, worms, Trojan horses, and other code that manifest contaminating or destructive properties (collectively "Viruses") that may reasonably affect Vendor's SAAS Services. AGREEMENT FOR SOFTWARE AS A SERVICE Page 4 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC 9.3 Policies. City will comply with its privacy policy, the Product Description, and the Acceptable Use Policy, attached hereto as Exhibit G. City is responsible for actions and omissions of End Users. 9.4 Restricted Uses. City will not: a. knowingly upload or distribute any files that contain viruses, corrupted files, or any other similar software or programs that may damage the operation of the Service, b. modify, disassemble, decompile or reverse engineer the Service or pre-release hardware devises or software disclosed, C. probe, scan, test the vulnerability of, or circumvent any security mechanisms used by, the sites, servers, or networks connected to the Service, d. copy, reproduce, resell or commercially exploit the Service, e. without authority, access or use any other clients' or their users' data through the Service, f. maliciously reduce or impair the accessibility of the Service, g. reverse engineering, decompiling or disassembling any software code and/or pre-release hardware devices disclosed 10. Indemnification Obligations. 10.1 City Indemnification Obligations. Subject to Section 10.4 below, City shall defend, indemnify, and hold Vendor and its parent organizations, subsidiaries, Affiliates, officers, directors and employees harmless from and against any and all claims, costs, damages, losses, liabilities and expenses (including reasonable attorneys' fees and costs) arising out of or in connection with: (i) a third party claim alleging that the use of City Data infringes the rights of a third party; (ii) City or End Users use or attempted use of the Services or any Course or materials in violation of this Agreement; and (iii) City or End Users breach of any applicable laws. 10.2. Vendor Indemnification Obligations. Subject to Section 10.4 below, Vendor shall defend and indemnify City and its elected officials, officers, employees, agents and attorneys against any and all claims, costs, damages, losses, liabilities and expenses (including reasonable attorneys' fees and costs) arising out of or in connection with: (i) a third party claim alleging that City's use of the Got Services directly infringes the third party's patent, copyright, or trademark; or misappropriates the rights of the third party's trade secret (Infringement Claim); and (ii) a third- party claim alleging Goi's breach of any laws applicable to Goi as a data processor under applicable laws. 10.3 Go1's Response. a. In the defense or settlement of any Infringement Claim, Got may, at its sole option and expense: i. (i) procure a license for City to continue using the Services under the terms of this Agreement; (ii) replace or modify the allegedly infringing Services to avoid the infringement; or (iii) where (i) or (ii) are not reasonable or commercially feasible, terminate City's license and access to the Services (or its infringing part) and refund any prepaid unused fees as of the date of termination. AGREEMENT FOR SOFTWARE AS A SERVICE Page 5 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC ii. In addition to the remedies set forth in subparagraph x, if an Infringement Claim materially affects City's ability to use the Services, City may, at its option and upon written notice to us, terminate the Agreement. Upon such termination, we will refund City any prepaid fees for Services not rendered as of the date of termination. b. Go1 shall have no obligation under this indemnity section to the extent an infringement allegation is based upon: (i) use of the Services in violation of this Agreement; (ii) modifications to the Services, or Go1's modification when directed by City, or any third party acting on City's behalf; (iii) City's failure to update or upgrade including corrections and enhancements, delivered to City by Goi, if such upgrade or correction would have prevented the infringement; or (iv) third party products, services, hardware, software, opensource, or other materials, or combination of these with the Services if the Services would not be infringing without the combination. 10.4. As an express condition of the foregoing indemnification obligations, the parties hereby agree that: a. the indemnified party shall promptly notify the indemnifying party in writing for any Claim for which indemnification is sought; b. the indemnified party shall cooperate with all reasonable requests of the indemnifying party (at the indemnifying party's expense) in defending or settling such claim. C. the indemnifying party shall be allowed to control the defense and settlement of such claim; d. the indemnifying party may not settle any Claim that includes an admission of liability, fault, negligence or wrongdoing on the part of the indemnified party unless the indemnified party provides prior written consent, e. the indemnified party shall have the right, at its option and expense, to participate in the defense of any action, suit or proceeding relating to such a claim through counsel of its own choosing; f. each indemnified party will undertake commercially reasonable efforts to mitigate any loss or liability resulting from an indemnification claim related to or arising out of this Agreement. 10.5. The remedies in this Section 10 (Indemnification Obligations) are, in addition to any termination or suspension remedies expressly set forth in this Agreement, indemnified party's sole and exclusive remedies and indemnifying party's sole liability regarding the subject matter giving rise to any Claim, including any Claims regarding confidentiality obligations involving City Data. 11. Limitation of Liability 11.1. SUBJECT TO 11.2 and 11.3, TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY SHALL BE LIABLE FOR ANY INDIRECT OR CONSEQUENTIAL LOSS. IN NO EVENT SHALL EITHER PARTY'S AGGREGATE LIABILITY FOR ANY CLAIMS ARISING OUT OF OR RELATED TO THIS AGREEMENT EXCEED THE AMOUNT PAID OR PAYABLE BY CITY TO G01 FOR ACCESS TO OR USE OF THE SERVICES DURING THE TWELVE (12) MONTHS IMMEDIATELY PRIOR TO THE EVENT GIVING RISE TO SUCH LIABILITY. NOTWITHSTANDING THE LIMITATION ABOVE, EACH PARTY'S LIABILITY ARISING FROM BREACH OF ITS CONFIDENTIALITY OBLIGATIONS HEREUNDER, WILL BE LIMITED AGREEMENT FOR SOFTWARE AS A SERVICE Page 6 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC TO TWO (2) TIMES THE FEES PAID OR PAYABLE BY CITY TO G01 IN THE TWELVE (12) MONTHS PRIOR TO THE DATE THE RELEVANT CLAIM AROSE. 11.2. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY (WHETHER IN CONTRACT, TORT, NEGLIGENCE OR OTHERWISE) WILL G01 OR OUR AFFILIATES, OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, SERVICE PROVIDERS, SUPPLIERS OR LICENSORS BE LIABLE TO YOU OR ANY AFFILIATE RESULTING FROM: (1) ANY CONDUCT OR CONTENT OF ANY PARTY OTHER THAN GO1, INCLUDING WITHOUT LIMITATION, ANY DEFAMATORY, OFFENSIVE, OR ILLEGAL CONDUCT; OR (2) UNAUTHORIZED ACCESS, USE, OR ALTERATION OF CUSTOMER DATA OR INFORMATION UNLESS SUCH UNAUTHORIZED ACCESS, USE, OR ALTERATION ARISES DIRECTLY FROM G01'S FAILURE TO COMPLY WITH APPLICABLE DATA PROTECTION LAWS. 11.3. SECTION 11.1 DOES NOT APPLY TO ANY FAILURE TO PAY ANY AMOUNTS DUE UNDER THIS AGREEMENT. 11.4. NOTHING IN THIS AGREEMENT (I) LIMITS OR EXCLUDES THE LIABILITY OF EITHER PARTY FOR DEATH OR PERSONAL INJURY CAUSED BY GROSS NEGLIGENCE, OR THE GROSS NEGLIGENCE OF A PARTY'S EMPLOYEES, AGENTS OR CONTRACTORS (AS APPLICABLE), FRAUD OR FRAUDULENT MISREPRESENTATION, OR (II) EXCLUDES ANY RIGHTS OR REMEDIES AVAILABLE TO YOU UNDER ANY APPLICABLE CONSUMER LAWS IN THE APPLICABLE JURISDICTION, WHICH CANNOT BE CONTRACTUALLY EXCLUDED OR RESTRICTED. 11.5. NEITHER PARTY WILL BE LIABLE FOR BREACH-OF-CONTRACT DAMAGES SUFFERED BY THE OTHER PARTY THAT ARE REMOTE OR SPECULATIVE, OR THAT COULD NOT HAVE REASONABLY BEEN FORESEEN ON ENTRY INTO THIS AGREEMENT. 12. Insurance. Vendor shall maintain insurance that is sufficient to protect its business against all applicable risks, at a minimum as set forth in the attached and incorporated Exhibit H, "Insurance Requirements." Vendor shall promptly provide City with certificates of insurance to evidence Vendor's continued compliance with Exhibit H. 13. Termination of Agreement. 13.1 Delivery and Termination for Convenience. Got Services are deemed to be delivered and accepted by City on the License Term start date outlined in the Order Form. Following the Initial Term, City may terminate any renewal term by providing 30 days written notice of its intent to terminate. 13.2 Termination by City for Cause. In addition to any other rights granted to City in this Agreement or under law, City has the right to terminate this Agreement upon written notice due to: a. a material breach of a term, representation, or warranty under this Agreement (including a material breach under an Attachment, Addendum and/or Exhibit to this Agreement) by Vendor of any of its subcontractors or licensors of services if such material breach is not remedied within 30 days following receipt of written notice from City; or b. The Kent City Council fails to appropriate funds for contract payments. C. Vendor files for protection under bankruptcy laws, makes an assignment for the benefit of creditors, appoints or suffers appointment of a receiver or trustee over its property, files a petition under any bankruptcy or insolvency act or has any such petition filed against it which is not discharged within 60 days of the filing thereof. AGREEMENT FOR SOFTWARE AS A SERVICE Page 7 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC 13.3 Termination by Vendor for Cause. In addition to any other rights granted to Vendor in this Agreement or under law, Vendor reserves the right, upon written notice to City, to terminate this Agreement due to: a. any undisputed amounts City owes that are delinquent greater than 30 days; or b. a material breach of the terms of this Agreement, other than a payment obligation, by City or its users if such breach is not remedied within 30 days following receipt of written notice of such breach from Vendor to City; or C. a third party's claim that City's Data, and/or Intellectual Property infringes upon such third party's rights. 13.4 No Suspension of Service. Provided City continues to timely make all undisputed payments, Vendor warrants that during the term of this Agreement, Vendor will not withhold Services provided herein, for any reason, including but not limited to a dispute between the parties arising under this Agreement, except as may be specifically authorized herein. 13.5 Effect of Termination. a. If City terminates for cause or Vendor terminates without cause, City will only be obligated to pay the amounts then due for services provided meeting Vendor's contractual commitments as calculated up to the date of termination and, if applicable, City will be reimbursed a prorated amount of unused, prepaid fees. b. If Vendor terminates for cause that City does not dispute or if City terminates without cause and a balance is still due on City's account, then City agrees that Vendor may bill City for such unpaid fees due up to the date of termination. C. In the event this Agreement terminates for any reason, Vendor shall provide the City a file of City's Data in a format acceptable (and at no cost) to City within 30 days of the effective date of termination. City shall have 60 days following termination to notify Vendor if litigation, laws, regulations, or other lawful process requires Vendor retain City's data on its SAAS beyond the termination of this Agreement. City will thereafter promptly notify Vendor when such litigation, laws, regulations, or other lawful process no longer requires Vendor maintain the City's data on its SAAS. Vendor may dispose of City's data at Vendor's expense as permitted by law 61 days after termination, if City provides no notice otherwise; or after City notifies Vendor there are no laws, regulations, litigation, etc. requiring further retention. Retained data is subject to the confidentiality provisions of the Agreement. 14. Remedies. Termination of this Agreement shall not affect any right of action of either party prior to the termination being affected. Unless stated otherwise herein, all remedies shall be cumulative and may be exercised concurrently, or separately, which shall not be deemed to constitute an election of any one remedy to the exclusion of any other. In addition to any other remedy provided for herein, or at law or equity, City shall have the right to recover from Vendor all damages reasonably caused by default of any representation or warranty. This paragraph shall not limit City's right to pursue any other remedy available to it in law, at equity or pursuant to this Agreement. 15. Non-Discrimination. In the hiring of employees for the performance of work under this Agreement or any subcontract, the Vendor, its subcontractors, or any person acting on behalf of the Vendor or subcontractor shall not, by reason of race, religion, color, sex, age, sexual orientation, national origin, or the presence of any sensory, mental, or physical disability, discriminate against any person who is qualified and available to perform the work to which the employment relates. The AGREEMENT FOR SOFTWARE AS A SERVICE Page 8 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Vendor shall execute the City of Kent Equal Employment Opportunity Policy Declaration and comply with City Administrative Policy 1.2, as applicable, both incorporated as Exhibit I. 16. General Provisions 16.1 Governing Law and Venue. The Agreement will be governed by the laws of Washington and its choice of law rules. Vendor irrevocably consents to the exclusive personal jurisdiction and venue of the federal and state courts located in King County, Washington, with respect to any dispute arising out of or in connection with the Agreement and agrees not to commence or prosecute any action or proceeding arising out of or in connection with the Agreement other than in the aforementioned courts. 16.2. Dispute Resolution. The City and Vendor desire, if possible, to resolve disputes, controversies and claims (Disputes) arising out of this Agreement without litigation. To that end, upon written notification of dispute by a party to the other, each party shall appoint a knowledgeable, responsible management representative to meet and negotiate in good faith to resolve any Dispute arising under this Agreement. If the parties are unable to settle any Dispute, the exclusive means of resolving that Dispute shall only be by filing suit as provided for under Section 16.1, unless the parties agree in writing to an alternative dispute resolution process. 16.3 Severability. If any provision of the Agreement is held to be invalid or unenforceable for any reason, the remaining provision will continue in full force without being impaired or invalidated in any way. The City and Vendor agree to replace any invalid provision with a valid provision that most closely approximates the intent and economic effect of the invalid provision. 16.4. Nonwaiver. Any failure by either party to enforce strict performance of any provision of the Agreement will not constitute a waiver of its right to subsequently enforce such provision or any other provision of the Agreement. 16.5 No Assignment. Either party may assign this Agreement and all of its rights and obligations hereunder as part of a corporate reorganization, consolidation, merger, or sale of substantially all of its assets so long as said assignee accepts all of the respective Agreements rights and obligations of its predecessor as provided in this Agreement without limitation. Except as expressly stated in this Agreement, neither party may otherwise assign its rights or obligations under this Agreement either in whole or in part without the prior written consent of the other party, and any attempted assignment or delegation without such consent will be void. 16.6 Notices. Any notice given under this Agreement must be in writing, in English, by email to the following addresses (or addresses notified in writing by either Party): (A) to Goi at legal@goi.com and (B) to City at City's email address stated on the Order Form, or at your registered address. Either party may change its address by giving written notice of such change to the other party. 16.7 Legal Fees. In any claim or lawsuit for damages arising from the parties' performance of this Agreement, each party shall pay all its legal costs and attorney's fees incurred in defending or bringing such claim or lawsuit, including all appeals, in addition to any other recovery or award provided by law; provided, however, nothing in this paragraph shall be construed to limit either party's right to indemnification under Section 10 of this Agreement. 16.8. Force Majeure. Neither party shall be liable to the other for breach due to delay or failure in performance resulting from acts of God, acts of war or of the public enemy, riots, pandemic, fire, flood, or other natural disaster or acts of government ('force majeure event"). Performance that is prevented or delayed due to a force majeure event shall not result in liability to the delayed party. AGREEMENT FOR SOFTWARE AS A SERVICE Page 9 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC If any future performance is prevented or delayed by a force majeure event, the party whose performance is prevented or delayed shall promptly notify the other party of the existence and nature of the force majeure event causing the prevention or delay in performance. Any excuse from liability shall be effective only to the extent and duration of the force majeure event causing the prevention or delay in performance and, provided, that the party prevented or delayed has not caused such event to occur and continues to use diligent, good faith efforts to avoid the effects of such event and to perform the obligation. Notwithstanding other provisions of this section, the Vendor shall not be entitled to, and the City shall not be liable for, the payment of any part of the contract price during a force majeure event, or any costs, losses, expenses, damages, or delay costs incurred by the Vendor due to a force majeure event. Performance that is more costly due to a force majeure event is not included within the scope of this Force Majeure provision. If a force majeure event occurs, the City may direct the Vendor to restart any work or performance that may have ceased, to change the work, or to take other action to secure the work or the project site during the force majeure event. The cost to restart, change, or secure the work or project site arising from a direction by the City under this clause will be dealt with as a change order, except to the extent that the loss or damage has been caused or exacerbated by the failure of the Vendor to fulfill its obligations under this Agreement. Except as expressly contemplated by this section, all other costs will be borne by the Vendor. 16.9 Independent Contractor. City and Vendor intend that an independent Contractor relationship be created with this Agreement. Vendor shall not be considered an agent or employee of City for any purpose and the employees of Vendor are not entitled to any of the benefits that City provides for its employees. Nor shall this Agreement be evidence of a joint venture between Vendor and City. 16.10 Problem Notification. Each party will promptly notify the other in writing of any events or circumstances that will affect the performance of its obligations under this Agreement including the delivery of any deliverable or delay in completion of any of its obligations. Vendor shall notify City in writing of all material defects in the SAAS and/or Services, whether discovered by other parties or by Vendor promptly upon discovery and fix or replace the effected software within a commercially reasonable time. A defect is considered material if it has the potential to delay or inhibit the primary functionality of the SAAS or Service or if said defect has the potential to corrupt City data. 16.11 Entire Agreement/Modification. This Agreement, together with all exhibits comprise the entire agreement between the parties and supersedes all prior or contemporaneous negotiations, discussions, or agreements, whether written or oral, between the parties regarding the subject matter contained herein. This Agreement may be amended, modified, or added to only by written instrument properly signed by both parties hereto. In the event of a conflict between Exhibits and this Agreement, the Order Form and then the Agreement shall control. 16.12 Public Records Act. The Vendor acknowledges that the City is a public agency subject to the Public Records Act codified in Chapter 42.56 of the Revised Code of Washington and documents, notes, emails, and other records prepared or gathered by the Vendor in its performance of this Agreement may be subject to public review and disclosure, even if those records are not produced to or possessed by the City of Kent. As such, the Vendor agrees to cooperate fully with the City in satisfying the City's duties and obligations under the Public Records Act. 16.13 City Business License Required. Prior to commencing the Services provided for under this Agreement, Vendor agrees to provide proof of a current city of Kent business license pursuant to Chapter 5.01 of the Kent City Code. AGREEMENT FOR SOFTWARE AS A SERVICE Page 10 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC 16.14 Feedback. During this Agreement, Got may solicit City or End Users for feedback regarding the Services including without limitation comments or suggestions regarding the possible creation, modification correction, improvement or enhancement of the Services, software, or content (collectively "Feedback"). City agrees that any information disclosed by Goi during the discussion related to Feedback shall be considered Go1's Confidential Information. Feedback incorporated into any Services, Goi Content, and materials are hereby irrevocably assigned to Goi, where applicable, as well as any of the modifications, or extensions of the above, whenever or wherever developed. 16.15 Counterparts and Signatures by Fax or Email. This Agreement may be executed in any number of counterparts, each of which shall constitute an original, and all of which will together constitute this one Agreement. Further, upon executing this Agreement, either party may deliver the signature page to the other by fax or email and that signature shall have the same force and effect as if the Agreement bearing the original signature was received in person. 17. Definitions Acceptable Use Policy means Go1's acceptable use policy attached hereto as Exhibit G. Goi shall inform the City of any proposed changes to the acceptable use policy that will materially alter the rights or obligations under this Agreement. The City may reject or accept these changes by written agreement. Affiliate means any entity, individual, firm or corporation, directly or indirectly through one or more intermediaries, controlled by or under common control by Got. Applicable Data Protection Laws means all applicable laws, regulations, regulatory guidance, or requirements in any jurisdiction relating to data protection, privacy, or confidentiality of Personal Data including but not limited to (a) the EU General Data Protection Regulation (EU) 2016/679 ("GDPR") together with any transposing, implementing or supplemental legislation, and (b) the California Consumer Privacy Act ("CCPA"). Claim means a claim, action, complaint, or legal regulatory body, administrative or judicial proceeding filed against or made to a Party. Consequential Loss means whether incurred directly or indirectly, any: indirect loss, incidental loss, loss of revenue, loss of goodwill, loss of reputation, loss of data, consequential loss, punitive damages, loss of profits, loss of bargain, special loss, loss of actual or anticipated savings and lost opportunities, including opportunities to enter into arrangements with third parties, or other intangible loss. Course means a training course or other resource for instructing, educating, training, learning and tutoring, including mobile applications and related and supporting materials developed for purposes of being accessed through the Services. CPI means the percentage change in the Consumer Price Index for the twelve (12) month period most recently published by the applicable government body in the Applicable Jurisdiction prior to the relevant anniversary date. Data Processing Agreement means the applicable Data Processing Agreement attached hereto as Exhibit D. End User means a user or learner of the Services or library of content therein. Goi Content means content, licensed by Goi and published, or otherwise provided by or through Got, including through the Website or the App. AGREEMENT FOR SOFTWARE AS A SERVICE Page 11 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Privacy Policy means the Got Privacy Policy attached hereto as Exhibit E. Go1 shall inform the City of any proposed changes to the Privacy Policy that will materially alter the rights or obligations under this Agreement. The City may reject or accept these changes by written agreement. Product Description means the description of the applicable Services including licensing metrics and limitations attached hereto as Exhibit B. Go1 shall inform the City of any proposed changes to the Product Description Policy that will materially alter the rights or obligations under this Agreement. The City may reject or accept these changes by written agreement. Services or Goi Services means all services provided by Goi to you and/or the End User via the Website, the Got or Blinkist Apps or other means in order to allow you and End Users to access the Courses. Service Capacity means the number of paid Licensed Users as set out in an applicable Order Form and any applicable storage limitations. IN WITNESS, the parties below execute this Agreement, which shall become effective on the last date entered below. All acts consistent with the authority of this Agreement and prior to its effective date are ratified and affirmed, and the terms of the Agreement shall be deemed to have applied. VENDOR: CITY: C Go Docusigned by: CIT ! ��cusVE1��T y: By: By: � ra�L Print Name: Debbie Schmidt Print Name: Dana Ralph Its Senior Vice President Its Mayor DATE: September 30, 2024 DATE: September 30, 2024 NOTICES TO BE SENT TO: NOTICES TO BE SENT TO: Chase DeShazer City of Kent Got 220 Fourth Avenue South Got USA LLC Kent, WA 98032 548 Market St PMB 40720 (253) [Insert Phone Number] (telephone) San Francisco, CA 94104-5401 (253) [Insert Fax Number] (facsimile) 225-772-4424 facsimile n/a r,: D ,�d AS TO FORM: ("6 ��a Ken aw epartment ATTEST: Lo� A�IA Kent City Clerk AGREEMENT FOR SOFTWARE AS A SERVICE Page 12 Docusign Envelope ID:D0815401-CCC5-439D-9D69-34CC1C4303AC Order -�w gol EXHIBITA ORDER FORM G01 USA LLC 548 Market St PMB 40720 San Francisco,CA 94104-5401 ("Go1") Offer Valid Through : 9/30/2024 Prepared By:Chase DeShazer Address Information Customer Name: City of Kent Billing Contact Name: Kari Endicott Billing Contact Address: 220 4th Avenue South,Kent,Washington 98032 United States Billing Contact Email: kendicott@kentwa.gov Order Information License Term Start Date: 11/1/2024 License Term(in months): 24 Billing Frequency: Annual Payment Terms: Net 30 Payment Method: ACH Currency: USD Got Products&Services Got Products List Price Sales Price Discount(%) #of Licenses Total For Year 1 Premium Pro • Full access to Premium Pr o e- leaming content sourced fr om over 250 content provi ders,including Got's expa nded Pro Library. • Full access to Blinkist Ente rprise mobile and web appl ication(if applicable). o Admin&reporting capabilities for Bli nkist Enterprise vi a the Blinkist web application. $88.00 $56.32 36.00% 751.00 $42,296.32 o Does not include Blinkist Coaching. • Admin and reporting capab ilities via the Got platform (if applicable). • Content consumption via t he Got platform(if applica ble) • Access to APIs and third- party integrations • Access to Content Consulti ng Services(`additional fe es apply). For Year 2 V2o240115 Docusign Envelope ID:D0815401-CCC5-439D-9D69-34CC1 C4303AC Premium Pro $88.00 $56.32 36.00% 751.00 $42,296.32 Go7 Services List Price Sales Price Discount(%) #of Licenses Total Implementation Services(Tier 2/3) Access to the following post- sale implementation services:An Imple mentation Project Manager,who will me $10,000.00 $6,000.00 40.00% 1.00 $6,000.00 et with you up to 1 x 1 hour per week du ring the course of your implementation p eriod(up to 12 weeks). Estimated Grand Total excluding taxes $90,592.64 Annual contract value $42,296.32 Any discounts apply during the initial License Term only. If the Customer exceeds the Service Capacity as outlined in this Order Form,Got will invoice the Customer at the discounted rate shown above. This Order Form is effective as of the date of last signature. The signatories below are authorized to sign for and on behalf of their respective organizations and warrant that they have the authority to do so. CUSTOMER SIGNATURE GO1 USA LLC II DOGUSi ned b : Signature: VWA A. " Signature: 93E99D67ED24142... 6894642D3366490_ Name: Dana Ralph Name: Debbie Schmidt Title: Mayor Title: Senior Vice President Date: 30 - Sept - 2024 Date: 30 - Sept - 2024 V20240115 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC EXHIBIT B PRODUCT DESCRIPTION Got Product Description Premium Pro What is "Premium Pro"? Premium Pro offers e-learning content sourced from over 250 content providers (including Go1's expanded Pro Library) and accessed via the Got platform and/or third-party integrations. The content library includes pre-curated learning pathways and on-demand search capabilities enabling admins and learners to discover relevant content based on specific terms, topics, and providers. Premium Pro customers also have the option to provide learners with access to Blinkist Enterprise. Premium Pro admins have the ability to add new Licensed Users to an account, assign specific e- learning courses to those users, and track course consumption and other related learning data through reporting on the Goi platform (if applicable). The customer's level of access to Goi account team members, including customer success resources, implementation managers, and content consultants varies by customer size and spend and will be specified in the applicable Order Form. License metric = Per Licensed User Premium Pro Product limitations The customer may create an account in which Licensed Users can access and consume e-learning content, and track attendance and course results. Unless otherwise noted in your Order Form each license is deemed used/active when a Licensed User is registered to access the e-learning content. Each Licensed User must have a unique identifier for a login, such as a unique email address or IP address. During each 12-month period of an applicable License Term, Premium Pro customers may reassign up to 20% of the licences to different unique users provided that any reassignment does not exceed the Service Capacity. Definitions Licensed User: is a single identified user on a named user basis, who is authorized by you to access Goi e-learning content. The number of individual users accessing Goi e-learning content under your Agreement may not exceed the number of Licensed Users set out in the Order Form ("Service Capacity"). Premium Essentials What is "Premium Essentials"? Premium Essentials offers e-learning content sourced from over 250 content providers and accessed via the Goi platform and/or third-party integrations. The content library includes pre-curated learning pathways and on-demand search capabilities enabling admins and learners to discover relevant content based on specific terms, topics, and providers. Premium Essentials admins have the ability to add new Licensed Users to an account, assign specific e-learning courses to those users, and track course consumption and other related learning data through reporting on the Goi platform (if applicable). The customer's level of access to Goi account team members, including customer success resources, implementation managers, and content consultants varies by customer size and spend and will be specified in the applicable Order Form. AGREEMENT FOR SOFTWARE AS A SERVICE Page 14 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC License metric = Per Licensed User Premium Essentials Product limitations The customer may create an account in which Licensed Users can access and consume e-learning content and track attendance and course results. Unless otherwise noted in your Order Form each license is deemed used/active when a Licensed User is registered to access the e-learning content. Each Licensed User must have a unique identifier for a login, such as a unique email address or IP address. During each 12-month period of an applicable License Term, Premium Essentials customers may reassign up to 20% of the licences to different unique users provided that any reassignment does not exceed the Service Capacity. Definitions Licensed User: is a single identified user on a named user basis, who is authorized by you to access Got e-learning content. The number of individual users accessing Got e-learning content under your Agreement may not exceed the number of Licensed Users set out in the Order Form ("Service Capacity"). Compliance Bundle What is "Compliance Bundle"? Our Compliance Bundle offers compliance-related e-learning content accessed via the Got platform and/or third-party integrations. Compliance Bundles include 20 e-learning courses that are pre- selected by Goi and cover a broad range of compliance topics. Compliance Bundle admins have the ability to add new Licensed Users to an account, assign specific e-learning courses to those users, and track course consumption and other related learning data via reporting on the Goi platform (if applicable). The customer's level of access to Goi account team members, including customer success resources, implementation managers, and content consultants varies by customer size and spend and will be specified in an applicable Order Form. License metric = Per Licensed User Compliance Bundle Product limitations The customer may create an account in which a Licensed User can access and consume e-learning content and track attendance and course results. Unless otherwise noted in your Order Form, each license is deemed used/active when a Licensed User is registered to access the e-learning content. Each Licensed User must have a unique identifier for a login, such as a unique email address or IP address. Once a license has been Activated, the customer may not reassign ownership to a different unique user. Definitions Activated: means when a Licensed User has consumed or downloaded training content or otherwise participated in e-learning. Licensed User: is a single identified user on a named user basis, who is authorized by you to access Got e-learning content. The number of individual users accessing Got e-learning content under your Agreement may not exceed the number of Licensed Users set out in the Order Form ("Service Capacity"). Content Consulting Services What are "Content Consulting Services"? AGREEMENT FOR SOFTWARE AS A SERVICE Page 15 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Content Consulting Services provides Got customers with one-on-one consultation on how to most effectively use the Goi library to meet their organization needs. These services are customized to help customers achieve their learning and development goals. Example of services include: custom curation against competency frameworks, learning campaigns or upskilling programs, creating learning programs based on roles, and informing overall learning and development strategies. Key deliverables will vary depending on customer needs. Content Consulting Services limitations Project deliverables will be determined and defined as part of the original project scope. Project changes may result in additional fees. Blinkist Enterprise What is "Blinkist Enterprise"? Blinkist Enterprise is a platform for bite-sized mobile reading and listening on the internet portals https://www.blinkist.com, https://www.blinkist.de and other websites, as well as on mobile applications. Blinkist Coaching What is Blinkist Coaching'? Facilitated by qualified coaches, Blinkist Coaching contains a pathway of online coaching sessions, including an initial kickoff session and a sequence of several coaching sessions with accompanying curated content from the Blinkist platform for self-directed learning. Depending on Customer specific configurations, some features and functionality listed above may not be available. Got Service Tier Levels As part of our commitment to providing tailored support that aligns with your unique needs, we offer distinct service tiers designed to cater to varying levels of engagement and utilisation. Below, you'll find an overview of each tier along with the corresponding support services provided. Tier 4 Customers Tier 4 customers are entitled to exclusive post-sale services: Engage with our global Customer Center of Excellence for reactive, responsive, guidance. Receive dedicated technical support from a team of customer service experts, with service level agreements detailed in our support services terms available Service Level Terms. Tier 3 Customers Tier 3 customers, are entitled to the following exclusive post-sale services: Collaborate with a dedicated member of our Customer Success team for up to two formal business reviews annually and an extra check-in session to define your team's learning objectives and optimize learner engagement. Receive dedicated technical support from a team of customer service experts, with service level agreements detailed in our support services terms available Service Level Terms. Tier 2 Customers Tier 2 customers, are entitled to the following exclusive post-sale services: Collaborate with a dedicated member of our Customer Success team for up to two formal business reviews per quarter. Premium Pro customers can also collaborate with a specialized Content Consultant for personalized 1:1 consultation sessions before go-live and annually for content strategy planning (up to 6 hours annually, including meetings). Receive dedicated technical support from a team of customer service experts, with service level agreements detailed in our support services terms available Service Level Terms. Tier 1 Customers Tier 1 customers, are entitled to the following exclusive post-sale services: AGREEMENT FOR SOFTWARE AS A SERVICE Page 16 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Collaborate with a dedicated member of our Customer Success team for monthly check ins to help define your team's learning goals and maximize learner engagement. Receive assistance from a Content Consultant, who, on request, will meet with you for a 1:1 consultation session prior to go-live and annually for content strategy planning (up to 10 hours annually, including meetings). Receive dedicated technical support from a team of customer service experts, with service level agreements detailed in our support services terms available Service Level Terms. Blinkist Enterprise only customers Blinkist customers, are entitled to the following exclusive post-sale services: A member of our customer success team who will partner with you to help define your team's learning goals and maximize learner engagement. The implementation support is limited to the number of hours detailed above. Any additional post- sales implementation support beyond the specified hours will be subject to charges at Goi's standard hourly rates. Please note that the service support provided is restricted to what is outlined in this agreement. AGREEMENT FOR SOFTWARE AS A SERVICE Page 17 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC EXHIBIT C SUPPORT POLICY Got SLA/ Service Level Terms This Got Support Services Agreement ("Support Terms") describes Goi's support for current offerings and Goi Services. The Support Services described herein do not apply to the Blinkist Enterprise product. These Support Terms are governed by the Customer Terms and the applicable Order Form. Goi may update or modify these Support Terms at any time in its sole discretion by posting a revised version here. Notwithstanding the foregoing, any updates or modifications to the Support Services will not materially diminish Go1's responsibilities or your rights. Capitalized terms not defined herein shall have the same meanings found in the Customer Terms agreed to by the parties or otherwise made available here: https://www.gol.com/terms/customer- terms. Subject to payment of the applicable Fees and compliance with the applicable terms governing your use of the Goi Services, Goi will provide the following support services and Service Availability Commitment with respect to the Services ("Support Services"): 1. Support Commitment 1.1 Definitions: 1. Incident: means an unexpected failure or degradation in the quality of the Services which is reported to Got by you. 2. Excluded Services: means: a. Support for any issues resulting from third-party content or third-party software, and b. Support for any issues resulting from computer desktop/mobile device hardware and software or company network related issues including but not limited to Customer Equipment. c. Support for any issue resulting from your failure to use the Services within specified guidelines and documentation. 3. Service Request or Enquiry: means a request made by you to Got to assist an End User with the functionality of the Got Service. 4. Response Times: means Goi's response commitments as described in the Incident Priorities and Initial Response Times table in Section 1.6 below. 5. Service Restoration Target: means Go1's targeted time commitment to restore services as outlined in the Incident Priorities and Initial Response Times table in Section 1.6 below. Service restoration may be a permanent fix or a temporary workaround to allow continued use of the Services. 1.2 Support Channels Support requests can be raised through the following support channels: a) Chat — click on the chat bubble within your portal or the Goi website b) Online ticket — create a ticket in the Got ticketing system 1.3 Incident Priority Matrix AGREEMENT FOR SOFTWARE AS A SERVICE Page 18 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC - Priority 1/ Urgent A critical error or emergency causing Got-hosted Service to be inaccessible by all users, including key functional components. Examples include: all Goi-provided web applications are inaccessible; End Users are unable to login across multiple Goi portals; access to content has been limited in a way which impacts all users or customers SCORM functionality is not working as designed across entire platforms. - Priority 2/ High Key functional components of the Services are unavailable to a majority of users in a single portal, or a limited number of users across multiple portals. Examples include: access to content has been limited for multiple users within a customer tenant of Got. End Users are unable to access a specific portal. - Priority 3/ Normal A disruption to a non-critical component of the Services, for a limited group of End Users. Examples include: reports are not generating correctly for a portal administrator. End User fails a Course but is still awarded a certificate. all required learning objects are completed but a certificate is not awarded. quiz and SCORM completion issues (that can be replicated). - Priority 4/ Low Minor service disruption and/or general product and content feedback and support If the issue does not meet any of the above criteria it will be categorized as a minor issue. Examples include: Portal design schema issues such as image dimensions, color, layout Typing mistake. Color slightly off. Different font types. 1.4 Your Obligations You will designate one or more support contacts (administrators) that are authorized to engage Got Support Services and will provide commercially reasonable cooperation and information to Goi with respect to the furnishing of Support Services. 1.5 Go1 Obligations Got will use commercially reasonable efforts to respond to Incidents as set forth below in the Incident Priorities and Initial Response Times table to the extent such incidents are not the result of Excluded Services, all as reasonably determined by Goi. AGREEMENT FOR SOFTWARE AS A SERVICE Page 19 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC 1.6 Incident Priorities and Initial Response Times Tier 1 Tier 2 Tier 3 Priority Availability Response Target Restoration Target Availability Response Target Restoration Target Availability Response Target Restoration Target 1-Urgent 1 Hour 4 Hours 24 hire x 7 days 2 Hours 4 Hours 24 him x 7 days 2 Hours 4 Hours As promptly as As promptly as 2-High 2 Hours 8 Hours 4 Hours commercially 4 Hours commercially feasible feasible 24 him x 7 days As promptly as As promptly as 3-Normal y 4 Hours 4 Bus Days Weekdays(M-F) 8 Hours commercially Weekdays( I time 8 Hours commercially 8am-8pm local time feasible Sam-8pm local time feasible As promptly as As determined by As determined by 4-Low 8 Hours commercially 1 Bus Day 1 Bus Day feasible responsible team responsible team 2. Service Availability Commitment 2.1 Definitions 1) Service Availability/Availability: means when Goi indicates that you can access the Services on the production environment via the internet as a proportion of the total time available in the applicable calendar month for which Availability is being calculated ("Calendar Month"). 2) Business Day: means a 24-hour period determine by the date identified in the capital city of your location (as identified in the address in the Order Form or updated by notice from you to Got from time to time). 3) Business Hours: means between 8.00am and 8.00pm local time on Business Days. 4) Downtime: means the minutes during the Calendar Month when the Service is not Available to you, except any Excluded Minutes as outlined below. 4) Excluded Minutes: means the minutes that the Services are not Available caused by one or more of the following: a) acts or omissions of you, your agents, employees, or contractors, or acts or modifications as directed or authorized by you, or breach of the terms of the Agreement that apply to the Services; b) Your failure to adhere to Go1's applicable specifications and guidelines, including hardware or software configuration necessary to meet minimum system requirements for the Services; c) Unusually high usage volumes for which you and Got did not previously agree in writing to a process to allow Got to make accommodation for such increase in demand unless otherwise agreed to in an Order Form; or d) third-party software, content, hardware, or services not provided or controlled by Got, including Customer Equipment, infrastructure, and internet links or events beyond Go1's reasonable control, including but not limited to force majeure events, any law, regulation or order issued by the government, or any agency or department, which, in the reasonable opinion of Got, effectively prohibits or restricts Got from offering the Services, or imposes significant additional costs on Got to provide the Services, in the territory. 5) Maximum Uptime: means the total minutes in the Calendar Month (e.g. 44,640 minutes in the month of July) minus Maintenance Minutes during the same Calendar Month. 6) Maintenance Minutes: means the number of minutes elapsed during maintenance performed by Goi that results in the Services not being Available as provided via status.gol.com. 7) Minimum Uptime Percentage: means 99.5% during Business Hours. 8) Period of Exceptionally High Utilization: means a >50% increase in the number of logins processed by the Services above the normalized daily activity patterns (i.e., the greater of the AGREEMENT FOR SOFTWARE AS A SERVICE Page 20 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC average daily usage pattern for the prior 30-day period, excluding any Period of Exceptionally High Utilization, or the contracted activity volume). 9) Uptime Percentage: means the Maximum Uptime minus Scheduled Downtime and Unscheduled Maintenance and divided by Maximum Uptime. 2.2 Go1 Commitments If during any Calendar Month of the applicable License Term, the Uptime Percentage for Services is lower than the Minimum Uptime Percentage, and you notify Got in writing (through your Customer Success Manager, as applicable) about such Downtime, Goi shall: investigate the underlying causes of the Downtime; create a cause analysis of the Downtime; create a plan which identifies the activities that Got will carry out to allow the Uptime Percentage to be achieved; and implement the plan. To the extent any plan identifies activities that you or your third-party vendors must carry out to allow the Uptime Percentages to be achieved, you must complete, or use reasonable efforts to ensure its vendors complete those activities in accordance with such plan. 2.3 Maintenance Services During the Calendar Month, Goi may from time to time (or as agreed to by the parties) perform schedule maintenance of the Services -including maintenance related to materials or equipment used for providing the Services- which may limit or disrupt access to the Services ("Scheduled Maintenance"). In addition, Goi may in its sole discretion need to perform emergency or unscheduled maintenance from time to time ('Unscheduled Maintenance"). Goi will use reasonable efforts to inform you in advance of such interruptions. 2.4 Escalations For issues related to support services, please contact your Customer Success Manager. AGREEMENT FOR SOFTWARE AS A SERVICE Page 21 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC EXHIBIT D DATA PROCESSING DATA PROCESSING AGREEMENT This Data Processing Agreement ("DPA") is made by and between the Customer ("Controller") and Got Pty Ltd, an Australian company located at 2904 Logan Rd, Underwood QLD 4119, Australia ("Processor") (each a "Party", and together the "Parties"). RECITALS WHEREAS, the Customer has entered into the Got Customer Terms ("Agreement") with Processor or an Affiliate of Processor; WHEREAS, in the course of providing the Services to Controller pursuant to the Agreement, Processor may Process Personal Data on behalf of Controller; WHEREAS, to ensure adequate safeguards with respect to the Processing of Personal Data provided by Controller to the Processor the Parties agree to comply with the following provisions with respect to any Personal Data, each acting reasonably and in good faith; NOW, THEREFORE, in consideration of the foregoing premises and of the mutual promises and covenants set forth below, Controller and Processor hereby agree as follows: AGREEMENT 1. DEFINITIONS All capitalized terms not defined herein shall have the meaning set forth in the Agreement. "Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity. The term "Control," for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity. "Applicable Data Protection Laws" means all applicable laws, regulations, regulatory guidance, or requirements in any jurisdiction relating to data protection, privacy, or confidentiality of Personal Data including but not limited to (a) the EU General Data Protection Regulation (EU) 2016/679 ("GDPR") together with any transposing, implementing or supplemental legislation, and (b) the California Consumer Privacy Act ("CCPA"). "CCPA" means the California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq., and its implementing regulations. "Controller" means the entity which determines the purposes and means of the Processing of Personal Data. For the avoidance of doubt, the Party identified as Controller above is a Controller under this DPA. AGREEMENT FOR SOFTWARE AS A SERVICE Page 22 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC "Data Breach" means a breach of security leading to the accidental, unauthorized, or unlawful destruction, loss, alteration, disclosure of, access to, or other Processing of Personal Data transmitted, stored, or otherwise Processed. "Data Protection Authority" means any representative or agent of a government entity or agency who has the authority to enforce Applicable Data Protection Laws. "Data Subject" means a natural person to whom Personal Data relates. "End User" means a user or learner of the Got Services or library of content therein. "GDPR" means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). "Go1 Services" means all services provided by Got online, via app or other means. "Personal Data" means any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with an identified or identifiable natural person or particular household. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. "Process" shall mean any operation or set of operations which is performed upon Personal Data or in connection with and for the purposes of the provision of the Services, whether or not accomplished by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction; and as defined by Applicable Data Protection Laws. "Processor" means the entity which Processes Personal Data on behalf of the Controller. For the avoidance of doubt, the Party identified as "Processor" above is a Processor for this DPA. "Services" means Processing of Personal Data by the Processor in connection with and for the purposes of the provision of the services to be provided by the Processor pursuant to the Parties Agreement. "Service Provider" means a sole proprietorship, partnership, limited liability company, corporation, association, or other legal entity that is organized or operated for the profit or financial benefit of its shareholders or other owners, that process information on behalf of a Data Controller and to which the Data Controller discloses a Data Subject's Personal Data for a Business Purpose pursuant to a written contract, provided that the contract prohibits the Service Provider from retaining, using, or disclosing the Personal Data for any purpose other than for the specific purpose of performing the services specified in the contract, or as otherwise permitted by the CCPA, including retaining, using, or disclosing the Personal Data for a Commercial Purpose other than providing the services specified in the contract with the Data Controller. The terms "Business Purpose" and "Commercial Purpose" have the same meaning as those terms are used in the CCPA. For the avoidance of doubt, Processor is a Service Provider. "Sub-processor" means any entity which Processes Personal Data on behalf of the Processor. AGREEMENT FOR SOFTWARE AS A SERVICE Page 23 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC 2. PROCESSING OF PERSONAL DATA 2.1 Roles of the Parties. The party identified above as Controller is a Controller under this DPA. The party identified above as Processor is a Processor under this DPA. The subject matter, duration, purpose of the Processing, and the types of Personal Data and categories of Data Subjects Processed under this DPA are further specified in Schedule 1. 2.2 Controller's Obligations. Controller's instructions for the Processing of Personal Data shall comply with Data Protection Laws and Regulations. Controller shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Controller acquires Personal Data and provides it to Processor. Controller will not provide"Special Categories of Data", "Sensitive Data", or "Sensitive Personal Information" (as those terms are defined in Applicable Data Protection Laws) to Processor. 2.3 Processor's Obligations. All Personal Data Processed by Processor pursuant to the Agreement is Confidential Information and Processor will Process Personal Data only in accordance with Controller's documented instructions set forth in Schedule 1 or as otherwise provided by Controller in writing. Processor will not sell the Personal Data Processed under this DPA and will not retain, use, or disclose Personal Data outside of the direct business relationship between Processor and Controller. Processor shall adhere to all Applicable Data Protection Laws with regard to Processing Personal Data. Processor will not combine Personal Data provided by Controller with Personal Data that it receives from other sources. Where the Processor believes that compliance with any instructions by Controller would result in a violation of any Applicable Data Protection Law, the Processor shall notify Controller thereof in writing without delay. Processor shall make available to the Controller all information necessary to demonstrate Processor's compliance with its obligations under this DPA. 2.3.1. Assistance Requirements. Processor shall assist Controller with the following: compliance with Applicable Data Protection Laws when required by Applicable Data Protection Laws; suspected and relevant Data Breaches; notifications to, or inquiries from a Data Protection Authority; notifications to, and inquiries from, Data Subjects; and Controller's obligation to carry out data protection impact assessments and prior consultations with a Data Protection Authority. 2.3.2. End-User Relationship. Where Processor Processes Personal Data in the context of a direct relationship with an End User in the course of providing or offering services to them, such Processing is outside the scope of this DPA. 3. NOTIFICATION OBLIGATIONS 3.1 Processor's Notification Obligations. Processor shall immediately notify Controller, in writing, of the following: 3.1.1 A Data Subject's request to exercise their privacy rights such as accessing, rectifying, erasing, transporting, objecting to, or restricting their Personal Data; 3.1.2 Any request or complaint received from Controller's customers or employees; 3.1.3 Any question, complaint, investigation, or other inquiry from a Data Protection Authority; 3.1.4 Any request for disclosure of Personal Data that is related in any way to Processor's Processing of Personal Data under this DPA; AGREEMENT FOR SOFTWARE AS A SERVICE Page 24 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC 3.1.5 A Data Breach pursuant to the notification obligations set forth in Section 7.1; and 3.1.6 Where the Personal Data becomes subject to search a seizure, an attachment order, confiscation during bankruptcy or insolvency proceedings, or similar events or measures by third parties while being Processed. Processor will assist Controller in fulfilling Controller's obligations to respond to requests relating to sections (3.1.1)-(3.1.6) above and will not respond to such requests without Controller's prior written consent unless Processor is required to respond by applicable law. 4. CONFIDENTIALITY 4.1 Processor's Personnel. Processor shall ensure that its personnel engaged in the Processing of Personal Data are informed of the confidential nature of the Personal Data, have received appropriate training on their responsibilities, and have executed written confidentiality agreements. Processor shall ensure that such confidentiality obligations survive the termination of their respective employment relationship with such individuals. 4.2 Limitation of Access. Processor shall ensure that Processor's access to Personal Data is limited to those personnel performing Services in accordance with the Agreement. 5. SUB-PROCESSORS 5.1 Appointment of Sub-processors. Controller acknowledges and agrees that Processor and Processor's Affiliates may engage third-party Sub-processors in connection with the provision of the Services. Processor or Processor's Affiliate shall enter into a written agreement with each Sub- processor containing data protection obligations not less protective than those in this DPA to the extent applicable to the nature of the Services provided by such Sub-processor. 5.2 Notification of Changes to Sub-processors. Processor will inform Controller of any intended changes concerning the addition or replacement of Sub-processors and give Controller an opportunity to object to such changes. Processor will notify Controller of any intended changes concerning the addition or replacement of Sub-processors in writing at least 30 days prior to its use of the Sub-processor. 5.3 Objection Right for New Sub-processors. Controller may object to Processor's use of a new Sub-processor by notifying Processor promptly in writing within fifteen (15) business days after receipt of Processor's notice. In the event Controller objects to a new Sub-processor, Processor will use reasonable efforts to make available to Controller a change in the Services to avoid Processing of Personal Data by the objected-to new Sub- processor. If Processor is unable to make available such change, Controller may terminate the applicable Agreement with respect to those Services which cannot be provided by Processor without the use of the objected-to new Sub-processor. 5.4 Liability for Acts of Sub-Processors. Processor shall be liable for the acts and omissions of its Sub-processors to the same extent Processor would be liable if performing the services of each Sub-processor directly under the terms of this DPA. 6. SECURITY AGREEMENT FOR SOFTWARE AS A SERVICE Page 25 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC 6.1 Protection of Personal Data. Processor shall maintain appropriate technical and organizational measures for protection of the security (including protection against unauthorized or unlawful Processing and against accidental or unlawful destruction, loss or alteration or damage, unauthorized disclosure of, or access to, Personal Data), confidentiality and integrity of Personal Data. 6.2 Audit Rights. Controller, or Controller's designee, has the right to audit and inspect—at Controller's expense—Processor's premises, policies, procedures, and computerized systems to make sure Processor complies with the requirements in this DPA. Controller, or Controller's designee, will provide at least 72 hours notification before conducting an audit unless such audit is required due to a Data Breach involving Processor. Audits by Controller or Controller's designee will not violate Processor's confidentiality obligations with Processor's other clients. 7. DATA BREACHES 7.1 Data Breach Notification. Processor shall notify Controller in writing without undue delay after becoming aware of a suspected Data Breach. In no event shall such notification be made more than 24 hours after Processor's discovery of the Data Breach. 7.2 Data Breach Management. Processor shall make reasonable efforts to identify the cause of such Data Breach and take those steps as Processor deems necessary and reasonable to remediate the cause of such a Data Breach to the extent the remediation is within Processors reasonable control. 8. TERMINATION 8.1 Termination. This DPA shall terminate automatically upon the later of (a) the termination or expiry of the Agreement or(b) Processor's deletion or return of Personal Data. Controller shall further be entitled to terminate this DPA for cause if the Processor is, in the sole opinion of Controller, in a material or persistent breach of this DPA which, in the case of a breach capable of remedy, shall not have been remedied within ten (10) days from the date of receipt by the Processor of a notice from Controller identifying the breach and requesting its remedy. 8.2 Return or Deletion of Data. Upon termination of this DPA and a request to return or delete data from Controller, Processor will delete or return all existing copies of Personal Data unless applicable law requires continued retention of the Personal Data. Upon the request of Controller, the Processor shall confirm compliance with such obligations in writing and delete all existing copies. In instances where applicable law requires the Processor to retain Personal Data, Processor will protect the confidentiality, integrity, and accessibility of the Personal Data; will not actively Process the Personal Data; and will continue to comply with the terms of this DPA. 9. MECHANISMS FOR INTERNATIONAL TRANSFERS 9.1 Transfers Outside of the EU. During the provision of Services under the DPA, it may be necessary for Controller to transfer Personal Data from the European Union, the European Economic Area and/or their member states, the United Kingdom, or Switzerland to Processor in a country that does not have an adequacy decision from the European Commission or is not located in the European Economic Area. In the event of such a transfer, the Standard Contractual Clauses apply as follows: AGREEMENT FOR SOFTWARE AS A SERVICE Page 26 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC 9.1.1. In relation to Personal Data that is subject to the GDPR (i) Processor will be deemed the "data importer" and Controller is the "data exporter"; (ii)the Module Two terms shall apply where Controller is a Data Controller and where Processor is a Data Processor; (iii) in Clause 7, the optional docking clause shall be deleted; (iv) in Clause 9 of Module Two, Option 2 shall apply and the list of Subprocessors and time period for notice of changes shall be as agreed under Section 5 of this DPA; (v) in Clause 11, the optional language shall be deleted; (vi) in Clause 17, Option 1 shall apply and the Standard Contractual Clauses shall be governed by the member state where Controller is domiciled; (vii) in Clause 18(b), disputes shall be resolved before the courts of the member state where Controller is domiciled; (viii)Annex I and Annex II shall be deemed completed with the information set out in Schedule 1 of this DPA respectively; and (ix) if and to the extent the Standard Contractual Clauses conflict with any provision of the Agreement (including this DPA) the Standard Contractual Clauses shall prevail to the extent of such conflict. For this section, the Standard Contractual Clauses from the Commission Implementing Decision (EU) 2021/914 are incorporated by reference and available here: https://ec.euror)a.eu/info/law/law-topic/data-protection/international- dimension-data-protection/standard-contractual-clauses-scc/standard-contractuak clauses-international-transfers en. 9.1.2. In relation to Personal Data that is subject to UK Data Protection Laws, the International Data Transfer Agreement ("IDTA") shall apply with the following modifications: (i) the contact information about the parties to the Agreement is the contact information for the IDTA; (ii) Controller is the data exporter and Processor is the data importer; (iii) the laws that govern the IDTA and the location where legal claims can be made is England and Wales; (iv) the UK GDPR does not apply to the data importer's processing of transferred data; (v) the Parties do not use the additional security or commercial clauses from the IDTA; and (vi) the information in this DPA and Schedule 1 can be used for Tables 1-4. For this section, the Standard Contractual Clauses from the Information Commissioner's Office are incorporated by reference and available here: https://ico.org.uk/for-organisations/guide-to-data-protection/quide-to-the-general-data- protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/. 9.1.3. In relation to Personal Data that is subject to the Swiss DPA, the Standard Contractual Clauses referenced in Section 9.1.1 shall apply with the following modifications (i) references to "Regulation (EU) 2016/679" shall be interpreted as references to the Swiss DPA; (ii) references to"EU", "Union"and "Member State law"shall be interpreted as references to Swiss law; and (iii) references to the"competent supervisory authority" and "competent courts" shall be replaced with the "the Swiss Federal Data Protection and Information Commissioner" and the "relevant courts in Switzerland". 9.2. Alternative Data Transfer Mechanisms. The Parties acknowledge that the laws, rules and regulations relating to international data transfers are rapidly evolving. In the event that Controller adopts another mechanism authorized by applicable laws, rules or regulations to transfer Personal Data (each an "Alternative Data Transfer Mechanism"), the Parties agree to work together in good faith to implement any amendments to this Agreement necessary to implement the Alternative Data Transfer Mechanism. If a law or regulation replaces or supersedes any of the standard contractual clauses referenced in this Section, the Parties may adopt the text of the new standard contractual clauses without having to amend this DPA. AGREEMENT FOR SOFTWARE AS A SERVICE Page 27 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC 10. MISCELLANEOUS PROVISIONS 10.1. Amendments. This DPA may not be amended or supplemented, nor shall any of its provisions be deemed to be waived or otherwise modified, except through a writing duly executed by authorized representatives of both Parties. 10.2 Governing Law. This DPA shall be governed by the governing law set forth in the Agreement. List of Schedules: Schedule 1: Parties and Description of the Processing Schedule 2: List of Sub-Processors Schedule 3: Technical and Organizational Measures AGREEMENT FOR SOFTWARE AS A SERVICE Page 28 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC SCHEDULE 1 PARTIES TO THE PROCESSING Relevant Information on Customer and Got Party Customer/ data exporter Got / data importer Role Controller Processor Contact person As per agreement. Legal Department Contact details: privacy(o)go1.com Got Pty Ltd 2904 Logan Rd Underwood QLD 4119 Australia EU representative (if Blinks Labs GmbH applicable) Sonnenallee 223 12059 Berlin Germany Activities / services Provision of el-earning Provision of el-earning provided software licenses or software or content content from Got to Controller DETAILS OF PROCESSING Categories of Data Subjects The categories of Data Subjects are: Processor's employees, consultants, contractors, prospects, and customers of the Processor's Customers. Categories of Controller Personal Data AGREEMENT FOR SOFTWARE AS A SERVICE Page 29 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC The transferred categories of Personal Data are: first name, last name, email address, and the Partner's user ID. For the avoidance of doubt, any Personal Data provided directly by a Processor's Customer to Sub- Processor shall not be considered a data transfer under this DPA. Special categories of Controller Personal Data (if applicable) Not applicable. Frequency of the transfer The frequency of the transfer is continuous. Subject matter of the processing The subject matter of the Processing is to assist the provision of el-earning software. Nature of the processing The nature of the Processing is in connection with the generation of a course completion certificate for an End User, and, where required, hosting services for data exporter's materials and content. Purpose(s) of the data transfer and further processing The purpose/s of the data transfer and further Processing is/are: for the provision of Services under the Agreement. Duration Controller Personal Data will be Processed for the duration of the Agreement until deletion or return of such data as communicated by the Partner under this Agreement on instruction of the Controller. AGREEMENT FOR SOFTWARE AS A SERVICE Page 30 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC SCHEDULE 2 SUB-PROCESSORS Name and address of Services performed by Country(ies) Categories of If Personal Data is transferred Sub-Processors the Sub-Processors where the Personal Data outside of the EEA: Transfer personal data is tool transferred to NL Amazon Web Services S3 Cloud storage for Australia First name, last name, Standard Contractual Clauses Australia Pty Ltd reports run by customer USA email address, Adequacy decision (USA) L37 2-26 Park St Singapore company/ Name of Sydney EEA(Ireland) employer, usage data, NEW SOUTH WALES, IP addresses 2000 Australia Intercom, Inc. Communication (chat) USA First name, last name, Standard Contractual Clauses 55 2nd Street, 4th Floor platform to onboard and email address, User Adequacy decision (USA) San Francisco, CA retain end users as well ID and employer 94105 USA as analyze their use of name the Go1's product and/or services Other Personal Data included in chats or messages, such as first and last names, email addresses, phone numbers, avatars, company name, your role in your company, and IP address. Microsoft Enterprise Cloud services, USA All fields of personal Standard Contractual Clauses Service Privacy including data storage, Singapore data collected by Got Adequacy decision (USA) Microsoft Corporation, computing, processing, Australia via the services or One Microsoft Way, serving and monitoring. EEA(Ireland) otherwise Redmond, Washington communicated to 98052 USA Microsoft may hire Got, including: Sub processors to first name and last Microsoft Ireland provide certain name Operations, Ltd. limited or ancillary email address One Microsoft Place, services on its phone numbers South County Business behalf. physical Park, Leopardstown, addresses Dublin 18, D18 P521, company/ Ireland name of employer AuthO Identity and access Australia First name Standard Contractual Clauses 10800 NE 8th Street, management services to EEA Last name Adequacy decision (USA) Ste. 600 enable single-sign-on for USA Employee ID Bellevue, WA, 98004 the Got Services. United States AuthO will only receive information from customers who have configured the Single Sign On feature in the Got portal. AGREEMENT FOR SOFTWARE AS A SERVICE Page 31 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Name and address of Services performed by Country(ies) Categories of If Personal Data is transferred Sub-Processors the Sub-Processors where the rsonal Data outside of the EEA: Transfer personal data sj tool used under the GDPR transferred to ";&a Elasticsearch Pty Ltd Elastic provider data Australia First name and Standard Contractual Clauses Level 36, 60 Margaret storage and search USA last name Adequacy decision (USA) Street services to support Email Sydney, NSW 2000 users searching across Company/ Name Australia users and learning of employer activities. Zapier, Inc Zapier is an online Australia Any personal data that Standard Contractual Clauses 548 Market St. #62411, automation tool that can USA is included in the Got Adequacy decision (USA) San Francisco, CA be used to create profile is available to 94104-5401 workflows. The Got be used in Zapier. USA integration with Zapier This includes First allows for creation of Name, Last Name and new users, creation of Email Address. learning certificates for users, sending of notifications to users and creation of course enrolments for users Sendgrid/Twilio Inc., Email platform for emails USA First name and Standard Contractual Clauses 101 Spear Street, 1st related to the use of Got last name Adequacy decision Floor, San Francisco, Services including Email California, 94105, United course completion States of America certificates and account information e.g. lost passwords. Databricks, Inc Data intelligence USA First name and Standard Contractual Clauses 160 Spear St 151h Floor platform used to build last name Adequacy decision San Francisco, CA critical KPI's, reports, Email 94105 and for the development User IDs USA of Data Applications Got Group Sub-processors Name and address of Services performed by Country(ies) Categories of If personal data is transferred Gol Group Sub- the Gol Group Sub- where the personal data outside of the EEA: Transfer Processors Processors personal data is tool used under the GDPR transferred to G01 Learning (M) Sdn Support services Malaysia All personal data Standard Contractual Clauses Bhd stored on the Got Level 25, NAZA Tower, Services (if any)or 10, submitted to Got in a Persiaran KLCC, 50088 support request Kuala Lumpur including: First name and last name Email address Name of employer Phone number AGREEMENT FOR SOFTWARE AS A SERVICE Page 32 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Name and address of Services performed by Country(ies) Categories of If personal data is transferred Gol Group Sub- the Gol Group Sub- where the personal data outside of the EEA: Transfer Processors Processors personal data is tool used under the GDPR transferred to Physical address G01 Singapore Pte. Support services Singapore All personal data Standard Contractual Clauses Ltd. stored on the Got 7 Straits View#12-00, Services (if any)or Marina One East Tower, submitted to Got in a Singapore (018936) support request including: First name and last name Email address Name of employer Phone number Physical address G01 UK Learning Support services United Kingdom All personal data Adequacy decision Limited stored on the Got 1 st Floor West Davidson Services (if any)or House Forbury Square submitted to Got in a READING, RG1 3EU support request UK including: First name and last name Email address Name of employer Phone number Physical address G01 USA LLC Support services United States of All personal data Standard Contractual Clauses 6 S Rio Grande St, Suite America stored on the Got Adequacy decision 2072 Salt Lake City, UT Services (if any)or 84101 submitted to Got in a USA support request including: First name and last name Email address Name of employer Phone number Physical address G01 Vietnam Support services Vietnam All personal data Standard Contractual Clauses Company Limited stored on the Got No. 271/9, Nguyen Services (if any)or Trong Tuyen Street, submitted to Got in a Ward 10, support request Phu Nhuan District, including: Ho Chi Minh City AGREEMENT FOR SOFTWARE AS A SERVICE Page 33 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Name and address of Services performed by Country(ies) Categories of If personal data is transferred Gol Group Sub- the Gol Group Sub- where the personal data outside of the EEA: Transfer Processors Processors personal data is tool used under the GDPR transferred to Vietnam First name and last name Email address Name of employer Phone number Physical address Blinks Labs GmbH Support services Germany All personal data N/A Sonnenallee 223 stored on the Got 12059 Berlin Services (if any)or Germany submitted to Got in a support request including: First name and last name Email address Name of employer Phone number Physical address CONTENT PARTNER SUB-PROCESSORS: The following sub-processors are content partners of Got, to whom Personal Data may be shared when an end user accesses their courses and navigates to their hosted websites/ portals. Name and address of Services performed by Country(ies) Categories of If personal data is transferred Sub-Processors the Sub-Processors where the Personal Data outside of the EEA: Transfer personal data is tool used under the GDPR transferred to RL Pluralsight, LLC Provide eLearning USA and other Email address Standard Contractual Clauses 42 Future Way content and software to countries listed (obscured) Adequacy decision Draper, Got users here as (account id(cb UT 84020 subprocessors: mygo1.com) USA https://www.pluralsi First name, ght.com/terms/sub- Last name processors Coursera, Inc. Provide eLearning USA Email address Standard Contractual Clauses 381 E. Evelyn Ave, content and software to (obscured) Adequacy decision Mountain View, Got users (account id(cD CA 94041 myao1.com) USA First name, Last name SCHEDULE 3 TECHNICAL AND ORGANIZATIONAL MEASURES A copy of Technical and Organizational Measures is available via the Got Trust Center (httips://trust.ciol.com AGREEMENT FOR SOFTWARE AS A SERVICE Page 34 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC EXHIBIT E PRIVACY POLICY Got Privacy Policy and Notice This policy ("Privacy Policy") describes how Goi Pty Limited, and its wholly owned subsidiaries, (collectively "Go1") collects, receives, processes, uses, discloses, or shares your information. When you use our sites, products, or services, or otherwise form a relationship with us, we may obtain data from you and the devices you are using to do so. This policy is designed to provide transparency into our privacy practices and principles in a format you can navigate, read, and understand. We commit to treating your personal information with care and respect and encourage you to contact us using the methods provided should you have any questions or concerns about the use of your information. The Scope of this Policy This policy describes the processing of information provided or collected on our sites, applications, products, or services. In some instances, we may provide additional data privacy notices specific to certain products, practices, or regions. Those terms should be read in conjunction with this policy. If you provide information to us on a third-party site or platform, the information you provide may be separately collected by the third-party site or platform. That third-party site or platform's privacy practices will govern the use of your information. Choices you make on that third-party platform will not apply to our use of the information we have collected through our sites, products, or services. We acknowledge our obligations to all recipients of our products and services, including visitors to our website, our registered users and administrators of our products and services on behalf of our customers to collect, manage, process, and use their personal information ("Personal Data") in accordance with the laws and regulations of each of the countries in which we operate. Your Privacy Rights If you are a resident of certain states or countries, you may have the right to know, access, correct, transfer, restrict the processing of, opt-out from certain types of processing (e.g., targeted advertising, the sale of personal data, limit the use and disclosure of sensitive information, and profiling, as defined by the applicable state law(s)), and delete your personal information. If you choose to exercise any of these options, we will not discriminate against you for making that decision. You can exercise your privacy rights by clicking the "My Privacy Choices" link at the bottom of our website and select the applicable request, or by contacting us at privacy@goi.com. When we receive a request to exercise a privacy right, we will review information we have collected about you (if any) with identifying information you may have provided us (such as a login, email address, mailing address, zip code, or transaction or order number) to authenticate your identity. If you use an authorized agent to submit a request, we may require the authorized agent to provide proof that you gave the agent signed permission to submit the request. We may also require you to directly confirm with us that you provided the authorized agent permission to submit the request. AGREEMENT FOR SOFTWARE AS A SERVICE Page 35 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC There may be situations where we cannot grant your request. In such a situation, we will explain our reasoning to you and will honor your right to appeal where applicable. Information Collected or Processed In the preceding 12 months, Goi may have collected or processed the categories of personal information that are identified below. We generally collect the information listed below to secure, improve, and provide our services to our customers. Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers. Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an internet website application, or advertisement. Activity information on mobile applications, including, but not limited to, browsing history, search history, information regarding a consumer's interaction with a mobile application, or advertisements on mobile applications. Geolocation data. Professional or employment-related information. Education information. Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Sources of Information The sources from which personal information may have been collected or processed are the following: information that you provided to us, online tracking technologies, automatic data collection technologies, social media platforms and networks, business partners, etc. The purpose of such collection or processing include: providing our products and services, communicating with you, administering programs, marketing and promotional purposes (which may include targeted advertising), analytics and personalization, security and fraud prevention, legal obligations, core business functions, the job applicant process, etc. How We Disclose Information In the process of providing services to you we may disclose your information to our subsidiaries and affiliates, along with our service providers and third parties. We may also disclose your information with service providers and third parties when necessary to comply with laws and regulations; respond to subpoenas and court orders; exercise our legal rights or defend against legal claims; investigate, prevent, or take action regarding illegal activities, suspected fraud, potential threats to our property or the physical safety of any person, or violations of our usage instructions and applicable terms and conditions; facilitate the financing or insuring of our business or a disposition of all or part of our business or assets, or as otherwise permitted or required by law. We may disclose anonymized or aggregated data at our discretion, in accordance with applicable laws. If you post your information or content to our online forums or media sites, this information is public on the internet. We are unable to prevent or control further use of this information and refer AGREEMENT FOR SOFTWARE AS A SERVICE Page 36 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC you to the third-party sites' privacy policies and terms of use to learn more about their privacy practices. Your Controls and Choices You can control how and when you want to receive marketing emails from Got by clicking on the "unsubscribe" link located at the bottom of our email communications to you. This will not affect your receipt of administrative emails (for example, emails about your account, transactions, or policy changes) for your registered account. Our Commitment to Protecting Information Belonging to Children Our services are not intended for children. We do not knowingly collect information via our sites, products, and services from children. If you use our Services, you represent that you are at least the age of majority under the laws of the jurisdiction of your place of residence or have permission from a parent or guardian. If you believe your child has provided us with personal information without parental consent or violation of applicable law, please alert us at privacy@gol.com and we will promptly take steps to delete such information and terminate the minor's account. Cookies and Other Technologies Cookies are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us how and when pages and features in our services are visited and by how many people. You may be able to change the preferences on your browser or device to prevent or limit your device's acceptance of cookies, but this may prevent you from taking advantage of some of our features. We recommend you keep cookies activated. We have broken up our cookies into categories to help you understand what they do. Essential: These cookies cannot be deactivated as they are required to use our services. For example, they are necessary to access and use our website and login to your account. Performance: These cookies track how you interact with our website. For example, these cookies let us know which pages on our website load slowly or are not optimized for mobile use. We use this information to make improvements to our user experience. Functionality: These cookies track information about you to make using our website easier. For example, we may retain information such as your login status and viewing preferences. Marketing and Analytics: These cookies help us create targeted advertising experiences on our websites. You can manage your cookie preferences on our cookie banner that pops up when you first visit our website. To read more about Gol's Cookie Policy, please click here: https://www.gol.com/terms/cookies- policy Global Privacy Control If you would like to control the use of cookies and similar internet technologies on your computer, you can use web browsers listed with the Global Privacy Control tool built into them. These browsers limit cookie technologies and how they work while you browse the internet. You can find a list of browsers with the Global Privacy Control tool built into it here: https://globaIprivacycontro1.org/#download. AGREEMENT FOR SOFTWARE AS A SERVICE Page 37 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC The use of the website and web browsers located at the site above is at your own risk, subject to the agreements from those web browsers' developers, and subject to their privacy policies. Goi does not accept any liability associated with your use of the website above or the content you may download from that website. Our Global Data Transfer Practices We store and process your personal information on our servers located within the United States and Australia by default for the purposes described in this Privacy Policy. By using our websites, products, or services, you agree to the global transfer, process, and storage of your personal information. Our Group-Wide Data Transfer Practices Within Goi, our different entities are working closely together to provide you with even better services. In this context, we may transfer personal information to other entities within Got, or otherwise grant them access to your personal information. In this case, we are doing this based on Internal Data Transfer Agreements ("IGTA"), to ensure compliance with relevant laws and the security of your personal information. Contacting Supervisory Authorities If you would like to lodge a complaint against us, you may contact your local privacy regulator. If you have trouble locating a privacy regulator, please contact our privacy office at privacy@gol.com and they will help you contact the appropriate enforcement agency. How to Contact Us If you have any questions about how we process your information, you can contact us at: privacy@gol.com Units 4 & 5, 2904 Logan Rd Underwood QLD 4119 OR Suite 5.1/388 George St Sydney NSW 2000 This policy was last updated on: October 11, 2023 Relationship-Specific Details End Users Description Data gathered throughout the customer/end user relationship with Got. Categories of Personal Identifiers Information Internet Data Data from the use of Go1's mobile applications AGREEMENT FOR SOFTWARE AS A SERVICE Page 38 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Category of Data This information is provided by the customer's/end user's Subjects business/organization. Got uses this information for activities such as: • Creating an account with Got • Providing services to the customers/end users device • Providing services requested by customer or end Purpose of user Processing • Research and development • Account management • Billing • Customer support • Authentication • Device/account configuration Got processes this information pursuant to the agreements between Got and organizations seeking to provide Go1's services Legal Basis for to such organizations' employees. Processing For processing while using Go1's mobile applications, the legal basis for processing is based on the agreement between the application user and Got. Does this product/service/process use automated processing: Yes❑x Automated processing may exist to create customer/end user accounts. Automated processing does not occur to profile Automated individuals or to sell personal information to third parties. Processing or No❑ Profiling If yes, the general methods and logic used are: Automated routines take information from Go1's customers and create accounts and user profiles. Does the automated processing affect the rights of data subjects? No. Categories of Description of Shared or Sold Recipients Business Purpose Performing services on behalf of the business, including Limited third parties to maintaining or provide specific servicing accounts, Information content that have providing customer Shared Sharing been selected by the service, processing or Got shares this customer/end user. fulfilling orders and information with Third parties who transactions, verifying service providers for a provide infrastructure customer information, business purpose. and administrative processing payments, support to Got. providing financing, providing analytic services, providing storage, or providing similar services on AGREEMENT FOR SOFTWARE AS A SERVICE Page 39 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC behalf of the business. Category of Sensitive Personal Retention Period Sensitive Personal Information Collected Information N/A N/A Whether Personal For our international clients. Information is shared internationally Information is pursuant to global transfer mechanisms under appropriate privacy Transferred law. International) Got retains this information throughout the life of the agreement between Got and its customers. Retention Period WhereGo1 has a direct relationship with the End User, information will be retained throughout the term of the relationship with the End User. Got will no longer retain End User information six years after 18 months of account inactivity. Web visitors: Description Data gathered from visitors to Go1's website. Categories of Got only gathers information from web visitors when they input Information information into Go1's online forms. When visitors fill out those forms, they may rovide Personal Identifiers. Category of Data This information is provided directly by website visitors. Subjects Got uses this information to provide marketing information to Purpose of individuals who have expressed an interest in Go1's products. Got Processing may also use this information when an individual expresses an interest in a job at Got. Legal Basis for Got gathers this information so it can prepare either a recruitment Processing relationship or marketing relationship with a web visitor. Does this product/service/process use automated processing: Yes❑x Automated processing may exist. Automated processing does not occur to profile individuals or to sell personal information to third Automated parties. Processing or No❑ Profiling If yes, the general methods and logic used are: Information typed into a webform is routed to related departments within Got so that Got can respond to the information and potential requests placed in the webform. Does the automated processing affect the rights of data subjects? No. Information Categories of Description of Shared or Sold Sharing Recipients Business Purpose AGREEMENT FOR SOFTWARE AS A SERVICE Page 40 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Performing services on behalf of the business, including maintaining or servicing accounts, providing customer processing, Limited third parties to service, Shared- provide specific or fulfilling orders and Got shares this services that have transactions, verifying information with customer information, been selected by the processing payments, service providers for a customer/end user. providing financing business purpose. providing analytic services, providing storage, or providing similar services on behalf of the business. Category of Sensitive Personal Retention Period Sensitive Personal Information Collected Information N/A N/A Whether Personal Information is N/A Transferred International) For marketing, Got retains this information until an individual opts out of future marketing messages. For employment, Got retains this information throughout the Retention Period candidate's employment until the employment relationship has ended. Alternatively, Got retains candidate information for prospective employees who do not become employees for up to 4 years as required or allowed by law. Sale representatives Description Data gathered from Sales Representatives and their contacts. Categories of Personal Identifiers Information Geolocation Data Professional Employment Information Category of Data This information is provided by the sales representatives of directly Subjects from a representative's contacts. Purpose of Got uses this information to provide marketing information to Processing individuals who have expressed an interest in Go1's products. Legal Basis for Got gathers this information so it can pursue a commercial Processing relationship with representatives' contacts. Automated Does this product/service/process use automated processing: Processing or Yes Profiling AGREEMENT FOR SOFTWARE AS A SERVICE Page 41 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Automated processing may exist. Automated processing does not occur to profile individuals or to sell personal information to third parties. No❑ If yes, the general methods and logic used are: Information typed into a webform is routed to related departments within Got so that Got can respond to the information and potential requests placed in the webform. Does the automated processing create affect the rights of data subjects? No. Categories of Description of Shared or Sold Recipients Business Purpose Performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing or Information Shared Sharing Limited third parties fulfilling orders and Got shares this who provide CRM and transactions, verifying information with operational support customer information, service providers for a services to Got. processing payments, providing financing, business purpose. providing analytic services, providing storage, or providing similar services on behalf of the business. Category of Sensitive Personal Retention Period Sensitive Personal Information Collected Information N/A N/A Whether Personal Information is N/A Transferred International) Retention Period For marketing, Got retains this information until an individual opts out of future marketing messages. Vendors and distributors Description Data gathered from Go1's vendors and distributors. Personal Identifiers Categories of Geolocation Data Information Professional Employment Information AGREEMENT FOR SOFTWARE AS A SERVICE Page 42 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Category of Data This information is provided directly from vendors and Subjects distributors. Purpose of Got uses this information to contact vendors and distributors with Processing an interest in selling Go1's products. Legal Basis for Got gathers this information so it can pursue a commercial Processing relationship with vendors and distributors. Does this product/service/process use automated processing: Yes❑x Automated processing may exist. Automated processing does not occur to profile individuals or to sell personal information to third Automated parties. Processing or No❑ Profiling If yes, the general methods and logic used are: Information typed into a webform is routed to related departments within Got so that Got can respond to the information and potential requests placed in the webform. Does the automated processing create affect the rights of data subjects? No. Categories of Description of Shared or Sold Recipients Business Purpose Performing services on behalf of the business, including maintaining or servicing accounts, Limited third parties providing customer processing, Information who provide service, Shared Sharing operational support or fulfilling orders and Got shares this services or provide transactions, verifying information with customer information, specific features to processing payments service providers for a , vendors and business purpose. distributors. providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business. Category of Sensitive Personal Retention Period Sensitive Personal Information Collected Information N/A N/A Whether Personal Information is N/A Transferred International) Retention Period Throughout the commercial relationship with the vendor or distributor. Trade shows: AGREEMENT FOR SOFTWARE AS A SERVICE Page 43 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Description Data gathered from individuals at trade shows. Categories of Personal Identifiers Information Category of Data This information is provided by individuals directly to Got. Subjects Purpose of Got uses this information to provide marketing information to Processing individuals who have expressed an interest in Go1's products or services. Legal Basis for Got gathers this information so it can pursue a commercial Processinq relationship with contacts. Does this product/service/process use automated processing: Yes❑ Automated No❑x Processing or If yes, the general methods and logic used are: Profiling Does the automated processing affect the rights of data subjects? N/A Categories of Description of Shared or Sold Recipients Business Purpose Performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing, Information Shared Limited third parties or fulfilling orders and Sharing Got shares this who provide CRM and transactions, verifying information with operational support customer information, service providers for a services to Got. processing payments, business purpose. providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business. Category of Sensitive Personal Retention Period Sensitive Personal Information Collected Information N/A N/A Whether Personal Information is N/A Transferred International) Retention Period For marketing, Got retains this information until an individual opts out of future marketing messages. AGREEMENT FOR SOFTWARE AS A SERVICE Page 44 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Employee and prospective employee data: Description Data gathered from individuals at trade shows. Categories of Personal Identifiers Information Category of Data This information is provided by individuals directly to Got. Subjects Purpose of Got uses this information to provide marketing information to Processing individuals who have expressed an interest in Go1's products or services. Legal Basis for Got gathers this information so it can pursue a commercial Processing relationship with contacts. Does this product/service/process use automated processing: Yes❑ Automated No❑x Processing or If yes, the general methods and logic used are: Profiling Does the automated processing affect the rights of data subjects? N/A Categories of Description of Shared or Sold Recipients Business Purpose Performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing, Information Shared Limited third parties or fulfilling orders and Sharing Got shares this who provide CRM and transactions, verifying information with operational support customer information, service providers for a services to Got. processing payments, providing financing business purpose. providing analytic services, providing storage, or providing similar services on behalf of the business. Category of Sensitive Personal Retention Period Sensitive Personal Information Collected Information N/A N/A Whether Personal Information is N/A Transferred International) Retention Period For marketing, Got retains this information until an individual opts out of future marketing messages. AGREEMENT FOR SOFTWARE AS A SERVICE Page 45 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC EXHIBIT F NON-DISCLOSURE OF CONFIDENTIAL INFORMATION 1. Scope of Confidentiality Obligation in a SAAS Agreement. 1.1 Limitations. The Parties recognize that in a SAAS Agreement, the City is placing its information, including Confidential Information, on the Vendor's hosted software application. In providing this hosted service, the Vendor is not disclosing or providing City with its confidential information such as its source code or other proprietary or intellectual property technology. City therefore cannot modify, reverse engineer or otherwise decompile Vendor's technology and City has committed to not doing so in this Agreement. Thus, this Addendum describes Vendor's obligations with respect to City's confidential information provided to Vendor. 2. Definition of Confidential Information and Exclusions. 2.1 "Confidential Information" means non-public information on Vendor's SAAS that City designates as being confidential or which, under the circumstances surrounding disclosure, Vendor ought to treat as confidential, including but not limited to information in tangible or intangible form relating to and/or including City data, computer programs, code, algorithms, formulas, processes, inventions, schematics and other technical, business , financial and product development plans, forecasts, strategies and proprietary or intellectual property whether or not it is owned by City and information received from others that City is obligated to treat as confidential. Except as otherwise indicated in this Agreement, the term "Vendor" also includes all its Affiliates. An "Affiliate" means any person, partnership, joint venture, corporation or other form of enterprise, domestic or foreign, including but not limited to subsidiaries, that directly or indirectly, controls, are controlled by, or are under common control with a party. 2.2 Confidential Information shall not include any information, however designated, that: (i) is or subsequently becomes publicly available without Vendor's breach of any obligation owed City; (ii) became known to Vendor prior to City's disclosure of such information to Vendor pursuant to the terms of this Agreement; (iii) became known to Vendor from a source other than City other than by the breach of an obligation of confidentiality owed to City; (iv) is independently developed by Vendor; or (v) is not confidential as a matter of law. 3. Obligations Regarding Confidential Information. 3.1 Except as otherwise provided herein, Vendor shall: a. Take reasonable security precautions, at least as great as the precautions it takes to protect its own confidential information, but no less than prevailing standard of reasonable care in the Vendor's industry, to keep confidential the Confidential Information of the City; b. Refrain from disclosing, reproducing, summarizing and/or distributing City's Confidential Information except in pursuance of Vendor's business relationship with City, or only as otherwise provided hereunder; and C. Refrain from reverse engineering, decompiling or disassembling any software code and/or pre-release hardware devices disclosed by City to Vendor under the terms of this Agreement. 3.2 Notwithstanding anything to the contrary herein, City and Vendor will disclose Confidential Information in accordance with judicial action, federal or state public disclosure requirements, state or federal regulations, or other governmental order or requirement of law. In AGREEMENT FOR SOFTWARE AS A SERVICE Page 46 Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC the context of public records requests, City will give the Vendor reasonable notice prior to Vendor's records consistent with City's rules to allow Vendor a reasonable opportunity to seek injunctive or other applicable judicial relief preventing such disclosure. 3.3 The Vendor may disclose Confidential Information only to Vendor's employees and consultants on a need-to-know basis. The Vendor will have executed or shall execute appropriate written agreements with third parties sufficient to enable Vendor to enforce all the provisions of this Agreement. 3.4 Vendor shall notify the City promptly and without undue delay upon discovery of any unauthorized use or disclosure of Confidential Information as defined by this Agreement. Vendor will cooperate with City in helping City regain possession of its Confidential Information and prevent its further unauthorized use or disclosure. AGREEMENT FOR SOFTWARE AS A SERVICE Page 47 Docusign Envelope ID:D0815401-CCC5-439D-9D69-34CC1C4303AC EXHIBIT G ACCEPTABLE USE POLICY Got Acceptable Use Policy ----------------------------- ------- --------------------------------------------------------- 1. Background (a) Got is passionate about lifelong learning and wants to make learning accessible to people in all parts of the world.To do this,we need to keep the Services running smoothly,quickly,and without disruption. For this to happen,we need help from you.We need you to use the Services in ways that respect the work that has gone into developing and offering them and show respect for our Content Partners and other customers and End Users. (b) Capitalized terms in this Acceptable Use Policy not otherwise defined have the meaning given to them in the Got Customer Terms available here: https://www.gol.com/terms/customer-terms. (c) We've created this Acceptable Use Policy to describe what we expect of you and your use of the Got Services. -------------------- ------------------------------------------------------------------------------------- 2. What you must not do You must not do anything that constitutes unacceptable use,as outlined in the following table: Topic Disruption X Directly or indirectly reverse engineer,decompile,disassemble,or otherwise attempt to discover the source code, object code,or underlying structure, ideas, know-how,or algorithms relevant to the Services. X Modify,translate, create derivative works of, adapt or translate the Services (except to the extent permitted by us in writing or authorized within the Services). X Use the Services in any manner that could damage, disable, overburden, or impair any Got infrastructure, servers or the networks. i Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Using the X Reproduce, redistribute, transmit, assign, sell, broadcast, Services rent, share, lend, modify, adapt, edit, create derivative works of, license, or otherwise transfer or use any Got Content, in whole or in part, other than as separately and expressly authorized by us in writing. X Use the Services for any illegal purpose, or otherwise in violation of any laws. X Remove,obscure,or alter any proprietary notices or labels from Services, Courses, or related materials. X Host, on a subscription basis or otherwise, the Services without Go1's authorization, including any related application, (i)to permit a third-party to use the Services to create, transmit, or protect any content, or(ii)to conduct conferences or online meeting services for a third-party. X Violate the legal rights (such as rights of privacy and publicity)of others. X Frame or embed the Services to circumvent the Services. X Impersonate another person or gain unauthorized access to another person's account, subscription, or portal with us. Dealing with X Solicit personal information from any Content Partner or End User. others X Recruit, solicit, or contact in any form without our written permission (which we may withhold at our discretion) a Content Partner, End User or potential End User for employment or contracting for a business not affiliated with Got. X Where you do have any direct dealings with a Content Partner, you must not breach the Content Partner's policies, terms, and conditions, including those concerning your personal information. Malware X Introduce any virus, worm, spyware, or any other malicious computer code, file, or program that may damage, corrupt, infect, manipulate, adversely affect, or hijack the operation of, or gain unauthorized access to, the Equipment used to access, connect to, or otherwise use the Services, or any other aspect or operation of the Services. X Scrape, spider, use a robot or other automated means of any kind to access the Services. Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Inappropriate Upload, post, or otherwise transmit any content, material, or content information via the Services that: x is unsolicited or unauthorized advertising, promotional materials, junk mail, spam, chain letters, pyramid schemes, or any other form of solicitation (commercial or otherwise); x is inappropriate, offensive, racist, hateful, sexist, pornographic, false, misleading, fraudulent, incorrect, harassing, threatening, abusive, indecent, infringing, defamatory, or libelous; or x breaches a duty owed to a third-party (e.g. contractual or other duties of confidence)or infringes a third party's: • intellectual property rights; or • privacy (e.g. disclosing personal or identifying details of another person without authorization). If applicable,you may have the right to upload your own content into the Go Services("UGC"). x You grant Gol and its Affiliates a worldwide,non-exclusive,royalty-free fully paid up right and license to host, store,transfer,display,perform, reproduce,modify for formatting purposes,distribute the UGC to other customers and users,offer market,and otherwise use the UGC through the Services and sublicense it to other user,customers,and partners.Additionally, Go requires limited access to the UGC for maintenance and support purposes. x Gol expressly disclaims all liability in connection with UGC.You are solely liable for UGC and any liability raised in connection with loading UGC into the Go Services.By uploading UGC,you represent and warrant that: • you are the creator or owner of the UGC or have the necessary right and license to use UGC as contemplated herein,and to provide Got the rights set forth above. • UGC and the use of UGC as contemplated herein,does not and will not: infringe upon any third-party rights,including but not limited intellectual property rights;slander,defame,threaten,or invade privacy or other rights of any person;or violate,or cause Got to violate any laws or regulations; • UGC will not be profane,bullying,sexually explicit,obscene, racist, sexist,ageist, intimidating, harassing,threatening,defamatory or otherwise inappropriate to a reasonable person;and • UGC does not contain any viruses,worms,or other malicious computer programming codes or similar intended to damage Got or Go1's platform. • You have implemented your own screening and monitoring mechanism to screen for inappropriate content. x Gol has no obligation or responsibility to edit,review,monitor,or otherwise control UGC uploaded to Go Services and expressly disclaims any responsibility or obligation to do so. Go reserves the right,however,at any time without notice,to remove or block UGC that it determines in its sole discretion is in violation of this AUP. Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC ------------------------------------------------------------------------------------------------------------------ 3. What you must do ✓ Only use the Services in compliance with applicable terms and our published policies applicable at the time of use and all Applicable Laws and Applicable Data Protection Laws. ✓ Maintain and ensure the security of the Equipment used to access the Services and meet all applicable costs in relation to the Equipment. ✓ Maintain the security of your account,passwords(including administrative and user passwords), files,and Equipment. ✓ Assume responsibility for controlling how confidential information or your personal information (or that of another person) is disclosed or used, including taking appropriate steps to protect such information. 4. General 4.1 Indemnity You agree to indemnify us and hold us harmless against any damages, losses, liabilities, settlements, and expenses (including costs and attorneys' fees)in connection with any claim or action that arises from an alleged violation of this Acceptable Use Policy or otherwise from your use of the Services. 4.2 Moderation (a) Although we have no obligation to monitor your use of the Services,we may do so and may prohibit any use of the Services we believe may be(in our sole discretion),or is alleged to be, in violation of this Acceptable Use Policy. (b) We have the right, in our sole discretion,to remove any content, material,or information that we consider to be in violation of this Acceptable Use Policy at any time. 4.3 Consequences for non-compliance Without affecting any other rights or remedies available to us,we may permanently or temporarily terminate or suspend your account or access to the Services without notice or liability if we (in our sole discretion) determine that you have violated this Acceptable Use Policy. Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Exhibit H Insurance Requirements Consultant shall procure and maintain for the duration of the contract insurance against claims for security breaches, system failures, injuries to persons, damages to software, or damages to property (including computer equipment) which may arise from or in connection with the performance of the work hereunder by the Consultant, its agents, representatives, or employees. Consultant shall procure and maintain for the duration of the contract insurance against claims arising out of their services and including, but not limited to loss, damage, theft or other misuse of data, infringement of intellectual property, invasion of privacy and breach of data. A. Minimum Scope of Insurance Consultant shall obtain insurance of the types described below: Commercial General Liability insurance shall be written on Insurance Services Office (ISO) occurrence form CG 00 01 and shall cover liability arising from premises, operations, independent Consultants, products-completed operations, personal injury and advertising injury, and liability assumed under an insured contract. The Commercial General Liability insurance shall be endorsed to provide the Aggregate Per Project Endorsement ISO form CG 25 03 11 85. The City shall be named as an insured under the Consultant's Commercial General Liability insurance policy with respect to the work performed for the City using ISO additional insured endorsement CG 20 10 11 85 or a substitute endorsement providing equivalent coverage. If a general aggregate limit applies, either the general aggregate limit shall apply separately to this project/location or the general aggregate limit shall be twice the required occurrence limit. The Consultant may use Umbrella or Excess Policies to provide the liability limits as required in this Agreement. This form of insurance will be acceptable if all the Primary and Umbrella or Excess Policies shall provide all the insurance coverages herein required. The Umbrella or Excess policies shall be provided on a true "following form" or broader coverage basis, with coverage at least as broad as provided on the underlying Commercial General Liability insurance. Cyber Liability insurance shall be sufficiently broad to respond to the duties and obligations as is undertaken by Consultant in this agreement and shall include, but not be limited to, claims involving security breach, system failure, data recovery, business interruption, cyber extortion, social engineering, infringement of intellectual property, including but not limited to infringement of copyright, trademark, trade dress, invasion of privacy violations, information theft, damage to or destruction of electronic information, release of private information, and alteration of electronic information. The policy shall provide coverage for breach response costs, regulatory fines, and penalties as well as credit monitoring expenses. Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC Workers' Compensation if applicable, coverage for the employees of Consultant and subcontractors as required by the Industrial Insurance laws of the State of Washington. B. Minimum Amounts of Insurance Consultant shall maintain the following insurance limits: Commercial General Liability insurance shall be written with limits no less than $2,000,000 per occurrence, $2,000,000 general aggregate, and $2,000,000 products-completed operations aggregate limit. Primary Non-Contributory Additional Insured coverage for the City of Kent, et. al. Cyber Liability insurance shall be written with limits no less than $1,000,000 per occurrence or claim, $2,000,000 aggregate. If the Consultant maintains broader coverage and/or higher limits than the minimums shown above, the City requires and shall be entitled to the broader coverage and/or the higher limits maintained by the Consultant. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the City. The above policy limits may be obtained with excess liability (umbrella) insurance. C. Other Insurance Provisions The insurance policies are to contain, or be endorsed to contain, the following provisions: 1. The Consultant's insurance coverage shall be primary insurance with respect to the City. Any insurance, self-insurance, or insurance pool coverage maintained by the City shall be in excess of the Consultant's insurance policies and shall not contribute to the Consultant's insurance policies. 2. Consultant's insurer must deliver, or mail written notice of cancellation to the named insured at least forty-five (45) days before the effective date of the cancellation. The Consultant's insurance policy shall include an endorsement that provides the City with written notice of cancellation forty-five (45) days before the effective date of the cancellation. If Consultant's insurer fails to provide the City with a copy of the notice of cancellation endorsement, the Consultant must notify the City of any cancellation, nonrenewal or termination before the effective date of the cancellation. 3. The City of Kent shall be named as an additional insured on all policies (except Professional Liability) with respect to work performed by or on behalf of the Consultant and a copy of the endorsement naming the City as an additional insured shall be attached to the Certificate of Insurance. The City reserves the right to receive a certified copy of all required insurance policies. The Consultant's Commercial General Liability insurance shall also contain a clause stating that coverage shall apply separately to each insured against whom claims are made or suit is brought, except with respect to the limits of the insurer's liability. Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC D. Acceptability of Insurers Insurance is to be placed with insurers with a current A.M. Best rating of not less than A:VII. E. Verification of Coverage Consultant shall furnish the City with original certificates and a copy of the amendatory endorsements, including but not necessarily limited to the additional insured endorsement, evidencing the insurance requirements of the Consultant before commencement of the work. The City waives no rights, and the Consultant is not excused from performance if Consultant fails to provide the City with a copy of the endorsement naming the City as a Primary Non-Contributory Additional Insured. F. Subcontractors Consultant shall include all subcontractors as insureds under its policies or shall furnish separate certificates and endorsements for each subcontractor. All coverage for subcontractors shall be subject to all the same insurance requirements as stated herein for the Consultant. Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC EXHIBIT I CITY OF KENT NON-DISCRIMINATION POLICY AND FORMS DECLARATION CITY OF KENT NON-DISCRIMINATION POLICY The City of Kent (City) is committed to conform to Federal and State laws regarding equal opportunity. As such all contractors, subcontractors, consultants, vendors, and suppliers who perform work with relation to this Agreement shall comply with the regulations of the City's equal employment opportunity policies. The City of Kent and its contractors are subject to and will comply with the following: • Title VI of the Civil Rights Act of 1964 (42 U.S.C. § 2000d et seq., 78 stat. 252), (prohibits discrimination on the basis of race, color, national origin); • 49 C.F.R. Part 21 (entitled Non-discrimination In Federally-Assisted Programs Of The Department Of Transportation-Effectuation Of Title VI Of The Civil Rights Act Of 1964); • 28 C.F.R. section 50.3 (U.S. Department of Justice Guidelines for Enforcement of Title VI of the Civil Rights Act of 1964). • Ch. 49.60 RCW (Washington Law Against Discrimination) The preceding statutory and regulatory cites hereinafter are referred to as 'the Acts and Regulations". The following statements specifically identify the requirements the City deems necessary for any contractor, subcontractor, or supplier on this specific Agreement to adhere to. An affirmation of all of the following is required for this Agreement to be valid and binding. If any contractor, subcontractor, or supplier willfully misrepresents themselves with regard to the directives outlined below, it will be considered a breach of contract and it will be at the City's sole determination regarding suspension or termination for all or part of the Agreement. The statements are as follows: 1. Gol representatives have reviewed the attached City of Kent administrative policy number 1.2. 2. During the time of this Agreement Got will not discriminate in employment on the basis of sex, race, color, national origin, age, or the presence of all sensory, mental or physical disability. Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC 3. During the time of this Agreement Gol will provide a written statement to all new employees and subcontractors indicating commitment as an equal opportunity employer. 4. During the time of the Agreement Gol will actively consider hiring and promotion of women and minorities. 5. During the performance of this contract, the contractor and its assignees, and successors in interest (hereinafter referred to as the "contractor") agrees as follows: A. Compliance with Regulations: The contractor, subcontractor, consultant, vendor, and supplier (hereinafter "Contractor") will comply with all Acts and the Regulations relative to non-discrimination, including those applicable to Federally-assisted programs of the U.S. Department of Transportation, State- assisted programs through the Washington State Department of Transportation, and generally under Washington's Law Against Discrimination, Ch. 49.60 RCW, as they may be amended from time to time, which are herein incorporated by reference and made a part of this contract. B. Non-discrimination: The contractor, with regard to the services provided during the contract, will not discriminate on the grounds of race, color, or national origin in the selection and retention of subcontractors, including procurements of materials and leases of equipment. The contractor will not participate directly or indirectly in the discrimination prohibited by the Acts and the Regulations, including employment practices when the contract covers any activity, project, or program set forth in Appendix B of 49 CFR Part 21. C. Solicitations for Subcontracts, Including Procurements of Materials and Equipment: In all solicitations, either by competitive bidding, or negotiation made by the contractor for work to be performed under a subcontract, including procurements of materials, or leases of equipment, each potential subcontractor or supplier will be notified by the contractor of the contractor's obligations under this contract and the Acts and the Regulations relative to non-discrimination on the grounds of race, color, or national origin. D. Information and Reports: The contractor will provide all information and reports required by the Acts and Regulations and directives issued pursuant thereto and will permit access to its books, records, accounts, other sources of information, and its facilities as may be determined applicable to contractor's contract by the City or the Washington State Department of Transportation to be pertinent to ascertain compliance with such Acts and Regulations and instructions. Where any information required of a contractor is in the exclusive possession of another who fails or refuses to furnish the information, the contractor will so certify to the City or the Washington State Department of Transportation, as appropriate, and will set forth what efforts it has made to obtain the information. Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC E. Sanctions for Noncompliance: In the event of a contractor's noncompliance with the non-discrimination provisions of this contract, the City will impose such contract sanctions as it or the Washington State Department of Transportation may determine to be appropriate, including, but not limited to: a. withholding payments to the contractor under the contract until the contractor complies; and/or b. cancelling, terminating, or suspending a contract, in whole or in part. F. Incorporation of Provisions: The contractor will include the provisions of paragraphs (A) through (F) above in every subcontract, including procurements of materials and leases of equipment, unless exempt by the Acts and Regulations and directives issued pursuant thereto. The contractor will take action with respect to any subcontract or procurement as the City or the Washington State Department of Transportation may direct as a means of enforcing such provisions including sanctions for noncompliance. Provided, that if the contractor becomes involved in, or is threatened with litigation by a subcontractor, or supplier because of such direction, the contractor may request the City to enter into any litigation to protect the interests of the City. In addition, the contractor may request the United States to enter into the litigation to protect the interests of the United States. 6. During the performance of this contract, the contractor and its assignees, and successors in interest agrees to comply with the following non-discrimination statutes and authorities; including but not limited to: Pertinent Non-Discrimination Authorities: i. Title VI of the Civil Rights Act of 1964 (42 U.S.C. § 2000d et seq., 78 stat. 252), (prohibits discrimination on the basis of race, color, national origin); and 49CFR Part 21. ii. The Uniform Relocation Assistance and Real Property Acquisition Policies Act of 1970, (42 U.S.C. § 4601), (prohibits unfair treatment of persons displaced or whose property has been acquired because of Federal or Federal-aid programs and projects); iii. Federal-Aid Highway Act of 1973, (23 U.S.C. § 324 et seq.), (prohibits discrimination on the basis of sex); iv. Section 504 of the Rehabilitation Act of 1973, (29 U.S.C. § 794 et seq.), as amended, (prohibits discrimination on the basis of disability); and 49 CFR Part 27; V. The Age Discrimination Act of 1975, as amended, (42 U.S.C. § 6101 et seq.), (prohibits discrimination on the basis of age); vi. Airport and Airway Improvement Act of 1982, (49 USC § 471, Section 47123), as amended, (prohibits discrimination based on race, creed, color, national origin, or sex); Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC vii. The Civil Rights Restoration Act of 1987, (PL 100-209), (Broadened the scope, coverage and applicability of Title VI of the Civil Rights Act of 1964, The Age Discrimination Act of 1975 and Section 504 of the Rehabilitation Act of 1973, by expanding the definition of the terms "programs or activities" to include all of the programs or activities of the Federal-aid recipients, sub-recipients and contractors, whether such programs or activities are Federally funded or not); viii. Titles II and III of the Americans with Disabilities Act, which prohibit discrimination on the basis of disability in the operation of public entities, public and private transportation systems, places of public accommodation, and certain testing entities (42 U.S.C. §§ 12131-12189) as implemented by Department of Transportation regulations at 49 C.F.R. parts 37 and 38; ix. The Federal Aviation Administration's Non-discrimination statute (49 U.S.C. § 47123) (prohibits discrimination on the basis of race, color, national origin, and sex); X. Executive Order 12898, Federal Actions to Address Environmental Justice in Minority Populations and Low-Income Populations, which ensures Non- discrimination against minority populations by discouraging programs, policies, and activities with disproportionately high and adverse human health or environmental effects on minority and low-income populations; xi. Executive Order 13166, Improving Access to Services for Persons with Limited English Proficiency, and resulting agency guidance, national origin discrimination includes discrimination because of Limited English proficiency (LEP). To ensure compliance with Title VI, you must take reasonable steps to ensure that LEP persons have meaningful access to your programs (70 Fed. Reg. at 74087 to 74100); xii. Title IX of the Education Amendments of 1972, as amended, which prohibits you from discriminating because of sex in education programs or activities (20 U.S.C. 1681 et seq). xiii. Washington Law Against Discrimination (Ch. 49.60 RCW) 7. The submission of the final invoice for this contract will constitute a reaffirmation that the preceding statements were complied with during the course of the contract's performance. By signing below, I agree to fulfill the seven requirements referenced above. By: For: Got USA LLC Title: Date: Docusign Envelope ID: D0815401-CCC5-439D-9D69-34CC1C4303AC CITY OF KENT ADMINISTRATIVE POLICY NUMBER: 1.2 EFFECTIVE DATE: October 20, 2022 SUBJECT: INCLUSIVE CONTRACTING SUPERSEDES: January 1, 1998 APPROVED BY Dana Ralph, Mayor POLICY: Equal employment opportunity and non-discrimination in contracting requirements for the City of Kent will conform to federal and state laws. All contractors, subcontractors, consultants, and suppliers of the City must guarantee equal employment opportunity within their organization and, if holding Agreements with the City amounting to $10,000 or more within any given year, must take the following affirmative steps: 1. Provide a written statement to all new employees and subcontractors indicating commitment as an equal opportunity employer. 2. Actively consider for promotion and advancement available minorities and women. Further, all contractors, subcontractors, consultants, suppliers, grantees, or subgrantees of the City, regardless of the value of the Agreement, are required to sign the City's Non- Discrimination Policy Declaration, prior to commencing performance. Any contractor, subcontractor, consultant or supplier who willfully disregards the City's nondiscrimination and equal opportunity requirements shall be considered in breach of contract and subject to suspension or termination for all or part of the Agreement. Contract Compliance Officers will be appointed by the Directors of Planning, Parks, and Public Works Departments to coordinate with the City's Title VI coordinator, and perform the following duties for their respective departments. 1. Ensuring that contractors, subcontractors, consultants, and suppliers subject to these regulations are familiar with the regulations and the City's equal employment opportunity policy. 2. Monitoring to assure adherence to federal, state and local laws, policies and guidelines. DATE IY(MM/DDYYY) A���® CERTIFICATE OF LIABILITY INSURANCE 9/30/2024 THIS CERTIFICATE IS ISSUED AS A MATTER OF INFORMATION ONLY AND CONFERS NO RIGHTS UPON THE CERTIFICATE HOLDER. THIS CERTIFICATE DOES NOT AFFIRMATIVELY OR NEGATIVELY AMEND, EXTEND OR ALTER THE COVERAGE AFFORDED BY THE POLICIES BELOW. THIS CERTIFICATE OF INSURANCE DOES NOT CONSTITUTE A CONTRACT BETWEEN THE ISSUING INSURER(S), AUTHORIZED REPRESENTATIVE OR PRODUCER,AND THE CERTIFICATE HOLDER. IMPORTANT: If the certificate holder is an ADDITIONAL INSURED,the policy(ies) must have ADDITIONAL INSURED provisions or be endorsed. If SUBROGATION IS WAIVED, subject to the terms and conditions of the policy, certain policies may require an endorsement. A statement on this certificate does not confer rights to the certificate holder in lieu of such endorsement(s). PRODUCER CONTACT NAME: Jennifer Faust Arthur J. Gallagher Risk Management Services, LLC PHONE FAX 1 Corporate Drive, Suite 310 A/C No Ext: 617-646-0239 A/C No):860-560-2784 Shelton CT 06484 ADDRESS: Jennifer faust@ajg.com INSURER(S)AFFORDING COVERAGE NAIC# License#:BR-724491 INSURERA:Atlantic Specialty Insurance Company 27154 INSURED APIOINC-01 INSURER B: Apiom Inc G01 USA LLC INSURERC: 26 S Rio Grande, Suite 2072 INSURER D: Salt Lake City UT 84101 INSURER E: INSURER F: COVERAGES CERTIFICATE NUMBER:1715407271 REVISION NUMBER: THIS IS TO CERTIFY THAT THE POLICIES OF INSURANCE LISTED BELOW HAVE BEEN ISSUED TO THE INSURED NAMED ABOVE FOR THE POLICY PERIOD INDICATED. NOTWITHSTANDING ANY REQUIREMENT, TERM OR CONDITION OF ANY CONTRACT OR OTHER DOCUMENT WITH RESPECT TO WHICH THIS CERTIFICATE MAY BE ISSUED OR MAY PERTAIN, THE INSURANCE AFFORDED BY THE POLICIES DESCRIBED HEREIN IS SUBJECT TO ALL THE TERMS, EXCLUSIONS AND CONDITIONS OF SUCH POLICIES.LIMITS SHOWN MAY HAVE BEEN REDUCED BY PAID CLAIMS. INSR TYPE OF INSURANCE ADDL SUBR POLICY EFF POLICY EXP IY LIMITS LTR INSD WVD POLICY NUMBER MM/DDYYY IY MM/DDYYY A X COMMERCIAL GENERAL LIABILITY 7110183410000 10/21/2023 10/21/2024 EACH OCCURRENCE $1,000,000 F—V� DAMAGE TO CLAIMS-MADE OCCUR PREMISES (E.occur ante) $1,000,000 MED EXP(Any one person) $15,000 PERSONAL&ADV INJURY $1,000,000 GEN'L AGGREGATE LIMIT APPLIES PER: GENERAL AGGREGATE $2,000,000 POLICY❑ PRO- JECT ❑ LOC PRODUCTS-COMP/OP AGG $2,000,000 X OTHER: $ A AUTOMOBILE LIABILITY 7110183410000 10/21/2023 10/21/2024 COMBINED SINGLE LIMIT $1,000,000 Ea accident ANY AUTO BODILY INJURY(Per person) $ OWNED SCHEDULED BODILY INJURY(Per accident) $ AUTOS ONLY AUTOS X HIRED X NON-OWNED PROPERTY DAMAGE $ AUTOS ONLY AUTOS ONLY Per accident A X UMBRELLA LIAB X OCCUR 7110183410000 10/21/2023 10/21/2024 EACH OCCURRENCE $10,000,000 EXCESS LIAB CLAIMS-MADE AGGREGATE $10,000,000 DED RETENTION$ $ WORKERS COMPENSATION PER OTH- AND EMPLOYERS'LIABILITY Y/N STATUTE ER ANYPROPRIETOR/PARTNER/EXECUTIVE ❑ E.L.EACH ACCIDENT $ OFFICER/MEMBER EXCLUDED? N/A (Mandatory in NH) E.L.DISEASE-EA EMPLOYEE $ If yes,describe under DESCRIPTION OF OPERATIONS below E.L.DISEASE-POLICY LIMIT $ A Errors and Omissions/Cyber 760-01-08-78-0003 10/21/2023 10/21/2024 Each Claim/Aggregate $5,000,000 DESCRIPTION OF OPERATIONS/LOCATIONS I VEHICLES (ACORD 101,Additional Remarks Schedule,may be attached if more space is required) Cert holder is included as additional insured where required by written contract Named Insured includes:Got USA LLC CERTIFICATE HOLDER CANCELLATION SHOULD ANY OF THE ABOVE DESCRIBED POLICIES BE CANCELLED BEFORE THE EXPIRATION DATE THEREOF, NOTICE WILL BE DELIVERED IN ACCORDANCE WITH THE POLICY PROVISIONS. City of Kent 220 4th St. AUTHORIZED REPRESENTATIVE KENT WA 98032 /J} ©1988-2015 ACORD CORPORATION. All rights reserved. ACORD 25(2016/03) The ACORD name and logo are registered marks of ACORD