EdÛcare Systems Access Addendum

THIS SYSTEMS ACCESS ADDENDUM (“SAA”) IS ENTERED INTO BETWEEN YOU (“SERVICE PROVIDER” OR “YOU”) THE ENTITY IDENTIFIED IN THE APPLICABLE EDÛCARE ORDERING DOCUMENT, OR AGREEMENT, AND EDÛCARE, INC., A DELAWARE CORPORATION LOCATED IN SAN FRANCISCO, CALIFORNIA, UNITED STATES OF AMERICA (“EDÛCARE”, “WE”, “US”, OR “OUR”). BY CLICKING ON THE "I ACCEPT" BUTTON AT THE END OF THIS SAA OR BY PROVIDING YOUR PRODUCTS OR SERVICES TO EDÛCARE, YOU ARE AGREEING THAT YOU HAVE READ AND UNDERSTAND THE SAA TERMS AND THAT YOU AGREE TO BE LEGALLY RESPONSIBLE FOR EACH AND EVERY TERM AND CONDITION HEREIN. THIS SAA IS INCORPORATED INTO THE RELEVANT AGREEMENT OR ORDERING DOCUMENT FOR PROVISIONING OF PRODUCTS OR SERVICES TO US ENTERED INTO BY YOU (“MAIN AGREEMENT”). THIS SAA IS EFFECTIVE AS OF YOUR ACCEPTANCE (“EFFECTIVE DATE”).

WHEREAS, Service Provider and EdÛcare have entered into the Main Agreement and in order for Service Provider to be able to provide the services as set forth in the Main Agreement, EdÛcare shall grant to Service Provider’s agents (“Service Provider Agents”) access to certain EdÛcare systems that have been approved by EdÛcare (“Systems”).

Now therefore, the parties agree as follows:

• Service Provider agrees that it will inform all Service Provider Agents who will be working with EdÛcare of the terms and obligations listed herein.
• Service Provider agrees that it shall perform background checks in accordance with Company's policies on any personnel working on Company property or who has access to Company's systems to the extent allowed by law. Service Provider shall ensure personnel consent to such background checks regardless of scope and timing and shall indemnify, defend, and hold Company harmless from any failure to acquire adequate consent.
• When required by EdÛcare, Service Provider Agents will only access the Systems via a VPN or a single sign on protocol and through a computer loaned to Service Provider Agents for that purpose. If a computer is loaned to Service Provider Agents, access to the Systems from any other device is strictly forbidden.
• EdÛcare may also impose additional security measures for accessing the Systems. Service Provider and Service Provider Agents shall at all times comply with instructed security measures and shall not attempt to access the Systems in any manner that circumvents in any way the prescribed security measures.
• Service Provider acknowledges that Service Provider Agents may have access to the personal data of users of EdÛcare including contact information, and Service Provider and Service Provider Agents are strictly forbidden to use such data for any purpose except for providing the services as described in the Main Agreement or as instructed in writing (including email) by an authorized representative of EdÛcare.
• Except as otherwise instructed or agreed to in writing by EdÛcare, Service Provider Agents may not make any copies of, or otherwise export in any manner, any data that Service Provider Agents accesses via the Systems. Any and all data located in and accessed through the Systems by Service Provider Agents shall be considered as Confidential Information as defined in the Main Agreement or in any Non-Disclosure Agreement signed between the Service Provider and EdÛcare. Prior to Service Provider processing any personal data originating from EdÛcare, a Data Processing Agreement must be negotiated between Service Provider and EdÛcare.
• If deemed necessary by EdÛcare, Service Provider and Service Provider Agents must use a EdÛcare provided email service and email address so as to ensure that no email information of any user is used, contacted or accessed via any third party email service.
• In the event where Service Provider or Service Provider Agents breach any of the restrictions set forth above, Service Provider or Service Provider Agents shall immediately inform EdÛcare and provide details on how any data located in its Systems was used, accessed, copied or exported in breach of this SAA.
• Service Provider shall indemnify EdÛcare and its officers, directors, shareholders, employees, agents and contractors from and against any third party claim or any regulatory fines which result from the misuse of personal data by the Service Provider or Service Provider Agents in breach of this SAA.
• In the event of a conflict between this Systems Access SAA and the Agreement, the SAA will control.