HomeMy WebLinkAboutresolution.council.127-19 RESOLUTION #127
(Series of 2019)
A RESOLUTION OF THE CITY COUNCIL OF THE CITY OF ASPEN,
COLORADO, APPROVING AN AGREEMENT BETWEEN THE
ASPEN/PITKIN COUNTY HOUSING AUTHORITY (APCHA) AND
COLORADO'S STATEWIDE INTERNET PORTAL AUTHORITY (SIPA) FOR
THE ONE-YEAR PURCHSE OF SALESFORCE LICENSES FOR APCHA'S
HOMETREK AUTOMATION PROJECT
WHEREAS, there has been submitted to the City Council an Agreement
between Aspen/Pitkin County Housing Authority (APCHA) and Statewide Internet
Portal Authority (SIPA) for the acquisition of Salesforce licenses for APCHA's
HomeTrek automation project, a true and accurate copy of which is attached hereto as
Exhibit "A";
NOW, THEREFORE, BE IT RESOLVED BY THE CITY COUNCIL OF
THE CITY OF ASPEN, COLORADO,
That the City Council of the City of Aspen hereby approves the Agreement for
the acquisition of Salesforce licenses for the HomeTrek automation project for the
Aspen/Pitkin County Housing Authority, between APCHA and SIPA, a copy of
which is annexed hereto and incorporated herein, and does hereby authorize the City
Manager to execute said Agreement on behalf of the Aspen/Pitkin County Housing
Authority and the City of Aspen.
INTRODUCED, READ AND ADOPTED by the City Council of the City of
Aspen on the 12th day of November 2019.
Torre, Mayor
I, Linda Manning, duly appointed and acting City Clerk do certify that the
foregoing is a true and accurate copy of that resolution adopted by the City Council of
the City of Aspen, Colorado, at a meeting held, November 12, 2019.
+ r46 ^ 1
Linda Manning, City Clerk
Statewide Internet Portal Authority (SIPA)
Company Address 1300 Broadway Created Date 11/1/2019
Suite 440 Expiration Date 11122/2019
Denver,CO 80203
us Quote Number 00001479
Prepared By Catherine Kunst Contact Name Mike Kosdrosky
Phone (720)409-5635 Phone (970)920-5050
Email caitherine@cosipa.gov Email mike.kosdrosky@cityofaspen.com
Bill To Name Aspen,City of Ship To Name Aspen,City of
Bill To 130 S.Galena Street Ship To 130 S.Galena St
Aspen,CO 81612 Aspen,CO 81612
USA
- •
Lightning Service Cloud-Unlimited Edition term: 12/1/2019 to 11/30/2020 S3,081.60 15.00 S46,224.00
Customer Community-Unlimited Edition-Logins term 12/1/2019 to 11/30/2020 $4.06 20.001.00 S81,204.06
Courtesy Administrators for Premier+Success-UE $0.00 1.00 S0.00
Description Quote for Salesforce Licenses for APCHA for the Subtotal 5127,428.06
term 12/1/2019 to It/30/2020 Discount 0.00%
Please return signed quote or PO to me or Total Price $127,428.06
sipa@cosipa.gov to procure these licenses. Grand Total S127,428.06
Additional Details
Additional Details SIPA w II order the licenses for APCHA when it roce:ves a PO or s gnUd quo!i:from APCHA.Salesforce licenses are not
returnable or refundable.
Einstein Bots Feature
The Einstein Bots feature shall b-subject to the Order Form Supplement for Einstein Features available:at
hltps:pwww.salesforce.comrcompanyrlegalragreements.jsp("Supplement")which is hereby made part of this Order Form.
Customer may enable and d sable Einstein Bois at any time by following the instructions in the Supplement.Customer will
be provided with 25 Einste n Bots conversations per month for each Live Agent User with an active subscription
Unused Einstein Bol conversations are forfeited at the end of each anniversary of the Order Start Date hereunder or the
Order End Date,whichever occurs first,and do not roll over to subsequent months.Customer understands that the above
limitation is contractual in nature(i.e.,it is not limited as a technical matter in the Service)and therefore agrees to mon.tor
its Users'use of such subscriptions and enforce the limit set forth he-ein.SFDC may review Customer's use of the
subscriptions at any time through the Service.Should any review reveal unauthorized use,Customer agrees that SFDC
may terminate Customer's access to such 25 Einstein Bots conversations.Customer may purchase add tional Einstein
Bots conversations at SFDC's then-current list price.The Einstein Bots Feature is not available to some customers,
including Government Cloud as slated in the Documentation.
Einstein Features
SFDC may offer Customer access to Einstein features via the Services.Customer's use of the Einstein features shall be
subject to the Order Form Supplement for Einstein features available at
https:/.,www.salesforce.com/company/legal/agreements.jsp("Supplement")which is hereby made part of this Order Form.
Upon Customer's first use of an Einstein feature in an instance of the Services,Customer will be presented with an In-App
Message directing Customer to confirm acceptance of Einstein feature terms and conditions. Instructions for
enabling/disabling each Einstein feature in any instance are outlined in the Documentation here:
htlps://help.salesforce.com/apex/HTViewSolution?uriname=Einstein-Enable-Disable&lanquage=en_US The functionality
of the Einstein features shall not be considered a material component of the Services being provisioned hereunder.The
Einstein features are not available to some customers,including Government Cloud as stated in the Documentation.
Courtesy Administrators for Premier+Success
The Courtesy Administrators for Premier+Success are provided to Customer free of charge for use only by the SFDC
administration team in connection with Customer's nurchase of the PrPmiar+Sucrase Plan in nater in nilnw Sf=rlr..In
After Customer's execution of this Order Form,SFDC will provide Customer with instructions on how to set up the
Courtesy Administrator Subscriptions.For clarity,the Courtesy Administrator Subscriptions are provided on a one-time
basis and Customer may not add on any additional Courtesy Administrator Subscriptions during the Order Term despite
anything to the contrary In any agreement between Customer and SFDC.
Lightning Service CIOud
Customer's use of this product is subject to the following restrictions:
htip://www2.sfdcstatic com,+assets.'pdf.Imisc/lightning-contractual-restrictions.pdf.Customer understands that the foregoing
functionality restrictions are contractual in nature(i.e. these restrictions are not enforced in the Services as a technical
matter)and therefore agrees It is responsible for monitoring its Users'use of such subscriptions and for enforcing such
use restrictions.SFDC may review Customer's use of Such subscriptions at any time through the Services.
Customer Community(Logins/month)
Subscriptions to Customer Community(Logins/month)may not be purchased for use by Customer employees or other
personnel of Customer.Each Customer Community(Log ns,month)subscription entitles the Permitted Users access to all
such Communities with n the same Org up to the number of log-ins per calendar month ordered(the"Permitted Number of
Monthly Logins').The beginning and end of each calendar month will conform with U.S.Pacific Time.Customer shall
assign each Permitted User a User profile or permiss on set that permits access to no more than 10 custom objects in
each applicable community.Salesforce.com will provision 20 User subscriptions for each of the Permitted Number of
Monthly Logins;subject,however,to the I mitalions on the aggregate number of User subscriptions per Org set forth in the
Documentation("Permitted Users").Customer understands that the above limitations are contractual in nature(i.e.,they
are not limited as a t::chnical matter In the Service)and therefore agrees to strictly review its Users'use of such
subscriptions and enforce the I mits set forth herein.SFDC may review Customer's use of the subscriptions at any time
through the Service.Unused logins are forf::lled at the end of each anniversary of the Order Start Date hereunder or the
Order End Date,
whichever occurs first.and do not roll over to subsi:q.ient m(mths.
Free Sandbox with Unlimited/Performance Edition
Sandbox subscriptions are for testing and development use only,and not for production use.As part of its system
maintenance,SFDC may delete any Sandbox that Customer has not logged into for 150 consecutive days.Thirty or more
days before any such deletion,SFDC will nolify Customer(email acceptable)that the Sandbox will be deleted if Customer
does not log into it during that 30-day(or longer)pert d.Deletion of a Sandbox shall not terminate Customer's Sandbox
subscription;if a Sandbox is deleted during Customer's Sandbox subscription term,Customer may create a new Sandbox.
Scratch Org
The following terrns shall govern all of Customer's usr of the Scratch Orgs functionality.whether provisioned pursuant to
this or another Order Form.Scratch Orgs are for testing and development use only,and not for production use.As pail of
its system maintenance SFDC will periodically dekAe any Scratch Org•including any associated data or Active Scratch
Objects,as set forth in the Documentation.Deletion of an active Scratch Org shall not terminate Customer's Scratch Org
subscription;if an active Scratch Org is deleted during Customers Scratch Org subscription term,Customer may create a
new active Scratch Org.Creation of new active Scratch Orgs count towards the daily scratch org limits set forth in the
Documentation.Any representations,warranties and covenants in the Customer's MSA regarding log retention,back-ups.
disaster recovery,and return and deletion of data shall not apply to Scratch Orgs.
Quote Acceptance Information
Signature
Name
Title Cl `�{Q �Q�e✓
Date I
DocuSign Envelope ID:02468006-F998-4325-A438-08E214B4D63C
salesforce
6L�
SALESFORCE ADDITIONAL SERVICES ADDENDUM
TO
SALESFORCE.COM MASTER SUBSCRIPTION AGREEMENT
Customer Full Legal Name: Statewide Internet Portal Authority(SiPA)
Date of Master Subscription Agreement: July 15,2011
This Salesforce Additional Services Addendum ("Addendum")amends and supplements the Master Subscription Agreement identified
above(the"MSA")between Customer and salesforce.com,inc.("SFDC").This Addendum is effective as of the later of the dates beneath
the parties' signatures below (the "Effective Date"). This Addendum applies solely to the "Addendum Services" as further below.
Except as otherwise set forth herein, the terns of the MSA shall apply to the Addendum Services.
1. DEFINITIONS
Capitalized terms used in this Addendum have the meanings given to them below, or if not defined below, then the meanings
given to them in the MSA.
"Addendum Services" mean the products and services offered by SFDC identified at www.salesforce.com that are ordered by
Customer under an Order Form or through an online ordering center and made available online by SFDC or its Affiliates,
including associated SFDC offline or mobile components, as described in the Documentation. "Addendum Services" exclude
(i)Content,(ii)Non-SFDC Applications,(iii)any professional services,(iv)the"Salesforce Services"which are those currently
branded as Chatter, Community Cloud,Database.com,Force.com, Sales Cloud, Service Cloud, Site.com, (v) Analytics Cloud,
(vi)Work.com, (vii) the managed packages branded as Health Cloud and Financial Services Cloud and (viii) any other SFDC
Affiliate products or Services which are expressly provided under a separate agreement between Customer and SFDC or an
SFDC Affiliate. All references to "Services" in the MSA are deemed to mean "Addendum Services" for purposes of this
Addendum,except as otherwise provided herein.
"Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject
entity. "Control," for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting
interests of the subject entity. "Affiliate"shall also mean any state or local governmental entity within the State of Colorado.
"Agreement"shall mean collectively, the MSA and this Addendum, together with any exhibits, schedules and addenda to this
Addendum.
"Beta Services"means SFDC services or functionality that may be made available to Customer to try at its option at no additional
charge which is clearly designated as beta,pilot, limited release, developer preview,non-production, evaluation, or by a similar
description.
"Content" means information obtained by SFDC from publicly available sources or its third party content providers and made
available to Customer through the Addendum Services, Beta Services or pursuant to an Order Form,as more fully described in
the Documentation.
"Customer Data"means electronic data and information submitted by or for Customer to the Addendum Services, excluding
Content and Non-SFDC Applications.
"Documentation" means the applicable Addendum Service's Trust and Compliance documentation, and its usage guides and
policies, as updated from time to time, accessible via help.salesforce.com or login to the applicable Addendum Service. All
references to"User Guide"in the MSA shall mean"Documentation"for the purposes of this Addendum.
"Marketplace"means an online directory,catalog or marketplace of applications that interoperate with the Services,including,
for example, the AppExchange at http://www.salesforce.com/iipnexcliange or the Heroku add-ons catalog at
https://addons.heroku.com/,and any successor websites.
Nov 2018(AMER) Page I of 5 CONFIDENTIAL
DocuSign Envelope ID: 02468006-F998-4325-A438-08E214B4D63C
"Non-SFDC Application" means a Web-based, mobile, offline or other software application functionality that interoperates
with an Addendum Service,that is provided by Customer or a third party,and/or listed on a Marketplace including as Salesforce
Labs or under similar designation. Non-SFDC Applications, other than those obtained or provided by Customer, will be
identifiable as such.
2. RESPONSIBILITIES
2.1 SFDC Responsibilities. in addition to its responsibilities under the MSA, SFDC will make the Addendum Services and Content
available to Customer pursuant to this Addendum, the Documentation, and the applicable Order Forms. SFDC's obligation to
use commercially reasonable efforts to make the online Addendum Services available 24 hours a day, 7 days a week,excludes,
in addition to the exclusions in Section 2.3 of the MSA,any unavailability caused by a third party hosting provider or Non-SFDC
Application. SFDC's obligation to provide notice of planned downtime shall be advance, electronic notice. For the avoidance
of doubt,any obligation of SFDC to provide the Addendum Services in accordance with laws and government regulations is for
such laws and government regulations applicable to SFDC in its provision of the Addendum Services generally, and subject to
Customer's use of the Addendum Services in accordance with the Agreement, the Documentation and Order Forms, as
applicable.
2.2 SFDC Protection of Customer Data. in addition to its obligations under the MSA,Customer shall only submit to the Addendum
Services, and use the Addendum Services to collect, store and/or process, Customer Data in a manner that is permitted in the
applicable Documentation or Order Form and by applicable laws and government regulations. SFDC currently provides the
Addendum Services and stores Customer Data at facilities and on technology infrastructure different from those used by SFDC
for its Force.com platform-based services. SFDC will maintain appropriate administrative, physical, and technical safeguards
for protection of the security, confidentiality and integrity of Customer Data, as described in the Documentation. Those
safeguards will include,but will not be limited to,measures designed to prevent unauthorized access to or disclosure of Customer
Data (other than by Customer or Users). The terms of the data processing addendum
at http://www.sfcicstatic.com/assets/12df/mise/data-Loccssin�*-addenduni.pdf("DPA")are hereby incorporated by reference and
shall apply to the extent Customer Data includes Personal Data, as defined in the DPA. To the extent Personal Data from the
European Economic Area(EEA),the United Kingdom and Switzerland arc processed by SFDC, its Processor Binding Corporate
Rules, the EU-US and/or Swiss-US Privacy Shield, and/or the Standard Contractual Clauses shall apply, as further set forth in
the DPA.For the purposes of the Standard Contractual Clauses,Customer and its applicable Affiliates are each the data exporter,
and Customer's execution of this Addendum, and an applicable Affiliate's execution of an Order Form, shall be treated as its
execution of the Standard Contractual Clauses and their appendices. Notwithstanding Section 10.5 of the MSA ("Return of
Customer Data"): (i)upon request by Customer made within 30 days after the effective date of termination or expiration of this
Agreement, SFDC will make Customer Data available to Customer for export or download as provided in the Documentation;
and(ii) after such 30-day period, SFDC will have no obligation to maintain or provide any Customer Data, and as provided in
the Documentation will thereafter delete or destroy all copies of Customer Data in its systems or otherwise in its possession or
control,unless legally prohibited. SFDC MAKES NO REPRESENTATION OR WARRANTY REGARDING COMPLIANCE
WITH SPECIFIC LAWS OR GOVERNMENTAL REGULATIONS IN PROVIDING THE ADDENDUM SERVICES,
INCLUDING COMPLIANCE WITH DATA PROTECTION LAWS AND REGULATIONS AS SET FORTH IN THE DPA,
TO THE EXTENT THE DOCUMENTATION PROHIBITS CUSTOMER FROM SUBMITTING DATA SUBJECT TO SUCH
LAWS OR REGULATIONS TO AN APPLICABLE ADDENDUM SERVICE. BETA SERVICES ARE PROVIDED"AS IS"
AND AS AVAILABLE,EXCLUSIVE OF ANY WARRANTY OR AVAILABILITY COMMITMENT WHATSOEVER.
2.3 Beta Services. From time to time,SFDC or its Affiliates may make Beta Services available to Customer at no charge.Customer
may choose to try such Beta Services or not in its sole discretion. Any use of Beta Services is subject to the Beta Services terms
at https://wA,w.salesforce.com/company/l",al/agrecments.isp
3. USE OF ADDENDUM SERVICES AND CONTENT
3.1 Usage Limits. Addendum Services and Content are subject to usage limits specified in Order Forms or Documentation. If
Customer exceeds a contractual usage limit, SFDC may work with Customer to seek to reduce Customer's usage so that it
conforms to that limit. If,notwithstanding SFDC's efforts,Customer is unable or unwilling to abide by a contractual usage limit,
Customer will execute an Order Form for additional quantities of the applicable Addendum Services or Content promptly upon
SFDC's request,and/or pay any invoice for excess usage in accordance with the"Invoicing and Payment"section of the MSA.
3.2 Customer Responsibilities. Customer will: (a)be responsible for Users' compliance with this Addendum,Documentation and
Order Forms, (b) be responsible for the interoperation of any Non-SFDC Applications with which Customer uses Addendum
Nov 2018(AMER) Page 2 of 5 CONFIDENTIAL
DocuSign Envelope ID:02468006-F998-4325-A438-08E214B4D63C
Services or Content, (c) use commercially reasonable efforts to prevent unauthorized access to or use of Content, and notify
SFDC promptly of any such unauthorized access or use, and (d) use Content only in accordance with the Agreement, the
Documentation,Order Forms and applicable laws and government regulations and use Content and Addendum Services only in
accordance with the Acceptable Use and External Facing Services Policy at https://www.saIesforce.com/
company/le.gal/a.grcements.isp. Any use of the Addendum Services in breach of the foregoing by Customer or Users that in
SFDC's judgment threatens the security,integrity or availability of SFDC's services,may result in SFDC's immediate suspension
of the Addendum Services, however SFDC will use commercially reasonable efforts under the circumstances to provide
Customer with notice and an opportunity to remedy such violation or threat prior to any such suspension.
3.3 Usage Restrictions. Customer will not: (i) make the Addendum Services or Content available to anyone other than Customer
or Users, or use the Addendum Services or Content for the benefit of, anyone other than Customer or its Affiliates, unless
expressly stated otherwise in an Order Form or the Documentation,(ii)sell,resell,license,sublicense,distribute,make available,
rent or lease the Addendum Services or Content,or include the Addendum Services or Content in a service bureau or outsourcing
offering, (iii) use the Addendum Services or Non-SFDC Application to store or transmit infringing, libelous, or otherwise
unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights, (iv) use the Addendum
Services or any Non-SFDC Application to store or transmit Malicious Code, (v) interfere with or disrupt the integrity or
performance of the Addendum Services or third-party data contained therein, (vi) attempt to gain unauthorized access to the
Addendum Services or Content or its related systems or network,(vii)permit direct or indirect access to or use of the Addendum
Services or Content in a way that circumvents a contractual usage limit, or use any of Addendum Services to access or use any
SFDC intellectual property except as permitted under this Addendum,an Order Form,or the Documentation,(viii)modify,copy,
or create derivative works based on the Addendum Services or any part, feature, function or user interface thereof, (ix) copy
Content, except as permitted herein or in an Order Form or the Documentation, (x) frame or mirror any part of any Addendum
Services or Content, other than framing on Customer's own intranets or otherwise for its own internal business purposes, or as
permitted in the Documentation,(xi)reverse engineer the Addendum Services(to the extent such restriction is permitted by law),
or(xii) except to the extent permitted by applicable law,disassemble, reverse engineer, or decompile an Addendum Service or
Content or access it to (1) build a competitive product or service, (2) build a product or service using similar ideas, features,
functions or graphics of the Service,(3)copy any ideas,features,functions or graphics of the Addendum Service,or(4)determine
whether the Addendum Services are within the scope of any patent.
3.4 Removal of Content and Non-SFDC Applications. if Customer receives notice that Content or a Non-SFDC Application must
be removed, modified and/or disabled to avoid violating applicable law, third-party rights, or the Acceptable Use and External
Facing Services Policy,Customer will promptly do so. If Customer does not take required action in accordance with the above,
SFDC may disable the applicable Content, Addendum Service and/or Non-SFDC Application until the potential violation is
resolved. If so requested by SFDC,Customer shall certify such deletion and discontinuance of use in writing and SFDC shall be
authorized to provide a copy of such certification to any such third party claimant or governmental authority,as applicable. In
addition, if SFDC is required by any third party rights holder to remove Content,or receives information that Content provided
to Customer may violate applicable law or third-party rights, SFDC may discontinue Customer's access to Content through the
Addendum Services.
4. NON-SFDC PRODUCTS AND SERVICES
In addition to the provisions regarding Non-SFDC Applications, the following terms shall apply with respect to the Addendum
Services:
4.1 Non-SFDC Products and Services. SFDC or third parties may make available (for example, through the Marketplace, or
otherwise) third-party products or services, including, for example, Non-SFDC Applications and implementation and other
consulting services. Any acquisition by Customer of such products or services,and any exchange of data between Customer and
any non-SFDC provider,product or service is solely between Customer and the applicable non-SFDC provider. SFDC does not
warrant or support Non-SFDC Applications or other non-SFDC products or services, whether or not they are designated by
SFDC as "certified" or otherwise unless expressly provided otherwise in and Order Form. SFDC is not responsible for any
disclosure, modification or deletion of Customer Data resulting from access by such Non-SFDC Application or its provider.
4.2 Integration with Non-SFDC Applications. The Addendum Services may contain features designed to interoperate with Non-
SFDC Applications. SFDC cannot guarantee the continued availability of such Addendum Service features, and may cease
providing them without entitling Customer to any refund,credit,or other compensation, if for example and without limitation,
the provider of a Non-SFDC Application ceases to make the Non-SFDC Application available for interoperation with the
corresponding Addendum Service features in a manner acceptable to SFDC.
Nov 2018(AMER) Page 3 of 5 CONFIDENTIAL
DocuSign Envelope ID: 02468006-F998-4325-A438-08E214B4D63C
5. PROPRIETARY RIGHTS AND LICENSES
5.1 Ownership of Customer Data and License by Customer to SFDC. In addition to any rights under the MSA,Customer grants
SFDC, its Affiliates and applicable contractors a worldwide, limited-term license to host, copy, use, transmit and display any
Non-SFDC Applications and program code created by or for Customer using an Addendum Service or for use by Customer with
the Addendum Services, and Customer Data, each as necessary for SFDC to provide and ensure proper operation of the
Addendum Services and associated systems in accordance with the Agreement and the Documentation. If Customer chooses to
use a Non-SFDC Application with an Addendum Service, Customer grants SFDC permission to allow the Non-SFDC
Application and its provider to access Customer Data as required for the interoperation of that Non-SFDC Application with the
Addendum Services. Subject to the limited licenses granted herein, SFDC acquires no right, title or interest from Customer or
its licensors under the Agreement in or to any Customer Data,Non-SFDC Application or such program code.
5.2 Access to and Use of Content. SFDC,its Affiliates,its licensors and Content providers reserve all of their respective right,title
and interest in and to the Content, including all of their related intellectual property rights. No rights are granted to Customer
hereunder other than as expressly set forth herein. None of SFDC's obligations in the MSA apply to Content,except as expressly
set forth as applicable to Content in this Addendum. Customer has the right to access and use applicable Content subject to the
terms of applicable Order Forms, this Agreement and the Documentation. CONTENT IS PROVIDED "AS IS," "AS
AVAILABLE"AND EXCLUSIVE OF ANY WARRANTY WHATSOEVER.
5.3 License by Customer to Use Feedback. Additionally, Customer grants to SFDC and its Affiliates a worldwide, perpetual,
irrevocable, royalty-free license to use and incorporate into its services or other SFDC or SFDC Affiliate products or services
any suggestion,enhancement request,recommendation,correction or other feedback provided by Customer or Users relating to
the operation of SFDC's or its Affiliates' services.
6. INDEMNIFICATION AND LIMITATION OF LIABILITY.
6.1 Additional Terms for Indemnification by SFDC. In addition to SFDC's indemnity obligations under the MSA, if SFDC
receives information about an infringement or misappropriation claim related to an Addendum Service, SFDC may in its
discretion and at no cost to Customer (a) modify the Addendum Services so that they are no longer claimed to infringe or
misappropriate,without breaching SFDC's warranties under Section 7.1 ("SFDC Warranties")of the MSA, (b)obtain a license
for Customer's continued use of that Addendum Service in accordance with this Addendum, or (c) terminate Customer's
subscriptions for that Addendum Service upon 30 days' written notice and refund Customer any prepaid fees covering the
remainder of the term of the terminated subscriptions. SFDC shall have no indemnity obligation to Customer if(1)the allegation
does not state with specificity that the Addendum Services are the basis of the Claim Against Customer; (2) a Claim Against
Customer arises from the use or combination of the Addendum Services or any part thereof with software, hardware, data, or
processes not provided by SFDC, if the Addendum Services or use thereof would not infringe without such combination; (3)a
Claim Against Customer arises from Addendum Services under an Order Form for which there is no charge; or (4) a Claim
Against Customer arises from Content,a Non-SFDC Application or Customer's breach of this Agreement, the Documentation
or applicable Order Fonns.
6.2 Additional Terms for Indemnification by Customer. In addition to Customer's indemnity obligations under the MSA, a
"Claim Against SFDC"under Section 8.2 of the MSA shall also include any claim,demand,suit or proceeding made or brought
against SFDC by a third party (a)alleging a Non-SFDC Application provided by Customer,or the combination of a Non-SFDC
Application provided by Customer and used with the Addendum Services, infringes or misappropriates such third party's
intellectual property rights, or(b) arising from Customer's use of the Addendum Services or Content in an unlawful manner or
in violation of the Agreement, the Documentation, or Order Form. Customer shall have no indemnity obligation to SFDC if a
Claim Against SFDC arises from SFDC's breach of this Agreement,the Documentation or applicable Order Forms.
6.3 Exclusive Remedy. The indemnification obligations set forth in Section 8 of the MSA,as modified by Sections 6.1 and 6.2 of
this Addendum, state the indemnifying party's sole liability to, and the indemnified party's exclusive remedy against, the other
party for any third party claim described in the indemnity sections of the Agreement.
6.4 LIMITATION OF LIABILITY. WITH RESPECT TO THE ADDENDUM SERVICES, IN NO EVENT SHALL THE
AGGREGATE LIABILITY OF EACH PARTY TOGETHER WITH ALL OF ITS AFFILIATES ARISING OUT OF OR
RELATED TO THIS AGREEMENT EXCEED THE TOTAL AMOUNT PAID BY CUSTOMER AND ITS AFFILIATES
HEREUNDER FOR THE SERVICES GIVING RISE TO THE LIABILITY IN THE TWELVE MONTHS PRECEDING THE
FIRST INCIDENT OUT OF WHICH THE LIABILITY AROSE. THE FOREGOING LIMITATION WILL APPLY
WHETHER AN ACTION IS IN CONTRACT OR TORT AND REGARDLESS OF THE THEORY OF LIABILITY, BUT
WILL NOT LIMIT CUSTOMER'S AND ITS AFFILIATES' PAYMENT OBLIGATIONS UNDER THE "FEES AND
Nov 2018(AMER) Page 4 of 5 CONFIDENTIAL
DocuSign Envelope ID:02468006-F998-4325-A438-08E214B4D63C
PAYMENT"SECTION ABOVE. FOR THE PURPOSES OF THIS ADDENDUM,THIS SECTION 6.4 SUPERSEDES AND
REPLACES SECTION 9.1 (LIMITATION OF LIABILITY)OF THE MSA.
7. GENERAL PROVISIONS
7.1 Survival. The sections titled "Customer Responsibilities", "Ownership and Use of Customer Data", "Access to and Use of
Content", "Removal of Content and Non-SFDC Applications", "indemnification and Limitation of Liability", and "General
Provisions"shall survive any termination or expiration of this Addendum.
7.2 Entire Agreement; Order of Precedence. This Addendum, combined with the MSA, is the entire agreement between SFDC
and Customer regarding Customer's use of the Addendum Services and Content and supersedes all prior and contemporaneous
agreements, proposals or representations, written or oral, concerning its subject matter. In the event of any conflict or
inconsistency among the following documents,the order of precedence shall be: (1)the applicable Order Form, (2)any exhibit,
schedule or addendum to this Addendum,(3)the body of this Addendum, (4)the body of the MSA,and(5)the Documentation.
No exhibits, schedules or other addendum to the MSA shall apply to Addendum Services. Subject to the modifications herein
applicable solely to the Addendum Services, the MSA remains in full force and effect. Titles and headings of sections of this
Agreement arc for convenience only and shall not affect the construction of any provision of this Agreement.
7.3 Counterparts. This Addendum may be executed electronically and in counterparts.
The parties' authorized signatories have duly executed this Addendum as of the Effective Date.
SALESFORCE.COM,INC. CUSTOMER
DocuSiyned by: Docuftned by:
By: �GIWd C,IA1tit1Ml S By: �rukwouXn.�dd.
B93580333FD44CE... 4F4D1 DW543750...
Print Name: David Cummings Print Name: Jack Arrowsmith
Title: Director, sales operations Title: Executive Director
Date: 6/18/2019 Date: 3une 19, 2019
Nov 2018(AMER) Page 5 of 5 CONFIDENTIAL
DocuSign Envelope ID: C7644D7C-94EB-4B3C-9585-55BE8D0883A7
r —.
salesforce
6, ��
AMENDMENT 1 TO MASTER SUBSCRIPTION AGREEMENT
This Amendment 1 to Master Subscription Agreement("Amendment")is made as of the date of last signature herein
("Amendment Effective Date")by and between Statewide Internet Portal Authority("Customer")and salesforce.com,
inc. ("SFDC"), with respect to that certain Master Subscription Agreement dated July 15, 2011 by and between
Customer and SFDC (the "AQreement"). Capitalized teens not defined herein shall have the meaning assigned to
them in the Agreement.
The parties hereby agree to amend the Agreement as follows:
I. Definitions. The definition of"Affiliate"in Section 1 (Definitions)of the Agreement is hereby deleted in its
entirety and replaced with the following:
"Affiliate"means any entity that directly or indirectly controls, is controlled by,or is under common control
with the subject entity. "Control," for purposes of this definition, means direct or indirect ownership or
control of more than 50%of the voting interests of the subject entity."Affiliate"shall also mean any state or
local governmental entity within the State of Colorado.
2. SFDC HIPAA Business Associate Addendum. SFDC and Customer shall abide by the terms of the HIPAA
Business Associate Addendum attached to this Amendment as Attachment 1,and such attachment is hereby
deemed added to the Agreement as Exhibit A.
3. Mulesoft Amendment to HIPAA Business Associate Addendum. Mulesoft and Customer shall abide by the
terms of the HIPAA Business Associate Addendum attached to this Amendment as Attachment 2,and such
attachment is hereby deemed added to the Agreement as Exhibit B.
4. Effect of Amendment. Subject to the modifications set forth in this Amendment,the Agreement remains in
fitll force and effect.
IN WITNESS WHEREOF,Customer and SFDC have executed this Amendment as of the Amendment Effective Date.
SALESFORCE.COM,INC. STATEWIDE INTERNET PORTAL
AUTHORITY
DocuSiyned by: F�,,
cusiynedby:
By. F�A ,,D�t.VS01n. By.22sns,ns9,26401.ena Johnson 4F4D1D985438450...
Print Name: Print Name: Jack Arrowsmith
Title: senior Manager, sales operations Title: Executive Director
Date: August 22, 2019 1 13:49:58 PDT Authority Level: C-t evel
Date:
August 23, 2019
Agreement#
SFDC-MSA Amendment-BAA—AMER-United Sates-EN_October 2018
Page 1 of 7 CONFIDENTIAL
DocuSign Envelope ID: C7644D7C-94EB-4B3C-9585-55BE8D0883A7
Exhibit List
Exhibit A—SFDC HIPAA Business Associate Addendum
Exhibit B—Mulesofr Amendment to HIPPA Business Associate Addendum
Agreement#
SFDC-MSA Amendment-BAA_AMER-United Sates-EN—October 2018
Page 2 of 7 CONFIDENTIAL
DocuSign Envelope ID:C7644D7C-94EB4B3C-9585-55BE8D0883A7
ATTACHMENT 1
salesforce
EXHIBIT A
SFDC HIPAA BUSINESS ASSOCIATE ADDENDUM
This HIPAA Business Associate Addendum (this "Addendum") is made a part of, and incorporated into, the
Agreement. The purpose of this Addendum is to implement certain of the requirements of the Health Insurance
Portability and Accountability Act of 1996 and the rules and regulations promulgated thereunder as supplemented and
amended by the requirements of Subtitle D of the Health Information Technology for Economic and Clinical Health
(HITECH) Act provisions of the American Recovery and Reinvestment Act of 2009 and the rules and regulations
promulgated thereunder (collectively, "HIPAA"). The parties acknowledge that those regulations include both the
federal privacy regulations, as amended from time to time, issued pursuant to HIPAA and codified at 45 CFR Parts
160 and 164 (Subparts A & E) (the "Privacy Rule") and the federal security regulations, as amended from time to
time, issued pursuant to HIPAA and codified at 45 CFR Parts 160 and 164(Subparts A&C)(the "Security Rule").
In the course of providing those Services branded by SFDC as Force.com, Site.com, Database.com, Sales Cloud,
Service Cloud, Field Service Lightning, Communities, Chatter, Salesforce Mobile app, Health Cloud, Einstein
Analytics, loT Explorer, Live Agent, Surveys, and ExactTarget(collectively, the "Covered Services") to Customer
pursuant to the Agreement,SFDC may,on behalf of Customer,receive,maintain or transmit information entered into
the Covered Services as Customer Data that constitutes Protected Health Information,as defined in 45 CFR§160.103
("PHI"),and as a result may,for certain purposes and under certain circumstances,be deemed a Business Associate,
as such term is defined in 45 CFR §160.103, under HIPAA. "Documentation" means SFDC's online user guides,
documentation, and help and training materials, as updated from time to time, accessible via help.sales force.coin or
login to the applicable Services.For clarity,Customer acknowledges that neither SFDC nor its Subcontractors"create"
Protected Health Information in the provision of the Covered Services. This Addendum governs Customer's and
SFDC's respective responsibilities with respect to such PHI to the extent SFDC acts as a Business Associate to
Customer,including SFDC's Use and Disclosure of PHI,as such terms are defined in 45 CFR§160.103. A capitalized
term not defined herein shall have the meaning ascribed to that term in the Agreement, or, if any such term has no
meaning ascribed in the Agreement,then such term shall have the meaning ascribed to it under HIPAA.
Accordingly,the parties agree as follows:
1. Use and Disclosure of PHI by Customer. Customer shall Use and Disclose PHI only as pennitted by HIPAA.
Customer shall not authorize,request or require SFDC to Use or Disclose PHI in any manner that would violate
HIPAA if the Use or Disclosure were carried out by Customer except as permitted under HIPAA and set forth
in this Addendum. Customer will not agree to any restriction requests or place any restrictions in any notice of
privacy practices that would cause SFDC or one of its Subcontractors to violate this Addendum or any
applicable law.
2. Use and Disclosure of PHI by SFDC. SFDC shall Use or Disclose PHI only in the manner and for the purposes
set forth in this Addendum or in accordance with the Agreement and not in any other manner or for any other
purposes. Without limiting the generality of the foregoing, Customer hereby authorizes SFDC to do the
following:
(i) Use and Disclose PHI as necessary to provide the Covered Services, to prevent or address service or
technical problems and,to perform customer support services to Customer;
Agreement#
SFDC-MSA Amendment-BAA—AMER-United Sates-EN—October 2018
Page 3 of 7 CONFIDENTIAL
DocuSign Envelope ID: C7644D7C-94EB-4B3C-9585-55BE8D0883A7
(ii) Use and Disclose PHI as Required by Law; and
(iii) Use and Disclose PHI as necessary for the proper management and administration of SFDC and to carry
out the legal responsibilities of SFDC.
3. Protection of PHI. In connection with its receipt,maintenance or transmission of PHI on behalf of Customer,
SFDC agrees to do the following:
(i) in accordance with 45 CFR § 164.502(e)(1), SFDC may disclose PHI to Subcontractors and such
Subcontractors shall have the rights to Use and Disclose PHI pursuant the agreement between SFDC
and each Subcontractor, provided that SFDC shall ensure that any Subcontractors that receive,
maintain or transmit PHI on behalf of SFDC agree to restrictions and conditions no less restrictive
than those that apply to SFDC in this Addendum with respect to such PHI;
(ii) use appropriate administrative,technical and physical safeguards,and comply,where applicable,with
the Security Rule with respect to any PHI that constitutes Electronic Protected Health Information,to
prevent Use or Disclosure of PHI other than as provided for by this Addendum;and
(iii) to the extent SFDC carries out the Customer's obligations under the Privacy Rule, if applicable,
comply with the requirements of the Privacy Rule that apply to the Customer in the performance of
those obligations; notwithstanding the foregoing, the parties acknowledge that,under the Agreement
and this Addendum,unless otherwise agreed upon by the parties in writing,SFDC has no obligations
to carry out any of Customer's obligations under the Privacy Rule.
4. Breach Notification.
i) SFDC shall report to Customer any Use or Disclosure of PHI not provided for in this Addendum of
which SFDC becomes aware, including any Breach of Unsecured Protected Health Information in
accordance with 45 CFR § 164.410. SFDC shall provide to the Customer all information required by
45 CFR§ 164.410(c)to the extent known and provide any additional available information reasonably
requested by Customer for purposes of investigating the Breach as required by H1PAA. For purposes
of this Addendum,"Breach"means the acquisition,access,Use or Disclosure of PHI in a manner not
permitted by the Privacy Rule that compromises the security or privacy of the PHI as defined, and
subject to the exclusions set forth,in 45 CFR§ 164.402.
(ii) SFDC shall be required to report to Customer,without unreasonable delay, only successful Security
Incidents pertaining to PHI of which SFDC becomes aware. SFDC hereby provides Customer with
notice in this Section 4(ii) of the ongoing existence and occurrence of attempted but unsuccessful
Security Incidents,which include,but are not limited to,pings and other broadcast attacks on SFDC's
firewall, port scans, unsuccessful log-in attempts, denials of service attacks and any combination of
the above,so long such incidents do not result in unauthorized access,Use or Disclosure of PHI. The
parties agree that no further notice of unsuccessful Security Incidents is required.
5. Access by HHS. SFDC shall make its internal practices,books and records relating to the Use and Disclosure
of PHI available to the Secretary of the United States Department of Health and Human Services for purposes
of determining Customer's compliance with HIPAA.
6. Individual Access Requests.SFDC shall forward to Customer any requests SFDC receives from an Individual
for access to the Individual's PHI that is entered in the Covered Services by Customer to which Customer shall
respond in accordance with the requirements of 45 CFR § 164.524. The parties agree that, by virtue of
providing the Covered Services, SFDC will make available to Customer all PHI that is entered in the Covered
Services by Customer, including PHI about an Individual, to facilitate Customer's compliance with the
requirements of 45 CFR§ 164.524.
Agreement#
SFDC-MSA Amendment-BAA—AMER-United Sates-EN—October 2018
Page 4 of 7 CONFIDENTIAL
DocuSign Envelope ID:C7644D7C-94EBAB3C-9585-55BEBD0883A7
7. Individual Amendment Requests. Customer shall be exclusively responsible for responding to all requests
by Individuals for amendment to their PHI in accordance with HIPAA. The parties agree that, by virtue of
providing the Covered Services, SFDC will make available to Customer all PHI that is entered in the Covered
Services by Customer, including any PHI required to be made available for amendment in accordance with 45
CFR§ 164.526,in a manner that allows the Customer to reasonably incorporate any amendments to the PHI in
accordance with 45 CFR§ 164.526.
8. Individual Accounting Requests. SFDC shall in accordance with and as required by 45 CFR§ 164.504(e)(2)
document Disclosures of PHI made by SFDC and maintain information related to such Disclosures.SFDC shall
make related information reasonably available to Customer to assist Customer with complying with its legal
obligations under 45 CFR § 164.528 and with responding to requests by Individuals for an accounting of
Disclosures of their respective PHI.
9. Termination. Upon request by Customer made in accordance with the terns of the Agreement after the
effective date of ternination or expiration of the Agreement, SFDC will make the Customer Data submitted to
the Covered Services available to Customer for return,export,or download as provided in the Documentation.
SFDC will otherwise have no obligation to maintain or provide any Customer Data,and will delete,overwrite,
or destroy all copies of Customer Data in its systems or otherwise in its possession or control as provided in the
Documentation,unless legally prohibited. If return or destruction of Customer Data that constitutes PHI is not
feasible, SFDC shall extend the confidentiality and security protections of this Addendum to that Customer
Data and limit further Uses and Disclosures of such Customer Data to those purposes that make the return or
destruction of the Customer Data infeasible.
10. Non-Compliance. In the event either party becomes aware that the other party has engaged in a pattern of
activity or practice that constitutes a material breach or violation of this Addendum, the non-breaching party
may request in writing that the breaching party cure the breach or violation. If the breach or violation is not
cured within 30 days of the written notice, the non-breaching party may terminate this Addendum and the
Agreement.
11. Amendment. The parties shall take such action as is necessary to amend the Agreement and this Addendum
from time to time as is necessary for the parties to comply with changes to the rules and regulations under
HIPAA. If the parties cannot agree as to a necessary amendment, either party may terminate the Agreement
and this Addendum with 30 days prior written notice to the other party.
12. Interpretation. Any ambiguity in this Addendum shall be resolved to permit the parties to comply with
HIPAA.
]REMAINDER OF PAGE INTENTIONALLY BLANK]
Agreement#
SFDC-MSA Amendment-BAA_AMER-United Sates-EN—October 2018
Page 5 of 7 CONFIDENTIAL
DocuSign Envelope ID: C7644D7C-94EB-4B3C-9585-55BE8D0883A7
ATTACHMENT 2
salesforce
6, ��
EXHIBIT B
MULESOFT AMENDMENT TO HiPAA BUSINESS ASSOCIATE ADDENDUM
This Mulesoft Amendment to the HIPAA Business Associate Addendum(this"Mulesoft Amendment")hereby
amends the Business Associate Agreement Addendum("Addendum")adopted and amended by the parties
contemporaneously with the this Mulesoft Amendment with respect to Services branded as Anypoint Runtime
Manager,Anypoint Monitoring,Anypoint MQ,Anypoint Object Store v2 and Anypoint Security(collectively,
"Mulesoft Covered Services"). For the avoidance of doubt,the Mulesoft Covered Services do not include any
portion of such services intended for deployment on Customer's premises. A capitalized term not defined herein
shall have the meaning ascribed to that term in the Addendum.
Accordingly,the parties agree as follows:
Mulesoft Additional Terms. The Mulesoft Covered Services will be included within the definition Covered Services
as set forth in the Addendum. The following additional terns shall apply to the Mulesoft Covered Services. All other
terms of the Addendum shall apply to the Mulesoft Covered Services except as modified below.
i. Applicability of the Mulesoft Amendment. This Mulesoft Amendment will not apply to,and SFDC shall not
be a Business Associate with respect to,any Services branded as Mulesoft except for the Mulesoft Covered
Services.
2. Appropriate Use of Covered Services. Customer is responsible for implementing appropriate privacy and
security safeguards in order to protect Customer's PHI in compliance with HIPAA,the Addendum, and this
Mulesoft Amendment. Without limitation, Customer will (a) not include PHI in any Services branded as
Mulesoft other than the Mulesoft Covered Services, (b) in connection with your use of Mulesoft Covered
Services, utilize a level of audit logging sufficient to record all activity related to use of and access to
protected health information(as defined in 45 C.F.R. § 160.103) in your information systems, (c) retain, in
accordance with HIPAA,audit logs containing information regarding the use of or access to protected health
information, and (d) comply with the "Mulesoft Business Associate Agreement Restrictions" document
available at https://www.nnilcsoft.coiiVIcgal/mulesol't-btisiness-associate-addendum-restrictions.
3. Encryption. For all PHI that Customer transmits to the Mulesoft Covered Services, Customer is required to
encrypt such PHI in transit in accordance with the Secretary of HHS's Guidance to Render Unsecured
Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals,
available at littL•//www lihs gov/ocr/privacy/liipaa/administrative/breaclinotificationrule/bl'guidaiice.litillI,as
it may be updated from time to time,and as may be made available on any successor or related site designated
by HHS. For more details on how Customer can implement this encryption in transit requirement,please see
the "Mulesoft Business Associate Agreement Restrictions" document available at
https•//www mulesoft corn/legal/mulesoft-bLIS iness Dissociate-addendum-restrictions.
4. Addition or Removal of Mulesoft Covered Services. In the event an SFDC Subcontractor providing services
to SFDC in support of this Mulesoft Amendment elects to discontinue providing services or functionality
that enable the provision of the Mulesoft Covered Services in compliance with this Amendment,then SFDC
shall be permitted to terminate this Mulesoft Amendment for the Mulesoft Covered Services upon written
notice. SFDC will provide at least 6 months prior notice to Customer of such termination where reasonably
Agreement#
SFDC-MSA Amendment-BAA_AMER-United Sates-EN—October 2018
Page 6 of 7 CONFIDENTIAL
DocuSign Envelope ID:C7644D7C-94EB-4B3C-9585-55BE8D0883A7
practical. If SFDC terminates this Mulesoft Addendum as outlined in this paragraph, Customer may
terminate its use of the affected Mulesoft Covered Services upon written notice to SFDC, and SFDC will
refund Customer any prepaid fees covering the remainder of the term of all Order Forms applicable to such
Mulesoft Covered Services.
5. Breach Notification. With respects to the Mulesoft Covered Services, SFDC utilizes a Subcontractor that
has made the breach notification commitments to SFDC as set forth below. SFDC's obligations set forth in
Section 4 of the Addendum are subject to these Subcontractor commitments:
a. Subcontractor shall notify SFDC on a quarterly basis of any Security Incident of which the
Subcontractor becomes aware in which there is a successful unauthorized access, use, disclosure,
modification,or destruction of information or interference with system operations in an information
system in a manner that risks the confidentiality, integrity, or availability of such information. The
Subcontractor has provided SFDC up-front notice, and no further notice will be provided, of
unsuccessful attempts at such unauthorized access, use, disclosure, modification, or destruction,
such as pings and other broadcast attacks on a firewall, denial of service attacks, port scans,
unsuccessful login attempts, or interception of encrypted information where the key is not
compromised,or any combination of the above.
b. Subcontractor shall notify SFDC of any Breach of Unsecured PHI that the subcontractor may
discover to the extent required by 45 C.F.R. § 164.410. The Subcontractor will make such report
available to SFDC without unreasonable delay, and in no case later than 60 calendar days after
discovery of such Breach.
[REMAINDER OF PAGE INTENTIONALLY BLANK]
Agreement#
SFDC-MSA Amendment-BAA_AMER-United Satcs-EN_October 2018
Page 7 of 7 CONFIDENTIAL
DocuSign Envelope ID: 7CBC046F-B9B3-4D1D-A86C-019D457B5DA8
tialc force
0
MAS TER S UBSCRIPTION AGREEMENT
Customer Full Legal Name: Statewide Internet Portal Authority(SIPA)
Customer Address: 633 17th St Ste 1610
Denver, CO , 80202 US
This Master Subscription Agreement ("Agreement") is between salesforce.com, inc.,a Delaware corporation with its principal place
of business at The Landmark @ One Market, Suite 300, San Francisco,California 94105 ("SFDC")and the party named above. This
Agreement is effective as of the later of the dates beneath the parties'signatures below(the"Effective Date").
For good and valuable consideration,the receipt and sufficiency of which is hereby acknowledged,the parties agree as follows:
1. DEFINITIONS
"Affiliate" means any entity which directly or indirectly controls, is controlled by,or is under common control with the subject
entity. "Control," for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting
interests of the subject entity.
"AppExchange" means the online directory of applications that interoperate with the Services, located at
http://,�vw\v.salesforce.coiiVamnexchamee or at any successor websites.
"Customer" means the customer named above and its Affiliates.
"Customer Application" means an online application that Customer (or a third party acting on Customer's behalf) creates
using,and that interoperates with,the Services.
"Customer Data" means all electronic data or information submitted by Customer to the Services.
"Malicious Code" means viruses,worms,time bombs,Trojan horses and otherharmful or malicious code,files,scripts,agents
or prograins.
"Non-SFDC Applications"means online applications and offline software products that are provided by entities or individuals
other than SFDC and are clearly identified as such, and that interoperate with the Services, including but not limited to tho se
listed on the AppExchange and those identified as Force.com Labs or by a similar designation.
"Order Forms" means the documents for placing orders hereunder that are entered into between Customer and SFDC or any
of its Affiliates from time to time, including addenda and supplements thereto. By entering into an Order Form hereunder, an
Affiliate agrees to be bound by the terms of this Agreement as if it were an original party hereto. Order Forms shall be deemed
incorporated herein by reference.
"Services" means the products and services that are ordered by Customer under an Order Form and ►rade available by SFDC
online via the customer login link at littp://www.saleslorce.com and/or other web pages designated by SFDC, including
associated offline components,as described in the User Guide. "Services"exclude Non-SFDC Applications.
"User Guide" means the online user guide for the Services, accessible via the customer login link at
littn://www.s,ilesforce.co n> as updated from time to time.
"Users" means individuals who are authorized by Customer to use the Services, for whom subscriptions to a Service have
been ordered, and who have been supplied user identifications and passwords by Customer (or by SFDC at Customer's
request). Users may include but are not limited to employees,consultants,contractors and agents ofCustorner, and third parties
with which Customer transacts business.
2. SERVICES
2.1 Provision of Services. SFDC shall make the Services available to Customer pursuant to this Agreement and the applicable
Order Forret during each subscription term. Customer agrees that its purchases hereunder are neither contingent on the
delivery of any future functionality or features nor dependent on any oral or written public comments made by SFDC regarding
future functionality or features.
Agreement#00000910.0 Page 1 of 7 CONFIDENTIAL
DocuSign Envelope ID: 7CBC046F-B9B3-4D1D-A86C-019D457B5DA8
2.2 User Subscriptions. Unless otherwise specified in the applicable Order Form,(i) Services are purchased as User subscriptions
and may be accessed by no more than the specified number of Users,(ii)additional User subscriptions may be added during the
applicable subscription term at the same pricing as that for the pre-existing subscriptions thereunder, prorated for the remainder
of the subscription tern in effect at the time the additional User subscriptions are added,and (iii)the added User subscriptions
shall terminate on the same date as the pre-existing User subscriptions. User subscriptions are for designated Users only and
cannot be shared or used by more than one User,but may be reassigned to new Users replacing former Users who no longer
require ongoing use of the Services.
2.3 SFDC Responsibilities. SFDC shall: (i) provide SFDC basic support for the Services to Customer at no additional charge,
and/or upgraded support if purchased, (ii)use connmrcially reasonable efforts to make the Services available 24 hours a day,7
days a week,except for: (a)planned downtime (of which SFDC shall give at least 8 hours notice via the Services and which
SFDC shall schedule to the extent practicable during the weekend hours from 6:00 p.m. Friday to 3:00 a.m. Monday Pacific
tune), or(b) any unavailability caused by circumstances beyond SFDC's reasonable control, including without limitation,acts
of God, acts of government, floods, fires, earthquakes, civil unrest, acts of terror, strikes or other labor problems (other than
those involving SFDC employees), Internet service provider failures or delays, or denial of service attacks, and(iii)provide the
Services only in accordance with applicable laws and government regulations.
2.4 SFDC Protection of Customer Data. SFDC shall maintain appropriate administrative,physical,and technical safeguards for
protection of the security, confidentiality and integrity of Customer Data. SFDC shall not (a) modify Customer Data, (b)
disclose Customer Data except as compelled by law in accordance with the "Confidentiality: Compelled Disclosure" section
below oras expressly permitted in writing by Customer,or(c)access Customer Data except to provide the Services and prevent
or address service or technical problems,or at Customer's request in connection with customer support matters.
2.5 Customer Responsibilities. Customer shall (i)be responsible for Users' compliance with this Agreement, (ii)be responsible
for the accuracy, quality and legality of Customer Data and of the means by which it acquired Customer Data, (iii) use
commercially reasonable efforts to prevent unauthorized access to or use of the Services, and notify SFDC promptly of any
such unauthorized access or use, and (iv) use the Services only in accordance with the User Guide and applicable laws and
government regulations. Customer shall not(a) make the Seryices available to anyone other than Users, (b) sell, resell, rent or
lease the Services, (c)use the Services to store or transmit infringing, libelous,or otherwise unlawfirl or tortious material,or to
store or transmit material in violation of third-party privacy rights, (d)use the Services to store ortransmit Malicious Code, (e)
interfere with or disrupt the integrity or performance of the Services or third-party data contained therein, or(f)attempt to gain
unauthorized access to the Services or their related systems or networks.
3. NON-SFDC PROVIDERS
3.1 Acquisition of Non-SFDC Products and Services. SFDC or third parties may from time to time make available to Customer
(e.g., through the AppExchange) third-party products or services, including but not limited to Non-SFDC Applications and
implementation, customization and other consulting services. Any acquisition by Customer of such non-SFDC products or
services, and any exchange of data between Customer and any non-SFDC provider, is solely between Customer and the
applicable non-SFDC provider. SFDC does not wan-ant or support non-SFDC products or services, whether or not they are
designated by SFDC as "certified" or otherwise,except as specified in an Order Form. Subject to the "integration with Non-
SFDC Applications" section below, no purchase of non-SFDC products or services is required to use the Services except a
supported computing device,operating system,web browser and Internet connection.
3.2 Non-SFDC Applications and Customer Data. If Customer installs or enables Non-SFDC Applications for use with Services,
Customer acknowledges that SFDC may allow providers of those Non-SFDC Applications to access Customer Data as required
for the interoperation and support of such Non-SFDC Applications with the Services. SFDC shall not be responsible for any
disclosure,modification or deletion of Customer Data resulting from any such access by Non-SFDC Application providers.The
Services shall allow Customer to restrict such access by restricting Users from installing or enabling such Non-SFDC
Applications for use with the Services.
3.3 Integration with Non-SFDC Applications. The Services may contain features designed to interoperate with Non-SFDC
Applications (e.g., Google, Facebook or Twitter applications). To use such features, Customer may be required to obtain access
to such Non-SFDC Applications from their providers. If the provider of any such Non-SFDC Application ceases to make the
Non-SFDC Application available for interoperation with the corresponding Service features on reasonable terms, SFDC may
cease providing such Service features without entitling Custonnerto any refund, credit,or other compensation.
4. FEES AND PAYMENT
4.1 Fees. Customer shall pay all fees specified in all Order Forms hereunder. Except as otherwise specified herein or in an Order
Form, (i) fees are based on services purchased and not actual usage, (ii)payment obligations are non-cancelable and fees paid
are non-refundable, and (iii)the number of User subscriptions purchased cannot be decreased during the relevant subscription
tern stated on the Order Form. User subscription fees are based on monthly periods that begin on the subscription start date
Agreement#00000910.0 Page 2 of 7 CONFIDENTIAL
DocuSign Envelope ID: 7CBC046F-B9B3-4D1D-A86C-019D457B5DA8
and each monthly anniversary thereof, therefore, fees for User subscriptions added in the middle of a monthly period will be
charged for that full monthly period and the monthly periods remaining in the subscription term.
4.2 Invoicing and Payment. Fees will be invoiced in advance and otherwise in accordance with the Order Form. Unless
otherwise stated in the Order Form, fees are due net 30 days from the invoice date. Customer is responsible for providing
complete and accurate billing and contact information to SFDC and notifying SFDC of any changes to such information.
4.3 Overdue Charges. If any amounts invoiced hereunder are not received by SFDC by the due date, then at SFDC's discretion,
(a) such charges may accrue late interest at the rate of 1.5% of the outstanding balance per month, or the maximum rate
pennitted by law,whichever is lower, from the date such payment was due until the date paid,and/or(b) SFDC may condition
future subscription renewals and Order Forms on payment terms shorter than those specified in the "Invoicing and Payment"
section above.
4.4 Suspension of Service. If any charge owing by Customer is 30 days or more overdue, SFDC may,without limiting its other
rights and remedies, suspend Services until such amounts are paid in full, provided SFDC has given Customer 10 or more
days'prior notice that its account is overdue in accordance with the"Notices"section below.
4.5 Payment Disputes. SFDC shall not exercise its rights under the"Overdue Charges"or"Suspension of Service" section above
if Customer is disputing the applicable charges reasonably and in good faith and is cooperating diligently to resolve the dispute.
4.6 Taxes. Unless otherwise stated, SFDC's fees do not include any taxes, levies, duties or similar governmental assessments of
any nature, including but not limited to value-added, sales and use, or withholding taxes, assessable by any local, state,
provincial, federal or foreign jurisdiction (collectively, "Taxes"). Customer is responsible for paying all Taxes associated with
its purchases hereunder. If SFDC has the legal obligation to pay or collect Taxes for which Customer is responsible under this
paragraph, the appropriate amount shall be invoiced to and paid by Customer,unless Customer provides SFDC with a valid tax
exemption certificate authorized by the appropriate taxing authority. For clarity, SFDC is solely responsible for taxes
assessable against it based on its income,property and employees.
5. PROPRIETARY RIGHTS
5.1 Reservation of Rights in Services. Subject to the limited rights expressly granted hereunder, SFDC reserves all rights,title
and interest in and to the Services, including all related intellectual property rights. No rights are granted to Customer
hereunder other than as expressly set forth herein.
5.2 Restrictions. Customer shall not (i) permit any third party to access the Services except as permitted herein or in an Order
Form, (ii) create derivative works based on the Services except as permitted herein, (iii) copy, frame or mirror any part or
content of the Services, other than copying or framing on Customer's own intranets or otherwise for its own internal business
purposes, (iv) reverse engineer the Services,or(v)access the Services in order to (a)build a competitive product or service, or
(b)copy any features,functions or graphics of the Services.
5.3 Customer Applications and Code. If Customer,a third party acting on Customer's behalf, or a User creates applications or
program code using the Services, Customer authorizes SFDC to host,copy,transmit, display and adapt such applications and
program code, solely as necessary for SFDC to provide the Services in accordance with this Agreement. Subject to the above,
SFDC acquires no right, title or interest from Customer or its licensors under this Agreement in or to such applications or
program code,including any intellectual property rights therein.
5.4 Customer Data. Subject to the limited rights granted by Customer hereunder, SFDC acquires no right, title or interest from
Customer or its licensors underthis Agreement in orto Customer Data, including any intellectual property rights therein.
5.5 Suggestions. SFDC shall have a royalty-free, worldwide, irrevocable,perpetual license to use and incorporate into the Services
any suggestions,enhancement requests,recommendations or other feedback provided by Customer, including Users,relating to
the operation of the Services.
5.6 Federal Government End Use Provisions. SFDC provides the Services, including related software and teclmology, for
ultimate federal government end use solely in accordance with the following: Government technical data and software rights
related to the Services include only those rights customarily provided to the public as defined in this Agreement. This
customary commercial license is provided in accordance with FAR 12.211 (Technical Data) and FAR 12.212 (Software)and,
for Department of Defense transactions, DFAR 252.227-7015 (Technical Data — Commercial Items) and DFAR 227.7202-3
(Rights in Commercial Computer Software or Computer Software Documentation). If a government agency has a need for
rights not conveyed under these terms,it must negotiate with SFDC to determine if there are acceptable terms for transferrin g
such rights, and a mutually acceptable written addendum specifically conveying such rights must be included in any applicable
contract or agreement.
6. CONFIDENTIALITY
Agreement#00000910.0 Page 3 of 7 CONFIDENTIAL
DocuSign Envelope ID: 7CBC046F-B9B3-4D1D-A86C-019D457B5DA8
6.1 Definition of Confidential information. As used herein, "Confidential Information" means all confidential information
disclosed by a party ("Disclosing Party") to the other party ("Receiving Party"), whether orally or in writing, that is
designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the
circumstances of disclosure. Confidential Information of Customer shall include Customer Data; Confidential Information of
SFDC shall include the Services; and Confidential information of each party shall include the terms and conditions of this
Agreement and all Order Forms, as well as business and marketing plans, technology and technical information, product plans
and designs, and business processes disclosed by such party. However, Confidential Information (other than Customer Data)
shall not include any information that(i)is or becomes generally known to the public without breach of any obligation owed to
the Disclosing Party, (ii)was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any
obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the
Disclosing Party,or(iv)was independently developed by the Receiving Party.
6.2 Protection of Confidential Information. The Receiving Party shall use the same degree of care that it uses to protect the
confidentiality of its own confidential information of like kind (but in no event less than reasonable care) (i) not to use any
Confidential information of the Disclosing Party for any purpose outside the scope of this Agreement, and (ii) except as
otherwise authorized by the Disclosing Party in writing,to limit access to Confidential Information of the Disclosing Party to
those of its and its Affiliates' employees, contractors and agents who need such access for purposes consistent with this
Agreement and who have signed confidentiality agreements with the Receiving Party containing protections no less stringent
than those herein. Neither party shall disclose the ten-ns of this Agreement or any Order Form to any third party other than its
Affiliates and their legal counsel and accountants without the other party's prior written consent.
6.3 Compelled Disclosure. The Receiving Party nray disclose Confidential information of the Disclosing Party if it is compelled
by law to do so, provided the Receiving Party gives the Disclosing Party prior notice of such compelled disclosure (to the
extent legally permitted)and reasonable assistance, at the Disclosing Party's cost, if the Disclosing Party wishes to contest the
disclosure. If the Receiving Party is compelled by law to disclose the Disclosing Party's Confidential Information as part of
civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the
Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to such
Confidential Information.
7. WARRANTIES, EXCLUSIVE REMEDIES AND DISCLAIMERS
7.1 SFDC Warranties. SFDC warrants that (i)it has validly entered into this Agreement and has the legal power to do so, (ii) the
Services shall perforin materially in accordance with the User Guide,(iii)subject to the"integration with Non-SFDC Services"
section above,the functionality of the Services will not be materially decreased during a subscription term, and (iv) it will not
transmit Malicious Code to Customer, provided it is not a breach of this subpart (iv) if Customer or a User uploads a file
containing Malicious Code into the Services and later downloads that file containing Malicious Code. For any breach of a
warranty above, Customer's exclusive remedy shall be as provided in the "Termination for Cause" and "Refund or Payment
upon Termination"sections below.
7.2 Customer's Warranties.Customer warrants that it has validly entered into this Agreement and has the legal power to do so.
7.3 Disclaimer. EXCEPT AS EXPRESSLY PROVIDED HEREIN, NEITHER PARTY MAKES ANY WARRANTIES OF ANY
KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY
DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY WARRANTIES OF MERCHANTABILITY OR FITNESS
FORA PARTICULAR PURPOSE,TO THE MAXIMUM EXTENT PERMITTED BYAPPLICABLE LAW.
7.4 Non-GA Services. From time to time SFDC may invite Customer to try, at no charge, SFDC products or services that are not
generally available to SFDC customers ("Non-GA Services"). Customer may accept or decline any such trial in its sole
discretion. Any Non-GA Services will be clearly designated as beta,pilot, limited release,developer preview, non-production
or by a description of similar import. Non-GA Services are provided for evaluation purposes and not for production use, are
not supported, may contain bugs or errors, and may be subject to additional terms. Non-GA Services are not considered
"Services"hereunder and are provided"AS IS"with no express or implied warranty. SFDC may discontinue Non-GA Seryices
at any time in its sole discretion and may never make them generally available.
8. MUTUAL INDEMNIFICATION
8.1 Indemnification by SFDC. SFDC shall defend Customer against any claim, demand, suit or proceeding made or brought
against Customer by a third party alleging that the use of the Services as permitted hereunder infringes or misappropriates the
intellectual property rights of a third party (a "Claim Against Customer"), and shall indemnify Customer for any damages,
attorney fees and costs finally awarded against Customer as a result of, and for amounts paid by Customer under a court-
approved settlement of, a Claim Against Customer; provided that Customer (a) promptly gives SFDC written notice of the
Claim Against Customer, (b)gives SFDC sole control of the defense and settlement of the Claim Against Customer(provided
that SFDC may not settle or defend any Claim Against Customer unless it unconditionally releases Customer of all liability),
Agreement#00000910.0 Page 4 of 7 CONFIDENTIAL
DocuSign Envelope ID: 7CBC046F-B9B3-4D1D-A86C-019D457B5DA8
and (c)provides to SFDC all reasonable assistance,at SFDC's expense. In the event of a Claim Against Customer, or if SFDC
reasonably believes the Services may infringe or misappropriate, SFDC may in its discretion and at no cost to Customer (i)
modify the Services so that they no longer infringe or misappropriate, without breaching SFDC's warranties under "SFDC
Warranties"above,(ii)obtain a license for Customer's continued use ofthe Services in accordance with this Agreement,or(iii)
terminate Customer's User subscriptions for such Services upon 30 days' written notice and refund Customer any prepaid fees
covering the remainder of the term of such User subscriptions after the effective date of termination.
8.2 Indemnification by Customer. Customer shall defend SFDC against any claim,demand, suit or proceeding made or brought
against SFDC by a third party alleging that the Customer Data,or Customer's use of the Services in breach of this Agreement,
infringes or misappropriates the intellectual property rights of a third party or violates applicable law (a "Claim Against
SFDC"), and shall indemnify SFDC for any damages, attorney fees and costs finally awarded against SFDC as a result of, or
forany amounts paid by SFDC under court-approved settlement of,a Claim Against SFDC;provided that SFDC(a)promptly
gives Customer written notice of the Claim Against SFDC, (b) gives Customer sole control of the defense and settlement of the
Claim Against SFDC (provided that Customer may not settle or defend any Claim Against SFDC unless it unconditionally
releases SFDC of all liability),and(c)provides to Customer all reasonable assistance,at Customer's expense.
8.3 Exclusive Remedy. This "Mutual Inderrunification" section states the indemnifying party's sole liability to, and the
indemnified party's exclusive remedy against,the other party for any type ofclaim described in this section.
9. LIMITATION OF LIABILITY
9.1 Limitation of Liability. NEITHER PARTY'S LIABILITY WITH RESPECT TO ANY SINGLE INCIDENT ARISING OUT
OF OR RELATED TO THIS AGREEMENT(WHETHER IN CONTRACT OR TORT OR UNDER ANY OTHER THEORY
OF LIABILITY) SHALL EXCEED THE LESSER OF $500,000 OR THE AMOUNT PAID BY CUSTOM ER HEREUNDER
IN THE 12 MONTHS PRECEDING THE INCIDENT, PROVIDED THAT IN NO EVENT SHALL EITHER PARTY'S
AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT (WHETHER IN CONTRACT OR
TORT OR UNDER ANY OTHER THEORY OF LIABILITY) EXCEED THE TOTAL AMOUNT PAID BY CUSTOMER
HEREUNDER. THE FOREGOING SHALL NOT LIMIT CUSTOMER'S PAYMENT OBLIGATIONS UNDER THE"FEES
AND PAYMENT"SECTION ABOVE.
9.2 Exclusion of Consequential and Related Damages. IN NO EVENT SHALL EITHER PARTY HAVE ANY LIABILITY TO
THE OTHER PARTY FOR ANY LOST PROFITS OR REVENUES OR FOR ANY INDIRECT, SPECIAL, INCIDENTAL,
CONSEQUENTIAL, COVER OR PUNITIVE DAMAGES HOWEVER CAUSED, WHETHER IN CONTRACT, TORT OR
UNDER ANY OTHER THEORY OF LIABILITY, AND WHETHER OR NOT THE PARTY HAS BEEN ADVISED OF
THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING DISCLAIMER SHALL NOT APPLY TO THE EXTENT
PROHIBITED BYAPPLICABLE LAW.
10. TERM AND TERMINATION
10.1 Term of Agreement. This Agreement commences on the Effective Date and continues until all User subscriptions granted in
accordance with this Agreement have expired orbeen terminated.
10.2 Term of User Subscriptions. User subscriptions commence on the start date specified in the applicable Order Form and
continue for the subscription term specified therein. Except as otherwise specified in the applicable Order Forni, all User
subscriptions shall automatically renew for additional periods equal to the expiring subscription tenn or one year(whichever is
shorter), unless either party gives the other notice of non-renewal at least 30 days before the end of the relevant subscription
term. The per-unit pricing during any automatic renewal term shall be the same as that during the immediately prior term
unless SFDC has given Customer written notice of a pricing increase at least 60 days before the end of such prior term, in
which case the pricing increase shall be effective upon renewal and thereafter. Any such pricing increase shall not exceed 7%
of the pricing for the relevant Services in the immediately prior subscription tenn, unless the pricing in such prior term was
designated in the relevant Order Form as promotional or one-time.
10.3 Termination for Cause. A party may teriinate this Agreement for cause(i)upon 30 days' written notice to the other party of
a material breach if such breach remains uncured at the expiration of such period,or(ii) if the other party becomes the subject
ofa petition in bankruptcy or any otherproceeding relating to insolvency,receivership,liquidation or assignment for the benefit
of creditors.
10.4 Refund or Payment upon Termination. Upon any termination for cause by Customer, SFDC shall refund Customer any
prepaid fees covering die remainder of the tern of all subscriptions after the effective date of tennination. Upon any
termination for cause by SFDC, Customer shall pay any unpaid fees covering the remainder of the term of al I Order Forms after
the effective date of tennination. In no event shall any termination relieve Customer of the obligation to pay any fees payable
to SFDC for the period prior to the effective date of termination.
Agreement#00000910.0 Page 5 of 7 CONFIDENTIAL
DocuSign Envelope ID: 7CBC046F-B9B3AD1D-A86C-019D457B5DA8
10.5 Return of Customer Data. Upon request by Customer made within 30 days after the effective date of termination, SFDC will
snake available to Customer for download a file of Customer Data in comma separated value (.csv) format along with
attachments in their native format. After such 30-day period, SFDC shall have no obligation to maintain or provide any
Customer Data and shall thereafter, unless legally prohibited, delete all Customer Data in its systems or otherwise in its
possession or under its control.
10.6 Surviving Provisions. The sections titled "Fees and Payment," "Proprietary Rights," "Confidentiality," "Warranties and
Disclaimers," "Mutual Indemnification," "Limitation of Liability," "Refund or Payment upon Tennination," "Return of
Customer Data," "Surviving Provisions" and "General Provisions" shall survive any termination or expiration of this
Agreement.
11. GENERAL PROVISIONS
11.1 Export Compliance. The Services, other SFDC technology, and derivatives thereof may be subject to export laws and
regulations of the United States and other jurisdictions. Each of SFDC and Customer represents that it is not named on any
U.S. government denied-party list. Customer shall not permit Users to access or use Services in a U.S.-embargoed country
(currently Cuba,Iran, North Korea, Sudan or Syria)or in violation of any U.S. export law or regulation.
11.2 Anti-Corruption. Customerhas not received or been offered any illegal or improper bribe, kickback,payment,gift,or thing of
value from a SFDC employee or agent in connection with this Agreement. Reasonable gifts and entertainment provided in the
ordinary course of business do not violate the above restriction. If Customer leams of any violation of the above restriction, it
will use reasonable efforts to promptly notify SFDC's Legal Department (le alg co iMI iance ,s ales force.com).
11.3 Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership,franchise,
joint venture,agency,fiduciary or employment relationship between the parties.
11.4 No Third-Party Beneficiaries. There are no third-party beneficiaries to this Agreement.
11.5 Notices. Except as otherwise specified in this Agreement, all notices,permissions and approvals hereunder shall be in writing
and shall be deemed to have been given upon: (i)personal delivery,(ii)the second business day after mailing, (iii) the second
business day afler sending by confirmed facsimile,or(iv),except for notices of termination or an indemnifiable claim("Legal
Notices"), the first business day after sending by email. Notices to SFDC shall be addressed to the attention of its VP,
Worldwide Sales Operations,with a copy to its General Counsel,at salesforce.corn, inc., The Landmark at One Market, Suite
300, San Francisco, California 94105; fax (415) 901-7040. Billing-related notices to Customer shall be addressed to the
relevant billing contact designated by Customer, and Legal Notices to Customer shall be addressed to Customer and be clearly
identified as Legal Notices. All other notices to Customer shall be addressed to the relevant Services system administrator
designated by Customer.
11.6 Waiver. No failure or delay by either party in exercising any right under this Agreement shall constitute a waiver of that right.
11.7 Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the
provision shall be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the
fullest extent permitted by law,and the remaining provisions of this Agreement shall remain in effect.
11.8 Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise,
without the prior written consent of the other party (not to be unreasonably withheld). Notwithstanding the foregoing,either
party may assign this Agreement in its entirety(including all Order Forms), without consent of the other party,to its Affiliate or
in connection with a merger, acquisition, corporate reorganisation, or sale of all or substantially all of its assets not involving a
direct competitor of the other party. A party's sole remedy for any purported assignment by the other party in breach of this
paragraph shall be, at the non-assigning party's election, termination of this Agreement upon written notice to the assigning
party. In the event of such a termination, SFDC shall refund Customer any prepaid fees covering the remainder of the tern of
all subscriptions after the effective date of termination. Subject to the foregoing, this Agreement shall bind and inure to the
benefit of the parties,their respective successors and pernvtted assigns.
11.9 Governing Law. This Agreement, and any disputes arising out of or related hereto, shall be governed exclusively by the
internal laws of the State of California, without regard to its conflicts of laws rules or the United Nations Convention on the
International Sale of Goods.
11.10 Venue; Waiver of Jury Trial. The state and federal courts located in San Francisco County,California shall have exclusive
jurisdiction to adjudicate any dispute arising out of or relating to this Agreement. Each party hereby consents to the exclusive
jurisdiction of such courts. Each party also hereby waives any right to jury trial in connection with any action or litigation in
any way arising out of or related to this Agreement.
11.11 Entire Agreement. This Agreement, including all exhibits and addenda hereto and all Order Forms, constitutes the entire
agreement between the parties and supersedes all prior and contemporaneous agreements,proposals or representations, written
Agreement#00000910.0 Page 6 of 7 CONFIDENTIAL
DocuSign Envelope ID: 7CBC046F-B9B3-4D1D-A86C-019D457B5DA8
or oral, concerning its subject matter. Without limiting the foregoing, this Agreement supersedes the terms of any online
Master Subscription Agreement electronically accepted by Customer. No modification,amendment,or waiver of any provision
of this Agreement shall be effective unless in writing and signed by the party against whom the modification, amendment or
waiver is to be asserted. However, to the extent of any conflict or inconsistency between the provisions in the body of this
Agreement and any exhibit or addendum hereto or any Order Form, the terms of such exhibit,addendum or Order Form shall
prevail. Notwithstanding any language to the contrary therein,no terms or conditions stated in a Customer purchase order or in
any other Customer order documentation (excluding Order Forms) shall be incorporated into or form any part of this
Agreement,and all such terms or conditions shall be null and void.
11.12 Counterparts. This Agreement may be executed by facsimile and in counterparts,which taken together shall form one legal
instnurent.
The parties'authorized signatories have duly executed this Agreement as of the Effective Date:
SALES FORCE.COM, INC. StateVl7de Internet Portal AuthoritN (S IPA)
By: CDocusigned by.
zo1-w D �4,Y
Print Name: Chris Herres By: john D Conley
Senior Manager, Sales OperatlonS Print Name:
Title: Title: Executive Director
Date:J my 14,2011 Authority Level: C Level Executive
Date: July 15, 2011
Agreement#00000910.0 Page 7 of 7 CONFIDENTIAL
DocuSign Envelope ID: 6E63989C-8526-4A38-AD3E-F36181A673DF
salesforce
SALESFORCE MARKETING CLOUD AND ADDITIONAL SERVICES ADDENDUM
TO
SALESFORCE.COM MASTER SUBSCRIPTION AGREEMENT
Customer Full Legal Name: Statewide Internet Portal Authority(SIPA)
Date of Master Subscription Agreement: July 15,2011
This Salesforce Marketing Cloud and Additional Services Addendum("Addendum")amends and supplements the Master Subscription
Agreement identified above (the "MSA") between Customer and salesforce.com, inc. ("SFDC"). This Addendum is effective as of the
later of the dates beneath the parties' signatures below(the "Effective Date"). This Addendum applies solely to Salesforce Marketing
Cloud and Additional Services(or"Addendum Services"), as further defined below. Except as otherwise set forth herein, the terms of
the MSA shall apply to the Addendum Services.
1. DEFINITIONS
Capitalized terms used in this Addendum have the meanings given to them below, or if not defined below, then the meanings
given to them in the MSA.
"Addendum Services"mean the products and services offered by SFDC identified at www.salesforce.com that are ordered by
Customer under an Order Form or through an online ordering center and made available online by SFDC or its Affiliates,
including associated SFDC offline or mobile components, as described in the Documentation. As of the Effective Date such
products and services are those offered under the names "Buddy Media", "Data.com", "Desk.com", "ExactTarget", "Heroku",
"Pardot", "Predictive Intelligence", "Radian6", "SalesforceiQ", "Social Studio", "Social.com", "SteelBrick" or successor
branding. "Addendum Services" exclude Content, Non-SFDC Applications, any professional services, and any other SFDC
Affiliate products or Services which are expressly provided under a separate agreement between Customer and SFDC or an
SFDC Affiliate. All references to "Services" in the MSA are deemed to mean "Addendum Services" for purposes of this
Addendum,except as otherwise provided herein.
"Agreement"shall mean the MSA and this Addendum collectively.
"Beta Services" means SFDC services or functionality that may be made available to Customer to try at its option at no
additional charge which is clearly designated as beta, pilot, limited release, developer preview, non-production, evaluation, or
by a similar description.
"Content"means information obtained by SFDC from publicly available sources or its third party content providers and made
available to Customer through the Addendum Services, Beta Services or pursuant to an Order Form,as more fully described in
the Documentation.
"Customer Data" means electronic data and information submitted by or for Customer to the Addendum Services, excluding
Content and Non-SFDC Applications.
"Documentation" means the applicable Addendum Service's Trust and Compliance documentation, and its usage guides and
policies, as updated from time to time, accessible via help.salesforce.com or login to the applicable Addendum Service. All
references to"User Guide"in the MSA shall mean"Documentation"for the purposes of this Addendum.
"Marketplace" means an online directory, catalog or marketplace of applications that interoperate with the Services,
including, for example, the AppExchange located at litip://www.salesforce.coiiVappexcliange, ExactTarget's HubExchange
located at https://hubexchange.exacttarget.com/, or the Heroku add-ons catalog located at https://addois.herokLl.Com/, and any
successor websites.
2016-03-01 (AMER) Page 1 of CONFIDENTIAL
DocuSign Envelope ID:6E63989C-8526-4A38-AD3E-F36181A673DF
"Non-SFDC Application" means a Web-based, mobile, offline or other software application functionality that is provided by
Customer or a third party and interoperates with an Addendum Service, including, for example, an application that is
developed by or for Customer, is listed on a Marketplace,or is identified as Salesforce Labs or by a similar designation.
2. RESPONSIBILITIES
2.1 SFDC Responsibilities. In addition to its responsibilities under the MSA, SFDC will make the Addendum Services and
Content available to Customer pursuant to this Addendum, the Documentation, and the applicable Order Forms. SFDC's
obligation to use commercially reasonable efforts to make the online Addendum Services available 24 hours a day, 7 days a
week, excludes, in addition to the exclusions in Section 2.3 of the MSA, any unavailability caused by a third party hosting
provider or Non-SFDC Application. SFDC's obligation to provide notice of planned downtime shall be advance, electronic
notice as provided in the Documentation. For the avoidance of doubt, any obligation of SFDC to provide the Addendum
Services in accordance with laws and government regulations is for such laws and government regulations applicable to SFDC
in its provision of the Addendum Services generally, and subject to Customer's use of the Addendum Services in accordance
with the Agreement,the Documentation and Order Forms,as applicable.
2.2 SFDC Protection of Customer Data. In addition to its obligations under the MSA, Customer shall only submit to the
Addendum Services, and use the Addendum Services to collect, store and/or process, Customer Data in a manner that is
permitted in the applicable Documentation or Order Form and by applicable laws and government regulations. SFDC currently
provides the Addendum Services and stores Customer Data at facilities and on technology infrastructure different from those
used by SFDC for its Force.com platform-based services. SFDC will maintain administrative, physical and technical
safeguards for protection of the security, confidentiality and integrity of Customer Data as described in the Documentation.
Those safeguards will include, but will not be limited to, measures for preventing access, use, modification or disclosure of
Customer Data by SFDC personnel except (a) to provide the Addendum Services and prevent or address service or technical
problems, (b)as compelled by law in accordance with the confidentiality terms of the Agreement, or(c)as expressly permitted
in writing by Customer. The terms of the data processing addendum at littp://www.sfdcstatic.conyassets/pdf/mise/data-
processing-addendum.pdf("DPA") are hereby incorporated by reference and shall apply to the extent Customer Data includes
Personal Data, as defined in the DPA. To the extent Personal Data from the European Economic Area (EEA) and Switzerland
are processed by SFDC, its Processor Binding Corporate Rule and/or the Standard Contractual Clauses in Attachment 1 to the
DPA shall apply, as further set forth in the DPA. For the purposes of the Standard Contractual Clauses, Customer and its
applicable Affiliates are each the data exporter, and Customer's execution of this Addendum, and an applicable Affiliate's
execution of an Order Form, shall be treated as its execution of the Standard Contractual Clauses and their Appendices. SFDC
MAKES NO REPRESENTATION OR WARRANTY REGARDING COMPLIANCE WITH SPECIFIC LAWS OR
GOVERNMENTAL REGULATIONS IN PROVIDING THE ADDENDUM SERVICES, INCLUDING COMPLIANCE
WITH DATA PROTECTION LAWS AND REGULATIONS AS SET FORTH IN THE DPA, TO THE EXTENT THE
DOCUMENTATION PROHIBITS CUSTOMER FROM SUBMITTING DATA SUBJECT TO SUCH LAWS OR
REGULATIONS TO AN APPLICABLE ADDENDUM SERVICE. BETA SERVICES ARE PROVIDED "AS IS" AND AS
AVAILABLE, EXCLUSIVE OF ANY WARRANTY OR AVAILABILITY COMMITMENT WHATSOEVER. EACH
PARTY DISCLAIMS ALL LIABILITY AND INDEMNIFICATION OBLIGATIONS FOR ANY HARM OR DAMAGES
CAUSED BY ANY THIRD-PARTY HOSTING PROVIDERS.
2.3 Beta Services. From time to time, SFDC or its Affiliates may make Beta Services available to Customer at no charge.
Customer may choose to try such Beta Services or not in its sole discretion. Beta Services are intended for evaluation
purposes, and not for production use, are not supported, and may be subject to additional terms. Beta Services are not
considered "Addendum Services" under this Addendum, however, all restrictions, SFDC reservation of rights and Customer
obligations concerning the Addendum Services, and use of any related Non-SFDC Applications and Content, shall apply
equally to Customer's use of Beta Services. Unless otherwise stated,any Beta Services trial period will expire upon the earlier
of one year from the trial start date or the date that a version of the Beta Services becomes generally available without the
applicable Beta Services designation. SFDC may discontinue Beta Services at any time in its sole discretion and may never
make them generally available. SFDC will have no liability for any harm or damage arising out of or in connection with a Beta
Service.
3. USE OF ADDENDUM SERVICES AND CONTENT
3.1 Usage Limits. Addendum Services and Content are subject to usage limits specified in Order Forms or Documentation.
Unless otherwise specified, (a) a quantity in an Order Form refers to Users, and the Addendum Service or Content may not be
accessed by more than that number of Users,(b)a User's password may not be shared with any other individual,and(c) except
as set forth in an Order Form, a User identification may be reassigned to a new individual replacing one who will no longer use
the Addendum Service or Content. If Customer exceeds a contractual usage limit, SFDC may work with Customer to seek to
2016-03-01 (AMER) Page 2 of CONFIDENTIAL
DocuSign Envelope ID:6E63989C-8526-4A38-AD3E-F36181A673DF
reduce Customer's usage so that it conforms to that limit. If, notwithstanding SFDC's efforts,Customer is unable or unwilling
to abide by a contractual usage limit, Customer will execute an Order Form for additional quantities of the applicable
Addendum Services or Content promptly upon SFDC's request,and/or pay any invoice for excess usage in accordance with the
"Invoicing and Payment"section of the MSA.
3.2 Customer Responsibilities. Customer will: (a) be responsible for Users' compliance with this Addendum, Documentation
and Order Forms, (b) use commercially reasonable efforts to prevent unauthorized access to or use of Content, and notify
SFDC promptly of any such unauthorized access or use, (c) use Content only in accordance with the Agreement, the
Documentation, Order Forms and applicable laws and government regulations, and (d) comply with terms of service of any
Non-SFDC Applications with which Customer uses Addendum Services or Content. Customer will not: (i) make the
Addendum Services or Content available to, or use the Addendum Services or Content for the benefit of, anyone other than
Customer or Users, unless expressly stated otherwise in an Order For n or the Documentation, (ii) sell, resell, license,
sublicense, distribute, make available, rent or lease the Addendum Services or Content, or include the Addendum Services or
Content in a service bureau or outsourcing offering, (iii) use the Addendum Services or Non-SFDC Application to store or
transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-
party privacy rights, (iv) use the Addendum Services or any Non-SFDC Application to store or transmit Malicious Code, (v)
interfere with or disrupt the integrity or performance of the Addendum Services or third-party data contained therein, (vi)
attempt to gain unauthorized access to the Addendum Services or Content or its related systems or network, (vii) permit direct
or indirect access to or use of the Addendum Services or Content in a way that circumvents a contractual usage limit, or use
any of Addendum Services to access or use any SFDC intellectual property except as permitted under this Addendum,an Order
Form, or the Documentation, (viii) copy the Addendum Services or any part, feature, function or user interface thereof, (ix)
copy Content, except as permitted herein or in an Order Form or the Documentation, (x) frame or mirror any part of any
Addendum Services or Content, other than framing on Customer's own intranets or otherwise for its own internal business
purposes, or as permitted in the Documentation, (xi)reverse engineer the Addendum Services (to the extent such restriction is
permitted by law), or (xii) access any Addendum Services or Content in order to build a competitive product or service or to
benchmark with a non-SFDC product or service. Customer's or a User's intentional violation of the foregoing, or any use of
the Addendum Services in breach of the Agreement, Documentation or Order Forms, by Customer or Users that in SFDC's
judgment imminently threatens the security, integrity or availability of SFDC's services, may result in SFDC's immediate
suspension of the Addendum Services. SFDC will use commercially reasonable efforts under the circumstances to provide
Customer with an opportunity to remedy such violation or threat prior to any such suspension.
3.3 External-Facing Services. If Customer subscribes to any Addendum Services for sending electronic messages or for the
creation and hosting of, or for posting content on, external-facing websites, such use is subject to SFDC's External-Facing
Services Policy at littp://www.salesforce.coni/company/leg it/agreements.isi), as may be applicable to an Addendum Service
and Customer is solely responsible for complying with applicable law in its use of any cookies or other tracking technologies.
3.4 Removal of Content and Non-SFDC Applications. If SFDC is required by a licensor or any third party rights holder to
remove Content, or receives information that Content provided to Customer may violate applicable law or third-party rights,
SFDC may discontinue Customer's access to such Content through the Addendum Services,and/or may notify Customer that it
must discontinue all use of such Content, and to the extent not prohibited by law Customer will do so and promptly remove
such Content from its systems. If SFDC receives information that a Non-SFDC Application used with an Addendum Service
by Customer may violate SFDC's External-Facing Services Policy or applicable law or third-party rights, SFDC may so notify
Customer and in such event Customer will promptly disable such Non-SFDC Application or modify the Non-SFDC
Application to resolve the potential violation. if Customer does not take required action in accordance with the above, SFDC
may disable the applicable Content, Addendum Service and/or Non-SFDC Application until the potential violation is resolved.
If so requested by SFDC, Customer shall certify such deletion and discontinuance of use in writing and SFDC shall be
authorized to provide a copy of such certification to any such third party claimant or governmental authority,as applicable.
4. NON-SFDC APPLICATIONS
In addition to the provisions regarding Non-SFDC Applications or Non-SFDC Providers, the following terms shall apply with
respect to the Addendum Services:
4.1 Acquisition of Non-SFDC Products and Services. SFDC or third parties may make available (for example, through the
Marketplace, or otherwise) third-party products or services, including, for example, Non-SFDC Applications and
implementation and other consulting services. Any acquisition by Customer of such products or services,and any exchange of
data between Customer and any non-SFDC provider, product or service is solely between Customer and the applicable non-
SFDC provider. SFDC does not warrant or support Non-SFDC Applications or other non-SFDC products or services,whether
or not they are designated by SFDC as"certified"or otherwise unless expressly provided otherwise in and Order Form.
2016-03-01 (AMER) Page 3 of 5 CONFIDENTIAL
DocuSign Envelope ID:6E63989C-8526-4A38-AD3E-F36181A673DF
4.2 Non-SFDC Applications and Customer Data. If Customer chooses to use a Non-SFDC Application with an Addendum
Service, Customer grants SFDC permission to allow the Non-SFDC Application and its provider to access Customer Data as
required for the interoperation of that Non-SFDC Application with the Addendum Services. SFDC is not responsible for any
disclosure, modification or deletion of Customer Data resulting from access by such Non-SFDC Application or its provider.
4.3 Integration with Non-SFDC Applications. The Addendum Services may contain features designed to interoperate with Non-
SFDC Applications. To use such features, Customer may be required to obtain access to such Non-SFDC Applications from
their providers, and may be required to grant SFDC access to Customer's account(s)on such Non-SFDC Applications. SFDC
cannot guarantee the continued availability of such Addendum Service features, and may cease providing them without
entitling Customer to any refund, credit, or other compensation, if for example and without limitation, the provider of a Non-
SFDC Application ceases to make the Non-SFDC Application available for interoperation with the corresponding Addendum
Service features in a manner acceptable to SFDC.
5. PROPRIETARY RIGHTS AND LICENSES
5.1 Ownership and Use of Customer Data. In addition to any rights under the MSA, Customer grants SFDC, its Affiliates and
applicable contractors a worldwide, limited-tern license to host, copy, transmit and display Customer Data, and any Non-
SFDC Applications and program code created by or for Customer using the Addendum Services or for use by Customer with
the Addendum Services, as necessary for SFDC to provide the Addendum Services in accordance with the Agreement and the
Documentation. Subject to the limited licenses granted herein, SFDC acquires no right, title or interest from Customer or its
licensors under the Agreement in or to any Customer Data,Non-SFDC Application or such program code. The process for the
deletion and return of Customer Data stored in Addendum Services shall be as set forth in the applicable Addendum Services'
Documentation,notwithstanding Section 10.5 of tine MSA("Return of Customer Data").
5.2 Access to and Use of Content. SFDC, its licensors and Content providers reserve all of their respective right, title and interest
in and to the Content, including all of their related intellectual property rights. No rights are granted to Customer hereunder
other than as expressly set forth herein. None of SFDC's obligations in the MSA apply to Content, except as expressly set
forth as applicable to Content in this Addendum. Customer has the right to access and use applicable Content subject to the
terms of applicable Order Forms, this Agreement and the Documentation. CONTENT IS PROVIDED "AS IS," "AS
AVAILABLE"AND EXCLUSIVE OF ANY WARRANTY WHATSOEVER.
5.3 License by Customer to Use Feedback. Additionally, Customer grants to SFDC and its Affiliates a worldwide, perpetual,
irrevocable, royalty-free license to use and incorporate into its services or other SFDC or SFDC Affiliate products or services
any suggestion,enhancement request,reconnunendation,correction or other feedback provided by Customer or Users relating to
the operation of SFDC's or its Affiliates' services.
6. INDEMNIFICATION AND LIMITATION OF LIABILITY.
6.1 Additional Terms for Indemnification by SFDC. In addition to SFDC's indemnity obligations under the MSA, if SFDC
receives information about an infringement or misappropriation claim related to an Addendum Service, SFDC may in its
discretion and at no cost to Customer (a) modify the Addendum Services so that they are no longer claimed to infringe or
misappropriate, without breaching SFDC's warranties under Section 7.1 ("SFDC Warranties")of the MSA, (b)obtain a license
for Customer's continued use of that Addendum Service in accordance with this Addendum, or (c) terminate Customer's
subscriptions for that Addendum Service upon 30 days' written notice and refund Customer any prepaid fees covering the
remainder of the term of the terminated subscriptions. SFDC shall have no indemnity obligation to Customer to the extent any
Claim Against Customer arises from Content, a Non-SFDC Application, or Customer's breach of the Agreement, the
Documentation or applicable Order Forms.
6.2 Additional Terms for Indemnification by Customer. In addition to Customer's indemnity obligations under the MSA, a
"Claim Against SFDC" under Section 8.2 of the MSA shall also include any claim, demand, suit or proceeding made or
brought against SFDC by a third party arising from Customer's use of an Addendum Service or Content in breach of the
Agreement,the Documentation, Order Form or applicable law.
6.3 Exclusive Remedy. The indemnification obligations set forth in Section 8 of the MSA,as modified by Sections 6.1 and 6.2 of
this Addendum, state the indemnifying party's sole liability to, and the indemnified party's exclusive remedy against, the other
party for any type of claim described in the indemnity sections of the Agreement.
2016-03-01 (AMER) Page 4 of 5 CONFIDENTIAL
DocuSign Envelope ID: 6E63989C-8526-4A38-AD3E-F36181A673DF
7. GENERAL PROVISIONS
7.1 Survival. The sections titled "Restrictions", "Ownership and Use of Customer Data", "Content", "Removal of Content and
Non-SFDC Applications", "Indemnification and Limitation of Liability," and "General Provisions" shall survive any
termination or expiration of this Addendum.
7.2 Entire Agreement; Order of Precedence. This Addendum,combined with the MSA, is the entire agreement between SFDC
and Customer regarding Customer's use of the Addendum Services and Content and supersedes all prior and contemporaneous
agreements, proposals or representations, written or oral, concerning its subject matter. In the event of any conflict or
inconsistency among the following documents,the order of precedence shall be: (1)the applicable Order Form,(2)any exhibit,
schedule or addendum to this Addendum, (3) the body of this Addendum, (4) the body of the MSA, and (5) the
Documentation. No exhibits, schedules or other addendum to the MSA shall apply to Addendum Services. Subject to the
modifications herein applicable solely to the Addendum Services,the MSA remains in full force and effect.
7.3 Counterparts. This Addendum may be executed electronically,by facsimile and in counterparts.
The parties' authorized signatories have duly executed this Addendum as of the Effective Date.
SALESFORCE.COM,INC. CUSTOMER
DocuSigned by:
J
Mb LA, tA,�11 6-�,
ocuSigned by:
By: By: ry0w..-%1A n.
Joslyn Lacy 4F4D`YBWsarrowsmith
Print Name: Print Name:
Title:
Manager, order Management Title: Executive Director
Date:
11/30/2016 Date: January 19, 2017
2016-03-01 (AMER) Page 5 of 5 CONFIDENTIAL