The URL can be used to link to this page

Home My WebLink AboutReso 105-2025 (24-1010) Short Form Services Agreement [Rev:04/01/2024] 1 SOUTH SAN FRANCISCO SERVICES AGREEMENT This Services Agreement (this “Agreement”) is made and entered into between the City of South San Francisco, a municipal corporation (“City”) and Iron Brick Associates, LLC (“Consultant” or “Reseller”) effective as of ______________, 2025 (the “Effective Date”). City and Consultant are hereinafter collectively referred to individually as a Party and collectively as the “Parties”. WHEREAS, Iron Brick is an authorized reseller of certain third-party software, platforms, and services, including those provided by Workday, Inc. (“Workday”), Can/Am Technologies, Inc. (“CanAm”) and Strada U.S. Professional Services, Inc. (“Strada”); WHEREAS, the City desires to procure licenses and services under the applicable Order Forms for Workday, Can/Am and Strada as facilitated through Iron Brick as the reseller; WHEREAS, each of the aforementioned third-party providers has issued standard Order Forms and End User Subscription Agreements (EUSAs) or equivalent license agreements (collectively, the “End User Agreements”), which govern the City’s use of each respective third-party software platform and related services. In consideration of their mutual covenants, the Parties hereby agree as follows: 1.Scope of Services. Consultant shall provide the following services and/or materials (“the Work”): Strada implementation of Workday software, CanAm implementation of Teller software and all necessary Workday and Teller software subscriptions, as more specifically described in the Scope of Services in the Exhibits attached hereto: Exhibit A – Workday Subscription Order Form and applicable Workday End User Subscription Agreement; Exhibit B – Can/Am Implementation and Subscription Order Form and Teller Software as a Service Agreement; Exhibit C – Strada Implementation Services Order Form. The Work shall commence on July 1, 2025, and shall be completed in accordance with the applicable standard of care and End User Agreements attached hereto, by June 30, 2035 unless such date is extended or otherwise modified by the Parties in writing. In the event of a conflict or inconsistency between the text of the main body of this Agreement and Exhibits, the text of this Agreement shall prevail, unless otherwise agreed to by the City. Consultant acts solely as an authorized reseller and facilitator of access to the products and services identified in the attached Exhibits. Consultant does not itself provide the licensed software or hosted services or implementation services described in the Order Forms and End User Agreements and shall have no liability with respect to the performance or non-performance of those services by Workday, Can/Am or Strada. 2. Security Breach Notification and Reporting. Consultant shall have policies and procedures in place for the effective management of Security Breaches, as defined below, which shall be made available to the City upon request. In the event of any actual security breach or reasonable belief of an actual security breach the Consultant either suffers or learns of that either compromises or could compromise the City’s data (a “Security Breach”), Consultant shall notify the City within 48 hours of its discovery. Short Form Services Agreement [Rev:04/01/2024] 2 Consultant shall immediately determine the nature and extent of the Security Breach, contain the incident by stopping the unauthorized practice, recover records, shut down the system that was breached, revoke access and/or correct weaknesses in physical security. Consultant shall report to the City: (i) the nature of the Security Breach; (ii) the City data used or disclosed; (iii) who made the unauthorized use or received the unauthorized disclosure; (iv) what the Consultant has done or shall do to mitigate any deleterious effect of the unauthorized use or disclosure; and (v) what corrective action the Consultant has taken or shall take to prevent future similar unauthorized use or disclosure. Consultant shall provide such other information, including a written report, as reasonably requested by the City. Consultant shall analyze and document the incident and provide all notices required by applicable law. 2. Payment. City shall pay Consultant an amount not to exceed: $7,726,991.00 for the completion of the Work in accordance with the terms and conditions of this Agreement. The calculation of payment for the Work shall be set forth as follows: Short Form Services Agreement [Rev:04/01/2024] 3 Subscription Period Period Start Date Period End Date Subscription Fees Subscription Year 1 7/1/2025 6/30/2026 $297,250 Subscription Year 2 7/1/2026 6/30/2027 $454,547 Subscription Year 3 7/1/2027 6/30/2028 $461,664 Subscription Year 4 7/1/2028 6/30/2029 $370,118 Subscription Year 5 7/1/2029 6/30/2030 $377,521 Subscription Year 6 7/1/2030 6/30/2031 $385,074 Subscription Year 7 7/1/2031 6/30/2032 $392,773 Subscription Year 8 7/1/2032 6/30/2033 $400,628 Subscription Year 9 7/1/2033 6/30/2034 $408,639 Subscription Year 10 7/1/2034 6/30/2035 $416,817 Total Price 3,965,031.00$ Deployment Deployment Fee 76 Training Credits 54,112.00$ Total Price 54,112.00$ Subscription Period Period Start Date Period End Date Subscription Fees Subscription Year 1 7/1/2025 6/30/2026 56,160.00$ Subscription Year 2 7/1/2026 6/30/2027 57,845.00$ Subscription Year 3 7/1/2027 6/30/2028 59,581.00$ Subscription Year 4 7/1/2028 6/30/2029 61,367.00$ Subscription Year 5 7/1/2029 6/30/2030 63,208.00$ Subscription Year 6 7/1/2030 6/30/2031 65,737.00$ Subscription Year 7 7/1/2031 6/30/2032 68,366.00$ Subscription Year 8 7/1/2032 6/30/2033 71,101.00$ Subscription Year 9 7/1/2033 6/30/2034 73,945.00$ Subscription Year 10 7/1/2034 6/30/2035 76,903.00$ Fixed Fee Deployment 150,550.00$ Total Price 804,763.00$ Deployment Deployment Fee One Time Fixed Fee Deployment 2,903,085.00$ Total Price 2,903,085.00$ Workday Training Workday Subscription CanAm/Teller Licenses and Deployment Strada Deployment Short Form Services Agreement [Rev:04/01/2024] 4 The City agrees to pay Iron Brick the firm fixed fees (“Fees”) for Workday and CanAm subscription services in accordance with the following Payment Schedule: Payment # Payment Due Date Payment Amount 1 Upon Order Form Effective Date $ 407,522.00 2 Due on First anniversary of the Order Term start date $ 512,392.00 3 Due on Second anniversary of the Order Term start date $ 521,245.00 4 Due on Third anniversary of the Order Term start date $ 431,485.00 5 Due on Fourth anniversary of the Order Term start date $ 440,729.00 6 Due on Fifth anniversary of the Order Term start date $ 450,811.00 7 Due on Sixth anniversary of the Order Term start date $ 461,139.00 8 Due on Seventh anniversary of the Order Term start date $ 471,729.00 9 Due on Eighth anniversary of the Order Term start date $ 482,584.00 10 Due on Ninth anniversary of the Order Term start date $ 493,720.00 Total Payment Amount $4,673,356.00 Fixed Fee Deployment Fees from CanAm and Strada will be invoiced as Milestones are reached and mutually agreed between the City, CanAm and/or Strada and Iron Brick. The amount stated above is the entire compensation exclusive of reimbursable expenses (which shall be invoiced separately, at cost) payable to Consultant for the Work performed hereunder, including all labor, materials, tools and equipment furnished by Consultant. The City shall reimburse Consultant for the actual and necessary out–of–pocket travel expenses incurred by Consultant and its subcontractors in connection with the Work performed under this Agreement, including air and surface transportation, lodging, car rental, and meals . City shall make payments, based on invoices received, for Work performed in accordance with this Agreement. City shall have thirty (30) days from the receipt of an invoice to pay Consultant. 3. Independent Contractor. It is understood and agreed that this Agreement is not a contract of employment and does not create an employer-employee relationship between the City and Consultant. At all times Consultant shall be an independent contractor and City shall not control the manner of Consultant accomplishing the Work. Consultant is not authorized to bind the City to any contracts or other obligations without the express written consent of the City. 4. Indemnification. To the fullest extent permitted by law, Consultant shall indemnify, defend (with counsel acceptable to the City), and hold harmless the City and its elected and appointed officers, officials, employees, agents, contractors and consultants (collectively, the “City Indemnitees”) from and against any and all liability, loss, damage, claims, expenses and costs (including, without limitation, attorneys’ fees and costs of litigation) (collectively, “Liability”) of every nature arising out of or in Short Form Services Agreement [Rev:04/01/2024] 5 connection with Consultant’s negligence or willful misconduct or Consultant’s failure to make payment to its vendor, or Consultant’s failure to comply with this Agreement, except such Liability caused by the negligence or willful misconduct of the City Indemnitees. 5. Insurance. Prior to beginning the Work and continuing throughout the term of this Agreement, Consultant (and any subcontractors) shall, at Consultant’s (or subcontractor’s) sole cost and expense, furnish the City with certificates of insurance evidencing that Consultant has obtained and maintains insurance in the following amounts: A. Workers’ Compensation that satisfies the minimum statutory limits. B. Commercial General Liability and Property Damage Insurance in an amount not less than ONE MILLION DOLLARS ($1,000,000) combined single limit per occurrence, TWO MILLION DOLLARS ($2,000,000) annual aggregate, for bodily injury, property damage, products, completed operations and contractual liability coverage. The policy shall also include coverage for liability arising out of the use and operation of any City-owned or City-furnished equipment used or operated by the Consultant, its personnel, agents or subcontractors. C. Comprehensive automobile insurance in an amount not less than ONE MILLION DOLLARS ($1,000,000) per occurrence for bodily injury and property damage including coverage for owned and non-owned vehicles. D. Professional Liability Insurance in an amount not less than ONE MILLION DOLLARS ($1,000,000) covering the licensed professionals’ errors and omissions. All insurance policies (with the exception of Professional Liability) shall be written on an occurrence basis and shall name the City Indemnitees as additional insureds with any City insurance shall be secondary and in excess to Consultant’s insurance. If the Consultant’s insurance policy includes a self- insured retention that must be paid by a named insured as a precondition of the insurer’s liability, or which has the effect of providing that payments of the self-insured retention by others, including additional insureds or insurers do not serve to satisfy the self-insured retention, such provisions must be modified by special endorsement so as to not apply to the additional insured coverage required by this agreement so as to not prevent any of the parties to this agreement from satisfying or paying the self-insured retention required to be paid as a precondition to the insurer’s liability. Additionally, the certificates of insurance must note whether the policy does or does not include any self-insured retention. The certificates shall contain a statement of obligation on the part of the carrier to notify City of any material change, cancellation, termination or non-renewal of the coverage in accordance with policy terms. The City’s Risk Manager may waive or modify any of the insurance requirements of this section. 6. Compliance with all Applicable Laws; Nondiscrimination, City Direction. Both Parties shall comply with all local, state and federal laws, regulations and ordinances applicable to their business operations and employment of their personnel in the performance of this Agreement. Consultant shall not discriminate in the provision of service or in the employment of persons engaged in the performance of this Agreement on account of race, color, national origin, ancestry, religion, gender, marital status, sexual orientation, age, physical or mental disability in violation of any applicable local, state or federal laws or regulations. Consultant may receive other directions from the City that may be relied upon in providing the work herein (e.g., interpretations of laws, policies, procedures and plans). 7. Termination. Termination for Non-Appropriation. Customer is a US Federal, State, or Local governmental entity that relies on funding which is allocated at the federal, state and/or local level to fund the Service in the Short Form Services Agreement [Rev:04/01/2024] 6 Agreement. Customer intends to continue the Agreement for its entire term and to satisfy its obligations thereunder. Customer will seek to obtain funding for each fiscal year of an Order Form. For each succeeding fiscal period, (a) Customer agrees to include in its budget request appropriations sufficient to cover Customer’s obligations under the Agreement. (b) Customer agrees to act in good faith to secure appropriations and not use the appropriation process as a way of terminating the Agreement in order to acquire a competing product. In the event that funds are not appropriated or otherwise made available, in whole or in part, to support continuation of performance in a subsequent fiscal period, Customer may terminate the impacted portion(s) of an Order Form, in whole or in part. In accordance with the foregoing, Customer will give Consultant written notice thirty (30) days prior to the effective date of any such termination. All obligations of Customer to make payments after the termination date will cease and all Consultant obligations to provide the Service will terminate. Notwithstanding the foregoing, Customer will pay for (i) the entire time period the Service was made available to Customer prior to Consultant’s receipt of notice of termination for non-appropriation; and (ii) for all amounts and Service periods for which Customer has received services. Customer will not execute any Order Form unless funds have been appropriated for at least the first year’s subscription fee. Upon termination, Customer will remit all amounts due, and all costs actually incurred up to the date of termination. Upon request by Consultant, Customer will identify to Workday the extent to which funds have been allocated for individual Order Forms throughout the term of the Agreement. Termination for cause: Either Party may terminate the Agreement for cause if the other Party materially breaches the terms of the Agreement (including but not limited to Consultant’s non-payment to its vendors) and such breach is not cured within 30 days after the non-breaching Party delivered notice of such breach to the breaching Party. If a breach cannot reasonably be cured within such cure period and the breaching party promptly commences diligent efforts to cure such breach, then such cure period shall continue as long as such diligent efforts to cure continue. If the City properly terminates this Agreement for cause with the Consultant for non-payment to its vendors, then this Agreement and all applicable Order Forms may be terminated by the City immediately and the EUSAs and applicable Order Forms may be novated to a third-party software vendor listed in Section 1 to this Agreement upon mutual written agreement between the City and the third-party software vendor. 8. Prevailing Wage. Where applicable, the wages to be paid for a day's work to all classes of laborers, workmen, or mechanics on the work contemplated by this Purchase Agreement, shall be not less than the prevailing rate for a day’s work in the same trade or occupation in the locality within the state where the work hereby contemplates to be performed as determined by the Director of Industrial Relations pursuant to the Director’s authority under Labor Code Section 1770, et seq. Each laborer, worker or mechanic employed by Consultant or by any subcontractor shall receive the wages herein provided for. The Consultant shall pay two hundred dollars ($200), or whatever amount may be set by Labor Code Section 1775, as may be amended, per day penalty for each worker paid less than prevailing rate of per diem wages. The difference between the prevailing rate of per diem wages and the wage paid to each worker shall be paid by the Consultant to each worker. An error on the part of an awarding body does not relieve the Consultant from responsibility for payment of the prevailing rate of per diem wages and penalties pursuant to Labor Code Sections 1770-1775. The City will not recognize any claim for additional compensation because of the payment by the Consultant for any wage rate in excess of prevailing wage rate set forth. The possibility of wage increases is one of the elements to be considered by the Consultant. (A) Posting of Schedule of Prevailing Wage Rates and Deductions. If the schedule of prevailing wage rates is not attached hereto pursuant to Labor Code Section 1773.2, the Consultant shall post at Short Form Services Agreement [Rev:04/01/2024] 7 appropriate conspicuous points at the site of the project a schedule showing all determined prevailing wage rates for the various classes of laborers and mechanics to be engaged in work on the project under this contract and all deductions, if any, required by law to be made from unpaid wages actually earned by the laborers and mechanics so engaged. (B) Payroll Records. Each Consultant and subcontractor shall keep an accurate payroll record, showing the name, address, social security number, work week, and the actual per diem wages paid to each journeyman, apprentice, worker, or other employee employed by the Consultant in connection with the public work. Such records shall be certified and submitted weekly as required by Labor Code Section 1776. 9. Payment of Taxes; Tax Withholding. Consultant is solely responsible for the payment of employment taxes incurred under this Agreement and any similar federal or state taxes. To be exempt from tax withholding, Consultant must provide City with a valid California Franchise Tax Board form 590 (“Form 590”), as may be amended and such Form 590 shall be attached hereto and incorporated herein as Exhibit D. Unless Consultant provides City with a valid Form 590 or other valid, written evidence of an exemption or waiver from withholding, City may withhold California taxes from payments to Consultant as required by law. Consultant shall obtain and maintain on file for three (3) years after the termination of this Agreement, Form 590s (or other written evidence of exemptions or waivers) from all subcontractors. Consultant accepts sole responsibility for withholding taxes from any non-California resident subcontractor and shall submit written documentation of compliance with Consultant’s withholding duty to City upon request. 10. Severability. If any term or portion of this Agreement is held to be invalid, illegal, or otherwise unenforceable by a court of competent jurisdiction, the remaining provisions of this Agreement shall continue in full force and effect. 11. Entire Agreement. This Agreement, together with the attached Exhibits, represents the entire and integrated agreement between the Parties regarding the subject matter hereof. This Agreement may be modified or amended only by a subsequent written agreement signed by both Parties. For the avoidance of doubt, to the extent there is any conflict between this Agreement and the terms of any Exhibit, the terms of this Agreement shall govern, unless otherwise agreed to by the City. Any additional or different terms in a purchase order are expressly rejected by the Parties and are void unless negotiated and expressly agreed to by the Parties in writing. 12. Non-Liability of Officials, Employees and Agents, No Third-Party Beneficiary. No officer, official, employee or agent of City shall be personally liable to Consultant in the event of any default or breach by City or for any amount which may become due to Consultant pursuant to this Agreement. This Agreement shall be binding upon and inure to the benefit of the Parties and their respective successors and permitted assigns and nothing herein, express or implied, is intended to or shall confer upon any other person any legal or equitable right, benefit or remedy of any nature whatsoever under or by reason of the Agreement. 13. Reserved. 14. Notice. All notices and other communications which are required or may be given under this Agreement shall be in writing and shall be deemed to have been duly given (i) when received if personally delivered; (ii) when received if transmitted by telecopy, if received during normal business hours on a business day (or if not, the next business day after delivery) provided that such facsimile is legible and that at the time such facsimile is sent the sending Party receives written confirmation of receipt; (iii) if sent for next day delivery to a domestic address by recognized overnight delivery service (e.g., Federal Express); and (iv) upon receipt, if sent by certified or registered mail, return receipt requested. In each case notice shall be sent to the respective Parties as follows: Short Form Services Agreement [Rev:04/01/2024] 8 Consultant: Iron Brick Associates, LLC 362 Old Hollow Rd. Sperryville, VA 22740 ATTN: Legal Counsel City: City Clerk City of South San Francisco 400 Grand Avenue South San Francisco, CA 94080 15. Execution in Counterpart. This Agreement may be executed in counterparts and/or by facsimile or other electronic means, and when each Party has signed and delivered at least one such counterpart, each counterpart shall be deemed an original, and, when taken together with other signed counterpart, shall constitute one Agreement, which shall be binding upon and effective as to all Parties. Each End User Agreement shall be deemed a binding agreement between the City and the applicable software provider under the terms set forth in the attached Exhibits. Consultant shall coordinate the execution and order process as an intermediary but shall not alter, amend, or override any of the Order Forms or End User Agreements incorporated terms without the express written agreement by the third- party software provider. 16. Assignment, Governing Law. The Consultant may not assign any of Consultant’s obligations under this Agreement without the City’s prior written approval,. Notwithstanding the foregoing Consultant or its subcontractors may, without obtaining such consent, but subject to providing timely notice to the City prior to assignment, assign this Agreement to any affiliate of such Party or to any person in connection with any sale or other transfer of the business or assets of Consultant or subcontractor, provided that the assignee assumes and has the ability to perform the assigning Party’s duties and obligations under the Agreement. Consultant or its subcontractors may engage affiliates, subcontractors and other third parties to perform a portion of the Services; provided that Consultant or subcontractor shall remain responsible for the performance of such Services by such affiliates, subcontractors and other third parties to the same extent as if such Services were performed by Consultant or subcontractor. This Agreement is governed by California law. The jurisdiction for any litigation arising from this Agreement shall be in the state of California, and shall be venued in the County of San Mateo. 17. Consequential Damages. Notwithstanding anything to the contrary herein, to the extent permitted by law, in no event shall either Party be liable for any loss of anticipated savings, harm to reputation, impaired goodwill or lost productivity, lost profits or revenue, diminution in value or consequential, indirect, incidental, special, punitive or exemplary damages suffered by the other Party or its Representatives arising from or related to the Agreement, regardless of the applicable legal theory of recovery or the foreseeability thereof (and whether or not such Party was advised of the possibility thereof). Short Form Services Agreement [Rev:04/01/2024] 9 IN WITNESS WHEREOF, the Parties have executed this Agreement as of the date written above. CITY: CONSULTANT: By: _____________________________ By:__________________________ Sharon Ranals, City Manager Print Name: Peter Sirh_________ Attest: Title: Vice President____________ ________________________________ City Clerk Company: _____________________ APPROVED AS TO FORM: Date: _________________________ ____________________________ City Attorney 00503739.0 - Confidential ©2025 Workday 25.5 Page 1 of 35 Order Form to City of South San Francisco, CA EXHBIT A WORKDAY ORDER FORMS AND END USER SUBSCRIPTION AGREEMENT ORDER FORM 00503739.0 (“Order Form”) Customer Name City of South San Francisco, CA Reseller Partner Name (“Partner”) Iron Brick Associates LLC Reseller Partner Principal Address 362 Old Hollow Rd, Sperryville, Virginia, 22740, United States Workday Entity Workday, Inc. 6110 Stoneridge Mall Road Pleasanton, CA 94588 Workday End User Subscription Agreement (referred to herein as EUSA) This Order Form is subject to and governed by Workday End User Subscription Agreement v25.1 (EUSA) incorporated herein and attached hereto below. Product Terms Service SKUs are subject to the applicable Product Terms available at https://www.workday.com/en-us/legal/universal-contract-terms-and- conditions/index.html, which are incorporated herein by reference. Order Form Effective Date The later of the dates of the parties’ signatures below Order Term July 1, 2025 through June 30, 2035 WSP Order Term July 1, 2025 through June 30, 2028 Currency USD Total Fees $3,965,031 Payment Schedule Table Payment # Payment Due Date Payment Amount 1 Due in accordance with the EUSA, invoiced upon Order Form Effective Date $297,250 2 Due on First anniversary of the Order Term start date $454,547 3 Due on Second anniversary of the Order Term start date $461,664 4 Due on Third anniversary of the Order Term start date $370,118 5 Due on Fourth anniversary of the Order Term start date $377,521 6 Due on Fifth anniversary of the Order Term start date $385,074 7 Due on Sixth anniversary of the Order Term start date $392,773 8 Due on Seventh anniversary of the Order Term start date $400,628 9 Due on Eighth anniversary of the Order Term start date $408,639 10 Due on Ninth anniversary of the Order Term start date $416,817 Total Payment Amount $ 3,965,031.00 For the avoidance of doubt, the Payment Schedule Table will be used for invoicing purposes. 00503739.0 - Confidential ©2025 Workday 25.5 Page 2 of 35 Order Form Resale to City of South San Francisco, CA Subscription Fees Table Subscription Period Date Range Subscription Fee 1 July 1, 2025 through June 30, 2026 $297,250 2 July 1, 2026 through June 30, 2027 $454,547 3 July 1, 2027 through June 30, 2028 $461,664 4 July 1, 2028 through June 30, 2029 $370,118 5 July 1, 2029 through June 30, 2030 $377,521 6 July 1, 2030 through June 30, 2031 $385,074 7 July 1, 2031 through June 30, 2032 $392,773 8 July 1, 2032 through June 30, 2033 $400,628 9 July 1, 2033 through June 30, 2034 $408,639 10 July 1, 2034 through June 30, 2035 $416,817 Total Subscription Fee $ 3,965,031.00 For the avoidance of doubt, the Payment Schedule Table(s) will be used for invoicing purposes. The Subscription Fees Table provides the Subscription Fees for each applicable Subscription Period. The Subscription Fee for Subscription Period 2 onwards includes a capped Innovation Index of 2.0% (as defined in the Additional Definitions Section below). During the initial Order Term, any increases due to CPI (also defined below) are waived. Customer understands that the Subscription Fees above reflect Customer’s planned phased deployment, and any adjustment to the deployment timeline will not result in changes to the Payment Schedule or Subscription Fees. This Order Form is subject to and governed by the Workday End User Subscription Agreement (“EUSA”). In the event of a conflict, the provisions of this Order Form take precedence over the EUSA and its exhibits and attachments. For reference only, a copy of the Product Terms as they exist as of the Order Form Effective Date are attached hereto. All remittance advice and invoice inquiries shall be directed to accounting@ironbrick.com 1. Renewal. Customer may renew this subscription for the Service by notifying Iron Brick at least 60 days prior to the end of the Order Term and Iron Brick will generate a new Order Form for a single five-year renewal term (“Renewal Term”) at the below pricing: Renewal Table Renewal Term Years Annual Renewal Subscription Fees 1st year of Renewal Term Base Subscription Fee x (1+ (2% Innovation Index + Renewal Term CPI)) 2nd year of Renewal Term Previous Year Subscription Fee x (1+ (2% Innovation Index + Renewal Term CPI)) 3rd year of Renewal Term Previous Year Subscription Fee x (1+ (2% Innovation Index + Renewal Term CPI)) 4th year of Renewal Term Previous Year Subscription Fee x (1+ (2% Innovation Index + Renewal Term CPI)) 5th year of Renewal Term Previous Year Subscription Fee x (1+ (2% Innovation Index + Renewal Term CPI)) The “Base Subscription Fee” means the Subscription Fee for the final Subscription Period listed in the Subscription Fees Table, minus any annualized fees for Workday Success Plans. If the final Subscription Period is a partial year, the Base Subscription Fee is the annualized value of the final Subscription Period. The Renewal fees for the Workday Success Plan will be based on the greater of either the minimum fee or 20.0% of the annual Renewal fees, as described in the Annual Renewal Subscription Fees table above. The Expansion Rates for the Renewal Term shall be increased by the same percentage as the Annual Renewal Subscription Fees per year in the Renewal Table. Annual Renewal Subscription Fees are valid only if Customer’s Base Subscription Fee is equal to or greater than the Base Subscription Fee defined herein. Fees for the Renewal Term are due by the first day of each corresponding year of the Renewal Term. Individual payments shall match the Annual Renewal 00503739.0 - Confidential ©2025 Workday 25.5 Page 3 of 35 Order Form Resale to City of South San Francisco, CA Subscription Fee as defined in the Renewal Table above. If Customer wishes to procure any additional SKUs or Subscription Rights for a Renewal Term that are not included in the Base Subscription Fee, fees for those items will be in addition to the fees anticipated under this section. 2. Additional Definitions (as applicable). “CPI” means the consumer price index established by the United States Department of Labor for All Urban Consumers, US City Average, All Items (change in annual average). “Renewal Term CPI” means CPI established for the calendar year prior to the most recent February 1 preceding the Renewal Term, if a positive number. “Innovation Index” means the fixed annual rate of increase in Subscription Fees based on improved Service functionality and performance that is a result of Workday’s efforts and investment in product development and infrastructure. 3. Workday Success Plans Additional Terms. Workday Success Plans is described in and subject to the Workday Success Plans Program Terms site (https://www.workday.com/content/dam/web/en-us/documents/legal/workday-success-plans-accelerate- accelerateplus-plans-program-terms.pdf) and subject to the terms of the Workday Customer Experience Program Addendum (https://www.workday.com/en-us/legal/universal-contract-terms-and- conditions/index.html). In the event of a conflict between the terms of this Order Form and the terms of either of the Workday Success Plans Program Terms or the Workday Customer Experience Program Addendum, the terms of this Order Form shall control. The Pricing Metric in the table above for Workday Success Plans is based on the annual Subscription Fees during the Order Term. If Customer purchases additional SKU(s) or Subscription Rights under this Order Form to EUSA during the WSP Order Term, an additional fee equal to 20.0% of the new Subscription Fees will be added for the Workday Success Plan to the new Order Form. Customer will only have rights to Workday Success Plans during the WSP Order Term. The total Workday Success Plan fees assessed on this Order Form, in the amount of $296,400, represent fees associated with the SKU(s) purchased under this Order Form for the WSP Order Term. 4. Growth and Expansion Fees. Customer is responsible for ensuring the Growth and Expansion reporting processes described in the attached Customer Order Addendum are followed. The fees due from Customer to Iron Brick resulting from the Customer’s growth and expansion will be determined as set forth in this section and will be documented in an additional Order Form to be executed by both Customer and Iron Brick. a. FSE Metric Reporting. Reporting for Active FSE Worker Records is based on the additional FSE Workers which are defined as any Active FSE Worker records exceeding the Baseline FSE Count. Full-Service Equivalent (“FSE”) Count Table FSE Population Category Baseline FSE Count Full Enterprise 519 United States-based employees 519 FSE Calculation Table: Worker Category Total Workers Applicable Percentage FSE Count Full Time Employees 460 100.0% 460 Part-Time Employees 10 25.0% 3 Associates 448 12.5% 56 Former Workers with Access 0 2.5% 0 Total FSE Count: 918 519 FSE Expansion Subscription Fees Table SKU Annual FSE Expansion Rate 00503739.0 - Confidential ©2025 Workday 25.5 Page 4 of 35 Order Form Resale to City of South San Francisco, CA All Service SKU(s) with the FSE Pricing Metric in the Subscription Rights Table unless stated otherwise within this table $634.12 LDPUSP $55.88 LDPBEN, LDPCCB $17.56 b. Additional Metric Reporting based on total cumulative number. Reporting for the following SKU(s) is based on the total cumulative number set forth in the Subscription Rights Table for the 12-month period preceding the Count Date. For avoidance of doubt, reporting at the end of Year 1 is based on Customer’s full annual entitlement outlined in the Subscription Rights Table. i. Additional Metric Expansion Table SKU Additional Metric Increase Annual Expansion Rate for Additional Metric Increase LDPMSG Each increment of 50,000 Additional Text Messages $5,200 c. Additional Metric Reporting based on highest daily number. Reporting for the following SKU(s) is based on the highest daily number set forth in the Subscription Rights Table for the 12-month period preceding the Count Date. For avoidance of doubt, reporting at the end of Year 1 is based on Customer’s full annual entitlement outlined in the Subscription Rights Table. i. Additional Metric Expansion Table SKU Additional Metric Increase Annual Expansion Rate for Additional Metric Increase LDPPRA Each increment of 10M Additional Published Data Rows $53,579 Customer Contact Information Billing, In Care of Responsible for payment processing and will receive invoicing and billing-related communications. Subscriptions Contact Main point of contact for responding to and fulfilling the Growth and Expansion Obligations. Contact Name Tony Barrera Tony Barrera Street Address P.O. Box 711 South San Francisco, CA 94080 P.O. Box 711 South San Francisco, CA 94080 City/Town, State/Region/County, Zip/Post Code, Country Phone/Fax # 650-829-3915 650-829-3915 Email (required) Web-it@ssf.net Web-it@ssf.net 00503739.0 - Confidential ©2025 Workday 25.5 Page 5 of 35 Order Form Resale to City of South San Francisco, CA IN WITNESS WHEREOF, this Order Form is entered into as of the Order Form Effective Date. City of South San Francisco Iron Brick Associates, LLC Signature Signature Name Name Title Title Date Signed Date Signed 00503739.0 - Confidential ©2025 Workday 25.5 Page 6 of 35 Order Form Resale to City of South San Francisco, CA CUSTOMER ORDER ADDENDUM Reseller Name Iron Brick Associates LLC Customer Name City of South San Francisco, CA Customer Address 400 Grand Ave, South San Francisco, California, 94080-3634, United States Customer Order Term July 1, 2025 through June 30, 2035 Customer WSP Order Term July 1, 2025 through June 30, 2028 Tenant (or Instance as applicable) Base Name Tenant Base Name is used to generate Workday tenant URLs. ssf Service SKUs identified in the Workday Service SKU Descriptions Addendum below are subject to the Product Terms for the applicable Product Line available at https://www.workday.com/en- us/legal/universal- contract-terms-and-conditions/index.html, which are incorporated herein by reference and for which Workday will provide notice of updates by posting updated versions. Any Service SKU described in this Customer Order Addendum is a Covered Service under the Workday Universal DPE and Workday Universal Security Exhibit. Use of the Services is subject to the EUSA. “End User Subscription Agreement (EUSA)” means the End User Subscription Agreement located at https://www.workday.com/content/dam/web/en-us/documents/legal/workday-end-user-agreement.pdf. Subscription Rights Table SKU Service Pricing Metric Annual Subscription Rights LDPHCM Core Human Capital Management - LDP FSE* Full Enterprise LDPHLP Help - LDP FSE* Full Enterprise LDPCCB Cloud Connect for Benefits - LDP FSE* Full Enterprise LDPBEN Benefits - LDP FSE* Full Enterprise LDPUSP** Payroll for United States - LDP FSE* United States-based Employees only LDPLRN Learning - LDP FSE* Full Enterprise MCNF Media Cloud - No Fee FSE* Full Enterprise LDPCCLRN Cloud Connect for Learning - LDP FSE* Full Enterprise LDPREC Recruiting - LDP FSE* Full Enterprise LDPMSG Messaging - LDP Messages Up to 100,000 outbound and inbound messages LDPTLO Talent Optimization - LDP FSE* Full Enterprise LDPGM Grants Management - LDP FSE* Full Enterprise LDPFIN Core Financials - LDP FSE* Full Enterprise LDPPLNF Financial Planning - LDP FSE* Full Enterprise LDPPRA Prism Analytics Essentials - LDP Published Data Rows Up to 10 million Published Data Rows at any time for each Tenant (or 00503739.0 - Confidential ©2025 Workday 25.5 Page 7 of 35 Order Form Resale to City of South San Francisco, CA Instance as applicable) LDPPRJT Projects - LDP FSE* Full Enterprise LDPTT Time Tracking - LDP FSE* Full Enterprise LDPAM Absence Management - LDP FSE* Full Enterprise LDPSC Scheduling - LDP FSE* Full Enterprise LDPPRO Procurement - LDP FSE* Full Enterprise WSP Workday Success Plan % of Fee WSP - Accelerate *For Pricing Metric details see the Full-Service Equivalent (“FSE”) Count Table below. **The number of FSE Workers for all Payroll Services and any Workday payroll connector will always be equal to the total number of FSE Workers for HCM. Full-Service Equivalent (“FSE”) Count Table FSE Population Category Baseline FSE Count Full Enterprise 519 United States-based employees 519 Named Support Contacts Table Number of Named Support Contacts* 6 *Named Support Contacts are the contacts that may request and receive support services from Workday and must be trained on the Workday product(s) for which they initiate support requests. Contact Information for Customer Customer Support Main point of contact for Workday Support and will receive initial login credentials. Security Contact The Named Support Contact responsible for receiving security notifications. Contact Name Tony Barrera Tony Barrera Street Address City/Town, State/Region/County, Zip/Post Code, Country P.O. Box 711 South San Francisco, CA 94080 P.O. Box 711 South San Francisco, CA 94080 Phone/Fax # 650-829-3915 650-829-3915 Email (required) Web-it@ssf.net Web-it@ssf.net 1. General. Unless otherwise defined herein, capitalized terms used in this Customer Order Addendum have the same meaning as set forth in the EUSA. Customer’s subscription rights are based on the maximum indicated in the Subscription Rights Table and any use in excess of such maximum(s) indicated will be subject to the Growth and Expansion section herein. Annual Subscription Rights limits may not be decreased during the Order Term. 2. FSE Metric Calculation and Worker Category Definitions. The total FSE Count is calculated by categorizing each Worker to one of the Worker Categories below, multiplying the applicable number of Workers by the Applicable Percentage, and then adding the FSE Count for each Worker Category. 00503739.0 - Confidential ©2025 Workday 25.5 Page 8 of 35 Order Form Resale to City of South San Francisco, CA FSE Calculation Table: Worker Category Total Workers Applicable Percentage FSE Count Full Time Employees 460 100.0% 460 Part-Time Employees 10 25.0% 3 Associates 448 12.5% 56 Former Workers with Access 0 2.5% 0 Total FSE Count: 918 519 The Service may be used by Customer only for the Worker Categories listed above and as defined below. “Full-Time Employee” is an employee of Customer regularly scheduled for more than twenty hours per week regardless of the method of payment or actual hours worked, whether or not such employee is eligible to receive employee benefits in accordance with Customer’s internal standard practices. A Full- Time Employee will be considered non-temporary if they are hired to work for a period of more than 3 months in a given year. “Part-Time Employee” is an employee of Customer regularly scheduled for twenty hours per week or less regardless of the method of payment or actual hours worked, whether or not such employee is eligible to receive employee benefits in accordance with Customer’s internal standard practices. A Part-Time Employee will be considered non-temporary if they are hired to work for a period of more than 3 months in a given year. "Associate” is an individual not counted as a Full-Time or Part-Time Employee but in one of the following categories: temporary employees, independent contractors and affiliated non-employees including, but not limited to, volunteers and vendors whose Active Records are in the Service. “Former Worker with Access” is a former worker that continues to have access to the Service through the Employee Self-Service features. Former Workers with Access are only included in the Subscription Rights for the Human Capital Management Service. Former Workers with Static Records shall be excluded from the FSE calculation but may continue to be maintained in the Service. “Static Records” are records in the Service for workers with whom Customer has no further relationship and to whom Customer does not provide self-service access. Static Records include former worker records used solely for historical reference. All other worker records are “Active Records”. 3. Additional Metric Definition(s). Me Additional Metric Definition Table Metric Definition LDPMSG Messages Text messages sent or received by recipient. LDPPRA Published Data Rows The total number of data rows capable of being reported upon in Customer’s PRA data catalog. Published Data Rows are measured separately for each Tenant (or Instance as applicable). 4. Growth and Expansion Reporting. A. Annual Reporting Obligation. Customer will report to Reseller no earlier than 90 days and no later than 60 days (“Annual Reporting Period”) based on the number of Active FSE Worker Records and Additional Metrics provided herein, as applicable, as of 90 days (“Count Date”) prior to each anniversary of the Order Term start date. If the Annual Reporting Obligation shows amounts higher than those stated in this Customer Order Addendum, the Annual Subscription Rights in the Subscription Rights Table will be adjusted upward for the remainder of the Order Term. 00503739.0 - Confidential ©2025 Workday 25.5 Page 9 of 35 Order Form Resale to City of South San Francisco, CA B. Growth Event Reporting Obligation. In addition to the Annual Reporting Obligation, if Customer exceeds any Subscription Rights by 5% or more (“Growth Event”) as a result of any one-time addition of Workers (e.g., M&A), Customer must report to Reseller the excess Subscription Rights within 30 days of the Growth Event. Any Growth Event adjusts the Annual Subscription Rights indicated in the Subscription Rights Table for the remainder of the Order Term. C. Workday Success Plans Reporting. In conjunction with any fees due as a result of the Annual Reporting Obligation or Growth Event Reporting Obligation, additional fees will be added for Workday Success Plan for any excess Subscription Rights. 5. Additional Scope of Use Terms. Prism Analytics. Customer may import and utilize third party data (including any data services that Workday may make available to Customer) with LDPPRA but only to the extent Customer has independently obtained all necessary rights and licenses to do so and Customer’s use of such data is in compliance with such data provider’s terms of use and applicable Laws. LDPPRA is not provided in a PCI compliant environment so it may not be used for PCI data. Customer may monitor its own usage in LDPPRA and manage Published Data Rows by unpublishing, filtering and republishing, or deleting data, in order to keep its usage of LDPPRA below the Published Data Rows limits set forth above, or Customer may purchase additional Published Data Rows entitlements (set forth in the “Growth and Expansion” section above). Workday reserves the right to monitor the number of Published Data Rows by Tenant (or Instance as applicable) used by Customer. Customer understands that if at any time Customer exceeds the Data Limit then Customer may experience reduced performance of the Tenant (or Instance as applicable). “Data Limit” for each Tenant (or Instance as applicable) is the sum of the Published Data Row entitlement as set forth in the “Subscription Rights Table” above for a particular Tenant (or Instance as applicable) and any additional current Published Data Row entitlements purchased by Customer. 1. Tenants In connection with Customer’s use of the Service during the Order Term, Workday will provide to Customer one Production tenant and one sandbox tenant in accordance with Workday’s standard policies. One additional sandbox, referred to as a preview tenant, will be provided for testing pursuant to Workday’s standard policies. Deployment tenants will be provided to Customer during Customer’s deployment project in accordance with Workday’s Deployment Tenant Policy. Customer’s tenants will be housed in data centers located in the U.S. Access by People with Disabilities. The Documentation includes Workday’s Accessibility in Workday Applications document (the “Workday Accessibility Documentation”) solely for the Workday Service(s) that are specifically set forth therein, which summarizes the applicable Workday Service’s compliance with the regulations promulgated under Section 508 of the U.S. Rehabilitation Act, and the World Wide Web Consortium’s Web Content Accessibility Guidelines (“WCAG”) Version 2.1 AA and is updated on a periodic basis to reflect updates in the applicable Workday Service. As part of the Documentation, the Workday Accessibility Documentation is subject to the warranty provisions of Section 6. The Workday Service is accessed via the Internet and Customer is responsible for providing any adaptive technology needed by Authorized Users to utilize the Internet. In addition to Workday’s support obligations as set forth in the SLA, Workday agrees that in the event that Customer identifies one or more issues with Workday’s accessibility capabilities that Customer in reasonable good faith believes blocks the accessibility of a critical function, Workday will, upon Customer’s request, make available relevant members of Workday’s accessibility team to meet with Customer to discuss the nature of the issue and possible solutions, which may include no action. Termination for Non-Appropriation. Customer is a US Federal, State, or Local governmental entity that relies on funding which is allocated at the federal, state and/or local level to fund the Service in the Agreement. Customer intends to continue the Agreement for its entire term and to satisfy its obligations thereunder. Customer will seek to obtain funding for each fiscal year of an Order Form. For each succeeding fiscal period, (a) Customer agrees to include in its budget request appropriations sufficient to cover Customer’s obligations under the Agreement. (b) Customer agrees to act in good faith to secure appropriations and not use the appropriation process as a way of 00503739.0 - Confidential ©2025 Workday 25.5 Page 10 of 35 Order Form Resale to City of South San Francisco, CA terminating the Agreement in order to acquire a competing product. In the event that funds are not appropriated or otherwise made available, in whole or in part, to support continuation of performance in a subsequent fiscal period, Customer may terminate the impacted portion(s) of an Order Form, in whole or in part. In accordance with the foregoing, Customer will give Workday written notice thirty (30) days prior to the effective date of any such termination. All obligations of Customer to make payments after the termination date will cease and all Workday obligations to provide the Service will terminate. Notwithstanding the foregoing, Customer will pay for (i) the entire time period the Service was made available to Customer prior to Workday’s receipt of notice of termination for non- appropriation; and (ii) for all amounts and Service periods for which Customer has received services. Customer will not execute any Order Form unless funds have been appropriated for at least the first year’s subscription fee. Upon termination, Customer will remit all amounts due, and all costs actually incurred up to the date of termination. Upon request by Workday, Customer will identify to Workday the extent to which funds have been allocated for individual Order Forms throughout the term of the Agreement. 00503739.0 - Confidential ©2025 Workday 25.5 Page 11 of 35 Order Form Resale to City of South San Francisco, CA WORKDAY SERVICE SKU DESCRIPTIONS ADDENDUM Customer may only use the Service SKUs subscribed to as indicated in the body of this Order Form. Service Product Line Description Core Human Capital Management - LDP Human Capital Management Core HCM includes management of the unified worker system of record; organization management; staffing management; basic compensation management; safety incident tracking; business asset tracking; management of business plans. Core HCM supports the organization’s onboarding through new hire tasks; calls attention to the on- boarding process; guides workers through a checklist of actions; and enables communication of relevant corporate and job-related information. Core HCM also enables the creation of electronic Form I-9s for U.S. employment verification and the ability to distribute documents to new hires and track acknowledgements or electronic signatures. Core HCM includes Workday Foundation elements such as dashboards, reporting, analytics, Business Process Framework and self-service. Workday HCM includes connectors that facilitate integration to select Workday partners that provide capabilities including: recruiting, learning, time and attendance, and user account provisioning (LDAP/Active Directory). Help - LDP Human Capital Management Help includes a knowledge base with features to create, maintain and manage organizational content, and a case management system with features to create, route and resolve human resources cases. Cloud Connect for Benefits - LDP Human Capital Management Cloud Connect for Benefits extends Workday HCM by providing integration to a growing catalog of benefits providers, including: health insurance, health and flexible spending accounts, retirement savings plans, life insurance, AD&D insurance, and COBRA administrators. Benefits - LDP Human Capital Management Benefits enables the set-up of benefit plans, benefit groups, eligibility rules and benefit rates; maintenance of enrollment event and cross plan rules for benefit plans; management of benefit and open enrollment events, evidence of insurability, and individual rates for workers; and tracking of beneficiaries and dependents. Payroll for United States - LDP Payroll Workday Payroll for US supports the creation and management of Payroll for U.S. employees. Configure earnings, deductions, accumulations, and balances. Identify tax authorities each company wishes to withhold for. Manage worker tax data, payment elections, involuntary withholding orders, and payroll input. Calculate, review/audit, and complete payrolls and settlement runs. Configure and calculate payroll commitments. Workday Payroll includes connectors that facilitate integration to 00503739.0 - Confidential ©2025 Workday 25.5 Page 12 of 35 Order Form Resale to City of South San Francisco, CA select Workday partners that provide capabilities, including: time and attendance, tax filing, check printing, and direct deposit. Learning - LDP Talent Management Workday Learning supports an organization in training and developing its workforce. This includes the ability to manage, organize and deliver learning content using Media Cloud, and to leverage Workday HCM data to create targeted learning campaigns. A variety of learning content is supported - including but not limited to video, packaged third-party content, and user-generated content. Workday Learning also offers the ability to manage certifications and instructor-led course enrollments, and to gather feedback and analytics relating to the learning experience. Media Cloud - No Fee Platform and Product Extensions Workday Media Cloud is a media content management system that consists of Workday's storage, encoding, caching, playback, streaming, and related service components as provided by Workday for customers of the Workday Service. A variety of learning content is supported by Media Cloud, including but not limited to video, packaged third-party content, and user-generated content. Cloud Connect for Learning - LDP Talent Management Cloud Connect for Learning extends Workday Learning by providing integrations to third party content providers. This includes the ability to search third party learning course information, access learning courses, and, if and when available, track and retain records. This SKU requires an active subscription to Workday Learning. Recruiting - LDP Talent Management Workday Recruiting supports an organization in its talent acquisition process. It is designed to help hiring managers and recruiters identify, hire and onboard the right talent for their business. Workday Recruiting supports the hiring process, including pipeline management, requisition management, job posting distribution, interview management, offer management, as well as supports local data compliance and pre-employment activities. Workday Recruiting also offers hiring teams tools to proactively source, nurture and track internal and external prospective candidates throughout the recruiting process. Messaging - LDP Platform and Product Extensions Messaging enables Customers to connect with their end users via text messaging communications, and provides a platform to manage messaging preferences, including opt- in/opt-out preferences. Talent Optimization - LDP Talent Management Talent Optimization includes talent and performance functionality (goals, development plans, employee performance reviews, talent and performance calibration, feedback, check-ins, succession, mentors and connections, competency management, talent pools, and talent matrix reports). Talent Optimization also includes features (if and when available) that enable organizations to optimize their 00503739.0 - Confidential ©2025 Workday 25.5 Page 13 of 35 Order Form Resale to City of South San Francisco, CA workforce and workers to optimize their careers. It supports talent mobility by connecting an organization's workforce with internal opportunities matched to their skills, experience, and interests. It also guides workers and enables them to explore potential opportunities. Grants Management - LDP Financial Management Workday Grants Management enables organizations to administer and report on awards from the federal government, foundations, or other funding institutions. Workday Grants Management includes functionality to track and manage sponsors, awards, grants, and grant hierarchies. It also includes capabilities to calculate facilities and administration costs, and to bill and report to sponsors. Core Financials - LDP Financial Management Core Financials provides traditional financial management and accounting functionality, including financial management, accounting and reporting, financial consolidation, supplier accounts, customer accounts, business assets, cash management, budgets, contracts, billing, and revenue recognition. Core Financials includes connectors that facilitate integration to select Workday partners that provide capabilities, including customer relationship management, electronic payments, and customer payments via credit card. Financial Planning - LDP Adaptive Planning Financial Planning provides the ability for Customer to create financial planning models for the purpose of supporting the financial planning process. Workers may interact with the financial planning model for the purposes of data entry, forecasting, reporting, and analysis. Prism Analytics Essentials - LDP Analytics and Reporting Workday Prism Analytics is an analytics application that provides Workday customers the ability to blend and analyze Workday data and non-Workday data from multiple sources. Workday Prism Analytics includes a data repository for storage and management of data, data preparation tools for transformation and blending of data from various sources, and tools to explore and analyze the data. Projects - LDP Financial Management Projects enables organizations to create and manage projects, initiatives, and other types of work. This includes the ability to build project plans and utilize project breakdown structures that include phases, tasks, and milestones as well as plan, staff, and track projects, capital projects, initiatives, and work efforts. Time Tracking - LDP Workforce Management Workday Time Tracking enables the collection, processing, and distribution of time data for a global workforce. The Workday Time Tracking module is unified with Workday HCM and Workday Payroll and includes basic time scheduling, time entry (hourly, time in/time out), approvals, and configurable calculation rules. End User Subscription Agreement ©2024 Workday Page 14 of 35 Absence Management - LDP Workforce Management Absence Management supports the management of leave of absences and time off. It enables the set up and administration of leave plans; the definition of the impact a leave has on employee compensation, as well as whether employees can request leave types directly. It enables viewing of leave results for a worker or organization; set up and administration of time off plans, and whether time off can be requested directly by the employee. Absence Management enables the viewing of time off plan balances including projections. Scheduling - LDP Workforce Management Scheduling supports an organization in creating and managing workforce schedules. This includes the ability to build schedules, account for worker preferences and availability, and assign, notify, and engage with workers regarding schedules. Procurement - LDP Spend Management Workday Procurement includes procure to pay functionality to address spend for goods and services. Manage suppliers, supplier contracts, requisitions, purchase and change orders, receipts, and goods and services sourcing. Maintain purchase items, catalogs, and a supplier portal. Create receipt accruals for approved, but not yet invoiced receipts. Workday Procurement includes connectors that facilitate integration to partners that provide capabilities, including: corporate card transactions, and support for 'punchout' to suppliers. End User Subscription Agreement ©2024 Workday Page 15 of 35 TRAINING ORDER FORM #509087 Reseller Name Iron Brick Associates LLC Customer Name City of South San Francisco, CA Workday Entity Name Workday, Inc. 6110 Stoneridge Mall Road Pleasanton, CA 94588 Order Effective Date The later of the dates beneath the parties’ signatures below Training Credit Order Term 18 months from the Order Effective Date Currency USD Total Training Fees $54,112 Payment # Payment Due Date Payment Amount 1 Due in accordance with the EUSA, invoiced upon Order Effective Date $54,142 Total Payment Amount $54,112 SKU Training Offering Price Per Credit Quantity Total Training Credit Fees TC Training Credits $712 76 $54,112 Total (TC) Training Fees $54,112 Customer Contact Information Billing, In Care of Contact Name Street Address City/Town, State/Province/Region Zip/Postal Code Country Phone/Fax # Email (Required) This Order Form is subject to and governed by the EUSA. This Order Form incorporates the Training Terms located at https://www.workday.com/en-us/legal/contract-terms-and- conditions/index.html (“Training Terms”) and the Bulk Training Credit Rates attached hereto as Addendum A (the “Bulk TC Rates”). In the event of a conflict between the terms of the EUSA, the Training Terms, this Order Form, and the attached Addendum, the order of precedence is (i) this Order Form, (ii) Addendum A (Bulk TC Rates), (iii) the Training Terms, and (iv) the EUSA. All remittance advice and invoice inquiries shall be directed to Accounting@ironbrick.com. End User Subscription Agreement ©2024 Workday Page 16 of 35 IN WITNESS WHEREOF, the parties' authorized signatories have duly executed this Order Form. City of South San Francisco Iron Brick Associates, LLC Signature Signature Name Name Title Title Date Signed Date Signed End User Subscription Agreement ©2024 Workday Page 17 of 35 ADDENDUM A - BULK TRAINING CREDIT RATES The following rates apply to the bulk purchases made within the 12-month period following the Order Effective Date, with the discount level based on the cumulative number of Prepaid Training Credits Acquired as determined under the Section 3.b. of the Training Terms: Prepaid Training Credits Acquired Rate Per Training Credit 1-10 USD $ 832 11-25 USD $ 790 26-50 USD $ 764 51-75 USD $ 738 76-100 USD $ 712 101-249 USD $ 686 250+ USD $ 645 End User Subscription Agreement ©2024 Workday Page 18 of 35 ORDER FORM #00509208.0 Customer Name City of South San Francisco, CA Reseller Partner Name (“Partner”) Iron Brick Associates LLC Reseller Partner Principal Address 362 Old Hollow Rd, Sperryville, Virginia, 22740, United States Workday Entity Name Workday, Inc. 6110 Stoneridge Mall Road Pleasanton, CA 94588 Order Form Effective Date The later of the dates of the parties’ signatures below Currency USD Underlying Order Form(s) 503739, and if applicable, any related renewal Order Form(s) then in effect. Total Subscription Fee $0 Payment Schedule Table Payment # Payment Due Date Payment Amount 1 Due in accordance with the EUSA, invoiced upon Order Effective Date $0 Total Payment Amount $0 Subscription Rights Table Item Description Price Per Rising Pass Years Quantity of Passes Total Fees (List) Total Fees (Discounted) Pre-Paid Rising Passes 2,295 1 3 $6,885 $0 Term: 2025 This Order Form is only valid and binding on the parties when executed by both parties. Prior to attendance, Customer shall complete the Workday Rising registration process at https://rising.workday.com/, as may be updated by Workday in future years. The fees under this Order Form for Rising Passes are non-cancellable and non-refundable and may not be applied to any other Workday offering. Customer Contact Information Billing, In Care of Responsible for payment processing and will receive invoicing and billing-related communications. Contact Name Tony Barrera Street Address City/Town, State/Region/County, Zip/Post Code, Country P.O. Box 711 South San Francisco, CA 94080 Phone/Fax # 650-829-3915 Email (required) Web-it@ssf.net THE VALIDITY OF THIS ORDER FORM IS CONTINGENT UPON CUSTOMER’S EXECUTION OF ORDER FORM #503739. End User Subscription Agreement ©2024 Workday Page 19 of 35 IN WITNESS WHEREOF, this Order Form is entered into as of the Order Form Effective Date. City of South San Francisco Iron Brick Associates, LLC Signature Signature Name Name Title Title Date Signed Date Signed End User Subscription Agreement ©2024 Workday Page 20 of 35 TERMS OF SERVICE FOR WORKDAY RISING THESE TERMS AND CONDITIONS (the “Terms”) GOVERN YOUR REGISTRATION, ATTENDANCE AT AND PARTICIPATION IN WORKDAY RISING 2025 (“Workday Rising” or the “Event”). By registering for Workday Rising and accepting these Terms, you agree to comply with these Terms in relation to your Event registration and Event participation. REGISTRATION Workday Rising is an event for current Workday customers, invited prospective customers, sponsoring partners and Workday employees. Attendees must register for the Event through the Event registration website. You will receive a registration confirmation email at the email address you provide during registration. Workday reserves the right to reject, cancel or terminate any registration or discount offer at any time. Workday will refund fees paid for cancelled or terminated registrations. PAYMENT Full payment of the Workday Rising registration fee (“Fee”) is required to gain access to the Event. Payment for Fee is due in full no later than the Event start date. The Workday Rising Fee paid may only be used for the Workday Rising registration and may not be applied toward the purchase of any other products, services, and or events. If paying by credit card, you hereby authorize card holder, acting on behalf of Workday for the Event, to charge the credit card indicated in the registration form, for the Event Fee on today’s date and you certify that you are an authorized user of this credit card. This payment is for the Event registration only. You understand that cancellations and any refunds are subject to the Terms below. You also agree if you encounter any issues associated with the credit card charge that you will contact Workday Rising Registration team to resolve the issue. BADGES When your Fee has been paid, you may pick up your Event badge (“Badge”) by showing a government- issued picture ID at the Event check-in area during the Event dates. Each attendee must show a government-issued picture ID to be given his/her Event Badge. No attendee will be admitted into the venue without an Event Badge. Event Badges may contain RFID tags, which will be used to record your participation in the Event’s meetings, events, and sessions, and to provide you with feedback surveys following the sessions. If you demonstrate an interest in a sponsoring partner and have the sponsoring partner scan your badge during the Event, you acknowledge and agree that Workday will share your registration information with that sponsoring partner (“Badge Scan”). SECURITY Workday is committed to providing a safe and secure environment. Here are some of the security procedures for the Event:  Event Badges must be worn and visible at all times while you are at any Event venue, event or activity. They may not be shared or exchanged with any person or persons.  No bags or property should be left unattended at any time. Unattended property may be removed.  No persons under 18 years of age will be permitted at the Event, including in breakout sessions, keynotes, and all other Event venues.  You must comply with all fire, safety, and health regulations of the Event venue. Attendees who violate such rules and/or who behave in an unsafe or careless manner while attending the Event may be asked to leave immediately and will be held responsible for their actions. Workday reserves the right, without prior notice, to take any security measures it deems appropriate to provide for the safety of attendees. Workday reserves the right to change these procedures, without prior End User Subscription Agreement ©2024 Workday Page 21 of 35 notice, and has sole discretion to deny entry to anyone. SUBSTITUTIONS If you are unable to attend Workday Rising, you may transfer your registration to another person by sending an email to the Workday Rising Registration Team with the new attendee’s name and contact information. Please note: session and event selections may not be transferred. HOTEL CANCELLATION POLICY If you make your hotel reservations during this registration process, you acknowledge and accept that hotel cancellations require (5) days’ notice prior to your scheduled arrival date to avoid a penalty equal to one night room and tax. PHOTOGRAPHY RELEASE By registering, attending, and participating in the Event, you grant Workday the right to record, film, photograph, or capture your image and voice at the Event in any media now available or hereafter developed and to distribute, broadcast, use, or otherwise globally to disseminate, in perpetuity, such media without any further approval from you or any payment to you. This grant includes, but is not limited to, the right to edit such media, the right to use the media alone or together with other information, and the right to allow others to use or disseminate the media. ASSUMPTION OF RISK Your attendance at and participation in the Event is completely voluntary. You accept and assume all risks of any and all personal injury or damage to your personal property that you may face while attending the Event, and waive any claims against Workday relating to such risks. Workday does not guarantee admittance to any specific event, session or keynote and reserves the right to refuse admittance to any event, session, or keynote to any attendee, at its sole discretion. Unless specified otherwise, attendees at all events, sessions, and keynotes are seated on a first-come first-served basis. PERSONAL INFORMATION Workday will handle and protect the information gathered from you during registration, attendance and participation at the Event in accordance with Workday’s Privacy Statement located at http://www.workday.com/company/privacy.php. By registering, attending, and participating in this Event, you acknowledge and agree that Workday will share your registration and registration details, attendance, Event schedule, and participation information with Event-related companies in order to manage and improve this and future events and Workday’s products and services and enable and coordinate professional networking opportunities. For example, Workday may communicate your name, title, role, email address, company, and Event schedule with session speakers and content stakeholders as well as to Event vendors so that sessions may be adapted to be more relevant to the registered audience. In addition, by registering for the Event, you acknowledge and agree to share your company name and title with selected Sponsoring Partners in order to improve the Event. You agree that Workday may use your email address to send Event updates and survey evaluations. Workday may also use your email address to send marketing-related messages, such as invitations to future Workday events, if you opt-in to such communications during registration. Workday will share your registration information (first and last name, title, company, physical address, phone numbers, and email address) with sponsoring partners whom you have authorized via Badge Scan during the Event. Any Sponsoring partner’s use will be subject to its own privacy policy. If you attend multiple Workday conferences or events, you authorize Workday to aggregate registration, attendance, and participation information to improve this and future events, Workday’s products and End User Subscription Agreement ©2024 Workday Page 22 of 35 services, and to provide more relevant information to you in line with your opt-in choices. THIRD PARTY LINKS The Event Mobile App or other Event materials may contain links to third party sites; such linked sites are not under the control of Workday and Workday is not responsible for the content of any linked site or any link contained in a linked site. Your use of third party sites and the links on those sites are governed by the terms and conditions of use and privacy policy posted on those sites. THIRD PARTY APPS Following registration, you may download an optional mobile app or access a special web application to access information about the Event as well as access your registration information. You consent to sharing your registration information, which includes any personal information you provided during registration as well as your Event schedule. This mobile app and/or web application is offered to improve your Event experience and to facilitate networking between you and other Event attendees. Your use of this mobile app and/or web application is at your own risk and Workday does not warrant that any mobile app and/or web application will function correctly. Workday disclaims any and all liability associated with your use of third party mobile apps and/or web services. PRESENTATION MATERIALS At the Event, you may receive access to Workday and third party licensed content ("Presentation Materials"). Workday is not liable for the information in the Presentation Materials. You may use them solely for your own internal, non-commercial purposes. Unauthorized distribution (via sales, copying, and posting on intranet/internet) is expressly forbidden. FORCE MAJEURE You acknowledge and understand that the venue, times, or dates of the Event may change or need to be rescheduled due to events beyond Workday’s reasonable control, including, but not limited to, earthquake, flood, fire, storm, natural disaster, act of God, war, terrorism, armed conflict, labor strike, lockout, boycott or other similar event (collectively, “Force Majeure”). Workday will attempt to notify you of any such changes as far in advance as reasonably possible. Workday will not be held liable for any costs or expenses incurred by you as a result of such Force Majeure event(s). WORKDAY CHANGES, CANCELLATION OF EVENT (other than due to Force Majeure) Notwithstanding the above, Workday reserves the right to reschedule the dates and or venue for the Event for any reason. Workday will notify you via your registration email of any such changes as far in advance as reasonably possible. If you are no longer able to attend the Event, you must email your cancellation notice to the Workday Rising team to request a refund of the Event Fee. Workday will not be held liable for any other costs or expenses incurred by you as a result of changes. Workday may cancel the Event for any reason. Workday will notify you via your registration email of cancellation as far in advance as reasonably possible. Workday will refund any paid registration fee via the method originally paid by you. Workday will not be held liable for any other costs or expenses incurred by you as a result of cancellation. GOVERNING LAW AND JURISDICTION These Terms and any disputes arising out of or related hereto, shall be governed exclusively by the laws of the State of California and controlling United States federal law, without regard to their conflicts of law rules or the United Nations Convention on the International Sale of Goods. ARBITRATION NOTICE AND CLASS ACTION WAIVER PLEASE READ THIS SECTION CAREFULLY - IT MAY SIGNIFICANTLY AFFECT YOUR LEGAL RIGHTS, INCLUDING YOUR RIGHT TO FILE A LAWSUIT IN COURT In the event of a dispute between you and Workday arising under or relating to this Event, either may End User Subscription Agreement ©2024 Workday Page 23 of 35 choose to resolve the dispute by binding arbitration, as described below, instead of in court. Any claim (except for a claim challenging the validity or enforceability of this arbitration agreement, including the Class Action Waiver) may be resolved by binding arbitration if either side requests it. THIS MEANS IF EITHER YOU OR WORKDAY CHOOSES ARBITRATION, NEITHER PARTY SHALL HAVE THE RIGHT TO LITIGATE SUCH CLAIM IN COURT OR TO HAVE A JURY TRIAL. ALSO, DISCOVERY AND APPEAL RIGHTS ARE LIMITED IN ARBITRATION. Class Action Waiver ARBITRATION MUST BE ON AN INDIVIDUAL BASIS. THIS MEANS NEITHER YOU NOR WORKDAY MAY JOIN OR CONSOLIDATE CLAIMS IN ARBITRATION BY OR AGAINST OTHER INDIVIDUALS, OR LITIGATE IN COURT OR ARBITRATE ANY CLAIMS AS A REPRESENTATIVE OR MEMBER OF A CLASS OR IN A PRIVATE ATTORNEY GENERAL CAPACITY. Only a court, and not an arbitrator, shall determine the validity and effect of the Class Action Waiver. Even if all parties have opted to litigate a claim in court, you or Workday may elect arbitration with respect to any claim made by a new party or any new claims later asserted in that lawsuit. Your Right to Go To Small Claims Court Workday will not choose to arbitrate any claim you bring in small claims court. However, if such a claim is transferred, removed or appealed to a different court, Workday may then choose to arbitrate. Governing Law and Rules This arbitration agreement is governed by the Federal Arbitration Act (FAA). Arbitration must proceed only with the American Arbitration Association (AAA) or JAMS. The rules for the arbitration will be those in this arbitration agreement and the procedures of the chosen arbitration organization, but the rules in this arbitration agreement will be followed if there is disagreement between the agreement and the organization's procedures. If the organization's procedures change after the claim is filed, the procedures in effect when the claim was filed will apply. Fees and Costs If you wish to begin an arbitration against Workday but you cannot afford to pay the organization's or arbitrator's costs, Workday will advance those costs if you ask in writing. Any request like this should be sent to: to Workday, Attention: Legal, 6230 Stoneridge Mall Road, Pleasanton, CA 94588. If you lose the arbitration, the arbitrator will decide whether you must reimburse Workday for money we advanced for you for the arbitration. If you win the arbitration, Workday will not ask for reimbursement of money we advanced. Additionally, if you win the arbitration, the arbitrator may decide that you are entitled to be reimbursed your reasonable attorneys' fees and costs (if actually paid by you). Hearings and Decisions Arbitration hearings will take place in the federal judicial district where you live. A single arbitrator will be appointed. The arbitrator's decision will be final and binding except for any review allowed by the FAA. Any arbitration award may be enforced (such as through a judgment) in any court with jurisdiction. DISCLAIMER OF WARRANTIES, LIMITATION OF LIABILITY Workday gives no warranties in respect of any aspect of the Event or any materials related thereto or offered at the Event and, as legally permissible, disclaim all implied warranties, including but not limited to warranties of fitness for a particular purpose, accuracy, timeliness, and merchantability. The Event is provided on an "as-is" basis. Workday does not accept any responsibility or liability for reliance by you or any person on any aspect of the Event or any information provided at the Event. Except as required by law, Workday shall not be liable for any direct, indirect, special, incidental, or consequential costs, damages or losses arising End User Subscription Agreement ©2024 Workday Page 24 of 35 directly or indirectly from the Event. The maximum aggregate liability of Workday for any claim in any way connected with, or arising from, the Event, whether in contract, tort, or otherwise (including any negligent act or omission), shall be limited to the amount paid by you to Workday. ENTIRE AGREEMENT These Terms constitute the entire agreement between the parties in relation to the Event registration, attendance, and participation and supersede all prior and contemporaneous terms, agreements, proposals or representations, written or oral, concerning this subject matter. Without limiting the foregoing, no part of this Agreement shall be superseded or governed by any Master Subscription Agreement or any other agreement between Workday or an affiliate thereof and you or your company. To the extent that these Terms are translated, such translation is provided solely for convenience, and the English version of these Terms shall govern any disputes arising here from. End User Subscription Agreement ©2024 Workday Page 25 of 35 END USER SUBSCRIPTION AGREEMENT This End User Subscription Agreement (“Agreement”) shall apply exclusively to Workday Service(s) that you are ordering through Reseller. These terms shall control and take precedence over any conflicting terms in a Reseller agreement or any other contract, request for quote, terms and conditions, or statement of work in scope. This Agreement is considered part of any agreement or quote issued by Reseller and Customer hereby agrees to this Agreement as it relates to the Workday Service(s). 1. Provision of Service. Workday shall make the Service available to Customer for use by Customer, its Affiliates and Authorized Parties for whom Customer enables access solely for the internal business purposes of Customer and its Affiliates, subject to this Agreement. The Service is provided in U.S. English. Notwithstanding anything contained in any Contract Vehicle or other Reseller Agreement, the Workday Services shall perform according to the Documentation. 1.1 Invoices & Payment. Subscription Fees and all other fees due to Reseller hereunder will be invoiced for an amount and with payment terms as per Customer’s Agreement with Reseller, and in a format specified by the applicable Reseller Agreement, including any additional payment instructions or deviations. Unless otherwise detailed in an applicable Order Form, all fees are based on access rights acquired and not actual usage. 1.2 Suspension for Non-Payment. Except where prohibited by Law or applicable Contract Vehicle, and except with respect to charges subject to a reasonable and good faith dispute, if Reseller has failed to make payment on behalf of Customer's account for more than thirty (30) days past due, in addition to any other rights or remedies Workday may have under this Agreement or by Law, Workday reserves the right to suspend the Service upon thirty (30) days written notice, without liability to Customer, until such amounts are paid in full, or until Customer has requested novation of this Agreement to Workday. 1.3 Taxes. Except when Customer has a valid tax exemption certificate authorized by the appropriate taxing authority, Customer is responsible for paying to Reseller all Taxes imposed on the Service or any other services provided under this Agreement. Customer agrees to assist Reseller in providing Workday with a valid reseller certificate where required for tax exemption purposes. If Workday has a legal obligation to pay or collect Taxes for which Customer is responsible under this Agreement, the appropriate amount shall be computed based on Customer’s address as provided to Workday by Reseller. 2. Customer Obligations. Customer shall have sole responsibility for (a) obtaining and verifying it has all authorizations, consents, and rights necessary to use the Service; (b) the accuracy, quality, and legality of all Customer Content, and shall take commercially reasonable efforts to prevent unauthorized access to, or use of, the Service, and shall notify Workday promptly of any unauthorized access or use; (c) any Non-Workday Content it installs, uses, or enables; and (d) ensuring compliance with the Agreement and the AUP by its Affiliates and Authorized Parties, and any breach by its Affiliates or Authorized Parties will be deemed a breach by Customer. Customer shall not: (1) use the Service in violation of Laws or the Documentation; (2) in connection with the Service, send or store infringing, obscene, threatening, or otherwise unlawful or tortious material, including material that violates privacy rights; (3) knowingly send or store Malicious Code in connection with the Service; (4) knowingly interfere with or disrupt performance of the Service or the data contained therein; or (5) attempt to gain access to the Service or its related systems or networks in a manner not set forth in the Documentation. During the applicable subscription Term, Workday reserves the right to suspend Customer’s access to an applicable Service in the event Workday reasonably determines such action is necessary to preserve the integrity and/or security of such Service or Workday or its suppliers in good faith reasonably determines that Customer has violated the AUP; however, Workday will use commercially reasonable efforts under the circumstances to provide Customer with notice and an opportunity to remedy such violation or threat prior to such suspension. 3. Proprietary Rights. (a) Customer Ownership. As between Workday and Customer, Customer owns all right, title and interest to its Customer Content. Workday shall have the right to only use Customer Content to provide the Service (including Improvements), subject to this Agreement. End User Subscription Agreement ©2024 Workday Page 26 of 35 (b) Workday Ownership. As between Customer, Workday, and Workday’s licensors, Workday or its licensors own all right, title and interest to the Service (including any third-party content Workday makes available through the Service) and Documentation, including all related Intellectual Property Rights. (c) Customer Input. Customer hereby grants Workday a royalty-free, worldwide, transferable, sub- licensable, irrevocable, perpetual license to use or incorporate into its services any Customer Input. Workday will have no obligation to make Customer Input an Improvement. Customer will have no obligation to provide Customer Input. 3.1 Restrictions. Customer shall not (a) modify, copy, or create derivative works based on, the Service or Documentation; (b) license, sublicense, sell, resell, rent, lease, transfer, assign, distribute, time share, offer in a service bureau, or otherwise make the Service or Documentation available to any third party other than to Authorized Parties as permitted herein; (c) reverse engineer or decompile any portion of the Service or Documentation, including but not limited to, any software utilized by Workday in the provision of the Service and Documentation, except to the extent required by Law; (d) access the Service or Documentation in order to build any commercially available product or service; or (e) copy any features, functions, integrations, interfaces or graphics of the Service or Documentation. Notwithstanding item (e), the Customer may make a reasonable number of copies of the Documentation for internal business purposes only. 4. Confidentiality. Except as detailed in Section 4.1, each party (the “Recipient”) shall use the same degree of care that it uses to protect its own confidential information of like kind (but in no event using less than a reasonable standard of care) not to disclose or use any Confidential Information of the other party (the “Discloser”) except as reasonably necessary to perform the Recipient’s obligations or to exercise the Recipient’s rights under this Agreement or with the Discloser's prior written permission. For purposes of clarification, this Section 4 also applies to Confidential Information either party or its Affiliates shares with the other party or its Affiliates related to potential future subscription services. Either party may disclose Confidential Information on a need to know basis to its Affiliates, advisors, contractors and service providers, including third party submission tools or online portal providers required by the Discloser for internal business purposes (“Representatives”), who are bound by confidentiality obligations at least as restrictive as those in this section. The Recipient shall be responsible for any acts or omission of its Representatives with respect to protection of the Discloser’s Confidential Information. The parties agree that the Recipient’s or its Representatives’ online portal terms conflicting with the terms of this Section 4 (a) shall not be binding on the Discloser submitting its Confidential Information to the Recipient through the Recipient’s or its Representative’s online portal, (b) this Section 4 applies to all such Confidential Information disclosed to the Recipient through such online portals; and (c) are superseded by this Agreement with respect to confidentiality obligations. 4.1 FOIA/Public Disclosure Laws. Workday acknowledges that Customer may be compelled to disclose certain Workday Confidential Information pursuant to the Federal Freedom of Information Act and/or any state equivalents or other applicable public disclosure Laws. A disclosure by the Customer of Workday’s Confidential Information to the extent required by Law shall not be considered a breach of the Agreement, provided the Customer promptly provides Workday with prior notice of such compelled disclosure (to the extent legally permitted), follows the process set forth in any applicable public records law(s), and provides reasonable assistance, at Workday’s cost, if Workday wishes to contest the disclosure. Subject to the foregoing, in the event of any request by a government agency or law enforcement authority for access to Customer Content, Workday will seek to redirect the inquiry to Customer. In all such cases, Workday will take all reasonable and legally permissible measures to protect the Customer Content and to inform Customer of such demand. 4.2 FERPA. To the extent Customer is an educational institution subject to the Family Educational Rights and Privacy Act (“FERPA”) and determines that Workday is a School Official for purposes of 34 CFR §99.31(a)(1)(i)(B), Workday will comply with its obligations thereunder by complying with the terms of this Agreement and the DPE. 4.3 Business Associate Exhibit. If a Customer concludes that the Service will include access to Customer Content that is protected by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), and Customer is a Covered Entity as defined under HIPAA, the parties agree to attach End User Subscription Agreement ©2024 Workday Page 27 of 35 Workday’s Business Associate Exhibit to the Agreement, which shall apply to Workday’s receipt, maintenance or transmission of Protected Health Information from, or on behalf of Customer, as described in such Exhibit. 5. Protection and Security of Customer Content and Privacy. 5.1 Security Program. Workday maintains a security program that conforms to the Workday Security Exhibit. 5.2 Third-Party Certifications and Audits. Workday maintains Audit Reports as set forth in the applicable Product Terms. Through Workday’s customer self-service systems or upon Customer’s written request, Workday shall make available to Customer Workday’s then-current Audit Reports for the applicable Service application to enable Customer to verify Workday’s compliance with its obligations under this Agreement. Audit Reports constitute Workday’s Confidential Information and are subject to the confidentiality terms in this Agreement or separate confidentiality agreement terms (as applicable). 5.3 Privacy. Personal Data will only be processed in accordance with the Data Processing Exhibit. 5.4 Unauthorized Disclosure. If Reseller, Customer, or Workday becomes aware of a Security Breach, that party must promptly notify the other parties, unless legally prohibited from doing so, within 48 hours or any shorter period required by Law except that Customer is not required to notify Workday unless Customer reasonably determines there is a threat to the Service. Additionally, each party shall reasonably assist the other party in mitigating any potential damage. As soon as reasonably practicable after any Security Breach, Workday shall conduct a root cause analysis and, upon request, shall share the results of its analysis and its remediation plan with Customer. Unless prohibited by Law, each party shall provide the other party with reasonable notice of and the opportunity to review and comment on the content of all public notices, filings, or press releases about a Security Breach that identify the other party by name prior to any such publication. 6. Warranties. Each party warrants that it has the authority to enter into this Agreement and, in connection with its performance of this Agreement, shall comply with all Laws. Workday warrants that during the applicable subscription Order Term: (a) the overall Service (1) will not be materially decreased; and (2) will perform materially in accordance with the feature descriptions in the Documentation; and (b) to the best of Workday’s knowledge, the Service does not contain, and Workday will not knowingly introduce, any Malicious Code (collectively, the “Service Warranty”). Customer shall use commercially reasonable efforts to notify Workday in writing, and provide a copy of the notice to Reseller, no later than 30 days after identifying a deficiency, but Customer’s failure to notify Workday within that period will not affect Customer’s right to receive warranty remedies unless Workday is impaired in its ability to correct the deficiency due to Customer’s failure to notify. Notice of breaches of the warranty under item (1) must be made through Workday’s then-current error reporting system; notices of breaches of any other warranty must be made in writing to Workday, with a copy provided to Reseller, in accordance with the notice provisions of this EUSA or as required by Contract Vehicle. The Customer’s exclusive remedy and Workday’s sole liability for breach of the Service Warranty is termination of the applicable Service. Unless agreed to in writing, or as required by Contract Vehicle, notice to Reseller of a warranty defect shall not constitute notice to Workday under this paragraph. 6.1 DISCLAIMER. EXCEPT AS EXPRESSLY PROVIDED IN THIS AGREEMENT AND TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, WORKDAY MAKES NO WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WORKDAY DOES NOT WARRANT THAT THE SERVICE WILL BE ERROR FREE OR UNINTERRUPTED. THE LIMITED WARRANTIES PROVIDED IN THIS AGREEMENT ARE THE SOLE AND EXCLUSIVE WARRANTIES PROVIDED TO THE CUSTOMER. 7. Indemnification. 7.1 Workday Indemnity. Workday shall defend Customer, at Workday’s expense, against any third- party Claim brought against Customer alleging that the use of the Service as contemplated hereunder infringes that third party’s Intellectual Property Rights and shall indemnify and hold Customer harmless against any Losses arising from such third-party Claim. Workday will have no liability for Claims or Losses End User Subscription Agreement ©2024 Workday Page 28 of 35 to the extent they arise from: (a) modification of the Service by anyone other than Workday; (b) use of the Service in a manner inconsistent with the Documentation or in violation of this Agreement; or (c) use of the Service in combination with any other product or service not provided by Workday. If Customer is enjoined from using the Service or if Workday reasonably believes it will be enjoined, Workday may, at its sole option, obtain for Customer the right to continue use of the Service or replace or modify the Service so that it is no longer infringing. If neither of the foregoing options is reasonably available to Workday, then either party may terminate the applicable Service and Workday’s sole liability, in addition to the indemnification obligations in this section, will be to refund any prepaid Subscription Fees for the Service that was to be provided after the effective date of termination. 7.2 RESERVED 7.3 Conditions. The indemnitor’s obligations in Sections 7.1 are conditioned on the indemnitee: (a) promptly giving written notice of the third party Claim to the indemnitor (although a delay of notice will not relieve the indemnitor of its obligations under this section except to the extent that the indemnitor is prejudiced by such delay); (b) giving the indemnitor sole control of the defense and settlement of the third party Claim (although indemnitor may not settle any third party Claim unless it unconditionally releases indemnitee of all liability); and (c) providing to the indemnitor, at the indemnitor’s cost, all reasonable assistance. Sections 7.1 through 7.3 state each indemnitee’s exclusive remedies and the indemnitor’s sole obligations related to the subject matter of these sections. 8. Limitation of Liability. 8.1. LIMITATION OF LIABILITY. EXCEPT WITH RESPECT TO (A) DAMAGES CAUSED BY GROSS NEGLIGENCE, WILLFUL MISCONDUCT, OR FRAUD OR (B) WORKDAY’S INDEMNIFICATION OBLIGATIONS UNDER THIS AGREEMENT, IN NO EVENT SHALL WORKDAY OR ITS AFFILIATES’ TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT, WHETHER IN CONTRACT, TORT OR OTHERWISE, EXCEED THE FEES PAID OR PAYABLE UNDER CUSTOMER’S AGREEMENT WITH RESELLER FOR THE SERVICE DURING THE IMMEDIATELY PRECEDING 12- MONTH PERIOD FOR THE SERVICE FROM WHICH THE CLAIM AROSE. 8.2 EXCLUSION OF DAMAGES. EXCEPT FOR WORKDAY’S INDEMNIFICATION OBLIGATIONS UNDER THIS AGREEMENT, IN NO EVENT WILL EITHER PARTY OR ITS AFFILIATES HAVE LIABILITY FOR LOST PROFITS OR REVENUES, LOSS OF USE OR DATA, BUSINESS INTERRUPTION, OR INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, CONSEQUENTIAL, OR COVER DAMAGES, HOWEVER CAUSED, WHETHER IN CONTRACT, TORT OR OTHERWISE, EVEN IF THE PARTY OR ITS AFFILIATES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE EXCLUSIONS IN THIS SECTION WILL NOT APPLY TO THE EXTENT PROHIBITED BY LAW. CUSTOMER’S PAYMENT OBLIGATIONS WILL NOT BE CONSIDERED WORKDAY’S LOST PROFITS. 9. Term. The Term of this Agreement shall be as described in the Reseller Agreement or Contract Vehicle. Termination by Customer shall be as specified in the Reseller Agreement, except that nothing in the Reseller Agreement may confer termination rights to the Workday Service or obligate Workday beyond the rights specified in this Section 9. 9.1 Termination by Workday. If not otherwise prohibited by Contract Vehicle, Workday may terminate this Agreement upon thirty (30) days prior written notice to Customer of a material breach by the Customer or Reseller if such breach remains uncured at the expiration of such notice period. In the event this Agreement is terminated, all Order Forms are simultaneously terminated. In the event of a breach by Reseller, and provided Customer is in compliance with all terms of this Agreement, Workday will agree in good faith to negotiate a novation as specified in Section 9.9 (Novation to Workday) to allow Customer to continue using the Service. This provision shall not apply to Federal Customers. 9.2 Suspension. Workday may temporarily suspend Customer’s access to, or use of, the Services if Workday believes that (a) there is a significant threat to the functionality, security, integrity, or availability of the Services or any content, data, or applications in the Services; or (b) Customer is accessing or using the Services to commit an illegal act; or (c) Customer is accessing or using the Services in a way that is End User Subscription Agreement ©2024 Workday Page 29 of 35 prohibited by or inconsistent with the service description contained in an applicable Order Specification . When reasonably practicable and lawfully permitted, Workday will provide Customer with advance notice of any such suspension. Workday will use reasonable efforts to re-establish the Services promptly after Workday determines that the issue causing the suspension has been resolved. During any suspension period, Workday will make Customer Content available. Any suspension under this paragraph shall not excuse payment as required by the applicable Contract Vehicle or Reseller Agreement. 9.3 Effect of Termination. Upon any expiration or termination of this Agreement, all Order Forms shall immediately terminate and Customer shall, as of the date of such expiration or termination, immediately cease accessing and otherwise utilizing the applicable Service (except as permitted under the section entitled “Retrieval of Customer Content” and “Transition Period before Final Termination”) and shall also cease accessing Workday Confidential Information. Termination for any reason shall not relieve Customer of the obligation to pay any fees accrued or due and payable to Reseller prior to the effective date of termination. Additionally, termination for any reason other than Workday’s uncured material breach or as allowed by Reseller Agreement or Contract Vehicle, shall not relieve Customer of the obligation to pay all future amounts due except as detailed in the applicable Contract Vehicle or Reseller Agreement. 9.4 Transition Period before Final Termination. If this Agreement is terminated and Customer submits a written request to Workday or Reseller prior to any such termination for a one-time transition period, Workday will continue to provide the Service for up to three (3) months after the effective date of such termination (the “Transition Period”), subject to the terms and conditions of this Agreement. Monthly fees for the Transition Period will be quoted through Reseller. Notwithstanding the foregoing, if Workday is enjoined from performing, or termination of this Agreement was due to Customer’s breach, Workday has no obligation to perform under this section unless it receives from Reseller (i) payment of all fees not subject to reasonable and good faith dispute, (ii) prepayment of fees for further services, and (iii) certification of ongoing compliance with the terms of this Agreement during the Transition Period. 9.5 Transition Consulting Services. During a Retrieval Period or Transition Period, Workday will provide cooperation and assistance as Customer may reasonably request to support an orderly transition to another provider of similar software, services, or to Customer’s internal operations. Such cooperation and assistance will be limited to consulting regarding the Workday Service and will be subject to a fee quoted through Reseller that is based on Workday’s then-current rates for consulting services and such services will be set out in a statement of work. Notwithstanding the foregoing, in the event of termination of this Agreement by Workday for Customer’s breach, Workday may withhold the provision of transition consulting services and condition further performance upon (i) payment of undisputed fees then owed by Reseller and (ii) prepayment of fees for further services by Reseller. 9.6 Retrieval of Customer Content. Upon Customer’s written request made on or prior to expiration or termination of the Agreement (including any Transition Period), Workday shall give Customer limited access to the Service for a period of up to 60 days, at no additional cost, solely for purposes of retrieving Customer Content (“Retrieval Period”). After such Retrieval Period and subject to Workday’s legal obligations, Workday has no obligation to maintain or provide any Customer Content and shall, unless legally prohibited, delete Customer Content by deleting Customer’s applicable Instance; provided, however, that Workday will not be required to remove copies of the Customer Content from its backup media and servers until such time as the backup copies are scheduled to be deleted, provided further that in all cases Workday shall continue to protect the Customer Content in accordance with the Agreement. Customer Content will be made available for extraction in a machine readable format as described in the Documentation. 9.7 Surviving Provisions. The following provisions of this Agreement shall not survive and will have no further force or effect following any termination or expiration of this Agreement: (i) Section 1. Provision of Services” and (ii) those provisions granting Customer access to any SKU(s) and services referenced in any applicable Order Form(s). All other provisions of this Agreement shall survive any termination or expiration of this Agreement. End User Subscription Agreement ©2024 Workday Page 30 of 35 9.8 Novation to Workday. This End User Subscription Agreement and all applicable Order Forms may be novated to Workday: (1) Upon mutual agreement between Customer, Reseller and Workday; or (2) if Reseller has failed to pay the applicable subscription fees, there is a material threat of Reseller’s bankruptcy or insolvency, or is otherwise in breach of its Agreement to Workday, to Customer, or to the applicable Contract Vehicle, and upon mutual agreement between Customer and Workday. Such novation shall be memorialized in a separate, mutually agreed upon novation agreement between the parties. The term of the novated agreement, which will become a Main Subscription Agreement as between Customer and Workday, shall be for whatever subscription period was remaining on Reseller’s Agreement or as otherwise negotiated. Workday and Customer’s obligations and terms and conditions shall be limited to those specified in this End User Subscription Agreement, including all applicable Order Forms, or as otherwise negotiated in the novation agreement. Any other Terms and Conditions or obligations contained in Reseller’s Agreement unrelated to performance of the Service or applicable fees shall remain as between Customer and Reseller, and Workday shall have no obligation to fulfill any additional requirements or services to Customer. This provision shall not apply to Federal Customers. 10. General Provisions. 10.1 Relationship of the Parties. The parties are independent contractors. This Agreement does not create nor is it intended to create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties. This agreement, when attached to Reseller’s contract with Customer, is designed to create a mutual third-party beneficiary relationship between Workday and Customer. No other third-party beneficiary relationships shall be considered a part of this agreement unless otherwise explicitly identified. 10.2 Insurance. Workday shall maintain, at its own expense, the types of insurance coverage specified below, on standard policy forms and with insurance companies with at least an A.M. Best Rating of A-VII at the time of policy inception. Upon Customer’s written request, Workday shall provide a certificate of insurance evidencing the following coverages: (a) Workers’ Compensation insurance prescribed by applicable local law and Employers Liability insurance with limits not less than $1,000,000 per accident/per employee; (b) Commercial General Liability insurance including Contractual Liability Coverage, with coverage for products liability, completed operations, property damage and bodily injury, including death, with an aggregate limit of no less than $2,000,000; and (c) Technology Professional Liability Errors & Omissions policy (which includes Cyber Risk coverage and Computer Security and Privacy Liability coverage) with a limit of no less than $10,000,000 per occurrence and in the aggregate. Limits for (1) Employers Liability only, and (2) may be achieved through a combination of primary and excess liability/umbrella policies to reach the level of coverage shown above. Should any of the above described policies be canceled before the expiration date thereof, notice will be delivered to Workday in accordance with policy provisions. 10.3 Notices. Unless expressly stated otherwise, all notices under this Agreement shall be in writing and shall be deemed to have been given upon: (i) personal delivery; or (ii) the third business day after first class mailing. Notices to Workday shall be sent to its General Counsel at legal@Workday.com or other contact indicated by the Reseller. Notices to Customer shall be sent to the address provided by Reseller. Each party may modify its recipient of notices by providing notice pursuant to this Agreement either directly or through communication with Reseller. 10.4 Background Check. Unless prohibited by law, Workday agrees to conduct (or has previously conducted) a criminal background check on personnel employed by Workday (or will require its subcontractors to conduct a background check on their own personnel) who will have access to Customer Content. Such background check shall be in the form generally used by Workday in its initial hiring of employees or contracting for contractors or, as applicable, during the employment-screening process. Workday will not allow any person performing under this Agreement on behalf of Workday to be assigned to have access to Customer Content whose background check revealed a conviction of any violent crime or crime involving theft, dishonesty, moral turpitude, breach of trust, or money laundering. 10.5 Code of Conduct. Workday has a published code of conduct available on its public web site with rules for ethical business conduct which complies with applicable law. Workday uses commercially End User Subscription Agreement ©2024 Workday Page 31 of 35 reasonable efforts to ensure that Workday complies with its code of conduct, including but not limited to periodic training of employees about the code. 10.6 Waiver and Cumulative Remedies. No failure or delay by either party in exercising any right under this Agreement shall constitute a waiver of that right or any other right. Other than as expressly stated herein, the remedies provided herein are in addition to, and not exclusive of, any other remedies of a party at law or in equity. 10.7 Force Majeure. Neither party shall be liable for any failure or delay in performance under this Agreement for causes beyond that party’s reasonable control, cannot be anticipated with reasonable diligence, and occurring without that party’s fault or negligence, including, but not limited to, acts of God, acts of government, flood, fire, civil unrest, acts of terror, strikes or other labor problems (other than those involving Workday or Customer employees, respectively) (“Force Majeure”). Dates by which performance obligations are scheduled to be met will be extended for a period of time equal to the time lost due to any delay so caused, provided that notice of the Force Majeure event is given in writing within fifteen (15) days after the Force Majeure event begins. Such notice shall identify the nature of the Force Majeure event, its expected duration and the probable impact on the performance of the affected party’s obligations. 10.8 Assignment. Except as specified in Section 9.9 (Novation to Workday), neither Customer nor Reseller may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the prior written consent of the other party (which consent shall not be unreasonably withheld). Notwithstanding the foregoing, and with contemporary notice to the other party, either party may assign this Agreement in its entirety (including all Order Forms) without consent of the other party in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets (an “M&A assignment”) so long as the assignee agrees to be bound by all of the terms of this Agreement in an amendment to this Agreement and all past due fees are paid in full or otherwise accounted for in the amendment. In no event shall Customer have the right to assign this Agreement to a direct Competitor of Workday. In the event of an M&A assignment, the non-assigning party shall be entitled to request from the assignee information to demonstrate that the assignee has the necessary resources and expertise to provide the Service. Failure to provide such information shall be a material breach of this Agreement. Any attempt by a party to assign its rights or obligations under this Agreement other than as permitted by this section shall be void and of no effect. Subject to the foregoing, this Agreement shall bind and inure to the benefit of the parties, their respective successors and permitted assigns. This provision shall not apply to Federal Customers. 10.9 Governing Law; Venue. a. If Customer is a. U.S. federal government or any agency, department, instrumentality, or entity thereof, then this Agreement and any other ancillary agreement between the parties shall be governed and construed in accordance with U.S. federal law, and jurisdiction and venue shall be as required or permitted by federal law or regulation. b. A state government or any agency, department, instrumentality, public university or school system, private university that accepts public funds, public development corporation or authority, or other entity thereof, then this Agreement and any other ancillary agreement between the parties shall be governed and construed in accordance with the laws of that state, and jurisdiction and venue shall be as required by the laws of that state. c. A local government or any agency, department, instrumentality, public university or school system, public development corporation or authority, or entity thereof, then this Agreement and any other ancillary agreement between the parties shall be governed and construed in accordance with the laws of the state where the local government located, and jurisdiction and venue shall be as required by the laws of that state. b. Except as otherwise provided for in Paragraph a, this Agreement and any other ancillary agreement between the parties shall be governed and construed in accordance with the laws of the State of End User Subscription Agreement ©2024 Workday Page 32 of 35 New York, without giving effect to its principles of conflict of law thereof that would require the application of the laws of any other state or jurisdiction. c. Process may be served on either party by first-class registered mail, as well as in any other manner authorized by applicable law or court rule. Neither the UCITA nor the United Nations Convention on Contracts for International Sale of Goods will apply to this Agreement, except as expressly adopted herein. 10.10 Export. Each party shall comply with the export laws and regulations of the United States and other applicable jurisdictions in providing and using the Service. Without limiting the generality of the foregoing, Customer shall not make the Service available to any person or entity that: (i) is located in a country that is subject to a U.S. government embargo; (ii) is listed on any U.S. government list of prohibited or restricted parties; or (iii) is engaged in activities directly or indirectly related to the proliferation of weapons of mass destruction, unless authorized by the United States government. 10.11 Workday SLA Service Credits. If, in any rolling six-month period, Workday fails to meet the monthly Service Availability or Service Response commitments described in the SLA (a “Failure”), Customer may request the following remedies from Reseller no later than six months after the applicable Failure occurs: (1) a meeting to discuss possible corrective actions for the first Failure; (2) a 10% Service Credit for a second Failure; (3) a 20% Service Credit for a third Failure; and (4) a 30% Service Credit for a fourth Failure. In this Agreement, “Service Credit” means a credit equal to the stated percentage of the applicable monthly Subscription Fee for the affected Service. Workday shall direct Reseller to deduct the highest applicable Service Credit from the next invoice for Subscription Fees or, if there is no subsequent invoice, shall refund the Service Credit to the Reseller who will pass on the Credit to Customer. The remedies in this section are the Customer’s exclusive remedies for any Failure. 10.12 Applicability of Order Forms. All Workday Services and Subscriptions are provided as described in the applicable Order Form used by Workday in its normal course of business. With regards to Workday’s obligations to Customer, the terms applicable to a particular SKU contained on an Order Form is available here: https://www.workday.com/en-us/legal/universal-contract-terms-and-conditions/index.html. Any Terms and Conditions on an Order Form that relate to indemnification or payment, or that otherwise conflict with the applicable Contract Vehicle, or that are otherwise prohibited by law, shall not apply to Customer. The description of the service on the Order Form shall take precedence over any conflicting descriptions in a final quote or order even when Customer is not a party to the Order Form, unless Reseller and Customer specifically negotiate otherwise in writing an alternative description, and provided that any conflicting or alternative descriptions shall not be binding on Workday. 10.13 Federal Government End Use Provisions. Workday provides pre-existing, commercial Service, including related software and technology, for federal government end use solely in accordance with the terms and conditions of this Agreement, and Workday provides only the technical data and rights as provided herein. If a government agency has a need for rights not conveyed under these terms, it must negotiate with Workday to determine whether there are acceptable terms for transferring additional rights. A mutually acceptable addendum specifically conveying such rights must be executed by the parties in order to convey such rights beyond those set forth herein. For avoidance of doubt, Workday does not currently provide the Service for use in furtherance of a federal prime or subcontract. Additionally, the parties agree that the purpose of this Agreement is to provide a sophisticated integrated system solution, principally for the provision of a product, not a service and as such, neither the Service Contract Act nor its related statutes or regulations apply to Workday’s performance hereunder. 10.14 Publicity. Except as set forth herein, Workday shall not use Customer's name, logos or trademarks, without the prior written consent of Customer, in any written press releases, advertisements and/or marketing materials. Notwithstanding the foregoing, Workday may use Customer's name in lists of customers and on its website, including, but not limited to, Workday’s community portal; however, such usage shall not be classified as an advertisement but only identification as an entity who receives the Service from Workday. For the avoidance of doubt, this section does not prohibit Workday from referencing Customer's name in a verbal format. End User Subscription Agreement ©2024 Workday Page 33 of 35 10.15 Miscellaneous. This Agreement supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter and is entered into without reliance on any promise or representation other than those expressly contained in this Agreement. No modification, amendment, or waiver of any provision of this Agreement shall be effective unless in writing and signed by both parties. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision shall be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions of this Agreement shall remain in effect. 11. Definitions. “Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common control by either party. For purposes of the preceding sentence, “control” means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity. “Agreement” means this Main Subscription Agreement, including the SLA, Security Exhibit, Data Processing Exhibit, Business Associate Exhibit, and any other exhibits, addenda, or attachments hereto, and any fully executed Order Form. “Audit Reports” means the most recently completed security audit reports prepared by Workday’s independent third party auditor and other security relevant assessment reports for the applicable Service as identified in the Product Terms, which may be updated by Workday from time to time. No update will materially decrease the protections provided by the controls set forth in the applicable Audit Report during the Term. “AUP” means the acceptable use policy for the applicable Service located at https://community.workday.com/aup, which also incorporates by reference acceptable use policies of applicable Workday Subprocessors. “Authorized Parties” means Customer’s or an Affiliate’s Workers and third party providers who are authorized by Customer (a) in writing, (b) through the Service’s security designation, or (c) by system integration or other data exchange process to access Customer’s Instance or receive Customer Content. “Claim” means a claim, demand, lawsuit or other legal proceeding brought against a party to this Agreement. “Confidential Information” means (a) any software utilized by Workday in the provision of the Service and its respective source code; (b) Customer Content; (c) each party’s business or technical information, including but not limited to the Documentation, training materials, any information relating to software plans, designs, costs, prices and names, finances, marketing plans, business opportunities, personnel, research, development or know-how and other significant and valuable business information that would otherwise be considered to be trade secrets under Law, that is designated by the disclosing party as “confidential” or “proprietary” or the receiving party knows or should reasonably know is confidential or proprietary; and (d) the terms, conditions and pricing of this Agreement (but not its existence or parties). Confidential Information does not include any information that, without the Recipient’s breach of an obligation owed to the Discloser: (1) is or becomes generally known to the public; (2) was known to Recipient prior to disclosure by Discloser; (3) was independently developed by Recipient; or (4) is received by Recipient from a third party. Customer Content will not be subject to the exclusions set forth in this definition. “Contract Vehicle” means a consortium or government wide acquisition contract that Workday is either a party to directly, or which Workday has allowed Reseller to use to sell Workday Services, and, if applicable, has been incorporated in the Reseller Agreement. “Customer Content” means electronic data or information submitted to the Service by Customer or Authorized Parties. “Customer Input” means suggestions, enhancement requests, recommendations or other feedback provided by Customer, its users and/or Authorized Parties relating to the operation or functionality of the Service. “Data Processing Exhibit” or “DPE” means the Universal Data Processing Exhibit located at End User Subscription Agreement ©2024 Workday Page 34 of 35 https://www.workday.com/en-us/legal/universal-contract-terms-and-conditions/index/exhibits.html,which may be updated by Workday from time to time to comply with applicable Data Protection Laws applicable to Workday as a Data Processor. No update will materially decrease Workday’s Data Processor obligations under the DPE. “Documentation” means the current version of the Workday electronic Administrator Guide for the applicable Service application, which may be updated by Workday from time to time. “Enhanced Features” shall have the same meaning as set forth in the applicable Product Terms. “Improvements” means all improvements (including verification of such improvements), updates, enhancements (including Enhanced Features), error corrections, bug fixes, prevention of or addressing service or technical problems, release notes, upgrades and changes to the Service and Documentation, as developed by Workday and made generally available for Production use without a separate charge to Customers. “Instance” means a unique instance of the Service, with a separate set of Customer Content held by Workday in a logically separated database (i.e., a database segregated through password-controlled access). “Intellectual Property Rights” means any and all common law, statutory and other industrial property rights and intellectual property rights, including copyrights, trademarks, trade secrets, patents and other proprietary rights issued, honored or enforceable under any applicable laws anywhere in the world, and all moral rights related thereto. “Law” means any local, state, national and/or foreign law, treaties, and/or regulations applicable to the respective party. “Loss” means reasonable attorneys’ fees and any damages or costs finally awarded or entered into in settlement of a Claim. “Malicious Code” means viruses, worms, time bombs, Trojan horses and other malicious code, files, scripts, agents or programs. “Non-Workday Content” means a third-party product, web-based, offline, mobile, or other software application functionality or other content that is provided by Customer or a third party and interoperates with a Workday Service application. “Order Form” means the commercial form that Workday uses to conduct its business in the customary course of its business or the equivalent document used by Reseller to convey the pricing and SKUs being purchased by Customer. An order form may contain product or service descriptions, pricing, or other usage terms. Order Forms, as used in this EUSA, do not include the terms of any preprinted terms on a Customer purchase order or other terms on a purchase order that are additional or inconsistent with the terms of this Agreement. “Personal Data” has the definition set forth in the DPE. “Product Terms” means the product terms for a specific Service application as identified via URL in or attached to the subscription Order Form, which may be updated by Workday from time to time; provided that no update will materially decrease the applicable security and privacy commitments and any such changes will not become effective until 30 days after notice to Customer. “Production” means the Customer’s use of or Workday’s written verification of the availability of the Service (a) to administer its users (as identified in the applicable subscription Order Form); (b) to generate data for Customer’s books/records; or (c) in any decision support capacity. Production does not include sandbox, preview, or implementation Instance. “Reseller” means the Contracting entity directly selling Workday Service to Customer. “Reseller Agreement” means the contract between Reseller and Customer. “Security Breach” means (a) any actual or reasonably suspected unauthorized use of, loss of, access to or disclosure of, Customer Content; provided that an incidental disclosure of Customer Content to an Authorized Party or Workday, or incidental access to Customer Content by an Authorized Party or Workday, End User Subscription Agreement ©2024 Workday Page 35 of 35 where no reasonable suspicion exists that such disclosure or access involves theft, or is fraudulent, criminal or malicious in nature, shall not be considered a “Security Breach” for purposes of this definition, unless such incidental disclosure or incidental access triggers a notification obligation under any Law; (b) any Personal Data Breach as defined in the DPE, and (c) any security breach (or substantially similar term) as defined by Law affecting Customer Content. “Security Exhibit” means the Universal Security Exhibit located at https://www.workday.com/en- us/legal/universal-contract-terms-and-conditions/index/exhibits.html, which may be updated by Workday from time to time. No update will materially decrease the protections provided by the controls set forth in the Security Exhibit. “Service'' means the applicable Workday software-as-a-service application and Improvements (as described in the Documentation and Product Terms) as subscribed to under an Order Form. For purposes of clarification, Service excludes professional services, support services, training services, and Non- Workday Content. “Signature Document” means the document signed by the parties which lists all the terms and conditions forming part of this Agreement to which the parties agree to be bound. “SLA” means the Production Support and Service Level Availability Policy for the Service application(s) identified in the applicable Product Terms, which may be updated by Workday from time to time. No update will materially decrease Workday’s responsibilities under the SLA. “Subscription Fees” means all amounts invoiced and payable by Customer for the applicable Service under an Order Form. 1 EXHIBIT B CAN/AM TECHNOLOGIES, INC. ORDER FORM, TELLER SOFTWARE AS A SERVICE AGREEMENT AND SaaS SERVICE LEVEL AGREEMENT ORDER FORM #00503739.Can/Am Reseller Name Iron Brick Associates, LLC Customer Name City of South San Francisco (Customer) OEM. Can/Am Technologies, Inc. Software as a Service Agreement (referred to herein as SaaS) and SaaS Service Level Agreement (SLA) This Order Form is subject to and governed by the Teller Software as a Service Agreement (SAAS) and the SaaS Service Level Agreement (SLA) incorporated herein and attached hereto below. Product Terms Can/Am Product Terms which are incorporated herein by reference. SAAS and Order Form Effective Date Effective Date of the Agreement between Iron Brick and the City of South San Francisco Order Term July 1, 2025 through June 30, 2035 Currency USD Total Fees $804,763 plus travel expenses estimated as $10,005 I. Can/Am Implementation Services: A. Scope of Work: The implementation project includes project planning, project management and project administration services to execute the Project successfully within the stated timelines and budget. The scope includes the project kickoff, Teller setup/configuration, development/testing of all integrations, standard reporting, training, and UAT/Go-live support. The stated Target Month will be determined by CanAm and the Client and may be adjusted once an approved project timeline is completed. CanAm requires a minimum of 3 months from contract execution to the activities targeted for Month 1, outlined below. Scope of Services Target Month Activity Description Acceptance Criteria A.2 Project Pre- Planning Preliminary planning, team ramp-up, and kickoff scheduling/project alignment. Kickoff scheduled. 1 Kickoff Meeting, Teller Analysis Workshops, and Configuration 2 days of onsite or remote configuration analysis, including:  Teller Kickoff meeting with implementation team members to provide project overview and demonstration of Teller. CanAm has completed workshops and shared the resulting initial decision documentation. 2  Analysis workshops for configuration of Teller software for baseline Teller department.  IT workshop for coordination of deployment, hosting, and IT requirements for equipment.  Project planning. 2 Interface Workshops 2 days of onsite or remote interface analysis, including:  Workday A/R (Bi-Directional)  Clariti Permitting (Bi-Directional) CanAm has completed workshops and shared the initial resulting decisions and interface requirements. 3 Interface Requirements Interface specifications for all third-party interfaces including:  Workday A/R (Bi-Directional) CanAm has delivered finalized Interface Requirements documents based on information gathered with Client on each interface. 4 Interface Requirements Interface specifications for all third-party interfaces including:  Clariti Permitting (Bi-Directional) CanAm has delivered finalized Interface Requirements documents based on information gathered with Client on each interface. 4 Teller Configuration Completion of initial Teller Configuration and Setup for baseline Department based on Workshops. CanAm has performed initial Teller configuration available to Client in Test environment and provided the Teller Configuration Spreadsheet and Analysis Decisions Document. 5 Interface Configuration Configuration of Teller interfaces to:  JP Morgan Chase Image Cash Letter (ICL)  CivicRec Import Integration CanAm has demonstrated working integrations in Client Test environment. 6 Interface Configuration Configuration of Teller interfaces to:  Chase Credit (In-Person) CanAm has demonstrated working integrations in Client Test environment. 7 Interface Development Development of new Teller interfaces to:  Clariti Permitting (Bi-Directional) CanAm has demonstrated working integrations in Client Test environment. 8 Interface Configuration Configuration of Teller interfaces to:  Workday Financials CanAm has demonstrated working integrations in Client Test environment. 9 System Integration Testing System Integration Testing with Client systems and all interfaces and configuration in place. CanAm has demonstrated all integrations in Client Test environment. 3 10 Training Delivery of final configuration for 2 Departments. Training preparation and 2-days of onsite or remote delivery of setup and training sessions: 1. Teller Usage training (Train the Trainer) 2. Teller Administrator training (Train the Trainer) Training sessions completed including remedial sessions as needed. 11 UAT Remote support for Client’s User Acceptance Testing. Client-led End-User Training. CanAm has documented all issues identified and resolved any High or Critical priority issues raised during agreed-upon UAT period. 12 Go Live Provision Teller Production environment. Provide 2 days of onsite or remote go-live support by a Teller technician. 2-week Post-Go Live Support by Implementation team or until any critical or high priority issues remain unresolved. Transition to Teller Client Care for ongoing support. Teller is utilized in Production by Client for two weeks with all in-scope functions operational and any High or Critical priority issues resolved in Production to Client’s satisfaction. Monthly Project Management Monthly Plan and oversee all aspects of the Teller implementation project to meet the Client’s project goals on time and within budget. Estimated at 12 months. CanAm will provide monthly project status documents to the Client’s project manager. 4 Estimated Travel Costs Payment Milestones Invoices will be sent once a month for PM services and the portion of the project attributable to the month per the schedule below. Note that due to third-party vendor dependencies, activities completed within a given month may vary. Hardware will be billed on separate invoices. Month Planned Activities Notes Amount A.1 Contract Execution Contract execution. $0 A.2 Project Pre-Planning Pre-Planning and Kickoff Alignment. CanAm Resource Mobilization $22,021 1 On-site Kickoff Meeting, Teller Analysis Workshops, and Configuration Services, PM $10,608 2 Interface Workshops Services, PM $10,608 3 Interface Requirements Services, PM $10,608 4 Interface Requirements, Teller Configuration Services, PM $10,608 5 Interface Configuration Services, PM $10,608 6 Interface Configuration Services, PM $10,608 7 Interface Development Services, PM $10,608 8 Interface Configuration Services, PM $10,608 9 System Integration Testing Services, PM $10,608 10 Training Services, PM $10,608 11 UAT Services, PM $10,608 Item Description Estimated Total Travel (4 trips) Actual costs billed monthly as incurred in each month $10,005 5 12 Go Live Services, PM $11,841 $150,550 Pricing Terms  All quoted pricing is in US dollars and exclusive of any applicable taxes.  All invoices are based on the payment terms in the Reseller Agreement. Hardware Options Equipment prices are provided based on current rates, and subject to change due to changing hardware costs. Item Model Unit Price Quantity Total Receipt Printer Epson TM-M30/USB/Thermal Printer $324 0 $0 Check Scanner Digital Check CheXpress CX30 $500 0 $0 Cash Drawer APG Series 4000 Electronic Cash Drawer with Multi-Pro interface cable $422 0 $0 Credit/Debit Device Ingenico Lane 5000 USB credit/debit PINPad with cables $817 0 $0 Total Equipment 0 $0 Assumptions  All deliverables are provided on a Fixed Price basis.  No data conversion of cashiering data is anticipated in this project or included in the scope.  Usage training is on a “train the trainer” basis, designed to enable the Client’s key users to train existing and future staff on Teller. It is assumed that Can/Am will provide one set of training with key Client staff and trainers, who will perform end-user training for each area.  This Statement of Work is based on the assumption of a single Teller implementation cycle.  Configuration milestones assume CanAm will implement/assist in implementation of 2 departments. Any additional departments will be configured by Client or will be additions to scope.  Bi-Directional interfaces scoped within Interface Configuration Activities assume the usage of pre-existing Teller integration capabilities with the specified systems/solutions. Any new 6 functionality requests/requirements will be evaluated and may constitute additions to scope.  Credit Processing functionality assumes that Client will contract with Chase through Datacap or a single Teller-integrated credit provider for electronic payment processing.  Image Cash Letter integration is based on an interface to Chase and assumes that the Bank will cooperate in testing and approval for ICL submission from Client’s Teller system.  The CanAm Project Manager will coordinate the project with the Client, in conjunction with the Strada team implementing the Workday solution via the CanAm status calls, as well as other communication channels and information exchanges, including but not limited to, executive steering committee meetings, email communication, the exchange of General Ledger accounting data, and CanAm’s Workday Integration Specification Documentation.  The travel and accommodation costs necessary to deliver the scope of this effort described in this document are estimated and will be billed based on actual travel costs per the Can/Am Travel Policy. Public health concerns may require a combination of remote and on- site implementation. Client Responsibilities  Provide available current cashiering process documentation, including copies of any forms or receipts used.  Provide mandatory cash management controls required.  Provide list of items for sale with applicable price & account strings.  Identify and provide subject matter experts to collaborate with CanAm.  Attend analysis, demonstration, and training sessions.  Create user acceptance testing scenarios and plans. CanAm is able to provide high level testing scenarios upon request from the Client.  Provide training to end users prior to go live.  Acquire and set up all POS hardware and Credit Terminals (Through CanAm if desired).  Client staff will be available when required. Delays caused by lack of access may impact cost and schedule.  For all business application interfaces, obtain and provide the Teller implementation team with all API specifications and/or database connections and/or example files as well as a dev/test environment suitable for development of the interfaces. Where a test environment is not available, Client will provide a technical resource that will provide sample input data and validation of all output batch files. 7 UAT and Change Management UAT Acceptance The process of UAT acceptance allows the project teams and other project stakeholders to confidently move the project forward to Go Live knowing that key deliverables have been completed to the satisfaction of both parties. Upon completion of all deliverables and delivery of the complete system into the Client Testing Environment, Client will conduct User Acceptance Testing based on test plans that the Client develops. CanAm will support Client in this process via the initial training workshops, as well as through regular status calls and additional working sessions, as needed. Within 2 weeks of start of testing, Client will deliver to CanAm a list of all issues the High or Critical of which must be resolved prior to go live, so as to provide CanAm with the necessary lead-time to resolve the High or Critical issues, if any. Once the issues have been resolved, Client will test and either approve for Go Live or provide an additional list of items to resolve. This process will be documented with an Issues Log to enable tracking of issues and approval of results. If new issues are identified after the first 2 weeks of testing, CanAm will evaluate these with the Client and reach a mutual agreement as to resolution timeframe. Change Requests Scope management is a joint responsibility of the CanAm Project Manager and the Client Project Manager. The project team naturally plays a significant role in the management of scope and ultimately the success of the project. The change control process is initiated when CanAm and/or Client determine that a change is required to the current scope or schedule baseline at the time the change is identified. Changes to the project scope, schedule and costs will be documented and agreed to using Change Request forms executed by the Reseller, Client Project Manager and the CanAm Project Manager. Warranty 1. CanAm represents and warrants that: a. it will perform the Services in a professional manner. This includes taking in good faith all reasonable measures to achieve the results described in the Statement of Work; b. the Deliverables created by CanAm in connection with this Agreement will conform to the terms and specifications provided herein; c. it will not unreasonably delay deliverables beyond the estimated completion months set forth above, and it will immediately inform Client of any delays; 8 d. it has the full power and authority to enter into this Agreement, to carry out the obligations under this Agreement and to grant to Client the rights granted hereunder. 2. Unless otherwise directed by Client, CanAm will commence the Services at the time specified in the Statement of Work or as otherwise agreed by the Parties. Unless otherwise specified by Client, the Services will continue without interruption, and the Services will be completed, and the Deliverables will be provided within the time specified. Notwithstanding the foregoing, Client acknowledges that CanAm’s performance of this Agreement is dependent in part on Client’s actions and that any dates or time periods relevant to the performance of this Agreement by CanAm will be appropriately extended to account for any delays caused by Client’s actions or omissions or failure to perform any of its obligations pursuant to this Agreement. 3. CanAm warrants the Services provided under this Agreement for a period of ninety (90) days after go-live. 9 II. Can/Am Teller Licenses: Licensed Teller Interfaces and Users License Description Quantity Monthly Base Amount Teller Standard License Teller Standard License Package:  Production instance of Teller  Test instance of Teller  5 Named User Licenses  Credit Processing Interface  Unlimited read-only users  Hosting and Support Services 1 $2,969 Additional Named Users @ $62.40/month/user 10 Named User Licenses (total: 15 user licenses) $624 Business System Interfaces  Workday A/R (Bi-Directional)  Clariti Permitting (Bi-Directional $572 End of Day Payment Import Interfaces  CivicRec Import Integration $172 Image Cash Letter License / Check Recognition License  JP Morgan Chase ICL $343 Pricing based on annual payment $56,160 Annual Software as a Service Fees* License and all other fees are in US dollars and exclude any applicable taxes. Time Period Fee Year 1 $56,160 Year 2 $57,845 Year 3 $59,581 Year 4 $61,367 Year 5 $63,208 Year 6 $65,737 Year 7 $68,366 Year 8 $71,101 Year 9 $73,945 Year 10 $76,903 Professional Services* All rates are in US dollars and exclude any applicable taxes. Service Rate Professional Services Hours $239/hr 10 * After year one, Annual Fees and the Professional Services Hourly rate will be subject to an annual increase equal to 3 to 4% annually. Additional licenses and/or users may be added throughout the Term of this Agreement. The price for each added license and/or user will be pro-rated to the annual renewal date, itemized accordingly in an invoice, and henceforth included in the annual invoice. IN WITNESS WHEREOF, this Order Form is entered into as of the Order Form Effective Date. City of South San Francisco Iron Brick Associates, LLC Signature Signature Name Name Title Title Date Signed Date Signed 11 Teller Software as a Service Agreement This is the Teller Software as a Service Agreement (“Agreement”) dated as of 6/30/2025 (the “Effective Date”) between Can/Am Technologies Inc. (“CanAm”) a company incorporated under the laws of Colorado, having its principal place of business at 1819 Denver West Dr, Suite 225, Lakewood, CO 80401 and City of South San Francisco, CA, having its principal place of business at 400 Grand Ave. South San Francisco, CA 94080 (hereinafter referred as "Client"). RECITALS 1. Pursuant to the terms of this Agreement, CanAm will provide a web-based system to manage point of sale processes for Client. 2. This system assists Client in managing revenue intake from cashiering to balancing, providing reconciliation workflows, and is intended to provide Client with reporting and visibility into financial transactions, increasing the accountability and transparency of financial management for Client. AGREEMENT Client and CanAm agree as follows: 1. DEFINITIONS 1.1. Agreement – this document and all schedules attached or incorporated by reference, and any subsequent addendums or amendments made in accordance with the provisions hereof. 1.2. Annual Software as a Service Fee – the annual fee payable by Client (either to CanAm directly or to an authorized CanAm reseller, as applicable) for the use of Teller software, including Teller support services, including Updates, and SaaS Services provided by CanAm under this Agreement. 1.3. Concurrent User – means the users who are logged on at the same time and sharing a finite number of licenses. 1.4. Confidential Information – has the meaning set out in section 13 of this Agreement. 1.5. Configuration(s) – all work required to configure Teller to reflect the business rules, workflow, security and data requirements of Client. Configuration includes any custom reports, Interfaces, Plugins, and conversion scripts developed for Client. 1.6. Defect – a program error that will cause Teller to crash, or program algorithms or logic that produce incorrect results. Defects pertain to the intended operation of Teller as delivered to Client, but do not pertain to subsequent errors brought about by Infrastructure changes made by Client or any other Third- Party. Defects do not include changing user preferences, report or screen aesthetics, presentation standards, or validity of converted data. With the exception of Interfaces that connect Teller to Third-Party software as set out in a statement of work, defects do not pertain to problems arising from Third-Party Software interfaced to Teller, or to problems arising from Teller Configurations not developed by CanAm. 1.7. Enhancement – any work requested by Client to alter existing Teller features, or to add any new features or functions to Teller software. 1.8. Force Majeure – circumstances beyond a Party’s reasonable control, and that cannot be anticipated with reasonable diligence, including, without limitation, acts of God, acts of any governmental body, war, insurrection, sabotage, armed conflict, embargo, fire, flood, pandemics, unavailability or interruption in telecommunications or Third-Party services, virus attacks or hackers, failure of Third-Party Software, or inability to obtain power used in or equipment needed for provision of the Services. 1.9. SaaS Services – the services provided at the Third-Party hosting facility that are provided by CanAm to Client. 1.10. SaaS Services Site – the Third-Party hosting facility, at a U.S. location of CanAm’s choice, at which servers and related equipment are located. 12 1.11. SaaS Services SLA – the SaaS Service Level Agreement as provided below, and any subsequent addendums or amendments made in accordance with the provisions herein. 1.12. Client Infrastructure – any Client owned, leased, or licensed information technology hardware and/or software that is required by Client to perform business functions. This hardware and/or software can be providing the infrastructure needed to perform these functions or can also be used as a gateway to an external, non-client owned, infrastructure that provides the necessary business functions. 1.13. Deliverables – the services deliverables, documentation and defined milestone objectives set forth in a Statement of Work. For greater certainty, Deliverables shall not include any Third-Party Software or related documentation licensed directly to Client from a Third-Party, or any modifications or enhancements thereto or derivatives thereof. 1.14. Intellectual Property – property that derives from the work of the mind or intellect, specifically, an idea, invention, trade secret, process, program, data, formula, patent, copyright, or trademark or application, right, or registration. Intellectual Property includes: a) Teller pre-existing and newly developed software, or pre-existing and newly developed software Configurations (including stock report definitions) of CanAm; b) CanAm methodologies, processes, tools, and general knowledge of the matters under consideration; and c) any pre-existing or newly-acquired material provided to Client by CanAm under separate license. For clarity, Intellectual Property does not include Third Party APIs that are incorporated into Teller solely as an Interface to Client devices or Third Party Software. 1.15. Interface – a connection with Third Party Software or hardware used to deliver a unified end user experience. 1.16. Named User – an individual internal to Client who has access to the Teller Production Database. A Named User may access the Teller Production Database from any workstation on Client's network or intranet, or via the Internet. 1.17. On Call Support – support outside of CanAm’s support desk coverage (6 a.m. to 6 p.m. MT excluding CanAm published holidays). 1.18. Party or Parties – referring to CanAm or Client or both. 1.19. Plugin – additional functionality that extends core Teller features. Plugins may be added to Teller to permit additional functionality. Licensed Plugins are fully supported and may have their own release cycle separate from the Teller product release cycle. 1.20. Production Environment – the environment provided to Client for end user official business use. 1.21. Response Time – the target time for CanAm to respond to Critical, High, Medium and Low support requests (as defined in Section 6.3 of this Agreement). 1.22. Service(s) – the professional services to be provided pursuant to the Statement of Work (Exhibit C) or other written request. 1.23. Source Code – any and all program code or database definitions developed by CanAm programmers using a formal programming language and used by Teller software. 1.24. Specifications – means the requirements of the Deliverables as set forth in the Statement of Work (Exhibit C) or an amendment to this Agreement. 1.25. Statement of Work (SOW) – a document that describes the implementation services, software products, and other deliverables to be provided by CanAm (including its subcontractors if applicable) to Client under this Agreement. The Statement of Work is attached to this Agreement as Exhibit C. 1.26. Teller – an enterprise Point of Sale system that manages revenue intake from cashiering to balancing and reconciliation workflows in a single integrated database. Teller includes the reports and documentation that come with the Teller software. 1.27. Teller Annual Software as a Service Agreement – the document (i.e., this Agreement) which provides the terms and conditions under which the right to use Teller is provided to Client. 1.28. Test Environment – the environment set up by CanAm to provide testing and training capability for Client. 1.29. Third-Party – a person, corporation, organization or entity other than Client or CanAm. 13 1.30. Third-Party Software – any identifiable product embedded in and/or linked to Teller software, but to which the proprietary rights belong to an independent Third-Party. 1.31. Update(s) – updates to Teller issued by CanAm, generally every six (6) weeks, to general availability for Teller Clients. 2. SCOPE OF AGREEMENT 2.1. By this Agreement, CanAm agrees to provide Client with a single Annual SubscripƟon SoŌware License to use Teller in the ProducƟon Environment. This License includes the number of Interfaces, Concurrent Users, and/or Named Users idenƟfied in Exhibit A and subsequent purchase orders. 2.2. Client and CanAm agree that CanAm may opt to permit the use of this Agreement by broader public sector enƟƟes to procure Teller SoŌware as a Service according to the terms and condiƟons of this Agreement as follows: "Broader Public Sector EnƟƟes" means other poliƟcal subdivisions, municipaliƟes, tax-supported agencies and non-profit enƟƟes in the United States, including all local and state government agencies, academic insƟtuƟons, school boards, special districts and any other public enƟƟes as acknowledged by the Federal government and any other public enƟƟes as agreed by Client. With respect to purchases by Broader Public Sector enƟƟes, Can/Am acknowledges that such Broader Public Sector EnƟƟes shall make purchases in their own name, make payments directly to CanAm, and shall be liable directly to CanAm, holding Client harmless. 3. TERM OF AGREEMENT 3.1. This Agreement will remain in effect for a period of one (1) year from signing and will be renewed annually thereafter upon payment by Client of the Annual Software as a Service Fee within thirty (30) days of receipt of the renewal invoice, unless otherwise revised or terminated under the provisions of this Agreement. Each annual renewal invoice will be issued thirty (30) days prior to renewal. 4. GRANT OF LICENSE 4.1. This Agreement provides Client with a non-exclusive and non-revocable license for Teller as identified in Exhibit A of this Agreement. This license will be effective for as long as this Agreement is in place and Client remains current with payment of their Annual Software as a Service Fee. 4.2. Client is licensed to use Teller in one (1) Test Environment and one (1) Production Environment at CanAm hosting site. 4.3. Client is licensed to use Teller only for processing transactions associated with Client’s business or public purposes. Any other use of Teller by Client is not permitted. 5. SOFTWARE AS A SERVICE FEE 5.1. Client agrees to pay an Annual Software as a Service Fee as specified in Exhibit A for license rights to Teller and for associated Teller support and Teller SaaS Services. The first year of the Teller Software as a Service Fee is billable upon execution of this agreement. 5.2. Client may subsequently add licenses and users throughout the Term for an additional price as set out in Exhibit A. 5.3. The Annual Software as a Service Fee does not include Configuration. CanAm may provide these Services for additional charge under a SOW or directly as professional services for the time and materials hourly rate established in Exhibit A. 5.4. Client agrees to remit payment annually within 30 calendar days of receipt of the invoice. CanAm reserves the right to charge Client one (1) per cent interest per month on the undisputed outstanding balance of any fees or expenses not paid with thirty (30) days of date of invoice. 14 6. SUPPORT SERVICES 6.1. CanAm agrees, during the term of this Agreement, to provide Teller support services in a timely and professional manner. CanAm will provide unlimited technical support for Client’s Teller support personnel described in Section 7.2 of this Agreement. Support pertains to Teller and licensed Teller Plugins. 6.2. The Teller support web site will be available 24 x 7 for submitting Client support requests. The Teller support desk will be staffed from 6:00 a.m. to 6:00 p.m. Mountain Time, Monday to Friday, excluding CanAm published holidays. Extended hours of On Call Support outside of these working hours can be provided at additional rates per Section 8. Teller is continuously monitored 24/7. Any critical issues affecting Client’s implementation will be treated as critical per the chart set out below in clause 6.3. 6.3. When Client submits a support request through the Teller support web site during normal CanAm hours for support, as specified in Section 6.2 of this Agreement, CanAm and Client will categorize, and CanAm will escalate as appropriate, the support request according to the following criteria. To ensure the listed Response Time, Client must call the provided Teller support toll-free number to report or confirm Critical and High priority issues. Severity Definition Response Time Resolution Time Critical Client site is down. Major impact to operations of Client site. < 15 minutes Immediate and ongoing effort, with daily reporting to Client as necessary until a work-around or fix has been provided. High Major impairment of at least one important function at Client site. Operations at Client site are impacted. All important Client functions are working albeit with extra work. < 1 hour Proceed with fix as high priority work with reporting to Client as necessary until a work-around or fix has been provided. Medium Client Operations not significantly impacted. One or more minor Client functions not working. Major usability irritations impacting many staff at Client. < 4 hours Proceed with fix as medium priority work, according to schedule set by CanAm. Low Minor usability irritations. Work-around exists. < 2 business days Proceed with fix as low priority work, according to schedule set by CanAm 6.4. The Software as a Service Fee does NOT include technical support for Configurations and Third-Party Software not embedded within Teller, such as (but not limited to) operating system software and Microsoft Office products. Technical support for Teller related Third-Party hardware that may be used by Client, including scanners, printers, credit terminals, and other hardware peripherals is also not included. 6.5. CanAm will not begin charging Client for resolution of a non-Teller related problem until CanAm demonstrates to Client that the source of the problem is not related to a Teller Defect and Client has authorized work to resolve the issue. No time will be charged to Client for Teller Defects reported to CanAm. 6.6. Unless otherwise specified, Teller product warranty and support activities will be conducted at and deployed remotely. Travel and living expenses to provide on-site services deemed by CanAm at its sole discretion as required to repair a Teller Defect will not be charged to Client. 15 7. CLIENT OBLIGATIONS AND RESPONSIBILITIES Unless otherwise stated in a separate agreement between the parties or in a Schedule of this Agreement, the following tasks will be the sole responsibility of Client: 7.1. Infrastructure Support –managing the local Internet Service Provider (ISP) providing Client its internet connection and/or its wireless service; managing its own networks; managing all desktop and mobile hardware for Client staff and implementing its own security policies and procedures. 7.2. First-Line Teller Support – Client is responsible for providing first-line Teller support to Client staff. First- line Teller Client support is responsible for researching issues and assessing if they are the result of a Teller Defect. Client will identify a limited number of Client staff entitled to submit Teller support requests. 7.3. Future Updates – Client acknowledges that future Updates of Teller software may require different or additional Client equipment and/or software to function properly. CanAm will provide Client with ninety (90) days notification of such requirements, unless an emergency security update is required in which case reasonable notification will be provided. of such requirements. Client will be responsible to fund, acquire, install, and maintain such different or additional equipment and/or software. 8. PROFESSIONAL SERVICES 8.1. At the request of Client, CanAm may provide any or all of the following professional services: development of custom Configurations, report development, training, extended warranty, first line Teller support, On Call Support, and any other consulting activity. CanAm professional services may be purchased for an all-inclusive fixed-cost, or on a time-and-materials basis. All time and materials services will be approved in advance by the Client in a mutually agreed Statement of Work or other written request, and invoiced monthly based on the rates specified in Exhibit A. For fixed-cost services, all terms, conditions and costs will be specified in a mutually agreed Statement of Work. 8.2. CanAm will perform the Services and provide the deliverables that are described in each Statement of Work in accordance with the terms of the SOW and this Agreement, for the price and in accordance with the delivery dates and Specifications described in the Statement of Work. 9. PAYMENT FOR SERVICES 9.1. Client will pay (either to CanAm directly or to an authorized CanAm reseller, as applicable) the fees set out in the Statement of Work, plus all applicable taxes, upon acceptance of deliverables specified in the Statement of Work, subject to receipt of invoices from CanAm. 9.2. CanAm will submit invoices and other supporting documentation which may be required by Client describing the Services and deliverables for which payment is claimed. 9.3. Client will pay, without set-off or deduction, each invoice or undisputed portion of an invoice within thirty (30) days from receipt of the invoice. Any disputes will be resolved according to the dispute resolution process set out in Section 17 of this Agreement. CanAm reserves the right to charge Client one (1) per cent interest per month on any undisputed outstanding balance of any fees or expenses not paid within thirty (30) days of date of invoice. 10. SOURCE CODE 10.1. This license will provide Client with run-Ɵme only capability for Teller as described in SecƟon 2 of this Agreement. 10.2. Source code (metadata) to custom ConfiguraƟons, reports, and specialized code developed specifically for Client will be provided to Client upon request. 16 11. REPRESENTATIONS AND WARRANTIES 11.1. CanAm will repair Teller Defects reported by Client during the term of this Agreement at no additional charge to Client. CanAm will make all reasonable efforts to resolve Defects quickly, via an Update if necessary. Issues will be categorized and resolved in the same priority set out in the chart in section 6.3 above. Teller product development standard is compliance with Section 508 / WCAG 2.1 standards or provide a functional alternative. 11.2. The warranty on all CanAm-developed custom Configuration is defined in the applicable SOW. Subject to clause 11.4, licensed Interfaces are warranted. Material changes to the Client environment may require additional fee-based work. 11.3. CanAm does not provide warranty for any custom Configuration or custom code not developed by CanAm, or Third Party files included with Teller that are required to integrate with equipment or Third Party software. 11.4. CanAm warrants that it has full power and authority to grant this Teller license and that as of the effective date of this Agreement, the Teller software does not infringe on any existing Intellectual Property rights of any Third Party. If a claim of infringement is made by any Third Party, CanAm may, at its sole option either: a) secure for Client the right to continue using the Teller software; or b) modify the Teller software so that it does not infringe. If CanAm cannot or does not either secure for Client the right to continue using the Teller software or modify the Teller software so that it does not infringe, Client may terminate this Agreement for CanAm’s breach under Section 15.2. This represents Client's sole and exclusive remedy with respect to this warranty. CanAm has no obligation to indemnify Client under this Section if any infringement claim is based upon or caused by the following: (i) a use for which Teller was not designed or specified; (ii) design specifications or any data, information, drawings, manuals, script, or like materials provided by Client to CanAm, which has resulted in the infringement action; and/or (iii) the unapproved combination, operation or use of Teller with any other Third Party product not provided by CanAm, to the extent that such combination, operation, or use results in the loss, damage, claim or expense in question. CanAm provides no warranty whatsoever for any Third Party software or hardware products. In the event of an infringement claim for which Client is or may be entitled to indemnification hereunder, CanAm will assume the defense at CanAm’s sole expense. CanAm will consult with Client regarding any settlement of any Third Party Claim but shall not be required to receive Client’s consent to settle any such claim, provided that no settlement shall require Client to admit any wrongdoing without Client’s consent. Notwithstanding the foregoing, Client is entitled to be represented in any such action, suit, or proceeding at its own expense and by counsel of its choice. 11.5. TO THE MAXIMUM EXTENT PERMITTED BY LAW, CANAM AND ITS LICENSORS AND SUPPLIERS DISCLAIM ALL OTHER WARRANTIES AND CONDITIONS, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABLE QUALITY OR FITNESS FOR PARTICULAR PURPOSE, WHETHER ARISING BY STATUTE OR IN LAW OR AS A RESULT OF A COURSE OF DEALING OR TRADE USAGE. 11.6. THIS SECTION 11 SETS OUT THE SOLE AND EXCLUSIVE REMEDY WHICH APPLIES OR SHALL APPLY TO TELLER AND THE SERVICES. NO ORAL OR VERBAL ADVICE OR INFORMATION GIVEN BY EITHER PARTY, THEIR AFFILIATES OR ITS OR THEIR AGENTS, SERVANTS, EMPLOYEES, OR REPRESENTATIVES, SHALL CREATE A DIFFERENT OR GREATER WARRANTY, AND THE PARTIES ACKNOWLEDGES THAT IT MAY NOT RELY UPON ANY SUCH ORAL OR WRITTEN COMMUNICATIONS TO CREATE OR ESTABLISH WARRANTY RIGHTS IN EXCESS OF THE SOLE AND EXCLUSIVE WARRANTY HEREIN. 17 12. OWNERSHIP OF SOFTWARE AND DATA 12.1. CanAm has exclusive licensing and distribution rights for Teller software (Copyright © 2004 – 2025, all rights reserved), including Teller; licensed Teller Plugins, and licensed Teller Interfaces within the United States of America and Canada. Client will not remove any ownership or copyright notices from Teller software or documentation. Reproduction, disassembly, decompilation, transfer, reverse engineering, or disclosure to others, in whole or in part, of Teller is strictly prohibited. 12.2. CanAm is, and will remain, the exclusive owner, or is the authorized agent of the owner of Teller proprietary information, and all patent, copyright, trade secret, trademark, and other Intellectual Property rights remain solely with CanAm. No license or conveyance of any such rights to Client is granted or implied under this Agreement. 12.3. CanAm will retain ownership of the Intellectual Property associated with Enhancements or Interfaces developed by CanAm for Client. 12.4. Client is deemed to own any custom Configuration for their Teller installation. Client grants CanAm a non-exclusive, perpetual, irrevocable, royalty-free, worldwide license to use, reproduce, sublicense, modify, and sell the custom Configuration developed pursuant to this Agreement without compensation to Client. 12.5. Notwithstanding anything to the contrary herein, each Party and its respective personnel and contractors shall be free to use and employ its and their general skills, know-how, pre-existing IP and expertise, and to use, disclose, and employ any generalized ideas, concepts, know-how, methods, techniques, or skills gained or learned during the course of any assignment, so long as it or they acquire and apply such information without disclosure of any Confidential Information of the other Party. 12.6. Client may not sell, rent, lease, give, distribute, assign, pledge, sublicense, loan, timeshare, or otherwise transfer Teller software or documentation to any other Party. Client agrees not to distribute Teller as part of any other software product, commercial or otherwise, without the prior written approval of CanAm. 12.7. Client will retain sole and complete ownership of its data at all times, regardless of the location of the data, and CanAm may not make any use of Client data other than for testing and Service delivery purposes, without the prior written consent of Client. 13. CONFIDENTIAL AND PROPRIETARY INFORMATION 13.1. Each Party will hold in confidence, and will not disclose to any unauthorized personnel, any confidential or proprietary information of the other Party. Each Party will use such confidential or proprietary information only for the purpose for which it was disclosed. 13.2. As used in this Agreement, the term “confidential or proprietary information” (“Confidential Information”) means all trade secrets or proprietary information designated as such in writing by one Party to the other. All software code in source of object format will be deemed to be proprietary information regardless of whether it is marked as such. Information which is orally or visually disclosed by one Party to the other, or is disclosed in writing without an appropriate letter, proprietary stamp or legend, will constitute proprietary information of the releasing Party if: a) it would be apparent to a reasonable person, familiar with the business of the releasing Party and the industry in which it operates, that such information is of a confidential or proprietary nature; or b) The releasing Party, within thirty (30) calendar days after such disclosure, delivers to the receiving Party a written document describing such information and referencing the place and date of such oral, visual, or written disclosure, and the names of receiving Party personnel to whom such disclosure was made. 13.3. Each Party will only disclose Confidential Information received by it under this Agreement to personnel who have a need to know such Confidential Information for the performance of its duties and who are bound by an agreement to protect the confidentiality of such Confidential Information. 18 13.4. Each Party will adopt and maintain programs and procedures which are reasonably calculated to protect Confidential Information, and will be responsible to the other Party for any disclosure or misuse of Confidential Information which results from a failure to comply with this provision. Each Party will promptly report to the other Party any actual or suspected violation of the terms of this Agreement and will take all reasonable further steps requested by the offended Party to prevent, control, or remedy any such violation. 13.5. The obligations of each Party specified above will not apply with respect to any Confidential Information, if the receiving Party can demonstrate, by reasonable evidence, that such Confidential Information: a) was generally known to the public at the time of disclosure or becomes generally known through no wrongful act on the part of the receiving Party; b) was already in the possession of the receiving Party at the time of disclosure; c) becomes known to the receiving Party through disclosure by sources having the legal right to disclose such Confidential Information; d) was independently developed by the receiving Party without reference to, or reliance upon, the Confidential Information; or e) was required to be disclosed by the receiving Party to comply with applicable laws or governmental regulations, including but not limited to the California Public Records Act, provided that the receiving Party provides prompt written notice of such disclosure to the offended Party and takes reasonable and lawful actions to avoid and/or minimize the extent of such disclosure and, if possible, ensure that the confidentiality obligations of this Agreement are maintained. 13.6. If Client is subject to freedom of information legislation including but not limited to the California Public Records Act, CanAm agrees to adhere to the standards outlined in such legislation regarding protection of privacy and disclosure of records with respect to all work done for Client pursuant to this Agreement. 13.7. Upon termination of this Agreement, each Party will make all reasonable efforts to return to the other Party all tangible manifestations, and all copies thereof, of Confidential Information received by the other Party under this Agreement, if requested to do so by the disclosing Party. In addition, each Party shall certify in writing that it has not retained any copies of any materials belonging to or furnished by the other Party, and that any software provided by the other Party pursuant hereto has been deleted from that Party’s computer and no copies have been retained in any form. The foregoing obligation shall not apply to Confidential Information that: (i) a Party deems necessary to retain to comply with applicable laws and regulations; and (ii) exists only as part of regularly generated electronic backup data, destruction of which is not reasonably practicable. 14. LIMITATIONS OF LIABILITY AND INDEMNITY 14.1. CANAM’S MAXIMUM TOTAL LIABILITY FOR ANY THIRD PARTY ACTION, CLAIM, LOSS OR DAMAGE ARISING OUT OF TELLER AND THE PERFORMANCE OF ANY SERVICES IN CONNECTION WITH THIS AGREEMENT, REGARDLESS OF THE FORM OF ACTION, CLAIM, LOSS OR DAMAGE, BE IT CONTRACT, TORT, STATUTE OR OTHERWISE, SHALL BE AN AWARD FOR DIRECT PROVABLE DAMAGES THAT IN NO EVENT EXCEED THE AGGREGATE OF THE AMOUNTS PAYABLE TO CANAM UNDER THE TERM OF THIS AGREEMENT IN THE SIX (6) MONTH PERIOD PRIOR TO THE EVENT GIVING RISE TO THE CLAIM. 14.2. CLIENT SPECIFICALLY ACKNOWLEDGES AND CONFIRMS THAT UNDER NO CIRCUMSTANCES WHATSOEVER WILL CANAM BE LIABLE FOR ANY INCIDENTAL, INDIRECT, EXEMPLARY, SPECIAL OR CONSEQUENTIAL DAMAGES OF ANY NATURE OR KIND, OR ANY LOSS RESULTING FROM BUSINESS DISRUPTION ARISING FROM THE USE OF TELLER, OR FROM ANY SERVICES COVERED UNDER THE TERMS OF THIS AGREEMENT, REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT PRODUCT LIABILITY OR OTHERWISE, EVEN IN THE EVENT THAT CANAM HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 14.3. Subject to Section 14.1 and 14.2, CanAm will indemnify and hold harmless Client and its affiliates, employees and agents from and against any and all liabilities, losses, damages, costs, and other expenses (including attorneys’ and expert witnesses’ costs and fees) arising from or relating to any Third Party claim 19 caused by the intentional misconduct or gross negligence of CanAm or any of its employees, agents or subcontractors in performing the Services. 15. TERMINATION AND DEFAULT CONDITIONS 15.1. CanAm may terminate this Agreement if: Client fails to make required payments of undisputed invoices within 90 days of due date provided that CanAm has issued a minimum of two (2) delinquency notices, Client materially fails to fulfill its obligations and responsibilities or breaches any material term of this Agreement, Client becomes bankrupt or insolvent, or if a receiver is appointed to manage the property and assets of Client. If any of the above conditions are encountered, CanAm will provide written notice to Client and provide 30 calendar days for Client to remedy the default. If the default is not rectified within 30 calendar days, CanAm will have cause to terminate this Agreement. 15.2. Client may terminate this Agreement if: CanAm materially fails to fulfill its obligations and responsibilities or breaches any material term of this Agreement, CanAm becomes bankrupt or insolvent, or if a receiver is appointed to manage the property and assets of CanAm. If any of the above conditions are encountered, Client will provide written notice to CanAm and provide 30 calendar days for CanAm to remedy the default. If the default is not rectified within 30 calendar days, Client will have cause to terminate this Agreement. 15.3. In the event that, during the term of this Agreement, funds are not appropriated for the payment of Client’s obligations hereunder, Client may terminate this Agreement with thirty (30) days advance written notice, effective on the last day for which an appropriation has been made. 15.4. Termination of this Agreement will not affect the provisions of this Agreement relating to the payment of amounts due under Section 5; Software as a Service License Fees, Section 14; Limitation of Liability and Indemnity, Section 13; Confidentiality; or any other obligations of the parties which by their nature are intended to survive termination of this Agreement. 16. RIGHTS AND OBLIGATIONS 16.1. If either CanAm or Client terminates this Agreement, CanAm will retain all fees for Services delivered to Client up to the date of termination. CanAm will refund a pro-rated portion of the Annual Software as a Service Fee to Client, based on the number of full or partial calendar months of service provided under the Agreement since the last annual renewal date. 16.2. Any termination by either Party as provided in this Agreement will not in any way operate to deny any right or remedy of the other Party, either at law or in equity, or to relieve a Party of any obligation to pay the sums due under this Agreement, or of any other obligation accrued prior to the effective date of termination. 16.3. Upon termination of this Agreement, Client agrees to cease any and all operational use of Teller and further agrees to delete all Teller software from the Client Infrastructure. CanAm agrees to make reasonable provision for an extract of Client’s operational data from Client’s Production Environment if requested by Client. 16.4. Teller is subject to the export control laws of the United States and other countries. Client may not export or re-export Teller software without the appropriate United States and foreign government licenses. Client must comply with all applicable export control laws and will defend, indemnify and hold CanAm harmless from any claims arising from Client’s violation of such export control laws. 17. DISPUTES 17.1. CanAm and Client will both separately and jointly use diligent efforts to establish positive and ongoing communications both within and between their respective organizations. Key personnel within CanAm and Client will communicate regularly in order to review the status and priorities for the provision of services by CanAm and Client. 17.2. In the event of any dispute arising between CanAm and Client with respect to their rights and obligations under this Agreement, the Party feeling itself aggrieved will notify the other Party of the substance in 20 writing of such grievance. Both parties agree to work in good faith and make all reasonable efforts to resolve the dispute, including, if necessary, escalating the dispute to:  First level: the Project Manager of CanAm and the Project Manager for Client; and  Second level: the President/CEO of CanAm and the Chief Executive for Client. 17.3. In the event the grievance cannot be resolved to the mutual satisfaction of the parties within 30 calendar days, the Party feeling itself aggrieved may request mediation, based on the then-current commercial mediation rules of the American Arbitration Association. The award of the mediation body will be non- binding upon CanAm and Client. 18. RELATIONSHIP OF THE PARTIES 18.1. Each of the Parties is an independent contractor. Nothing herein shall be construed to place the Parties in a relationship of principal and agent, partners or joint venturers, and neither Party shall have the power to obligate or bind the other Party in any manner whatsoever. 19. WAIVER 19.1. No failure or delay on the part of either Party to exercise any right or remedy hereunder will operate as a waiver of such right or remedy. 20. ASSIGNMENT AND SUCCESSION 20.1. This Agreement, including all of its rights and obligations created hereunder, shall not be assigned or transferred in any manner whatsoever (except upon transfer of majority ownership of a Party's business by merger, or consolidation, in which case the Agreement may be assigned to the succeeding owner) unless with the prior written consent of the opposite Party signed by an officer thereof, which consent will not be unreasonably withheld. Subject to the foregoing, this Agreement shall be binding upon and shall inure to the benefit of the Parties and their respective successors and assigns. 21. NON SOLICITATION 21.1. Client agrees that for the duration of this Agreement, and for a period of one (1) year from the date of termination of this Agreement (or the date of termination of the final SOW if that date is later), it will not on its own behalf or on behalf of any other person or entity: (a) initiate contact for the purposes of hiring or contracting the service of, or (b) directly or indirectly solicit or induce for employment, or otherwise offer to hire or contract the services of, any employee, contractor or agent of CanAm who is directly related to the provision of services hereunder. Notwithstanding the foregoing, the provisions of this Section 21.1 shall not apply to the hiring of: (i) any individual who is hired as a result of responding to a general public “help wanted” type of solicitation by a Party; or (ii) any individual who, of his or her own volition, approaches, contacts, or solicits a Party for employment or other working arrangements and who such Party has not induced or solicited to make such approach, contact, or solicitation. 22. FORCE MAJEURE 22.1. Neither Party shall be under liability to each other by reason of non-performance or delay in performance of any obligation hereunder caused by Force Majeure, to the extent that non-performance or delay is attributable to such Force Majeure and only for the duration of the Force Majeure and the effect upon its ability to perform its obligation hereunder. 23. SEVERENCE 23.1. If any provision of this Agreement is declared by a court of competent jurisdiction to be invalid, illegal, or unenforceable, such provision can be severed from this Agreement and all other provisions will remain in full force and effect. 21 24. INSURANCE 24.1. CanAm shall, at its own expense and without limiting liabilities under this Agreement, insure its operations under a contract of General Liability Insurance in an amount of not less than $1,000,000 inclusive per occurrence, insuring against bodily injury, personal injury and property damage including loss of use thereof, and such other insurance as CanAm deems necessary in its sole discretion, to provide standard protections of its business. 24.2. CanAm shall provide Client with acceptable evidence of insurance upon request. 25. CURRENCY 25.1. Unless otherwise noted, all reference to payment amounts in this Agreement are in U.S. dollars. 26. GOVERNING LAW 26.1. This Agreement will be governed by, construed, and enforced in accordance with the laws of the State of California. The parties irrevocably attorn to the jurisdiction of the courts of the State of California. 27. COUNTERPARTS 27.1. This Agreement may be executed in two or more counterparts, by facsimile or otherwise, each of which is an original, and all of which together constitute one and the same instrument, notwithstanding that all parties are not signatories to the same counterpart. 28. ENTIRE AGREEMENT 28.1. This Agreement, and any applicable attachments, SOWs, schedules, exhibits or other documents constitutes the entire agreement of the Parties with regard to the matters herein, and supersedes all other prior written or oral agreements, representations and other communications between the Parties. All terms of any order acknowledgement or other document provided by Client, including but not limited to any pre- printed terms thereon and any terms that are inconsistent, add to, or conflict with this Agreement, shall be null and void and of no legal force or effect. No modification of this Agreement is valid unless set out in writing by the Parties. Can/Am Technologies, Inc. City of South San Francisco ________________________________ _____________________________ Signature Signature _________________________________ _____________________________ Name Name _________________________________ _____________________________ Title Title _________________________________ _____________________________ Date Date 22 SaaS Service Level Agreement 1. OWNERSHIP OF DATA 1.1. Regardless of the location of the hosting facility, Client will retain sole and complete, legal and beneficial ownership of its data stored on the Hosting Services Site. 1.2. CanAm’s responsibilities and rights regarding Client data are solely restricted to the provision of services described in this Hosting SLA. CanAm may not make any other uses of Client data for any reason whatsoever, without the express written consent of Client, unless ordered to release such data by a court of competent jurisdiction. 1.3. Client may request return of any or all of its data at any time, for any reason, and CanAm will provide such data within a reasonable period of time, in native format. 2. OVERVIEW OF SAAS SERVICES 2.1. CanAm is committed to providing secure, reliable and dedicated SaaS Services to Client. For maximum protection and value to Client, CanAm will contract with Amazon AWS for provision of a hosting facility in the United States. 2.2. CanAm reserves the right to change hosting providers to an alternate service providing comparable functionality, and meeting the standards in this document. Any change CanAm makes to the hosting provider will not impact Client pricing. 2.3. All SaaS services will be provisioned from data centers located within the United States. 2.4. In return for Annual Software as a Service Fee from Client, CanAm will provide the following services to Client: Service Description Secure Hosting Site A secure hosting facility with 24/7 security control. Internet Service Providers A facility with stable network connectivity across North America. Internet services will be routed through multiple independent carriers to eliminate single-carrier points of failure. Data and Service Redundancy Redundant storage across multiple zones providing failover in the event of a catastrophic failure at the primary hosting site. Software Operating System, Database and Virus Protection software as required to run the Teller environments. CanAm will keep systems secure by keeping them up-to-date on security patches and security audits, and all Third-Party critical updates will be applied in a timely manner following Third-Party vendor notification. Teller Software Updates CanAm will test and install into the Teller environment at the SaaS Services hosting Site, all Updates to the Teller software which are made generally available during the term of this Agreement. Data Backups Securing Client data against loss is a key provision within the SLA. Full backups will be performed on a regular basis. Direct Database backups are performed every 2 hours from the primary to the backup hosting region. Backups are replicated multiple times daily to a second geographic region to insure against the possibility of a catastrophe affecting a given region. 23 3. AVAILABILITY COMMITMENT, ISSUE TRACKING, AND REMEDIES 3.1. While the SaaS Services Site availability will generally be expected to be 24 x 7 (except for Scheduled Maintenance or unscheduled Emergency Outages as defined in 3.5 below), the commitment of CanAm is to provide SaaS Services hosting site availability during CanAm business hours (6:00 am – 6:00 pm Monday through Friday Mountain Time, excluding published CanAm holidays) for 99.9% uptime or better in a calendar month. Credits may be claimed only against loss of SaaS Services during CanAm business hours. 3.2. If CanAm during regular Client business hours fails to provide SaaS Services availability, as defined below, in any given calendar month, CanAm will issue a credit towards future SaaS Service Fees in accordance with the following schedule: SaaS Services Site Availability Credit Percentage (of monthly fee) 99.9% to 100% 0% 98.0% to 99.8% 2.5% 97.0% to 97.9% 5% 95.0% to 96.9% 7.5% 90.0% to 95.0% 25% Below 90.0% 100% 3.3. Can/Am will provide a monthly report identifying any downtime in the previous month. Downtime will be calculated to the minute from the time it is first detected (by our monitoring or by Client report) until service is restored, during the guaranteed availability time period defined in 3.1. Downtime percentage is calculated as: Minutes of Downtime / (Daily Guaranteed Availability Minutes X Number of Business Days in Month – Emergency Outage (as defined below) minutes). Credits will be applied to the next billing cycle. 3.4. The total amount credited to Client for any given month under this SaaS Services SLA will not exceed the total Annual Software as a Service fee paid by Client for such month for the affected service. Except in cases of gross negligence, client specifically acknowledges and confirms that under no circumstances whatsoever will CanAm be liable for any incidental, indirect, exemplary, special or consequential damages of any nature or kind, or any loss resulting from business disruption arising from any services covered under the terms of this agreement, regardless of the form of action, whether in contract, tort (including negligence), strict product liability or otherwise, even in the event that CanAm has been advised of the possibility of such damages. 3.5. Client will not receive any credits under this Agreement in connection with any failure or deficiency of CanAm SaaS Services caused by:  Scheduled Maintenance – Time allocated for scheduled maintenance outages, Emergency Outages (as defined below), or critical updates of servers and other CanAm equipment will not be considered “down time” as used in the calculation of SaaS Services availability described in Section 3.2 of this SaaS Services SLA. Maintenance will be scheduled for outside of Client Business hours specified in Section 3.1 of this SaaS Service SLA. The schedule for regular monthly maintenance windows will be provided to the Client at least 4 weeks prior. Except for emergencies, maintenance outages will be communicated via e-mail to the Client at least 2 business days in advance of any such outage.  Client Equipment – Client is solely responsible for maintaining all Client equipment not at the SaaS Services Site and for ensuring that such equipment is in proper working order, has the correct software installed, and has the ability to connect to the CanAm SaaS Services for the exchange of data. 24  Client ISP Provider – Client is solely responsible for maintaining all Client connections with local Internet Service Providers (ISPs) and for resolving any problems that might arise with local ISP connections.  Internet Outages – CanAm is not responsible for Internet outages (including ISP peering) that may make CanAm SaaS Services appear inaccessible when others can still access it.  Client Acts or Omissions – including acts or omissions of others engaged or authorized by Client, including, without limitation, any negligence, willful misconduct, or use of the SaaS Services in breach of the terms and conditions of this SaaS Services SLA.  Emergency Outage - Unavailability of SaaS due to Can/Am or hosting provider response to critical security vulnerability (such as a “Zero Day Vulnerability”) or suspected breach  Force Majeure EXHIBIT C STRADA U.S. PROFESSIONAL SERVICES, LLC ORDER FORM ORDER FORM #00503739.STRADA Reseller Name Iron Brick Associates, LLC Customer Name City of South San Francisco (“Customer”) Service Provider Strada U.S. Professional Services, Inc. Services Workday Implementation Services Order Term July 28, 2025 through April 23, 2027 Additional Terms and Conditions Strada Service Terms and Data Protection Agreement incorporated herein and set forth below Currency USD Total Fees $2,903,085 I. Strada Implementation Services: This Statement of Work for: Workday Deployment (this “SOW”), effecƟve as of July 1, 2025 (the “Service Date”), is by and between CITY OF SOUTH SAN FRANCISCO (“SOUTH SAN FRANCISCO” or “Client” or “Customer”) and Iron Brick Associates, LLC as the authorized reseller (“Reseller”) of Strada U.S. Professional Services, LLC (“Strada” or “Supplier”) services. Strada together with Client, are each referred to herein as a “Party” and collec Ɵvely the “ParƟes”. This SOW adopts and incorporates by reference the terms and condi Ɵons of the Strada Service Terms and Strada Data ProtecƟon Agreement below(the “SSA”). Any amendment or modificaƟon of the SSA aŌer the Service Date shall have no effect on this SOW unless otherwise agreed by the Par Ɵes. Capitalized terms used but not defined in this SOW shall have the meanings ascribed thereto in the SSA. In consideraƟon of the mutual covenants contained herein, and other valuable consideraƟon, the receipt and sufficiency of which are hereby acknowledged, the ParƟes agree as follows: I. STATEMENT OF WORK TERM The term of this Statement of Work will commence on the Service Date and shall end on 04/23/2027 unless sooner terminated in accordance with the Agreement or this SOW. Client may terminate this SOW for convenience upon noƟce to Strada at least 60 days prior to the service effecƟve thereof. II. PROJECT OVERVIEW / BACKGROUND This Statement of Work describes the Services related to the configuraƟon, tesƟng and deployment of the Workday soluƟon as described herein (the “Workday SoluƟon” or “Workday”) and the Client's Customer Tenant for Client’s Customer (i.e., CSSF). Strada is not responsible for any services, tasks or func Ɵons not idenƟfied as a Strada responsibility herein; Client’s Customer or its third-party providers and vendors shall retain responsibility for all services, tasks or funcƟons idenƟfied as a Client’s Customer responsibility herein. Strada may u Ɵlize deployment automaƟon tools in the performance of the Services. 2 This SOW shall include the responses to the Requirements Traceability Matrix (RTM) that Strada and Workday had submiƩed to the City of South San Francisco as part of the proposal. These requirements will be used to create the Requirements Design Guide (RDG) that is used throughout the project as a control measure to make sure all requirements are captured during the delivery process. Review of these items are done during the Architect and Configure stage of the project. The scope is more specifically described in the Service Parameters and other areas of this SOW and sets the limitaƟons of scope as reviewed and approved by the City of South San Francisco. . If a funcƟonal limitaƟon is idenƟfied that is responded to affirmaƟvely within the RFP response, Strada will make a reasonable effort to provide a solu Ɵon to the City via a workaround at no addiƟonal cost. The Workday PrescripƟve SoluƟon, module-level feature and funcƟonality of the Client’s Customer’s Tenant to be configured, tested and deployed by Strada includes the following: Phase 1a: • Core HCM • Absence • Benefits • Onboarding • Payroll • Time Tracking • Advanced Scheduling • Core Financials  FoundaƟon Data Model  Financial AccounƟng  Banking and SeƩlements  Customer Accounts  Supplier Accounts  Budgets  Business Assets • Procurement • Projects • Grants • PRISM Phase 1b: • Workday Financial & Workforce Planning (Formerly AdapƟve) Phase 2: • Talent OpƟmizaƟon (Talent + Succession) • RecruiƟng • Messaging • Learning In addiƟon, Client’s Customer has selected the following services provided by Strada:  TesƟng with AutomaƟon  Change Management  Readiness  Custom ReporƟng III. PROJECT DEPLOYMENT APPROACH 3 Strada’s Workday deployment methodology consists of the following stages: Plan, Architect & Configure, Test and Deploy. The specific tasks and deliverables to be completed within each of these stages are detailed in the Project ResponsibiliƟes secƟon located in the Appendix. Strada’s deployment methodology assumes the use of Strada specific tools, templates, and best pracƟces. The schedule and fees are dependent upon the use of Strada’s tools and methodology. IV. TIMELINE Phase 1a is based on a 68-week project Ɵmeline. The Ɵmeline assumes a Plan Phase start date of September 22, 2025 (the "Start Date") with a move to producƟon on September 18, 2026 (the "Move to ProducƟon Date"). Readiness acƟviƟes begin 8 weeks prior to the Start Date. StabilizaƟon support begins on the Move to ProducƟon Date and lasts for 8 weeks immediately following. StabilizaƟon support or hypercare does not confer ownership or responsibility for compleƟon. Readiness Planning Architect & Configure Testing Deploy Post Deployment Total Estimated Weeks 8 6 30 12 4 8 68 Start Date 07/28/2025 09/22/2025 11/03/2025 06/01/2026 08/24/2026 09/21/2026 07/28/2025 End Date 09/19/2025 10/31/2025 05/29/2026 08/21/2026 09/18/2026 11/13/2026 11/13/2026 Phase 1b requires a 28-week project Ɵmeline to complete this Statement of Work. The Ɵmeline assumes a start date of April 12, 2026, with a Live Date on October 2, 2026, followed by a 4-week stabilizaƟon and support stage. It also assumes that formal a project kick-off will take place on the week of April 20, 2026, marking the start of the Architect stage. The Ɵming and duraƟon of this project Ɵmeline are criƟcal components of the esƟmated professional fees and staffing for this defined scope of work, and any modifica Ɵon may result in the need for adjustment in accordance with the Change Order procedure. Planning Architect & Configure Testing Deploy Post Deployment Total Estimated Weeks 1 18 3 2 4 28 Start Date 04/12/2026 04/20/2026 08/31/2026 09/21/2026 10/05/2026 04/12/2026 End Date 04/17/2026 08/28/2026 09/18/2026 10/02/2026 10/30/2026 10/30/2026 The Phase 2 deployment project is based on a 24-week project Ɵmeline. The Ɵmeline assumes a Plan Phase start date of November 9, 2026 (the “Start Date”) with a move to producƟon on April 9, 2027 (the “Move to ProducƟon Date”). StabilizaƟon support begins on the Move to ProducƟon Date and lasts for 2 weeks. Planning Architect & Configure Testing Deploy Post Deployment Total Estimated Weeks 3 11 6 2 2 24 4 Planning Architect & Configure Testing Deploy Post Deployment Total Start Date 11/09/2026 11/30/2026 02/15/2027 03/29/2027 04/12/2027 11/09/2026 End Date 11/27/2026 02/12/2027 03/26/2027 04/09/2027 04/23/2027 04/23/2027 The detailed project plan shall be developed and finalized during the Plan stage based on the Ɵmeline below. Timeline 1. The Ɵming and duraƟon of this project Ɵmeline are a criƟcal component of the esƟmated professional services for this scope of work. If the Start Date is delayed, Client’s Customer must acknowledge that Strada’s ability to meet the target Move to ProducƟon Date is at risk. 2. Client’s Customer must acknowledge responsibility for idenƟfying appropriate project resources to complete the Workday recommended training path(s) in alignment with the Ɵming and duraƟon of the project. Failure to complete or deferment of training will result in a risk to the project milestones, and criƟcal arƟfacts. 3. Delays introduced by Client resulƟng in missed deadline dates for project milestones or criƟcal arƟfacts will impact Strada's ability to meet the target Move to ProducƟon Date. Delays introduced by Strada will be handled through a zero dollar change order. Project milestones include but are not limited to FoundaƟon Alignment, Customer ConfirmaƟon, and Vendor Workshops. 4. The parƟes agree to review any replanning or modificaƟons in the scoped effort of Strada resources as a result of Ɵmeline or scope impact through the Change Control Process. Strada will work closely with Client to idenƟfy the impacts of any delays and will discuss best available opƟons before collaboraƟvely determining next steps. V. PROJECT ASSUMPTIONS Employee Count and Geography Client’s Customer has an employee populaƟon of 1,200. The populaƟon may vary slightly over the course of the deployment; however, this populaƟon is the basis for scoping, planning, and pricing 1. PopulaƟons stated above reflect the esƟmated end-user populaƟon at the Move to ProducƟon Date. This includes but is not limited to full-Ɵme employees, part-Ɵme employees, conƟngent workers, agency contractors, independent contractors, temporary employees, seasonal employees, interns, and volunteers. 2. All other locaƟons are considered out of scope. Overall ResponsibiliƟes 1. Client’s Customer must agree to uƟlize Workday’s delivered business processes (“BPs”) across the enterprise. Business processes noted as modifiable in the assumpƟons secƟon of this document may be altered to remove steps, reorder steps, or change role assignment where the role exists in the delivered Workday pre-configuraƟon 2. Subcontractor will provide foundaƟon knowledge transfer to core CSSF project team members responsible for supporƟng the system in producƟon. This knowledge transfer will be accomplished through the CSSF’s acƟve parƟcipaƟon in project milestones, arƟfacts, and other related acƟviƟes. 5 3. CSSF will provide appropriate subject maƩer experts with decision-making authority for the duraƟon of the project. These resources are required to parƟcipate in project milestones, arƟfact compleƟon and other project acƟviƟes including but not limited to requirement gathering sessions, Founda Ɵon Alignment, Customer ConfirmaƟon, Vendor Workshops, tesƟng cycles and cutover. 4. Subcontractor will conduct a single set of sessions for all project related ac ƟviƟes, meeƟngs, or workshops. CSSF will own alignment and acceptance from internal stakeholders and global business process owners across all areas. 5. Subcontractor shall have the sole right to uƟlize its implementaƟon methodologies and other best pracƟces and to supervise and manage its RepresentaƟves performing the Services. Project AdministraƟon 1. The Subcontractor Project Manager will be responsible for management of Subcontractor owned tasks and responsibiliƟes. The Client’s Customer Project Manager will be responsible for management of Client’s Customer owned tasks and responsibiliƟes. 2. The Subcontractor Project Manager will be responsible for scheduling and seƫng the agenda for the project status meeƟng held weekly, not to exceed 60-minutes. The Subcontractor Project Manager will provide agendas before the meeƟng and when meeƟngs are recorded, make the recordings available aŌer the meeƟng is concluded 3. The Subcontractor Project Manager will act as the representaƟve of the Subcontractor team for the project status meeƟng. AddiƟonal Subcontractor personnel will aƩend the status meeƟng based on the health of the project, Ɵmeline, workstream health or cross-funcƟonal escalaƟons. The Subcontractor Project Manager will ensure the status report is updated prior to the status meeƟng. 4. At the close of Readiness, Subcontractor and Client’s Customer Resources will work jointly to ensure each workstream has a weekly scheduled session not to exceed one hour. The sessions will include requirements review, tesƟng support and knowledge transfer based on project Ɵmeline progress, with agendas before the meeƟng and recordings available aŌer the meeƟngs have concluded. 5. Subcontractor and Client’s Customer resources will be responsible for maintaining the project RAID log, located on the Subcontractor project Smartsheet workspace. Client’s Customer project manager will be responsible for following up on Client’s Customer-owned issues as indicated on the RAID log. 6. Client shall ensure that Client’s Customer shall contractually permit and arrange for access to Client’s Customer records requested by Subcontractor that are reasonably necessary to perform the Services under this SOW. Onsite travel or parƟcipaƟon will be governed by the Change Order process. 7. Client’s Customer will uƟlize Subcontractor’s system tools, templates, methodologies, and pracƟces for deployment, including but not limited to: project work repositories, data storage, tes Ɵng management, and an integraƟons database. A baseline inventory of tools and their purpose is included as Exhibit A. Any deviaƟon from Subcontractor’s standard tool set that is required by Client’s Customer will be subject to a change order to address Subcontractor’s addiƟonal effort and costs associated with using the non- standard tool(s). Tools usage includes but is not limited to the tools iden Ɵfied in Exhibit A.The Subcontractor team will use Subcontractor laptops, and all secured data will leverage Project security data transfer protocols such as Strada MFT / Move IT. Using alterna Ɵve or client laptops will require a change order and could significantly impact the project Ɵmeline. Subcontractor resources will not store any data locally or offshore on Subcontractor laptops. Subcontractor will not have access to PII data and if the Client mistakenly sends PII data, procedures will be followed to report the incident and remove the data as soon as the incident is known. 8. Client’s Customer is responsible for all aspects Steering CommiƩee meeƟng including but not limited to scheduling, agenda creaƟon, presentaƟon, and meeƟng execuƟon. Only the aligned Subcontractor PMO resource (e.g., Project Manager, or Program ExecuƟve) will aƩend. If addiƟonal aƩendees are required or Subcontractor is asked to prepare Steering CommiƩee content, an addiƟonal Change Order will be agreed upon between the Client and Subcontractor. The Subcontractor Program ExecuƟve or Project Manager will provide input into the Steering CommiƩee meeƟng content to be reviewed. 6 9. If at any Ɵme during the project, Client’s Customer or Subcontractor determines that the deployment approach is no longer appropriate, an immediate no ƟficaƟon should occur to the Project Steering CommiƩee so the effort can be re-planned, re-scoped and re-priced. 10. Any modules and funcƟonality not listed in Scope AssumpƟons are out of scope. AddiƟonally, any new funcƟonality delivered by Workday in an update aŌer the Architect & Configure phase of the project has been completed, as indicated by creaƟon of the configuraƟon tenant, is out of scope unless set out in this Statement of Work. 11. RelaƟve to integraƟon approach, Subcontractor will build, and unit test each owned integra Ɵon during the Architect & Configure stage. For outbound, unit tesƟng is the process of verifying that the output file from the integraƟon matches the requirements and the idenƟfied unit test cases are completed successfully. When possible, in the Architect & Configure stage, Subcontractor will send a file for confirmaƟon to the vendor to ensure that it passes basic formaƫng, transmission and structural needs. If not possible in the Architect & Configure stage, this will be done as part of End-to-End tesƟng. For inbound, unit tesƟng is a verificaƟon of the process to import a file to Workday. Securing a sample file from the integraƟon vendor to support this test is the ideal approach. If this is not possible the Subcontractor resource will mockup a test file and tesƟng with the vendor will happen as part of End-to- End tesƟng. a. Client’s Customer will inform and secure necessary contacts for each in scope integra Ɵon with the vendor prior to Customer ConfirmaƟon sessions. b. Client‘s Customer will provide specificaƟons and answer discovery quesƟonnaires for each interface prior to integraƟon workshops conducted during the Architect & Configure stage. c. Client’s Customer to provide contacts for all integraƟons in scope for seƫng up the iniƟal vendor sessions at the onset of the Plan stage. d. Client’s Customer is responsible for scheduling the iniƟal vendor sessions, coordinaƟng with the Subcontractor integraƟon team. e. Subcontractor will conduct integraƟons workshops in the Architect & Configure stage for each in scope integraƟon. f. Client’s Customer will approve documented requirements during within 5 business days of receiving draŌ documents from Subcontractor. g. Subcontractor will generate a design for each integraƟon during the Architect & Configure stage that are Subcontractor-owned or Shared Development. 12. The Strada Project Manager will coordinate the project with the Customer, in conjuncƟon with the CanAm team implemenƟng the Workday soluƟon via the Strada status calls, as well as other communicaƟon channels and informaƟon exchanges, including but not limited to, execuƟve steering commiƩee meeƟngs, email communicaƟon, the exchange of General Ledger accounƟng data, and CanAm’s Workday IntegraƟon SpecificaƟon DocumentaƟon. Strada and Client ObligaƟons 1. Subcontractor will provide Workday cerƟfied resources skilled in all in-scope domains to adequately and successfully fulfill Client needs within this deployment scope. Where possible for most criƟcal funcƟonal areas (e.g., Payroll, Benefits, Financial Accoun Ɵng, etc.), Subcontractor will staff resources with experience deploying Public Sector in California. Subcontractor client offshore resources work hours will overlap with the Client normal work hours by 4 hours daily either in the morning or aŌernoon hours or a combinaƟon of morning and aŌernoon. Client shall ensure Client’s Customer will contractually commit the necessary resources and management to perform their obligaƟons outlined in this SOW in a Ɵmely manner. Those resources will have appropriate training, subject maƩer experƟse and knowledge of Client’s Customer needs to perform their project responsibiliƟes. 2. Client shall ensure Client’s Customer resources allocated to the project will be contractually obligated to receive the necessary Workday training to fulfill their project responsibili Ɵes in advance of the Customer ConfirmaƟon Sessions. Delays incurred due to resources not taking the relevant training will be the responsibility of the Client. 7 3. Client’s Customer will be contractually bound to idenƟfy their ongoing / administra Ɵve support resources at the compleƟon of the Plan stage and validate those resources have received the necessary Workday training prior to the move to Workday producƟon. 4. Subcontractor hereby agrees and Client’s Customer shall also agree in its respecƟve contract to use commercially reasonable efforts to maintain the conƟnuity of its project team throughout the term of the SOW. Should Client’s Customer reasonably determine that a Subcontractor employee be removed from the project, (a) Client’s Customer will noƟfy Client who will then provide noƟce to Subcontractor and provide specific examples related to the business reason for such removal, (b) Subcontractor will have an opportunity to take appropriate developmental or disciplinary acƟon to prevent a recurrence of the issue based on feedback provided by Client’s Customer and (c) if employee performance does not improve, Subcontractor will, in good faith, replace the employee with a new team member within a Ɵmeframe that prudently enables a Ɵmely replacement while allowing Subcontractor to conƟnue to deliver on its commitments set forth in this SOW. 5. SolicitaƟon of Personnel. Each Party agrees that it shall not solicit for employment any employee of the other Party or any of its affiliates that performed or received Services under the SOW with whom such Party had contact in connecƟon with such Services during the term of such SOW and for a period of twelve (12) months aŌer the earlier of: (i) its expiraƟon or terminaƟon; or (ii) the employee’s compleƟon of his/her work under the SOW. Such restricƟon shall not apply to a Party’s general recruiƟng acƟviƟes that are not specifically targeted at employees or an employee of the other Party or any of its affiliates. VI. FEES AND INVOICING Based on the Project Scope, Project AssumpƟons and Project Timeline idenƟfied, Subcontractor esƟmates professional Fees for this effort are a total firm fixed price (FFP) as indicated in the table below exclusive of travel expenses. Strada will promptly noƟfy Client and CSSF at any Ɵme during the execuƟon of the Project Scope of this SOW if a requested scope change could result in a change that would follow the Change Order procedure. Strada will bill Client for its FFP using FFP installments using milestone-based invoices triggered by CSSF’s acceptance of the idenƟfied project milestone. If the project Ɵmeline changes at the request of the CSSF and there is agreement to modify the milestone payment schedule, this will be handled through the Change Order Procedure. The table below details the invoicing schedule with all monetary amounts expressed as US Dollars. Phase 1 Payment Approximate Invoice Date % of Contract Deliverable/ Milestone Amount 1 September 19, 2025 5% Readiness: Foundational Readiness; Systems readiness (data conversions, integrations, reporting) $135,233.00 2 October 31, 2025 15% Plan: Draft Project Plan Complete $387,201.00 3 February 28, 2026 25% Architect: Foundation Alignment Sessions Complete $639,420.00 8 4 May 30, 2026 20% Configure: End to End Tenant Build Complete $513,687.00 5 July 15, 2026 15% Testing: Sign off on End to End testing complete $387,201.00 6 August 30, 2026 10% Testing: Parallel payroll testing– 98% accuracy for payroll compare $261,467.00 7 October 1, 2026 5% Deploy: Production Tenant Build Complete $135,233.00 8 November 1, 2026 5% Post Deploy: Knowledge Transfer Complete Project Acceptance (10% Holdback) $125,567.00 Total $2,585,009.00 Phase 2 Payment Approximate Invoice Date % of Contract Deliverable/ Milestone Amount 1 November 30, 2026 15% Plan: Draft Project Plan Complete $47,711.00 2 February 15, 2027 40% Configure: End to End Tenant Build Complete $127,232.00 3 March 30, 2027 30% Testing: Sign off on End to End testing complete $95,422.00 4 April 30, 2027 15% Post Deploy: Knowledge Transfer Complete Project Acceptance (10% Holdback) $47,711.00 Total $318,076.00 Client will reimburse Subcontractor for the reasonable and necessary out–of–pocket travel expenses incurred by Subcontractor in connecƟon with the Services performed under this SOW, including air and surface transporta Ɵon, lodging, car rental, and meals, in accordance with the Subcontractor’s Travel and Expense Policy. All travel to CSSF locaƟons that may result in such expenses will be pre–approved by CSSF via Client. Subcontractor will invoice Client monthly for actual expenses incurred (expenses invoice) in the previous calendar month. The customer should budget for approximately 10% of the total FFP set out in Table 1 as the esƟmated out-of-pocket travel expenses unless otherwise agreed upon. Expense invoices will include each Strada resource that had billable expenses for the calendar month, including, resource name and total expenses. Any addi Ɵonal informaƟon required for payment must be idenƟfied in this Statement of Work. Financial reporƟng requests that exceed Subcontractor’s standard outputs may be subject to the Change Order procedure. 9 Client will submit payment for all invoices within 45 days of receipt of the invoice by Client. Interest at three percent (3%) per year will accrue on all past due amounts from the corresponding due date unƟl payment is received. Strada will communicate invoices and any supporƟng documentaƟon via email. Invoices will be sent to the following Client contact: Name: Iron Brick Associates, LLC Email: accounƟng@ironbrick.com Client PO# TBD Travel Arrangements. Personnel assigned by Subcontractor to perform the services requested by 's Customer will at Ɵmes be required to travel to Client’s Customer. The specifics of the travel arrangement are further detailed in this Statement of Work. Personnel assigned by Subcontractor will not be required to be at Client’s Customer more than four (4) days during the week. Personnel will make no flight connecƟons unless the layover is one and one half (1.5) hours or less. Personnel will make no more than one (1) connec Ɵon if other opƟons are available. Client’s Customer will need to contract with Workday directly for Training and Success Plan/Delivery Assurance services that are required by Workday on every deployment, and which are not part of this Statement of Work. Workday can provide guidance on appropriate training for Client resources par ƟcipaƟng in the project effort. VII. CHANGE ORDER PROCEDURE Notwithstanding the terms of the Agreement, any modified or addiƟonal scope of services that are not contained in this Statement of Work will require a formal Change Order request to be created. Subcontractor will inform CSSF and Client of Project Scope variaƟons at the end of the Architect stage. The Change Order Request will contain the following informaƟon:  DescripƟon of scope change  Client requestor  RaƟonale  Cost  Any potenƟal impact to project Ɵmeline  Any constraints/risks  Importance The Change Order Request will be reviewed and signed by the Client and Subcontractor Project Managers before Subcontractor begins performing the new services and any associated costs are incurred. Delays in Client’s agreement to a Change Order may result in the Change Order being fulfilled on a Ɵmeline later than the iniƟal deployment move to producƟon date. 10 Any Change Order for Fixed Fee project will use the table below for calculaƟon of fees. Strada will deliver the total cost as part of the Change Order request. Fixed Fee Rate CalculaƟon Table Role Rate Analyst $45.00 Senior Analyst $60.00 Associate Consultant $160.00 Project Coordinator $130.00 Consultant $225.00 TesƟng Analyst $180.00 Change & Training Consultant $225.00 Change Management Lead $270.00 Lead $270.00 Technical Project Manager $270.00 TesƟng Lead $270.00 Project Manager $270.00 Program ExecuƟve $365.00 FuncƟonal Architect $305.00 AdapƟve Lead $270.00 11 SIGNATURE This Statement of Work shall be aƩached to and incorporated into the Agreement and is subject to all the terms and condiƟons of the Agreement, except as modified herein. CITY OF SOUTH SAN FRANCISCO By: Name: Title: Signature Date: IRON BRICK ASSOCIATES, LLC By: Name: Title: Signature Date: 12 VII. SCOPE ASSUMPTIONS Appendix ConfiguraƟon Parameters Appendix Pre-Deployment Readiness Workday deployments are different than tradiƟonal on-premise implementaƟons. Workday has a rapid and iteraƟve deployment methodology, and you need to be prepared. Our readiness services will help you to iden Ɵfy potenƟal gaps and acƟons that can be addressed now to reduce system deployment risks and to get ahead of project resource planning. Our proposed services include the following key acƟviƟes over a 6-week period:  Pre-deployment readiness workshops include: o Stakeholder Interview o Project readiness o FoundaƟonal readiness o Data conversions o IntegraƟons o ReporƟng o Project team training – iniƟal planning o Cutover planning overview o Change Management readiness  IdenƟfy foundaƟonal items that can be addressed prior to the start of system deployment with a key focus on items such as organizaƟons, staffing model, and job catalog. Introduce key design decisions such as posiƟon management approach, manager self-service approach, and system workflow guiding principles.  Stakeholder interviews with key PMO leaders and/or business unit leaders will be conducted to iden Ɵfy potenƟal risks to the project, business concerns, etc.  These workshops allow a jump-start on deployment project planning including defining your project governance model, project Ɵmeline, project guiding principles, project resource needs, project team roles and responsibiliƟes, and training needs 13 Test Management Services EssenƟal TesƟng with AutomaƟon Area Scope Workshops and meeƟngs  Test Lead Checkpoints  TesƟng Workstream Kickoff  IntroducƟons  Timeline/Project Plan Review  Test Strategy Review  ConfiguraƟon Unit Test (CUT) Plan Workshop  CUT ExecuƟon Kick Off and Jira training  Strada Test AutomaƟon IntroducƟon  End to End Test (E2E) Plan Workshop  E2E ExecuƟon Kick off MeeƟng  IntegraƟon Test Approach  Defect review meeƟng support  Phase Exit MeeƟngs ArƟfacts  Test Strategy  Test Plans - ConfiguraƟon Unit Test, End to End Test, IntegraƟon  Weekly Program Test Status Report  Project Plan  Baseline CUT Test Scenarios  Jira Training PresentaƟon  Jira Reference Guide  E2E Baseline Scenarios  IntegraƟon Tracker/Schedule Template  Example IntegraƟon Test Scenarios  RealƟme metric reporƟng  Phase exit workbooks (CUT & E2E)  Summary extract of Jira scenarios & bugs Jira tesƟng tool support  Set up project  Add Jira dashboards  Add ExecuƟve Summary reports  Add users  Load test scenarios  Load conversion defects  Audit Jira 14 Change Management Services What follows is a summary of acƟviƟes and deliverables included in Strada’s change management support model. AcƟvity/Deliverable Scope Stakeholder Analysis Using Strada’s template, perform high-level analysis to determine specific stakeholders and stakeholder groups that require regular change management interacƟon; client to provide inputs Impact Analysis Using Strada’s template, perform detailed analysis in conjuncƟon with funcƟonal/technical SMEs to capture key variaƟons from current state to future state; changes may be technical, policy, process, cultural, or organizaƟonal in nature. Client to provide inputs. Change Management Strategy Establishes the overarching framework for the Change Management Workstream; includes overall scope, overview and goals, framework for delivery, risks and success measures, and a high-level Ɵmeline CommunicaƟon & Engagement Plan, including delivered communicaƟons Detailed approach that reflects target audience, key messages, communicaƟon channels, etc.; to ensure that key messages are communicated in a controlled fashion, to the right audiences, at the right Ɵme, in the right manner. Includes up to 30 delivered communicaƟons. Training AcƟvity/Deliverable Plan, including training materials and delivery Detailed, role-based approach that reflects training objecƟves/approaches for each acƟvity for key audiences; includes the following:  Up to 35 job aids  One microlearning video  One concept deck  Up to 30 hours of co-facilitation support via train-the- trainer/instructor-led training Sustainment Strategy Development of strategy for ensuring the organizaƟon is ready to sustain change over Ɵme, achieve target adopƟon rates and prepared for ongoing tool releases; includes counsel on Workday-provided support resources Measurement: Business Readiness, AdopƟon Measurement Metrics-based approach to validate that end-user readiness/adopƟon is on track to achieve target levels:  Series of pre-go live (two) and post-go live (one) pulse surveys that provide insights into effectiveness of change management efforts. Includes review of findings and strategic recommendations (if nec.)  Identification of metrics/measures that serve as indicators of attaining target adoption levels Detailed Work Plan Development and ongoing management of work plan for the Change Management workstream 15 Change management scope is based on the following assumpƟons:  Strada will retain leading role/execuƟon of change management acƟviƟes and deliverables as the overall workstream progresses across both Phases 1 and 2  Strada will provide access to tools, templates, consulƟng support throughout the deployment  Strada will provide project management support for the change management work, including a detailed plan and review schedule and PMO reporƟng  Core communicaƟon audiences for Strada-led materials includes business-facing Field HR/Finance Professionals, Managers and Employees; focus is on “enterprise” materials; smaller audiences with unique needs and/or tailoring are client-retained (e.g. “targeted”)  Client will own the distribuƟon of communicaƟons, training, and readiness surveys. CommunicaƟons and training to support both Phase 1 and Phase 2; readiness surveys limited to Phase 1 only.  Core training audiences for Strada-led materials includes business-facing Field HR/Finance Professionals, Managers and Employees; excludes super users, project team members, OperaƟng Model/Tier 1 support, back-office teams, etc.  Job Aids provide step-by-step instrucƟons and are single-sided/created in Word/PDF o HCM-specific job aids are two-to-three pages in length o Financials-specific job aids are four-to-six pages in length.  Training/microlearning video is a short (1-3 minutes in length) recording of the system that provides tool navigaƟon overviews. It includes supporƟng text on the screens, with audio, created in Camtasia.  Concept deck provides an overview of basic Workday concept(s). It includes up to 15 slides (with speakers notes), created in PowerPoint.  Strada to provide co-facilitaƟon support for train-the-trainer/instructor-led training of up to 30 hours; client to provide co-facilitaƟon support plus retain ownership for coordinaƟng all logisƟcs (e.g., distribute invites, secure rooms, etc.). PresentaƟon style materials are comprised of a PowerPoint deck (two total versions), up to 20 slides (plus speakers notes).  Strada will provide a workstream Subject MaƩer Expert (SME) to review training and communicaƟons content for technical accuracy  Client will provide SMEs review and approve training and communicaƟons materials based on a pre-defined development schedule  All communicaƟon and training materials are subject to a three-draŌ review/approval process (first, second, final) and are provided in American English; any needs for translaƟon of materials are client- retained  Change Management is dependent upon a tenant to capture screenshots for communicaƟons and training materials  This soluƟon is targeted for the go-live date; to the extent feasible, training materials will be built with a long-term sustainability lens HCM ReporƟng Module Module Sub-Group FuncƟonality Scope HCM Reports Complete suite of Workday delivered reports for in-scope FuncƟonal Areas as supported by the current commercially available Workday release In scope 16 Module Module Sub-Group FuncƟonality Scope Fit Gap Analysis for Legacy ReporƟng Requirements - Using Client provided key report inventory and report samples, Strada will work with Client to define custom report needs, hours effort esƟmates, and priority. Strada will idenƟfy which Workday delivered reports can be cloned and modified to meet Client’s reporƟng needs, and when a custom report would be required.  Output from this assessment will be a raƟfied report inventory. Up to 40 hours Analysis for up to 20 Client key exisƟng reports ReporƟng Pool Hours - Prior to the development of any custom reports, Strada will conduct a requirement gathering workshop(s) for the idenƟfied scope. Client will be responsible for compleƟng Strada’s report quesƟonnaire as input to requirements gathering workshop. The Business requirements document will serve as the blueprint for the design and build of each report. Strada will develop custom reports based on priority unƟl any remaining reporƟng pool hours have been used, if applicable. Any remaining custom reports not covered by the reporƟng pool hours that the Client would like developed can be included as part of the standard change order procedure. HCM custom reporƟng pool can be uƟlized for:  Knowledge Transfer to assist Client in building custom reports.  Custom Dashboards including Workday delivered reports or custom reports.  Custom business form layouts delivered via Workday Studio Report Designer (BIRT)* *Custom Business Form Layouts delivered via Workday Studio Report Designer. Up to 100 hours CalPERS and State Transparency reports including EE0-4 report In scope Finance ReporƟng Module Module Sub-Group FuncƟonality Scope AssumpƟon FINS Reports Complete suite of Workday delivered reports for in-scope FuncƟonal Areas as supported by the current commercially available Workday release. In scope 17 Module Module Sub-Group FuncƟonality Scope AssumpƟon Fit Gap Analysis for Legacy ReporƟng Requirements - Strada will lead a reporƟng workshop to assess the fit/gap between Client’s exisƟng report inventory from current legacy system(s) and that of Workday delivered reports/Strada’s Point of View (POV) reports. Client will be responsible for providing current state report inventory to facilitate assessment. Output from this assessment will be a raƟfied report inventory. Up to 40 hours Analysis for up to 20 Client key exisƟng reports Custom reporƟng - Prior to the development of any custom reports, Strada will conduct a requirements gathering workshop(s) for the idenƟfied scope. Client will be responsible for compleƟng Strada’s report quesƟonnaire as input to requirements gathering workshop. The Business requirements document will serve as the blueprint for the design and build of each report. Strada will develop custom reports based on priority unƟl any remaining reporƟng pool hours have been used, if applicable. Any remaining custom reports not covered by the reporƟng pool hours that the Client would like developed can be included as part of the standard change order procedure. Custom reporƟng pool can be uƟlized for:  Knowledge Transfer to assist Client in building custom reports  Custom Reports and/or Worklets  Custom Dashboards including Workday delivered reports Up to 260 hours Financial Statements Standard Scope includes Balance Sheet, P&L/Income Statement, Trial Balance Report. In Scope Client reporƟng resources are strongly encouraged to complete Workday’s Report Writer training class prior to the reporƟng test phase. Strada does not provide Report Writer training. Client will be responsible for the migra Ɵon of Custom Reports created by the Client team. The below table is an esƟmate of report development hours based on complexity to be used as a guideline for Client’s reporƟng scope requirements. Hours are comprehensive per report and include the effort required for the requirements assistance, design, configuraƟon, and tesƟng of each report. Complexity ReporƟng Scope DescripƟon Low Low complexity report with a single data type per report (Demographic, Benefits, Payroll, etc.) Medium Matrix or Advanced Report High Report with more than 1 component (transformaƟon, mulƟple report consolidaƟon, Pre-defined Excel with formulas, PDF output, etc.). All BIRT and Composite reports. FuncƟonal ConfiguraƟon Parameters 18 This appendix idenƟfies the assumpƟons associated with the deployment approach. These parameters encompass the recommendaƟons on scope volume or exclusion based on the availability of pre-configuraƟon to accelerate deployment for the iniƟal go live. Column DefiniƟons The following table clarifies the columns included in this appendix. Column Name Column DescripƟon FuncƟonal Area FuncƟonality provided within Workday or scope groupings such as Modifiable Business Processes (Modifiable BPs), ReporƟng or Data Conversion. This secƟon also captures “Features Not Deployed as Part of this SOW for IniƟal Go Live”, which does not preclude the customer from deploying it at a later Ɵme, it only limits the funcƟonality from the iniƟal go-live to define a manageable scope that can be configured, tested and deployed within the Ɵmeline of the deployment. Feature DefiniƟon ClarificaƟon or definiƟon of FuncƟonal Areas or Scope Areas Scope AssumpƟons Values  In Scope = will be configured for customer where necessary to meet customer's business requirements within reasonable ranges given the SOW employee count and geography  WD Delivered = Workday Delivered funcƟonality or pre-configuraƟon provided on an as-is basis  Up to = a boundary on configuraƟon volume for the funcƟonal area to aid in scoping effort for Strada and Client teams Thresholds in the scope assumpƟons column are considered maximum scope, actual volumes deployed is based on what is provided by Client. Reducing or increasing volumes in the scope assumpƟons listed below might not always have a direct impact on cost esƟmates, depending on the amount of foundaƟon configuraƟon required for the enƟre area of work. (For example, creaƟng an addiƟonal salary plan does not take the same amount of Ɵme as creaƟng the first one as it can re-use some of the configuraƟon done previously. Similarly, reducing the scope by 1 salary plan will not have a significant impact on the overall effort, as the foundaƟon configuraƟon needs to be done for the remaining plans anyway. However, the number of Absence or Benefit plans, due to their potenƟally complex nature, is more likely to have a direct impact on the effort and cost. Hence, any change to scope and its poten Ɵal impact on the project duraƟon and/or budget will need to be assessed on a case-by-case basis). Delivering less than a declared threshold does not amount to a “service credit” to be used elsewhere. HCM Parameters FoundaƟonal 19 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons OrganizaƟonal Management OrganizaƟons are groups of resources, workers, costs, and other organizaƟons for business process rouƟng, security, analysis, and reporƟng. Along with roles and hierarchies, organizaƟons are part of the foundaƟon that provides configurable and contextual security within Workday. The way that organizaƟons are configured influences everything from staffing models and role assignments to physical locaƟons and reporƟng. In Scope Address LocalizaƟon Workday formats address based on locaƟon In Scope Staffing Management PosiƟon Management vs Job Management Staffing model In Scope Contact InformaƟon Employee’s primary and addiƟonal Phone, Address, Work, Email Data In Scope Personal InformaƟon DOB, Place of Birth, marital Status, Race Ethnicity, CiƟzenship In Scope Job and PosiƟon Assignment All workers are assigned to a specific posiƟon vs Job Management - no defined quanƟty WD Delivered Supervisory OrganizaƟon and Hierarchy Supervisory OrganizaƟons group workers into a management hierarchy. Supervisory OrganizaƟons can be a business unit, department, group, or project. Jobs, posiƟons, and compensaƟon structures are associated with supervisory organizaƟons and workers are hired into jobs or posiƟons associated with a supervisory organizaƟon. Each worker can only be a part of one supervisory organizaƟon. One Supervisory Hierarchy LocaƟons and LocaƟon Hierarchy LocaƟons where workers work; Hierarchy is a roll up of the locaƟons with the workers and is used for reporƟng purposes Up to 500 LocaƟons in One LocaƟon Hierarchy Companies and Company Hierarchies Reflect your legal enƟƟes. There should only be one FEIN per company. Hierarchy is a roll up for reporƟng purposes. Up to 25 Companies in One Company Hierarchy 20 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Cost Centers and Cost Center Hierarchy Cost centers are used to group workers by related revenues and expenses. Track financial transacƟons and HCM transacƟons with a financial impact, such as hiring or terminaƟons Up to 500 Cost Center OrganizaƟons in One Cost Center Hierarchy Custom OrganizaƟons and Hierarchy AddiƟonal organizaƟon used when WD orgs will not capture client’s organizaƟonal requirements. Up to 2 Custom OrganizaƟons in One Custom OrganizaƟon Hierarchy Currencies Currency rate types enable you to establish more than one conversion rate for the same currency pair and Ɵme period. In Scope Employee Types A user-defined type that you assign to each employee when the employee is hired. Primarily informaƟonal only; you can search or filter employees by their employee type. However, you can designate a type as Fixed Term Employees, and employees of that type have fixed end dates of employment. Up to 10 ConƟngent Workers Contractor, Consultant, Vendors, etc. In Scope Pre-Packaged Business Processes Standard business process used by most organizaƟon for transacƟonal purposes Business Process Framework for all orgs, manager, and employee self- service Language Support (TranslaƟons) This covers the translaƟon of client provided data within the available Workday fields English Only Delivered Security Model Assign security at the top level of the hierarchy, then uses WD's inheritance for visibility and support WD Delivered Two Factor AuthenƟcaƟon 2 step authenƟcaƟon process for sign on In Scope 21 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Mobile Mobile funcƟonality for security groups acƟvated for the following funcƟonality: People Directory with search, OrganizaƟon Chart, Workfeed Inbox, Self-Service tasks, Announcements, Time Entry, Time Off, Pay slips, Expense Reports, Worker Profile, Personal Notes, Performance Reviews, Delivered Dashboards & reports only WD Delivered Standard NoƟficaƟon Templates When Workday uses an email template, it constructs the message from the specified elements in order WD Delivered noƟficaƟon configuraƟon Standard Dashboards & AnalyƟcs Workday delivers dashboards with worklets that are specific to them. WD Delivered ReporƟng Reports delivered by Workday as part of their reporƟng library. Standard Dashboards & AnalyƟcs 500+ Delivered Workday Reports Data Conversion Ties the employees to all funcƟonal area’s configuraƟon data Scope is defined for each respecƟve funcƟonal area below Workday Today Workday delivered home page including 4 standard cards. WD Delivered Workday Assistant Delivered digital assistant help for end users within Workday. WD Delivered Funds Funds are used to manage how clients consume their grants. Fund worktags idenƟfy the sources of funding when associated with spending acƟviƟes on awards. These worktags are typically Federal, State, and Other. Up to 150 Financial Custom Worktags Up to 2 Core Human Capital Management (HCM) 22 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Core HCM The Core HCM module includes the following features and funcƟons:  HCM Basics  Basic CompensaƟon  Set-up, manage, and report on contact informaƟon such as address, phone numbers, and email addresses  Set-up and manage compensaƟon guidelines (grade, grade profiles, grade steps), compensaƟon basis, and eligibility rules  Define job families, job profiles, job classificaƟons, management levels, and other job-related setup data In Scope OrganizaƟons (Supervisory, Cost Center, Company, Region, LocaƟon) and Associated Hierarchies Supervisory OrganizaƟons - group workers into a management hierarchy. Cost Center - used to group workers by related revenues and expenses. Companies - are the primary organizaƟon type used by Workday Financials. A company in Workday equates to a single tax ID within your enterprise, based on your configuraƟon. Region - Customer-specific regions reflect the area of responsibility for a worker instead of work locaƟon. LocaƟon - represents a work locaƟon that will include the physical address as well as addiƟonal details such as email and phone number(s). Up to 1 Hierarchy per organizaƟon structure Establishments Establishments support compliance with local regulatory reporƟng by combining a worker‘s legal enƟty and locaƟon. In Scope 23 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Employee and Manager Self-Service ESS – Phone, Address, Work, Email Data, DOB, Place of Birth, marital Status, Race Ethnicity, CiƟzenship MSS – Hire, Change Job, CompensaƟon TransacƟon, TerminaƟon, and other processes that pertain to their direct reports In Scope Job Catalog Job Families & Job Family Groups - help to organize and group job profiles, as well as allow you to use these groupings as criteria in condiƟon rules or compensaƟon eligibility rules. Job profiles can be added to a job family, and job families can be added to job family groups. Job Profiles - enable you to describe general characterisƟcs of a posiƟon and idenƟfy special skills, training, or other qualificaƟons. A job profile can be assigned to mulƟple posiƟons or workers. In Scope PosiƟon Management Staffing Model PosiƟon management staffing model is used when a single posiƟon is created to be filled. To hire, promote, demote, contract or transfer into a posiƟon, there must be an approved and available posiƟon as of the worker’s start date. PosiƟons can open aŌer a job change and can be moved from one supervisory organizaƟon to another as part of a job change. A posiƟon can be closed if it is no longer needed. Up to 5000 PosiƟons for AcƟve Workers ShiŌs Captures employees working within a different Ɵme during the day. OŌen used for reporƟng. Up to 5 Delivered Security Groups, Roles The security group and role links the assignee allows an employee to view or view and modify access WD Delivered 24 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Management Types & Management Level Hierarchy The management level hierarchy allows a customer to define the hierarchy of management levels such as manager, vice president, and so forth. Management levels can be used for reporƟng or in the creaƟon of condiƟon rules and business process workflow, as well as eligibility rules. Up to 9 Management Type values in One Hierarchy Personal Data, Contact InformaƟon, ID InformaƟon Employee personal informaƟon In Scope Emergency Contact InformaƟon Employee Emergency Contact In Scope Employee Photos Pictures within WD In Scope EducaƟon A library of schools, degrees, and fields of study can be set up in Workday, and workers and can use these to manage their educaƟon record on the worker profile. EducaƟons can also be assigned on the job profile. In Scope Job History Employee's job history in profile In Scope Language Tracking Enables language proficiency level tracking for employees Includes delivered languages, ability types and proficiency levels Service Dates Allow the customer to bridge the gaps between dates of employment In Scope Worker Types CategorizaƟon of worker type for legal purposes In Scope Job RequisiƟons Is a process used to request a hire In Scope Basic CompensaƟon Management FuncƟonality to support Grades, Grade Profile, CompensaƟon Package, Hourly Plan, Salary Plan and Period Salary WD Delivered CompensaƟon Package A compensaƟon package is a grouping of compensaƟon guidelines (grades, grade profiles, and their associated steps) and plans that you can assign to workers as a set. Packages provide a quick view of the eligible plans for a parƟcular job or group of employees. Up to 1 25 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Delivered CompensaƟon Basis A compensaƟon basis groups compensaƟon components to define esƟmated earnings for different employee populaƟons. WD Delivered Salary Plan Salary plans within Workday are assigned to eligible employees. For amount-based and unit-based plans, you can include or exclude the prorated compensaƟon for employees assigned to a specific plan based on their full-Ɵme equivalent hours percentage (FTE %) as a default on the salary plan. Eligibility rules are created to determine which employees are eligible for the plan. Up to 1 Hourly Plan Hourly plans designate compensaƟon for hourly employees. Eligibility rules are created to determine which employees are eligible for the plan. Up to 1 Allowance Plans Allowance plans are payments included as part of an employee’s pay and could include something as common as car or cell phone allowances to vouchers for movie Ɵckets. The allowance plan can be: • Amount based • Percent based • Unit based Up to 20, excluding reimbursable allowance plans One Time Payment Plans Facilitate ad-hoc payments to your employees Up to 5 Shell Commission Plan A performance measure, such as sales or gross profits, to determine payout. Up to 1 Period Salary Plan A plan that enables you to assign extra months, weeks, or days of pay to employees Up to 2 26 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons CompensaƟon Statements Wage TheŌ PrevenƟon NoƟce: WriƩen noƟce of wage rates to employees Total Rewards: Statement that displays a breakdown of base pay, bonuses, health and other benefits, stock, commissions, etc. 1 Delivered Wage TheŌ NoƟce and one addiƟonal configurable Wage TheŌ NoƟce 1 simple Total Rewards statement without Payroll results Unions Set-up of Unions that employees belong to Up to 8 CollecƟve Agreement Set up collecƟve agreements as a stand-alone business process or as a sub process of the Change Job business process to specify how local labor laws apply to your business. Up to 20 Modifiable BPs Use pre-configured BPs  Hire Employee  Terminate Employee  Create and Edit PosiƟon  Change Job  Request One Time Payment  Request CompensaƟon Change  Contract ConƟngent Worker  End ConƟngent Worker Contract  Propose CompensaƟon Hire  Propose CompensaƟon Change Event Categories and Reasons Reasons for transacƟonal purposes that can be used for reporƟng In Scope Tenant Branding Look and feel of Workday producƟon tenant. Up to 1 logo, 1 banner, and 1 mobile logo Announcements CommunicaƟon on worker's home page. Up to 1 for onboarding 27 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Data Conversion Process of applying all organizaƟonal, compensaƟon, employee, financial and data configuraƟon to an employee in order to populate the Workday tenant.  Up to 3,500 Workers Including Associated Personal Data  Up to 7,000 Terminated Workers (Using Former Worker Object)  Job and CompensaƟon History - Unlimited "History from Previous System (Post producƟon)  Includes Loading of Employee Photos  No TransacƟonal History  AƩachment of Third Party Documents out of Scope  Up to 3 years of cerƟficaƟons, educaƟon, licenses and training Dashboards A grouping of reports and informaƟon accessed on a single view. Other standard dashboards as delivered by Workday Onboarding FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Onboarding Setup Welcomes the new hire and provide them with Helpful Contacts and ‘People to Meet' during their first day or week of employment WD Delivered BulleƟn Worklet for Onboarding BulleƟn worklets deliver tailored messages to different groups of workers. CondiƟon rules can be defined with each message to determine who receives the message. Up to 10 28 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Custom Onboarding Templates Gives managers a starƟng point for engaging new hires onto their teams. You can create custom templates for different organizaƟons or worker types and match them to new hires based on eligibility rules. You can then send them to managers so that they can customize the content in the From My Manager and Helpful Contacts worklets. Up to 10 I-9 FuncƟonality The electronic Form I-9 is for newly hired and rehired employees who work in the U.S. WD Delivered FuncƟonality Setup I-9 Create electronic Form I-9s for U.S. employment verificaƟon. WD Delivered Onboarding Dashboard Configurable dashboard with new hire informaƟon In Scope ReporƟng WD Delivered Reports Modifiable BPs AddiƟonal validaƟon or condiƟon rules added to mulƟple steps of a BP for rouƟng purposes  Onboarding (15 Documents in Review Step)  Onboarding Setup Data Conversion N/A Excluded from Scope Benefits FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Benefit Groups (Including Eligibility Rules) Benefit Groups are used to define a populaƟon of workers who qualify for similar benefits plans, rates, and processing. Workday enables you to create benefit groups dynamically using eligibility rules to define membership criteria. The workers who meet the criteria specified in a Benefit Group eligibility rule are automaƟcally assigned to that group. For instance, benefit groups can be created based on eligibility rules that assign execuƟve management staff to one group, salaried employees to a second group, and hourly employees to a third group. Up to 4 for acƟve workers 29 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Benefit Plans (including all components, such as eligibility rules, coverage Ɵers, and rates) Benefits Plans define the coverage levels or amounts available to employees enrolling in an insurance, health care, defined contribuƟon or spending account plan. Benefit Plan also idenƟfies the populaƟons (e.g., employee, employee + spouse, employee + children, etc.) eligible for benefits. Finally, it provides restricƟons on the age(s) of the covered dependent(s) as well as plan rates and costs. Up to 50 plans ReƟrement Savings Plans - Only for outbound CCB demographic data and/or inbound ElecƟons Benefit Eligibility rules Create the condiƟon rules that Workday uses to idenƟfy an employee's eligibility for a benefit group, or plan, or dependent's eligibility for benefits. In Scope Rules based on custom Id’s, custom fields or hours worked excluded Benefit Events (Plus Conversion Events) An event in the employee‘s life that gives the employee the opportunity to change benefit elecƟons. These include staffing changes (such as geƫng hired or promoted) as well as "life events" such as geƫng married or having a child Manage Benefit Enrollments Due to Eligibility Changes and Life Events. Pre- configured Staffing Events and SecƟon 125 core events Up to 4 addiƟonal events Reinstatement Events An event in the employee‘s life that gives the employee the opportunity to change benefit elecƟons due to a return from leave or rehire. This configuraƟon can allow rehires/returnees from leave to default into their previously elected benefits. Out of Scope Passive Events Passive Events are used to idenƟfy employees, or an employee’s dependents, which are either gaining or losing benefit plan eligibility because of the passage of Ɵme. You can configure whatever passive events to suit your business needs for the milestones that occur. Up to 3 Enrollment Event Types An event in the employee‘s life that gives the employee the opportunity to change benefit elecƟons. These include staffing changes (such as geƫng hired or promoted) as well as life events such as marriage and childbirth. Manage Benefit Enrollments Due to Eligibility Changes and Life Events. Pre- configured Staffing Events and SecƟon 125 core events Up to 4 addiƟonal events 30 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Enrollment Event Rule Enrollment Event Rules are rules that determine how different benefit groups will receive their benefits based on a number of factors including coverage begin/end dates, maximum coverage level or amount increases, waiƟng periods, evidence of insurability requirements and other differenƟaƟng features and condiƟons of enrollment events among benefits groups. An Enrollment event is any event that results in a gain or loss of benefits coverage. This covers both open enrollment and benefit events such as a new hire and terminaƟon. One Pre-Configured Enrollment rule for Sec 125 events. Client input limited to coverage begin, coverage end, deducƟon begin, deducƟon end, and EOI Rules. Benefit Defaults Workers may be defaulted into a plan or plans during a benefit event if no acƟve elecƟons are made. In Scope Manage COBRA Eligibility COBRA records can be created for eligible workers and dependents based on configured reasons. These records can be passed to the COBRA provider via integraƟon. DesignaƟons for ParƟcipants Who Lose Coverage Manage Evidence of Insurability Evidence of Insurability records can be created during applicable benefit events based on configured rules. Benefit Administrators can use a delivered report to track and eventually approve or deny employees pending EOI approval. In Scope Cross Plan Enrollment Rules Coverage opƟons available to workers during an enrollment event based on their choice of other benefit plans and coverage amounts. For example, you can limit coverage in a specific plan to a percentage of the total coverage in one or more other benefit plan Up to 5 Derived Coverage Targets Coverage targets are automaƟcally determined based on the selected covered dependents during an enrollment. In Scope Open Enrollment Benefits enrollment process for employees Up to 1 Open Enrollment event configured and tested 31 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Enrollment InstrucƟons InstrucƟons on each page of the enrollment screens to provide worker with addiƟonal perƟnent informaƟon In Scope Core ACA FuncƟonality: ACA Measurement Periods and Eligibility, ACA Dashboard, Setup for 1094-C and 1095-C Reports ACA eligibility and processing For new hires, Workday uses passive events to determine eligibility for benefits according to the Affordable Care Act standards. Passive events, using the ACA Measurement Period Eligibility Rule type, determine: • Whether a measurement period must be recorded. • Whether a worker‘s hours during a measurement period make the worker full-Ɵme. The result is defined in the Qualified As ACA Full-Ɵme field. Next, the condiƟon rule called If there is an effect on employee benefits? Determines whether a benefit event is created. For ongoing workers, Workday uses open enrollment to determine eligibility for variable hour, part-Ɵme employees. When you add the Qualified As ACA Full- Ɵme field to eligibility rules for the benefit group and plan, those workers are now considered for open enrollment In Scope Stability Period = 1 Calendar Year aligned with Open Enrollment Modifiable BPs Use pre-configured BPs Can add up to 3 steps to the Change Benefits for Life Events BP  Change Benefits for Life Events  Dependent Event  Change Benefits  Passive Event Data Conversion Conversions resources will load Current Benefit ElecƟons, Dependents & Beneficiaries, and Medical History for Current Year for ACA ReporƟng into tesƟng and producƟon environments. If applicable, Benefit Annual Rates will be loaded. ACA Worker Hours and Wages will be loaded for a maximum of one benefit group and 2 historical medical plans, 1 self-funded & 1 fully insured  Current Benefit ElecƟons  Dependents & Beneficiaries  Medical History for Current Year for ACA ReporƟng  Benefit Annual Rates  ACA Worker Hours and Wages (ACA historical Setup assumpƟons - 1 group and 2 plans, 1 self-funded & 1 fully insured) Absence Management 32 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Time Off Plans Track short term Ɵme away from work (i.e., VacaƟon, PTO, and Personal). Non-Accruing Plans: Non-balance tracking plans, zero accruing plans for balance loading/overrides only, no calculated accruals. Accruing Plans: configured accrual calculaƟons and balance tracking Up to 15 total Time Off Plans (10 Non- Accruing Plans, 5 Accruing Plans) WD Delivered for Days to Include, Balance Periods, Daily QuanƟty defaults, Lower Limits, Upper Limits, Carryover Limits/ExpiraƟon. Excludes Absence Tables; MulƟ-Year Upper Limit ExpiraƟons; Dynamic CalculaƟons Time Offs Time off aƩributes Ɵed to Ɵme off plans 5 Time Offs per Accruing Plans 3 Time Off per Non-Accruing Plans WD Delivered Ɵme off entry validaƟons and validaƟon messages Accruals Calculated accruals for balance tracking Ɵme off plans. Low complexity proraƟons included (days in period, claw back configuraƟon) 5 per Accruing Plans 3 per Non-Accruing Plans WD Delivered proraƟons and scheduling Related CalculaƟons CalculaƟons used by the Absence CalculaƟon Engine to return values. In Scope Holiday Statutory/Company Holiday Calendars Up to 12 Work Schedule Calendars Specify the days workers are scheduled to work and the start of the work week Up to 5, with 3 paƩerns per work schedule Leaves Leave plans to track long term Ɵme away from work (i.e., Short Term Disability, Long Term Disability, FMLA Leave Banks) Basic Leave types for tracking leave of absence events. Basic leave does not have enƟtlement calculaƟons and is used to track leave type, status, and dates only. Non-EnƟtlement: configure leave type, leave impacts, leave eligibility only; no calculated enƟtlements Advanced leave types for tracking leave of absence events. EnƟtlement: configure basic setup, plus configure enƟtlement calculaƟons for leave balance tracking, leave addiƟonal fields, leave reasons Up to 10  Up to 5 Basic Leaves (non- enƟtlement tracking)  Up to 5 Advanced Leaves (enƟtlement tracking) WD Delivered validaƟons and supporƟng data. 33 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons External Earning Codes Created when a payroll interface or report requires mapping to send Ɵme off data 1 Earning Code per Time Off Plan Leave Segment Security Parameters to allow for Leave of Absence security segments Use Strada Delivered ConfiguraƟon for ESS, MSS, Partner/Admin Custom Security ConfiguraƟon of IntersecƟon Security for Absence Management Up to 2 custom security groups to support Employee Self Service and Manager Self Service to restrict Absence to eligible populaƟons only Absence Setup Absence Type Groups act as “folders” and help the user navigate to the appropriate leave or Ɵme off plan when requesƟng. Team Absence is the absence calendar display for managers and their direct reports, as well as employee as self and their coworkers. Absence Manager Dashboard Strada Delivered ConfiguraƟon for Absence Type Groups: 3 total  1 for Time Off, 1 for Leave of Absence, 1 for Do Not Request (terminaƟon payout/adjustment Ɵme offs) WD Delivered Dashboards and worklets Team Absence:  Strada Delivered ConfiguraƟon; 1 maximum setup for each of the following: manager self- service, employee self-service Unions Track and report on union membership for workers Up to 8 Workday Assistant Workday Assistant for ESS Time Offs Included with WD Delivered funcƟonality Modifiable BPS WD Delivered Can add/edit up to 2 steps per process unless otherwise indicated  Absence Calendar – iniƟaƟon step only  Correct Time Off  Request Time Off  Assign Work Schedule  Request Leave of Absence  Request Return Leave of Absence  WD Delivered Business Process NoƟficaƟons 34 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Data Conversion Process of loading Time Off Balances and Leave history into the tenant.  Time off Balance Conversion Included  AcƟve Leaves for the Previous 12 Months  Time Off Event Conversions Excluded Payroll FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Pay Components (Earnings and DeducƟons) Earnings and deducƟons, also known as pay components, are the fundamental building blocks of payroll calculaƟons. Complex earning calculaƟons are defined as anything OUTSIDE the following list: Salary earnings code where rate is pulled from comp, Hours * rate where rate is pulled from comp, group term life imputed income pulling the taxable amount from benefits, and simple pay input where the client calculates the amount of the earning outside of the system and loads it thru EIB or the UI. Up to 150 earnings and deducƟons No more than 15 complex earning calculaƟons 35 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Pay AccumulaƟons, Pay Balances, Pay Component Groups Pay AccumulaƟons - A pay accumulaƟon is a set of earnings, deducƟons, pay component-related calculaƟons, pay component groups, or other pay accumulaƟons for which Workday can calculate a total. You specify which values to add or subtract. Pay Balances - Over a balance period that includes mulƟple gross-to-net results (such as quarter-to-date, year-to- date, or fiscal periods), you can set up pay balances to calculate a combinaƟon of: • Earnings • DeducƟons • Pay-component-related calculaƟons • Pay component groups • Pay accumulaƟons Pay Component Groups - These are added to the Earning and DeducƟons codes in order to accumulate the right amounts on the run categories when running pay calculaƟon. For example, the PCG “Adds to Gross” is added to earnings such as Hourly Pay, Salary Pay, Holiday Pay, etc. and is also added to the run category pay accumulaƟon “Gross.” AnyƟme a pay calc is run, everything that “Adds to Gross” is calculated, as well as the other PCGs Ɵed to the run category. Up to 30 pay accumulators, pay balances, custom pay component groups. Up to 2 custom balance periods Net Pay ValidaƟon and Arrears Net pay validaƟon and arrears tracking and recouping rules in the event of a negaƟve net pay scenario. In Scope. All employees follow same arrear rules Retro Processing Use Strada POV for supported events In Scope Off-Cycle Payments Off-cycle payment transacƟons occur outside of a regularly scheduled (on- cycle) pay run and include: • Manual payments made to employees outside of Workday Payroll, such as check or cash. • On-demand payments that replace or add to an employee‘s on-cycle payments. • Reversals that back out of an employee‘s completed pay calculaƟon. Up to 5 Reason Codes 36 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Payroll Involuntary Withholding Orders and DeducƟon Recipients Workday provides rules for processing these types of income withholding orders: • Bankruptcy • Creditor Garnishments • Federal AdministraƟve Wage Garnishments • Federal Student Loans • Federal Tax levies • State tax Levies • Support (including Lump Sum) • Wage Assignments Workday also supports these types of income withholding orders issued by Puerto Rico when the employee works in a state other than Puerto Rico: • Creditor Garnishments • Support Orders Based on state and federal law, Workday: • Determines the amount to withhold from the employee’s disposable earnings, including arrears and any agency and employer fees. • Applies withholding limits and sets garnishment prioriƟes. • Follows statutory rules to determine what to withhold for each order when: o An employee has mulƟple orders. o The amount to withhold exceeds the limit. DeducƟon Recipients - Record informaƟon for a third-party deducƟon recipient, including the: • Recipient. • Contact informaƟon. • Method of payment. • Bank account details. WD Delivered configuraƟon, with noted conversion limitaƟons Pay Groups Up to 2 Pay Run Categories Up to 1, which includes “Regular” 37 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Period Schedules for Payroll Indicates processing frequency (monthly, biweekly, semi-monthly, etc.), period start and end dates, payment dates, and forward accruals. The period schedule is assigned to the pay group (like the run category). Up to 2 ShiŌ DifferenƟal CalculaƟon ShiŌ DifferenƟal CalculaƟon tags Ɵme blocks between certain hours so that you can pay in/out workers a shiŌ differenƟal. Up to 5 Fiscal PosƟng Intervals, Schedules, Summary Schedules, Fiscal Years The payroll accounƟng elements required to pass payroll expenses to Workday Financial Management, including accounts, account posƟng rules, fiscal schedules, and ledger types. Up to 1 per each payroll, shared by all Companies; calendar year only Journal Sources, Ledger, Ledger Types, Account Sets, Account PosƟng Rules The payroll accounƟng elements required to pass payroll expenses to Workday Financial Management, including accounts, account posƟng rules, fiscal schedules, and ledger types. Up to 1 shared by all Companies. Account posƟng rules up to 1 Dimension Labor CosƟng Specify how to allocate employee earnings and employer-paid expenses to the organizaƟons and locaƟons you define. Workday represents organizaƟon types and locaƟons as worktag types (also called dimensions). Simple Worker CosƟng AllocaƟons Up to 5 Dimension Payroll Tax Filing ConfiguraƟon Workday can send periodic, quarterly, and annual tax informaƟon from Workday Payroll to a third-party service provider using a tax filing integraƟon. Payroll tax for Federal/State/Local JurisdicƟons will need to be configured during implementaƟon then maintained by Payroll or Tax administrator. In Scope, leverage WD Delivered standard configuraƟon Companies The primary organizaƟon type for Workday Financial Management. All financial transacƟons are for a company, and most financial reports are run in the context of a company, such as balance sheets and income statements. Workday recommends that you create a separate company for each internal enƟty with a separate tax ID. Up to 1 Unique EIN for payroll 38 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Financial InsƟtuƟons Up to 2 Bank Accounts Define the business enƟƟes that provide company financial and banking services and have bank accounts, define branches of a financial insƟtuƟon, establish standard bank accounts at a financial insƟtuƟon, and establish peƩy cash accounts. Up to 10 RouƟng Rules Bank rouƟng rules determine the bank accounts the seƩlement process uses to route payments that you iniƟate in Workday. These rules apply only to payments involving standard bank accounts, and not peƩy cash accounts. Up to 2 Check Layouts Workday delivers 3 business form layouts for checks and advices. Each layout contains a metadata XSL style sheet that defines the default placement of fields, company logo, and signature on checks and advices. To customize the default configuraƟon, you can create XSLT check print layouts. The layout that Workday uses at print Ɵme depends on whether the printout is a: • Financial check. • Payroll check. • Payslip Up to 1- WD Default Payment ElecƟon Rules Workday allows payment elecƟon rules to define choices for receiving and making payments, such as: • Methods of payment: check, direct deposit, or manual. • Number of allowed payment methods. • Number of allowed payment split distribuƟons. Up to 1 Pay Group AutomaƟc Assignment Rules Rules to propose a default pay group for worker when assigning a pay group Up to 2 39 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Audit Report configuraƟon Workday allows you to set up excepƟon audit reports to display excep Ɵons on Workday delivered reports. Also, you can set up audit reports that compare results across periods, flagging excepƟons for further invesƟgaƟon. WD Delivered Company Federal, State and Local Payroll Tax ReporƟng Workday Periodic, QTD, and Year End reporƟng can be viewed for Federal, State, and Local taxes via the delivered Tax Filing reports WD Delivered Payroll ReporƟng Codes ReporƟng Codes capture Geographic Code, OccupaƟonal Code, Branch Code, LocaƟon Code, Unit Number, MulƟ-Unit Number, Unit Code, or Unit Number to be reported for various states on the QTD tax file. In Scope, leverage WD Delivered ConfiguraƟon with Client values. W-2 ConfiguraƟon Workday provides default W-2 form configuraƟon and a View W-2 Box ConfiguraƟon report that payroll administrators can use to view and edit the W-2 form configuraƟon for year-end processing. Boxes that are not populated by default will need to be populated by the Payroll Administrator or Partner (earnings, deducƟons, and pay component-related calculaƟons to calculate and display). Includes W-2 mapping only, leverage Strada Delivered ConfiguraƟon FLSA Work Period Calendar Rules When you process payroll, Workday follows the FLSA work period calendar rules to assign workers to the associated FLSA work period calendars and calculates their FLSA earnings based on those work periods Leverage Strada Delivered ConfiguraƟon Tax IntegraƟons Workday can send periodic, quarterly, and annual tax informaƟon from Workday Payroll to a third-party service provider using a tax filing integraƟon. Payroll tax for Federal/State/Local JurisdicƟons will need to be configured during implementaƟon then maintained by Payroll or Tax administrator.  This does not include the actual coding of the integraƟon. See integraƟon secƟon for scope details. In Scope 40 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Tenant Setup - Payroll Manage tenant-wide seƫngs for Workday Payroll in these areas: • ProraƟon Seƫngs • CosƟng AllocaƟons • Payroll AccounƟng • Payroll Commitments • Payslips • Canada Year-End ConfiguraƟon and Tax Documents Electronic Signature Text • W-2/W-2C Form Alignment Override • US Year End Tax Documents Electronic Signature Text • ID Sequence Generators • Administrator Results WD Delivered Tenant Setup - Worklets You can display reports as worklets on Workday landing pages or in dashboards. Worklets provide quick access to frequently referenced data and tasks common to a specific funcƟonal area. There are 2 types of worklets: • Custom worklets. You can create advanced, matrix, nBox, transposed, trending, or composite custom reports, and then enable them as worklets. • Workday-delivered worklets. You can‘t copy or modify Workday-delivered worklets. WD Delivered 41 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Payroll Compliance Updates Dashboard The Payroll Compliance dashboard gives you quick visual insight into the compliance updates that are most important to you. You can quickly idenƟfy whether a compliance update potenƟally impacts your employees and take appropriate acƟon, such as alerƟng employees, spot-checking payroll results, or being ready to answer quesƟons. Its drillable worklets enable you to understand the details of what is changing without guesswork or the need to run weekly reports with various criteria. Can be configured to display 3 worklets: • Delivered Last Week • EffecƟve Next Month with Employee Impact • Other Updates Delivered Last Week or EffecƟve Next Month WD Delivered EIBs for Payroll (Period Schedule, Off-cycle, Payroll Input) Enterprise Interface Builder - An integraƟon tool that enables you to create simple, secure, and customizable integraƟons with Workday. Alternately, an EIB is a simple integraƟon created by the integraƟon tool. An EIB consists of an integraƟon system, an integraƟon data source, an integraƟon transformaƟon, and an integraƟon transport protocol. WD Delivered Unions Up to 8 Modifiable BPs WD Delivered Can add/edit up to 2 steps per process  SeƩlement Run Event  Payment Release Event  Assign Pay Group  Complete Federal Withholding ElecƟons  Complete State and Local Withholding ElecƟons  Payment ElecƟon Enrollment Event  Payment PrinƟng Event  Print Checks Task  WD Delivered and Strada POV Business Process NoƟficaƟons 42 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Data Conversion  Up to 3 test and producƟon loads for quarter-end, go- live  Payroll Balances for Current Year(if go live is on a quarter)  Worker Payment ElecƟons  Worker Tax ElecƟons Time Tracking 43 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Groups for Time Tracking IdenƟfies the Ɵme entry codes for which workers are eligible. (Example - Unions, CollecƟve Bargain, Hourly, Salaried, Salaried Non-Exempt, Non-Exempt, etc.). Up to 10 Time Code Groups WD Delivered eligibility rules Time Entry Codes Types of Ɵme that workers can enter Up to 20 WD Delivered rounding Time CalculaƟons Generate categories of payable Ɵme by applying calculaƟon tags such as overƟme and double Ɵme to a worker’s hours. Up to 10 Excludes Ɵme calculaƟons based on custom objects, Ɵme off plans, benefits eligibility, and tardiness/aƩendance, Ɵme dockage, rolling/request OT calculaƟons Time CalculaƟon Groups Specify worker eligibility for Ɵme calculaƟons Up to 4 WD Delivered eligibility rules Time Entry Templates Controls the appearance of a worker's Ɵme entry calendar. It idenƟfies the default Ɵme entry code to associate with reported Ɵme, valid worktags for Ɵme entries, and various Ɵme entry opƟons. Up to 10 WD Delivered ShiŌs Time ValidaƟons Rules Used to alert or prevent workers from entering or submiƫng invalid Ɵme entries. Can be defined as errors or warnings. Up to 5 Time Entry ValidaƟons WD Delivered ShiŌ based calculaƟons A Ɵme shiŌ is a grouping of consecuƟve blocks that apply to workers who report In and Out Ɵmes. Time shiŌs enable you to base calculaƟons and validaƟons on a worker's enƟre shiŌ, whether or not the shiŌ is fully contained within the worker's defined work day. Up to 10 Work Schedule Calendars Determine the days and hours of the work week on the Time Entry calendar. Up to 20, with up to 4 paƩerns per work schedule Worktags Capture informaƟon about a worker‘s hours for cosƟng and other purposes (i.e., cost center, project). WD Delivered, including one custom worktag Security Groups to Support Employee Self Service and Manager Self Service IntersecƟon security to control Time Tracking access Up to 2 to restrict Time Tracking to eligible populaƟons only Specific Reports & Calculated fields Workday custom report prioriƟzed by client 10 Custom Reports from Strada Delivered ConfiguraƟon 44 Alerts & Reports Alerts for Time Tracking Reports Up to 3 (1 alert per Strada Delivered report) Time Tracking Period Schedules The Ɵme period schedule, in combinaƟon with the pay period schedule, determines when employees receive pay for Ɵme worked. It defines the dates that are open for Ɵme entry, lock dates to prevent employees from entering Ɵme while payroll is being processed, and which Ɵme entries (dates) to load for a pay period. Up to 2 Submit Text Message displayed when a worker submits their Ɵme. 1 Submit Text Union Time tracking requirements to cover unique union/CBAs Ɵme entry policies. Up to 8 Time Tracking Setup Review Time is a report managers can use to review Ɵme tracking hours for the week. Time Tracking Manager Dashboard WD Delivered dashboards and worklets Review Time  1 delivered totals setup  Strada Delivered ConfiguraƟon; Enable: Include Warning Indicators, Include Count of Incomplete Time Entries, Include Scheduled Weekly Hours Time Tracking Manager Dashboard:  Team Time is the manager dashboard for when only Time Tracking is in scope.  If absence management is also in scope, Time & Absence Dashboard will be uƟlized instead. Modifiable BPs WD Delivered Can add up to 2 steps per process.  Assign Work Schedule  Enter Time  Reported Time Batch Event WD Delivered Business Process NoƟficaƟons Data Conversion Not Applicable No Data Conversion included Advanced Scheduling 45 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Workday Scheduling Product Scope Customer is live on Workday HCM. Regions/Time Zones The number of Ɵme zones in scope are 1 Worker Count There is a total of up to 1,200 workers in scope. MulƟple PosiƟons MulƟple PosiƟons is not in scope. OrganizaƟons A re-organizaƟon of the Supervisory OrganizaƟon structure, and/or Custom OrganizaƟon structure is not in scope for this deployment. Eligibility Up to 1 Schedule Tag Types. Schedule Tag Values Strada will configure up to 10 Schedule Tag Values (sub-values of the Tag Type). Security Groups and Roles Includes Workday delivered and Strada POV security groups and roles. Business Processes Workers will use Level Overrides. Workers will track their availability in Workday. Workers will not track their Preferences in Workday. Workers will not leverage the Open ShiŌ/Take Back ShiŌ/Cover ShiŌ and/or Swap ShiŌ Business Processes. User Experience Employee Self-service is not in scope. Manager Self Service is not in scope. Mobile Workday Mobile is in scope. ReporƟng There are 10 delivered reports offered with Workday Scheduling that includes 8 delivered Custom Reports. Modifiable BP's Change Worker Schedule Tags Change Worker Scheduling Seƫngs Change Worker Schedule Preferences Change Worker Availability Open ShiŌ Take Back ShiŌ Cover ShiŌ Swap ShiŌ Accept ShiŌ Swap Publish Schedule Change Published Schedule 46 Data Conversion Worker Availability will not be loaded prior to Go Live. Worker Preferences will not be loaded prior to Go Live. Worker Overrides will not be loaded prior to Go Live. Talent OpƟmizaƟon – Phase 2 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Mentor Employees can establish mentoring relaƟonships Includes delivered mentor types and close mentorship reasons. Interests Employee can designate career interests, RelocaƟon Preferences, Job Interests and Travel Preferences Includes delivered values for career interests, job interests, relocaƟon areas and travel amounts. Development Items Development Items allow workers to track career objecƟves that are not rated during performance events. Includes delivered development item categories and compleƟon statuses. AnyƟme Feedback Allow feedback to be given or requested, named or anonymous in free-form at any Ɵme In Scope Performance Review Templates Performance Review Templates include configurable secƟons for self- evaluaƟons by employees, and evaluaƟons by managers and addiƟonal reviewers. RaƟng scales can be added to these templates. Up to 3 performance review templates. Performance Reviews will have an opƟon of 3 secƟons: Goals, Competencies and Overall. One raƟng scale 5 points or less. Check-Ins Allows Managers and Employees to document 1:1 sessions. In Scope Goals Goals are guiding principles or values that you would like your business or organizaƟon to achieve throughout a given period of Ɵme and assessed as part of the performance review. Goal aƩributes include: descripƟon, category, status, and due date. Includes delivered values for status. Competencies A set of defined behaviors that provide a structured guide, enabling the idenƟficaƟon, evaluaƟon, and development of the behaviors in individual employees. In Workday, worker competencies are rated as part of performance. Up to 10 competencies that can be mapped to management levels 47 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Modifiable BPs Use pre-configured BPs Can add up to 3 steps to BPs Can add up to 5 custom noƟficaƟons across BPs  Manage Interests  Give Feedback  Manage Goals  Start Performance Review  Complete Self EvaluaƟon for Performance Review  Complete Manager EvaluaƟon for Performance Review Succession Planning (for PosiƟon Management) IdenƟfy criƟcal roles for succession, create plans and assess readiness on candidates. Up to 50 PosiƟons for Succession: includes delivered values for readiness Assess My Team’s PotenƟal Managers and other support roles can assess an employee’s potenƟal and retenƟon risk by a supervisory organizaƟon. Includes delivered values for potenƟal and retenƟon risk. Assess PotenƟal Managers and other support roles can assess employees’ potenƟal, retenƟon risk, loss impact, and achievable level In Scope Modifiable BPs Use pre-configured BPs Up to 2 custom noƟficaƟons across BPs.  Manage Succession Plan  Assess My Team’s PotenƟal  Assess PotenƟal Data Conversion Historical changes to goals, performance reviews, potenƟal, succession, and other talent/performance history Out of Scope RecruiƟng – Phase 2 48 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Candidate Home External Candidate will apply to an open posiƟon through the candidate home In Scope Prospect Management Someone who has not applied to a posiƟon, but you are following to possibly bring onto your team In Scope Internal and External Career Sites Workday provides the ability for you to create external career sites that enable: • You to publish and market job posƟngs on dedicated and branded career sites. • Candidates to search for job posƟng opportuniƟes and apply on an intuiƟve and responsive website. When you create an external career site, Workday automaƟcally provides the ability for candidates to register for an account based on their name and email address. When a candidate applies to a job, this enables you to communicate with a candidate during any stage of the recruiƟng process. You can send them a request to: • Complete a quesƟonnaire. • Review documents and electronically sign them. • Provide their government or naƟonal IDs. • Provide addiƟonal personal informaƟon. The one account works on all your external career sites. 1 Internal Career Site for Employees, 1 Internal Career Site for ConƟngent Workers, and 1 External Career Site Internal and External QuesƟonnaires You can configure Workday to have: • An external or internal candidate complete up to 2 quesƟonnaires when they apply for job from an external or internal career site. • An external candidate with a registered Candidate Home account or internal candidate complete one or more quesƟonnaires at any stage in the recruiƟng process. 2 Internal and 2 External QuesƟonnaires, one quesƟonnaire per job requisiƟon with no more than 25 quesƟons, English only Internal ApplicaƟon Current worker applicaƟon process Up to 1 49 RecruiƟng Standard Reports RecruiƟng reports WD Delivered Simple Referral Plan Referring a candidate Up to 1 Auto Unpost Jobs Un-posƟng a posiƟon from the candidate site In Scope Assessments Possible Logic or system test for the candidate In Scope Auto DisposiƟon Candidate‘s Other Job ApplicaƟons Removing candidate from consideraƟon from other jobs they have applied too In Scope Background Check Checking candidates previous work and criminal history Up to 5 Packages and Up to 3 Statuses Duplicate Management Merging of mulƟple applicaƟons for the same candidate In Scope Interview Management Have the enƟre recruitment team provide feedback on the candidate In Scope Job RequisiƟon Categories and Reason Reason for creaƟng a job requisiƟon In Scope Interview RaƟngs RaƟng candidate aŌer the interview In Scope Primary Recruiter Security Ability to view and modify non WD delivered data In Scope Candidate Screening IniƟal contact to ensure the candidate is sƟll interested in the job In Scope Candidate Grid Way to manage your candidate through the recruitment process. Adjusts the look and feel of the page the recruiter reviews. In Scope with a maximum of 5 calculated fields Candidate Review Provides you with the opportunity to move the candidate to the next phase recruitment process In Scope Evergreen RequisiƟon Management Specific Job ApplicaƟon for high volume posiƟons always open In Scope Job RequisiƟon Management Job requisiƟons are the basis for job posƟngs in Workday RecruiƟng. You must complete specific recruiƟng- related requirements so candidates can submit applicaƟons to your job posƟngs. Use the Manage Job RequisiƟons report to view all open, pending approval, on hold, and closed job requisiƟons. Details include job requisiƟon and candidate informaƟon. Also, included are the days the requisiƟon has been open, the requested compleƟon date, the close date, and last recruiƟng stage WD Delivered 50 Generated Documents Clients can create document templates that can be customized and used to dynamically generate documents such as offer leƩers, benefit summary, or confidenƟality agreements. Up to 1, English only with a maximum of 10 calculated fields and 10 rules One Time Payment for Offers Ability to generate a request for a One Time Payment as part of the Offer process. In Scope Candidate Endorsement It enables employees to endorse a candidate’s applicaƟon In Scope Candidate Pools Enable funcƟonality to group candidates. Up to 2 RecruiƟng (Core ConfiguraƟon) 1 consistent candidate & hiring process & approval rouƟng across all business units, geographies, departments, Modifiable BPs EdiƟng all RecruiƟng BP’s  Job ApplicaƟon (1 Dynamic Workflow)  Job RequisiƟon  Offer Data Conversion Previous system data conversion 100 Open Job RequisiƟons and Corresponding Open PosiƟons Excluded Items:  Prospect Conversion  Open PosiƟons Not Associated with Job RequisiƟons  AcƟve Candidate Data Conversion  AƩachments Messaging – Phase 2 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Prerequisite ProducƟon tenant available and customer is Live on the HCM SKU Customer-owned InnovaƟon Services Agreement Message templates Modify exisƟng Message Templates to allow SMS setup Customer-owned 51 Custom NoƟficaƟons Modify exisƟng Custom NoƟficaƟons to allow SMS setup Customer-owned Reports Workday Delivered Included Data Conversion Not applicable Learning – Phase 2 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Learning: Core ConfiguraƟon Setup Learning Domains, ConfiguraƟon of Business Processes, Delivered Learning Dashboards, AcƟvity Stream Included Learning Campaigns You can create campaigns that engage workers in learning acƟviƟes by promoƟng course and lesson content to target audiences. Up to 8 single object campaigns Audience Used in campaigns and scheduled distribuƟons. When a user meets the audience requirements for an acƟve campaign or scheduled distribuƟon, Workday sends the noƟficaƟons according to the defined schedule. Up to 8 Topics Topics enable you to categorize courses and stand-alone lessons, improving the learning catalog search and browsing experience for learners. Up to 10 topics with customs images Learning Prerequisites Prerequisites enable you to enforce certain courses being taken prior to others In scope Learning Equivalencies Equivalencies can be created as a 1:1 or 1:Many rule and can enable employees to find similar content in the catalogue, as well as recognize compleƟon of courses via compleƟon of an equivalent. In scope Instructors and Accessors Internal instructors and assessors will be established based on the clients current workforce. Allowing those workers to be aligned to Instructor lead courses and Training AcƟviƟes on blended courses in the catalog. Up to 50 internal of each 52 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Custom NoƟficaƟon Business process noƟficaƟons can be configured for the Enroll in Content, Drop Learning Content and Cancel Course Offering business processes. Up to 8 Reason Codes Reason Codes for Drop Enrollments, Cancel Learning Enrollments, Cancel Course Offerings Up to 5 Learning ValidaƟons Learning validaƟons enable you to create criƟcal stops or soŌ warnings upon the iniƟaƟon of Enroll in Course and Drop Learning Enrollment business process Up to 5 total for all BPs Learning Message Templates Message templates are used to deliver consistent messages to your audiences such as reminders related to upcoming due dates. Up to 4 Configurable Security Groups Custom security groups to be Ɵed to the Learning Core domain, to be used for support of the learning catalog administraƟon. Up to 4 security groups excluding topic and course segmented security groups Topic and Course Segmented Security Custom segmented security groups to control access to course content. Does not include custom user based or role based or intersecƟon security groups Up to 10 segments with 10 supporƟng security groups Mobile Enable Packaged Content on Mobile Workday Delivered ReporƟng Workday offers many reports that allow you to summarize informaƟon that is contained in the system.  Upcoming Course Offerings for Instructors  InacƟve Instructors with AcƟve Offerings  Learning Enrollment by Content  Learning CompleƟon and Required Learning  All Learning Assignments by OrganizaƟon Delivered Workday reports included. Up to 5 Strada custom reports Data Conversion Conversion of Instructors, Assessors, Digital or Packaged content, Historical Transcripts and Course Catalog. Out of scope – Clients responsibility with Strada support for EIBs 53 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Modifiable Business Processes Business processes that can be modified within the Learning module Manage Lesson Manage Course Enroll in Content Drop Learning Enrollment Manage Program Manage Equivalency Rule Financials Parameters Financial AccounƟng FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Core Financial System of Record Primary operaƟonal financial system In Scope Fiscal Schedule Fiscal Schedule to be set up in tenant Up to 1 Fiscal Schedule Fiscal Schedule Summaries Fiscal Schedule to be set up in tenant Quarterly and Annual AccounƟng Adjustment Change Reason codes to reclassify specific accounƟng transacƟons In Scope Custom ValidaƟons Defined transacƟonal validaƟons that help workers idenƟfy transacƟon issues Up to 10 AllocaƟons AllocaƟon of costs across other cost centers. Examples of allocated costs: IT, space expense by headcount or sq Ō, markeƟng and other overhead costs. If an allocaƟon is dependent on another allocaƟon to calculate and process, then each allocaƟon would be counted toward the total. Up to 25 StaƟsƟcs StaƟsƟcs used as the basis for allocaƟons, as well as for reporƟng based on the StaƟsƟcs or StaƟsƟc Lines report data sources. Up to 10 Average Daily Balance Rule Ledger accounts and associated worktags that the client wants to include in average daily balance calculaƟons In Scope AllocaƟon Group Sets For processing AllocaƟons, group related allocaƟon definiƟons into allocaƟon group sets Up to 1 54 Ledgers Workday has three ledgers that can be configured: Actuals Encumbrance Pre-encumbrance No customizaƟons In Scope Currency TranslaƟon Account translaƟon methods to determine how you want to calculate fiscal year beginning balance and acƟvity In Scope Year End Closing Rules Define rules that map source accounts to target accounts at year-end. Rules are applied when you roll forward account balances and close ledger years. If no rule is specified, Workday, by default, rolls account balances forward to the same account during roll-forward and year-close processing. In Scope Currency Rate Types WD Delivered (only) Capital Assets - Work in Progress Work in progress assets (or assets under construcƟon) for assets as they relate to a capital project. In Scope Import Journals via Spreadsheet Delivered EIB’s Delivered ConsolidaƟon Automated eliminaƟon process The process of combining financial data from different departments, business units, or subsidiaries within a company into a unified set of financial statements. In Scope Intercompany Process Intercompany system generated balancing entries In Scope Alternate Fiscal Schedules for ReporƟng Only When companies have different fiscal calendars Up to 2 AccounƟng Books and Book Codes Sets of books such as GAAP and Tax Up to 2 Balancing by Company/Legal EnƟty and Fund In Scope 55 Single Primary Chart of Accounts Only A unified and standardized framework for organizing financial informaƟon and transacƟons within the Workday system. In Scope Tax ConfiguraƟon Local taxes assessed on the value added to goods and services. In Scope ReporƟng Workday Delivered reporƟng that is acƟvated for core financial needs using the Workday delivered “Aliases”. Income Statement Consolidated Trial balance Balance Sheet Modifiable BPs Workday delivered business processes specific to financials core  AccounƟng Journal Event  AccounƟng Adjustment Event  AccounƟng Journal Unpost Event  Period Close Event  Finalize AllocaƟon Event Data Conversion  Single Summarized Journal for Each Company Per Period with a Maximum of 2 Years Plus Current YTD  TransacƟonal Journals Not Converted Grants 56 FuncƟonal Area Feature DefiniƟon Scope Assump Ɵons Sponsors Sponsors, sponsor types, contact details In Scope Object Class Mapping Mapping of spend categories to sponsor categories for reporƟng purposes Up to 3 Award Contracts Terms and condiƟons of the awards In Scope LeƩers of Credit Federal sponsor payment collecƟon method Up to 1 Billing Schedules Installment, prepaid or transacƟon- based billing In Scope Award PosƟng Intervals Time periods and schedules for awards In Scope Spend RestricƟons Ability to allow or disallow spend based on sponsor requirements In Scope Subawards and Subrecipients EnƟty acts as middleman and awards dollars to a local subrecipient Up to 3 FaciliƟes and AdministraƟon Indirect spend that will be reimbursed by the sponsor Up to 3 Import Grant via Spreadsheet Delivered spreadsheet integraƟon to import grants Delivered ReporƟng Delivered Modifiable BPs  Award  Award Amendment  Award CorrecƟon Custom ValidaƟons Restrict/require condiƟons on transacƟons Up to 6 unique Grant Budget Structures Grant budget configuraƟon Up to 2 Grant Budget Checking Budget check transacƟons against grant budget In Scope Data Conversion Award life to date (LTD) balances In Scope Banking FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Bank Account Management Financial InsƟtuƟons or banks In Scope Financial InsƟtuƟon Financial InsƟtuƟons or banks Up to 2 Bank Accounts Bank Accounts linked to banks Up to 20 Custom ValidaƟons Defined transacƟonal validaƟons that help workers idenƟfy transacƟon issues Up to 10 SeƩlement Process that facilitates all in-scope payments In Scope 57 First NoƟce Rules FuncƟonality that allows Workday to build reconciliaƟon rules for common items on bank statements (bank fees, ZBA xfers, interest earned, etc.). Without this only checks & deposits can be reconciled. Up to 15 Ad Hoc Payment Ability to create Ad Hoc Payments In Scope Delivered Advanced Bank Matching Rules Delivered Rules only, excludes custom matching rules In Scope Check PrinƟng Delivered check format only, no custom logic or layout changes WD Delivered Bank RouƟng Rule Bank rouƟng rules determine the bank accounts the seƩlement process uses to route payments that you iniƟate in Workday In Scope Electronic Payments ACH and Wire Supplier payments In Scope (if on integraƟons list) Bank Account Transfer for SeƩlement In Scope (if on integraƟons list) Ad Hoc Bank TransacƟon A bank transacƟon that is iniƟated manually and on an as-needed basis. In Scope Business Process Bank Account Signatories and Thresholds for ReporƟng In Scope Escheatment In Scope Modifiable BPs  SeƩlement Event  Bank Account Transfer for SeƩlement  Bank Account Transfer Event  Ad Hoc Payment Event  Ad Hoc Bank TransacƟon Event Data Conversion  Beginning Balance - Bank account beginning balances  Unreconciled Open items - Unreconciled Open Bank Account items  Uncashed check conversion Budgets FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Financial Plan Type Budget defined in the account system In Scope Plan Worktags Worktags associated to budgets Up to 10 58 Plan Structures Plan structures are the foundaƟon for plans and budgets in Workday. Up to 2 for a budget hierarchy Plan Templates Plan templates consist of a base workbook and set configuraƟon opƟons to guide creaƟon of future plan workbooks Up to 2 for the Go-Live year only 1 plan template for each plan structure Import Budget via Spreadsheet Delivered spreadsheet integraƟon to import budget data WD Delivered Budget Checking Budget check funcƟonality in Workday automaƟcally checks your transacƟons against your financial plans In Scope Budget Hierarchy Up to 1 ReporƟng Budget vs actual by cost center (Workday delivered report) WD Delivered Modifiable BPs  Budget Approvals & Amendments  Budget Checking Data Conversion 1 year of Budget data Supplier Accounts 59 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Supplier Invoice Physical or electronic documents from vendors providing purchase and payment informaƟon Up to 1 EIB template for all suppliers' invoices Custom ValidaƟons Defined transacƟonal validaƟons that help workers idenƟfy transacƟon issues Up to 10 Supplier Contracts If Procurement is not in scope, then only funcƟonality around Supplier Invoice Scheduling will be available. In Scope for Scheduled or Manual Invoice Contract Types Only Supplier Invoice Request Create a payment request for goods or service lines in Workday by adding invoice informaƟon to the request. AŌer the payment requests are approved, Workday converts them into supplier invoices. In Scope Supplier Invoice RetenƟon Payment RetenƟon FuncƟonality In Scope 1099 Adjustment Business process to enable updates to 1099's In Scope 1099 Suppliers 1099 Suppliers reporƟng of payment data to the IRS 1099 Suppliers Supplier ConnecƟon Enables mulƟple remit-to bank accounts, addresses and name per supplier In Scope Prepaid Spend AmorƟzaƟon Process and account for prepaid invoices and related amorƟzaƟon within Workday, without the need to outside spreadsheets and manual journal entries In Scope Intercompany Supplier Invoice Workday generated invoicing of one legal enƟty from another legal enƟty under the client’s umbrella. Includes direct intercompany and pay-on-behalf of invoicing In Scope Supplier Request Business process to request a new supplier In Scope RemiƩance Advice (Standard Format) NoƟce of ACH remiƩance to suppliers WD Delivered Tax AuthoriƟes Up to 5 Tax Rates Up to 10 Tax Codes Up to 10 60 Workday OpƟcal Character RecogniƟon (OCR) Invoice AutomaƟon In Scope Modifiable BPs  Supplier Invoice  Supplier Change Event  Supplier Event  Supplier Request  Supplier Invoice Request Data Conversion  Suppliers and Supplier ConnecƟons with acƟvity within 3 years preceding the go-live date (6 months recommended)  Open/Unpaid Supplier Invoices for Suppliers in scope  1099 YTD balance (only applies if client is going live in middle of calendar year) Business Assets FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Asset AccounƟng AccounƟng treatment for registered assets In Scope MulƟ Asset Book AccounƟng In Scope Asset Sharing Asset sharing enables the ability to split asset cost and depreciaƟon across mulƟple cost centers or other worktags In Scope DepreciaƟon Workday provided methods of deprecaƟng methods Up to 10 Profiles Asset Book Rules Asset book rules idenƟfy capital assets and assign depreciaƟon profiles to depreciable capital assets Up to 10 Leased Assets from Supplier Contract Assets Ɵed to a lease from supplier contracts. Procurement must be in scope In Scope Pooled Assets Assets that consist of a group of similar tangible items that you register as a single asset in Workday In Scope Asset Adjustments Asset cost & in-service date adjustment events In Scope Asset Tracking Assets tracked separately without affecƟng any accounƟng acƟviƟes In Scope 61 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Asset Transfer Event that allows for the transfer of assets from one worker, locaƟon, or worktag to another In Scope Asset ReclassificaƟon An event that provides the ability to change spend categories and other details for capital assets with posted depreciaƟon, reclassify the spend category Included Work in Progress Capital Assets (Projects - Related) Assets Ɵed to the capital projects. In Scope Asset Book For accounƟng and reporƟng purposes (i.e., tax or alternate accounƟng books) 2 In Scope (1 AccounƟng and 1 Other for reporƟng purposes) Custom ValidaƟons Defined transacƟonal validaƟons that help workers idenƟfy transacƟon issues Up to 10 Modifiable BPs Asset RegistraƟon Data Conversion Current Assets that are registered within the company. It is best to clean out the registry and not bring over disposed assets Non-disposed assets only (up to 5,000) Customers FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Customer Invoice An electronic or paper document used to charge customers for goods and services. Up to 1 Customer Invoice Layout (Configured using Delivered Business Form (no customizaƟons)) Customer Payment An electronic or physical payment by a customer for goods and services In Scope Delivered Auto-Apply Payment Rules Only Up to 8 Intercompany Invoice Ability to raise invoices to affiliated enƟƟes not on Workday (or not in client tenant). In Scope Customer Invoice Maintenance In Scope Customer Statement (Standard Layout) A report that details a customer’s open balance, open invoices and payments Up to 1 Customer Statement Layout [Configured using Delivered Business Form (no customizaƟons)] Cash Sale Sales conducted in cash vs electronic payments In Scope Customer Refund Business process that determine how customer refunds are handled In Scope 62 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Deferred Revenue RecogniƟon Revenue recogniƟon schedule using deferred revenue templates In Scope – Delivered funcƟonality unless Customer Contracts is in scope Customer Deposit Customer payment deposited on a bank account In Scope Bad Debt Write Off Method of wriƟng off customer open balances In Scope Receivable Aging Tracking and reporƟng of the open customer invoices by Ɵme period In Scope CollecƟons and Dispute AcƟviƟes Tracking and reporƟng of customer collecƟons and dispute acƟviƟes In Scope Custom ValidaƟons Defined transacƟonal validaƟons that help workers idenƟfy transacƟon issues Up to 10 Tax Tax codes, rates, & authoriƟes As outlined in Supplier Accounts Modifiable BPs  Customer Invoice Event  Customer Invoice Email Event  Bad Debt Write Off Event  Customer Refund Event  Customer Event Data Conversion  Only Customers with acƟvity within the last 3 years preceding go-live date (6 months recommended)  Open/Unpaid Account Receivables Items  Customer Invoice History (Up to 3 years) Procurement FuncƟonal Area Feature DefiniƟon Scope AssumpƟons RequisiƟon Provides a method for worker to request the purchase of goods/services In Scope Purchase Order Provides a method for sending purchasing document to supplier In Scope Change Order Create change orders for issued purchase orders In Scope Receipt Accruals ConfiguraƟon to accrue purchase order lines that have been received but not invoiced In Scope 63 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons # of Punchouts Catalog capability to access supplier punchout website Note – This is the funcƟonal effort. Need to ensure integraƟons are included in the IntegraƟons secƟon of the SOW. Up to 1 (if included in integraƟons scope) # of PCard Vendors for Procurement Up to 1 (if included in integraƟons scope) Supplier Invoice Matching Process that determines variances between supplier invoices and related business documents, including supplier invoice lines that exceed quanƟƟes or amounts of purchase order lines In Scope Supplier Contract Provides spend vehicle for procuring goods and services. Allows for scheduled and manual purchase orders and supplier invoicing. In Scope Lease Contracts Set up supplier contract that includes Financial and OperaƟng leases In Scope Purchase Order (Standard Layout) Workday delivered Purchase Order layout only Delivered Receipt Receive goods and services from Purchase Order lines In Scope Sourcing RequisiƟons sourced to purchasing documents In Scope Return to Supplier Return goods to suppliers In Scope Matching Override Define reasons for workers to request an override for supplier invoices in match excepƟon In Scope Supplier Contract Amendment Make changes to an exisƟng supplier contract In Scope Payment RetenƟon You can set up payment withholding to capture and track payment amounts using purchase orders and supplier contracts In Scope Custom ValidaƟons Defined transacƟonal validaƟons that help workers idenƟfy transacƟon issues Up to 10 64 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Modifiable BPs  RequisiƟon Event  Change Order Event  Purchase Order Event  Supplier Accounts Match Event  Supplier Accounts Match ExcepƟon Override Event  Supplier Contract Event  Supplier Contract Amendment Event Data Conversion  Up to 200 Open Purchase Orders (includes both goods and services)  Up to 100 Open Supplier contracts  Receipts for Open Approved Purchases Orders Projects FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Project Objects that enable you to effecƟvely plan, track, and manage work In Scope Workday Standard Project Reports Workday provided project reporƟng WD Delivered Task Tasks are associated to projects In Scope Project Resources Resources that can be assigned to a project In Scope Idea Task that allows users to submit an idea for work/project that supports an overarching organizaƟon goal In Scope Standard Cost Rate Sheets In Scope Project Cost Rate Rules CondiƟon rules that will drive cosƟng funcƟonality when using Standard Cost Rate funcƟonality Low to Medium Complexity up to 3 dimensions 65 FuncƟonal Area Feature DefiniƟon Scope AssumpƟons Custom ValidaƟons Defined transacƟonal validaƟons that help workers idenƟfy transacƟon issues Up to 10 Modifiable BPs  Create Project  Verify Capital Project Expense  Resource Plan Line Data Conversion  AcƟve Projects (up to 500) includes:  Project Plan  Resource Plan  Task Resource  Project Budget PRISM Prism for Archival: Strada will implement the PRISM plaƞorm to portray the City’s legacy/historical data. This deployment will consist of:  Import PRISM objects to Workday tenants in support of 6 archival reporƟng use cases. FuncƟonal Area FuncƟonality AssumpƟon Prism External files (Customer defined layout) Delimited flat file(s) per use case Prism objects/ETL datasets Base tables 6 Total: 1 per use case (depending on data volume, extracts may need to be batched prior to load) Derived datasets 6 Total: 1 per use case Published datasets 6 Total: 1 per use case ReporƟng Custom report 6 Total: 1 per use case Dashboards Excluded Scorecards Excluded BIRT reports Excluded Discovery Board visualizaƟons Excluded IntegraƟons Workday Connectors (cloud connect or core connectors) Excluded EIB integraƟons Excluded Prism integraƟons Excluded Security Enable the Workday delivered Prism funcƟonal area, Security Domains and Assignable Roles. Included Enable one Custom Security Domain or apply one exisƟng Security Domain to secure the Prism published data source. Included 66 Create a new Prism Administrator security group and enable required access to the Workday delivered Prism Security Domains. Included Enable one of following organizaƟons as securing enƟƟes (Company, Cost Center, LocaƟon, or Supervisory OrganizaƟon) Excluded Enable a separate Security Domain for specific packaged fields. Excluded AnalyƟcs Enablement Session Provide a 1-hour analyƟcs enablement session to demo full Prism capabiliƟes and review accelerators and or more sophisƟcated customer use cases. Included Workday Financial Planning (formerly AdapƟve) Product DescripƟon Scope Financial Planning Structure Budget and forecast up to 5 years out. All planning periods will use a common / single methodology. Planning occurs in Ɵme periods of months, quarters or years One Chart of Accounts structure, one calendar, and a common set of templates and processes across the organizaƟon Up to 20 Legal EnƟƟes and 20 EnƟty Currencies (Single Currency per EnƟty) Revenue Up to 3 Revenue Models. Up to 2 Manual Input Sheets with up to 4 Dimensions each (each Sheet provides a single interface to view, enter, and update data). - No calculaƟons. Models to be idenƟfied during Architecture phase. OperaƟng Expense Up to 50 individual accounts calculated by formula, Up to 50 Individual accounts calculated by historical run rate mulƟplied by an adjustment factor Up to 5 supporƟng schedules with line-item row detail (i.e., vendor, etc.) Up to 2 DepreciaƟon Schedules for Capital Planning Personnel Expense Up to 2 Personnel Expense models (current roster and open posiƟons) - With unique Employee Groups for: Full-Ɵme Regular, Part-Ɵme Regular, Salary, Hourly and ConƟngent Labor. 67 Product DescripƟon Scope Strada will configure specific assumpƟons for each of the City’s bargaining Units (8 expected) and will include unique step and grade pay profiles. Changes to these assumpƟons may be loaded to or manually updated in AdapƟve Planning as needed. Manual Data Entry for Transfers, Splits, Planning AllocaƟons by Level (Single-Step, Not Sourced from Payroll data) Manual changes made in one version do not persist upon a refresh of data from source. Fringe Benefits and Tax Rates Merit and Bonuses are calculated as a percent of total pay based on role, worker, or total company. AllocaƟons Up to 5 driver-based allocaƟon methods, may include workforce-related, corporate, and/or funding-source or project-based. Capital Expense Capital Expense Model - Using straight line deprecia Ɵon for newly planned assets. - Summary depreciaƟon loaded for exisƟng assets (not at asset level) - Capital model does not include capitalized labor or calculaƟon of depreciaƟon on exisƟng assets. Balance Sheet Balance Sheet planning is in scope at the total organizaƟon level, to be planned by month. Balance sheet planning will leverage model components where possible. Where exisƟng modeling cannot be leveraged the account will be an input of an amount per month. Cash Flow Deployment Approach The Workday AdapƟve Planning deployment start date will align with the compleƟon and validaƟon of the FDM, end to end tesƟng and a full month of GL Actuals loaded and validated in the Workday Financials End to End (E2E) tenant or Gold Tenant. The AdapƟve meta-data structure will be manually built and the Workday data will be manually loaded in AdapƟve iniƟally. Once the Workday ProducƟon tenant is built a reconciliaƟon of the manually built AdapƟve structure and ProducƟon Workday tenant will occur to ensure alignment. Once aligned automaƟon of the build of AdapƟve structures and the load of Workday data will occur. 68 Product DescripƟon Scope Financials and HCM Workday Data Management Strada will configure the automaƟon synchronizaƟon of the following metadata and data: - Metadata: Accounts - Metadata: Levels - Metadata: Dimensions & AƩributes (up to 20) - User SynchronizaƟon Strada will define and configure required Advanced Reports and Workday Data Source for the following sources of data within the Customer’s Workday Tenant: - GL trial balance - Current personnel roster - Open posiƟons / requisiƟons - Currency TranslaƟon Rates (Average and End of Month only) - Matrix Report for General Ledger Drill Through -Publish of Financials Budget Balances by: Account, Level and Dimension to Workday Security Enable security on Levels and configure Dimensional Access Control for up to one addiƟonal dimension ReporƟng One Income Statement Format (account / dimensions) that incorporates all templates and business logic Up to 10 KPI’s, Conduct up to 6 remote hands-on workshops (up to two hours each) to walk-through building reports/dials/dashboards. Provide best pracƟce guidance around design Consult with Customer on specific dial design challenges; Help Customer with how-to quesƟons. Reports and Dashboards to be completed by Customer prior to UAT. Training and Enablement Knowledge transfer and documentaƟon provided for all planning models built using Strada’s documentaƟon format and tools (1 page per model) End-user documentaƟon and end user training is excluded Final review & tesƟng: Support of Customer UAT scripts development Admin training: includes training for up to 5 power users on administraƟve responsibiliƟes and maintenance of the system for up to 4 hours. Post ProducƟon support: 4 weeks of support for up to 10 hours per week Not Included Financial ConsolidaƟons (unless purchased via AddiƟonal Scope) Workday Workforce Planning (formerly AdapƟve) 69 Product DescripƟon Scope Workforce Planning Metrics Start / Hire and End dates Headcount FTE AƩriƟon, Grade salary range Tenure, Leave of Absence Cost per headcount / Revenue per headcount, etc. Average Ɵme to hire CompensaƟon CalculaƟons Up to 2 Personnel Expense models (current roster and open posiƟons) - With unique Employee Groups for Salary, Hourly, Bargaining Units, Part-Time, and ConƟngent Labor. Bargaining-unit specific assumpƟons for step, grade, etc. To be created for an esƟmated 8 unique units. Includes allocaƟng employees to projects for proper cosƟng breakdown. Manual Data Entry for Transfers, Splits, Planning AllocaƟons by Level (Single-Step, Not Sourced from Workday Payroll) Manual changes made in one version do not persist upon a refresh of data from source. Fringe Benefits and Tax Rates: - Fringe Benefits are calculated as a percent of total pay or flat amount based on locaƟon. - Taxes are calculated as a percent of total pay. - No caps on benefits or taxes. Merit and Bonuses are calculated as a percent of total pay based on role, worker or total company. Structure Budget and Forecast up to 1 year out. All planning periods will use a common / single methodology. Top Down (by level and 2 dimensions) and BoƩoms Up. Trended Workers for historical reporƟng by headcount Planning occurs in Ɵme periods of months, quarters or years Consistent Calendar and HR Metrics across the organizaƟon Up to 20 Legal EnƟƟes and 20 EnƟty Currencies (Single Currency per EnƟty, Single Currency per Worker) Supervisory OrganizaƟon is required as a structural element either as a dimension or level Security Enable security on Levels and configure Dimensional Access Control for up to one addiƟonal dimension 70 Product DescripƟon Scope ReporƟng Conduct up to 6 remote hands-on workshops (up to two hours each) to walk-through building reports/dials/dashboards. - Provide best pracƟce guidance around design - Consult with Customer on specific dial design challenges; - Help Customer with how-to quesƟons. - Reports and Dashboards to be completed by Customer prior to End to End TesƟng. Training and Enablement Knowledge transfer and documentaƟon provided for all planning models built using Workday's documentaƟon format and tools (1 page per model) End-user documentaƟon and end user training is excluded Final review & tesƟng: Support of Customer UAT scripts development Admin training: includes training for up to 5 power users on administraƟve responsibiliƟes and maintenance of the system for up to 4 hours. Post ProducƟon support: 2 weeks of support for up to 10 hours per week Workday Data Management Workday will configure the automaƟon synchronizaƟon of the following metadata and data: - Metadata: Accounts - Metadata: Levels - Metadata: Dimensions & AƩributes (up to 20) - User Sync Workday will define and configure required advanced reports and Workday Data Source for the following sources of data within the Customer’s Workday Tenant: - Import current personnel roster - Import open posiƟons / requisiƟons - Import Fx Rates Not Included Payroll or Payroll CosƟng AllocaƟons as a source General Ledger as a source Advanced CompensaƟon Eligibility Rules as a source AcƟon Events as a source Data Conversion 1. The following Tenant builds, and associated conversions will be completed for this effort: 1. FoundaƟon Tenant build used for Architect acƟviƟes – Strada owned 2. ConfiguraƟon build used for Configure and Prototype acƟviƟes – Strada owned 3. End-to-End Tenant build used for test acƟviƟes – Strada owned 4. Parallel build used for parallel test acƟviƟes – Strada owned 5. Pre-ProducƟon Tenant build used for Deploy acƟviƟes – Strada owned 2. Strada personnel will provide guidance to the Client in order for them to complete any legacy system extracts needed to support the scope defined above. 71 3. Client is responsible for providing conversion and configuraƟon data in the required data gathering format. All data extract files will be submiƩed in the pipe-delimited, UTF8, text file-format. Client acknowledges that provided files that do not meet this format will require addiƟonal work and support from the Strada resources. This will result in addiƟonal effort to be reviewed and resolved through the Change Control process. 4. Client will provide all files in Ɵme to support the project Ɵmeline and duraƟon. Any source-data errors encountered will be Client’s responsibility to correct. 5. Data will be transmiƩed to Strada via secure File Transfer Protocol (sFTP) and will be loaded to a Strada owned secure server. Once conversion into the Workday tenant has completed for the related tenant build the data will be deleted from the secure server. 6. Client is responsible for data validaƟon of all files converted into the Workday tenant to ensure accuracy. 7. All data will be loaded into the tenant uƟlizing Workday approved web-services. Client is responsible for all non-web-service based conversion acƟviƟes. This includes but is not limited to any enterprise- interface-builder (EIB) files and manually keyed catch-up transacƟons. Catch-up transacƟons include all modificaƟons in client datasets between the extracƟon point-in-Ɵme for the tenant build and the release of the tenant by the Strada team. Strada conversion and funcƟonal resources support this effort through answering quesƟons on load nuances and assisƟng in error resoluƟon. 8. No data scrambling will be required to fulfill the effort defined in this Statement of Work. 9. Assumes Client ownership of updaƟng invalid data, headers, and file format of submiƩed conversion files with minimal Strada manipulaƟon of client delivered informaƟon. By default, Strada will only perform one load of final conversion files for each build. If such reloads or further data clean-up/reload Ɵme are needed, these should be discussed and are subject to a Change Order. IntegraƟons IntegraƟons AssumpƟons 1. For inbound integraƟons (data originates in an external system and is loaded into Workday), Client or related third party will be responsible for providing the data in a Workday-specified format. If formaƫng issues arise from external system’s limitaƟons, Strada consultants will leverage Workday tools to aid in mapping. 2. For outbound integraƟons (data originates in Workday and is sent to an external system), the integraƟon owner will be responsible for the effort required to extract the data out of Workday into the format required by Client or related third party. 3. For bidirecƟonal integraƟons both in/out happen within the same integra Ɵon process and therefore would count as a single integraƟon. The IntegraƟon owner and related third party will be responsible for providing the data in a Workday-specified format. 4. Strada and Client will use Strada’s proprietary integraƟon tracking tool to capture requirements, store designs, track status and track defects on each integraƟon that is in scope. 5. Client and Strada will finalize the inventory of integraƟons in the project scope by the compleƟon of the Plan stage. The inventory will idenƟfy the integraƟon, the direcƟon of the integraƟon and the integraƟon technology used. 6. Any integraƟon added to scope aŌer the compleƟon of Plan Stage will be documented through the Change Order procedure and will be delivered at a date agreed uponin the Change Order procedure. 72 7. For inbound integraƟon, the integraƟon owner will build and unit test each integraƟon during the Architect & Configure Stage based on a mocked-up file. When possible, the integraƟon owner will receive and load a file from the vendor to ensure that it passes basic formaƫng, transmission and structural needs. If not possible in the Architect & Configure stage, this will be done as part of End-to-End tesƟng. 8. For outbound integraƟons the integraƟon owner will send a file to the vendor to compare the produced file to ensure that it passes basic formaƫng, transmission, and structural needs. If not possible in the Architect & Configure stage, this will be done as part of End-to-End tesƟng. 10. Client will be responsible for execuƟng all End-to-End integraƟon tesƟng during the Test stage. End-to- End TesƟng for integraƟons is the process of having scenarios flow from entry into Workday through to the creaƟon of data in an outbound file or the inverse of validaƟng that data received in an inbound file for specific scenarios has created the expected results in Workday. 11. Strada will demonstrate to Client how to run the integraƟons for tesƟng for all Strada owned integraƟons 12. Strada will support tesƟng during the Test stage for each defect logged. If a defect goes beyond the current documented requirement, an enhancement will be documented and may be delivered a Ōer Live Date depending on complexity. 13. Client will provide tesƟng signoff for each integraƟon prior to the end of the Test stage. 14. Strada will facilitate knowledge transfer sessions to transiƟon integraƟons to the appropriate Client resources during the Deploy stage to validate the customer is able to successfully run integra Ɵons and interpret basic results for all Strada owned integraƟons. 15. All in-scope integraƟons with approved requirements will be expected to go live within the deployment Ɵmeline unless specified directly in this SOW. 16. Client will own and manage all interacƟon with third party vendors outside of Strada and Workday. 17. Client assumes responsibility for any delays incurred by third party vendor’s inability to meet project Ɵmelines (excl. Can/Am Teller Cashiering, as this was proposed by Strada). 18. All integraƟons will be migrated twice, once as part of the End-to End Tenant build, and once as part of the Pre-ProducƟon Tenant build. 19. All integraƟons are scoped by Strada to be built on the Workday integra Ɵon plaƞorm (e.g., Workday Cloud Connect, Core Connectors, EIB, Studio). In the case where Client wants to build an interface using a different plaƞorm, via middleware or otherwise, this decision must be veƩed to compare overall cost and Ɵmeline and may require a change order to proceed. 20. All integraƟons are assumed to use Workday's integraƟon framework accelerators and connectors as appropriate. Examples include the HCM change framework and the Workday payroll interface framework. The Workday payroll interface framework returns informa Ɵon sufficient to process the current pay period. The Workday payroll interface framework may consist of full employee extract files or employees’ data change files that contain employee demographics, job, organizaƟon, compensaƟon, earnings/deducƟons, and direct deposit data. We also assume Workday Cloud Connect Benefits connectors will be used if available. Any custom interface not accomplished using the framework accelerators may result in addiƟonal effort.  For Cloud Connect integraƟons, Strada will be responsible for 73 configuring, tesƟng, and deploying the integraƟons with build performed by Workday as part of Workday’s packaged Cloud Connect network. 21. All integraƟons will go live with their corresponding funcƟonal deployment. Any change in schedule or Ɵmeline will be subject to the Change Order Process. 22. If not already conducted, Strada recommends an assessment of all integra Ɵons listed to determine if the transacƟon volumes for each warrant the development of an automated integra Ɵon. 23. Unless otherwise specified in integraƟon assumpƟons, Strada is not responsible for loading informaƟon directly into the target system or for extracƟng informaƟon directly from the target system. 24. Where a client or the client’s vendor will build an API to access Workday data via web service, Strada will provide minimal/basic input on Workday’s API framework but expects the client or vendor to have sufficient and applicable experƟse around API usage. 25. CCB (Cloud Connect for Benefits) esƟmates include medium complex account structure, that is, up to 10 different values per segment. For example: Value required on Loop 2300 REF segment of 834 medical file requires less than 10 disƟnct values. More complex account structure could result in a change order. 26. If Strada has a requirement workbook available for CCB (Cloud Connect for Benefits), client will use the workbook to gather requirements from vendor to speed up implementa Ɵon process. IntegraƟon Types: The following table describes the categories of Workday integraƟon templates available for configuraƟon with related type and assumed complexity IntegraƟon Technology IntegraƟon Type IntegraƟon Complexity DescripƟon Cloud Connect Catalog Low or Medium Workday’s vendor-specific integraƟon templates also referred to as Packaged Core Connector Connector Medium Workday’s generic output integraƟon templates also referred to as Framework Custom EIB EIB Medium to Very High Workday’s custom integraƟon plaƞorm templates using the Enterprise IntegraƟon Builder (EIB) Custom Studio Custom Medium to Very High Workday’s custom integraƟon plaƞorm templates using the Studio development tool, integraƟons using these templates are not recommended for inclusion in scope and may not be delivered in Ɵme for Workday Live Date Web Service Custom Medium to High Workday’s applicaƟon programming interface (API) services The following table describes how these integraƟon types relate to assumed development complexity: IntegraƟon Complexity EsƟmated Hour Range Low 20-59 Medium 60-79 High 80-99 74 Very High 100+ IntegraƟon Inventory: Based on Strada’s understanding of Client’s requirements, Strada has es Ɵmated: IntegraƟon Type AssumpƟons Strada 27 Shared 0 Client 0 Total IntegraƟons 27 IntegraƟons not explicitly listed in the integraƟon inventory are considered out of scope, the specific integra Ɵons in scope are: IntegraƟon ID Strada IntegraƟon Name DirecƟon Complexity Owner Phase INT001 US Bank Visa CalCard Inbound Medium Strada 1 INT002 In Time: Police Scheduling Bi-DirecƟonal Very High Strada 1 INT003 Vector Scheduling and Training: Fire Scheduling Bi-DirecƟonal Very High Strada 1 INT004 OpenGov SolicitaƟon Outbound/Vendor Response Inbound Bi - DirecƟonal Low Strada 1 INT005 DocuSign or Adobe Sign Bi - DirecƟonal Low Strada 1 INT006 E-Builder Supplier Invoices Outbound Medium Strada 1 INT007 E-Builder TBD Inbound High Strada 1 INT008 Teller AccounƟng Journals Inbound Medium Strada 1 INT009 ACH Payments Outbound Outbound Low Strada 1 INT010 Wire Payments Outbound Outbound Low Strada 1 INT011 BAI2 Bank Statement Inbound Inbound Low Strada 1 INT012 PosiƟve Pay Outbound Outbound Low Strada 1 INT013 MS Azure AcƟve Directory Bi - DirecƟonal Low Strada 1 INT014 Kaiser Permanente Medical Outbound Outbound Low Strada 1 INT015 BCBS Medical Outbound Outbound Low Strada 1 INT016 Prism Dental/Vision Outbound Outbound Low Strada 1 75 INT017 Lincoln Life, Voluntary, LTD, STD, and AD&D Insurance Provider Outbound Outbound Low Strada 1 INT018 HSA/FSA Spending Flexible Benefits Administrator Outbound Bi Di? Medium Strada 1 INT019 COBRA Flexible Benefits Provider Outbound Medium Strada 1 INT020 CalPERS Outbound Outbound Medium Strada 1 INT021 CalPers Demographic Outbound Medium Strada 1 INT022 457 ReƟrement (Empower) Payroll Outbound Medium Strada 1 INT023 457 ReƟrement (Empower) Enrollment/Deferral Inbound Medium Strada 1 INT024 457 ReƟrement (Empower) Demographic Outbound Medium Strada 1 INT025 457 ReƟrement (Empower) Loan Inbound Medium Strada 1 INT026 3121 ReƟrement (Empower) PARS Outbound Medium Strada 1 INT027 HRA Aviben Outbound Low Strada 1 Strada Owned Approach Strada fully owns the requirements gathering, design, building tesƟng and migraƟon of integraƟons. These integraƟons will be denoted as “Strada” in the integraƟon table AssumpƟon DescripƟon Ownership of Cloud Connect The development of Cloud Connect interfaces must be owned by Strada per Workday's guidelines. Requirements and design Strada will be responsible for requirements gathering. MigraƟon of configuraƟon Strada will migrate these integraƟons. Development, tesƟng and support Strada will own the development, tesƟng and support of these integraƟons. 76 VIII. RACI AssumpƟons The table below outlines major tasks that are completed during each stage of the Workday implementa Ɵon. One of our important tools for tracking roles & responsibiliƟes is the Responsibility Assignment Matrix (RACI matrix). RACI stands for:   Responsible—Who is/will be doing this task? Who is assigned to work on the task?   Consulted—Anyone who can tell me more about this task? Any stakeholders already idenƟfied?   Informed—Anyone’s work depends on this task? Who has to be kept updated on the progress?   Accountable—Who is responsible if this goes wrong? Who has the authority to make the decision? The Table is completed by Role (Subcontractor or Client’s Customer). Client must ensure Client’s Customer agrees to complete these roles & responsibiliƟes in the prime contract. Pre-deployment Readiness Pre-Deployment Readiness Services Subcontractor Client’s Customer Deliverables  Stakeholder Interviews  Conduct up to 8 interviews with key HRIS/IT, operaƟons, and funcƟonal leaders to idenƟfy potenƟal risks to the project, business concerns, etc.     R/A  C/I  Stakeholder Interview Summary  Project Readiness  Conduct up to 5 1.5-hour Readiness workshops covering: resource planning, scope, and Ɵmeline, guiding principles, decision making and governance, touch points, foundaƟonal decisions, preparing for key acƟviƟes and your deployment experience.  R/A  C/I  Facilitate readiness meeƟngs with Client core team     Session materials and idenƟficaƟon of RAID (Risks, AcƟons, Issues, Decisions) items  Change Management Readiness Workshops   Conduct up to 2 1.5-hour Change Management workshop sessions to review Strada’s change management approach and framework for Workday deployments. Discuss roles and responsibiliƟes to iniƟate discussions on early CM prioriƟes.     R/A  C/I  Change Management approach and framework overview material     Session materials and idenƟficaƟon of RAID items  Data Conversion Approach  Conduct up to 2 1.5-hour Data Conversion Session to discuss data conversion needs associated with deployment and define data conversion approach.  Review data elements needed for iniƟal data conversion and current state data sources     R/A  C/I  Data conversion approach      Session materials and idenƟficaƟon of RAID items    77 FoundaƟon Data Conversion Workshops  Conduct up to 4 30-minute Data Conversion Using the Strada Workday conversion templates as guide, Strada will support this process in answering quesƟons about the templates and about Workday.   R/A  C/I  Data conversion guidance framework     Session materials and idenƟficaƟon of RAID items    IntegraƟons Overview and Inventory Alignment  Conduct up to 2 2-hour IntegraƟons Overview Session to review integraƟons delivery approach, integraƟons inventory, ownership alignment, and idenƟfy potenƟal integraƟon risks and opportuniƟes  R/A  C/I  IntegraƟon approach, integraƟons inventory, and ownership alignment     Session materials and idenƟficaƟon of RAID items  Deployment Plan Workstream Key project tasks & deliverables SubconƩractor Client’s Customer Project Governance Workday Client onboarding C/I R/A IdenƟfy Client Core Project Team, Client Domain Leads, Key Decision Makers, Steering CommiƩee Members C/I R/A Schedule and aƩend Workday Training for Core Project Team C/I R/A Manage Client resources for project related ac ƟviƟes C/I R/A Define Project Governance Structure  A governance model contains integrated meeƟng details that establish the frequency, inputs, objecƟves, outputs and aƩendees for all levels.  Establish the ownership of responsibiliƟes for the team resources at all defined levels, providing clarity on who is responsible for what and that escalaƟon procedures, when required, are agreed upon. R/A C/I DraŌ project plan  A document that contains the details of the project acƟviƟes, owners and compleƟon dates. Strada will provide a template that will serve as the project schedule’s foundaƟon. R/A C/I Establish project repository R/A C/I 78 Conduct project kickoff meeƟng  VerificaƟon that both Client and Strada have a consistent understanding of project goals, objecƟves and Ɵmeframes.  ExecuƟve sponsorship is formalized, and project communicaƟon strategy is shared.  The Strada Project Manager will educate the Client project team on how to work with Strada and review key arƟfacts used throughout the project. R/A C Develop Tenant Management Plan R/A C/I Manage Strada resources for project related acƟviƟes R/A C/I FuncƟonal Provide IniƟal Prototype Build Data Gathering Workbook  A template of the key data elements required to build the FoundaƟon Tenant. R/A C/I Completed IniƟal Prototype Build Data Workbook  Template with all required fields populated by Client with current data from their legacy applicaƟon and returned to Strada for configuring the IniƟal Prototype. C/I R/A Build IniƟal Prototype—FoundaƟon Tenant  IniƟal Workday Prototype configured using the completed Data Gathering Workbook.  This prototype will be used during the project kickoff and requirements workshops. R/A C/I IntegraƟons IntegraƟon QuesƟonnaires walkthrough  Prior to the end of Plan, Strada to execute integraƟon quesƟonnaire walkthrough with Client. R/A C/I Completed IntegraƟon QuesƟonnaires  Prior to the end of Plan, Client to complete integra Ɵon quesƟonnaire for the IntegraƟon Requirement FinalizaƟon sessions. C/I R/A HCM Custom ReporƟng Fit/Gap ReporƟng Workstream IniƟaƟon  Strada provide HCM report inventory template and conduct walkthrough with Client. R/A C/I Client adds requested HCM reports and report samples to HCM report inventory. C/I R/A Strada schedule reporƟng discovery workshop and fit/gap working session(s). R/A C/I FIN Custom ReporƟng Fit/Gap ReporƟng Workstream IniƟaƟon   Strada provide FINS report inventory template and conduct walkthrough with Client. R/A  C/I  Client adds requested financial reports and report samples to the FIN report inventory. C/I  R/A  79 Strada schedule reporƟng discovery workshop and fit/gap working session(s). R/A  C/I  Conversion Compile and deliver FoundaƟon Tenant data  A small subset of data for the full populaƟon used for demonstraƟon purposes throughout the requirements workshops. C/I R/A Convert FoundaƟon Tenant data  This prototype will be used during the project kickoff and the requirements workshops. R/A C/I ProducƟon Preparedness Conduct ProducƟon Preparedness Kickoff  Educate the Client project for life in ProducƟon and discuss the meeƟngs throughout the project. R/A C/I TesƟng - EssenƟal with AutomaƟon Designate a dedicated, full-Ɵme Client TesƟng Lead to manage and oversee Client test deliverables C/I R/A Prepare TesƟng workstream introducƟon & kickoff materials R/A C/I Conduct TesƟng workstream introducƟon & kickoff session R/A C/I Populate Project Plan aligned to key milestone dates R/A C/I Complete Program AdministraƟon tasks - update weekly status report and project plan, aƩend status meeƟngs R/A C/I Finalize Project Plan in coordinaƟon with Client TesƟng Lead R/A C/I Develop overall Workday training plan for testers C/I R/A IdenƟfy Client tesƟng resources (FuncƟonal & IntegraƟon for Unit Test and End-to-End) C/I R/A Schedule and run regular Test Lead Planning meeƟngs with Client Test Lead counter-part and Project Managers R/A C/I Change Management – Lead and Execute Change Management Kickoff  Review scope and change journey  Review of Strada-provided change management arƟfacts, tools and templates.  Alignment on team roles & responsibiliƟes R/A R/C Change Management Strategy Establish the overarching framework for the Change Management workstream, including:  Framework for delivery  Success measures  Risks to adopƟon  High-level Ɵmeline R/A R/C 80 Stakeholder Analysis   Analysis to determine specific stakeholders and stakeholder groups that require regular change management interacƟon throughout the deployment. Note: Stakeholder Analysis is a living document that will be maintained throughout the course of the project. R/C R/A Change Management Work Plan Development and ongoing management of work plan for the Change Management workstream. R/A R/C Architect & Configure Workstream Key project tasks & deliverables Subcontract Client’s Customer Project Governance Finalize project plan R/A C/I FuncƟonal Conduct FoundaƟonal Blueprint, Design/ConfiguraƟon workshops R/A C/I Populate ConfiguraƟon Data Gathering Workbooks (Templates)  The ConfiguraƟon templates are used to document ConfiguraƟon being delivered and decisions captured during working sessions. C/I R/A Conduct Business Process workshops  Using Strada POV Workday opƟmized business processes as a starƟng point, Strada will conduct Business Process workshops to demonstrate delivered business processes and analyze, opƟmize and document any changes to the selected business processes as described in the Project Scope. R/A C/I Complete Design/ConfiguraƟon workbooks C/I R/A Conduct ReporƟng discussions  Strada will conduct discussions to review available Workday- delivered and Strada POV-delivered reports. Further discussions will be had to idenƟfy what custom reports might be needed in addiƟon to what is already delivered. R/A C/I Complete Custom Report Requirement templates  The Report Requirement templates are used to document the desired criteria, fields and sorƟng to be used when building the reports. C/I R/A Complete Knowledge Transfer plan R/A C/I 81 Build ConfiguraƟon Tenant  ConfiguraƟon Tenant built based on the informaƟon collected in the Requirements Workshops.  This build includes configuraƟon data, as well as full worker data provided by Client in the Data Gathering workbooks R/A C/I Conduct Unit Test / Client ConfirmaƟon sessions  Facilitated session to review ConfiguraƟon Tenant Build based on requirements gathered during the Requirements Workshops R/A C/I Conduct Unit TesƟng (ConfiguraƟon Tenant)  The Client team is responsible for validaƟng its accuracy using the FoundaƟonal Blueprint as a point of reference. C/I R/A IdenƟfy Required ConfiguraƟon and Business Process Changes C/I R/A Payroll Lead - DraŌ Parallel TesƟng strategy [BRD (Business Requirement Document)] R/A C/I Payroll Lead Provides draŌ Payroll Parallel Schedule and Timeline R/A C/I Payroll Team finalizes Parallel TesƟng Plan (BRD) —including plan for catch up transacƟons, integraƟons and data load requirements C/I R/A IntegraƟons Conduct integraƟon requirement finalizaƟon workshops  Strada will schedule and execute IntegraƟon Requirements workshops to review completed integraƟon quesƟonnaires and document further required informaƟon, including details of the integraƟon data endpoints to draŌ requirements.  Alignment of integraƟon security approach. R/A C/I DraŌ requirements for Strada-owned and Shared-development integraƟons documenƟng the business needs for each integraƟon including data elements, file specificaƟons and affected business processes for requirements approval.  DraŌ requirements for Client-owned integraƟons for requirements approval. R/A C/I Requirements approval and sign-off by Client prior to Strada commencing design of the integraƟon. C/I R/A Create integraƟon design documents for Strada-owned or integraƟons designated as Shared-development  For integraƟons designated as Shared-development, execute design walkthrough with Client. R/A C/I IdenƟfy and migrate PPD integraƟons from Strada PPD tenant to Client tenant R/A I 82 Build and Unit Test IntegraƟons Strada-owned  Any Strada-owned integraƟon will be developed, and unit tested by Strada. R/A I Build and Unit Test Client-owned or Shared-development IntegraƟons  Any Shared-development or Client-owned integraƟons will be developed, and unit tested by Client. I R/A Issue ResoluƟon  Strada may request addiƟonal informaƟon on integraƟons during development and unit tesƟng. R/A C/I Schedule Knowledge Transfer for Strada-owned IntegraƟons for TesƟng R/A C/I Execute Knowledge Transfers of Strada-owned integraƟons for TesƟng R/A C/I Perform IntegraƟon MigraƟon to TesƟng Tenant R/A I HCM Custom ReporƟng Fit/Gap  Conduct iniƟal Fit/Gap analysis for each report in report inventory R/A C/I Conduct reporƟng discovery workshop R/A C/I Conduct weekly working sessions to review Fit/Gap results to define custom report needs, hours effort esƟmates, and priority. Report design is not included. R/A C/I Client provide approval of list of custom reports from working sessions to be added to project scope, as appropriate. C/I R/A Strada provide reporƟng quesƟonnaire and conduct walkthrough with Client R/A C/I HCM Custom ReporƟng Pool  Client provide completed reporƟng quesƟonnaire I R/A  Conduct reporƟng requirements deep-dives R/A C/I  DraŌ requirements for Strada-owned custom reports and provide to Client R/A C/I Client provide custom report requirements approval prior to Strada commencing build of the Strada-owned reports C/I R/A Build and unit test Strada-owned custom reports R/A C/I Build and unit test Client-owned custom reports I R/A Conduct weekly Client-owned custom report build support meeƟng, as required R/A C/I Perform migraƟon of Strada-owned custom reports to tesƟng tenant R/A C/I Perform migraƟon of Client-owned custom reports to tesƟng tenant C/I R/A 83 FIN Custom ReporƟng Fit/Gap Conduct iniƟal Fit/Gap analysis for each report in report inventory. Fit/Gap working session(s) include the following:  Review of each report to determine if it’s a Delivered, POV, or Custom Report  Any modificaƟons to the Delivered or POV reports will be a Custom Report R/A C/I Conduct reporƟng discovery workshop R/A C/I Conduct weekly working sessions to review Fit/Gap results to define custom report needs, hours effort esƟmates, and priority. Report design is not included. R/A C/I Client reviews delivered reports from Fit-Gap to determine if they meet requirements. C/I R/A Client provides approval of list of custom reports from working sessions to be added to project scope, as appropriate. C/I R/A FIN Custom ReporƟng Pool Conduct reporƟng requirements deep-dives R/A C/I DraŌ requirements for Strada-owned custom reports and provide to Client R/A C/I Client provides custom report requirements approval prior to Strada commencing build of the Strada-owned reports C/I R/A Build, unit test and E2E test Strada-owned custom reports R/A C/I Build, unit test and E2E test Client-owned custom reports. I R/A Schedule knowledge transfer of Strada-owned custom reports R/A C/I Perform migraƟon of Client-owned custom reports to tesƟng tenant C/I R/A Conversion Conduct Conversion Discovery workshop  Strada will run a series of meeƟngs to define scope, walk through the conversion extract templates and outline the conversion file delivery schedule. R/A C/I Create Conversion Strategy document  Document that details the data conversion approach and strategy for the project. R/A C/I Build Conversion extracts C/I R/A Deliver Conversion extract files C/I R/A Review of iniƟal draŌ of Conversion extract files  Strada will review all draŌ conversion extract files and provide feedback to Client on what data has errors and what data does not meet standards. R/A C/I Perform ConfiguraƟon Tenant Conversion R/A C/I 84 Conduct ConfiguraƟon Tenant Data ValidaƟon kickoff  Strada will facilitate an onsite session to walk Client through data conversion errors and provide a suite of reports to assist in data validaƟon. R/A C/I Perform ConfiguraƟon Tenant Data ValidaƟon  Client to execute a series of tasks to validate data and either confirm correctness or idenƟfy changes for next prototype. C/I R/A ProducƟon Preparedness Conduct ProducƟon Preparedness Workshop #1  Review Support Model  Review Governance Support Model R/A C/I Conduct ProducƟon Preparedness Workshop #2  Review Planned Support Resourcing  Review Governance examples R/A C/I TesƟng – EssenƟal with AutomaƟon DraŌ, present, and refine Test Strategy R/A C/I Review, socialize, provide feedback, approve final Test Strategy C/I R/A DraŌ ConfiguraƟon Unit Test Plan R/A C/I Deliver ConfiguraƟon Unit Test Plan workshop R/A C/I Review and update Unit Test baseline scenarios by 1) replicaƟng scenarios as needed to support tesƟng of unique requirements by country, or business process differences defined in Architect workbooks and 2) assigning testers. Provide final version to Strada to load to Test Management tool (Jira) C/I R/A Ensure all Unit testers take Workday training C/I R/A Set-up Jira dashboards & reporƟng R/A C/I Load Unit Test scenarios to Jira R/A C/I Provide Unit Test Jira access and training to testers R/A C/I Prepare, refine and present Unit TesƟng kickoff in coordinaƟon with Client TesƟng Lead R/I A/C AƩend Customer ConfirmaƟon Sessions C/I R/A Log and track Customer ConfirmaƟon Session issues in Jira C/I R/A Coordinate Unit tesƟng logisƟcs, meeƟng rooms, conference call details C/I R/A Deliver Unit Test execuƟon kick-off and Jira training in joint coordinaƟon between Strada and Client tesƟng Leads R/I A/C Execute Unit TesƟng C/I R/A Facilitate periodic Unit Test progress meeƟngs as needed C/I R/A 85 AƩend and support Unit Test progress meeƟngs as needed R/A C/I Facilitate periodic bug review meeƟngs as needed R/A C/I AƩend and support bug review meeƟngs as needed C/I R/A Log Unit Test results and bugs in Jira C/I R/A Resolve Unit Test bugs logged in Jira R/A C/I Support test teams with Unit Test bug logging & escalaƟons R/A C/I Provide Unit Test metrics and reports R/A C/I Prepare and deliver Unit Test Exit Workbook for sign off R/A C/I Review Unit Test Exit Workbook and Sign off on Unit TesƟng C/I R/A Deliver End to End Test Plan workshop R/A C/I Provide End-to-End Planning and baseline scenarios R/A C/I Review automaƟon End-to-End Test scenarios C/I R/A Finalize manual End-to-End Test scenarios C/I R/A Prepare data mining and staging of End-to-End Test populaƟon C/I R/A Data mine and stage End-to-End Test populaƟon R/A C/I DraŌ User Readiness Plan (opƟonal) C/I R/A Ensure all End-to-End testers take Workday training C/I R/A Load End-to-End Test scenarios to Jira R/A C/I Provide End-to-End Jira access and training to testers R/A C/I Prepare, refine and present End to End TesƟng kickoff in coordinaƟon with Client TesƟng Lead R/A C/I Change Management – Lead and Execute Impact Analysis  Develop an organized approach to idenƟfying key variaƟons from current state to future state, including socializaƟon of the process to targeted Client SMEs. Changes may be technical, policy, process, cultural, or organizaƟonal in nature.  Facilitate the acƟvity, review impacts for clarity Note: The Impact Analysis is a living document that will be maintained throughout the course of the program. R/A C/I Impact Analysis  IdenƟficaƟon of SMEs to capture change impacts from current state to future state Change impact collecƟon C/I R/A 86 End-User CommunicaƟon and Engagement Plan  Organized series of communicaƟon campaigns designed to build organizaƟonal alignment and readiness.  IdenƟficaƟon of specific deliverables, audiences and Ɵming. Begin development/execuƟon of up to 30 enterprise communicaƟon tacƟcs to core audiences. R/A C/I End-User CommunicaƟon and Engagement Plan  Develop targeted communicaƟons to non- enterprise/localized audiences.  Facilitate engagement events.  Review, approve, and distribute communicaƟons. C/I R/A Change Network Plan  IdenƟficaƟon of parƟcipants.  Management of change network events and acƟviƟes, including facilitaƟon. C/I R/A End-User Training Deliverable Plan  Organized series of training deliverables designed to facilitate successful adopƟon of new ways of working.  IdenƟficaƟon of specific deliverables (by enterprise audience) including content development Ɵmeline and Strada/Client developer assignments.  Finalize design of templates. R/A R/C Measurement: Business Readiness ExecuƟon  Readiness measurement occurs via mid-project and pre-Live Date assessment, plus post Live Date adopƟon assessment.  Development of pulse surveys, review of findings and strategic recommendaƟons. R/A C/I Measurement: Business Readiness ExecuƟon  Deploy business readiness acƟviƟes, adopƟon pulse surveys. C/I R/A Sustainment Strategy  Approach to ensuring the organizaƟon is ready to sustain change over Ɵme and prepared for ongoing tool releases.  Includes counsel on Workday-provided support resources. R/A R/C 87 Test Workstream Key project tasks & deliverables Subcontractor Client’s Customer Project Governance Create Cutover plan   Plan that contains detailed steps for deploying the Workday Service to producƟon. C/I R/A FuncƟonal Build End-to-End Tenant  ConfiguraƟon (End-to-End) Tenant build based on the informaƟon collected in the Architect & Configure stage.  This build includes configuraƟon data and full worker data provided by Client in the Data Gathering workbooks. R/A C/I Conduct End-to-End Test (End-to-End Tenant) TesƟng  The Client team is responsible for validaƟng its accuracy using the Requirements documentaƟon as a point of reference. C/I R/A Payroll Lead build Parallel Test Tenant and configure Payroll Parallel comparison tools. R/A C/I Test Lead updates Jira gadget for tracking Payroll Parallel defects R/A C/I Provide the appropriate HR, Benefits, Time and Absence Data and all other Payroll legacy data required for the compare. C/I R/A Perform data entry (Manual, EIB, Inbound, IntegraƟons) to support payroll processing, including any catch-up transacƟons required to complete subsequent payroll comparison cycles. C/I R/A Execute integraƟons, as needed, including performing validaƟon of the integraƟon output files (comparison of Workday and Legacy producƟon systems). C/I R/A Payroll Lead Execute the comparison process using Strada’s custom payroll comparison tools for all cycles unƟl acceptable tolerance levels have been met. R/A C/I Payroll Lead provide Gross to Net payroll comparison results reporƟng including Gross, Earnings, DeducƟons, and Taxes tolerances, acceptable and known differences. R/A C/I Research any differences and log defects as appropriate in Jira C/I R/A Payroll Lead schedule, coordinate, and facilitate periodic Payroll Parallel defect review meeƟngs, as necessary. C/I R/A Payroll Lead resolve Parallel defects logged in Jira R/A C/I Payroll Lead support Payroll Parallel TesƟng EscalaƟons R/A C/I Payroll Lead prepare Delivery Assurance ArƟfacts R/A C/I Payroll Lead prepare Sign-Off materials R/A C/I Sign off Parallel TesƟng (approved ready for ProducƟon) C/I R/A IntegraƟon Kick off IntegraƟon TesƟng Approach with vendors and customer internal resources. R/A C/I 88 Conduct IntegraƟon Test Planning MeeƟngs C/I R/A Execute and Test integraƟons C/I R/A Prepare and present metrics on IntegraƟon Test progress C/I R/A Support test teams with issue logging/escalaƟon R/A C/I Sign off each IntegraƟon (approved ready for ProducƟon) C/I R/A HCM Custom ReporƟng Pool Client conduct report tesƟng C/I R/A Support Client tesƟng and provide troubleshooƟng assistance for Strada-owned custom reports. R/A C/I Conduct weekly Client-owned custom report tesƟng support meeƟng, as required. R/A  C/I  Client to provide approval that tesƟng is complete I R/A FIN Custom ReporƟng Pool Client conduct report tesƟng C/I R/A Support Client tesƟng and provide troubleshooƟng assistance for Strada-owned custom reports. R/A C/I Conduct weekly Client-owned custom report tesƟng support meeƟng, as required. I  R/A  Client to provide approval that tesƟng is complete I R/A Conversion Perform Tenant Conversion  Repeat the conversion acƟviƟes idenƟfied in Architect & Configure to create the End-to-End Tenant (Parallel Tenant, if required). R/A C/I Close Provide Jira exports of all FuncƟonal and IntegraƟon Program Test scenarios with steps, and bugs for audit tracking. R/A C/I ProducƟon Preparedness Conduct ProducƟon Preparedness Workshop #3  Review resourcing and idenƟfy gaps  Review Governance Support Model and idenƟfy gaps  Wrap up producƟon preparedness R/A C/I TesƟng - EssenƟal with AutomaƟon AƩend Tenant Handoff sessions C/I R/A Prepare, refine and present End-to-End TesƟng kickoff in coordinaƟon with Client TesƟng Lead. R/I A/C Coordinate End-to-End TesƟng logisƟcs and day-to-day tesƟng acƟviƟes including regularly scheduled bug calls. C/I R/A Execute automated End-to-End test scenarios R/A C/I Execute manual End-to-End test scenarios (a selected porƟon of the E2E tesƟng volume ensuring the client is prepared to sign off and operate at Go-Live). C/I R/A Support End-to-End TesƟng escalaƟons R/A C/I Facilitate periodic End-to-End TesƟng progress meeƟngs as needed. C/I R/A AƩend and support End-to-End TesƟng progress meeƟngs, as needed. R/A C/I Facilitate periodic bug review meeƟngs as needed R/A C/I 89 AƩend and support bug review meeƟngs as needed C/I R/A Log manual End-to-End Test results and bugs in Jira C/I R/A Resolve End-to-End bugs logged in Jira R/A C/I Provide End-to-End Test metrics and reports R/A C/I Review, evaluate, and approve automaƟon End-to-End tesƟng results C/A R/I Complete User Readiness (opƟonal) C/I R/A Prepare End-to-End TesƟng Exit Workbook for sign off R/A C/I Sign-off manual and automaƟon End-to-End TesƟng (approved ready for ProducƟon). C/I R/A Close Provide Jira export of project tests and bugs R/A C/I Change Management – Lead and Execute End-User Training Materials Development of training materials to build proficiency, enable adopƟon; includes up to:  35 job aids  1 microlearning video  1 concept deck R/A C/I End-User Training Deployment & LogisƟcs Plan  Determine training deployment approach, course sequencing, and delivery schedule.  Determine strategy for storage and access to end-user training materials (e.g., LMS, intranet site, etc.).  Manage training logisƟcs (e.g., distribuƟon of meeƟng invitaƟons, registraƟon, conference room scheduling, parƟcipant tracking, post training follow-ups, etc.). C/I R/A Train-the-Trainer/Instructor-Led Training  Development of presentaƟon-style materials focused on Live Date key concept and process changes; includes speakers notes. R/A C/I Measurement: AdopƟon Measurement Plan  IdenƟfy key metrics across Workstreams to measure post Live Date adopƟon. R/A R/C Measurement: AdopƟon Measurement Plan   Implement measurement plan post go-live. C/I R/A Sustainment Strategy  Approve and implement Sustainment Strategy. C/I R/A Deploy Workstream Key project tasks & deliverables Subcontractor Client’s Customer 90 Project Governance Live Date checklist R/A C/I FuncƟonal Facilitate Knowledge Transfer R/A C Build Tenant   The final configuraƟon and full data conversion load into the Pre-ProducƟon Tenant in preparaƟon for ProducƟon. R/A C Pre-ProducƟon Tenant  Verify Client has reviewed and approved all data converted into Pre-ProducƟon Tenant.  Perform any manual configuraƟon changes.  Client to enter Catch-up TransacƟons R/A C Client to enter Catch-up TransacƟons in ProducƟon. C/I R/A Validate Pre-ProducƟon Tenant  Client will complete final validaƟon and provide sign off that all ConfiguraƟon and Worker Data Conversion has been completed in the Pre-ProducƟon Tenant. C/I R/A Manage Project Cutover Plan C/I R/A TransiƟon to ProducƟon Services C/I R/A Provide Cutover Support R/A C IntegraƟons Schedule Knowledge Transfer for Strada-owned IntegraƟons for ProducƟon TransiƟon. C/I R/A Execute Knowledge Transfers of Strada-owned integraƟons for ProducƟon TransiƟon. R/A C/I Confirm IntegraƟon Cutover plan dates C/I R/A Perform IntegraƟon MigraƟon to ProducƟon Tenant R/A C/I ProducƟon Support for Strada-owned IntegraƟons R/A C/I ProducƟon Support for Client-owned and Shared- development integraƟons I R/A Run Strada transiƟonary integraƟon and share results with client team R/A I A catalog extract of integraƟons containing schedule and contact details to be used for Deploy planning. R/A C/I HCM Custom ReporƟng Pool Schedule and execute knowledge transfer of Strada- owned custom reports for producƟon transiƟon R/A C/I Perform migraƟon for Strada-owned custom report to producƟon tenant R/A C/I Perform migraƟon for Client-owned custom report to producƟon tenant C/I R/A ProducƟon support for Strada-owned custom reports R/A C/I ProducƟon support for Client-owned custom reports I R/A 91 FIN Custom ReporƟng Pool Perform migraƟon for Strada-owned custom report to producƟon tenant R/A C/I Perform migraƟon for Client-owned custom report to producƟon tenant C/I R/A ProducƟon support for Strada-owned custom reports. R/A C/I ProducƟon support for Client-owned custom reports. I R/A Conversion Perform Tenant Conversion  Repeat the conversion acƟviƟes idenƟfied in Architect & Configure for the final tenant. R/A C/I TesƟng Provide Jira exports of all FuncƟonal and IntegraƟon Program Test scenarios with steps, and bugs for audit tracking (Note: no screenshots or aƩachments are included in the Jira export.). R/A C/I Change Management – Lead and Execute End-User Training Materials Deployment of end-user training materials for individual, just-in-Ɵme use. R/A C/I Train-the-Trainer/Instructor-Led Training Co-facilitaƟon of series of train-the-trainer/instructor-led training sessions for target audience(s). R/A C/I Train-the-Trainer/Instructor-Led Training Co-facilitaƟon of series of train-the-trainer/instructor-led training sessions for target audience(s), coordina Ɵon of logisƟcs, etc. C/I R/A Recurring Workstream Key project tasks & deliverables Subcontractor Client’s Customer Project Governance Project plan maintenance  Review project plan R/A C/I Weekly status meeƟngs/reports R/A C/I ParƟcipate in monthly Steering CommiƩee meeƟng R/A C/I Conduct monthly Steering CommiƩee meeƟng C/I R/A Own Risk Management Log R/A C/I Own Issue Management Log R/A C/I Own resoluƟon of Client-owned issues C/I R/A Coordinate Delivery Assurance acƟviƟes R/A C/I Exhibit A: Subcontractor Tools and FuncƟons Served FuncƟon Served Tool Name Technology Used Notes 92 Project Governance and CollaboraƟon Client’s Customer Project Hub Smartsheet  Client's Customer Project Hub allocated in Smartsheet upon signing of agreement  All project controls originate from project hub, including project plan, issues log, workstream breakout informaƟon, and status reporƟng  Personally IdenƟfiable InformaƟon (PII) cannot be used on the Project Hub  Use of addiƟonal project management controls or tools will require change request Document Sharing and Document Library Client’s Customer Project Hub Smartsheet  Document Library created as part of project hub allocated upon signing of agreement  Personally IdenƟfiable InformaƟon (PII) cannot be used on in the Document Libraries  Use of addiƟonal document libraries or document repositories will require change request MeeƟng CollaboraƟon Technology MicrosoŌ Teams MicrosoŌ Teams  Subcontractor MicrosoŌ Teams will be used for meeƟng administraƟon  Instant Messaging currently only available for Subcontractor internally; if required, Strada will consider alternaƟves  Changes to meeƟng collaboraƟon approach requires change request Data ValidaƟon Subcontractor Data Conversion Accelerator Proprietary  Data ValidaƟon is performed by Strada Data Conversion Accelerator and provides rapid Internal Review of data  Data ValidaƟon is non-cloud based and cannot execute in a Virtual Desktop Instance (VDI) environment  Use of VDI, addiƟonal Data ValidaƟon technologies, or addiƟonal data quality management (DQM) tools will require a change request 93 IntegraƟons Requirements Subcontractor Development Catalog Proprietary  IntegraƟon requirements and integraƟons status tracked in Subcontractor’s proprietary “Strada Development Catalog”  Use of “Strada Development Catalog” is endemic throughout Subcontractor project lifecycle and expediƟng integraƟons development  Use of alternate integraƟon requirements gathering mechanisms will require a change request Security Data Transfer Subcontractor MFT / Move IT Proprietary  SensiƟve data that includes PII will be transferred between the client and Subcontractor using Subcontractor's Managed File Transfer (MFT) tool  Use of alternaƟve or addiƟonal MFT tools will require a change request ConfiguraƟon Unit Test Tracking and End- to-End (E2E) Test Tracking Subcontractor JIRA Instance Atlassian JIRA  Test tracking will be performed in Subcontractor’s instance of JIRA  Subcontractor’s tesƟng and implementaƟon methodology for Test phases is deeply connected with use of the JIRA tool  Use of alternaƟve or addiƟonal TesƟng tools will require a change request Parallel Comparison Tool Subcontractor Payroll Parallel Comparison Tool Proprietary  Test tracking will be performed in Subcontractor’s instance of JIRA  Subcontractor’s parallel payroll approach deeply connected with use of the internal parallel comparison tool  Workday’s PROVE tool will not be used  Use of addiƟonal parallel comparison tools will require a change request 94 Project Tool Hardware VPN  Subcontractor uses a secure method of logging into Strada system through VPN  Subcontractor team cannot access tools that house client-specific data without logging in through VPN  Use of client VPN will require a change request and could potenƟally impact the Ɵmeline Glossary of Terms and Baseline AssumpƟons Client shall ensure that all Client Customer requirements below are requirements of the Prime Contract. Cloud Service For purposes of this SOW, “Cloud Service” means the cloud-based soŌware services provided to Client’s Customer pursuant to a separate and independent agreement between Client’s Customer and the provider of such cloud- based soŌware services, which will be accessed by Subcontractor in connecƟon with providing the Services. Client’s Customer shall obtain any licenses and authorizaƟons relaƟng to the Cloud Service to the extent necessary to enable provision of the Services. Subcontractor’s service offering is predicated on using the Cloud Service and any references to the “system” and “plaƞorm” herein shall refer to the Cloud Service unless the context clearly indicates otherwise. Client’s Customer business processes will be implemented within the Cloud Service’s configuraƟon opƟons. Deliverables For the purposes of this SOW, “Deliverables” shall mean any configuraƟons of, reporƟng funcƟonality for data from, and integraƟons to/from the Cloud Service that are specific to, and created and delivered solely and exclusively for, Client by Subcontractor (determined without regard to any references to “deliverable” in other secƟons of this SOW). Baseline AssumpƟons 1. For purposes of this SOW, Workday (WD) is the Cloud Service. Only funcƟonality that is available with the current commercially available Workday release at the reservaƟon date can be considered for deployment. Changes to the Workday Release will be assessed by the Client’s Customer and Subcontractor PMO for fit into the current project Ɵmeline for deployment. 2. Client’s Customer is responsible for the user experience including but not limited to manager and employee training and user enablement. 3. Except where noted explicitly in the FuncƟonal ConfiguraƟon Parameters described herein: a. WD Setup will be the baseline for configuraƟon, b. WD Setup provides a robust, preconfigured role-based and user-based security group structure. Client’s Customer will map responsibiliƟes to delivered security groups, with no need for changes to exisƟng structure or creaƟon of custom security groups or roles. c. Subcontractor will enable delivered security for all Workday standard reports related to the SKUs listed in secƟon II, Project Overview / Background. 95 CONFIDENTIAL. 2025 Strada U.S. Professional Services, LLC. All rights reserved. 96 IX. Strada Service Terms These Service Terms (“Terms”) set forth certain general terms to be incorporated into one or more statements of work or other wriƩen ordering documents (each, an “Order Form”) entered into by and between the client en Ɵty named in the Order Form (“Client”) and the Reseller on behalf of Strada (“Strada” and, together with Client, each a “Party” and collecƟvely the “ParƟes”). These Terms do not establish any rights, obligaƟons or liabiliƟes unless, and only to the extent that these Terms are incorporated into an Order Form, in which case these Terms shall only be binding upon the Par Ɵes to such Order Form. All references in these Terms to the “Agreement” shall refer to the Order Form inclusive of these Terms incorporated therein. Each Agreement is a separate and severable agreement between the applicable ParƟes thereto and each such Party shall be solely responsible for its obliga Ɵons thereunder. 1. IndemnificaƟon: A. Each Party (as applicable, the “Indemnifying Party”) shall indemnify the other Party and its affiliates (as applicable, each an “Indemnified Party”) against any and all losses, damages, liabiliƟes and expenses (including reasonable aƩorneys’ fees) (collecƟvely, “Losses”) incurred by such Indemnified Party in connecƟon with third party claims to the extent such Losses are a result of (i) any breach of the Agreement by the Indemnifying Party, (ii) any negligent or more culpable act or omission (including willful misconduct) of the Indemnifying Party or any of its RepresentaƟves in connecƟon with the subject maƩer of the Agreement, (iii) any bodily injury (including death) or damage to real or tangible personal property caused by any negligent or more culpable act or omission (including willful misconduct) of the Indemnifying Party or any of its RepresentaƟves in connecƟon with the subject maƩer of the Agreement or (iv) any infringement of the intellectual property rights of a third party by use of Strada IP (if Strada is the Indemnifying Party) or Client Data (if Client is the Indemnifying Party) as contemplated hereunder. For the avoidance of doubt, no Indemnified Party shall be enƟtled to indemnificaƟon under the Agreement for any Losses to the extent that such Indemnified Party has been otherwise compensated with respect to such Losses (including as a result of re-performance). B. If any third party claim is threatened or otherwise asserted that would reasonably be expected to give rise to a claim for indemnificaƟon hereunder, the Indemnified Party shall deliver a reasonably detailed no Ɵce thereof to the Indemnifying Party; provided that a failure to provide such noƟce shall not relieve the Indemnifying Party of any liability hereunder unless, and only to the extent that, the defense of such third party claim is prejudiced by such failure. The Indemnifying Party may elect (but is not obligated) to assume and thereaŌer conduct the defense of such third party claim by promptly providing the Indemnified Party with noƟce to such effect; provided that the Indemnified Party shall have the exclusive right to assume and conduct the defense of any third party claim (a) to the extent such third party claim seeks an injuncƟon or other equitable relief or may give rise to criminal liability, (b) if a material conflict of interest exists between the Indemnified Party and the Indemnifying Party with respect to such third party claim or (c) if the Indemnifying Party fails to vigorously defend such third party claim. If the Indemnifying Party assumes such defense, the Indemnified Party may also par Ɵcipate in such defense with counsel of its choice and at its expense and shall otherwise reasonably cooperate with the Indemnifying Party in such defense. Neither the Indemnified Party nor the Indemnifying Party shall enter into any seƩlement of, or consent to the entry of any judgment arising from, any such third party claim without the other’s prior wriƩen consent (which consent shall not be unreasonably withheld, condiƟoned or delayed); provided that the Indemnifying Party shall not be required to obtain the Indemnified Party’s consent for any such seƩlement or judgment that provides for the uncondiƟonal release of the Indemnified Party in connecƟon therewith and solely involves the payment of monetary damages (i.e., no injuncƟon or other equitable relief) for which the Indemnified Part y will be indemnified hereunder. 97 2. LimitaƟon of Liability. Notwithstanding anything to the contrary herein, each Party’s maximum aggregate liability arising from or related to the Agreement shall not in any event exceed an amount equal to the average annual fees paid or payable to Strada in connecƟon with the Agreement (the “General Cap”); provided that such limitaƟon shall not apply to liabiliƟes resulƟng from a breach by a Party of its obligaƟons under SecƟon 24 (ConfidenƟality), SecƟon 17 (Data Security and Privacy) or the Data ProtecƟon Agreement, for which liabiliƟes a Party’s maximum aggregate liability shall not in any event exceed an amount equal to the greater of $500,000 USD and the General Cap (the “Data Cap”) (it being understood and agreed that liabiliƟes subject to the General Cap shall not apply toward the Data Cap and vice versa). The limitaƟons in this SecƟon shall apply to any and all liabiliƟes of any nature whatsoever and to all legal theories of recovery (regardless of whether asserted as a direct claim, a third party claim or otherwise); provided that such limitaƟons shall not apply to any liability resulƟng from (a) any fraudulent, criminal or willful and intenƟonal misconduct by a Party or any of its RepresentaƟves, (b) a Party’s indemnificaƟon obligaƟons under SecƟon 1A(iii) (Bodily Injury and Property Damage), SecƟon 1A(iv) (IP Infringement), (c) a breach by Client of any of its payment obligaƟons hereunder or (d) any other liability which may not be limited under applicable law. Any Losses incurred by a Party as a result of any third party claim arising from or related to the Agreement that is made by any of the other Party’s RepresentaƟves (and including in the case of Client any Service User) shall apply toward the General Cap or Data Cap (as applicable). 3. Data ProtecƟon and Security. The ParƟes shall comply with the terms and condiƟons of the Data ProtecƟon Agreement aƩached hereto (the “DPA”). If Client directs Strada to provide Client’s Data or other informaƟon to any Client’s vendor or other representaƟve (other than Strada), Client shall be responsible for the acts and omissions of such vendor or other representaƟve with respect thereto. 4. Proprietary Rights. A. Client’s Data. As between the ParƟes, all right, Ɵtle and interest, including all intellectual property rights, in and to all informaƟon and other materials provided or otherwise made available to Strada by or on behalf of Client in connecƟon herewith shall be owned by Client (“Client Data”). Client shall grant Strada a non-exclusive, royalty-free right to use Client’s Data for the purpose of performing the Services and otherwise complying with any of its obliga Ɵons or asserƟng any of its rights under this Agreement. B. Deliverables. Client shall own (a) all reports and records developed by or on behalf of Strada exclusively for Client in performing the Work except for any intellectual property rights of Strada or its RepresentaƟves therein (e.g., trademarks and templates), (b) any configuraƟons of, and integraƟons to/from, a third party cloud-based soŌware plaƞorm uƟlized by Client (e.g., Workday or SAP) that are specific to, and created and delivered exclusively for Client by Strada under a SOW, and (c) any other deliverables idenƟfied in a SOW as owned by Client (collecƟvely, “Deliverables”). C. Strada IP. As between the ParƟes, all right, Ɵtle and interest, including all intellectual property rights, in all trade names, trade secrets, know-how, methods, soŌware, informaƟon and other materials) provided or otherwise made available to Client by or on behalf of Strada, except for any Client Data incorporated therein or any Deliverable, shall be owned by Strada (“Strada IP”). Strada hereby grants Client a non-exclusive, royalty-free right to use Strada IP to the extent necessary to enable Client to make reasonable use of the Services for its own internal business purposes; provided that Client shall not create derivaƟve works based on, sell, license, transfer or otherwise grant rights to, reverse engineer or otherwise aƩempt to obtain source code in, or take any acƟon that may interfere with any of Strada’s rights in or to, any Strada IP. For the avoidance of doubt, Client’s right to use any Strada IP made available to Client by or on behalf of Strada in connecƟon 98 with the Services shall end upon the terminaƟon of such Services, provided that, to the extent such Strada IP is embedded in a Deliverable, Client’s right to use such Strada IP shall be perpetual. 5. Warranties. Strada represents and warrants to Client that (a) it shall provide the Services in a professional and workmanlike manner, (b) the Services shall conform in all material respects with the specifications for such Services set forth in the applicable Order Form and any applicable mutually agreed business requirements document, (c) its personnel shall have the skill and qualifications reasonably necessary to perform their respective duties with respect to the Services and (d) it shall be responsible for payment of all salaries and social security, unemployment and other taxes related to its personnel. In the event of any failure of the Services to comply with such warranties, Strada shall, upon Client’s written request, correct such failure at its own expense to the extent such correction is reasonably necessary and practical under the circumstances. Except as otherwise expressly provided in the applicable SOW, the Services are provided “as is” and Strada does not make, and hereby disclaims, any and all other warranties (express, implied or otherwise) with respect to the Services. 6. Confidentiality. a. Confidential Information. For purposes hereof, “Confidential Information” means all information, irrespective of the form thereof, disclosed by or on behalf of either Party (as applicable, the “Disclosing Party”) to the other Party (as applicable, the “Receiving Party”) or its Representatives (as defined below) in connection with the subject matter hereof that is marked confidential or which otherwise would be understood by a reasonable person in the position of the Receiving Party to be confidential in nature, including any such information regarding the Disclosing Party’s services, products, systems, software, marketing, pricing, operations, financial results, plans, strategies, trade secrets, know-how, methods personally identifiable information (“PII”), and intellectual property and its relationship with employees, prospects, customers, suppliers and other third parties, as well as the terms of the Agreement Included in the definition of Confidential Information is any Iron Brick client Confidential Information. “Confidential Information” shall not include any information that (a) is or becomes generally available to the public other than as a result of a disclosure thereof by the Receiving Party or its Representatives in violation hereof, (b) was or becomes available to the Receiving Party from a source (other than the Disclosing Party or its Representatives) that, to the Receiving Party’s knowledge, was not prohibited from disclosing such information pursuant to a contractual, legal or fiduciary obligation of confidentiality to the Disclosing Party or (c) is or was independently developed by the Receiving Party or its Representatives without the use of any information that would otherwise be Confidential Information hereunder. b. Restrictions. The Receiving Party shall not use the Disclosing Party’s Confidential Information for any purpose other than to exercise its rights or perform its obligations hereunder. The Receiving Party shall not, without the prior written consent of the Disclosing Party, disclose any of the Disclosing Party’s Confidential Information to any unrelated third party other than the Receiving Party’s affiliates and its and their directors, officers, employees, independent contractors, advisors, subcontractors, vendors, agents or other representatives (collectively, “Representatives”) who, in each case, (a) reasonably require access to such Confidential Information to assist the Receiving Party to exercise its rights or perform its obligations under the Agreement and (b) have a contractual, legal, professional or fiduciary obligation of confidentiality to the Receiving Party that is consistent in all material respects with the Receiving Party’s obligations of confidentiality to the Disclosing Party hereunder. The Receiving Party shall be responsible for any use or disclosure of the Disclosing Party’s Confidential Information by any of its Representatives (in their capacity as such) to the extent such use or disclosure, if by the Receiving Party, would not be permitted hereunder. For the avoidance of doubt and 99 notwithstanding the foregoing, any Strada Confidential Information included in a proposal to Iron Brick’s client. c. Required Disclosure. Notwithstanding the foregoing, if the Receiving Party or any of its Representatives is requested or required to disclose any of the Disclosing Party’s Confidential Information by law or legal process, then (a) the Receiving Party shall (if permitted by law) promptly notify the Disclosing Party and reasonably cooperate with the Disclosing Party (at the Disclosing Party’s expense) in its efforts to obtain an appropriate protective order or other remedy and (b) if such protective order or other remedy is not obtained, the Receiving Party or its Representative (as applicable) may disclose that portion of the Confidential Information which is legally required to be disclosed and shall use commercially reasonable efforts to obtain reasonable assurances that confidential treatment, if available, will be accorded such Confidential Information. Notwithstanding the foregoing, the Receiving Party and its Representatives shall be permitted to disclose any Confidential Information without the consent of or notice to the Disclosing Party and without otherwise complying with the terms of this Section in connection with any ordinary course examination by a regulator, self-regulatory organization or similar supervisory authority, provided that such examination is not specifically directed at the Disclosing Party. d. Obligations on Termination. Subject to any other obligations herein with respect to the return or retention of information, following termination of the Agreement, the Receiving Party shall, and shall require its Representatives to, destroy all Confidential Information in the possession, or under the control, of the Receiving Party or its Representatives in connection with the Agreement; provided, however, that the Receiving Party and its Representatives shall be entitled to retain copies of Confidential Information to the extent necessary to comply with applicable law or published professional obligations or for litigation or bona fide records retention purposes, in each case, to the extent permitted by law. e. Injunctive Relief. In addition to any other remedy to which it may be entitled, the Disclosing Party shall be entitled to seek an injunction or other equitable remedy to prevent or enjoin breaches of this Section 6 (Confidentiality) by the Receiving Party or any of its Representatives. f. Public Records Disclosure Request. Strada Acknowledges that Client may receive a public records disclosure request pertaining to Strada information. Upon receipt of such Client shall promptly share such request with Strada such that Strada may assess the information that Strada’s client may have that may be considered Trade Secret or Confidential Proprietary Information that should be redacted and protected prior to Client’s Customer’s disclosure consistent with the rights that Strada would have under applicable law. 7. Force Majeure; Excused Performance. Notwithstanding anything to the contrary herein, neither Party shall be liable for, nor be deemed to be in breach hereof as a result of, any failure to comply with its obligations hereunder (except for any of Client’s payment obligations hereunder) to the extent attributable to any act of God, flood, fire, earthquake, hurricane, act of war or other hostility, act of terrorism, governmental action or inaction, civil unrest, national emergency, epidemic, strike or other labor dispute, act or omission by a third party or a third party product or service, power, telecommunication or other service outage or any other cause or circumstance beyond the reasonable control of such Party; provided that nothing in this Section shall limit or otherwise affect Strada’s obligation to execute its business continuity and disaster recovery program. The affected Party shall give the other Party prompt notice of any such event and use commercially reasonable efforts to end and minimize the effects thereof. In addition, notwithstanding anything to the contrary herein, Strada shall not be liable for, nor be deemed to be in breach hereof as a result of, any failure to comply with its obligations hereunder or any other act or omission attributable to (a) any failure by Client to comply with its obligations or perform its assigned tasks hereunder, (b) Strada’s reliance upon any Client direction or any information provided or otherwise made available to Strada by or on behalf of Client in performing the Services or (c) any act or omission of any Client or vendor or other Representative (other than Strada). The Parties shall use commercially reasonable efforts to mitigate the effects of any of the foregoing circumstances. 100 X. DATA PROTECTION AGREEMENT This Data ProtecƟon Agreement (this “DPA”), effecƟve as of the “EffecƟve Date” of the Order From, is by and between City of South San Francisco (“Client”), and Strada U.S. Professional Services, LLC (“Strada” and, together with Client, each a “Party” and collecƟvely the “ParƟes”). This DPA is entered into in connecƟon with services to be provided by Strada to Client (“Services”) under that certain Strada Order Form, by and between the ParƟes (the “Services Agreement”), pursuant to which Strada may be required to process Personal Data (as defined below). In consideraƟon of the mutual covenants contained herein, and other valuable consideraƟon, the receipt and sufficiency of which are hereby acknowledged, the ParƟes agree as follows: Section 1. DefiniƟons. Capitalized terms used but not otherwise defined herein shall have the meanings ascribed thereto in the Services Agreement. Unless the express context otherwise requires, any reference to the Services Agreement includes any order form, statement of work or other ordering document entered into thereunder. 1.1. “Data ProtecƟon Laws” means all applicable laws and regulaƟons regarding privacy, security or data protecƟon, including, as applicable, the California Consumer Privacy Act of 2018 (“CCPA”), the California Privacy Rights Act of 2020 (“CPRA”), the EU General Data ProtecƟon RegulaƟon 2016/679 (“GDPR”), the Gramm-Leach-Bliley Act (“GLBA”), the UK Data ProtecƟon Act of 2018 or the New York Department of Financial Services RegulaƟons, as any are amended, repealed or replaced. 1.2. “Data Subject” means, with respect to any Personal Data, the subject of such Personal Data. 1.3. “Personal Data” means any informaƟon processed by or on behalf of Strada for Client in connecƟon with the Services Agreement that (a) relates to an idenƟfied or idenƟfiable natural person, where an idenƟfiable natural person is one who can be idenƟfied, directly or indirectly, from such informaƟon alone or in combinaƟon with other informaƟon processed by or on behalf of Strada, in parƟcular by reference to an idenƟfier such as a name, an idenƟficaƟon number, locaƟon data, an online idenƟfier or to one or more factors specific to the physical, physiological, geneƟc, mental, economic, cultural or social idenƟty of that natural person or (b) is otherwise protected under the Data ProtecƟon Laws. 1.4. “Processing” or “Process(es)” means (a) any operaƟon or set of operaƟons that are performed on Personal Data or on sets of Personal Data, whether or not by automated means, including collec Ɵon, storage, adaptaƟon or alteraƟon, retrieval, use, disclosure, erasure or destrucƟon, and (b) any other acƟvity involving Personal Data included in the definiƟon of “processing” under Data ProtecƟons Laws. 1.5. “Standard Contractual Clauses” or “SCCs” means the standard contractual clauses for the transfer of personal data from the European Union (“EU”) or the European Economic Area (“EEA”) to third countries annexed to the Commission ImplemenƟng Decision (EU) 2021/914 of 4 June 2021, or any successor documents or transfer mechanisms. 1.6. “Subprocessor” means any person (other than an employee), including Strada’s affiliates, appointed by or on behalf of Strada to Process Personal Data on behalf of Client. 1.7. “UK IDTA” means the InternaƟonal Data Transfer Addendum to the SCCs, version B1.0, approved by the United Kingdom (“UK”) parliament on 21 March 2022, issued under SecƟon 119A of the Data ProtecƟon Act 2018 to comply with ArƟcle 46 of the UK GDPR when making restricted transfers, or any successor documents or transfer mechanisms. Section 2. Processing Personal Data. 2.1. InstrucƟons; Limits on Use. Client hereby appoints and instructs Strada to Process Personal Data for the purpose of performing the Services and otherwise complying with any of its obliga Ɵons or asserƟng any of its rights under the Services Agreement and this DPA, complying with applicable law and complying with any other instrucƟon provided by or on behalf of Client (the “Purpose”). Strada shall only retain, use, disclose or otherwise 101 Process Personal Data for the Purpose. Client shall ensure that its instrucƟons to Strada comply with Data ProtecƟon Laws. Strada shall immediately no Ɵfy Client if, in its opinion, an instrucƟon provided by or on behalf of Client is in conflict with any Data ProtecƟon Law; provided that Strada shall have no responsibility to seek out or discover such conflicts or to otherwise ensure that such conflicts do not exist. In the event Strada no Ɵfies Client of any such conflict, Strada may suspend the execuƟon of the applicable instrucƟon to the extent necessary to avoid such conflict while the ParƟes cooperate in good faith to resolve such maƩer in a Ɵmely manner. 2.2. Limits on Disclosure. Strada shall not disclose any Personal Data to any third party except as necessary to fulfill the Purpose and otherwise in accordance with this DPA. If Strada or any of its representaƟves is requested or required to disclose or otherwise Process any Personal Data by law or legal process, then Strada shall (if permiƩed by law) promptly noƟfy Client and reasonably cooperate (at Client’s expense) in Client’s efforts to obtain an appropriate protecƟve order or other remedy. Client shall only disclose Personal Data to Strada to the extent requested by Strada or as otherwise necessary for the Purpose. 2.3. Compliance with Data ProtecƟon Laws. Each Party shall comply with its obligaƟons under Data ProtecƟon Laws. Strada shall provide reasonable assistance to Client with mee Ɵng its obligaƟons under Data ProtecƟon Laws in relaƟon to the Processing of Personal Data, taking into account the nature of Strada’s Processing and the informaƟon available to Strada. 2.4. Supervisory Authority Requests. If Client receives a request for information from a competent supervisory authority in relation to Processing of Personal Data by Strada (including details regarding the Purpose), Strada shall provide reasonable assistance to Client in responding to such request to the extent Client does not otherwise have access to such information, and taking into account the nature of the Processing and information available to Strada. 2.5. Data ProtecƟon Impact Assessment and Prior ConsultaƟon. Strada shall provide reasonable assistance to Client with any data protecƟon impact assessments, and prior consultaƟons with supervising authoriƟes or other competent data privacy authoriƟes, which Client reasonably considers to be required by the Data ProtecƟon Laws, in each case solely in relaƟon to Processing of Personal Data by, and taking into account the nature of the Processing and informaƟon available to, Strada. 2.6. Data Subject Rights. Strada shall promptly noƟfy Client if it receives any request from a Data Subject asserƟng rights under Data ProtecƟon Laws with respect to their Personal Data. Strada will not respond to any such request except on the wriƩen instrucƟons (including email) of Client or as required by Data ProtecƟon Laws, in which case Strada shall, to the extent permiƩed by such Data ProtecƟon Laws, inform Client of such requirement prior to such response. Strada will provide Client with reasonable assistance in its efforts to fulfill its obligaƟons to respond to such requests, including by providing access to or informaƟon about, deleƟng or modifying the relevant Personal Data, in each case, to the extent required under and in accordance with Data ProtecƟon Laws. If Strada is unable to provide any such assistance for reasons permiƩed under Data ProtecƟon Laws, Strada shall promptly noƟfy Client of such fact and shall provide such assistance promptly aŌer the reasons for not doing so have expired. 2.7. Return and DestrucƟon. Upon wriƩen request of Client following terminaƟon or expiraƟon of the Services Agreement, Strada shall, and shall require its Subprocessors to, (a) return a complete copy of all Personal Data to Client by secure file transfer in Strada’s customary format and (b) delete or render permanently anonymous all other copies of Personal Data. Strada shall comply with any such wriƩen request within 20 business days. Strada and its Subprocessors may retain Personal Data as necessary to fulfill the Purpose and comply with applicable law, in which case the terms of this DPA shall conƟnue to apply to such Personal Data for so long as it is retained. 2.8. Recordkeeping. Strada shall keep accurate and up-to-date records regarding any Processing of Personal Data, including (a) records regarding access to and security of the Personal Data, the purposes and categories of Processing the Personal Data and its Subprocessors and (b) any other records as required by Data ProtecƟon Laws. This DPA serves as record of processing acƟviƟes as required under art. 30(2) GDPR. 102 2.9. Employees. Personal Data shall only be accessed by Strada employees who require such access to assist Strada in connecƟon with the Purpose. Unless otherwise restricted by applicable local laws, Strada requires all new employees be subjected to a comprehensive pre-employment background check in accordance with local laws and customs. Strada requires that agreements that include non-disclosure / confidenƟality provisions be signed by all new employees. Strada provides employees with periodic data security and privacy training. 2.10. Subprocessors. Client generally authorizes Strada to appoint Subprocessors to support performance of the Services. Strada will list its Subprocessors at hƩps://splist.stradaglobal.com/sites/splist/pages/Home.aspx. This website will allow Client to sign up to receive email noƟficaƟons of any change in the list of Subprocessors. Solely to the extent necessary to comply with Data ProtecƟon Laws, Client shall have the right to object to any change in the list of Subprocessors within 10 business days of such noƟce; provided that Client may only object on the basis of reasonable concerns that the new or replacement Subprocessor is not capable of providing the level of protecƟon of Personal Data required by this DPA. If Client does not object to the appointment within such period of Ɵme, Strada may engage the new or replacement Subprocessor to Process Personal Data. If Client objects to the appointment within such period of Ɵme, Strada may choose to (a) not use such Subprocessor or (b) take the correcƟve steps requested by Client in its objecƟon and use the Subprocessor. Strada shall work with Client in good faith to make available materials evidencing any Subprocessor’s ability to provide the level of protecƟon of Personal Data required by this DPA. Strada shall remain responsible for the use, disclosure or other Processing of Personal Data by any of its Subprocessors to the same extent as if such use, disclosure or other Processing was by Strada. Before any Subprocessor Processes Personal Data, Strada will carry out adequate due diligence to determine that such Subprocessor is capable of providing the level of protecƟon of Personal Data required by this DPA. The arrangement between Strada and each Subprocessor will be governed by a wriƩen contract that contains requirements that are consistent and no less stringent than those that apply to Strada under this DPA. Strada represents that it maintains a vendor security program that assesses Subprocessors’ compliance with such contracts. Upon Client’s wriƩen request, Strada shall make a summary of Subprocessor data protecƟon terms available to Client (redacted, if necessary, to protect any confidenƟal informaƟon). Section 3. Technical and OrganizaƟonal Measures. Strada shall implement and maintain appropriate physical, technical, organizaƟonal and administraƟve measures reasonably designed to protect against the unauthorized destrucƟon, loss, access to or alteraƟon of Personal Data, including the measures listed in Exhibit A aƩached hereto and incorporated herein. The measures implemented by Strada to protect Personal Data shall be consistent and no less stringent than what is required under Data ProtecƟon Laws. Strada shall implement and maintain wriƩen privacy and informaƟon security policies consistent with industry standards. Section 4. Data Security Incident NoƟficaƟon and Response. 4.1. Strada shall noƟfy Client without undue delay and in accordance with the requirements of applicable Data ProtecƟon Laws of any confirmed or reasonably suspected breach of security by Strada or any of its Subprocessors leading to the unlawful or unauthorized access, alteraƟon, destrucƟon, disclosure or loss of Personal Data (a “Data Security Incident”). 4.2. In the event of a Data Security Incident, Strada shall take reasonable and appropriate measures to (a) invesƟgate the impact of such Data Security Incident, (b) idenƟfy the root cause of such Data Security Incident, (c) remedy the Data Security Incident and (d) prevent a reoccurrence of such Data Security Incident. 4.3. Strada will provide Client without undue delay informaƟon regarding the nature and consequences of the Data Security Incident, to the extent known by Strada, including any such informaƟon necessary to allow Client to noƟfy relevant parƟes in accordance with Data ProtecƟon Laws. Section 5. Audits. 5.1. Client may, at its own expense and upon reasonable advance noƟce to Strada, audit Strada’s books, records and other documents to the extent necessary to verify Strada’s compliance with the terms of this DPA; 103 provided that Client may not exercise its audit rights hereunder more than one Ɵme in any 12-month period (unless otherwise required by law or in connecƟon with any audit iniƟated by a governmental enƟty having jurisdicƟon over Client). Each such audit shall occur during normal business hours and shall not unreasonably interfere with Strada’s normal business operaƟons, and Strada shall not be required to disclose or otherwise provide access to any informaƟon the disclosure of which would cause Strada to violate any confidenƟality obligaƟon or applicable law. Client may engage a third party to conduct any such audit so long as such third party is not a compe Ɵtor of Strada and enters into a confidenƟality agreement reasonably acceptable to Strada. Client may not connect hardware to Strada networks or install soŌware on Strada systems to perform audits without prior wri Ʃen consent of Strada. Audits under this DPA shall be subject to any addiƟonal terms and condiƟons regarding audits in the Services Agreement. 5.2. Where Strada demonstrates compliance with industry recognized reports or approved code of conduct aƩestaƟons (such as ISO 27001/22301, AICPA SSAE 18 SOC 1, AICPA SSAE 18 SOC 2 Type 2, or EU Cloud Code of Conduct), Client may only audit areas not encompassed by such reports or aƩestaƟons. Section 6. CCPA/CPRA. This Section shall apply to any Personal Data that is governed by CCPA/CPRA. 6.1. Client represents and warrants to Strada that any Personal Data disclosed by or on behalf of Client hereunder is provided solely for the Purpose, which is a “Business Purpose” (as defined under CCPA/CPRA). 6.2. Strada shall only retain, use and disclose Personal Data for the Purpose and not for any other commercial purpose or otherwise outside the relationship between Strada and Client. Strada shall not sell or share Personal Data in violation of CCPA/CPRA. Strada shall comply with its obligations under CCPA/CPRA. Strada shall promptly notify Client if it can no longer comply with its obligations under CCPA/CPRA. 6.3. Strada acknowledges and agrees that Client shall have the right to take reasonable and appropriate steps to (a) ensure that Strada uses the Personal Data in a manner consistent with Client’s obligations under CCPA/CPRA and (b) stop and remediate unauthorized use of Personal Data. 6.4. Client shall promptly inform Strada of any consumer request made pursuant to CCPA/CPRA that Strada must comply with, and provide the information necessary for Strada to comply with such request. Section 7. Details of Processing. Certain informaƟon regarding Strada’s Processing of Personal Data required by ArƟcle 28(3) of GDPR is set forth in Exhibit B aƩached hereto and incorporated herein. Client may make reasonable amendments to Exhibit B by noƟce to Strada from Ɵme to Ɵme as Client reasonably considers necessary to meet such requirements. Nothing in Exhibit B confers any right or imposes any obligaƟon on any Party. Section 8. Cross-Border Transfers. 8.1. General. Neither Party will transfer Personal Data across borders unless such transfer complies with Data ProtecƟon Laws. The ParƟes will reasonably cooperate as necessary to determine whether any cross- border transfer of Personal Data between Client and Strada in connecƟon with the Purpose complies with Data ProtecƟon Laws. 8.2. SCCs. If any transfer of Personal Data between Client and Strada requires execuƟon of the SCCs in order to comply with Data ProtecƟon Laws, Client, as controller and data exporter, and Strada, as processor and data importer, hereby enter into (and incorporate herein by reference) the SCCs effecƟve as of the commencement of such transfer. The ParƟes shall use Module II (Controller to Processor) of the SCCs, which shall be populated as follows: 8.2.1. Clause 7: The optional docking clause shall apply. 8.2.2. Clause 9: Option 2 shall apply, and the time period for notice of Subprocessor changes shall be as agreed under this DPA. 104 8.2.3. Clause 11(a): The optional language shall not apply. 8.2.4. Clause 13 and Annex I.C.: The supervisory authority of the Republic of Ireland shall be the competent supervisory authority. 8.2.5. Clause 17: Option 1 shall apply, and the governing law shall be the laws of the Republic of Ireland. 8.2.6. Clause 18(b): Disputes shall be resolved by the courts of the Republic of Ireland. 8.2.7. Annex I: (a) the List of Parties shall be as set forth in the Services Agreement and any applicable order form, statement of work, change order or other document more fully describing the applicable Services; (b) the Descriptions of Transfer shall be as set forth in Exhibit B (Details of Processing); and (c) the Competent Supervisory Authority shall be as set forth above. 8.2.8. Annex II: the Technical and Organisational Measures shall be as set forth in Exhibit A (Technical and Organisational Measures), which are substantially the same for Strada and its Subprocessors. 8.2.9. Annex III: the List of Subprocessors shall be maintained in accordance with Section 2.10 (Subprocessors). 8.2.10. The Parties may supplement the Annexes to the SCCs in any order form, statement of work, change order or other document more fully describing the applicable Services, which shall be deemed incorporated herein by reference with respect to such Services. In the event of any conflict or inconsistency between this DPA or any such supplemental document, on the one hand, and the SCCs, on the other hand, the SCCs shall prevail to the extent required by Data Protection Laws. Notwithstanding anything to the contrary herein, in no event shall this DPA or any such supplemental document, directly or indirectly, prejudice the rights of data subjects under Data Protection Laws. 8.3. UK IDTA. If any transfer of Personal Data between Client and Strada requires execution of the UK IDTA in order to comply with Data Protection Laws, Client, as controller and data exporter, and Strada, as processor and data importer, hereby enter into (and incorporate herein by reference) the UK IDTA effective as of the commencement of such transfer. The UK IDTA shall be populated as follows: 8.3.1. Part 1, Table 1 (Parties): The parties shall be as set forth in the Services Agreement and any applicable order form, statement of work, change order or other document more fully describing the applicable Services. 8.3.2. Part 1, Table 2 (Selected SCCs, Modules and Selected Clauses): The UK IDTA shall be appended to the SCCs as set forth in Section 8.2 (SCCs). 8.3.3. Part 1, Table 3 (Appendix Information): The appendix information shall be as set forth in Section 8.2 (SCCs). 8.3.4. Part 1, Table 4 (Ending this Addendum when the Approved Addendum Changes): Neither Party may end the UK IDTA as set out in Section 19 thereof. 8.4. Swiss Data Protection Act. The SCCs, as set forth in Section 8.2 (SCCs), shall apply to any cross- border transfers of Personal Data governed by the Swiss Data Protection Act, with the following modifications: 8.4.1. Any references in the SCCs to "Regulation (EU) 2016/679" shall be interpreted as references to the Swiss Data Protection Act, and any references in the SCCs to specific Articles of "Regulation (EU) 2016/679" shall be replaced with the equivalent article or section of the Swiss Data Protection Act. 105 8.4.2. Any references in the SCCs to "EU", "Union", "Member State" or "Member State law" shall be interpreted as references to Switzerland and the laws of Switzerland, as the case may be, and shall not be interpreted in such a way as to exclude Data Subjects in Switzerland from exercising their rights in their place of habitual residence in accordance with Clause 18(c) of the SCCs. In furtherance of the foregoing, Clause 17 of the SCCs shall be modified to provide that the governing law shall be the laws of Switzerland. 8.4.3. Any references in the SCCs to "competent supervisory authority" or "competent courts" shall be interpreted as references to the Federal Data Protection and Information Commissioner of Switzerland (the “Swiss FDPIC”) and the courts of Switzerland, as the case may be. In furtherance of the foregoing, (a) Clause 13 and Annex I.C. of the SCCs shall be modified to provide that the Swiss FDPIC shall have authority over data transfers governed by the Swiss Data Protection Act (it being agreed that authority over data transfers not governed by the Swiss Data Protection Act shall be as otherwise set forth in this DPA) and (b) Clause 18(b) of the SCCs shall be modified to provide that disputes shall be resolved by the courts of Switzerland. Section 9. Client Affiliates. The terms of this DPA shall apply equally to any Personal Data Processed by or on behalf of Strada for any Client affiliate. Client represents and warrants that it is and will at all relevant Ɵmes remain duly and effecƟvely authorized to enter into this DPA and perform all of its obligaƟons hereunder on behalf of each such Client affiliate. Client shall at all Ɵmes be liable for Client’s affiliates’ compliance with this DPA and all acts an d omissions by Client’s affiliates receiving Services under the Services Agreement are deemed acts and omissions of Client. Section 10. Client ObligaƟons. If Client directs Strada to provide Personal Data to any Client vendor or other representaƟve (other than Strada), Client shall be responsible for the acts and omissions of such vendor or other representaƟve with respect thereto. Client shall be responsible for maintaining all rights (including the lawful legal basis), obtaining any licenses, authorizaƟons, approvals and consents and providing all noƟces, in each case, required for Strada to Process Personal Data for the Purpose. Client remains responsible for ensuring that its retenƟon, use, disclosure or other Processing of Personal Data complies with its policies and prac Ɵces and the laws applicable thereto. Section 11. Term; Effect of TerminaƟon. The term of this DPA shall begin on the Effec Ɵve Date and shall conƟnue for so long as the Services Agreement remains in effect or Strada or any of its Subprocessors retains any Personal Data. The rights and obligaƟons of the ParƟes which, by their nature, should survive terminaƟon or expiraƟon of this DPA, shall survive such terminaƟon or expiraƟon. Section 12. Miscellaneous. 12.1. EnƟre Agreement. This DPA shall be deemed incorporated into and a part of the Services Agreement. This DPA, together with the Services Agreement, consƟtutes the sole and enƟre agreement of the ParƟes with respect to the subject maƩer hereof and thereof, and supersedes all prior and contemporaneous understandings, agreements, representaƟons and warranƟes, both wriƩen and oral, with respect to such subject maƩer. For the avoidance of doubt, all claims and liabiliƟes arising from or related to this DPA shall be brought under and subject to the terms of the Services Agreement, including any provisions therein regarding indemnifica Ɵon, limitaƟon of liability, dispute resoluƟon, choice of law or choice of forum. 12.2. Severability. If any provision of this DPA, or the applicaƟon thereof to any person, place or circumstance, shall be held by a court of competent jurisdicƟon to be invalid, void or unenforceable, the remainder of this DPA and such provision as applied to other persons, places or circumstances shall remain in full force and effect and such invalid, void or unenforceable provision shall be enforced to the fullest extent permiƩed by law. 12.3. Amendment; Waiver. The ParƟes agree to take such reasonable acƟons as are necessary to amend this DPA from Ɵme to Ɵme as is necessary for the ParƟes to comply with Data ProtecƟon Laws. This DPA may not be amended or otherwise modified unless such amendment or modifi caƟon is set forth in wriƟng, idenƟfied as amendment or modificaƟon of this DPA and signed by an authorized representaƟve of each of the ParƟes. No 106 provision of this DPA may be waived unless such waiver is set forth in wriƟng, idenƟfied as a waiver of this DPA and signed by an authorized representaƟve of the waiving Party. Except as otherwise provided in this DPA, no failure or delay by a Party in exercising any right under this DPA shall operate as a waiver thereof, nor shall any single or parƟal exercise thereof preclude any other or further exercise thereof or the exercise of any other right. 12.4. Assignment. Neither Party may assign this DPA or any of its rights herein without the prior wriƩen consent of the non-assigning Party and any purported assignment without such consent shall be void and unenforceable; provided that each Party may, without obtaining such consent, assign this DPA as part of an assignment pursuant to and in accordance with the Services Agreement. 12.5. No Third Party Beneficiaries. This DPA shall be binding upon and inure to the benefit of the ParƟes and their respecƟve successors and permiƩed assigns and nothing herein, express or implied, is intended to or shall confer upon any other person any legal or equitable right, benefit or remedy of any nature whatsoever under or by reason of this DPA. 12.6. RelaƟonship of the ParƟes. The relaƟonship between the ParƟes is that of independent contractors and this DPA will not establish any agency, partnership, joint venture, fiduciary, franchise or employment relaƟonship between the ParƟes (or between one Party and a representaƟves of the other Party). Neither Party by virtue of this DPA shall have any right, power or authority, express or implied, to bind the other Party. 12.7. Force Majeure; Excused Performance. Notwithstanding anything to the contrary in this DPA, Strada shall not be liable for, nor be deemed to be in breach of this DPA as a result of, any failure to comply with its obligaƟons hereunder or any other act or omission aƩributable to (a) any failure by Client to comply with its obligaƟons hereunder or under Data ProtecƟon Laws, (b) any act or omission of any vendor or other representaƟve of Client (other than Strada and its Subprocessors) or (c) any act of God or other act or circumstance beyond the reasonable control of Strada and which cannot be anƟcipated with reasonable diligence; provided that nothing in this SecƟon shall limit or otherwise affect Strada’s obligaƟon to execute its business conƟnuity and disaster recovery program. Each of the ParƟes shall use commercially reasonable efforts to miƟgate the effects of any of the foregoing circumstances. 12.8. Counterparts. This DPA may be executed in any number of counterparts, each of which when so executed and delivered shall consƟtute an original, but such counterparts shall consƟtute one and the same instrument. This DPA may be executed and delivered electronically. 12.9. InterpretaƟon. Any ambiguity in this DPA shall be resolved in favor of a meaning that permits both ParƟes to comply with Data ProtecƟon Laws. Unless the express context otherwise requires, the words “hereof”, “herein”, “hereunder” and words of similar import refer to this DPA as a whole and not to any parƟcular provision of this DPA, references to a specific secƟon refer to the secƟons in this DPA unless otherwise expressly provided and the words “include”, “including” and words of similar import shall be deemed to be followed by the words “without limitaƟon”. The capƟons or headings in this DPA are for convenience only and shall not be considered a part of or affect the construcƟon or interpretaƟon of any provision of this DPA. 12.10. NoƟces. All noƟces under this DPA to Strada shall be sent to stradaclientcontracƟng@stradaglobal.com and . All noƟces under this DPA to Client shall be sent to [INSERT CLIENT EMAIL]. 107 Exhibit A – Technical and OrganizaƟonal Measures 1. Physical Security. Strada maintains security controls for entry points, holding areas, telecommunicaƟons areas and cabling areas that contain informaƟon processing systems or media containing Personal Data. Security controls include: a. Access control and restricƟon by use of a defined security perimeter, appropriate security barriers, security cameras, entry controls and authenƟcaƟon controls, and maintenance of access logs for a period of Ɵme specified by law or policy; b. Where Strada ID cards are deployed, a requirement for all personnel, vendors, contractors and visitors to wear some form of visible idenƟficaƟon to idenƟfy themselves as employees, contractors, vendors or visitors; c. A clear desk/clear screen policy; d. An automaƟc idle-lock for unaƩended equipment; e. A requirement for visitors to Strada’s premises to be escorted at all Ɵmes; and f. Where technically feasible and commercially reasonable, cameras and CCTVs. 2. Business ConƟnuity and Disaster Recovery. Strada maintains the following business conƟnuity controls and safeguards: a. Business conƟnuity and disaster recovery program is based on generally accepted industry pracƟces designed to reduce the effects of a significant disrupƟon in Strada’s operaƟons; b. Business conƟnuity and disaster recovery programs are tested at least annually; c. Backups of Strada systems and soŌware used in the delivery of Services are replicated to its disaster recovery facility so that recovery can take place when there is a disaster; and d. Data is replicated to its disaster recovery facility, providing a scheduled point in Ɵme backup of the data to ensure integrity. 3. Network Security Controls. Strada maintains the following network security controls and safeguards: a. Defense-in-depth design with perimeter routers, network switches and firewall devices and default deny-all policy to protect internet presence; b. Least privilege and authenƟcated access for network users and equipment; c. Control of internet access by proxies; d. Two-factor authenƟcaƟon for remote access with a non-reusable password; e. Intrusion detecƟon system to monitor and respond to potenƟal intrusions; f. Real-Ɵme network event logging and invesƟgaƟon using a security informaƟon event management tool; g. Content filtering and website blocking using approved lists; h. LimitaƟons on wireless access to the network; i. Policies and standards for wireless network devices; j. ProhibiƟons on bridging of wireless and other networks, including the corporate network; and k. DetecƟon and disassociaƟon of rogue wireless access points. 4. Plaƞorm Security Controls. Strada maintains the following plaƞorm security controls and safeguards: a. Maintenance of configuraƟon/hardening standards; b. Control of changes through an internal change control process; c. ProhibiƟon on installing unauthorized hardware and soŌware; d. Where technically feasible, automaƟc session Ɵmeouts aŌer periods of inacƟvity; e. Removal of vendor-supplied defaults (accounts, passwords and roles) during installaƟon; f. Removal of services and devices that are not required by valid business needs; 108 g. Use of an anƟ-virus program with Ɵmely updates; h. Non-privileged account access on workstaƟons and laptops; i. Full disk encrypƟon on laptops; j. Development and test plaƞorms will be segregated from operaƟonal plaƞorms used in providing the Services; k. Development tools such as compilers, assemblers, editors and other general-purpose uƟliƟes within the producƟon environment will not be permiƩed unless expressly required for the delivery of the Services, in which case access is restricted; and l. SoŌware and hardware used in the delivery of the Services will be updated in line with industry standards, vendor support and security guidelines. 5. ApplicaƟon Security Controls. Strada maintains the following applicaƟon security controls and safeguards: a. Defense-in-depth with the use of n-Ɵer architecture for separaƟon and protecƟon of data; b. A secure soŌware development life cycle (SSDLC) for applicaƟon development that includes training, development, tesƟng and ongoing assessments; c. DocumentaƟon, review, tesƟng and approval before changes are implemented into producƟon; d. IdenƟficaƟon, tesƟng and remediaƟon of applicaƟon vulnerabiliƟes and patches in a Ɵmely manner; and e. A prohibiƟon on using producƟon data in development and tesƟng environments. 6. Data and Asset Management. Strada maintains the following data and asset management security controls and safeguards: a. Technical, administraƟve and physical safeguards; b. Regular backups and storage of Personal Data; c. EncrypƟon of Personal Data transmiƩed over public networks and on removable media; d. Use of a data loss prevenƟon tool for end point data transfer acƟviƟes involving social security numbers or other naƟonal idenƟficaƟon numbers; e. Use of an inventory program to control the installaƟon, ownership and movement of hardware, soŌware and communicaƟons equipment; f. EncrypƟon, saniƟzaƟon, destrucƟon, or purging of all physical media containing Personal Data leaving Strada’s custody to ensure that residual magneƟc, opƟcal, electrical or other representaƟon of data has been deleted, and is not recoverable; and g. Logical separaƟon of Personal Data of a Strada client from other Strada clients. 7. Access Control and Management. Strada maintains the following access control and management security controls and safeguards: a. Monitoring and logging access and use of the Strada systems that contain Personal Data, including logging of access aƩempts to the Strada systems that contain Personal Data; b. Periodic review and validaƟon of role-based access to Personal Data and prompt removal of unnecessary access; c. Unique logon ID and passwords; d. Strong passwords with minimum length, complexity and expiraƟon requirements; e. Disabling access aŌer a limited number of failed login aƩempts; and f. RejecƟon of previously used passwords. 8. Risk Management. Strada maintains the following risk management controls and safeguards: a. An informaƟon security risk management system aligned to The Standard of Good PracƟce for InformaƟon Security (InformaƟon Security Forum); 109 b. A cycle of risk assessments of criƟcal assets, the frequency of which are dependent on the number of residual risks idenƟfied at each site; c. Risk analysis is documented using standardized risk assessment templates; and d. Risk management acƟviƟes are established when risks are defined and agreed with the asset owners. 9. Vulnerability and Patch Management. Strada takes the following measures designed to idenƟfy and miƟgate vulnerabiliƟes that threaten Strada’s ability to enforce the confidenƟality, integrity, and availability of Personal Data: a. A vulnerability monitoring process that provides alerts or no ƟficaƟons of new fixes available, and the resulƟng Ɵmeframe for remediaƟon; b. Regular scanning to idenƟfy and remediate vulnerabiliƟes promptly; c. ClassificaƟon of vulnerabiliƟes based on severity to allow for remediaƟon based on predetermined service level expectaƟons; and d. PenetraƟon tests on applicable Strada environments, including perimeter vulnerability tesƟng, internal infrastructure vulnerability tesƟng and applicaƟon tesƟng. * * * * * 110 Exhibit B – Details of Processing Processing OperaƟons The Processing operaƟons to be carried out under this DPA are as follows: The Personal Data received on behalf of Client will be used for performing Services under the Services Agreement (e.g., payroll and other business process outsourcing services, benefits-related services, soŌware consulƟng and related acƟviƟes) and may include:  providing data processing soŌware, equipment, and services through various tools, applicaƟons and vendors;  applicaƟon maintenance and configuraƟon;  data uploads and transfers;  storing or recording Personal Data;  prevenƟng unauthorized access to or modificaƟon of Personal Data (and other non-Personal Data);  programing, prinƟng and assembling, reviewing, and modifying statements as directed by Client;  communicaƟng with data subjects in connecƟon with services provided to Client; and  providing reference materials as requested by Client. The purpose of the processing operaƟons above is to provide the Services in accordance with the Services Agreement. Data Subjects The Personal Data to be Processed by Strada on behalf of Client concern the following categories of data subjects : current, former and/or prospecƟve employees, their relaƟves and family members and other representaƟves of Client and Client’s affiliates. Categories of Personal Data to be Processed The Personal Data processed by Strada comprise of the following categories: HR/Employee data: that may include: full name; maiden name; employee idenƟficaƟon number; user name; picture; contact informaƟon (including home and work address, home and work telephone numbers, mobile telephone numbers, web address data, home and work email address); marital status; ciƟzenship informaƟon; date of birth; gender; drivers’ license informaƟon; naƟonal and governmental idenƟficaƟon informaƟon; financial informaƟon (including bank account, garnishments, loans, salary and account balances); benefit program informaƟon (including benefit elecƟons, beneficiary informaƟon, claims informaƟon, benefit plan account numbers and balances, and date of reƟrement); payroll informaƟon; professional or employment informaƟon (including date of hire, employment status, job Ɵtle, work and educaƟonal history, pay history, tax withholding informaƟon, performance records, leave informaƟon, travel informaƟon and date of terminaƟon); and such other personal data that may be transferred from (or on behalf of) Client to Strada for performing services for Client. Related persons’ data: may include but not limited to: name, date of birth, gender and contact informaƟon of dependents or beneficiaries (including home address; home and work telephone numbers; mobile telephone numbers); and such other personal data that may be transferred from (or on behalf of) Client to Strada for performing services for Client. Special categories of Personal Data 111 The Personal Data processed by Strada may include sensiƟve personal data including informaƟon about racial or ethnic origin, poliƟcal opinions, religious or philosophical beliefs, trade union membership, sex life, health, gene Ɵc, biometrics or medical records, or/and criminal records. * * * *