Browse
Search
2020-887-E Economic Dev - Submittable Holdings Inc grant management software
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2020's
>
2020
>
2020-887-E Economic Dev - Submittable Holdings Inc grant management software
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
3/1/2021 4:33:23 PM
Creation date
3/1/2021 4:09:58 PM
Metadata
Fields
Template:
Contract
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
60
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID:90A54439-23B9-40AF-8246-BFCAAEAA529D <br /> Per our incident response policy, we would notify affected customers within 48 hours of <br /> a breach. To date, Submittable has not experienced a data breach. <br /> 7. Is the Cloud provider obligated to inform the County of all locations in which the data is <br /> stored(including backups) and to continually keep the County informed of any changes <br /> to those locations? <br /> We specify in our Submittable Customer Terms of Service that all data, including <br /> backups, are stored only in the United States, with AWS in the Northern Virginia region <br /> (us-east-1). We have no plans to change the location of where we store data. <br /> If No, Explain: Click here to enter text. <br /> 8. What are the Cloud provider's contractual obligations with respect to litigation holds on <br /> County data? <br /> If any law, regulation, or government or regulatory body requires Submittable to retain <br /> any documents or materials that Submittable would otherwise be required to return or <br /> destroy, it will notify Customer in writing of that retention requirement, giving details of <br /> the documents or materials that it must retain, the legal basis for retention, and <br /> establishing a specific timeline for destruction once the retention requirement ends. <br /> 9. What are the Cloud provider's contractual prohibitions on disclosing data to individuals, <br /> groups or organizations making record requests, unless so directed by an authorized <br /> County official? <br /> If a law requires Submittable to disclose personal information, Submittable will first <br /> inform the customer of the legal requirement and give the customer an opportunity to <br /> object or challenge the requirement,unless the law prohibits such notice. <br /> 10. Does the contract obligate the Cloud provider to allow third-party audits and/or <br /> certifications related to infrastructure and security, including penetration testing and <br /> vulnerability assessment, as requested by the County? <br /> Submittable shall annually cause a reputable independent third-party audit firm to <br /> conduct SOC 2 audits of Submittable. Additionally, as part of its SOC 2 and HIPAA <br /> compliance obligations, Submittable retains a firm to conduct a third party penetration <br /> test of its web application on an annual basis. <br /> If No, Explain: Click here to enter text. <br /> 11. Does the contract obligate the Cloud provider to allow third party onsite inspections of <br /> the Cloud provider's infrastructure and security practices on a specified basis? <br /> Submittable allows for a customer to request an audit at Submittable's premises only <br /> after an actual or reasonably suspected security breach. For further details,please refer to <br /> the relevant provisions of the Submittable Customer Terms of Service. <br /> If No, Explain: Click here to enter text. <br /> 12. Does the contract obligate the Cloud provider to provide security documentation upon <br />
The URL can be used to link to this page
Your browser does not support the video tag.