Laserfiche WebLink
City of Everett <br /> Cloud and/or Offsite Hosting Terms and Conditions <br /> Contract#2020-062,Appendix Part B-1 between City of Everett and StreamLink Software Inc DBA <br /> Ampl'Fund dated January 26th,2021. <br /> This document shall become part of the final contract. <br /> Terms and Conditions Clauses 1-13 are mandatory for every engagement. Exceptions will be <br /> considered non-compliant and non-responsive. <br /> 1. Data Ownership: The City of Everett shall own all right,title and interest in its data that is related . . .. <br /> to the services provided by this contract. The City of Everett hereby grants to the Service <br /> Provider a non-exclusive and non-transferable license to use and host City of Everett Data to <br /> provide the services.The Service Provider shall not access City of Everett User accounts,or City <br /> of Everett Data,except(i)in the course of data center operations, (ii)response to service or <br /> technical issues,(iii)as required by the express terms of this contract,or(iv)at City of Everett's <br /> written request.The Service Provider may aggregate anonymized City of Everett Data with other <br /> Service Provider's client data for statistical analysis. <br /> 2. Data Protection: Protection of personal privacy and sensitive data shall be an integral part of the <br /> business activities of the Service Provider to ensure that there is no inappropriate or unauthorized <br /> use of City of Everett information at any time.To this end,the Service Provider shall safeguard <br /> the confidentiality,integrity,and availability of City information and comply with the following <br /> conditions: <br /> a) All information obtained by the Service Provider under this contract shall become and remain <br /> property of the City of Everett. <br /> b) At no time shall any data or processes which either belongs to or are intended for the use of <br /> City of Everett or its officers,agents,or employees, be copied,disclosed,or retained by the <br /> Service Provider or any party related to the Service Provider for subsequent use in any <br /> transaction that does not include the City of Everett. <br /> 3. Data Location: The Service Provider shall not store or transfer non-public City of Everett data <br /> outside of the United States. This includes backup data and Disaster Recovery locations. The <br /> Service Provider will permit its personnel and contractors to access City of Everett data remotely <br /> only as required to provide technical support. <br /> 4. Encryption: <br /> a) The Service Provider shall encrypt all non-public data in transit regardless of the transit <br /> mechanism. <br /> b) For engagements where the Service Provider stores sensitive personally identifiable or <br /> otherwise confidential information,this data shall be encrypted at rest. Examples are social <br /> security number,date of birth,driver's license number,financial data,federal/state tax <br /> information,and hashed passwords. The Service Provider's encryption shall be consistent <br /> with validated cryptography standards as specified in National Institute of Standards and <br /> Technology FIPS140-2,Security Requirements. The key location and other key <br /> management details will be discussed and negotiated by both parties. When the Service <br /> Provider cannot offer encryption at rest,they must maintain,for the duration of the contract, <br /> cyber security liability insurance coverage for any loss resulting from a data breach in <br /> accordance with the table below. Additionally,where encryption of data at rest is not <br /> possible,vendor must describe existing security measures that provide a similar level of <br /> protection. <br /> 1 fPage <br />