MASTER SERVICES AGREEMENT
EXHIBIT 10.2.2
* — CERTAIN MATERIAL HAS BEEN OMITTED PURSUANT TO A REQUEST FOR CONFIDENTIAL
TREATMENT AND THAT MATERIAL HAS BEEN FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION.
SOW 1 TO
SOW FOR KEYING AND IDENTITY ASSESSMENT PROCESSING SERVICES
This SOW is made as of October 3, 2005 by and between Edentify, Inc., with its principal place of business at 00 Xxxx Xxxxx Xxxxxx, Xxxxx 000, Xxxxxxxxx, Xxxxxxxxxxxx 00000 (“Edentify”), and Seisint, Inc., with its principal place of business at 0000 Xxxx xx Xxxxxxxx Xxxx, Xxxx Xxxxx, Xxxxxxx 00000 (“Seisint”).
Whereas the Parties have entered into a Master Agreement of even date herewith, into which this SOW is intended to be incorporated;
Now, therefore, in consideration for the terms and conditions of the Master Agreement, and the Fees and Services as described herein, the Parties agree to the following:
1. DEFINITIONS
1.1 “ASSESSMENT SERVER(s)” means one or more servers owned by
Seisint and maintained within the Seisint Data Center, each of
which has the Edentify Assessment Module and the Edentify Key
Generation Module installed, and with which Seisint shall
perform the Keying and Identity Assessment Processing. The
Assessment Server(s) shall be high-performance Intel-based
computer(s) running MS Windows (XP Pro or Server 2003) at 3.2
Ghz or greater.
1.2 “CONFIRMING MATCH” means A Reference Record which is scored by
the Identity Assessment Processing as an acceptable variation
of a given Input Record.
1.3 “ECL” means Seisint’s proprietary programming language.
1.4 “EDENTIFY ASSESSMENT MODULE” means Edentify’s proprietary
algorithms and all third party software required for Identity
Assessment Processing; specifically including, but not limited
to, the * from * Inc. and a customized version
of the * product developed in conjunction with
1.5 “EDENTIFY DATABASE SERVER” means a server, owned by Seisint
and housed within the Seisint Data Center, which shall be used
to store the Edentify Reference Database. The Edentify
Database Server shall use an * database, and may require
1.6 “EDENTIFY KEY” means the unique identifier created by the
Keying process.
1.7 “EDENTIFY KEY GENERATION MODULE” means Edentify’s proprietary
algorithm for Keying.
1.8 “EDENTIFY PRODUCTS” means those products or services offered
by Edentify that are derived from or incorporate any aspects
of (a) the Identity Assessment Processing or (b) the Edentify
Key Generation and Update Services (each of the foregoing
being defined in Section 2.1 hereof) performed pursuant to
this Agreement.
1.9 “EDENTIFY REFERENCE DATABASE” means the database contained in
the Edentify Database 1
Server and which stores the Edentify Keys derived from the
Seisint Databases and corresponding Reference Records.
1.10 “FILE” means the grouping of Records to form an embodiment of
information regarding more than a single individual.
1.11 “IDENTITY ASSESSMENT PROCESSING” means the processing, as set
forth in this SOW, of Edentify Keys contained in the Edentify
Reference Database against Input Records using the Edentify
Assessment Module for the Rating of Input Records.
1.12 “INPUT RECORDS” means the Name/SSN pairings provided by
Edentify that have been derived from Edentify’s customer’s
records, and which shall be input into the Assessment
Server(s) for Identity Assessment Processing. Input Records
must contain SSN/Name Pairings directly extracted from
Edentify’s customers records, not permutations or variations
thereof.
1.13 “KEYING” (OR “KEYED”) means generation of identifiers, using
the Edentify Key Generation Module, that describe the contents
of the Reference Record.
1.14 “NO MATCH” means an Input record which returns no
corresponding SSN/Name Pairing in the Seisint Databases.
1.15 “OTHER SOURCE” means a non Public Records source including,
but not limited to, utility company sources such as power,
telephone, water and sewer companies.
1.16 “POSSIBLE” OR “POSSIBLES” means all Confirming and Suspect
Matches of an Input Record to one or more Reference Records.
Each Input Record may have up to 50 Possibles.
1.17 “PUBLIC RECORDS” means data from a local, state or federal
agency.
1.18 “RATING” refers to a step in the Identity Assessment
Processing in which the set of Possibles (each with an
assigned Score) observed relative to each Input Record are
evaluated and assigned to categories of risk indicators to
that Input Record. The Rating process may be unique to each
client or transaction type and is incorporated into the
reporting template.
1.19 “RECORD” or “Records” means a subpart(s) of a File containing
A single instance of information on a single identity.
1.20 “REFERENCE RECORD(s)” means the set of Records associated with
corresponding Edentify Keys derived from the Seisint
Databases, each of which is to include: (i) Social Security
Number; (ii) Full Name; (iii) number of occurrences of the
SSN/Name Pairing in the Seisint Databases; (iv) the source of
the SSN/Name Pairing; (v) the date that the first occurrence
of such SSN/Name Pairing was established with Seisint or its
data provider; and (vi) the last date such SSN/Name Pairing
was established, confirmed or updated with Seisint or its data
provider. From 3 to 5 Edentify Keys may be generated for each
Record from the Seisint Databases.
1.21 “SCORE” means a numerical attribute assigned to each similar
Reference Record during 2
the first stage of the Identity Assessment Processing
reflecting that Reference Record’s similarity to the Input
Record. The resulting Score is used to determine the
Possibles.
1.22 “SEISINT DATA CENTER” means a data center location operated
and controlled by Seisint.
1.23 “SSN/NAME PAIRING” means a unique coupling of a social
security number and a full name that either Party obtains from
a data source.
1.24 “SUSPECT MATCH” means an Input Record which has a
corresponding SSN/Name Pairing in the Seisint Databases
relative to an Input Record which is Scored by the Identity
Assessment Processing as an unacceptable variation of the
Input Record and which is flagged by the Identity Assessment
Processing as a potential subject of manipulation.
2. SCOPE OF WORK
2.1 Beginning on the agreed upon start date, allowing for a reasonable
implementation period after the Effective Date, Seisint shall perform
the following processing services, a diagram of which is attached
hereto as Exhibit A:
A. Edentify Key Generation and Update Services. Seisint shall provide
all hardware, operating software (excluding the Edentify Key
Generation Module, which shall be provided by Edentify), and data
center needs, necessary for the development, implementation and
maintenance of the Edentify Database Server and Edentify Reference
Database. The Edentify Database Server shall be housed within the
secured Seisint Data Center and shall only be accessible by Seisint,
and its employees and agents. Edentify shall provide Seisint with
the Edentify Key Generation Module, which Seisint shall install on
the Assessment Server(s), as described below, and which Seisint
shall use solely for the purposes of generating Edentify Keys from
the Seisint Databases to populate the Edentify Reference Database.
All resulting Edentify Keys shall be stored in the Edentify
Reference Database, within the Edentify Database Server, along with
the corresponding Reference Records. The Edentify Key Generation and
Update Service shall be repeated on a quarterly basis to allow for
the Keying of new Records that may be introduced into the Seisint
Databases as result of the receipt of updates from its data vendors
(the “Quarterly Key Build Process”). Seisint shall be responsible
for the commercially reasonable maintenance of the Edentify Database
Server throughout the Term of this SOW.
B. Identity Assessment Processing Services. Seisint shall provide all
hardware, operating software (excluding the Edentify Assessment
Module, which shall be provided by Edentify), and data center needs,
necessary for the development, implementation and maintenance of one
or more, but in no event more than 5, Assessment Server(s). The
Assessment Server(s) shall be housed within the secured Seisint Data
Center and shall only be accessible by Seisint, and its employees
and agents, except through a limited secure connection as
specifically contemplated below. Each Assessment Server shall be
connected via a high speed connection to the Edentify Database
Server. Unless and until a secure connection is established between
Edentify and the Assessment Server(s) as contemplated in Section 2.3
hereof, Edentify shall provide Seisint with Input Records via
encrypted batch submissions, in a mutually agreed upon format, which
Seisint shall decrypt and use to perform the Identity Assessment
Processing. 3
Seisint shall perform the Identity Assessment Processing of Input
Records to derive resulting Input Record Ratings. The Identity
Assessment Processing shall comprise the following:
i) The Edentify Assessment Module will derive, in a single
pass, a Score and Rating information for each Input Record
relative the Edentify Keys in the Edentify Reference
Database by comparing all possible permutations of the Input
Record to the Seisint data represented by the Edentify Keys
stored in the Edentify Reference Database.
ii) The Edentify Assessment Module will return the following
data for each Input Record:
a) the number of occurrences of that unique SSN/Name
Pairing in the Seisint Databases based on exact matches
of full name and SSN;
b) the number of Confirming Matches found in the Edentify
Reference Database relative to each Input Record;
c) the number of Suspect Matches found in the Edentify
Reference Database relative to each Input Record;
d) a flag indicating the sources of the Possibles set
forth in (b) and (c) above. Seisint shall categorize
the sources of the Possibles for each Input Record
based on two sources: i) Public Records, ii) Other
Sources, or iii) both Public Records and Other Sources;
e) the date the first occurrence of such unique SSN/Name
Pairing referred to in (a) above was established with
Seisint or its data provider; and
f) the last date such unique SSN/Name Pairing referred to
in (a) above was established, confirmed or updated with
Seisint or its data provider.
iii) The data set forth in Section 2.1(B)(ii) above, shall be
appended to the associated Input Record and returned to
Edentify.
At no time shall Edentify have access to Seisint’s SSN/Name data,
the contents of the Seisint Databases, the Edentify Reference
Database, or the Edentify Database Server.
Seisint shall not use the Input Records or other customer data
provided by Edentify hereunder for any purpose not specifically
permitted hereby, and shall not integrate such information into the
Seisint Databases for any purpose.
C. Seisint shall perform the processing services set forth above in
accordance with the service levels set forth in Appendix I,
attached hereto and incorporated herein by reference. 4
2.2 Edentify shall provide Seisint with any changes or updates to the
Edentify Key Generation Module or Edentify Assessment Module in a cd or
dvd format, and Seisint shall, upon the reasonable request of Edentify,
upload such changes or updates pursuant to the instructions provided by
Edentify. Upon completion of the upload, Seisint shall destroy or
return such cd or dvd to Edentify. To the extent that Seisint or its
agents have exclusive control over the process of uploading changes or
updates to the Edentify Key Generation Module or Edentify Assessment
Module and further, to the extent that Seisint or its agents
negligently perform such uploading task despite accurate and detailed
instructions provided by Edentify, and further, wherein Edentify’s
instructions were not the cause of errors being generated as a result
of the faulty upload, Seisint shall be liable for any errors generated
by Seisint’s negligence in such uploading, as well as any cost or time
overruns incurred to correct such errors; provided, however, that
Seisint shall only be liable where Edentify has provided Seisint with
timely, accurate, and sufficiently detailed instructions regarding any
requested upload or update to the Edentify Key Generation Module or
Edentify Assessment Module and has provided Seisint with such updates
and instructions as to allow Seisint sufficient time to install, test,
and implement such update prior to use in a production environment.
2.3 Seisint shall, upon Edentify’s request and pursuant to a subsequently
executed SOW to the Master Agreement, provide Edentify with a limited
secure connection to the Assessment Server(s) to be used solely by
Edentify for the purpose of transmitting Input Records to the
Assessment Server(s) and receiving the results of the Identity
Assessment Processing; provided, however, that such connection will not
be provided unless and until Seisint, in its sole reasonable
discretion, has determined that the connection is secure. For purposes
of this SOW, all submissions of Input Records shall be encrypted batch
submissions.
2.4 The Edentify Key Generation Module, Edentify Assessment Module, and
Input Records shall be delivered to Seisint in a mutually agreed upon
format and media. Seisint may, if necessary to perform the Services,
translate the Edentify Key Generation Module and/or Edentify Assessment
Module into ECL upon the prior written consent of Edentify.
2.5 Notwithstanding any other statement contained herein, Edentify shall
not, at any time: (i) retain or store any Edentify Keys derived from
the Seisint Databases; (ii) use the Edentify Keys or any data received
from Seisint hereunder to create a referential database to the Seisint
Databases; or (iii) use any of the services or data provided by Seisint
hereunder to develop a competing product to Seisint’s Databases or
services. Furthermore, Edentify shall not attempt to derive any Seisint
data from the reverse engineering or other analysis of the Edentify
Keys derived from the Seisint Databases.
2.6 Edentify shall not, during the Term of this SOW, use the Services
provided hereunder to develop a product which competes with Seisint, or
use the services or data of a competitor of Seisint to develop or
maintain any product that competes with Seisint.
3. LICENSE
Edentify hereby grants to Seisint, a revocable (only to the extent this SOW 1 is
terminable pursuant to the Agreement), world-wide, paid-up, non-transferable,
royalty-free restricted license, without the right to sublicense, to use the
Edentify Key Generation Module and the Edentify Assessment Module, and any
changes or updates thereto, during the Term of this SOW solely for purposes of
performing the Services contemplated herein.
5
4 FEES
4.1 In consideration for the development and implementation of the Edentify
Database Server, Assessment Server(s), and required operating
infrastructure, and the initial run of the Edentify Key Generation
Service, Edentify shall pay to Seisint a Fee of $1,000,000 (the “Implementation
Fee”). Such Implementation Fee will be payable in two equal
installments, with the first payment delivered on the Effective Date,
and the second payment delivered on or before 30 days from the date of
the December 31, 2005 invoice from Seisint.
4.2 In consideration for the ongoing Services provided to Edentify
hereunder, including the maintenance of the Edentify Database Server and
Assessment Server(s) and all subsequent runs of the Edentify Key
Generation and Update Service and Identify Assessment Processing
Services, Edentify shall pay to Seisint Fees as follows:
Calendar Year Annual License Fee
2006 $ 1,200,000
2007 $ 1,400,000
2008 $ 1,600,000
Such payments shall be made in equal quarterly installments due on or
before the last day of each quarter, beginning on March 31, 2006. If
this SOW is extended as provided in Section 9 hereof, for each one (1)
year renewal Term, the applicable Annual License Fee will be $200,000 more than
the previous year’s Annual License Fee.
5 REVENUE SHARING
5.1 During the term of this Agreement, Edentify will pay to Seisint a
percentage of the Gross Revenue received by Edentify in connection with
sales of any and all Edentify Products as follows:
| Calendar Year | ||||||||||||||||
| Annual Gross Revenues | 2006 | 2007 | 2008 | Any Renewal Term | ||||||||||||
0-$$2,000,000 |
0 | % | 0 | % | 0 | % | 20 | % | ||||||||
$2,000,001-$3,500,000 |
0 | % | 0 | % | 20 | % | 20 | % | ||||||||
$3,500,001-$20,000,00
0 |
0 | % | 20 | % | 20 | % | 20 | % | ||||||||
$20,000,001 + |
0 | % | 10 | % | 10 | % | 10 | % | ||||||||
Such payments shall be made to Seisint by the earlier of: (i)
forty-five (45) days from the date of the respective invoice to the
Edentify customer purchasing such Edentify Products; or (ii) sixty
(60) days from the date the batch of Input Records related to such
Edentify Products is processed. As used herein, “Gross Revenue”
means the sum of all payments received, without any reduction or
deduction for costs of goods or services, commissions or expenses of
Edentify, from its customers from the sale of the Edentify Products.
“Annual Gross Revenue” means the Gross Revenue received by Edentify
during the twelve (12) month period beginning on the Effective Date
hereof, and during each twelve (12) month period thereafter
beginning at zero at the start of each twelve (12) month period. For
avoidance of doubt, the revenue share percentages set forth above
shall be interpreted as being stepped, and shall not be applied
under any circumstance retroactively.
5.2 During the Term of this SOW, Edentify shall at all times keep and
maintain, in accordance with generally accepted accounting
principles, accurate, complete and up-to-date books and records
pertaining to its rights and obligations under Section 5. Upon no
less than fifteen (15) business days prior written notice given to
Edentify, Seisint shall have the right to conduct a reasonable audit
and review the books and records of Edentify and certify Edentify’s
compliance with all of the financial terms and revenue sharing
obligations as contemplated by this Section 5. Such audit shall be
performed by an independent third party auditor. Underpayments and
refunds due shall be paid within thirty (30) days of delivery of the
final results of the audit to Edentify (such delivery, hereinafter,
the “Audit Delivery Date”), provided however, that if Edentify
disputes such audit because it believes, in good faith with
supported reasons that the audit is incorrect by more than 20%, then
Edentify shall provide Seisint with written notice of its dispute
within ten (10) business days of the Audit Delivery Date, in which
case underpayments and refunds shall be due within ten (10) business
days following the final resolution of such dispute in accordance
with Section 9 of the Master Agreement. The costs and expenses
associated with any audit (including revisions thereto) or
certification conducted under this Section shall be borne entirely
by Seisint, unless an underpayment of more than 20% is discovered,
in which case Edentify shall be responsible for the costs and
expenses associated with the audit (and/or such revisions).
5.3 The audits shall be conducted in a manner that does not disrupt,
delay or interfere with Edentify’s performance of its business in
any material respect. It is understood that as a normal routine,
Seisint’s auditors, inspectors and regulators will have access to
all data, software and systems files that are germane to the audit.
Edentify will cooperate fully with Seisint or its designee in
connection with Seisint’s audit functions. 7
6 RIGHT TO RESELL
Prior to any resale by Seisint of the Edentify Products, the Parties shall
negotiate in good faith an appropriate agreement for the license to resell such
products under terms and conditions, if applicable, no less favorable than any
other reseller of Edentify’s Products of a similar size and nature as Seisint.
7 PRODUCT DEVELOPMENT
Seisint and Edentify shall work together in good faith on future product
development and customer specific marketing initiatives.
8 COOPERATION WITH SALES EFFORTS
8.1 During the term of this SOW, Seisint shall, upon reasonable request and
to the extent commercially reasonable and in compliance with Seisint’s
security policies and procedures, cooperate with Edentify’s sales
efforts of Edentify Products, including: (i) completing security
questionnaires required by certain of Edentify’s customers, and (ii)
providing copies of Seisint’s security procedures to certain of
Edentify’s customers. Additionally, in Seisint’s sole reasonable
discretion, on a case by case basis, Seisint may allow certain of
Edentify’s customers to conduct a site visit of Seisint’s facilities in
accordance with Seisint’s security policies and procedures; provided,
however, that Seisint shall notify Edentify of Seisint’s decision
regarding whether such site visit shall be permitted as promptly as
reasonable in light of the circumstances, but in no event later than
one (1) week from the date of request to Seisint.
8.2 To the extent an Edentify customer reasonably requests an audit of
Seisint’s books, records, facilities, or sytems in connection with the
purchase of Edentify Products, Seisint agrees to consider such request
in light of Seisint’s standard security policies and procedures and to
evaluate in good faith whether to allow such an audit as if the
requesting party were a direct Seisint customer; provided, however,
that Seisint shall notify Edentify of Seisint’s decision regarding
whether such audit shall be permitted as promptly as reasonable in
light of the circumstances, but in no event later than one (1) week
from the date of request to Seisint.
9 TERM
Unless earlier terminated as provided in the Master Agreement, the Term of this
SOW will begin on the Effective Date and continue until December 31, 2008. The
Term shall automatically renew for successive one (1) year renewal Terms unless
either Party notifies the other Party in writing that it intends not to renew at
least ninety (90) days prior to the expiration of the initial Term or any
renewal Term or this SOW is otherwise terminated as provided in the Agreement.
10 CERTIFICATION OF PERMISSIBLE USE
Edentify shall only use the Services and information contained therein in
connection with its provision of fraud detection consulting services to its
customers.
8
11 INTELLECTUAL PROPERTY
Edentify warrants and agrees that it has the full right and authority to provide
Seisint with access to and a license to use the Edentify Key Generation Module
and Edentify Assessment Module and each and every component and update thereof.
Furthermore, Edentify shall protect, defend, indemnify and hold Seisint and each
of its Affiliates and the officers, directors, agents, representatives,
employees, successors and assigns of each, harmless from and against any and all
Loss, by whomsoever asserted, arising directly or indirectly from, out of, or
based on the use by Seisint or its Affiliates of the Edentify Key Generation
Module or Edentify Assessment Module, provided that such use was in accordance
with the terms and conditions of this SOW or as otherwise permitted or approved
by Edentify in writing.
Seisint shall own all right, title, and interest in all Seisint Intellectual
Property and Derivatives based upon Seisint Intellectual Property created within
the scope of this SOW and any Intellectual Property created or derived by
Seisint pursuant to this Agreement, including the Edentify Keys derived from the
application of the Edentify Key Generation Module to the Seisint Databases;
provided however, that upon termination of this Agreement, both Parties shall
destroy all Edentify Keys in their possession that were derived from the Seisint
Databases. Edentify shall own all right, title and interest in Edentify
Intellectual Property, including the Edentify Key Generation Module. Edentify
shall acquire no rights to the Seisint Databases, the Edentify Reference
Database, the Edentify Database Server or the Assessment Server(s) pursuant to
this Agreement.
[Signatures on following page] 9
Wherefore the Parties hereto set their hands intending to be bound by
the terms and conditions hereof.
EDENTIFY, INC. SEISINT, INC.
By: /S/ XXXXXXXX XxXXXXXX By: /S/ XXXXX X. XXXXX
—— —
Name: XXXXXXXX XxXXXXXX Name: XXXXX X. XXXXX
—— —
Title CEO Title COO
—— —
Date 10/3/05 Date 10/3/05
—— —
10
*- CERTAIN MATERIAL HAS BEEN OMITTED PURSUANT TO A REQUEST FOR CONFIDENTIAL
TREATMENT AND THAT MATERIAL HAS BEEN FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION.
EXHIBIT A TO SOW 1
DIAGRAM OF SERVICES *
11
* — CERTAIN MATERIAL HAS BEEN OMITTED PURSUANT TO A REQUEST FOR CONFIDENTIAL
TREATMENT AND THAT MATERIAL HAS BEEN FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION.
APPENDIX I TO SOW 1
Service Levels
| 1. | Contacts and Role Assignment |
| a. | Primary Contact |
The primary Seisint contact shall be: *
| b. | Service Contact |
The Seisint service contact for any support issues shall be:
Helpdesk (24x7)
*
| c. | Disaster / Emergency Contact |
In case of emergency, the Seisint contact shall be the Helpdesk as listed above. Should an emergency condition arise, Seisint will contact * at Edentify at *.
| d. | Administrative Contact |
See Primary Contact
| 2. | Administrative Guidelines |
| a. | Logging of Support Requests |
Support requests shall be logged in the “Seisint Incident Tracking” (“SIT”) application, which is an extranet web site to which Edentify will be provided credentials during implementation. When a problem has been identified and logged by either Edentify or Seisint, Seisint shall designate a Severity Level for each problem as defined below. If Edentify disagrees with the Severity Level assigned, a change to the Severity Level will be discussed and mutually agreed upon. The Severity Levels are detailed below:
| i. | Severity Level 1 (Critical Problem). Edentify and/or their customers cannot access the System or material functions are not available, resulting in a critical impact to operations requiring fast resolution. |
| ii. | Severity Level 2 (Major Problem). Edentify can access the System, however a material function is not available. |
| iii. | Severity Level 3 (Minor Problem). Edentify can access the System, but a less-important function is not available resulting in a minor impact. |
| iv. | Severity Level 4 (Minor Problem/Enhancement Request). The impact is insignificant to users, and the Parties agree that problem resolution will require new functionality or an enhancement to be made at a mutually agreed upon date. |
Seisint shall respond to problems based on the Severity Level as described in the following table. The Response Time and Resolution Time begin when Edentify reports the problem. Response time indicates acknowledgement of the problem by Seisint, and Resolution may be either a final solution or a workaround.
| Response Time | ||||||||
| (Normal Business | Response Time (On | Frequency of Issue | Target Resolution | |||||
| Severity Level | Hours) | Call Hours) | Status | Time | ||||
1
|
1 hour | 2 hours | Hourly | 24 hours | ||||
2
|
4 hours | 8 hours | Daily | 2 days | ||||
3
|
1 day | 2 days | Every 2 days | 5 days | ||||
4
|
N/A | N/A | Monthly | As scheduled | ||||
Note: Days indicate business days rather than calendar days.
Support for all services shall be 24 hours a day and 7 days a week. Help Desk Coverage will be provided during Normal Business Hours, defined as Monday through Friday, 9:00am (ET) through 5:00pm (ET), except normal business holidays. On-Call Hours are Monday through Friday, 5:00pm (ET) through 9:00am (ET), Saturday, Sunday, and Holidays.
| b. | Reporting of Support Requests |
Reporting on outstanding Support Requests will occur in two manners. First, open tickets with the latest status may be viewed in the “SIT” system, either individually or in aggregate. Secondly, a status on open tickets will be made via email, telephone conference, or other communication among interested parties as arranged between Edentify and Seisint at the time of an incident according to the schedule in the above table.
| c. | Escalation Procedures |
Should Response Times, Issue Status Updates, or Target Resolution Times not be met, Edentify may choose to escalate a Support Request.
3. Weekly Maintenance Window: The Weekly Maintenance Window is Saturday from Midnight to Sunday 1:00 am (EDT). The regular maintenance window timeframe, day of week or time of day may be changed by Seisint with the consent of FIC, which consent shall not be unreasonably withheld. Seisint reserves the right to expand the Maintenance Window to 3 hours with 3 business days notice, and 6 hours with 7 business days notice, both Maintenance Window exceptions starting at Midnight on Saturday (EDT).
| a. | Online System Availability: The online System Availability shall be 98% per month, as calculated by measuring the average time per month that all material functions of the online system are operating at a Seisint location without error; provided, however, that in calculating System Availability the Weekly Maintenance Window or any other emergency down time shall not be included in the computation. |
| b. | Uptime Requirements: The system uptime requirement will be 99.7% per month excluding scheduled maintenance windows. |
| c. | Security: |
Seisint takes a strong stance on security to insure the confidentiality and integrity of data. Control methodologies are used physically, technologically, and administratively to guard against unauthorized use of data, while balancing the need for availability per business case. Various procedures incorporate authentication, authorization, and accounting practices to provide insight to prevent, detect, react, and mitigate risks as they arise. The corporate infrastructure is continually evaluated internally and by third party with the goal of enhancing security while providing high availability and quality for customers. Seisint has met or exceeded control requirements defined by business partners and third party review.
PhysicalFacility
Comprehensive monitoring capabilities exist throughout the Seisint facility, which are monitored by armed guard “24 x 7”. Access to different sections within the facility is based on least privilege and requires various levels of authentication. The main data center is housed in a “category 5”, hurricane proof, concrete structure and is duplicated by a hot stand-by site elsewhere in the country. Redundant infrastructure exists to provide high availability from power generation and fire suppression to computing hardware and Internet bandwidth.
Technological
Seisint uses a multi-layered technical approach in securing data. Preventive and detective technologies exist to mitigate risk throughout the network, on systems, and for thwarting malicious-code. Dedicated circuits as well as standard encryption methodologies are used to transport data from Seisint systems to customers. Highly qualified staff administer and monitor all technical controls, and execute appropriate risk mitigation procedures as new vulnerabilities or threats define. Change control procedures exist to provide stability and technical controls are audited periodically by both internal staff and third party.
Administrative
Administratively, Seisint conducts background investigations and reference checks on personnel as a part of due diligence in the employment process. All personnel in the company are also required to sign a confidentiality and non-compete agreement.
Overall, Seisint has a solid security posture, ensuring that data is secured to a high degree.
Confidentiality
Notwithstanding anything to the contrary herein, Edentify may disclose the terms of the Service Levels set forth in this Appendix 1 (without disclosing Seisint as the contracting party) to customers or clients who have entered into a written confidentiality agreement with Edentify protecting such disclosure.
