Orange County NC Website
DocuSign Envelope ID: B4D9BEED- F7D1- 45E2- BDC4- 3857401A2AB3 <br />1W�'�f TRU aT [`]l�r+iMERCEm <br />SAFEGUARDING DATA_ POWERING PAYMENTS. <br />Client Services Agreement <br />TC CSA 2017 09 <br />5. RESPONSIBILITIES OF COMPANY <br />Company will be responsible for the following: <br />(a) Providing Client with access to TC Services pursuant to the terms and conditions of this Agreement. Company may modify TC <br />Services in its sole discretion provided, however, that Company notifies Client of any modifications which would materially <br />affect Client's use of TC Services. Company will engage in commercially reasonable efforts to provide Client with advance <br />notice of any planned system shutdowns or outages or other events which Company believes are likely to interrupt Client's <br />access to TC Services. Modifications to the systems are considered critical to Company in improving its systems performance, <br />response, and security to the benefit of its entire client base. Company may, in its sole discretion, subcontract with third -party <br />vendors to provide all or a part of TC Services. <br />(b) As to TC Services, implementing and maintaining security systems consisting of encryption and "firewall" technologies to <br />enable the secure transmission of data. Company may from time to time, in its sole discretion, modify or upgrade such security <br />systems to maintain or enhance the level of security provided for the transmission of data. This does not exclude or limit the <br />responsibility of Client in any way as to the security required to be maintained over their systems and data transmission. <br />(c) Providing uninterrupted service to Client, subject to scheduled maintenance. Company reserves the right to interrupt service to <br />perform routine scheduled maintenance. Company will notify Client of scheduled interruptions at least twenty -four (24) hours <br />in advance via email and will take appropriate measures to ensure that back -up systems are in place so as to minimize the <br />effect of maintenance updates on Client. In the event of unforeseen network and /or equipment failure, Company will use best <br />efforts to expeditiously repair and /or restore TC Services. <br />(d) Using commercially reasonable efforts to establish and maintain an appropriate connection between the TC Server and Client's <br />authorized Processor(s) ( "Connection "), as properly identified by Client pursuant to the Responsibilities of Client section below. <br />In the event of an interruption in the Connection or TC Services that is within Company's control, Company will use <br />commercially reasonable efforts to restore the Connection and /or TC Services as promptly as possible. <br />(e) Providing Client with access to the Control Panel, which reports specific details concerning Client's transactions and provides <br />certain reporting tools of assistance to Client in its accounting activities. Company will restrict access to the Control Panel to <br />Client, Company, and any third party to whom the Parties may agree to permit access by using a password protection <br />mechanism. Company will retain transaction details concerning Client's transactions on the Control Panel for at least twelve <br />(12) months following the date on which the data relating to the said transactions was first received by Company. <br />(f) Retaining Client data in accordance with Company's Data Retention Policy, which is attached hereto as "Exhibit 3" and may be <br />found on the Company TC Vault° website: https: / /vault.trustcommerce.com > Account Information > Terms and Policies > <br />Policies. <br />(g) Using commercially reasonable efforts to meet minimum service levels in accordance with Company's TC Support Overview & <br />Service Level Objectives document which is attached hereto as "Exhibit 4" and may be found on the Company TC Vault° <br />website: https: / /vault.trustcommerce.com > Account Information > Terms and Policies > Policies. <br />(h) Maintaining all applicable PCI DSS requirements to the extent Company possesses, stores, or transmits the Client's customer's <br />cardholder data or sensitive authentication data on behalf of a customer. Company takes no responsibility for the security of <br />Client's customer cardholder data prior to the delivery of such data to Company, or upon transmission of the data to another <br />third party, at the direction of Client. <br />6. RESPONSIBILITIES OF CLIENT <br />Client will be responsible for the following: <br />(a) Establishing, maintaining and providing the necessary security over its systems that integrate or communicate with Company's <br />systems including but not limited to website(s), retail stores and call centers. Client is fully responsible for all goods or services <br />offered for sale by it and for anyone to whom it provides access to Company's services including any advertising for such goods <br />or services regardless of the medium. Client is also fully liable for any promotions, whether appearing on Client's website or <br />otherwise, proffered or offered by Client directly or indirectly in reference to any of Client's offerings. Client hereby certifies to <br />Company that Client is the owner of and /or has the legal right and authority to use, utilize and /or disseminate all information, <br />TrustCommerce 1 1 MacArthur Place, Suite 400 1 Santa Ana, CA 92707 -5927 Initials: <br />Tel 800.915.1680 Fax 949.266.0359 P a g e 1 2 <br />Info @TrustCommerce.com I www.TrustCommerce.com <br />