RESOLUTEGUARD LLC, a New Jersey limited liability company, with offices located at 417 Crescent Parkway, Sea Girt, New Jersey 08750 (“Service Provider”) provides information technology services, including those services presently provided to you (“Member” or “Customer”) and/or those services described in a Contact/Order Form (the “Order Form”) (collectively, the “Services”), which if applicable, is incorporated as if set forth fully herein.  Customer is a member of Alliance of Schools for Cooperative Insurance Programs, hereinafter referred to as “ASCIP” and desires to retain Service Provider to provide the Services. By receiving the Services from Service Provider, Client agrees and understand that all Services are bound by the following terms and conditions (these “Terms and Conditions”)

1. Services. ASCIP has within its membership California public entities to whom it provides multiple liability coverages, property coverages, claim services, and public entity safety programs. Service Provider is in the business of providing cyber risk management services to public entities. Service Provider shall provide certain services to Member as set forth in Exhibit A (the “Services”), which is attached to these Terms and Conditions and incorporated as if set forth fully herein.
   
   
2. Fees and Expenses. For the Services to be performed hereunder, ASCIP shall pay to Service Provider, on behalf of the Member the fixed fee for Member as set forth in that certain Service Agreement by and between Service Provider and ASCIP dated August 1, 2023 (the “ASCIP Service Agreement”) (collectively, the “Fees”).
   
   
3. Member’s Obligations. Member represents and warrants to Service as follows:
   
   
   1. Member will cooperate with Service Provider in all matters relating to the Services and appoint a Member employee to serve as the primary contact with respect to these Terms and Conditions and who will have the authority to act on behalf of Member with respect to matters pertaining to these Terms and Conditions (the “Member Contract Manager”). Service Provider will be entitled to rely upon directions and guidance from the Member Contract Manager until Service Provider is affirmatively made aware of a change of status of the Member Contract Manager;
      
      
   2. Member shall ensure that Service Provider has such access to Member’s equipment and networks (collectively, the “Environment”) as may reasonably be requested by Service Provider for the purposes of performing the Services. Without limiting the generality of the foregoing, Member hereby grants to Service Provider the right to monitor, diagnose, manipulate, communicate with, retrieve information from, and otherwise access the Member’s Environment to enable Service Provider to provide the Services. Member acknowledges that Service Provider may be required to install one or more software agents into Member’s Environment through which such access may be enabled;
      
      
   3. Member shall respond promptly to any Service Provider request to provide direction, information, approvals, authorizations, or decisions that are reasonably necessary for Service Provider to perform Services in accordance with the requirements of these Terms and Conditions. It being understood that if Service Provider’s performance of its obligations under these Terms and Conditions is prevented or delayed by any act or omission of Member, its agents, subcontractors, consultants, or employees, Service Provider shall not be deemed in breach of its obligations under these Terms and Conditions or otherwise liable for any costs, charges, or losses sustained or incurred by Member, in each case, to the extent arising directly or indirectly from such prevention or delay.
      
      
   4. Member shall comply fully with all reasonable specifications, rules, regulations, and policies governing the Services provided to Member by Service Provider. Such rules, regulations and policies shall be subject to change from time to time in Service Provider’s sole discretion;
      
      
   5. Member, and not Service Provider, is responsible for Member’s own compliance with all applicable laws, including all confidentiality and security requirements, including, but not limited to such requirements of the FERPA, HIPAA, and the USA Patriot Act. The Services are not intended, and will not be used, to bring Member into full regulatory compliance with any law, rule, regulation, or requirement that may be applicable to Member’s business or operations. The Services may aid Member’s efforts to fulfill regulatory compliance; however, the Services are not (and should not be used as) as a compliance solution;
      
      
   6. Service Provider may provide Member with specific advice and directions related to the Services (“Advice”). Member is strongly advised to follow Advice which, depending on the situation, may require Member to make additional purchases or investments in its Environment at its sole cost. Member acknowledges and agrees that Service Provider is not responsible for any problems or issues (such as downtime or security-related issues) caused by Member’s failure to promptly follow Advice. If, in Service Provider’s discretion, Member’s failure to follow Advice renders part or all of the Services economically or technically unreasonable to provide, then Service Provider may terminate all or a portion of the Services.
4. Intellectual Property. All intellectual property rights, including copyrights, patents, patent disclosures and inventions (whether patentable or not), trademarks, service marks, trade secrets, know-how, and other confidential information, trade dress, trade names, logos, corporate names and domain names, together with all of the goodwill associated therewith, derivative works and all other rights (collectively, “Intellectual Property Rights”) in and to all documents, work product and other materials that are delivered to Member under these Terms and Conditions or prepared by or on behalf of Service Provider in the course of performing the Services (collectively, the “Deliverables”) except for any Confidential Information of Member or Member-provided materials shall, as between Member and Service Provider, be owned exclusively by Service Provider. Service Provider . Service Provider hereby grants Member a license (or if applicable, a sublicense) to use all Intellectual Property Rights in the Deliverables free of additional charge (other than the Fees) and on a non-exclusive, worldwide, non-transferable, non-sublicensable, fully paid-up, royalty-free and perpetual basis, solely to the extent necessary to enable Member to make reasonable use of the Deliverables and the Services. Service Provider hereby grants Member a license (or if applicable, a sublicense) to use all Intellectual Property Rights in the Deliverables free of additional charge (other than the fees) and on a non-exclusive, world-wide, non-transferable*, non-sub licensable*, fully paid up, royalty free and perpetual basis, sorely to the extent necessary to enable Member to make reasonable use of the Deliverables and the Services.
   
   *Except in the event of Member’s merger, acquisition, or divestiture.
   
   
5. Confidentiality. From time to time during the Term of these Terms and Conditions, either party (as the “Disclosing Party”) may disclose or make available to the other party (as the “Receiving Party”), non-public, proprietary, and confidential information of Disclosing Party that, any information that a reasonable person would regard as, know, or should understand to be confidential or proprietary, including but not limited to (a) if disclosed in writing or other tangible form is clearly labeled as “confidential,” or (b) if disclosed orally, is identified as confidential when disclosed and within ten (10) days thereafter, is summarized in writing and confirmed as confidential (“Confidential Information”); provided, however, that Confidential Information does not include any information that: (a) is or becomes generally available to the public other than as a result of Receiving Party’s breach of this Section 5; (b) is or becomes available to the Receiving Party on a non-confidential basis from a third-party source, provided that such third party is not and was not prohibited from disclosing such Confidential Information; (c) was in Receiving Party’s possession prior to Disclosing Party’s disclosure hereunder; or (d) was or is independently developed by Receiving Party without using any Confidential Information. The Receiving Party shall: (x) protect and safeguard the confidentiality of the Disclosing Party’s Confidential Information with at least the same degree of care as the Receiving Party would protect its own Confidential Information, but in no event with less than a commercially reasonable degree of care; (y) not use the Disclosing Party’s Confidential Information, or permit it to be accessed or used, for any purpose other than to exercise its rights or perform its obligations under these Terms and Conditions; and (z) not disclose any such Confidential Information to any person or entity, except to the Receiving Party’s Group who need to know the Confidential Information to assist the Receiving Party, or act on its behalf, to exercise its rights or perform its obligations under these Terms and Conditions. If the Receiving Party is required by applicable law or legal process to disclose any Confidential Information, it shall, prior to making such disclosure, use commercially reasonable efforts to notify Disclosing Party of such requirements to afford Disclosing Party the opportunity to seek, at Disclosing Party’s sole cost and expense, a protective order or other remedy. For purposes of this Section 5 only, Receiving Party’s Group shall mean the Receiving Party’s affiliates and its or their employees, officers, directors, shareholders, partners, members, managers, agents, independent contractors, service providers, sublicensees, subcontractors, attorneys, accountants, and financial advisors. Unless otherwise agreed or dictated by the ASCIP Member, ASCIP shall receive a copy of the final Deliverables (if any) inclusive of any findings thereto.Provided however, this Section 5 shall not prohibit or otherwise prevent Service Provider from extracting, compiling, synthesizing, and analyzing data provided by Member to Service Provider in connection with the delivery of the Services to the extent such data or information does not identify or is otherwise attributable to Member and/or the ASCIP’s operations, systems, networks, or any person.
   
   Certain Information provided by ResoluteGuard contains documentation on the design and deployment of your network and should be protected as Tier 1 Confidential Information. ResoluteGuard transfers Tier 1 information via a secure transfer that meets NIST-CSF controls. Your Cybersecurity Officer or Designated Contact should be sure to store, secure, provide access, process and/or transmit this information as they do other electronic Tier 1 Confidential information.
   
   
6. Term. These Terms and Conditions shall commence as of the start date noted in the Order Form and, unless otherwise set forth in the Order Form, sooner terminated as provided in these Terms and Conditions, will remain in full force and effect for an initial term equal to one (1) year from the Effective Date (the “Initial Term”) after which the term shall automatically renew for additional twelve (12) month periods (collectively with the Initial Term, the “Term”) unless a party provides written notice to the other party of that party’s intention to not renew these Terms and Conditions at least thirty (30) days prior to the expiration of the then current Term. In the event of termination, under any provision of these Terms and Conditions, Service Provider shall provide any services required to be performed under the Agreement which have been funded by the ASCIP pursuant to the ASCIP Service Agreement.
   
   
7. Termination. Either party may terminate these Terms and Conditions, effective upon written notice to the other party (the “Defaulting Party”), if the Defaulting Party: (a) materially breaches these Terms and Conditions, and such breach is incapable of cure, or with respect to a material breach capable of cure, the Defaulting Party does not cure such breach within thirty (30) days after receipt of written notice of such breach; (b) becomes insolvent or admits its inability to pay its debts generally as they become due; (c) becomes subject, voluntarily or involuntarily, to any proceeding under any domestic or foreign bankruptcy or insolvency law, which is not fully stayed within seven (7) business days or is not dismissed or vacated within forty-five (45) days after filing; (d) is dissolved or liquidated or takes any corporate action for such purpose; (e) makes a general assignment for the benefit of creditors; or (f) has a receiver, trustee, custodian, or similar agent appointed by order of any court of competent jurisdiction to take charge of or sell any material portion of its property or business. Notwithstanding anything to the contrary in this section, Service Provider may terminate these Terms and Conditions before the expiration date of the Term on written notice if ASCIP fails to pay any amount when due under the ASCIP Service Agreement.
   
   
8. Termination Without Cause. Either party may terminate these Terms and Conditions for any reason at any time, without penalty, by giving the other party sixty (60) days advance written notice.
   
   
9. Independent Contractor. The details of the method and manner for performance of the Services by Service Provider shall be under its own control, Member being interested only in the results thereof. The Service Provider shall be solely responsible for supervising, controlling, and directing the details and manner of the completion of the Services. Nothing in these Terms and Conditions shall give Member (or ASCIP) the right to instruct, supervise, control, or direct the details and manner of the completion of the Services. Service Provider is for all purposes hereunder an independent contractor and in no event will Service Provider be considered an agent or employee of Member or ASCIP or any of their subsidiaries or affiliates for any purpose.
   
   
10. Limited Warranty. Service Provider warrants that it shall perform the Services, which includes the delivery of a vulnerability assessment to Member, in a timely, workmanlike, and professional manner in accordance with generally recognized industry standards for similar services. Additionally, Service Provider represents and warrants that any Services, Deliverables, or products created from these Terms and Conditions and software or products used in the execution of such are owned by the Service Provider or the Service Provider has secured licensing and permissions for such. SERVICE PROVIDER (a) MAKES NO WARRANTIES EXCEPT FOR THAT SET OUT ABOVE; AND (b) DISCLAIMS ALL OTHER WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Except as specified herein, without limiting the generality of the foregoing, Service Provider makes no representations or warranties with respect to any third party software or Deliverables provided to Member with respect to the Services, nor does Service Provider provide to Member any representations, warranties, assurances or promises that Member’s operations during or following the delivery of the Services will meet any or all regulatory compliance requirements (or other requirements of applicable laws). Service Provider’s sole and exclusive liability and Member’s sole and exclusive remedy for breach of the limited warranty set out in this Section shall be reperformance of the affected Services. If Service Provider cannot reperform the Services in compliance with the warranty set forth above within a reasonable time (but no more than thirty (30) days) after Member’s written notice of such breach, Member may, at its option, terminate the Agreement by serving written notice of termination in accordance with Section 7. Service Provider shall not have any obligation to refund to Member or ASCIP any portion of the fees previously paid by ASCIP as of the date of termination corresponding to the defective Services, except for any fee’s advanced and / or paid for the period during the breach of the limited warranty.
    
    
11. Limitation of Liability. IN NO EVENT SHALL SERVICE PROVIDER BE LIABLE TO MEMBER OR TO ANY THIRD PARTY (INCLUDING ANY MEMBER) FOR ANY LOSS OF USE, REVENUE, OR PROFIT OR LOSS OF DATA OR DIMINUTION IN VALUE, OR FOR ANY CONSEQUENTIAL, INCIDENTAL, INDIRECT, EXEMPLARY, SPECIAL, OR PUNITIVE DAMAGES WHETHER ARISING OUT OF BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, REGARDLESS OF WHETHER SUCH DAMAGE WAS FORESEEABLE AND WHETHER OR NOT SERVICE PROVIDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, AND NOTWITHSTANDING THE FAILURE OF ANY AGREED OR OTHER REMEDY OF ITS ESSENTIAL PURPOSE. SERVICE PROVIDER’S SOLE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS AND CONDITIONS, WHETHER ARISING OUT OF OR RELATED TO BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, SHALL BE AS SET FORTH IN SECTION 10 ABOVE.
    
    
12. Insurance. Service Provider shall maintain the commercial insurance described in the ASCIP Service Agreement.
    
    
13. Indemnification: To the fullest extent permitted by law but subject to the limitation set forth above in Section 11, Service Provider shall hold harmless, defend at its own expense, and indemnify Member and its officers, employees, agents, and volunteers, against any and all liability, claims, losses, damages, or expenses, including reasonable attorney’s fees, arising from all of the gross negligence or willful misconduct od Service Provider or its officers, agents, or employees in rendering services under these Terms and Conditions; excluding, however, such liability, claims, losses, damages, or expenses arising from Member’s sole negligence or willful acts. These obligations shall survive the completion or termination of these Terms and Conditions.
    
    
14. Choice of Law. These Terms and Conditions and all matters arising out of or relating to these Terms and Conditions, including tort and statutory claims are governed by, and construed in accordance with the laws of the State of New Jersey, without giving effect to any conflict of laws provisions thereof that would result in the application of the laws of a different jurisdiction.
    
    
15. Entire Agreement. These Terms and Conditions, the Order Form, and any attached exhibits or schedules constitute the entire Agreement of the parties with respect to the subject matter hereof and supersedes all prior and contemporaneous written or oral understandings, agreements, representations, and warranties with respect to such subject matter.
    
    
16. Severability. The invalidity, illegality, or unenforceability of any provision herein does not affect any other provision herein or the validity, legality, or enforceability of such provision in any other jurisdiction.
17. Amendment. The parties may not amend these Terms and Conditions except by written instrument signed by the parties.
    
    
18. Waiver. No waiver of any right, remedy, power, or privilege under these Terms and Conditions (“Right(s)”) is effective unless contained in a writing signed by the party charged with such waiver. No failure to exercise, or delay in exercising, any Right operates as a waiver thereof. No single or partial exercise of any Right precludes any other or further exercise thereof or the exercise of any other Right. The Rights under these Terms and Conditions are cumulative and are in addition to any other rights and remedies available at law or in equity or otherwise.
    
    
19. Assignment. Neither party may directly or indirectly assign, transfer, or delegate any of or all of its rights or obligations under these Terms and Conditions, voluntarily or involuntarily, including by change of control, merger (whether or not such party is the surviving entity), operation of law, or any other manner, without the prior written consent of the other party. Any purported assignment or delegation in violation of this Section shall be null and void. These Terms and Conditions is binding upon and inures to the benefit of the parties and their respective successors and permitted assigns. Except for the parties, their successors, and permitted assigns, there are no third-party beneficiaries under these Terms and Conditions (including Members).
    
    
20. Miscellaneous. Any provision that, in order to give proper effect to its intent, should survive the expiration or termination of these Terms and Conditions, will survive such expiration or termination for the period specified therein, or if nothing is specified for a period of twelve (12) months after such expiration or termination. These Terms and Conditions may be executed in counterparts.
    
    
21. Dispute Resolution. Any proceedings to enforce the terms of these Terms and Conditions shall be commenced solely in the Superior Court for the State of California in the County within which the Member is located, or, if the court lacks jurisdiction over the subject matter, in the United States District Court for the Eastern District of California.
    
    
22. Force Majeure. No party shall be liable or responsible to the other party, nor be deemed to have defaulted under or breached these Terms and Conditions, for any failure or delay in fulfilling or performing any term of these Terms and Conditions (except for any obligations of ASCIP to make payments to Service Provider under the ASCIP Service Agreement), when and to the extent such failure or delay is caused by or results from acts beyond the impacted party’s (“Impacted Party”) reasonable control, including, without limitation, the following force majeure events (“Force Majeure Event(s)”): (a) acts of God; (b) flood, fire, earthquake, or explosion; (c) war, invasion, hostilities (whether war is declared or not), terrorist threats or acts, riot or other civil unrest; (d) government order, law, or actions; (e) embargoes or blockades in effect on or after the date of these Terms and Conditions; (f) national or regional emergency; (g) strikes, labor stoppages or slowdowns, or other industrial disturbances; (h) shortage of adequate power or transportation facilities; and (i) other similar events beyond the reasonable control of the Impacted Party. The Impacted Party shall give notice within ten (10) days of the Force Majeure Event to the other party, stating the period of time the occurrence is expected to continue. The Impacted Party shall use diligent efforts to end the failure or delay and ensure the effects of such Force Majeure Event are minimized. The Impacted Party shall resume the performance of its obligations as soon as reasonably practicable after the removal of the cause. In the event that the Impacted Party’s failure or delay remains uncured for a period of ten (10) consecutive days following written notice given by it under this Section, either party may thereafter terminate these Terms and Conditions upon ten (10) days’ written notice.