LexisNexis Coplogic Solutions Inc ~ AG204001 LexisNexisr , Coplogic'"Solutions
LAW ENFORCEMENT AGREEMENT
This Law Enforcement Agreement("Agreement")is dated SQM g, '&Z" ("Effective Date")by and between LexisNexis
Coplogic Solutions Inc.,with its principal place of business at 1000 Alderman Drive,Alpharetta,Georgia 30005("Provider"),and Tigard
Police Department,with its principal place of operations at 13125 SW Hall Blvd,Tigard,Oregon 97223("Agency"). Provider and Agency
may be referred to herein individually as a"Party"and collectively referred to as"Parties".
1. SCOPE.
Provider as part of its business has developed several comprehensive products and services for law enforcement. Subject to the terms
and conditions of this Agreement,Agency desires to order and Provider agrees to provide the various products and services contained
herein (collectively referred to as the "Services") as described in an applicable order to this Agreement ("Order"). The Parties
acknowledge Agency is a law enforcement entity with responsibility for the documentation, retention, and management of
information and reporting related to vehicle accidents, citations, and incidents occurring within its jurisdiction (as used within this
Agreement, each documented event is a"Report"). "Report"shall also include any associated or supplemental information provided
with the Report including Agency name,images and upload date,as applicable.
2. LICENSE AND RESTRICTIONS.
2.1 License Grant and License Restrictions. Upon execution of an applicable Order, Provider hereby grants to Agency a
restricted,limited,revocable license to use the Services only as set forth in this Agreement and any applicable Order,and
for no other purposes,subject to the restrictions and limitations set forth below:
a. Agency shall not use the Services for marketing or commercial solicitation purposes,resell,or broker the Services to
any third-party or otherwise use the Services for any personal (non-law enforcement)purposes;and
b. Agency shall not access or use Services from outside the United States without Provider's prior written approval;
and
c. Agency shall not use the Services to create a competing product or provide data processing services to third parties;
and
d. Agency's use of the Services hereunder will not knowingly violate any agreements to which Agency is bound;and
e. Agency shall not harvest,post,transmit,copy,modify,create derivative works from,tamper,distribute the Services,
or in any way circumvent the navigational structure of the Services, including to maliciously and knowingly upload
or transmit any computer viruses, Trojan Horses, worms or anything else designed to interfere with, interrupt or
disrupt the normal operating procedures of Services;and
f. Agency may not use the Services to maliciously and knowingly store or transmit infringing, libelous, or otherwise
unlawful or tortuous material,or to store or transmit material in violation of third-party privacy rights or otherwise
infringe on the rights of others;and
g. Agency shall not reveal any user accounts or passwords for the Services to any third parties(third parties shall not
include Agency's employees who have a need to know such information);and
h. Agency shall not permit any third party(third parties shall not include Agency's employees who have a need to know
such information)to view or use the Services,even if such third party is under contract to provide services to Agency;
and
i. Agency shall comply with all laws,regulations,and rules which govern the use of the Services.
2.2 Other.Restrictions. In addition Provider may, at any time after providing written notification to Agency, impose restrictions
and/or prohibitions on the Agency's use of the Services,or certain data or no longer offer certain functionalities or features
that may be the result of a modification in Provider policy,a modification of third-party agreements,a modification in industry
standards, a Security Event (defined below), a change in law or regulation, or the interpretation thereof. Upon written
notification by Provider of such restrictions, Agency agrees to comply with such restrictions or, in the event that Agency is
unable to comply, it shall notify Provider in writing of its inability to comply within ten (10) days after receipt of Provider's
QgovQa
ZLk.lr, or
r,s1.'Lati�
. LexisNexis° I Coplogic"Solutions
written notification. In that event, either Party may immediately terminate this Agreement by providing written notice
thereof to the other Party without such termination constituting a breach of this Agreement.
2.3 Violation of license Terms and/or Restrictions. Agency agrees that,if Provider determines or reasonably suspects that:(i)
Agency is violating any license terms,restrictions,or other material provision of the Agreement;or(ii)Agency has experienced
a Security Event (as herein defined), Provider may, at its sole option, take immediate action up to and including, without
further obligation or liability of any kind,terminating Agency's account and the license to use the Services.
3. RETENTION/DISTRIBUTION.
For all Services provided hereunder that involve Reports, Provider will maintain a copy of each Report for a period of no less than
seven (7) years from the date of the Report. Provider will distribute Reports and/or specific data extracted from the Report to
individuals or legal entities,where such individuals or legal entities do not include Affiliates of Provider("Authorized Requestors")and
other authorized law enforcement entities("Agency Requestors")in accordance with an applicable Order and all applicable laws and
regulations.
4. SUPPORT AND MAINTENANCE.
4.1.Ongoing Maintenance. Provider will, from time-to-time issue and/or provide maintenance including bug fixes,
enhancements, new features, or new functionality that are generally made available to customers along with any
corresponding changes to documentation("Maintenance"). Maintenance does not include work to custom code,customized
configurations,or to unauthorized modifications of the Services. Any Provider assistance beyond standard Maintenance will
be billed at Provider's then current pricing schedule,as agreed upon in advance by the Parties. Additionally,upon Agency's
written notice of new or revised legislation, statutes, or ordinances requiring any Services to be updated, Provider shall
update or modify the Services or particular form consistent with such new regulation within a reasonable time.
4.2. Support Services. Provider will provide ongoing support services for problems,queries or requests for assistance("Support")
provided that all requests for Support must be made to Provider Monday through Friday from 8:00 AM ET to 8:00 PM ET at
1-888-949-3835. Provider will also provide limited after hours Support including the ability to leave a message and receive a
call back the following business day or sooner, if critical. In order to provide Support, Agency will provide all information
reasonably required by Provider to identify the issue, including: an Agency point of contact(familiar with the Services and
issue),description of issue,screenshots,the impact,and assist in Provider's efforts to reproduce the problem(as applicable).
Provider will work to resolve problem with reasonable promptness for issues that are application or Services related(Provider
is not responsible for resolving issues caused by Agency hardware). The Agency agrees to provide Provider with data
transfers,as requested,remote access to the Services system,and with sufficient test time on the Agency's computer system
to duplicate the problem,to certify that the problem is with the Services,and to certify that the problem has been corrected.
If the problem cannot readily be resolved, Provider will attempt to identify a work around. Upon resolution of any issue,
Provider shall notify the Agency of such resolution via email. The Parties agree that Provider is not obligated to ensure that
its Services are compatible with outdated (exceeding 4 years from date of initial release) hardware, computer operating
services or database engines.
4.3. On Site Support. In response to written Agency requests for Provider to provide on-site routine non-emergency support,
Provider shall produce a written estimate of the time required to provide the requested support and state any requirements,
such as the presence of Agency staff or other resources or materials. Any on-site support provided by Provider shall only be
invoiced by Provider or paid by Agency if the problem arose due to something other than a defect in the Services. The Agency
shall reimburse Provider at the rate of two thousand five hundred ($2,500.00) dollars per day for each Provider employee
who provides any on-site support, and such fees will not include any reimbursement for Provider travel time or travel
expenses.
5. FEES.
5.1. Fees due to Provider. Any fees due to Provider for Services hereunder shall be specified in an Order("Fees"). For any Order
where Fees are specified, Provider will issue an invoice to Agency pursuant to the terms in the Order. Invoices shall be paid
in full by Agency within thirty(30) days from invoice date. Provider may increase the Fee by 2%for each subsequent year
following the Initial Term (as defined in an applicable Order) in an Order by providing Agency no less than sixty (60) days
written notice prior to the effective date of such pricing change. In the event Agency has a good faith dispute on all or a
portion of an unpaid invoice("Dispute"),Agency shall notify Provider in writing and follow the procedures set forth below.
LexisNexisa I Coplogic"Solutions
To the extent an interface or other technological development is required to enable an Agency designated third party(i.e.,
RMS Vendor)to receive Reports from Provider at Agency's request or to enable Provider to intake Agency Data, such cost
shall not be borne by Provider. If any invoice (or undisputed portion thereof)remains unpaid and not subject to a Dispute
after sixty(60) days from the invoice date, Provider shall have the right to terminate this Agreement(including all Services)
or the right to discontinue the applicable Service immediately, without such action constituting a breach or incurring any
liability herein.All Fees not properly disputed or paid after they become due shall accrue interest at the statutory rate of nine
percent(9%)per annum_ All Fees are calculated for payment made via ACH,Wire,or Agency check. Agency agrees that Fees
exclude taxes(if applicable)or other cost incurred by Agency's RMS Vendor or other third parties and agrees such costs shall
be passed on to Agency. Provider shall not be required to enter into a third-party relationship to obtain payment for the
Service provided to Agency;however,should Provider elect to do so,Provider reserves the right to charge Agency additional
fees for such accommodation.
5.2. Fees due to Agency. Using the process as herein defined,on behalf of Agency, Provider will collect and remit to Agency a
fee for all Reports("Agency Fee")purchased by an Authorized Requestor(as defined in Section 3 above)from the
applicable eCommerce portal as set forth on an Order to this Agreement.,On a monthly basis,Provider will electronically
transfer to Agency's designated account,the total amount of applicable Agency Fees collected by Provider during the
previous month. Provider will make available a monthly report to Agency identifying the number of Reports provided on its
behalf via the LexisNexis®Command Center administration portal and its successor.
5.2.1. For the avoidance of doubt, no Agency Fee will be paid with respect to the following:
When a fee is not charged to an Authorized Requestor for the Report
Nothing in this Agreement shall require Provider to pay an Agency Fee to the Agency when an Authorized Requestor provides
a Report and/or specific data extracted from the Report to a third party after the Authorized Requestor(has purchased such
Report from the applicable eCommerce portal).Agency acknowledges that all Reports requested by Agency Requestors shall
be provided free of charge. Notwithstanding anything in this Agreement, neither Contractor nor its Affiliates shall be
permitted to place in its inventory for resale previously acquired Reports or components of Report(e.g.,VIN), or make any
use of Reports or components of a Report for any purpose not expressly permitted under this Agreement.
5.3. Fees retained by Provider. Where permitted by law, Provider will charge a convenience fee for each Report provided to an
Authorized Requestor("Convenience Fee")which shall be retained by Provider. The Convenience Fee shall be established by
Provider at its discretion,but in no event shall exceed the amount a provider may legally charge an Authorized Requestor.
6. TERMS AND TERMINATION.
6.1. Term. This Agreement shall commence upon the Effective Date and shall continue until terminated in accordance with this
Agreement. Each Order shall set forth the specified term for the particular Service.
6.2.Termination.
6.2.1. Either Party may terminate this Agreement or any Order for cause if the other Party breaches a material
obligation under the terms of this Agreement and fails to cure such breach within thirty (30) days of
receiving written notice thereof from the non-breaching Party, provided, however, that if such material
breach is of a nature that it cannot be cured, immediate termination shall be allowed. Failure to pay by
either Party shall be considered a material default.
6.2.2. Either Party may elect to terminate this Agreement or any Order by providing written notice to the other
of such intent,at least ninety(90)days prior to the end of the applicable Order term.
6.2.3. Provider may, upon six(6) months written notice to Agency,terminate any Service that will no longer be
supported or offered by Provider. Provider will make reasonable efforts to transition Agency to a similar
Service, if available. Further, Provider may at any time cease to provide Agency access to any portions of
features of the Services thereof which Provider is no longer legally or contractually permitted to provide.
6.3. Effect of Termination. Upon termination of this Agreement, each Party shall be liable for payment to the other Party of all
amounts due and payable for Services provided through the effective date of such termination. Upon receipt of Agency's
written request after termination, Provider shall provide Agency with access to Reports provided by Agency under this
Agreement and/or data provided through provision of the Services by Agency under an applicable Order so Agency may
download and/or copy such information. Provider shall not be obligated to delete from its databases(or from other storage
media) and/or return to Agency, Reports already provided to Provider by Agency, and shall be permitted to continue to
LexisNexis' I Coplogic'"Solutions
maintain and distribute the Reports already in its possession to Authorized Requestors in compliance with applicable laws
and regulations.
7. RELEVANT LAWS.
Each Party shall comply with all applicable federal,state,and local laws and regulations related to its performance hereunder,
including:
7.1. Driver's Privacy Protection Act. Agency acknowledges that certain Services provided under this Agreement may include the
provision of certain personal information from a motor vehicle record obtained by Provider from state Departments of Motor
Vehicles as those terms are defined by the Federal Driver's Privacy Protection Act,18 U.S.C.§2721 et seq., ("DPPA")and its
state analogues ("DMV Data"), and that Agency is required to comply with the DPPA or its state analogues, as applicable.
Agency agrees that it may be required to certify its permissible use of DPPA or DMV Data at the time it requests information
in connection with certain Services and will recertify upon request by Provider.
7.2. Fair Credit Reporting Act. The Services provided pursuant to this Agreement are not provided by "consumer reporting
agencies" as that term is defined in the Fair Credit Reporting Act(15 U.S.C. § 1681,et seq.)("FCRA") and do not constitute
"consumer reports"as that term is defined in the FCRA. Agency certifies that it will not use any of the information it receives
through the Services in whole or in part as a factor in determining eligibility for credit, insurance, or employment or for any
other eligibility purpose that would qualify the information in as a consumer report
7.3. Protected Health Information. Unless otherwise contemplated by an applicable Business Associate Agreement executed by
the Parties,Agency will not provide Provider with any Protected Health Information(as that term is defined in 45 C.F.R.Sec.
160.103)or with Electronic Health Records or Patient Health Records(as those terms are defined in 42 U.S.C.Sec. 17921(5),
and 42 U.S.C. Sec. 17921(11), respectively) or with information from such records without the execution of a separate
agreement between the Parties.
7.4. Social Security Numbers.Social Security Numbers may be available hereunder as part of Reports and/or related data provided
from certain states. However,Agency shall not provide Social Security Numbers to Provider under any circumstance under
this Agreement. Should Agency require more information on Social Security Numbers or its obligations in relation thereto,
Agency should contact Provider Agency Service at 1-866-215-2771 for assistance.
7.5. Privacy Principles. Agency shall comply with the "Provider Data Privacy Principles" available at
http:jJwww.lexisnexis.com/privacy/dataa-privacy-princii)les.ast) as updated from time to time.Provider shall notify Agency
in writing in the event that material changes are made to the Provider Data Privacy Principles.
7.6. Security. Agency agrees to protect against the misuse and/or unauthorized access of the Services provided to Agency in
accordance with this Agreement and as set forth in Exhibit A,attached hereto.
8. CONFIDENTIAL INFORMATION AND INTELLECTUAL PROPERTY OWNERSHIP.
8.1. Definition. "Confidential Information"means all non-public information provided by the disclosing Party to the receiving Party
hereunder labeled as confidential or trade secret or which would reasonably be regarded as being of a confidential nature,
including, without limitation, Sections 2, 3,4, 5, 6, 8, 12, and 13 of this Agreement, Sections 3, 4, and 5 of any corresponding
Order, and all information related to technical, financial,strategies and related information, business information, computer
programs, algorithms, know-how, processes, databases, systems, ideas, inventions (whether patentable or not), schematics,
Trade Secrets(as defined by applicable law) and other information (whether written or oral) Confidential Information does not
include Reports and information related thereto. Confidential Information does not include information that was,at the time of
the disclosure:(a)or becomes(through no improper action or inaction by the recipient)generally known to the public;(b)lawfully
disclosed to recipient by a third-party and received in good faith and without any duty of confidentiality by the recipient or the
third-party;(c)in recipient's possession or known to it prior to receipt from discloser;or(d)independently developed by recipient;
provided in each case that such forgoing information was not delivered to or obtained by recipient as a result of any breach of
this Agreement.
8.2.Treatment of Confidential information. Each Party agrees to protect the Confidential Information with the same degree of care
it uses to protect its own confidential information of a similar nature,but not less than a reasonable standard of care and not to
use the other Party's Confidential Information other than as necessary to perform its obligations or as permitted under this
Qff L2X)SNexis- 1 Coplogic'"Solutions
Agreement. A Party shall not remove or destroy any proprietary or confidential legends or markings placed upon or contained
within any Confidential Information.
8.3. intellectual Property Ownership. Each Party retains all right,title,and interest under applicable contractual,copyright and related
laws to their respective Confidential Information, including the right to use such information for all purposes permissible by
applicable laws, rules, and regulations. Provider retains all rights(other than the limited license granted herein),title, interest,
ownership and all intellectual property rights in the Services including any improvements or modifications thereto,and Agency
shall use such information consistent with such right, title and interest and notify Provider of any threatened or actual
infringement thereof. Agency shall not remove or obscure any copyright or other notices from the Services or materials provided
hereunder.
8.4. Exception for Subpoenas and Court Orders. A Party may disclose Confidential Information solely to the extent required by
subpoena, court order or other governmental authority, provided that the receiving Party provides the disclosing Party prompt
written notice of such subpoena, court order or other governmental authority so as to allow the disclosing Party an opportunity
to obtain a protective order to prohibit or limit such disclosure at its sole cost and expense. Confidential Information disclosed
pursuant to subpoena, court order or other governmental authority shall otherwise remain subject to the terms applicable to
Confidential Information.
8.5. Oregon Public Records Law. Notwithstanding the above, to the extent that Provider discloses its Confidential Information to
Agency, Provider acknowledges that Agency is subject to Oregon Public Records Law ("OPRL"). Provider understands that the
public may have access to public records, unless the records are exempt or confidential under applicable law. Prior to any
disclosure requested under OPRL,Agency shall give Provider prompt written notice of such request. Provider shall have seven(7)
days from the date it receives such notice to provide evidence of a statutory exemption under applicable law sufficient to protect
the information or obtain a protective order or equivalent from a court of competent jurisdiction. If information is disclosed
pursuant to a request under OPRL,Agency will take reasonable steps to limit any such provision of Confidential Information to
the specific information requested.The parties understand and agree that the failure by Provider to timely respond to the notice
provided by Agency may result in the disclosure of the requested information pursuant to OPRL. Disclosures required by ORPL,
shall not be considered a breach of any confidentiality provisions set forth in this Agreement. To the extent, notwithstanding
Provider's objection, that Agency determines that this Agreement and any corresponding Order must be disclosed pursuant to
applicable OPRL,Sections 2,3,4,5,6,8, 12,and 13 of this Agreement,and Sections 3,4,and 5 of any corresponding Order shall
be redacted before any such disclosure. Provider shall be fully responsible for defending any appeals of Agency's decision to
provide a redacted version of this Agreement or any corresponding Order.
8.6. Duration. Each Party's obligations with respect to Confidential Information shall continue for the term of this Agreement and for
a period of five(5)years after termination of this Agreement,provided however,that with respect to Trade Secrets,each Party's
obligations shall continue for so long as such Confidential Information continues to constitute a Trade Secret.
8.7. Return of Confidential Information. Upon the written request of a Party (and except as otherwise specifically set forth in an
applicable Order), each Party shall return or destroy(and certify such destruction in a signed writing) any of the other Party's
Confidential Information unless retention of such information is required by law,regulation,court order,or other similar mandate.
8.8. Iniunctive Relief. In the event of a breach or a threatened breach of the confidentiality or privacy provisions of this Agreement,
including release pursuant to Oregon Public Records Law under Section 8.5, the non-breaching Party may have no adequate
remedy in monetary damages and,accordingly,may seek an injunction against the breaching Party.
9. PROVIDER AUDIT RIGHTS.
Agency understands and agrees that, in order to ensure Agency's compliance with the Agreement, as well as with applicable laws,
regulations and rules,Provider's obligations under its contracts with its data providers,and Provider's internal policies,Provider may,
no more than once per year,conduct a review of Agency's use of the Services and may,upon reasonable notice,audit Agency's records,
processes and procedures related to Agency's use,storage and disposal of the Services and information received therefrom. Agency
agrees to cooperate fully with any and all audits and to respond to any such audit inquiry within ten (10) business days. Violations
discovered in any review and/or audit by Provider will be subject to immediate action including,but not limited to, invoicing for any
applicable Fees(if Services are based on number of users and Agency's use exceeds licenses granted),suspension or termination of
the license to use the Services,legal action,and/or referral to federal or state regulatory agencies.
10. REPRESENTATIONS AND WARRANTIES.
Agency represents and warrants to Provider that Agency is fully authorized to disclose Reports, information, and related data or
images to Provider in accordance with this Agreement and to grant Provider the rights to provide the Services as described herein.
LexisNexis° I coplogic-Solutions
Where redaction of Reports is required prior to provision to Provider,Agency represents and warrants it will redact applicable Reports
consistent with all laws and regulations. In performing their respective obligations under this Agreement,each Party agrees to use
any data and provide any services,in strict conformance with applicable laws and regulations,and further,to comply with all applicable
binding orders of any court or regulatory entity and consistent with the terms of this Agreement.
11. LIMITATION OF WARRANTY.
For purposes of this section, "Provider" includes Provider and its subsidiaries, parent companies, and data providers. THE SERVICES
PROVIDED BY PROVIDER ARE PROVIDED"AS IS"AND WITHOUT ANY WARRANTY,EXPRESS,IMPLIED,OR OTHERWISE, REGARDING ITS
ACCURACY OR PERFORMANCE INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A
PARTICULAR PURPOSE, SUITABILITY, ORIGINALITY, OR OTHERWISE, OF ANY SERVICES, SYSTEMS, EQUIPMENT OR MATERIALS
PROVIDED HEREUNDER.
12. LIMITATION OF LIABILITY.
To the extent permitted by applicable law,in no event shall either Party's liability for any claims(s)resulting from its acts or omissions,
including, but not limited to negligence claims under this Agreement exceed the total amount of Fees actually received by Provider
from Agency(excluding pass through or out of pocket expenses)for the specific Services from which liability arises during the twelve
(12) month period immediately preceding the event first giving rise to such liability,and if not yet in the twelfth (1211) month of this
Agreement,for the period leading up to such event. Notwithstanding the foregoing,in no event shall either Party's entire liability for
any claim(s) under this Agreement exceed THIRTY-TWO, FIVE HUNDRED AND ZERO DOLLARS($32,500.00) in the aggregate. Further
notwithstanding the foregoing, to the extent the relevant Services are made available at no cost to Agency, than in no event shall
Provider's liability to Agency under this Agreement exceed One Hundred dollars($100.00)in the aggregate. The foregoing limitations
of liability will not apply to any claims, actions, damages, liabilities or fines relating to or arising from either Party's gross negligence
or willful misconduct. In no event shall either Party be liable for any indirect, special, incidental, or consequential damages in
connection with this Agreement or the performance or failure to perform hereunder,even if advised of the possibility of such damages.
13. INDEMNIFICATION.
To the extent permitted under applicable law,each Party shall defend;indemnify,and hold harmless the other Party,its Affiliates,and
their officers,directors,employees,and Agents (the"Indemnified Parties") against and from any and all losses,liabilities,damages,
actions,claims,demands,settlements,judgments, and any other expenses(including reasonable attorneys`fees),which are asserted
against the Indemnified Parties by a third party,but only to the extent caused by(i)violation of law in the performance of its obligations
under this Agreement by the indemnifying party,its Affiliates,or the officers,Agents or employees of such party(the"Indemnifying
Parties"); (ii) the gross negligence or willful misconduct of the Indemnifying Parties during the term of this Agreement; (iii) the
Indemnifying Parties' violation, infringement or misappropriation of any U.S. patent, copyright, trade secret or other intellectual
property right; or (iv)with respect to Agency,violation of any of the license terms or restrictions contained in this Agreement. The
indemnities in this section are subject to the Indemnified Parties promptly notifying the Indemnifying Parties in writing of any claims
or suits.
14. INSURANCE
14.1. Provider must obtain,at Provider's expense,and keep in effect during the term of this contract,Cyber-Security Liability insurance
covering any damages caused by any actual or alleged negligent act, error or omission in the securing of confidential information.
Combined single limit per claim may not be less than $2,000,000, or the equivalent. Annual aggregate limit may not be less than
$3,000,000 and filed on a"claims-made"form.
14.2. As evidence of the insurance coverage required by the contract,the Provider will furnish a Certificate of Insurance to the Agency.
No contract shall be effective until the required Certificates of Insurance have been received and approved by the Agency. The
certificate will include a copy of Additional Insured Endorsement naming the Agency as an additional insured.A blanket endorsement
LexisNexis- I Cop logic"Solutions
may be provided showing evidence of additional insured status. A renewal certificate will be sent to the Agency prior to coverage
expiration.
14.3. If Provider is self-insured,provision of acceptable documentation of self-insurance meeting the above requirements is acceptable.
15. FORCE MAJEURE.
Neither Party will be liable for any delay or failure to perform its obligations hereunder due to causes beyond its reasonable control,
including but not limited to natural disaster, pandemic, casualty, act of God or public enemy, riot, terrorism, or governmental act;
provided,however,that such Party will not have contributed in any way to such event. If the delay or failure continues beyond thirty
(30)calendar days,either Party may terminate this Agreement or any impacted Order with no further liability,except that Agency will
be obligated to pay Provider for the Services provided under this Agreement prior to the effective date of such termination.
16. NOTICES.
All notices, requests, demands or other communications under this Agreement shall be in writing to the address set forth in the
opening paragraph and shall be deemed to have been duly given:(i)on the date of service if served personally on the Party to whom
notice is to be given; (ii) on the day after delivery to a commercial or postal overnight carrier service;or(iii) on the fifth day after
mailing, if mailed to the Party to whom such notice is to be given, by first class mail, registered or certified, postage prepaid and
properly addressed. Any Party hereto may change its address for the purpose of this section by giving the other Party timely,written
notice of its new address in the manner set forth above.
17. MISCELLANEOUS.
17.lAffiliates. Agency understands and agrees that certain Services furnished under this Agreement may actually be provided by
one or more of Provider'Affiliates. For purposes of this Agreement, "Affiliate"means any corporation,firm, partnership or
other entity that directly or indirectly controls, or is controlled by,or is under common control with Provider. Affiliates shall
not be bound by the terms and conditions of this Agreement with respect to the provision of their applicable Services
hereunder.
17.2 Independent ContractorlNo Agency. Each Party acknowledges that it has no authority to bind or otherwise obligate the other
Party.
17.3 Assignment. Neither Party shall assign this Agreement in whole or in part without the prior written consent of the other
Party, and any such attempted assignment contrary to the foregoing shall be void. Notwithstanding the foregoing, an
assignment by operation of law,as a result of a merger or consolidation of a Party,does not require the consent of the other
Party. This Agreement will be binding upon the Parties'respective successors and assigns.
17.4 Headings Interpretation and Severability. The headings in this Agreement are inserted for reference only and are not
intended to affect the meaning or interpretation of this Agreement. The language of this Agreement shall not be construed
against either Party. If any provision of this Agreement shall be held to be invalid, illegal, or unenforceable, the validity,
legality,or enforceability of the remaining provisions shall not in any way be affected or impaired thereby.
17.5 Waiver: Remedies Non-Exclusive. No failure or delay on the part of any Party in exercising any right or remedy provided in
this Agreement will operate as a waiver thereof_ Unless otherwise provided herein, any remedy will be cumulative to any
other right or remedy available at law or in equity.
17.6 Survival. Sections 2,3, 7,8,9, 10,11, 12,and 15 will survive the termination or rescission of this Agreement.
17.7 Provider Shared Facilities. Provider may utilize facilities located outside the United States to provide support or the Services
under this Agreement,and if such centers are utilized they shall be under the control of Provider and subject to all Provider
policies that govern data access,protection and transport in the United States.
17.8 Entire Agreement. This Agreement represents the entire agreement of the Parties and supersedes all previous and
contemporaneous communications or agreements regarding the subject matter hereto. Agency by its signature below
hereby certifies that Agency agrees to be bound by the terms and conditions of this Agreement including those terms and
conditions posted on web pages specifically set forth herein or contained with any software provided under this Agreement,
as may be updated from time to time. Any additional terms or conditions contained in purchase orders or other forms are
expressly rejected by Provider and shall not be binding. Acceptance or non-rejection of purchase orders or other forms
containing such terms;Provider's continuation of providing Products or Services;or any other inaction by Provider shall not
constitute Provider's consent to or acceptance of any additional or different terms from that stated in this Agreement. This
Agreement may only be modified by a written document signed by both Parties.
' LexisNexis° I Coplogic'"Solutions
17.9 Governing Law.The Agreement will be governed by and construed under the laws of the State of Oregon excluding its conflict
of law rules.
17.10 General Terms. The following laws of the State of Oregon are hereby incorporated by reference into the Agreement:
ORS 27913.220,27913.230,and 2796.235.
17.11 Compliance with Tax Laws. Company represents and warrants that Company is, to the best of the undersigned's
knowledge,not in violation of any Oregon tax laws including but not limited to ORS 305.620 and OR5 Chapters 316,317,and
318. Company's failure to comply with the tax laws of this state or a political subdivision of this state before the Company
executed this Agreement or during the term of this Agreement is a default for which the End-User may terminate this
Agreement and seek damages and other relief available under the terms of this Agreement or applicable law.
IN WITNESS WHEREOF,the Parties have caused this Agreement to be executed by their respective authorized representatives as
of the Effective Date.
Agency:Tigard Police Department Provider: LexlsNexi Coplogic Solutions Inc.
Sign Signa
Signa
Printed Name: 1 (4-r t1ct G�i/��C' Printed Name: Wil faS.,.,..Mad* n
Executive Vice President
Title: �' � '�G�7^G�L.,.��,°' Title:
Date: Date:_ j1� `� , ()
LexisNexis° I Cop logic'Solutions
EXHIBIT A-SECURITY AND NOTIFICATION REQUIREMENTS
1. Data Protection.
Agency shall take appropriate measures to protect against the misuse and unauthorized access through or to Agency's(i)credentials
("Account IDs")used to access the Services;or(ii)corresponding passwords,whether by Agency or any third party;or(iii)the Services
and/or information derived therefrom. Agency shall manage identification, use, and access control to all Account IDs in an
appropriately secure manner and shall promptly deactivate any Account IDs when no longer needed or where access presents a
security risk. Agency shall implement its own appropriate program for Account ID management and shall use commercially reasonable
efforts to follow the policies and procedures for account maintenance as may be communicated to Agency by Provider from time to
time in writing.
2. Agency's Information Security Program.
Agency shall implement and document or follow its existing appropriate policies and procedures covering the administrative,physical
and technical safeguards in place and relevant to the access,use,storage,destruction,and control of information which are measured
against objective standards and controls("Agency's Information Security Program"). Agency's Information Security Program shall:(1)
account for known and reasonably anticipated threats and Agency shall monitor for new threats on an ongoing basis;and(2)meet or
exceed industry best practices. Agency will promptly remediate any deficiencies identified in Agency's Information Security Program.
Agency shall not allow the transfer of any personally identifiable information received from Provider across any national borders
outside the United States without the prior written consent of Provider.
3. Agency Security Event.
In the event the Provider or Agency learns or has reason to believe that Account IDs,the Services,or any information related thereto
have been misused, disclosed, or accessed in an unauthorized manner or by an unauthorized person (an "Agency Security Event")
Agency shall:
(i) provide prompt written notice to the other party If to Provider,notice will be given to:
a) the Information Security and Compliance Organization at 1000 Alderman Drive, Alpharetta, Georgia 30005;
or
b) via email to(security.investigations@lexisnexis.com);or
c) by phone at(1-888-872-5375)with a written notification to follow within twenty-four(24)hours;and
If to Agency,notice will be given to:
a) City of Tigard Information Technology team
b) IT1@Tigard-or.gov
C)
(ii) promptly investigate the situation;and
(iii) obtain written consent from Provider, not to be unreasonably withheld, prior to disclosing Provider or the Services to
any third party in connection with the Agency Security Event;and
(iv) if required by law,or in Provider'discretion, Agency shall:
a) notify the individuals whose information was disclosed that an Agency Security Event has occurred;and
b) be responsible for all legal and regulatory obligations including any associated costs which may arise in
connection with the Agency Security Event;and
(v) remain solely liable for all costs and claims that may arise from the Agency Security Event,including,but not limited to:
litigation (including attorney's fees); reimbursement sought by individuals (including costs for credit monitoring and
other losses alleged to be in connection with such Agency Security Event);and
(vi) provide all proposed third party notification materials to Provider for review and approval prior to distribution.
In the event of an Agency Security Event, Provider may, in its sole discretion, take immediate action, including suspension or
termination of Agency's account,without further obligation or liability of any kind.
Provider's Security Program.
m L2XISN2XIS° I Coplogic"Solutions
(a) Provider maintains an Information Security Program ("Program"), which shall (a) account for known and reasonably
anticipated risks and threats, and Provider shall,on an ongoing basis, monitor for new threats;(b) meet or exceed industry
best practices;(c)ensure the ongoing confidentiality,integrity,availability and resilience of processing systems and services.
Provider will promptly remediate any deficiencies identified.
(b) The Program will be in writing, and at a minimum, address the following areas: (a) Access control management including
identification authentication and control of access to,and use of,information,facilities, networks,computers and software
including deactivation of credentials when no longer needed;(b) Network controls to prevent and detect malicious activities
and segregate physical and logical access; and (c) Virus and malicious software detection, response and eradication
performed on a timely basis.
(c) The Program will require that any individual or entity acting under the authority of Provider and who has access to Reports
does not process such Reports except as required to do so by Agency, this Agreement, or unless required to do so by
applicable law,and that such individuals or entities are committed to maintaining confidentiality of such Reports as required
by law.
(d) Provider shall implement and maintain business continuity/disaster recovery policies and procedures that address Provider's
ability to provide protection to the security, integrity, and availability of information technology systems and software, and
any other key information, used by Provider in the performance of its obligations under this Agreement during a business
disruption. At a minimum, such policies and procedures shall include risk assessment and controls for (a) resumption of
Provider business operations, including system and data access; (b) incident response; and (c) security of data and
information.
(e) Provider agrees to comply with the Oregon Consumer Identity Theft Protection Act as applicable.
4. CJIS Clearance and Provider Security
Coplogic is highly sensitive to data security and privacy considerations.We have implemented and currently maintain information
security programs for numerous commercial and government customers,including clients with stringent data protection needs.
Since our business depends on keeping data secure,we incorporate best practices for security and privacy across our enterprise.At
a high level,these security and privacy practices include:
• A risk mitigation framework that includes industry standards for information security(ISO 27001/2)and privacy
(AICPA/CICA).This holistic approach to privacy,security,and compliance enhances risk mitigation and helps ensure
compliance.
• The use of administrative,physical,and technical safeguards as well as numerous internal controls to protect and prevent
unauthorized access to sensitive information.
• Proprietary customer credentialing criteria that are designed to protect customers from criminals and from fraudulent
activity.
• Strict policies,standards,and guidelines are in place throughout LNRS that govern data access,protection,transport,
restriction,retention,deletion,and classification.They safeguard against inappropriate data access and use.
• Control systems based on the defense-in-depth,least privilege,and "need-to-know"principles.
• An Information Assurance and Data Protection Organization (IADPO)that continually evaluates LNRS policies and
procedures with regard to customer credentialing and the internal controls governing our information security program.
• A Business Continuity Plan(BCP)to address how we respond to events that could lead to business disruptions.It uses
multiple layers of protection to prevent disasters.
• A culture of accountability.We recognize that our customers place their trust in us,and we take that responsibility very
seriously.
• Training,Communication,Outreach,and Transparency.LNRS focuses on building and maintaining trust with customers,
vendors,stakeholders,and consumers by regularly and transparently communicating about privacy,security,and
compliance practices and procedures.
LexisNexis- I coplogic"solutions
The Parties agree that CJIS clearance is not currently required for Provider's services. In the event that changes and Provider is not
UIS compliant,Agency may terminate this Agreement pursuant to Section 6.2.1.
LexisNexis' I Coplogic"Solutions
Order No.1
LexisNexis®Desk Officer Reporting System(DORS)
This Order No. 1("Order")is entered into this $ day of 'SW10 ', 2020 ("Order Effective Date") between
Tigard Police Department ("Agency") and LexisNexis Coplogic Solutions Inc., on behalf of it elf and its Affiliates ("Provider")
and subject to the terms and conditions of the Law Enforcement Agreement effective (`Agreement") between
the Parties.
1. TERMS AND CONDITIONS.
All of the terms and conditions contained in the Agreement shall remain in full force and effect and shall apply to the extent
applicable to this Order except as expressly modified herein. To the extent that the terms and conditions of this Order are in
conflict with the terms and conditions of the Agreement, or any other incorporated item, this Order shall control. Capitalized
terms used herein but not defined shall have the same meaning as set forth in the Agreement.
2. DESCRIPTION OF SERVICES.
Provider, as part of its business has developed and makes available to law enforcement entities an online citizen reporting
system called LexisNexis® Desk Officer Reporting System ("DORS")enabling individuals, retail companies and other
organizations to file reports, crime tips and other forms online to law enforcement.
3. SCOPE OF SERVICES.
Provider agrees to provide the following Services to Agency subject to the provisions of this Order. Any change to the Services as set
forth in this Order that occur after the Order Effective Date must be made by amendment to this Order, signed by both Parties.
Provider will provide the following Services described below subject to Agency's technology capabilities, processes, and work-flow
functionality.
3.1.Services. DORS uses the J2EE standard. DORS is designed to gather information on incidents from a member of the
general public(user)via an SSL connection. DORS will issue a temporary report number to the user and place the
temporary report into an administrative holding area for review and modification by appropriate Agency
administrator. An email is generated to the user that the report has been submitted. The Agency administrator logs
in via an SSL connection and approves, rejects, edits or prints reports as appropriate. Rejecting a report deletes it
from the DORS system and sends an appropriate email to the user. Approving the report issues a number,places it
in a queue to be exported(as determined during implementation),and sends an appropriate email to the user. The
Agency administrator and user can download the approved report and/or print the approved report out. Provider
shall provide Report retention and distribution services as set forth in in Section 3 of the Agreement, including an
on-line Report distribution website.
3.2.Setup and Access.
Agency Responsibilities.
a) Coordinate with Provider to establish dates for deployment within the DORS implementation schedule
tab;
b) Provide images for(i)website header image(ii)temporary citizen report image and (iii)final printed PDF
report image;
c) Load provided HTML pages onto Agency website which links to Provider's servers for the Services;
d) Provide Provider with the schema for the desired file format and/or database schema;
e) Enable Provider read/write access and test environment with current configuration
f) Enable Provider VPN access to the exporter,RMS application(s),and other information required for report
bridge installation;
g) Provide timely responses to Provider's questions, which may arise during the setup and configuration
process.
Provider Responsibilities.
Confidential and Proprietary Information of LexisNexis Qlove
DORS Order_cbc_8.29.18 Page 1 of 3 QCV, tr4
1<
IDS o
I,ti
LexisNexis• I Coplogic'"Solutions
a) Coordinate with Agency to establish schedule for deployment within the DORS implementation schedule
tab.
b) Register Agency within Provider's network and load Agency provided images into Agency's
implementation of DORS.
c) Provide Agency with administrator password and credentials for the Services.
d) Provide Agency with sample operational directives, deployment strategies and sample press release.
e) Provide Agency with suggestions for the successful deployment of the Services.
f) Provide Agency with instructions on the easy setup of a kiosk for Agency's headquarters lobby,etc.
Completion Criteria.
This task is considered complete after Provider has delivered listed materials.
3.3.Configuration.,
Agency Responsibilities.
a) Coordinate with Provider for web training session on administering the program, using the dynamic
creation tools, "Triple Lock" login features, user account including deploying the "Secure side filing
feature".
b) Using the administrator account, login in and configure the code tables, crime types, user account, and
dynamic content for Agency.
c) Test the optional interface with the RMS application.
d) Review resulting files with Provider,document any problems,and collaborate with Provider on a pian for
corrective action(s).
e) Provide necessary files for RMS integration.
Provider Responsibilities
a) Coordinate with Agency for web training session on administering the program, using the dynamic
creation tools, "Triple Lock" login features, user account including deploying the "Secure side filing
feature".
b) Configure export routine for the optional RMS Interface with information provided.
c) Review resulting files with Agency, document any problems, and collaborate with Agency on a plan for
corrective action(s).
Completion Criteria
This task is considered complete when the DORS is accessible on Provider's web server and reports can be
filed and interfaced into the RMS(optional).
3.4.Support and Maintenance. Provider will provide Support and Maintenance Services in accordance with the
terms and conditions set forth in Section 4 of the Agreement.
4. TERM AND TERMINATION.
This Order shall commence upon the Order Effective Date and shall continue for an initial term of twenty-four (24) months
("Initial Term")and shall expire unless otherwise terminated or extended, 24 months after the effective date.The Agency and
Provider may agree in writing to up to an additional twenty-four(24)additional months("Renewal Term") unless either Party
provides written notice to the other Party, at least forty five(45) days prior to the expiration of the Renewal Term.
S. FEES AND PRICE ADJUSTMENTS.
The Fees for the Services shall be subject to the terms set forth in Section 5 of the Agreement.
5.1.The Agency Fee is ten dollars and 00/100 ($10.00).
Nothing in this Order shall require Provider or its Affiliate to pay an Agency Fee to the Agency when an
Authorized Requestor provides a Report and/or specific data extracted from the Report to a third party after
the Authorized Requestor has purchased such Report from the Affiliate's inventory of previously purchased
reports. Agency acknowledges that all reports requested by Agency Requestors shall be provided free of
charge.
Confidential and Proprietary Information of LexisNexis
DORS Order_cbe_8,29,18 Page 2 of 3
LexisNexis• I coplogic`"Solutions
5.2.Monthly Services Fees. Agency shall pay a monthly license Fee for the Services which includes Support and
Maintenance Services. Fees for the Services for the Initial Term shall be One Thousand Eighty Five Dollars and
00/100 ($1,085.00) per month for the initial term of twenty four(24) months. A two percent (2%) escalator
will be applied to each subsequent year if the term is extended. All Fees shall be invoiced monthly by Provider
beginning on the Order Effective Date.
IN WITNESS WHEREOF,the Parties have caused this Order to be executed by their respective authorized representatives as
of the Effective Date.
Agency:Tigard Police Department Provider: LexisNexis coplogic Solutions Inc.
Signatu 7,,{ Signatur
Printed Name: CR 7 GSL( �*t,�/ pie-, Printed Name:
williarn . M�Idis+rnlrt—.
�,r X 61 ti G��_el Executive Vice President
Title: � � Title:
Date:_ L1 ' lr�'46 �d Date: ok�01(aoao
Confidential and Proprietary Information of LexisNexis
DORS Order.,,cbc_8.29.18 Page 3 of 3