The URL can be used to link to this page

Home My WebLink AboutAGENDA REPORT 2025 1105 CC REG ITEM 10GCITY OF MOORPARK, CALIFORNIA City Council Meeting of November 5, 2025 ACTION APPROVED STAFF RECOMMENDATIONS. BY A. Hurtado. G. Consider Contract Award of Open-loop Transit Fare Payment System to Enghouse, Inc. for Payment Processor Services; and Authorize the City Manager to Negotiate and Execute a Five-Year Contract with Elavon for Payment Processing Services. Staff Recommendation: 1) Approve a 16-month contract including two two-year optional extensions, with Enghouse, Inc. for transit fare processing services and authorize the City Manager to sign the extensions, where the City of Moorpark will be invoiced a fee not exceeding 1.68% of fare revenue collected; and implementation and travel costs will be invoiced to the Ventura County Transportation Commission (VCTC); and 2) Authorize the City Manager to negotiate and execute a five-year contract with Elavon for payment processing services at a fixed rate of $0.03 per transaction, plus applicable network and interchange fees (estimated average total cost: $0.12 per transaction). (Staff: Michelle Woomer, Senior Management Analyst) Item: 10.G. MOORPARK CITY COUNCIL AGENDA REPORT TO: Honorable City Council FROM: Daniel Kim, City Engineer/ Public Works Director BY: Michelle Woomer, Senior Management Analyst DATE: 11/05/2025 Regular Meeting SUBJECT: Consider Contract Award of Open-loop Transit Fare Payment System to Enghouse, Inc. for Payment Processor Services; and Authorize the City Manager to Negotiate and Execute a Five-Year Contract with Elavon for Payment Processing Services BACKGROUND Existing and potential fixed-route riders commonly report that transit fare payment options are difficult to use and understand; and the existing options present a barrier that reduces/prevents the utilization of fixed route services. This feedback is consistent locally in Moorpark and regionally throughout Ventura County and the State. Reducing this barrier and making fare payment options easier for customers is a common goal that incentivizes increased transit use. To improve fare payment options, a Countywide project is being led by Ventura County Transportation Commission to install open-loop readers aboard transit agencies fixed- route transit vehicles as part of a regional joint-agency project. The open-loop readers will allow riders to ‘tap-to-pay’ with major credit and debit cards. The proposed system will include the ability to accept Apple wallet and Google wallet payments as well. Currently, VCbuspass offers a way to pay using a card or app, where passengers tap a transit fare card on a device installed in the bus called an UMO reader. Passengers first need to obtain a physical card or download the app and load the funds to the card before being able to use the card. The current process can present obstacles and add steps to using transit, which requires more planning and can make using transit less attractive, especially for new riders and/or those unfamiliar with fares and payment options. By contrast, contactless payments allow transit agencies to leverage global payment standards and accept physical and digital banks. This benefits riders as it facilitates little to no-upfront planning when deciding to use transit and allows the use of payment options readily at hand. Item: 10.G. 138 Honorable City Council 11/05/2025 Regular Meeting Page 2 The goal of the multi-agency project is to offer more user-friendly transit payment options. To support projects that align with this goal, the State is leading the California Integrated Travel Project (Cal-ITP). Cal-ITP offers technical and program implementation assistance to transit operators looking to improve transit through technology, and in this case, through the implementation of open-loop credit/debit card readers on buses. VCTC and participating agencies are working with Cal-ITP staff to assist with the implementation of this project. Eight transit operators in Ventura County will participate in the project, including Camarillo Area Transit (CAT), Gold Coast Transit District (GCTD), Moorpark Transit, City of Ojai, Simi Valley Transit (SVT), Thousand Oaks Transit (TOT), Valley Express, and Ventura County Transportation Commission (VCTC). In 2024, VCTC was awarded Regional Early Action Plan (REAP) funds from the Southern California Association of Governments (SCAG). The REAP fund award was intended to collaboratively deploy contactless payment technology across the region’s operators, facilitating a positive and streamlined customer experience across fixed-route services in Ventura County. In July 2025, VCTC launched the open-loop payment system for their Intercity fixed route service and no issues were reported. DISCUSSION There are three components of the open loop payment system: (Category A) payment acceptance devices, (Category B) transit processor to calculate fares, and (Category C) a payment processor (acquirer) to process bank cards and allow the passengers’ bank to communicate and deposit fares with a transit agency’s bank. Together, these systems allow a transit agency to accurately and securely collect and deposit funds into its bank. In 2021, the State Department of General Services (DGS) issued Requests for Proposals (RFP) for hardware payment acceptance devices (Category A) and transit processor services to do fare calculation (Category B). DGS proceeded to award Master Service Agreements (MSA) to three contractors (INIT, Kuba, and SC Soft) for Category A and four contractors (INIT, Bytemark, Enghouse, and Littlepay) for Category B. In addition, MSAs were awarded to payment processor providers Elavon and Fiserv for Category C. The procurement process followed by the State and signed contracts are all FTA compliant. With assistance from Cal-ITP, VCTC staff solicited proposals from all available state contractors with DGS MSA’s for payment hardware and processing services. VCTC received two proposals for payment acceptance devices from Kuba, Inc. and SC Soft, Inc.; and two proposals for transit processor services from LittlePay and Enghouse. VCTC evaluated all proposals and selected Kuba, Inc. as the preferred vendor for payment acceptance devices (Category A). Of the proposals received, Kuba’s proposal included the most detailed project implementation timelines and work plans. 139 Honorable City Council 11/05/2025 Regular Meeting Page 3 For the transit processor services (Category B), VCTC staff selected Enghouse, Inc. After speaking with the vendor, receiving a demonstration, and leaning on the technical guidance from the Cal-ITP team, VCTC staff believes Enghouse will be the most appropriate to implement Ventura County’s complex fare structure not only for the VCTC Intercity service, but will be best positioned to implement a multi-operator open payment system countywide. Furthermore, Enghouse is waiving numerous integration costs and on-time fees in their proposal and has a low-cost transaction processing fee at 1.4% of revenue collected versus 2.25% that would be collected by LittlePay, who submitted a competing proposal. For the final element of the contactless payment system, VCTC staff recommended awarding the payment processor services (Category C) to Elavon. At the time, VCTC requested proposals for Categories A and B, Elavon was the only vendor available with a DGS MSA to provide payment processing. While there is now an additional payment processing company, staff determined that the competitor’s timeline to integrate with the transit processor was not desirable. Elavon’s cost to process a transaction between the patron’s bank and a transit agency’s bank is $0.03 per transaction, but Elavon will also pass through variable costs known as interchange and card network fees. The fixed amount of $0.03 is established in Elavon’s MSA and will not change for the life of the five- year contract. The variable fees are entirely dependent on two factors: the type of card being used and the transaction value. The average transaction cost for other similarly sized transit agencies as VCTC that have procured vendors through DGS MSAs is $0.12. Due to Elavon’s process of assigning merchant IDs to new merchants within 90 days of revenue collection, Elavon’s contract cannot be executed until 90 days before launch of the new payment system and thus, the Elavon contract must be signed at a later date closer to the launch of the contactless payment system. Using REAP funds, VCTC will provide Moorpark City Transit (MCT) with the equipment for its fixed route vehicles with the open payment devices and include one additional device as spare. The equipment will enable the collection of both standard MCT fares ($1.00) and discount groups ($0.50), currently established as seniors and riders with disabilities. The estimated maximum annual cost to the City for implementing the open-loop contactless fare payment system depends on the number of annual transactions. Currently the fixed-route service provides around 28,000 trips per year. Staff estimates that at least 5%, or 1,400 of the annual total riders, will utilize the open-loop payment option as that is the estimated percentage of riders that currently use the VCBuspass tap card. 140 Honorable City Council 11/05/2025 Regular Meeting Page 4 The annual cost of those transaction is estimated to be less than $200 annually, and includes: • Enghouse fare processing fees: approximately $23.52 annually based on 1.68% of fare revenue. • Elavon payment processing fees: approximately $168 based on a $0.03 fixed transaction costs and variable costs which can equate to a total of $0.12 per transaction. If approved by City Council, the cloud hosted transit processor (Category B) software used by the payment devices to calculate fares will be supplied and maintained by Enghouse, Inc. under a five-year contract. VCTC has agreed to assume responsibility for invoices related to any one-time costs related to the regional implementation and eligibility verification to enable discounts. Enghouse will be invoicing each agency a fixed fee of no more than 1.68% of fare revenue collected through the open-loop payment system. The City will maintain a contract with Enghouse and will have direct access to a customized dashboard to manage the City independent fare products. If approved by the City Council, the City Manager will be authorized to execute a five-year contract at a later date, with Elavon to be the payment processor (Category C) for a $0.03 fixed fee. The fee will be applied to each transaction, in addition to fees levied by the passenger’s credit/debit card and bank. A City contract with Elavon is necessary to ensure fare revenue transfers directly to each participating agency independently. After City Council approval, it is expected to take three to four months to order the equipment, install, integrate, and test the system. Therefore, staff’s goal is to launch by February 2026. ENVIRONMENTAL DETERMINATION This action is exempt from the California Environmental Quality Act (CEQA) as it does not constitute a project which has a potential for resulting in physical change to the environment, as defined by section 15378 of the State CEQA Guidelines. Therefore, no environmental review is required. FISCAL IMPACT There is no financial impact resulting from approval of this item. This action provides for additional payment options for transit riders. COUNCIL GOAL COMPLIANCE This action does not support a current strategic directive. 141 Honorable City Council 11/05/2025 Regular Meeting Page 5 STAFF RECOMMENDATION 1. Approve a 16-month contract including two two-year optional extensions, with Enghouse, Inc. for transit fare processing services and authorize the City Manager to sign the extensions, where the City of Moorpark will be invoiced a fee not exceeding 1.68% of fare revenue collected; and implementation and travel costs will be invoiced to the Ventura County Transportation Commission (VCTC); and 2. Authorize the City Manager to negotiate and execute a five-year contract with Elavon for payment processing services at a fixed rate of $0.03 per transaction, plus applicable network and interchange fees (estimated average total cost: $0.12 per transaction). Attachment 1: Enghouse Inc. User Agreement Attachment 2: California Electronic Payment Acceptance Services (EPAY) Master Service Agreement (MSA 5-22-70-22-01) 142 USER AGREEMENT 1. This User Agreement is entered into between City of Moorpark “Contracting Agency” and Enghouse Transportation LLC “Contractor.” This User Agreement expressly incorporates the California Master Service Agreement (MSA) No. 5‐21‐70‐28‐05 which is incorporated herein. This User Agreement contract form serves as an appropriate equivalent to the STD 213 as required by the MSA. Contracting Agency: City of Moorpark Contractor Name: Enghouse Transportation LLC 2. The Term of this Agreement is: Start Date: 11/05/2025 Through End Date: 02/28/2027 With two two-year options for extension at the discretion of the California Department of General Services 3. The maximum amount of this Agreement is: See Exhibit B for pricing. 4. Exhibits. The parties agree to comply with the terms and conditions of the following exhibits, which are by this reference made a part of this agreement. Exhibits Title Pages Exhibit A Scope of Works 3 Exhibit B Payment Provisions 4 MSA 5‐21‐70‐ 28‐05 MSA 5‐21‐70‐28‐05 is hereby incorporated by reference. The MSA is available at: https://caleprocure.ca.gov/pages/LPASearch/lpa‐ details.aspx?Page=ZZ_CTR_SUP_PG&Action=U&ForceSearch=Y&CNTRCT_ID= 5‐21‐70‐28‐05&SETID=STATE&VERSION_NBR=3 In Witness Whereof, This Agreement has been executed by the parties hereto. Contractor: ___________________________________________ Date:________________________ Enghouse Transportation LLC 80 Tiverton Court, Suite 800, Markham, ON L3R 0G4 Anne Luu, Finance Director Contracting Agency Name: ___________________________________________ Date:________________________ City of Moorpark ATTACHMENT 1 143 323 Science Drive, Moorpark, CA 93021 PJ Gagajena, City Manager 144 Exhibit A City of Moorpark User Agreement Scope of Work 1. Incorporate MSA by Reference MSA # 5‐21‐70‐28‐05 and its amendments are hereby incorporated by reference as if attached hereto. 2. Description As one of seven transit operators in the Ventura County region, the City of Moorpark Transit (Moorpark) will lead the implementation of open loop payments on its service, with support from the Ventura County Transportation Commission (VCTC). VCTC is Ventura County’s regional transportation planning agency and transit operator. In 2024, VCTC was awarded Regional Early Action Plan (REAP) funds from the Southern California Association of Governments (SCAG) to collaboratively deploy contactless payment technology across the region’s operators to facilitate a positive, streamlined customer experience when traveling across services in Ventura County. The first open loop deployment in Ventura County was on VCTC’s Intercity service in June 2025. VCTC worked with the California Integrated Travel Project (Cal‐ITP) to contract with Kuba Inc., Enghouse Transportation LLC, and Elavon to deliver the hardware, software, and payment processing aspects of its open payment system. To facilitate a seamless customer experience and reduce the administrative burden on regional operators in delivering open loop payments, these same vendors will be contracted to deliver open loop payments. Pursuant to this Scope of Work, Enghouse shall provide final charge management services to enable Moorpark fare structures and business rules. Moorpark Transit provides fixed‐route, microtransit, and paratransit/dial‐a‐ride services within and beyond the city limits. In Fiscal year 2023‐2024, Moorpark Transit reported 30,749 riders and an annual revenue of $38,793.67. By introducing a contactless open‐loop payment system, Moorpark Transit hopes to increase system efficiency for both operators and riders, ultimately resulting in higher ridership. 3. Summary of Enghouse Services for Moorpark Enghouse shall perform the following services in accordance with the pricing outlined in Exhibit B pursuant to this User Agreement: ● Configure and provide final charge management services to enable a one‐way fare, a daily cap, and a monthly cap as specified below. ● Approve data, as defined and transmitted by Kuba Inc., to enable intra‐agency transfer rules as specified below. ● Accept base fare calculations as transmitted by Kuba Inc. ● Configure a transport portal for Moorpark services. 4. Regional Agency Roles and Key Contacts CONTRACT MANAGER Moorpark Michelle Woomer Senior Management Analyst | Public Works Department (805) 517‐6233 | mwoomer@moorparkca.gov | www.moorparkca.gov ADDITIONAL OPERATOR CONTACT - IMPLEMENTATION Valley Express/VCTC Matt Miller Program Manager mmiller@goventura.org 145 5. Fare Structure and Business Rules Overview of base fares and caps The fare products that Enghouse will deploy for Moorpark include a one‐way fare, a daily cap, and a monthly cap. The proposed fare structure is below. Moorpark may adjust the price points for the fare products in preparation for launch. All details on the regional fare caps are included in VCTC’s Master Service Agreement 5‐21‐70‐28‐05 Amendment 1 Exhibit A.2. Fare Product Price (Subject to Change) One Way $1 Daily Cap Price not to exceed regional caps Monthly Cap Moorpark observes the following county‐wide fare‐free promotional days: ● Clean Air Day (October 2) ● Veteran’s Day (November 11) ● Transit Equity Day (February 4) ● Earth Day (April 22) ● Dump the Pump Day (June 17) Transfers Enghouse shall approve data, as defined and transmitted by Kuba, to support transfers between Moorpark routes (intra‐agency transfers) if specified in the future. The region is working to streamline its transfer rules, to be specified at a later date (i.e. one free transfer within 2 hours between any two operators). All details on inter‐agency transfers are included in VCTC’s Master Service Agreement 5‐21‐70‐28‐05 Amendment 1 Exhibit A.2. Discounts Enghouse shall ensure that its services support all identified discount groups. Moorpark includes the following discount groups: Seniors (aged 65 or older), Medicare cardholders, and ADA‐certified individuals. As VCTC intends to work with Enghouse to deploy discounts for all Ventura County operators through a single enrollment pathway, all details on the regional discounted fare structures are included in VCTC’s Master Service Agreement 5‐21‐70‐28‐ 05 Amendment 1 Exhibit A.2. Additional services not included in the Scope of Work Demand‐response, paratransit, and other such services are currently operated by a third‐party. At launch, only fixed‐route services shall be equipped with a contactless open loop payment system. Expansion to other services (i.e. paratransit) in the future will be at the discretion of Moorpark and its selected vendors. 6. On-board Technologies The following information is for reference for the vendors only. The vendors are not responsible for the quality or availability of the systems described below, and any subsequent impacts on the project implementation. ● Fleet – Moorpark Transit’s fixed‐route fleet includes 5 El Dorado EZ Rider buses. All vehicles in the fleet are currently maintained by neighboring City of Thousand Oaks Transit. ● CAD/AVL – Syncromatics provides CAD‐AVL services. ● GTFS-RT – Syncromatics provides GTFS‐RT. In addition, Trillium produces an operator‐specific Static GTFS Feed for Moorpark. 146 ● Connectivity – Each vehicle has a Cradlepoint Router with SIM and uses Verizon. All routers are managed by Syncromatics. 7. Items Specific to Category B (Transit Processor Services) Pursuant to this Agreement, Enghouse shall process open loop transactions for Moorpark. Please refer to the sections above for applicable business rules and technologies. Enghouse shall provide final charge management services to enable base fares, fare caps, and intra‐agency transfers for Moorpark services. Enghouse shall perform other services for the regional implementation, including inter‐agency transfers, regional fare caps, discounts, and customer support channels, as outlined in VCTC’s Master Service Agreement 5‐21‐70‐28‐05 Amendment 1 Exhibit A.2. Enghouse shall configure a transport portal for Moorpark services. Moorpark accepts Enghouse’s standard reports as described in Exhibit A of the MSA (revenue, operations, KPI, customer metrics, bad debt/debt recovery, and dispute/chargeback reports). Enghouse shall make available data reports in CSV format. Enghouse can provide transactions by passenger type (general fare, senior, Medicare card holder, etc.) and by route. Within one month of launch, Enghouse shall make available an API to relay ridership and transaction data for Moorpark service that will contribute to the Cal‐ITP Metabase. 8. Determining whether any changes are needed to default Category B service level agreements (SLAs) in the User Agreement Moorpark accepts the default SLAs as described in the Master Service Agreement. 147 EXHIBIT B – PAYMENT AND BUDGET PROVISIONS Transit Agency: City of Moorpark Transit Contractor: Enghouse Transportation LLC (Enghouse) 1. RATES The not‐to‐exceed pricing for MSA products and services to be provided to the Transit Agency are listed in Exhibit B.1 ‐ Rate Sheet of the MSA. All prices and fees shall be fixed for the entire MSA term including any optional extension periods unless the State approves a price adjustment in accordance with Section 6, Rate Adjustments. A. Payment Acceptance Devices - Category A – (Not Offered) B. Transit Processor Services - Category B – 1. Rates shall be based on revenue processed and services defined in this User Agreement taking any applicable breakpoints into account. For any revenue processed that is equal or greater to a breakpoint but smaller than the next breakpoint, fees shall be priced in accordance with the rate for that breakpoint. Contractor will waive monthly charges for the first three months after launch. Breakpoints are defined as follows: 148 Breakpoints o/o of the total processed revenue to be charged (per month) $0-$5,000 1.68% $5,000-$10,000 1.68% $10,000-$15,000 1.61% $15,000-$25,000 1.54% $25, 000-$50, 000 1.54% $50,000-$100,000 1.40% $100,000-$500,000 1.40% $500,000-$1,000,000 1.40% $1,000,000-$5,000,000 1.26% $5,000,000-$10,000,000 1.12% >$10,000,000 0.98% 2. For Transit Processing Services, the rate shall include the Published Processing Services Rate which is based on the Total Revenue Processed (see Exhibit G: Definitions of the MSA), comprising fare revenues processed under all User Agreements with Contractor. At no point in time shall the rate charged exceed the effective Published Processing Services Rate. 3. For Transit Processing Services the rate charged shall also include the rate for free ($0) fare transactions if the Transit Agency has free fare transactions for Transit Customers. o Rate for free ($0) fare transactions – $0.02 4. Other fee terms include… o Implementation service fees – VCTC shall be invoiced for these fees on behalf of each agency up to an amount as outlined in VCTC’s Master Service Agreement 5‐21‐70‐28‐05 Amendment 1 Exhibit B.2. o Integration fees with validator and payment processor: waived o Eligibility verification fee – VCTC shall be invoiced for these fees on behalf of each agency up to an amount as outlined in VCTC’s Master Service Agreement 5‐21‐70‐28‐05 Amendment 1 Exhibit B.2. Should an agency pursue a discount group, discount percentage or discount amount different from the standard regional benefits implementation, Contractor may charge up to $5,250 per agency depending on the complexity of the deviation. o Custom development ‐ $140/hour (no hours currently estimated in this Scope of Work) 2. TRANSIT PROCESSING SERVICES RATE DETERMINATION AND PUBLICATION (Category B Only) Upon award of this MSA, the Published Processing Services Rate will be the rate associated with breakpoint 1. Thereafter, the Published Processing Services Rate for Contractor’s Transit Processing Services shall be determined bi‐annually and shall be valid for six (6) calendar months. The rate shall be determined by taking the monthly average of Total Revenue Processed over the previous six (6) calendar months, provided that only months with a non‐zero Total Revenue Processed shall be included in the average. Not later than on January 31st and July 31st of each calendar year, Contractor shall send a rate determination request the following to Masters@dgs.ca.gov and cal‐itp@dot.ca.gov: ● Total Revenue Processed and its constituent monthly parts for the covered time period (July 1st – December 31st or January 1st – June 30th respectively); and ● Corresponding rate for the subsequent period DGS and Caltrans shall publish the new Published Processing Services Rate no later than March 15th and September 15th, as the case may be. This rate shall be valid from October 1st until March 31st and April 1st until September 30th respectively. 149 Period for determining rate Submission due Publishing Date Period to apply new rate January 1 – June 30 July 31st September 15th October 1 – March 31 July 1 – December 31 January 31st March 15th April 1 – September 30 If the State raises questions or disputes the accuracy of Contractor’s Total Revenue Processed or the corresponding rate, Contractor shall respond within 5 working days to written questions or requests for supporting information. In case no agreement can be reached between State and Contractor before the required publishing date, the lower of the current Published Processing Services Rate and Contractor’s calculated rate for the next period shall apply. 3. TRAVEL The Transit Agency may allow additional travel reimbursement as permitted, which must be itemized separately on the invoice. The Contractor must have prior approval by the Transit Agency for any additional travel reimbursement. Reimbursements requests must include dates and receipts for all costs and expenses incurred. 4. INVOICES . Submission of Invoices 1. For rates related to revenue processed and free fare transaction: 1. The Contractor shall submit itemized invoices to the Transit Agency contact person at the address contained in the Transit Agency’s User Agreement. The information is mandatory information to be provided for all invoices: a) DGS MSA Number b) Transit Agency Contract Number c) Transit Agency Order Number d) Transit Agency Billing Code e) Transit Agency Name f) Transit Agency Address g) Description of services ordered h) Pricing information, specified by Tier or Breakpoint where applicable 2. The Transit Agency contact person will verify and approve, or disapprove, the invoiced items. If the Transit Agency does not approve the invoiced items, the invoice will be disputed and returned to the Contractor for correction. 5. PAYMENT Payment for services performed under this Contract will be made upon satisfactory completion of services rendered. The Contractor shall invoice the Transit Agency in arrears upon successful completion of services. Invoices for services are not due and payable, and 150 do not constitute an obligation of the Transit Agency, until the month following the month for which charges are accrued. Payment shall be made within 45 days in accordance with, and within the time specified in Government Code Chapter 4.5, commencing with Section 927 unless agreed otherwise in the User Agreement. 6. RATE ADJUSTMENTS Contractor may request Consumer Price Index (CPI) rate increases for services should the State decide to execute the options to extend. Rate increases may be requested no more than once annually and may only be requested following the initial five (5) year term of the Agreement. Rate increases shall be capped at three percent (3%) for a given year and may only be requested when the CPI for the "Public Transportation" goods and services category, as published by the U.S. Department of Labor, Bureau of Labor Statistics has increased one percent (1%) or greater for the previous calendar year. The website, subject to change without amendment to this Agreement, can be found at the CPI Index (https://www.bts.gov/components‐consumer‐price‐index‐transportation). The Contractor shall submit a written request to the DGS Contract Administrator, provide a copy of the index and other supporting documentation necessary to support the adjustment. Rates will be fixed for twelve (12) months following an approved price adjustment. Adjustments shall not be retroactive. 151 7760-522702201 ATTACHMENT 2 152 SCO ID: STATE OF CALIFORNIA· DEPARTMENT OF GENERAL SERVICES ~-----------~-------------~ STANDARD AGREEMENT STD 213 (Rev. 04/2020) AGREEMENT NUMBER 5-22-70-22-01 1. This Agreement is entered Into between the Contracting Agency and the Contractor named below: CONTRACTING AGENCY NAME Department of General Services CONTRACTOR NAME Elavon, Inc. 2. The tenn of this Agreement 1s. START DATE June 1, 2022 THROUGH END DATE June 1, 2027, with two (2) optional two (2) year extensions 3. The maximum amount of this Agreement is: $0.00 (Zero dollars and no-cents, with no guarantee of contract expenditure) PURCHASING AUTHORITY NUMBER (If Applicable) 4. The parties agree to comply with the terms and conditions of the following exhibits, which are by this reference made a part of the Agreement. Exhibits Title Pages Exhibit A Scope of Work 12 Exhibit A.1 Selected Services 1 Exhibit B Budget Detail and Payment Provisions 3 Exhibit C Terms and Conditions (As Modified) 4 Exhibit C.1 General Provisions-Information Technology (As Modified) 9 Exhibit D Insurance Requirements 2 Exhibit E Fees and Costs 3 Exhibit E.1 Service Pricing 2 Exhibit E.2 Equipment and Software Pricing 2 Exhibit E.3 Equipment Specifications 5 Exhibit F Equipment and Software 5 Exhibit G Definitions 8 Exhibit H Special Terms and Conditions 12 Exhibit H.1 Authorized User Set Up Form 1 Exhibit I Mass Transit Terms 2 terns snown w1tn an aster,sK (*, are nerev1 mcor orateu vi rererence ana maae ·;, y p y p art or tms a reement as ,r attacnea nereto. g These documents can be viewed at https'(/www.dgs.ca,gov/OLS/Resources Page 1 of 2 5/27/2022 7760-522702201 JUN 1 2022 ALW:LAG:skb 153 SCO ID: STATE OF CALIFORNIA-DEPARTMENT OF GENERAL SERVICES .-------------,---------------, AGREEMENT NUMBER 5-22-70-22-01 STANDARD AGREEMENT STD 213 {Rev. 04/2020) IN WITNESS WHEREOF, THIS AGREEMENT HAS BEEN EXECUTED BY THE PARTIES HERETO. CONTRACTOR CONTRACTOR NAME (1f other than an individual, state whether a corporation, partnership, etc.) CONTRACTOR BUSINESS ADDRESS 7?('0 {lllf Plv?A 11/ PRINTED NAME OF PERSON SIGNING IJ;.-IV) C I ;-I <( T CONTRACTOR AUTHORIZED ~GNAWRE---· ~-~------------- CONTRACTING AGENCY NAME Department of General Services CONTRACTING AGENCY ADDRESS 707 Third Street, 2nd Floor PRINTED NAME OF PERSON SIGNING Carol Bangs CONTRACTING AGENCY AUTHORIZED SIGNATURE Cuut ~/1 •~;;:: CALIFORNIA DEPARTMENT OtGENERAL SERVICES APPROVAL STATE OF CALIFORNIA APPROV ED D OFFICE OF LEGAL SERVICES DEPT. OF GENERAL SERVICES PURCHASING AUTHORITY NUMBER (If Applicable) CITY k./\J tJY J7L-t -£ ' STATE IZIP tN s79-2.0 TITLE DATE SIGNED CITY ! STATE ! ZIP West Sacramento CA 95605 TITLE Acquisitions Branch Chief, Procurement Division DATE SIGNED EXEMPTION (If Applicable) Page 2 of 2 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 1 of 71 Exhibit A: Scope of Work The Department of General Services (DGS), Procurement Division (PD), hereinafter referred to as the “State” or “DGS-PD” is establishing master agreements with multiple providers of Electronic Payment Acceptance Services for State Agencies and Local Users (defined as any city and/or county, district, or other local governmental body or corporation, including the California State Universities (CSU) and University of California (UC) systems, K-12 schools and community colleges empowered to expend public funds), hereinafter collectively referred to as “Authorized Users”. Authorized Users may contract with any master agreement provider. 1. SCOPE a. The State and Elavon, Inc. (hereinafter referred to as the “Contractor”), hereby agree that the Contractor will provide Electronic Payment Acceptance Services to Authorized Users in accordance with the terms and conditions of this Master Service Agreement (“MSA” or “Agreement”). b. Prior to rendering services, Authorized Users and Contractor must execute a separate Subsidiary Agreement that incorporates all of the terms of this MSA by reference and may contain additional specific terms and conditions, none of which may alter, rescind, or be in conflict with the terms and conditions of this MSA (per Exhibit A, Section 14). c. Contractor agrees to honor all Subsidiary Agreements made prior to MSA expiration or termination at the same rates, terms and conditions. d. All Subsidiary Agreements issued against this MSA must be fulfilled/completed in their entirety within twelve (12) months following the MSA end date. e. The State, during the term of this MSA, may negotiate additional agreements, categories and/or services. 2. AGREEMENT TERM The term of this MSA is for a five (5) year period. DGS reserves the right to extend this Agreement for two additional two (2) year periods, with a maximum cumulative term of nine (9) years. The start and end date will be noted on the attached Std. 213 Standard Agreement (the “Effective” term). 3. CONTRACT ADMINISTRATORS The State and MSA Contractor have assigned Contract Administrators as single points of contact for all inquiries, contract related issues and for problem resolution. The Contract Administrators and their contact information will be listed in the subsequent MSA User Instructions issued after award. Should a Contract Administrator change, each party will notify the other in writing no later than ten (10) business days after the date of such change, without amendment to this agreement. a. Contractor must provide the name, address, telephone number, and e-mail address of the individual directly responsible for managing this Agreement on behalf of the Contractor to the State’s designated Contract Administrator. b. Contractor must provide the State with at least one (1) replacement candidate that will meet or exceed the experience and skill level of the Contract Administrator being replaced. 154 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 2 of 71 i) The State shall not compensate the Contractor for any time or effort required to prepare the new Contract Administrator for work on the project. ii) The State may request that Contractor replace an assigned Contract Administrator at any time. The Contractor will use its best efforts to provide a replacement candidate that meets or exceeds the experience and skill level of the Contract Administrator being replaced within a time frame mutually agreed upon by the Contractor and the State. 4. GENERAL OVERVIEW OF SERVICES Contractor shall provide electronic payment acceptance and processing services in the following categories: a. Credit and Debit Card Processing (Category 1) 5. MINIMUM SERVICE LEVEL AGREEMENTS Contractor shall provide electronic payment acceptance and processing services as follows: a. General Service Level Agreements (All Categories) Contractor will: i) Allow for batch processing of transactions. Initiate funding for Credit, Debit, and PIN-Based Card transactions as follows: Transaction Day Initiate Funding to Authorized User’s Account Via ACH1/ Monday Tuesday Tuesday Wednesday Wednesday Thursday Thursday Friday Friday Monday Saturday Monday Sunday Monday 1/ Includes Contractor’s authorization to send funds from Contractor’s bank to Authorized User’s bank account. ii) Contractor shall settle in gross daily and process chargebacks and adjustments by invoicing the Authorized User. iii) Provide to each Authorized User access to detailed statements and online reporting tools that provide sufficient information for each Authorized User to reconcile deposits and adjustments made to the Authorized User’s designated bank account(s). iv) Provide customer support twenty-four (24) hours per day, three hundred sixty-five (365) days per year. v) Maintain industry standard data privacy controls sufficient to meet the requirements of the applicable security standards and California State Privacy statutes and 155 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 3 of 71 regulations (defined in Exhibit A, Section 17). Contractor is fully responsible for all administrative and financial obligations that arise from any security breach caused by the Contractor. vi) Provide Gateway services or equivalent. vii) Annually, make Contractor’s SSAE 18 SOC1 Type II information available for review on Contractor’s premises upon Authorized User’s thirty (30) days written notice. Authorized User’s review shall take place during Contractor’s normal business hours upon the signing of Contractor’s confidentiality agreement. Authorized User’s review does not include copying of such documents. viii)Upon request by the Authorized User, assign to Authorized User one or more identification numbers or passwords for Authorized User’s use in obtaining the Card Services. Once such identification number(s) or password(s) have been delivered to Authorized Agency by Contractor, the use and confidentiality of such numbers and/or passwords shall be the sole responsibility of Authorized User. b. Credit and Debit Card Processing (Service Category 1) Contractor will: i) Process for the Authorized User: MasterCard, Visa, American Express, Discover, Debit Cards, and Purchasing Cards in accordance with the operating rules of each of the named associations and under applicable law. Including but not limited to: 1. Bank Cards – VISA/MasterCard/AMEX/Discover – Cardholder Present 2. Bank Cards – VISA/MasterCard/AMEX/Discover – Cardholder Not Present 3. Signature Debit Cards – VISA/MasterCard – Cardholder Present 4. Signature Debit Cards – VISA/MasterCard – Cardholder Not Present 5. PIN Based Debit Cards 6. Digital Wallets ii) Provide Convenience/Service Fee services. iii) Provide continuous service by maintaining Contractor’s system functionality at a minimum 99.9% of the time (excluding maintenance downtime), measured on a monthly basis. Contractor must provide advanced written notice for scheduled maintenance and maintenance should occur during Authorized User’s non- business hours. 1. Service shall be available twenty-four (24) hours per day, three hundred sixty- five (365) days per year (excluding maintenance downtime). 2. If service’s monthly availability averages less than 99.9% (excluding maintenance downtime), the Authorized User shall be entitled to recover damages, apply credits or use other contractual remedies as set forth in the Subsidiary Agreement. (Exhibit A, Section 24) 3. Contractor shall provide advance written notice to the State Contract Administrator and Authorized Users of any major upgrades or changes that will affect the service availability. iv) Provide Authorization and Settlement functions on behalf of Authorized User. Authorizations must be completed in real time with response times of no more than 2-12 seconds. Response time is measured from the time Contractor receives a transaction authorization request to the time Contractor provides a transaction 156 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 4 of 71 authorization response to Authorized User, excluding time dependent upon third parties and delays caused by failures or delays in third party’s systems. v) Deliver, at a minimum, the following standard reports: 1. Deposit Summary 2. Transaction Reports 3. Convenience/services fees, if applicable 4. Statements 5. Interchange 6. Adjustments 7. Chargebacks 8. Authorizations 9. Duplicate Transmissions Frequency of reporting and additional reports to be determined within the Authorized User Subsidiary Agreements. vi) Process Chargebacks, upon receipt, on behalf of Authorized User. If additional information is required from the Authorized User to process the chargeback, Contractor must notify the Authorized User within twenty-four (24) to forty-eight (48) hours of receipt. The Contractor is authorized to protest any chargeback on behalf of the Authorized User. Chargebacks and adjustments will be invoiced to the Authorized Users. vii) Process voids, cancels, returns, reversals and retrievals. viii)Control for duplicate transactions. ix) Remain Payment Card Industry (PCI) compliant and P2PE certified throughout the term of the Agreement. 6. DEMONSTRATIONS Contractor agrees to conduct demonstrations at the request of the State and/or an Authorized User, prior to implementation of an electronic payment acceptance program during the term of the Agreement. 7. TRAINING Contractor shall provide telephone and/or web-based training for each Authorized User as stated in the Subsidiary Agreement. Implementation training must be completed within 30 calendar days after system set-up. Training will be provided at no additional cost including any travel related expenses. Training material and equipment shall be provided by the Contractor at the Contractor's expense. Contractor shall ensure that sufficient material is provided to all attendees. Contractor shall provide a link to the most recent version of the Contractor's Operating Guide. The Operating Guide and Contractor’s website includes, at a minimum, but not limited to the following: • Step by Step Instructions • Support Services • Quick Reference Guide • FAQ’s and answers 157 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 5 of 71 Contractor must provide twenty-four (24) hours per day, three hundred sixty-five (365) days per year, web-based access to Contractor’s Operating Guide. Trainer provided by contractor shall be knowledgeable in the subject matter, equipment and training materials. Contractor will customize training sessions for an Authorized User upon request. 8. CUSTOMER SERVICE AND SUPPORT Contractor must provide knowledgeable customer service personnel for the services provided. Contractor shall provide the contact information for problem resolution and inquiries in the Subsidiary Agreement with each Authorized User. Most inquiries regarding the direct reconciliation of an Authorized User’s payment transactions, the transfer to the bank account or any other payment transactions involving the Contractor shall be addressed and/or resolved by the Contractor within three (3) business days from the date of the original inquiry. Most other problems and inquiries will be addressed within five (5) business days from the date of the original contact. If Contractor is unable to resolve issues within the timelines stated above, Contractor will work with the Authorized User to establish mutual resolution timeframes and project timelines. Contractor’s customer service representatives shall accurately and timely: • Research and resolve concerns and provide immediate follow-up status/resolution. • Resolve problems related to daily settlements and deposit variances. • Coordinate and resolve complex reporting issues. • Answer incoming telephone calls, e-mails, faxes, and letters. • Log all problems/resolutions so that recurring problems can be tracked, reported and corrected. Contractors must provide, at the Authorized Users request, copies of any data file transmission that occurred within the required records retention period specified in this Agreement (See Exhibit A, Section 9) and have that data file available to them within forty-eight (48) hours after original request. Any data file requests that cannot be fulfilled in that time frame will require Contractor and Authorized User to agree upon a reasonable time frame for such requests. Contractor shall provide a technical liaison (live operator) available twenty-four (24) hours a day, three hundred sixty-five (365) days a year for immediate response to data/technical needs such as, but not limited to, general inquiries, point-of-sale and other payment channel assistance. Upon request, Contractor shall provide a written/electronic status report including a problem statement, proposed solution, and estimated time of problem resolution. Contractor’s staff must be fully versed in electronic payment systems and fully capable of resolving any issues immediately. 9. RETENTION OF RECORDS Contractor must retain all transactional data for a period of at least eighteen (18) consecutive months from the initial transaction date. Transactional data/records must be made available, upon request, to Authorized Users within forty-eight (48) hours after original request. Any data file requests that cannot be fulfilled in that time frame will require Contractor and Authorized User to agree upon a reasonable time frame for such requests. Authorized User should retain legible copies of Sales Drafts and Credit Vouchers for a period of at least eighteen (18) months from the initial transaction date to be able to 158 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 6 of 71 respond to customer disputes. Authorized User must submit to Servicers a legible copy of a Sales Draft or Credit Voucher within ten (10) days of a request by Servicers, or longer period of time as may be allowed by the Association. 10. PROGRAM WEBSITE Contractor shall provide and regularly update a secure website for use by Authorized Users of this Agreement. The website will include at a minimum, the following information: • Link to the Contractor’s Merchant Operating Guide. • Links to industry related rules and regulations as described in this Agreement. • Customer Service and Support telephone number. • FAQs • Link to report database (Exhibit A, Section 5 (a)(iii)) 11. REPORTING REQUIREMENTS a. Each quarter, the Contractor shall submit a Quarterly Usage/Activity Report to the DGS Contract Administrator via email or other delivery method specified by the State. The report shall summarize the Contractor’s MSA contract activity for each Authorized User, and it shall be provided to the DGS Contract Administrator by the thirtieth (30th) working day following the ending of the quarter’s reporting period. A report is required every quarter, even if the Contractor has no activity during the reporting period. b. DGS will provide a quarterly reporting template to awardees upon award. c. Contractor must report State Authorized Users and Local Authorized Users on separate quarterly reports. d. The Quarterly Usage/Activity Report will summarize the Contractor’s MSA contract activity by payment category for each Authorized User and will contain the following information: • Authorized User Name (department, agency, etc.) • Authorized User’s Merchant Number • Dollar Volume by card type (Amex, Discover, Visa, MC, Debit) and/or payment solution • Number of settled transactions by card type and/or payment solution • Fees paid by payment solution and type (interchange, processor, convenience fees, other) • Convenience/Service Fees as applicable • Equipment and software sales reports, upon request • Any other reporting as requested by DGS e. Contractor shall email reports (in Microsoft Excel format or compatible) to the State Contract Administrator (referenced in User Instructions) and Masters@dgs.ca.gov. f. The DGS Contract Administrator reserves the right to modify this report and require the Contractor to provide additional information available to the Contractor during the course of this Agreement at no additional cost. 12. AUTHORIZED USERS a. Pursuant to Government Code §1 1 0 0 0, State of California government agencies include every state office, officer, department, division, bureau, board, and commission. 159 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 7 of 71 b. For the purposes of this Agreement, local government agencies include any city and/or county, district, or other local governmental body or corporation, including the California State Universities (CSU) and University of California (UC) systems, K-12 schools and community colleges empowered to expend public funds. c. State agencies are required to adhere to DGS contract and procurement policy and procedures. For informational purposes only, see the following link for the State of California Agency List (exclude any local government agencies described above): https://www.ca.gov/agenciesall d. Local government agency use of this MSA is optional. Local government agencies may execute a contract under this MSA using the standard form Std. 213 or appropriate equivalent contract form, and any specific documents established prior to award that affect the Subsidiary Agreement. Upon execution of the contract form they shall become Authorized Users and the provision of services by the Contractor to such Authorized Users will be governed by the terms of this MSA. e. However, the Contractor has authorization to negotiate with local government agency Authorized Users for the provisions cited below. These include but are not limited to: • Invoicing and Payment Provisions (including debiting for chargebacks, assessments and other items) • Governing Law, Jurisdiction • Local Authorized User’s additional specific terms and conditions • Convenience/Service Fees 13. AUTHORIZATION TO RENDER SERVICES Unless otherwise provided in this Agreement, Contractor may not decline a State of California government agency’s request to utilize services offered under this Agreement. 14. SUBSIDIARY AGREEMENTS Contractor and a State of California government agency or a local government agency (as applicable) must execute a separate Subsidiary Agreement that incorporates all of the terms of this MSA by reference and may contain additional agency specific terms and conditions, none of which may alter, rescind, or be in conflict with the terms and conditions of this MSA. The Subsidiary Agreement shall consist of a Std. 213 form, or the appropriate equivalent contract form for local government agency Authorized Users and shall describe the particular requirements of the Authorized User, usually reflected in a detailed scope of work. State Agency Authorized User’s Subsidiary Agreements shall be processed in accordance with State contracting laws, policy, and procedures. 15. ENTIRE AGREEMENT & AMENDMENTS This MSA Agreement includes the Std. 213 form, Exhibits A-I and any additional provisions or Exhibits or attachments specific to the Contractor and/or services; documents incorporated by reference, and mutually approved amendments. 16. ORDER OF PRECEDENCE The following order of precedence shall apply: 160 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 8 of 71 a. All federal, state, local laws and regulations b. Exhibit C: Terms and Conditions (As Modified) c. Exhibit C.1: General Provisions – Information Technology (As Modified) d. Exhibit G: Definitions e. Exhibit A: Scope of Work f. Exhibit A.1: Selected Services g. Exhibit B: Budget Detail and Payment Provisions h. Exhibit D: Insurance Requirements i. Exhibit E: Fees and Costs j. Exhibit F: Equipment and Software k. Exhibit E.1: Service Pricing l. Exhibit E.2: Equipment and Software Pricing m. Exhibit E.3: Equipment Specifications n. Exhibit H: Special Terms and Conditions o. Exhibit I: Mass Transit Terms p. Exhibit H.1: Authorized User Set Up Form q. Payment Network Regulations 17. SECURITY, PRIVACY AND DISCLOSURE The parties acknowledge that this Agreement is subject to the California Public Records Act (Govt. Code section 6 2 5 0 et seq.), California Government Code sections 6 1 6 4 and 1 1 0 1 9.9; and California Civil Code section 1 7 9 8 et seq. Authorized Users agree not to disclose Cardholder account numbers and/or Card Identification Numbers (“CIDs”) unless required by law or other legal process, or for internal State purposes, or as required to use the services under the Agreement. Contractor agrees it will not use the names, addresses, and any other personally identifying information of State, city, county, school, or other public employees for any purpose not directly related to this Agreement. 18. REGULATORY AUTHORITIES (Industry Related Rules and Regulations) Contractor warrants and certifies that prior to, and in the performance of this Agreement, it will acquire, maintain, and remain in compliance with all mandatory regulatory approvals with respect to its performance under this Agreement required by any applicable governmental agency having jurisdiction over Contractor. If such regulatory approvals are not obtained by Contractor prior to the performance of this Agreement, this Agreement shall be of no force or effect. 19. LICENSES AND PERMITS Contractor shall be responsible for obtaining and maintaining at its expense all applicable licenses, registrations, permits, and certifications applicable to its performance under this Agreement during the entire term of this Agreement required by federal law, the State of California, and local jurisdictions in California. 20. SUBCONTRACTORS Nothing contained in this Agreement or otherwise, shall create any contractual relation between the State and any subcontractors, and no subcontractor shall relieve the Contractor of its responsibilities and obligations hereunder. The Contractor agrees to be 161 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 9 of 71 fully responsible to the State for the acts and omissions of its subcontractors and of persons either directly or indirectly employed by any of the subcontractors as it is for the acts and omissions of persons directly employed by the Contractor. The Contractor’s obligation to pay its subcontractors is an independent obligation from the Authorized User’s obligation to make payments to the Contractor. As a result, the Authorized User shall have no obligation to pay or to enforce the payment of any moneys to any subcontractor. 21. PHASE IN & PHASE OUT TRANSITION SERVICES Prior to the end of this Agreement’s contract term, or if this Agreement is terminated by the State, Contractor agrees to assist in transitioning the services provided under this Agreement within a period of time, not to exceed one hundred eighty (180) day calendar period. Transition assistance will include but is not limited to: continue transaction processing until date agreed upon, resolve any outstanding chargeback disputes, remit final statement and invoice for all transactions through close of business on the final processing date. Contractor shall cooperate with any new contractor(s) and State staff in effectuating an orderly transition. 22. DISPUTE RESOLUTION Contractor shall direct questions regarding the Subsidiary Agreement to the Authorized User. Decisions rendered by the Chief Executive Officer, or designated representative, of the Authorized User are considered final. Upon request, DGS-PD may provide a forum for discussion, at which time a DGS-PD representative shall be available to provide information regarding the State of California’s policies and procedures. If agreement cannot be reached, either party may assert its rights and remedies within a court of competent jurisdiction. 23. NOTICES All notices, requests, demands and other communications hereunder shall be in writing and shall be deemed given if delivered (a) personally, (b) via facsimile, electronic mail or overnight express service (except that notices of termination or default given by facsimile or electronic mail must also be sent via overnight express service or certified mail) or (c) by certified or registered mail, postage prepaid, return receipt requested, in each case, to the addresses, facsimile numbers and/or electronic mail addresses set forth below. The parties hereto may change their street addresses, facsimile numbers and electronic mail addresses for purposes of this Agreement by notifying the other party in the manner specified in this section. 24. LIQUIDATED DAMAGES The Authorized User’s Director or his/her designee may assess compensating damages against the vendor for losses incurred by the Authorized User as a direct result of errors caused by the negligence or willful misconduct of the vendor or subcontractor(s) that cause or contribute to the delay in collecting revenue. If invoked, damages will be assessed based upon the dollar value of the loss, the elapsed time before correction of the error and the Pooled Money Investment Account (PMIA) Daily Rate for the date the loss occurred as published by the California State Treasurer’s Office. Contractor’s liability for damages shall not exceed an amount equal to the annual fees paid or payable to Contractor under the affected Subsidiary Agreement (excluding interchange fees). If 162 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 10 of 71 twelve (12) consecutive months of fees are not available for this calculation, Contractor will use the highest available months fees multiplied by twelve (12) to identify the anticipated annual fees. For purposes of this Agreement, ‘errors’ do not include any action taken, or any failure to act, pursuant to an instruction from the State or an Authorized User. 25. PROPRIETARY RIGHTS AND PERMITTED USES a. Contractor may not issue any press release about this Agreement or the State without the other party’s prior written consent. b. Contractor will provide all Credit Card Association marks, logos, stickers and marketing materials, as well as any other forms of display required by the Associations’. c. An Authorized User may use and display the Associations’ marks, and shall display such Marks in accordance with the standards for use established by the Associations. The Authorized User’s right to use all such Marks will terminate upon termination of the Agreement or upon notice by an Association to discontinue such use, and the Authorized User must thereafter promptly return any materials displaying the Marks. The Authorized User’s use of promotional materials provided by the Associations will not indicate, directly or indirectly, that such Associations endorse any goods or services other than their own and the Authorized User may not refer to any Associations in stating eligibility for its products or services. 26. FEDERAL DEBARMENT The Federal Department of Labor requires that State agencies which are expending Federal funds of $25,000 or more, have in the contract file, a certification by the Contractor that it has not been debarred or suspended from doing business with the Federal Government. Each Contractor must provide this documentation upon request. 27. FORCE MAJEURE Except for defaults of subcontractors at any tier, the Contractor shall not be liable for any excess costs if the failure to perform the Contract arises from causes beyond the control and without the fault or negligence of the Contractor. Examples of such causes include, but are not limited to: a. Acts of God or of the public enemy, and b. Acts of the federal or state government in either its sovereign or contractual capacity. If the failure to perform is caused by the default of a subcontractor at any tier, and if the cause of the default is beyond the control of both the Contractor and subcontractor, and without the fault or negligence of either, the Contractor shall not be liable for any excess costs for failure to perform. 28. RIGHT TO TERMINATE a. The State may terminate the Agreement and any Authorized User may terminate its respective Subsidiary Agreement for cause upon a reasonable and good faith determination that the Contractor failed to perform the requirements of this Agreement at the time and in the manner herein provided in Section (b) below. However, Authorized Users will provide a Cure Period, rather than immediate termination, if a breach involves meeting a service level agreement identified in Exhibit A, Section 5. Nonetheless, the 163 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 11 of 71 State and Authorized Users reserve the right to terminate for cause without providing additional Cure Periods if a service level issue for which a Cure Period has previously been provided recurs. b. In the event of a breach, the State or Authorized User will send the Contractor a notice specifying the breach and providing the Contractor an opportunity to cure the breach within a period of time no less than thirty (30) days “Cure Period”. If the breach is not cured within the Cure Period, the State or Authorized User has the right to terminate the Agreement upon thirty (30) days notice to the Contractor. c. The State may terminate the Agreement without cause upon sixty (60) days advance written notice to the Contractor. Authorized Users may terminate their respective Subsidiary Agreements without cause upon sixty (60) days advance written notice to the Contractor. In the event of a termination without cause, Contractor shall not be responsible for any costs to the State or an Authorized User associated with such termination and any sum due the Contractor under this Agreement (which sum due to the Contractor shall include, but not be limited to, fees as set forth in this Agreement) for Charges up to the date of a termination shall be paid to the Contractor including any Chargebacks, fees, fines or penalties owed by the State or Authorized User after termination, which shall be paid within forty-five (45) days of presentment of a non- disputed invoice, in accordance with Exhibit B, Section 3. d. After receipt of a notice of termination by the State, or an Authorized User, and except as otherwise directed by the State or Authorized User, Contractor shall: i. Stop work as specified in the notice of termination. ii. Place no further subcontracts for materials, services, or facilities, except as necessary to complete the continuing portion of the Agreement. iii. Terminate all subcontracts to the extent they relate to the work terminated. After receipt of a notice of termination and prior to the contract termination effective date, Contractor agrees to diligently proceed without interruption in the performance of this Agreement. Contractor’s failure to diligently proceed in accordance with this Agreement shall be considered a material breach of this Agreement. 29. NEWS RELEASES Unless otherwise exempted, news releases, endorsements, advertising, and social media content pertaining to this Contract shall not be made without prior written approval of the Department of General Services. 30. CONTRACTOR’S ADMINISTRATIVE FEE The Contractor is required to pay a fee to DGS-PD based on the number of settled transactions processed. The fee is paid quarterly and is calculated as equal to $0.01 (1 cent) for each transaction processed per quarter under this Agreement. This Administrative Fee shall not be invoiced or charged to the ordering agency or customer. Payment by the Contractor shall be made quarterly to DGS-PD irrespective of payment status of Subsidiary Agreements. 164 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 12 of 71 Failure to submit correct reports and payments on a timely basis shall constitute grounds for default of this Agreement pursuant to Exhibit A, Section 28(b). Payments are due for the reporting period by the thirtieth (30th) calendar day following the ending of the quarter. (Note: If the due date is on a Saturday or Sunday, the due date will be the Monday following.) Payment may be made in the form of an electronic payment using the PD LPA Payment Portal or by submitting a check payable to the State of California, Department of General Services. Along with each payment, a Usage Report, filtered in Excel as prescribed in Exhibit A, Section 11 “Reporting Requirements,” shall be submitted to the State Contract Administrator. To submit fees through the PD LPA Payment Portal, users must register on the DGS-PD LPA Payment Portal (https://www.dgs.ca.gov/PD/Services/Page-Content/Procurement- Division-Services-List-Folder/Access-LPA-Payment-Portal). Administrative Fee payments made by check shall be submitted to the following address: Department of General Services Procurement Division Attn: MAPS Payment Processing 707 Third Street, 2nd Floor West Sacramento, CA 95605 165 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 13 of 71 Exhibit A.1: Selected Services The table below contains the services selected by the Authorized User within their Subsidiary Agreement #____________________. By selecting one or more of the services, the Authorized User is agreeing to be bound by the terms and conditions of the MSA 5-22-70-22-01. Description ☐ Credit and Debit Card Processing ☐ Convenience/Service Fees ☐ Exhibit I: Mass Transit Services 166 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 14 of 71 Exhibit B: Budget Detail and Payment Provisions 1. INVOICING AND PAYMENT a. Authorized Users will open a Demand Deposit Account (DDA) at an approved State financial institution that participates in the Automated Clearing House of the Federal Reserve System (ACH) to accept electronic payments via ACH under this MSA. For California State Authorized users this DDA must be a Zero Balance Account (ZBA). b. Each Authorized User must provide the Contractor with the name, bank deposit account and A B A (bank routing) numbers of the financial institution where such Authorized User’s DDA is established. Further, Authorized User must notify Contractor of any changes to its financial institution, account, or ACH information over the course of the agreement. Each Authorized User must also notify its financial institution that the Contractor has access to make deposits to the designated DDA. Contractor does not have authority to debit any amounts from the Authorized User’s DDA. c. Contractor shall settle the total amount for charges gross daily, net of refunds and reversals. Processing fees, chargebacks and adjustments will be invoiced to the Authorized Users. Contractor will not charge processing fees that are higher than or any additional fees other than those specified in Exhibit E.1: Service Pricing which cover all services provided by this MSA including electronic payment acceptance services, user guides, reports, and customer service. d. If Authorized Users choose to assess a convenience and/or service fee, Authorized User acknowledges that all fees collected will be settled to a DDA established by the Contractor or Service Provider. Contractor or Service Provider will charge the convenience and/or service fee as a separate charge from the transaction amount, if applicable in accordance with Exhibit E, Section 4. All amounts owed to the Contractor for services provided in the Subsidiary Agreement will be deducted from the convenience and/or service fees collected by the Contractor or charged to the Service Provider, as applicable. Authorized Users remain responsible for Chargebacks. e. Contractor shall initiate payment to each Authorized User’s DDA in accordance with the schedule noted in Exhibit A, Section 5 (a)(i). If the payment transmittal date falls on a day that Contractor’s bank is not open for processing payments, Contractor will initiate payment the next available business day. Funds due to State Authorized Users shall never be held in Contractor’s account or any other account not specifically authorized by an Authorized User. Contractor will not be responsible for any obligations, damages, or liabilities in excess of the amount of the applicable debit, credit, or adjustment to an Authorized User’s DDA in the event that the Authorized User’s financial institution does not honor any such item or improperly applies it to such Authorized User’s account. f. Each Authorized User shall provide billing information (mailing address, contact person, etc.) as part of its individual Subsidiary Agreement (defined in Exhibit A Section 14) executed with Contractor. g. Invoices shall be submitted in arrears to each State Authorized User on Contractor’s letterhead within fifteen (15) days of the end of each month and in accordance with the Prompt Payment Act. The invoice shall include: • The Subsidiary Agreement Number between the Authorized User and the Contractor. • Authorized User Name. 167 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 15 of 71 • Authorized User Merchant Number. • Time period covered. • Work completed for the period shall be identified (detailed statement of services rendered) as specified in the individual Authorized User’s Subsidiary Agreement. • Contact information for billing comments or inquiries such as a telephone number, fax number, and address. h. Chargeback invoices shall be submitted to each State Authorized User on Contractor’s letterhead within forty-eight (48) hours of the final chargeback dispute decision. The invoice shall include: • The Subsidiary Agreement Number between the Authorized User and the Contractor. • Chargeback information. • Date • Transaction amount • Cardholder information • Dispute Reason • Authorized User Name. • Authorized User Merchant Number. • Contact information for billing comments or inquiries such as a telephone number, fax number, and address i. Upon receipt of invoices and subsequent approval by the Authorized User’s designated representative(s), the Authorized User will pay the Contractor for any invoice or chargeback invoice. j. Contractor shall indicate Chargebacks and adjustments (including Credits) to Authorized Users in statements and reports as required pursuant to Exhibit A, Section 5.b.v. k. The State does not accept liability of Local Authorized Users (cities, counties, local governments, political subdivisions etc.). 2. BUDGET CONTINGENCY CLAUSE a. It is mutually agreed that if the Budget Act of the current year and/or any subsequent years covered under the Authorized User’s Subsidiary Agreement does not appropriate sufficient funds for the program contemplated thereunder, the Authorized User’s Subsidiary Agreement shall be of no further force and effect after the Authorized User provides written notice to Contractor. In this event, the State shall have no liability to pay any funds whatsoever to Contractor or to furnish any other consideration under the Subsidiary Agreement. b. For State Authorized Users, if funding for any fiscal year is reduced or deleted by the Budget Act for purposes of the Authorized User’s programs, the Authorized Users shall have the option to either (i) cancel Authorized User’s Subsidiary Agreement with no liability occurring to the State by providing Contractor immediate written notice or (ii) offer an agreement amendment to Contractor to reflect the reduced amount. c. In the event an Authorized User’s Subsidiary Agreement is terminated pursuant to this Exhibit B, Section 2, such Authorized User shall be responsible for payment of all amounts owed to Contractor related to transactions processed up until the effective 168 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 16 of 71 date of termination and for all items received post-termination that relate to transactions processed prior to termination. 3. PROMPT PAYMENT CLAUSE Payment will be made in accordance with, and within the time specified in, Government Code Chapter 4.5, commencing with Section 927. 4. CONTRACTOR OVERPAYMENTS a. If the Authorized User determines that an overpayment has been made to the Contractor, the Authorized User will seek recovery immediately upon discovery of the overpayment by calling the contractor service center to request a refund of the overpayment amount. The Contractor shall have up to five (5) business days to verify overpayments. The Contractor will initiate deposit of verified overpayments to the Authorized User’s ZBA the next available business day. b. If Contractor discovers they have received an overpayment, contractor must notify the Authorized user and refund or deposit the overpayment immediately. 169 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 17 of 71 Exhibit C: Terms and Conditions (As Modified) 1. APPROVAL: This Agreement is of no force or effect until signed by both parties and approved by the Department of General Services, if required. Contractor may not commence performance until such approval has been obtained. 2. AMENDMENT: No amendment or variation of the terms of this Agreement shall be valid unless made in writing, signed by the parties and approved as required. No oral understanding or Agreement not incorporated in the Agreement is binding on any of the parties. 3. ASSIGNMENT: This Agreement is not assignable by either party, either in whole or in part, without the consent of the other party in the form of a formal written amendment. 4. AUDIT: Contractor agrees that the awarding department, the Department of General Services, the Bureau of State Audits, or their designated representative shall have the right to review and to copy any records and supporting documentation pertaining to the performance of this Agreement. Contractor agrees to maintain such records for possible audit for a minimum of three (3) years after final payment, unless a longer period of records retention is stipulated. Contractor agrees to allow the auditor(s) access to such records during normal business hours and to allow interviews of any employees who might reasonably have information related to such records. Further, Contractor agrees to include a similar right of the State to audit records and interview staff in any subcontract related to performance of this Agreement. (Gov. Code §8546.7, Pub. Contract Code §10115 et seq., CCR Title 2, Section 1896). 5. INDEMNIFICATION: Contractor agrees to indemnify, defend and save harmless the State, its officers, agents and employees: (a) from any and all claims and losses caused by the negligence or willful misconduct in the performance of this Agreement by Contractor, its subcontractors, suppliers, laborers, and any other person, firm or corporation engaged by Contractor to furnish or supply work services, materials, or supplies in connection with the performance of this Agreement, and (b) from any and all claims and losses accruing or resulting to any person, firm or corporation who may be injured or damaged by Contractor’s negligence or willful misconduct in the performance of this Agreement. 6. DISPUTES: Contract and the State shall continue with the responsibilities under this Agreement during any dispute. 7. TERMINATION FOR CAUSE: See Exhibit A, Section 28. 8. INDEPENDENT CONTRACTOR: Contractor, and the agents and employees of Contractor, in the performance of this Agreement, shall act in an independent capacity and not as officers or employees or agents of the State. 9. RECYCLING CERTIFICATION: The Contractor shall certify in writing under penalty of perjury, the minimum, if not exact, percentage of post-consumer material as defined in the Public Contract Code Section 12200, in products, materials, goods, or supplies offered or sold to the State regardless of whether the product meets the requirements of Public Contract Code Section 12209. With respect to printer or duplication cartridges that comply with the requirements of Section 12156(e), the certification required by this subdivision shall specify that the cartridges so comply (Pub. Contract Code §12205). 10. NON-DISCRIMINATION CLAUSE: During the performance of this Agreement, Contractor and its subcontractors shall not deny the contract’s benefits to any person on the basis of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, or military and veteran status, nor shall they 170 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 18 of 71 discriminate unlawfully against any employee or applicant for employment because of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, or military and veteran status. Contractor shall insure that the evaluation and treatment of employees and applicants for employment are free of such discrimination. Contractor and subcontractors shall comply with the provisions of the Fair Employment and Housing Act (Gov. Code §12900 et seq.), the regulations promulgated thereunder (Cal. Code Regs., tit. 2, §11000 et seq.), the provisions of Article 9.5, Chapter 1, Part 1, Division 3, Title 2 of the Government Code (Gov. Code §§11135- 11139.5), and the regulations or standards adopted by the awarding state agency to implement such article. Contractor shall permit access by representatives of the Department of Fair Employment and Housing and the awarding state agency upon reasonable notice at any time during the normal business hours, but in no case less than 24 hours’ notice, to such of its books, records, accounts, and all other sources of information and its facilities as said Department or Agency shall require to ascertain compliance with this clause. Contractor and its subcontractors shall give written notice of their obligations under this clause to labor organizations with which they have a collective bargaining or other agreement. (See Cal. Code Regs., tit. 2, §11105.) Contractor shall include the nondiscrimination and compliance provisions of this clause in all subcontracts to perform work under the Agreement. 11. CERTIFICATION CLAUSES: The CONTRACTOR CERTIFICATION CLAUSES contained in the document CCC 04/2017 are hereby incorporated by reference and made a part of this Agreement by this reference as if attached hereto. 12. TIMELINESS: Time is of the essence in this Agreement. 13. COMPENSATION: The consideration to be paid Contractor, as provided herein, shall be in compensation for all of Contractor's expenses incurred in the performance hereof, including travel, per diem, and taxes, unless otherwise expressly so provided. 14. GOVERNING LAW: This contract is governed by and shall be interpreted in accordance with the laws of the State of California. 15. ANTITRUST CLAIMS: The Contractor by signing this agreement hereby certifies that if these services or goods are obtained by means of a competitive bid, the Contractor shall comply with the requirements of the Government Codes Sections set out below. a. The Government Code Chapter on Antitrust claims contains the following definitions: 1. "Public purchase" means a purchase by means of competitive bids of goods, services, or materials by the State or any of its political subdivisions or public agencies on whose behalf the Attorney General may bring an action pursuant to subdivision (c) of Section 16750 of the Business and Professions Code. 2. "Public purchasing body" means the State or the subdivision or agency making a public purchase. Government Code Section 4550. b. In submitting a bid to a public purchasing body, the bidder offers and agrees that if the bid is accepted, it will assign to the purchasing body all rights, title, and interest in and 171 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 19 of 71 to all causes of action it may have under Section 4 of the Clayton Act (15 U.S.C. Sec. 15) or under the Cartwright Act (Chapter 2 (commencing with Section 16700) of Part 2 of Division 7 of the Business and Professions Code), arising from purchases of goods, materials, or services by the bidder for sale to the purchasing body pursuant to the bid. Such assignment shall be made and become effective at the time the purchasing body tenders final payment to the bidder. Government Code Section 4552. c. If an awarding body or public purchasing body receives, either through judgment or settlement, a monetary recovery for a cause of action assigned under this chapter, the assignor shall be entitled to receive reimbursement for actual legal costs incurred and may, upon demand, recover from the public body any portion of the recovery, including treble damages, attributable to overcharges that were paid by the assignor but were not paid by the public body as part of the bid price, less the expenses incurred in obtaining that portion of the recovery. Government Code Section 4553. d. Upon demand in writing by the assignor, the assignee shall, within one year from such demand, reassign the cause of action assigned under this part if the assignor has been or may have been injured by the violation of law for which the cause of action arose and (a) the assignee has not been injured thereby, or (b) the assignee declines to file a court action for the cause of action. See Government Code Section 4554. 16. CHILD SUPPORT COMPLIANCE ACT: For any Agreement in excess of $100,000, the contractor acknowledges in accordance with Public Contract Code 7110, that: a. The contractor recognizes the importance of child and family support obligations and shall fully comply with all applicable state and federal laws relating to child and family support enforcement, including, but not limited to, disclosure of information and compliance with earnings assignment orders, as provided in Chapter 8 (commencing with section 5200) of Part 5 of Division 9 of the Family Code; and b. The contractor, to the best of its knowledge is fully complying with the earnings assignment orders of all employees and is providing the names of all new employees to the New Hire Registry maintained by the California Employment Development Department. 17. UNENFORCEABLE PROVISION: In the event that any provision of this Agreement is unenforceable or held to be unenforceable, then the parties agree that all other provisions of this Agreement have force and effect and shall not be affected thereby. 18. PRIORITY HIRING CONSIDERATIONS: If this Contract includes services in excess of $200,000, the Contractor shall give priority consideration in filling vacancies in positions funded by the Contract to qualified recipients of aid under Welfare and Institutions Code Section 11200 in accordance with Pub. Contract Code §10353. 19. SMALL BUSINESS PARTICIPATION AND DVBE PARTICIPATION REPORTING REQUIREMENTS: a. If for this Contract Contractor made a commitment to achieve small business participation, then Contractor must within 60 days of receiving final payment under this Contract (or within such other time period as may be specified elsewhere in this Contract) report to the awarding department the actual percentage of small business participation that was achieved. (Govt. Code § 14841.) b. If for this Contract Contractor made a commitment to achieve disabled veteran business enterprise (DVBE) participation, then Contractor must within 60 days of receiving final payment under this Contract (or within such other time period as may be specified elsewhere in this Contract) certify in a report to the awarding department: (1) the total amount the prime Contractor received under the Contract; (2) the name 172 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 20 of 71 and address of the DVBE(s) that participated in the performance of the Contract; (3) the amount each DVBE received from the prime Contractor; (4) that all payments under the Contract have been made to the DVBE; and (5) the actual percentage of DVBE participation that was achieved. A person or entity that knowingly provides false information shall be subject to a civil penalty for each violation. (Mil. & Vets. Code § 999.5(d); Govt. Code § 14841.) 20. LOSS LEADER: If this contract involves the furnishing of equipment, materials, or supplies then the following statement is incorporated: It is unlawful for any person engaged in business within this state to sell or use any article or product as a “loss leader” as defined in Section 17030 of the Business and Professions Code. (PCC 10344(e)). 173 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 21 of 71 Exhibit C.1: General Provisions – Information Technology (As Modified) The following definitions apply to Exhibit C.1. All other capitalized terms shall have their meanings set forth in Exhibit G. 1. DEFINITIONS: Unless otherwise specified in the Statement of Work, the following terms shall be given the meaning shown, unless context requires otherwise. a) “Application Program” means a computer program which is intended to be executed for the purpose of performing useful work for the user of the information being processed. Application programs are developed or otherwise acquired by the user of the Hardware/Software system, but they may be supplied by the Contractor. b) “Attachment” means a mechanical, electrical, or electronic interconnection to the Contractor-supplied Machine or System of Equipment, manufactured by other than the original Equipment manufacturer that is not connected by the Contractor. c) “Business entity” means any individual, business, partnership, joint venture, corporation, S-corporation, limited liability company, sole proprietorship, joint stock company, consortium, or other private legal entity recognized by statute. d) “Commercial Hardware” means Hardware developed or regularly used that: (i) has been sold, leased, or licensed to the general public; (ii) has been offered for sale, lease, or license to the general public; (iii) has not been offered, sold, leased, or licensed to the public but will be available for commercial sale, lease, or license in time to satisfy the delivery requirements of this Contract; or (iv) satisfies a criterion expressed in (i), (ii), or (iii) above and would require only minor modifications to meet the requirements of this Contract. e) “Commercial Software” means Software developed or regularly used that: (i) has been sold, leased, or licensed to the general public; (ii) has been offered for sale, lease, or license to the general public; (iii) has not been offered, sold, leased, or licensed to the public but will be available for commercial sale, lease, or license in time to satisfy the delivery requirements of this Contract; or (iv) satisfies a criterion expressed in (i), (ii), or (iii) above and would require only minor modifications to meet the requirements of this Contract. f) “Contract” means this Contract or Agreement (including any purchase order), by whatever name known or in whatever format used. g) “Contractor” means the Business Entity with whom the State enters into this Contract. Contractor shall be synonymous with “supplier”, “vendor” or other similar term. h) “Data Processing System (System)” means the total complement of Contractor- furnished Machines, including one or more central processors (or instruction processors), Operating Software which are acquired to operate as an integrated group. i) “Deliverables” means Goods, Software, Information Technology, telecommunications technology, Hardware, and other items (e.g. reports) to be delivered pursuant to this Contract, including any such items furnished incident to the provision of services. j) “Designated CPU(s)” means for each product, if applicable, the central processing unit of the computers or the server unit, including any associated peripheral units. If 174 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 22 of 71 no specific “Designated CPU(s)” are specified on the Contract, the term shall mean any and all CPUs located at the site specified therein. k) “Documentation” means manuals and other printed materials necessary or useful to the State in its use or maintenance of the Equipment or Software provided hereunder. Manuals and other printed materials customized for the State hereunder constitute Work Product if such materials are required by the Statement of Work. l) “Equipment” is an all-inclusive term which refers either to individual Machines or to a complete Data Processing System or Subsystem, including its Hardware and Operating Software (if any). m) “Goods” means all types of tangible personal property, including but not limited to materials, supplies, and Equipment (including computer and telecommunications Equipment). n) “Hardware” usually refers to computer Equipment and is contrasted with Software. See also Equipment. o) “Installation Date” means the date specified in the Statement of Work by which the Contractor must have the ordered Equipment ready (certified) for use by the State. p) “Information Technology” includes, but is not limited to, all electronic technology systems and services, automated information handling, System design and analysis, conversion of data, computer programming, information storage and retrieval, telecommunications which include voice, video, and data communications, requisite System controls, simulation, electronic commerce, and all related interactions between people and Machines. q) “Machine” means an individual unit of Data Processing System or Subsystem, separately identified by a type and/or model number, comprised of but not limited to mechanical, electro-mechanical, and electronic parts, microcode, and special features installed thereon and including any necessary Software, e.g., central processing unit, memory module, tape unit, card reader, etc. r) “Programming Aids” means Contractor-supplied programs and routines executable on the Contractor’s Equipment which assists a programmer in the development of applications including language processors, sorts, communications modules, data base management systems, and utility routines (tape-to-disk routines, disk-to-print routines, etc.). s) “Program Product” means programs, routines, subroutines, and related items which are proprietary to the Contractor and which are licensed to the State for its use, usually on the basis of separately stated charges and appropriate contractual provisions. t) “Software” means an all-inclusive term which refers to any computer programs, routines, or subroutines supplied by the Contractor, including Operating Software, Programming Aids, Application Programs, and Program Products. u) “State” means the government of the State of California, its employees and authorized representatives, including without limitation any department, agency, any 175 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 23 of 71 Authorized User participating in the MSA, or other unit of the government of the State of California. v) “System” means the complete collection of Hardware, Software and services as described in this Contract, integrated and functioning together, and performing in accordance with this Contract. w) “U.S. Intellectual Property Rights” means intellectual property rights enforceable in the United States of America, including without limitation rights in trade secrets, copyrights, and U.S. patents. 2. SEVERABILITY: See MSA Exhibit C, Section 17. 3. COMPLIANCE WITH STATUTES AND REGULATIONS: a) The State and the Contractor warrants and certifies that in the performance of this Contract, it will comply with all applicable statutes, rules, regulations and orders of the United States and the State of California. The Contractor agrees to indemnify the State against any loss, cost, damage or liability by reason of the Contractors violation of this provision. b) The State will notify the Contractor of any such claim in writing and tender the defense thereof within a reasonable time; and c) The Contractor will have sole control of the defense of any action on such claim and all negotiations for its settlement or compromise; provided that (i) when substantial principles of government or public law are involved, when litigation might create precedent affecting future State operations or liability, or when involvement of the State is otherwise mandated by law, the State may participate in such action at its own expense with respect to attorneys’ fees and costs (but not liability); (ii) where a settlement would impose liability on the State, affect principles of California government or public law, or impact the authority of the State, the Department of General Services will have the right to approve or disapprove any settlement or compromise, which approval will not unreasonably be withheld or delayed and (iii) the State will reasonably cooperate in the defense and in any related settlement negotiations. d) If this Contract is in excess of $554,000, it is subject to the requirements of the World Trade Organization (WTO) Government Procurement Agreement (GPA). e) To the extent that this Contract falls within the scope of Government Code Section 11135, the Contractor hereby agrees to respond to and resolve any complaint brought to its attention, regarding accessibility of its products or services. 4. CONTRACTOR’S POWER AND AUTHORITY: See MSA Exhibit C, Section 5. 5. WAIVER OF RIGHTS: Any action or inaction by the State or the failure of the State on any occasion, to enforce any right or provision of the Contract, shall not be construed to be a waiver by the State of its rights hereunder and shall not prevent the State from enforcing such provision or right on any future occasion. The rights and remedies of the State herein are cumulative and are in addition to any other rights or remedies that the State may have at law or in equity. 6. DELIVERY: The Contractor shall strictly adhere to the delivery and completion schedules specified in this Contract. Time, if stated as a number of days, shall mean calendar days unless otherwise specified. The quantities specified herein are the only quantities required. If the Contractor delivers in excess of the quantities specified herein, the State shall not be required to make any payment for the excess Deliverables, and 176 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 24 of 71 may return them to Contractor at the Contractor’s expense or utilize any other rights available to the State at law or in equity. 7. INSPECTION, ACCEPTANCE AND REJECTION: See Exhibit F, Sections 4(e) and (f). 8. SAMPLES: a) Samples of items may be required by the State for inspection and specification testing and must be furnished free of expense to the State. The samples furnished must be identical in all respects to the products bid and/or specified in the Contract. b) Samples, if not destroyed by tests, may, upon request made at the time the sample is furnished, be returned at the Contractor’s expense. 9. WARRANTY: a) Unless otherwise specified in the Statement of Work, the warranties in this subsection a) begin upon delivery of the goods or services in question and end one (1) year thereafter. The Contractor warrants that (i) Deliverables and services furnished hereunder will substantially conform to the requirements of this Contract (including without limitation all descriptions, specifications, and drawings identified in the Statement of Work), and (ii) the Deliverables will be free from material defects in materials and workmanship. Where the parties have agreed to design specifications (such as a Detailed Design Document) and incorporated the same or equivalent in the Statement of Work directly or by reference, the Contractor will warrant that it’s Deliverables provide all material functionality required thereby. In addition to the other warranties set forth herein, where the Contract calls for delivery of Commercial Software, the Contractor warrants that such Software will perform in accordance with its license and accompanying Documentation. The State’s approval of designs or specifications furnished by Contractor shall not relieve the Contractor of its obligations under this warranty. b) The Contractor warrants that Deliverables furnished hereunder (i) will be free, at the time of delivery, of harmful code (i.e. computer viruses, worms, trap doors, time bombs, disabling code, or any similar malicious mechanism designed to interfere with the intended operation of, or cause damage to, computers, data, or Software); and (ii) will not infringe or violate any U.S. Intellectual Property Right. Without limiting the generality of the foregoing, if the State believes that harmful code may be present in any Commercial Software delivered hereunder, the Contractor will, upon the State’s request, provide a new or clean install of the Software. c) Unless otherwise specified in the Statement of Work: i. The Contractor does not warrant that any Software provided hereunder is error- free or that it will run without immaterial interruption. ii. The Contractor does not warrant and will have no responsibility for a claim to the extent that it arises directly from (A) a modification made by the State, unless such modification is approved or directed by the Contractor in writing, (B) use of Software in combination with or on products other than as specified by the Contractor, or (C) misuse by the State. iii. Where the Contractor resells Commercial Hardware or Commercial Software it purchased from a third party, Contractor, to the extent it is legally able to do so, will pass through any such third party warranties to the State and will reasonably cooperate in enforcing them. Such warranty pass-through will not relieve the Contractor from Contractor’s warranty obligations set forth above. 177 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 25 of 71 d) All warranties, including special warranties specified elsewhere herein, shall inure to the State, its successors, assigns, customer agencies, and governmental users of the Deliverables or services. e) Except as may be specifically provided in the Statement of Work or elsewhere in this Contract, for any breach of the warranties provided in this Section, the State’s exclusive remedy and the Contractor’s sole obligation will be limited to: i. re-performance, repair, or replacement of the nonconforming Deliverable (including without limitation an infringing Deliverable) or service; or ii. should the State in its sole discretion consent, refund of all amounts paid by the State for the nonconforming Deliverable or service and payment to the State of any additional amounts necessary to equal the State’s Cost to Cover. “Cost to Cover” means the cost, properly mitigated, of procuring Deliverables or services of equivalent capability, function, and performance. The payment obligation in subsection (e)(ii) above will not exceed the limits on the Contractor’s liability set forth in Exhibit A, Section 24. f) EXCEPT FOR THE EXPRESS WARRANTIES SPECIFIED IN THIS SECTION, THE CONTRACTOR MAKES NO WARRANTIES EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 10. SAFETY AND ACCIDENT PREVENTION: In performing work under this Contract on State premises, the Contractor shall conform to any specific safety requirements contained in the Contract or as required by law or regulation. The Contractor shall take any additional precautions as the State may reasonably require for safety and accident prevention purposes. Any violation of such rules and requirements, unless promptly corrected, shall be grounds for termination of this Contract in accordance with the default provisions hereof. 11. RIGHTS AND REMEDIES OF STATE FOR DEFAULT: a) In the event any Deliverables furnished or services provided by the Contractor in the performance of the Contract should fail to conform to the requirements herein, or to the sample submitted by the Contractor, the State may reject the same, and it shall become the duty of the Contractor to reclaim and remove the item promptly or to correct the performance of services, without expense to the State, and immediately replace all such rejected items with others conforming to the Contract. b) In addition to any other rights and remedies the State may have, the State may require the Contractor, at Contractor’s expense, to ship Deliverables via air freight or expedited routing to avoid or minimize actual or potential delay if the delay is the fault of the Contractor. c) In the event of the termination of the Contract, either in whole or in part, by reason of default or breach by the Contractor, any loss or damage sustained by the State in procuring any items which the Contractor agreed to supply shall be borne and paid for by the Contractor (but subject to the clause set forth in Exhibit A, Section 24). d) The State reserves the right to offset the reasonable cost of all damages caused to the State against any outstanding invoices or amounts owed to the Contractor or to make a claim against the Contractor therefore subject to Exhibit A, Section 24. 178 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 26 of 71 12. TAXES: Unless otherwise required by law, the State of California is exempt from Federal excise taxes. The State will only pay for any State or local sales or use taxes on the services rendered or Goods supplied to the State pursuant to this Contract. 13. CONFIDENTIALITY OF DATA: All financial statistical, personal, technical and other data and information relating to the State’s operation which are designated confidential by the state and made available to the Contractor in order to carry out this Contract, or which become available to the Contractor in carrying out this Contract, shall be protected by the Contractor from unauthorized use and disclosure through the observance of the same or more effective procedural requirements as are applicable to the State. The identification of all such confidential data and information as well as the State's procedural requirements for protection of such data and information from unauthorized use and disclosure shall be provided by the State in writing to the Contractor. If the methods and procedures employed by the Contractor for the protection of the Contractor's data and information are deemed by the State to be adequate for the protection of the State's confidential information, such methods and procedures may be used, with the written consent of the State, to carry out the intent of this paragraph. The Contractor shall not be required under the provisions of this paragraph to keep confidential any data or information which is or becomes publicly available, is already rightfully in the Contractor's possession without obligation of confidentiality, is independently developed by the Contractor outside the scope of this Contract, or is rightfully obtained from third parties. 14. PROTECTION OF PROPRIETARY SOFTWARE AND OTHER PROPRIETARY DATA: a) Subject to the California Public Records Act, the State agrees that all material appropriately marked or identified in writing as proprietary, and furnished hereunder are provided for the State’s exclusive use for the purposes of this Contract only. b) The State will ensure, prior to disposing of any media, that any licensed materials contained thereon have been erased or otherwise destroyed. c) The State agrees that it will take appropriate action by instruction, agreement or otherwise with its employees or other persons permitted access to licensed software and other proprietary data to satisfy its obligations in this Contract with respect to use, copying, modification, protection and security of proprietary software and other proprietary data. 15. RIGHT TO COPY OR MODIFY: a) Any Software Product provided by the Contractor in machine-readable form may be copied, in whole or in part, in printed or machine-readable form for use by the State with the designated CPU, to perform one-time benchmark tests, for archival or emergency restart purposes, to replace a worn copy, to understand the contents of such machine- readable material, or to modify the Software Product as provided below; provided, however, that no more than the number of printed copies and machine-readable copies as specified in the Statement of Work will be in existence under this Contract at any time without prior written consent of the Contractor. Such consent shall not be unreasonably withheld by the Contractor. The original, and any copies of the Software Product, in whole or in part, which are made hereunder shall be the property of the Contractor. b) The State may modify any non-personal computer Software Product, in machine- readable form, for its own use and merge it into other program material. Any portion of the Software Product included in any merged program material shall be used only 179 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 27 of 71 on the designated CPUs and shall be subject to the terms and conditions of the Contract. 16. ENCRYPTION/CPU ID AUTHORIZATION CODES: a) When Encryption/CPU Identification (ID) authorization codes are required to operate the Software Products, the Contractor will provide all codes to the State with delivery of the Software. b) In case of inoperative CPU, the Contractor will provide a temporary encryption/CPU ID authorization code to the State for use on a temporarily authorized CPU until the designated CPU is returned to operation. c) When changes in designated CPUs occur, the State will notify the Contractor via telephone and/or facsimile/e-mail of such change. Upon receipt of such notice, the Contractor will issue via telephone and/or facsimile/e-mail to the State within 24 hours, a temporary encryption ID authorization code for use on the newly designated CPU until such time as permanent code is assigned. 17. PATENT, COPYRIGHT AND TRADE SECRET INDEMNITY: a) Contractor will indemnify, defend, and save harmless the State, its officers, agents, and employees, from any and all third party claims, costs (including without limitation reasonable attorneys’ fees), and losses for infringement or violation of any U.S. Intellectual Property Right by any product or service provided hereunder. With respect to claims arising from computer Hardware or Software manufactured by a third party and sold by Contractor as a reseller, Contractor will pass through to the State such indemnity rights as it receives from such third party (“Third Party Obligation”) and will cooperate in enforcing them; provided that if the third party manufacturer fails to honor the Third Party Obligation, Contractor will provide the State with indemnity protection equal to that called for by the Third Party Obligation, but in no event greater than that called for in the first sentence of this Section). The provisions of the preceding sentence apply only to third party computer Hardware or Software sold as a distinct unit and accepted by the State. Unless a Third Party Obligation provides otherwise, the defense and payment obligations set forth in this Section will be conditional upon the following: i. The State will notify the Contractor of any such claim in writing and tender the defense thereof within a reasonable time; and ii. The Contractor will have sole control of the defense of any action on such claim and all negotiations for its settlement or compromise; provided that (a) when substantial principles of government or public law are involved, when litigation might create precedent affecting future State operations or liability, or when involvement of the State is otherwise mandated by law, the State may participate in such action at its own expense with respect to attorneys’ fees and costs (but not liability); (b) where a settlement would impose liability on the State, affect principles of California government or public law, or impact the authority of the State, the Department of General Services will have the right to approve or disapprove any settlement or compromise which approval will not unreasonably be withheld or delayed; and (c) the State will reasonably cooperate in the defense and in any related settlement negotiations. b) Should the Deliverables, or the operation thereof, become, or in the Contractor’s opinion are likely to become, the subject of a claim of infringement or violation of a U.S. Intellectual Property Right, the State shall permit the Contractor, at its option 180 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 28 of 71 and expense, either to procure for the State the right to continue using the Deliverables, or to replace or modify the same so that they become non-infringing. If none of these options can reasonably be taken, or if the use of such Deliverables by the State shall be prevented by injunction the Contractor agrees to take back such Deliverables and make every reasonable effort to assist the State in procuring substitute Deliverables. If, in the sole opinion of the State, the return of such infringing Deliverables makes the retention of other Deliverables acquired from the Contractor under this Contract impractical, the State shall then have the option of terminating such Contracts, or applicable portions thereof, without penalty or termination charge. The Contractor agrees to take back such Deliverables and refund any sums the State has paid the Contractor less any reasonable amount for use or damage. c) The Contractor shall have no liability to the State under any provision of this clause with respect to any claim of patent, copyright or trade secret infringement which is based upon: i. The operation of Equipment furnished by the Contractor under the control of any Operating Software other than, or in addition to, the current version of Contractor- supplied Operating Software; or ii. The modification initiated by the State, or a third party at the State’s direction, of any Deliverable furnished hereunder; or iii. The combination or utilization of Software furnished hereunder with non- contractor supplied Software. d) The Contractor certifies that it has appropriate systems and controls in place to ensure that State funds will not be used in the performance of this Contract for the acquisition, operation or maintenance of computer Software in violation of copyright laws. 18. COVENANT AGAINST GRATUITIES: The Contractor warrants that no gratuities (in the form of entertainment, gifts, or otherwise) were offered or given by the Contractor, or any agent or representative of the Contractor, to any officer or employee of the State with a view toward securing the Contract or securing favorable treatment with respect to any determinations concerning the performance of the Contract. For breach or violation of this warranty, the State shall have the right to terminate the Contract, either in whole or in part, and any loss or damage sustained by the State in procuring on the open market any items which the Contractor agreed to supply shall be borne and paid for by the Contractor. The rights and remedies of the State provided in this clause shall not be exclusive and are in addition to any other rights and remedies provided by law or in equity. 19. NATIONAL LABOR RELATIONS BOARD CERTIFICATION: See MSA Exhibit C, Section 11. 20. FOUR DIGIT DATE COMPLIANCE: Contractor warrants that it will provide only Four- Digit Date Compliant (as defined below) Deliverables and/or services to the State. “Four Digit Date Compliant” Deliverables and services can accurately process, calculate, compare, and sequence date data, including without limitation date data arising out of or relating to leap years and changes in centuries. This warranty and representation is subject to the warranty terms and conditions of this Contract and does not limit the generality of warranty obligations set forth elsewhere herein. 21. ELECTRONIC WASTE RECYCLING ACT OF 2003: The Contractor certifies that it complies with the applicable requirements of the Electronic Waste Recycling Act of 181 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 29 of 71 2003, Chapter 8.5, Part 3 of Division 30, commencing with Section 42460 of the Public Resources Code. The Contractor shall maintain documentation and provide reasonable access to its records and documents that evidence compliance. 22. USE TAX COLLECTION: In accordance with PCC Section 10295.1, the Contractor certifies that it complies with the requirements of Section 7101 of the Revenue and Taxation Code. Contractor further certifies that it will immediately advise the State of any change in its retailer’s seller’s permit or certification of registration or applicable affiliate’s seller’s permit or certificate of registration as described in subdivision (a) of PCC Section 10295.1. 182 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 30 of 71 Exhibit D: Insurance Requirements 1. PROOF OF INSURANCE Contractor shall provide proof of insurance, in the form of a certificate to the Authorized User. Insurance companies must be acceptable to DGS, Office of Risk Management (ORIM). If self-insured, review of financial information may be required. 2. GENERAL PROVISIONS APPLYING TO ALL POLICIES a. Coverage Term – Coverage needs to be in force for the complete term of the contract. If insurance expires during the term of the contract, a new certificate must be received by the State prior to the expiration of this insurance. Any new insurance must still comply with the original terms of the contract. b. Policy Cancellation or Termination & Notice of Non-Renewal – Contractor is responsible to notify the State within five business days before the effective date of any cancellation, non-renewal, or material change that affects required insurance coverage rendering Contractor in breach of the contract. In the event Contractor fails to keep in effect at all times the specified insurance coverage, the State may, in addition to any other remedies it may have, terminate this Contract upon the occurrence of such event, subject to the provisions of this Contract. c. Deductible – Contractor is responsible for any deductible or self-insured retention contained within their insurance program. d. Primary Clause – The general liability insurance contained in this contract shall be primary, and not excess or contributory, to any other insurance carried by the State. e. Insurance Carrier Required Rating – All insurance companies must carry an AM Best rating of note less than A- (minus) financial category VII. If the Contractor is self- insured for a portion or all of its insurance, and public reports are not readily available, review of financial information may be required upon request. f. Endorsements – Any required endorsements requested by the State must be physically attached to all requested certificates of insurance and not substituted by referring to such coverage on the certificate of insurance. g. Inadequate Insurance – Inadequate or lack of insurance does not negate the contractor obligations under the contract. h. Available Coverages/Limits - All coverage and limits available to the contractor shall also be available and applicable to the State. i. Subcontractors - In the case of Contractor utilization of subcontractors to complete the contracted scope of work, Contractor shall include all subcontractors as insured’s under Contractor and insurance or supply evidence of insurance to The State equal to policies, coverages and limits required of Contractor. The State has the right to accept lower limits appropriate for the services being subcontracted. 3. COMMERCIAL GENERAL LIABILITY Contractor shall maintain, at Contractor’s expense, and keep in effect during the term of this Contract, Commercial General Liability Insurance covering bodily injury, and property damage. This insurance shall include personal and advertising injury liability, products, completed operations, and contractual liability coverage. Coverage shall be written on an occurrence basis in an amount not be less than $1,000,000 per occurrence. Annual aggregate limit shall not be less than $2,000,000. The State of California, its officers, 183 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 31 of 71 agents, and employees are to be covered as additional insureds with respect to liability arising out of work or operations. 4. AUTO LIABILITY By signing this Agreement, the Contractor certifies that the Contractor and any employees, subcontractors or servants possess valid automobile coverage in accordance with California Vehicle Code Sections 1 6 4 5 0 to 1 6 4 5 7, inclusive. The State reserves the right to request proof at any time. 5. WORKERS’ COMPENSATION AND EMPLOYER’S LIABILITY Workers’ Compensation insurance as required by the State of California, with Statutory Limits, and Employer’s Liability Insurance with limit of no less than $1,000,000 per accident for bodily injury or disease. Policy shall be endorsed to include waiver of subrogation in favor of State of California. 6. PROFESSIONAL LIABILITY Contractor shall maintain, at Contractor’s expense, and keep in effect during the term of this Contract, Professional Liability Insurance covering any damages caused by an error, omission or any negligent acts including third party losses, related to the services to be provided under this contract by the Contractor and Contractor’s subcontractors, agents, officers and employees in an amount of not less than $1,000,000 per occurrence, incident or claim. Annual aggregate limit shall not be less than $2,000,000. 184 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 32 of 71 Exhibit E: Fees and Costs 1. FEES AND COSTS The fees and costs based on pricing provided in Exhibit E.1: Service Pricing and Exhibit E.2: Equipment and Software Pricing will be invoiced in accordance with Exhibit B. The amounts deposited into Authorized User’s Demand Deposit Account (DDA) will be gross receipts and net of refunds and reversals. 2. VISA AND MASTERCARD INTERCHANGE ASSESSMENT RATES The Visa and MasterCard interchange assessment pricing specified is subject to fluctuations. These rates are outside of the control of the State of California and the Contractor. Both increases and decreases in these rates are to be passed on to the Authorized Users of this Agreement in the form of changes in the official interchange assessment rates from VISA and MasterCard by the Contractor. Contractor will send, as promptly as possible, to each Authorized User, or designee, and to the DGS Contract Administrator, notices documenting all pricing adjustments resulting from the official changes in interchange assessment rates. The following sites provide the most up-to-date interchange assessment rates as they occur. • MasterCard Interchange Rates: http://www.mastercard.com/us/merchant/support/interchange_rates.html • Visa Interchange Rates: https://usa.visa.com/support/small-business/regulations-fees.html 3. EQUIPMENT PRICING Upon request, Contractor will provide equipment and software pricing and specification sheets on an annual basis in the format and delivery method specified by DGS. Once these prices are negotiated and approved by DGS, this information will be posted along with the respective contracts on the State’s Procurement Portal (Cal eProcure). Posting of price lists allows the Authorized Users access to both service and equipment/software pricing so Authorized Users can conduct a complete cost analysis based on their organization’s individual requirements. Authorized Users may negotiate pricing lower than the maximum pricing listed on the Contractor’s Price Sheet. Price declines shall be effective immediately upon any public notification of the decline. All prices quoted shall be firm fixed maximum for the initial price list period. However, should a price decline be announced by the Contractor after contract award, and prior to an Authorized User utilizing the services, then the Contractor shall use the reduced pricing. 4. CONVENIENCE/SERVICE FEES a. Authorized Users, at their discretion, may elect to have the Contractor or Service Provider charge a convenience and/or service fee to the cardholder (paying parties) to offset the processing fees charged to the Authorized User. Assessment of the convenience and/or service fee occurs at the time of the transaction. Use of Convenience and/or service fees should be addressed by each Authorized User in their individual Subsidiary Agreement. The convenience and/or service fee to be charged to Cardholders for transactions processed will be mutually agreed upon by Contractor or Service Provider and Authorized User. If the Authorized User is using the Contractor for convenience and/or 185 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 33 of 71 service fees, the amount of the convenience and/or service fee may be adjusted in the Subsidiary Agreement, at any time, upon the mutual agreement of Contractor and the Authorized User. Contractor shall not charge Authorized User a fee in consideration for processing the convenience and/or service fee. Any amendment to the convenience and/or service fee assessed by the Contractor must be agreed upon by the Authorized User and Contractor. Convenience and/or service fees are subject to the constraints of the card associations, card companies, Merchant Category Codes (MCC), business requirements of Authorized Users and, in some instances, by State regulations and/or laws. In general, card payments, and specific card brands, may not be disadvantaged at the point-of-sale relative to other payment. State and Local Use: • May only be charged by Authorized Users in certain fee programs based on Association Rules, Merchant Category Code (MCC) and the business requirements of Authorized Users. • Must be paid to and managed by the Contractor, or if requested by the Authorized User and approved by Contractor, paid to and managed by a Service Provider retained by the Authorized User (pursuant to Exhibit H, Section 14). If Authorized User chooses to use a Service Provider, Authorized User acknowledges that all fees will be settled into a DDA established by the Service Provider, and Contractor will charge the Service Provider for all fees due and owing for such Convenience/Service Fee transactions. Notwithstanding the foregoing, Authorized User shall be fully liable for any Contractor’s fees provided for in this Agreement. • Convenience and/or service fee and underlying transaction must be submitted and processed as two separate transactions. • Authorized Users who qualify for the American Express Public Sector Program (outlined in Chapter 34 of the Operating Guide) may elect to participate in the program, provided that the Authorized Users also participate in the Government/Public Institution Service Fees (GPISF) (outlined in Chapter 14 of the Operating Guide). Local Use Only: • May be paid to or managed by the Authorized User, Contractor, or Service Provider (as outlined above). • Convenience and/or service fee and underlying transaction may be combined into a single transaction, if allowed by local user. b. Contractor providing convenience and/or service fee services agrees to all of the following: • Contractor must provide option to assess or not assess a convenience fee. • Support convenience and/or service fee policies and variations in convenience fees at the individual Authorized User level while remaining in compliance with credit and debit card Association regulations. • Support convenience and/or service fee assessment with each type of payment channel provided within this contract (IVR, point of sale, internet, etc.). • Separate the Convenience and/or service fee from any payment that is owed by a Cardholder to Authorized User and paid through a payment transaction. Separate 186 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 34 of 71 Convenience and/or service fees from other fees when invoicing the Authorized User. • Provide Authorized User access to reports detailing all processed transactions. • Provide Cardholder the opportunity to make payments to the Authorized User by credit card through both an interactive telephone voice response system (“IVR”) and Internet interface. • On behalf of Authorized User, collect and process Authorized User Payments from Cardholders using the American Express Card, MasterCard, VISA, and Discover Card. • Provide Authorized User payment transactions to the appropriate card organizations through Contractor and Contractor shall settle the Authorized User’s payments to the Authorized User’s designated bank account. Contractor shall retain all convenience and/or service fees collected by it hereunder after paying all fees owed in connection with payment transactions to the appropriate parties. • Confirm the dollar amount of all cardholder’s authorized payments and the corresponding convenience and/or service fees to be charged to Cardholder and obtain the Cardholder’s approval (electronic or otherwise) of such charges prior to initiating credit authorizations. • Provide cardholder with electronic confirmation of card transactions. • Electronically transmit all card transactions to all parties involved, in real time as the transactions occur. • Arrange for a unique line merchant description for the Authorized payment that references the name of Authorized User and arrange for a separate unique line merchant description for the convenience and/or service fee that references Contractor and the nature of the fee. • Upon request by the Authorized User, assign to Authorized User one or more identification numbers or passwords for Authorized User’s use in obtaining the card services. Once such identification number(s) or password(s) have been delivered to Authorized User by Contractor, the use and confidentiality of such numbers and/or passwords shall be the sole responsibility of Authorized User. 187 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 35 of 71 Exhibit E.1: Service Pricing Category 1: Credit and Debit Card Service Pricing (Tier Pricing based on Transactions) Pricing for all Authorized Users during the first year of this Agreement is Tier 1 identified in the table below. Future MSA pricing will be determined using the methodology identified below in Pricing Disclosure. Service Pricing: Services Unit Tier 1 # of Transactions Range: 1-125,000,000 Tier 2 # of Transactions Range: 125,000,001- 150,000,000 Tier 3 # of Transactions Range: 150,000,001- 175,000,000 Tier 4 # of Transactions Range: 175,000,001- 200,000,000 Tier 5 # of Transactions Range: 200,000,001+ Authorization Fee Per Transaction $0.025 $0.024 $0.023 $0.022 $0.02 AMEX Authorization Fee (Pass Through Cost Per Transaction) $0.025 $0.024 $0.023 $0.022 $0.02 Chargeback Fee Per Transaction $5.00 $5.00 $5.00 $5.00 $5.00 Voice Authorization Per Transaction $0.75 $0.75 $0.75 $0.75 $0.75 Cybersource Gateway & Processing (Transit Only) Per Transaction $0.03 $0.03 $0.03 $0.03 $0.03 Foreign Network Fee (IP SSL) Per Transaction $0.03 $0.03 $0.03 $0.03 $0.03 Converge Tokenization Per Transaction $0.05 $0.04 $0.03 $0.02 $0.01 Pricing Disclosure Category 1: Credit and Debit Card Service Pricing (Tier Pricing based on Transactions) 188 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 36 of 71 Beginning on the Agreement Effective Date, all Authorized Users collectively under the MSA will be assigned to Tier 1, as identified on Exhibit E.1 - Service Pricing. The Transactions included in the Transaction count are the aggregate number of all Visa, MasterCard, Discover, and debit transactions processed by Contractor for all Authorized Users. Once annually, one (1) month prior to the anniversary date, Contractor will review the combined Authorized Users’ Transaction count data for the prior twelve (12) months and, upon the first day of the month following the annual anniversary date, will apply the applicable pricing tier to all Authorized Users. The State will issue an amendment, reflecting the effective Tier. American Express counts are not included in determining the tiers, however, their pricing will be adjusted and mirror that of the Visa, MasterCard, Discover and debit transactions. 189 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 37 of 71 Exhibit E.2: Equipment and Software Pricing Equipment Pricing: Equipment Type (Terminals, POS, Pin Pads, Printers, Imprinter) Description Elavon Product Code MSRP Unit Price (1-49) Unit Price (50+) 1. Smart Terminals/POS Talech Moby M120 Smart terminal MB120 $621.00 $589.95 $558.90 Poynt 5 Wi-Fi Smart terminal PYT5 $308.00 $292.60 $277.20 Newland 910 Smart terminal N910 $539.00 $512.05 $485.10 2. Pin Pads Ingenico Desk 1500 Pin Pad D150 $189.00 $179.55 $170.10 Ingenico Link 2500 Pin Pad L250 $189.00 $179.55 $170.10 Ingenico Lane 3000 Pin Pad LAN300 $259.00 $246.05 $233.10 Ingenico Lane 5000 Pin Pad LAN500 $399.00 $369.05 $259.10 3. Terminal (Desktop) Ingenico Desk 3500 Terminal D350 $229.99 $218.49 $206.99 Ingenico Desk 5000 Terminal D500 $431.00 $406.45 $387.90 4. Wireless Terminals Ingenico Move 5000 4G1 Wireless Terminal M500U $499.00 $474.05 $449.10 SIM Card SIM Card 250SC $10.00 $10.00 $10.00 Monthly Wireless Fee Monthly Wireless Access Fee $20.00 $20.00 $20.00 Ingenico Move 5000 Bluetooth Bluetooth M500B $499.00 $474.05 $449.10 Ingenico Move 5000 with Charging Base Bluetooth and 4G M500BTP $606.00 $575.70 $545.40 5. Printers Star 300 (Bluetooth) SM300 $343.00 $309.00 $309.00 Star 230i Bluetooth SM230 $332.00 $299.00 $299.00 Star 654 (USB) SP364 $325.00 $308.75 $292.50 Star 143 (LAN) SP143 $325.00 $308.75 $292.50 Imprinters IMPR $21.00 $21.00 $21.00 1 Note: Wireless Terminal requires SIM Card and Monthly Wireless Fee 190 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 38 of 71 Software Pricing: Software Description MSRP Unit Price (1-49) Unit Price (50+) Monthly Fee Gateways Gateways Licensing $199.00 $149.00 $149.00 $5.00 191 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 39 of 71 Exhibit E.3: Equipment Specifications 1. Smart Terminals/POS Specification Talech Moby M120 Poynt 5 Wi-Fi Newland 910 Picture: Elavon Product Code: MB120 PYT5 N910 Brand/Model Number: Ingenico: PMT-808- 08862B P0501 N7G-G77DXE0000 Description: Tablet POS provides enterprise-class features, including Corning® Gorilla® Glass with a capacitive touchscreen, a long battery life (7,000 mAh) and seamless high-volume payment acceptance capabilities. Wireless, handheld smart terminal designed for a fast, easy, and delightful mobile checkout experience. Customizable and scalable, offering easy integration with many existing POS systems. State-of-the-art smart POS. Everything you need to process payments through different methods and dramatically simplify the whole payment process. Color: Black Black Gray Dimensions: 350 x 207 x 18.5 mm 12” (Screen size) 76.3 mm x 154.0 mm x 25.4 mm 190mm (L) x 81mm (W) x 54.9mm (H) Weight: 1130g (tablet without POS) 201.6g 440g including battery Connector: WiFi Bluetooth WiFi Bluetooth WiFi Bluetooth Additional Feature: 192 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 40 of 71 2. Pin Pads Specification Ingenico Desk 1500 Ingenico Link 2500 Ingenico Lane 3000 Ingenico Lane 5000 Picture: Elavon Product Code: D150 L250 LAN300 LAN500 Brand/Model Number: Ingenico: PPD34311368C Ingenico: PMF30910412A Ingenico: PRD30310878B Ingenico: PRB32611578I Description: The compact Desk/1500 fits easily on any counter, with options for either a mounted or unmounted terminal to suit the available desktop space. Featuring a pocket-sized, light weight and robust design the Link/2500 is the perfect business acceptance point for mobile solutions. Designed for retail usage, the Lane/3000 is featured with a heavy-duty magstripe and smartcard readers optimized to boost transaction speeds. Its very large dedicated contactless card reader zone speeds up checkout times for customers. With its compact and robust design, it integrates into any retail environment. Conceived for intensive retail usage, the Lane/5000 features a durable signature - capacitive screen, heavy- duty magstripe and smartcard readers optimized for transaction speed. Color: Black Black Black Black Dimensions: 7.08x3.26x1.69'' 5.07 x 2.75 x 0.67'' 3.26’’ x 7.08’’ x 1.69 7.4’’ x 4.3’’ x 1.9’’ Weight: 8.95 oz 5.46 oz 8.89 oz 12.3 oz Connector: • USB • USB Type C • USB • Serial • USB • Serial Additional Feature: 193 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 41 of 71 3. Terminals (Desktop) Specification Ingenico Desk 3500 Ingenico Desk 5000 Picture: Elavon Product Code: D350 D500 Brand/Model Number: Ingenico: PCD30010305R Ingenico: DES500- USELA04A Description: Featuring intuitive card readers and applications menu, it provides a seamless payment experience. The responsive keypad improves PIN entry combined with the advanced outer casing make the Desk/5000 very robust, to suit with the most demanding situations. Color: Black Black Dimensions: 7.3x2.6x3.2x2.6'' 7.3x2.6x3.2x2.6'' Weight: 12 oz 12 oz Connector: • USB • Serial • USB • Power Supply Additional Feature: 194 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 42 of 71 4. Wireless Terminals Specification Ingenico Move 5000 4G Ingenico Move 5000 Bluetooth Ingenico Move 4G & Bluetooth with Charging Base Picture: Elavon Product Code: M500U M500B M500BTP Brand/Model Number: Ingenico: PWB32011420R Ingenico PWB32011466R Ingenico Description: Designed for both indoor and outdoor use, the Move/5000 4G is the perfect business companion for hospitality, retail and small merchants, creating a seamless mobile shopping experience. Designed for both indoor and outdoor use, the Move/5000 Bluetooth is the perfect business companion for hospitality, retail and small merchants, creating a seamless mobile shopping experience. Ingenico Move 5000 with Charging Base. Power supply and Terminal. Connectivity to Bluetooth, Ethernet, phone, and 4G. Great for an additional charging area where social distancing is in place. Color: Black Black Black Dimensions: 6.6x3.1x2.2" 6.6x3.1x2.2" 6.7x3.2 1 x 2.3” Weight: 11 oz 11 oz 13oz Connector: • USB • Power Supply • USB • Power Supply 8. USB, IP, Bluetooth, & 4G 9. Power Supply Additional Feature: 195 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 43 of 71 5. Printers Specification Star 300 Bluetooth Star 230i Bluetooth Star 654 (USB) Star 143 (LAN) Picture: Elavon Product Code: SM300 SM230 SP364 SP143 Brand/Model Number: Star: 39634010- SMT300I- DB50 Star: 39632110- SMS230I- UB40 Star: 39449670- TSP654IIU-24 Star: 39464910- TSP143IIILAN Description: Bluetooth Receipt and Label printer with Auto- Reconnect A compact, lightweight, high-speed two inch Bluetooth and USB portable printer. Direct Thermal Kiosk, Tablet POS and Traditional POS Receipt Printers. Software-driven thermal POS receipt printer to provide an immediate plug & play application. Color: Gray / Black Dark Gray Dark Gray or Ultra White Dimensions: 120 x 130.5 x 58.3 120 x 132.2 x 58.3 1.7 x 3.1 x 4.5” 142 x 203.5 x 132 142 x 204 x 132mm Weight: 442g 7.65oz 1.60kg 1.68kg Connector: Additional Feature: 196 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 44 of 71 Exhibit F: Equipment and Software 1. EQUIPMENT & SOFTWARE Each Authorized User is responsible for defining its equipment and software needs, desired operating objectives, and desired operating environment under this MSA. Authorized Users will work with their designated Contractor to determine the appropriate equipment and software needs to meet their specific business and system requirements. When purchasing or disposing of equipment, State Authorized Users must adhere to all applicable state laws, regulations, policies, best practices, and purchasing authority requirements, California Codes, Code of Regulations, State Administrative Manual, Management Memos, State Contracting Manual and Purchasing Authority Manual. 2. GENERAL STATEMENT OF WORK Contractor shall provide all Point of Sale (POS) equipment and software as needed to implement new or upgrade current system in terms of functionality and technical architecture at the rates provided in Exhibit E.2: Equipment and Software Pricing. All references to software herein are to software provided by Contractor hereunder, and not to third party software acquired or used by an Authorized User. a. Newly Manufactured Goods All purchased equipment, including components and accessories, under this MSA shall be newly manufactured equipment. Used or reconditioned equipment is prohibited except as a replacement provided at no cost and only after the one-year warranty period has expired. b. POS Equipment Implementation Plans Contractor staff will map, migrate, test and clean-up the essential data required for the POS System to function; complete training of Authorized User’s staff; and other tasks necessary for use of the POS System by the Authorized User. The Implementation Plan for the POS equipment will address discovery1, installation instructions, training, testing and certification. Contractor shall coordinate with Authorized Users to develop an implementation schedule to determine that Authorized Users have all the appropriate supplies, space, and time required for the discovery, installation, training, and testing. c. Service Provider Back-end System Software Contractor must successfully integrate the POS equipment between Authorized User’s internal system and their affected locations. d. POS System Architecture Software Requirements At no additional cost to the Authorized User, Contractor shall: • Provide new versions, upgrades, modifications and enhancements of Software. • Make necessary modifications, adjustments, and repairs to keep the software operating without interruptions, to correct latent deficiencies with respect to the 1 Method used to clearly understand and document the technology, business issues, and resources required to successfully implement all or part of an electronic payment acceptance system. 197 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 45 of 71 software specifications, and to comply with applicable federal laws and regulations. Contractor must provide advanced written notice of scheduled interruptions or maintenance to Authorized Users and maintenance should occur during Authorized User’s non-business hours. The software must be available at a minimum of 99.9% of the time (excluding maintenance downtime). • Provide software modifications for operation with the infrastructure for the term of the contract. • Provide new versions of the software to keep the Authorized User abreast of the Contractor’s current software product. Notification of major software releases and a summary of system enhancements or revisions will be provided with new software releases. Documentation must describe, in a user-friendly manner, what the Authorized User needs to know to understand each level on which the software operates. • Provide modifications and enhancements that (1) will be delivered installed or installable, on the Authorized User’s system, (2) must operate without program interruptions and (3) must provide the functions as required by the specifications and as described by documentation supplied by the Contractor. e. POS Equipment Authentication Software The Contractor shall provide the software necessary for authentication and initialization so that the device is recognized by the Authorized User’s system. The software must be pre-loaded to the device, allowing the device to initialize to the back end. f. Integrated Front-end POS System Work Stations • The Contractor shall develop an Integrated Front-end POS System Work Stations and Peripherals plan that documents interchangeability, re-configuration of latest revisions or versions, and delivery requirements for spares. • All equipment and software shall be configured to the latest revision or version. • All equipment and software shall be interchangeable with their corresponding device. g. POS Replacement Plan The Contractor shall work with Authorized Users to develop a Scheduled Replacement Plan that documents what equipment gets replaced, when it gets replaced, the logistics of removal and installation, and the required testing. After initial warranty period, under the scheduled replacement plan, Authorized Users shall have the option of replacing equipment with an identical unit at the lower of the market price at time of replacement or with a compatible yet more capable unit at the current market price, if such a unit exists. The cost of replacement after initial warranty period and after the equipment meets the minimum service life, shall be borne by the Authorized User under a scheduled replacement plan. h. Maintenance and Repair Support The Contractor must provide maintenance and repair support twenty-four (24) hours per day, 365 days per year to assist the Authorized User in optimizing its POS equipment. The Contractor shall provide a wide range of services from telephone to on-site support, equipment exchange according to the Authorized User’s equipment type, and enable efficient problem resolution with experienced on-site and remote technical support. On-site technical support is dependent upon the Authorized User’s 198 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 46 of 71 Subsidiary Agreement and upon mutual agreement between the Authorized User and Contractor. The Contractor shall have repair policies and procedures in place to prevent illegal activity during the repair process. All parts, equipment, and firmware must be up-to- date and readily available. In addition, only authorized components may be used. i. Warranty The Contractor (not the manufacturer) shall provide a one-year warranty for all equipment/software newly purchased from the Contractor. The Contractor’s obligation shall be to repair or replace the defective product during the warranty period at no charge to the Authorized User. The cost of replaced devices during the one-year warranty period shall be borne by the Contractor. Such repair or replacement will be rendered by the Contractor or by one of its authorized repair depots. Cost for shipment of said products to the Contractor shall be paid by the Contractor. The Contractor will then ship the repaired/replaced product to the Authorized User, at no cost to the Authorized User. Repaired products will be warranted for the remainder of the original one-year warranty period from the date of original retail purchase. Equipment replaced with new equipment will start a new one-year warranty period at the time of installation. The Contractor may replace the defective product (or any part thereof) with any product that is substantially equivalent (or superior) in all material respects to the defective product. j. Exchange Services The Contractor will provide exchange support Monday through Friday from 8:00 a.m. through 5:00 p.m. PST. Contractor will ship replacement the same day support call is received and schedule next day delivery to the Authorized User. If call is received after 3:00 p.m. PST, replacement is shipped the following business day. Shipping and return of equipment shall be provided at no additional cost to the Authorized User. k. Delivery All prices offered shall be F.O.B. destination, freight prepaid by the Contractor, to the ordering agency’s final receiving point. Responsibility and liability for loss or damage for all orders shall remain with the Contractor until final inspection and acceptance, when all responsibility shall pass to the ordering agency, except the responsibility for latent defects, fraud, and the warranty obligations. Deliveries are to be made to the location specified on the individual order, which may include but is not limited to, inside buildings, high-rise office buildings, and receiving docks. Delivery of ordered product shall be completed within thirty (30) calendar days (or sooner) after receipt of an order, unless otherwise agreed to by the ordering agency. Since receiving hours for each ordering agency will vary by facility, it will be the Contractor’s responsibility to check with each facility for their specific delivery hours before delivery occurs. 199 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 47 of 71 The Contractor must notify the ordering agency within forty-eight (48) hours of scheduled delivery time if delivery cannot be made within the time frame specified on the order. 3. SECURITY STANDARDS All equipment and software must meet the following security standards as applicable: PCI Compliance, POS Compliance Security, P2PE certified, POS Physical Security, POS Decommissioning Security, and POS Deployment, Repair and Tracking Security. a. POS Compliance Security • The Contractor shall adhere to applicable PCI standards and procedures to ensure the following: • The POS device has been tested and it is an approved Tamper-Resistant Security Module (TRSM) (approved as a TRSM by the network or PCI standards company). • The device has been inspected for tampering before the encryption keys are injected. • At a minimum a D U K P T or Triple D E S key that was created under the principles of dual control and split knowledge has been injected into the device before Personal Identification Numbers (PINs) are entered. (Dual Control means that at least two authorized individuals are required to work in partnership to carry out an activity, such as generating, storing, or loading the clear text components of a key. Split Knowledge means that no single individual knows, or has access to, a whole entity, be it all the clear-text components of a key, or the combination of a safe where key components are stored.) Asymmetric cryptography is recommended. • Each device will have unique keys. b. POS Physical Security Contractors shall adhere to security measures during storage, servicing and shipping to ensure that the POS machine is properly managed and protected in a way that addresses and manages risks of attacks against it. These security measures manage and protect against theft and illegal modification. These measures shall also protect the cardholder’s PIN entry privacy. POS devices should be inventoried and placed in secured, locked and monitored areas. c. POS Deployment, Repair and Tracking Security The Contractor shall ensure that applicable PCI standards and procedures will cover terminal inventory and tracking controls during all phases of its lifecycle: • the manufacturing phase; while in transit and testing; the key injection process and the installation commissioning process; operation (Authorized User phase); and • when offline - storage, repair or inactivity periods. d. POS Decommissioning Security Contractor shall provide training and technical support to enable Authorized Users to “Zero” POS devices due for decommissioning, if such decommissioning is possible with the equipment chosen. Decommissioned POS devices have their cryptographic keys safely removed when the terminal is de-installed and the device is then “zeroized” with no remaining encryption keys or data contained within them. Certain equipment may need to be returned to Contractor for decommissioning at the Authorized User’s cost. 200 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 48 of 71 4. OTHER PROVISIONS a. Buy Back Program The Contractor shall offer Authorized Users a large-scale buyback and upgrade program, providing for the return marketable equipment towards purchase discounts or upgrade to newer technology, on a case-by-case basis. b. Recycling Contractor will issue call tags for returned and/or swapped equipment for the State. Equipment will be returned to Contractor’s designated facility at the cost of the contractor and will be processed pursuant to the recycle/disposal laws applicable to the location of the Contractor’s facility. c. Equipment Recall Contractor will notify Authorized Users if a purchased item is affected by a product recall. Contractor will provide instructions on how to return or replace the equipment at no additional cost to the Authorized User. d. Substitutions Substitution of contracted deliverables require advanced written consent of the Authorized User. e. Inspection All deliverables may be subject to final inspection, test and acceptance by the Authorized User at destination, notwithstanding any payment or inspection at source. f. Damaged and Defective Items Contractor will provide credit and/or replacement for freight-damaged or defective items at no charge within forty-eight (48) business hours, or as agreed upon by Authorized User, after the Authorized User provides notification. This also includes incorrect products shipped or an order entry error by the Contractor’s customer service representative. The Contractor cannot require the Authorized User to deal directly with the manufacturer. Additionally, the Contractor shall provide the Authorized User with a prepaid and self-addressed label for the return of the item. 201 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 49 of 71 Exhibit G: Definitions Term Definition 1. Adjustments A debit or credit to a Cardholder or Authorized User account to correct a transaction error. 2. Affiliate Any entity that controls, is controlled by, or is under common control of a party, including its subsidiaries. 3. Agreement The Master Service Agreement (“MSA”) which includes the Std. 213 form, all Exhibits and all mutually agreed upon amendments thereto. 4. Associations or Payment Networks Any: (a) Credit Card Association (defined as (i) Visa.; (ii) MasterCard; (iii) American Express; (iv) Discover Network; and any successor organization or association to any of the foregoing); (b) E F T Network (defined as (i) Interlink Network Inc., Maestro U.S.A., Inc., STAR Networks, Inc., NYCE Payments Network, LLC, PULSE Network LLC, ACCEL/Exchange Network, Alaska Option Services Corporation, Armed Forces Financial Network, Credit Union 24, Inc., NETS, Inc., and SHAZAM, Inc.; and any successor organization or association to any of the foregoing); (c) ECS Association (defined as Visa (in its operation of the Visa POS Check Service), N A C H A and any regional ACH association or network, the Federal Reserve (in its processing of ACH entries or Demand Drafts or other legal replacements or substitutes for a Paper Check, including under the Check Clearing for the 21st Century Act or under applicable provisions of the Uniform Commercial Code; and any successor organization or association to any of the foregoing) 5. Association Rules or Payment Networks Rules (or Payment Network Regulations) The rules, regulations, releases, interpretations and other requirements (whether contractual or otherwise) imposed or adopted by Associations designated in this Agreement. 6. Authorization The process by which the Authorized User requests approval of a transaction from the issuer by electronically accessing Contractor’s computerized system, unless such system is inoperable or otherwise not accessible, in which case the Authorized User shall utilize the designated toll-free telephone number, to obtain credit approval from the Card issuing bank before completion of the Card transaction. 7. Authorized User (i) State of California government agencies that participate in this MSA (“State Authorized Users”), and (ii) Local government agencies that participate in this MSA (“Local Authorized 202 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 50 of 71 Term Definition Users”), as further defined in Exhibit A, Section 1 or 12 of the MSA. 8. Authorized User Resources All equipment, communications devices, databases, services, systems and other resources that Authorized User maintains or operates in Authorized User’s or its third party hosting provider’s locations and which enable Authorized User to access and use the Services. 9. Automated Clearing House (ACH) The funds transfer system governed by the rules of NACHA. ACH allows financial institutions to clear interbank entries electronically. 10. Bank An institution offering financial services, such as the safekeeping of money, conversion of domestic into and from foreign currencies, lending of money at interest, and acceptance of bills of exchange. 11. Bankruptcy Proceeding With respect to an entity, (i) that the entity or any subsidiary of such entity will: (a) commence a voluntary case under the Bankruptcy Code of 1978, as amended, or other federal bankruptcy laws (as now or hereafter in effect); (b) file or be subject to a petition seeking to take advantage of any other applicable state or federal laws, domestic or foreign, relating to bankruptcy, insolvency, reorganization, winding up or composition or adjustment of debts or any other similar conservatorship or receivership proceeding instituted or administered by any regulatory agency or body; (c) consent to or fail to contest, in a timely and appropriate manner, any petition filed against it in an involuntary case under such bankruptcy laws or other applicable laws; (d) apply for or consent to, or fail to contest in a timely and appropriate manner, the appointment of, or the taking of possession by, a trustee, receiver, custodian, liquidator, or similar entity of such entity or of all or any substantial part of its assets, domestic or foreign; (e) admit in writing its inability to pay its debts as they become due; (f) make a general assignment for the benefit of creditors; (g) make a conveyance fraudulent as to creditors under any applicable state or federal laws; or (h) take any action for the purpose of effecting any of the foregoing; or (ii) that a case or other proceeding will be commenced against the entity or any subsidiary of such entity in any court of competent jurisdiction, or through any regulatory agency or body, seeking: (x) relief under the Bankruptcy Code of 1978, as amended, or other federal bankruptcy laws (as now or hereafter in effect) or under any other applicable laws, domestic or foreign, relating to bankruptcy, insolvency, reorganization, winding up or composition, or adjustment of debts; or (y) the appointment of a trustee, receiver, custodian, liquidator or the like of such entity or of all or any substantial part of the assets, domestic or foreign, of such entity or any other similar conservatorship or 203 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 51 of 71 Term Definition receivership proceeding instituted or administered by any regulatory agency or body. 12. Batch A grouping of transactions captured by the Authorized User and submitted to their Acquirer for settlement and funding. A batch is usually an entire day’s activity. 13. Business Day A day (other than Saturday or Sunday) on which Banks are generally open for business. 14. Cancels When an Authorized User stops a transaction before the transaction has been sent to the processor through a settlement. 15. Card Brands (i) Visa; (ii) Mastercard; (iii) American Express Travel Related Services Company, Inc.; (iv) Discover Network; (v) Diners Club International Ltd.; (vi) JCB International Co., Ltd.; (vii) China UnionPay Co., Ltd; and (viii) any other organization or association that hereafter contracts with Contractor to authorize, capture, and settle Transactions effected with Credit Cards issued or sponsored by such organization or association, and any successor organization or association to any of the foregoing. 16. Card Not Present The processing environment where the Payment Device is not physically presented to Authorized User by the Cardholder as the form of payment at the time of the Transaction. 17. Card or Payment Device As any device or method used for the purpose of obtaining credit or debiting a designated account including a credit card (associated with a revolving line of credit), debit card (associated with an electronic debit to the Cardholder’s account), and any other financial transaction device or method, including an Electronic Gift Card (special stored value card), check (whether converted into electronic form or used as a source document for an electronic fund transfer), electronic benefits transfer card, stored value card, “smart” card, or other device created to be used for the purpose of obtaining credit or debiting a designated account, that is now or hereafter effected through Charges with Authorized Users. 18. Cardholder The individual whose name appears on the Card or in whose name a Card has been issued, and any person who purports to be an authorized user of such Card. 19. Cardholder Data The meaning is stated in the Payment Card Industry (PCI) Data Security Standard (DSS) and Payment Application Data Security Standard (PA-DSS) Glossary of Terms, Abbreviations, and Acronyms. 20. Charge See Transaction definition. 21. Chargeback The procedure by which the funds from a Sales Draft or other indicia of a Card transaction (or disputed portion thereof) are returned to the cardholder by the issuing bank. The Payment Network will debit the Servicers the chargeback amount to 204 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 52 of 71 Term Definition make the issuer whole. The Servicers in turn will recoup the chargeback amount from the Authorized User. 22. Contractor Elavon, or its affiliates providing services hereunder. 23. Convenience Fee A fee assessed to the Cardholder for an added convenience of the use of a payment card in a transaction in accordance with the Payment Networks Rules. 24. Credit Card A card or device bearing the symbol of any Card Brand and associated with a revolving line of credit that can be used to purchase goods and services from Authorized User or to pay an amount due to Authorized User. 25. Credit Voucher The evidence of a refund or price adjustment by the State or Authorized User to a Cardholder's Card account in connection with a prior purchase by such Cardholder using a Card, regardless of whether the form of such evidence is in paper, electronic, or otherwise. 26. Customer A client of Authorized User who elects to conduct a payment Transaction with Authorized User through presentation of a Payment Device (including a Cardholder). 27. Data Breach Unauthorized access to, use, disclosure or exfiltration of any Cardholder Data or Transaction Information provided by Authorized User and received by Contractor in connection with Authorized User’s use of the Services under the Agreement. 28. Debit Card A card or device bearing the symbols of one or more EFT Networks or Card Brands, which may be used to purchase goods and services from Authorized User or to pay an amount due to Authorized User by an electronic debit to the Cardholder’s designated deposit account. A “Debit Card” includes (i) a card or device that bears the symbol of a Card Brand and may be used to conduct signature-based, offline debit Transactions; and (ii) a card or device that bears the symbol of an EFT Network and can be used to conduct PIN- based, online debit Transactions. 29. Demand Deposit Account (DDA) The commercial checking account at an ACH participating financial institution designated by Authorized User to facilitate payment for Transactions, Chargebacks, returns, adjustments, fees, fines, penalties, assessments and charges from the Payment Networks, and other payments due under the Agreement. 30. Discover DFS Services LLC 31. Discover Network The payment network operated and maintained by Discover. 32. EFT Networks (i) Interlink Network Inc., Maestro U.S.A., Inc., STAR Networks, Inc., NYCE Payments Network, LLC, PULSE Network LLC, ACCEL/Exchange Network, Alaska Option Services Corporation, Armed Forces Financial Network, Credit Union 24, Inc., NETS, Inc., and SHAZAM, Inc.; and (ii) any other organization or association that hereafter authorizes Contractor 205 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 53 of 71 Term Definition or a third party designated by Authorized User to authorize, capture, and settle Transactions effected with Debit Cards, and any successor organization or association to any of the foregoing. 33. Elavon Data Breach A Data Breach that (i) originated within data operating systems controlled by Elavon, (ii) occurred due to a breach of the Agreement by Elavon, (iii) was not attributable to any act or omission of Authorized User or its Service Providers, and (iv) does not relate to any Authorized User provided data in user defined fields not required by Elavon or used to perform the Services. 34. Elavon Materials The specifications, documentation, application programing interfaces (APIs) and other interfaces, nonpublic or proprietary data import routines, sample code and materials provided to Authorized User to enable Authorized User to perform its obligations or exercise its rights under the Agreement, including integration to the Services. 35. Electronic Gift Card (EGC) A special stored value card provided by or on behalf of Authorized User that is redeemable for merchandise, services or other Transactions. 36. Equipment Purchased Equipment and other devices, equipment and hardware provided to Authorized User under the Agreement. 37. Excessive Activity The occurrence, during any monthly period, of Chargebacks or Retrieval Requests in excess of 1% of the gross dollar amount of Authorized User’s Transactions or returns in excess of 2.5% of the gross dollar amount of Authorized User’s Transactions. 38. Gateway The transfer of information between a payment portal (such as a website, mobile phone or interactive voice response service) and the Front-End Processor or acquiring bank. 39. Gateway Services The hosted gateway services provided by Contractor, as further described in the Operating Guide. 40. Government/Public Institution Service Fees (GPISF) The fee charged by Elavon or Authorized User, at Authorized User’s election, to Customers conducting Eligible Transactions (as defined in the Operating Guide) where Authorized User is operating in an eligible MCC. GPISF include fees referred to as a “service fee”, where the fee is processed as a separate Transaction from the underlying purchase or payment Transaction. 41. Intellectual Property Rights Worldwide patents, trade secrets, copyrights, trademarks, service marks, trade names, and all other intellectual property rights and proprietary rights, including all rights or causes of action for infringement or misappropriation of any of the foregoing. 42. Issuer The financial institution or other entity that issued the Credit Card or Debit Card to the Cardholder. 206 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 54 of 71 Term Definition 43. Laws All applicable local, state, and federal statutes, regulations, ordinances, rules, and other binding law in effect from time to time. 44. Local Governmental Agency Any city and/or county, district, or other local governmental body or corporation, including the California State Universities (CSU) and University of California (UC) systems, K-12 schools and community colleges empowered to expend public funds). 45. Marks Names, logos, service marks, trademarks, trade names, taglines, or other proprietary designations belonging to the Associations. 46. Mastercard MasterCard International Incorporated 47. Operating Guide Contractor’s Operating Guide (formerly the “Merchant Operating Guide” or “MOG”), located at www.mypaymentsinsider.com and https://www.merchantconnect.com/CWRWeb/pdf/MOG_Eng.pdf (or such other website that Contractor may specify), that prescribes rules and procedures governing Transactions and Authorized User’s use of the Services. 48. Payment Device Any device or method used for the purpose of obtaining credit or debiting a designated account including a Credit Card, Debit Card, and any other financial transaction device or method to be used for the purpose of obtaining credit or debiting a designated account. 49. Payment Gateway See Gateway definition. 50. Payment Network Any Card Brand, EFT Network, ECS Association or automated clearing house association, governmental agency or authority, and any other entity or association that issues or sponsors a Payment Device or PayPal Payment Device (as defined in the Operating Guide) or operates a network on which a Payment Device is processed. 51. Payment Network Regulations See Association Rules or Payment Networks Rules (or Payment Network Regulations) definition. 52. PCI-DSS The Payment Card Industry Data Security Standards. 53. Point to point encryption (P2PE) A solution that allows enterprises to create secure communication links between devices or components within those devices that prevent intermediate devices from having exposure to sensitive information that is transiting the network. 54. POS Device A terminal, software or other point-of-sale device at an Authorized User location that conforms to the requirements established from time to time by Contractor and the applicable Payment Network. 55. Processing Services Services other than Gateway Services. 56. Purchased Equipment The devices, equipment and hardware purchased by Authorized User from Contractor under the terms of the Agreement. 207 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 55 of 71 Term Definition 57. Retrieval A request that occurs when a Cardholder requests more information about a transaction or a legible copy of the signed Sales Draft or Transaction Receipt. 58. Return or Reversal A financial transaction used to negate or cancel a transaction. 59. Sales Draft or Transaction Receipt Evidence of a purchase of goods or services by a Cardholder from the Authorized User using a Card, regardless of whether the form of such evidence is in paper, electronic or otherwise, all of which must conform to Association Rules. 60. Security Programs The PCI-DSS, including the Cardholder Information Security Program (CISP) of Visa, the Site Data Protection Program (SDP) of Mastercard, the Data Security DISC Program and the PCI-DSS regulations of Discover Network, and the security programs of any other Payment Network, and any modifications to, or replacements of, such programs that may occur from time to time. 61. Service Provider Any entity that stores, processes, transmits or accesses Cardholder Data or Transaction Information on behalf of Authorized User or that provides software to Authorized User for transaction processing, storage, or transmission, except to the extent such services are performed by the entity in its capacity as a third-party contractor of Contractor performing Contractor’s obligations under the Agreement. Contractor third- party contractors are not Service Providers. 62. Services The services Contractor provides to Authorized User pursuant to the Agreement. 63. Settlement The process of submitting transactions to a Contractor for processing, and the subsequent transferring funds for sales and credits between Contractors and Issuers, including the final debiting of a Cardholder's account and crediting an Authorized User’s account. 64. Settlement Account or ZBA or DDA An account at a financial institution designated by the Authorized User as the account to be credited by Servicers for Card transactions, and other amounts due hereunder. 65. Servicers Collectively Contractor and Bank. 66. State Governmental Agency Any State of California governmental agency, department, bureau, board or commission within the Executive and Non- Executive Branches of California State Government. • State Judicial Branch: Justices, officers, and employees of the Supreme Court of California, the Courts of Appeal, the Judicial Council of California and the State BAR of California. • State Legislative Branch: Members of the State Senate, Members of the State Assembly, and Legislative staff members. 67. Subsidiary Agreement The Authorized User’s duly executed Std. 213, or appropriate equivalent contract form for Local Authorized Users, and any 208 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 56 of 71 Term Definition attachments or amendments thereto, describing the selected MSA services and any particular requirements of the Authorized User. 68. Substitutions The action of replacing something with another thing. 69. Transaction Any action between Authorized User and a Cardholder or Payment Network that results in transmission of Cardholder Data or Transaction Information (e.g. payment, purchase, refund, return, chargeback, authorization request, settlement submission, transaction inquiry, decryption, conversion to and from tokens). 70. Transaction Information Any data or information resulting from a Transaction. Transaction Information includes payment processing-related transactional information that may be collected or stored by Contractor, including the price paid for products or services, date, time, approval, unique transaction number, store identifier, and Customer bank information relating to a Transaction. 71. United States The United States of America. 72. Updates All updates, revisions, patches, fixes, new releases, and other improvements or changes to any Services provided to Authorized User under the Agreement. 73. Users Authorized User’s employees or contractors designated by Authorized User to access and use the Services. 74. Visa Visa U.S.A., Inc. 75. Voids A transaction that is canceled after it has been authorized but before it has been settled. 209 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 57 of 71 Exhibit H: Special Terms and Conditions 1. SERVICES AGREEMENT The Agreement governs Authorized User’s receipt and use of the Services selected by Authorized Users in the Subsidiary Agreement or Set Up Form. 2. OPERATING GUIDE In addition to the terms of the Agreement, Authorized User will comply with the Operating Guide (https://www.merchantconnect.com/CWRWeb/pdf/MOG_Eng.pdf) applicable to each selected Service. Contractor may change the Operating Guide by providing the State’s Contract Administrator with at least thirty (30) days prior written notice of the change. However, in the event of changes in the Association Rules or due to security reasons, certain changes in Card procedures may become effective on shorter notice. If Contractor changes their Operating Guide during the term of the Agreement, and such changes are not mandated by an Association or governing body of rules or guidelines, the change will be subject to review and approval by the State and Authorized User within sixty (60) days of receipt of change notice. Failure of the State or Authorized Users to object, and continuation of Card acceptance hereunder, will constitute the State’s and Authorized Users’ acceptance of the new Operating Guide. The State and/or any Authorized User may provide notice to terminate for convenience as provided in Exhibit A, Section 28, if any changes to Operating Guide and/or Association Rules are unacceptable. While it is intended that the Operating Guide will supplement this Exhibit H, if there is any conflict between the terms of this Agreement and the Operating Guide, the terms of this Agreement will govern. Terms in the Operating Guide which conflict with this Agreement, California laws, and regulations will not apply. Furthermore, the State and Authorized Users shall not be bound by any terms and conditions in the Operating Guide or “click-through” terms and conditions that provide for (i) arbitration, (ii) the indemnification of any party, (iii) the governing law or venue requirements, (iv) the waiver of any applicable statute of limitations period, (v) that incorporate any terms or conditions by reference, or (vi) any term or condition that conflicts with the terms and conditions of this Agreement. 3. AUTHORIZED USER AFFILIATES Authorized User Affiliates may use the Services so long as they comply with all restrictions, obligations, and requirements imposed on Authorized Users. 4. TERMINATION a. Right to Terminate: Contractor has the right to send the Authorized User a notice specifying the default in the following sections (i) - (iv) and providing the Authorized User an opportunity to cure the breach within a period of time no less than thirty (30) days (Cure Period). If the breach is not cured within the Cure Period, then Contractor has the right to terminate the Subsidiary Agreement by notice to the Authorized User, with termination to be effective no less than thirty (30) days following the end of the Cure Period. 210 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 58 of 71 i. Excessive Activity; ii. The acceptance of Card Not Present or Convenience Fee Transactions without inclusion in the Subsidiary Agreement or an amendment to the Subsidiary Agreement; iii. Authorized User has failed to pay Contractor an undisputed amount owed to Contractor under the Subsidiary Agreement (in which case, the Cure Period shall be extended to sixty (60) days); iv. Authorized User failed to perform a material obligation under the Agreement. b. Contractor may terminate the Subsidiary Agreement immediately in writing if any of the following occur: i. The levy, garnishment or attachment of the DDA, or any of Local Authorized User’s property in Contractor’s possession; ii. Any change, not approved by Contractor, that constitutes a material change in the types of goods or services Contractor sells or in the methods by which Contractor sells them, or any change that results in Authorized User’s violation of Contractor’s underwriting policy; iii. Any Payment Network or application of Payment Network Regulations requires Contractor to terminate the Agreement or cease processing Transactions for an Authorized User; iv. Assignment of the Subsidiary Agreement without Contractor’s written consent; v. The commencement of a Bankruptcy Proceeding by or against the Authorized User; vi. Any representation by the Authorized User in Exhibit H, Section 12 is false or misleading in any material respect as of the date made or becomes false or misleading in any material respect at any time during the Term of the Subsidiary Agreement. vii. The occurrence of a Data Incident as described in Exhibit H, Section 16(e). 5. ACCOUNT CLOSING a. Authorized User acknowledges that closing Authorized User’s account with Contractor may take up to thirty (30) calendar days following Contractor’s receipt of written notice of account closing. b. All obligations of a party regarding Transactions serviced prior to termination will survive termination. 6. USERS; ACCESS; SECURITY OF PASSWORDS AND USER IDs a. Authorized User will be responsible for the distribution of all passwords and user IDs issued to any User and for maintaining the confidentiality and security of User’s passwords and user IDs. Authorized User will ensure that the access granted to each User to the Services is limited to only the access and information necessary for the User to perform his or her job functions on behalf of Authorized User. Authorized User will ensure that all Users will be trained and qualified to access and use the Services in accordance with the terms of the Agreement and the Operating Guide. 211 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 59 of 71 Authorized User is responsible for its Users’ compliance with the terms of the Agreement, the Operating Guide, and for all use of any user ID and password other than by Contractor or Contractor’s third-party contractors or use by third-parties of user IDs and passwords obtained by such third parties from Contractor or Contractor’s third-party contractors. b. Authorized User will not, and will ensure that its Users do not: i. Access or use the Services for any purposes other than for its own internal business purposes (except as authorized by Contractor) as disclosed to Contractor in writing; ii. modify, reverse engineer, disassemble or decompile any part of the Services or Elavon Materials; iii. knowingly transmit any data that contains software viruses, time bombs, worms, Trojan horses, spyware, disabling devices, malicious code, or other harmful or deleterious computer code, files or programs to or through the Services; provided, that Authorized User will use commercially reasonable measures (at least industry standard) to screen for the foregoing; iv. interfere with or disrupt the servers or networks connected to or providing the Services; v. remove, change or obliterate the copyright, trademark or other proprietary protection legends or notices that appear in connection with access to and use of the Services or any Elavon Materials; or vi. re-sell, republish, download, frame or transmit the Services or Elavon Materials, including in order to act as a consultant for any third party or, unless otherwise permitted under the Agreement, as a service bureau, outsourcing or application service provider for any third parties, or otherwise allow any third party to use or access the Services. c. Authorized User is responsible for changing the user IDs and passwords of its Users if it believes that any of those user IDs or passwords have been stolen or might otherwise be misused and for disabling any User’s IDs and passwords promptly upon the termination of employment of such User or the cessation of such User’s need to access the Services. Authorized User will promptly notify Contractor if Authorized User believes the Services or Contractor’s databases have been compromised by use of a user ID or password associated with the Services. 7. FEES a. Compensation: Authorized User will compensate Contractor for all fees and other amounts due for the Services and Equipment in accordance with the Contract Exhibits B and E. b. Other Amount Owed: To the extent not prohibited by law, Authorized User will be responsible for any fines, penalties, assessments, or charges by the Payment Networks (including all fines, penalties, assessments, or charges by the Payment Networks as a result of an Authorized User’s violation of Payment Network Regulations), attributable to the Agreement (other than those directly attributable to Contractor’s acts or omissions). 212 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 60 of 71 c. Taxes: If a Local Authorized User is a tax-exempt entity, Local Authorized User will provide Contractor with an appropriate certificate of tax exemption. If no certificate is provided, the Local Authorized User will pay all taxes and other charges imposed by any governmental authority on the Services and Equipment provided under the Agreement. d. Demand Deposit Account: Authorized User will establish and maintain one (1) or more DDAs to facilitate payment to Contractor in accordance with Exhibit B, Section 1. Contractor has the right to rely on written instructions submitted by Authorized User requesting changes to the DDA. If Authorized User changes the DDA, the ACH authorizations established under this Subsidiary Agreement will apply to the new account, and Authorized User will provide Contractor such information regarding the new DDA as Contractor deems necessary to effect debits from or credits to the DDA as provided under the Subsidiary Agreement. It may take Contractor up to ten (10) business days after Contractor’s receipt of a written notice from Authorized User to reflect in Contractor’s system any change to Authorized User’s DDA. 8. MODIFICATIONS AND DISCONTINUANCE OF SERVICES Contractor may modify the Services or particular components of the Services from time to time and will use commercially reasonable efforts to notify Authorized User of any material modifications. If Contractor ceases to make a Service selected by Authorized User generally available to its merchant customers (a “Discontinued Service”), Contractor may cease providing such Discontinued Service to Authorized User upon one hundred eighty (180) days’ advance written notice. Contractor will negotiate an amendment to the MSA to incorporate the modification or discontinuance of services. If new terms that materially conflict with or supplement existing terms are necessary for operation, Contractor will deliver such new terms to the State to negotiate an amendment to the MSA incorporating said terms. 9. COMPLIANCE WITH LAWS AND PAYMENT NETWORK REGULATIONS a. General: Contractor and Authorized User will comply with all Laws and Payment Network Regulations applicable to the selected Services. b. Office of Foreign Assets Control Compliance: Authorized User acknowledges that Contractor is an entity governed by the Laws of the United States of America and as such, cannot provide any products or services to Authorized User or its Customers that contravene the Laws of the United States of America, including the Laws promulgated by OFAC or the United States Department of the Treasury or any successor thereto. c. Export Laws Compliance: Authorized User will comply with all United States export Laws governing the export and re-export of hardware, software or technology applicable to the Services and Equipment, including United States Department of State International Traffic In Arms Regulations (ITAR), United States Foreign Corrupt Practices Act, United States Commerce Department’s Export Administration Regulations, OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions, and Laws promulgated by OFAC or the United States Department of the Treasury or any successor thereto. Authorized User will not, and will not request Contractor to, export, directly or indirectly, any technical data pursuant to the Subsidiary Agreement or any product using any such data to any country for which the United States Government or any agency thereof at the time of 213 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 61 of 71 export requires an export license or other governmental approval without first obtaining such license or approval. d. Customer Identification: To help the United States Government fight the funding of terrorism and money laundering activities, federal law requires financial institutions and their affiliates to obtain, verify, and record information that identifies each person who opens an account. Accordingly, Authorized User will provide certain information and identifying documents requested by Contractor to allow Contractor to identify Authorized User. 10. CONFIDENTIALITY; DATA SECURITY AND USE a. Data Security and Use: i. Security Programs Compliance: Contractor and Authorized User will each comply with the applicable requirements of the Security Programs. ii. PCI-DSS Attestation: Authorized User may review Contractor’s current PCI-DSS compliance status on the Payment Network websites as available. Contractor will undergo an annual assessment of its compliance with the Security Programs and, if applicable to the Services provided under the Agreement, the Payment Application Data Security Standards. If Authorized User requires additional information, Contractor will work with Authorized User to provide information as mutually agreed to by both parties. iii. Elavon Data Breach: If an Elavon Data Breach occurs, then Contractor will comply with all Laws and Payment Network Regulations with respect to such Elavon Data Breach, including providing the required reporting and forensic audits to the Payment Networks, and, unless prohibited by law enforcement or the Payment Networks, will inform Authorized User of such Elavon Data Breach. Contractor will not pass-through or require Authorized User to be liable to Contractor for any fees, fines, penalties, assessments, or charges levied against Contractor by the Payment Networks in connection with an Elavon Data Breach. Unless otherwise required or directed under Law, the Payment Network Regulations, or a Payment Network, Contractor will not (i) contact or inform any Customer of whose data may have been the subject of an Elavon Data Breach of the occurrence of the Elavon Data Breach, or (ii) publicly disclose that information provided by Authorized User to Contractor was the subject in any part of an Elavon Data Breach. If Contractor is legally obligated or the Payment Network Regulations or Payment Networks require Contractor to contact Customers as part of an Elavon Data Breach, Contractor will limit the notices to such Customers to those required by the legal obligation, the Payment Network Regulations, or the Payment Networks, or as approved by Authorized User. iv. Cardholder Data and Transaction Information: a) Contractor and Authorized User will ensure the security of Cardholder Data and Transaction Information in accordance with all Laws and Payment Network Regulations. Contractor and Authorized User will retain Cardholder Data and Transaction Information for the duration required by Laws and the Payment Network Regulations and thereafter will destroy, in a manner that will render the information unreadable, all such information that is no longer necessary or appropriate to maintain for ordinary business purposes. 214 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 62 of 71 b) Authorized User will not disclose Cardholder Data to any third party, except to a Service Provider, unless required by Laws or the Payment Network Regulations. Authorized User will not retain or store magnetic stripe or CVV2/CVC2/CID data after authorization for any purpose. After authorization, Authorized User will retain only the Customer account number, name, and card expiration date if Authorized User has a reasonable business purpose to retain such information and is otherwise in compliance with the Agreement. If there is a failure or other suspension of Authorized User’s business operations, including any Bankruptcy Proceeding, Authorized User will not sell, transfer, or disclose Cardholder Data to third parties, and Authorized User will (a) return this information to Contractor, or (b) provide acceptable proof of destruction of this information to Contractor. c) Contractor acknowledges that Authorized User may collect information about Authorized User’s Customers as part of an Authorized User sales transaction (e.g., price paid, time, store identifier, SKU information) regardless of the Customer’s payment type and not in connection with the Services, and that the Agreement does not restrict Authorized User’s retention, use or disclosure of such information even though some of that information may overlap with elements of Transaction Information. d) Unless otherwise prohibited by Law, any applicable regulations, Payment Network Regulations, Payment Networks, or PCI DSS, Cardholder Data, Transaction Information, and information regarding Authorized User, its principals, or Affiliates, or that Contractor otherwise obtains in connection with the Agreement may be: 1) Used by Contractor and its Affiliates, third-party contractors, agents, and referral partners (a) to provide the Services and related functions to Authorized User and to respond to any further application for Services, (b) for administrative purposes and to maintain Authorized User’s account pursuant to the Agreement, and (c) for Contractor’s internal fraud and compliance monitoring; 2) Disclosed and shared by Contractor for reporting purposes to credit rating agencies and to the financial institution where the DDA is maintained; 3) Used to enhance or improve Contractor’s products or services generally; 4) Used or disclosed by Contractor in the course of any sale, reorganization or other change to Contractor’s business, subject to appropriate confidentiality agreements; 5) Collected, used and disclosed by Contractor as required by Laws (e.g., for tax reporting or in response to a subpoena); and 6) Retained for such periods of time as Contractor requires to perform its obligations and exercise its rights under the Agreement. Contractor may prepare, use, and share with third parties, aggregated, non- personally identifiable information derived from Transaction Information (so long as such information cannot be identified to Authorized User) that is 215 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 63 of 71 combined with similar information from all of or specific segments of Contractor’s other customers. 11. PROPRIETARY RIGHTS As between Contractor and Authorized User, Contractor retains all right, title and interest in and to the Services, Elavon Materials, Updates, and all Intellectual Property Rights in any of the foregoing. Authorized User will not acquire any ownership interest or license rights (except such rights as are expressly stated in the Agreement (including the Operating Guide)) in or to the Services, Elavon Materials, Updates, or Intellectual Property Rights in any of the foregoing. 12. REPRESENTATIONS AND DISCLAIMERS a. Contractor Representations: Contractor represents to Authorized User the following as of the Effective Date of the Subsidiary Agreement: i. Organization: Contractor is a corporation validly existing and duly organized under the laws of the state of Georgia with all authority, qualifications, licenses and registrations necessary to conduct its business, in all jurisdictions where Contractor conducts business, in compliance with all Laws and Payment Network Regulations. ii. Authority and Power: Contractor has the power to execute and perform the Agreement. The person executing the Agreement is duly authorized to bind Contractor to all provisions of the Agreement and such person is authorized to execute any document and to take any action on Contractor’s behalf which may be required to carry out the Agreement. Further, the signing and performing in accordance with the Agreement will not violate any Laws or conflict with any other agreement to which Contractor is subject. iii. No Litigation: There is no action, suit, or proceeding pending or, to Contractor’s knowledge, threatened, which if decided adversely would impair Contractor’s ability to carry on its business substantially as now conducted or which would materially and adversely affect Contractor’s financial condition or operations. b. Authorized User Representations: Authorized User represents to Contractor the following as of the Effective Date of the Subsidiary Agreement: i. Organization and Information: Authorized User is validly existing and duly organized under the laws of the jurisdiction in which it was formed with all authority, qualifications, licenses and registrations necessary to conduct its business, in all jurisdictions where Authorized User conducts business, in compliance with all Laws and Payment Network Regulations. All written information provided in the Subsidiary Agreement, and enrollment forms, as applicable, and in any other document submitted to Contractor is true and complete and properly reflects the business, financial condition and ownership of Authorized User in all material respects. ii. Authority and Power: Authorized User has the power to execute and perform the Agreement. The person executing the Subsidiary Agreement is duly authorized to bind Authorized User and each Authorized User Affiliate to all provisions of the Subsidiary Agreement as if each Authorized User Affiliate had 216 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 64 of 71 executed the Subsidiary Agreement, and such person is authorized to execute any document and to take any action on behalf of Authorized User that Contractor requires to carry out the Subsidiary Agreement. Further, the signing and performing in accordance with the Subsidiary Agreement will not violate any Laws or conflict with any other agreement to which Authorized User is subject. iii. Business Use: Authorized User is obtaining and using the Services from Contractor to facilitate lawful business Transactions between Authorized User and its Customers, and using the DDA only for lawful business purposes. c. No Viruses, Etc.: Contractor will not code or insert into any portion of the Services, and will use commercially reasonable efforts to ensure that no Service will otherwise contain, any computer virus, worm, software lock, drop dead device, Trojan-horse routine, trap door, time bomb or any other malicious codes or instructions that may be used to access, modify, delete, damage or disable the Services or Authorized User’s or any third party’s software, firmware, computer system or devices. 13. AUTHORIZED USER RESPONSIBILITIES Authorized User will be responsible for any sale of goods or services resulting in a Transaction processed under the Agreement. 14. THIRD-PARTY VENDORS a. Authorized User Service Providers and Authorized User Resources i. Authorized User may want to use a Service Provider to assist with Transactions. Authorized User will cause each Service Provider and applicable Authorized User Resource to undergo testing, approval and certification by Contractor before Authorized User uses such Service Provider or applicable Authorized User Resource in connection with accessing or using the Services. Authorized User will ensure that each Service Provider or applicable Authorized User Resource maintains certification and compatibility with the Services and that each Service Provider and applicable Authorized User Resource is fully compliant with all Laws, Payment Network Regulations, and Security Programs. Failure of Authorized User’s systems, including Authorized User’s point-of-sale system or property management system, or any Service Provider systems to maintain certification under this Section or to be compatible and function with the most recent version of the Services will excuse Contractor from all liability and all of its obligations under the Agreement to the extent that Contractor’s provision of the Services is impaired by such failure. ii. As between Contractor and the Authorized User and to the extent not prohibited by law, the Authorized User is responsible for any violations of the Agreement that result from the acts or omissions of Authorized User’s Service Providers and any other person who obtains access to Transaction Information from Authorized User or access to systems under Authorized User’s or Service Provider’s control (excluding acts or omissions to the extent attributable to Contractor’s breach of the Agreement, negligence, or willful misconduct). iii. Contractor is not responsible for Service Providers or for the products or services offered by Service Providers, nor is it responsible for any Transaction until 217 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 65 of 71 Contractor receives complete data for the Transaction in the format required by Contractor. iv. Contractor may terminate a Service Provider’s access to or ability to integrate with Contractor’s products, services, and systems immediately without prior notice if the termination results from: a) The Service Provider’s breach of any Laws or Payment Network Regulations, b) The requirement of any court order or Payment Network or application of Payment Network Regulations to the Services, c) Contractor’s reasonable determination that the Service Provider poses an unacceptable security risk to Contractor, Authorized User or any Payment Network, or d) The Service Provider’s failure to maintain certification to Contractor or the expiration or termination of any agreement between Contractor and the Service Provider specific to certification to Contractor with respect to the Services. b. Liability for Direct Agreement with Third Party: Contractor has no responsibility for, and will have no liability to Authorized User or the State in connection with, any hardware, software or services Authorized User receives subject to a direct agreement (including any sale, warranty or end-user license agreement) between Authorized User or the State and a third party, including any Service Provider, even if Contractor collects fees or other amounts from Authorized User with respect to such hardware, software or services (and such third party will not be considered a third party contractor of Contractor). c. Elavon Third-Party Contractors: Contractor may use third-party contractors in connection with the performance of its obligations under the Agreement. Contractor will be responsible for the performance of its obligations hereunder notwithstanding any use of or delegation of any responsibility to any Contractor third-party contractor. Contractor is responsible for any violations of the Agreement that result from the acts or omissions of its third-party contractors. 15. GENERAL PROVISIONS a. Construction: The headings used in the Agreement are inserted for convenience only and will not affect the interpretation of any provision. Each provision is to be construed as if the parties drafted it jointly. The word “day” will mean “calendar day”, unless specifically stated otherwise. b. Notices: See Contract Exhibit A, Section 23. Notices to Contractor shall be directed to Elavon at 7300 Chapman Highway, Knoxville, TN 37920, with a copy to Two Concourse Parkway, Suite 800, Atlanta, GA 30328 Attn: General Counsel, or such other addresses as Contractor may designate in writing. c. Bankruptcy: Authorized User will immediately notify Contractor of any Bankruptcy Proceeding initiated by or against Authorized User. Authorized User will include Contractor on the list and matrix of creditors as filed with the bankruptcy court, whether or not a claim may exist at the time of filing. Authorized User acknowledges that the Agreement constitutes an executory contract to make a loan, or extend other 218 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 66 of 71 debt financing or financial accommodations to, or for the benefit of Authorized User, and, as such, cannot be assumed or assigned in the event of Authorized User’s bankruptcy. d. Telephone Recording: For quality assurance and training purposes, Authorized User authorizes Contractor to monitor and record customer service telephone conversations at any time, subject to Laws and applicable disclosures if required. e. Waiver: None of the failure to exercise, the delay by Contractor to exercise, or the partial exercise of any right under the Agreement or Subsidiary Agreement by Contractor will operate as a waiver or estoppel of such right, nor will such amend the Agreement or Subsidiary Agreement. f. Survival: All of the obligations of each party that by their nature should survive termination or expiration of the Agreement or Subsidiary Agreement in order to achieve its purposes, will survive and remain binding upon and for the benefit of the parties. g. Counterparts; Electronic Delivery: The Agreement or Subsidiary Agreements may be signed in one or more counterparts, each of which will constitute an original and all of which, taken together, will constitute one and the same agreement. Signed counterparts may be delivered by fax or electronic means (e.g., .pdf documents via e- mail), and will constitute signed originals. h. Business Continuity: Contractor will maintain and adhere to business continuity plans that are commercially reasonable within the industry for the Services. 16. PROCESSING SERVICES TERMS a. Authorized User Compliance: Authorized User will not submit Transactions for processing to Contractor for any businesses, materially different products, or methods of selling other than those stated in the Subsidiary Agreement or Set Up Form without Contractor’s prior written consent. b. MATCHTM and Consortium Merchant Negative File: Authorized User acknowledges that Contractor may be required to report Authorized User’s business name and the name of Authorized User’s principals to the MATCHTM listing maintained by MasterCard and accessed by Visa, to the Consortium Merchant Negative File maintained by Discover, if applicable, or to any other negative or terminated merchant file of any other Payment Network, if applicable, pursuant to the requirements of the Payment Network Regulations. Authorized User specifically consents to Contractor’s fulfillment of the obligations related to the listing of Authorized User and Authorized User information in such databases, and Authorized User waives all claims and liabilities Authorized User may have as a result of such reporting. c. Remedies Cumulative: The rights conferred upon Contractor in this Section are not intended to be exclusive of each other or of any other rights and remedies of Contractor under the Agreement, at law or in equity. Rather, each and every right of Contractor under the Agreement, at law or in equity, is cumulative and concurrent and in addition to every other right. 219 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 67 of 71 d. Authorized User Information: i. Authority: Authorized User authorizes Contractor to make, upon receipt of the Subsidiary Agreement or Set Up Form and from time to time, any business credit or other inquiries it considers reasonably necessary to review the Authorized User or continue to provide Services under the Agreement. Authorized User also authorizes any person or credit reporting agency to compile information to answer those business credit inquiries and to furnish that information to Contractor. ii. Financial Information: At Contractor’s request, Authorized User will provide Contractor audited financial statements prepared by an independent certified public accountant selected by Authorized User, or if Authorized User is audited by a governmental authority, then Authorized User will provide financial statements from such governmental authority. Within one hundred twenty (120) days after the end of each fiscal year or in the case of a governmental entity, when available), Authorized User will furnish Contractor, as requested, a financial statement of profit and loss for the fiscal year and a balance sheet as of the end of the fiscal year, each audited as provided above. Authorized User will also provide Contractor such interim financial statements and other information as Contractor may request from time to time. iii. Providing Information. Authorized Users must provide to Contractor promptly, upon request, information about finances and operations, provided, however, that, with respect to State Authorized Users, the posting of such financial information at the http://www.ebudget.ca.gov website (or any successor website thereto) shall be deemed to fulfill this requirement. e. Authorized User Data Incident: i. Notice and Investigation: Authorized User acknowledges that Cardholder Data and bank account information it obtains in connection with any Transaction is the property of the financial institution that issued the Payment Device or holds the Customer’s account. Authorized User will notify Contractor within 24 hours (and if notice is given orally, it must be confirmed in writing within the same 24-hour period) if Authorized User knows or suspects that Cardholder Data, Customer information, or Transaction Information has been accessed or used without authorization from Authorized User or systems within Authorized User’s control (a “Data Incident”). The notice must include: a) A detailed written statement about the Data Incident including the contributing circumstances, b) The form, number and range of compromised account information, c) Specific account numbers compromised, and d) Details about the ensuing investigation and Authorized User’s security personnel who may be contacted in connection with the Data Incident. Authorized User will fully cooperate with the Payment Networks and Contractor in the forensic investigation of the Data Incident. Within seventy- two (72) hours of becoming aware of the Data Incident, Authorized User will engage the services of a data security firm acceptable to the Payment 220 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 68 of 71 Networks and to Contractor to assess the vulnerability of the compromised data and related systems. Authorized User will provide weekly written status reports to Contractor until the forensic audit is complete. Authorized User will promptly furnish updated lists of potential or known compromised account numbers and other documentation or information that the Payment Networks or Contractor may request. In addition, Authorized User will provide all audit reports to Contractor, and such audits must be completed to the satisfaction of the Payment Networks and of Contractor. Elavon may, in its sole discretion, suspend or terminate Card Processing Services for any Authorized User that experiences a Data Incident. ii. Preservation of Records: If there is a Data Incident, Authorized User will take immediate steps to preserve all business records, logs and electronic evidence relating to the Data Incident. Authorized User will cooperate with Contractor to rectify, correct and resolve any issues that may result from the Data Incident, including providing Contractor with (and obtaining any necessary waivers for) all relevant information to verify Authorized User’s ability to prevent future data incidents in a manner consistent with the Agreement. 221 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 69 of 71 Exhibit H.1: Authorized User Set Up Form Request a copy of the State of California - Authorized User Set Up Form (MSA 5-22-70-22- 01, Exhibit H.1) by emailing the Elavon administrator. 222 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 70 of 71 Exhibit I: Mass Transit Terms (Local Authorized Users Only) 1. MASS TRANSIT SERVICES Contractor will make available to Local Authorized Users the Mass Transit Services. The Mass Transit Services are part of a “pay as you go” model where the fare for each journey may not be known at the point at which the contactless card is tapped on the transit reader. Regardless of whether the fare is known or not, tap data is accumulated, and the total fare amount is calculated and charged by the Local Authorized User at the end of the travel period. For the purposes of this Exhibit, the definition of Payment Network Rules will include the Visa Contactless Transit Implementation Guide, the Visa Contactless Transit Terminal Requirements and Implementation Guide, and any other applicable transit Payment Network Rules, all as may be amended. 2. CONTRACTOR’S RESPONSIBILITIES When providing the Mass Transit Services, Contractor’s services will be limited to the following: a. Provide authorization, clearing and settlement processing activities for Transactions from the transit Local Authorized User, more specifically, authorization, Local Authorized User funding, Transaction reconciliation, chargeback/fraud dispute processing, interchange billing, and Local Authorized User statement generation/delivery. b. Provide Settlement and reporting services as outlined in Exhibit A, Section 5(b) of the Agreement (as amended) and any other applicable obligations of Contractor under the Agreement (other than those outlined in this Exhibit, below). 3. LOCAL AUTHORIZED USER’S RESPONSIBILITIES When using the Mass Transit Services, Local Authorized User will: a. Provide or contract with a Service Provider to provide the Mass Transit merchant requirements (including card readers and equipment, authentication, expiry date check, deny list check, new card check, fare calculation, deny list management, exception handling, customer service, and debt recovery) as required under the Payment Network Rules. 4. PRICING Local Authorized Users will pay monthly, and in arrears, Mass Transit Service fees identified in the pricing matrix provided in Exhibit E.1: Service Pricing. Contractor will pass through to Local Authorized User any special or discounted interchange assessment rates from Visa and MasterCard specifically negotiated for the State. 5. TERMINATION OF MASS TRANSIT SERVICES a. Contractor has the right to send the Local Authorized User a written notice specifying a default of Exhibit I and providing the Local Authorized User an opportunity to cure the breach within a period of time no less than thirty (30) calendar days (“Cure Period”). If the breach is not cured within the Cure Period as stated in the notice, then Contractor has the right to terminate Mass Transit Services or terminate the Local Authorized Users’ Subsidiary Agreement in its entirety, by written notice to the Local Authorized User with termination to be effective not less than thirty (30) days 223 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Page 71 of 71 following the end of the Cure Period. Termination of one Local Authorized User under this Exhibit I will not affect other Local Authorized Users. b. In addition, Contractor may cease providing the Mass Transit Services if Contractor’s agreement with Cybersource terminates, provided that Contractor: (i) has made all efforts to cure any issues with Cybersource to allow the agreement to continue; (ii) provides the State Contract Administrator and Local Authorized Users with a minimum 60 calendar days written notice of the termination; and (iii) cooperates with the Local Authorized Users to obtain the right for the Local Authorized Users to continue using the services through Cybersource. 224 STATE OF CALIFORNIA -DEPARTMENT OF GENERAL SERVICES STANDARD AGREEMENT-AMENDMENT STD 213A (Rev. 4/2020) IZJ CHECK HERE IF ADDITIONAL PAGES ARE ATTACHED �PAGES AGREEMENT NUMBER 5-22-70-22-01 SCO ID: 77601-522702201-A 1 AMENDMENT NUMBER 1 Purchasing Authority Number 1. This Agreement is entered into between the Contracting Agency and the Contractor named below:CONTRACTING AGENCY NAMEDepartment of General Services CONTRACTOR NAMEElavon, Inc. 2.The term of this Agreement is:START DATEJune 1, 2022THROUGH END DATEJune 1, 2027, with two (2) optional two (2) year extensions 3. The maximum amount of this Agreement after this Amendment is:$0.00 (Zero dollars and no-cents, with no guarantee of contract expenditure)4. The parties mutually agree to this amendment as follows. All actions noted below are by this reference made a part of the Agreement andincorporated herein: Incorporates the Generative Artificial Intelligence (GenAI) Reporting provision with the Generative Artificial Intelligence provision in Exhibit A-Scope of Work, Section 31. Exhibit A is hereby replaced in its entirety with the attached Exhibit A (15 pages). All other terms and conditions shall remain the same. IN WITNESS WHEREOF, THIS AGREEMENT HAS BEEN EXECUTED BY THE PARTIES HERETO. CONTRACTOR CONTRACTOR NAME (if other than an individual, state whether a corporation, partnership, etc.) Elavon, Inc. CONTRACTOR BUSINESS ADDRESS 73017 Cl-/"1?11//,ttV 1-1 i,tJ r' PRINTED NAME OF PERSON SIGNING CONTRACTING AGENCY NAME Department of General Services CONTRACTING AGENCY ADDRESS 707 Third Street, 2nd Floor PRINTED NAME OF PERSON SIGNING CONTRACTING AGENCY AUTHORIZED SIGNATURE CALIFORNIA DEPARTMENT OF GENERAL SERVICES APPROVAL STATE OF CALIFORNIA Cl1Y IL� P)l ,l'Z,L,,..L,.£ TITLE DATE SIGNED Cl1Y West Sacramento TITLE DATE SIGNED EXEMPTION (If Applicable) STATE ZIP ,AJ 371.1.rJ ISTATE IZIP CA 95605 Page 1 of 1 Branch Chief, AcquisitionsCarol Bangs 225 Timothy I. Miller . . . Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 1 of 15 Exhibit A: Scope of Work The Department of General Services (DGS), Procurement Division (PD), hereinafter referred to as the “State” or “DGS-PD” is establishing master agreements with multiple providers of Electronic Payment Acceptance Services for State Agencies and Local Users (defined as any city and/or county, district, or other local governmental body or corporation, including the California State Universities (CSU) and University of California (UC) systems, K-12 schools and community colleges empowered to expend public funds), hereinafter collectively referred to as “Authorized Users”. Authorized Users may contract with any master agreement provider. 1. SCOPE a. The State and Elavon, Inc. (hereinafter referred to as the “Contractor”), hereby agree that the Contractor will provide Electronic Payment Acceptance Services to Authorized Users in accordance with the terms and conditions of this Master Service Agreement (“MSA” or “Agreement”). b. Prior to rendering services, Authorized Users and Contractor must execute a separate Subsidiary Agreement that incorporates all of the terms of this MSA by reference and may contain additional specific terms and conditions, none of which may alter, rescind, or be in conflict with the terms and conditions of this MSA (per Exhibit A, Section 14). c. Contractor agrees to honor all Subsidiary Agreements made prior to MSA expiration or termination at the same rates, terms and conditions. d. All Subsidiary Agreements issued against this MSA must be fulfilled/completed in their entirety within twelve (12) months following the MSA end date. e. The State, during the term of this MSA, may negotiate additional agreements, categories and/or services. 2. AGREEMENT TERM The term of this MSA is for a five (5) year period. DGS reserves the right to extend this Agreement for two additional two (2) year periods, with a maximum cumulative term of nine (9) years. The start and end date will be noted on the attached Std. 213 Standard Agreement (the “Effective” term). 3. CONTRACT ADMINISTRATORS The State and MSA Contractor have assigned Contract Administrators as single points of contact for all inquiries, contract related issues and for problem resolution. The Contract Administrators and their contact information will be listed in the subsequent MSA User Instructions issued after award. Should a Contract Administrator change, each party will notify the other in writing no later than ten (10) business days after the date of such change, without amendment to this agreement. a. Contractor must provide the name, address, telephone number, and e-mail address of the individual directly responsible for managing this Agreement on behalf of the Contractor to the State’s designated Contract Administrator. 226 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 2 of 15 b. Contractor must provide the State with at least one (1) replacement candidate that will meet or exceed the experience and skill level of the Contract Administrator being replaced. i) The State shall not compensate the Contractor for any time or effort required to prepare the new Contract Administrator for work on the project. ii) The State may request that Contractor replace an assigned Contract Administrator at any time. The Contractor will use its best efforts to provide a replacement candidate that meets or exceeds the experience and skill level of the Contract Administrator being replaced within a time frame mutually agreed upon by the Contractor and the State. 4. GENERAL OVERVIEW OF SERVICES Contractor shall provide electronic payment acceptance and processing services in the following categories: a. Credit and Debit Card Processing (Category 1) 5. MINIMUM SERVICE LEVEL AGREEMENTS Contractor shall provide electronic payment acceptance and processing services as follows: a. General Service Level Agreements (All Categories) Contractor will: i) Allow for batch processing of transactions. Initiate funding for Credit, Debit, and PIN-Based Card transactions as follows: Transaction Day Initiate Funding to Authorized User’s Account Via ACH1/ Monday Tuesday Tuesday Wednesday Wednesday Thursday Thursday Friday Friday Monday Saturday Monday Sunday Monday 1/ Includes Contractor’s authorization to send funds from Contractor’s bank to Authorized User’s bank account. ii) Contractor shall settle in gross daily and process chargebacks and adjustments by invoicing the Authorized User. 227 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 3 of 15 iii) Provide to each Authorized User access to detailed statements and online reporting tools that provide sufficient information for each Authorized User to reconcile deposits and adjustments made to the Authorized User’s designated bank account(s). iv) Provide customer support twenty-four (24) hours per day, three hundred sixty-five (365) days per year. v) Maintain industry standard data privacy controls sufficient to meet the requirements of the applicable security standards and California State Privacy statutes and regulations (defined in Exhibit A, Section 17). Contractor is fully responsible for all administrative and financial obligations that arise from any security breach caused by the Contractor. vi) Provide Gateway services or equivalent. vii) Annually, make Contractor’s SSAE 18 SOC1 Type II information available for review on Contractor’s premises upon Authorized User’s thirty (30) days written notice. Authorized User’s review shall take place during Contractor’s normal business hours upon the signing of Contractor’s confidentiality agreement. Authorized User’s review does not include copying of such documents. viii)Upon request by the Authorized User, assign to Authorized User one or more identification numbers or passwords for Authorized User’s use in obtaining the Card Services. Once such identification number(s) or password(s) have been delivered to Authorized Agency by Contractor, the use and confidentiality of such numbers and/or passwords shall be the sole responsibility of Authorized User. b. Credit and Debit Card Processing (Service Category 1) Contractor will: i) Process for the Authorized User: MasterCard, Visa, American Express, Discover, Debit Cards, and Purchasing Cards in accordance with the operating rules of each of the named associations and under applicable law. Including but not limited to: 1. Bank Cards – VISA/MasterCard/AMEX/Discover – Cardholder Present 2. Bank Cards – VISA/MasterCard/AMEX/Discover – Cardholder Not Present 3. Signature Debit Cards – VISA/MasterCard – Cardholder Present 4. Signature Debit Cards – VISA/MasterCard – Cardholder Not Present 5. PIN Based Debit Cards 6. Digital Wallets ii) Provide Convenience/Service Fee services. iii) Provide continuous service by maintaining Contractor’s system functionality at a minimum 99.9% of the time (excluding maintenance downtime), measured on a monthly basis. Contractor must provide advanced written notice for scheduled maintenance and maintenance should occur during Authorized User’s non- business hours. 1. Service shall be available twenty-four (24) hours per day, three hundred sixty- five (365) days per year (excluding maintenance downtime). 228 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 4 of 15 2. If service’s monthly availability averages less than 99.9% (excluding maintenance downtime), the Authorized User shall be entitled to recover damages, apply credits or use other contractual remedies as set forth in the Subsidiary Agreement. (Exhibit A, Section 24) 3. Contractor shall provide advance written notice to the State Contract Administrator and Authorized Users of any major upgrades or changes that will affect the service availability. iv) Provide Authorization and Settlement functions on behalf of Authorized User. Authorizations must be completed in real time with response times of no more than 2-12 seconds. Response time is measured from the time Contractor receives a transaction authorization request to the time Contractor provides a transaction authorization response to Authorized User, excluding time dependent upon third parties and delays caused by failures or delays in third party’s systems. v) Deliver, at a minimum, the following standard reports: 1. Deposit Summary 2. Transaction Reports 3. Convenience/services fees, if applicable 4. Statements 5. Interchange 6. Adjustments 7. Chargebacks 8. Authorizations 9. Duplicate Transmissions Frequency of reporting and additional reports to be determined within the Authorized User Subsidiary Agreements. vi) Process Chargebacks, upon receipt, on behalf of Authorized User. If additional information is required from the Authorized User to process the chargeback, Contractor must notify the Authorized User within twenty-four (24) to forty-eight (48) hours of receipt. The Contractor is authorized to protest any chargeback on behalf of the Authorized User. Chargebacks and adjustments will be invoiced to the Authorized Users. vii) Process voids, cancels, returns, reversals and retrievals. viii)Control for duplicate transactions. ix) Remain Payment Card Industry (PCI) compliant and P2PE certified throughout the term of the Agreement. 6. DEMONSTRATIONS Contractor agrees to conduct demonstrations at the request of the State and/or an Authorized User, prior to implementation of an electronic payment acceptance program during the term of the Agreement. 229 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 5 of 15 7. TRAINING Contractor shall provide telephone and/or web-based training for each Authorized User as stated in the Subsidiary Agreement. Implementation training must be completed within 30 calendar days after system set-up. Training will be provided at no additional cost including any travel related expenses. Training material and equipment shall be provided by the Contractor at the Contractor's expense. Contractor shall ensure that sufficient material is provided to all attendees. Contractor shall provide a link to the most recent version of the Contractor's Operating Guide. The Operating Guide and Contractor’s website includes, at a minimum, but not limited to the following: • Step by Step Instructions • Support Services • Quick Reference Guide • FAQ’s and answers Contractor must provide twenty-four (24) hours per day, three hundred sixty-five (365) days per year, web-based access to Contractor’s Operating Guide. Trainer provided by contractor shall be knowledgeable in the subject matter, equipment and training materials. Contractor will customize training sessions for an Authorized User upon request. 8. CUSTOMER SERVICE AND SUPPORT Contractor must provide knowledgeable customer service personnel for the services provided. Contractor shall provide the contact information for problem resolution and inquiries in the Subsidiary Agreement with each Authorized User. Most inquiries regarding the direct reconciliation of an Authorized User’s payment transactions, the transfer to the bank account or any other payment transactions involving the Contractor shall be addressed and/or resolved by the Contractor within three (3) business days from the date of the original inquiry. Most other problems and inquiries will be addressed within five (5) business days from the date of the original contact. If Contractor is unable to resolve issues within the timelines stated above, Contractor will work with the Authorized User to establish mutual resolution timeframes and project timelines. Contractor’s customer service representatives shall accurately and timely: • Research and resolve concerns and provide immediate follow-up status/resolution. • Resolve problems related to daily settlements and deposit variances. • Coordinate and resolve complex reporting issues. • Answer incoming telephone calls, e-mails, faxes, and letters. • Log all problems/resolutions so that recurring problems can be tracked, reported and corrected. Contractors must provide, at the Authorized Users request, copies of any data file transmission that occurred within the required records retention period specified in this Agreement (See Exhibit A, Section 9) and have that data file available to them within forty- eight (48) hours after original request. Any data file requests that cannot be fulfilled in that 230 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 6 of 15 time frame will require Contractor and Authorized User to agree upon a reasonable time frame for such requests. Contractor shall provide a technical liaison (live operator) available twenty-four (24) hours a day, three hundred sixty-five (365) days a year for immediate response to data/technical needs such as, but not limited to, general inquiries, point-of-sale and other payment channel assistance. Upon request, Contractor shall provide a written/electronic status report including a problem statement, proposed solution, and estimated time of problem resolution. Contractor’s staff must be fully versed in electronic payment systems and fully capable of resolving any issues immediately. 9. RETENTION OF RECORDS Contractor must retain all transactional data for a period of at least eighteen (18) consecutive months from the initial transaction date. Transactional data/records must be made available, upon request, to Authorized Users within forty-eight (48) hours after original request. Any data file requests that cannot be fulfilled in that time frame will require Contractor and Authorized User to agree upon a reasonable time frame for such requests. Authorized User should retain legible copies of Sales Drafts and Credit Vouchers for a period of at least eighteen (18) months from the initial transaction date to be able to respond to customer disputes. Authorized User must submit to Servicers a legible copy of a Sales Draft or Credit Voucher within ten (10) days of a request by Servicers, or longer period of time as may be allowed by the Association. 10. PROGRAM WEBSITE Contractor shall provide and regularly update a secure website for use by Authorized Users of this Agreement. The website will include at a minimum, the following information: • Link to the Contractor’s Merchant Operating Guide. • Links to industry related rules and regulations as described in this Agreement. • Customer Service and Support telephone number. • FAQs • Link to report database (Exhibit A, Section 5 (a)(iii)) 11. REPORTING REQUIREMENTS a. Each quarter, the Contractor shall submit a Quarterly Usage/Activity Report to the DGS Contract Administrator via email or other delivery method specified by the State. The report shall summarize the Contractor’s MSA contract activity for each Authorized User, and it shall be provided to the DGS Contract Administrator by the thirtieth (30th) working day following the ending of the quarter’s reporting period. A report is required every quarter, even if the Contractor has no activity during the reporting period. b. DGS will provide a quarterly reporting template to awardees upon award. c. Contractor must report State Authorized Users and Local Authorized Users on separate quarterly reports. 231 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 7 of 15 d. The Quarterly Usage/Activity Report will summarize the Contractor’s MSA contract activity by payment category for each Authorized User and will contain the following information: • Authorized User Name (department, agency, etc.) • Authorized User’s Merchant Number • Dollar Volume by card type (Amex, Discover, Visa, MC, Debit) and/or payment solution • Number of settled transactions by card type and/or payment solution • Fees paid by payment solution and type (interchange, processor, convenience fees, other) • Convenience/Service Fees as applicable • Equipment and software sales reports, upon request • Any other reporting as requested by DGS e. Contractor shall email reports (in Microsoft Excel format or compatible) to the State Contract Administrator (referenced in User Instructions) and Masters@dgs.ca.gov. f. The DGS Contract Administrator reserves the right to modify this report and require the Contractor to provide additional information available to the Contractor during the course of this Agreement at no additional cost. 12. AUTHORIZED USERS a. Pursuant to Government Code §1 1 0 0 0, State of California government agencies include every state office, officer, department, division, bureau, board, and commission. b. For the purposes of this Agreement, local government agencies include any city and/or county, district, or other local governmental body or corporation, including the California State Universities (CSU) and University of California (UC) systems, K-12 schools and community colleges empowered to expend public funds. c. State agencies are required to adhere to DGS contract and procurement policy and procedures. For informational purposes only, see the following link for the State of California Agency List (exclude any local government agencies described above): https://www.ca.gov/agenciesall d. Local government agency use of this MSA is optional. Local government agencies may execute a contract under this MSA using the standard form Std. 213 or appropriate equivalent contract form, and any specific documents established prior to award that affect the Subsidiary Agreement. Upon execution of the contract form they shall become Authorized Users and the provision of services by the Contractor to such Authorized Users will be governed by the terms of this MSA. e. However, the Contractor has authorization to negotiate with local government agency Authorized Users for the provisions cited below. These include but are not limited to: • Invoicing and Payment Provisions (including debiting for chargebacks, assessments and other items) • Governing Law, Jurisdiction • Local Authorized User’s additional specific terms and conditions 232 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 8 of 15 • Convenience/Service Fees 13. AUTHORIZATION TO RENDER SERVICES Unless otherwise provided in this Agreement, Contractor may not decline a State of California government agency’s request to utilize services offered under this Agreement. 14. SUBSIDIARY AGREEMENTS Contractor and a State of California government agency or a local government agency (as applicable) must execute a separate Subsidiary Agreement that incorporates all of the terms of this MSA by reference and may contain additional agency specific terms and conditions, none of which may alter, rescind, or be in conflict with the terms and conditions of this MSA. The Subsidiary Agreement shall consist of a Std. 213 form, or the appropriate equivalent contract form for local government agency Authorized Users and shall describe the particular requirements of the Authorized User, usually reflected in a detailed scope of work. State Agency Authorized User’s Subsidiary Agreements shall be processed in accordance with State contracting laws, policy, and procedures. 15. ENTIRE AGREEMENT & AMENDMENTS This MSA Agreement includes the Std. 213 form, Exhibits A-I and any additional provisions or Exhibits or attachments specific to the Contractor and/or services; documents incorporated by reference, and mutually approved amendments. 16. ORDER OF PRECEDENCE The following order of precedence shall apply: a. All federal, state, local laws and regulations b. Exhibit C: Terms and Conditions (As Modified) c. Exhibit C.1: General Provisions – Information Technology (As Modified) d. Exhibit G: Definitions e. Exhibit A: Scope of Work f. Exhibit A.1: Selected Services g. Exhibit B: Budget Detail and Payment Provisions h. Exhibit D: Insurance Requirements i. Exhibit E: Fees and Costs j. Exhibit F: Equipment and Software k. Exhibit E.1: Service Pricing l. Exhibit E.2: Equipment and Software Pricing m. Exhibit E.3: Equipment Specifications n. Exhibit H: Special Terms and Conditions o. Exhibit I: Mass Transit Terms p. Exhibit H.1: Authorized User Set Up Form q. Payment Network Regulations 233 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 9 of 15 17. SECURITY, PRIVACY AND DISCLOSURE The parties acknowledge that this Agreement is subject to the California Public Records Act (Govt. Code section 6 2 5 0 et seq.), California Government Code sections 6 1 6 4 and 1 1 0 1 9.9; and California Civil Code section 1 7 9 8 et seq. Authorized Users agree not to disclose Cardholder account numbers and/or Card Identification Numbers (“CIDs”) unless required by law or other legal process, or for internal State purposes, or as required to use the services under the Agreement. Contractor agrees it will not use the names, addresses, and any other personally identifying information of State, city, county, school, or other public employees for any purpose not directly related to this Agreement. 18. REGULATORY AUTHORITIES (Industry Related Rules and Regulations) Contractor warrants and certifies that prior to, and in the performance of this Agreement, it will acquire, maintain, and remain in compliance with all mandatory regulatory approvals with respect to its performance under this Agreement required by any applicable governmental agency having jurisdiction over Contractor. If such regulatory approvals are not obtained by Contractor prior to the performance of this Agreement, this Agreement shall be of no force or effect. 19. LICENSES AND PERMITS Contractor shall be responsible for obtaining and maintaining at its expense all applicable licenses, registrations, permits, and certifications applicable to its performance under this Agreement during the entire term of this Agreement required by federal law, the State of California, and local jurisdictions in California. 20. SUBCONTRACTORS Nothing contained in this Agreement or otherwise, shall create any contractual relation between the State and any subcontractors, and no subcontractor shall relieve the Contractor of its responsibilities and obligations hereunder. The Contractor agrees to be fully responsible to the State for the acts and omissions of its subcontractors and of persons either directly or indirectly employed by any of the subcontractors as it is for the acts and omissions of persons directly employed by the Contractor. The Contractor’s obligation to pay its subcontractors is an independent obligation from the Authorized User’s obligation to make payments to the Contractor. As a result, the Authorized User shall have no obligation to pay or to enforce the payment of any moneys to any subcontractor. 21. PHASE IN & PHASE OUT TRANSITION SERVICES Prior to the end of this Agreement’s contract term, or if this Agreement is terminated by the State, Contractor agrees to assist in transitioning the services provided under this Agreement within a period of time, not to exceed one hundred eighty (180) day calendar period. Transition assistance will include but is not limited to: continue transaction processing until date agreed upon, resolve any outstanding chargeback disputes, remit 234 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 10 of 15 final statement and invoice for all transactions through close of business on the final processing date. Contractor shall cooperate with any new contractor(s) and State staff in effectuating an orderly transition. 22. DISPUTE RESOLUTION Contractor shall direct questions regarding the Subsidiary Agreement to the Authorized User. Decisions rendered by the Chief Executive Officer, or designated representative, of the Authorized User are considered final. Upon request, DGS-PD may provide a forum for discussion, at which time a DGS-PD representative shall be available to provide information regarding the State of California’s policies and procedures. If agreement cannot be reached, either party may assert its rights and remedies within a court of competent jurisdiction. 23. NOTICES All notices, requests, demands and other communications hereunder shall be in writing and shall be deemed given if delivered (a) personally, (b) via facsimile, electronic mail or overnight express service (except that notices of termination or default given by facsimile or electronic mail must also be sent via overnight express service or certified mail) or (c) by certified or registered mail, postage prepaid, return receipt requested, in each case, to the addresses, facsimile numbers and/or electronic mail addresses set forth below. The parties hereto may change their street addresses, facsimile numbers and electronic mail addresses for purposes of this Agreement by notifying the other party in the manner specified in this section. 24. LIQUIDATED DAMAGES The Authorized User’s Director or his/her designee may assess compensating damages against the vendor for losses incurred by the Authorized User as a direct result of errors caused by the negligence or willful misconduct of the vendor or subcontractor(s) that cause or contribute to the delay in collecting revenue. If invoked, damages will be assessed based upon the dollar value of the loss, the elapsed time before correction of the error and the Pooled Money Investment Account (PMIA) Daily Rate for the date the loss occurred as published by the California State Treasurer’s Office. Contractor’s liability for damages shall not exceed an amount equal to the annual fees paid or payable to Contractor under the affected Subsidiary Agreement (excluding interchange fees). If twelve (12) consecutive months of fees are not available for this calculation, Contractor will use the highest available months fees multiplied by twelve (12) to identify the anticipated annual fees. For purposes of this Agreement, ‘errors’ do not include any action taken, or any failure to act, pursuant to an instruction from the State or an Authorized User. 25. PROPRIETARY RIGHTS AND PERMITTED USES a. Contractor may not issue any press release about this Agreement or the State without the other party’s prior written consent. 235 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 11 of 15 b. Contractor will provide all Credit Card Association marks, logos, stickers and marketing materials, as well as any other forms of display required by the Associations’. c. An Authorized User may use and display the Associations’ marks, and shall display such Marks in accordance with the standards for use established by the Associations. The Authorized User’s right to use all such Marks will terminate upon termination of the Agreement or upon notice by an Association to discontinue such use, and the Authorized User must thereafter promptly return any materials displaying the Marks. The Authorized User’s use of promotional materials provided by the Associations will not indicate, directly or indirectly, that such Associations endorse any goods or services other than their own and the Authorized User may not refer to any Associations in stating eligibility for its products or services. 26. FEDERAL DEBARMENT The Federal Department of Labor requires that State agencies which are expending Federal funds of $25,000 or more, have in the contract file, a certification by the Contractor that it has not been debarred or suspended from doing business with the Federal Government. Each Contractor must provide this documentation upon request. 27. FORCE MAJEURE Except for defaults of subcontractors at any tier, the Contractor shall not be liable for any excess costs if the failure to perform the Contract arises from causes beyond the control and without the fault or negligence of the Contractor. Examples of such causes include, but are not limited to: a. Acts of God or of the public enemy, and b. Acts of the federal or state government in either its sovereign or contractual capacity. If the failure to perform is caused by the default of a subcontractor at any tier, and if the cause of the default is beyond the control of both the Contractor and subcontractor, and without the fault or negligence of either, the Contractor shall not be liable for any excess costs for failure to perform. 28. RIGHT TO TERMINATE a. The State may terminate the Agreement and any Authorized User may terminate its respective Subsidiary Agreement for cause upon a reasonable and good faith determination that the Contractor failed to perform the requirements of this Agreement at the time and in the manner herein provided in Section (b) below. However, Authorized Users will provide a Cure Period, rather than immediate termination, if a breach involves meeting a service level agreement identified in Exhibit A, Section 5. Nonetheless, the State and Authorized Users reserve the right to terminate for cause without providing additional Cure Periods if a service level issue for which a Cure Period has previously been provided recurs. b. In the event of a breach, the State or Authorized User will send the Contractor a notice specifying the breach and providing the Contractor an opportunity to cure the breach 236 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 12 of 15 within a period of time no less than thirty (30) days “Cure Period”. If the breach is not cured within the Cure Period, the State or Authorized User has the right to terminate the Agreement upon thirty (30) days notice to the Contractor. c. The State may terminate the Agreement without cause upon sixty (60) days advance written notice to the Contractor. Authorized Users may terminate their respective Subsidiary Agreements without cause upon sixty (60) days advance written notice to the Contractor. In the event of a termination without cause, Contractor shall not be responsible for any costs to the State or an Authorized User associated with such termination and any sum due the Contractor under this Agreement (which sum due to the Contractor shall include, but not be limited to, fees as set forth in this Agreement) for Charges up to the date of a termination shall be paid to the Contractor including any Chargebacks, fees, fines or penalties owed by the State or Authorized User after termination, which shall be paid within forty-five (45) days of presentment of a non- disputed invoice, in accordance with Exhibit B, Section 3. d. After receipt of a notice of termination by the State, or an Authorized User, and except as otherwise directed by the State or Authorized User, Contractor shall: i. Stop work as specified in the notice of termination. ii. Place no further subcontracts for materials, services, or facilities, except as necessary to complete the continuing portion of the Agreement. iii. Terminate all subcontracts to the extent they relate to the work terminated. After receipt of a notice of termination and prior to the contract termination effective date, Contractor agrees to diligently proceed without interruption in the performance of this Agreement. Contractor’s failure to diligently proceed in accordance with this Agreement shall be considered a material breach of this Agreement. 29. NEWS RELEASES Unless otherwise exempted, news releases, endorsements, advertising, and social media content pertaining to this Contract shall not be made without prior written approval of the Department of General Services. 30. CONTRACTOR’S ADMINISTRATIVE FEE The Contractor is required to pay a fee to DGS-PD based on the number of settled transactions processed. The fee is paid quarterly and is calculated as equal to $0.01 (1 cent) for each transaction processed per quarter under this Agreement. This Administrative Fee shall not be invoiced or charged to the ordering agency or customer. Payment by the Contractor shall be made quarterly to DGS-PD irrespective of payment status of Subsidiary Agreements. 237 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 13 of 15 Failure to submit correct reports and payments on a timely basis shall constitute grounds for default of this Agreement pursuant to Exhibit A, Section 28(b). Payments are due for the reporting period by the thirtieth (30th) calendar day following the ending of the quarter. (Note: If the due date is on a Saturday or Sunday, the due date will be the Monday following.) Payment may be made in the form of an electronic payment using the PD LPA Payment Portal or by submitting a check payable to the State of California, Department of General Services. Along with each payment, a Usage Report, filtered in Excel as prescribed in Exhibit A, Section 11 “Reporting Requirements,” shall be submitted to the State Contract Administrator. To submit fees through the PD LPA Payment Portal, users must register on the DGS-PD LPA Payment Portal (https://www.dgs.ca.gov/PD/Services/Page-Content/Procurement- Division-Services-List-Folder/Access-LPA-Payment-Portal). Administrative Fee payments made by check shall be submitted to the following address: Department of General Services Procurement Division Attn: MAPS Payment Processing 707 Third Street, 2nd Floor West Sacramento, CA 95605 31. GENERATIVE ARTIFICIAL INTELLIGENCE DEFINITIONS: For purposes of this Section, the following terms shall be given the meaning shown below. Capitalized terms used below and not defined in this Section shall have the meaning set forth in Exhibit G (Definitions) or in the text of the Exhibit C.1: General Provisions – Information Technology (As Modified). Artificial Intelligence (AI): an engineered or machine-based system that varies in its level of autonomy and that can, for explicit or implicit objectives, infer from the input it receives how to generate outputs that can influence physical or virtual environments (Gov Code §§ 11549.64 & 11546.45.5). GenAI Training Data: any content, information, or data that is used to train, tune, test, or validate a GenAI, including text, images, video, audio, code, or similar types of input. Generated Data: any output, results, content, or other data that is produced by GenAI, including but not limited to text, images, video, audio, code, or similar types of output. 238 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 14 of 15 Generative AI (GenAI): an AI system that can generate derived synthetic content, including text, images, video, and audio, that emulates the structure and characteristics of the system’s GenAI Training Data (Gov Code §11549.64). Hallucination: Generated Data that is nonsensical, false, or misleading, and is not based on real or existing data, but is instead produced by bias or the GenAI’s extrapolation or creative interpretation of its Gen AI Training Data. Materially Impacts: shall have the same meaning set forth in State Administrative Manual (SAM) 4986.2. Prompt: any written, spoken, or rendered information provided as a query, command, or other form of input, to any GenAI in connection with this Contract. For avoidance of doubt, Prompt includes any input automatically detected or created by the GenAI, as well as any derivate works of a Prompt or collection of Prompts. GENAI DISCLOSURE OBLIGATIONS: Disclosure Obligations: (a) Contractor must notify the State in writing at such time it: (1) specifically intends to provide GenAI as a Deliverable to the State; or (2) specifically intends to utilize GenAI, including GenAI from third parties, to complete all or a portion of any Deliverable that materially impacts: (i) functionality of the System, (ii) risk to the State, or (iii) Contract performance. For avoidance of doubt, the term “materially impacts” shall have the same meaning set forth in State Administrative Manual (SAM) § 4986.2 Definitions for GenAI. (b) Such notification shall be provided to the State designee identified in this Contract. (c) At the direction of the State, Contractor shall discontinue the use of any new or previously undisclosed GenAI technology in the Goods, Services and Software provided to the State pursuant to the Contract if use of any such GenAI technology that materially impacts functionality, risk or contract performance, until the State conducts its risk assessment of and approves such GenAI technology for this Contract, provided that such approval shall not be unreasonably delayed or withheld (and in no event will the review exceed more than thirty (30) days, and if no response is received from the State within thirty (30) days, Contractor may recommence such use). In the event Contractor is, at Contractor’s sole discretion, unable to discontinue the use of any new or previously undisclosed GenAI technology as described in the preceding sentence, Contractor shall pause the provision of such Goods, Services or Software containing or utilizing such new or previously undisclosed GenAI technology and issue a credit or a refund as determined by the State for such period until the State conducts its risk assessment of and approves such GenAI technology for this Contract, provided that such approval shall not be unreasonably delayed or withheld (and in no event 239 Department of General Services Electronic Payment Acceptance Services (EPAY) Agreement Number 5-22-70-22-01 Amendment 1 Page 15 of 15 will the review exceed more than thirty (30) days, and if no response is received from the State within thirty (30) days, Contractor may recommence such use). Contractor shall continue its performance under the Contract that is unrelated to the use of any new or previously undisclosed GenAI technology in the Goods, Services and Software. For avoidance of doubt, any such discontinuance or pause pursuant to this Section shall not be considered a Stop Work Order. Nothing in this section will allow the State to forego payments owed to Contractor. (d) If the use of previously undisclosed GenAI is approved by the State, then Contractor will update the Deliverable description, and the Parties will amend the Contract accordingly. Failure to Disclose or Discontinue GenAI Use: The State, at its sole discretion, may consider Contractor’s failure to disclose or discontinue the provision or use of GenAI as described above, to constitute a material breach of Contract when such failure results in a material impact to functionality of the System, risk to the State, or Contract performance. The State is entitled to seek any and all remedies available to it under law as a result of such breach, including but not limited to termination of the contract, for default pursuant to Section 11 (Rights and Remedies of State for Default) of the Exhibit C.1: General Provisions – Information Technology (As Modified). 240 State of California MASTER SERVICE AGREEMENT USER INSTRUCTIONS MANDATORY *Supplement 2* Effective Date: *06/05/2025* TITLE DESCRIPTION TITLE/DESCRIPTION: Electronic Payment Acceptance Services CONTRACT NUMBER: 5-22-70-22-01 Elavon, Inc. 5-22-70-22-02 First Data Merchant Services, LLC CONTRACT TERM: Various through 06/01/2027 CONTRACT CATEGORY IT Services MAXIMUM ORDER LIMIT: Unlimited, unless otherwise specified by approved delegated purchasing authority (Refer to Section 5.C) FOR USE BY: State and Local Governmental Agencies STATE CONTRACT ADMINISTRATOR: Lynnell Cuthbertson (279) 799-3844 Lynnell.Cuthbertson@dgs.ca.gov Authorized Users are instructed to carefully review these User Instructions in their entirety. For questions, please contact the Department of General Services, Procurement Division (DGS- PD) State Contract Administrator and reference the “Title/Description” and/or Contract Number listed above. Changes to this document will be issued through a User Instructions revision. ___________ORIGINAL ON FILE_____________ Lynnell Cuthbertson, State Contract Administrator PROCUREMENT DIVISION 707 Third Street, 2nd Floor West Sacramento, CA 95605-2811 241 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 2 of 16 SUMMARY OF CHANGES All changes to most recent Supplement are in bold red italic. Additions are enclosed in asterisks; deletions are enclosed in brackets. Supplement Number Revision Description Effective Date *2* *Supplement 2 incorporates the following changes: 1) Inserted Section 8 - Generative Artificial Intelligence (GENAI)* *06/05/2025* 1 Supplement 1 incorporates the following changes: 1) MSA 5-22-70-22-02 (with First Data Merchant Services, LLC) added. The following sections have been updated with MSA 5-22-70-22-02 information: o Cover page o Section 1 o Section 2.B.4 o Section 3.B o Section 4.A o Section 4.C o Attachment A 2) Section 4.H (Operating Guide) – Updated language. 3) Section 5.F (California Seller’s Permit) – New section added. 4) Section 5.G (Darfur Contracting Act Certification) – New section added. 5) Section 5.H (Civil Rights Certification) – New section added. 6) Section 5.I (Iran Contracting Act Certification) – New section added. 7) Section 5.J (Contractor Certification Clauses) – New section added. 8) Section 6.B (Subsidiary Agreement Requirements) – Link to the Standard Agreement (Std. 213) added. 04/11/2023 242 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 3 of 16 Supplement Number Revision Description Effective Date 9) Attachment A – Added MSA 5-22-70-22-02 information (First Data Merchant Services) and Seller’s Permit Number for MSA 5-22-70-22-01 (Elavon). N/A Original User Instructions posted. 06/01/2022 243 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 4 of 16 Table of Contents SUMMARY OF CHANGES ............................................................................................... 2 USER INSTRUCTIONS .................................................................................................... 6 1. SCOPE AND OVERVIEW .......................................................................................... 6 2. CONTRACT AVAILABILITY ....................................................................................... 6 A. State Agencies ................................................................................................. 6 B. Local Governmental Agencies ......................................................................... 6 3. CONTRACT ADMINISTRATORS ............................................................................... 7 A. State Contact ................................................................................................... 7 B. Contractor Contact ........................................................................................... 7 C. Problem Resolution/Contractor Performance .................................................. 8 4. CONTRACT INFORMATION ...................................................................................... 8 A. Master Agreement (Contract) Documents ....................................................... 8 B. Agreement Term .............................................................................................. 8 C. Available Products and Services ..................................................................... 8 D. Requirements for American Express® Card Acceptance ................................ 9 E. Contractor Pricing ............................................................................................ 9 F. Electronic Payment Deposits and Settlement .................................................. 9 G. SB/DVBE Participation ..................................................................................... 9 H. Operating Guide .............................................................................................. 9 I. *Generative Artificial Intelligence (GENAI) .............................................. 10* 5. CONTRACT USAGE/RULES (State Agencies Only) ............................................... 10 A. Adherence to Applicable Laws ....................................................................... 10 B. Purchasing Authority ...................................................................................... 10 C. Order Limits/Dollar Thresholds ...................................................................... 10 D. Agreement Summary ..................................................................................... 10 E. Certification of Payment Options – Military & Veterans Code §§999.5 and 999.7(a) (SB588) .................................................................................................................... 11 F. California Seller’s Permit (State Agencies Only) ............................................ 11 G. Darfur Contracting Act Certification (State Agencies Only) ............................ 11 H. Civil Rights Certification (State Agencies Only) ............................................. 11 I. Iran Contracting Act Certification (State Agencies Only)................................ 11 J. Contractor Certification Clauses (State Agencies Only) ................................. 12 6. ORDERING PROCEDURES .................................................................................... 12 244 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 5 of 16 A. Subsidiary Agreement Development Process ................................................ 12 B. Subsidiary Agreement Requirements ............................................................ 13 C. Subsidiary Agreement Execution and Distribution ......................................... 14 7. IMPLEMENTATION .................................................................................................. 14 A. Authorized User Set Up Form ........................................................................ 14 B. Set Up Process .............................................................................................. 14 C. Testing ........................................................................................................... 14 8. INVOICING AND PAYMENT .................................................................................... 15 A. Payment Terms ............................................................................................. 15 B. Payee Data Record (State Agencies Only) .................................................... 15 C. CAL-Card Use ............................................................................................... 15 ATTACHMENT A - Contractor Information .................................................................. 16 245 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 6 of 16 USER INSTRUCTIONS 1. SCOPE AND OVERVIEW The Electronic Payment Acceptance Services (EPAY) Master Service Agreement (MSA) provides electronic payment acceptance services at contracted pricing to the State of California and participating local governmental agencies (referenced herein as “Authorized Users”). The EPAY MSA consists of two (2) Agreements (referenced herein as “individual EPAY MSAs”): MSA Contract Contractor MSA 5-22-70-22-01 Elavon, Inc. MSA 5-22-70-22-02 First Data Merchant Services, LLC The individual EPAY MSAs were established by the Department of General Services, Procurement Division (DGS-PD) in accordance with Government Code §6160-6166 and allow Authorized Users to accept payment made by means of a credit card or other payment devices. Electronic payment acceptance service categories offered include: • Category 1 – Credit and Debit Card Processing • Category 2 – E-Check Processing Throughout this document, the term “Authorized Users” will refer to all state agencies and local governmental agencies eligible to utilize the MSA as defined in Exhibit G of the individual EPAY MSAs. Instructions exclusive to state agencies or local governmental agencies are identified within the applicable section. 2. CONTRACT AVAILABILITY A. State Agencies 1) Use of this Agreement is mandatory for State of California agencies acquiring credit and debit card payment acceptance services offered in Category 1 (Credit and Debit Card Processing). 2) Use of these agreements is optional for State of California agencies acquiring electronic payment acceptance services offered in Category 2 (E-Check Processing). B. Local Governmental Agencies 1) Use of this Agreement is optional for local governmental agencies. 2) Pursuant to Public Contract Code §10298-10299, a local government agency is any city, county, district, or other local governmental body or corporation empowered to expend public funds for the acquisition of goods, information technology, or services. Reference to local government agencies will also include the California State 246 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 7 of 16 Universities (CSU) and University of California (UC) systems, school districts, and community colleges. 3) Each local governmental agency shall determine whether use of this Agreement is consistent with its procurement policies and regulations. 4) Local governmental agencies have no authority to amend, modify or change any condition of the MSA except those areas specifically identified in MSA 5-22-70-22-01 Exhibit A, Section 12 (e) (with Elavon, Inc.) or MSA 5-22-70-22-02 Exhibit A, Section 12 (e) (with First Data Merchant Services, LLC). 5) Local governmental agencies may be subject to credit approval by the EPAY MSA Contractor. 3. CONTRACT ADMINISTRATORS The State and EPAY MSA Contractors contract administrators, assigned as single points of contact for problem resolution and related contract issues, are listed below. A. State Contact Contact Information State Contract Administrator Contact Name: Lynnell Cuthbertson Phone: (279) 799-3844 Email: Lynnell.Cuthbertson@dgs.ca.gov Address: DGS/Procurement Division Attn: Lynnell Cuthbertson 707 Third Street, 2nd Floor, MS 202 West Sacramento, CA 95605 B. Contractor Contact Contact Information MSA 5-22-70-22-01 MSA 5-22-70-22-02 Contractor: Elavon, Inc. First Data Merchant Services, LLC Contact Name: Beverly Baker Cari Garcia Phone: (502) 933-8406 (530) 604-5504 E-Mail: Beverly.Baker2@elavon.com Cari.Garcia@fiserv.com Refer to Attachment A for additional EPAY MSA contact information. 247 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 8 of 16 C. Problem Resolution/Contractor Performance Authorized Users should first attempt to resolve complaints, issues, or disputes informally with the EPAY MSA Contractor. If the issue or dispute cannot be resolved by the Authorized User, the issue may be elevated to the DGS-PD State Contract Administrator. 4. CONTRACT INFORMATION A. Master Agreement (Contract) Documents The EPAY MSA contract documents are posted on the Cal eProcure website. To obtain copies click on the links below: MSA Contract Contractor MSA 5-22-70-22-01 Elavon, Inc. MSA 5-22-70-22-02 First Data Merchant Services, LLC B. Agreement Term 1) Each individual EPAY MSA term is listed in Attachment A. 2) Authorized User Subsidiary Agreements shall be executed on or before the expiration date of the MSA and may continue for up to twelve (12) months beyond the MSA expiration date. C. Available Products and Services 1) The EPAY MSA Contractor will provide electronic payment acceptance services in accordance with the terms and conditions of its individual MSA. The available service categories provided by each EPAY MSA Contractor are as follows: Service Category Description MSA 5-22-70-22-01 (Elavon, Inc.) MSA 5-22-70-22-02 (First Data) Category 1 – Credit and Debit Card Processing Yes Yes Category 2 – E-Check Processing No Yes Refer to the individual EPAY MSA for a complete description of services. 2) If Authorized User elects to have a Service Provider provide convenience and/or service fees, then the Authorized User must ensure that the requirements outlined in the MSA, Exhibit E, Section 4 are also met by the Service Provider. 248 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 9 of 16 3) Mass Transit Services outlined in MSA 5-22-70-22-01 (Elavon) are available to Local Authorized Users only. D. Requirements for American Express® Card Acceptance American Express® Card acceptance requires an additional separate Subsidiary Agreement under the Credit Card Acceptance MSA 5-09-99-01 (with American Express Travel Related Services Company, Inc.) for settlement of all American Express® Card transactions. Refer to the MSA 5-09-99-01 User Instructions posted on the Cal eProcure MSA 5-09-99-01 website for more information. Note: The EPAY MSA Contractor will provide authorization, capture and routing services for American Express® Cards. E. Contractor Pricing Refer to Exhibit E: Fees and Costs, Exhibit E.1: Service Pricing, and Exhibit E.2: Equipment and Software Pricing of the individual EPAY MSAs for pricing information. F. Electronic Payment Deposits and Settlement Authorized Users are required to provide the EPAY MSA Contractor with bank deposit account information as defined in Exhibit B: Budget Detail and Payment Provisions of the individual MSA. The EPAY MSA Contractor shall transmit the total amount of the payment transactions to each Authorized Users’ appropriate designated bank account in accordance with the provisions of Exhibit B and the schedule noted in Exhibit A, Section 5 (a)(i) of the individual EPAY MSAs. Refer to Exhibit B: Budget Detail and Payment Provisions of the individual EPAY MSA for payment deposit and settlement information. G. SB/DVBE Participation There is no California-certified Small Business (SB) or Disabled Veteran Business Enterprise (DVBE) participation for the EPAY MSAs. H. Operating Guide The EPAY MSA Contractors have Operating Guides applicable to each selected service which are available to Authorized Users. Authorized User should contact the individual EPAY MSA Contractors for copies of the Operating Guides. Note: The Elavon EPAY MSA incorporates and provides a hyperlink to the June 2021 Elavon Operating Guide. If the link to the June 2021 Elavon Operating Guide directs Authorized Users to a different version, please contact the DGS Contract Administrator. 249 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 10 of 16 I. *Generative Artificial Intelligence (GENAI) State agencies must follow the required GenAI purchase procedures outlined in the State Contracting Manual (SCM) and the California Department of Technology GenAI policies.* 5. CONTRACT USAGE/RULES (State Agencies Only) A. Adherence to Applicable Laws State agencies must adhere to all applicable State laws, regulations, policies, best practices, and purchase authority requirements (e.g. California Codes, Code of Regulations, State Administrative Manual, Management Memos, and State Contracting Manual Volumes). B. Purchasing Authority The acquisition method and type for this Agreement is: Acquisition Method Acquisition Type Leveraged Procurement Agreements (no further competition required) – Master Agreements IT Services Prior to executing Subsidiary Agreements, state agencies must have been granted purchasing authority by DGS-PD for the use of the acquisition method and type listed above. State agencies may contact the DGS-PD Purchasing Authority Management Section for information at pams@dgs.ca.gov. C. Order Limits/Dollar Thresholds State agencies may execute orders, including amendments, up to the maximum order limit listed on page 1, unless otherwise specified by their approved delegated purchasing authority. Each State agency’s purchasing authority is listed by acquisition method and type on their Purchasing Authority Approval Letter (PAAL). To review a State Agency’s PAAL, please refer to the DGS/PD List of State Agencies with Approved Purchasing Authority (https://www.dgs.ca.gov/PD/Resources/Page- Content/Procurement-Division-Resources-List-Folder/List-of-State-Departments-with- Approved-Purchasing-Authority). D. Agreement Summary State agencies using the MSA must complete and retain an Agreement Summary (Std. 215) within their contract file. 250 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 11 of 16 E. Certification of Payment Options – Military & Veterans Code §§999.5 and 999.7(a) (SB588) Certification of Payments to DVBE Subcontractors and Withhold to be enforced by ordering agency. In accordance with the State Contracting Manual, Volume 2, Section 1203.1, State departments shall require the Contractor to submit a complete an accurate Prime Contractor’s Certification – DVBE Subcontracting Report (STD. 817) upon acceptance of ordered goods or services for which the Contractor committed to DVBE subcontractor participation. Upon delivery or completion of ordered goods or services, State departments shall do the following: • Provide proper withhold notification to prime contractors. • Withhold $10,000 or the full amount of the final invoice if less than $10,000 pending receipt of the complete and accurate STD 817. • Review the STD 817. If it is determined to be complete and accurate, authorize payment of the withhold. • If the STD 817 is late or incomplete, department must send the prime contractor a cure notice allowing at least 15 days, but not more than 30 days, to meet the Certification of Payments to DVBE Subcontractors requirements. • If the prime contractor does not comply by the identified deadline, permanently deduct the withhold. • Retain all records for a minimum of six years. F. California Seller’s Permit (State Agencies Only) California Seller’s Permit information for each EPAY MSA Contractor is identified in Attachment A. Prior to purchasing goods under these Master Agreements, state agencies should verify that permits are currently valid on California Department of Tax and Fee Administration (CDTFA) website (www.cdtfa.ca.gov/). State agencies must adhere to the file documentation required in the State Contracting Manual Volume, as applicable. G. Darfur Contracting Act Certification (State Agencies Only) Contractors have a signed Darfur Contracting Act Certification on file with DGS-PD. H. Civil Rights Certification (State Agencies Only) Contractors have a signed California Civil Rights Laws Attachment on file with DGS-PD. I. Iran Contracting Act Certification (State Agencies Only) 251 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 12 of 16 Contractors have a signed Iran Contracting Act Certification on file with the DGS-PD. Prior to award, the state agency must check the “Entities Prohibited from Contracting with Public Entities in California per the Iranian Contracting Act, 2010 List” posted by DGS to confirm firm is not listed as an ineligible business. J. Contractor Certification Clauses (State Agencies Only) Contractors have a signed Contractor Certification Clauses (CCC 04/2017) on file with the DGS-PD. 6. ORDERING PROCEDURES A. Subsidiary Agreement Development Process The recommended development steps are as follows: Step Description 1 Authorized User defines their intended payment processing environment and requirements with all necessary agency staff. (i.e., Program, Technical, Accounting, Purchasing, etc.). Areas to consider include, but are not limited to, the following:  Required services (Categories 1-2)  Required card payment types (i.e. Visa, MasterCard, Discover, American Express, Debit, etc.)  Anticipated number of transactions (monthly/annually)  Anticipated transaction values (ranges and average)  Preferred capture method – Present/Non-Present (i.e. on-site/point of sale or internet)  Equipment/software needs, if known 2 Authorized User meets with each EPAY MSA Contractor individually to discuss the agency’s intended payment processing environment and the EPAY MSA Contractor’s product/service offerings. 3 EPAY MSA Contractors provide the Authorized User a proposed payment solution. 4 Authorized User performs an analysis of each proposed solution to determine which EPAY MSA Contractor to select, based on the agency’s specific business needs. 252 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 13 of 16 Step Description 5 Authorized User executes a Subsidiary Agreement with the selected EPAY MSA Contractor. (Refer Section 6.B of these User Instructions for Subsidiary Agreement requirements and execution). B. Subsidiary Agreement Requirements Prior to rendering services, the Authorized User and the selected EPAY MSA Contractor must execute a Subsidiary Agreement that: • Incorporates all of the terms and conditions of the individual EPAY MSA by reference (i.e. “Master Service Agreement <MSA Number> and its amendments are hereby incorporated by reference and made a part of this agreement.”) • Includes specific Authorized User terms and requirements (i.e. scope of work, agency contact, and payment provisions, as applicable) none of which may alter, rescind, or be in conflict with the terms and conditions of the individual EPAY MSA. Note: While there is no need to duplicate the EPAY MSA contract language, Authorized Users should include details specific to the Subsidiary Agreement between the Authorized User and the selected EPAY MSA Contractor. 1) State Agency - Contract Form State agencies must use the Standard Agreement (Std. 213) for EPAY MSA Subsidiary Agreements, available at http://www.documents.dgs.ca.gov/dgs/fmc/pdf/std213.pdf. State Agency Subsidiary Agreements must contain the following:  Standard Agreement (Std. 213)  MSA Exhibit A.1: Selected Services – Check boxes for all MSA exhibits applicable with selected services  Scope of Work – Including the specific services being ordered and the agency contract manager/project representative  Agency specific terms and conditions – Including budget, invoice and payment provisions (e.g. mailing address/contact for invoices) as applicable. 2) Local Agency - Contract Form Local governmental agencies may use an appropriate equivalent contract form (in lieu of the State’s Std. 213 form) for EPAY MSA Subsidiary Agreements. 253 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 14 of 16 Local governmental agency Subsidiary Agreements must contain the following:  Local Agency’s contract form/document (equivalent to the State’s Std. 213 form)  MSA Exhibit A.1: Selected Services – Check boxes for all MSA exhibits applicable with selected services  Scope of Work – Including the specific services being ordered and the agency contract manager/project representative  Agency specific terms and conditions – Including, budget, invoice and payment provisions (e.g. mailing address/contact for invoices) as applicable. C. Subsidiary Agreement Execution and Distribution Authorized Users must submit executed Subsidiary Agreements as follows: 1) Contractor Copies Authorized User shall provide a copy of the executed Subsidiary Agreement to the appropriate EPAY MSA Contractor Contract Administrator. 7. IMPLEMENTATION The EPAY MSA Contractor will work with the Authorized User throughout the implementation process which will include the following: A. Authorized User Set Up Form Authorized Users are required to complete an Authorized User Set Up Form (MSA Exhibit H.1) identifying each agency location under the Authorized User’s Subsidiary Agreement. Completed Authorized User Set Up Forms must be submitted to the appropriate EPAY MSA Contractor Contract Administrator. B. Set Up Process Upon receipt and verification of the completed Authorized User Set Up Form, the EPAY MSA Contractor will assign new Merchant Identification (MID) numbers to the specified locations and provide new MIDs to the designated Authorized User contact. Authorized User will work with the EPAY MSA Contractor to determine requirements for updating software or terminals with the new MID number(s) and any additional implementation steps as needed. C. Testing Authorized Users are encouraged to perform test transactions at each location to ensure functionality after updating the software/terminals with the new MID number(s). 254 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 15 of 16 Authorized Users should work directly with the EPAY MSA Contractor to obtain test cards. 8. INVOICING AND PAYMENT A. Payment Terms Refer to Exhibit B of the individual EPAY MSAs for payment terms and provisions. B. Payee Data Record (State Agencies Only) State agencies not transacting in FI$Cal must obtain a copy of the Payee Data Record (Std. 204) in order to process payments. State agencies should forward a copy of the Std. 204 to their accounting office(s). Without the Std. 204, payment may be unnecessarily delayed. State agencies may request a copy of the completed Payee Data Record (Std. 204) from the Contractor. C. CAL-Card Use The CAL-Card may not be used for the payment of invoices. 255 State of California Master Agreement Department of General Services USER INSTRUCTIONS Procurement Division Electronic Payment Acceptance Services Supplement 2 Page 16 of 16 ATTACHMENT A - Contractor Information Item Agreement Detail MSA No. 5-22-70-22-01 Contractor Name Elavon, Inc. Term Dates 6/1/2022 through 6/1/2027 Link to Cal eProcure Cal eProcure 5-22-70-22-01 webpage Service Categories Category 1 – Credit and Debit Card Processing Seller’s Permit Number 99-577598 (Refer to Section 5.F.) CAL-Card Accepted No SB/DVBE Certification(s) None Primary MSA Contractor Contact Information Elavon, Inc. Beverly Baker (502) 933-8406 Beverly.Baker2@elavon.com Item Agreement Detail MSA No. 5-22-70-22-02 Contractor Name First Data Merchant Services, LLC Term Dates 4/1/2023 through 6/1/2027 Link to Cal eProcure Cal eProcure 5-22-70-22-02 webpage Service Categories Category 1 – Credit and Debit Card Processing Category 2 – E-Check Processing Seller’s Permit Number 09-9931057 (Refer to Section 5.F.) CAL-Card Accepted No SB/DVBE Certification(s) None Primary MSA Contractor Contact Information First Data Merchant Services, LLC Cari Garcia (530) 604-5504 Cari.Garcia@fiserv.com 256