Browse
Search
2025-733-E-AMS-Complete_with_DocuSign_Brady_Services_Whitte
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2020's
>
2025
>
2025-733-E-AMS-Complete_with_DocuSign_Brady_Services_Whitte
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
12/11/2025 1:28:28 PM
Creation date
12/11/2025 1:28:15 PM
Metadata
Fields
Template:
Contract
Date
10/13/2025
Contract Starting Date
10/13/2025
Contract Ending Date
10/14/2025
Contract Document Type
Contract
Amount
$427,883.00
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
29
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Orange Co Whitted Chiller September 08, 2025 <br /> <br /> Page 17 of 18 © 2025 Trane Technologies. All Rights Reserved. <br />Confidential and Proprietary Information of Trane U.S. Inc. <br />purpose of providing the Equipment and Services, and will disclose Customer Confidential Information only: (i) to Trane’s <br />employees and agents who have a need to know to perform the Services, (ii) as expressly permitted or instructed by Customer, <br />or (iii) to the minimum extent required to comply with applicable law, provided that Trane (1) provides Customer with prompt <br />written notice prior to any such disclosure, and (2) reasonably cooperate with Customer to limit or prevent such disclosure. <br />4. Customer Data; Compliance with Laws. Trane agrees to comply with laws, regulations governmental requirements and industry <br />standards and practices relating to Trane’s processing of Customer Confidential Information (collectively, “Laws”). <br />5. Customer Data; Information Security Management. Trane agrees to establish and maintain an information security and privacy <br />program, consistent with applicable HVAC equipment industry practices that complies with this Addendum and applicable Laws <br />(“Information Security Program”). The Information Security Program shall include appropriate physical, technical and <br />administrative safeguards, including any safeguards and controls agreed by the Parties in writing, sufficient to protect Customer <br />systems, and Customer’s Confidential Information from unauthorized access, destruction, use, modification or disclosure. The <br />Information Security Program shall include appropriate, ongoing training and awareness programs designed to ensure that <br />Trane’s employees and agents, and others acting on Trane’s, behalf are aware of and comply with the Information Security <br />Program’s policies, procedures, and protocols. <br />6. Monitoring. Trane shall monitor and, at regular intervals consistent with HVAC equipment industry practices, test and evaluate <br />the effectiveness of its Information Security Program. Trane shall evaluate and promptly adjust its Information Security Program <br />in light of the results of the testing and monitoring, any material changes to its operations or business arrangements, or any <br />other facts or circumstances that Trane knows or reasonably should know may have a material impact on the security of <br />Customer Confidential Information, Customer systems and Customer property. <br />7. Audits. Customer acknowledges and agrees that the Trane SOC2 audit report will be used to satisfy any and all audit/inspection <br />requests/requirements by or on behalf of Customer. Trane will make its SOC2 audit report available to Customer upon request <br />and with a signed nondisclosure agreement. <br />8. Information Security Contact. Trane’s information security contact is Local Sales Office. <br /> <br />9. Security Incident Management. Trane shall notify Customer after the confirmation of a Security Incident that affects Customer <br />Confidential Information, Customer systems and Customer property. The written notice shall summarize the nature and scope <br />of the Security Incident and the corrective action already taken or planned. <br /> <br />10. Threat and Vulnerability Management. Trane regularly performs vulnerability scans and addresses detected vulnerabilities on a <br />risk basis. Periodically, Trane engages third-parties to perform network vulnerability assessments and penetration testing. <br />Vulnerabilities will be reported in accordance with Trane’s cybersecurity vulnerability reported process. Trane periodically <br />provides security updates and software upgrades. <br /> <br />11. Security Training and Awareness. New employees are required to complete security training as part of the new hire process and <br />receive annual and targeted training (as needed and appropriate to their role) thereafter to help maintain compliance with <br />Security Policies, as well as other corporate policies, such as the Trane Code of Conduct. This includes requiring Trane <br />employees to annually re-acknowledge the Code of Conduct and other Trane policies as appropriate. Trane conducts periodic <br />security awareness campaigns to educate personnel about their responsibilities and provide guidance to create and maintain a <br />secure workplace. <br /> <br />12. Secure Disposal Policies. Trane will maintain policies, processes, and procedures regarding the disposal of tangible and <br />intangible property containing Customer Confidential Information so that wherever possible, Customer Confidential Information <br />cannot be practicably read or reconstructed. <br /> <br />13. Logical Access Controls. Trane employs internal monitoring and logging technology to help detect and prevent unauthorized <br />access attempts to Trane’s corporate networks and production systems. Trane’s monitoring includes a review of changes <br />affecting systems’ handling authentication, authorization, and auditing, and privileged access to Trane production systems. <br />Trane uses the principle of “least privilege” (meaning access denied unless specifically granted) for access to customer data. <br /> <br />14. Contingency Planning/Disaster Recovery. Trane will implement policies and procedures required to respond to an emergency <br />or other occurrence (i.e. fire, vandalism, system failure, natural disaster) that could damage Customer Data or any system that <br />contains Customer Data. Procedures include the following <br />(i) Data backups; and <br />(ii) Formal disaster recovery plan. Such disaster recovery plan is tested at least annually. <br /> <br />15. Return of Customer Data. If Trane is responsible for storing or receiving Customer Data, Trane shall, at Customer’s sole <br />discretion, deliver Customer Data to Customer in its preferred format within a commercially reasonable period of time following <br />the expiration or earlier termination of the Agreement or, such earlier time as Customer requests, securely destroy or render <br />unreadable or undecipherable each and every original and copy in every media of all Customer’s Data in Trane’s possession, <br />Docusign Envelope ID: A027BEC4-9CD8-4C1F-889C-FED6DE495C39
The URL can be used to link to this page
Your browser does not support the video tag.