Laserfiche WebLink
A more human reso"rce. <br />APPLICATION PROGRAMS, ANY CUSTOM PROGRAMS CREATED BY ADP OR ANY THIRD -PARTY <br />SOFTWARE DELIVERED BY ADP AND RESULTS OBTAINED THROUGH THE USE THEREOF. <br />9. Security and Controls <br />9.1. Service Organization Control Reports. Following completion of implementation of any <br />applicable Services, ADP will, at Client's request and at no charge, provide Client with copies of any routine <br />Service Organization Control 1 reports ("SOC 1 Reports") (or any successor reports thereto) that are both <br />directly related to those Services provided hereunder for Client and already released to ADP by the public <br />accounting firm producing the report. SOC 1 Reports are ADP Confidential Information and Client will not <br />distribute or allow any third party (other than its independent auditors) to use any such report without the prior <br />written consent of ADP. Client will instruct its independent auditors or other approved third parties to keep <br />such report confidential and Client will remain liable for any unauthorized disclosure of such report by its <br />independent auditors or other approved third parties. <br />9.2. Business Continuity; Disaster Recovery. ADP maintains a commercially reasonable <br />business continuity and disaster recovery plan and will follow such plan. <br />9.3. Data Security. ADP has an established information security program containing appropriate <br />administrative, technical and physical measures to protect Client data (including Personal Information) <br />against accidental or unlawful destruction, alteration, unauthorized disclosure or access consistent with <br />applicable laws. In the event ADP suspects any unauthorized access to, or use of, the Services, ADP may <br />suspend access to the Services to the extent ADP deems necessary to preserve the security of the Client's <br />data. <br />10. Data Security Incident <br />10.1. Notification. If ADP becomes aware of a security breach (as defined in any applicable law) or <br />any other event that compromises the security, confidentiality or integrity of Client's Personal Information (an <br />"Incident"), ADP will take appropriate actions to contain, investigate and mitigate the Incident. ADP shall <br />notify Client of an Incident as soon as reasonably possible. <br />10.2. Other ADP Obligations. In the event that an Incident is the result of the failure of ADP to comply <br />with the terms of this Agreement, ADP shall, to the extent legally required or otherwise necessary to notify <br />the individuals of potential harm, bear the actual, reasonable costs of notifying affected individuals. ADP and <br />Client shall mutually agree on the content and timing of any such notifications, in good faith and as needed <br />to meet applicable legal requirements. In addition, where notifications are required, and where such <br />monitoring is practicable and customary, ADP shall also bear the cost of one year of credit monitoring to <br />affected individuals in the applicable jurisdictions. <br />11. Payment Terns <br />11.1. Client will pay to ADP the fees and other charges for the Services asset forth in the Pricing <br />and Financial Terms appendix. <br />12. Term; Termination; Suspension <br />12.1. Initial Term. This Agreement is effective upon the Effective Date and will remain in effect until <br />the third (3p) anniversary of the Effective Date (the "Initial Term"). After the Initial Term expires, this <br />Agreement will automatically renew for additional one year periods (each a "Renewal Term") unless <br />terminated by either party upon at least 180 days prior written notice to the other party prior to the end of the <br />Initial Term or Renewal Term, as applicable. <br />41ETARYAND CONFIDENTIAL TO ADP <br />Page 9 of 14 <br />