Contact Center Services Master Agreement No. 20120124.035.C Between StarTek, Inc. And AT&T Services, Inc.

Agreement No.: 20120124.035.C

Contact Center Services Master Agreement

No. 20120124.035.C

Between

And

AT&T Services, Inc.

[*] = Certain confidential information contained in this document, marked with brackets, has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for confidential treatment made pursuant to Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

Proprietary and Confidential

This Agreement and information contained therein is not for use or disclosure outside of AT&T, its Affiliates, and third party representatives, and Supplier except under written agreement by the contracting parties.

Telemarketing Agreement

Agreement No.: 20120124.035.C



1.0 Preamble	5
1.1 Preamble	5
1.2 Scope of Agreement	5
1.3 Term of Agreement	5
2.0 Definitions	5
2.1 Accept or Acceptance	5
2.2 Acceptance Date	5
2.3 Affiliate	5
2.4 Agreement	6
2.5 AT&T Assets	6
2.6 AT&T Vendor Manager	6
2.7 AT&T Competitor(s)	6
2.8 Automated Call Distribution System (“ACD”)	6
2.11 Customer (s)	6
2.12 Customer Information	6
2.13 Customer Service Representative (“CSR”)	6
2.14 Deliver	7
2.15 Delivery Date	7
2.16 Harmful Code	7
2.17 Information	7
2.18 Material	7
2.19 Nesting	7
2.20 Order	7
2.24 Services	8
2.25 Special Terms and Conditions	8
2.26 Specifications	8
2.27 Subcontractor	8
2.29 Vulnerability	8
2.31 Work	9
3.0 General Terms	9
3.1 Affiliate	9
3.2 Amendments and Waivers	9
3.3 Anticipated Delays in Delivery and Performance	9
3.4 Anticorruption Laws	10
3.5 Assignment and Delegation	10
3.6 Business Continuity	10
3.7 Codes of Conduct	11
3.8 Compliance with Laws	13
3.9 Conflict of Interest	14
3.10 Construction and Interpretation	15

Proprietary and Confidential

Telemarketing Agreement

Agreement No.: 20120124.035.C



3.11 Cumulative Remedies	16
3.12 Delivery, Performance and Acceptance	16
3.13 Entire Agreement	16
3.14 Force Majeure	16
3.15 Governing Law	17
3.16 Government Contract Provisions	17
3.17 Indemnity	18
3.18 Information	19
3.19 Infringement	23
3.20 Insurance	27
3.21 Invoicing and Payment	29
3.22 Labor Disputes	30
3.23 Licenses and Patents	30
3.24 Limitation of Damages	30
3.25 Intentionally Omitted3.26 No Dependence	31
3.27 Non-Exclusive Market	31
3.28 Notices	31
3.29 Offshore Work Permitted Under Specified Conditions	32
3.30 Order of Precedence	33
3.31 Orders	33
3.32 Ownership of Paid for Development, Use and Reservation of Rights	34
3.33 Price	36
3.34 Publicity	36
3.35 Quality Assurance	36
3.36 Records and Audits	37
3.37 Severability	39
3.39 Survival of Obligations	39
3.40 Taxes	39
3.41 Termination	41
3.42 Third Party Administrative Services	42
3.43 Transaction Costs	42
3.44 Utilization of, Minority, Women, and Disabled Veteran Owned Business Enterprises	43
3.45 Warranty	43
3.46 Work Done By Others	44
4.0 Special Terms	45
4.1 Access	45
4.2 AT&T Electronic Privacy Policy	45
4.3 AT&T Supplier Information Security Requirements	46
4.4 Background Checks	46
4.5 Customer – Information	47

Proprietary and Confidential

Telemarketing Agreement

Agreement No.: 20120124.035.C



4.6 Customer Contact	49
4.7 Electronic Data Interchange (EDI)	49
4.8 Fraud Activity	50
4.9 Independent Contractor – Limited Agency	51
4.10 Inspection of Work	52
4.11 Notice of Release of Information or Breach of Security	52
4.12 Orderly Transition	52
4.13 Payment Card Industry (PCI)	53
4.14 Subcontractors	53
4.15 Home-Based Agents	54
4.16 Reimbursable Expenses	54
4.17 Requirements for Access to AT&T’s System(s) and/or Databases	54
4.18 Worker Exit from AT&T Programs	55
Appendices	59
Appendix A - Supplier Code of Conduct	59
Appendix B - Texas Code of Conduct	61
Appendix C - Description of Services and Deliverables	64
Appendix D – General Business Requirements	00
Xxxxxxxx X – Supplier Facilities	73
Appendix F- Business Continuity Plan Requirements	74
Appendix G - Prime Supplier MBE/WBE/DVBE Participation Plan	76
Prime Supplier MBE/WBE/DVBE Participation Plan	76
Appendix L - Written Certification of Return or Destruction of AT&T Information or Data	78
Appendix N- AT&T Information Security Requirements - Home Based Agents	80
Appendix O - (AT&T Supplier Information Security Requirements (SISR)	84
Appendix P- Vendor Expense Policy	96
Appendix Y – Agreement Regarding Non-Employment Status with AT&T	106

Proprietary and Confidential

Agreement No.: 20120124.035.C

1.0 Preamble

1.1 Preamble

This Agreement is between StarTek, Inc., a Delaware corporation (hereinafter referred to as “Supplier”), and AT&T, a Delaware corporation (hereinafter referred to as “AT&T”), each of which may be referred to in the singular as a “Party” or in the plural as the “Parties.”

1.2 Scope of Agreement

Supplier shall provide to AT&T the Material and Services as described in Appendix C, subject to the terms and conditions of this Agreement and pursuant to and in conformance with an Order agreed to by the Parties in writing. The applicable price for the Material and Services shall be specified in the Order. Supplier agrees that the Material and Services shall strictly conform with the Specifications contained herein and in the Order.

1.3 Term of Agreement


a.	This Agreement shall commence and be effective on the date when signed by the last Party (“Effective Date”), and shall continue until December 31, 2015 (“Expiration Date”) unless earlier terminated as set forth herein. The Parties may extend the Term of this Agreement beyond that date by mutual agreement.


b.	Any Order in effect on the date when this Agreement expires or is terminated will continue in effect until such Order either (i) expires by its own terms or (ii) is separately terminated, prior to its own scheduled expiration, as provided in this Agreement. The terms and conditions of this Agreement shall continue to apply to such Order as if this Agreement were still in effect.

2.0 Definitions

2.1 Accept or Acceptance

“Accept” or “Acceptance” means AT&T’s acceptance of the Material and Services ordered by AT&T and provided by Supplier as specified in the Section entitled “Delivery, Performance, and Acceptance”. AT&T’s Acceptance shall occur no earlier than Supplier’s Delivery of Material and Services in strict compliance with the Specifications.

2.2 Acceptance Date

“Acceptance Date” means the date on which AT&T Accepts Material and Services.

2.3 Affiliate

“Affiliate” means a business association that has legal capacity to contract on its own behalf, to xxx in its own name, and to be sued, if and only if either (a) such business association owns, directly or indirectly, a majority interest in AT&T (its “parent company”), (b) a [*] percent ([*]%) or greater interest in such business association is owned, either directly or indirectly, by AT&T or its parent company, or (c) such business association is any of those certain rural local telephone companies that are parties to that certain Joint Operating Agreement dated as of September 28, 2000, pursuant to which AT&T Mobility LLC and such telephone companies jointly conduct their respective wireless operations within MTA 006.

Proprietary and Confidential

Agreement No.: 20120124.035.C

2.4 Agreement

“Agreement” means the written agreement between the Parties as set forth in this document and the attached appendices and shall include the terms of such other documents as are incorporated by express reference in this document and the attached appendices.

2.5 AT&T Assets

“AT&T Assets” means AT&T owned or licensed software, AT&T tools, AT&T content and any other hardware, equipment or Materials provided to Supplier by or on behalf of AT&T or AT&T intellectual property under this Agreement.

2.6 AT&T Vendor Manager

“AT&T Vendor Manager” or “AT&T Contact” or its equivalent (e.g. AT&T Program Manager or AT&T Hiring Manager), means the AT&T representative or team associated with a written Order, which manages the Supplier relationship with AT&T regarding the Services that Supplier provides pursuant to this Agreement, or any portion thereof.

2.7 AT&T Competitor(s)

“AT&T Competitor(s)” shall mean entities that provide products and or services that are similar to or substitutes for the products and services that AT&T offers its Customers. AT&T Competitors include, but are not limited to, entities which provide telecommunication, internet, cable, data, advertising, publishing, search engines, entertainment, and video to Customers.

2.8 Automated Call Distribution System (“ACD”)

“Automated Call Distribution System” means the system where incoming calls are routed to CSRs.

2.9 Average Handle Time (“AHT”)

“ Average Handle Time” is defined as the total time a CSR is in talk time plus after-call wrap time plus hold time divided by the number of calls taken by the CSR in the measured period of time.

2.10 Change Management

“Change Management” has the meaning given to it in Section 4.19.

2.11 Customer (s)

“Customer” or “Customers” means customers, potential customers, or employees of AT&T who interact with Supplier pursuant to this Agreement or an Order.

2.12 Customer Information

“Customer Information” has the meaning given to it in Section 4.6.

2.13 Customer Service Representative (“CSR”)

“Customer Service Representative” or its equivalent (e.g. Customer Service Representative, Agent, Order Specialist, Representative Worker), means any Supplier employee, temporary worker, agent, consultant, partner, officer, director, member or representative of Supplier and its Subcontractors, if any, performing Services under this Agreement.

Proprietary and Confidential

Agreement No.: 20120124.035.C

2.14 Deliver

“Deliver” or “Delivery” occurs (a) for Material, upon (1) AT&T’s possession of Material at the destination specified in the Order, if Supplier is not required to provide additional Services (such as installation, configuration, or modification, for example) at the destination, in connection with providing Material, or (2) Supplier’s completion of such additional Services, if Supplier is required to provide such additional Services at the destination in connection with providing Material, and (b) for Services, upon complete provision of the Services.

2.15 Delivery Date

“Delivery Date” means the date on which Supplier is scheduled to complete its Delivery as established in an Order or this Agreement.

2.16 Harmful Code

“Harmful Code” means computer viruses, worms, trap doors, time bombs, undocumented passwords, disabling code (which renders Material unusable until a patch or new password is provided), or any similar mechanism or device. Notwithstanding the above, enabling keys which are provided by Supplier to ensure conformance to product licensing restrictions shall be permitted, however, these enabling keys may not interfere with the proper use of the Material at any time after initial installation.

2.17 Information

“Information”, with respect to a Party, means all confidential, proprietary or trade secret information, including discoveries, ideas, concepts, know-how, techniques, processes, procedures, designs, specifications, strategic information, proposals, requests for proposals, proposed products, drawings, blueprints, tracings, diagrams, models, samples, flow charts, data, computer programs, marketing plans, Customer Information (including Internet activities, history, and/or patterns of use), employee personal information, health or financial information, authentication credentials, and other technical, financial or business information, whether disclosed in writing, orally, or visually, in tangible or intangible form, including in electronic mail or by other electronic communication.

2.18 Material

“Material” means a unit of equipment, apparatus, components, tools, supplies, material, or Documentation purchased by AT&T or provided by Supplier in connection with the Services provided hereunder.


2.19	Nesting

“Nesting” means the period after CSRs have completed the classroom training and are receiving inbound calls in the Production environment with mentoring and coaching.

2.20 Order

“Order” means such paper or electronic record or document as AT&T may be agreed to by the Parties for the purpose of ordering Material and Services hereunder.


2.21	Product or Program

“Product” or “Program” means AT&T services and Customer support services related thereto.


2.22	Production

Proprietary and Confidential

Agreement No.: 20120124.035.C

“Production” is defined as the mode when CSR’s, after successfully completing the prescribed new hire training program, are handling live calls from AT&T Customers.

2.23 Project

“Project” is defined as any effort for which an Order is created in support of AT&T.

2.24 Services

“Services” include, but are not limited to, inbound and outbound customer care service, technical support, order processing, back office support, billing support, collections, account maintenance, third party verification, interactive voice response, general inbound and outbound telemarketing, and any labor or service provided in connection with this Agreement or any Order, including, Supplier’s (i) consultation, professional, technical, and engineering services, creation and development of deliverables, including without limitation any reports, data, designs, plans, specifications, models, prototypes, performance requirements or any software, installation and removal, services, repair, programming, and on-site support ancillary to the acquisition of material, and (ii) provision of any services related material including any documentation.

2.25 Special Terms and Conditions

“Special Terms and Conditions” means written terms and conditions that are (a) different from or additional to the terms and conditions set forth in this Agreement, (b) specially negotiated by the Parties in reference to an Order, (c) expressed in an Order or incorporated by reference to a document attached to an Order, such as a scope of Work or statement of Work, and (d) executed by both Parties.

2.26 Specifications

“Specifications” or “Spec” means (i) Supplier’s applicable specifications and descriptions, including any warranty statements, and (ii) AT&T’s requirements, specifications, scope of work, statement of work, and descriptions specified in, or attached to, this Agreement or an applicable Order, which shall control over an inconsistency with Supplier’s specifications and descriptions.

2.27 Subcontractor

“Subcontractor” or “subcontractor” means any person or entity (including an agent) supplying labor or materials to perform any or all of Supplier’s obligations under this Agreement, including any person or entity at any tier of subcontractors, and shall not be limited to those persons or entities with a direct relationship with Supplier.

2.28 Supplier

“Supplier” shall mean StarTek, Inc., a Delaware corporation or any of its wholly-owned subsidiaries including, StarTek USA, Inc., a Colorado corporation, StarTek International Limited, a Bermuda corporation, StarTek Honduras, SAdeCV, a Honduran corporation, or StarTek Philippines, Inc., a Philippine corporation.

2.29 Vulnerability

“Vulnerability” means a condition in the instructions or software, or other Material, whether consistent with its Specifications or not, that renders a computer or system susceptible to unauthorized access and use.

2.30 Warm Transfer

“Warm Transfer” is defined as the process of transferring a Customer seeking information to the appropriate resource to assist the Customer. During the call transfer, the transferring CSR will introduce the calling Customer to the receiving CSR and provide a brief overview of the Customer.

Proprietary and Confidential

Agreement No.: 20120124.035.C

2.31 Work

“Work” means all or any portion, as the case may be, of the Services and/or Material that Supplier is supplying pursuant to this Agreement.

3.0 General Terms

3.1 Affiliate

An Affiliate may transact business under this Agreement and place Orders with Supplier that incorporate the terms and conditions of this Agreement. References to “AT&T” herein are deemed to refer to an Affiliate when an Affiliate places an Order with Supplier under this Agreement, or when AT&T places an Order on behalf of an Affiliate, or when an Affiliate otherwise transacts business with Supplier under this Agreement. An Affiliate is solely responsible for its own obligations, including all charges incurred in connection with such an Order or transaction. Nothing in this Agreement is to be construed to require AT&T to indemnify Supplier, or otherwise assume responsibility, for any acts or omissions of an Affiliate, nor is anything in this Agreement to be construed to require any Affiliate to indemnify Supplier, or to otherwise assume any responsibility, for the acts or omissions of AT&T or any other Affiliate.

3.2 Amendments and Waivers

The Parties may not amend this Agreement or an Order except by a written agreement of the Parties that identifies itself as an amendment to this Agreement or such Order and is signed by both Parties, or as otherwise expressly provided below in this Section. No waiver of any right or condition for the benefit of a Party is effective unless given in writing and signed by the Party waiving such right or condition for its benefit. No failure or delay in exercising any right or remedy under this Agreement or an Order operates as a waiver or estoppel of any right or remedy; no failure or delay in requiring the satisfaction of any condition under this Agreement or an Order operates as a waiver or estoppel of any condition; and no course of dealing between the Parties operates as a waiver or estoppel of any right, remedy, or condition. A waiver on one occasion is effective only in that instance, and only for the purpose for which it is given, and is not to be construed as a waiver on any future occasion or against any Affiliate other than the Affiliate that makes such waiver.

AT&T’s Vendor Manager may, at any time, request changes to the scope of Work, which shall be confirmed in writing, and Supplier shall not unreasonably withhold or condition its consent. An equitable adjustment shall be made to the charges if such change to the scope substantially affects the time of performance or the cost of the Work to be performed under this Agreement. Such cost adjustment shall be made on the basis of the actual cost of the Work, unless otherwise agreed in writing.

3.3 Anticipated Delays in Delivery and Performance

If Supplier becomes aware of any event or circumstance that causes Supplier to anticipate a reasonably certain material delay in its performance of its obligations beyond the Delivery Date scheduled in the Order, Supplier shall immediately notify AT&T of the event or circumstance and the length of the anticipated delay. If the events or circumstances causing the anticipated delay are not attributable to any failure of AT&T, then AT&T may terminate the Order after receipt of such notification. If the events or circumstances may be attributable to the fault of AT&T, to any extent, and the notice required by this Section fails to so attribute them, or if Supplier fails to give such notice, then such failure bars any claim or defense of Supplier based on the fault of AT&T. If for any reason AT&T does not terminate such Order after receipt of a notice under this Section, then AT&T and Supplier shall negotiate in good faith to modify the Order so as to extend the Delivery Date.

Proprietary and Confidential

Agreement No.: 20120124.035.C

If the Parties fail to reach agreement on an extended Delivery Date after negotiating for a reasonable time, or if Supplier fails to meet an extended Delivery Date, AT&T may terminate the Order.

3.4 Anticorruption Laws

Supplier hereby represents and warrants that the employees, temporary workers, agents, consultants, partners, officers, directors, members or representatives of Supplier and its subcontractors, if any, performing Services or other activities under this Agreement (each and any of the foregoing individuals, for the purpose of this Section, a “Supplier Representative”) shall comply with the US Foreign Corrupt Practices Act and all applicable anticorruption laws. Supplier Representatives shall not directly or indirectly pay, offer, give, promise to pay or authorize the payment of, any portion of the compensation received in connection with this Agreement or any other monies or other things of value in connection with its performance to a Government Official, as such term is defined below, to obtain or retain business or secure any improper advantage nor shall it permit such actions by a third party in connection with this Agreement. For purposes of this Section “Government Official” means (i) an officer or employee of any government or any department, agency, or instrumentality thereof, including government-owned or government-controlled commercial entities; (ii) an officer or employee of a public international organization; (iii) any person acting in an official capacity for or on behalf of any government or department, agency, or instrumentality or public international organization; (iv) any political party or official thereof; (v) any candidate for political office; or (vi) any other person, individual or entity at the suggestion, request or direction or for the benefit of any of the above-described persons or entities.

3.5 Assignment and Delegation

Neither Party may assign, delegate, or otherwise transfer its rights or obligations under this Agreement, voluntarily or involuntarily, whether by merger, consolidation, dissolution, operation of law, or any other manner, without the prior written consent of the other Party, except as follows: Without securing the consent of Supplier, AT&T may assign its rights, or delegate its duties, or both, in whole or in part, to any present or future Affiliate of AT&T; to any lender providing financing to AT&T; or to any third party that assumes the operation of or otherwise acquires any substantial portion of the business of AT&T affected by this Agreement or an Order; and Supplier may subcontract its performance subject to the Section herein entitled “Work Done by Others”. Each Party may assign its right to receive money due hereunder, but any assignment of money will be void to the extent (i) the assignor fails to give the non-assigning Party at least thirty (30) days prior written notice, or (ii) the assignment purports to impose upon the non-assigning Party additional costs or obligations in addition to the payment of such money, or (iii) the assignment purports to preclude AT&T from dealing solely and directly with Supplier in all matters pertaining to this Agreement. Any assignment, delegation or transfer for which consent is required hereby and which is made without such consent given in writing will be void.

3.6 Business Continuity

Supplier shall at all times maintain a current and accurate Business Continuity Plan (“BCP”) that enables Supplier to fulfill its obligations under this Agreement in the event of a manmade or natural disaster or other emergency situation that results in a disruption of the Services furnished by, through, or on behalf of Supplier, which may include a Force Majeure, Labor Dispute, or other act or event (each or any of the foregoing an “Occurrence”). Such BCP shall detail Supplier’s plans for recovering from any Occurrence and resuming normal business operations as soon as practicable to continue its obligations under the Agreement. Additionally, Supplier shall comply with the Unified Emergency Restoration Requirements (“UERP”) or other recovery requirements, if applicable, as specified elsewhere in this Agreement or in an Order. In the event of an Occurrence or upon AT&T’s request Supplier shall provide ongoing status

Proprietary and Confidential

Agreement No.: 20120124.035.C

reports as directed by AT&T. Unless directed otherwise by AT&T, Supplier shall provide such status reports to AT&T’s designated BCP contacts as set forth in Appendix F. AT&T may, in its sole discretion, take such actions it deems necessary to recover its operations. In the event of an inconsistency or conflict regarding BCP requirements contained elsewhere in this Agreement, the most stringent requirements with respect to such inconsistency or conflict will control. Supplier’s BCP shall include the requirements set forth in Appendix F attached hereto. Upon AT&T’s request, Supplier shall provide to AT&T within thirty (30) calendar days a copy of Supplier’s current BCP.

Supplier shall ensure that the BC Plan procedures are sufficient to enable Supplier to meet any Business Continuity standards that are contained in the Order, including, without limitation, those relating to the maximum amount of data loss that can be incurred (“Recovery Point Objectives”), time required for Supplier to resume Services (“Recovery Time Objectives”), and minimum acceptable percentage of Work that Supplier is able to handle on an interim basis until normal operations are restored (“Recovery Capacity Objectives”).


c.	The BC Plan shall include, but not be limited to, the following elements:


1.	Identification of key contacts together with their telephone numbers, cell phone numbers, email addresses, and pagers;


2.	Identification of alternate contacts together with their telephone numbers, cell phone numbers, email addresses, and pagers;


3.	Detailed discussion of Supplier’s plan for serving AT&T Customers in the event of a Condition;


4.	Plan for communicating with AT&T regarding a Condition;


5.	Redundancy of facilities and network connectivity;


6.	Description of Supplier’s ability to support the Order in the event of a Condition;


7.	Description of security precautions taken to protect AT&T Information in the event of a Condition;


8.	Supplier’s plan for testing its BC Plan; and


9.	Such other information as AT&T may request be included.


d.	Supplier shall participate in any Business Continuity or disaster recovery exercises conducted by AT&T.

Supplier shall provide AT&T with a copy of Supplier’s BC Plan for review upon request. Every [*] ([*]) month, Supplier shall perform a comprehensive assessment of its BC Plan and present its findings and recommendations to AT&T within[*] ([*]) days of completion of the assessment. Supplier shall promptly make, at its sole cost and expense, such recommendations to the BC Plan as may be required in order for Supplier to meet the requirements contained in this Agreement or the Order.


f.	Supplier shall continue to provide the Services under this Agreement if AT&T relocates its operations to an interim or substitute facility or otherwise implements any of its internal disaster recovery plans provided, however, that if such AT&T relocation causes material financial hardship to Supplier, the Parties shall mutually negotiate in good faith any changes to an Order required.


g.	If there is a Condition impacting Supplier, Supplier shall immediately so notify the AT&T Vendor Manager and shall advise the AT&T Vendor Manager of (i) any impact on the Services and (ii) any assistance Supplier is requesting from AT&T.


h.	Supplier’s failure to comply with this Section shall constitute a material breach of this Agreement.

3.7 Codes of Conduct

Proprietary and Confidential

Agreement No.: 20120124.035.C


a.	Supplier shall comply with the following Codes of Conduct:


1.	Supplier’s Code of Conduct (“Supplier Code”), attached hereto as Appendix A.


2.	For all contacts with consumers and/or businesses identified by AT&T as originating in Texas, Supplier shall comply with the Code of Conduct contained in the Texas Substantive Rules Applicable to Telecommunications Service Providers (“Texas Code”), attached hereto as Appendix B.


3.	For all contacts with consumers and/or businesses in other states besides Texas, Supplier shall comply with the codes of conduct applicable to telecommunications carriers/service providers of the states in which Supplier and its agents, contractors, and Subcontractors are performing Services.


4.	Supplier shall abide by the Strategic and Competitive Intelligence Professionals’ (formerly known as the Society of Competitive Intelligence Professionals) Code of Ethics.


5.	In obtaining competitive business information, it may be necessary for Supplier to contact AT&T’s Competitors. Supplier shall follow AT&T’s ethical guidelines as set forth below when contacting AT&T Competitors:


a.	Supplier shall not say anything misleading, deceptive or untrue.


b.	Supplier shall not enter into any agreement fraudulently, i.e., order services and then cancel before the service is installed or completed.


c.	Supplier shall always give its name to the AT&T Competitor, if requested.


d.	Supplier shall provide its name and client if asked or, as an alternative, provide the option of terminating the discussion.


e.	Supplier shall not provide the AT&T Competitor with prices, pricing policies, or any sensitive or confidential or proprietary Information of AT&T in exchange for competitive information.


f.	Supplier shall obtain AT&T’s prior written authorization, including authorization for funding, for any project requiring services by a third party consultant, payment of any fees in addition to those contemplated by this Agreement, or execution of any other agreement that would require the payment of any additional fees by AT&T to Supplier.


6.	Any failure of Supplier to abide by this paragraph (a) shall constitute a material breach of this Agreement, entitling AT&T to pursue all available remedies at law or in equity.


b.	Supplier further agrees that its officers, and all employees and agents (if any) with responsibility for any direct AT&T Customer contact shall be trained on and agree in writing to be bound by the terms of the Supplier Code and the Texas Code.

Before allowing an employee or agent to make direct AT&T Customer contact on behalf of AT&T Texas as identified by AT&T prior to any such contact, Supplier shall train each employee and agent on the provisions of the Supplier Code and the Texas Code, and to obtain signed acknowledgement by the employee and/or agent of his/her training on, review and understanding of the Supplier Code and the Texas Code.


d.	Employees and agents not selling to Customers in Texas are not required to be trained on the Texas Code. Supplier shall maintain employee and agent-specific records of training, including dates trained and the identity of the trainer, and shall provide AT&T Texas with copies of such records upon request. All training shall be repeated annually for each employee and agent.

Proprietary and Confidential

Agreement No.: 20120124.035.C


e.	Supplier shall not permit any employee to contact Texas Customers, consumers and/or businesses on behalf of AT&T Texas unless and until (s)he completes successfully all training. Supplier shall ensure that its employees use AT&T suggested scripting in all sales.

3.8 Compliance with Laws

Supplier and each of its agents, contractors and Subcontractors, shall comply at its sole cost and expense with all Laws (whether specifically mentioned elsewhere in this Agreement or not) attendant upon Supplier’s performance under this Agreement and AT&T’s utilization of the Materials and Services, in every jurisdiction where Supplier performs or AT&T utilizes the Materials or receives the Services. Supplier shall procure all approvals, bonds, certificates, insurance, inspections, licenses, and permits that such Laws require for the performance of this Agreement.

Without limiting the generality of the foregoing provision, Supplier and each of its agents, contractors and Subcontractors shall comply with all Laws, all applicable tariffs, and all applicable rules and orders of judicial and regulatory bodies regulating the conduct of the Services to be provided under this Agreement, including, but not limited to (i) all Laws, tariffs, rules and orders relating to the monitoring of employees’ telephone calls with Customers, and (ii) all Laws, tariffs, rules and orders relating to telemarketing and caller ID (collectively referred to as “Telemarketing Rules”) including the Telephone Consumer Protection Act (“TCPA”), the Telemarketing and Consumer Fraud and Abuse Protection Act (“Telemarketing Act”), the Telemarketing Sales Rule, California Public Utilities Code section 2893, California Business & Professions Code section 17590 et seq., and all similar laws of the state or states in which the Supplier and its agents, contractors and Subcontractors are located and/or to which they are placing telephone calls. If ever any such Laws, tariffs, rules, and orders should purport to regulate the conduct of AT&T when AT&T performs such Services on its own behalf, but not purport to regulate the conduct of Supplier as an independent contractor providing such Services, AT&T shall provide reasonable prior written notice to Supplier and Supplier shall nevertheless comply with such Laws, tariffs, rules, and orders as though it were subject to the same obligations as AT&T.

Supplier shall be responsible for export control and shall comply with Export Administration Regulations (“EAR”) as defined by the U.S. Bureau of Industry and Security (“BIS”) and embargo regulations. Each Order must be reviewed for compliance with the EAR and embargo regulations. Additionally, each access to AT&T computer systems and all applications that the Supplier will access on such systems must be reviewed to insure that such access is in compliance with the EAR and embargo regulations.


d.	The Parties shall comply with all applicable Laws and regulations, including but not limited to export control, import and trade sanctions Laws, rules and regulations, in their performance of this Agreement.

The Parties specifically acknowledge that certain Materials and Services (including technical assistance and technical data) to be provided hereunder may be subject to export controls under the laws and regulations of the United States, the European Union, and other jurisdictions. No Party shall use, sell, export, re-export, distribute, transfer, dispose or otherwise deal with any such Material or any direct product thereof or undertake any transaction or Service without first obtaining all necessary written consents, permits and authorizations and completing such formalities as may be required by any such Laws or regulations.

Supplier shall be solely responsible for arranging export clearance, including applying for and obtaining any permits, licenses or other authorizations and complying with export clearance formalities, for all exports of Materials and Services made hereunder, including but not limited to exports by Supplier to its affiliates or Subcontractors and exports from such affiliates or Subcontractors to Supplier or to AT&T in the United States. AT&T agrees to use reasonable efforts to obtain and provide to Supplier in a timely

Proprietary and Confidential

Agreement No.: 20120124.035.C

manner any end-user, end-use and other documentation and certifications as may reasonably be requested by Supplier in support of any applications made to relevant government authorities in connection with such exports.


g.	AT&T shall not be responsible or otherwise assume any responsibility for the importation of articles into any country (including the United States). Supplier expressly agrees to be responsible for any and all importations.

h. Supplier shall ensure that all individuals who provide Services pursuant to this Agreement execute an “Agreement Regarding Non-Employment Status with AT&T” in the form attached hereto as Appendix Y, and shall deliver any such executed copy to AT&T upon request.

Without limiting the generality of the foregoing provisions, Supplier and each of its agents, contractors and Subcontractors shall comply with all laws and regulations relating to the employment and compensation of individuals who provide Services with respect to this Agreement, including but not limited to federal, state, and local laws governing employment (Title VII, ADEA, ADA, FMLA, FLSA, etc.) and applicable laws and regulations relating to the withholding and reporting of payroll taxes, All individuals providing Services under this Agreement will be classified by Supplier (or, if applicable, by Subcontractor) as employees whose wage will be subject to reporting on Form W-2, and not as independent contractors.

Supplier shall indemnify, hold harmless and defend AT&T from and against any and all loss, cost, damage or liability, including but not limited to reasonable attorneys fees and costs, arising from or in connection with any failure of Supplier or any of its agents, contractors or Subcontractors to so comply with any applicable Law, tariff, rule or order. Supplier shall notify AT&T of any lawsuit or any complaint, including any inquiry of any federal or state government agency, alleging any violation of or non-compliance with any Law, tariff, rule or order including, but not limited to, the Telemarketing Rules. Any failure by Supplier or any of its agents, contractors or Subcontractors to comply with any Law, tariff, rule or order shall constitute a material breach of this Agreement and grounds for immediate termination of this Agreement by AT&T.

3.9 Conflict of Interest


a.	In the event Supplier provides Material and Services during the Term of this Agreement or an Order to any AT&T Competitor, Supplier shall notify AT&T of such potential conflicts and shall pursue the following safeguards during the Term of this Agreement:

In the event Supplier operates out of more than one Supplier Facility, any activities performed for an AT&T Competitor shall be performed out of a different Supplier Facility from which Supplier is performing Services on behalf of AT&T unless otherwise agreed to by AT&T in writing. If Supplier operates out of one Supplier Facility or AT&T authorizes Supplier to perform Services for an AT&T Competitor at a Supplier Facility where Services are performed for AT&T, Supplier shall ensure all personnel providing Services hereunder are physically segregated (through secured access) from personnel providing Services on behalf of an AT&T Competitor.


2.	With respect to Work performed for AT&T, Supplier shall perform the Work:


i.	With separate management structures on AT&T projects


ii.	By isolating AT&T’s applications and AT&T’s Information from any other customer’s or Supplier’s own applications and information either by using physically separate servers or alternatively by using logical access controls where physical separation of servers is not implemented.

Proprietary and Confidential

Agreement No.: 20120124.035.C


iii.	CSRs performing AT&T’s Work shall not share break rooms with CSRs on projects for other AT&T Competitors.

iv.

During the [*] ([*]) months following completion of the Services for AT&T, Supplier shall not assign supervisory or CSR personnel who Work on AT&T Programs to provide services for other AT&T Competitors if such services are similar to the Services performed by Supplier for AT&T; provided, however, in the case of Termination for Convenience, Supplier may assign such personnel to AT&T Competitors without restriction and without delay.


3.	Supplier shall initiate and maintain strict building security for the protection of AT&T’s Information while in Supplier’s control and shall limit access to operating areas and Information to those with a need for such access. Such security procedures shall be subject to inspection and approval by AT&T.

CSRs, supervisory personnel, or account managers having any staff or oversight role with respect to CSRs performing Services on behalf of an AT&T Competitor shall not have any strategic or creative role with respect to Services performed on behalf of AT&T. No CSR, supervisor, account manager having any staff or oversight role with respect to personnel performing Services on behalf of AT&T may have any strategic or creative role with respect to Services performed on behalf of an AT&T Competitor.


5.	No Information, including but not limited to information furnished to Supplier in connection with this Agreement, Order or request for proposal(s), shall be shared between Supplier personnel, managers, or supervisors who are involved both in this Agreement and any Supplier agreement with an AT&T Competitor.


6.	All information regarding AT&T’s Programs, performance, procedures, scripts, data and methodologies will be regarded as confidential Information.

If at any time during the Term of this Agreement Supplier fails to comply with the safeguards set forth in paragraph (a) above or if Supplier, its parent company or any of its affiliates seeks permission from the appropriate regulatory authority to offer or otherwise commences procedures to provide telecommunications services in competition with AT&T or any of its affiliates, Supplier shall immediately notify AT&T. Upon receipt of such notice AT&T may, at its sole reasonable discretion, terminate this Agreement without further notice or liability to Supplier other than amounts due for Services performed as of the effective termination date.

Supplier represents and warrants that no officer, director, employee, or agent of AT&T has been or will be employed, retained or paid a fee, or otherwise has received or will receive any personal compensation or consideration, by or from Supplier or any of Supplier officers, directors, employees, or agents in connection with the obtaining, arranging, or negotiation of this Agreement or other documents entered into or executed in connection with this Agreement.

3.10 Construction and Interpretation

This Agreement has been prepared jointly and has been the subject of arm’s length and careful negotiation. Each Party has been given the opportunity to independently review this Agreement with legal counsel and other consultants, and each Party has the requisite experience and sophistication to understand, interpret and agree to the particular language of its provisions. Accordingly, the drafting of this Agreement is not to be attributed to either Party.


b.	Article, Section and paragraph headings contained in this Agreement are for reference purposes only and are not to affect the meaning or interpretation of this Agreement. The word “include” in every form

Proprietary and Confidential

Agreement No.: 20120124.035.C

means to include without limitation by virtue of enumeration and a derivative of a defined term shall have the meaning appropriate to the context of its use. Whenever this Agreement refers to a consent or approval to be given by either Party, such consent or approval is effective only if given in writing and signed by the Party giving approval or consent. The use of singular words includes the plural and vice versa.

3.11 Cumulative Remedies

The rights and remedies of the Parties set forth in this Agreement are not exclusive of, but are cumulative to, any rights or remedies now or subsequently existing at law, in equity, by statute or otherwise, except in those cases where this Agreement or an Order specifies that a particular remedy is sole or exclusive, but neither Party may retain the benefit of inconsistent remedies. No single or partial exercise of any right or remedy with respect to one breach of this Agreement or any Order precludes the simultaneous or subsequent exercise of any other right or remedy with respect to the same or a different breach.

3.12 Delivery, Performance and Acceptance

Services performed by Supplier shall be deemed to be Accepted by AT&T when Services are performed to AT&T’s satisfaction. Payments, including progress payments, if any, shall not be construed as Acceptance of Services performed up to the time of such payments. AT&T shall notify Supplier of any Services considered to be unsatisfactory. Supplier shall, at no charge to AT&T, take prompt action to correct such unsatisfactory Services. If such unsatisfactory Services have not been corrected within a reasonable time (not to exceed [*] ([*]) working days from date of notification), AT&T may, in addition to all other rights and remedies provided by law or this Agreement, terminate this Agreement and/or any affected Order.

3.13 Entire Agreement

This Agreement constitutes the final, complete, and exclusive expression of the Parties’ agreement on the matters contained in this Agreement. All prior written and oral negotiations and agreements, and all contemporaneous oral negotiations and agreements, between the Parties on the matters contained in this Agreement are expressly merged into and superseded by this Agreement. The Parties do not intend that the provisions of this Agreement be explained, supplemented, or qualified through evidence of trade usage or any prior course of dealings or any course of performance under any prior agreement. In entering into this Agreement, neither Party has relied upon any statement, estimate, forecast, projection, representation, warranty, action or agreement of the other Party except for those expressly contained in this Agreement. There are no conditions precedent to the effectiveness of this Agreement other than any expressly stated in this Agreement.

3.14 Force Majeure


a.	A Party is excused from performing its obligations under this Agreement or any Order if, to the extent that, and for so long as:


i.	such Party’s performance is prevented or delayed by an act or event (other than economic hardship, changes in market conditions, insufficiency of funds, or unavailability of equipment and supplies) that is beyond its reasonable control and could not have been prevented or avoided by its exercise of due diligence; and


ii.	such Party gives written notice to the other Party, as soon as practicable under the circumstances, of the act or event that so prevents such Party from performing its obligations.

Proprietary and Confidential

Agreement No.: 20120124.035.C


b.	By way of illustration, and not limitation, acts or events that may prevent or delay performance (as contemplated by this Section) include: acts of God or the public enemy, acts of civil or military authority, terrorists acts, embargoes, epidemics, war, riots, insurrections, fires, explosions, earthquakes, floods, and extreme weather events.


c.	If Supplier is the Party whose performance is prevented or delayed, AT&T may elect to:


1.	Terminate, in whole or in part, this Agreement and the affected Order, without any liability to Supplier except for payment of all fees due and owing to Supplier under such affected Order for Services rendered by Supplier to AT&T through such termination date; or

Suspend this Agreement and the affected Order or any part thereof for the duration of the delay; and (at AT&T’s option) obtain Material and Services elsewhere and deduct from any commitment, under this Agreement or such Order, the quantity of the Material and Services obtained elsewhere or for which commitments have been made elsewhere; and resume performance under this Agreement or such Order when Supplier resumes its performance; and (at AT&T’s option) extend any affected Delivery Date or performance date up to the length of time Supplier performance was delayed or prevented. If AT&T does not give any written notice, within [*] ([*]) days after receiving notice under this Section that Supplier performance has been delayed or prevented, this option (ii) will be deemed to have been selected.


d.	Notwithstanding subsections a, b, and c of this Section and except as otherwise specified in an Order, Supplier shall take reasonable steps to provide redundancy such that Supplier’s ability to perform the Services are not impacted by a Force Majeure event.

3.15 Governing Law

The laws of the State of Texas (excluding any laws that direct the application of another jurisdiction’s law) govern all matters arising out of or relating to this Agreement and all of the transactions it contemplates, including its validity, interpretation, construction, performance, and enforcement.

3.16 Government Contract Provisions

To the extent that Supplier’s performance is subject to certain executive orders (including E.O. 11246 and E.O. 13201) and statutes (including Section 503 of the Rehabilitation Act of 1973, as amended; the Vietnam Era Veteran’s Readjustment Assistance Act of 1974; Section 8116 of the Defense Appropriations Act for Fiscal Year 2010 (Pub. L. 111-118); and the Jobs for Veterans Act) pertaining to government contractors, Supplier shall:


1.	comply with such executive orders and statutes, and their implementing regulations, as amended from time to time; and


2.	fulfill the obligations of a contractor under the clauses incorporated by this Section.


b.	This Section incorporates the following statutes and rules:


1.	“Affirmative Action For Workers With Disabilities” (at 48 CFR §52.222-36);


2.	“Employment Reports On Special Disabled Veterans, Veterans Of The Vietnam Era, and Other Eligible Veterans” (at 48 CFR §52.222-37);


3.	“Equal Employment Opportunity” (at 48 CFR §52.222-26);

Proprietary and Confidential

Agreement No.: 20120124.035.C


4.	“Equal Employment Xxxxxxxxxxx Xxxxxx” (xx 00 XXX §00-0.0(x));


5.	“Equal Opportunity For Special Disabled Veterans And Veterans of the Vietnam Era” (at 41 CFR §60-250.5);


6.	“Equal Opportunity for Disabled Veterans, Recently Separated Veterans, Other Protected Veterans, and Armed Forces Service Medal Veterans” (at 41 CFR §60-300.5);


7.	“Equal Opportunity For Workers With Disabilities” (at 41 CFR §60-741.5);


8.	“Prohibition of Segregated Facilities” (at 48 CFR §52.222-21);


9.	“Small Business Subcontracting Plan” (at 48 CFR §52.219-9); and


10.	“Utilization Of Small Business Concerns” (at 48 CFR §52.219-8).


11.	"Whistleblower Protections Under the American Recovery and Reinvestment Act of 2009") (FAR 52.203-15,


12.	"American Recovery and Reinvestment Act - Reporting Requirements" (FAR 52.204-11).


13.	“GAO/IG Access” (FAR 52.212-5(d) (Alt. II), FAR 52.214-26(c) (Alt. I), FAR 52.215-2(d) (Alt. I)).


14.	“Xxxxx-Xxxxx Act" (FAR 52.222-6),


15.	“Buy American Act” (FAR 52.225-21, FAR 52.225-22, FAR 52.225-23, & FAR 52.225-24)


16.	“Whistleblower Protections” (Pub. L. No. 111-5, Section 1553)

17. “Award term—Reporting and registration requirements under section 1512 of the Recovery Act” (2 CFR 176.50),


18.	“GAO/IG Access” (Pub. L. No. 111-5, Section 902, 1514 and 1515)


19.	“Award term—Wage Rate Requirements under Section 1606 of the Recovery Act” (2 CFR 176.190)


20.	Buy American Requirements (2 CFR 176.140, 2 CFR 176.150, 2 CFR 176.160, & 2 CFR 176.170)


c.	If an Order includes a statement that performance is intended for a government contract and incorporates additional government contracting provisions, Supplier shall also fulfill the obligations of a contractor under those additional provisions.

3.17 Indemnity

Supplier shall indemnify, hold harmless, and defend AT&T, its Affiliates, and their agents and employees, in accordance with this Section, against any Loss arising from or in connection with, or resulting from, the Materials or Services furnished by Supplier or Supplier’s acts or omissions with respect to this Agreement. Supplier’s duty to indemnify, hold harmless, and defend against Loss shall, however, be limited by, and subject to applicable laws regarding contributory negligence in the event of any Loss that may be caused or alleged to be caused in part by the negligence of AT&T or other persons indemnified under this Agreement.

“Loss” includes any liability, loss, claim, demand, suit, cause of action, settlement payment, cost and expense, interest, award, judgment, damages (including punitive damages), diminution in value, liens, fines, fees, penalties, and Litigation Expense. “Litigation Expense” means any court filing fee, court cost, arbitration fee, and each other fee and cost of investigating or defending an indemnified claim or asserting any claim for indemnification or defense under this Agreement, including Attorney’s Fees, other professionals’ fees, and disbursements.

Without limiting the foregoing provisions of this section, Supplier also agrees to defend, indemnify, hold harmless and defend AT&T, its Affiliates and their agents and employees in the event that any federal, state or local governmental agency or any of Supplier’s current or former applicants, agents, employees or subcontractors, or agents or employees of Supplier’s subcontractors assert claims arising out of the employment relationship with Supplier, or

Proprietary and Confidential

Agreement No.: 20120124.035.C

otherwise with respect to performance under this Agreement, including but not limited to claims, charges and actions arising under Title VII of the Civil Rights Act of 1964, as amended, The Equal Pay Act, the Age Discrimination in Employment Act, as amended, The Rehabilitation Act, the Americans with Disabilities Act, as amended, the Fair Labor Standards Act, the Family and Medical Leave Act, Workers’ Compensation laws, the National Labor Relations Act and any other applicable federal, state or local Laws. Supplier’s duties to indemnify, hold harmless and defend AT&T under this section include, but are not limited to, any liability, cause of action, lawsuit, penalty, claim or demand, administrative proceeding in which AT&T or its Affiliates is named as or alleged to be an “employer” or “joint employer” with the Supplier. The foregoing indemnity obligation shall be in addition to any other indemnity obligations of Supplier set forth in this Agreement.

AT&T shall notify Supplier in writing, and with reasonable promptness, of any claim, demand, suit, cause of action or legal proceeding that may give rise to a claim against Supplier for defense. If AT&T fails to give notice, Supplier is still obligated to indemnify, hold harmless and defend AT&T, except that Supplier is not liable for any Litigation Expense that AT&T incurs before the time when notice is given and is not liable for a degradation in the ability to defend the Litigation to the extent Supplier can show it was prejudiced as a result of the delay in providing notice.

At the request of AT&T, Supplier shall conduct AT&T’s defense (employing counsel reasonably acceptable to AT&T), at Supplier’s expense, against any claim, demand, suit or cause of action within the scope of paragraph (a) above, whether or not litigation is actually commenced or the allegations are meritorious. At its own option, AT&T may employ separate counsel, including in-house counsel, to conduct AT&T’s defense against such a claim. AT&T and Supplier shall cooperate in the defense of any such claim. Supplier may control the defense and settlement of such a claim, but if the settlement of a claim may have an adverse effect on AT&T, then Supplier shall not settle such claim without the consent of AT&T, and AT&T shall not unreasonably withhold or delay its consent.


f.	Intentionally Omitted

Supplier shall bring no claim or action for indemnification, contribution, or [*] against AT&T, its Affiliates, or their agents or employees, nor shall Supplier implead any of them in any action brought by another, based on injury to the person or death arising out or relating to Supplier’s performance under this Agreement. If, through any such action, Supplier ever acquires a lien on a judgment against AT&T, its Affiliates, or their agents or employees, then Supplier shall assign such lien to AT&T. Supplier waives any immunity from indemnification that Supplier may hold, by virtue of Supplier’s compliance with its workers’ compensation obligations in any jurisdiction, even if such immunity arises under the constitution or statutes of such jurisdiction (such as, for example, Section 35, Article II, of the Ohio Constitution and Sections 4123.74 and 4123.741 of the Ohio Revised Code).

3.18 Information


a.	Supplier shall ensure that its Representatives (including employees, contractors, suppliers, and Subcontractors) strictly comply with all Laws regarding security and confidentiality of Information and any higher standards as may be contained in the Agreement or an Order. Such efforts shall include, but are not limited to, the following steps:

Proprietary and Confidential

Agreement No.: 20120124.035.C


1.	Train its Representatives regarding their obligations under the law, the Agreement, and all Orders issued pursuant hereto;


2.	Monitor Representatives’ actions, including their use of websites, for compliance;


3.	Immediately notify AT&T Vendor Manager(s) in the event of any suspected or actual activities of Representatives that would or could reasonably constitute a violation of the Law, the Agreement or an Order;


4.	Identify areas where Supplier’s processes, systems, and monitoring may be vulnerable and take action to reduce the risk of unauthorized access, use, or disclosure of any AT&T Information.

Supplier shall reimburse AT&T for any and all penalties, fines, awards, costs, and actual damages associated with or arising from Supplier’s unauthorized disclosure, use, or access, and from Supplier’s failure to prevent its Representatives from making an unauthorized disclosure, use, or access to, AT&T Information. In addition to all other legal or contractual remedies, in the event of an unauthorized disclosure, use, or accessing of AT&T Information, the Parties agree as follows:


1.	Website Disclosures


i.	Any disclosure or posting of AT&T Information by Supplier, its CSR, or any other Supplier personnel on an unsecure website shall constitute a material breach of the Agreement.


ii.	Within [] ([]) hours after Supplier discovers or is advised that AT&T Information has been posted on an unsecure website, Supplier shall remove or cause the removal such AT&T Information. Time is of the essence. If the AT&T Information is not removed within the [] ([]) hour period, that failure shall constitute a separate material breach of the Agreement by Supplier.

iii.

Each [*] ([*]) hour period during which the AT&T Information has not been removed from the website shall constitute a separate material breach of the Agreement. For each material breach under this subsection b.1.(iii), Supplier shall credit AT&T’s account at the rate of [*] dollars ($[*]) per byte of Information posted on website per [*] ([*]) hour period for each [*] ([*]) hour period that the Information remains on a website after the [*] ([*]) hour period described in subsection b.1.( ii). (Calculated as (Number of [*] hour period) x ($[*]/byte) x (number of bytes).) In addition, Supplier shall be liable to AT&T for any damages incurred by AT&T by virtue of Supplier’s failures to remove the Information in a timely manner. Further, Supplier’s failure to remove the AT&T Information from the website by the end of the [*][*] ([*]) hour period shall operate as a waiver by Supplier of all forecast guarantees under an Order for the then-current and all subsequent months of an Order. In the event of such material breach, AT&T may demand prompt return of all confidential and proprietary Information previously provided to Supplier and may immediately terminate this Agreement and the applicable Order. The provisions of this Section are in addition to and not in lieu of all other remedies to which AT&T is entitled, whether at law or in equity.


2.	On the first or any subsequent occurrence of an unauthorized disclosure, use, or access to AT&T Information, Supplier shall seek third party certification for its PCI DSS practices as described in the Section entitled Payment Card Industry (PCI).


3.	If a [] or subsequent unauthorized disclosure, use, or access to AT&T Information occurs, in addition to all other remedies under the Order or the Agreement, Supplier shall submit to a third party audit of its certification processes for PCI DSS practices and implement all recommendations of the third party auditor within [] ([*]) months thereafter.

Proprietary and Confidential

Agreement No.: 20120124.035.C

Supplier acknowledges that AT&T has a duty to protect AT&T Information. If AT&T determines in its sole and absolute discretion that Supplier or the Supplier Facility is doing an inadequate job of protecting AT&T Information, AT&T shall have the right to stop or reduce the calls routed to Supplier or to the Facility. If AT&T makes this determination and it results in AT&T failing to deliver the forecasted volume of Work to Supplier or the Supplier Facility, Supplier shall not be entitled to any payment under the forecast guarantee provisions in the Order.

In connection with this Agreement, including Supplier’s performance of its obligations hereunder and AT&T’s receipt of Material and Services, either Party may find it beneficial to disclose to the other Party (which may include permitting or enabling the other Party’s access to) certain of its Information. For the purpose of this clause, AT&T’s disclosure of Information to Supplier includes any Information that Supplier receives, observes, collects, handles, stores, or accesses, in any way, in connection with this Agreement. Information of a disclosing Party shall be deemed to be confidential or proprietary only if it is clearly marked or otherwise identified by the disclosing Party as being confidential or proprietary, provided that if it is orally or visually disclosed (including Information conveyed to an answering machine, voice mail box or similar medium), the disclosing Party shall designate it as confidential or proprietary at the time of such disclosure. Not withstanding the foregoing, a disclosing Party shall not have any such obligation to so xxxx or identify, or to so designate, Information that the disclosing Party discloses to or is otherwise obtained by the other Party’s employees, contractors, or representatives (i) who are located on the disclosing Party’s premises; (ii) who access the disclosing Party’s systems; or (iii) who otherwise obtain AT&T and/or AT&T Customer Information in connection with this Agreement, any such Information so disclosed shall automatically be deemed to be confidential and proprietary. Additionally, the failure to xxxx or designate information as being confidential or proprietary will not waive the confidentiality where it is reasonably obvious, under the circumstances surrounding disclosure, that the Information is confidential or proprietary; any such Information so disclosed or obtained shall automatically be deemed to be confidential and proprietary. For greater certainty, Information provided by either Party to the other Party prior to the Effective Date of this Agreement in connection with the subject matter hereof, including any such Information provided under a separate non-disclosure agreement (howsoever denominated) is also subject to the terms of this Agreement. Neither Party shall disclose Information under this Agreement that includes, in any form, any of the following: CPNI (as defined in Section 4.6 “Customer-Information”) , SPI (as defined in Appendix O “Security Attachment (SISR)”, Customer or employee personal information, credit card and credit related information, health or financial information, and/or authentication credentials.


d.	With respect to the Information of the disclosing Party, the receiving Party shall:


1.	hold all such Information in confidence with the same degree of care with which it protects its own confidential or proprietary Information, but with no less than reasonably prudent care;


2.	restrict disclosure of such Information solely to its employees, contractors, and agents with a need to know such Information, advise such persons of their confidentiality obligations hereunder with respect thereto, and ensure that such persons are bound by obligations of confidentiality reasonably comparable to those imposed in this Agreement;


3.	use such Information only as needed to perform its obligations (and, if AT&T is the receiving Party, to receive the benefits of the Material and Services provided) under this Agreement;

Proprietary and Confidential

Agreement No.: 20120124.035.C


4.	except as necessary under clause (c), not copy, distribute, or otherwise use any such Information or allow anyone else to copy, distribute, or otherwise use such Information; and ensure that any and all copies bear the same notices or legends, if any, as the originals; and

upon the disclosing Party’s request, promptly return, or destroy all or any requested portion of the Information, including tangible and electronic copies, notes, summaries, extracts, mail or other communications, and provide written certification within [*] ([*]) business days to the disclosing Party that such Information has been returned or destroyed, provided that with respect to archival or back-up copies of Information that reside on the receiving Party’s systems, the receiving Party shall be deemed to have complied with its obligations under this clause (e) if it makes reasonable efforts to expunge from such systems, or to permanently render irretrievable, such copies.


e.	Neither Party shall have any obligation to the other Party with respect to Information which:


1.	at the time of disclosure was already known to the receiving Party free of any obligation to keep it confidential (as evidenced by the receiving Party’s written records prepared prior to such disclosure);


2.	is or becomes publicly known through no wrongful act of the receiving Party (such obligations ceasing at the time such Information becomes publicly known);


a.	is lawfully received from a third party, free of any obligation to keep it confidential;


b.	is independently developed by the receiving Party or a third party, as evidenced by the receiving Party’s written records, and wherein such development occurred without any direct or indirect use of or access to the Information received from the disclosing Party, or


c.	the disclosing Party consents in writing to be free of restriction.

If a receiving Party is required to provide Information of a disclosing Party to any court or government agency pursuant to a written court order, subpoena, regulatory demand, or process of law, the receiving Party must, unless prohibited by applicable law, first provide the disclosing Party with prompt written notice of such requirement and reasonable cooperation to the disclosing Party should it seek reasonable protective arrangements for the production of such Information. The receiving Party will (i) take reasonable steps to limit any such provision of Information to the specific Information required by such court or agency, and (ii) continue to otherwise protect all Information disclosed in response to such order, subpoena, regulation, or process of law.


g.	A receiving Party’s obligations with respect to any particular Information of a disclosing Party shall remain in effect, including after the expiration or termination of this Agreement, until such time as it qualifies under one of the exceptions set forth in clause (e) above.

Notwithstanding anything to the contrary in this Agreement (including in this Section), Supplier understands and acknowledges that Supplier information related to the installation, operation, repair, or maintenance of Material shall not be considered confidential or proprietary, and AT&T may disclose any such information for purposes of installing, operating, repairing, replacing, removing, and maintaining the Material.

Proprietary and Confidential

Agreement No.: 20120124.035.C


i.	The Parties expressly agree that AT&T may use confidential Information relating to Supplier performance to create scorecards showing Supplier performance relative to other suppliers supporting a particular business unit or Program and that, in such event:


1.	AT&T may share this confidential Information with other firms supporting the business unit or Program;


2.	Disclosure of such confidential Information by AT&T to other suppliers supporting the business unit or Program is not a breach of AT&T’s duty to protect Supplier confidential Information;

Any such scorecards are intended to provide Supplier with benchmarking information regarding its performance relative to other firms supporting the business unit or Program and relative to AT&T’s expectations so that Supplier can assess any need for improvement. Supplier shall not use any such scorecards for any other purpose. In particular and without limitation, Supplier shall not use any scorecards in any marketing, sales, or other efforts and all Information related to the existence, rankings, performance, ranking, contents, and criteria of all scorecards shall be disclosed only to individuals within Supplier and, even then, shall only be disclosed to individuals who have a bona fide need to know such confidential Information.

3.19 Infringement

a.Definitions. For purposes of this Section:


1.	“Indemnified Parties” shall mean AT&T and its Affiliates, as well as their agents, distributors and customers, individually or collectively, as the case may be.


2.	“Loss” shall mean any liability, loss, claim, demand, suit, cause of action, settlement payment, cost and expense, interest, award, judgment, damages (including, without limitation, punitive and exemplary damages and increased damages for willful infringement), liens, fines, fees, penalties, and Litigation Expense.


3.	“Litigation Expense” means any court filing fee, court cost, arbitration fee, and each other fee and cost of investigating or defending an indemnified claim or asserting any claim for indemnification or defense under this Agreement, including without limitation reasonable attorneys’ fees and other professionals’ fees, and disbursements.


4.	“Accused Elements” shall mean any products, hardware, software, systems, content, services, processes, methods, documents, materials, data or information (or functionality therein) provided by or on behalf of Supplier.

b.Obligations.


1.	Supplier shall indemnify, hold harmless, and defend the Indemnified Parties against any Loss resulting from, arising out of or relating to any allegation, threat, demand, claim or lawsuit brought by any third party (“Covered Claim”), regardless of whether such Covered Claim is meritorious, of:


a)	infringement (including, without limitation, direct, contributory and induced infringement) of any patent, copyright, trademark, service xxxx, or other Intellectual Property Rights in connection with the Accused Elements, including, for example, any Covered Claim of infringement based on:

Proprietary and Confidential

Agreement No.: 20120124.035.C


(1)	making, repair, receipt, use, importing, sale or disposal (and offers to do any of the foregoing) of Accused Elements (or having others do any of the foregoing, in whole or in part, on behalf of or at the direction of the Indemnified Parties), or


(2)	use of Accused Elements in combination with products, hardware, software, systems, content, services, processes, methods, documents, materials, data or information not furnished by Supplier, including, for example, use in the form of the making, having made or using of an apparatus or system, or the making or practicing of a process or method (a “Combination Claim”);


b)	misappropriation of any trade secret, proprietary or non-public information in connection with the Accused Elements; any and all such Loss referenced in this Section b (“Obligations”) being hereinafter referred to as a “Covered Loss.”


2.	In the event (and only in the event) that Supplier’s obligations under paragraph b.1. result from, arise out of, or relate to a Covered Claim that is a Combination Claim, the following provisions shall apply:

Supplier shall be liable to pay only its Proportionate Share of the Covered Loss associated with such Combination Claim. The “Proportionate Share” payable by Supplier shall be a portion of the Covered Loss determined on an objectively fair and equitable basis to be attributable to Supplier based on the relative materiality of the role played by the applicable Accused Elements in the Combination Claim.


b)	Supplier shall be liable to the Indemnified Parties (or to a third-party claimant directly, if applicable) for its duly determined Proportionate Share of the Covered Loss with respect to a particular Combination Claim, regardless of whether any other interested party compensates the Indemnified Parties as part of an indemnification obligation, if any, relating to the Combination Claim.

Supplier shall make payments in satisfaction of its Proportionate Share obligation (“Required Payments”) whenever those Required Payments become due (for example, Supplier shall make Required Payments for indemnified defense costs when payment is due to be paid to outside counsel; and Supplier shall make Required Payments for court awards (such as damages) when payment is required by the court; and Supplier shall make Required Payments for settlement when payment is due to be paid according to the terms of a settlement agreement). To the extent possible, AT&T shall give Supplier reasonable notice of such payment due dates. Supplier shall be liable to the Indemnified Parties for any monies owed (such as a Proportionate Share) by any affiliate of Supplier should such affiliate fail to pay in accordance with its indemnification obligation to the Indemnified Parties.

AT&T shall have sole control over the defense of (i) any Combination Claim and (ii) any other Covered Claim that involves Supplier and one or more other suppliers of AT&T or its Affiliates ((i) and (ii) being hereinafter referred to separately and collectively as a “Compound Claim”). Supplier shall cooperate in every reasonable way with AT&T to facilitate the defense and may, at its option and at its own expense, participate with AT&T in the defense with counsel of its own choosing.


4.	In the event (and only in the event) that Supplier’s obligations under paragraph b.1. result from, arise out of, or relate to other than a Compound Claim, Supplier may control the defense, but only if, promptly upon any of the Indemnified Parties’ giving Supplier written notice of the

Proprietary and Confidential

Agreement No.: 20120124.035.C

Covered Claim, Supplier delivers to AT&T a written, properly executed, unconditional, irrevocable, and binding promise to fully indemnify and hold harmless the Indemnified Parties from and against all Losses related to the Covered Claim and, in particular, to waive any exceptions or limitations that might otherwise apply under this Section. In the event that Supplier controls the defense of the Covered Claim, the Indemnified Parties may, at their option and expense, participate with Supplier in the defense of such Covered Claim.


5.	AT&T shall notify Supplier promptly of any Covered Claim, but such notice shall not be a precondition of Supplier’s obligations under this Section; and any delay in such notice shall not relieve Supplier of its obligations under this Section, except if and only to the extent that Supplier can show that such delay actually and materially prejudices Supplier.

In no event shall Supplier settle, without AT&T’s prior written consent, any Covered Claim, in whole or in part, in a manner that would require any Indemnified Party to discontinue or materially modify its products or services (or offerings thereof). In no event shall Supplier enter into any agreement related to any Covered Claim or to the Intellectual Property Rights asserted therein that discharges or mitigates Supplier’s liability to the third-party claimant but fails to fully discharge all of AT&T’s liabilities as to the Covered Loss.

Proprietary and Confidential

Agreement No.: 20120124.035.C

c.Continued Use of Accused Elements Upon Injunction.

Without in any manner limiting the foregoing indemnification, if, as a result of a Covered Claim, (i) Indemnified Parties’ rights under this Agreement are restricted or diminished; or (ii) an injunction, exclusion order, or other order from a court, arbitrator or other competent tribunal or governmental authority preventing or restricting the Indemnified Parties’ use or enjoyment of the Accused Elements (“Adverse Judicial Order”) is issued, imminent, or reasonably likely to be issued, then, in addition to its other obligations set forth in this Section, Supplier, in any case at its sole expense (or, in the case of a Combination Claim, at its fairly and equitably apportioned expense) and at no loss, cost or damage to the Indemnified Parties or their customers, shall use commercially reasonable efforts to obtain for the Indemnified Parties the right to continue using or conducting other activities with respect to the Accused Elements (or, in the case of a Combination Claim, shall use commercially reasonable efforts, in cooperation as reasonably needed with other interested parties, to obtain for the Indemnified Parties the right to continue using or conducting other activities with respect to the Accused Elements in the combination at issue); provided that if Supplier is unable to obtain such right, Supplier shall, after consulting with and obtaining the written approval of the Indemnified Parties, provide modified or replacement non-infringing Accused Elements that are (or, in the case of a Combination Claim, shall use commercially reasonable efforts, in cooperation as reasonably needed with other interested parties, to provide a modified or replacement non-infringing combination, with the Accused Elements being modified or replaced as needed therein, that is) equally suitable and functionally equivalent while retaining the quality of the original Accused Elements and complying fully with all the representations and warranties set forth in this Agreement; provided further that if Supplier is unable in this way to provide such modified or replacement non-infringing Accused Elements, AT&T shall have the rights, without prejudice to any other rights or remedies that AT&T has in contract, law or equity: (i) to terminate this Agreement; and (ii) to require Supplier, as applicable, to remove, accept return of, or discontinue the provision of the Accused Elements, to refund to AT&T the purchase price thereof or other monies paid therefor, and to reimburse AT&T for any and all out-of-pocket expenses of removing, returning, or discontinuing such Accused Elements.

Notwithstanding any other provision of this Agreement to the contrary, should an Adverse Judicial Order be issued against any person (whether or not stayed or currently in effect), affecting Indemnified Parties’ ability to use or conduct other activities with respect to the Accused Elements, then the Indemnified Parties may seek the right to continue to use, or conduct other activities with respect to, the Accused Elements, and Supplier shall reimburse the Indemnified Parties for the reasonable costs (including reasonable attorney’s fees) associated with obtaining such right; and, in the case of a Combination Claim, the Indemnified Parties may seek the right to continue to use, or conduct other activities with respect to, the combination at issue and seek from Supplier a fair and equitably apportioned share of the reasonable costs (including reasonable attorney’s fees) associated with such right.


d.	Elimination of Charges. AT&T has no obligation to pay Supplier any charges under this Agreement for the purchase, use, or maintenance of Accused Elements when such purchase, use, or maintenance occurs after such time as the Indemnified Parties cease to use them, by reason of actual or claimed infringement.


e.	Exceptions. Supplier shall have no liability or obligation to any of the Indemnified Parties for any Loss resulting from a Covered Claim if and to the extent that such Covered Claim is clearly based on, and would not have arisen but for:

Proprietary and Confidential

Agreement No.: 20120124.035.C


1.	use of the Accused Elements by the Indemnified Parties in a manner that constitutes a material breach of an explicit prohibition in this Agreement; or


2.	a modification or alteration of the Accused Elements by an Indemnified Party that is both unauthorized by Supplier and not reasonably necessary for its use; or


3.	Supplier’s contractually required conformance to the Indemnified Party’s written specifications, but only if and to the extent all of the following are true:


a)	there was no technically feasible non-infringing means of complying with those specifications; and


b)	the relevant specifications are not designed to bring the Accused Elements into compliance with or conform to an industry standard; and


c)	the Accused Elements (nor the accused functionality therein) are not, nor have been, at any time (now or in the future) provided by or on behalf of Supplier to any third party; and


d)	the Accused Elements (nor the accused functionality therein) are not, nor have been, at any time (now or in the future) available on the open market (i.e. provided or offered at any time by a third party to another party other than AT&T; and


e)	the relevant specifications for the Accused Elements are not of Supplier’s (or their sub-supplier’s) origin, design, or selection.

OTHER LIMITATIONS OF LIABILITY NOT APPLICABLE. NOTWITHSTANDING ANY OTHER PROVISION IN THIS AGREEMENT TO THE CONTRARY (AND WHETHER OR NOT SUCH A PROVISION CONTAINS LANGUAGE THAT REPRESENTS ITSELF AS TAKING PRECEDENCE OVER OTHER PROVISIONS CONTRARY TO IT), WHETHER EXPRESS OR IMPLIED, NONE OF THE LIMITATIONS OF LIABILITY (INCLUDING, WITHOUT LIMITATION, ANY LIMITATIONS REGARDING TYPES OF OR AMOUNTS OF DAMAGES OR LIABILITIES) CONTAINED ANYWHERE IN THIS AGREEMENT WILL APPLY TO SUPPLIER CAP’S OBLIGATIONS UNDER THIS SECTION.

3.20 Insurance


a.	With respect to Supplier’s performance under this Agreement, and in addition to Supplier’s obligation to indemnify, Supplier shall at its sole cost and expense:


i.	maintain the insurance coverages and limits required by this Section and any additional insurance and/or bonds required by law:


1.	at all times during the Term of this Agreement and until completion of all Work associated with this Agreement, whichever is later; and


2.	with respect to any coverage maintained in a “claims-made” policy, for [] ([]) years following the Term of this Agreement or completion of all Work associated with this Agreement, whichever is later. If a “claims-made” policy is maintained, the retroactive date must precede the commencement of Work under this Agreement;


ii.	require each subcontractor who may perform Work under this Agreement or enter upon the Work site to maintain coverages, requirements, and limits at least as broad as those listed in this Section from

Proprietary and Confidential

Agreement No.: 20120124.035.C

the time when the subcontractor begins Work, throughout the Term of the subcontractor’s Work and, with respect to any coverage maintained on a “claims-made” policy, for [*] ([*]) years thereafter;

iii.

procure the required insurance from an insurance company eligible to do business in the state or states where Work will be performed and having and maintaining a Financial Strength Rating of “A-” or better and a Financial Size Category of “VII” or better, as rated in the A.M. Best Key Rating Guide for Property and Casualty Insurance Companies, except that, in the case of Workers’ Compensation insurance, Supplier may procure insurance from the state fund of the state where Work is to be performed; and


iv.	deliver to AT&T certificates of insurance stating the types of insurance and policy limits. Supplier shall provide or will endeavor to have the issuing insurance company provide at least [] ([]) days advance written notice of termination, non-renewal, or reduction in coverage, terms, or limits to AT&T. Supplier shall deliver such certificates:


1.	prior to execution of this Agreement and prior to commencement of any Work;


2.	prior to expiration of any insurance policy required in this Section; and


3.	for any coverage maintained on a “claims-made” policy, for [] ([]) years following the Term of this Agreement or completion of all Work associated with this Agreement, whichever is later.


b.	The Parties agree that:


i.	the failure of AT&T to demand such certificate of insurance or failure of AT&T to identify a deficiency will not be construed as a waiver of Supplier’s obligation to maintain the insurance required under this Agreement;


ii.	the insurance required under this Agreement does not represent that coverage and limits will necessarily be adequate to protect Supplier, nor be deemed as a limitation on Supplier’s liability to AT&T in this Agreement;


iii.	Supplier may meet the required insurance coverages and limits with any combination of primary and Umbrella/Excess liability insurance; and


iv.	Supplier is responsible for any deductible or self-insured retention.


c.	The insurance coverage required by this Section includes:


1.	Workers’ Compensation insurance with benefits afforded under the laws of any state in which the Work is to be performed and Employers Liability insurance with limits of at least:

$[*] for Bodily Injury – each accident
$[*] for Bodily Injury by disease – policy limits
$[*] for Bodily Injury by disease – each employee

[*]

Proprietary and Confidential

Agreement No.: 20120124.035.C

In states where Workers’ Compensation insurance is a monopolistic state-run system, Supplier shall add Stop Gap Employers Liability with limits not less than $[*] each accident or disease.

Commercial General Liability insurance written on Insurance Services Office (ISO) Form CG 00 01 12 04 or a substitute form providing equivalent coverage, covering liability arising from premises, operations, personal injury, products/completed operations, and liability assumed under an insured contract (including the tort liability of another assumed in a business contract) with limits of at least:
$[*] General Aggregate limit
$[*] each occurrence limit for all bodily injury or property damage incurred in any [*] ([*]) occurrence
$[*] each occurrence limit for Personal Injury and Advertising Injury
$[*] Products/Completed Operations Aggregate limit
$[*] each occurrence limit for Products/Completed Operations
$[*] Damage to Premises Rented to You (Fire Legal Liability)

The Commercial General Liability insurance policy must:

include AT&T, its Affiliates, and their directors, officers, and employees as Additional Insureds. Supplier shall provide a copy of the Additional Insured endorsement to AT&T. The Additional Insured endorsement may either be specific to AT&T or may be “blanket” or “automatic” addressing any person or entity as required by contract. A copy of the Additional Insured endorsement must be provided within [*] ([*]) days of execution of this Agreement and within [*] ([*]) days of each Commercial General Liability policy renewal;


4.	[*]; and


5.	be primary and non-contributory with respect to any insurance or self-insurance that is maintained by AT&T.


v.	Business Automobile Liability insurance with limits of at least $[*] each accident for bodily injury and property damage, extending to all owned, hired, and non-owned vehicles.


vi.	Commercial Crime Insurance, including employee theft and computer fraud in

an amount of $[*] per claim, to include third party coverage to respond to loss or damage involving customer money, securities or other property, resulting from theft committed by a Supplier employee.


vii.	Professional Liability or Technology Errors and Omissions insurance, to include cyber liability coverage, with per claim and annual aggregate limits of $[*]. AT&T shall be named an additional insured on this policy for the wrongful acts of Supplier, either by a blanket endorsement or by separate endorsement if required by the insurance carrier.

viii. Media Liability insurance with limits of at least $[*] each claim or wrongful act.

3.21 Invoicing and Payment

Supplier shall be compensated in accordance with the terms and at the rates specified in each Order. Except as otherwise specified in an Order, Supplier shall render an electronic correct invoice promptly every month for each month on or before the [*] ([*]) business day after the end of the prior month for Services performed

Proprietary and Confidential

Agreement No.: 20120124.035.C

during that prior month. If, directed by AT&T in an Order, Supplier shall transact business with AT&T using an internet-based payment network and shall submit invoices in electronic form to AT&T's Accounts Payable organization through the network. Each invoice shall provide the number of units (e.g. hours, minutes, etc.) as set forth in an Order for Services that were performed during the month, the billable rate for each unit and/or hour or minutes, and information on which discounts or bonuses are calculated, if applicable. All charges on the invoice shall be supported by detailed reports as required hereunder or specified in the Order. Invoices shall separately itemize all charges, including those not otherwise covered by the billable rates (including, but not limited to, clerical or administrative charges), any and all taxes, discount and bonus calculations, and the number of units (e.g. hours, minutes, etc.) of Services billed to AT&T by month, with a description of the activities performed during that month and sent to AT&T’s Vendor Manager set forth in the Order.


a.	If requested by AT&T in an Order, Supplier shall transact business with AT&T using an internet-based system, e.g. Ariba, and submit invoices in electronic form to AT&T's Accounts Payable organization.

AT&T shall pay all properly rendered invoices within [*] ([*]) days of receipt. If AT&T disputes any invoice rendered, AT&T shall so notify Supplier. The Parties shall use their best efforts to resolve any invoicing and payment disputes expeditiously, and AT&T is not obligated to make any payment against any disputed amounts until the Parties have resolved the dispute but will pay any undisputed amounts on any invoice within normal payment terms. AT&T’s failure to pay the undisputed portion in a timely fashion shall not be deemed a waiver of its right to contest the disputed charges. Invoices received by AT&T more than [*] ([*]) months after the provision of Material or performance of Services are untimely and AT&T has no obligation to pay such invoices.


c.	Travel or miscellaneous expenses incurred by Supplier in the performance of Services are not compensable, unless specifically set forth in an Order and authorized pursuant to the Section entitled Reimbursable Expenses. Further, AT&T does not commit to purchase any quantity or volume of Services during the Term of this Agreement.


d.	AT&T may deduct any setoff or recoupment claims that it or its Affiliates may have against Supplier from amounts due or to become due to Supplier, whether under this Agreement or otherwise. Supplier shall pay any amount due to AT&T or its Affiliates that is not applied against the invoiced amounts within [] ([]) days after written demand by AT&T.


e.	Supplier agrees to accept standard, commercial methods of payment and evidence of payment obligation including, but not limited to credit card payments, purchasing cards, AT&T’s purchase orders, and electronic fund transfers, in connection with the purchase of the Services.

3.22 Labor Disputes

In the event of a labor dispute between AT&T and the union(s) representing AT&T’s employees, AT&T may exercise its right to modify the Scope of Work under any Order on immediate notice, including postponing, reducing, or terminating the Services to be provided under the Order and due to be performed after the commencement of a labor dispute. AT&T acknowledges and agrees that the exercise of such right may result in a delay in the resumption of Services when requested by AT&T.


b.	The rights and obligations of the Parties under this Section are in addition to, and not a limitation of, their respective rights under the Section entitled “Amendments and Waivers” and “Force Majeure”.

3.23 Licenses and Patents

No license, express or implied, is granted under this Agreement or an Order to Supplier for any patent, trademark, copyright, trade secret or any other intellectual property or application therefore which is now or may hereafter be owned by AT&T or its Affiliates.

3.24 Limitation of Damages

Proprietary and Confidential

Agreement No.: 20120124.035.C

With the exception of breaches of confidentiality obligations hereunder, in no event shall either Party be liable to the other for any consequential or incidental damages, however caused, based on any theory of liability.


3.25	Intentionally Omitted3.26 No Dependence

Supplier acknowledges and agrees that AT&T is not responsible for knowing Supplier’s dependence on revenues from sales to AT&T in proportion to Supplier’s revenues from other customers, and Supplier shall release, hold harmless and indemnify AT&T from any and all claims and liabilities relating to Supplier’s financial stability which may result from AT&T’s termination of this Agreement for any reason whatsoever. If requested by AT&T, Supplier shall provide such financial information as AT&T deems relevant to determine Supplier’s suitability to provide the Services.

3.27 Non-Exclusive Market

This Agreement does not grant Supplier any right or privilege to provide to AT&T any Material and Services of the type described in or purchased under this Agreement. Except for obligations arising under an Order, this Agreement does not obligate AT&T to purchase or license any such Material and/or Services. AT&T may contract with other manufacturers and vendors for the procurement or trial of Material and Services comparable to that described in or purchased under this Agreement, and AT&T may itself perform such Services.

3.28 Notices

Each Party giving or making any notice, consent, request, demand, or other communication (each, a “Notice”) pursuant to this Agreement must give the Notice in writing and use one of the following methods, each of which for purposes of this Agreement is a writing: in person; first class mail with postage prepaid; Express Mail, Registered Mail, or Certified Mail (in each case, return receipt requested and postage prepaid); internationally recognized overnight courier (with all fees prepaid); or email. Such Notice shall reference this Agreement number and Order number if applicable. If Notice is given by e-mail, it must be confirmed by a copy sent by any one of the other methods. Each Party giving Notice shall address the Notice to the appropriate person (the “Addressee”) at the receiving Party at the address listed below:

StarTek, Inc.

[*]

0000 X. Xxxxxxxxx Xxx

Xxxxx 000

Xxxxxxxxx Xxxxxxx, XX 00000

Attn: [*]

Email Address: [*]

Business Number: [*]

Mobile Number: [*]

AT&T

[*]

000 XxXxxxxxxx, 0X00

Xxx Xxxxxxx, XX 00000

Attn: [*]

Email Address: [*]

Proprietary and Confidential

Agreement No.: 20120124.035.C


b.	A Notice is effective only if the Party giving notice has complied with the foregoing requirements of this Section and the Addressee has received the Notice. A Notice is deemed to have been received as follows:


1.	If a Notice is delivered by first class mail, five (5) days after deposit in the mail;


2.	If a Notice is furnished in person, or sent by Express Mail, Registered Mail, or Certified Mail, or internationally recognized overnight courier, upon receipt as indicated by the date on the signed receipt;


3.	If a Notice is sent by e-mail, upon successful transmission to the recipient’s email account, if such Notice is sent in time to allow it to be accessible by the Addressee before the time allowed for giving such notice expires, and a confirmation copy is sent by one of the other methods.


c.	The addresses and telephone numbers to which Notices may be given to the Addressees of either Party may be changed by written Notice given by such Party to the other pursuant to this Section.

3.29 Offshore Work Permitted Under Specified Conditions

Supplier shall not perform any Services under this Agreement, nor allow such performance by any Supplier affiliate or Subcontractor (hereinafter Supplier, its affiliates and Subcontractors are collectively referred to as “Supplier Entity” or “Supplier Entities”), at a location outside the United States (“Offshore Location”) for the purpose of providing Services under this Agreement in the United States unless AT&T consents to such Services to be performed by a Supplier Entity at such Offshore Location. In the event of such consent, the physical location where the Services are to be performed; the Services to be performed at such location; and the identity of the Supplier Entity performing such Services, shall be specifically set forth in Appendix E – Offshore Work. Prior to making any additions or deletions to the physical locations, the Services to be performed at such location, or the Supplier Entities performing Services at an Offshore Location, AT&T must consent to the proposed change and the Parties shall amend Appendix E accordingly. A change in the location where a Service is performed from one Offshore Location to another AT&T approved Offshore Location shall not require an amendment to Appendix E. The requirements of this Section shall be in addition to the Sections entitled, Assignment and Delegation, and Work Done by Others.

AT&T shall have the right to withdraw its consent to the performance of Services at an Offshore Location by a Supplier Entity at any time in AT&T’s sole discretion if (i) there has been a breach of the terms of this Agreement with respect to an Offshore Location, (ii) a violation of any laws or regulations with respect to the Services performed at such Offshore Location, or (iii) the continued performance of Services at said Offshore Location constitutes a risk to AT&T’s financial or security interests or could reasonably damage AT&T’s reputation, in which event Supplier shall continue to perform such Services at a location within the United States, or at another approved Offshore Location, and the Parties shall amend Appendix E accordingly.


c.	Supplier’s compliance with this Section, and all Services performed in Offshore Locations with AT&T’s consent, shall be subject to the Section entitled Records and Audit. Supplier shall provide, and shall ensure all Supplier Entities provide, physical access to , AT&T, at no cost, to inspect all Offshore Locations.

Proprietary and Confidential

Agreement No.: 20120124.035.C


d.	Prior to interconnecting with, or otherwise accessing the AT&T internal company network, or doing any other Work at an Offshore Location, Supplier must be in compliance with all AT&T requirements for such interconnection, access or other Services.

Any Services under this Agreement performed by a Supplier Entity in an Offshore Location without AT&T’s prior consent in accordance with Subsection “a” of this Section shall be a material breach of this Agreement and, in addition to any other legal rights or remedies available to AT&T in law or in equity, AT&T may immediately Cancel this Agreement without cost, liability or penalty to AT&T other than for payment for Services rendered.

When AT&T has granted consent for Services to be performed in an Offshore Location, Supplier shall remain fully responsible for compliance with any applicable foreign, federal, state or local law for such Services regardless of whether the Service is being performed by a Supplier Entity. Nothing contained within this Agreement is intended to extend, nor does it extend, any rights or benefits to any Subcontractor, and no third party beneficiary right is intended or granted to any third party hereby.

Supplier shall advise AT&T as soon as reasonably practicable prior to any change of Control of any of the Supplier Entities. AT&T may, but shall not be obligated to, Cancel all or part of the Agreement or applicable Order, at AT&T’s option, if, without prior consent of AT&T, through merger or acquisition or other means, there is a change in the Control of any of the Supplier Entities performing the Services at the Offshore Location(s). “Control” means the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies by one person or entity or a group of persons or entities acting in concert; provided, however, that the legal or beneficial ownership, directly or indirectly, by persons or entities, including governmental entities, acting alone or in concert, of more than [*] percent ([*]%) of the voting stock for the election of directors of a party shall always be deemed Control.

3.30 Order of Precedence

The terms of this Agreement govern all Orders for Materials and Services that AT&T may place with Supplier while this Agreement remains in effect. The Parties may not vary or supplement the terms of this Agreement, in connection with any Order, except by Special Terms and Conditions contained in an Order. When Special Terms and Conditions are included in an Order and agreed upon, such take precedence over any inconsistent term of this Agreement, but only with reference to the transaction governed by that Order, and Special Terms and Conditions in an Order have no other force or effect. This Agreement supersedes all other pre-printed or standardized provisions that may otherwise appear in any other paper or electronic record of either Party (such as standards terms on order forms, advance shipping notices, invoices, time sheets, packages, shrink wrap terms, and click wrap terms).

3.31 Orders


a.	AT&T may order Services by submitting written Orders in connection with this Agreement.


b.	Orders shall contain the following information, as applicable:


1.	A description of the Material and Services;

Proprietary and Confidential

Agreement No.: 20120124.035.C


2.	Performance metrics, including applicable payment adjustments;


3.	The requested Delivery Date; and/or performance schedule of the Material and Services;


4.	Pricing or rates;


5.	The location where Work is to be performed;


6.	The location to which invoices are to be rendered for payment;


7.	AT&T’s Order number;


8.	The maximum total expenditure authorized, if applicable;


9.	AT&T Vendor Manager(s);


10.	Supplier single point of contact for the Order;.


11.	The name of the Affiliate placing the Order; and


12.	Any Special Terms and Conditions.


c.	The terms in this Agreement shall apply to Orders submitted in connection with this Agreement. In the event of a conflict or inconsistency between this Agreement and any Order, the Order shall control for purposes of that Order.


d.	Except as otherwise provided in an Order, Supplier shall provide Material and/or Services for AT&T in accordance with the General Business Requirements set forth in Appendix D.

3.32 Ownership of Paid for Development, Use and Reservation of Rights

Ownership and Use of Rights and Items. AT&T shall be the exclusive owner of all right, title, and interest in and to all Paid-For Development (defined below), including, without limitation, all Intellectual Property Rights. Therefore, Supplier hereby agrees to assign or have assigned to AT&T and hereby assigns all Intellectual Property Rights in and to the Paid-For Development. “Paid-For Development” shall mean any and all Items to the extent produced or developed by or on behalf of Supplier or its employees, agents, or direct or indirect contractors or Suppliers (and whether completed or in-progress), or forming part of any deliverable, pursuant to this Agreement (including, without limitation under any statement of work exhibit, order or other document under, subordinate to, or referencing this Agreement) (collectively “Agreements”) for the development of which AT&T has been charged monies in one or more of the Agreements (“Development Fees”). Payment of standard license fees or standard maintenance and support fees shall not be deemed payment of Development Fees under this subsection. Paid-For Development shall always exclude all Excluded Materials, but shall include (without limitation) any modifications, alterations or updates of any Excluded Materials (“Enhancements”) that otherwise fall within the definition of Paid-For Development (“Paid-For Enhancements”). AT&T’s ownership of Paid-For Enhancements shall, of course, be subject to Supplier’s underlying rights and ownership in Supplier’s Pre-Existing Material.

“Items” shall mean any or all inventions, discoveries, ideas, (whether patentable or not), and all works and materials, including but not limited to products, devices, computer programs, source codes, designs, files, specifications, texts, drawings, processes, data or other information or documentation in preliminary or final form, and all Intellectual Property rights in or to any of the foregoing.

“Excluded Materials” shall mean: i) Supplier’s Pre-Existing Materials; ii) Supplier’s Independently Developed Materials; and iii) Supplier’s Mere Reconfigurations.

“Supplier’s Pre-Existing Materials” shall mean those Items owned by Supplier to the extent and in the form that they both existed prior to the date Supplier began any work under this Agreement and were

Proprietary and Confidential

Agreement No.: 20120124.035.C

created without any use of any AT&T Items. Supplier’s Pre-Existing Materials shall not, however, include Paid-For Enhancements thereto.

“Supplier’s Independently Developed Materials” shall mean those Items that have been developed by Supplier, or on Supplier’s behalf, both a) without use of any AT&T Items; and b) independently of any work performed under any Agreements.

“Supplier’s Mere Reconfigurations” means those specific reconfigurations of Supplier’s pre-existing software performed by Supplier, or on Supplier’s behalf, but only to the extent that such reconfiguration is an alteration to such software which is strictly required to permit Supplier's software to function on AT&T’s network or service platform. In no event shall Supplier’s Mere Reconfigurations include enhancements, modifications, or updates that are not contained in Supplier’s Pre-Existing Materials and that add any features, functionality, or capabilities.

“Intellectual Property Rights” means all patents (including all reissues, divisions, continuations, and extensions thereof) and patent applications, trade names, trademarks, service marks, logos, trade dress, copyrights, trade secrets, mask works, rights in technology, know-how, rights in content (including but not limited to performance and synchronization rights), or other intellectual property rights, protected under the laws of any governmental authority having jurisdiction.

License Grant to Excluded Materials. If and to the extent that Supplier embeds any Excluded Materials in the Paid-For Development, Supplier hereby grants and promises to grant and have granted to AT&T and its Affiliates a royalty-free, nonexclusive, sublicensable, assignable, transferable, irrevocable, perpetual world-wide license, in and to the Excluded Materials and any applicable Intellectual Property Rights of Supplier to use, copy, modify, distribute, display, perform, import, make, sell, offer to sell, and exploit (and have others do any of the foregoing on or for AT&T’s or any of its customer’s behalf or benefit) the Excluded Materials but only as imbedded in the Paid-For Development by Supplier.

Further Acts and Obligations. Supplier will take or secure such action (including, but not limited to, the execution, acknowledgment, delivery and assistance in preparation of documents or the giving of testimony) as may be reasonably requested by AT&T to evidence, transfer, perfect, vest or confirm AT&T’s right, title and interest in any Paid-For Development. Supplier shall, in all events and without the need of AT&T’s request, secure all Intellectual Property Rights in any Paid-For Development (and any licenses specified above in any Excluded Materials) from each employee, agent, subcontractor or sub-supplier of Supplier who has or will have any rights in the Paid-For Development or Excluded Materials.

AT&T Reservation of Rights and Limited License. The Parties hereby acknowledge and agree that notwithstanding any other provision in this Agreement, AT&T is not transferring or granting to Supplier any right, title, or interest in or to (or granting to Supplier any license or other permissions in or to) any or all: a) Items created by or on behalf of AT&T or directly or indirectly provided to Supplier (in any form, including, without limitation, verbally) by or on behalf of AT&T or its third party providers (“AT&T Provided Items”); b) Paid For Development or c) Intellectual Property Rights, including, without limitation, any Intellectual Property Rights in or to any Items or Paid-for Development. The sole exception to the foregoing reservation of rights is that AT&T hereby grants Supplier a limited, nonexclusive, non-transferable license (that shall automatically terminate upon the termination of this Agreement), under any rights owned by AT&T, to use the AT&T Provided Items and Paid-For Development solely as instructed by AT&T and to the extent necessary for Supplier to perform its obligations under this Agreement, subject further to the terms and conditions of this Agreement. In no way expanding the foregoing license, said license in no manner permits Supplier to

Proprietary and Confidential

Agreement No.: 20120124.035.C

(and Supplier hereby promises not to without the explicit prior written and signed consent of AT&T Intellectual Property, Inc. (“ATTIPI Consent”)) make use of any AT&T Provided Items, Paid-For Development or AT&T Intellectual Property Rights either for the benefit of any third party or other than as instructed in writing by AT&T. (AT&T may be very willing, in its sole discretion, to grant ATTIPI Consent in exchange for appropriate additional compensation). Paid-For Development and AT&T Provided Items shall constitute AT&T confidential Information under this Agreement.

3.33 Price

Supplier shall furnish Material and Services in accordance with the prices set forth in an Order. The prices for all Material and Services purchased hereunder are subject to change only in accordance with this Agreement or the Order, which changes must be in writing and signed by both Parties. If Supplier at any time makes a general price decrease, Supplier shall promptly notify AT&T in writing and extend such decrease to AT&T effective on the date of such general price decrease. The prices in an Order are not subject to increase during the term of an Order.

3.34 Publicity

Supplier shall not use AT&T’s or its Affiliates’ names, trademarks, service marks, designs, logos or symbols. In addition, Supplier shall not use any language or pictures which could in AT&T’s judgment imply AT&T’s or its Affiliates’ identities, or endorsement by AT&T, its Affiliates or any of its or their employees, in any (i) written, electronic, or oral advertising or presentation, or sales meeting, or (ii) brochure, newsletter, book, electronic database, testimonial quotation, thank-you letter, reference letter or other communication of whatever nature.

3.35 Quality Assurance


a.	Supplier shall use and document quality assurance and quality control processes sufficient to meet its obligations under this Agreement and Orders. Supplier shall provide copies of its processes upon AT&T request.


b.	Supplier shall monitor CSRs for compliance with the standards set forth in this Agreement and an Order.


c.	Supplier shall provide adequate and timely monitoring, coaching, and feedback to each CSR to ensure that Supplier Services meets the performance criteria contained in this Agreement and an Order. The adequacy and timing of Supplier’s monitoring, coaching and feedback shall be at Supplier’s discretion

If Supplier or any of its Supplier Facilities is not meeting the performance standards contained in this Agreement or an Order, Supplier shall immediately investigate the situation, take any internal management action that is necessary to meet the applicable standards, and contact the AT&T Vendor Manager to discuss the issue. Supplier shall provide AT&T with a copy of any documentation that is reasonably related to the missed performance standards upon request.

Supplier shall collect and submit data to AT&T related to Supplier’s performance in the format and according to the timeline contained in each Order. All such reports or data shall be accurate, complete, and timely.


e.	Supplier shall record Customer calls and capture screenshots, which may include chat and e-mails, if and as outlined in an Order. Call recordings and screen captures are and shall remain AT&T confidential Information. Supplier shall not use, excerpt, summarize, or disseminate such calls in any manner without the prior written consent of AT&T.

Proprietary and Confidential

Agreement No.: 20120124.035.C


f.	Supplier shall provide AT&T or its designated third party, pursuant to applicable law, with access to Supplier’s recorded calls, which may include chat and e-mails, handled at Supplier Facilities in support of this Agreement without the intervention of Supplier’s personnel.


g.	Supplier shall provide a list to AT&T within [] ([]) minutes or less when requested by AT&T of IDs and locations of CSRs who are currently logged into Supplier's systems. Supplier shall provide such list via secured web access or via access to Supplier’s workforce management system.

Supplier shall ensure that CSRs are aware that from time to time their work may be observed or recorded without their knowledge by Supplier or a designated third party, however, Supplier shall not provide specific advance notice to CSR when such observations and/or recordings are to occur. Supplier shall make the necessary system and process changes at no cost to AT&T or its designated third party, to comply with the requirements set forth in this Section.


i.	Notwithstanding any other provision of the Agreement, AT&T may use a third party to exercise any right or perform any obligation AT&T may have under this Section.

3.36 Records and Audits


a.	Supplier shall maintain complete and accurate records relating to the Work and the performance of this Agreement. AT&T and its auditors (including internal audit staff and external auditors) and governmental authorities shall have the right to review such records (“AT&T Audits”), to verify the following:


1.	the accuracy and integrity of Supplier’s invoices and AT&T’s payment obligations hereunder;


2.	that the Work charged for was actually performed;


3.	that the Services have been and are being provided in accordance with this Agreement;


4.	the integrity of Supplier’s systems that process, store, support, maintain, and transmit AT&T data;


5.	the performance of Supplier’s Subcontractors with respect to any portion of the Services; and


6.	that Supplier and its Subcontractors are complying with Laws.


b.	Supplier shall provide and shall require that its Subcontractors provide to AT&T, its auditors (including internal audit staff and external auditors), and governmental authorities access at all reasonable times to:


1.	any facility at which the Services or any portion thereof are being performed;


2.	systems and assets used to provide the Services or any portion thereof;


3.	Supplier employees and Subcontractor employees providing the Services or any portion thereof; and


4.	all Supplier and Subcontractor records, including financial records relating to the invoices and payment obligations and supporting documentation, pertaining to the Services.

The scope of AT&T Audits shall also include:


1.	practices and procedures used in performing the Services;


2.	systems, communications and information technology used in performing the Services;


3.	general controls and security practices and procedures;


4.	supporting information and calculations regarding invoices and compliance with service requirements;


5.	quality initiatives and quality assurance; and


6.	compliance with the terms of this Agreement.

AT&T’s access to the records and other supporting documentation shall include the right to inspect and photocopy Supplier’s documentation and the documentation of its Subcontractors, and the right to retain

Proprietary and Confidential

Agreement No.: 20120124.035.C

copies thereof outside of their physical location with appropriate safeguards, if such retention is deemed reasonably necessary by AT&T.

AT&T Audits may be conducted once a year (or more frequently if requested by governmental authorities who regulate AT&T’s business, if required by applicable Law or if auditors require follow-up access to complete audit inquiries or if an audit uncovers any problems or deficiencies), upon at least [*] ([*]) business days advance notice (unless otherwise mandated by Law). Supplier will cooperate, and will ensure that its Subcontractors cooperate, in the AT&T Audits, and will make the information reasonably required to conduct the AT&T Audits available on a timely basis.

If, as a result of an AT&T Audit, AT&T determines that Supplier overcharged AT&T, then AT&T will notify Supplier of the amount of such overcharge and Supplier will promptly pay to AT&T the amount of the overcharge along with interest from the date of the overcharge. If any such AT&T Audit reveals an overcharge to AT&T during any [*]-month period exceeding [*] percent ([*]%) of all charges in the aggregate paid by AT&T hereunder during such period, then Supplier will reimburse AT&T for the cost of such AT&T Audit. If, as a result of an AT&T Audit, AT&T determines that Supplier has not performed or has unsatisfactorily performed any obligation under this Agreement, then Supplier will promptly remedy the non-performance or unsatisfactory performance.

Supplier will maintain and retain the records set forth in Subsection (a) during the term of the Agreement and for [*] ([*]) years thereafter (unless a discovery or legal hold request is made with respect to such records, in which case Supplier shall retain such records until AT&T notifies Supplier that such discovery or legal hold request has expired). Supplier will provide AT&T, at AT&T’s request, with paper and electronic copies of documents and information reasonably necessary to verify Supplier’s compliance with this Agreement. Upon notification by AT&T of a discovery or legal hold request, Supplier shall fully cooperate with such request and immediately preserve any Supplier records covered by such request and promptly provide such Supplier records requested by AT&T related to the inquiry.

Except as provided in Subsection (d), all reasonable out-of-pocket costs and expenses incurred by AT&T in connection with an AT&T Audit shall be paid by AT&T. Supplier shall be solely responsible for all costs and expenses incurred by Supplier in connection with its obligations under this Section. In the event that either Party requires that an audit be performed by an independent auditor, unless otherwise specified herein, the Party requesting such independent auditor will be responsible for the costs and expenses associated with the independent auditor.


g.	With respect to AT&T requests for audits or inspections of Supplier subcontractors, the following applies:

i.If Supplier’s agreement with its applicable subcontractor permits an AT&T Audit, AT&T shall be permitted to conduct such audit directly or through a third party representative from Deloitte unless otherwise agreed to by the parties. Supplier shall work with AT&T in facilitating the subcontractor’s cooperation for an expeditious and thorough audit or inspection.

ii.If Supplier’s contract with its applicable subcontractor precludes AT&T from directly conducting an audit or inspection, Supplier shall use reasonable best efforts to enable AT&T to perform an audit of the subcontractor with Supplier coordinating the audit process. Failing those efforts, Supplier shall, upon AT&T’s request, conduct the audit or inspection on behalf of AT&T, subject to terms agreed to by Supplier and AT&T for the subcontractor audit, such as areas to be audited, applicable fees, and the timeframe for reporting audit results to AT&T. If AT&T’s request for a Supplier audit or inspection arises from, in AT&T’s good faith opinion, materially or consistently deficient Service provided by the subcontractor under AT&T’s account, and the audit in both Parties’ opinions confirms such deficiencies,

Proprietary and Confidential

Agreement No.: 20120124.035.C

Supplier shall not charge AT&T a fee for the Supplier’s audit of its subcontractor. Any audit conducted by a third party representative pursuant to this clause (ii) of this Subsection (g) shall either be performed by Deloitte as provided above or as otherwise agreed to by the parties.

3.37 Severability

If any provision of this Agreement or any Order is determined to be invalid, illegal, or unenforceable, the Parties agree that the remaining provisions of this Agreement or such Order shall remain in full force if both the economic and legal substance of the transactions contemplated by this Agreement or such Order are not affected in any manner that is materially adverse to either Party by severing the provision determined to be invalid, illegal, or unenforceable.

3.38 Supplier Citizenship and Sustainability

Supplier shall conduct business with an abiding respect for corporate citizenship, sustainability, and human rights (“Citizenship and Sustainability”). As such, to the extent Supplier has an existing Citizenship and Sustainability program, such program shall be no less stringent than AT&T’s Principles of Conduct for Suppliers available at: xxxx://xxx.xxxxxxxxxxxx.xxx/xxxx/XxxxxxxxXxxxxxxxxxxxxxXxxxxxxxxx.xxx and the AT&T Human Rights in Communication Policy available at: xxxx://xxx.xxx.xxx/Xxxxxx/xxxxx_xx/xxxxxxxxx/Xxxxx_Xxxxxx_Xxxxxxxxxxxxxx_Xxxxxx.xxx (as amended from time-to-time) (“AT&T Citizenship and Sustainability Policies”). In the event that Supplier does not have a Citizenship and Sustainability program, or such program does not address all areas addressed in the AT&T Citizenship and Sustainability Policies, Supplier shall conduct its business operations in a manner consistent with the AT&T Citizenship and Sustainability Policies.

Upon AT&T’s request, Supplier shall provide to AT&T such information, reports, or survey responses as AT&T deems necessary to periodically monitor Supplier’s business operations in the context of Citizenship and Sustainability. Supplier shall respond to such requests within timelines as set forth by AT&T.

3.39 Survival of Obligations

Obligations and rights under this Agreement or an Order, which by their nature would reasonably continue beyond the termination or expiration of this Agreement or an Order (including those in the Sections entitled “Compliance with Laws,” “Conflict of Interest,” “Information, ” “Indemnity,” “Infringement,” “Insurance,” “Licenses and Patents,” “Limitation of Damages,” “Publicity,” “AT&T Supplier Information Security Requirements (SISR)” and “Warranty”) will survive the termination or expiration of this Agreement or such Order.

3.40 Taxes

Supplier shall invoice AT&T the amount of any federal excise taxes and state and local sales taxes imposed upon the sale of Material and provision of Services under this Agreement. All such taxes must be stated as separate items on a timely invoice listing the taxing jurisdiction imposing the tax. Installation, labor and other non-taxable charges must be separately stated. AT&T shall pay all applicable taxes to Supplier that are stated on and at the time the Material or Services invoice is submitted by Supplier. Supplier shall remit taxes to the appropriate taxing authorities. Supplier shall honor tax exemption certificates, and other appropriate documents, which AT&T may submit, pursuant to relevant tax provisions of the taxing jurisdiction providing the exemption.


b.	Supplier shall pay any penalty, interest, additional tax, or other charge that may be levied or assessed as a result of the delay or failure of Supplier, for any reason, to pay any tax or file any return or information required by law, rule or regulation or by this Agreement to be paid or filed by Supplier.

Proprietary and Confidential

Agreement No.: 20120124.035.C

Upon AT&T’s request, the Parties shall consult with respect to the basis and rates upon which Supplier shall pay any taxes or fees for which AT&T is obligated to reimburse Supplier under this Agreement. If AT&T determines that in its opinion any such taxes or fees are not payable, or should be paid on a basis less than the full price or at rates less than the full tax rate, AT&T shall notify Supplier in writing of such determinations, Supplier shall make payment in accordance with such determinations, and AT&T shall be responsible for such determinations. If collection is sought by the taxing authority for a greater amount of taxes than that so determined by AT&T, Supplier shall promptly notify AT&T. If AT&T desires to contest such collection, AT&T shall promptly notify Supplier. Supplier shall cooperate with AT&T in contesting such determination, but AT&T shall be responsible and shall reimburse Supplier for any tax, interest, or penalty in excess of AT&T’s determination.

If AT&T determines that in its opinion it has reimbursed Supplier for any taxes in excess of the amount that AT&T is obligated to reimburse Supplier, AT&T and Supplier shall consult to determine the appropriate method of recovery of such excess reimbursements. Supplier shall credit any excess reimbursements against tax reimbursements or other payments due from AT&T if and to the extent Supplier can make corresponding adjustments to its payments to the relevant tax authority. At AT&T’s request, Supplier shall timely file any claims for refund and any other documents required to recover any other excess reimbursements, and shall promptly remit to AT&T all such refunds and interest received.

If any taxing authority advises Supplier that it intends to audit Supplier with respect to any taxes for which AT&T is obligated to reimburse Supplier under this Agreement, Supplier shall (i) promptly so notify AT&T, (ii) afford AT&T an opportunity to participate on an equal basis with Supplier in such audit with respect to such taxes and (iii) keep AT&T fully informed as to the progress of such audit. Each Party shall bear its own expenses with respect to any such audit unless such audit is a result of a determination by AT&T under subsection C above in which case AT&T will pay all expenses of Supplier, and the responsibility for any additional tax, interest or penalty resulting from such audit is to be determined in accordance with the applicable provisions of this Taxes Section. Supplier failure to comply with the notification requirements of this Taxes Section will relieve AT&T of its responsibility to reimburse Supplier for taxes only if Supplier failure materially prejudiced AT&T’s ability to contest imposition or assessment of those taxes.

In addition to its rights under Subsections c., d., and e. above with respect to any tax or tax controversy covered by this Taxes Section, AT&T is entitled to contest, pursuant to applicable law and tariffs, and at its own expense, any tax previously invoiced that it is ultimately obligated to pay. AT&T is entitled to the benefit of any refund or recovery of amounts that it has previously paid resulting from such a contest. Supplier shall cooperate in any such contest, but AT&T shall pay all costs and expenses incurred in obtaining a refund or credit for AT&T.


g.	If either Party is audited by a taxing authority or other governmental entity in connection with taxes under this Taxes Section, the other Party shall reasonably cooperate with the Party being audited in order to respond to any audit inquiries in an appropriate and timely manner, so that the audit and any resulting controversy may be resolved expeditiously.

AT&T and Supplier shall reasonably cooperate with each other with respect to any tax planning to minimize taxes. The degree of cooperation contemplated by this Section is to enable any resulting tax planning to be implemented and includes, but is not limited to: (i) Supplier installing and loading all of the Software licensed by AT&T, and retaining possession and ownership of all tangible personal property, (ii) Supplier installing, loading and/or transferring the Software at a location selected by AT&T, and (iii) Supplier Delivering all of the Software in electronic form. AT&T shall bear all reasonable external (paid to third parties), additional expenses incurred by Supplier to comply with the provisions of this subsection, but AT&T's advance written consent is required whenever these expenses for any Software item or update are expected to exceed [*] dollars ($[*]) or [*] percent ([*]%) of the cost of the item or update, whichever

Proprietary and Confidential

Agreement No.: 20120124.035.C

is less. Supplier cooperation is not an agreement with, or guarantee of, the taxability or non-taxability of the transaction.

3.41 Termination

Termination for Convenience - AT&T may at any time, for its own convenience and without cause, by providing Supplier written notice, terminate this Agreement and/or any Order placed hereunder in whole or in part. At the request of AT&T, Supplier shall Deliver the Material and Services-in-progress to AT&T. Except as provided in subsection e below, AT&T shall have no liability or obligation for such termination.

Termination for Cause - If either Party breaches any provision of this Agreement and/or any Order, and (i) if the breach is one that by its nature could be cured, and such breach is not cured within [*] ([*]) days after the breaching Party receives written notice, or (ii) if the breach is one that by its nature cannot be cured, or (iii) if the breach is a violation of Laws, then, in addition to all other rights and remedies at law or in equity or otherwise, the non-breaching Party shall have the right upon written notice to immediately terminate this Agreement and/or any such Order without any obligation or liability. Failure of the non-breaching Party to immediately terminate this Agreement and/or any Order (x) following a breach which continues longer than such cure period, provided such breach has not been cured prior to the non-breaching Party’s providing notice of termination, or (y) following a breach that cannot be cured or that constitutes a violation of Laws shall not constitute a waiver of the non-breaching Party’s rights to terminate. If AT&T terminates an Order for cause, Supplier shall refund any amounts AT&T may have previously paid for Material and Services that AT&T returns or does not Accept; and reimburse AT&T for any cost incurred in returning Material to Supplier and restoring AT&T’s site to its previous condition. If AT&T returns or rejects any Material to which title has already passed, title in such Material shall revert to Supplier when Supplier satisfies its refund and reimbursement obligations under the preceding sentences. Supplier bears the risk that such Material may be lost or damaged in transit.

Partial Termination - Whenever law or a provision of this Agreement permits AT&T to terminate any Order, AT&T may, at its option, terminate such Order either in whole or in part. If AT&T terminates an Order in part, AT&T shall pay only for such Material and Services as AT&T Accepts at prices established under this Agreement or, if there are none, at prices calculated on the basis of such partially terminated Order, and, unless a termination charge applies, AT&T has no obligation to pay for such Material and Services as AT&T does not Accept.


d.	Termination of Related Orders - Whenever law or a provision of this Agreement permits AT&T to terminate any Order, AT&T may also terminate such other Orders as are related to the same transaction or series of transactions as the Order in question.


e.	Termination Charges -


1.	Except as provided below, in the event AT&T terminates any Order for convenience or AT&T is in breach of any Order that precludes Supplier from completing Delivery, AT&T shall pay Supplier, as Supplier’s sole and exclusive remedy for detriment resulting from AT&T’s termination of or breach preventing Delivery under an Order, the lesser of:


i.	the price of such Material and Services, as derived from the Order, or


ii.	the actual costs Supplier incurred to prepare the Material or perform the Services up to the date of termination, as determined under normal cost accounting methods, less salvage value, if salvage is permitted by AT&T. For purposes of this Section, “salvage value” includes the proceeds of the

Proprietary and Confidential

Agreement No.: 20120124.035.C

sale of the Material and Services to another customer and/or the costs Supplier avoids as a result of re-applying Material and Services to meet other needs of AT&T, the needs of other customers, or Supplier’s own internal needs within [*] ([*]) days following the Delivery Date scheduled in the Order. Supplier shall make reasonable efforts to maximize salvage value. All such costs, avoided costs, and values are subject to substantiation by proof satisfactory to AT&T before any payment may become due.


2.	AT&T is not liable to Supplier for any detriment resulting from termination of an Order for Material not specially manufactured for AT&T when termination of such Order occurs more than [] ([]) days before the Delivery Date.


3.	If AT&T incurs a termination charge as provided in this Section, and AT&T or an Affiliate places an Order for Material and Services equivalent to that for which such termination charge is incurred within [] ([]) days after AT&T incurs such termination charge, then Supplier shall refund such termination charge to AT&T.


4.	AT&T is not liable for any termination charges in any case when termination results from the agreement of the Parties.

Obligations upon Expiration or Termination - Upon expiration or termination of this Agreement or any Order, Supplier shall, upon the request of AT&T: (i) return all papers, materials and property of AT&T held by Supplier and (ii) provide reasonable assistance as may be necessary for the orderly, non-disrupted continuation of AT&T’s business. Supplier also agrees to assist AT&T in coordinating the transfer of the provision of the Services to a successor supplier, which shall include continuing to provide the required level of Services until the date of expiration or termination and providing the successor supplier with all pertinent information about the Services.

3.42 Third Party Administrative Services


a.	Supplier acknowledges that a third party administrator will perform certain administrative functions for AT&T in relation to this Agreement. Such administrative functions may include:


1.	Collecting and verifying certificates of insurance


2.	Providing financial analysis;


3.	Verifying certifications under the Section entitled “Utilization of Minority, Women, and Disabled Veteran Owned Business Enterprises”; and


4.	Collecting and verifying Supplier profile information.

Supplier shall cooperate with such third party administrator in its performance of such administrative functions and shall provide such data as from time to time the third party administrator may request. Further, notwithstanding any other provision of this Agreement, Supplier agrees that AT&T may provide any information regarding Supplier to such third party administrator. AT&T shall contractually require the third party administrator to maintain confidentiality of Supplier’s information with rights to use it solely for purposes of the administrative functions. Supplier agrees to pay the third party administrator an annual fee for the performance of these administrative functions, which annual fee shall not exceed [*] dollars ($[*]), and a one time set-up fee of [*] ($[*]).

3.43 Transaction Costs

Except as expressly provided in this Agreement or an Order, each Party shall bear its own fees and expenses (including the fees and expenses of its CSRs, agents, representatives, attorneys, and accountants) incurred in

Proprietary and Confidential

Agreement No.: 20120124.035.C

connection with the negotiation, drafting, execution, and performance of this Agreement and the transactions it contemplates.

3.44 Utilization of, Minority, Women, and Disabled Veteran Owned Business Enterprises


a.	It is the policy of AT&T that minority, women, and disabled veteran owned business enterprises (“MWDVBEs”) shall have the maximum practicable opportunity to participate in the performance of contracts.

Supplier shall make good faith efforts to carry out this policy in the award of subcontracts, distribution agreements, resale agreements, and other opportunities for MWDVBE participation. In furtherance of those efforts, and not as a limitation, Supplier shall submit annual participation plans, at the time of Agreement execution and each subsequent year by [*], establishing Supplier’s goals for the upcoming year for participation by minority owned business enterprises (“MBE”), women owned business enterprises (“WBE”) and disabled veteran business enterprises (“DVBE”), with “participation” expressed as a percentage of aggregate estimated annual purchases by AT&T for the coming year under this Agreement. Supplier shall include specific and detailed plans for achieving its goals in each participation plan. Supplier’s participation goals for the first year (that is, the calendar year that ends on [*] next following the effective date of this Agreement) are: [*]% annual MBE participation; [*]% annual WBE participation; and [*]% annual DVBE participation. Supplier’s participation plan for the [*] year is attached to and incorporated into this Agreement as Appendix G.

By the [*] day following the close of each calendar month, Supplier shall, in a format and manner acceptable to AT&T, report actual results of its efforts to meet its goals during the preceding calendar month as directed in Appendix G. When reporting its results, Supplier shall count only expenditures with MWDVBEs that are certified as MBE, WBE, or DVBE firms by certifying agencies that are recognized by AT&T, as listed on Appendix G.


d.	Supplier shall inform prospective MBE, WBE, and DVBE subcontractors of their opportunities to apply for certification from the agencies listed in Appendix G.


e.	The extent to which suppliers (a) set challenging goals in their annual participation plans and (b) succeed in exceeding the goals that they have set are factors that AT&T may consider favorably when deciding to extend or renew expiring agreements, to apportion orders among competing suppliers under existing agreements, and to award new business in competitive bidding.


f.	Supplier’s obligations under this Section are not a limitation of any obligations that Supplier may have under other provisions of this Agreement, including the Section entitled “Government Contract Provisions”.

3.45 Warranty

Supplier warrants to AT&T that any Services provided hereunder shall be performed in a first-class, professional manner, in strict compliance with the Specifications, and with the care, skill, and diligence, and in accordance with the applicable standards, currently recognized in Supplier profession or industry. If Supplier fails to meet applicable professional standards, Supplier shall, without additional compensation, promptly correct or revise any errors or deficiencies in the Services furnished hereunder.


b.	The warranty period for Services shall be the longer of the warranty period stated in the Order, the Specifications, or [] ([]) year. The warranty period shall commence upon Acceptance.


c.	Supplier represents and warrants that: there are no actions, suits, or proceedings, pending or threatened, which will have a material adverse effect on Supplier ability to fulfill its obligations under this Agreement; it shall immediately notify AT&T if, during the Term of this Agreement, Supplier becomes aware of any

Proprietary and Confidential

Agreement No.: 20120124.035.C

action, suit, or proceeding, pending or threatened, which may have a material adverse effect on Supplier ability to fulfill the obligations under this Agreement or any Order; Supplier has all necessary skills, rights, financial resources, and authority to enter into this Agreement and related Orders and to provide or license the Services, including that the Services will not infringe any patent, copyright, or other intellectual property interest; no consent, approval, or withholding of objection is required from any entity, including any governmental authority with respect to the entering into or the performance of this Agreement or any Order; the Services shall be provided free of any lien or encumbrance of any kind; Supplier shall be fully responsible and liable for all acts, omissions, and Work performed by any of its Representatives, including any subcontractor; that all Representatives, including subcontractors, will strictly comply with the provisions specified in this Agreement; Supplier is registered and authorized to do business in the jurisdiction in which Services are being provided and Supplier shall fully comply with the terms of this Agreement and any Order, including those specified in any Appendix or Appendices thereto.


d.	All warranties shall survive inspection, Acceptance, payment and use. These warranties shall be in addition to all other warranties, express, implied, or statutory. Supplier shall defend, indemnify, and hold AT&T harmless for a breach of these warranties.

If at any time during the warranty period for Material or Services AT&T believes there is a breach of any warranty, AT&T will notify Supplier setting forth the nature of such claimed breach. Supplier shall promptly investigate such claimed breach and shall either (i) provide information satisfactory to AT&T that no breach of warranty in fact occurred or (ii) at no additional charge to AT&T, promptly take such action as may be required to correct such breach. If the required corrective action is to re-perform the Services and/or repair the Material, and if Supplier fails or refuses to make such repairs and/or re-perform such Services, then, in addition to any other remedies, ATT shall have the right, at its option, either (1) to perform such Services and to repair such Material, at Supplier’s expense; or (2) to receive a full refund of any amounts paid for such Material and Services.


f.	If a breach of warranty has not been corrected within a commercially reasonable time, or if [] or more breaches of warranty occur in any [] ([*]) day period, AT&T may terminate the applicable Order.

3.46 Work Done By Others

If any part of Supplier’s Work is dependent upon Work performed by others or subcontracted consistent with the terms herein, Supplier shall inspect and promptly report to AT&T any defect that renders such other Work unsuitable for Supplier’s proper performance. Supplier’s silence shall constitute approval of such other Work as fit, proper and suitable for Supplier’s performance of its Services or provision of Materials. Any use of, including any changes to the use of, a Subcontractor must be approved by AT&T in writing before commencement of the Work. Supplier shall provide to AT&T, upon request, information about the Subcontractor including the identity, location, and a complete description of the activities to be performed by such Subcontractor. Where a portion of the Work is approved to be subcontracted, Supplier remains fully responsible for performance thereof and shall be responsible to AT&T for the acts and omissions of any Subcontractor. Nothing in this Agreement shall create any contractual obligation nor other liability of AT&T to any Subcontractor or its employees. Supplier agrees to bind every Subcontractor to terms consistent with the terms of this Agreement and, specifically, to compliance with the Insurance Section of this Agreement.

3.47 Work Location

Supplier shall perform the Services in Facility(ies) specifically set forth in the Order governing such Services. If Supplier requests that the Services be performed at another Supplier Facility(ies), Supplier shall obtain prior written authorization from AT&T for such change and such change shall be at Supplier's sole and exclusive cost. The notification shall include Supplier’s migration plan recommendations, which shall include running parallel processes to guarantee that performance metrics are met. AT&T reserves the right to accept and/or

Proprietary and Confidential

Agreement No.: 20120124.035.C

reject such request at its sole discretion. In the event AT&T approves a Facility(ies) change, Supplier shall continue to meet the current performance metrics during the transition period.

4.0 Special Terms

4.1 Access

When appropriate, Supplier shall have reasonable access to AT&T’s premises during normal business hours, and at such other times as may be agreed upon by the Parties to enable Supplier to perform its obligations under this Agreement. Supplier shall coordinate such access with AT&T’s designated representative prior to visiting such premises. Supplier shall ensure that only persons employed by Supplier or subcontracted by Supplier will be allowed to enter AT&T’s premises. If AT&T requests Supplier or its subcontractor to discontinue furnishing any person provided by Supplier or its subcontractor from performing Work on AT&T’s premises, Supplier shall immediately comply with such request. Such person shall leave AT&T’s premises immediately and Supplier shall not furnish such person again to perform Work on AT&T’s premises without AT&T’s written consent. The Parties agree that, where required by governmental regulations, Supplier will submit satisfactory clearance from the U.S. Department of Defense and/or other federal, state or local authorities.

AT&T may require Supplier or its Representatives, including employees and subcontractors, to exhibit identification credentials, which AT&T may issue to gain access to AT&T’s premises for the performance of Services. If, for any reason, any Supplier Representative is no longer performing such Services, Supplier shall immediately inform AT&T. Notification shall be followed by the prompt delivery to AT&T of the identification credentials, if issued by AT&T. Supplier agrees to comply with AT&T’s corporate policy requiring Supplier or its Representatives, including employees and subcontractors, to exhibit their company photo identification in addition to the AT&T issued photo identification when on AT&T’s premises.

Supplier shall ensure that its Representatives, including employees and subcontractors, while on or off AT&T’s premises, will perform Work which (i) conform to the Specifications, (ii) protect AT&T’s Material, buildings and structures, (iii) does not interfere with AT&T’s business operations, and (iv) perform such Services with care and due regard for the safety, convenience and protection of AT&T, its employees, and property.


d.	Supplier shall ensure that all persons furnished by Supplier work harmoniously with all others when on AT&T’s premises.

4.2 AT&T Electronic Privacy Policy

Supplier and all Supplier personnel shall abide by the following policy AT&T has established for all electronic information systems:

AT&T electronic and computer resources are provided for the transaction of company business. The policy of AT&T with respect to Information in electronic media (including but not limited to programs, databases, files, e-mail records) is no different from the policy concerning paper records. While AT&T at all times retains the right to inspect, record and/or remove all Information made or kept by employees utilizing company resources, such inspection, recording, or removing takes place only on the basis of company need. Need includes but is not limited to management’s determination that reasonable cause exists for belief that Laws, AT&T policies or management directives have been, are being, or may be broken or violated.

Proprietary and Confidential

Agreement No.: 20120124.035.C


b.	Protection of AT&T systems/networks: Supplier and all Supplier personnel shall follow all AT&T policies/AT&T Personal Data, Supplier shall provide AT&T with such assistance as AT&T may reasonably require to fulfill its responsibilities under the respective applicable Privacy Laws.

“AT&T Personal Data” shall mean that portion of AT&T Data that is subject to any Privacy Laws. “Privacy Laws” shall mean Laws relating to data privacy, trans-border data flow or data protection such as the implementing legislation and regulations of the European Union member states under the European Union Directive 95/46/EC or any other relevant legislation in the jurisdiction where the Service is supplied or data is collected or stored.

4.3 AT&T Supplier Information Security Requirements

Supplier shall comply with the AT&T Supplier Information Security Requirements (SISR) set forth in Appendix O attached hereto and incorporated by reference herein. Supplier shall cooperate fully with AT&T, including, without limitation, completing checklists or similar documentation, to ensure that Software and/or computer systems Supplier develops, designs, supports and/or uses under this Agreement comply with the standards and requirements set forth in SISR. Supplier shall fully indemnify, defend at its expense, and hold AT&T, its Affiliates and their agents, employees and Customers, harmless against any breach of the terms set forth in SISR.

4.4 Background Checks


a.	Supplier, with respect to the following requirements in this Section (collectively, “Background Checks”) and subject to any federal, state, or local laws, rules or regulations which may limit any Supplier action otherwise required by this section, shall:

(i) make all reasonable and legally permitted efforts, including checking the background, verifying the personal information and conducting a Drug Screen to determine and verify all information necessary to represent and warrant to AT&T that no Supplier employee, contractor or subcontractor and no employee or agent of any Supplier contractor or subcontractor (“Supplier Person”) who Supplier proposes to have perform any Service that permits physical, virtual or other access to AT&T 's or its customer's premises, systems, networks, or Information (“Access”) at the time of hire and during the term,

(a) has presented a positive Drug Screen,

(b) has been convicted of any felony, or has been convicted of any misdemeanor involving violence, sexual misconduct, theft or computer crimes, fraud or financial crimes, drug distribution, or crimes involving unlawful possession or use of a dangerous weapon (“Conviction”) or

(ii) not permit any such Supplier Person presenting a positive Drug Screen, to perform any Service that permits such Access during the term.

Supplier shall comply with the obligations of subsections (b) and (c) above through the use of a third party service which shall perform a review of applicable records for those counties, states, and federal court districts in which a proposed Supplier Person has identified as having resided, worked, or attended school in the previous [*] ([*]) years, unless a shorter period is required by any federal, state, or local law.


b.	Supplier acknowledges and agrees that it is Supplier’s sole and exclusive responsibility to determine whether a Supplier Person with a Conviction or a Sex Offender Status has a reasonable relationship to the individual’s fitness or trustworthiness to perform the Service, subject to any federal, state, or local

Proprietary and Confidential

Agreement No.: 20120124.035.C

restrictions on the consideration of criminal convictions in making employment decisions and should be denied Access during the term under the terms of this Agreement and in compliance with all federal, state, and local laws, unless an exception is granted by AT&T under paragraph e. of this Section.

Supplier represents and warrants to AT&T that, to the best of its knowledge, no Supplier Person has (i) falsified any of his or her Identification Credentials, or (ii) failed to disclose any material information in the hiring process relevant to the performance of any Service. Supplier shall not permit any Supplier Person who has falsified such Identification Credentials or failed to disclose such information to perform any Service that permits Access.


d.	The following definitions apply:


1.	“Identification Credentials” includes, with respect to each Supplier Person, his or her Social Security number, driver’s license, educational credentials (if position such Supplier Person is applying for contains an education requirement) employment history, home address, and citizenship indicia.

“Drug Screen” means the testing for the use of illicit drugs (including opiates, cocaine, cannabinoids, amphetamines, and phencyclidine (PCP)) of any Supplier Person who (i) has unsupervised (or badged) physical Access to AT&T’s or its customer’s premises, or (ii) has regular or recurring supervised physical Access to AT&T’s or its customer’s premises for more than [*] ([*]) days in the aggregate annually.


e.	The failure of Supplier to comply with the requirements of this Section shall be considered a material breach of this Agreement. Notwithstanding any of the foregoing, exceptions for individual Supplier Persons may be granted by AT&T on a case-by-case basis.

4.5 Customer – Information

For the purposes of this Section, “Customer Information” includes, but is not limited to, any Customer or Customer name, address, e-mail address, and/or phone number (listed or unlisted); personal information concerning a an employee, Customer or with any persons in the household of a Customer, including birth date, social security number, drivers license, health of financial information, credit card information, bank account, account number or personal identification numbers; information concerning a Customer’s calling patterns, call details, records of incoming or outgoing calls, or minutes of use or other use of AT&T’s services; information related to payments, credit status, and transactions with AT&T; demographic information; or aggregate Customer data – including aggregate data with individual identifying information deleted; and Customer proprietary network information (“CPNI”) (as that term is defined in Section 222 of the Communications Act of 1934, 47 U.S.C.222, as amended (“Section 222”), which includes information available to AT&T by virtue of AT&T’s relationship with its Customers as a provider of telecommunications, Internet, information or other services, including but not limited to: the quantity, technical configuration, location, type, destination, amount of use of telecommunications service subscribed to, and information contained on the telephone bills of AT&T’s Customers pertaining to telephone exchange service or telephone toll service received by a Customer of AT&T. Except as provided herein, as between Supplier and AT&T, title to all Customer Information shall be in AT&T. Except as otherwise provided herein, no license or rights to any Customer Information are granted to Supplier hereunder.


b.	Supplier acknowledges that Customer Information received may be subject to certain privacy laws and regulations and requirements, including requirements of AT&T. Supplier shall consider Customer

Proprietary and Confidential

Agreement No.: 20120124.035.C

Information to be private, sensitive and confidential. Accordingly, with respect to Customer Information, Supplier shall comply with all applicable privacy laws and regulations and requirements, including, but not limited to, the CPNI restrictions contained in Section 222. Accordingly, Supplier shall:


1.	not use any CPNI to market or otherwise sell products to AT&T’s Customers, except to the extent necessary for the performance of Services for AT&T or as otherwise approved or authorized by AT&T in this Agreement or in writing;

make no disclosure of Customer Information to any party other than AT&T, except to the extent necessary for the performance of Services for AT&T or except such disclosure required under force of law; provided that Supplier shall provide AT&T with notice immediately upon receipt of any legal request or demand by a judicial, regulatory or other authority or third party to disclose or produce Customer Information; Supplier shall furnish only that portion of the Customer Information that is legally required to furnish and shall provide reasonable cooperation to AT&T should AT&T exercise efforts to obtain a protective order or other confidential treatment with respect to such Customer Information;


i.	not incorporate any Customer Information into any database other than in a database maintained exclusively for the storage of AT&T’s Customer Information;


ii.	not incorporate any data from any of Supplier other Customers, including Affiliates of AT&T, into AT&T’s Customer database;


iii.	make no use whatsoever of any Customer Information for any purpose except to comply with the terms of this Agreement;


iv.	make no sale, license or lease of Customer Information to any other party;


v.	restrict access to Customer Information to only those employees of Supplier that require access in order to perform Services under this Agreement;


vi.	prohibit and restrict access or use of Customer Information by any of Supplier other Customers, Supplier Affiliates, or third parties except as may be agreed otherwise by AT&T;


vii.	promptly return all Customer Information to AT&T upon expiration, or termination of this Agreement or applicable schedule or Order, unless expressly agreed or instructed otherwise by AT&T; and

viii.

immediately notify AT&T upon Supplier awareness of (i) any breach of the above-referenced provisions, (ii) any disclosure (inadvertent or otherwise) of Customer Information to any third party not expressly permitted herein to receive or have access to such Customer Information, or (iii) a breach of, or other security incident involving, Supplier systems or network that could cause or permit access to Customer Information inconsistent with the above-referenced provisions, and such notice shall include the details of the breach, disclosure or security incident. Supplier shall fully cooperate with AT&T in determining, as may be necessary or appropriate, actions that need to be taken including, but not limited to, the full scope of the breach, disclosure or security incident, corrective steps to be taken by Supplier, the nature and content of any Customer notifications, law enforcement involvement, or news/press/media contact etc., and Supplier shall not communicate directly with any AT&T Customer without AT&T’s consent, which such consent shall not be unreasonably withheld.

Proprietary and Confidential

Agreement No.: 20120124.035.C

4.6 Customer Contact


a.	Contact by Supplier of AT&T’s Customers in any form, including but not limited to face-to-face contact, telephone contact, e-mail contact, and written contact (individually and collectively: “contact”), shall be only as set forth in this Agreement.

Prior to Supplier, or Supplier Subcontractor, if any, having contact in any form with AT&T’s Customers pursuant to this Agreement, Supplier must submit a script, creative media or recital, as applicable, that describes specifically what will be communicated during the contact with AT&T’s Customer. Approval of the script, creative media or recital, which will not be unreasonably withheld, must be obtained prior to the Customer contact being initiated.


c.	Supplier, or Supplier Subcontractor, if any, shall not change or otherwise deviate from the approved script, creative media or recital without the prior written approval of AT&T.


d.	Except as specifically authorized by this Agreement, Supplier shall not contact AT&T's Customers directly for the purpose of selling Services similar to those covered under this Agreement.


e.	Failure on the part of Supplier, or Supplier Subcontractors, if any, to comply with this provision shall be considered a material breach of this Agreement and AT&T may, in addition to remedies available under this Agreement and in law, immediately terminate this Agreement and/or the governing Order for default.

4.7 Electronic Data Interchange (EDI)

At the request of AT&T, the Parties shall exchange Orders, payments, acknowledgements, invoices, remittance notices, and other records (“Data”) electronically, in place of tangible documents. In such case, AT&T shall also designate whether the Parties shall exchange Data by direct electronic or computer systems communication between AT&T and Supplier, or indirectly through third party service providers with which either Party may contract or a single AT&T designated third party service provider with which each Party shall contract independently (“Provider”), to translate, forward and/or store such Data. If the Parties exchange Data directly, they agree to exchange it in accordance with the Telecommunications Industry Forum EDI Guidelines for use of American National Standards Institute (“ANSI”) Accredited Standards Committee X12 transaction sets, unless they mutually agree to a proprietary format or another standard such as Extensible Markup Language (“XML”).


b.	The following additional conditions apply to any such exchanges:


1.	Garbled Transmissions: If any Data is received in an unintelligible, electronically unreadable, or garbled form, the receiving Party shall promptly notify the originating Party (if identifiable from the received Data) in a reasonable manner. In the absence of such notice, the originating Party's record of the contents of such Data shall control.

Signatures: Each Party will incorporate into each EDI transmission an electronic identification consisting of symbol(s) or code(s) ("Signature"). Each Party agrees that any predetermined Signature of such Party included in or affixed to any EDI transmission shall be sufficient to verify such Party originated, “signed” and “executed” such transmission. No Party shall disclose to any unauthorized person the Signatures of the Parties hereto.


3.	Statute of Frauds: The Parties expressly agree that all Data transmitted pursuant to this Section shall be deemed to be a "writing" or "in writing" for purposes of Section 2-201 of the Uniform Commercial Code (“UCC”) or any other applicable law requiring that certain agreements be in writing and signed by the Party to be bound thereby. Any such Data containing or having affixed to it

Proprietary and Confidential

Agreement No.: 20120124.035.C

a Signature shall be deemed for all purposes: (i) to have been "signed" and "executed"; and (ii) to constitute an "original" when printed from electronic files or records established and maintained in the normal course of business.

Method of Exchange: Each Party shall be responsible for its own cost(s) to provide and maintain the equipment, software and services necessary to effectively and reliably transmit and receive Data, and the associated charge(s) of any Provider with which it contracts. Supplier shall be solely responsible for the cost of storing its information or Data on a Provider’s computer network, which may be retrieved by AT&T at no additional charge to AT&T by Supplier. Either Party may change a Provider upon [*] ([*]) days’ prior written notice to the other Party, except that if a single Provider for both Parties has been designated by AT&T, then AT&T may change the Provider upon [*] ([*]) days’ prior written notice to Supplier.

Warranty of Data Integrity: Supplier represents and warrants that Data and/or information either transmitted to AT&T by Supplier or stored by Supplier on a Provider’s network for access by AT&T a) do not contain any Harmful Code or Vulnerability, and b) do not infringe or violate any third party’s copyright, patent, trademark, trade secret or other proprietary rights or rights of publicity or privacy. Supplier further represents and warrants that all product and pricing information provided in its catalogues either stored on a Provider’s network or transmitted to AT&T by Supplier is current, accurate and complete. In the event more favorable prices or terms appear in Data transmitted to AT&T by Supplier than appear in Supplier current catalogue, AT&T will be entitled to the more favorable prices or terms contained in the Data.

4.8 Fraud Activity


a.	Supplier shall take necessary steps to ensure employees or Subcontractors are not involved in fraudulent practices, including, but not limited to, cramming or slamming.


1.	Cramming occurs when a Customer is charged for products or services they have not ordered or may not have ever received.


2.	Slamming is the unauthorized and illegal changing of a Customer's telecommunications service provider without his or her knowledge or permission. It can affect local and long-distance service provider choices.


b.	Fraudulent Credit Card, Social Security Number and Unauthorized Access or Disclosure Activity:

Supplier shall pay a fee of [*] U.S. Dollars ($[*] U.S.D.) per Instance of credit card fraud against any credit card. Supplier shall pay a fee of [*] U.S. Dollars ($[*] U.S.D.) per Instance of social security number misuse. An “Instance” is defined as an individual transaction attempt against a credit card or any single use of a social security number. For example, [*] ([*]) fraudulent transaction attempts against a single credit card would result in a [*] U.S Dollars ($[*]) discount and [*] ([*]) fraudulent uses of a single social security number would results in an additional [*] U.S Dollars ($[*]) discount.

Supplier shall pay a fee of [*] U.S. Dollars ($[*] U.S.D.) per account for unauthorized access to customer accounts and/or unauthorized disclosure of customer account information in connection with fraudulent activity. For example, the unauthorized access of an account in connection with fraudulent activity would result in a [*] Dollar ($[*]) discount regardless of whether there was an unauthorized disclosure of the customer’s account information. Similarly, the unauthorized disclosure of customer account information in connection with fraudulent activity would result in a [*] Dollar ($[*]) discount regardless of whether the information was obtained through an unauthorized access of the account. If there is both unauthorized access to an account and

Proprietary and Confidential

Agreement No.: 20120124.035.C

unauthorized disclosure of customer account information in connection with fraudulent activity, only one [*] Dollar ($[*]) discount shall be owed for the unauthorized activity on the account. Should an incident be covered by this subsection and Section 4.8(b)(1) above, the fees outlined in Section 4.8(b)(1) shall control. For example, if a credit card number was obtained through unauthorized access and then misused, the fee would be $[*] per each transaction attempt against the credit card.

For the avoidance of doubt, the aforementioned discount is not intended as compensation to AT&T for damages caused by any alleged Instance, nor as AT&T's sole remedy, nor in any manner limits AT&T's rights against Supplier, including termination and all other remedies at law or in equity, or both, which AT&T may have against Supplier relating to the alleged Instance.

In addition to all other remedies available under this Agreement and in-law, AT&T reserves the right at its sole discretion by providing written notice of such fraudulent practice to require the immediate removal of any Supplier employee or Subcontractor employee, which may include withdrawing AT&T’s prior written approval of any Supplier Subcontractor, who does not follow these anti-fraud provisions.

4.9 Independent Contractor – Limited Agency


a.	Supplier hereby represents and warrants to AT&T that:


1.	Supplier is engaged in an independent business and, except as specifically provided herein, shall perform all obligations under this Agreement as an independent contractor and not as the agent or an employee of AT&T;


2.	Supplier personnel performing Services shall be considered solely the employees of Supplier and not employees of AT&T;


3.	Supplier has and retains the right to exercise full control of and supervision over the performance of the Services and full control over the employment, direction, assignment, compensation, and discharge of all personnel performing the Services;

Supplier is solely responsible for all matters relating to compensation and benefits for all of Supplier personnel who perform Services. This responsibility includes (i) timely payment of compensation and benefits, including, but not limited to, overtime pay, medical, dental, and any other benefit, and (ii) all matters relating to compliance with all employer obligations to withhold employee taxes, pay employee and employer taxes, and file payroll tax returns and information returns under local, state and federal income tax laws, unemployment compensation insurance and state disability insurance tax laws, social security and Medicare tax laws, and all other payroll tax laws or similar laws with respect to all Supplier personnel providing Services;


5.	Supplier shall indemnify, hold harmless and defend AT&T from all Losses related to Supplier failure to comply with the immediately preceding paragraph in accordance with the Section entitled “Indemnity.”

Notwithstanding any other provision of this Agreement, Supplier shall be AT&T's agent for the limited purpose of marketing communications-related Services as described in this Agreement. Supplier shall act on AT&T’s behalf with respect to such Services, and Supplier performance of such Services shall be conducted pursuant to the terms, conditions, and requirements of this Agreement. Further, to the extent Supplier obtains or uses CPNI in connection with this Agreement, Supplier shall be an agent of AT&T

Proprietary and Confidential

Agreement No.: 20120124.035.C

with respect to the receipt and use of such information. Supplier shall receive and use CPNI in the manner specified in the Customer Information Section.

4.10 Inspection of Work

AT&T may have inspectors at the job site to inspect the performance and quality of the Work and to ensure Supplier compliance with the plans and Specifications of the Order and with the terms and conditions of this Agreement. Any AT&T inspectors, employees or agents, however, shall have no authority to direct or advise Supplier concerning the method or manner by which the Work is to be performed. Supplier has sole authority, responsibility and control over the Work and shall exercise its full responsibilities as an independent contractor.

4.11 Notice of Release of Information or Breach of Security

Supplier, which shall include any employees, agents, or Subcontractor it may utilize to fulfill this Agreement, shall provide immediate notice to AT&T in the event Supplier becomes aware of (1) any unauthorized (whether intentional or unintentional) release by Supplier, of Customer Proprietary Network Information (“CPNI”) or other Customer Personal Information (“CPI”) of any AT&T Customer to any person or entity other than the Customer to which such CPNI pertains or (2) any unauthorized acquisition by any person or entity of computerized or hard-copy data that compromises the security, confidentiality, or integrity of any CPNI or other CPI of any AT&T Customer maintained by or in the possession of Supplier.


b.	For purposes of this Section, Customer Proprietary Network Information / CPNI shall mean information as contained in 47 U.S.C. 222 of the Federal Telecommunications Act (1996).

4.12 Orderly Transition

In the event of expiration or termination of this Agreement or an Order, in whole or in part, wherein all or some portion of the Work will be performed by AT&T itself or an AT&T designated third party, Supplier shall provide transition support activities as agreed to by the Parties. To the extent such transition support activities are included in the fees set forth in the applicable Order, AT&T will only pay compensation for Work activities which have been specifically authorized and directed by AT&T in writing pursuant to this Section, and such payment, if any, will be at the rates set forth in the Order.


a.	Transition support activities may include, but are not limited to:


1.	Full cooperation in the orderly transition of Work to an AT&T center or a third party service provider;


2.	Supplier shall provide to AT&T and any designated third party service provider, to the extent available, applicable requirements, standards, policies, operating procedures and other documentation, reports, call recordings, chat transcripts, screen captures, files and other Information associated with the Services, at no additional cost;


3.	Continuation of Services at reducing levels if necessary during the transition period and at reduced levels if Services is transferred in part;


4.	Supplier shall assist AT&T in developing a plan which shall specify the tasks to be performed by the Parties in connection with the transition and the schedule for the performance of such tasks, at AT&T’s request;


5.	Supplier shall provide transition Services during such time as required by AT&T; and

Proprietary and Confidential

Agreement No.: 20120124.035.C


6.	Following the transition period set forth in paragraph 5 for a period not to exceed [] ([]) months thereafter, Supplier shall answer all reasonable and necessary verbal or written questions from AT&T regarding the Services on an “as needed” basis.


b.	Supplier’s quality and level of performance during the transition period shall continue to comply with all requirements of the Order.

4.13 Payment Card Industry (PCI)

The Payment Card Industry (“PCI”) data security standards are network security and business practice guidelines developed for Visa, MasterCard, American Express and Discover Card. They were developed to establish a minimum security standard with regards to the protection of cardholder’s account and transaction information. The PCI Security Standards Council, LLC (a non-AT&T entity) owns, develops, maintains and distributes the PCI Data Security Standard (“DSS”). If Supplier (including its subcontractor, agent or any third party, acting through, or on behalf of Supplier) collects, processes, handles, and/or maintains credit card data and/or related transaction status or identity information through, for, or on behalf of AT&T (including, without limitation, for itself, or in connection with AT&T’s joint or co-branded relationships and/or its, or their Customers, as the case may be), Supplier represents and warrants that it is, and shall remain PCI DSS compliant, including, but not limited to being, DSS certified, current and in good standing, if applicable, at no cost to AT&T, for the longer of the Term of this Agreement or any of Supplier’s applicable obligation periods under this Agreement, in accordance with the requirements of the PCI DSS. Notwithstanding anything to the contrary contained within the clause entitled Information or any other provision within this Agreement, Supplier acknowledges that credit card information shall be deemed, and shall be treated as Information under this Agreement irrespective of whether or not such Information is conspicuously marked as confidential or proprietary and Supplier’s obligation to treat credit card related Information as confidential shall survive the termination or expiration of this Agreement. Supplier shall indemnify and hold AT&T harmless from and against any proved or alleged claims, demands or suits, or any losses, damages, liabilities, fines, penalties and expenses (including reasonable attorney’s fees) that arise out of, relate to or result from Supplier’s (and/or its subcontractor, agent or any third party, if any, acting through or on behalf of Supplier) failure to comply with its obligations under this clause. Except as may be provided elsewhere in this Agreement, nothing contained within this clause shall be construed to mean, or means that Supplier is authorized to delegate, assign or subcontract any portion of its obligations under this clause to any third party.

4.14 Subcontractors

Use of Subcontractors. Supplier shall not subcontract any of its responsibilities without AT&T’s prior written approval, which may be withheld in AT&T’s sole discretion. Where a portion of the Work is subcontracted, Supplier remains fully responsible for performance thereof and shall be responsible to AT&T for the acts and omissions of any subcontractor. If any part of Supplier’s Work is dependent upon Work performed by others or subcontracted consistent with the terms herein, Supplier shall inspect and promptly report to AT&T any defect that renders such other Work unsuitable for Supplier’s proper performance. Supplier’s silence shall constitute approval of such other Work as fit, proper and suitable for Supplier’s performance of its Services or provision of Materials.

Prior to entering into a subcontract with a Subcontractor, including any changes to the use of a Subcontractor, for the performance of all or any part of Supplier’s obligations under this Agreement, Supplier shall (i) give AT&T reasonable prior notice specifying the components of the Services affected, complete description of the activities to be performed, the identity, location, and qualifications of the proposed Subcontractor and the reasons for subcontracting the Work in question; and (ii) obtain AT&T’s

Proprietary and Confidential

Agreement No.: 20120124.035.C

prior written approval of such Subcontractor. AT&T shall also have the right during the Term of this Agreement to revoke its prior approval of a Subcontractor and direct Supplier to replace such Subcontractor as soon as possible at no additional cost to AT&T; provided, however, that AT&T shall discuss AT&T’s concerns regarding the Subcontractor with Supplier prior to such revocation and shall otherwise exercise its right to revocation in a manner that provides Supplier a reasonable opportunity to mitigate potential negative impacts on the Services resulting from AT&T’s revocation and Supplier’ replacement of the Subcontractor. Provided, further, that notwithstanding the foregoing proviso, at any time, if AT&T reasonably believes a Subcontractor will create legal liability to AT&T or an eligible recipient, AT&T may immediately revoke its prior approval of the Subcontractor and Supplier shall, upon AT&T’s request, replace (or cause to be replaced) as promptly as possible such Subcontractor with a replacement Subcontractor of suitable ability and qualifications, without cost to AT&T. Supplier may, subject to AT&T’s prior consent, which shall not be unreasonably withheld, update an approved Subcontractor, as listed herewith, in accordance with this Section.

Supplier Responsibility. Supplier shall be responsible for any failure by any Subcontractor or Subcontractor personnel to perform in accordance with this Agreement or to comply with any duties or obligations imposed on Supplier under this Agreement to the same extent as if such failure to perform or comply was committed by Supplier or Supplier employees. Supplier shall guarantee the performance of all such Subcontractors and Subcontractor personnel providing any of the Services hereunder. Supplier shall be AT&T’s sole point of contact regarding the Services, including with respect to payment to Subcontractors. Supplier shall require all Subcontractors performing Work on the project or who may enter upon the Work site to maintain the same insurance requirements as those set forth in the Insurance Section of this Agreement. Nothing in this Agreement shall create any contractual obligation or other liability of AT&T to any Subcontractor or its employees. The Supplier shall bind every Subcontractor to the terms of this Agreement and, specifically, to compliance with the Insurance Section of this Agreement.

4.15 Home-Based Agents

If Supplier uses home-based Agents in performing Services, Supplier shall also comply with the terms of AT&T Information Security Requirements for Use of Home-Based Agents attached hereto as Appendix N.

4.16 Reimbursable Expenses

AT&T is not responsible for any travel, meal or other business related expense incurred by Supplier whether or not incurred in its performance of its obligations under this Agreement, unless reimbursement of expenses is expressly authorized in writing by the Vendor Manager pursuant to this Agreement or an Order. If reimbursement of expenses is so authorized, in order to be reimbursable, each and every such expense must comply with the requirements of AT&T’s Vendor Expense Policy attached hereto and incorporated herein as Appendix P. Supplier must provide in a timely manner receipts and other documentation as required by the Vendor Expense Policy and such additional documentation or information requested by AT&T to substantiate expenses submitted by Supplier for reimbursement.

4.17 Requirements for Access to AT&T’s System(s) and/or Databases

Supplier shall provide AT&T for each employee or temporary worker of Supplier or Supplier's Subcontractors requesting access to AT&T's systems and/or databases, the employee or temporary worker’s first and last name and (1) for all persons working in the US or US citizens working abroad, the persons social security number or (2) for all other persons, a unique nine (9) digit identifier for each person. The name and social security number or unique identifier will be used by AT&T to identify the person accessing AT&T’s system to ensure compliance with this Agreement, including without limitation Section entitled “Customer - Information”. AT&T will provide each such employee or temporary Worker a unique user ID for access to

Proprietary and Confidential

Agreement No.: 20120124.035.C

AT&T systems. This unique user ID may only be used by the individual to whom it is assigned so AT&T can identify the person accessing AT&T’s system to ensure compliance with this Agreement. AT&T reserves the right to refuse or suspend access to AT&T’s systems and/or databases at any anytime to any Supplier employee or temporary Worker, including Supplier’s Subcontractors. In such case, Supplier shall be required to replace such individual at no cost to AT&T.

4.18 Worker Exit from AT&T Programs

If the Work and/or Worker are transitioning to another AT&T Program, some of these provisions may not apply subject to AT&T approval.

a. Upon Worker’s completion of Services, including attrition of Supplier Representative, dismissal of Supplier Representative, and Program and/or Order expiration or termination, Supplier shall:


1.	Immediately notify AT&T’s Vendor Manager and identify the Supplier Representative (s) so the applicable AT&T user id can be deleted.


2.	Ensure that Supplier Representative critical knowledge as to the performance of Services is transferred via training of other Supplier Representative (s) and/or documented.


3.	Ensure that any roles assigned to the Supplier Representative are appropriately reassigned, such as:


i.	Project team/committee member


ii.	Functional representative for internal/external interfaces


4.	Advise the AT&T Vendor Manager if a security clearance exists.


5.	Advise the AT&T Vendor Manager, as applicable, if there is reason to believe the Worker should not be engaged for future assignments.


6.	Remind the Supplier Representatives of their obligation to maintain confidentiality of AT&T Information and Customer Information.


7.	Perform an inventory of AT&T records (paper and electronic) in Supplier Representative’s office or home-based Agent/virtual office and arrange for appropriate retention or destruction pursuant to an Order or as directed by AT&T’s Vendor Manager.


8.	Have Supplier Representative establish “Out of Office” Voice Mail message and have the Supplier’s Representatives’ supervisory personnel, or its delegate, review for appropriateness.


9.	Upon Supplier Representative(s) completion of Services, including attrition of Supplier Representative, dismissal of Supplier Representative, or Program and/or Order expiration or termination, Supplier shall have Supplier supervisory personnel, or its delegate, obtain password from Worker and deactivate it.


10.	If a reservation or reservationless conference bridge is assigned to the Supplier Representative for AT&T’s Program, Supplier’s supervisory personnel, or its delegate, shall ensure that such reservation and reservationless conference bridges are cancelled.


11.	When transition of Supplier Representative job responsibilities under an AT&T Program is complete, Supplier supervisory personnel, or its delegate, requests cancellation of other system / job specific user identification, access codes, and access privileges that the Supplier Representative may have to support AT&T’s Work, such as:


i.	Shared drives (transfer ownership, if applicable)


ii.	Financial systems


iii.	Data warehouses


iv.	Internet and database services


v.	Digital Certificates


vi.	Other systems


12.	Collect and return SecurID Card/Token to AT&T, if applicable.

Proprietary and Confidential

Agreement No.: 20120124.035.C


13.	If TACACS/Config service, applies, notify the AT&T Vendor Manager to delete TACACS/config server ID, if applicable.


14.	Recover and secure AT&T assets, which may include AT&T assets, in Supplier Representative’s possession (including those kept at the individual’s home):


i.	Personal computers


ii.	Software


iii.	Monitors


iv.	Modems


v.	Printers


vi.	Fax machines


vii.	Speakers


viii.	PDAs


ix.	Pagers


x.	Cellphones


15.	If Supplier Representatives used a non-Supplier PC or Supplier’s PC (collectively “PC”), Supplier shall ensure that AT&T Information is cleaned off the PC by having the machine re-imaged.


16.	Have Supplier supervisory personnel, or its delegate, ensure that the office space of exiting Worker is cleaned and ready for next occupant.


17.	If Services are performed at remote locations, Supplier shall ensure the following installed services are disconnected at Supplier Representative’s location (home and/or other Work location):


i.	Phone lines


ii.	DSL lines


iii.	Cable modem connections


18.	If Services are performed at Supplier Facilities, Supplier shall ensure the following services are disconnected:


i.	Office Telephone


ii.	Voice Mail


iii.	LAN Port


19.	Supplier shall collect all property used for AT&T’s Program(s). This includes but is not limited to:


i.	Supplier Representative’s identification badges, portal passes, parking decals and passes, building access cards, security ID cards, smart cards, key cards, toll pass cards


ii.	Keys to desks, file cabinets, storage cabinets, offices, conference rooms, and other Work areas


iii.	Keys to buildings, gates and vehicles used for AT&T’s Program(s)


iv.	Other equipment or property used for AT&T’s Program(s) not mentioned in previous tasks, including any items that the Supplier Representative has at home or other remote location, such as:


1.	Microphones, video recorders, cameras and answering machines


2.	Manuals, library materials, software, documentation for software and hardware


3.	Office furniture (and keys to same) and artwork


4.	Special devices (e.g., scanners, 2-way radios)


5.	Tools and Uniforms


20.	Supplier shall prepare AT&T files for storage:


i.	Supplier shall review office records for compliance with AT&T’s retention schedule pursuant to an Order and as required by law, and transfer active records with retention obligations to appropriate person or group inheriting Work function. For inactive records with retention obligations, Supplier shall follow procedures for sending to off-site vendor storage.

Proprietary and Confidential

Agreement No.: 20120124.035.C


ii.	For Information for which there is no retention obligation or as may be required by law, Supplier shall destroy such Information in accordance with the Order or as directed by AT&T’s Vendor Manager.

b. Supplier shall obtain Supplier Representative’s certification that Supplier Representative has returned or destroyed all physical and electronic copies of AT&T Information.


i.	Upon Supplier Representative’s completion of Services, including the attrition of Supplier Representative, dismissal of Supplier Representative, and Program and/or Order expiration or termination, Supplier shall ensure that all Supplier Representative complete and sign the “Written Certification of Return or Destruction of AT&T Information or Data”, attached hereto as Appendix L.


ii.	Supplier shall retain the original to be placed in the Supplier Representatives personal file as a permanent record.

Upon AT&T request Supplier shall deliver executed copies of the “Written Certification of Return or Destruction of AT&T Information or Data”, Appendix L to the AT&T Vendor Manager, within [*] ([*]) business days of request.

4.19 Change Management

AT&T may, at any time during the progress of the Work pursuant to an Order, require additions, deletions or alterations (all hereinafter referred to as a “Change”) to the Services. Within [*] ([*]) business days after a request for a Change, Supplier shall submit a Program Change Notice (PCN), attached hereto as Appendix J, to AT&T that includes any changes to Supplier’s costs or in the delivery of Service schedule necessitated by the Change. Supplier shall submit a proposal to AT&T, which includes any changes in Supplier costs or in the delivery of Program(s) schedule necessitated by the Change. AT&T shall, within [*] ([*]) business days of receipt of the proposal, either (i) accept the proposal with a written amendment to the applicable Order or fully executed PCN directing Supplier to perform the Change, or (ii) advise Supplier not to perform the Change in which event Supplier shall proceed with the original Program(s) in accordance with the applicable Order. No such change shall be considered, nor shall Supplier be entitled to any compensation for Work done pursuant to or in contemplation of a Change, unless made pursuant to a written amendment to the applicable Order or a fully executed PCN issued by AT&T.

Proprietary and Confidential

Agreement No.: 20120124.035.C



IN WITNESS WHEREOF, the Parties have caused this Agreement to be executed, which may be in duplicate counterparts, each of which will be deemed to be an original instrument, by their duly authorized representatives.
StarTek, Inc.	AT&T Services, Inc.

By: /s/ Xxxx X. Carlson_____________________	By: /s/ Xxxxx Binkley________________________

Printed Name: Xxxx X. Xxxxxxx	Printed Name: Xxxxx Xxxxxxx

Title: President & CEO	Title: Senior Contract Manager

Date: 1/25/2013_____________________________	Date: 1/17/2013_____________________________

Proprietary and Confidential

Agreement No.: 20120124.035.C

Appendices

Appendix A - Supplier Code of Conduct


1.	Every Supplier has the responsibility of dealing fairly with AT&T’s Customers, past and present, fellow AT&T Suppliers and authorized sales representatives and the general public.


2.	Each Supplier has the responsibility of adhering to generally accepted standards of accuracy, truth and good taste at all times. No Supplier shall be placed in a position where the Supplier’s interest is, or may be, in conflict with duty to the Customer.


3.	Each Supplier shall safeguard the confidences of both present and former AT&T Customers, and shall not accept retainers that may involve the disclosure or use of these confidences to the disadvantage or prejudice of such Customers.


4.	Each Supplier shall always strive to communicate clearly with Customers, and treat them with respect. In some instances, our competitors are also our Customers, and it is our duty to treat them with the same level of courtesy and respect as we use in dealing with the rest of our Customers.


5.	No Supplier shall intentionally disseminate false or misleading information, and each Supplier is obligated to use as much care as is humanly possible to avoid dissemination of false or misleading information.


6.	Supplier shall not represent themselves as an employee of AT&T.


7.	Supplier agrees that any fraudulent conduct by it’s employees must be identified and investigated immediately and brought to the attention of AT&T. Fraudulent or illegal conduct includes, but is not limited to, any oral or written misrepresentation of facts, misappropriation of funds, theft, improper reporting of sales or expenses, or any other dishonest acts, done while working for Supplier.

No Supplier shall intentionally injure the professional reputation or practice of AT&T or another AT&T Supplier or authorized sales representative. However, if a Supplier has evidence that another Supplier vendor has been guilty of unethical, illegal or unfair practices, including practices in violation of this Code, the Supplier is obligated to present the information to the proper representative of AT&T for action and in accordance with the terms and conditions set forth in this Agreement or the applicable services sales agreement.


9.	No Supplier shall accept fees, compensations, or any other valuable consideration in connection with those Services provided herein from anyone other than AT&T.

10.

Supplier shall take necessary steps to ensure employees are not involved in fraudulent practices, including, but not limited to, cramming or slamming. “Cramming” occurs when a Customer is charged for products or services they have not ordered or may not have ever received. “Slamming” is the unauthorized and illegal changing of a Customer’s telecommunications service provider without his or her knowledge or permission. Supplier must obtain clear, explicit consent from Customers before making any additions or changes to their service or accounts. Supplier must report any information concerning slamming and cramming to their supervisor and to AT&T immediately.

Proprietary and Confidential

Agreement No.: 20120124.035.C


11.	Supplier shall not create sales that do not provide value to the Customer and the Company, or manipulate the commission system.


12.	Supplier shall not provide any discounts, bonus payments, cash, or non-cash incentives to a Customer for the sale of a Service covered under this Agreement except those included in AT&T tariffs and pricing plans.

Proprietary and Confidential

Agreement No.: 20120124.035.C

Appendix B - Texas Code of Conduct

CHAPTER 26. SUBSTANTIVE RULES APPLICABLE TO TELECOMMUNICATIONS SERVICE PROVIDERS Subchapter F. REGULATION OF TELECOMMUNICATIONS SERVICE. §26.133.

Business and Marketing Code of Conduct for Certificated Telecommunications Utilities (CTUs).


(a)	Purpose. The purpose of this section is to establish a code of conduct in order to implement Public Utility Regulatory Act (PURA) §51.001 and §64.001 relating to fair business practices and safeguards against fraudulent, unfair, misleading, deceptive, or anticompetitive practices in order to ensure quality service and a competitive market.


(b)	Application. This section applies to all certificated telecommunications utilities (CTUs), as defined in §26.5 of this title (relating to Definitions), and CTU employees. This section also applies to all authorized agents of the CTU.


(c)	Communications.


(1)	A CTU employee or authorized agent shall conduct communications with competitors and competitors’ end-user Customers with the same degree of professionalism, courtesy, and efficiency as that performed on behalf of their employer and end-user Customers.

(2)

A CTU employee or authorized agent, while engaged in the installation of equipment or the rendering of services (including the processing of an order for the installation, repair or restoration of service, or engaged in the actual repair or restoration of service) on behalf of a competitor shall not make statements regarding the service of any competitor and shall not promote any of the CTU’s services to the competitor’s end-user Customers.


(d)	Corporate advertising and marketing.


(1)	A CTU, CTU employee or authorized agent shall not engage in false, misleading or deceptive practices, advertising or marketing with respect to the offering of any telecommunications service.


(2)	A CTU, CTU employee or authorized agent shall not falsely state or falsely imply that the services provided by the CTU on behalf of a competitor are superior when purchased directly from the CTU.


(3)	A CTU, CTU employee or authorized agent shall not falsely state or falsely imply that the services offered by a competitor cannot be reliably rendered, or that the quality of service provided by a competitor is of a substandard nature.

(4)

A CTU, CTU employee or authorized agent shall not falsely state nor falsely imply to any end-user Customer that the continuation of any telecommunications service provided by the CTU is contingent upon ordering any other telecommunications service offered by the CTU. This section is not intended to prohibit a CTU from offering, or enforcing the terms of, any bundled or packaged service or any other form of pricing flexibility permitted by PURA and commission rules.


(e)	Information sharing and disclosure.


(1)	Pursuant to the federal Telecommunications Act §222(a), each CTU has a duty to protect the confidentiality of proprietary information of, and relating to, other CTUs.


(2)	Pursuant to the federal Telecommunications Act §222(b), each CTU that receives or obtains proprietary information from another CTU for purposes of providing any telecommunications service shall use such information only for such purpose, and shall not use such information for its own marketing efforts or any other unauthorized purpose.

Proprietary and Confidential

Agreement No.: 20120124.035.C

(f)

References to other Chapter 26 substantive rules. The following commission rules also affect the conduct of CTU employees and authorized agents. All CTU employees and agents must be trained to comply with the specific substance of these rules which affect their employment responsibilities. Copies of specific commission rules shall be made available by the CTU to any employee or agent upon their request. The applicability of each of the following sections is unaffected by the reference in this section and does not relieve any CTU of its responsibility to abide by other applicable commission rules.

(1) Section 26.21 of this title (relating to General Provisions of Customer Service and Protection Rules);

(2) Section 26.31 of this title (relating to Disclosures to Applicants and Customers);


(3)	Section 26.32 of this title (relating to Protection Against Unauthorized Billing Charges (“Cramming”));

(4) Section 26.37 of this title (relating to Texas No-Call List);


(5)	Section 26.122 of this title (relating to Customer Proprietary Network Information (CPNI));

(6) Section 26.126 of this title (relating to Telephone Solicitation); and


(7)	Section 26.130 of this title (relating to Selection of Telecommunications Utilities).

(g) Adoption and dissemination.


(1)	Every CTU or authorized agent shall formally adopt and implement all applicable provisions of this section as company policy, or modify existing company policy as needed to incorporate all applicable provisions, within 90 days of the effective date of this section. A CTU shall provide a copy of its internal code of conduct required by this section to the commission upon request.

(2)

Every CTU or authorized agent shall disseminate the applicable provisions of this section to all existing and new employees and agents, and take appropriate actions to both train employees and enforce compliance with this section on an ongoing basis. Every CTU shall document every employee’s and agent’s receipt and acknowledgement of its internal policies required by this section, and every CTU shall make such documentation available to the commission upon request.

(h) Investigation and enforcement.


(1)	Administrative penalties. If the commission finds that a CTU has violated any provision of this section, the commission shall order the utility to take corrective action, as necessary, and the utility may be subject to administrative penalties and other enforcement actions pursuant to PURA, Chapter 15.


(2)	Certificate revocation. If the commission finds that a CTU is repeatedly in violation of this section, and if consistent with the public interest, the commission may suspend, restrict, or revoke the registration or certificate of the CTU.


(3)	Coordination with the Office of the Attorney General. The commission shall coordinate its enforcement efforts regarding the prosecution of fraudulent, misleading, deceptive, and anticompetitive business practices with the Office of the Attorney General in order to ensure consistent treatment of specific alleged violations.

Supplier Representative

Acknowledgment of Codes of Conduct:

_______________________________ _____________________________

Supplier Representative Date

Proprietary and Confidential

Agreement No.: 20120124.035.C

Proprietary and Confidential

Agreement No.: 20120124.035.C

Appendix C - Description of Services and Deliverables

Supplier shall perform Services as described in an Order and pursuant to the “General Business Requirements” in Appendix D.

Proprietary and Confidential

Agreement No.: 20120124.035.C

Appendix D – General Business Requirements

1.OUTBOUND TELEMARKETING

Solicitation of Orders

Supplier will be provided with a list of AT&T Customers and/or prospects (hereinafter “AT&T Customers”) whom Supplier will use all commercially reasonable efforts to contact. Supplier personnel shall solicit AT&T Customers for orders to subscribe to telecommunications services and shall accurately describe telecommunications service functions and prices as furnished by AT&T. Supplier shall solicit orders for telecommunications services to AT&T Customers regardless of whether those AT&T Customers purchase other products or services from Supplier. Supplier shall solicit orders for AT&T telecommunications services only and Supplier shall not solicit orders for any other product or service offered by Supplier during a call made on behalf of AT&T. Supplier shall not solicit orders for telecommunications services from existing Customers or prospects that are not on the above-referenced list.

Supplier shall not make any representations of rates, terms or conditions of telecommunications services that conflict with AT&T information or tariffs furnished in writing to Supplier by AT&T. All orders for telecommunications services are subject to availability, final approval and acceptance by AT&T.

Verification of Orders

AT&T may appoint a verification vendor who will verify with the Customer all orders accepted by Supplier. Upon closing a sale, Supplier shall transfer the Customer along with the voice and order information to the verification vendor in accordance with the procedures and requirements mutually agreed upon by the Parties.

In lieu of third party verification as stated above, AT&T may, at its option, require Supplier to record voice and/or data to verify an order, including the product purchased, all applicable charges and any special terms and conditions of the product or offer (such as e.g., any required Customer premises equipment necessary for the operation of the service).

Sales and Service Objectives

Specific sales and service objectives, including retention objectives shall be mutually agreed upon in writing prior to any new AT&T sales campaign. These objectives may only be revised upon mutual agreement of both Parties in writing. Supplier shall strive to meet and exceed the sales objectives.

Customer Profiles

Supplier shall, if requested by AT&T in connection with each sales call, request from the AT&T Customer and record, when given, Information pertaining to the AT&T Customer’s usage and calling patterns with respect to telecommunications services. This information may, if requested by AT&T be used to recommend the best Telecommunications Service(s) for the Customer. In addition, AT&T may require such information be compiled and identified as a “sale” or “no sale” and furnished to AT&T on a weekly or other frequency period, as mutually agreed upon, in accordance with the procedures and requirements mutually agreed upon.

Outbound Telemarketing Reports

Supplier shall be responsible for preparing and furnishing to AT&T on a daily basis, or such other frequency as mutually agreed upon in writing, the reports pertaining to Supplier outbound marketing, selling and productivity requirements related to telecommunications services. Such reports shall be mutually agreed upon on a campaign-to-campaign basis. The reports shall be prepared in a format and frequency mutually agreed upon, and which may be modified from time to time. Such reports may include but may not be limited to the following:

Proprietary and Confidential

Agreement No.: 20120124.035.C


•	Average number of Contacts per hour


•	Average number of Sales per hour


•	Number of total contacted


•	Percentage of total campaign list contacted


•	Total Sales


•	Products Sold

Number of “no sales” and the reason for no sale (including wrong number, disconnects and refusals)


•	Conversion rate


2.	INBOUND TELEMARKETING AND CUSTOMER SERVICE

Inbound Personnel

In accordance with the forecasting requirements of any Order, Supplier shall have personnel available to handle inbound calls, including Customer inquiries, and to accept Customer orders. Such personnel shall be available during the hours identified in writing by AT&T for each individual program as specified in a Scope of Work.

Screening of Inquiries

For all incoming calls, Supplier shall first screen the request to ensure the caller has reached the correct AT&T entity and that the request pertains to telecommunications services. In cases where the caller has not reached the correct entity, or the inquiry pertains to a subject outside the scope of this Agreement, Supplier shall transfer the call to the appropriate contact furnished by AT&T or otherwise follow the procedures defined in “Agency Methods and Procedures”, incorporated herein by this reference and as updated from time to time, furnished by AT&T. For inquiries related to telecommunications services, Supplier shall confirm the callers “eligibility for service” by, for example, checking the caller’s phone number against AT&T’s serving area and/or performing credit screening provided by AT&T, if requested by AT&T.

Accepting Orders

Upon completing the screening procedure outlined in Section, “Screening of Inquiries”, above, Supplier shall be responsible for accepting or soliciting orders for callers who are “eligible” for telecommunications services. At AT&T’s request, Supplier shall gather information on the callers’ usage and calling patterns before recommending the Telecommunications Service(s) most beneficial to the caller. All Customer profile and sale information shall be compiled and furnished to AT&T on a weekly or other frequency period, as specified by AT&T, in accordance with reasonable procedures and requirements as specified by AT&T.

Inbound Telemarketing Reports

Supplier shall be responsible for preparing and furnishing to AT&T on a daily basis or such other frequency as specified by AT&T in writing, the reports pertaining to Supplier marketing, selling and productivity requirements related to telecommunications services. Such reports shall be specified by AT&T on a campaign-to-campaign basis. The reports shall be prepared in a format and frequency specified by AT&T, and may be modified from time to time. Such reports may include but may not be limited to the following:


•	Number of inbound calls


•	Number of calls handled


•	Number of calls transferred

Proprietary and Confidential

Agreement No.: 20120124.035.C


•	Number of calls abandoned


•	Average time per call in queue


•	Average speed of answer


•	Number of sales completed and products sold


•	Number of refusals (no sale) and the reason for the no sale


3.	Do Not Call

Supplier shall comply with all federal, state and local laws, rules and regulations as provided in the Section entitled Compliance with Laws of the Agreement. Supplier shall also comply with the following Do Not Call (“DNC”) Procedures.


1.	Supplier's Responsibilities:


i	Supplier shall comply with all state, federal, and DMA laws and regulations in regard to DNC lists and procedures except where AT&T expressly assumes responsibility for compliance.


ii	Supplier shall establish and implement written procedures for complying with applicable Telemarketing Rules.


iii	Supplier shall train its employees engaged in telemarketing on the Telemarketing Rules and Supplier’s written procedures concerning the Telemarketing Rules.


iv	Supplier shall monitor, within its regular course of business, the compliance of its employees with federal and state DNC laws and regulations, the requirements of the Agreement and this Order, and Supplier’s written procedures.

Supplier shall be responsible for submitting on a daily basis a list of all persons, including their names and telephone numbers, who have indicated to Supplier a desire to be excluded from future AT&T telephone or written solicitations, or who have indicated that they have signed up for a federal or state DNC list, so that AT&T may update its internal do not call and do not write lists. The submission of the daily DNC requests shall be done via the daily response file as well as entering the DNC information on the AT&T DNC Web site.


b.	Supplier shall establish that an employee’s willful violation of the applicable Telemarketing Rules or Supplier’s written policy concerning such rules constitute grounds for immediate termination from the Program.


c.	Supplier shall maintain records of its compliance with its responsibilities as described in this Section for a period of five (5) years.

Supplier represents and warrants that it shall comply with the foregoing procedures and with applicable DNC laws and regulations and that it shall reimburse AT&T for the cost of AT&T's defense and for any and all remedies, fines or penalties of any kind that may be imposed on AT&T arising from or related to Supplier's breach of its responsibilities as described in this Agreement. Failure of Supplier to comply with the foregoing provisions shall be considered a material breach of the Agreement, and AT&T may, in addition to all other available legal and equitable remedies, immediately terminate this Agreement and/or Order for default, without incurring any liability whatsoever to Supplier for such termination.

Proprietary and Confidential

Agreement No.: 20120124.035.C

4. Retention of Records

Supplier shall maintain, in accordance with the requirements of the Telemarketing Rules and applicable laws, for a minimum period of twenty-four (24) months from the date of any sale of telecommunications Services hereunder, the name (including any fictitious name used), the last known home address and telephone number, and job title of all current and former employees of Supplier directly involved in any such sale. In addition, Supplier is also responsible for maintaining for a minimum period of twenty-four (24) months from the date of sale of any telecommunications service, the following records electronic records reflecting sales information, tracked by specific customer and product sold.

All such Customer order information must be maintained for the period specified above and Supplier must have the capability to retrieve such information within twenty-four (24) hours of AT&T’s request. The foregoing record retention requirements shall not be deemed to relieve or delegate AT&T’s or Supplier’s, responsibilities and obligations under the Telemarketing Rules, including without limitation, the obligation to retain Customer sales records in accordance with 16 CFR Part 310.5.

5. Use of Data

Data files, including but not limited to Customer lists, Customer account information, correspondence and other records are considered confidential Information and shall remain the sole property of AT&T and/or its parent company, subsidiaries or Affiliates.

Supplier acknowledges the importance of maintaining security and confidentiality of all AT&T data files and agrees to prevent unauthorized transfer, disclosure, or use of these data files by any person or entity not a party of this Agreement.

AT&T may monitor the use of these data files in any manner to prevent the improper or unauthorized use of the data, and such monitoring may include, but is not limited to, onsite inspection of the entire Supplier Facility at any time.

AT&T may use decoy names and addresses.

Supplier shall ensure that it will not retain, after completion of any job in connection with which data files were provided, all or any portion of the data files, except Customer sales records that Supplier is required to retain pursuant to this Agreement, in any manner whatsoever, nor permit any parent, subsidiary, affiliate, third party, agent, employee or contractor, or their respective agents or employees to do so unless prior written permission is obtained from a duly authorized representative of AT&T. Supplier may not use the data files for any purpose other than in connection with the Services under this Agreement or an Order.

6. Customer Complaints

Supplier shall notify AT&T of any Customer complaints received by Supplier arising out of, or as a result of, Services provided by Supplier. Supplier shall use best efforts to resolve the complaint, at no additional cost to AT&T, within twenty-four (24) hours of receipt thereof, whether notified thereof by the Customer or AT&T. AT&T shall use reasonable efforts to cooperate with Supplier in resolving such disputes, including providing any information in its possession pertaining to the Customer’s account records, as necessary. If Supplier has not resolved a Customer complaint, to the extent it involves AT&T telecommunications services within sixty (60) business hours of receipt thereof, AT&T may intervene and resolve such complaint to the Customer’s satisfaction. If the Customer’s complaint arises from Supplier’s error, Supplier shall use best efforts to correct the error; provided, however, Supplier shall secure the prior consent of AT&T’s Vendor Manager or his/her designee before proposing a solution to the Customer which would impose any obligation on AT&T.

Proprietary and Confidential

Agreement No.: 20120124.035.C

Supplier’s failure to courteously and professionally represent AT&T and/or promptly and fairly resolve Customers’ complaints shall constitute a material breach of this Agreement.

7. Caller ID Delivery

Supplier shall pass Caller ID Number placed on AT&T’s behalf pursuant to the requirements of applicable federal and state law, including, but not limited to, the federal Telephone Consumer Protection Act, as amended.

AT&T prefers that Supplier provide equipment able to send “AT&T” name delivery, and a specific number provided which will be supplied by AT&T. If Supplier cannot pass “AT&T” name delivery, they should, under federal law, when available by the calling party’s carrier, display their name when calling AT&T Customers.

A failure to comply with these Caller ID requirements is grounds for immediate Order and/or Agreement termination.

8. Automatic or Predictive Dialing

Supplier shall provide automatic or predictive dialing capability as required by AT&T for all outbound Programs. Supplier’s abandonment rate for calls utilizing predictive dialers shall not exceed performance measures set forth in the Order, FTC and FCC regulations or Direct Marketing Association (“DMA”) Guidelines whichever is lower.

9. Data Entry

Supplier warrants that all data shall be received or entered accurately when providing Services. For example: an order is accurate if there is no deviation between the original Customer request and the actual order issued and the order contains all information necessary to process such order. Supplier shall document the quality of orders by using error management reports and comparing, in a daily sample, the actual records of Customer request to the actual order issued to determine accuracy of Work performed. AT&T may assess accuracy according to its methods and procedures.

10. Competitor Personnel

In performing the Work on AT&T Program(s) pursuant to this Agreement or any Order there under, Supplier shall only use personnel who are not also providing similar services for any AT&T Competitor.

11. Previous Services for AT&T

Supplier will use commercially reasonable efforts to determine whether each individual who performs Services for AT&T has performed Work as an employee or temporary worker for AT&T, or any AT&T Affiliate, in the [*] ([*]) months preceding the individual’s proposed commencement of Work for AT&T. Supplier will provide AT&T with written notice of any individuals who meet the foregoing criteria. AT&T may require that Supplier provide another individual to perform the Work.


2.	Supplier will use commercially reasonable efforts to ensure that no individual providing Services in connection with an Order submitted by AT&T provides Services to AT&T for more than t[] ([]) consecutive months, unless AT&T provides written authorization for the individual to perform Services for more than [] ([]) consecutive months.

Proprietary and Confidential

Agreement No.: 20120124.035.C

12. Market Data

Supplier shall obtain, retain and provide to AT&T upon request the market data and Customer information that AT&T determines is reasonably required to conduct its business.

13. Protection of Sensitive Personal Information (“SPI”) and Customer Information


1.	Supplier shall not create print-outs or other hardcopy of SPI (defined in Appendix O Security Attachment) and/or Customer Information data unless required by the job function and necessary to perform the Services.


2.	When a hardcopy of SPI and/or Customer Information must be created, Supplier shall label the hardcopy as AT&T Proprietary (Sensitive Personal Information), but only under express authority granted by AT&T for the particular job activity.


3.	If there is any identified compromise or suspected compromise under investigation, loss or theft of any print-outs or hardcopy containing SPI and/or Customer Information data, Supplier shall notify AT&T on or before close of business on the day following the identification.


4.	If there is any identified compromise, loss or theft of any print-outs or hardcopy containing SPI and/or Customer Information data, Supplier shall notify AT&T on or before close of business on the day following the identification.


5.	Supplier shall maintain SPI and/or Customer Information only if mandated by law or if the data element is a necessary attribute for the business process.


6.	Supplier shall limit replication of SPI and/or Customer Information to the minimum copies (both hardcopy and softcopy) required to achieve the business purposes under this Agreement.


7.	If SPI and/or Customer Information will reside on any Supplier systems, Supplier shall store such data in a format that is fully compliant with all AT&T standards that have been communicated to Supplier as well as the then-current standards of SISR and PCI industry, as applicable.


8.	Supplier shall not take print-outs or other hardcopy of SPI and/or Customer Information data outside AT&T or Supplier premises without the prior written consent of AT&T’s Vendor Manager.


9.	Supplier shall not transmit SPI and/or Customer Information data via regular (insecure) FAX without the express permission of AT&T.


10.	Supplier shall not transmit SPI and/or Customer Information data via e-mail without encryption, which is explicitly approved by AT&T.

14. Customer Protection Policy

Supplier agrees to take all commercially reasonable appropriate steps to endeavor to prevent and respond to incidents involving the mistreatment of AT&T’s customers. To protect AT&T’s customers, as well as AT&T, its Affiliates and its services, from the effects of such mistreatment, Supplier will not permit any of its Customer Service Representatives (CSRs) or other employees (e.g., trainers, supervisors) to engage in any of the following actions:


1.	Using vulgar, offensive, abusive, or sexually oriented language in communications with Customers.


2.	Making derogatory references to race, ethnicity, religion, or gender in communications with Customers.

Proprietary and Confidential

Agreement No.: 20120124.035.C


3.	Yelling or screaming, making rude, argumentative, abrasive, or sarcastic comments in communications with Customers.


4.	Exchanging personal information with Customers or AT&T representatives for social purposes or engagements, including the exchange of personal email addresses for such purposes that are unrelated to the business engagement of Supplier.


5.	Intentional acts of call avoidance, including but not limited to:


a.	Intentional disconnect of a Customer during a call.


b.	Intentional transfer of a call back into the queue that the CSR is trained to handle.


c.	Intentional dissemination of inaccurate information or troubleshooting steps in order to release a call without assisting the Customer.


d.	Intentionally ignoring a Customer that has been presented to the CSR from a call queue.


6.	Intentionally abandoning a Customer on hold without providing a status update to the Customer.


7.	Refusing to escalate to a supervisor at the Customer’s request.


8.	Refusing to assist Customers with requests that the CSR is trained to handle.


9.	Any unauthorized access, release or use of confidential information, such as Customer account information. This shall include, but not be limited to, accessing a Customer’s email account without permission and/or creating a password for a Customer without authorization.


10.	Retaining, collecting, accessing, and/or using Customer information for reasons outside the scope of support of an Order.


11.	Any attempt to falsify AT&T’s records or any record related to a Customer.


12.	Any statements that misrepresent, or provide misleading information about, AT&T or its products, pricing or promotions.


13.	Any intentional acts that create a risk of compromising the privacy of customer information, including failure to strictly comply with the “Clean Desk Policy,” which requires that AT&T Information be secured any time a CSR goes on a break or is away from the CSR’s work area.

Supplier shall submit a monthly report to AT&T’s Vendor Manager identifying any instances where, to Supplier’s knowledge, any of the prohibited conduct listed in subsection (a) occurred at a Supplier facility during the preceding month. Supplier shall deliver the report to AT&T’s Vendor Manager on the 10^th day of each month or on the next business day if the 10^th day is a weekend or holiday. This report shall include: (i) the name of the facility where the incident occurred; (ii) the date of the incident; (iii) a brief description of the incident; and (iv) a brief description of the action taken by Supplier to address the incident. Supplier shall not identify individual CSRs by name or identification number in such reports.


c.	Supplier and AT&T agree that violations of this Customer Protection Policy will injure AT&T’s relationships with its Customers and that the amount of such injury may be

Proprietary and Confidential

Agreement No.: 20120124.035.C

difficult to quantify. As a remedy for any such injury, Supplier and AT&T agree that in the event that a reasonable determination has been made that a Supplier CSR or other employee has violated any provision of this Customer Protection Policy, Supplier shall pay to AT&T liquidated damages in the amount of [*] dollars ($[*]), per occasion, from AT&T to Supplier for each such violation so reasonably determined. AT&T will be entitled to collect such a liquidated damages payment via a reduction in its payments to Supplier under this Agreement (but only to the extent such a reasonable determination has been made). If there are more than [*] ([*]) violations of this Customer Protection Policy within a [*] period, the amount of liquidated damages Supplier will be required to pay to AT&T shall increase from [*] dollars ($[*]) to [*] ($[*]) for each such additional violation beginning with the [*] ([*]) such violation.


d.	In order to protect its customers from further mistreatment in circumstances involving any of the behaviors that fall within the scope of subsection (a), AT&T may request that Supplier immediately remove a CSR or any other employee of Supplier (e.g. trainers, supervisors) from all AT&T Programs.


e.	Supplier shall be wholly responsible for accepting or rejecting a request to remove pursuant to subsection (d) and for any other remedial measures related to the CSR or other employee of Supplier. Supplier shall be solely responsible for the expense associated with such removal or other remedial measures.

15. Use of AT&T Telecommunication Services

Supplier shall conduct all Services for AT&T utilizing AT&T’s voice and data lines, unless otherwise directed by AT&T. These services must be acquired through the appropriate AT&T Account Team and not through a reseller of AT&T’s services. Supplier shall provide sufficient documented support to satisfy these requirements, and will be subject to audits.

Proprietary and Confidential

Agreement No.: 20120124.035.C

Appendix E – Supplier Facilities

The Supplier Facilities listed below have been reviewed and approved for possible use in accordance with the AT&T Offshore Governance Policy. Supplier Facilities in countries that are not listed below must be reviewed under the AT&T Offshore Governance Policy and relevant operational policies.



Country(ies) where services are authorized by AT&T to be performed	Services to be performed at approved Physical Location	Name of Supplier / Subcontractor performing the services
Philippines	Call Center Services	StarTek, Inc.

Proprietary and Confidential

Agreement No.: 20120124.035.C

Appendix F- Business Continuity Plan Requirements


1.	Supplier shall include in it’s BCP the following components:

Communication Procedures: In addition to your normal communication channels, communication and escalation procedures that address how information is coordinated and communicated to AT&T representatives via the AT&T IT Sourcing Mailbox at: x00000@xxx.xxx in the event of a Occurrence. Unless directed otherwise by AT&T, Supplier shall provide such status reports relating to Information Technology (“IT”) matters to the AT&T IT Sourcing Mailbox at: x00000@xxx.xxx until all unresolved restoration efforts have been completed to AT&T’s satisfaction. Unless directed otherwise by AT&T, Supplier shall provide non-IT related status reports to the AT&T’s designated business or BCP contact until all unresolved restoration efforts have been completed to AT&T’s satisfaction. In the event of a disruption of connectivity that delays or prevents email communication with the AT&T IT Sourcing Mailbox, in addition to making all reasonable and necessary attempts to contact AT&T via the mailbox, Supplier shall contact appropriate AT&T’s representative(s) through alternate means as set forth in Supplier’s BCP (it is Supplier’s responsibility to ensure alternate AT&T points of contact are contained in its BCP).


b.	Business Functions: Phone numbers, email addresses, and alternate point of contact for each type of Materials and Services furnished hereunder.


c.	Response Procedures: Response procedures are immediate actions taken at the onset of an Occurrence which shall involve such activities as assessment of an Occurrence and associated recovery procedures and intervals, activation of BCPs and any crisis teams, ongoing communications to AT&T, impact to Materials and/or Services and the prioritization of work.

Recovery Strategies: Recovery strategies may include but are not limited to Supplier’s utilization of technology, alternate work locations and implementation of manual workarounds to enable Supplier’s provision of the Materials and/or Services to continue until normal operations can be resumed. Supplier’s recovery strategies should enable Supplier to meet the timeframes set forth in any applicable UERP. In the event this Agreement does not set forth an applicable UERP for a given business process and/or Service, then for each such business process and/or Service, Supplier shall respond promptly after an Occurrence.


2.	Supplier shall conduct exercises to test its BCP:

Within [*] ([*]) days of the Effective Date of this Agreement and annually thereafter. Supplier shall conduct appropriate exercises, as specified in Subsection 2b of this clause, to validate its BCP. Supplier shall promptly make all reasonable and necessary updates, corrections, and modifications and take any corrective actions required when Services, systems or processes are added or changed in its BCP.


b.	No less than annually Supplier shall conduct BCP exercises at either a Table-Top Exercise or Functional Exercise levels.

Proprietary and Confidential

Agreement No.: 20120124.035.C

“Table-Top Exercise” – means Supplier’s participants are presented with an Occurrence scenario and specific simulated emergency situations with, or without time constraints. The exercise is designed to elicit constructive discussion by participants as they attempt to examine and resolve problems based on the existing BCP.

“Functional Exercise” – means a simulation conducted by a team in which participants determine what actions should be taken in response to an Occurrence scenario and convey decisions and directions back to the simulators. The exercise must not interrupt service or compromise service levels.

Proprietary and Confidential

Agreement No.: 20120124.035.C

Appendix G - Prime Supplier MBE/WBE/DVBE Participation Plan

Prime Supplier MBE/WBE/DVBE Participation Plan

PRIME SUPPLIER MBE/WBE/DVBE PARTICIPATION PLAN

YEAR REPORTING:

PRIME SUPPLIER NAME: _________________________

ADDRESS: _________________________

COMPANY E-MAIL: _________________________

TELEPHONE NUMBER: _________________________

DESCRIBE GOODS OR SERVICES BEING PROVIDED UNDER THIS AGREEMENT:

(what product or service is the Prime Supplier providing to AT&T)

DESCRIBE YOUR M/WBE-DVBE OR SUPPLIER DIVERSITY PROGRAM AND THE PERSONNEL DEDICATED TO THAT PROGRAM

(Prime Supplier should note their outreach activities to diverse suppliers, membership in National Diversity Organizations, commitment from company leadership on engaging diversity suppliers, etc.)

THE FOLLOWING, TOGETHER WITH ANY ATTACHMENTS IS SUBMITTED AS AN MBE/WBE/DVBE PARTICIPATION PLAN.


1.	GOALS

A. WHAT ARE YOUR MBE/WBE/DVBE PARTICIPATION GOALS?

MINORITY BUSINESS ENTERPRISES (MBEs) _______

WOMAN BUSINESS ENTERPRISES (WBEs) _______

DISABLED VETERAN BUSINESS ENTERPRISES (DVBEs) _______

B. WHAT IS THE ESTIMATED ANNUAL VALUE OF THIS CONTRACT: $_______________

C. WHAT ARE THE DOLLAR AMOUNTS OF YOUR PROJECTED MBE/WBE/DVBE PURCHASES:

Multiply % in A. above against contract value listed in B. above

Proprietary and Confidential

Agreement No.: 20120124.035.C

MINORITY BUSINESS ENTERPRISES (MBEs) $______

WOMAN BUSINESS ENTERPRISES (WBEs) $______

DISABLED VETERAN BUSINESS ENTERPRISES (DVBEs) $______


2.	LIST THE PRINCIPAL GOODS AND SERVICES TO BE SUBCONTRACTED TO MBE/WBE/DVBEs OR DELIVERED THROUGH MBE/WBE/DVBE VALUE ADDED RESELLERS

(what part of the Prime Suppliers supply chain provides opportunities for diversity subcontracting)

DETAILED PLAN FOR USE OF M/WBEs-DVBEs AS SUBCONTRACTORS, DISTRIBUTORS, VALUE ADDED RESELLERS

For every product and service you intend to use, provide the following information. (attach additional sheets if necessary)



Company Name	Classification (MBE/WBE/DVBE)	Products/Services to be provided	$ Value	Date to Begin


3.	SELLER AGREES THAT IT WILL MAINTAIN ALL NECESSARY DOCUMENTS AND RECORDS TO SUPPORT ITS EFFORTS TO ACHIEVE ITS MBE/WBE/DVBE PARTICIPATION GOAL(S). SELLER ALSO ACKNOWLEDGES THE FACT THAT IT IS RESPONSIBLE FOR IDENTIFYING, SOLICITING AND QUALIFYING MBE/WBE/DVBE SUBCONTRACTORS, DISTRIBUTORS AND VALUE ADDED RESELLERS.


4.	THE FOLLOWING INDIVIDUAL, ACTING IN THE CAPACITY OF MBE/WBE/DVBE COORDINATOR FOR SELLER, WILL:

ADMINISTER THE MBE/WBE/DVBE PARTICIPATION PLAN, SUBMIT SUMMARY REPORTS, AND COOPERATE IN ANY STUDIES OR SURVEYS AS MAY BE REQUIRED IN ORDER TO DETERMINE THE EXTENT OF COMPLIANCE BY THE SELLER WITH THE PARTICIPATION PLAN.

NAME: ________________________________

TITLE: ________________________________

TELEPHONE NUMBER: ________________________________

AUTHORIZED SIGNATURE: ________________________________

Proprietary and Confidential

Agreement No.: 20120124.035.C

Appendix L - Written Certification of Return or Destruction of AT&T Information or Data

Written Certification of Return or Destruction of AT&T Information or Data

I hereby certify that I have returned to [SUPPLIER NAME] or have destroyed all physical and electronic copies of all Information. “Information” means any technical, customer or business information in written, graphical, oral or other tangible or intangible forms, including but not limited to, specifications, records, data, computer programs, tax returns, tax workpapers, drawings, models and secrets which [SUPPLIER] may have in its possession in connection with services performed for AT&T or be legally obligated to keep confidential. I acknowledge and agree that all such Information remains the exclusive property of AT&T.

__________________________________________

[NAME AND ATTUID OF WORKER]

__________________________________________

Signature

__________________________________________

Date

Proprietary and Confidential

Agreement No.: 20120124.035.C

APPENDIX J

PROGRAM CHANGE NOTICE

PRIORITY: High Medium Low

PROGRAM: DATE:

SUPPLIER: AT&T PRIMARY CONTACT:

DESCRIPTION OF CHANGE:

ADDITIONAL COST (IF ANY):

IMPLEMENTATION PLAN ATTACHED? YES [ ] NO [ ]

ALL SUPPORTING MATERIALS ATTACHED? YES [ ] NO [ ]

APPROVAL SIGNATURES:



Supplier:	AT&T
By:	By:
Printed Name:	Printed Name:
Title:	Title:
Date:	Date:

PLEASE NOTE: No additional changes for a Program will be authorized until Supplier receives a signed PCN from AT&T.

Proprietary and Confidential

Agreement No.: 20120124.035.C

Appendix N- AT&T Information Security Requirements - Home Based Agents

The following AT&T Information Security Requirements for Use of Home-Based Agents (“Security Requirements”) apply to Supplier, its subcontractors, and each of their employees and/or temporary Workers, contractors, vendors and/or agents who perform Services for, on behalf of, and/or through AT&T (for the purpose of this Appendix, each or all “Supplier”) that include any of the following:

1. Supplier’s performance of Services that involve the collection, storage, handling, or disposal of AT&T confidential Information;

2. Supplier-offered or -supported AT&T branded services using non-AT&T network and computing resources;

3. Connectivity to AT&T non-public networks and computing resources;

4. Custom software development or software implementation; or

5. Website hosting and development for AT&T and/or AT&T’s Customers.

The Supplier’s Home-Based Agents shall be located within and perform all Services from within the United States. Any use of Supplier’s Home-Based Agents located outside the United States requires the express prior written consent of AT&T.

These Security Requirements specifically apply to the servers, applications, and network elements used by the Supplier in conjunction with supporting AT&T and/or used in fulfillment of Supplier’s obligations under this Agreement and any AT&T confidential Information collected, stored, handled, transmitted, processed, or disposed of by the Supplier as a result of performing Services under this Agreement.

Supplier shall be fully compliant with these Security Requirements prior to the performance of any such Services.

Supplier represents and warrants that during the term of this Agreement and thereafter (as applicable with respect to Supplier’s obligations under the Survival of Obligations clause) Supplier is, and shall continue to be, in compliance with its obligations as set forth herein.

In addition to all other remedies specified in the Agreement, Supplier agrees that AT&T shall be entitled to seek an injunction, specific performance or other equitable relief and be reimbursed the costs (including reasonable attorney’s fees) by Supplier to enforce the obligations in these Security Requirements, including those that survive termination or expiration of this Agreement.

The provisions of this Appendix shall not be deemed to, and shall not, limit any more stringent security or other obligations of the Agreement.

It is agreed by the Parties that the Supplier shall comply with the following AT&T Information Security Requirements for Use of Home-Based Agents:

Information Security Organization and Policy


•	Supplier shall staff and maintain an Information Security Organization


•	Supplier shall maintain and periodically review a policy on the “Security of Information and Acceptable Use of Systems”

Proprietary and Confidential

Agreement No.: 20120124.035.C


•	Supplier’s policy shall address the following: User IDs and Authentication, Access Rights, Privacy, Confidentiality, Required Security Behaviors for Acceptable Use, Communication of Trade Secrets, Disclaimer of Liability for Use of the Internet, Physical Security and Security of Company Systems, Reporting of Security Incidents to the Supplier’s Computer Incident Response Team.


•	Supplier shall staff and maintain a Computer Incident Response Team (CIRT), a 24-hour emergency response organization that operates a global hotline to report infractions and investigate potential security breaches


•	Supplier’s policy shall be made available to Customers that have executed a Non-Disclosure Agreement

Computer Workstation End-User Controls


•	Supplier shall ensure its Home-Based Agents use an approved computer Workstation that they provide to connect to the Supplier’s corporate environment through their centralized servers (e.g. CITRIX ) or a similar centralized controlled environment which is accessed via the Supplier’s Corporate VPN


•	Supplier’s corporate VPN shall perform an “end-point analysis” prior to allowing a connection to the Supplier’s corporate network.


•	Supplier shall ensure that no reverse engineering application binaries and / or no cache files to mine for data offline are in use on the computer Workstations used to perform Services for AT&T.


•	Supplier shall ensure that Supplier’s centralized servers feature prevent data transfers between the end user’s Workstation and the Supplier’s centralized servers.

Configuration for Client VPN Usage


•	Supplier’s corporate VPN shall not permit “split-tunneling”


•	Supplier shall ensure that attempts to tamper with local routing tables results in the immediate termination of the VPN connection


•	Supplier shall ensure that Supplier’s corporate VPN uses encryption (128-bit minimum)


•	Supplier shall ensure that personnel performing Services for AT&T only access AT&T’s non-public networks as follows:


◦	All access shall use the existing site-to-site VPN tunnel between the Supplier and AT&T, and


◦	All access shall use the applications running on the Supplier’s centralized servers


•	Supplier shall ensure that its personnel performing Services for AT&T have no direct access to any other applications on AT&T’s non-public network

Authentication


•	Supplier shall ensure that each of the Supplier’s Home-Based Agents use two-factor authentication when accessing Supplier’s corporate VPN.


•	Supplier shall ensure that each of the Supplier’s Home-Based Agents have a unique and valid Supplier Enterprise ID and use it for access to Supplier’s corporate VPN.


•	Supplier shall ensure that when Supplier’s Home-Based Agents have to authenticate with AT&T applications the following occurs:


◦	Supplier’s centralized server password manager randomly generates the characters of the password for the Agent.

Proprietary and Confidential

Agreement No.: 20120124.035.C


◦	Supplier’s centralized server password manager has a feature which allows the Supplier to automatically disable all or selected user accounts in the event of an employment termination/departure from a centralized location.

Access Controls


•	Supplier shall ensure that Supplier’s corporate VPN connects the user to an isolated network in a designated Supplier data center that is specifically designed for client access


•	Supplier shall ensure that Supplier’s centralized servers has integrated access controls with each published application that grants users access to only the applications the Supplier’s Home Based Agents need – not to a published desktop


•	Supplier shall ensure that Supplier’s Home Based Agents have no direct access to AT&T’s non-public networks


•	Supplier shall ensure that access by Supplier’s Home Based Agents to AT&T’s non-public networks only occurs via the Supplier’s centralized servers


•	Supplier shall ensure that administration and configuration of the access controls are performed only by Supplier’s authorized administrators

Additional Requirements


▪	Setup


§	Supplier shall ensure that only Supplier’s authorized administrators grant access rights, security settings and restrictions to end users


▪	Access Management


§	Supplier shall ensure that the following features are employed:


◦	Restricting time of access based on day of week and hour of day


◦	Restricting access to features at the group or user level, including features such as drag-and-drop file transfers, remote Printing, or any feature which could be used to capture and remove AT&T Information.


◦	Complete logging of all key strokes and mouse clicks during the session so as to maintain a record of what actions have been taken on the Workstation by the Home Based Agent


▪	Enforceable Configuration Settings


§	Supplier shall ensure that the following features are employed:


◦	Password controls including expiring passwords, limiting failed log-in attempts and disallowing previous password use


◦	Viewer timeouts, screen blanking and keyboard lockout when in session


▪	Network Controls


§	Supplier shall ensure that the following features are employed:


◦	Users who log into the Supplier’s corporate web-site authenticate with a user id and password using Secure Sockets Layer (“SSL”).


◦	Users authenticate a second time with a unique access code that seeds the 128-bit Advanced Encryption Standard (“AES”) end-to-end encryption

Proprietary and Confidential

Agreement No.: 20120124.035.C

The provisions of this Appendix shall not be deemed to, and shall not, limit any more stringent security or other obligations of the Agreement.

Proprietary and Confidential

Agreement No.: 20120124.035.C

Appendix O - (AT&T Supplier Information Security Requirements (SISR) – v5.0, September, 2011)

The following AT&T Supplier Information Security Requirements (“Security Requirements”) apply to Supplier, its affiliates, its subcontractors, and each of their employees and/or temporary workers, contractors, vendors and/or agents who perform Services for, on behalf of, and/or through AT&T (for the purpose of this Appendix, each or all “Supplier”) that include any of the following:


1.	Supplier’s performance of Services that involve the collection, storage, handling, or disposal of AT&T’s Information;


2.	Supplier-offered or -supported AT&T branded services using non-AT&T Information Resources (as defined below);


3.	Connectivity to AT&T’s Nonpublic Information Resources (as defined below);

Incidental and/or AT&T-paid-for development of any software to the extent produced or developed by or on behalf of Supplier, or forming part of any software, pursuant to the Agreement to which these Security Requirements are attached (including under any statement of work, exhibit, order or other document under, subordinate to, or referencing this Agreement) (collectively the “Agreement”) for the development of which AT&T has been charged monies; or


5.	Website hosting and development for AT&T and/or AT&T’s customers.

Supplier represents and warrants that during the term of the Agreement and thereafter (as applicable with respect to Supplier’s obligations under the Survival of Obligations clause) Supplier is, and shall continue to be, in compliance with its obligations as set forth herein. In addition to all other remedies specified in the Agreement, Supplier agrees that AT&T shall be entitled to seek an injunction, specific performance or other equitable relief and be reimbursed the costs (including reasonable attorney’s fees) by Supplier to enforce the obligations in these Security Requirements, including those that survive termination or expiration of the Agreement. The provisions of this Appendix shall not be deemed to, and shall not, limit any more stringent security or other obligations of the Agreement. For the avoidance of doubt, these requirements apply to Supplier’s performance of Services from all locations, including primary, non-primary, remote, virtual, and/or telecommuting or telework locations, if any, used in connection with the Agreement. Section and paragraph headings contained in parentheses that follow the requirements below are for reference purposes only and are not to affect the meaning or interpretation of these Security Requirements.

AT&T reserves the right to update or modify its Security Requirements from time to time. Upon notification by AT&T of its need to modify the Security Requirements, Supplier agrees to promptly negotiate in good faith and expedite execution of an amendment to the Agreement to incorporate any such modification. Supplier acknowledges that AT&T may require modifications to Security Requirements:


1.	Upon extension or renewal of the Agreement;


2.	Upon any change in work scope or other substantive modification of the Agreement; or


3.	At such time that AT&T deems necessary.

Definitions:

Unless otherwise set forth or expanded herein, defined terms shall have the same meaning as set forth in the main body of the Agreement.

Proprietary and Confidential

Agreement No.: 20120124.035.C

“Customer Facing System” means an Information Resource accessible from public networks, which is intended for use by AT&T and/or its customers, which resides in a Demilitarized Zone (DMZ), as defined below, and where that DMZ:


a.	Is protected by firewalls located between the Internet and the DMZ, between that DMZ and all other DMZs, and between the DMZ and the AT&T intranet,


b.	Prohibits incoming TELNET connections from public networks, and


c.	Prohibits incoming File Transfer Protocol (FTP) connections from public networks except to specific systems known as “FTP drop boxes”.

Note: A Customer Facing System which also is used by AT&T employees, contractors, vendors or suppliers to perform work on behalf of AT&T is not considered a Customer Facing System when performing such work.

“Demilitarized Zone” or “DMZ” is a network or sub-network that sits between a trusted internal network, such as a corporate private Local Area Network (LAN), and an untrusted external network, such as the public Internet. A DMZ helps prevent outside users from gaining direct access to internal Information Resources. The DMZ must be separated from the untrusted external network by use of a Security Gateway and must be separated from the trusted internal network by use of another Security Gateway. Inbound packets from the untrusted external network must terminate within the DMZ and must not be allowed to flow directly through to the trusted internal network. All inbound packets which flow to the trusted internal network must only originate within the DMZ.

The following must only be located within the trusted internal network:


a.	Any of AT&T’s Sensitive Personal Information (SPI) stored without the use of Strong Encryption,


b.	The official record copy of information to be accessed from requests originating from the untrusted external network,


c.	The official record copy of information to be modified as the result of requests originating from the untrusted external network,


d.	Database servers,


e.	All exported logs, and


f.	Development environments and source code.

The following must not be located within the DMZ:


a.	Authentication credentials not protected by the use of Strong Encryption.

“Incident Management Process” is a Supplier-developed documented procedure to be followed in the event of an actual or suspected attack upon, intrusion upon, unauthorized access to, loss of, or other breach involving AT&T’s Information Resources.

“Information Resources” means any systems, applications, networks, network elements, and other computing and information storage devices, including smart phones, tablets, and USB memory sticks, and AT&T’s Information stored, transmitted, or processed with these resources in conjunction with supporting AT&T and/or used by Supplier in fulfillment of its obligations under the Agreement.

“Mobile and Portable Devices” means any mobile and/or portable computers, devices, media and systems capable of being easily carried, moved, transported or conveyed that are used in connection with the

Proprietary and Confidential

Agreement No.: 20120124.035.C

Agreement. Examples of such devices include laptop computers, tablets, USB hard drives, USB memory sticks, Personal Digital Assistants (PDAs), and wireless phones, such as smartphones.

“Nonpublic Information Resources” means those Information Resources used under the Agreement to which access is restricted and cannot be gained without proper authorization and identification.

“Sensitive Personal Information” or “SPI” means any information that: (a) requires a high degree of protection by law and where loss or unauthorized disclosure would require notification by AT&T to government agencies, individuals or law enforcement, and (b) any information that, if made public, could expose individuals to a risk of physical harm, fraud, or identity theft. Examples of SPI include, but are not limited to, social security numbers, national government issued identification numbers, such as passport and visa numbers, state- or province-issued identification numbers, drivers license numbers, dates of birth, bank account numbers, credit card numbers, and customer authentication credentials. Note: Authentication credentials, encryption keys, and encryption passwords used to protect Sensitive Personal Information are themselves classified as Sensitive Personal Information.

“Security Gateway” means a set of control mechanisms between two or more networks having different trust levels which filter and log traffic passing, or attempting to pass, between networks, and the associated administrative and management servers. Examples of Security Gateways include firewalls, firewall management servers, hop boxes, session border controllers, proxy servers, and intrusion prevention devices.

“Strong Authentication” means the use of authentication mechanisms and authentication methodologies stronger than the passwords required by Security Requirement 34 herein. Examples of Strong Authentication mechanisms and methodologies include digital certificates, two-factor authentication, and one-time passwords.

“Strong Encryption” means the use of encryption technologies with minimum key lengths of 128-bits for symmetric encryption and 1024-bits for asymmetric encryption whose strength provides reasonable assurance that it will protect the encrypted information from unauthorized access and is adequate to protect the confidentiality and privacy of the encrypted information, and which incorporates a documented policy for the management of the encryption keys and associated processes adequate to protect the confidentiality and privacy of the keys and passwords used as inputs to the encryption algorithm.

In accordance with the foregoing, Supplier shall:

System Security


1.	Actively monitor industry resources (x.x.xxx.xxxx.xxx, xxx.xxxx.xxx and pertinent software vendor mailing lists and websites) for timely notification of all applicable security alerts pertaining to Supplier’s Information Resources. (Security Alerts)


2.	At least monthly, scan externally-facing Information Resources, including, but not limited to, networks, servers, and applications, with applicable industry-standard security vulnerability scanning software to uncover security vulnerabilities. (Externally-facing System Scanning)

At least monthly, scan internal Information Resources, including, but not limited to, networks, servers, applications and databases, with applicable industry-standard security vulnerability scanning software to uncover security vulnerabilities, ensure that Information Resources are properly hardened as documented in Security Requirement 9 below, and identify any unauthorized wireless networks. (Internal System Scanning)

Proprietary and Confidential

Agreement No.: 20120124.035.C


4.	Upon AT&T’s request, furnish to AT&T its most current scanning results for the Information Resources. (Sharing Scanning Results with AT&T)

In environments where such technology is commercially available and to the extent practicable, deploy one or more Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), or Intrusion Detection and Prevention Systems (IDP) in an active mode of operation that monitors all traffic entering and leaving Information Resources in conjunction with the Agreement. (Intrusion Detection/Prevention Systems)

Have and use a documented process to remediate security vulnerabilities in the Information Resources, including, but not limited to, those discovered through industry publications, vulnerability scanning, virus scanning, and the review of security logs, and apply appropriate security patches promptly with respect to the probability that such vulnerability can be or is in the process of being exploited. (Remediating/Patching Service Vulnerabilities)


7.	Assign security administration responsibilities for configuring host operating systems to specific individuals. (Security Administration Responsibilities)


8.	Ensure that its information security staff has reasonable and necessary experience in information and network security. (Necessary Staff Experience)


9.	Ensure that all of Supplier’s Information Resources are and remain ‘hardened’ including, but not limited to, removing or disabling unused network and other services (e.g., finger, rlogin, ftp, and simple Transmission Control Protocol/Internet Protocol (TCP/IP) services) and installing a system firewall, Transmission Control Protocol (TCP) wrappers or similar technology. (Hardened Systems)


10.	Change all default account names and/or default passwords. (Changing Default Account Names and Passwords)


11.	Limit system administrator (also known as root, privileged, or super user) access to operating systems intended for use by multiple users only to individuals requiring such high-level access in the performance of their jobs. (Limit Super User Privileges)


12.	Require application, database, network and system administrators to restrict access by users to only the commands, data and Information Resources necessary for them to perform authorized functions. (Administrators to Restrict User Access)

Physical Security


13.	Ensure that all of Supplier’s Information Resources intended for use by multiple users are located in secure physical facilities with access limited and restricted to authorized individuals only. (Information Resources in Secure Facilities)


14.	Monitor and record, for audit purposes, access to the physical facilities containing Information Resources intended for use by multiple users used in connection with Supplier’s performance of its obligations under the Agreement. (Monitoring and Recording Access)

Network Security


15.	When providing Internet-based services to AT&T, protect AT&T’s Information by the implementation of a network DMZ. Web servers providing service to AT&T shall reside in the DMZ. Information Resources storing AT&T’s Information (such as application and database servers) shall reside in a trusted internal network. (Internet Services Must Use DMZ)

Proprietary and Confidential

Agreement No.: 20120124.035.C


16.	Upon AT&T’s request, provide to AT&T a logical network diagram documenting the Information Resources (including, but not limited to, Security Gateways, servers, etc.) that will support AT&T. (Provision of Logical Network Diagram)


17.	Have a documented process and controls in place to detect and handle unauthorized attempts to access AT&T’s Information. (Detection and Handling of Unauthorized Access)


18.	a. Use Strong Encryption for the transfer of AT&T’s Information outside of AT&T- or Supplier-controlled facilities or when transmitting AT&T’s Information over any untrusted network.

By no later than July 1, 2014, always use Strong Encryption to protect AT&T’s customer proprietary network information (“CPNI”), as that term is defined in the Telecommunications Act of 1996, 47 U.S.C. §222 (h)(1), and AT&T’s SPI when transmitted. Exception: Where elsewhere authorized in writing by AT&T, AT&T’s CPNI transmitted for distribution to AT&T’s customers may be exempted from this requirement.

(Note: This also applies to AT&T’s Information contained in email, or the attachments embedded within the email, as the case may be. For greater clarity, if, for example, the text in an email does not contain AT&T’s Information, but the embedded attachments within that email do contain AT&T’s Information, then the embedded attachments, but not the email, need to be encrypted.) (Encryption of Information in Transit)


19.	Require Strong Authentication for any remote access use of Nonpublic Information Resources. (Remote Access Authentication)

Information Security


20.	Isolate AT&T’s applications and AT&T’s Information from any other customer’s or Supplier’s own applications and information either by using physically separate servers or alternatively by using logical access controls where physical separation of servers is not implemented. (Separate AT&T’s Information from non-AT&T information)


21.	Have documented procedures for the secure backup and recovery of AT&T’s Information which shall include, at a minimum, procedures for the transport, storage, and disposal of the backup copies of AT&T’s Information and, upon AT&T’s request, provide such documented procedures to AT&T. (Secure Backup, Transport, Storage and Disposal of AT&T’s Information)

22.

Maintain and, upon AT&T’s request, furnish to AT&T a documented business continuity plan that ensures that Supplier can meet its contractual obligations under the Agreement, including the requirements of any applicable Statement of Work or Service Level Agreement. Such plan shall include the requirement that the included procedures be regularly tested at least annually. Supplier shall promptly review its business continuity plan to address additional threat scenarios. (Business Continuity Plan)


23.	a. Where physical and logical security of AT&T’s SPI cannot be assured, store AT&T’s SPI using Strong Encryption.


b.	By no later than July 1, 2012, always use Strong Encryption to protect AT&T’s CPNI and AT&T’s SPI when stored. (Encryption at Rest/Storage)


24.	Limit access to AT&T’s Information, including, but not limited to, paper hard copies, only to authorized persons or systems. (Limit Access to AT&T’s Information Regardless of Form)


25.	Be compliant with any applicable government- and industry-mandated information security standards. (Examples of such standards include, but are not limited to, the Payment Card Industry-Data Security Standards (PCI-DSS), National Automated Clearing House Associates (NACHA) Rules, and Electronic

Proprietary and Confidential

Agreement No.: 20120124.035.C

Data Interchange (EDI) standards, and the information security requirements documented within laws, such as HIPAA.) (Compliance with Industry and Government Requirements)


26.	At no additional charge to AT&T:


a.	Upon AT&T’s request, provide copies of any of AT&T’s Information to AT&T within [] ([]) days of such request.


b.	Return, or, at AT&T’s option, destroy all of AT&T’s Information, including electronic and hard copies, within [] ([]) days after the sooner of:


i.	expiration or termination of the Agreement;


ii.	AT&T’s request for the return of AT&T’s Information; or


iii.	the date when Supplier no longer needs AT&T’s Information to perform Services under the Agreement.


c.	In the event that AT&T approves destruction as an alternative to returning AT&T’s Information, then certify in writing the destruction (e.g., degaussing, overwriting, performing a secure erase, performing a chip erase, shredding, cutting, punching holes, breaking, etc.) as rendering AT&T’s Information non-retrievable.

In the event that Supplier needs to retain copies of AT&T’s Information more than [*] ([*]) days past either the expiration or termination of the Agreement, or AT&T’s request for the return or destruction of AT&T’s Information, be allowed to retain such copies when elsewhere agreed to in writing with AT&T. Exception: Copies of AT&T’s Information retained as part of a backup-and-recovery, business continuity or disaster recovery process may be retained for more than [*] ([*]) days past the expiration or termination of the Agreement without obtaining agreement in writing from AT&T allowing such retention provided that all such copies are destroyed within no more than [*] ([*]) years of the date of creation. (Return of AT&T’s Information)

27.

Unless otherwise instructed by AT&T in writing, when collecting, generating or creating Information for, through or on behalf of AT&T or under the AT&T brand, ensure that such Information shall be AT&T’s Information and, whenever practicable, label such Information of AT&T as “AT&T Proprietary Information” or at a minimum, label AT&T’s Information as “Confidential” or “Proprietary”. Supplier acknowledges that AT&T’s Information shall remain AT&T-owned Information irrespective of labeling or the absence thereof. (Confidential or Proprietary Markings)

Identification and Authentication


28.	Assign unique UserIDs to individual users. (Unique UserIDs)

29.

Have and use a documented UserID lifecycle management process including, but not limited to, procedures for approved account creation, timely account removal, and account modification (e.g., changes to privileges, span of access, functions/roles) for all Information Resources and across all environments (e.g., production, test, development, etc.). Such process shall include review of access privileges and account validity to be performed at least annually. (UserID Life Cycle Management)


30.	Enforce the rule of least privilege (i.e., limiting access to only the commands and Information Resources necessary to perform authorized functions according to one’s job function). (Rule of Least Privilege)


31.	Limit failed login attempts to no more than [] ([]) successive attempts and lock the user account upon reaching that limit. Access to the user account can be reactivated subsequently through a manual process requiring verification of the user’s identity or, where such capability exists, can be automatically

Proprietary and Confidential

Agreement No.: 20120124.035.C

reactivated after at least [*][*] from the last failed login attempt. Exception: Where elsewhere authorized in writing by AT&T, AT&T customer usage of Customer Facing Systems may be exempted from this requirement. (Limit Failed Logins)


32.	Terminate interactive sessions, or activate a secure, locking screensaver requiring authentication, after a period of inactivity not to exceed [] []. Exception: Where elsewhere authorized in writing by AT&T, AT&T customer usage of Customer Facing Systems may be exempted from this requirement. (Terminate Inactive Interactive Sessions)


33.	Require password expiration at regular intervals not to exceed [] ([]) days. Exception: Where elsewhere authorized in writing by AT&T, AT&T customer usage of Customer Facing Systems may be exempted from this requirement. (Expire Passwords)


34.	Use an authentication method based on the sensitivity of AT&T’s Information. When passwords are used, they must meet these minimum requirements:


•	Passwords must be a minimum of [] ([]) characters in length.


•	Passwords must contain characters from at least [] ([]) of these groupings: alphabetic, numeric, and special characters.


•	Passwords must not be the same as the UserID with which they are associated.


•	Password construction must be complex and not contain names, dictionary words, combinations of words, or words with substitutions of numbers for letters, e.g., s3cur1ty.


•	Passwords must not contain repeating or sequential characters or numbers.


Notes:	1. When systems or applications do not enforce these password requirements, users and administrators must be instructed to comply with these password requirements when selecting passwords.

2. Applications housing more sensitive copies of AT&T’s Information, as identified in writing by AT&T, may require an authentication mechanism stronger than passwords and the authentication mechanism must be approved by AT&T in advance in writing. Examples of stronger authentication methods include Strong Authentication, passphrases, and biometrics.

Exception: Where elsewhere authorized in writing by AT&T, AT&T customer usage of Customer Facing Systems may be exempted from this requirement. (Passwords and Construction Rules)


35.	Use a secure method for the conveyance of authentication credentials (e.g., passwords) and authentication mechanisms (e.g., tokens or smart cards). (Use Secure Method to Convey UserIDs and Passwords)

Warning Banner


36.	For AT&T branded products or services or for software developed for AT&T, display a warning banner on login screens or pages as specified in writing by AT&T. (Display Warning Banners)

Software and Data Integrity


37.	In environments where antivirus software is commercially available and to the extent practicable, have current antivirus software installed and running to scan for and promptly remove or quarantine viruses and other malware. (Note: For the avoidance of doubt, this requirement also applies to Mobile and Portable Devices where antivirus software is commercially available.) (Scan and Remove Viruses)


38.	Separate non-production Information Resources from production Information Resources. (Separate Production and Non-Production Information Resources)

Proprietary and Confidential

Agreement No.: 20120124.035.C


39.	Have a documented change control process including back-out procedures for all production environments. (Software Change Control Process)


40.	For applications which utilize a database that allows modifications to AT&T’s Information, have database transaction logging features enabled and retain database transaction logs for a minimum of [] ([]) months. (Utilize Database Transaction Logging)


41.	a. For all software developed under the Agreement, review such software to find and remediate security vulnerabilities during initial implementation and upon any modifications and updates.


b.	Where technically feasible, for all software used, furnished and/or supported under the Agreement, review such software to find and remediate security vulnerabilities during initial implementation and upon any modifications and updates. (Review Code for Vulnerabilities)


42.	Perform quality assurance testing for the security components (e.g., testing of identification, authentication and authorization functions), as well as any other activity designed to validate the security architecture, during initial implementation and upon any modifications and updates. (Quality Assurance Test Security Components)

Privacy Issues


43.	Restrict access to any of AT&T’s CPNI and AT&T’s SPI to authorized individuals. (Restrict Access to AT&T CPNI and SPI)

44.

Not store AT&T’s CPNI and AT&T’s SPI on removable media (e.g., USB flash drives, thumb drives, memory sticks, tapes, CDs, or external hard drives) except: (a) for backup, business continuity, disaster recovery, and data interchange purposes as allowed and required under contract, and (b) using Strong Encryption. Exception: Where elsewhere authorized in writing by AT&T, AT&T’s CPNI stored for distribution to AT&T’s customers may be exempted from this requirement. (Control AT&T CPNI and SPI on Removable Media)

Monitoring and Auditing Controls


45.	Restrict access to security logs to authorized individuals, and protect security logs from unauthorized modification. (Restrict Access to Security Logs)


46.	Review, on no less than a weekly basis, all security and security-related audit logs for anomalies and document and resolve all logged security problems in a timely manner. (Review Security Logs and Resolve Security Problems)

47.

Retain complete and accurate records relating to its performance of its obligations arising out of these Security Requirements and Supplier’s compliance herewith in a format that will permit assessment or audit for a period of no less than [*] ([*]) years, or longer as may be required pursuant to a court order or civil or regulatory proceeding. Notwithstanding the foregoing, Supplier shall only be required to maintain security logs for a minimum of [*] ([*]) months. (Retain Records)

48.

Permit AT&T to conduct an assessment or audit to verify Supplier’s compliance with its contractual obligations in connection with these AT&T Supplier Information Security Requirements. Upon AT&T’s request for audit, Supplier shall schedule a security audit to commence within [*] ([*]) days from such request. In the event that AT&T, in its sole discretion, deems that a security breach has occurred, which has not been promptly reported to AT&T in compliance with the Supplier’s Incident Management Process, Supplier shall schedule the audit to commence within [*][*] of AT&T’s notice requiring an audit. This provision shall not be deemed to, and shall not, limit any more stringent audit obligations permitting the examination of Supplier’s records contained in the Agreement. (Audit Rights)

Proprietary and Confidential

Agreement No.: 20120124.035.C

49.

Within [*] ([*]) days of receipt of the assessment or audit report, provide AT&T a written report outlining the corrective actions that Supplier has implemented or proposes to implement with the schedule and current status of each corrective action. Supplier shall update this report to AT&T every [*] ([*]) days reporting the status of all corrective actions through the date of implementation. Supplier shall implement all corrective actions within [*] ([*]) days of Supplier’s receipt of the assessment or audit report. (Remediate Audit Findings)

Reporting Violations


50.	Have and use an Incident Management Process and promptly notify AT&T whenever there is an attack upon, intrusion upon, unauthorized access to, loss of, or other breach of AT&T’s Information Resources at:


a.	Asset Protection by telephone at 000-000-0000 from within the US and at 0-000-000-0000 from elsewhere, and


b.	Supplier’s contact within AT&T for Service-related issues.

(Maintain and Use Incident Response Procedures)

51.

After notifying AT&T whenever there is an attack upon, intrusion upon, unauthorized access to, loss of, or other breach of AT&T’s Information Resources, provide AT&T with regular status updates, including, but not limited to, actions taken to resolve such incident, at mutually agreed intervals or times for the duration of the incident and, within [*] ([*]) days of the closure of the incident, provide AT&T with a written report describing the incident, actions taken by the Supplier during its response and Supplier’s plans for future actions to prevent a similar incident from occurring. (Provide AT&T Incident Response Status and Final Resolution)

Software Development


52.	Ensure, prior to development of custom software, that such software incorporates any applicable AT&T information security requirements that may be provided by AT&T. (Custom Software Must Incorporate AT&T Security Requirements)

Security Policies and Procedures


53.	Ensure that all personnel, subcontractors or representatives performing work under this Agreement are in compliance with these Security Requirements. (All Work to Be In Compliance with SISR)


54.	At a minimum annually, review these Security Requirements to ensure that Supplier is in compliance with the requirements. (Periodically Review and Ensure Compliance with SISR)

55.

Return all AT&T-owned or -provided access devices (including, but not limited to, SecurID^® tokens and/or software) as soon as practicable, but in no event more than [*] ([*]) days after the sooner of: (a) expiration or termination of the Agreement; (b) AT&T’s request for the return of such property; or (c) the date when Supplier no longer needs such devices. (Return all AT&T Owned or Provided Access Devices)

Mobile and Portable Devices


56	Use Strong Encryption to protect all of AT&T’s Information stored on Mobile and Portable Devices.


57	Use Strong Encryption to protect all of AT&T’s Information transmitted using or remotely accessed by network-aware Mobile and Portable Devices.


58	a. Only use network-aware Mobile and Portable Devices to access and/or store AT&T’s Information which are capable of deleting all stored copies of AT&T’s Information upon receipt over the network

Proprietary and Confidential

Agreement No.: 20120124.035.C

of a properly authenticated command requesting deletion of such stored copies of AT&T’s Information. (Note: Such capability is often referred to as a “remote wipe” capability.)


b.	Have documented policies, procedures and standards in place to ensure that whenever the authorized individual who should be in physical control of a network-aware Mobile and Portable Device storing AT&T’s Information is not sure of its physical location that the deletion of all of AT&T’s Information stored on such network-aware Mobile and Portable Devices is initiated promptly.


c.	For Mobile and Portable Devices, after [] ([]) consecutive failed login attempts automatically delete all stored copies of AT&T’s Information.


59.	Have documented policies, procedures and standards in place which ensure that any Mobile and Portable Devices used to access and/or store AT&T’s Information:


a.	Are in the physical possession of authorized individuals;


b.	When not in the physical possession of authorized individuals are physically secured to prevent unauthorized access and use; or


c.	When neither in the physical possession of authorized individuals nor physically secured to prevent unauthorized access and use, have their data storage promptly securely deleted.


60.	Prior to allowing access to AT&T’s Information stored on or through the use of Mobile and Portable Devices, Supplier shall have and use a process to ensure that:


a.	The user is authorized for such access; and


b.	The identity of the user has been authenticated.


61.	Implement a policy that prohibits the use of any Mobile and Portable Devices that are not administered and/or managed by Supplier or AT&T to access and/or store AT&T’s Information.


62.	Review, at least annually, the use of, and controls for, all Supplier-administered or -managed Mobile and Portable Devices to ensure that the Mobile and Portable Devices can meet the applicable Security Requirements.

Security Gateways


63.	Require Strong Authentication for administrative and/or management access to Security Gateways, including, but not limited to, any access for the purpose of reviewing log files.


64.	Have and use documented controls, policies, processes and procedures to ensure that unauthorized users do not have administrative and/or management access to Security Gateways, and that user authorization levels to administer and manage Security Gateways are appropriate.


65.	At least once every [] ([]) months, ensure that Security Gateway configurations are hardened by selecting a sample of Security Gateways and verifying that each default rule set and set of configuration parameters ensures the following:


a.	Internet Protocol (IP) source routing is disabled,


b.	The loopback address is prohibited from entering the internal network,


c.	Anti-spoofing filters are implemented,


d.	Broadcast packets are disallowed from entering the network,


e.	Internet Control Message Protocol (ICMP) redirects are disabled,

Proprietary and Confidential

Agreement No.: 20120124.035.C


f.	All rule sets end with a “DENY ALL” statement, and


g.	Each rule is traceable to a specific business request.


66.	Ensure that monitoring tools are used to validate that all aspects of Security Gateways (e.g., hardware, firmware, and software) are continuously operational.


67.	Ensure that all Security Gateways are configured and implemented such that all non-operational Security Gateways shall deny all access.

Wireless Networking

68.

When using radio frequency (RF) based wireless networking technologies to perform or support Services for AT&T, ensure that all of AT&T’s Information transmitted is protected by the use of appropriate encryption technologies sufficient to protect the confidentiality of AT&T’s Information; provided, however, that in any event such encryption shall use no less than key lengths of 256-bits for symmetric encryption and 256-bits for asymmetric encryption. Exception: The use of RF-based wireless headsets, keyboards, microphones, and pointing devices, such as mice, touch pads, and digital drawing tablets, is excluded from this requirement.

Connectivity Requirements

69.

In the event that a data connection agreement, such as a “Master Data Connection Agreement,” “Data Connection Agreement,” and/or “Connection Supplement” (“DCA”) exists between the Parties, and incorporates the Agreement by reference, or is otherwise integrated with, or used to govern the Parties’ connectivity obligations under, this Agreement, agree that any information security requirements incorporated within such DCA are hereby superseded by the terms of these Security Requirements, effective as of the date these Security Requirements become effective under the Agreement, and the terms of such DCA are amended to require that the Security Requirements and not the information security requirements incorporated within the DCA are controlling in the Agreement (as well as any agreements subordinate to the Agreement). Notwithstanding the foregoing, the DCA remains in full force and effect for all other agreements between the Parties to which it applies.


70.	In the event that Supplier has, or will be provided, connectivity to AT&T’s or AT&T’s customers’ Nonpublic Information Resources in conjunction with this Agreement, then in addition to the foregoing:


a.	Use only the mutually agreed upon facilities and connection methodologies to interconnect AT&T’s and AT&T’s customers’ Nonpublic Information Resources with Supplier’s Information Resources.


b.	NOT establish interconnection to AT&T’s and AT&T’s customers’ Nonpublic Information Resources without the prior consent of AT&T.


c.	Provide AT&T access to any applicable Supplier facilities during normal business hours for the maintenance and support of any equipment (e.g., router) provided by AT&T under the Agreement for connectivity to AT&T’s and AT&T’s customers’ Nonpublic Information Resources.


d.	Use any equipment provided by AT&T under this Agreement for connectivity to AT&T’s and AT&T’s customers’ Nonpublic Information Resources only for the furnishing of those Services or functions explicitly authorized in the Agreement.

If the agreed upon connectivity methodology requires that Supplier implement a Security Gateway, maintain logs of all sessions using such Security Gateway. These session logs must include sufficiently detailed information to identify the end user or application, origination IP address, destination IP address, ports/service protocols used and duration of access. These session logs must be retained for a minimum of s[*] ([*]) months.

Proprietary and Confidential

Agreement No.: 20120124.035.C


71.	In the event that Supplier has, or will be provided, connectivity to AT&T’s or AT&T’s customers’ Nonpublic Information Resources in conjunction with this Agreement, in addition to other rights set forth herein, permit AT&T to:


a.	Gather information relating to access, including Supplier’s access, to AT&T’s and AT&T’s customers’ Nonpublic Information Resources. This information may be collected, retained and analyzed by AT&T to identify potential security risks without further notice. This information may include trace files, statistics, network addresses, and the actual data or screens accessed or transferred.


b.	Immediately suspend or terminate any interconnection to AT&T’s and AT&T’s customers’ Nonpublic Information Resources if AT&T, in its sole discretion, believes there has been a breach of security or unauthorized access to or misuse of AT&T data facilities or AT&T Information Resources.

Proprietary and Confidential

Agreement No.: 20120124.035.C

Appendix P- Vendor Expense Policy

AT&T Vendor Expense Policy

AT&T Inc. and Participating Companies

(Updated 1/3/2011)

1.0 General

The AT&T Vendor Expense Policy (VEP) provides guidelines to be followed by all vendors of AT&T in requesting reimbursement for business travel, meals and other business related expense. Expenses outside this policy are not reimbursable.

The following principles apply to requests for expense reimbursement:

When spending money that is to be reimbursed, vendors must ensure that an AT&T Company (“Company”) receives proper value in return.

Personal expenditures reported for reimbursement should be billed exactly as they were incurred. The use of averages for any type expenditure or combination of expenditures is not permitted except as specifically provided or documented in a contract.

Every vendor and AT&T employee who certifies or approves the correctness of any voucher or xxxx should have reasonable knowledge the expense and amounts are proper and reasonable. In the absence of the adoption of such policy, or existing contractual agreements, these guidelines are considered the minimum requirements for requesting reimbursement of Company funds.

Deviations from this VEP must be approved in writing by the sponsoring Senior Manager or Officer of an AT&T Company.

Receipts will be requested and reviewed for any unusual or out of the ordinary expenses or where the approver cannot make a reasonable determination of the propriety of the invoice without a receipt.

Proprietary and Confidential

Agreement No.: 20120124.035.C

1.1 Non-Reimbursable Expenses

The following is a list, although not all inclusive, of expenses considered not reimbursable:


•	Airline club membership fees, dues, or upgrade coupon


•	Xxxxxx/Hairstylist/Beautician Expenses


•	Birthday cakes, lunches, balloons, and other personal celebration/recognition costs


•	Break-room supplies for the supplier, such as coffee, xxxxxxx, paper products, soft drinks, snack food


•	Car rental additional fees associated with high speed toll access programs and GPS devices


•	Car Washes


•	Clothing, personal care items, and toiletries


•	Credit card fees


•	Entertainment expenses


•	Expenses associated with spouses or other travel companions


•	Expenses to cover meals or expenses for an AT&T employee, whether in a home location or on official travel


•	Flowers, cards and gifts


•	Health Club and Fitness facilities


•	Hotel pay-per-view movies, Video Games and/or mini bar items


•	Insurance for rental car and or flight


•	Internet access in hotels (added to 3.5)


•	Laundry (except when overnight travel is required for 7 or more consecutive nights)


•	Lost luggage


•	Magazines & newspapers


•	Meals not consistent with AT&T’s Global Employee Expense Policy and or meals not directly required for doing business on the AT&T account (e.g. suppliers cannot voucher lunch with each other simply to talk about AT&T)


•	Medical supplies


•	Membership fees to exercise facilities or social/country clubs


•	Movies purchased while on an airplane


•	Office expenses of suppliers


•	PC, cell phone, and other supplier support expenses (unless specifically authorized in the agreement)


•	Personal entertainment


•	Phone usage on airline unless AT&T business emergency


•	Safe rentals during a hotel stay


•	Surcharges for providing fast service (not related to delivery charges such as Fedex, UPS, etc.). AT&T expects all suppliers to complete the terms of contracts in the shortest period practicable. Charges for shortening the timeframe in which contracts are fulfilled are not permissible.


•	Tips for housekeeping and excessive tips, i.e., in excess of 15% to 18% of cost of meal or services, excluding tax


•	Tobacco Products


•	Traffic or Parking Fines


•	Travel purchased with prepaid air passes.


•	Upgrades on airline, hotel, or car rental fees


•	Water (bottled or dispensed by a supplier), (unless authorized for specific countries where it is recommended that bottled water is used)

Proprietary and Confidential

Agreement No.: 20120124.035.C

The failure to comply with the above mentioned restrictions will result in the Company refusing payment of charges or pursuing restitution from the vendor.

2.0 Responsibilities

2.1 Vendor’s Responsibility

AT&T’s sponsoring managers will ensure that vendors have been covered on this policy prior to incurring any expenditure. Vendors and their sponsoring AT&T managers are responsible for clarifying any questions or uncertainties they may have relative to reimbursable business expenses.

It is mandatory that financial transactions are recorded in a timely manner. Out-of-pocket business expense(s) for vendors that are not submitted for reimbursement within 90 calendar days from the date incurred are considered non-reimbursable. Company managers who are responsible for approving reimbursable expenses of vendors should ensure they are submitted and approved in a timely manner.

3.0 Travel Policy

Vendors must first consider the feasibility of using videoconferencing or teleconferencing as an alternative to travel. Travel that is to be reimbursed by AT&T should be incurred only as necessary and pre-approved by AT&T (unless otherwise authorized in the agreement).

AT&T reserves the right to dispute any expense submittal and if not verifiable as valid may reject reimbursement. Reimbursements will be made to vendor only after expenses are verified as valid.

3.1 Travel Authorization

Travel requiring overnight stays must be pre-approved by the sponsoring AT&T Manager 3^rd Level or above and should be approved only if it is necessary for the vendor to travel to perform required work.

3.2 Travel Reservations

Vendors are expected to procure the most cost efficient travel arrangements, preferably equivalent to the AT&T discount rate. AT&T does not reimburse for travel purchased with prepaid air passes.

3.3 Travel Expense Reimbursement

Vendor travel expenses incurred for company business are reimbursable only as specified in these guidelines. Travel expenses may include the following:


•	Transportation (airfare or other commercial transportation, car rental, personal auto mileage, taxi and shuttle service)


•	Meals and lodging


•	Parking and tolls


•	Tips/xxxxxx service (if necessary and reasonable)


•	Vendors who stay with friends or relatives or other vendor employees while on a Company business trip will NOT be reimbursed for lodging, nor will they be reimbursed for expenditures made to reciprocate their hospitality by buying groceries, being host at a restaurant, etc.

Proprietary and Confidential

Agreement No.: 20120124.035.C

The expense must be ordinary and necessary, not lavish or extravagant, in the judgment of the AT&T sponsoring management. Any reimbursement request must be for actual expenditures only.

3.4 Air Travel Arrangements

Vendors must select lowest logical airfare (fares available in the market at the time of booking, preferably well in advance of trip to attain lowest possible airfare). Vendors shall book coach class fares for all travel at all times. First class bookings are not reimbursable. Vendors can request business class when a single segment of flight time (“in air time” excluding stops, layovers and ground time) is greater than 8 hours providing the relevant manager pre-approves.

3.5 Hotel Arrangements

AT&T has established Market-Based Room Rate Guidelines for vendors to reference when making hotel reservations in the United States (see Addendum A). U.S. vendors traveling outside the U.S. should reference the GSA, Government Per Diem as a guide: xxxx://xxxxxxx.xxxxx.xxx/xxx000/xxx_xxxx.xxx. Non-US vendors may use these dollar per diems as a guide, but any locally specified per diems will take precedence. Vendors are expected to abide by these guidelines when making hotel arrangements or use specified AT&T preferred hotels/maximum location rates or reasonably priced hotels outside of the U.S... The AT&T supplier manager can advise which hotel/max rate to use if there is a hotel in the location concerned. AT&T will only reimburse vendors up to the established room rate guideline/AT&T preferred hotel rate in each market, or for actual hotel lodging charges incurred, whichever is less.

There must be a strong business justification for incurring any cost for internet access, and a request for reimbursement must be accompanied by a detailed explanation regarding reason for charge.

Note: Vendors must indicate the number of room nights on the transaction line when invoicing for reimbursement of hotel expenses. Copies of all hotel bills must be made available for any invoice containing lodging charges.

3.6 Ground Transportation

While away from their home location overnight, vendors are expected to utilize rapid transit or local shuttle service. If the hotel provides a complimentary shuttle, vendors are to use this service before paying for transportation. If complimentary service is not provided a taxi or other local transportation is reimbursable as a business expense. Tips provided to taxi drivers cannot exceed 15% of the value of the total fare

A rental car is appropriate when the anticipated business cost is less than that of other available public transportation. Except to the extent necessary to accommodate several travelers and/or luggage requirements, vendors will not be reimbursed for automobile rentals other than economy or mid-sized/intermediate models.

"Loss Damage Waiver” and "Extended Liability Coverage" are not considered reimbursable in the US. Prepaid fuel or refueling charges at the time of return are not reimbursable.

Rental cars should be refueled before returning to the rental company, since gas purchased through the rental company carries an expensive refueling service charge.

3.7 Use of Personal Vehicle

Proprietary and Confidential

Agreement No.: 20120124.035.C

When use of personal vehicle is required, the current locally approved mileage rate for miles driven for the business portion of the trip should be the maximum used to determine the amount to be reimbursed.

3.8 Parking

If airport parking is necessary, vendors must use long term parking facilities. Additional costs for short term, valet or covered parking are not reimbursable.

3.9 Entertainment

Entertainment expense is not reimbursable to vendors. Entertainment includes meal expense involving AT&T personnel, golf fees, tickets to events and related incidental expenses. Hotel charges for a pay-per-view movie, individual sightseeing tours, or other individual activities (i.e., golf, sporting event, movie, etc.) are not reimbursable.

3.10 Laundry and Cleaning

Reasonable laundry charges during business trips of seven or more consecutive nights are reimbursable based on actual expenses incurred.

3.11 Communications


•	The actual cost of landline telephone calls for AT&T business is reimbursable. The use of AT&T products is required when available.


•	AT&T will not reimburse vendors for cell phone bills unless approved under the contract. With prior consent of the sponsoring AT&T Senior Manager, only individual calls that exceed a vendor’s rate plan that are necessary to conduct business for AT&T may be reimbursed.


•	Charges for high speed internet access are not reimbursable unless specifically approved in the contract.

3.12 Business Meals (Travel and Non-Travel)

Vendors are expected to find reasonably priced dining alternatives. As a general rule, vendors are expected to spend USD $42.00 or less per day (or local currency equivalent) inclusive of tax and gratuity or to abide by the legally specified per diem applicable in the Vendor’s country. This includes all meals, beverages and refreshments purchased during the day. Requests for reimbursement should break out the amount for meals and list the related number of travel days. If breakfast is offered as part of the hotel accommodation rate, no additional reimbursement will be permitted for breakfast. Vendors may not submit expenses to cover meals or expenses for an AT&T employee, whether in a home location or on official travel.

AT&T managers authorizing invoices will be held accountable for ensuring that vendors are following this policy and are spending Company funds economically.

3.13 Flowers, Greeting Cards, Gifts and Incentive Awards

The cost of gifts, flowers, birthday lunches, or greeting cards is considered a personal expense and is not reimbursable. For example, vendors making a donation or providing a gift for a fund-raiser for AT&T may not submit such an expense to AT&T for reimbursement.

3.14 Loss or Damage to Personal Property

The Company assumes no responsibility for loss or damage to a vendor’s personal property during business functions or hours.

Proprietary and Confidential

100

Agreement No.: 20120124.035.C

3.15 Publications

Subscriptions to or purchases of magazines, newspapers and other publications are not reimbursable.

Proprietary and Confidential

101

Agreement No.: 20120124.035.C

AT&T U.S. 2011 Hotel Room Rate Only Guidelines

This Chart applies to the U.S. locations. For Travel outside of the U.S., travelers should exercise prudent judgment and select reasonably priced hotels, based on local market conditions. Employees traveling outside the U.S. should reference the GSA, Government Per Diems as a guide. xxxx://xxxxxxx.xxxxx.xxx/xxx000/xxx_xxxx.xxx

***U.S. Cities not listed on this Hotel Room Rate Only Guideline Matrix, default to $110.00 nightly rate. On occasion an AT&T Preferred Property may exceed the rate guideline for a season (s) or particular city, but has been added due to demand within the market. However, if an alternate Preferred Property within the guideline is offered it should be accepted when available. You may select the Preferred Property that is over the Guideline if it is the option that is available, selecting the appropriate reason code.



City	St	2011 Guideline	City	St	0000 Xxxxxxxxx	Xxxx	Xx	0000 Xxxxxxxxx
Xxxxxxxxx	XX	$200	Plantation	FL	$120	Edison	NJ	$140
Fairbanks	AK	$150	Port St. Lucie	FL	$120	Elizabeth	NJ	$165
Glennallen	AK	$135	Saint Augustine	FL	$135	Fair Lawn	NJ	$165
Ketchikan	AK	$155	Sarasota	FL	$125	Florham Park	NJ	$185
Kodiak	AK	$140	Sunrise	FL	$130	Iselin	NJ	$140
Birmingham	AL	$120	Tallahassee	FL	$125	Mahwah	NJ	$185
Decatur	AL	$90	Tamarac	FL	$135	Manahawkin	NJ	$200
Florence	AL	$130	Tampa	FL	$140	Morristown	NJ	$200
Hoover	AL	$125	West Palm Beach	FL	$165	Newark	NJ	$165
Huntsville	AL	$140	Alpharetta	GA	$150	Paramus	NJ	$185
Montgomery	AL	$95	Atlanta	GA	$160	Parsippany	NJ	$200
Mobile	AL	$120	Augusta	GA	$125	Piscataway	NJ	$165
Tuscaloosa	AL	$95	Brunswick	GA	$120	Princeton	NJ	$140
Bryant	AR	$90	Carrollton	GA	$90	Ramsey	NJ	$90
El Dorado	AR	$95	Columbus	GA	$120	Red Bank	NJ	$140
Fayetteville	AR	$90	Dublin	GA	$90	Saddle Brook	NJ	$165
Fort Xxxxx	AR	$95	Duluth	GA	$120	Saddle River	NJ	$200
Hardy	AR	$70	Dunwoody	GA	$90	Short Hills	NJ	$165
Little Rock	AR	$135	Griffin	GA	$90	Somerset	NJ	$135
Mountain Home	AR	$70	Lawrenceville	GA	$90	Teaneck	NJ	$230
North Littlerock	AR	$70	Lithia Springs	GA	$90	Tinton Falls	NJ	$150
Pine Bluff	AR	$70	Norcross	GA	$90	Warren	NJ	$165
Rogers	AR	$90	Peachtree City	GA	$120	West Orange	NJ	$135
Russellville	AR	$90	Savannah	GA	$135	Whippany	NJ	$230
Springdale	AR	$90	Roswell	GA	$90	Woodcliff Lake	NJ	$200
VanBuren	AR	$90	Tifton	GA	$90	Albuquerque	NM	$120
Chandler	AZ	$135	Honolulu	HI	$230	Henderson	NV	$160
Mesa	AZ	$135	Kailua Kona	HI	$150	Las Vegas	NV	$150
Phoenix	AZ	$150	Kihei	HI	$200	Pahrump	NV	$70
Rio Rico	AZ	$90	Waikoloa	HI	$200	Albany	NY	$140
Scottsdale	AZ	$185	Desmoines	IA	$135	Brooklyn	NY	$200
Tempe	AZ	$165	Johnston	IA	$120	Cheektowaga	NY	$125
Tucson	AZ	$125	Urbandale	IA	$90	Fishkill	NY	$155

Proprietary and Confidential

102

Agreement No.: 20120124.035.C



Yuma	AZ	$120	Ammon	ID	$90	Jamaica	NY	$165
Anaheim	CA	$125	Idaho Falls	ID	$120	New York	NY	$350
Buena Park	CA	$125	Alsip	IL	$90	Plainview	NY	$200
Burbank	CA	$150	Arlington Heights	IL	$120	Rochester	NY	$165
Burlingame	CA	$150	Barrington	IL	$70	Rockville Center	NY	$140
Carlsbad	CA	$165	Bedford Park	IL	$150	Syracuse	NY	$135
Cerritos	CA	$150	Bourbonnais	IL	$90	Tarrytown	NY	$200
Chico	CA	$95	Champaign	IL	$135	Vestal	NY	$140
City of Industry	CA	$125	Chicago	IL	$170	West Harrison	NY	$185
Clovis	CA	$95	Danville	IL	$90	White Plains	NY	$185
Concord	CA	$140	Des Plaines	IL	$150	Woodbury	NY	$125
Coronado	CA	$350	Downers Grove	IL	$90	Beachwood	OH	$125
Costa Mesa	CA	$125	Elk Grove	IL	$135	Boardman	OH	$95
Cupertino	CA	$170	Elmhurst	IL	$135	Centerville	OH	$90
Del Mar	CA	$150	Fairview Heights	IL	$90	Cleveland	OH	$125
Dublin	CA	$120	Gurnee	IL	$90	Columbus	OH	$140
El Segundo	CA	$140	Hoffman Estates	IL	$110	Dayton	OH	$120
Emeryville	CA	$165	Lincolnshire	IL	$185	Dublin	OH	$120
Escondido	CA	$90	Lisle	IL	$140	Fairborn	OH	$90
Eureka	CA	$120	Lombard	IL	$165	Independence	OH	$120
Garden Grove	CA	$130	Naperville	IL	$120	Xxxxxxxx Village	OH	$95
Glendale (North)	CA	$180	Northbrook	IL	$135	North Olmsted	OH	$120
Hawthorne	CA	$135	Oakbrook	IL	$170	Orange Village	OH	$90
Hayward	CA	$90	Ofallon	IL	$70	Perrysburg	OH	$90
Hollywood	CA	$185	Palatine	IL	$90	Poland	OH	90
Irvine	CA	$165	Rockford	IL	$120	Reynoldsburg	OH	$70
La Jolla	CA	$155	Rolling Meadows	IL	$90	Richfield	OH	$90
Livermore	CA	$125	Rosemont	IL	$140	Xxxxxxxx Xxxx	XX	x000
Xxxx Xxxxx	XX	$185	Schaumburg	IL	$125	Owasso	OK	$90
Los Angeles	CA	$185	Springfield	IL	$90	Ponca City	OK	$70
Merced	CA	$125	Tinley Park	IL	$120	Coos Bay	OR	$70
Milpitas	CA	$150	Vernon Hills	IL	$90	Lake Oswego	OR	115
Modesto	CA	$125	Westmont	IL	$90	Portland	OR	$140
Montebello	CA	$125	Willowbrook	IL	$95	Tigard	OR	$120
Monterey	CA	$165	Bloomington	IN	$90	Allentown	PA	$95
Mountain View	CA	$165	Carmel	IN	$120	Audubon	PA	$125
Napa	CA	$165	Columbus	IN	$90	Bensalem	PA	$90
Newark	CA	$160	Indianapolis	IN	$125	Berwyn	PA	$176
Newport Beach	CA	$185	Muncie	IN	$70	Coraopolis	PA	$120
Oakland	CA	$130	South Bend	IN	$120	Essington	PA	$125
Ontario	CA	$120	Merriam	KS	$90	Xxxx Xxxxx	PA	$140

Proprietary and Confidential

103

Agreement No.: 20120124.035.C



Orange	CA	$125	Overland Park	KS	$120	Harrisburg	PA	$120
Palo Alto	CA	$230	Shawnee	KS	$120	King of Prussia	PA	$140
Pasadena	CA	$185	Topeka	KS	$90	Langhorn	PA	$120
Petaluma	CA	$90	Wichita	KS	$90	Philadelphia	PA	$176
Pleasanton	CA	$125	Covington	KY	$140	Pittsburgh	PA	$185
Redondo Beach	CA	$130	Louisville	KY	$135	Wayne	PA	$140
Redwood City	CA	$130	Baton Rouge	LA	$120	Lincoln	RI	$150
Riverside	CA	$130	Covington	LA	$125	Xxxxxxxxxx	XX	000
Xxxxxxx	XX	$135	La Place	LA	$120	Anderson	SC	$95
Rohnert Park	CA	$125	Metairie	LA	$140	Charleston	SC	$120
Rosemead	CA	$140	New Orleans	LA	$150	Duncan	SC	$90
Sacramento	CA	$135	Boston	MA	$285	Florence	SC	$95
Salinas	CA	$150	Burlington	MA	$200	Hilton Head	SC	$150
San Carlos	CA	$90	Cambridge	MA	$230	Myrtle Beach	SC	$150
San Diego	CA	$165	Dedham	MA	$150	Brentwood	TN	$120
San Francisco	CA	$230	Framingham	MA	$165	Crossville	TN	$70
San Gabriel	CA	$140	Lowell	MA	$120	Franklin	TN	$120
San Jose	CA	$135	Marlborough	MA	$150	Xxxxxxx	XX	00
Xxx Xxxx Xxxxxx	XX	$120	Natick	MA	$165	Johnson City	TN	$95
San Mateo	CA	$200	Stoughton	MA	$165	Knoxville	TN	$90
San Rafael	CA	$125	Baltimore	MD	$250	Memphis	TN	$125
San Ramon	CA	$185	Bethesda	MD	$250	Nashville	TN	$125
Santa Ana	CA	$130	Columbia	MD	$165	Addison	TX	$140
Santa Clara	CA	$185	Greenbelt	MD	$185	Arlington	TX	$125
Santa Monica	CA	$250	Hanover	MD	$140	Austin	TX	$125
Santa Rosa	CA	$120	Linthicum	MD	$140	Beaumont	TX	$95
Xxxxxxx Oaks	CA	$120	Xxxxxxxxx Heights	MD	$140	Corpus Christi	TX	$120
South San Francisco	CA	$135	Portland	ME	$120	Dallas	TX	$150
Xxxxxxxxx Ranch	CA	$90	Battlecreek	MI	$90	El Paso	TX	$135
Stockton	CA	$95	Canton	MI	$90	Frisco	TX	$120
Susanville	CA	$90	Detroit	MI	$125	Ft. Worth	TX	$115
Temecula	CA	$135	Farmington Hills	MI	$90	Houston	TX	$135
Thousand Oaks	CA	$135	Holland	MI	$70	Irving	TX	$140
Torrance	CA	$120	Lansing	MI	$120	McAllen	TX	$90
Ukiah	CA	$90	Marquette	MI	$90	Midland	TX	$90
Universal City	CA	$185	Novi	MI	$95	Plano	TX	$130
Valencia	CA	$135	Port Huron	MI	$90	Richardson	TX	$120
Van Nuys	CA	$120	Romulus	MI	$120	San Antonio	TX	$150
Walnut Creek	CA	$165	Southfield	MI	$135	Texarkana	TX	$90
Watsonville	CA	$90	Walker	MI	$90	Waxahachie	TX	$90
West Lake Village	CA	$140	Warren	MI	$90	The Woodlands	TX	$135
West Sacramento	CA	$90	Xxxxxx	MN	$90	Salt Lake City	UT	$135

Proprietary and Confidential

104

Agreement No.: 20120124.035.C



Willits	CA	$90	Bloomington	MN	$140	Alexandria	VA	$200
Woodland	CA	$90	Edina	MN	$135	Arlington	VA	$210
Yorba Linda	CA	$95	Minneapolis	MN	$185	Charlottesville	VA	$115
Aurora	CO	$140	St. Xxxx	MN	$120	Chantilly	VA	$200
Boulder	CO	$185	Bridgeton	MO	$120	Chester	VA	$135
Colorado Springs	CO	$125	Columbia	MO	$90	Dulles	VA	$200
Denver	CO	$185	Fenton	MO	$90	Fairfax	VA	$200
Englewood	CO	$165	Festus	MO	$70	Falls Church	VA	$200
Greenwood Village	CO	$165	Joplin	MO	$90	Glen Allen	VA	$125
Glastonbury	CT	$135	Kansas City	MO	$135	Hampton	VA	$135
Meriden	CT	$90	Kirkwood	MO	$90	Herndon	VA	$210
New Haven	CT	$160	Lees Summit	MO	$90	Norfolk	VA	$135
New London	CT	$95	Maryland Heights	MO	$120	Richmond	VA	$135
Rocky Hill	CT	$120	Saint Xxxxxxx	MO	$95	Sandston	VA	$135
Stamford	CT	$185	Saint Louis	MO	$120	Sterling	VA	$210
Wallingford	CT	$120	Springfield	MO	$95	Xxxxxx Xxxxxx	XX	x000
Xxxxxxxxxx	XX	$300	Jackson	MS	$125	Vienna	VA	$210
Wilmington	DE	$185	McComb	MS	$90	Bellevue	WA	$185
Altamonte Springs	FL	$120	Natchez	MS	$70	Bothell	WA	$135
Aventura	FL	$150	Ocean Springs	MS	$90	Kirkland	WA	$130
Boca Raton	FL	$150	Pearl	MS	$120	Lynnwood	WA	$140
Boynton Beach	FL	$120	Ridgeland	MS	$120	Redmond	WA	$215
Dania Beach	FL	$120	Tupelo	MS	$90	Seattle	WA	$185
Fort Lauderdale	FL	$135	Asheville	NC	$120	Spokane	WA	$120
Fort Xxxxxx	FL	$125	Carolina Beach	NC	$120	Tacoma	WA	$200
Jacksonville	FL	$135	Charlotte	NC	$135	Tukwila	WA	$185
Kendall	FL	$120	Durham	NC	$150	Woodinville	WA	$185
Key Largo/Tavernier	FL	$135	Gastonia	NC	$90	Green Bay	WI	$90
Key West	FL	$200	Goldsboro	NC	$90	Kenosha	WI	$90
Lake City	FL	$90	Greensboro	NC	$125	Kimberly	WI	$90
Lake Mary	FL	$95	Morrisville	NC	$120	Madison	WI	$95
Lakeland	FL	$120	Raleigh	NC	$120	Milwaukee	WI	$135
Marathon	FL	$135	Shelby	NC	$90	Mukwonago	WI	$70
Maitland	FL	$120	Wilmington	NC	$115	Oshkosh	WI	$90
Melbourne	FL	$120	Winston Salem	NC	$125	Pewaukee	WI	$95
Miami	FL	$165	Omaha	NE	$90	Waukesha	WI	$70
Miami Beach	FL	$165	Basking Ridge	NJ	$185	Wauwatosa	WI	$90
Orlando	FL	$125	Bernardsville	NJ	$200	Beckley	WV	$90
Palm Beach	FL	$165	Bridgewater	NJ	$230	Charleston	WV	$95
Panama City	FL	$120	Cranbury	NJ	$140	Hurricane	WV	$90
Pensacola	FL	$130	Eatontown	NJ	$125

Proprietary and Confidential

105

Agreement No.: 20120124.035.C

Appendix Y – Agreement Regarding Non-Employment Status with AT&T

This Agreement (“Agreement”) dated _________________ is made by the individual named below (“I” or “me”), who is engaged to perform work at ______[Insert name of AT&T company that worker will be doing work for.]__________________________ (“ATT Company”), as a worker of _______________________ (“Supplier”) under the terms and conditions of the agreement named below, between Supplier and AT&T ____________.


I.	Status

I have been engaged by Supplier to provide services to AT&T Company. I may be hired by Supplier as a full or part-time employee, a temporary worker, or as an independent contractor. I understand that no employment relationship between me and the AT&T Company is created by this Agreement or by my agreement with the Supplier to provide services to Supplier or AT&T Company.

I acknowledge and agree that Supplier shall be solely responsible for all payments to me including payment of compensation, premium payments for overtime, bonuses, and other incentive payments, if any, and payments for vacation, holiday, sick days or other personal days, if any. Also, I will be solely responsible for negotiating and agreeing with Supplier for participation in any Supplier benefit plans, including any pension, savings, or health and welfare plan. Unless AT&T Company expressly provides otherwise in writing, I further understand and agree that I am not eligible to participate in or receive any benefits under the terms of the AT&T Company’s pension plans, savings plans, health plans, vision plans, disability plans, life insurance plans, stock option plans, or any employee benefit plan sponsored by the AT&T Company for any period of time. I understand and agree that the cash payments and benefits which I receive from Supplier shall represent the sole compensation to which I am entitled, and that Supplier will be solely responsible for all matters relating to compliance with all employer tax obligations arising from the performance of Services in connection with this Agreement. These tax obligations include but are not limited to the obligation to withhold employee taxes under local, state and federal income tax laws, unemployment compensation insurance tax laws, state disability insurance tax laws, social security and Medicare tax laws, and all other payroll tax laws or similar laws.


II.	Work Policies and Rules


1.	I agree that during the performance of my services I will not violate AT&T Company work rules and policies, including but not limited to those specified in the AT&T Code Of Business Conduct.

I understand that it is my responsibility to ensure that my personal conduct and comments in the workplace support a professional environment which is free of inappropriate behavior, language, joke or actions which could be perceived as sexual harassment or as biased, demeaning, offensive, derogatory to others based upon race, color, religion, national origin, sex, age, sexual orientation, marital status, veteran’s status or disability. I further agree to refrain from words or conduct that is threatening and/or disrespectful of others.

If AT&T Company provides me access to its computer systems, I agree (a) to use such systems in a professional manner, (b) to use such systems only for business purposes and solely for the purposes of performing under the agreement named below, (c) to use such systems in compliance with AT&T Company’s applicable standards and guidelines for computer systems use, and (d) to use password devices, if applicable and if requested by AT&T Company. Without limiting the foregoing, AT&T Company property, including but not limited to Intranet and Internet services, shall not be used for personal purposes or for any purpose which is not directly related to the business which is the subject

Proprietary and Confidential

106

Agreement No.: 20120124.035.C

of the agreement named below. I acknowledge and agree that I must have a valid AT&T Company business reason to access the Intranet and/ or the Internet from within AT&T Company’s private corporate network.


III.	Administrative Terms


1.	This Agreement shall be effective as of the date executed below, and shall remain in effect notwithstanding my termination of employment with Supplier or termination of my work at AT&T Company.


2.	In the event that any provision of this Agreement is held to be invalid or unenforceable, then such invalid or enforceable provisions shall be severed, and the remaining provisions shall remain in full force and effect to the fullest extent permitted by law.

I have read, understand and agree to abide by this Agreement.

By:____________________________________________ Date:_______________________________

Print Name:_____________________________________ Social Security #:_____________________

Address:_______________________________________________________________________________

Agreement No. between Supplier and AT&T: Effective Date:___________________

Proprietary and Confidential

107

Document Metadata

Table of Contents

Contact Center Services Master Agreement No. 20120124.035.C Between StarTek, Inc. And AT&T Services, Inc.

Document Metadata