400%
200%
100%
75%
50%
25%
The URL can be used to link to this page
Your browser does not support the video tag.
Home
My WebLink
About
C23-254 The Quotient Group
AGREEMENT FOR SERVICES BETWEEN EAGLE COUNTY, COLORADO AND THE QUOTIENT GROUP, LLC THIS AGREEMENT (“Agreement”) is effective as of June 27, 2023 by and between The Quotient Group, a Wisconsin limited liability company (hereinafter “Vendor”, “Contractor” or “Consultant”) and Eagle County, Colorado, a body corporate and politic (hereinafter “County” or “Client”). RECITALS WHEREAS, Eagle County issued a request for qualifications (“RFQ”) soliciting statements of qualification from regional agencies for organization rebranding and website development for the Eagle County Regional Airport, located in Gypsum, Colorado (the “Project”); and WHEREAS, County selector the Contractor as the successful proposer in response to the RFQ. A copy of Contractor’s statement of qualifications is attached hereto as Exhibit A and incorporated herein by reference; and WHEREAS, Contractor is authorized to do business in the State of Colorado and has the time, skill, expertise, and experience necessary to provide the Services as defined below in paragraph 1 hereof; and WHEREAS, this Agreement shall govern the relationship between Contractor and County in connection with the Services. AGREEMENT NOW, THEREFORE, in consideration of the foregoing and the following promises Contractor and County agree as follows: 1. Services or Work. Contractor agrees to diligently provide all services, labor, personnel and materials necessary to perform and complete the services or work described in Exhibit A (“Services” or “Work”) which is attached hereto and incorporated herein by reference. The Services shall be performed in accordance with the provisions and conditions of this Agreement. a. Contractor agrees to furnish the Services no later than December 1, 2023 and in accordance with the schedule established in Exhibit A. If no completion date is specified in Exhibit A, then Contractor agrees to furnish the Services in a timely and expeditious manner consistent with the applicable standard of care. By signing below Contractor represents that it has the expertise and personnel necessary to properly and timely perform the Services. b. In the event of any conflict or inconsistency between the terms and conditions set forth in Exhibit A and the terms and conditions set forth in this Agreement, the terms and conditions set forth in this Agreement shall prevail. DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 2 2. County’s Representative. The Aviation Director’s designee shall be Contractor’s contact with respect to this Agreement and performance of the Services. 3. Term of the Agreement. This Agreement shall commence upon the date first written above, and subject to the provisions of paragraph 11 hereof, shall continue for one year. Thereafter, this Agreement shall be automatically renewed for successive periods of 12 months (each a “Renewal Term”), unless either party notifies the other party of termination, in writing, at least sixty (60) days before the end of the initial Term or any Renewal Period. 4. Extension., Renewal, or Modification. Any amendments or modifications to this Agreement shall be in writing signed by both parties. No additional services or work performed by Contractor shall be the basis for additional compensation unless and until Contractor has obtained written authorization and acknowledgement by County for such additional services in accordance with County’s internal policies. Accordingly, no course of conduct or dealings between the parties, nor verbal change orders, express or implied acceptance of alterations or additions to the Services, and no claim that County has been unjustly enriched by any additional services, whether or not there is in fact any such unjust enrichment, shall be the basis of any increase in the compensation payable hereunder. In the event that written authorization and acknowledgment by County for such additional services is not timely executed and issued in strict accordance with this Agreement, Contractor’s rights with respect to such additional services shall be deemed waived and such failure shall result in non-payment for such additional services or work performed. 5. Compensation. County shall compensate Contractor for the performance of the Services in a sum computed and payable as set forth in Exhibit A. The performance of the Services under this Agreement shall not exceed $52,625.00. Contractor shall not be entitled to bill at overtime and/or double time rates for work done outside of normal business hours unless specifically authorized in writing by County. Fees for Maintenance Services, Hosting and Security for any Renewal Term may be: (a) increased no more than three percent (3%) on an annualized per-user basis. Consultant shall provide County with notice of such increases in fees no later than 60 days prior to the expiration of the then current Term or Renewal Term. a. Payment will be made for Services satisfactorily performed within thirty (30) days of receipt of a proper and accurate invoice from Contractor. All invoices shall include detail regarding the hours spent, tasks performed, who performed each task and such other detail as County may request. b. If, at any time during the term or after termination or expiration of this Agreement, County reasonably determines that any payment made by County to Contractor was improper because the Services for which payment was made were not performed as set forth in this Agreement, then upon written notice of such determination and request for reimbursement from County, Contractor shall forthwith return such payment(s) to County. Upon termination or expiration of this Agreement, unexpended funds advanced by County, if any, shall forthwith be returned to County. DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 3 c. County will not withhold any taxes from monies paid to the Contractor hereunder and Contractor agrees to be solely responsible for the accurate reporting and payment of any taxes related to payments made pursuant to the terms of this Agreement. d. Notwithstanding anything to the contrary contained in this Agreement, County shall have no obligations under this Agreement after, nor shall any payments be made to Contractor in respect of any period after December 31 of any year, without an appropriation therefor by County in accordance with a budget adopted by the Board of County Commissioners in compliance with Article 25, title 30 of the Colorado Revised Statutes, the Local Government Budget Law (C.R.S. 29-1-101 et. seq.) and the TABOR Amendment (Colorado Constitution, Article X, Sec. 20). 6. Subcontractors. Contractor acknowledges that County has entered into this Agreement in reliance upon the particular reputation and expertise of Contractor. Contractor shall not enter into any subcontractor agreements for the performance of any of the Services or additional services without County’s prior written consent, which may be withheld in County’s sole discretion. County shall have the right in its reasonable discretion to approve all personnel assigned to the subject Project during the performance of this Agreement and no personnel to whom County has an objection, in its reasonable discretion, shall be assigned to the Project. Contractor shall require each subcontractor, as approved by County and to the extent of the Services to be performed by the subcontractor, to be bound to Contractor by the terms of this Agreement, and to assume toward Contractor all the obligations and responsibilities which Contractor, by this Agreement, assumes toward County. County shall have the right (but not the obligation) to enforce the provisions of this Agreement against any subcontractor hired by Contractor and Contractor shall cooperate in such process. The Contractor shall be responsible for the acts and omissions of its agents, employees and subcontractors. 7. Insurance. Contractor agrees to provide and maintain at Contractor’s sole cost and expense, the following insurance coverage with limits of liability not less than those stated below: a. Types of Insurance. i. Workers’ Compensation insurance as required by law. ii. Auto coverage. Intentionally Omitted. iii. Commercial General Liability coverage to include premises and operations, personal/advertising injury, products/completed operations, broad form property damage with limits of liability not less than $1,000,000 per occurrence and $1,000,000 aggregate limits. iv. Professional Liability (Errors and Omissions) including Cyber Liability with prior acts coverage for all deliverables, Services and additional services required hereunder, in a form and with insurer or insurers satisfactory to County, with limits of liability of not less than $2,000,000 per claim and $2,000,000 in the aggregate. The insurance shall provide coverage for (i) liability arising from theft, dissemination and/or use of confidential information stored or transmitted in electronic form; (ii) Network Security Liability arising from unauthorized access to, use of or tampering with computer systems including DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 4 hacker attacks, inability of an authorized third party to gain access to your Software or Services including denial of access or Services unless caused by a mechanical or electrical failure; (iii) liability arising from the introduction of a computer virus into, or otherwise causing damage to, County or a third person’s computer, computer system, network or similar computer related property and the data, software and programs thereon. v. Crime Coverage shall include employee dishonesty, forgery or alteration and computer fraud. If Consultant is physically located on County premises, third party fidelity coverage extension shall apply. The policy shall include coverage for all directors, officers and employees of the Consultant. The bond or policy shall include coverage for extended theft and mysterious disappearance. The bond or policy shall not contain a condition requiring an arrest or conversion. Limits shall be a minimum of $1,000,000 per loss. b. Other Requirements. i. The commercial general liability coverage shall be endorsed to include Eagle County, its associated or affiliated entities, its successors and assigns, elected officials, employees, agents and volunteers as additional insureds. A certificate of insurance consistent with the foregoing requirements is attached hereto as Exhibit B. ii. Contractor’s certificates of insurance shall include subcontractors, if any as additional insureds under its policies or Contractor shall furnish to County separate certificates and endorsements for each subcontractor. iii. The insurance provisions of this Agreement shall survive expiration or termination hereof. iv. The parties hereto understand and agree that the County is relying on, and does not waive or intend to waive by any provision of this Agreement, the monetary limitations or rights, immunities and protections provided by the Colorado Governmental Immunity Act, as from time to time amended, or otherwise available to County, its affiliated entities, successors or assigns, its elected officials, employees, agents and volunteers. v. Contractor is not entitled to workers’ compensation benefits except as provided by the Contractor, nor to unemployment insurance benefits unless unemployment compensation coverage is provided by Contractor or some other entity. The Contractor is obligated to pay all federal and state income tax on any moneys paid pursuant to this Agreement. 8. Indemnification. The Contractor shall indemnify and hold harmless County, and any of its officers, agents and employees against any losses, claims, damages or liabilities for which County may become subject to insofar as any such losses, claims, damages or liabilities arise out of, directly or indirectly, this Agreement, or are based upon any performance or nonperformance by Contractor or any of its subcontractors hereunder; and Contractor shall reimburse County for reasonable attorney fees and costs, legal and other expenses incurred by County in connection with investigating or defending any such DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 5 loss, claim, damage, liability or action. This indemnification shall not apply to claims by third parties against the County to the extent that County is liable to such third party for such claims without regard to the involvement of the Contractor. This paragraph shall survive expiration or termination hereof. 9. Ownership of Documents. All documents (including electronic files) and materials obtained during, purchased or prepared in the performance of the Services shall be and remain the property of the County and are to be delivered to County before final payment is made to Contractor or upon earlier termination of this Agreement. 10. Notice. Any notice required by this Agreement shall be deemed properly delivered when (i) personally delivered, or (ii) when mailed in the United States mail, first class postage prepaid, or (iii) when delivered by FedEx or other comparable courier service, charges prepaid, to the parties at their respective addresses listed below, or (iv) when sent via facsimile so long as the sending party can provide facsimile machine or other confirmation showing the date, time and receiving facsimile number for the transmission, or (v) when transmitted via e-mail with confirmation of receipt. Either party may change its address for purposes of this paragraph by giving five (5) days prior written notice of such change to the other party. COUNTY: Eagle County, Colorado Attention: David Reid Post Office Box 850 Eagle, CO 81631 Telephone: 970-328-2648 E-Mail: David.Reid@eaglecounty.us With a copy to: Eagle County Attorney 500 Broadway Post Office Box 850 Eagle, Co 81631 Telephone: 970-328-8685 E-Mail: atty@eaglecounty.us CONTRACTOR: The Quotient Group Attention: Kim Sippola N1374 Tuckaway Court Greenville, WI 54942 Ph: 920-809-4550 kim@thequotientgroup.com 11. Termination. Either party may terminate this Agreement, in whole or in part, at any time and for any reason, with or without cause, and without penalty therefor with thirty (30) calendar days’ prior DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 6 written notice to the other party. a. Either party may terminate this Agreement in the event that the other party commits a material breach of this Agreement and fails to cure such material breach within twenty (20) days after receiving written notice of the same. b. In the event of a termination of this Agreement, the Contractor shall implement an orderly return of County Data in a CSV or another mutually agreeable format at a time and date agreed to by the parties, and no later than 60-days following the effective date of termination. c. In the event that this Agreement is terminated, for any reason, Consultant will provide the latest version of the Consultant’s CMS to the County. This system will then have the ability to be hosted and used by the County as long as they wish. Consultant will provide reasonable support in transferring the CMS system to the County’s decided upon hosting architecture. d. In the event of a termination of this Agreement, County will cease use of the Services, except as needed for the orderly return of County Data. e. During any period of service suspension of this Agreement, the Consultant shall not take any action to intentionally erase any County Data. f. In the event of termination of any Services or this Agreement in its entirety, Consultant shall not take any action to intentionally erase any County Data for a period of 60 days after the effective date of termination. After such period, the Consultant shall have no obligation to maintain or provide any County Data. After such 60-day period, unless otherwise agreed upon by Consultant and County in writing, Consultant will securely dispose of all County Data in its systems or otherwise in its possession or under its control. g. The County shall be entitled to any post-termination technical assistance generally made available with respect to the Services. h. Consultant shall securely dispose of all County Data in all of its forms, such as but not limited to; disk, CD/ DVD, backup tape, electronic backups and paper, when requested by the County. Data shall be permanently deleted and shall not be recoverable, according to National Institute of Standards and Technology (NIST)-approved methods. Certificates of destruction shall be provided to the County. 12. Venue, Jurisdiction and Applicable Law. Any and all claims, disputes or controversies related to this Agreement, or breach thereof, shall be litigated in the District Court for Eagle County, Colorado, which shall be the sole and exclusive forum for such litigation. This Agreement shall be construed and interpreted under and shall be governed by the laws of the State of Colorado. 13. Execution by Counterparts; Electronic Signatures. This Agreement may be executed in two or more counterparts, each of which shall be deemed an original, but all of which shall constitute one and the DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 7 same instrument. The parties approve the use of electronic signatures for execution of this Agreement. Only the following two forms of electronic signatures shall be permitted to bind the parties to this Agreement: (i) Electronic or facsimile delivery of a fully executed copy of the signature page; (ii) the image of the signature of an authorized signer inserted onto PDF format documents. All documents must be properly notarized, if applicable. All use of electronic signatures shall be governed by the Uniform Electronic Transactions Act, C.R.S. 24-71.3-101 to 121. 14. Other Contract Requirements and Contractor Representations. a. Contractor has familiarized itself with the nature and extent of the Services to be provided hereunder and the Property, and with all local conditions, federal, state and local laws, ordinances, rules and regulations that in any manner affect cost, progress, or performance of the Services. b. Contractor will make, or cause to be made, examinations, investigations, and tests as he deems necessary for the performance of the Services. c. To the extent possible, Contractor has correlated the results of such observations, examinations, investigations, tests, reports, and data with the terms and conditions of this Agreement. d. To the extent possible, Contractor has given County written notice of all conflicts, errors, or discrepancies. e. Contractor shall be responsible for the completeness and accuracy of the Services and shall correct, at its sole expense, all significant errors and omissions in performance of the Services. The fact that the County has accepted or approved the Services shall not relieve Contractor of any of its responsibilities. Contractor shall perform the Services in a skillful, professional and competent manner and in accordance with the standard of care, skill and diligence applicable to contractors performing similar services. Contractor represents and warrants that it has the expertise and personnel necessary to properly perform the Services and shall comply with the highest standards of customer service to the public. Contractor shall provide appropriate supervision to its employees to ensure the Services are performed in accordance with this Agreement. This paragraph shall survive termination of this Agreement. f. Contractor agrees to work in an expeditious manner, within the sound exercise of its judgment and professional standards, in the performance of this Agreement. Time is of the essence with respect to this Agreement. g. This Agreement constitutes an agreement for performance of the Services by Contractor as an independent contractor and not as an employee of County. Nothing contained in this Agreement shall be deemed to create a relationship of employer-employee, master-servant, partnership, joint venture or any other relationship between County and Contractor except that of independent contractor. Contractor shall have no authority to bind County. DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 8 h. Contractor represents and warrants that at all times in the performance of the Services, Contractor shall comply with any and all applicable laws, codes, rules and regulations. i. This Agreement contains the entire agreement between the parties with respect to the subject matter hereof and supersedes all other agreements or understanding between the parties with respect thereto. j. Contractor shall not assign any portion of this Agreement without the prior written consent of the County. Any attempt to assign this Agreement without such consent shall be void. k. This Agreement shall be binding upon and shall inure to the benefit of the parties hereto and their respective permitted assigns and successors in interest. Enforcement of this Agreement and all rights and obligations hereunder are reserved solely for the parties, and not to any third party. l. No failure or delay by either party in the exercise of any right hereunder shall constitute a waiver thereof. No waiver of any breach shall be deemed a waiver of any preceding or succeeding breach. m. The invalidity, illegality or unenforceability of any provision of this Agreement shall not affect the validity or enforceability of any other provision hereof. n. The signatories to this Agreement aver to their knowledge no employee of the County has any personal or beneficial interest whatsoever in the Services or Property described in this Agreement. The Contractor has no beneficial interest, direct or indirect, that would conflict in any manner or degree with the performance of the Services and Contractor shall not employ any person having such known interests. 15. Definitions: a. “Authorized Persons” means Vendor’s employees, contractors, subcontractors or other agents who need to access the County Data to enable the Vendor to perform the services required. “Data Breach” means the unauthorized access by a non-Authorized Person(s) that results in the use, disclosure or theft of a County Data. b. “County Data” means all data created or in any way originating with the County, and all data that is the output of computer processing of or other electronic manipulation of any data that was created by or in any way originated with the County or was shared with the County by another law enforcement agency, whether such data or output is stored on the County’s hardware, the vendor’s hardware or exists in any system owned, maintained or otherwise controlled by the County or by the vendor. c. “County Identified Contact” means the person or persons designated in writing by the County to receive security incident or breach notification. DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 9 d. “Security Incident” means the potentially unauthorized access by non-authorized persons to personal data or non-public data the vendor believes could reasonably result in the use, disclosure or theft of a County Data within the possession or control of the Consultant. A security incident may or may not turn into a data breach. e. “Go Live” means the first productive use of the Software after cutover to the System. 16. Authentication and Authorization. A documented authentication and authorization policy including multi-factor authentications requirements must cover all applicable systems. That policy must include password provisioning requirements, password complexity requirements, password resets, thresholds for lockout attempts, thresholds for inactivity, and assurance that no shared accounts are utilized. 17. Compatibility. Contractor will provide browser compatibility with their software on all Chrome, Firefox, Safari, Edge and Internet Explorer versions that are two years or less old, and test compatibility within 30 days of any new release on such web browsers. Contractor will ensure that older versions of each browser that are used by more than 5% of the customers are supported. Contractor shall not require any plug-ins in order to access any Services functionality. 18. Support Services Response Times. Table 1 shows the priority assigned to faults according to the perceived importance of the reported situation. The priority assignment is to refer to the initial telephone response to the County as per fault matrix. Table 1 Crisis Urgent Critical Normal Request for Service Priority Immediate Urgent High Normal Normal Time for Response < 1 Hour 1 Hour 4-6 Hours 24 hours Dependent Upon Request Report Method Stephanie Cell 505-440-4173 Tiana cell 507-990-3929 Stephanie Cell 505-440-4173 Tiana cell 507-990-3929 Stephanie Cell 505-440-4173 Tiana cell 507-990-3929 stephanie@thequotien tgroup.com cc: tiana@thequotientgrou p.com stephanie@thequotientgroup.com cc: tiana@thequotientgroup.com County Guide for Support (Report Method Details) - Fault Matrix Crisis: ● Crisis issues are issues that make your website completely inoperable. In this case you should call our tech support team immediately at 505-440-4173. Example(s) include: Entire website not accessible from multiple devices/browsers DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 10 Urgent: ● Urgent issues are issues that render your system partially inoperable. These requests can be submitted to our tech support team through phone or within our customer portal. ● Example(s) include: Partial portion of website not accessible from multiple devices/browsers, unapproved information on the website, or time sensitive information not available on live website. Critical: ● Critical Issues are issues that deny you the ability to perform a core function of the system. These requests should be submitted to the customer portal. ● Example(s) include: CMS not publishing to live site, perceived slow load time, content updates not appearing as intended in live site. Normal: ● Normal issues are issues that deny usability of limited functions of the system. These requests should be submitted to the customer portal. ● Example(s) include: General site irregularities, login issues, photo resizing, or image/graphic requests. 19. Website Application Availability Monitoring. Website application availability monitoring will be performed by Contractor and County using monitoring tool of their choice. If County suspects or Contractor monitoring reveals that website availability exceeds the agreed upon threshold of 99.99% in any one month, they agree to immediately open a support ticket in the customer portal to notify Contractor of the issue. Upon resolution of downtime issue, if County suspects the 99.99% threshold was exceeded, County agrees to provide information to Contractor which includes SCOM report and a written narrative describing any details of the perceived downtime issue. Upon Contractor’s review and concurring thereof County will be eligible for a credit equal to the monthly portion of annual services fee as set forth in Table 2 below. This credit would be applied to the next invoice due. The credit will not be provided if support ticket was not opened or for issues caused by County. DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 11 Table 2 19. Data Ownership. Consultant acknowledges and agrees that County owns all rights, title and interest in the County Data. Consultant shall not access County user accounts or County Data, except (1) in the course of data center operations, (2) in response to service or technical issues, (3) for proactive service and problem resolution, (4) as required by the express terms of this Agreement or (5) at the County’s written request. 20. Data Confidentiality. Consultant agrees to keep confidential all County Data, and agrees not to sell, assign, distribute, or disclose any such confidential information to any other person or entity without obtaining prior written permission from the County, which may be withheld in County’s sole discretion. 21. Data Protection. Protection of County Data shall be an integral part of the Services and business activities of the Consultant to ensure there is no inappropriate or unauthorized use of County Data at any time. To this end, the Consultant shall safeguard the confidentiality, integrity and availability of County Data and comply with the following conditions: a. The Consultant shall implement and maintain commercially reasonable and appropriate administrative, technical and organizational security measures to safeguard against unauthorized access, disclosure or theft of County Data. Such security measures shall be in accordance with recognized industry practice. DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 12 b. The Consultant shall enforce separation of job duties, require commercially reasonable non-disclosure agreements, and limit staff knowledge of County Data to that which is absolutely necessary to perform job duties. c. All data obtained by the Consultant in the performance of this contract shall become and remain the property of the County. d. All County Data shall be encrypted in transit with controlled access, with the level of protection and encryption identified for County upon request. Unless otherwise stipulated, the Consultant is responsible for encryption of the County Data. e. At no time shall any data or processes — that either belong to or are intended for the use of a County or its officers, agents or employees — be copied, disclosed or retained by the Consultant or any party related to the Consultant for subsequent use in any transaction that does not include the County. f. The Consultant shall not use any information collected in connection with the Service issued from this proposal for any purpose other than fulfilling this Agreement. 22. Security Incident or Data Breach Notification. The Consultant shall inform the County of any security incident or data breach. a. Incident Response: The Consultant may need to communicate with outside parties regarding a security incident, which may include contacting law enforcement, fielding media inquiries and seeking external expertise as mutually agreed upon, defined by law or contained in the contract. Discussing security incidents with the County should be handled on an urgent as-needed basis, as part of Consultant communication and mitigation processes as mutually agreed upon, defined by law or contained in the contract. b. Security Incident Reporting Requirements: The Consultant shall report a security incident to the appropriate County identified contact immediately. c. Breach Reporting Requirements: If the Consultant has actual knowledge of a confirmed data breach that affects the security of any County content that is subject to applicable data breach notification law, the Consultant shall (1) promptly notify the appropriate County identified contact within 24 hours or sooner, unless shorter time is required by applicable law, and (2) take commercially reasonable measures to address the data breach in a timely manner. In the case of a data breach originating from the County’s responsibilities, the Consultant will work with the County to identify and resolve the Breach, but the County will be responsible for any remediation steps as required by law. 23. Data Breach Responsibilities. The Consultant, unless stipulated otherwise, shall immediately notify the appropriate County identified contact by telephone and email in accordance with the agreed upon security plan or security procedures if it reasonably believes there has been a security incident. DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 13 a. In the case of a Data Breach originating from the County, the Consultant will provide assistance to the County for identification and resolution, but the County will have sole responsibility for any remediation actions necessary as a result of the Breach. b. The Consultant, unless stipulated otherwise, shall promptly notify the appropriate County identified contact within 24 hours or sooner by telephone and email, unless shorter time is required by applicable law, if it confirms that there is, or reasonably believes that there has been a data breach. The Consultant shall (1) cooperate with the County as reasonably requested by the County to investigate and resolve the data breach, (2) promptly implement necessary remedial measures, if necessary, and (3) document responsive actions taken related to the data breach, including any post-incident review of events and actions taken to make changes in business practices in providing the services, if necessary. c. Unless otherwise stipulated, if a data breach is a direct result of the Consultant’s breach of its contract obligation to encrypt personal data or otherwise prevent its release, the Consultant shall bear the costs associated with (1) the investigation and resolution of the data breach; (2) notifications to individuals, regulators or others required by state law; (3) a credit monitoring service required by state (or federal) law; (4) a website or a toll-free number and call center for affected individuals required by state law — all not to exceed the average per record per person cost calculated for data breaches in the United States; and (5) complete all corrective actions as reasonably determined by Consultant based on root cause; all [(1) through (5)] subject to this contract’s limitation of liability. 24. Notification of Legal Requests. The Consultant shall contact the County upon receipt of any electronic discovery, litigation holds, discovery searches and expert testimonies related to the County’s Data under this contract, or which in any way might reasonably require access to the County’s Data. The Consultant shall not respond to subpoenas, service of process and other legal requests related to the County without first notifying the County, unless prohibited by law from providing such notice. 25. Access to Security Logs and Reports. Upon request the Consultant shall provide the County within a timely manner, access to Security Logs and Reports, Data Center Audit or Vulnerability Scanning reports. 26. Data Center Audit or Vulnerability Scanning. To ensure the security of County Data maintained by Consultant, the Consultant shall engage an independent third party or utilize independent third-party software services to perform an independent audit or vulnerability scanning of its data centers at least annually at its expense, and provide a redacted version of the audit report upon request. The Consultant may remove its proprietary information from the redacted version. This audit or vulnerability scanning shall include at minimum a scan of the organization’s internet perimeter, web application firewall, physical access to data center, crawling and testing web applications to identify vulnerabilities including for cross-site scripting and SQL injection. Any items that don’t meet standards or are marked as critical must be addressed and corrected by Consultant in a timely manner, as mutually agreed upon by the Parties. 27. Change Control and Advance Notice. The Consultant shall give County 10 business days advance DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 14 notice and detailed release notes regarding changes to the Services or of any upgrades that may impact service availability and performance. 28. Export of Data. The County shall have the ability to export data in piecemeal or in entirety at its discretion without interference from the vendor. This includes the ability for the County to export data to/from other vendors or service providers in a CSV format and image file format or other mutually agreeable format. 30. Business Continuity and Disaster Recovery. As a part of the Services, Consultant is responsible for maintaining a backup of County Data and for an orderly and timely recovery of such data in the event that the Services may be interrupted. Consultant shall maintain a contemporaneous backup of County Data that can be recovered within one day (24 hours) at any point in time. Additionally, Consultant shall store a backup of County Data in an off-site “hardened” facility no less than weekly, maintaining the security of County Data, the security requirements of which are further described herein. 31. PCI compliance. If, in the course of its engagement by County, Contractor has access to or will collect, access, use, store, process, dispose of or disclose credit, debit or other payment cardholder information, Contractor shall at all times remain in compliance with the Payment Card Industry Data Security Standard (“PCI DSS”) requirements, including remaining aware at all times of changes to the PCI DSS and promptly implementing all procedures and practices as may be necessary to remain in compliance with the PCI DSS, in each case, at Contractor's sole cost and expense. 32. System Accessibility. a. Consultant is responsible for addressing accessibility issues in any software, including but not limited to any implementation, configuration, or documentation provided or licensed by Contractor and delivered to County. b. Contractor shall ensure that all end user deliverables adhere to the Governor’s Office of Information Technology’s Technology Accessibility for Persons with Disabilities Standards and Contractor must be able to update any software/systems in the event of updates to those standards. If Contractor has agreed to perform maintenance for County, Contractor’s obligations herein apply to its performance of maintenance. c. Contractor shall ensure that accessibility and usability are addressed at every stage of the Project. Contractor shall provide a third-party attestation of product accessibility compliance for any software with which users will interact when requested by County. Such attestation shall include a summary of the software’s ADA compliance as well as any outstanding accessibility issues identified in the software, and an explanation as to how Contractor intends to make the software fully compliant. Remediation of accessibility issues which pose a very minor inconvenience to disabled users but do not prevent them from using the software may be waived by the County in its sole discretion. Correction of accessibility issues may require, among other things, writing new core code, turning off inaccessible features, providing users with third party software in addition to their assistive technology, or providing disabled users with an alternative pathway to the inaccessible feature or the business process that it automates. Contractor shall collaborate with the County to prioritize accessibility DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 15 defects based on severity. If the County determines that accessibility issues exist but cannot be resolved or mitigated, the Contractor may terminate this Agreement. IN WITNESS WHEREOF, the parties have executed this Agreement the day and year first set forth above. COUNTY OF EAGLE, STATE OF COLORADO, By and Through Its COUNTY MANAGER By: ______________________________ Jeff Shroll, County Manager CONSULTANT The Quotient Group By: _____________________________________ Print Name: ______________________________ Title: ____________________________________ DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 Kim Sippola President 1 EXHIBIT A SCOPE OF SERVICES, SCHEDULE, FEES Description Price Website Redesign Kick-off and Discovery $1,500.00 Information Architecture and Migration Planning $1,800.00 Wireframes $4,200.00 Design • Unlimited rounds of changes $3,600.00 Content Creation $3,750.00 Content Migration • Full Migration to include spell checking and style corrections $1,950.00 Pre-launch and Launch of website $3,000.00 Training $800.00 Project Management $7,200.00 TOTAL $27,800.00 Additional Website Items Hosting and Security Annual Fee $600.00 Domain Purchase Annual Fee $25.00 Maintenance Package Annual Fee $1,500.00 Badging Appointment Reservations $650.00 ADA compliance and monitoring Annual Fee $600.00 TOTAL $3,375.00 Rebranding Discovery and Immersion/Listening Session • Online meetings with core members of the EGE team in order to learn more about the airport and its current brand, as well as identify key stakeholders and decision makers that will be involved in the project. • Conduct in-depth interviews with individuals/stakeholder groups as necessary; conduct secondary research; synthesize findings; and present audience insights, and SWOT analysis for decision maker input and approval. DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 2 Deliverables: Project Implementation Plan, inclusive of stakeholder identification and detailed timeline and SWOT Analysis $1,800.00 Brand House Workshop/Concept Development • Lead a half-day (more time as needed) brand strategy and positioning workshop(s). Deliverables: Audience insights, values and needs. SWOT Analysis $3,300.00 New Logo Development • Unlimited revisions • Conduct a naming (if applicable) and logo exploration based on the approved brand positioning. • Conduct validation research in the form of a focus group or survey in order to verify naming direction and effectiveness. • Refine selected logo mark to ensure it meets brand needs. Deliverables: Logo options, and results from a trademark search. $3,900.00 Brand Book • Develop brand and style guidelines inclusive of logo usage, fonts, color palette, graphics, tone, voice and style. • Select core communication materials such as letterhead, business cards, and presentation templates to be included with brand guidelines. Deliverables: Brand Guide - logo suite, colors, fonts, images, graphics. Style Guide - Tone, voice, personality, language. Produce EPS (vector), JPG (print) and PNG 9web) versions of all logo treatments in full color, 1-color, grayscale, and black and white. $850.00 Value Proposition and Messaging Map • Recommend a brand messaging strategy based on the approved Brand Strategy. Deliverables: Review current external-facing mission, vision and value propositions, make edit recommendations, craft message, define audience, identify channels, create messaging roadmap. $11,600.00 TOTAL $21,450.00 Products County Owns Include: · Existing airport Website · Source Files · All Included Web Applications · Design & Page Content DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 3 Consultant will integrate the following web applications into the County’s existing airport website: ● Bid Posting ● Document Center ● Email Notify ● FAQs ● Job Posting ● Multi-use Business Directory ● News Center with Facebook/Twitter Integration ● Online Forms ● Photo Gallery ● Quick Link Buttons ● Web Calendar ● Online Bill Pay ● RSS Feed Staff Productivity Apps ● Link Checker ● Menu Manager ● Online Form Builder ● Staff Directory ● Website Content Archiving ● Website Content Scheduling Site Administration and Security Features ● Audit Trail ● Auto Site Map Generator ● History Log ● URL Redirect Setup ● Roles and Permission-based Security Mode ● Secure Site Gateway ● Unique Login/Password for each Content Editor ● Web Statistics and Analytics Mobile Device and Accessibility Features ● Font Size Adjustment ● Alt-Tags ● Responsive Website Design (RWD) ● ADA, WCAG 2.1 level AA & Section 508 compliance ● Accessibility statement and certification of performance ● Annual compliance monitoring and maintenance including a re-scan of the website every 24 hours DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 Maintenance • Website maintenance and quarterly website check-ups that includes updates to the WordPress core, themes and/or plug-ins, troubleshooting, and up to 2 hours of support each quarter (8 hours per year). • Plugins will be manually updated at predetermined intervals after website launch. Plugins will be updated one at a time, and the website will be reviewed after each update to ensure functionality and visuals across site remain intact and without conflict. • If there is a conflict or critical error found during maintenance, the website will be rolled back to the latest backup. DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 2 EXHIBIT B INSURANCE CERTIFICATE DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009 CERTIFICATE OF LIABILITY INSURANCE DATE (MM/DD/YYYY) 05/25/2023 THIS CERTIFICATE IS ISSUED AS A MATTER OF INFORMATION ONLY AND CONFERS NO RIGHTS UPON THE CERTIFICATE HOLDER. THIS CERTIFICATE DOES NOT AFFIRMATIVELY OR NEGATIVELY AMEND,EXTEND OR ALTER THE COVERAGE AFFORDED BY THE POLICIES BELOW.THIS CERTIFICATE OF INSURANCE DOES NOT CONSTITUTE A CONTRACT BETWEEN THE ISSUING INSURER(S), AUTHORIZED REPRESENTATIVE OR PRODUCER, AND THE CERTIFICATE HOLDER. IMPORTANT:If the certificate holder is an ADDITIONAL INSURED,the policy(ies)must be endorsed.If SUBROGATIONIS WAIVED, subject to the terms and conditions of the policy,certain policies may require an endorsement.A statement on this certificate does not confer rights to the certificate holder in lieu of such endorsement(s). PRODUCER NUTMEG INS AGENCY INC/PHS 76210775 The Hartford Business Service Center 3600 Wiseman Blvd San Antonio, TX 78251 CONTACT NAME: PHONE (A/C, No, Ext): (888) 925-3137 FAX (A/C, No): E-MAIL ADDRESS: INSURER(S) AFFORDING COVERAGE NAIC# INSURED THE QUOTIENT GROUP LLC N1374 TUCKAWAY CT GREENVILLE WI 54942-8045 INSURER A : Sentinel Insurance Company Ltd.11000 INSURER B : Hartford Fire and Its P&C Affiliates 00914 INSURER C : INSURER D : INSURER E : INSURER F : COVERAGES CERTIFICATE NUMBER:REVISION NUMBER: THIS IS TO CERTIFY THAT THE POLICIES OF INSURANCE LISTED BELOW HAVE BEEN ISSUED TO THE INSURED NAMED ABOVE FOR THE POLICY PERIOD INDICATED.NOTWITHSTANDING ANY REQUIREMENT,TERM OR CONDITION OF ANY CONTRACT OR OTHER DOCUMENT WITH RESPECT TO WHICH THIS CERTIFICATE MAY BE ISSUED OR MAY PERTAIN,THE INSURANCE AFFORDED BY THE POLICIES DESCRIBED HEREIN IS SUBJECT TO ALL THE TERMS, EXCLUSIONS AND CONDITIONS OF SUCH POLICIES. LIMITS SHOWN MAY HAVE BEEN REDUCED BY PAID CLAIMS. INSR LTR TYPE OF INSURANCE ADDL INSR SUBR WVD POLICY NUMBER POLICY EFF (MM/DD/YYYY) POLICY EXP (MM/DD/Y YYY)LIMITS A COMMERCIAL GENERAL LIABILITY 76 SBU UI8187 10/27/2022 10/27/2023 EACH OCCURRENCE $1,000,000 CLAIMS-MADE X OCCUR DAMAGE TO RENTED PREMISES (Ea occurrence)$1,000,000 X General Liability MED EXP (Any one person)$10,000 PERSONAL & ADV INJURY $1,000,000 GEN'L AGGREGATE LIMIT APPLIES PER:GENERAL AGGREGATE $2,000,000 POLICY X PRO- JECT LOC PRODUCTS - COMP/OP AGG $2,000,000 OTHER: A AUTOMOBILE LIABILITY 76 SBU UI8187 10/27/2022 10/27/2023 COMBINED SINGLE LIMIT (Ea accident)$1,000,000 ANY AUTO BODILY INJURY (Per person) ALL OWNED AUTOS SCHEDULED AUTOS BODILY INJURY (Per accident) X HIRED AUTOS X NON-OWNED AUTOS PROPERTY DAMAGE (Per accident) A X UMBRELLA LIAB EXCESS LIAB X OCCUR CLAIMS- MADE 76 SBU UI8187 10/27/2022 10/27/2023 EACH OCCURRENCE $5,000,000 AGGREGATE $5,000,000 DED X RETENTION $ 10,000 B WORKERS COMPENSATION AND EMPLOYERS' LIABILITY ANY PROPRIETOR/PARTNER/EXECUTIVE OFFICER/MEMBER EXCLUDED? (Mandatory in NH) If yes, describe under DESCRIPTION OF OPERATIONS below N/ A 76 WEC PK3066 10/27/2022 10/27/2023 X PER STATUTE OTH- ER Y/N E.L. EACH ACCIDENT $1,000,000 E.L. DISEASE -EA EMPLOYEE $1,000,000 E.L. DISEASE - POLICY LIMIT $1,000,000 A PROFESSIONAL LIABILITY 76 SBU UI8187 10/27/2022 10/27/2023 Occurrence Aggregate $1,000,000 $1,000,000 DESCRIPTION OF OPERATIONS / LOCATIONS / VEHICLES (ACORD 101, Additional Remarks Schedule, may be attached if more space is required) Those usual to the Insured's Operations. Notice of Cancellation will be provided in accordance with Form SS1223, attached to this policy. CERTIFICATE HOLDER CANCELLATION Eagle County Regional Airport 219 Eldon Wilson Road Gypsum CO 81637 SHOULD ANY OF THE ABOVE DESCRIBED POLICIES BE CANCELLED BEFORE THE EXPIRATION DATE THEREOF,NOTICE WILL BE DELIVERED IN ACCORDANCE WITH THE POLICY PROVISIONS. AUTHORIZED REPRESENTATIVE © 1988-2015 ACORD CORPORATION. All rights reserved. ACORD 25 (2016/03)The ACORD name and logo are registered marks of ACORD DocuSign Envelope ID: CD40623B-C210-4093-B95A-333EA6E9E009
