The URL can be used to link to this page

20-123.00 Smarsh: Text Archiving smarsh® Order Form (#Q055232)(Service Account Number: 41209) Client Information Company Name City of Spokane Valley,WA Address 10210 E.Sprague Avenue City Spokane Valley State WA Zip 99206 Primary Contact Name Chad Knodel Title (Authorized User) Phone Email cknodel@spokanevalley.org Technical Contact Name Chad Knodel Title Phone Email cknodel@spokanevalley.org Billing Contact Name Karla White Title Phone (509)688-0232 Email kwhite@spokanevalley.org Address 10210 E Sprague Ave City Spokane Valley State WA Zip 99206-3682 Quote Date 05/21/2020 09:38:23 Quote Expiration 06/24/2020 Smarsh Sales Executive Rachael Lam Term of Agreement 12 Months Activation Date Upon Grant of Access to Service Historical Import Billing In Arrears Setup Fee Billing Upon Contract Execution Services and Fees Rate per Minimum Minimum Quantity Quantity Professional Archive-Silver 10-Annual $765.00 1 $765.00 Professional Archive-Silver 10 Capture&Archive-Annual $180.00 13 $2340.00 Professional Archive-Silver 10 Premium Adj-Annual $28.00 13 $364.00 Professional Archive-Extended Retention Fee(Per GB)-Annual $2.50 0 $0.00 Recurring Subtotal $3,469.00 One-Time Subtotal $ 0.00 If Client uses more Connections than it has licensed,Smarsh will bill for that use at$255.00 per connection plus$28.00 for each premium Notes Connection.Annual Renewal term:7/1/2020-6/30/2021 US:+1(866)762-7741 UK:+44(0)800-048-8612 www.smarsh.com Page 1 of 2 smarsh5 Terms & Conditions On a date following the execution of this Order Form,Smarsh will provide Client with a license key for the Software or with login credentials to the applicable Service("Activation Date").Service Descriptions are available at www.smarsh.com/legal. The Services are subject to Smarsh Service Agreement-General Terms available at www.smarsh.com/legal/ServiceAgreement.The Services purchased by Client are also subject to the Information Security Addendum available at https://www.smarsh.com/legal/InfoSec and the following Service Specific Terms: Mobile Channels Service Specific Terms available at:https://www.smarsh.com/legal/SSTMobileChannels; Professional Cloud Service Specific Terms available at: https://www.smarsh.com/legal/SSTProfessionalCloud. The Smarsh Service Agreement—General Terms,the Information Security Addendum,the Service Specific Terms,and this Order Form are,collectively,the"Agreement."The Initial Term of the Services shall begin on the date this Order Form is executed and continue for the Subscription Term specified above, unless Client is adding the above Services to an existing Service account, in which case, the above Services will sync to and co-terminate with Client's existing subscription Term. The Services will be subject to renewals as specified in the Agreement. For AT&T Mobility subscribers,your signature below represents your acceptance of the AT&T Wireless Terms and Conditions available at www.smarsh.com/legal/ATT as they apply to AT&T messages that are archived by Smarsh. "Archive Fees"are the Fees charged for access to the Connected Archive(i.e., Professional Archive or Enterprise Archive). "Capture& Archive Fees" are the Fees that are charged for capture and archive of a bundle of Connections within the Professional Archive. "Capture Fees"are the per-Connection Fees that are charged for the capture of Connections by Connected Capture(i.e.,Cloud Capture or Capture Server). "Premium Adj.Fees"are the additional Fees that are charged for capture of Connections from premium Channels. "Set-up Fees" are the one-time Fees that are charged to implement a Service. "Professional Services Fees" are the Fees charged for hourly,monthly,or flat rate professional services. The Platform Fees,the Capture&Archive Fees,the Capture Fees,and the Premium Adj. Fees,as applicable,are invoiced on an annual, up-front basis or a monthly basis in arrears,as specified on page 1 of this Order Form.Client agrees that the Recurring Subtotal above is Client's minimum commitment during each year or month,as applicable,of the Term.Smarsh will invoice Client for any usage over the minimum quantities at the applicable rate indicated in this Order Form. If not priced above,data import,conversion(if applicable),and storage Fees for Client's historical data and storage Fees for data from Connected Capture or other external capture mechanisms ingested into the Professional Archive are as follows: Data Imports-One-time $10/GB Import Data Conversion fees $3/GB Data Storage—Annual $2.50/GB Smarsh self-certifies to the EU-U.S.Privacy-Shield.We provide information about our GDPR compliance at www.smarsh.com/legal. Client authorized signature By 1 C�?� Name: Mark C' .f 1 (r Title: Coy at/ta Date: 23 zp US:+1(866)762-7741 UK:+44(0)800-048-8612 www.smarsh.com Page 2 of 2 smarsh® Smarsh Services Agreement-General Terms WHEN YOU CLICK A BOX INDICATING ACCEPTANCE OF THIS AGREEMENT OR WHEN YOU EXECUTE AN ORDER FORM THAT REFERENCES THIS AGREEMENT,YOU,THE COMPANY ENTERING THIS AGREEMENT ("CLIENT"),AGREE TO THE TERMS OF THIS AGREEMENT.IF YOU ACCEPT THIS AGREEMENT ON BEHALF OF YOUR COMPANY OR OTHER LEGAL ENTITY,YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH ENTITY TO THIS AGREEMENT. IF CLIENT PREVIOUSLY EXECUTED A SUBSCRIPTION FORM OR AN ORDER FORM (OR ENTERED INTO ANY OTHER ORDER DOCUMENT IN ELECTRONIC OR HARD COPY FORM) FOR SERVICES OR SOFTWARE, CLIENT AGREES THAT UPON ACCEPTING THE TERMS OF THIS AGREEMENT, WHETHER BY CLICK THROUGH OR BY ORDER FORM REFERENCING THIS AGREEMENT,THIS AGREEMENT SUPERSEDES ANY AND ALL PRIOR TERMS AND CONDITIONS ASSOCIATED WITH PREVIOUS ORDER FORM(S),AND SUCH PREVIOUS ORDER FORM TERMS AND CONDITIONS ARE OF NO FORCE OR EFFECT,EXCEPT THATTHE "EFFECTIVE DATE" OF CLIENTS AGREEMENT IS THE DATE ON WHICH CLIENT FIRST EXECUTED AN ORDER FORM FOR SERVICES OR SOFTWARE, AND THE TERM OF CLIENT'S AGREEMENT FOR ALL SERVICES OR SOFTWARE WILL CONTINUE TO RENEW ON THE ANNIVERSARY OF THAT EFFECTIVE DATE,BUT ACCORDING TO THE RENEWAL TERMS OF THIS AGREEMENT. This Smarsh Services Agreement-General Terms (the "Agreement") constitutes a binding agreement between Smarsh Inc. ("Smarsh") and the Client identified in an order document that references this Agreement ("Order Form"), or the Client who accepts the terms of this Agreement via click-through acceptance. Client agrees that the terms of this Agreement will govern Client's use of the Services (as defined in Section 1). This Agreement includes four parts: (1) the legal terms that are included in this "Smarsh Services Agreement — General Terms", (2) the terms that are specific to each service included in the "Service Specific Terms",(3)the description of what is included with each service in"Service Descriptions";and (4) the Acceptable Use Policy(or"AUP"). 1. Services.Smarsh will provide the Services specified in each Order Form("Services"),according to the Agreement,the Service Specific Terms(including the applicable Service Level Agreement(s)),and the Service Descriptions, which describe the features and functionality of each Service. The Service Specific Terms and Service Descriptions are located at www.smarsh.com/legal.Smarsh grants Client a revocable, non-exclusive, non-transferable, limited license to access and use the Services purchased by Client during the Term (as defined in Section 12). 2. Support& User Groups. Smarsh Central, located at httos://central.smarsh.com is where Client may seek support resources for the Services as well as engage with other end users in online forums regarding the Services. 2.1. Smarsh Central. Support FAQ's and other support resources are available on Smarsh Central located at https://central.smarsh.com. Client may initiate support requests by submitting support tickets on Smarsh Central.Changes to Smarsh's support policies will be made available on Smarsh Central. 2.2. Groups.Smarsh Central also provides online forums and related features to Users of the Services (as defined in Section 4.6)for discussion,feedback,and general Q&A purposes(such forums and related features are collectively called "Groups").Smarsh grants Client and its Users a revocable, non-exclusive, non-transferable license to access and use Groups within Smarsh Central in connection with Client's use of the Services. Client or Users may post comments or content to Groups ("Groups Content"). Client hereby grants Smarsh a worldwide, exclusive, royalty-free, irrevocable license to access,use,reproduce, make derivatives of,and incorporate Groups Smarsh Services Agreement—General Terms I Page 1 of 9 smarsh Content into Smarsh products or services for commercial use.Client acknowledges that Groups Content is not confidential and is subject to the Acceptable Use Policy available at www.smarsh.com/legal/AUP.Smarsh may delete Groups Content without prior notice.Client is responsible for all Groups Content posted by its Users.Smarsh disclaims all liability arising from Groups Content and use of Groups, including exposure to content that is potentially offensive, indecent, inaccurate, objectionable, or otherwise inappropriate. Smarsh may suspend or discontinue Groups at any time.Smarsh provide Groups without charge and Groups is not part of the Services. 3. Trial Services.If a trial period is indicated on an Order Form, Smarsh will provide Client with a temporary account to one or more Services ('Trial Account"). The Trial Account will be accessible beginning on the Activation Date(as defined in Section 7)and for the trial period set forth in the Order Form, or if no trial period is stated,the Trial Account period will be thirty (30) days from the Activation Date.DURING THE TRIAL PERIOD,THE TRIAL ACCOUNT AND ASSOCIATED SERVICES ARE PROVIDED"AS IS"AND"AS AVAILABLE"AND WITHOUT REPRESENTATION OR WARRANTY OF ANY KIND. 4. Client Obligations. 4.1. As used in this Agreement,the term"Client Data" means the data that the Services capture or archive from Client's systems or from Client's Third Party Services (as defined in Section 5), or Client's historical data provided by or on behalf of Client for ingestion by the Services. Client hereby grants Smarsh a limited, non-exclusive license to access, copy, transmit, download, display,and reproduce Client Data as necessary to provide,support,and improve the Services, as directed by Client, or as otherwise authorized hereunder. Data generated by the Services regarding Client's use of the Services is usage data and is not and does not contain Client Data. 4.2. It is Client's sole responsibility to monitor the Services and Client's systems and Third Party Services to ensure that Client Data is being captured. Client will notify Smarsh of any delivery failures or outages of its systems that could affect the transmission of Client Data. It is Client's responsibility to encrypt(i)data sent to the Services from Client's systems and (ii) historical data sent to Smarsh for ingestion.Smarsh will have no responsibility or liability for any data that Client transmits to Smarsh in an unencrypted format. Smarsh is not responsible or liable for any update,upgrade,patch,maintenance or other change to Client's systems or Third Party Services that affects the transmission of Client Data to the Service. It is Client's responsibility to ensure that the Services are configured to capture Client Data from all relevant end-user accounts or devices or web domains,as applicable. 4.3. Client is solely responsible for the content of Client Data.Client represents and warrants that(a) Client Data will not (i) infringe any third party right, including third party rights in patent, trademark,copyright,or trade secret,or(ii)constitute a breach of any other right of a third party, including any right that may exist under contract or tort theories;(b)Client will comply with all applicable local,state, national,or foreign laws,rules,regulations,or treaties in connection with Client's use of the Services, including those related to data privacy, data protection, communications, SPAM, or the transmission, recording, or storage of technical data, personal data,or sensitive information;and(c)Client will comply with the Acceptable Use Policy available at www.smarsh.com/legal/AUP. Smarsh may update the Acceptable Use Policy from time to time. 4.4. Client is responsible for creating an account within the Services and ensuring that (a) Client's account registration information is complete and accurate;and (b)Client's account credentials are confidential. Client will notify Smarsh immediately of any unauthorized use of Client's account or account credentials, or any other known or suspected breach of the security of Client's account.Client is responsible for the activity that occurs within Client's account and for Smarsh Services Agreement—General Terms I Page 2 of 9 smarsh the actions or omissions of Client's employees,contractors or agents,whether such person is or was acting within the scope of their employment,engagement,or agency relationship. Client will not permit Smarsh competitors to access the Services. 4.5. Client may provide Representatives with access to the Services,may purchase Services on behalf of Representatives,or where Client is required to review Representative communications,Client may use the Services to meet such requirement.A"Representative" means any entity(a)that Client controls or that is under common control with Client;or(b)on behalf of which Client has a regulatory requirement to archive or review communications data.Representatives'use of the Services is subject to the terms of this Agreement. Client is responsible for the actions or omissions of each Representative whether such person is or was acting within the scope of their employment,engagement,or agency relationship. 4.6. Client may designate user roles with different levels of access for use or support of the Services. An "Authorized User" is the administrative user(s) with the highest level of access and is responsible for managing the Services for Client. Only Authorized Users may appoint other Authorized Users,request or agree to changes to the Services,add or remove users,make billing inquiries, contact support, or take other, similar actions. A "User"is any individual who is granted login credentials to the Services.Users may not share account log in credentials. 5. Third Party Providers.The Services receive Client Data from third party sources and are dependent on the third party's services, software, applications, platforms (such as third party social media, business networking platforms systems, telecommunications carriers, or other messaging or communication services or APIs) ("Third Party Services"). Third Party Services are not offered, controlled or provided by Smarsh. A Third-Party Service may make changes to its service, or components thereof,or suspend or discontinue a service without notice to Smarsh. In addition,the availability of the Third-Party Service may depend on Client's compliance with the Third-Party Service terms.The Third-Party Service will have access to Client's data and will provide Client Data to Smarsh. Smarsh does not control and is not responsible or liable for how the Third-Party Service transmits, accesses, processes,stores, uses,or provides data to Smarsh.Smarsh expressly disclaims all liability related to or arising from any Third-Party Service,including Client's use thereof,or liability related to or arising from any updates,modifications,outages,delivery failures,corruption of data,loss of data, discontinuance of services, or termination of Client's account by the Third-Party Service. Client is solely responsible for ensuring Client complies with all Third-Party Service terms and conditions. Client acknowledges that certain Third-Party Services do not represent that they are suitable for sensitive communications and do not encrypt messages sent over such Third-Party Services networks, including social media providers, telecommunication carriers and certain messaging platforms.Client agrees that if Client transmits sensitive health or financial information via these unsecure Third Party Services networks, Client assumes all risk associated with such transmission and is responsible for any damages or losses incurred with respect to transmitting such sensitive data over such networks and to Smarsh. Such transmission may also be a breach of the AU P. 6. Term &Termination. 6.1. Term.The Agreement will begin on the Effective Date and will remain in effect for the term specified in the Order Form or,if no term is specified,12 months("Initial Term").The Initial Term will renew automatically for additional, successive 12-month terms (each a "Renewal Term"), unless Smarsh or Client provides the other party with written notice of non-renewal at least 60 days prior to the end of the Initial Term or the applicable Renewal Term, or either party terminates in accordance with section 6.2 or 6.3 below.The Initial Term plus any Renewal Term are,collectively,the"Term."Any Order Form executed after the Effective Date will co-terminate with Client's then-current Term. 6.2. Termination for Breach. Either party may terminate this Agreement if the other party materially breaches its obligations under this Agreement and such breach remains uncured for Smarsh Services Agreement—General Terms I Page 3 of 9 smarsha a period of 30 days following the non-breaching party's written notice thereof. Smarsh may suspend Client's access to the Services in the event of a breach of this Agreement and will not be liable for any damages resulting from such suspension. 6.3. Termination for Bankruptcy.This Agreement will terminate immediately,upon written notice, where (a) either party is declared insolvent or adjudged bankrupt by a court of competent jurisdiction;or(b)a petition for bankruptcy or reorganization or an arrangement with creditors is filed by or against that party and is not dismissed within 60 days. 6.4. Effect of Termination.Upon any termination or expiration of the Agreement: (a) all rights and licenses to the Services granted to Client by Smarsh will immediately terminate; (b) Client will pay any Fees due and payable up to the date of termination, except in the case of Smarsh's termination for Client's breach,and in such case,Client will paythe Fees owing for the remainder of the then-current Term;and (c) upon request,each party will return to the other or delete the Confidential Information of the other party, provided that if Client requests Smarsh to return Client Data from within Client's Professional Archive (defined in Professional Archive Service Specific Terms)instance,Client may(i)sign a separate Order Form for such Professional Services and will pay Smarsh's then-current data extraction and exportation fees plus any hardware costs as specified in such Order Form or(ii)sign a separate access-only agreement to maintain access to the Professional Archive with the ability to complete self-service exports. 7. Fees & Payment. Client will pay the fees for the Services as set forth in the Order Form ("Fees"). Following execution of the Order Form,Smarsh will activate or otherwise make available the Services listed in the Order Form by either delivering the software (if on-premise software is purchased) or providing Client with login credentials to an account within the applicable Service ("Activation Date").Beginning on the Activation Date,Client will be invoiced for the recurring Fees per the invoice schedule in the Order Form.One-time fees and fees for professional services will be invoiced per the terms of the Order Form,or the applicable statement of work.Client will pay Fees within thirty(30) days of the date of the invoice. If Client disputes any Fees,Client must notify Smarsh within 120 days of the date of invoice. Invoices not disputed within 120 days from the date of invoice will be deemed accepted by Client. Smarsh may charge a late fee of 1.5% per month on any Fees not paid when due. Smarsh may suspend Client's access to the Services in the event Client fails to pay the Fees when due.Smarsh will increase Fees upon each Renewal Term,provided that any such increase will not exceed five percent (5%) of the then current Fees. Smarsh will provide ninety (90) days' prior written notice of any such increase in Fees. 8. Minimum Commitment& Invoice of Overages. Client agrees that the recurring Fees are Client's minimum purchase commitment during the Initial Term and, upon renewal, each Renewal Term. The minimum commitment is the total sum of the recurring Fees set forth in the applicable Order Form. For Fees invoiced based on usage, (a) if Client's usage exceeds the minimum commitment specified in the Order Form,Smarsh will invoice,and Client will pay the additional Fees due for such usage at the rate specified in the Order Form; and (b) if Client's usage during a month is less than Client's minimum purchase commitment, Smarsh will invoice Client for the minimum purchase commitment.Client understands that even if Client terminates prior to the end of the Term or any Renewal Term,such minimum commitment shall be due to Smarsh. 9. Taxes.All Fees payable by Client under this Agreement are exclusive of taxes and similar assessments.Client is responsible for all sales,service,use and excise taxes,utility user's fees,VAT,911 taxes,or universal service fund fees or taxes,taxes assessed on the use of software or any other similar taxes, duties and charges of any kind imposed by any federal, state or local governmental or regulatory authority on any amounts payable hereunder,other than any taxes imposed on Smarsh's income. Smarsh Services Agreement—General Terms I Page 4 of 9 1 smarsh- 10. Confidentiality. 10.1. "Confidential Information"means(a)the non-public information of either party,including but not limited to information relating to either party's product plans, present or future developments, customers, designs, costs, prices, finances, marketing plans, business opportunities,software,software manuals, personnel, research,development or know-how; (b) any information designated by either party as"confidential"or"proprietary"or which,under the circumstances taken as a whole,would reasonably be deemed to be confidential; (c)the terms of this Agreement; or (d) Client Data. "Confidential Information" does not include information that: (i) is in, or enters,the public domain without breach of this Agreement; (ii) the receiving party lawfully receives from a third party without restriction on disclosure and without breach of a nondisclosure obligation; (iii) the receiving party knew prior to receiving such information from the disclosing party,as evidenced the receiving party's records;or (iv)the receiving party develops independently without reference to the Confidential Information. 10.2. Obligations with Respect to Confidential Information. Each party agrees: (a) that it will not disclose to any third party,or use for the benefit of any third party,any Confidential Information disclosed to it by the other party except as expressly permitted by this Agreement;and (b)that it will use at least reasonable measures to maintain the confidentiality of Confidential Information of the other party in its possession or control but no less than the measures it uses to protect its own confidential information . Either party may disclose Confidential Information of the other party. (i) pursuant to the order or requirement of a court, administrative or regulatory agency, or other governmental body, provided that the receiving party, if feasible and/or legally permitted to do so, gives reasonable notice to the disclosing party to allow the disclosing party to contest such order or requirement; or (ii) to the parties' agents, representatives,subcontractors or service providers who have a need to know such information provided that such party shall be under obligations of confidentiality at least as restrictive as those contained in this Agreement. Each party will promptly notify the other party in writing upon becoming aware of any unauthorized use or disclosure of the other party's Confidential Information. 10.3. Remedies.Each party acknowledges and agrees that a breach of the obligations of this Section 10 by the other party may result in irreparable injury to the disclosing party for which there may be no adequate remedy at law,and the disclosing party will be entitled to seek equitable relief, including injunction and specific performance,in the event of any breach or threatened breach or intended breach by the recipient of Confidential Information. 11. Intellectual Property. As between Smarsh and Client, all right, title and interest in and to the Services, the information technology infrastructure including the software, hardware, databases, electronic systems, networks, and all applications, APIs or Client-Side Software (as defined in the Service Specific Terms) required to deliver the Services,or made available or accessible to Client by Smarsh,including all documentation regarding the use or operation of the Services (collectively"Intellectual Property)are the sole and exclusive property of Smarsh. Except as expressly stated herein, nothing in this Agreement will serve to transfer to Client any right in or to the Intellectual Property.Smarsh retains all right,title and interest in and to Intellectual Property.As between Smarsh and Client,Client Data is the sole and exclusive property of Client and other than the limited license to Client Data granted hereunder,nothing in this Agreement will serve to transfer to Smarsh any intellectual property rights in Client Data. 12. Smarsh Representations and Warranties;Warranty Disclaimer. 12.1. Performance Warranty. Smarsh represents and warrants that it will provide the Services in accordance with generally accepted industry standards. Smarsh Services Agreement—General Terms l Page 5 of 9 smarsh 12.2. Authority.Smarsh represents and warrants that it has the right and authority to enter into this Agreement and that the performance of its obligations under this Agreement will not breach, or conflict with,any other agreement to which Smarsh is a party. 12.3. Compliance with Laws.Smarsh represents and warrants that it will comply with the laws and regulations applicable to Smarsh in its performance of the Services. 12.4. Warranty Disclaimer; No Guarantee.EXCEPT AS SET FORTH ABOVE, SMARSH MAKES NO REPRESENTATION OR WARRANTY OF ANY KIND IN CONNECTION WITH THE SERVICES, PROFESSIONAL SERVICES OR SOFTWARE, INCLUDING, WITHOUT LIMITATION, ANY INFORMATION OR MATERIALS PROVIDED OR MADE AVAILABLE BY SMARSH. SMARSH HEREBY DISCLAIMS ANY AND ALL OTHER REPRESENTATIONS AND WARRANTIES,WHETHER EXPRESS OR IMPLIED, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. SMARSH DOES NOT REPRESENT OR WARRANT THAT THE SERVICES OR SOFTWARE WILL BE AVAILABLE OR ERROR-FREE. SMARSH WILL NOT BE LIABLE FOR DELAYS, INTERRUPTIONS, SERVICE FAILURES OR OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET, ELECTRONIC COMMUNICATIONS,OR OTHER SYSTEMS OUTSIDE THE REASONABLE CONTROL OF SMARSH. SMARSH DOES NOT GUARANTEE THAT USE OF THE SERVICES BY CLIENT OR THE ADVICE, CONSULTING OR PROFESSIONAL SERVICES PROVIDED TO CLIENT WILL ENSURE CLIENT'S LEGAL COMPLIANCE WITH ANY FEDERAL, STATE, OR INTERNATIONAL STATUTE, LAW, RULE, REGULATION, OR DIRECTIVE.THE SOFTWARE IS NOT DESIGNED OR INTENDED FOR USE IN HAZARDOUS ENVIRONMENTS REQUIRING FAIL-SAFE PERFORMANCE, INCLUDING BUT NOT LIMITED TO ANY APPLICATION IN WHICH THE FAILURE OF THE SOFTWARE COULD LEAD DIRECTLY TO DEATH, PERSONAL INJURY,OR SEVERE PHYSICAL OR PROPERTY DAMAGE. 13. Indemnification. 13.1. Client Indemnification.Client will defend, indemnify and hold harmless Smarsh, its officers, directors, employees and agents, from and against all claims, losses, damages, liabilities and expenses (including fines, penalties, and reasonable attorneys'fees),arising from or related to the content of Client Data and Client's breach of the Service Specific Terms or Sections 4.2,4.3, 4.4,4.5,or 15.1 of this Agreement.Smarsh will (a) provide Client with prompt written notice upon becoming aware of any such claim; except that Client will not be relieved of its obligation for indemnification if Smarsh fails to provide such notice unless Client is actually prejudiced in defending a claim due to Smarsh's failure to provide notice in accordance with this Section 13.1(a); (b) allow Client sole and exclusive control over the defense and settlement of any such claim; and (c) if requested by Client, and at Client's expense, reasonably cooperate with the defense of such claim. 13.2. Smarsh Indemnification.Smarsh will defend, indemnify and hold Client harmless from third- party claims arising from a claim that the Services infringe any United States patent,trademark or copyright; provided that, Client shall (a) provide Smarsh with prompt written notice upon becoming aware of any such claim;(b)allow Smarsh sole and exclusive control over the defense and settlement of any such claim;and (c) reasonably cooperate with Smarsh in the defense of such claim. Notwithstanding the foregoing, Smarsh will not be liable for any claim that relates to or arises from: (i) custom functionality provided to Client based on Client's specific requirements; (ii) any modification of the Services by Client or any third party; (iii) the combination of the Services with any technology or other services,software,or technology not provided by Smarsh; or (iv) Client's failure to use updated or modified versions of the Services made available by Smarsh. Except as expressly provided in Section 14.1.3,the indemnification obligation contained in this Section 13.2 is Client's sole remedy, and Smarsh's sole obligation, with respect to claims of infringement. Smarsh Services Agreement—General Terms I Page 6 of 9 ;11 smarsh 14. Remedies and Limitation of Liability. 14.1. Remedies. 14.1.1. In the event of a breach of any warranty under Section 12 Smarsh will use commercially reasonable efforts to provide Client with an error correction or work-around that corrects the reported non-conformity.The foregoing remedy is Client's sole and exclusive remedy for a breach of Section 12. 14.1.2.In the event of a breach of the applicable Service Level Agreement, Smarsh will provide Client with the credit stated in the Service Level Agreement. The foregoing remedy is Client's sole and exclusive remedy for a breach of the applicable Service Level Agreement. 14.1.3.If the Services are subject to a claim of infringement under Section 13.2,Smarsh may,in its sole discretion, either (a) procure for Client the right to continue to use the Services; (b) modify the Services such that they are non-infringing;or(c) if in the reasonable opinion of Smarsh,neither(a)nor(b) is commercially feasible,then Smarsh may,upon thirty(30)days' prior written notice to Client,terminate the applicable Service. 14.2. Limitation of Liability. 14.2.1.IN NO EVENT WILL EITHER PARTY BE LIABLE TO THE OTHER, OR TO ANY THIRD PARTY, FOR ANY SPECIAL, INDIRECT, INCIDENTAL, PUNITIVE, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING LOSS OF: USE, DATA, BUSINESS,OR PROFITS),ARISING FROM OR IN CONNECTION WITH THE SERVICES OR SOFTWARE (AS DEFINED IN THE SERVICE SPECIFIC TERMS),WHETHER BASED ON BREACH OF CONTRACT,BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, REGARDLESS OF WHETHER SUCH DAMAGES WERE FORESEEABLE OR WHETHER THE PARTY HAD BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SMARSH WILL NOT BE LIABLE FOR ANY DAMAGES, WHETHER CONSEQUENTIAL OR OTHERWISE, ARISING FROM OR RELATED TO CLIENT'S NON-COMPLIANCE WITH ANY FEDERAL, STATE, OR INTERNATIONAL STATUTE, LAW, RULE,REGULATION,OR DIRECTIVE. 14.2.2.EXCEPT WITH RESPECT TO SECTION 13.1 (CLIENT INDEMNIFICATION), EACH PARTY'S AGGREGATE LIABILITY FOR ALL DAMAGES ARISING FROM OR RELATING TO THIS AGREEMENT, NOTWITHSTANDING THE FORM IN WHICH ANY ACTION IS BROUGHT (E.G., CONTRACT, TORT, OR OTHERWISE), WILL NOT EXCEED THE TOTAL FEES ACTUALLY RECEIVED BY SMARSH FROM CLIENT FOR THE APPLICABLE SERVICES IN THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE DATE OF THE INCIDENT FROM WHICH THE DAMAGES AROSE. 14.2.3.THE LIMITATION OF LIABILITY SET FORTH ABOVE IS CUMULATIVE;ALL PAYMENTS MADE FOR ALL CLAIMS AND DAMAGES WILL BE AGGREGATED TO DETERMINE IF THE LIMIT HAS BEEN REACHED. 15. General Terms. 15.1. Export Pestrictions.The Services and Software (as defined in the Service Specific Terms), including any software, documentation and any related technical data included with, or contained in,the Services of Software, may be subject to United States export control laws and regulations. Smarsh Public IM policy manager is classified under Export Control Classification Number(ECCN)5D002.c.1 and has been qualified for export under authority of license exception ENC, in accordance with sections 740.17(d) and 740.17(b)(3) of the U.S. Export Administration Regulations, 15 C.F.R. Part 730 et seq. (the "EAR"). It may not be downloaded or otherwise exported or re-exported into (or to a national or resident of) Crimea- Region of Ukraine, Cuba, Iran, North Korea,Sudan,Syria or any other country to which the United States has embargoed goods;or any organization or company on the United States Commerce Department's"Denied Smarsh Services Agreement—General Terms I Page 7 of 9 I smarsh Parties List." Client will comply with the export laws and regulations of the United States and other applicable jurisdictions when using the Services. Client will not transfer the Software, or any other software or documentation provided by Smarsh (a) to any person on a government promulgated export restriction list;or(b)to any U.S.-embargoed countries.Without limiting the foregoing: (a) Client represents that it and its Authorized Users and any other users of the Services are not named on any United States government list of persons or entities prohibited from receiving exports;(b)Client represents that Client will not use the Software or Services in a manner which is prohibited under United States Government export regulations; (c) Client will comply with all United States anti-boycott laws and regulations; (d) Client will not provide the Software or Service to any third party,or permit any user to access or use the Software or Service, in violation of any United States export embargo,prohibition or restriction;and(e)Client will not, and will not permit any user or third party to,directly or indirectly, export, re-export or release the Software or Services to any jurisdiction or country to which,or any party to whom,the export, re-export or release is prohibited by applicable law,regulation or rule. 15.2. Assignment. Neither party may assign this Agreement, in whole or in part,without the other party's prior written consent,except that either party may assign this Agreement without the other's consent in the case of a merger, reorganization,acquisition,consolidation,or sale of all, or substantially all,of its assets.Any attempt to assign this Agreement other than as permitted herein will be null and void.This Agreement will inure to the benefit of, and bind,the parties' respective successors and permitted assigns. 15.3. Force Majeure.A failure of party to perform,or an omission by a party in its performance of,any obligation of this Agreement will not be a breach of this Agreement,nor will it create any liability, if such failure or omission arises from any cause or causes beyond the reasonable control of the parties, including, but not limited to the following (each a "Force Majeure Event"): (a) acts of God;(b) acts or omissions of any governmental entity, (c)any rules, regulations or orders issued by any governmental authority or any officer,department,agency or instrumentality thereof;(d) fire,storm,flood,earthquake,accident,war, rebellion, insurrection, riot,strikes and lockouts;or (e) utility or telecommunication failures;so long as such party uses reasonable efforts to resume performance after any such Force Majeure Event. 15.4. Governing Law.This Agreement will be governed by and construed in accordance with the laws of the State of Delaware,without regard to conflict/choice of law principles.Any legal action or proceeding arising under this Agreement will be brought exclusively in the federal or state courts located in Multnomah County,in the State of Oregon,and the parties hereby irrevocably consent to the personal jurisdiction and venue therein. 15.5. Relationship of the Parties. The parties are independent contractors as to each other, and neither party will have power or authority to assume or create any obligation or responsibility on behalf of the other.This Agreement will not be construed to create or imply any partnership, agency,or joint venture. 15.6. Notices. Any legal notice under this Agreement will be in writing and delivered by personal delivery, express courier, certified or registered mail, postage prepaid and return receipt requested,or by email.Notices will be deemed to be effective upon personal delivery,one(1)day after deposit with express courier,five(5)business days after deposit in the mail,or when receipt is acknowledged in the case of email to Smarsh.Notices will be sent to Client at the address set forth on the Order Form or such other address as Client may specify. Notices will be sent to Smarsh at the following address: Smarsh Inc., Attention: Legal, 851 SW 6th Ave, Suite 800, Portland,OR 97204,or in the case of email,to legal@smarsh.com. 15.7. Publicity.Smarsh may disclose that Client is a customer of Smarsh. 15.8. Severability;Waiver. If for any reason a court of competent jurisdiction finds any provision or portion of this Agreement to be unenforceable,that provision of the Agreement will be enforced to the maximum extent permissible so as to effect the intent of the parties,and the remainder of this Agreement will continue in full force and effect. Failure of either party to insist on strict Smarsh Services Agreement—General Terms Page 8 of 9 smarsh® performance of any provision herein will not be deemed a waiver of any rights or remedies that either party will have and will not be deemed a waiver of any subsequent default of the terms and conditions thereof. 15.9. Entire Agreement; Electronic Signatures. This Agreement is the entire agreement between the parties with respect to its subject matter, and supersedes any prior or contemporaneous agreements, negotiations, and communications, whether written or oral, regarding such subject matter. Smarsh expressly rejects all terms contained in Client's purchase order documents,or in electronic communications between the parties,and such terms form no part of this Agreement. The parties agree that electronic signatures,whether digital or encrypted,or Client's click-through acceptance of this Agreement, give rise to a valid and enforceable agreement. 15.10. Amendments. Smarsh may amend this Agreement by posting a revised version to www.smarsh.com/legal or at the Services log-in prompt.Client accepts the revised version of this Agreement by either (a) click-through acceptance at the Services log-in prompt; (b) execution of an Order Form incorporating the revised version; or (c) continued use of the Services for 30 days following the earliest notice of such revised version provided to an Authorized User at the Services log-in prompt. 16. IF CLIENT IS LOCATED IN EUROPE, THE FOLLOWING MODIFICATIONS TO THE ABOVE TERMS APPLY: 16.1. Sections 14.2.1—14.2.3 are replaced with the following Sections 14.2.1—14.2.3: 14.2.1 Limitation of Consequential Damages. Subject to 14.2.3, in no event shall either party be liable under or in relation to this Agreement or its subject matter (whether such liability arises due to negligence,breach of contract,misrepresentation or for any other reason)for any: (a) loss of profits;(b) loss of sales;(c) loss of turnover;(d) loss of,or loss of use of,any(i)software or(ii)data; (e) loss of use of any computer or other equipment or plant; (f) wasted management or other staff time; (g) losses or liabilities under or in relation to any other contract;or(h) indirect,special or consequential loss or damage. 14.2.2 Limitation on Direct Damages. Subject to Sections 14.2.1 and 14.2.3, Smarsh's aggregate liability arising from or in connection with this Agreement (and whether the liability arises because of breach of contract, negligence, misrepresentation or for any other reason) shall not exceed 1.25 times the amounts paid or payable (having been invoiced but not yet paid) by Client for the license to use the Service. 14.2.3 Notwithstanding anything to the contrary in this Agreement, neither party excludes or limits its liability in respect of death or personal injury caused by the negligence of that party,its servants or agents, breach of any condition as to title or quiet enjoyment implied by Section 12 Sale of Goods Act1979 or Section 2 Supply of Goods and Services Act 1982,or liability for fraudulent misrepresentation or such other liability which cannot under applicable law be excluded or limited by Agreement. 16.2. Section 15.4 is replaced with the following: 15.4 Governing Law and Jurisdiction.This Agreement and all matters arising out of or relating to this Agreement shall be governed by the laws of England and Wales and the parties agree to submit to the exclusive jurisdiction of the English courts. The parties agree that the United Nations Convention on Contracts for the International Sale of Goods is specifically excluded from application to this Agreement. Notwithstanding anything in this Agreement to the contrary, nothing in this Agreement prevents either party from seeking injunctive relief in the appropriate or applicable forum. Smarsh Services Agreement—General Terms I Page 9 of 9 smarsh- Capture.Reveal.Respond. Information Security Addendum Overview Smarsh will implement and maintain a written information security program that maintains administrative, technical, and physical safeguards, designed to: • ensure the security and confidentiality of all Client Confidential Information that is processed, stored, or controlled by Smarsh; • protect against anticipated threats or hazards to the security or integrity of such Confidential Information; • prevent unauthorized access to or loss, acquisition, disclosure, or use of such Confidential Information; and • ensure the secure disposal of such Confidential Information in compliance with applicable National Institute of Standards and Technology (NIST) standards. Smarsh will use reasonable efforts to ensure its written information security program and administrative, technical, and physical safeguards align with accepted industry practices [such as applicable security standards published by International Organization for Standardization (ISO) or NIST], and comply with applicable data protection and privacy laws, as well as the terms and conditions of the Agreement, including those contained in this Information Security Addendum. Detailed information about Smarsh's information security program is contained in the security documentation available by secure login at https://central.smarsh.com. Smarsh will designate a security manager to oversee its information security program and ensure its compliance with this Information Security Addendum. 1. Personnel Security 1.1. Screening. Smarsh will perform criminal background checks on all Smarsh employees prior to commencement of employment. Smarsh shall not allow any employee to perform services for Client or to access Client Data if such background checks reveal such individual was convicted of a crime involving any type of theft, fraud, bribery, other dishonest acts or the violation of any securities law. 1.2. Training. Smarsh will provide annual security awareness training to all Smarsh employees and contractors and will require Subcontractors to provide such training for their employees. Smarsh will provide additional role-based security training for Smarsh employees and contractors with access to Client Data or the applications that process and store Client Data. Page 1 of 7 smarsh'M Capture.Reveal.Respond. 1.3. Revocation. Smarsh will revoke physical and logical access for each Smarsh employee within 24 hours of such employee's termination of employment. 2. Facilities & Systems Security 2.1. Facilities Access. Smarsh will employ physical security procedures to ensure that only authorized individuals and guests have access to corporate facilities. Such procedures will include the use of CCTV, cardkey access, processes to log and monitor visitors, and use of receptionists or security guards. Smarsh will maintain surveillance records for at least ninety (90) days. 2.2. Systems Access. Smarsh will follow the principle of"least privilege" when granting access to Smarsh systems. Smarsh will enforce complex password requirements across all Smarsh systems to minimize password-related access control risks. Smarsh will utilize multi-factor authentication when feasible. Smarsh's information security policies will prohibit Smarsh employees from sharing, writing down, emailing, IM'ing or storing passwords unencrypted on any Smarsh system (including desktops). 3. Product Security 3.1. Smarsh will leverage a "security by design" approach and will utilize a software development life cycle that follows best practices defined by NIST and the OWASP Software Assurance Maturity Model (SAMM). 3.2. Smarsh will proactively ensure the security of its applications and environment by leveraging a "security by design"approach.Smarsh will, in accordance with industry accepted benchmarks such as those published by the Center for Internet Security (or equivalent), security-harden all network devices and servers that will host or process Client Data and code or web applications that are under Smarsh control. Smarsh will perform both static and dynamic automated web application security code analysis on all code prior to deployment in a production environment and correct security flaws discovered by source code analyses prior to deployment. Smarsh will, in accordance with generally accepted industry standards, monitor the Services and Smarsh networks, servers, and applications for potential security vulnerabilities. Smarsh will promptly respond to any identified vulnerabilities and assess criticality to resolve, or implement compensating controls for,such identified vulnerabilities within a reasonable amount of time, taking into account the risks posed by each such vulnerability. 3.3. Smarsh will employ then-current industry-standard measures to test the Services for (a) 'back door,' 'time bomb,' 'Trojan Horse,' 'worm,' 'drop dead device,' `virus', Page 2 of 7 oismarsh- Capture.Reveal.Respond. 'spyware' or 'malware;' or (b) any computer code or software routine that disables, damages, erases, disrupts or impairs the normal operation of the Services or any component thereof. 3.4.Smarsh QA and test networks and environments will be physically or logically separated from production networks and environments and will not be globally accessible to anyone on the internet. Administrative passwords across QA and test environments will be different than those used in production environments. 3.5. Smarsh will enforce a formal change management process which will include tracking and approving all product changes. Any such changes will be internally reviewed and tested within a staging environment before such changes are finalized and deployed. 3.6.Smarsh will not use Client Data for testing purposes. 4. Data Center Security 4.1. Data Center Access. Smarsh will employ physical security procedures and controls to ensure that only authorized individuals have access to Smarsh data centers. 4.2.Physical Security. Smarsh will employ data center security measures that align with the AICPA trust principles for physical security and will, at a minimum, secure Smarsh data centers using: floor-to-ceiling walls, multi-factor authentication for data center access, 24/7 security monitoring, alarmed exits, and onsite security personnel. 4.3.Data Center Locations. Smarsh primary and disaster recovery data centers will be located in geographically diverse locations to enhance security, availability, and resiliency. 5. Secure Configuration Smarsh will use the Center for Internet Security (CIS) benchmarks for its secure baseline configurations. Smarsh will use secure configuration management tools to alert of changes to baseline configurations. 6. Data Management 6.1. Segregation. Client Data will be logically segregated from the data of other Smarsh clients. 6.2. Encryption. Smarsh will encrypt Client Data in transit and at rest using encryption techniques that comply with security industry standards published by NIST. Page 3 of 7 smarsh- Capture.Reveal.Respond. 6.3. Back-ups. Smarsh leverages data replication across multiple geographically dispersed data centers as well as a local backup data center. 6.4. Media Destruction. Smarsh will ensure removal of all data from any media taken out of service and destroy or securely erase such media to make it unreadable, undecipherable, and unrecoverable by any means in compliance with applicable NIST standards. 6.5. Removable media. Smarsh will not allow its employees to store Client Data on any portable removable media (such as USB mass storage, external hard drives, and CD/DVDs); provided, however, that if storage on removable media is required to support the services (such as for client-requested data exports) provided under the Agreement, portable removable media must be encrypted as described above in Section 4.2. 7. Vulnerability Management 7.1. Smarsh will deploy vulnerability scanning mechanisms in its information systems and on hosted applications and will configure such mechanisms to conduct regular scans on Smarsh operating systems and infrastructure, web applications, and databases. Smarsh will analyze and assess all scan reports. 7.2. Smarsh will undergo annual penetration testing and will conduct quarterly security audits to identify potential vulnerabilities in the infrastructure used to provide the Services. Smarsh will implement a software/firmware patching program and will apply updates to all infrastructure components in a timely manner in accordance with the NIST 800-53 vulnerability remediation guidelines for critical or high-risk vulnerabilities. 8. Application Performance and Security Smarsh will use industry-standard technology and tools to monitor the uptime status of its hosted applications and send alerts when any warning conditions need to be reviewed. Smarsh will use industry-standard firewalls, IDS/IPS technology, and malware detection on its networks and hosted applications and will harden its device configurations. Smarsh will require the use of VPN for access to its secure networks. 9. Business Resiliency and Incident Response 9.1. Incident Response. Smarsh's information security program will include written incident response policies and procedures to define roles and responsibilities in the event that there is any actual, or reasonably suspected, unauthorized access to Smarsh facilities or Smarsh systems ("Security Incident"). Such policies and procedures will include processes to ensure that (i) server logs are maintained; (ii) all Page 4 of 7 1smarsh- Capture.Reveal.Respond. Security Incidents (defined below) are appropriately logged; (iii) all such server logs are retained for at least ninety (90) days; (iv) all such Security Incident logs are retained for at least three (3) years; and (v) all such logs are appropriately protected to ensure the integrity of such log. Smarsh will immediately implement such procedures immediately upon becoming aware of a Security Incident. 9.2. Client Data Incident. Upon becoming aware of any actual or reasonably suspected unauthorized third-party access to, or disclosure of, Client Data ("Client Data Incident"), Smarsh will: (i) immediately investigate, and take reasonable measures to remediate, the cause of such Client Data Incident, and (ii) promptly, but no later than forty-eight (48) hours after discovery, notify Client of such Client Data Incident. The notification will include, to the extent known, details of the incident, including the time, date, and nature of the incident and contact information for a member of Smarsh's information security team who can answer additional questions. 9.3. Business Continuity/Disaster Recovery. Smarsh will maintain a Business Continuity and Disaster Recovery Plan ("BCP") for the Services and implement the Plan in the event of a disaster, as defined in the BCP. The BCP will include disaster avoidance procedures which are designed to safeguard Client Data and Smarsh's data processing capabilities in the event of a disaster as defined in the BCP. Smarsh will make an executive summary of the BCP available in its Security Packet. Smarsh will test the BCP on at least an annual basis. 10. Annual Security Reviews 10.1. Smarsh will undergo an annual independent third-party SSAE 16 SOC 2 Type II (or its equivalent or successor) assessment of its information security program and its administrative, technical, and physical safeguards for all facilities used to deliver the Services. Such assessment will include, at a minimum, a network-level vulnerability assessment based on recognized industry practices. 10.2. Smarsh will assess criticality and remediate, or implement compensating controls for, all issues identified in such assessment in a timely manner based on level of criticality and risk. 10.3. Smarsh will include an executive summary of the results of such assessment in the Security Packet available to Client via login at https://central.smarsh.com. 11. Vendor and Third-Party Security 11.1. Risk Assessments. Smarsh will conduct an initial risk review and verification before engaging third-party vendors or subcontracting any of the Services. Thereafter, Smarsh will conduct annual risk reviews of such third-party vendors and subcontractors. Page 5 of 7 Ismarsh- Capture.Reveal.Respond. 11.2. Subcontractors. A list of Smarsh subcontractors is available at https://www.smarsh.com/legal/subprocessors. Smarsh will provide prior notice to Client and allow time for Client to object before Smarsh engages any new subcontractors who will have access to or process Client Data. If Smarsh uses subcontractors to perform any of the Services, Smarsh will (a) enter into a written agreement with each such subcontractor that imposes obligations on the subcontractor (i) that are at least as restrictive as those imposed on or required of Smarsh under the applicable provisions of the Agreement and (ii) that prohibit the subcontractor from accessing or using Client Data except to the extent necessary to perform the subcontracted services; (b) only disclose Client Data to such subcontractor to the extent necessary for the subcontractor to perform the subcontracted services, (c) not be relieved of any of its obligations under this Agreement; and (d) remain liable and responsible for the performance or non- performance of such subcontractor. 12. Client Security Assessments 12.1. Security Documentation. To facilitate Client's risk-based assessment of Smarsh's information security program and administrative, technical, and physical safeguards applicable to Client's Confidential Information, Smarsh will make its Security Packet available to Client via https://central.smarsh.com. The Security Packet includes, among other documentation, Smarsh's completed industry- standard information gathering questionnaire ("SIG") and Smarsh's annual independent SSAE 16 SOC 2 Type II report. Smarsh will update the Security Packet on a regular basis. If Client requests that Smarsh complete Client's security or other questionnaire(s) in lieu of, or in addition to, the Security Packet, Client must execute an order form and pay a professional services fee based on the size and scope of such questionnaire(s). 12.2. On-site Assessments. Where sufficient to allow Client to complete its risk-based assessment of Smarsh's information security program and administrative, technical, and physical safeguards applicable to Client's Confidential Information, Client shall refer to Smarsh's Security Packet. If Client desires to complete an on- site assessment, Client may conduct no more than one on-site assessment in a 12- month period, all such requests must be received by Smarsh at least 30 days prior to the requested assessment date, all such on-site assessments must be conducted during Smarsh's normal business hours, and Client shall bear all costs associated with such on-site assessment. Smarsh will scope the work required to facilitate such assessment and provide Client with a quote for the professional services fees associated with such on-site assessment. If Client desires to proceed with such on-site assessment, Client must execute an order form or statement of work for such on-site assessment and provide Smarsh with its proposed list of Page 6 of 7 zismarsh- Capture.Reveal.Respond. attendees. Smarsh will invoice Client for such on-site assessment, and Client shall pay the associated fees within 30-days of the invoice date. 13. Export Controls Smarsh will comply with the export laws and regulations of the United States and other applicable jurisdictions when providing the Services. Smarsh will neither conduct business with nor allow access to its information systems by (a) any person on a government promulgated export restriction list; (b) any U.S.-embargoed countries;or (c) any organization or company on the U.S.Commerce Department's"Denied Parties List." Page 7 of 7 Chad Knodel From: Customer Success <customersuccess@smarsh.com> Sent: Thursday,June 18, 2020 10:41 AM To: Chad Knodel Subject: RE: RE Renewal [ ref:_00D301 FgxH._5004Ox4mN1:ref] Case: 01697094 Service Account Number: 41209 Hello Chad, This item on the contract is unable to be edited. Smarsh is currently not enforcing any fees for late payments. Kind Regards, Rachael Lam I Customer Success Specialist SMARSH -The Comprehensive Archiving Solution TM www.smarsh.com Attend our weekly live demo Sign up at:Watch It Work! Contact customer support here! 1 Original Message From: Chad Knodel [cknodel@spokanevalley.org] Sent: 6/18/2020 8:15 AM To: customersuccess@smarsh.com Subject: RE: RE Renewal [ ref:_00D301FgxH._5004Ox4mN1:ref I Hi Rachael, After reviewing the Smarsh Services Agreeement, we are asking that the fee for late payment (section 7) be reduced from 1.5%to 1%to be consistent with Washington State law. Thank you, Chad Knodel I IT Manager 10210 E.Sprague Avenue I Spokane Valley, WA 99206 (509) 720-5055 I cknodel@sookanevalley.org rot This email and any attachments may be subject to disclosure pursuant to Washington State's Public Record Act,chapter 42.56 RCW From: Customer Success<customersuccess@smarsh.com> Sent: Wednesday,June 17, 2020 9:51 AM To: Chad Knodel <cknodel@spokanevalley.org> Subject: RE: RE Renewal [ ref:_00D301FgxH._5004Ox4mN1:ref 2 M M M M M M M M M M M O O O O O O O O O O O N N N N N N N N N N N O O O O O O O O m M c-I lD LD LD LID c-I lI•I N N N L11 Ln v 1 4 .4 DO c-I c 1 c-i t-i r-I I� r-i ri Ln LC) LI) Ln Ln Ln to Lf) Ln Ln Ln Lf) O O O O O O L11 vI 4 .4 M O o 0 0 0 0 0 0 r-I r-1 d- O o 0 0 o O M M o O o M c-i r-I r-I r-I N lD Lc; 00 00 ci c-I r-I r-i ri N N v-I r-1 to O O O O O O O O O O O c-i c-I c-I ri a-I c-I r-I v I v I v I v I < O O O O O o O O O O O c0 O O O O O r-I o 0 0 0 0 o O O O O O o O O O O L LD LD LD LD lD LD lD LD LD lD LD m O O O O O O O O O O O L11 01 O1 01 01 O1 01 01 01 01 C1 01 L N N N N N N N N N N N a) Cl a) U t/? I/? t4 i/} i/? t/} t/? tt VI. t4 t/? fa (7 i O C C 0 (13 7• N L O" L- i • aJ 0 } o a) on 0 C Cu) = h0 o L 0 C ca f U Y pp qA = = f6 C — OL ca Y v ca o o d R. V) U H Z (9 m CO Ln LD I, LD 00 01 N Cr) O r-I lD Ln Lf) Ln LC) LD LD N N N N co-, 00 00 00 00 00 00 00 00 00 00 • 01 CT) CT) CT) 01 01 01 01 CT) CT) O O O O O O O O O O m m m m m M m M M M M Ln Lf) Lf) lf) Ln Ln Ln Ln L11 Ln 111 Ol Ol O1 Q1 Ql 01 Ql Ol Q1 Ol O1 O O O O O O O O O O O L) Ln L) Ln Lf) Ln Lf) Ln Lf) Ln Ln 0 di- O Q1 N O N 01 N N Mna a) C • U U U U ate) 2 fa C C C C a) cCa 0 + a) W O O COJ U 2 N U U C C = }J },, y ,-, J L L C co C 4-, U U U u (Es co U U U a o_ LT_ T. U ra a) C a) Cr OD `^ .C- C C > 0 LC L 0- Q U C L X co (a aj X 7 LU CC CC CC CC CC CC CC CC CC CC CC 4! L XXXXXXXXXXX 7 -CLn ° + v a a) a, a) a a a v v a) a) a, 0 N O C C C C C C C C C C C >- U a) U 0 0 0 0 0 0 0 0 0 0 0 E a.. •L U 'L L L L L L L L L L L N U In D_ J CL 0_ 0_ 0_ Q. 0- 0- C2 C2 CZ Q Q