The URL can be used to link to this page

R-1792 - 03/12/2019 - POLICE AGREEMNT - Resolutions Supporting DocumentsBOT AGENDA Page 1 BOARD OF TRUSTEES MEETING SAMUEL E. DEAN BOARD ROOM BUTLER GOVERNMENT CENTER 1200 OAK BROOK ROAD OAK BROOK, ILLINOIS 630-368-5000 AGENDA ITEM Regular Board of Trustees Meeting of March 12, 2019 SUBJECT: Installation of Vigilant Fixed Site License Plate Recognition Systems. FROM: James R. Kruger Jr., Chief of Police BUDGET SOURCE/BUDGET IMPACT: Account: 621-90100 / $196,346 RECOMMENDED MOTION: Move to approve Resolution 2019-PD-PG-R-1792 authorizing the purchase of two Vigilant License Plate Recognition systems, and the Village Manager to sign the five year maintenance and database access agreements. Background/History: Over the past several months, the west suburban region has experienced an increase in burglaries to both residences and vehicles as well as some vehicle thefts. While the Village of Oak Brook has not seen a jump in those statistics as some of our neighboring communities, the Village Board requested the Police Department explore what other measures we can take to ensure the safety and quality of life of our residents. Our research indicates that utilizing technology to assist us with prevention as well as the apprehension of criminals would be an efficient use of resources. Many of the surrounding communities are now employing the use of high quality license plate recognition systems either in a mobile platform or fixed site installation. These systems are tied together with a nationwide database that has been very effective in tracking wanted vehicles as well as alerting police officers in real time of wanted vehicles that have entered the jurisdictions. The Police Department has determined that the Village would be best served by two fixed site locations. Those sites would focus on covering both east and west sections of the Village. After speaking with our neighbors, these sites as well as the sites maintained by other jurisdictions are not identified in this memo, but would work in concert with the other sites in the area and provide a blanket of coverage at vantage points where potential offenders may travel. ITEM 6.C.3 BOT AGENDA Page 2 The system we have identified is by Vigilant Systems. Vigilant, just purchased by Motorola, provides a nationwide database to its customers of nearly 40 million entries. An agency must be a customer in order to use the system. Vigilant is also the system used by all of our surrounding neighbors and just transitioned to by Brookfield Properties across the country. Besides the national license plate data access, there is an optional booking photo database that we may elect to participate in or discontinue at any time. We have the control of which agencies we share the data with. All of the DuPage agencies currently with Vigilant participate in this program. Any data access or use is covered by the same rules as our access to Illinois State Police LEADS (Law Enforcement Agencies Data System) data and must adhere to Federal CJIS (Criminal Justice Information System) rules for security and access. We have received a sole source letter and presented three different purchasing scenarios to the Village Board in January that did not include the cost of installation coordinated by Public Works. The Village Board voiced consensus with the option to purchase outright and lock in the maintenance and database expenses for all five years at $166,346. There is a provision in the agreement for a 4% increase year 6 and thereafter for the data access. The Police Department worked with Public Works and determined that there would be a “not to exceed” cost of $30,000 for installation at the two sites. We believe the cost will be under $25,000 as we only need to install one pole, the rest of the equipment will be attached to existing traffic signal poles, reducing the installation cost significantly. Recommendation: Staff requests approval from the Village Board to purchase two Vigilant fixed site LPR systems to be installed with coordination of the Public Works Department. Funds are made available through Ordinance 2019-BU-AMEND-S-1563 in New Equipment. RESOLUTION 2019-PD-PG-R-1792 A RESOLUTION APPROVING THE WAIVER OF COMPETITIVE BIDDING AND AUTHORIZING THE VILLAGE TO ENTER INTO AGREEMENTS WITH VIGILANT SOLUTIONS TO LICENSE SOFTWARE PRODUCTS AND SOFTWARE SERVICE TO PERMIT LICENSE PLATE RECOGNITION WHEREAS, the Village Board requested the Police Department explore additional measures to ensure the safety and quality of life of its residents; and WHEREAS, the Department has determined that utilizing technology to assist in the prevention of criminal activity and the apprehension of criminals would be improved if the Village employed high-quality license plate recognition systems and software to enable the Department to access a nationwide database of wanted vehicles: and WHEREAS, the Department identified only one provider that could provide access to data of commercial vehicle scans from the asset recovery industry with mapping, analytical tools and remote software assistance and maintenance; and WHEREAS, the Department recommends waiver of competitive bidding pursuant to Section 1-7-7 of the Village Code because the required services are available from only a single source; and WHEREAS, based on the recommendation of Village staff, the information provided, and following due consideration and review; NOW THEREFORE, BE IT RESOLVED BY THE PRESIDENT AND BOARD OF TRUSTEES OF THE VILLAGE OF OAK BROOK, DU PAGE AND COOK COUNTIES, ILLINOIS, as follows: Section 1: Recitals. The foregoing recitals are hereby incorporated into, and made a part of, this Resolution as the findings of the President and Board of Trustees of the Village of Oak Brook. Section 2: Waiver of Competitive Bidding. The Board of Trustees authorizes the adoption of this Resolution without the need for competitive bidding. Section 3: Approval of Agreement. The President and Board of Trustees hereby approve the two Agreements by and between the Village and Vigilant Solutions, LLC in substantially the same form as attached as Exhibit A, and in a final form approved by the Village Attorney. Section 4: Authorization and Execution of the Agreement. The Village Manager and Village Clerk shall be, and hereby are, authorized to execute the Agreement after receipt of the final Agreement fully executed by Vigilant Solutions, LLC. Section 5: Effective Date. This Resolution shall be in full force and effect upon passage and approval in the manner provided by law. [Signature page follows] Resolution 2019-PD-PG-R-1792 Agreements with Vigilant Solutions, LLC 2 of 2 APPROVED THIS ___________ day of March, 2019 Gopal G. Lalmalani Village President PASSED THIS ______ day of March, 2019 Ayes: ___________________________________________________________ Nays: ___________________________________________________________ Absent: __________________________________________________________ ATTEST: _____________________________________ Charlotte K. Pruss Village Clerk 7647 Main Street Fishers Victor NY 14564 Telephone: (585) 758-0200 FAX: (585) 758-0222 Toll Free: (800)-333-0498 salesinfo@britecomputers.com Quote Date of Quote 11/29/2018 Quote # Q78662 Bill To Oak Brook Police Department - IL 1200 Oak Brook Road Oak Brook IL 60523 Ship To Oak Brook Police Department - IL 1200 Oak Brook Road Oak Brook IL 60523 Quote Expiration Date 12/31/2018 Terms PO #Sales Rep Nancy Ann Martin Thank you for choosing Brite! Part Number VIG-VS-LEARN--H VIG-TAS-UL VIG-SSUPLN-COM VIG-VSPTRNG Travel Subtotal VIG-VS-IDP-01A Description One Time Setup Charges Vigilant Hosted/Managed Centralized LPR server via LEARN Vigilant hosted/managed LEARN account**Central repository for all LPR data acquired by each LPR system*Includes Vigilant’s suite of LPR data analytics via online web access**Automated CarDetector software update management**Plate searching, mapping, data mining utilities**Stakeout, Associate Analysis and Locate Analysis**Full administrative security with management auditing*Plug-N-Play an unlimited number of CarDetector LPR systems**Requires NO server hardware, NO server maintenance*Requires Vigilant Enterprise Service Agreement contract Target Alert Service - LPR Alert Delivery Software - Unlimited User Vigilant Start Up & Configuration of Hosted/Managed LEARN Server Account New client account setup via national LPR server*Required for all hosted/managed LEARN client accounts Vigilant End User Training for LPR Systems End user training for Vigilant products**Covers all client purchased applications**Includes classroom and field operation training*Vigilant certified technician to visit site and perform one training class Travel and Expenses Item Subtotal Annual Departmental Subscription Commercial LPR Data access - Up to 50 Sworn Access to all Vigilant commercially acquired national vehicle location data Qty 1 1 1 1 1 5 Unit Price 0.00 0.00 1,275.00 1,250.00 1,550.00 7,750.00 Extended 0.00 0.00 1,275.00 1,250.00 1,550.00 4,075.00 38,750.00 Page 1 of 3 7647 Main Street Fishers Victor NY 14564 Telephone: (585) 758-0200 FAX: (585) 758-0222 Toll Free: (800)-333-0498 salesinfo@britecomputers.com Page 2 of 3 Quote Date of Quote 11/29/2018 Quote # Q78662 Part Number Subtotal VIG-VSF-100-RXD VIG-VSBSCSVC-01 VIG-SSUPSYS-COM VIG-CDFS-4HWW VIG-VS-SHP-02 VIG-VS-BCAI-P VIG-VS-BCAI-S Subtotal VIG-VSF-100-RXD VIG-VSBSCSVC-01 Description Unlimited use by authorized agency personnel to complete suite of LEARN data analytics Includes full use of hosted/managed LPR server account via LEARN FaceSearch with Vigilant Image Gallery Access For up to 50 Sworn Access to all agency/shared images and Vigilant Image Gallery Unlimited use by authorized agency personnel to all FaceSearch tools Image gallery of up to 5,000 images Item Subtotal Location #1 - Self-Install ReaperXD Fixed LPR Camera System 4 Cameras / 5 Year / $525/camera/year Vigilant LPR Basic Service Package for Hosted/Managed LPR Deployments Managed/hosted server account services by Vigilant**Includes access to all LEARN and CarDetector software updates*Priced per camera per year for up to 14 total camera units registered*Requires new/existing Enterprise Service Agreement (ESA) Vigilant System Start Up & Commissioning of ‘In Field’ LPR system Vigilant technician to visit customer site*Includes system start up, configuration and commissioning of LPR system Fixed Camera LPR System - Extended Hardware Warranty - Year 2 through 5 Fixed LPR System LPR hardware component replacement warranty*Applies to 1-Channel hardware system kit*Valid for 4 years from standard warranty expiration Vigilant Shipping & Handling Charges Applies to each fixed camera LPR System*Shipping Method is FOB Destination Vigilant Fixed Camera Intelligence Box - Primary Vigilant Fixed Camera Intelligence Box - Secondary Item Subtotal Location #2 - Self-Install ReaperXD Fixed LPR Camera System 4 Cameras / 5 Year / $525/camera/year Vigilant LPR Basic Service Package for Hosted/Managed LPR Deployments Managed/hosted server account services by Vigilant**Includes access to all LEARN and Qty 4 5 4 4 4 1 1 4 5 Unit Price 8,995.00 2,100.00 875.00 2,100.00 55.00 3,899.00 1,299.00 8,995.00 2,100.00 Extended 38,750.00 35,980.00 10,500.00 3,500.00 8,400.00 220.00 3,899.00 1,299.00 63,798.00 35,980.00 10,500.00 7647 Main Street Fishers Victor NY 14564 Telephone: (585) 758-0200 FAX: (585) 758-0222 Toll Free: (800)-333-0498 salesinfo@britecomputers.com Page 3 of 3 Quote Date of Quote 11/29/2018 Quote # Q78662 Part Number VIG-SSUPSYS-COM VIG-CDFS-4HWW VIG-VS-SHP-02 VIG-VS-BCAI-P VIG-VS-BCAI-S Subtotal Description CarDetector software updates*Priced per camera per year for up to 14 total camera units registered*Requires new/existing Enterprise Service Agreement (ESA) Vigilant System Start Up & Commissioning of ‘In Field’ LPR system Vigilant technician to visit customer site*Includes system start up, configuration and commissioning of LPR system Fixed Camera LPR System - Extended Hardware Warranty - Year 2 through 5 Fixed LPR System LPR hardware component replacement warranty*Applies to 1-Channel hardware system kit*Valid for 4 years from standard warranty expiration Vigilant Shipping & Handling Charges Applies to each fixed camera LPR System*Shipping Method is FOB Destination Vigilant Fixed Camera Intelligence Box - Primary Vigilant Fixed Camera Intelligence Box - Secondary Item Subtotal Qty 4 4 4 1 1 Unit Price 875.00 2,100.00 55.00 3,899.00 1,299.00 Extended 3,500.00 8,400.00 220.00 3,899.00 1,299.00 63,798.00 Subtotal Discount (New Customer) Total 170,421.00 -4,075.00 $166,346.00 Q78662 “Building Relationships, Strengthening Partnerships, Providing Solutions” For Technical Support call (800) 333-0498 (option 1) 1152 Stealth Street Livermore, California, USA 94551 © Vigilant Solutions Proprietary & Confidential Page | 1 December 5th, 2018 Deputy Chief Jason Cates Oak Brook Police Department 1200 Oak Brook Road Oak Brook, IL 60523 Deputy Chief Cates: I am very happy that the Oak Brook Police Department is considering Vigilant Solutions for their Investigative needs. I am pleased to present you with the following elements which should support a sole source justification for Vigilant Solutions. • Vigilant Solutions offers a centralized, hosted LPR solution which eliminates any requirements of server hardware, database expertise, and software maintenance from your Agency. This hosted offering is made available by Vigilant. This service from Vigilant provides data storage, database optimization, and software updates. • Vigilant Solutions understands that criminal activity is transient, expanding beyond the borders of Oak Brook – particularly as it relates to drug activity and trafficking. Therefore, one of the paramount ways in which to generate investigative leads in these cases is the ability to tap into LPR data from across the country. With Vigilant’s unmatched data sharing capabilities, Oak Brook will have the potential to access data from over 1,400 other law enforcement agencies in the US – including over two dozen other agencies throughout the State of Illinois. • Vigilant Solutions owns and manages the single largest license plate recognition (LPR) data sharing initiative, formerly known as the National Vehicle Location Service (NVLS). Our exclusive database (made up of commercial vehicle scans from the asset recovery industry) consists of over 9 billion LPR scans and is growing at a rate of 150 million per month. This extensive LPR data set provides intangible value from an investigative perspective. This is data available through no other source in the world. • Vigilant Solutions provides a comprehensive data analytics platform that cannot be found with any other LPR solution in the market. One of our most standout features is the ability to search your LPR detections just by the Year, Make and/or Model of a suspect vehicle (without even knowing a license plate). If the only information you have from a witness is a vehicle description, Vigilant can still help you to generate investigative leads. • Vigilant Solutions offers an exclusive feature known as Stakeout allowing for multiple points of interest to be defined on a map, with corresponding geo-zones and times/dates, for the location of “common plates” that are seen in more than one of the locations of interest. This feature facilitates investigations into pattern crimes (robberies, burglaries, sex offenses, etc.) for generating leads into the identification of serial offenders. Vigilant Solutions also offers an exclusive analytic tool known as Associate Analysis. Associate Analysis allows for a known plate to be analyzed for possible “associates,” or other license plates that are commonly seen at the same times and locations of the suspect. This can be useful in determining a suspect’s possible associates, identification of associated members of organized criminal enterprises, and also in analyzing a victim’s plate to determine a pattern of premeditation or stalking. 1152 Stealth Street Livermore, California, USA 94551 © Vigilant Solutions Proprietary & Confidential Page | 2 • Vigilant Solutions offers another exclusive analytic tool known as Locate Analysis. Locate Analysis provides a statistical assessment of where to locate a suspect vehicle based on historical LPR data. Locate Analysis group’s historical detections around addresses, and applies aging, popularity, and other metrics to each location to determine the best locations in which to allocate resources when trying to locate a suspect or fugitive. • Vigilant Solutions is the only vendor to provide the ability to administer software updates directly from the back-office. Software updates from Vigilant are made available to Agency Managers in LEARN. This feature saves time for the Agency in administering field software updates. • Vigilant Solutions offers an exclusive feature known as the Mapping Alert Service (MAS). MAS enables the Agency to leverage the data sharing initiative of LEARN to match ALL available LPR data against Agency hotlists and provide “hits” on a map interface with agency-customizable icons. This can be used both to locate vehicles of interest, and also to visualize criminal “hot-spots” for predictive policing efforts. • Vigilant Solutions is the only LPR manufacturer the offers a mobile application for accessing LPR data and investigative tools on any agency-issued smartphone. With a largely remote workforce throughout the City, this tool will be invaluable to your agency. The above qualifications demonstrate why Vigilant Solutions is uniquely qualified to meet the needs of the Oak Brook Police Department. Brite Computers is our Gold Partner reseller for the State of Illinois, and does a fantastic job representing Vigilant Solutions throughout the State. Please let me know if you have any questions or require any further clarifications. On behalf of the entire team at Vigilant Solutions, we thank you for your interest in our solutions and the possibility of providing you our services going forward. Sincerely, Kelly Kyriakos Vigilant Solutions Regional Sales Manager (636)-893-4825 Kelly.kyriakos@vigilantsolutions.com Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 1 of 17 ____________ ____________ VS Initials Affiliate Initials Enterprise Service Agreement (ESA) This Vigilant Solutions Enterprise Service Agreement (the “Agreement”) is made and entered into as of this______ Day of ____________, 201 by and between Vigilant Solutions, LLC , a Delaware corporation, having its principal place of business at 1152 Stealth Street, Livermore, CA 94551 (“Vigilant”) and the Oak Brook Police Department_____________________________________ , a law enforcement agency (LEA) or other governmental agency, having its principal place of business at_1200 Oak Brook Rd., Oak Brook, IL 60523___________________________________________________________(“Affilliate”). WHEREAS, Vigilant designs, develops, licenses and services advanced video analysis software technologies for the law enforcement and security markets; WHEREAS, Vigilant provides access to license plate data as a value-added component of the Vigilant law enforcement package of license plate recognition equipment and software; WHEREAS, Affiliate will separately purchase License Plate Recognition (LPR) hardware components from Vigilant and/or its authorized reseller for use with the Software Products (as defined below); WHEREAS, Affiliate desires to license from and receive service for the Software Products provided by Vigilant; THEREFORE, In consideration of the mutual covenants contained herein this Agreement, Affiliate and Vigilant hereby agree as follows: I. Definitions: “Booking Images” refers to both LEA Booking Images and Commercial Booking Images. “CJIS Security Policy” means the FBI CJIS Security Policy document as published by the FBI CJIS Information Security Officer. “CLK” or “Camera License Key” means an electronic key that will permit each license of Vigilant’s CarDetector brand LPR software or LineUp brand facial recognition software (one CLK per camera) to be used with other Vigilant approved and licensed LPR hardware components (i.e., cameras and other hardware components provided by Vigilant or provided by a Vigilant certified reselling partner that has authority from Vigilant to deliver such Vigilant-authorized components) and Software Products. CLKs shall be not issuable and if issued in error shall be removed and immediately rendered null and void for cameras and other hardware components that are not Vigilant-authorized cameras and other hardware components or are delivered to Affiliate by another vendor that is not a Vigilant certified reselling partner. “Commercial Booking Images” refers to images collected by commercial sources and available on LEARN with a paid subscription. “Commercial LPR Data” refers to LPR data collected by private sources and available on LEARN with a paid subscription. Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 2 of 17 ____________ ____________ VS Initials Affiliate Initials “Criminal Justice Information Services Division” or “CJIS” means the FBI division responsible for the collection, warehousing, and timely dissemination of relevant CJI to the FBI and to qualified law enforcement, criminal justice, civilian, academic, employment, and licensing agencies. “Effective Date” means sixty (60) days subsequent to the date set forth in the first paragraph of this Agreement. “Enterprise License” means a non-exclusive, non-transferable license to install and operate the Software Products, on applicable media provided by Vigilant or Vigilant’s certified reselling partners. This Enterprise Service Agreement allows Affiliate to install the Software Products on such devices, in accordance with the selected Service Package(s), and allow benefits of all rights granted hereunder this Agreement. “LEA Booking Images” refers to images collected by LEAs and available on the Software Service for use by other LEAs. LEA Booking Images are freely available to LEAs at no cost and are governed by the contributing LEA’s policies. “LEA LPR Data” refers to LPR data collected by LEAs and available on LEARN for use by other LEAs. LEA LPR Data is freely available to LEAs at no cost and is governed by the contributing LEA’s retention policy. “Service Fee” means the amount due from Affiliate prior to the renewal of this Agreement as consideration for the continued use of the Software Products and Service Package benefits according to Section VIII of this Agreement. “Service Package” means the Affiliate designated service option(s) which defines the extent of use of the Software Products, in conjunction with any service and/or benefits therein granted as rights hereunder this Agreement. “Service Period” has the meaning set forth in Section III (A) of this Agreement. “Software Products” means Vigilant’s Law Enforcement & Security suite of Software Products including CarDetector, Law Enforcement Archival & Reporting Network (LEARN), PlateSearch, Mobile Companion for Smartphones, Target Alert Service (TAS) server/client alerting package, FaceSearch, LineUp, and other software applications considered by Vigilant to be applicable for the benefit of law enforcement and security practices. Software Products shall only be permitted to function on approved Vigilant cameras and other hardware components provided by Vigilant or through Vigilant certified reselling partners. Software Products shall not be permitted to operate on third-party provided or not Vigilant-authorized hardware components, and if found to be operating on third-party provided hardware components Software Products shall be promptly removed by Affiliate. “Technical Support Agents” means Affiliate’s staff person specified in the Contact Information Worksheet of this Agreement responsible for administering the Software Products and acting as Affiliate’s Software Products support contact. “User License” means a non-exclusive, non-transferable license to install and operate the Software Products, on applicable media, limited to a single licensee. “Users” refers to individuals who are agents and/or sworn officers of the Affiliate and who are authorized by the Affiliate to access LEARN on behalf of Affiliate through login credentials provided by Affiliate. II. Enterprise License Grant; Duplication and Distribution Rights: Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 3 of 17 ____________ ____________ VS Initials Affiliate Initials Subject to the terms and conditions of this Agreement, Vigilant hereby grants Affiliate an Enterprise License to the Software Products for the Term provided in Section III below. Except as expressly permitted by this Agreement, Affiliate or any third party acting on behalf of Affiliate shall not copy, modify, distribute, loan, lease, resell, sublicense or otherwise transfer any right in the Software Products. Except as expressly permitted by this Agreement, no other rights are granted by implication, estoppels or otherwise. Affiliate shall not eliminate, bypass, or in any way alter the copyright screen (also known as the “splash” screen) that may appear when Software Products are first started on any computer. Any use or redistribution of Software Products in a manner not explicitly stated in this Agreement, or not agreed to in writing by Vigilant, is strictly prohibited. III. Term; Termination. A. Term. The initial term of this Agreement is for one (1) year beginning on the Effective Date (the “Initial Term”), unless earlier terminated as provided herein. Sixty (60) days prior to the expiration of the Initial Term and each subsequent Service Period, Vigilant will provide Affiliate with an invoice for the Service Fee due for the subsequent twelve (12) month period (each such period, a “Service Period”). This Agreement and the Enterprise License granted under this Agreement will be extended for a Service Period upon Affiliate’s payment of that Service Period’s Service Fee, which is due 30 days prior to the expiration of the Initial Term or the existing Service Period, as the case may be. Pursuant to Section XIII below, Affiliate may also pay in advance for more than one Service Period. B. Affiliate Termination. Affiliate may terminate this Agreement at any time by notifying Vigilant of the termination in writing thirty (30) days prior to the termination date and deleting all copies of the Software Products. If Affiliate terminates this Agreement prior to the end of the Initial Term, Vigilant will not refund or prorate any license fees, nor will it reduce or waive any license fees still owed to Vigilant by Affiliate. Upon termination of the Enterprise License, Affiliate shall immediately cease any further use of Software Products. Affiliate may also terminate this agreement by not paying an invoice for a subsequent year’s Service Fee within sixty (60) days of invoice issue date. C. Vigilant Termination. Vigilant has the right to terminate this Agreement by providing thirty (30) days written notice to Affiliate. If Vigilant’s termination notice is based on an alleged breach by Affiliate, then Affiliate shall have thirty (30) days from the date of its receipt of Vigilant’s notice of termination, which shall set forth in detail Affiliate’s purported breach of this Agreement, to cure the alleged breach. If within thirty (30) days of written notice of violation from Vigilant Affiliate has not reasonably cured the described breach of this Agreement, Affiliate shall immediately discontinue all use of Software Products and certify to Vigilant that it has returned or destroyed all copies of Software Products in its possession or control. If Vigilant terminates this Agreement prior to the end of a Service Period for breach, no refund for any unused Service Fees will be provided. If Vigilant terminates this Agreement prior to the end of a Service Period for no reason, and not based on Affiliate’s failure to cure the breach of a material term or condition of this Agreement, Vigilant shall refund to Affiliate an amount calculated by multiplying the total amount of Service Fees paid by Affiliate for the then-current Service Period by the percentage resulting from dividing the number of days remaining in the then-current Service Period, by 365. IV. Warranty and Disclaimer; Infringement Protection; Use of Software Products Interface. A. Warranty and Disclaimer. Vigilant warrants that the Software Products will be free from all Significant Defects (as defined below) during the term of this Agreement (the “Warranty Period”). “Significant Defect” means a defect in a Software Product that impedes the primary function of the Software Product. This warranty does not include Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 4 of 17 ____________ ____________ VS Initials Affiliate Initials products not manufactured by Vigilant. Vigilant will repair or replace any Software Product with a Significant Defect during the Warranty Period; provided, however, if Vigilant cannot substantially correct a Significant Defect in a commercially reasonable manner, Affiliate may terminate this Agreement and Vigilant shall refund to Affiliate an amount calculated by multiplying the total amount of Service Fees paid by Affiliate for the then-current Service Period by the percentage resulting from dividing the number of days remaining in the then-current Service Period, by 365. The foregoing remedies are Affiliate’s exclusive remedy for defects in the Software Product. Vigilant shall not be responsible for labor charges for removal or reinstallation of defective software, charges for transportation, shipping or handling loss, unless such charges are due to Vigilant's gross negligence or intentional misconduct. Vigilant disclaims all warranties, expressed or implied, including but not limited to implied warranties of merchantability and fitness for a particular purpose. In no event shall Vigilant be liable for any damages whatsoever arising out of the use of, or inability to use, the Software Products. B. Infringement Protection. If an infringement claim is made against Affiliate by a third-party in a court of competent jurisdiction regarding Affiliate’s use of any of the Software Products, Vigilant shall indemnify Affiliate, and assume all legal responsibility and costs to contest any such claim. If Affiliate's use of any portion of the Software Products or documentation provided to Affiliate by Vigilant in connection with the Software Products is enjoined by a court of competent jurisdiction, Vigilant shall do one of the following at its option and expense within sixty (60) days of such enjoinment: (1) Procure for Affiliate the right to use such infringing portion; (2) replace such infringing portion with a non-infringing portion providing equivalent functionality; or (3) modify the infringing portion so as to eliminate the infringement while providing equivalent functionality. C. Use of Software Products Interface. Under certain circumstances, it may be dangerous to operate a moving vehicle while attempting to operate a touch screen or laptop screen and any of their applications. It is agreed by Affiliate that Affiliate’s users will be instructed to only utilize the interface to the Software Products at times when it is safe to do so. Vigilant is not liable for any accident caused by a result of distraction such as from viewing the screen while operating a moving vehicle. V. Software Support, Warranty and Maintenance. Affiliate will receive technical support by submitting a support ticket to Vigilant’s company support website or by sending an email to Vigilant’s support team. Updates, patches and bug fixes of the Software Products will be made available to Affiliate at no additional charge, although charges may be assessed if the Software Product is requested to be delivered on physical media. Vigilant will provide Software Products support to Affiliate’s Technical Support Agents through e-mail, fax and telephone. VI. Camera License Keys (CLKs). Affiliate is entitled to use of the Software Products during the term of this Agreement to set up and install the Software Products on an unlimited number of media centers within Affiliate’s agency in accordance with selected Service Options. As Affiliate installs additional units of the Software Products and connects them to LPR cameras, Affiliate is required to obtain a Camera License Key (CLK) for each camera installed and considered in active service. A CLK can be obtained by Affiliate by going to Vigilant’s company support website and completing the online request form to Vigilant technical support staff. Within two (2) business days of Affiliate’s application for a CLK, Affiliate’s Technical Support Agent will receive the requested CLK that is set to expire on the last day of the Initial Term or the then-current Service Period, as the case may be. Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 5 of 17 ____________ ____________ VS Initials Affiliate Initials VII. Ownership of Software. A. Ownership of Software Products. The Software Products are copyrighted by Vigilant and remain the property of Vigilant. The license granted under this Agreement is not a sale of the Software Products or any copy. Affiliate owns the physical media on which the Software Products are installed, but Vigilant retains title and ownership of the Software Products and all other materials included as part of the Software Products. B. Rights in Software Products. Vigilant represents and warrants that: (1) it has title to the Software and the authority to grant license to use the Software Products; (2) it has the corporate power and authority and the legal right to grant the licenses contemplated by this Agreement; and (3) it has not and will not enter into agreements and will not take or fail to take action that causes its legal right or ability to grant such licenses to be restricted. VIII. Data Sharing, Access and Security. If Affiliate is a generator as well as a consumer of LPR Data and or LEA Booking Images, Affiliate at its option may share its LEA LPR Data and or LEA Booking Images with similarly situated LEAs who contract with Vigilant to access LEARN (for example, LEAs who share LEA LPR Data with other LEAs). Vigilant will not share any LEA LPR Data or LEA Booking Images generated by the Affiliate without the permission of the Affiliate. Vigilant has implemented procedures to allow for adherence to the FBI CJIS Security Policy. The hosting facility utilizes access control technologies that meet or exceed CJIS requirements. In addition, Vigilant has installed and configured network intrusion prevention appliances, as well as ensured that the configuration of the Microsoft environment adhere to the Windows Server Security Guide. IX. Ownership and use of Data. Vigilant retains all title and rights to Commercial LPR Data and all Commercial Booking Images. Users shall not utilize Commercial LPR Data or Commercial Booking Images on the behalf of other local, state or Federal LEAs. Affiliate retains all rights to LEA LPR Data and LEA Booking Images generated by the Affiliate. Should Affiliate terminate agreement with Vigilant, a copy of all LEA LPR Data and LEA Booking Images generated by the Affiliate will be created and provided to the Affiliate. After the copy is created, all LEA LPR Data and LEA Booking Images generated by the Affiliate will be deleted from LEARN at the written request of an authorized representative of the Affiliate or per the Affiliate’s designated retention policy, whichever occurs first. Commercial LPR Data, Commercial Booking Images, LEA LPR Data and LEA Booking Images should be used by the Affiliate for law enforcement purposes only. X. Loss of Data, Irregularities and Recovery. Vigilant places imperative priority on supporting and maintaining data center integrity. Using redundant disk arrays, there is a virtual guarantee that any hard disk failure will not result in the corruption or loss of the valuable LPR data that is essential to the LEARN system and clients. XI. Data Retention and Redundancy. Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 6 of 17 ____________ ____________ VS Initials Affiliate Initials LEA LPR Data and LEA Booking Images are governed by the contributing LEA’s retention policy. LEA LPR Data that reaches its expiration date will be deleted from LEARN. Vigilant’s use of redundant power sources, fiber connectivity and disk arrays ensure no less than 99% uptime of the LEARN LPR database server system. XII. Account Access. A. Eligibility. Affiliate shall only authorize individuals who satisfy the eligibility requirements of “Users” to access LEARN. Vigilant in its sole discretion may deny access to LEARN to any individual based on such person’s failure to satisfy such eligibility requirements. User logins are restricted to agents and sworn officers of the Affiliate. No User logins may be provided to agents or officers of other local, state, or Federal LEAs without the express written consent of Vigilant. B. Security. Affiliate shall be responsible for assigning an Agency Manager who in turn will be responsible for assigning to each of Affiliate’s Users a username and password (one per user account). A limited number of User accounts is provided. Affiliate will cause the Users to maintain username and password credentials confidential and will prevent use of such username and password credentials by any unauthorized person(s). Affiliate shall notify Vigilant immediately if Affiliate believes the password of any of its Users has, or may have, been obtained or used by any unauthorized person(s). In addition, Affiliate must notify Vigilant immediately if Affiliate becomes aware of any other breach or attempted breach of the security of any of its Users’ accounts. C. CJIS Requirements. Affiliate certifies that its LEARN users shall comply with the CJIS requirements outlined in Exhibit B. XIII. Service Package, Fees and Payment Provisions. A. Service Package. This Enterprise License Agreement is based on one (1) of the three (3) following Service Package Options. Please select one (1) Service Package below: Service Package - Basic LPR Service Package: • Vigilant Managed/Hosted LPR server LEARN Account • Access to all Vigilant Software including all upgrades and updates • Unlimited user licensing for the following applications: o LEARN, CarDetector and TAS Service Package - Option # 1 – Standard LPR Service Package: • All Basic Service Package benefits • Unlimited use of CarDetector – Mobile Hit Hunter (CDMS-MHH) • Unlimited use of Vigilant’s LPR Mobile Companion smartphone application Service Package - Option # 2 – ‘Intelligence-Led Policing (ILP)’ Service Package: • All Service Package Option # 1 benefits • Mobile LPR hardware up to level of Tier (see Exhibit A) • Use of Vigilant Facial Recognition technologies up to level of Tier • FaceSearch Account Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 7 of 17 ____________ ____________ VS Initials Affiliate Initials • FaceSearch Mobile Companion • Templates up to limit for FaceSearch Account (details in Exhibit A) • Tiered based on size of department (Tier 1A up to 50 sworn officers Tier 1 up to 100 sworn officers, Tier 2 up to 200 sworn officers, Tier 3 up to 500 sworn officers, Tier 4 up to 1,000 sworn officers, Tier 5 up to 1,500 sworn officers, Tier 6 up to 2,000 sworn officers) • States, Federal Agencies, and Departments with greater than 2,000 sworn fall under a, “Custom” Tier which will be defined in the Annual Service Fee Schedule if applicable. B. Service Fee. Payment of each Service Fee entitles Affiliate to all rights granted under this Agreement, including without limitation, use of the Software Products for the relevant Service Period, replacement of CLKs, and access to the updates and releases of the Software Products and associated equipment driver software to allow the Software Products to remain current and enable the best possible performance. The annual Service Fee due for a particular Service Period is based on the number of current Vigilant issued CLK’s at the time of Service Fee invoicing, and which will be used by Affiliate in the upcoming Service Period. A schedule of annual Service Fees is shown below: Annual Service Fee Schedule (multiplied by number of CLK’s Issued) Total # of CLK’s under this ESA 0-14 CLK’s 15-30 CLK’s 31-60 CLK’s Over 60 Basic Service $525.00 $450.00 $400.00 $275.00 Standard (Option # 1) $750.00 $640.00 $565.00 $390.00 ILP Subscriber CLK Renewal Fees $525.00 $450.00 $400.00 $275.00 Intelligence-Led Policing Service Package Annual Fee Schedule Tier ILP Annual Fee ILP Tier 1 (Option #2) $14,995.00 ILP Tier 2 (Option #2) $34,495.00 ILP Tier 3 (Option #2) $59,995.00 ILP Tier 4 (Option #2) $89,995.00 ILP Tier 5 (Options #2) $119,995.00 ILP Tier 6 (Option #2) $154,995.00 Annual Service Fee Schedule for Image Enrollment (applicable to FaceSearch/LineUp) 5,000 Images $750.00 Payment of the Service Fee is due thirty (30) days prior to the renewal of the then-current Service Period. All Service Fees are exclusive of any sales, use, value-added or other federal, state or local taxes (excluding taxes based on Vigilant’s net income) and Affiliate agrees to pay any such tax. Service Fees may increase by no higher than 4% per year for years after the initial five (5) year prepayment of this agreement. For ILP (Option # 2) Tier packages, the Tier Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 8 of 17 ____________ ____________ VS Initials Affiliate Initials amount is due for subsequent periods and Basic Service CLK fees are due for all cameras from previous periods (this is in addition to the Annual Subscription Fee). Affiliate and Vigilant agree that the number of CLKs issued as of the Effective Date of this Agreement is_____[Insert Quantity]. All future additions of CLKs shall only be those as provided for in the definitions provided above. C. Advanced Service Fee Payments. Vigilant will accept advanced Service Fee payments on a case by case basis for Affiliates who wish to lock in the Service Fee rates for subsequent periods at the rates currently in effect, as listed in the table above. If Affiliate makes advanced Service Fee payments to Vigilant, advanced payments to Vigilant will be applied in full to each subsequent Service Period’s Service Fees until the balance of the credits is reduced to a zero balance. System based advanced credits shall be applied to subsequent Service Fees in the amount that entitles Affiliate continued operation of the designated camera unit systems for the following Service Period until the credits are reduced to a zero balance. D. Price Adjustment. Vigilant has the right to increase or decrease the annual Service Fee from one Service Period to another; provided, however, that in no event will a Service Fee be increased by more than 4% of the prior Service Period’s Service Fees. If Vigilant intends to adjust the Service Fee for a subsequent Service Period, it must give Affiliate notice of the proposed increase on or before the date that Vigilant invoices Affiliate for the upcoming Service Period. XIV. Miscellaneous. A. Limitation of Liability. IN NO EVENT SHALL VIGILANT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES INCLUDING DAMAGES FOR LOSS OF USE, DATA OR PROFIT, ARISING OUT OF OR CONNECTED WITH THE USE OF THE SOFTWARE PRODUCTS, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF VIGILANT HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES. IN NO EVENT WILL VIGILANT’S LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT EXCEED THE FEES PAID BY AFFILIATE TO VIGILANT FOR THE SOFTWARE PRODUCTS LICENSED UNDER THIS AGREEMENT. B. Confidentiality. Affiliate acknowledges that Software Products contain valuable and proprietary information of Vigilant and Affiliate will not disassemble, decompile or reverse engineer any Software Products to gain access to confidential information of Vigilant. C. Assignment. Neither Vigilant nor Affiliate is permitted to assign this Agreement without the prior written consent of the other party. Any attempted assignment without written consent is void. D. Amendment; Choice of Law. No amendment or modification of this Agreement shall be effective unless in writing and signed by authorized representatives of the parties. This Agreement shall be governed by the laws of the state of California without regard to its conflicts of law. E. Complete Agreement. This Agreement constitutes the final and complete agreement between the parties with respect to the subject matter hereof, and supersedes any prior or contemporaneous agreements, written or oral, with respect to such subject matter. Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 9 of 17 ____________ ____________ VS Initials Affiliate Initials F. Relationship. The relationship created hereby is that of contractor and customer and of licensor and Affiliate. Nothing herein shall be construed to create a partnership, joint venture, or agency relationship between the parties hereto. Neither party shall have any authority to enter into agreements of any kind on behalf of the other and shall have no power or authority to bind or obligate the other in any manner to any third party. The employees or agents of one party shall not be deemed or construed to be the employees or agents of the other party for any purpose whatsoever. Each party hereto represents that it is acting on its own behalf and is not acting as an agent for or on behalf of any third party. G. No Rights in Third Parties. This agreement is entered into for the sole benefit of Vigilant and Affiliate and their permitted successors, executors, representatives, administrators and assigns. Nothing in this Agreement shall be construed as giving any benefits, rights, remedies or claims to any other person, firm, corporation or other entity, including, without limitation, the general public or any member thereof, or to authorize anyone not a party to this Agreement to maintain a suit for personal injuries, property damage, or any other relief in law or equity in connection with this Agreement. H. Construction. The headings used in this Agreement are for convenience and ease of reference only, and do not define, limit, augment, or describe the scope, content or intent of this Agreement. Any term referencing time, days or period for performance shall be deemed calendar days and not business days, unless otherwise expressly provided herein. I. Severability. If any provision of this Agreement shall for any reason be held to be invalid, illegal, unenforceable, or in conflict with any law of a federal, state, or local government having jurisdiction over this Agreement, such provision shall be construed so as to make it enforceable to the greatest extent permitted, such provision shall remain in effect to the greatest extent permitted and the remaining provisions of this Agreement shall remain in full force and effect. J. Federal Government. Any use, copy or disclosure of Software Products by the U.S. Government is subject to restrictions as set forth in this Agreement and as provided by DFARS 227.7202-1(a) and 227.7202-3(a) (1995), DFARS 252.227-7013(c)(1)(ii) (Oct 1988), FAR 12.212(a)(1995), FAR 52.227-19, or FAR 52.227 (ALT III), as applicable. K. Right to Audit. Affiliate, upon thirty (30) days advanced written request to Vigilant, shall have the right to investigate, examine, and audit any and all necessary non-financial books, papers, documents, records and personnel that pertain to this Agreement and any other Sub Agreements. L. Notices; Authorized Representatives; Technical Support Agents. All notices, requests, demands, or other communications required or permitted to be given hereunder must be in writing and must be addressed to the parties at their respective addresses set forth below and shall be deemed to have been duly given when (a) delivered in person; (b) sent by facsimile transmission indicating receipt at the facsimile number where sent; (c) one (1) business day after being deposited with a reputable overnight air courier service; or (d) three (3) business days after being deposited with the United States Postal Service, for delivery by certified or registered mail, postage pre-paid and return receipt requested. All notices and communications regarding default or termination of this Agreement shall be delivered by hand or sent by certified mail, postage pre-paid and return receipt requested. Either party may from time to time change the notice address set forth below by delivering 30 days advance notice to the other party in accordance with this section setting forth the new address and the date on which it will become effective. Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 10 of 17 ____________ ____________ VS Initials Affiliate Initials Vigilant Solutions, LLC Attn: Sales Administration 1152 Stealth Street Livermore, CA 94551 Affiliate: __________________________ Attn: __________________________ Address: __________________________ ___________________________ M. Authorized Representatives; Technical Support Agents. Affiliate’s Authorized Representatives and its Technical Support Agents are set forth below in the Contact Information Worksheet. Affiliate’s Authorized Representative is responsible for administering this Agreement and Affiliate’s Technical Support Agents are responsible for administering the Software Products and acting as Affiliate’s Software Products support contact. Either party may from time to time change its Authorized Representative, and Affiliate may from time to time change its Technical Support Agents, in each case, by delivering 30 days advance notice to the other party in accordance with the notice provisions of this Agreement. N. Facial Recognition Image Integration. Affiliate may elect, at its sole discretion, to have Vigilant enable the ability for the Affiliate’s existing facial recognition images to be imported into its FaceSearch gallery. This process requires some reformatting of the data for compatibility. The data remains property of the Affiliate, is maintained according to the retention policy set by the Affiliate and is shared to other agencies under the rules defined by the Affiliate. This service is at an additional cost. Vigilant uses a third-party service from The Center for Law Enforcement Technology, Training, & Research, Inc. (LETTR) to deliver this service. If the Affiliate elects to use this service, it acknowledges that The Center for Law Enforcement Technology, Training, & Research, Inc. a non-profit, 501(c)(3) corporation, working under contract with Vigilant and acting on behalf of the Affiliate, will perform the described services for law enforcement information sharing purposes. Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 11 of 17 IN WITNESS WHEREOF, the parties have executed the Agreement as of the Effective Date. Manufacturer: Vigilant Solutions, LLC Authorized Agent: Bill Quinlan Title: Vice President Sales Operations Date: ____________________________________________________ Signature: ____________________________________________________ Affiliate Organization: ____________________________________________________ Authorized Agent: ____________________________________________________ Title: ____________________________________________________ Date: ____________________________________________________ Signature: ____________________________________________________ Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 12 of 17 Enterprise Service Agreement Contact Information Worksheet Please complete the following contact information for your Vigilant Solutions Enterprise License program. Enterprise License Agreement Holder Company / Agency Name: Company / Agency Type: Address: Primary Contact Name: Title: Phone: Email: Supervisor Information Name: Title: Phone: Email: Financial Contact (Accounts Payable) Name: Title: Phone: Email: Technical Support Contact # 1 Name: Title: Phone: Email: Technical Support Contact # 2 Name: Title: Phone: Email: For questions or concerns, please contact Vigilant Solutions' sales team: sales@vigilantsolutions.com 1-925-398-2079 Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 13 of 17 Exhibit A: Option # 2 ILP Tier Package Components Item Description ILP Bundle for Agencies of Up to 100 Sworn Includes: - Agency license for LEARN SaaS - Unlimited access to Commercial LPR data - One (1) 3-Camera Mobile LPR System - First year of Basic and Standard Service Packages - LEARN-Mobile Companion - Mobile Hit Hunter - Agency license for FaceSearch - Image gallery up to 5,000 images ILP Bundle for Agencies of 101 to 200 Sworn Includes: - Agency license for LEARN SaaS - Unlimited access to Commercial LPR data - Two (2) 3-Camera Mobile LPR Systems - First year of Basic and Standard Service Packages - LEARN-Mobile Companion - Mobile Hit Hunter - Agency license for FaceSearch - Image gallery up to 20,000 images ILP Bundle for Agencies of 201 to 500 Sworn Includes: - Agency license for LEARN SaaS - Unlimited access to Commercial LPR data - Three (3) 3-Camera Mobile LPR Systems - First year of Basic and Standard Service Packages - LEARN-Mobile Companion - Mobile Hit Hunter - Agency license for FaceSearch - Image gallery up to 50,000 images ILP Bundle for Agencies of 501 to 1,000 Sworn Includes: - Agency license for LEARN SaaS - Unlimited access to Commercial LPR data - Four (4) 3-Camera Mobile LPR Systems - First year of Basic and Standard Service Packages - LEARN-Mobile Companion - Mobile Hit Hunter - Agency license for FaceSearch - Image gallery up to 75,000 images Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 14 of 17 ILP Bundle for Agencies of 1,001 to 1,500 Sworn Includes: - Agency license for LEARN SaaS - Unlimited access to Commercial LPR data - Four (4) 3-Camera Mobile LPR Systems - First year of Basic and Standard Service Packages - LEARN-Mobile Companion - Mobile Hit Hunter - Agency license for FaceSearch - Image gallery up to 100,000 images ILP Bundle for Agencies of 1,501 to 2,000 Sworn Includes: - Agency license for LEARN SaaS - Unlimited access to Commercial LPR data - Five (5) 3-Camera Mobile LPR Systems - First year of Basic and Standard Service Packages - LEARN-Mobile Companion - Mobile Hit Hunter - Agency license for FaceSearch - Image gallery up to 200,000 images Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 15 of 17 Exhibit B: CJIS Requirements Vigilant and the Affiliate agree on the importance of data security, integrity and system availability and that these security objectives will only be achieved through shared responsibility. Vigilant and the Affiliate agree they will more likely be successful with information security by use of the Vigilant supplied technical controls and client Affiliate use of those controls; in conjunction with agency and personnel policies to protect the systems, data and privacy. Vigilant and the Affiliate agree that Affiliate owned and FBI-CJIS supplied data in Vigilant systems does not meet the definition of FBI-CJIS provided Criminal Justice Information (CJI). Regardless, Vigilant agrees to treat the Affiliate- supplied information in Vigilant systems as CJI. Vigilant will strive to meet those technical and administrative controls; ensuring the tools are in place for the proper protection of systems, information and privacy of individuals to the greatest degree possible. Vigilant and the Affiliate agree that information obtained or incorporated into Vigilant systems may be associated with records that are sensitive in nature having, tactical, investigative and Personally Identifiable Information. As such, that information will be treated in accordance with applicable laws, policies and regulations governing protection and privacy of this type of data. Vigilant and the Affiliate agree that products and services offered by Vigilant are merely an investigative tool to aid the client in the course of their duties and that Vigilant make no claims that direct actions be initiated based solely upon the information responses or analytical results. Further, Vigilant and the Affiliate agree that the Affiliate is ultimately responsible for taking the appropriate actions from results, hits, etc. generated by Vigilant products and require ongoing training, human evaluation, verifying the accuracy and currency of the information, and appropriate analysis prior to taking any action. As such, the parties agree to do the following: Vigilant: 1. Vigilant has established the use of FBI-CJIS Security Policy as guidance for implementing technical security controls in an effort to meet or exceed those Policy requirements. 2. Vigilant agrees to appoint a CJIS Information Security Officer to act as a conduit to the client Contracting Government Agency, Agency Coordinator, to receive any security policy information and disseminate to the appropriate staff. 3. Vigilant agrees to adhere to FBI-CJIS Security Policy Awareness Training and Personnel Screening standards as required by the Affiliate. 4. Vigilant agrees, by default, to classify all client supplied data and information related to client owned infrastructure, information systems or communications systems as “Criminal Justice Data”. All client information will be treated at the highest level of confidentiality by all Vigilant staff and authorized partners. Vigilant has supporting guidance/policies for staff handling the full life cycle of information in physical or electronic form and has accompanying disciplinary procedures for unauthorized access, misuse or mishandling of that information. 5. Vigilant will not engage in data mining, commercial sale, unauthorized access and/or use of any of Affiliate owned data. 6. Vigilant and partners agree to use their formal cyber Incident Response Plan if such event occurs. Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 16 of 17 7. Vigilant agrees to immediately inform Affiliate of any cyber incident or data breach, to include DDoS, Malware, Virus, etc. that may impact or harm client data, systems or operations so proper analysis can be performed and client Incident Response Procedures can be initiated. 8. Vigilant will only allow authorized support staff to access the Affiliate’s account or Affiliate data in support of Affiliate as permitted by the terms of contracts. 9. Vigilant agrees to use training, policy and procedures to ensure support staff use proper handling, processing, storing, and communication protocols for Affiliate data. 10. Vigilant agrees to protect client systems and data by monitoring and auditing staff user activity to ensure that it is only within the purview of system application development, system maintenance or the support roles assigned. 11. Vigilant agrees to inform the Affiliate of any unauthorized, inappropriate use of data or systems. 12. Vigilant will design software applications to facilitate FBI-CJIS compliant information handling, processing, storing, and communication of Affiliate. 13. Vigilant will advise Affiliate when any software application or equipment technical controls are not consistent with meeting FBI-CJIS Policy criteria for analysis and due consideration. 14. Vigilant agrees to use the existing Change Management process to sufficiently plan for system or software changes and updates with Rollback Plans. 15. Vigilant agrees to provide technical security controls that only permit authorized user access to Affiliate owned data and Vigilant systems as intended by the Affiliate and data owners. 16. Vigilant agrees to meet or exceed the FBI-CJIS Security Policy complex password construction and change rules. 17. Vigilant will only provide access to Vigilant systems and Affiliate owned information through Affiliate managed role-based access and applied sharing rules configured by the Affiliate. 18. Vigilant agrees to provide technical controls with additional levels of user Advanced Authentication in Physically Non-Secure Locations. 19. Vigilant agrees to provide compliant FIPS 140-2 Certified 128-bit encryption to Affiliate owned data during transport and storage (“data at rest”) while in the custody and control of Vigilant. 20. Vigilant agrees to provide firewalls and virus protection to protect networks, storage devices and data. 21. Vigilant agrees to execute archival, purges and/or deletion of data as configured by the data owner. 22. Vigilant agrees to provide auditing and alerting tools within the software applications so Affiliate can monitor access and activity of Vigilant support staff and Affiliate users for unauthorized access, disclosure, alteration or misuse of Affiliate owned data. (Vigilant support staff will only have access when granted by the Affiliate.) 23. Vigilant will only perform direct support remote access to Affiliate systems/infrastructure when requested, authorized and physically granted access to the applications/systems by the Affiliate. This activity will be documented by both parties. 24. Vigilant creates and retains activity transaction logs to enable auditing by the Affiliate data owners and Vigilant staff. 25. Vigilant agrees to provide physical protection for the equipment-storing Affiliate data along with additional technical controls to protect physical and logical access to systems and data. 26. Vigilant agrees to participate in any Information or Technical Security Compliance Audit performed by the Affiliate, state CJIS System Agency or FBI-CJIS Division. 27. Vigilant agrees to perform independent employment background screening for its’ staff and participate in additional fingerprint background screening as required by Affiliate. 28. Vigilant agrees that the Affiliate owns all Affiliate contributed data to include “hot-lists”, scans, user information etc., is only shared as designated by the client and remains the responsibility and property of the Affiliate. Vigilant Solutions Enterprise License Agreement ver. 2.8 Page 17 of 17 Affiliate: 1. Affiliate agrees to appoint an Agency Coordinator as a central Point of Contact for all FBI-CJIS Security Policy related matters and to assign staff that are familiar with the contents of the FBI-CJIS Security Policy. 2. Affiliate agrees to have the Agency Coordinator provide timely updates with specific information regarding any new FBI-CJIS, state or local information security policy requirements that may impact Vigilant compliance or system/application development and, to facilitate obtaining certifications, training, and fingerprint-based background checks as required. 3. Affiliate agrees to inform Vigilant when any FBI-CJIS Security Awareness Training, personnel background screening or execution of FBI-CJIS Security Addendum Certifications are required. 4. Affiliate agrees to immediately inform Vigilant of any relevant data breach or cyber incident, to include DDoS, Malware, Virus, etc. that may impact or harm Vigilant systems, operations, business partners and/or other Affiliates, so proper analysis can be performed, and Incident Response Procedures can be initiated. 5. Affiliate agrees that they are responsible for the legality and compliance of information recorded, submitted or placed in Vigilant systems and use of that data. 6. Affiliate agrees that they are responsible for proper equipment operation and placement of equipment. 7. Affiliate agrees that they are responsible for vetting authorized user access to Vigilant systems with due consideration of providing potential access to non-Affiliate information. 8. Affiliate agrees that responsibility and control of persons granted access to purchased Vigilant systems, along with data stored and transmitted via Vigilant systems, is that of the Affiliate. 9. Affiliate agrees that they have responsibility for all data security, handling and data protection strategies from point of acquisition, during transport and until submission (“Hotlist upload”) into Vigilant systems. 10. Affiliate agrees to reinforce client staff policies and procedures for secure storage and protection of Vigilant system passwords. 11. Affiliate agrees to reinforce client staff policies for creating user accounts with only government domain email addresses. Exceptions will be granted in writing. 12. Affiliate agrees to reinforce client staff policies for not sharing user accounts. 13. Affiliate agrees to use Vigilant role-based access as designed to foster system security and integrity. 14. Affiliate agrees that they control, and are responsible for, appropriate use and data storage policies as well as procedures for the data maintained outside the Vigilant systems. This includes when any information is disseminated, extracted or exported out of Vigilant systems. 15. Affiliate agrees that they control and are responsible for developing policies, procedures and enforcement for applying deletion/purging and dissemination rules to information within and outside the Vigilant systems. 16. Affiliate agrees that it is their responsibility to ensure data and system protection strategies are accomplished through the tools provided by Vigilant for account and user management features along with audit and alert threshold features. 17. Affiliate agrees to use the “virtual escorting” security tools provided for managing client system remote access and monitor Vigilant support staff when authorized to assist the client. 18. Affiliate agrees that the Vigilant designed technical controls and tools will only be effective in conjunction with Affiliate created policies and procedures that guide user access and appropriate use of the system. 19. Affiliate agrees that information and services provided through Vigilant products do not provide any actionable information, Affiliate users are responsible for the validity and accuracy of their data and developing procedures to verify information with the record owner and other systems (NCIC) based upon the potential lead generated. Vigilant Solutions – Investigative Data Platform Agreement ver. 1.4 Page 1 of 11 VIGILANT SOLUTIONS – INVESTIGATIVE DATA PLATFORM STATE AND LOCAL LAW ENFORCEMENT AGENCY AGREEMENT This Agreement is made and entered into effective _____________, 201___ (the “Effective Date”) between Vigilant Solutions, LLC, a Delaware corporation (“Vigilant”) and the Oak Brook Police Department____________________________________________, an Originating Agency Identifier (ORI) credentialed law enforcement agency (“Agency”). A. Vigilant stores and disseminates to law enforcement agencies publicly and commercially gathered license plate recognition (LPR) data and booking images as a valued added component of the Vigilant law enforcement package of software; and B. Agency desires to obtain access to Vigilant’s Software Service with available publicly and commercially collected LPR data via the Law Enforcement Archival Reporting Network (LEARN) server and publicly and commercially collected booking images via the FaceSearch server; and C. Agency may separately purchase LPR hardware components from Vigilant and/or its authorized reseller for use with the Software Service (as defined below); NOW, THEREFORE, in consideration of the mutual agreements contained herein and other good and valuable consideration, the receipt and sufficiency of which is acknowledged by the parties, the parties agree as follows: 1. Definitions. (a) Booking Images. Refers to both LEA Booking Images and Commercial Booking Images. (b) Commercial Booking Images. Refers to images collected by commercial sources and available on the Software Service with a paid subscription. (c) Commercial LPR Data. Refers to LPR data collected by private commercial sources and available on the Software Service with a paid subscription. (d) Confidential Information. Refers to any and all (i) rights of Vigilant associated with works of authorship, including exclusive exploitation rights, copyrights, moral rights and mask works, trademark and trade name rights and similar rights, trade secrets rights, patents, designs, algorithms and other industrial property rights, other intellectual and industrial property and proprietary rights of every kind and nature, whether arising by operation of law, by contract or license, or otherwise; and all registrations, applications, renewals, extensions, combinations, divisions or reissues of the foregoing; (ii) product specifications, data, know-how, formulae, compositions, processes, designs, sketches, photographs, graphs, drawings, samples, inventions and ideas, and past, current and planned research and development; (iii) current and planned manufacturing and distribution methods and processes, customer lists, current and anticipated customer requirements, price lists, market studies, and business plans; (iv) computer software and programs (including object code and source code), database technologies, systems, structures, architectures, processes, improvements, devices, discoveries, concepts, methods, and information of Vigilant; (v) any other information, however documented, of Vigilant that is a trade secret within the meaning of applicable state trade secret law or under other applicable law, including but not limited to the Software Service, the Commercial LPR Data and the Booking Images; (vi) information concerning the business and affairs of Vigilant (which includes historical financial statements, financial projections and budgets, historical and projected sales, capital spending budgets and plans, the names and backgrounds of key personnel, contractors, agents, suppliers and potential suppliers, personnel training techniques and materials, and purchasing methods and techniques, however documented; and (vii) notes, analysis, compilations, studies, summaries Vigilant Solutions – Investigative Data Platform Agreement ver. 1.4 Page 2 of 11 and other material prepared by or for Vigilant containing or based, in whole or in part, upon any information included in the foregoing. (e) LEA. Refers to a law enforcement agency. (f) LEA Booking Images. Refers to images collected by LEAs and available on the Software Service for use by other LEAs. LEA Booking Images are freely available to LEAs at no cost and are governed by the contributing LEA’s policies. (g) LEA LPR Data. Refers to LPR data collected by LEAs and available on the Software Service for use by other LEAs. LEA LPR Data is freely available to LEAs at no cost and is governed by the contributing LEA’s retention policy. (h) License Plate Recognition (“LPR”). Refers to the process of utilizing cameras, either stationary or mounted on moving vehicles, to capture and interpret images of vehicle license plates. (i) LPR Data. Refers to both LEA LPR Data and Commercial LPR Data. (j) Software Service. Refers to a web based (hosted) suite of software applications consisting of analytical and investigative software located on a physical database server that also hosts LPR Data and Booking Images. (k) User. Refers to an individual who is an agent and sworn officer of Agency and who is authorized by Agency to access the Software Service on behalf of Agency through login credentials provided by Agency. 2. Licensed Access to the Software Service. (a) Grant of License. During the term of this Agreement, Vigilant grants Agency a non-exclusive, non- transferable right and license to access the Software Service for use in accordance with the terms of this Agreement. (b) Authorized Use. Agency is prohibited from accessing the Software Service other than for law enforcement purposes. (c) Ownership of Commercial LPR Data, Commercial Booking Images, FaceSearch Software and LEARN Software. Except for the rights expressly granted by Vigilant to Agency under this Agreement, Vigilant retains all title and rights to the Commercial LPR Data, Commercial Booking Images, FaceSearch Software and the LEARN Software. Nothing contained in this Agreement shall be deemed to convey to Agency or to any other party any ownership interest in or to any LPR Data, Booking Images, FaceSearch Software or LEARN Software. (d) Restrictions on Use of Software Service. Except as expressly permitted under this Agreement, Agency agrees that it shall not, nor will it permit a User or any other party to, without the prior written consent of Vigilant, (i) copy, duplicate or grant permission to the Software Service or any part thereof; (ii) create, attempt to create, or grant permission to the source program and/or object program associated with the Software Service; (iii) decompile, disassemble or reverse engineer any software component of the Software Service for any reason, including, without limitation, to develop functionally similar computer software or services; or (iv) modify, alter or delete any of the copyright notices embedded in or affixed to the copies of any components of the Software Service. Agency shall instruct each User to comply with the preceding restrictions. (e) Third Party Software and Data. If and to the extent that Vigilant incorporates the software and/or data of any third party into the Software Service, including but not limited to the LEA LPR Data, and use of such third party software and/or data is not subject to the terms of a license agreement directly between Agency and the third party licensor, the license of Agency to such third party software and/or data shall be defined and limited by the license granted to Vigilant by such third party and the license to the Software Service granted by Vigilant under this Agreement. Agency specifically acknowledges that the licensors of such third party software and/or data shall retain all ownership rights thereto, and Agency agrees that it shall not (i) decompile, disassemble or reverse engineer such third party software or otherwise use such third party software for any reason except as expressly permitted herein; (ii) reproduce the data therein for purposes other than those specifically permitted under this Agreement; or (iii) modify, alter or delete any of the copyright notices embedded in or affixed to such third party software. Agency shall instruct each User to comply with the preceding restrictions. Vigilant Solutions – Investigative Data Platform Agreement ver. 1.4 Page 3 of 11 (f) Non-Exclusive Licensed Access. Agency acknowledges that the right or ability of Vigilant to license other third parties to use the Software Service is not restricted in any manner by this Agreement, and that it is Vigilant’s intention to license a number of other LEAs to use the Software Service. Vigilant shall have no liability to Agency for any such action. 3. Other Matters Relating to Access to Software Service. (a) Accessibility. The Software Service, LPR Data, Booking Images and associated analytical tools are accessible to LEAs ONLY. (b) Access to LEA LPR Data. LEA LPR Data is provided as a service to LEAs at no additional charge. (c) Access to LEA Booking Images. LEA Booking Images are provided as a service to LEAs at no additional charge. (d) Eligibility. Agency shall only authorize individuals who satisfy the eligibility requirements of “Users” to access the Software Service. Vigilant in its sole discretion may deny Software Service access to any individual based on such person’s failure to satisfy such eligibility requirements. (e) Account Security (Agency Responsibility). (1) Agency shall be responsible for assigning an account administrator who in turn will be responsible for assigning to each of Agency’s Users a username and password (one per user account). An unlimited number of User accounts is provided. Agency will cause the Users to maintain username and password credentials confidential and will prevent use of such username and password credentials by any unauthorized person(s). Agency shall notify Vigilant immediately if Agency believes the password of any of its Users has, or may have, been obtained or used by any unauthorized person(s). In addition, Agency must notify Vigilant immediately if Agency becomes aware of any other breach or attempted breach of the security of any of its Users’ accounts. (2) User logins are restricted to agents and sworn officers of the Agency. No User logins may be provided to agents or officers of other local, state, or Federal LEAs. LPR Data must reside within the Software Service and cannot be copied to another system, unless Agency purchases Vigilant’s API. Booking Images must reside within the Software Service and cannot be copied to another system, unless Agency purchase Vigilant’s API. (f) Data Sharing. If Agency is a generator as well as a consumer of LEA LPR Data or LEA Booking Images, Agency at its option may share its LEA LPR Data and/or LEA Booking Images with similarly situated LEAs who contract with Vigilant to access the Software Service (for example, LEAs who share LEA LPR Data with other LEAs). (g) Subscriptions. Software Service software applications, LPR Data and Booking Images are available to Agency and its Users on an annual subscription basis based the size of the agency. (h) Application Programming Interface (API). Vigilant offers an API whereby Agency may load LPR Data and/or Booking Images and provide for ongoing updating of LPR Data or Booking Images into a third-party system of Agency’s choosing. This service is offered as an optional service and in addition to the annual subscription fee described in Section 3(g). 4. Restrictions on Access to Software Service. (a) Non-Disclosure of Confidential Information. Agency and each User will become privy to Confidential Information during the term of this Agreement. Agency acknowledges that a large part of Vigilant’s competitive advantage comes from the collection and analysis of this Confidential Information and Agency’s use, except as expressly permitted under this Agreement, and disclosure of any such Confidential Information would cause irreparable damage to Vigilant. (b) Restrictions. As a result of the sensitive nature of the Confidential Information, Agency agrees, except to the extent expressly permitted under this Agreement, (i) not to use or disclose, directly or indirectly, and not to permit Users to use or disclose, directly or indirectly, any LPR location information obtained through Agency’s access to the Software Service or any other Confidential Information; (ii) not to download, copy or reproduce any portion of the LPR Vigilant Solutions – Investigative Data Platform Agreement ver. 1.4 Page 4 of 11 Data and/or Booking Images and other Confidential Information; and (iii) not to sell, transfer, license for use or otherwise exploit the LPR Data and or Booking Images and other Confidential Information in any way. Additionally, Agency agrees to take all necessary precautions to protect the Confidential Information against its unauthorized use or disclosure and exercise at least the same degree of care in safeguarding the Confidential Information as Agency would with Agency’s own confidential information and to promptly advise Vigilant in writing upon learning of any unauthorized use or disclosure of the Confidential Information. (c) Third Party Information. Agency recognizes that Vigilant has received, and in the future will continue to receive, from LEAs associated with Vigilant their confidential or proprietary information (“Associated Third Party Confidential Information”). By way of example, Associated Third Party Confidential Information includes LEA LPR Data and/or LEA Booking Images. Agency agrees, except to the extent expressly permitted by this Agreement, (i) not to use or to disclose to any person, firm, or corporation any Associated Third Party Confidential Information, (ii) not to download, copy, or reproduce any Associated Third Party Confidential Information, and (iii) not to sell, transfer, license for use or otherwise exploit any Associated Third Party Confidential Information. Additionally, Agency agrees to take all necessary precautions to protect the Associated Third Party Confidential Information against its unauthorized use or disclosure and exercise at least the same degree of care in safeguarding the Associated Third Party Confidential Information as Agency would with Agency’s own confidential information and to promptly advise Vigilant in writing upon learning of any unauthorized use or disclosure of the Associated Third Party Confidential Information. (d) Non-Publication. Agency shall not create, publish, distribute, or permit any written, electronically transmitted or other form of publicity material that makes reference to the Software Service or this Agreement without first submitting the material to Vigilant and receiving written consent from Vigilant thereto. This restriction is specifically intended to ensure consistency with other media messaging. (e) Non-Disparagement. Agency agrees not to use proprietary materials or information in any manner that is disparaging. This prohibition is specifically intended to preclude Agency from cooperating or otherwise agreeing to allow photographs or screenshots to be taken by any member of the media without the express consent of Vigilant. Agency also agrees not to voluntarily provide ANY information, including interviews, related to Vigilant, its products or its services to any member of the media without the express written consent of Vigilant. (f) Manner of Use. Agency must use its account in a manner that is consistent with law enforcement ethics and agency policy on the dissemination and use of investigative material. (g) Survival of Restrictions and Other Related Matters. (1) Agency shall cause each User to comply with the provisions of this Section 4. (2) Agency agrees to notify Vigilant immediately upon discovery of any unauthorized use or disclosure of Confidential Information or any other breach of this Section 4 by Agency or any User, and Agency shall reasonably cooperate with Vigilant to regain possession of the Confidential Information, prevent its further unauthorized use, and otherwise prevent any further breaches of this Section 4. (3) Agency agrees that a breach or threatened breach by Agency or a User of any covenant contained in this Section 4 will cause irreparable damage to Vigilant and that Vigilant could not be made whole by monetary damages. Therefore, Vigilant shall have, in addition to any remedies available at law, the right to seek equitable relief to enforce this Agreement. (4) No failure or delay by Vigilant in exercising any right, power or privilege hereunder will operate as a waiver thereof, nor will any single or partial exercise of any such right, power or privilege preclude any other or further exercise thereof. (5) The restrictions set forth in this Section 4 shall survive the termination of this Agreement for an indefinite period of time. Vigilant Solutions – Investigative Data Platform Agreement ver. 1.4 Page 5 of 11 5. Term and Termination. (a) Term. The Initial Term of this Agreement shall be for a term of one (1) year from the Effective Date of this Agreement (the “Initial Term”). Sixty (60) days prior to the expiration of the Initial Term and each subsequent Service Period, Vigilant will provide Agency with an invoice for the Service Fee due for the subsequent twelve (12) month period (each such period, a “Service Period”). This Agreement will be extended for a Service Period upon Agency’s payment of that Service Period’s Service Fee, which is due 30 days prior to the expiration of the Initial Term or the existing Service Period, as the case may be. Agency may also pay in advance for more than one Service Period. (b) Termination. (1) Agency may terminate this Agreement upon thirty (30) days prior written notice to Vigilant for any reason. Agency shall not be entitled to a refund of the service fee, or any portion thereof, if Agency terminates the agreement prior to the end of a Service Period. (2) Vigilant may terminate this Agreement by providing thirty (30) days written notice to Agency for any reason. If Vigilant’s termination notice is based on an alleged breach by Agency, then Agency shall have thirty (30) days from the date of its receipt of Vigilant’s notice of termination, which shall set forth in detail Agency’s purported breach of this Agreement, to cure the alleged breach. If within thirty (30) days of written notice of violation from Vigilant Agency has not reasonably cured the described breach of this Agreement, Agency shall immediately discontinue all use of the LEARN Software Service. If Vigilant terminates this Agreement prior to the end of a Service Period for breach, no refund for any unused Service Fees will be provided. If Vigilant terminates this Agreement prior to the end of a Service Period for no reason, and not based on Agency’s failure to cure the breach of a material term or condition of this Agreement, Vigilant shall refund to Agency an amount calculated by multiplying the total amount of Service Fees paid by Agency for the then-current Service Period by the percentage resulting from dividing the number of days remaining in the then-current Service Period, by 365. (c) Effect of Termination. Upon termination or expiration of this Agreement for any reason, all licensed rights granted in this Agreement will immediately cease to exist and Agency must promptly discontinue all use of the Software Service, erase all LPR Data and/or Booking Images accessed through the Software Service from its computers, including LPR Data and/or Booking Images transferred through an API, and return all copies of any related documentation and other materials. 6. Miscellaneous. (a) Notices. Any notice under this Agreement must be written. Notices must be addressed to the recipient and either (i) hand delivered; (ii) placed in the United States mail, certified, return receipt requested; (iii) deposited with an overnight delivery service; or (iv) sent via e-mail and followed with a copy sent by overnight delivery or regular mail, to the address or e-mail address specified below. Any mailed notice is effective three (3) business days after the date of deposit with the United States Postal Service or the overnight delivery service, as applicable; all other notices are effective upon receipt. A failure of the United States Postal Service to return the certified mail receipt to the dispatcher of such notice will not affect the otherwise valid posting of notice hereunder. Vigilant Solutions – Investigative Data Platform Agreement ver. 1.4 Page 6 of 11 Addresses for all purposes under this Agreement are: Vigilant Solutions, LLC Agency: ___ _____ Attn: Steve Cintron Attn: _______________ 1152 Stealth Street Address: _____ ___ Livermore, California 94551 _______________ Telephone: 925-398-2079 Telephone: ____ _________________ ____ E-mail: steve.cintron@vigilantsolutions.com E-mail: ____________________________ with a copy to: Holland, Johns & Penny, L.L.P. Attn: Margaret E. Holland 306 West Seventh Street, Suite 500 Fort Worth, Texas 76102 Telephone: 817-335-1050 E-mail: meh@hjpllp.com Either party may designate another address for this Agreement by giving the other party at least five (5) business days’ advance notice of its address change. A party’s attorney may send notices on behalf of that party, but a notice is not effective against a party if sent only to that party’s attorney. (b) Disclaimer. Vigilant makes no express or implied representations or warranties regarding Vigilant’s equipment, website, online utilities or their performance, availability, functionality, other than a warranty of merchantability and fitness for the particular purpose of searching for license plate locations in the database and performing other related analytical functions. Any other implied warranties of merchantability or fitness for a particular purpose are expressly disclaimed and excluded. (c) Limitations of Liability. VIGILANT WILL NOT BE LIABLE FOR AGENCY’S USE OF THE LPR DATA, BOOKING IMAGES OR SOFTWARE SERVICE APPLICATIONS AND WILL NOT BE LIABLE TO AGENCY UNDER ANY CIRCUMSTANCES WITH RESPECT TO ANY SUBJECT MATTER OF THIS AGREEMENT UNDER ANY CONTRACT, NEGLIGENCE, TORT, STRICT LIABILITY OR OTHER LEGAL OR EQUITABLE THEORY FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR EXEMPLARY DAMAGES (INCLUDING, WITHOUT LIMITATION, LOSS OF REVENUE OR GOODWILL OR ANTICIPATED PROFITS OR LOST OF BUSINESS). TO THE EXTENT THE FOREGOING LIMITATION OF LIABILITY IS PROHIBITED OR OTHERWISE UNENFORCEABLE VILIGANT’S CUMULATIVE LIABILITY TO AGENCY ARISING OUT OF OR RELATED TO THIS AGREEMENT SHALL NOT EXCEED $10,000.00. (d) Indemnification. Agency agrees to indemnify, defend and hold harmless Vigilant and its employees, representatives, agents, officers, directors, and corporate employees (each, an “Indemnified Party”), against any and all claims, suits, actions, or other proceedings brought against the Indemnified Party based on or arising from any claim (i) resulting from Agency’s or a User’s breach of this Agreement, (ii) that involves any vehicle owned or operated by Agency, (iii) or any employee or independent contractor hired by Agency or (iv) any and all claims based on Agency’s or a User’s actions or omissions. (e) Independent Contractor Status. Each party will at all times be deemed to be an independent contractor with respect to the subject matter of this Agreement and nothing contained in this Agreement will be deemed or construed in any manner as creating any partnership, joint venture, joint enterprise, single business enterprise, employment, agency, fiduciary or other similar relationship. Vigilant Solutions – Investigative Data Platform Agreement ver. 1.4 Page 7 of 11 (f) Assignment of this Agreement. Agency may not assign its rights or obligations under this Agreement to any party, without the express written consent of Vigilant. (g) No Exclusivity. Vigilant may at any time, directly or indirectly, engage in similar arrangements with other parties, including parties which may conduct operations in geographic areas in which Agency operates. Additionally, Vigilant reserves the right to provide LPR Data and Booking Images to third-party entities for purposes of promotions, marketing, business development or any other commercially reasonable reason that Vigilant deems necessary and appropriate. (h) No Reliance. Agency represents that it has independently evaluated this Agreement and is not relying on any representation, guarantee, or statement from Vigilant or any other party, other than as expressly set forth in this Agreement. (i) Governing Law; Venue. THIS AGREEMENT IS GOVERNED BY AND INTERPRETED IN ACCORDANCE WITH THE LAWS OF THE STATE OF ILLINOIS WITHOUT REGARD TO CONFLICTS-OF-LAWS PRINCIPLES. THE PARTIES HERETO CONSENT THAT VENUE OF ANY ACTION BROUGHT UNDER THIS AGREEMENT WILL BE IN DUPAGE COUNTY, ILLINOIS. (j) Amendments. Except as otherwise permitted by this Agreement, no amendment to this Agreement or waiver of any right or obligation created by this Agreement will be effective unless it is in writing and signed by both parties. Vigilant’s waiver of any breach or default will not constitute a waiver of any other or subsequent breach or default. (k) Entirety. This Agreement and the Agency’s purchase order, setting forth Vigilant’s Software Service being purchased by Agency pursuant to this Agreement and the related product code and subscription price, represent the entire agreement between the parties and supersede all prior agreements and communications, oral or written between the parties. Except to the limited extent expressly provided in this Section 6(k), no contrary or additional terms contained in any purchase order or other communication from Agency will be a part of this Agreement. (l) Force Majeure. Neither party will be liable for failure to perform or delay in performing any obligation under this Agreement if nonperformance is caused by an occurrence beyond the reasonable control of such party and without its fault or negligence such as acts of God or the public enemy, acts of the Government in either its sovereign or contractual capacity, fires, floods, epidemics, quarantine restrictions, strikes, unusually severe weather, delays of common carriers, or any other cause beyond the reasonable control of such party. (m) Severability. If any provision of this Agreement is held to be invalid, illegal or unenforceable for any reason, such invalidity, illegality or unenforceability will not affect any other provisions of this Agreement, and this Agreement will be construed as if such invalid, illegal or unenforceable provision had never been contained herein. (n) Price Adjustments. Vigilant has the right to increase or decrease the annual Service Fee from one Service Period to another; provided, however, that in no event will a Service Fee be increased by more than 4% of the prior Service Period’s Service Fees. If Vigilant intends to adjust the Service Fee for a subsequent Service Period, it must give Agency notice of the proposed increase on or before the date that Vigilant invoices Agency for the upcoming Service Period. (o) CJIS Requirements. Agency certifies that its LEARN users shall comply with the CJIS requirements outlined in Exhibit A. Vigilant Solutions – Investigative Data Platform Agreement ver. 1.4 Page 8 of 11 IN WITNESS WHEREOF, the parties hereto have executed this Agreement by persons duly authorized as of the date and year first above written. Company: Vigilant Solutions, LLC Authorized Agent: Bill Quinlan Title: Vice President Sales Operations Date: ____________________________________________________ Signature: ____________________________________________________ Agency: ____________________________________________________ Authorized Agent: ____________________________________________________ Title: ____________________________________________________ Date: ____________________________________________________ Signature: ____________________________________________________ Vigilant Solutions – Investigative Data Platform Agreement ver. 1.4 Page 9 of 11 [signature page – Investigative Data Platform State and Local Law Enforcement Agency Agreement] Exhibit A: CJIS Requirements Vigilant and Agency agree on the importance of data security, integrity and system availability and that these security objectives will only be achieved through shared responsibility. Vigilant and Agency agree they will more likely be successful with information security by use of the Vigilant supplied technical controls and client Agency use of those controls; in conjunction with agency and personnel policies to protect the systems, data and privacy. Vigilant and Agency agree that Agency owned and FBI-CJIS supplied data in Vigilant systems does not meet the definition of FBI-CJIS provided Criminal Justice Information (CJI). Regardless, Vigilant agrees to treat the Agency-supplied information in Vigilant systems as CJI. Vigilant will strive to meet those technical and administrative controls; ensuring the tools are in place for the proper protection of systems, information and privacy of individuals to the greatest degree possible. Vigilant and Agency agree that information obtained or incorporated into Vigilant systems may be associated with records that are sensitive in nature having, tactical, investigative and Personally Identifiable Information. As such, that information will be treated in accordance with applicable laws, policies and regulations governing protection and privacy of this type of data. Vigilant and Agency agree that products and services offered by Vigilant are merely an investigative tool to aid the client in the course of their duties and that Vigilant make no claims that direct actions be initiated based solely upon the information responses or analytical results. Further, Vigilant and Agency agree that Agency is ultimately responsible for taking the appropriate actions from results, hits, etc. generated by Vigilant products and require ongoing training, human evaluation, verifying the accuracy and currency of the information, and appropriate analysis prior to taking any action. As such, the parties agree to do the following: Vigilant: 1. Vigilant has established the use of FBI-CJIS Security Policy as guidance for implementing technical security controls in an effort to meet or exceed those Policy requirements. 2. Vigilant agrees to appoint a CJIS Information Security Officer to act as a conduit to the client Contracting Government Agency, Agency Coordinator, to receive any security policy information and disseminate to the appropriate staff. 3. Vigilant agrees to adhere to FBI-CJIS Security Policy Awareness Training and Personnel Screening standards as required by the Agency. 4. Vigilant agrees, by default, to classify all client supplied data and information related to client owned infrastructure, information systems or communications systems as “Criminal Justice Data”. All client information will be treated Vigilant Solutions – Investigative Data Platform Agreement ver. 1.4 Page 10 of 11 at the highest level of confidentiality by all Vigilant staff and authorized partners. Vigilant has supporting guidance/policies for staff handling the full life cycle of information in physical or electronic form and has accompanying disciplinary procedures for unauthorized access, misuse or mishandling of that information. 5. Vigilant will not engage in data mining, commercial sale, unauthorized access and/or use of any of Agency owned data. 6. Vigilant and partners agree to use their formal cyber Incident Response Plan if such event occurs. 7. Vigilant agrees to immediately inform Agency of any cyber incident or data breach, to include DDoS, Malware, Virus, etc. that may impact or harm client data, systems or operations so proper analysis can be performed and client Incident Response Procedures can be initiated. 8. Vigilant will only allow authorized support staff to access Agency’s account or Agency data in support of Agency as permitted by the terms of contracts. 9. Vigilant agrees to use training, policy and procedures to ensure support staff use proper handling, processing, storing, and communication protocols for Agency data. 10. Vigilant agrees to protect client systems and data by monitoring and auditing staff user activity to ensure that it is only within the purview of system application development, system maintenance or the support roles assigned. 11. Vigilant agrees to inform Agency of any unauthorized, inappropriate use of data or systems. 12. Vigilant will design software applications to facilitate FBI-CJIS compliant information handling, processing, storing, and communication of Agency. 13. Vigilant will advise Agency when any software application or equipment technical controls are not consistent with meeting FBI-CJIS Policy criteria for analysis and due consideration. 14. Vigilant agrees to use the existing Change Management process to sufficiently plan for system or software changes and updates with Rollback Plans. 15. Vigilant agrees to provide technical security controls that only permit authorized user access to Agency owned data and Vigilant systems as intended by Agency and data owners. 16. Vigilant agrees to meet or exceed the FBI-CJIS Security Policy complex password construction and change rules. 17. Vigilant will only provide access to Vigilant systems and Agency owned information through Agency managed role- based access and applied sharing rules configured by Agency. 18. Vigilant agrees to provide technical controls with additional levels of user Advanced Authentication in Physically Non-Secure Locations. 19. Vigilant agrees to provide compliant FIPS 140-2 Certified 128-bit encryption to Agency owned data during transport and storage (“data at rest”) while in the custody and control of Vigilant. 20. Vigilant agrees to provide firewalls and virus protection to protect networks, storage devices and data. 21. Vigilant agrees to execute archival, purges and/or deletion of data as configured by the data owner. 22. Vigilant agrees to provide auditing and alerting tools within the software applications so Agency can monitor access and activity of Vigilant support staff and Agency users for unauthorized access, disclosure, alteration or misuse of Agency owned data. (Vigilant support staff will only have access when granted by Agency.) 23. Vigilant will only perform direct support remote access to Agency systems/infrastructure when requested, authorized and physically granted access to the applications/systems by Agency. This activity will be documented by both parties. 24. Vigilant creates and retains activity transaction logs to enable auditing by Agency data owners and Vigilant staff. 25. Vigilant agrees to provide physical protection for the equipment-storing Agency data along with additional technical controls to protect physical and logical access to systems and data. 26. Vigilant agrees to participate in any Information or Technical Security Compliance Audit performed by Agency, state CJIS System Agency or FBI-CJIS Division. 27. Vigilant agrees to perform independent employment background screening for its’ staff and participate in additional fingerprint background screening as required by Agency. Vigilant Solutions – Investigative Data Platform Agreement ver. 1.4 Page 11 of 11 28. Vigilant agrees that Agency owns all Agency contributed data to include “hot-lists”, scans, user information etc., is only shared as designated by the client and remains the responsibility and property of Agency. Agency: 1. Agency agrees to appoint an Agency Coordinator as a central Point of Contact for all FBI-CJIS Security Policy related matters and to assign staff that are familiar with the contents of the FBI-CJIS Security Policy. 2. Agency agrees to have the Agency Coordinator provide timely updates with specific information regarding any new FBI-CJIS, state or local information security policy requirements that may impact Vigilant compliance or system/application development and, to facilitate obtaining certifications, training, and fingerprint-based background checks as required. 3. Agency agrees to inform Vigilant when any FBI-CJIS Security Awareness Training, personnel background screening or execution of FBI-CJIS Security Addendum Certifications are required. 4. Agency agrees to immediately inform Vigilant of any relevant data breach or cyber incident, to include DDoS, Malware, Virus, etc. that may impact or harm Vigilant systems, operations, business partners and/or other Agencies, so proper analysis can be performed, and Incident Response Procedures can be initiated. 5. Agency agrees that they are responsible for the legality and compliance of information recorded, submitted or placed in Vigilant systems and use of that data. 6. Agency agrees that they are responsible for proper equipment operation and placement of equipment. 7. Agency agrees that they are responsible for vetting authorized user access to Vigilant systems with due consideration of providing potential access to non-Agency information. 8. Agency agrees that responsibility and control of persons granted access to purchased Vigilant systems, along with data stored and transmitted via Vigilant systems, is that of the Agency. 9. Agency agrees that they have responsibility for all data security, handling and data protection strategies from point of acquisition, during transport and until submission (“Hotlist upload”) into Vigilant systems. 10. Agency agrees to reinforce client staff policies and procedures for secure storage and protection of Vigilant system passwords. 11. Agency agrees to reinforce client staff policies for creating user accounts with only government domain email addresses. Exceptions will be granted in writing. 12. Agency agrees to reinforce client staff policies for not sharing user accounts. 13. Agency agrees to use Vigilant role-based access as designed to foster system security and integrity. 14. Agency agrees that they control, and are responsible for, appropriate use and data storage policies as well as procedures for the data maintained outside the Vigilant systems. This includes when any information is disseminated, extracted or exported out of Vigilant systems. 15. Agency agrees that they control and are responsible for developing policies, procedures and enforcement for applying deletion/purging and dissemination rules to information within and outside the Vigilant systems. 16. Agency agrees that it is their responsibility to ensure data and system protection strategies are accomplished through the tools provided by Vigilant for account and user management features along with audit and alert threshold features. 17. Agency agrees to use the “virtual escorting” security tools provided for managing client system remote access and monitor Vigilant support staff when authorized to assist the client. 18. Agency agrees that the Vigilant designed technical controls and tools will only be effective in conjunction with Agency created policies and procedures that guide user access and appropriate use of the system. 19. Agency agrees that information and services provided through Vigilant products do not provide any actionable information, Agency users are responsible for the validity and accuracy of their data and developing procedures to verify information with the record owner and other systems (NCIC) based upon the potential lead generated.