The URL can be used to link to this page

Home My WebLink AboutJulota Impact Auburn WA RECREATED FINAL COPY 19FEB2020.docxpage 1 of 21 Software as a Service (SaaS) License Agreement This Software as a Service Agreement (“SaaS Agreement” or “Agreement”), effective on 1/13/20 (“Effective Date”), is made by and between TouchPhrase Development, LLC d/b/a Julota, which has a place of business at 102 S. Tejon St., Ste. 1100, Colorado Springs, CO 80903 (“Julota”), and the City of Auburn, WA , which has a place of business at 25 West Main Street, Auburn, WA 98001 (“Customer”), in exchange for the mutual promises contained herein, the receipt and legal sufficiency of which are acknowledged. Julota and Customer shall be collectively referred by as the “Parties”. Julota provides a platform for organizations: a) to provide services directly to individuals seeking assistance through it; b) to coordinate with other individuals or organizations to provide services to individuals seeking assistance that it does not provide directly; c) to cooperate with other organizations to identify services needed for individuals seeking assistance; or d) to assemble, monitor and direct Care Team(s) (defined below). 1. DEFINITIONS. 1.1 Care Team means an individual or an organization used or assembled by or through Customer or on behalf of Customer or in conjunction with Customer to assist Customer, directly or indirectly, in providing to a Help Seeker (defined below) the assistance he or she seeks or requires. 1.2 Customer Data means any data collected through the provision of these services, excluding publicly available data and data previously obtained by Julota. Customer Data may include Personal Data. 1.3 Customer Website means the website owned and operated by Customer as identified in the applicable Order Schedule. 1.4 Documentation means any user guide, help information and other documentation and information regarding the Hosted Service that is delivered by Julota to Customer in electronic or other form, if any, including any updates provided by Julota from time to time. 1.5 Health Privacy Laws means (i) the Health Insurance Portability and Accountability Act of 1996, as amended and including any implementing regulations (“HIPAA”); (ii) HITECH; (iii) 42 C.F.R. Part 2; and (iv) any other applicable federal or state statute, regulation, administrative or judicial ruling requiring a party to protect the confidentiality, privacy and/or security of Personal Data and other healthcare-related information pertaining to Help Seekers. 1.6 Help Seeker(s) means the individual seeking assistance from or through the Customer for health or non- health related assistance. 1.7 Hosted Service means the real-time website service hosted by Julota and provided to Customer from time to time. The Hosted Service includes any change, improvement, extension or other new version thereof that is developed or otherwise made available to Customer. 1.8 Julota API means the Julota application programming interface, scripts, widgets, embeddable snippets and other tools that allow Customer to integrate the Customer’s website or any other system of Customer with all or part of the Hosted Services. 1.9 Personal Data means any personal information that Julota collects, receives, or obtains, from Customer that does or can identify a specific individual or by or from which that specific individual may be identified, contacted or located, such as the individual’s name, address, social security number, or any information that applicable law proscribes as personally identifiable information. Personal Data may include Protected Health Information (defined below). 1.10 Platform means all ideas, concepts, inventions, systems, platforms, software, interfaces, tools, utilities, templates, forms, content, graphics, techniques, methods, processes, algorithms, code, know-how, trade secrets and other technologies, implementations and information that are used by Julota in providing the Julota services, including any innovations, revisions, enhancements, upgrades or improvements of the foregoing. 1.11 Protected Health Information or PHI shall have the same meaning as the term “protected health information” as defined in HIPAA. 1.12 Services means, collectively, the Hosted Service, Platform, Julota API (if available or applicable), and Documentation, as described in the applicable SOW (defined below). 2. SERVICES. Subject to the terms and conditions of this Agreement, Julota will provide Customer with access to the Services as described in each Statement of Work “SOW”. The first SOW will be Exhibit A-1 and each subsequent SOW will be designated “Exhibit A-___”, completing the blank for each subsequent SOW with the appropriate number, in ascending numerical order. A sample form SOW is attached as Exhibit A. Each SOW will be subject to the terms of this Agreement. In the event of any conflict between the terms and conditions of this Agreement and the terms and conditions of a SOW, the terms and conditions of the SOW shall govern as to that SOW only. Customer’s use of the Services is subject to this Agreement and the applicable SOW. 3. LICENSE GRANT. 3.1 License Grant to Customer. Subject to the terms and conditions of this Agreement, Julota grants Customer (defined in the applicable SOW), during the term of the DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 2 of 21 applicable SOW and the term of this Agreement (whichever period is shorter), a non-exclusive, non-transferable right and license to access and use the Services as provided for in the applicable SOW. The Services will also be provided pursuant to the service levels set forth in the Service Level Agreement (“SLA”), which is attached as Exhibit B. 3.2 License Restrictions for Customer. Customer shall not, directly or indirectly, permit any third party to: (i) reverse engineer, decompile, disassemble or otherwise attempt to discover the source code or underlying ideas or algorithms of the Services; (ii) modify, translate, or create derivative works based on the Services; (iii) rent, lease, distribute, sell, resell, assign, or otherwise transfer its rights to use the Services; (iv) make the use of the Services available to anyone other than for its own internal purposes; (v) use the Services for timesharing or service bureau purposes or otherwise for the benefit of a third party; (vi) remove any proprietary notices from the Services or any other Julota materials furnished or made available hereunder; (vii) publish or disclose to third parties any evaluation of the Services; (viii) use the Services in automatic, semi-automatic or manual tools designed to create virus signatures, virus detection routines, or any other data or code for detecting malicious code or data; or (ix) use the Services to build a competitive product or service, or copy any features, functions or graphics of the Services. 3.3 API License. If provided for in the applicable SOW, Julota hereby grants Customer, during the term of the applicable SOW, a nonexclusive, nontransferable, nonassignable, license to access and use the Julota API solely in connection with its use of the Services. 3.4 License Grant to Julota. Customer grants Julota, during the term of this Agreement and the applicable SOW, a non-exclusive, non-transferable, non-sublicensable license for it to use Customer Data and its trademarks (the “Marks”) for the sole purpose of providing the Services or as otherwise set forth in this Agreement. Customer reserves all ownership and other rights in the Customer Data and the Marks not expressly included herein and nothing in this Agreement shall be deemed to convey or transfer to Julota any ownership rights in or to the Customer Data or the Marks. Notwithstanding the foregoing, Customer understands that it may not be the exclusive owner of Customer Data. 3.5 License Restrictions for Julota. Julota’s license to the Marks is subject to the following restrictions: (i) all of Julota’s uses of the Marks must be preapproved by Customer; (ii) Julota shall not use any Marks in such a way as to give the impression that they are the property of anyone other than Customer; and (iii) Julota shall comply with Customer’s trademark guidelines, if any, and any other reasonable requirements established by Customer concerning the style, design, display, and use of its Marks. Customer’s trademark guidelines, if any, are attached as Exhibit C. 4. PRIVACY. Julota may collect or store Customer Data, which may contain Personal Data concerning Help Seekers in connection with the provision of the Services. Julota will comply with its non-disclosure obligations set forth in this Agreement. The Parties agree to comply with the requirements of all Health Privacy Laws. The Parties agree that Julota will serve as a Business Associate with respect to certain Services it provides to Customer. Accordingly, as it applies to such Services, the Parties shall execute and abide by the terms set forth in the business associate agreement attached hereto and incorporated herein as Exhibit D (“BAA”). 5. PASSWORDS/SECURITY/DISCLOSURE. 5.1 Passwords. Customer is responsible for maintaining the confidentiality of its passwords. Customer is solely responsible for any and all activities that occur under its account and all charges incurred from use of the Services accessed with Customer’s passwords. Customer agrees to immediately notify Julota of any unauthorized use of Customer's account or any other breach of security known to Customer. Julota shall have no liability for any loss or damage arising from Customer's failure to comply with these requirements. 5.2 Security. Julota will maintain the Services at a third- party hosting facility and will implement industry standard security precautions, which are intended to prevent unauthorized access to Customer Data. Customer acknowledges that, notwithstanding such security precautions, use of, or in connection to, the internet provides the opportunity for unauthorized third parties to circumvent such precautions and gain access to the Services and Customer Data. 5.3 Disclosure. Customer agrees that Julota and its agents, which have agreed to confidentiality obligations at least as restrictive as Julota’s obligations in this Agreement, can access Customer Data and its account information in order to respond to its service requests and/or as necessary, in Julota’s sole discretion, to provide Customer with the Service. Julota will not otherwise disclose such data except if compelled by law, permitted by Customer, or pursuant to the terms of the BAA and the terms of Julota’s Privacy Policy, which is available at https://www.julota.com/privacy-policy (the “Privacy Policy”) and is incorporated into this Agreement. The terms of this Agreement shall supersede any inconsistent terms in the Privacy Policy. 5.4 Permission to Disclose. By submitting any Help Seeker’s Personal Data to the Hosted Services and providing said Personal Data to Julota for processing, Customer warrants that it has: (i) legal authority to disclose such Personal Data in compliance with Health Privacy Laws and (ii) if required by Health Privacy Laws, this Agreement, or Julota’s Privacy Policy or other policies, the necessary permissions, authorizations and consents from the Help Seekers that it enters Personal Data about through the Services and for the viewing and processing of their Personal Data and Customer Data by Julota, its agents, third-party service providers, other organizations utilizing the Hosted Services to provide assistance to Help Seekers, and Care Teams as set forth herein. DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 3 of 21 6. OWNERSHIP. 6.1 With the exception of Customer Data, the Platform, the Hosted Services, and all information, reports, studies, object and source code (including without limitation the Services and all modifications, enhancements, additions, upgrades, or other works based thereon or related thereto), flow charts, product documentation, diagrams, specifications, methods and other tangible or intangible material of any nature whatsoever produced through or as a result of or related to any product, service or deliverable (collectively, “Works”) or development of any data analytics or usage models hereunder, and all patents, copyrights, trademarks and other proprietary rights related to such Works and models, shall be the sole and exclusive property of Julota, its Affiliates (defined below) or their third party providers (collectively, “Julota Property”). Nothing in the Agreement shall convey to Customer any title to or ownership of any Julota Property. Customer hereby irrevocably assigns and transfers to Julota, its Affiliates or their third-party providers all rights, title, and interest in any such Works and models. “Affiliate” means an entity that controls, is controlled by, or under common control with a party, where “control” means the direct or indirect ownership of more than 50% of the voting securities of such entity or party. No rights are granted to Customer hereunder other than as expressly set forth herein. 6.2 Customer acknowledges and agrees that Julota shall have the right to utilize data capture, syndication, and analysis tools, and other similar tools, to extract, compile, synthesize, and analyze any non-personally and non-Customer identifiable data or information resulting from Customer’s use of the Service (“Statistical Data”). Statistical Data may be collected by Julota for any lawful business purpose without a duty of accounting to Customer, provided that the Statistical Data is used only in an aggregated form, without specifically identifying the source of the Statistical Data. Except for the limited rights granted herein, at no time shall Julota acquire any ownership, license, rights or other interest in or to the Customer Data, all of which shall, as between Customer and Julota, be and remain the confidential and proprietary information of Customer. 6.3 Julota shall have a royalty-free, worldwide, transferable, sub-licensable, irrevocable and perpetual license to incorporate into the Service or otherwise use Statistical Data, any suggestions, enhancement requests, recommendations or other feedback Julota receives from Customer. 7. CUSTOMER OBLIGATIONS. 7.1 Process. Customer shall assign two (2) representatives who will be responsible for all communications with Julota related to the use of the Services. 7.2 Conduct. Customer is and will be solely responsible for its actions and the actions of its authorized users while using the Services. Customer is and will also be solely responsible for the actions of each Care Team and each of the Care Team’s officers, directors, members, employees, agents, contractors, subcontractors and individual(s) related to Customer’s use of the Services or the provision of assistance to any Help Seeker. Customer is and will be responsible for all claims made by a Care Team related to any transaction related to the Services. Customer acknowledges and agrees that Julota is not liable for, or responsible to, remediate any issues found on Customer’s network or in Customer’s web traffic through the Services. In addition to the conduct restricted in Section 3.2 (License Restrictions for Customer), Customer agrees, on behalf of itself and its authorized user(s) to: (i) abide by all laws and regulations including, without limitation, all laws applicable to any service Customer provides or any Care Team provides to a Help Seeker and all laws applicable to the transmission of technical data exported from the United States through the Services and to wireless e-mail marketing and advertising; (ii) not to upload or distribute in any way content that contain viruses, corrupted files, or any other similar software or programs that may damage the operation of the Services or another's computer or mobile device; (iii) not to use the Services for illegal, fraudulent, unethical or inappropriate purposes; (iv) not to interfere or disrupt networks connected to the Services or interfere with the ability of others to access or use the Services; (v) not to distribute, promote or transmit through the Services any unlawful, harassing, libelous, abusive, threatening, harmful, vulgar, obscene, pornographic, indecent, defamatory, hateful, racially, ethnically, unwanted or otherwise objectionable material of any kind or nature; (vi) not to transmit or post any material that encourages conduct that could constitute a criminal offense or give rise to civil liability; (vii) not to interfere with another customer's use and enjoyment of the Services or another entity's use and enjoyment of similar services; (viii) not to engage in, or permit others to engage in, contests, chain letters or post or transmit "junk mail," "spam," "chain letters," or unsolicited mass distribution of e-mail; and (ix) to comply with all regulations, policies and procedures of networks connected to the Services, Julota, or Julota’s service providers, as the same may be promulgated from time to time. Julota may remove any violating data on the website posted or stored using the Services or transmitted through the Services, without notice to Customer; however, Julota has no obligation to do so. 7.3 Customer shall maintain privacy policies on its website and shall deliver printed hard copies of its privacy policies to each Help Seeker prior to entering any information about the Help Seeker through the Services. Customer will ensure that its practices for storing and safeguarding Help Seeker related information are consistent with industry privacy, security standards and all applicable legal requirements. Customer must obtain the necessary authorizations and its privacy policy must include the following disclosures and terms sufficient to allow for: (i) the collection and processing of data from Help Seekers, including any Personal Data from a Help Seeker; (ii) Julota’s processing of Help Seeker data; (iii) the use of Personal Data belonging to Help Seekers as contemplated in the provision of the Services and in the applicable SOW; (iv) DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 4 of 21 the maintenance and retention of Personal Data after assistance is rendered by Customer to a Help Seeker; v) the processing and sharing of Personal Data and other data of Help Seekers with other organizations utilizing the Hosted Services and by Care Teams; and (vi) the sharing and utilizing of each Help Seeker’s Personal Data and the aggregate data derived therefrom by Julota. Customer shall be solely responsible for obtaining and maintaining documentation of any and all legally required written permissions, consents or authorizations from Help Seekers before a Help Seeker’s Personal Data is provided to Julota or placed on the Platform. Any and all information provided by Customer to Julota via the Hosted Services or any other Services relating to any Help Seeker’s permissions, consents or authorizations shall be accurate and valid. Customer shall notify Julota, on a form provided and/or approved by Julota, of any restrictions on the use or disclosure of a Help Seeker’s Personal Data that Customer is required to abide by to the extent that such restriction may affect Julota’s use or disclosure of that Help Seeker’s Personal Data. Customer shall notify Julota of any changes in, or revocation of, the permission, authorization or consent by a Help Seeker for Customer to disclose such Help Seeker’s Personal Data on the Platform. Notwithstanding the foregoing revocation or change in authorization, Julota may retain copies of that data in read only format in order to comply with its statutory or regulatory requirements or to defend against a claim or complaint. 8. FEES AND TAXES. 8.1 Fees. Customer agrees to pay Julota the fees set forth on the applicable SOW for the Services, in accordance with the fees, charges, and billing terms set forth in this Agreement (collectively, “Fees”). All Fees are quoted in United States currency. Except as otherwise provided in this Agreement, Fees are non-refundable. 8.2 Additional Charges. Customer shall pay travel and living expenses and other out-of-pocket expenses reasonably incurred by Julota in connection with the Services. As applicable, such out-of-pocket expenses shall be incurred in accordance with Julota’s then-current corporate travel and expense policy. If an out-of-pocket expense is listed in an Exhibit, such expense may be changed to reflect changes issued by the applicable vendor. All expenses incurred by Julota for which it seeks reimbursement from Customer must be preapproved in writing by Customer. 8.3 Payments. Unless stated otherwise on the applicable SOW, all Fees are due and payable by Customer within thirty (30) days after the invoice date. Any payment not received from Customer by the due date shall accrue (except with respect to charges then under reasonable and good faith dispute), at the lower of one and a half percent (1.5%) of the outstanding balance per month (being 18% per annum), or the maximum rate permitted by law, from the date such payment is due until the date paid. Customer shall also pay all sums expended (including, without limitation, reasonable legal fees) in collecting overdue payments. 8.4 Taxes. All fees set forth in this Agreement are exclusive of all taxes and similar fees. Customer shall be responsible for and shall pay in full all sales, use, excise or similar governmental taxes imposed by any federal, state, or local governmental entity upon the fees charged the Customer under this Agreement, exclusive, however, of taxes based on Julota’s income, which taxes shall be paid by Julota. If any taxes for which Customer is responsible hereunder are paid by Julota, Customer will promptly reimburse Julota upon Customer’s receipt of proof of payment. 9. TERM. This Agreement commences on the Effective Date and shall continue for one year, unless earlier terminated in accordance with this Agreement. Following the initial Term, this Agreement shall renew for successive twelve (12)-month periods unless either party provides written termination notice 60 days prior to the end of the Term. 10. TERMINATION. 10.1 Breach. Except as otherwise provided in this Section 10, either party shall have the right to terminate this Agreement or the applicable SOW upon written notice if the other party has breached a material term of this Agreement or the applicable SOW and has not cured such breach within thirty (30) days of receipt of notice from the non-breaching party specifying the breach. 10.2 Insolvency. Either party shall have the right to terminate this Agreement if (i) the other party has a receiver appointed for it or its property; (ii) any proceedings are commenced by the other party under a Chapter 7 bankruptcy; or (iii) the other party is liquidated or dissolved. 10.3 Failure to Pay/Customer Conduct. Julota shall have the right to suspend or terminate access to the Services, at its sole option, with or without notice to Customer, if: (i) any payment is delinquent by more than sixty (60) days, or (ii) if Customer breaches Sections 3.2, 5 or 7 of this Agreement 10.4 Immediate Termination. Julota may immediately suspend or terminate this Agreement or the applicable SOW, in its sole and absolute discretion, if Customer violates Section 7.2 of this Agreement or violates or misappropriates Julota’s intellectual property rights related to the Services. 10.5 Effect of Termination. Termination of this Agreement will terminate all SOWs. Termination of an individual SOW will only terminate that SOW and will not result in the termination of this Agreement, unless the SOW provides otherwise. Julota shall not be liable to Customer or any third party for suspension or termination of Customer’s access to, or right to use, the Services under this Agreement. If Customer terminates this Agreement or an SOW pursuant to Section 10.1 or if Julota terminates this Agreement or an SOW without cause, Customer will be obligated to pay the balance due for the Services up to the date of termination. If Julota terminates this Agreement or an SOW pursuant to Section 10.1 or if Customer terminates this Agreement or SOW without cause, Customer shall pay any unpaid fees through the date of termination and shall pay any unpaid fees covering the DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 5 of 21 remainder of the term of all SOWs, if the Agreement is terminated, or the applicable SOW, if only the SOW is terminated. Upon the effective date of termination of this Agreement for any reason, Customer’s access to the Services will terminate and Customer shall cease accessing and using the Services immediately and Julota shall cease use immediately of any Marks. Sections 3.2, 4, 5, 6, 8 through 16 and 18 of this Agreement shall survive termination for any reason. 11. CONFIDENTIALITY. 11.1 Obligations. Each of the Parties agrees to maintain in confidence any proprietary or non-public information of the other party, whether written or otherwise, disclosed by the other party in the course of performance of this Agreement that a party knows or reasonably should know is considered confidential by the disclosing party (“Confidential Information”). The Parties hereby agree the terms and conditions of this Agreement, and any discussions related to the Services shall be considered Confidential Information. Confidential Information also includes: (i) trade secrets and proprietary information (including that of any client, supplier or licensor); (ii) customer lists, client lists, business plans, information security plans, business continuity plans, requests for proposals or requests for information and responses to such requests that the Parties may change after the Effective Date, and proprietary software programs; and (iii) any other information received from or on behalf of a disclosing party that is marked confidential or that the recipient of the information could reasonably be expected to know is confidential. The receiving party shall not disclose, use, transmit, inform or make available to any entity, person or body any of the Confidential Information, except as a necessary part of performing its obligations hereunder, and shall take all such actions as are reasonably necessary and appropriate to preserve and protect the Confidential Information and the Parties’ respective rights therein, at all times exercising at least a reasonable level of care. Each party agrees to restrict access to the Confidential Information of the other party to those employees or agents who require access in order to perform their obligations under this Agreement and who agreed to be bound by these obligations of confidentiality and non-disclosure. Except as otherwise expressly provided in this Agreement, upon termination of this Agreement for any reason, and at the request of the disclosing party, the receiving party shall promptly return or destroy (at the disclosing party’s option), all copies of the other party’s Confidential Information. Notwithstanding the foregoing, each party may maintain archival copies of Confidential Information for the applicable statutory periods. 11.2 Exclusions. Confidential Information shall not include any information that is (i) already known to the receiving party at the time of the disclosure; (ii) publicly known at the time of the disclosure or becomes publicly known through no wrongful act or failure of the receiving party; (iii) subsequently disclosed to the receiving party on a non-confidential basis by a third party not having a confidential relationship with the other party hereto that rightfully acquired such information; or (iv) communicated to a third party by the receiving party with the express written consent of the other party hereto. A disclosure of Confidential Information that is legally compelled to be disclosed pursuant to a subpoena, summons, order or other judicial or governmental process, or in response to a request under Washington’s Public Records Act, Chapter 42.56 RCW, but only to the extent that the Public Records Act requires disclosure, shall not be considered a breach of this Agreement; provided the receiving party provides prompt notice of any such subpoena, order, or the like to the other party so that such party will have the opportunity to obtain a protective order or otherwise oppose the disclosure. 12. WARRANTY. 12.1 Disclaimer of Warranties. EXCEPT AS EXPRESSLY PROVIDED IN THIS AGREEMENT, THE SERVICES ARE PROVIDED “AS IS,” AND, TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, JULOTA MAKES NO AND HEREBY DISCLAIMS ALL OTHER WARRANTIES, REPRESENTATIONS, IMPLIED WARRANTIES OR MERCHANTABILITY, WITH RESPECT TO THE USE, MISUSE, OR INABILITY TO USE THE SERVICES (IN WHOLE OR IN PART) OR ANY OTHER PRODUCTS OR SERVICES PROVIDED TO CUSTOMER BY JULOTA, OR OTHERWISE UNDER THESE TERMS. WITHOUT LIMITING THE FOREGOING, JULOTA DOES NOT WARRANT THAT ALL ERRORS CAN BE CORRECTED, OR THAT USE OF THE SERVICES WILL BE UNINTERRUPTED OR ERROR FREE. JULOTA DISCLAIMS ALL LIABILITY FOR ANY MALFUNCTIONING, IMPOSSIBILITY OF ACCESS, OR POOR USE CONDITIONS OF THE SERVICE DUE TO INAPPROPRIATE OR DEFECTIVE EQUIPMENT, DISTURBANCES RELATED TO INTERNET SERVICE PROVIDERS, TO THE SATURATION OF THE INTERNET NETWORK, ERROR, OMISSION, INTERRUPTION, DELETION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMMUNICATIONS LINE FAILURE, THEFT OR DESTRUCTION OR UNAUTHORIZED ACCESS TO, OR ALTERATION OF, USER COMMUNICATIONS, PROBLEMS RELATED TO THE SERVICES OR ITS USE, LOSS OF PERSONAL CONTENT, OR ANY OTHER REASONS. JULOTA ALSO EXPLICITLY DISCLAIMS ANY WARRANTIES RELATED TO BUSINESS RESULTS THAT MAY BE OBTAINED BY USE OF THE SERVICES AND SPECIFICALLY STATES NO SUCH REPRESENTATIONS ARE OR HAVE BEEN MADE TO CUSTOMER. CUSTOMER WILL BE SOLELY RESPONSIBLE FOR (I) ESTABLISHING AND MAINTAINING AN INTERNET CONNECTION SUFFICIENT FOR THE SERVICES TO FUNCTION PROPERLY, (II) THE CONTENT AND EFFICACY OF ALL MARKETING INITIATIVES, AND (III) FULFILLING ALL ITS OBLIGATIONS TO HELP SEEKERS IN CONNECTION WITH THE USE OF THE SERVICES. CUSTOMER WILL FOLLOW PROPER BACK-UP PROCEDURES FOR ANY OTHER PROGRAMMING AND ALL DATA TO PROTECT AGAINST LOSS OR ERROR RESULTING FROM THE USE OF ANY EQUIPMENT OR THE SERVICES. CUSTOMER AGREES DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 6 of 21 THAT JULOTA AND THE PLATFORM AND SERVICES DO NOT MAKE CLINICAL, MEDICAL OR OTHER DECISIONS OR RECOMMEND, ENDORSE OR MAKE ANY MEDICAL, CLINICAL OR RELATED REPRESENTATIONS OR WARRANTIES. CUSTOMER ASSUMES ALL RESPONSIBILITY IN CONNECTION WITH DISCLOSING CUSTOMER DATA ON THE PLATFORM. 12.2 Open Source. Parts of the software for the Services may be subject to the GPL (General Public License) for open source software, and all warranties are disclaimed for such parts by the Free Software Foundation, Inc. See the GNU General Public License for more details. Similarly, parts of such software may be subject to the MIT License for open source software, and therefore, the following restrictions: MIT grants permission, free of charge to any person obtaining a copy of the software and associated documentation files, to deal in the software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the software, and to permit persons to whom the software is furnished to do so, subject to the following conditions and notwithstanding anything to the contrary in this Agreement: the software is provided “AS IS” without warranty of any kind, express or implied, including but not limited to, the warranties of merchantability, fitness for a particular purpose and non- infringement, In no event shall the authors or copyright holders be liable for any claim, damages or other liability, whether in an action of contract, tort or otherwise, arising from, out of or in connection with the software or the use of other dealings in the software. 12.3 Mutual Warranties. Each party represents and warrants that: (i) it does not have any contractual obligations that would prevent it from entering into this Agreement; and (ii) it will comply with all laws and regulations directly applicable to its performance of its obligations under this Agreement or its use of the Services. 13. INDEMNIFICATION. 13.1 By Customer. Unless expressly barred by state or federal law, Customer shall indemnify, defend, hold harmless Julota, its Subcontractors and Affiliates, and each of their respective directors, officers, employees, agents, permitted successors and assigns (each a Julota Indemnitee) or, at its option, settle, any claim, charge, demand, action, audit, or suit, whether in contract, tort, strict liability, negligence, or otherwise, for any and all losses, costs, charges, claims, demands, fees (including attorneys’ fees), expenses, or damages of any nature or kind arising out of, connected with, or resulting from or based on: (i) Customer’s negligent use of the Service, or (ii) improper, negligent, or prohibited collection, input, or disclosure of Customer Data by Customer or its Care Team; (iii) negligent selection or supervision of any Care Team Customer uses or any employment claim by a Care Team or Customer employee that doesn’t involve a Julota employee or agent; and/or (iv) any breach of this Agreement by Customer, its affiliates, directors, officers, employees or agents, and Customer shall pay any final judgment entered against Julota in any such proceeding or settlement provided (x) Customer is promptly notified in writing of such claim or suit, (y) Customer or its designee has sole control of such defense or settlement, and (z) Julota gives all information and assistance requested by Customer or such designee. Julota will promptly notify Customer in writing of such claim or suit and give all information and assistance reasonably requested by Customer or such designee. 13.2 By Julota. Julota shall indemnify, defend, or at its option settle, any third party claim or suit based on (i) the provision of the Services violate applicable law (ii) the negligent performance of the Services, or (iii) the Services (excluding any third party software) violate, infringe or misappropriate any United States patent, copyright, trademark or trade secret and Julota shall pay any final judgment entered against Customer in any such proceeding or agreed to in settlement; provided (i) Julota is promptly notified in writing of such claim or suit, (ii) Julota or its designee has sole control of such defense or settlement, and (iii) Customer gives all information and assistance requested by Julota or such designee. To the extent that use of the Services is enjoined, Julota may at its option and sole cost (a) modify the Services so as not to infringe or misappropriate any intellectual property belonging to the complaining third party while providing materially equivalent functionality (b) procure for Customer the right to use the Services, (c) replace the Services with other suitable products providing materially equivalent functionality, or (d) refund the Initial Term portion of the Fee(s) paid by Customer for the Services or the affected part thereof. Julota shall have no liability under this Section 13.2 or otherwise to the extent a claim or suit is based upon (1) use of the Services in combination with software or hardware not provided by Julota if infringement would have been avoided in the absence of such combination, (2) modifications to the Services not made by Julota, if infringement would have been avoided by the absence of such modifications, (3) use of any version other than a current release of the Services, if infringement would have been avoided by use of a current release, or (4) any action or omission of Customer for which Customer is obligated to indemnify Julota under Section 13.1 above. THIS SECTION 13.2 STATES JULOTA’S ENTIRE LIABILITY AND CUSTOMER'S SOLE AND EXCLUSIVE REMEDY FOR VIOLATION, INFRINGEMENT AND MISAPPROPRIATION CLAIMS BASED ON THE SERVICES. 14. LIMITATION OF LIABILITY. 14.1 Limitation on Direct Damages. EXCEPT AS IT RELATES TO JULOTA’S INDEMNIFICATION OBLIGATIONS, IN NO EVENT SHALL JULOTA’S AGGREGATE LIABILITY, IF ANY, ARISING OUT OF OR IN ANY WAY RELATED TO THIS AGREEMENT EXCEED THE FEES PAID BY CUSTOMER FOR THE SERVICES FOR THE PERIOD OF TWELVE (12) MONTHS PRIOR TO THE EVENT THAT DIRECTLY GAVE RISE TO THE DAMAGES CLAIMED, WITHOUT REGARD TO WHETHER SUCH CLAIM IS BASED IN CONTRACT, TORT (INCLUDING, DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 7 of 21 WITHOUT LIMITATION, NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE. 14.2 Waiver of Consequential Damages. IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR ANY INDIRECT, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOSS OF DATA OR LOSS OF PROFITS, WITHOUT REGARD TO WHETHER SUCH CLAIM IS BASED IN CONTRACT, TORT (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN IF A PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 15. MARKETING. Customer and Julota agree to issue a press release announcing Customer’s participation and use of the Services for publication within 30 days of the Effective Date. Julota shall have the right to use Customer’s name as part of a general list of customers and may refer to Customer as a user of the Services on its website and in its general advertising and marketing materials. 16. NON-SOLICITATION. During the term and for a period of twelve (12) months thereafter, Julota and Customer shall not knowingly, directly or indirectly, solicit, recruit, employ or contract with any employees of one another. 17. INSURANCE. Julota will maintain (and shall cause each of its agents, independent contractors and subcontractors performing any services hereunder to maintain) at its sole cost and expense at least the following insurance covering its obligations under this Agreement: 17.1 Commercial General Liability. With coverage of not less than One Million Dollars ($1,000,000) each occurrence (for bodily injury and for damage to property); including coverage for premises and operations, contractual liability, broad form property damage and products and completed operations and Three Million Dollars ($3,000,000) in the aggregate. 17.2 Cyber Liability Insurance. With coverage of not less than Three Million Dollars ($3,000,000) in the aggregate which shall include at a minimum coverage for (i) unauthorized access by an outside party, which may take the form of a “hacker attack” or a “virus” introduced by a third party; (ii) failure to prevent a party other than an insured from unauthorized access to, use of, tampering with or introduction of malicious code into data, programs or systems; and (iii) breach of Customer’s data. 17.3 Policy Terms. Such insurance shall name Customer as an additional insured. A blanket endorsement or an additional insured endorsement evidencing the policy shall be provided to Customer upon execution. Julota shall provide Customer with written notice of any policy cancellation within thirty (30) days of the receipt of such notice. Julota shall obtain replacement insurance policies meeting the requirements of this Section 17. 18. GENERAL. 18.1 Notices. All notices to a party shall be in writing and sent to the addresses specified in this Agreement (and in the case of Julota, to the attention of the Chief Operating Officer) or such other address as a party notifies the other party, and shall be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by facsimile or email; three days after it is sent, if sent for next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested. 18.2 Governing Law and Jurisdiction. This Agreement shall be governed by the laws of the State of Colorado, excluding its conflict of laws rules. Each party hereby irrevocably submits to the exclusive jurisdiction of the Courts within the County of El Paso located in the State of Colorado. To the extent that Customer’s principal place of business is outside of the State of Colorado and the jurisdiction that Customer is located has implemented health care laws or regulations, those health care laws and regulations will govern. Any provision of this Agreement held to be unenforceable shall not affect the enforceability of any other provisions of this Agreement. Each party further hereby waives any right to jury trial in connection with any action or litigation in any way arising out of or related to this Agreement. 18.3 Dispute Resolution. Before initiating legal action against the other party relating to a dispute herein, the Parties agree to work in good faith to resolve disputes and claims arising out of this Agreement. To this end, each party may request that the other party designate an officer or other management employee with authority to bind such party to meet to resolve the dispute or claim. If the dispute is not resolved within 30 days of the commencement of informal efforts under this paragraph, either party may pursue formal legal action. This paragraph will not apply if expiration of the applicable time for bringing an action is imminent and will not prohibit a party from pursuing injunctive or other equitable relief to which it may be entitled. 18.4 Relationship of the Parties. The Parties to this agreement are independent entities, and no agency, partnership franchise, joint venture or employee-employer relationship is intended or created by this Agreement. 18.5 Assignment. Customer may not assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the prior written consent of Julota (not to be unreasonably withheld). Notwithstanding the foregoing, Customer may assign this Agreement in its entirety (including all SOWs), without consent of Julota, in connection w ith a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets not involving a direct competitor of Julota. In the event that Customer assigns its rights or obligations hereunder, in violation of this Section, Julota may at its election, terminate this Agreement. Subject to the foregoing, this Agreement shall bind and inure to the benefit of the parties, their respective successors and permitted assigns. DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 8 of 21 18.6 Entire Agreement. This Agreement, including all SOWs, exhibits and addenda hereto, constitutes the entire agreement between the Parties and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. No modification, amendment, or waiver of any provision of this Agreement shall be effective unless in writing and either signed or accepted electronically by the party against whom the modification, amendment or waiver is to be asserted. However, to the extent of any conflict or inconsistency between the provisions in the body of this Agreement and any SOW, exhibit or addendum hereto, the terms of such SOW, exhibit, or addendum shall prevail. Notwithstanding any language to the contrary therein, no terms or conditions stated in a Customer purchase order or other order documentation (excluding SOWs) shall be incorporated into or form any part of this Agreement, and all such terms or conditions shall be null and void. Further, notwithstanding the foregoing, terms of the SOW that conflict with or are inconsistent with this Agreement, which conflict with statutory or regulatory requirements will not control or supersede this Agreement and such terms will be deemed waived. 18.7 Force Majeure. Neither party shall be in default if its failure to perform any obligation under this Agreement is caused solely by supervening conditions beyond that party’s reasonable control including, without limitation, acts of God, civil commotion, war, strikes, labor disputes, third party Internet service interruptions or slowdowns, vandalism or “hacker” attacks, acts of terrorism or governmental demands or requirements. 18.8 No Third-Party Beneficiary Rights. This Agreement is not intended to and shall not be construed to give any third- party any interest or rights (including, without limitation, any third-party beneficiary rights) with respect to or in connection with any agreement or provision contained herein or contemplated hereby. 18.9 Headings. The headings of the sections of this Agreement are for reference only and shall not modify, define or limit any of the terms or provisions of this Agreement. 18.10 Severability. If any provision of this Agreement shall be held to be illegal, invalid or unenforceable, that provision will be enforced to the maximum extent permissible so as to affect the intent of the parties and the validity, legality and enforceability of the remaining provisions shall not in any way be affected or impaired thereby. 18.11 Construction. This Agreement has been negotiated by the Parties and will be fairly interpreted in accordance with its terms and without any strict construction in favor or against any party. 18.12 Counterparts and Signatures. This Agreement and any SOWs, exhibits, addenda and amendments may be executed in counterparts, each of which shall be deemed an original and which shall together constitute one instrument. Each party may execute this Agreement and any SOWs, exhibits, addenda Exhibit or amendment hereto in the form of an electronic record utilizing electronic signatures, as such terms are defined in the Electronic Signatures in Global and National Commerce Act (15 U.S.C. § 7001 et seq.). Customer and its affiliates will not dispute the validity or authenticity of electronic signatures submitted to Julota by Customer or its affiliates, nor will Customer or its affiliates dispute the legal authority, validity or authenticity of those who sign with such electronic signatures to bind Customer and its affiliates. Electronic signatures by Customer and its affiliates, as well as signatures by either party transmitted by facsimile or electronically via PDF or similar file delivery method, shall have the same effect as an original signature. 18.13 Federal Government End Use Provisions. If Customer is a U.S. federal government end user, the Services are a “Commercial Item” as that term is defined at 48 C.F.R. §2.101, consisting of “Commercial Computer Software” and “Commercial Computer Software Documentation”, as those terms are used in 48 C.F.R. §12.212 or 48 C.F.R. §227.7202. Consistent with 48 C.F.R. §12.212 or 48 C.F.R. §227.7202-1 through 227.7202-4, as applicable, these Services are licensed to You with only those rights as provided under the terms and conditions of this Agreement. Each party hereto has caused this Agreement to be executed by its authorized representative with effect from the Effective Date. TouchPhrase Development, LLC d/b/a Julota By: _______________________ _______________ Name: DATE Title: City of Auburn, WA (“Customer”) By: _______________________ _______________ Name: Nancy Backus, Mayor DATE Attest: By: _______________________ _______________ Name: Shawn Campbell, City Clerk DATE Approved as to form: By: _______________________ _______________ Name: Douglas Ruth, Assistant City Attorney DATE DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 2/19/2020 2/19/2020 CEO 2/19/2020 Scott Cravens 2/19/2020 Julota® SaaS Agreement page 9 of 21 EXHIBIT A Statement of Work No. 1 Service and Fees This Statement of Work No. 1 (“SOW”) is entered as of 1/13/2020 (the “Effective Date”) by and between TouchPhrase Development, LLC d/b/a Julota (“Julota”) and City of Auburn, WA (“Customer”). Except as otherwise specifically provided herein, the terms and conditions of the agreement between Julota and Customer dated 1/13/2020 (the “Agreement”) are incorporated herein by reference. Any capitalized term used but not defined in this SOW shall have the meaning first assigned to it in the Agreement. A. Term: This SOW shall continue in full force beginning on the Effective Date and ending on 1/12/2021 (the "Initial Term"), after which date this SOW shall automatically renew for successive 1-year periods (each, a "Renewal Term") until such time as either party elects not to renew this SOW by providing written notice of non-renewal to the other party at least 60 days prior to the expiration of the Initial Term or each Renewal Term. B. License and Deliverables: 1. Services: Julota will license to Customer access to a web-based and mobile integrated software for tracking services provided to Help Seekers on the Platform, which is called "Julota Impact." Customer and its authorized users may access the Services for the purpose of providing short or long-term Help Seeker contact, tracking, monitoring and care. Customer will, through the administration panel of Julota Impact, create and authorize new authorized users. Julota Impact software will allow Customer and its authorized users to communicate action steps necessary to integrate and coordinate the care of Help Seekers. 2. Authorized users: Authorized users may be individuals from Customer's organization or Care Teams and their employees. Customer may authorize an unlimited number of authorized users to access Julota Impact through Customer's license. 3. Usage and Storage: The amount of usage of the Hosted Services (not including enrollments) and data storage is unlimited. 4. Excess Hosted Service Usage Fee: $0 5. Service Levels: Julota will provide general support for Julota Impact as provided for in the SLA attached as Exhibit “B” to the Agreement. C. Fees and Expenses: 1. Initial Term: The total fees and expenses, excluding applicable taxes, for unlimited new enrollments for the Initial Term shall be $ 15,000.00 ( Fifteen thousand dollars) payable on 1/13/2020 . This includes 0 hours for customization and 0 hour for legal fees. In addition, implementation services are $ 3,800.00 . To include: a) Data Migration b) Workflow understanding and guidance c) Newly provided work flow documents as PDF and on application d) Launch Support (Post Implementation Support) e) 7 days of Elite Support Services f) Two 60-minute training sessions 2. Renewal Terms: For the second year (the first renewal term), from 1/13/2021 through 1/12/2022 and for subsequent yearly terms, the fees shall be according to this schedule immediately below, payable within 30 days of the commencement of the Renewal Term. The fees shall be assessed based on yearly enrollments and increases in the consumer price index plus up to 2%. DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 10 of 21 Schedule: 240 total yearly new enrollments … $15,000.00 360 total yearly new enrollments … $21,000.00 Over 360 total yearly new enrollments … to be negotiated 3. Payment: All payments shall be paid within 30 days of the date on the invoice. The fee for the Initial Term shall be paid upon execution of this SOW. Payments should be made payable to “Julota” and sent to the following address: Julota Attention: Accounting Department 102 S. Tejon St., Suite 1100 Colorado Springs, CO 80903 Julota may change the payment method provided it does so in writing to Customer. C. Schedule: Upon execution of the Agreement and this SOW, provided the fee for the Initial Term is paid upon execution of this SOW, Julota will commence the planning and execution of the Services with the intent of launching the Services for Customer by TBD____. D. Service Changes: Julota reserves the right, in its sole discretion, to make any changes to the Services that it deems necessary or useful to: 1. maintain or enhance (i) the quality or delivery of the Services for its customers, (ii) the competitive strength of or market for Julota’s services, or (iii) the cost efficiency or performance of the Services; or 2. to comply with applicable Law. Notwithstanding the foregoing, in no event will such Julota initiated changes result in increased cost to Customer during the term of this SOW. Customer understands that daily and weekly Julota initiated changes may occur without advance notice and such changes are for the purpose of bug fixes and minor improvements. During the term of this SOW, Julota shall provide to Customer at no additional charge the following: 1. any and all changes that it develops with respect to the Services, unless such changes are considered optional to the Customer and bear additional costs to Julota outside of costs for Julota initiated implementation and development; 2. any and all changes required by federal or state governmental, or professional regulatory man dates related to the Customer’s use of the Services; and 3. the Documentation associated with any changes. Without limiting the foregoing, Customer may, at any time during the Term, request in writing changes to the Services. The Pa rties shall evaluate the requested changes and, if agreed, implement all such requested changes in accordance with a mutually-agreed change order. No requested changes will be effective unless and until memorialized in a written change order signed by both Parties. E. Subcontractors: Julota may from time to time in its discretion engage third parties to perform Services (each, a “Subcontractor”) F. On-Site Resources: DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 11 of 21 Any Julota personnel visiting Customer’s facilities shall comply with all applicable Customer policies regarding access to, use of, and conduct within such facilities. Customer will provide copies of such policies to Julota upon request. G. Customer Acknowledgments: Customer shall be responsible for purchasing, acquiring and installing all hardware associated with the Agreement and this SOW. Customer shall also be responsible for all training. Julota has no responsibility related to any of the hardware, including, but not limited to, in-store hardware (iPads, cables, cases, etc.). Julota may advise Customer regarding proper deployment of Services, but such advice is without warranty and provided “As Is”. Each party hereto has caused this Statement of Work to be executed by its authorized representative as of the Effective Date. TouchPhrase Development, LLC d/b/a Julota By: _________________________ Name: ________________________ Title: ________________________ Date: _____________________ City of Auburn, WA (“Customer”) By: _______________________ _______________ Name: Nancy Backus, Mayor DATE Attest: By: _______________________ _______________ Name: Shawn Campbell, City Clerk DATE Approved as to form: By: _______________________ _______________ Name: Douglas Ruth, Assistant City Attorney DATE DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 2/19/2020 2/19/2020 Scott Cravens 2/19/2020 CEO 2/19/2020 Julota® SaaS Agreement page 12 of 21 EXHIBIT B Service Level Agreement In performing the Services for Customer, Julota’s level of performance shall be at least equal to or exceed the Service Levels set forth in this Service Level Agreement (this “SLA”) at all times during the Term of the applicable Statement of Work. A. Definitions. Unless otherwise defined in this Addendum, the capitalized terms in this Addendum have the following meaning. Defined terms that are not defined in this Addendum will have the same meaning as in the Agreement. 1. “Authorized User” is a person who has been granted authority to use the Services by the Customer Representative. 2. “Availability” means that the Services are readily available to Customer and operating without material Error, excluding any Outages and “Low” level incidents (defined below). 3. “Customer Representative” means the single person that Customer has designated in writing to Julota to be its Customer Representative. Customer may change the Customer Representative by written notice to Julota. Only one person may be designated as Customer Representative at any time. In addition to the authority designated in this Addendum, the Customer Representative is awarded all rights designated to Authorized Users (e.g., the ability to contact the Support Desk). Only the Authorized Users may contact the Support Desk. 4. “Emergency Maintenance” means the downtime required by Julota for upgrading or maintaining the Services; provided, that Julota has given Customer at least twenty-four hours prior written notice of such downtime, provided that Emergency Maintenance does not exceed five (5) hours per month, and provided that Emergency Maintenance does not occur more than six (6) times per year. 5. “Failure” means any failure of Julota to meet a Service Level requirement; but excludes those failures attributable to a Force Majeure event. 6. “Monthly Availability Percentage” means the amount equal to the total number of minutes (multiply the number of calendar days in any given month by the product of 24 times 60) in the applicable calendar month, minus the total Outage time for that month, then divided by the total number of minutes. 7. “Outage” means the period (measured in minutes) that the Services are not readily available to Customer and/or are operating with material Error; but shall not include: (i) Scheduled Downtime (which will not exceed ten (10) hours in aggregate per month); (ii) emergency maintenance activities which will not exceed five (5) hours per month; (iii) periods of unavailability attributable to Customer’s negligent acts or omissions; or (iv) Customer’s failure to timely respond to Julota in connection with the resolution of any Problem. 8. “Regular Release” means releases of minor product updates for upgrading or maintaining the Services; provided that there shall be no more than two regular releases per week and downtime for these weekly releases does not exceed sixty (60) minutes for each release. 9. “Scheduled Downtime” means the downtime required by Julota for upgrading or maintaining the Services; provided, that (i) such downtime occurs between the hours of 22:00 MT USA and 5:00 MT USA (or such other hours that Customer has previously and specifically approved in writing); and (ii) Julota has provided five (5) business days prior written notice of such downtime. This may also be referred to as “Scheduled Maintenance”. (iii) not to exceed 4 hours each month. 10. “Support Desk” is a resource that provides administrative support and technical support to Authorized Users. B. Technical Support. 1. Contact Methods. Julota will make available to all the Authorized Users the ability to contact the Support Desk via email (“Support Email”). For customers purchasing Elite Services, there will also be a telephone number (“Support Hotline”). 2. User Support Hours. Standard user support hours are Monday – Friday from 9 AM to 9 PM Mountain Time with the exception of state and Federal holidays. In the event calls or emails are received outside of User Support Hours, Julota will address the Authorized User’s query during User Support Hours with the exception of Critical events (as discussed below). DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 13 of 21 3. Technical support will be limited to the permissions of the Authorized User, which will be determined by the Customer Representative pursuant to the “Protocol Authorization Form,” a sample of which is attached as “Annex A” in blank format. The permissions will be defined in the Protocol Authorization Form. The Protocol Authorization Form will set forth the Authorized User’s permissions granted to him or her. 4. At the time that the Authorized User contacts the Support Desk, the Authorized Users permissions will be verified in order to determine the scope of support that may be granted. If an Authorized User does not have sufficient permissions (e.g., they are attempting to report an issue for an area that they do not have the authority to access, the event will be deemed unreported). C. Severity Levels and Response Times. The following are a description of the service levels and the service level response times: 1. Critical. An incident with a severity level of “Critical” is defined as one that produces an emergency situation (e.g., system down) in which the Services are substantially or completely non-functional or inoperable. In the event of a Critical incident, the Authorized User shall contact the Support Desk to report the problem. If the reported event is Critical and outside of User Support Hours, the Authorized User shall contact the Support Desk via the Support Email, which is monitored 24x7x365, excluding State and Federal holidays. The Support Desk will contact the Authorized User, who reported the incident within four (4) hours to diagnose and begin remediation of the event, and will use commercially reasonable efforts to resolve the event as soon as is reasonably possible under the circumstances. Any Authorized User may contact the support desk to report a Critical incident, even if the issue in question relates to a portion of Julota that is not under the purview of the Authorized User’s permissions. In this case, the Support Desk will take the report of the issue, but will not contact the reporting user with resolution, but instead, will contact the Customer Representative to report resolution. 2. High. An incident with a severity level of “High” is defined as one that produces a detrimental situation in which the Services are usable, but materially incomplete; performance (response time) of the Services is degraded substantially such that there is a severe impact on use under reasonable loads; one or more mainline functions or commands is inoperable; or the use is otherwise significantly impacted. If the reported event is a High severity, the Support Desk will contact the Authorized User who reported the event within eight (8) User Support Hours to diagnose and begin remediation of the event and will use commercially reasonable efforts to resolve the event with five (5) business days. Any authorized user may contact the support desk to report any issue, even if the issue in question relates to a portion of Julota that is not under the purview of the authorized user’s permissions. Notwithstanding the foregoing, if the Authorized User that reported the event is not under the purview of the Authorized User’s permissions, the Support Desk will take the report of the issue, but will not contact the reporting user with resolution, but instead, will contact the Customer Representative to report resolution. 3. Low. An incident with severity level of “Low” is defined as one that produces an inconvenient situation in which the Services are usable but do not provide a function in the most convenient or expeditious manner and the Authorized User suffers little or no significant impact. If the reported event is Low severity, Julota will attempt to resolve the event in a commercially reasonable manner in future maintenance releases. Only the Authorized User may contact the support desk to report the issue. D. Availability 1. Availability Objective: Julota will provide 99.5% Availability (as defined below) for the Julota APIs within Julota’s Immediate Control. For purposes hereof, "Availability” or “Available” means the Julota APIs are available for access and use through Julota’s Internet connection. “Immediate Control” includes Julota’s services within the Julota data center which extends to, includes and terminates at the Internet Service Provider (“ISP”) circuit termination point on the router in Julota’s data center (i.e., public Internet connectivity). Specifically excluded from the definition of “Immediate Control” are the following: DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 14 of 21 a) Equipment, data, materials, software, hardware, services and/or facilities provided by or on behalf of Customer or a third party entity (or any of their vendors or service providers) and Customer’s or a third party entity’s network services. b) Acts or omissions of Customer, their employees, contractors, agents or representatives, third party vendors or service providers or anyone gaining access to the Julota APIs at the request of Customer. c) Issues arising from bugs or other problems in the software, firmware or hardware of third parties. d) Delays or failures due to circumstances beyond Julota’s reasonable control that could not be avoided by its exercise of due care. e) Any outage, network unavailability or downtime outside the Julota data center. 2. Availability Calculation: Availability is based on a monthly calculation. The calculation will be as follows: ((a – b) / a) x 100, where “a” is the total number of hours in a given calendar month, excluding Scheduled Maintenance (as defined in A 9 above), and “b” is the total number of hours that service is not Available in a given month. 3. Remedies: In the event that Julota is unable to provide the Availability objective noted below in any given calendar month, Customer will receive a credit on its next monthly invoice equal to the corresponding percentage noted below of one (1) month’s fees for the Julota services for the month in which the Availability objective was not obtained, which will not exceed 15% of the fees due to Julota for that calendar month. Julota APIs Availability Credit Uptime of 99.5% - 100% No Credit Uptime of 99.0% - 99.5% 1% Uptime of 98.0% - 98.9% 2% Uptime of 97.0% - 97.9% 5% Uptime of 95.0% - 96.9% 10% Less than 95.0% 15% Customer’s right to receive credit(s) (“Service Credits”) will be Customer’s exclusive remedy for Julota’s failure to satisfy this Service Level Agreement. Remedies will not accrue (i.e., no Service Credits will be issued and an outage will not be considered unavailability for purposes of this Service Level Agreement) if Customer is not current in its payment obligations either when the outage occurs or when the credit would otherwise be issued. To receive Service Credits, Customer must submit a written request, within fifteen (15) days after the end of the month in which the Julota APIs were unavailable, or Customer’s right to receive Service Credits with respect to such unavailability will be waived. DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 15 of 21 EXHIBIT C Customer Trademark Guidelines – left blank at this time DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 16 of 21 Exhibit D HEALTHCARE CONFIDENTIALITY COMPLIANCE AGREEMENT - HIPAA Business Associate Agreement This HEALTHCARE CONFIDENTIALITY COMPLIANCE AGREEMENT - HIPAA Business Associate Agreement (“HCCA” or “Agreement”) is entered into and effective on 1/13/2020 (“Effective Date”) by and between the City of Auburn, WA (“Customer”) and TouchPhrase Development, LLC d/b/a Julota (“Provider” or “Business Associate”). THE PARTIES THEREFORE AGREE TO THE FOLLOWING: 1. Preamble and Definitions 1.1. The Parties hereby acknowledge for purposes of this agreement that while Customer is not a Covered Entity under HIPAA, Customer abides by equivalent standards included in Washington State Uniform Health Care Information Act of 1991 and amendments thereto codified at R.C.W. 70.02 (“RCW 70.02”). The Parties further acknowledge for purposes of this agreement that while Provider is not Customer’s Business Associate under HIPAA, Provider is obligated to abide by equivalent standards included in RCW 70.02. 1.2. Pursuant to HIPAA and RCW 70.02, the City of Auburn (“Customer”) a Washington State municipality and Julota, or any of its corporate affiliates, (“Provider”), a Colorado limited liability company, enter into this Healthcare Confidentiali ty Compliance Agreement (“HCCA”) as of the effective date of the Software as a Service Agreement ( the “Effective Date”) that addresses the RCW 70.02 and HIPAA requirements with respect to “business associates,” as defined under the privacy, security, breach notification, and enforcement rules at 45 C.F.R. Parts 160 and 164 (“HIPAA Rules”) and “contractors” as referred to in RCW 70.02. A reference in this HCCA to a section in the HIPAA Rules means the section as in effect or as amended. 1.3. This HCCA is intended to ensure that Provider will establish and implement appropriate safeguards for the Protected Health Information (“PHI”) (as defined under the HIPAA Rules) that Provider may receive, create, maintain, use, or disclose in connection with the functions, activities, and services that Provider performs for Customer. The functions, activities, and services that Provider performs for Customer are defined in the Software as a Service Agreement entered between Provider and Customer (the “Underlying Agreement”). 1.4. Pursuant to changes required under the Health Information Technology for Economic and Clinical Health Act of 2009 (the “HITECH Act”) and under the American Recovery and Reinvestment Act of 2009 (“ARRA”), this HCCA also reflects federal breach notification requirements imposed on Provider when “Unsecured PHI” (as defined under the HIPAA Rules) is acquired by an unauthorized party and the expanded privacy and security provisions imposed on business associates. 1.5. Unless the context clearly indicates otherwise, the following terms in this HCCA shall have the same meaning as those terms in the HIPAA Rules: Breach, Data Aggregation, Designated Record Set, disclosure, Electronic Media, Electronic Protected Health Information (ePHI), Health Care Operations, individual, Minimum Necessary, Notice of Privacy Practices, Required By Law, Secretary, Security Incident, Subcontractor, Unsecured PHI, and use. 1.6. A reference in this HCCA to the Privacy Rule means the Privacy Rule, in conformity with the regulations at 45 C.F.R. Parts 160-164 (the “Privacy Rule”) as interpreted under applicable regulations and guidance of general application published by the HHS, including all amendments thereto for which compliance is required, as amended by the HITECH Act, ARRA and the HIPAA Rules. 2. General Obligations of the Parties 2.1. The Parties agree that any defined term used in this HCCA which has different meanings under HIPAA Rules and RCW 70.02, the meaning ascribed in RCW 70.02 will govern; and further, that any defined term used in this HCCA that is not defined in RCW 70.02, the definition included in the HIPAA Rules will govern. 3. General Obligations of the Provider 3.1. Provider agrees not to use or disclose PHI, other than as permitted or required by this HCCA or as Required By Law, or if such use or disclosure does not otherwise cause a Breach of Unsecured PHI. DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 17 of 21 3.2. Provider agrees to use appropriate safeguards and comply with Subpart C of 45 C.F.R. Part 164 with respect to ePHI, to prevent use or disclosure of PHI other than as provided for by the HCCA. 3.3. Provider agrees to mitigate, to the extent practicable, any harmful effect that is known to Provider as a result of a use or disclosure of PHI by Provider in violation of this HCCA’s requirements or that would otherwise cause a Breach of Unsecured PHI. 3.4. The Provider agrees to the following breach notification requirements: (a) Provider agrees to report to Customer in writing any Breach of Unsecured PHI not provided for by the HCCA of which it becomes aware within 5 calendar days of “discovery” within the meaning of the HITECH Act. Such notice shall include (i) the identification of each individual whose Unsecured PHI has been, or is reasonably believed by Provider to have been, accessed, acquired, or disclosed in connection with such Breach; (ii) a description of the types of Unsecured PHI that were involved in the Breach; (iii) any recommended steps the individual(s) whose PHI was inappropriately disclosed should take to protect themselves from potential harm; and, (iv) a brief description of what the Provider is doing to investigate the unauthorized access or use of PHI. In addition, Provider shall provide any additional information reasonably requested by Customer for purposes of investigating the Breach and any other available information that Customer is required to include to the individual under 45 C.F.R. § 164.404(c) at the time of notification or promptly thereafter as information becomes delayed. Provider’s notification of a Breach of Unsecured PHI under this Section shall comply in all respects with each applicable provision of section 13400 of Subtitle D (Privacy) of ARRA, the HIPAA Rules and related guidance issued by the Secretary or the delegate of the Secretary from time to time. (b) In the event of Provider’s use or disclosure of Unsecured PHI in violation of HIPAA, the HITECH Act, or ARRA, Provider bears the burden of demonstrating that notice as required under this Section 2.4 was made, including evidence demonstrating the necessity of any delay, or that the use or disclosure did not constitute a Breach of Unsecured PHI. 3.5. Provider agrees, in accordance with 45 C.F.R. §§ 164.502(e)(1)(ii) and 164.308(b)(2), if applicable, to require that any Subcontractors that create, receive, maintain, or transmit PHI on behalf of the Provider agree in writing to the same restrictions, conditions, and requirements that apply to the Provider with respect to such information. 3.6. Provider agrees to make available PHI in a Designated Record Set to Customer as necessary to satisfy Customer’s obligations under 45 C.F.R. § 164.524 and RCW 70.02.080. (a) Provider agrees to comply with an individual’s request to restrict the disclosure of their personal PHI in a manner consistent with 45 C.F.R. § 164.522, except where such use, disclosure, or request is required or permitted under applicable law. (b) Provider agrees that when requesting, using, or disclosing PHI in accordance with45 C.F.R. § 164.502(b) (1) that such request, use, or disclosure shall be to the minimum extent necessary, including the use of a “limited data set” as defined in 45 C.F.R. §164.514(e)(2), to accomplish the intended purpose of such request, use, or disclosure, as interpreted under related guidance issued by the Secretary from time to time. 3.7. Provider agrees to make any amendments to PHI in a Designated Record Set as directed or agreed to by the Customer pursuant to 45 C.F.R. § 164.526 or RCW 70.02.100, or take other measures as necessary to satisfy Customer’s obligations under 45 C.F.R. § 164.526 and RCW 70.02.100. 3.8. Provider agrees to maintain and make available the information required to provide an accounting of disclosures to Customer as necessary to satisfy Customer’s obligations under 45 C.F.R. § 164.528 and RCW 70.02.020. 3.9. Provider agrees to make its internal practices, books, and records, including policies and procedures regarding PHI, relating to the use and disclosure of PHI and Breach of any Unsecured PHI received from Customer, or created or received by the Provider on behalf of Customer, available to Customer (or the Secretary) for t he purpose of Customer or the Secretary determining compliance with the Privacy Rule (as defined in Section 8). 3.10. To the extent that Provider is to carry out one or more of Customer’s obligation(s) under Subpart E of 45 C.F.R. Part 164, Provider agrees to comply with the requirements of Subpart E that apply to the Customer in the performance of such obligation(s). DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 18 of 21 3.11. Provider agrees to account for the following disclosures: (a) Provider agrees to maintain and document disclosures of PHI and Breaches of Unsecured PHI and any information relating to the disclosure of PHI and Breach of Unsecured PHI in a manner as would be required for Customer to respond to a request by an individual or the Secretary for an accounting of PHI disclosures and Breaches of Unsecured PHI. (b) Provider agrees to provide to Customer, or to an individual at Customer’s request, information collected in accordance with this Section 2.11, to permit Customer to respond to a request by an individual or the Secretary for an accounting of PHI disclosures and Breaches of Unsecured PHI. (c) Provider agrees to account for any disclosure of PHI used or maintained as an Electronic Health Record (as defined in Section 5) (“EHR”) in a manner consistent with 45 C.F.R. § 164.528 and related guidance issued by the Secretary from time to time; provided that an individual shall have the right to receive an accounting of disclosures of EHR by the Provider made on behalf of the Customer only during the three years prior to the date on which the accounting is requested from Customer. (d) In the case of an EHR that the Provider acquired on behalf of the Customer as of January 1, 2009, paragraph (c) above shall apply to disclosures with respect to PHI made by the Provider from such EHR on or after January 1, 2014. In the case of an EHR that the Provider acquires on behalf of the Customer after January 1, 2009, paragraph (c)above shall apply to disclosures with respect to PHI made by the Provider from such EHR on or after the later of January 1, 2011 or the date that it acquires the EHR. 3.12. Provider agrees to comply with the “Prohibition on Sale of Electronic Health Records or Protected Health Information,” as provided in section 13405(d) of Subtitle D (Privacy) of ARRA, and the “Conditions on Certain Contacts as Part of Health Care Operations,” as provided in section 13406 of Subtitle D (Privacy) of ARRA and related guidance issued by the Secretary from time to time. 3.13. Provider acknowledges that, effective on the Effective Date of this HCCA, it shall be liable under the civil and criminal enforcement provisions set forth at 42 U.S.C. 1320d-5 and 1320d-6, as amended, for failure to comply with any of the use and disclosure requirements of this HCCA and any guidance issued by the Secretar y from time to time with respect to such use and disclosure requirements. 4. Permitted Uses and Disclosures by Provider. 4.1. General Uses and Disclosures. Provider agrees to receive, create, use, or disclose PHI only in a manner that is consistent with this HCCA, RCW 70.02, the Privacy Rule, Security Rule (as defined in Section 5), the Underlying Agreement, and only in connection with providing services to Customer; provided that the use or disclosure would not violate the Privacy Rule, including 45 C.F.R. § 164.504(e), if the use or disclosure would be done by Customer. For example, the use and disclosure of PHI will be permitted for “treatment, payment and health care operations,” in accordance with the Privacy Rule. 4.2. Provider may use or disclose PHI as Required By Law. 4.3. Provider agrees to make uses and disclosures and requests for PHI: Consistent with Customer’s Minimum Necessary policies and procedures. 4.4. Provider may not use or disclose PHI in a manner that would violate Subpart E of 45 C.F.R. Part 164 if done by the Customer. 4.5. Specific Other Uses and Disclosures: (a) Except as otherwise limited in this HCCA, Provider may use PHI to provide Data Aggregation Services to Customer as permitted by HIPAA. (b) Except as otherwise provided in this HCCA, Provider may use PHI for its proper management and administration or to carry out its legal responsibilities as permitted under applicable law. DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 19 of 21 (c) Provider may use PHI to report violations of law to appropriate federal and state authorities, consistent with 45 C.F.R. § 164.502(j)(1). (d) Pursuant to the Underlying Agreement, Provider is authorized to use PHI to de-identify the information in accordance with 45 C.F.R. § 164.514(a)-(c) as Resultant Data (as defined in the Underlying Agreement) solely for the purpose of providing services to Customer. 5. OBLIGATIONS OF CUSTOMER 5.1. Customer shall: (a) Notify Provider of any restriction to the use or disclosure of PHI that Customer has agreed to or is required to abide by under 45 C.F.R. § 164.522, to the extent that such restriction may affect Provider’s use or disclosure of PHI under this HCCA. (b) Notify Provider of any changes in or revocation of permission by an individual to use or disclose PHI, if such change or revocation may affect Provider’s permitted or required uses and disclosures of PHI under this HCCA. (c) Customer shall not request Provider to use or disclose PHI in any manner that would not be permissible under the Privacy and Security Rule if done by Customer, except as provided under Section 3 of this HCCA. 6. Compliance with Security Rule 6.1. Provider shall comply with the HIPAA Security Rule, which shall mean the Standards for Security of Electronic Protected Health Information at 45 C.F.R. Part 160 and Subparts A and C of Part 164, as amended by ARRA and the HITECH Act. The term “Electronic Health Record” or “EHR” as used in this HCCA shall mean an electronic record of health-related information on an individual that is created, gathered, managed, and consulted by authorized health care clinicians and staff. 6.2. In accordance with the Security Rule, Provider agrees to: (a) Implement the administrative safeguards set forth at 45 C.F.R. § 164.308, the physical safeguards set forth at 45 C.F.R. § 164.310, the technical safeguards set forth at45 C.F.R. § 164.312, and the policies and procedures set forth at 45 C.F.R. § 164.316 to reasonably and appropriately protect the confidentiality, integrity, and availability of the ePHI that it creates, receives, maintains, or transmits on behalf of Customer as required by the Security Rule. Provider acknowledges that, effective on the Effective Date of this HCCA, (a) the foregoing safeguards, policies, and procedures requirements shall apply to Provider in the same manner that such requirements apply to Customer, and (b) Provider shall be liable under the civil and criminal enforcement provisions set forth at 42 U.S.C.1320d-5 and 1320d-6, as amended from time to time, for failure to comply with the safeguards, policies, and procedures requirements and any guidance issued by the Secretary from time to time with respect to such requirements; (b) Require that any agent, including a Subcontractor, to whom it provides such PHI agrees in writing to implement reasonable and appropriate safeguards no less stringent than the obligations of Provider described herein to protect the PHI; and (c) Report to the Customer any Security Incident of which it becomes aware within five calendar days. 7. Indemnification 7.1. Provider will indemnify, hold harmless and defend Customer for any third party claims, losses, liabilities, costs and expenses (including attorney fees) incurred as a result or arising directly or indirectly out of or in connection with (a) an y breach, or non-fulfillment of any undertaking on the part of Provider under this HCCA; (b) any claims, demands, awards, judgments, actions, penalties, and proceedings made by any person or organization, arising out of Provider’s obligations under this HCCA; and (c) a breach of unsecured PHI caused by Provider or its subcontractors or agents. DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 20 of 21 8. Term and Termination 8.1. This HCCA shall be in effect as of the date first written above, and shall terminate on the earlier of the date that: (a) Either party terminates for cause as authorized under Section 10. (b) All of the PHI received from Customer, or created or received by Provider on behalf of Customer, is destroyed or returned to Customer. If it is not feasible to return or destroy PHI, protections are extended in accordance with Section 5. (c) Upon either party’s knowledge of material breach by the other party, the non -breaching party may immediately terminate this HCCA upon written notice to the non-breaching party. Alternatively, the non-breaching party may provide an opportunity for the breaching party to cure the breach or end the violation. If the breaching party does not cure the breach or end the violation within a reasonable timeframe not to exceed 30 days from the notification of the breach, or if a material term of the HCCA has been breached and a cure is not possible, the non-breaching party may terminate this HCCA and the Underlying Agreement, upon written notice to the other party. 8.2. Upon termination of this HCCA for any reason, the parties agree that Provider, with respect to PHI received from Customer, or created, maintained, or received by Provider on behalf of Customer, shall: (a) Retain only that PHI that is necessary for Provider to continue its proper management and administration or to carry out its legal responsibilities. (b) Return to Customer or, if agreed to by Customer, destroy the remaining PHI that the Provider still maintains in any form. (c) Continue to use appropriate safeguards and comply with Subpart C of 45 C.F.R. Part 164 with respect to ePHI to prevent use or disclosure of the PHI, other than as provided for in this Section 5, for as long as Provider retains the PHI. (d) Not use or disclose the PHI retained by Provider other than for the purposes for which such PHI was retained and subject to the same conditions set out at Section 3.5 above which applied prior to termination. (e) Return to Customer or, if agreed to by Customer, destroy the PHI retained by Provider when it is no longer needed by Provider for its proper management and administration or to carry out its legal responsibilities. (f) Recover any PHI in possession if its subcontractors or agents. If it is not feasible for Provider to obtain, from any subcontractor or agent any PHI in possession of the subcontractor or agent, the Provider must provide a written explanation to Customer and require the subcontractors and agents to agree to extend any and all protection, limitation and restrictions contained in this HCCA, and to limit any further uses and/or disclosures to purposes that make the return or destruction of the PHI infeasible. If the destruction of PHI is reasonably determined to be infeasible by Provider, Provider shall notify Customer in writing. Such notification shall include (i) a statement that the Provider has determined that it is not feasible to return or destroy the PHI in its possession, and (ii) the specific reason for such determination. If the determination is made that return or destruction of PHI is not feasible, Provider agrees to extend any and all protections, limitation and restrictions contained in this HCCA to such PHI and shall take appropriate measures to segregate or protect the remaining PHI from further uses and/or disclosures. 8.3. The obligations of Provider under this Section 7 shall survive the termination of this HCCA. 9. MISCELLANEOUS 9.1. The parties agree to take such action as is necessary to amend this HCCA to comply with the requirements of the Privacy Rule, the Security Rule, HIPAA, ARRA, the HITECH Act, the HIPAA Rules, RCW 70.02, and any other applicable law. DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 Julota® SaaS Agreement page 21 of 21 9.2. The respective rights and obligations of Provider under Section 6 and Section 7 of this HCCA shall survive the termination of this HCCA. 9.3. This HCCA shall be interpreted in the following manner: (a) Any ambiguity shall be resolved in favor of a meaning that permits Customer to comply with the HIPAA Rules. (b) Any inconsistency between the HCCA’s provisions and the HIPAA Rules, including all amendments, as interpreted by the HHS, court, or another regulatory agency with authority over the Parties, shall be interpreted according to the interpretation of the HHS, the court, or the regulatory agency. (c) Any provision of this HCCA that differs from those mandated by the HIPAA Rules, but is nonetheless permitted by the HIPAA Rules, shall be adhered to as stated in this HCCA. (d) If any portion of this HCCA is inconsistent with the terms of the Underlying Agreement, the terms of the HCCA shall be construed so as not to defeat the intent of the parties with respect to the Underlying Agreement, consistent with RCW 70.02, HIPAA and the HITECH Act. The execution of this HCCA shall in no event constitute a waiver by either party of any rights or remedies it may have under the Underlying Agreement. 9.4. This HCCA constitutes the entire agreement between the parties related to the subject matter of this HCCA, except to the extent that the Underlying Agreement relates to the use and protection of PHI upon Provider. This HCCA supersedes all prior negotiations, discussions, representations, or proposals, whether oral or written. This HCCA may not be modified unless done so in writing and signed by a duly authorized representative of both parties. If any provision of this HCCA, or part thereof, is found to be invalid, the remaining provisions shall remain in effect. 9.5. This HCCA will be binding on the successors and assigns of the Customer and the Provider. However, this HCCA may not be assigned, in whole or in part, without the written consent of the other party. Any attempted assignment in violation of this provision shall be null and void. 9.6. This HCCA may be executed in two or more counterparts, each of which shall be deemed an original. Facsimile or electronic PDF copies hereof shall be deemed to be originals. 9.7. Except to the extent preempted by federal law, this HCCA shall be governed by and construed in accordance with the same internal laws as that of the Underlying Agreement. 9.8. Nothing in this HCCA shall confer upon any person other than the parties and their respective successors or assigns, any rights, remedies, obligations, or liabilities whatsoever. IN WITNESS WHEREOF, the parties hereto have executed this HCCA as of the date first above written. City of Auburn, WA (“Customer”) TouchPhrase Development, LLC (“Provider”) By: _______________________ _______________ By: _______________________ Name: Nancy Backus, Mayor DATE Name: _____________________ Attest: Title: ___________________ By: _______________________ _______________ Date: ____________________ Name: Shawn Campbell, City Clerk DATE Approved as to form: By: _______________________ _______________ Name: Douglas Ruth, DATE Assistant City Attorney DocuSign Envelope ID: F4E7F4AE-D198-405E-AB39-3639A9682EE8 2/19/2020 2/19/2020 Scott Cravens 2/19/2020 CEO 2/19/2020