The URL can be used to link to this page

Home My WebLink About2019 CON Vigilant Solutions - Law Enforcement License Plate Recognition (LPR) Database Access\v�VIO L U T i GILANp NT S VIGILANT SOLUTIONS — LPR DATA PROGRAM STATE AND LOCAL LAW ENFORCEMENT AGENCY AGREEMENT This Agreement is made and entered into effective November 25, 2019 (the "Effective Date") between Vigilant Solutions, LLC, a Delaware corporation ("Vigilant") and the National City Police Department, an Originating Agency Identifier (ORI) credentialed law enforcement agency ("Agency"). A. Vigilant stores and disseminates to law enforcement agencies license plate recognition (LPR) data as a valued added component of the Vigilant law enforcement package of LPR equipment and/or software; and B. Agency desires to obtain access to Vigilant's Software Service; NOW, THEREFORE, in consideration of the mutual agreements contained herein and other good and valuable consideration, the receipt and sufficiency of which is acknowledged by the parties, the parties agree as follows: 1. Definitions. (a) Confidential Information. Refers to any and all (i) rights of Vigilant associated with works of authorship, including exclusive exploitation rights, copyrights, moral rights and mask works, trademark and trade name rights and similar rights, trade secrets rights, patents, designs, algorithms and other industrial property rights, other intellectual and industrial property and proprietary rights of every kind and nature, whether arising by operation of law, by contract or license, or otherwise; and all registrations, applications, renewals, extensions, combinations, divisions or reissues of the foregoing; (ii) product specifications, data, know-how, formulae, compositions, processes, designs, sketches, photographs, graphs, drawings, samples, inventions and ideas, and past, current and planned research and development; (iii) current and planned manufacturing and distribution methods and processes, customer lists, current and anticipated customer requirements, price lists, market studies, and business plans; (iv) computer software and programs (including object code and source code), database technologies, systems, structures, architectures, processes, improvements, devices, discoveries, concepts, methods, and information of Vigilant; (v) any other information, however documented, of Vigilant that is a trade secret within the meaning of applicable state trade secret law or under other applicable law, including but not limited to the LEARN Software Service; (vi) information concerning the business and affairs of Vigilant (which includes historical financial statements, financial projections and budgets, historical and projected sales, capital spending budgets and plans, the names and backgrounds of key personnel, contractors, agents, suppliers and potential suppliers, personnel training techniques and materials, and purchasing methods and techniques, however documented; and (vii) notes, analysis, compilations, studies, summaries and other material prepared by or for Vigilant containing or based, in whole or in part, upon any information included in the foregoing. (b) LEA. Refers to a law enforcement agency. (c) LEARN Software Service. Refers to a web based (hosted) suite of software applications consisting of analytical and investigative software located on a physical database server that also hosts LPR Data. (d) License Plate Recognition ("LPR"). Refers to the process of utilizing cameras, either stationary or mounted on moving vehicles, to capture and interpret images of vehicle license plates. (e) LPR Data. Refers to LEA LPR Data. (f) LEA LPR Data. Refers to LPR data collected by LEAs and available on the LEARN Software Service for use by other LEAs. LEA LPR Data is freely available to LEAs at no cost and is governed by the contributing LEA's retention policy. Vigilant Solutions — LPR Data Program Agreement ver. 1.0 \v�VIo � GIu r i LANo HT s (g) User. Refers to an individual who is an agent and sworn officer of Agency and who is authorized by Agency to access the LEARN Software Service on behalf of Agency through login credentials provided by Agency. 2. Licensed Access to the LEARN Software Service. (a) Grant of License. During the term of this Agreement, Vigilant grants Agency a non-exclusive, non- transferable right and license to access the LEARN Software Service for use in accordance with the terms of this Agreement. (b) Authorized Use. Agency is prohibited from accessing the LEARN Software Service other than for law enforcement purposes. Agency may use data to locate vehicles to further criminal prosecutions and may share that information with any prosecuting agency (District Attorney or City Attorney). (c) Restrictions on Use of LEARN Software Service. Except as expressly permitted under this Agreement, Agency agrees that it shall not, nor will it permit a User or any other party to, without the prior written consent of Vigilant, (i) copy, duplicate or grant permission to the LEARN Software Service or any part thereof; (ii) create, attempt to create, or grant permission to the source program and/or object program associated with the LEARN Software Service; (iii) decompile, disassemble or reverse engineer any software component of the LEARN Software Service for any reason, including, without limitation, to develop functionally similar computer software or services; or (iv) modify, alter or delete any of the copyright notices embedded in or affixed to the copies of any components of the LEARN Software Service. Agency shall instruct each User to comply with the preceding restrictions. (d) Third Party Software and Data. If and to the extent that Vigilant incorporates the software and/or data of any third party into the LEARN Software Service, including but not limited to the LEA LPR Data, and use of such third party software and/or data is not subject to the terms of a license agreement directly between Agency and the third party licensor, the license of Agency to such third party software and/or data shall be defined and limited by the license granted to Vigilant by such third party and the license to the LEARN Software Service granted by Vigilant under this Agreement. Agency specifically acknowledges that the licensors of such third party software and/or data shall retain all ownership rights thereto, and Agency agrees that it shall not (i) decompile, disassemble or reverse engineer such third party software or otherwise use such third party software for any reason except as expressly permitted herein; (ii) reproduce the data therein for purposes other than those specifically permitted under this Agreement; or (iii) modify, alter or delete any of the copyright notices embedded in or affixed to such third party software. Agency shall instruct each User to comply with the preceding restrictions. (e) Non -Exclusive Licensed Access. Agency acknowledges that the right or ability of Vigilant to license other third parties to use the LEARN Software Service is not restricted in any manner by this Agreement, and that it is Vigilant's intention to license a number of other LEAs to use the LEARN Software Service. Vigilant shall have no liability to Agency for any such action. 3. Other Matters Relating to Access to LEARN Software Service. (a) Accessibility. The LEARN Software Service, LPR Data and associated analytical tools are accessible to LEAs ONLY and are accessible pursuant to one of the following two methods: (1) LPR Data Program. Access to the LEARN Software Service through the LPR Data Program allows for available LPR Data to be used at a much deeper level to include partial plate queries, geo-fence queries, and analytic reports such as common plate and possible associate analysis. (2) Application Programming Interface (API). The API access method allows for integration of the LPR Data into external third -party analytic tools. The API does NOT provide ownership rights to the LPR Data, only Vigilant Solutions — LPR Data Program Agreement ver. 1.0 Page 2 of 11 \v�VIGIu r � LANo NT s o � access during the subscription period. The API is optional, and available only in conjunction with the LPR Data Program for an additional fee. (b) Access to LEA LPR Data. LEA LPR Data is provided as a service to LEAs at no additional charge. (c) Eligibility. Agency shall only authorize individuals who satisfy the eligibility requirements of "Users" to access the LEARN Software Service. Vigilant in its sole discretion may deny LEARN Software Service access to any individual based on such person's failure to satisfy such eligibility requirements. (d) Account Security (Agency Responsibility). (1) Agency shall be responsible for assigning an account administrator who in turn will be responsible for assigning to each of Agency's Users a username and password (one per user account). An unlimited number of User accounts is provided. Agency will cause the Users to maintain username and password credentials confidential and will prevent use of such username and password credentials by any unauthorized person(s). Agency shall notify Vigilant immediately if Agency believes the password of any of its Users has, or may have, been obtained or used by any unauthorized person(s). In addition, Agency must notify Vigilant immediately if Agency becomes aware of any other breach or attempted breach of the security of any of its Users' accounts. (2) User logins are restricted to agents and sworn officers of the Agency. No User Iogins may be provided to agents or officers of other local, state, or Federal LEAs. LPR Data must reside within the LEARN Software Service and cannot be copied to another system, unless Agency purchases Vigilant's API. (e) Data Sharing. Agency at its option may share its LEA LPR Data with similarly situated LEAs who contract with Vigilant to access the LEARN Software Service (for example, LEAs who share LEA LPR Data with other LEAs). (f) Subscriptions. LEARN Software Service software applications and LPR Data is available to Agency and its Users on an annual subscription basis. 4. Restrictions on Access to LEARN Software Service. (a) Non Disclosure of Confidential Information. Agency and each User will become privy to Confidential Information during the term of this Agreement. Agency acknowledges that a large part of Vigilant's competitive advantage comes from the collection and analysis of this Confidential Information and Agency's use, except as expressly permitted under this Agreement, and disclosure of any such Confidential Information would cause irreparable damage to Vigilant. (b) Restrictions. As a result of the sensitive nature of the Confidential Information, Agency agrees, except to the extent expressly permitted under this Agreement, (i) not to use or disclose, directly or indirectly, and not to permit Users to use or disclose, directly or indirectly, any LPR location information obtained through Agency's access to the LEARN Software Service or any other Confidential Information; (ii) not to download, copy or reproduce any portion of the LPR Data and other Confidential Information; and (iii) not to sell, transfer, license for use or otherwise exploit the LPR Data and other Confidential Information in any way. Additionally, Agency agrees to take all necessary precautions to protect the Confidential Information against its unauthorized use or disclosure and exercise at least the same degree of care in safeguarding the Confidential Information as Agency would with Agency's own confidential information and to promptly advise Vigilant in writing upon learning of any unauthorized use or disclosure of the Confidential Information. (c) Third Party Information. Agency recognizes that Vigilant has received, and in the future will continue to receive, from LEAs associated with Vigilant their confidential or proprietary information ("Associated Third Party Confidential Information"). By way of example, Associated Third Party Confidential Information includes LEA LPR Data. Agency agrees, except to the extent expressly permitted by this Agreement, (i) not to use or to disclose to any person, firm, or corporation any Associated Third Party Confidential Information, (ii) not to download, copy, or reproduce any Associated Third Party Confidential Information, and (iii) not to sell, transfer, license for use or otherwise exploit any Associated Third Party Confidential Information. Additionally, Agency agrees to take all necessary precautions to protect Vigilant Solutions — LPR Data Program Agreement ver. 1.0 \/VIEHLANT the Associated Third Party Confidential Information against its unauthorized use or disclosure and exercise at least the same degree of care in safeguarding the Associated Third Party Confidential Information as Agency would with Agency's own confidential information and to promptly advise Vigilant in writing upon learning of any unauthorized use or disclosure of the Associated Third Party Confidential Information. (d) Non -Publication. Agency shall not create, publish, distribute, or permit any written, electronically transmitted or other form of publicity material that makes reference to the LEARN Software Service or this Agreement without first submitting the material to Vigilant and receiving written consent from Vigilant thereto. This restriction is specifically intended to ensure consistency with other media messaging. (e) Non -Disparagement. Agency agrees not to use proprietary materials or information in any manner that is disparaging. This prohibition is specifically intended to preclude Agency from cooperating or otherwise agreeing to allow photographs or screenshots to be taken by any member of the media without the express consent of Vigilant. Agency also agrees not to voluntarily provide ANY information, including interviews, related to Vigilant, its products or its services to any member of the media without the express written consent of Vigilant. (f) and common sense. (g) Manner of Use. Agency must use its account in a manner that demonstrates integrity, honesty, Survival of Restrictions and Other Related Matters. (1) Agency shall cause each User to comply with the provisions of this Section 4. (2) Agency agrees to notify Vigilant immediately upon discovery of any unauthorized use or disclosure of Confidential Information or any other breach of this Section 4 by Agency or any User, and Agency shall reasonably cooperate with Vigilant to regain possession of the Confidential Information, prevent its further unauthorized use, and otherwise prevent any further breaches of this Section 4. (3) Agency agrees that a breach or threatened breach by Agency or a User of any covenant contained in this Section 4 will cause irreparable damage to Vigilant and that Vigilant could not be made whole by monetary damages. Therefore, Vigilant shall have, in addition to any remedies available at law, the right to seek equitable relief to enforce this Agreement. (4) No failure or delay by Vigilant in exercising any right, power or privilege hereunder will operate as a waiver thereof, nor will any single or partial exercise of any such right, power or privilege preclude any other or further exercise thereof. (5) for an indefinite period of time. 5. Term and Termination. The restrictions set forth in this Section 4 shall survive the termination of this Agreement (a) Term. This Agreement will be in effect until terminated by either party. The City of National City is under contract with the IPS Group, Inc. which is a partner corporation of Vigilant Solutions, LLC. If that agreement is terminated the parties may mutually agree how to proceed. (b) Termination. (1) Agency may terminate this Agreement upon thirty (30) days prior written notice to Vigilant for any reason. (2) Vigilant may terminate this Agreement upon: (A) thirty (30) days prior written notice for any reason. (B) a failure on the part of Agency to pay any amount due and payable to Vigilant under this Agreement within thirty (30) days following receipt of written notice from Vigilant of such failure; or (C) a material breach of any other provision of this Agreement by Agency or any User which remains uncured for thirty (30) days following receipt of written notice from Vigilant of such material breach. Vigilant Solutions — LPR Data Program Agreement ver. 1.0 Page 4 of 11 \y�IGOLATO N SNT S U (c) Effect of Termination. Upon termination or expiration of this Agreement for any reason, all licensed rights granted in this Agreement will immediately cease to exist and Agency must promptly discontinue all use of the LEARN Software Service, erase all LPR Data accessed through the LEARN Software Service from its computers, including LPR Data transferred to an API, and return all copies of any related documentation and other materials. 6. Miscellaneous. (a) Notices. Any notice under this Agreement must be written. Notices must be addressed to the recipient and either (i) hand delivered; (ii) placed in the United States mail, certified, return receipt requested; (iii) deposited with an overnight delivery service; or (iv) sent via e-mail and followed with a copy sent by overnight delivery or regular mail, to the address or e-mail address specified below. Any mailed notice is effective three (3) business days after the date of deposit with the United States Postal Service or the overnight delivery service, as applicable; all other notices are effective upon receipt. A failure of the United States Postal Service to return the certified mail receipt to the dispatcher of such notice will not affect the otherwise valid posting of notice hereunder. Vigilant's address for all purposes under this Agreement is: Vigilant Solutions, LLC Agency's address for all purposes under this Agreement is: Attn: Steve Cintron National City Police Department 1152 Stealth Street Attn: Jose Tellez, Chief of Police Livermore, California 94551 1200 National City Blvd. Telephone: 925-398-2079 National City, CA 91950 E-mail: steve.cintron@vigilantsolutions.com Telephone: (619) 336-4357 E-mail: JTellez@nationalcitvca.gov with a copy to: Holland, Johns & Penny, L.L.P. Attn: Margaret E. Holland 306 West Seventh Street, Suite 500 Fort Worth, Texas 76102 Telephone: 817-335-1050 E-mail: meh@hjpllp.com Either party may designate another address for this Agreement by giving the other party at least five (5) business days' advance notice of its address change. A party's attorney may send notices on behalf of that party, but a notice is not effective against a party if sent only to that party's attorney. (b) Disclaimer. Vigilant makes no express or implied representations or warranties regarding Vigilant's equipment, website, online utilities or their performance, availability, functionality, other than a warranty of merchantability and fitness for the particular purpose of searching for license plate locations in the database and performing other related analytical functions. Any other implied warranties of merchantability or fitness for a particular purpose are expressly disclaimed and excluded. Vigilant Solutions — LPR Data Program Agreement ver. 1.0 VIGILAN C O L LI T I p N 5T (c) Limitations of Liability. VIGILANT WILL NOT BE LIABLE FOR AGENCY'S USE OF THE LPR DATA OR LEARN SOFTWARE SERVICE APPLICATIONS AND WILL NOT BE LIABLE TO AGENCY UNDER ANY CIRCUMSTANCES WITH RESPECT TO ANY SUBJECT MATTER OF THIS AGREEMENT UNDER ANY CONTRACT, NEGLIGENCE, TORT, STRICT LIABILITY OR OTHER LEGAL OR EQUITABLE THEORY FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR EXEMPLARY DAMAGES (INCLUDING, WITHOUT LIMITATION, LOSS OF REVENUE OR GOODWILL OR ANTICIPATED PROFITS OR LOST OF BUSINESS). TO THE EXTENT THE FOREGOING LIMITATION OF LIABILITY IS PROHIBITED OR OTHERWISE UNENFORCEABLE VILIGANT'S CUMULATIVE LIABILITY TO AGENCY ARISING OUT OF OR RELATED TO THIS AGREEMENT SHALL NOT EXCEED THE AMOUNT PAID TO VIGILANT BY THE AGENCY FOR SERVICES SUPPLIED UNDER THIS AGREEMENT BY VIGILANT. (d) Indemnification. Agency agrees to indemnify, defend and hold harmless Vigilant and its employees, representatives, agents, officers, directors, and corporate employees (each, an "Indemnified Party"), against any and all claims, suits, actions, or other proceedings brought against the Indemnified Party based on or arising from any claim (i) resulting from Agency's or a User's breach of this Agreement, (ii) that involves any vehicle owned or operated by Agency, (iii) or any employee or independent contractor hired by Agency or (iv) any and all claims based on Agency's or a User's actions or omissions. (e) Independent Contractor Status. Each party will at all times be deemed to be an independent contractor with respect to the subject matter of this Agreement and nothing contained in this Agreement will be deemed or construed in any manner as creating any partnership, joint venture, joint enterprise, single business enterprise, employment, agency, fiduciary or other similar relationship. (f) Assignment of this Agreement. Agency may not assign its rights or obligations under this Agreement to any party, without the express written consent of Vigilant. (g) No Exclusivity. Vigilant may at any time, directly or indirectly, engage in similar arrangements with other parties, including parties which may conduct operations in geographic areas in which Agency operates. Additionally, Vigilant reserves the right to provide LPR Data to third -party entities for purposes of promotions, marketing, business development or any other commercially reasonable reason that Vigilant deems necessary and appropriate. (h) No Reliance. Agency represents that it has independently evaluated this Agreement and is not relying on any representation, guarantee, or statement from Vigilant or any other party, other than as expressly set forth in this Agreement. (i) Governing Law; Venue. THIS AGREEMENT IS GOVERNED BY AND INTERPRETED IN ACCORDANCE WITH THE LAWS OF THE STATE OF TEXAS WITHOUT REGARD TO CONFLICTS -OF -LAWS PRINCIPLES. THE PARTIES HERETO CONSENT THAT VENUE OF ANY ACTION BROUGHT UNDER THIS AGREEMENT WILL BE IN TARRANT COUNTY, TEXAS. (j) Amendments. Except as otherwise permitted by this Agreement, no amendment to this Agreement or waiver of any right or obligation created by this Agreement will be effective unless it is in writing and signed by both parties. Vigilant's waiver of any breach or default will not constitute a waiver of any other or subsequent breach or default. (k) Entirety. This Agreement and the Agency's purchase order, setting forth Vigilant's LEARN Software Service being purchased by Agency pursuant to this Agreement and the related product code and subscription price, represent the entire agreement between the parties and supersede all prior agreements and communications, oral or written between the parties. Except to the limited extent expressly provided in this Section 6(k), no contrary or additional terms contained in any purchase order or other communication from Agency will be a part of this Agreement. (I) Force Majeure. Neither party will be liable for failure to perform or delay in performing any obligation under this Agreement if nonperformance is caused by an occurrence beyond the reasonable control of such party and without its fault or negligence such as acts of God or the public enemy, acts of the Government in either its sovereign or contractual capacity, fires, floods, epidemics, quarantine restrictions, strikes, unusually severe weather, delays of common carriers, or any other cause beyond the reasonable control of such party. Vigilant Solutions — LPR Data Program Agreement ver. 1.0 Page 6 of 1` \/YLGILANT (m) Severability. If any provision of this Agreement is held to be invalid, illegal or unenforceable for any reason, such invalidity, illegality or unenforceability will not affect any other provisions of this Agreement, and this Agreement will be construed as if such invalid, illegal or unenforceable provision had never been contained herein. (n) CJIS Requirements. Agency certifies that its LEARN users shall comply with the CJIS requirements outlined in Exhibit A. IN WITNESS WHEREOF, the parties hereto have executed this Agreement by persons duly authorized as of the date and year first above written. Company: Vigilant Solutions, LLC Authorized Agent: Bill Quinlan Title: Vice President Sales Operations Date: lZ- 12,-Z0L 7 Signature: 2 Agency: National City Police Department Authorized Agent: Jose Tellez Title: Chief of Police Date: iirzycgA Signature: [signature page — LPR Data Program State and Local Law Enforcement Agency Agreement] Vigilant Solutions — LPR Data Program Agreement vet. 1.0 \/YLLANT Exhibit A: CJIS Requirements Vigilant and Agency agree on the importance of data security, integrity and system availability and that these security objectives will only be achieved through shared responsibility. Vigilant and Agency agree they will more likely be successful with information security by use of the Vigilant supplied technical controls and client Agency use of those controls; in conjunction with agency and personnel policies to protect the systems, data and privacy. Vigilant and Agency agree that Agency owned and FBI-CJIS supplied data in Vigilant systems does not meet the definition of FBI-CJIS provided Criminal Justice Information (CJI). Regardless, Vigilant agrees to treat the Agency -supplied information in Vigilant systems as CJI. Vigilant will strive to meet those technical and administrative controls; ensuring the tools are in place for the proper protection of systems, information and privacy of individuals to the greatest degree possible. Vigilant and Agency agree that information obtained or incorporated into Vigilant systems may be associated with records that are sensitive in nature having, tactical, investigative and Personally Identifiable Information. As such, that information will be treated in accordance with applicable laws, policies and regulations governing protection and privacy of this type of data. Vigilant and Agency agree that products and services offered by Vigilant are merely an investigative tool to aid the client in the course of their duties and that Vigilant make no claims that direct actions be initiated based solely upon the information responses or analytical results. Further, Vigilant and Agency agree that Agency is ultimately responsible for taking the appropriate actions from results, hits, etc. generated by Vigilant products and require ongoing training, human evaluation, verifying the accuracy and currency of the information, and appropriate analysis prior to taking any action. As such, the parties agree to do the following: Vigilant: 1. Vigilant has established the use of FBI-CJIS Security Policy as guidance for implementing technical security controls in an effort to meet or exceed those Policy requirements. 2. Vigilant agrees to appoint a CJIS Information Security Officer to act as a conduit to the client Contracting Government Agency, Agency Coordinator, to receive any security policy information and disseminate to the appropriate staff. 3. Vigilant agrees to adhere to FBI-CJIS Security Policy Awareness Training and Personnel Screening standards as required by the Agency. 4. Vigilant agrees, by default, to classify all client supplied data and information related to client owned infrastructure, information systems or communications systems as "Criminal Justice Data". All client information will be treated at the highest level of confidentiality by all Vigilant staff and authorized partners. Vigilant has supporting guidance/policies for staff handling the full life cycle of information in physical or electronic form and has accompanying disciplinary procedures for unauthorized access, misuse or mishandling of that information. 5. Vigilant will not engage in data mining, commercial sale, unauthorized access and/or use of any of Agency owned data. 6. Vigilant and partners agree to use their formal cyber Incident Response Plan if such event occurs. Vigilant Solutions — LPR Data Program Agreement ver. 1.0 Page 8 of 11 ' VIGIuli LANnrvsT so� 7. Vigilant agrees to immediately inform Agency of any cyber incident or data breach, to include DDoS, Malware, Virus, etc. that may impact or harm client data, systems or operations so proper analysis can be performed and client Incident Response Procedures can be initiated. 8. Vigilant will only allow authorized support staff to access Agency's account or Agency data in support of Agency as permitted by the terms of contracts. 9. Vigilant agrees to use training, policy and procedures to ensure support staff use proper handling, processing, storing, and communication protocols for Agency data. 10. Vigilant agrees to protect client systems and data by monitoring and auditing staff user activity to ensure that it is only within the purview of system application development, system maintenance or the support roles assigned. 11. Vigilant agrees to inform Agency of any unauthorized, inappropriate use of data or systems. 12. Vigilant will design software applications to facilitate FBI-CJIS compliant information handling, processing, storing, and communication of Agency. 13. Vigilant will advise Agency when any software application or equipment technical controls are not consistent with meeting FBI-CJIS Policy criteria for analysis and due consideration. 14. Vigilant agrees to use the existing Change Management process to sufficiently plan for system or software changes and updates with Rollback Plans. 15. Vigilant agrees to provide technical security controls that only permit authorized user access to Agency owned data and Vigilant systems as intended by Agency and data owners. 16. Vigilant agrees to meet or exceed the FBI-CJIS Security Policy complex password construction and change rules. 17. Vigilant will only provide access to Vigilant systems and Agency owned information through Agency managed role -based access and applied sharing rules configured by Agency. 18. Vigilant agrees to provide technical controls with additional levels of user Advanced Authentication in Physically Non -Secure Locations. 19. Vigilant agrees to provide compliant FIPS 140-2 Certified 128-bit encryption to Agency owned data during transport and storage ("data at rest") while in the custody and control of Vigilant. 20. Vigilant agrees to provide firewalls and virus protection to protect networks, storage devices and data. 21. Vigilant agrees to execute archival, purges and/or deletion of data as configured by the data owner. 22. Vigilant agrees to provide auditing and alerting tools within the software applications so Agency can monitor access and activity of Vigilant support staff and Agency users for unauthorized access, disclosure, alteration or misuse of Agency owned data. (Vigilant support staff will only have access when granted by Agency.) 23. Vigilant will only perform direct support remote access to Agency systems/infrastructure when requested, authorized and physically granted access to the applications/systems by Agency. This activity will be documented by both parties. 24. Vigilant creates and retains activity transaction logs to enable auditing by Agency data owners and Vigilant staff. 25. Vigilant agrees to provide physical protection for the equipment -storing Agency data along with additional technical controls to protect physical and logical access to systems and data. 26. Vigilant agrees to participate in any Information or Technical Security Compliance Audit performed by Agency, state CJIS System Agency or FBI-CJIS Division. 27. Vigilant agrees to perform independent employment background screening for its' staff and participate in additional fingerprint background screening as required by Agency. 28. Vigilant agrees that Agency owns all Agency contributed data to include "hot -lists", scans, user information etc., is only shared as designated by the client and remains the responsibility and property of Agency. Agency: Vigilant Solutions — LPR Data Program Agreement ver. 1.0 Page 9 of 11 \v�YIGIU T I O N LANT O L S 1. Agency agrees to appoint an Agency Coordinator as a central Point of Contact for all FBI-CJIS Security Policy related matters and to assign staff that are familiar with the contents of the FBI-CJIS Security Policy. 2. Agency agrees to have the Agency Coordinator provide timely updates with specific information regarding any new FBI-CJIS, state or local information security policy requirements that may impact Vigilant compliance or system/application development and, to facilitate obtaining certifications, training, and fingerprint -based background checks as required. 3. Agency agrees to inform Vigilant when any FBI-CJIS Security Awareness Training, personnel background screening or execution of FBI-CJIS Security Addendum Certifications are required. 4. Agency agrees to immediately inform Vigilant of any relevant data breach or cyber incident, to include DDoS, Malware, Virus, etc. that may impact or harm Vigilant systems, operations, business partners and/or other Agencies, so proper analysis can be performed, and Incident Response Procedures can be initiated. 5. Agency agrees that they are responsible for the legality and compliance of information recorded, submitted or placed in Vigilant systems and use of that data. 6. Agency agrees that they are responsible for proper equipment operation and placement of equipment. 7. Agency agrees that they are responsible for vetting authorized user access to Vigilant systems with due consideration of providing potential access to non -Agency information. 8. Agency agrees that responsibility and control of persons granted access to purchased Vigilant systems, along with data stored and transmitted via Vigilant systems, is that of the Agency. 9. Agency agrees that they have responsibility for all data security, handling and data protection strategies from point of acquisition, during transport and until submission ("Hotlist upload") into Vigilant systems. 10. Agency agrees to reinforce client staff policies and procedures for secure storage and protection of Vigilant system passwords. 11. Agency agrees to reinforce client staff policies for creating user accounts with only government domain email addresses. Exceptions will be granted in writing. 12. Agency agrees to reinforce client staff policies for not sharing user accounts. 13. Agency agrees to use Vigilant role -based access as designed to foster system security and integrity. 14. Agency agrees that they control, and are responsible for, appropriate use and data storage policies as well as procedures for the data maintained outside the Vigilant systems. This includes when any information is disseminated, extracted or exported out of Vigilant systems. 15. Agency agrees that they control and are responsible for developing policies, procedures and enforcement for applying deletion/purging and dissemination rules to information within and outside the Vigilant systems. 16. Agency agrees that it is their responsibility to ensure data and system protection strategies are accomplished through the tools provided by Vigilant for account and user management features along with audit and alert threshold features. 17. Agency agrees to use the "virtual escorting" security tools provided for managing client system remote access and monitor Vigilant support staff when authorized to assist the client. 18. Agency agrees that the Vigilant designed technical controls and tools will only be effective in conjunction with Agency created policies and procedures that guide user access and appropriate use of the system. 19. Agency agrees that information and services provided through Vigilant products do not provide any actionable information, Agency users are responsible for the validity and accuracy of their data and developing procedures to verify information with the record owner and other systems (NCIC) based upon the potential lead generated. Vigilant Solutions — LPR Data Program Agreement ver. 1.0 Page 10 of 11 RESOLUTION NO. 2019 - 153 RESOLUTION OF THE CITY COUNCIL OF THE CITY OF NATIONAL CITY AUTHORIZING THE CHIEF OF POLICE TO EXECUTE AN AGREEMENT WITH VIGILANT SOLUTIONS, LLC, TO ACCESS LAW ENFORCEMENT LICENSE PLATE DATA STORED IN THEIR SYSTEMS WHEREAS, IPS Group, Inc., is a provider of parking management equipment, products, and services that meet the City's parking management needs and is qualified by experience and ability to perform the services desired by the City, and the IPS Group is willing to perform such services; and WHEREAS, City staff researched a variety of vendors offering products and services to address the City's parking management and enforcement needs and found that IPS Group, Inc., provided a comprehensive proposal that incorporates all of the City's parking management and enforcement needs; and WHEREAS, on October 16, 2018, pursuant to Resolution 2018-183, the City Council authorized the Mayor to execute a three year Agreement with IPS Group, Inc., to provide parking management and enforcement solutions services to the National City Police Department; and WHEREAS, based upon IPS Group, Inc.'s., current Agreement with the City of National City, the National City Police Department may access their partners corporation's Vigilant Solutions, LLC, law enforcement License Plate Recognition "LPR" data to assist in criminal investigations at no additional cost to the City of National City; and WHEREAS, the City desires to enter into an Agreement with Vigilant Solutions, LLC, to provide the National City Police Department access to the law enforcement License Plate Recognition "LPR" data base that will assist in criminal investigations. NOW, THEREFORE, BE IT RESOLVED that the City Council of the City of National City hereby authorizes the Chief of Police to execute an Agreement with Vigilant Solutions, LLC, to provide the National City Police Department access to the law enforcement License Plate Recognition "LPR" data base that will assist the National City Police Department in criminal investigations. PASSED and ADOPTED this 19th day of November, 2019. Alejandra 5otelo- olis, Mayor ATTES : Michael R. lalla, City Clerk APPROVED AS TO FORM: Passed and adopted by the Council of the City of National City, California, on November 19, 2019 by the following vote, to -wit: Ayes: Councilmembers Cano, Morrison, Quintero, Rios, Sotelo-Solis. Nays: None. Absent: None. Abstain: None. AUTHENTICATED BY: ALEJANDRA SOTELO-SOLIS Mayor of the City of National City, California MICHAEL R. DALLA City Clerk of the City of National City, California By: Deputy I HEREBY CERTIFY that the above and foregoing is a full, true and correct copy of RESOLUTION NO. 2019-153 of the City of National City, California, passed and adopted by the Council of said City on November 19, 2019. By: City Clerk of the City of National City, California &gf(-)leete&— y CITY OF NATIONAL CITY, CALIFORNIA COUNCIL AGENDA STATEMENT Ca-609-14 ETING DATE: November 19, 2019 AGENDA ITEM NO.81 ITEM TITLE: Resolution of the City Council of the City of National City authorizing the Chief of Police to enter into an agreement with Vigilant Solutions, LLC. to access Law Enforcement License Plate Data stored on their systems. This agreement allows the police department access to the Law Enforcement LPR data base and it contains an indemnification agreement that requires City Council approval. PREPARED BY: Jose Tellez, Chief of Police DEPARTMENT: Polio PHONE: Ext. 4511 APPROVED EXPLANATION: The City of National City has a contract with I.P.S. Group, INC., to provide parking manag: : nt equipment, products and services to meet the City's parking management needs as approved by Resolution 2018-1: . As part of that contract, Neighborhood Services uses License Plate Reader (LPR) Technology for parking enforcement throughout National City. Based upon the I.P.S. agreement, the police department may access I.P.S. Group's partner corporation's Vigilant Solutions, LLC law enforcement LPR data to assist in criminal investigations at no additional cost. FINANCIAL STATEMENT: ACCOUNT NO. N/A ENVIRONMENTAL REVIEW: ORDINANCE: INTRODUCTION: FINAL ADOPTION: APPROVED: APPROVED: Finance MIS STAFF RECOMMENDATION: Approve Resolution. BOARD / COMMISSION RECOMMENDATION: TTACHMENTS: Vigilant Solutions, LLC Agreement Resolution 2018-183 /Q /k.tia^ Th >10. c3011 - /S,3 \fv1c311..ANr N 9 VIGILANT SOLUTIONS — LPR DATA PROGRAM STATE AND LOCAL LAW ENFORCEMENT AGENCY AGREEMENT This Agreement is made and entered into effective , 201_ (the "Effective Date") between Vigilant Solutions, LLC, a Delaware corporation ("Vigilant") and , an Originating Agency Identifier (ORI) credentialed law enforcement agency ("Agency"). A. Vigilant stores and disseminates to law enforcement agencies license plate recognition (LPR) data as a valued added component of the Vigilant law enforcement package of LPR equipment and/or software; and B. Agency desires to obtain access to Vigilant's Software Service; NOW, THEREFORE, in consideration of the mutual agreements contained herein and other good and valuable consideration, the receipt and sufficiency of which is acknowledged by the parties, the parties agree as follows: 1. Definitions. (a) Confidential Information. Refers to any and all (i) rights of Vigilant associated with works of authorship, including exclusive exploitation rights, copyrights, moral rights and mask works, trademark and trade name rights and similar rights, trade secrets rights, patents, designs, algorithms and other industrial property rights, other intellectual and industrial property and proprietary rights of every kind and nature, whether arising by operation of law, by contract or license, or otherwise; and all registrations, applications, renewals, extensions, combinations, divisions or reissues of the foregoing; (ii) product specifications, data, know-how, formulae, compositions, processes, designs, sketches, photographs, graphs, drawings, samples, inventions and ideas, and past, current and planned research and development; (iii) current and planned manufacturing and distribution methods and processes, customer lists, current and anticipated customer requirements, price lists, market studies, and business plans; (iv) computer software and programs (including object code and source code), database technologies, systems, structures, architectures, processes, improvements, devices, discoveries, concepts, methods, and information of Vigilant; (v) any other information, however documented, of Vigilant that is a trade secret within the meaning of applicable state trade secret law or under other applicable law, including but not limited to the LEARN Software Service; (vi) information concerning the business and affairs of Vigilant (which includes historical financial statements, financial projections and budgets, historical and projected sales, capital spending budgets and plans, the names and backgrounds of key personnel, contractors, agents, suppliers and potential suppliers, personnel training techniques and materials, and purchasing methods and techniques, however documented; and (vii) notes, analysis, compilations, studies, summaries and other material prepared by or for Vigilant containing or based, in whole or in part, upon any information included in the foregoing. (b) LEA. Refers to a law enforcement agency. (c) LEARN Software Service. Refers to a web based (hosted) suite of software applications consisting of analytical and investigative software located on a physical database server that also hosts LPR Data. (d) License Plate Recognition ("LPR"). Refers to the process of utilizing cameras, either stationary or mounted on moving vehicles, to capture and interpret images of vehicle license plates. (e) LPR Data. Refers to LEA LPR Data. (f) LEA LPR Data. Refers to LPR data collected by LEAs and available on the LEARN Software Service for use by other LEAs. LEA LPR Data is freely available to LEAs at no cost and is governed by the contributing LEA's retention policy. (g) User. Refers to an individual who is an agent and sworn officer of Agency and who is authorized vigilant S^!l.'r r S - LPR Data Pcoarapi Agreem2^r vAr. 1. IO L ll GI 7AO M 9NT 9 by Agency to access the LEARN Software Service on behalf of Agency through login credentials provided by Agency. 2. Licensed Access to the LEARN Software Service. (a) Grant of License. During the term of this Agreement, Vigilant grants Agency a non-exclusive, non- transferable right and license to access the LEARN Software Service for use in accordance with the terms of this Agreement. (b) Authorized Use. Agency is prohibited from accessing the LEARN Software Service other than for law enforcement purposes. Agency may use data to locate vehicles to further criminal prosecutions and may share that information with any prosecuting agency (District Attorney or City Attorney). (c) Restrictions on Use of LEARN Software Service. Except as expressly permitted under this Agreement, Agency agrees that it shall not, nor will it permit a User or any other party to, without the prior written consent of Vigilant, (i) copy, duplicate or grant permission to the LEARN Software Service or any part thereof; (ii) create, attempt to create, or grant permission to the source program and/or object program associated with the LEARN Software Service; (iii) decompile, disassemble or reverse engineer any software component of the LEARN Software Service for any reason, including, without limitation, to develop functionally similar computer software or services; or (iv) modify, alter or delete any of the copyright notices embedded in or affixed to the copies of any components of the LEARN Software Service. Agency shall instruct each User to comply with the preceding restrictions. (d) Third Party Software and Data. If and to the extent that Vigilant incorporates the software and/or data of any third party into the LEARN Software Service, including but not limited to the LEA LPR Data, and use of such third party software and/or data is not subject to the terms of a license agreement directly between Agency and the third party licensor, the license of Agency to such third party software and/or data shall be defined and limited by the license granted to Vigilant by such third party and the license to the LEARN Software Service granted by Vigilant under this Agreement. Agency specifically acknowledges that the licensors of such third party software and/or data shall retain all ownership rights thereto, and Agency agrees that it shall not (i) decompile, disassemble or reverse engineer such third party software or otherwise use such third party software for any reason except as expressly permitted herein; (ii) reproduce the data therein for purposes other than those specifically permitted under this Agreement; or (iii) modify, alter or delete any of the copyright notices embedded in or affixed to such third party software. Agency shall instruct each User to comply with the preceding restrictions. (e) Non -Exclusive Licensed Access. Agency acknowledges that the right or ability of Vigilant to license other third parties to use the LEARN Software Service is not restricted in any manner by this Agreement, and that it is Vigilant's intention to license a number of other LEAs to use the LEARN Software Service. Vigilant shall have no liability to Agency for any such action. 3. Other Matters Relating to Access to LEARN Software Service. (a) Accessibility. The LEARN Software Service, LPR Data and associated analytical tools are accessible to LEAs ONLY and are accessible pursuant to one of the following two methods: (1) LPR Data Program. Access to the LEARN Software Service through the LPR Data Program allows for available LPR Data to be used at a much deeper level to include partial plate queries, geo-fence queries, and analytic reports such as common plate and possible associate analysis. (2) Application Programming Interface (API). The API access method allows for integration of the LPR Data into external third -party analytic tools. The API does NOT provide ownership rights to the LPR Data, only access during the subscription period. The API is optional, and available only in conjunction with the LPR Data Program for an additional fee. Vigilant Solutions —LPR Data Program Agreement ver. 1 0 \v�VIGILANT S O l U T � 0 �v 9 (b) Access to LEA LPR Data. LEA LPR Data is provided as a service to LEAs at no additional charge. (c) Eligibility. Agency shall only authorize individuals who satisfy the eligibility requirements of "Users" to access the LEARN Software Service. Vigilant in its sole discretion may deny LEARN Software Service access to any individual based on such person's failure to satisfy such eligibility requirements. (d) Account Security (Agency Responsibility). (1) Agency shall be responsible for assigning an account administrator who in turn will be responsible for assigning to each of Agency's Users a username and password (one per user account). An unlimited number of User accounts is provided. Agency will cause the Users to maintain username and password credentials confidential and will prevent use of such username and password credentials by any unauthorized person(s). Agency shall notify Vigilant immediately if Agency believes the password of any of its Users has, or may have, been obtained or used by any unauthorized person(s). In addition, Agency must notify Vigilant immediately if Agency becomes aware of any other breach or attempted breach of the security of any of its Users' accounts. (2) User Iogins are restricted to agents and sworn officers of the Agency. No User logins may be provided to agents or officers of other local, state, or Federal LEAs. LPR Data must reside within the LEARN Software Service and cannot be copied to another system, unless Agency purchases Vigilant's API. (e) Data Sharing. Agency at its option may share its LEA LPR Data with similarly situated LEAs who contract with Vigilant to access the LEARN Software Service (for example, LEAs who share LEA LPR Data with other LEAs). (f) Subscriptions. LEARN Software Service software applications and LPR Data is available to Agency and its Users on an annual subscription basis. 4. Restrictions on Access to LEARN Software Service. (a) Non Disclosure of Confidential Information. Agency and each User will become privy to Confidential Information during the term of this Agreement. Agency acknowledges that a large part of Vigilant's competitive advantage comes from the collection and analysis of this Confidential Information and Agency's use, except as expressly permitted under this Agreement, and disclosure of any such Confidential Information would cause irreparable damage to Vigilant. (b) Restrictions. As a result of the sensitive nature of the Confidential Information, Agency agrees, except to the extent expressly permitted under this Agreement, (i) not to use or disclose, directly or indirectly, and not to permit Users to use or disclose, directly or indirectly, any LPR location information obtained through Agency's access to the LEARN Software Service or any other Confidential Information; (ii) not to download, copy or reproduce any portion of the LPR Data and other Confidential Information; and (iii) not to sell, transfer, license for use or otherwise exploit the LPR Data and other Confidential Information in any way. Additionally, Agency agrees to take all necessary precautions to protect the Confidential Information against its unauthorized use or disclosure and exercise at least the same degree of care in safeguarding the Confidential Information as Agency would with Agency's own confidential information and to promptly advise Vigilant in writing upon learning of any unauthorized use or disclosure of the Confidential Information. (c) Third Party Information. Agency recognizes that Vigilant has received, and in the future will continue to receive, from LEAs associated with Vigilant their confidential or proprietary information ("Associated Third Party Confidential Information"). By way of example, Associated Third Party Confidential Information includes LEA LPR Data. Agency agrees, except to the extent expressly permitted by this Agreement, (i) not to use or to disclose to any person, firm, or corporation any Associated Third Party Confidential Information, (ii) not to download, copy, or reproduce any Associated Third Party Confidential Information, and (iii) not to sell, transfer, license for use or otherwise exploit any Associated Third Party Confidential Information. Additionally, Agency agrees to take all necessary precautions to protect the Associated Third Party Confidential Information against its unauthorized use or disclosure and exercise at least the same degree of care in safeguarding the Associated Third Party Confidential Information as Agency would with Agency's Vigilant Solutions — LPR Data Program Agreement ver. 1.0 \/ViELANT own confidential information and to promptly advise Vigilant in writing upon learning of any unauthorized use or disclosure of the Associated Third Party Confidential Information. (d) Non -Publication. Agency shall not create, publish, distribute, or permit any written, electronically transmitted or other form of publicity material that makes reference to the LEARN Software Service or this Agreement without first submitting the material to Vigilant and receiving written consent from Vigilant thereto. This restriction is specifically intended to ensure consistency with other media messaging. (e) Non -Disparagement. Agency agrees not to use proprietary materials or information in any manner that is disparaging. This prohibition is specifically intended to preclude Agency from cooperating or otherwise agreeing to allow photographs or screenshots to be taken by any member of the media without the express consent of Vigilant. Agency also agrees not to voluntarily provide ANY information, including interviews, related to Vigilant, its products or its services to any member of the media without the express written consent of Vigilant. (f) and common sense. (g) Survival of Restrictions and Other Related Matters. (1) Agency shall cause each User to comply with the provisions of this Section 4. (2) Agency agrees to notify Vigilant immediately upon discovery of any unauthorized use or disclosure of Confidential Information or any other breach of this Section 4 by Agency or any User, and Agency shall reasonably cooperate with Vigilant to regain possession of the Confidential Information, prevent its further unauthorized use, and otherwise prevent any further breaches of this Section 4. (3) Agency agrees that a breach or threatened breach by Agency or a User of any covenant contained in this Section 4 will cause irreparable damage to Vigilant and that Vigilant could not be made whole by monetary damages. Therefore, Vigilant shall have, in addition to any remedies available at law, the right to seek equitable relief to enforce this Agreement. (4) No failure or delay by Vigilant in exercising any right, power or privilege hereunder will operate as a waiver thereof, nor will any single or partial exercise of any such right, power or privilege preclude any other or further exercise thereof. Manner of Use. Agency must use its account in a manner that demonstrates integrity, honesty, (5) for an indefinite period of time. 5. Term and Termination. The restrictions set forth in this Section 4 shall survive the termination of this Agreement (a) Term. This Agreement will be in effect until terminated by either party. The City of National City is under contract with the IPS Group, Inc. which is a partner corporation of Vigilant Solutions, LLC. If that agreement is terminated the parties may mutually agree how to proceed. (b) Termination. (1) Agency may terminate this Agreement upon thirty (30) days prior written notice to Vigilant for any reason. (2) Vigilant may terminate this Agreement upon: (A) thirty (30) days prior written notice for any reason. (B) a failure on the part of Agency to pay any amount due and payable to Vigilant under this Agreement within thirty (30) days following receipt of written notice from Vigilant of such failure; or (C) a material breach of any other provision of this Agreement by Agency or any User which remains uncured for thirty (30) days following receipt of written notice from Vigilant of such material breach. (c) Effect of Termination. Upon termination or expiration of this Agreement for any reason, all licensed rights granted in this Agreement will immediately cease to exist and Agency must promptly discontinue all use of Soititions — lPR Data \VIG,MkoNT the LEARN Software Service, erase all LPR Data accessed through the LEARN Software Service from its computers, including LPR Data transferred to an API, and return all copies of any related documentation and other materials. 6. Miscellaneous. (a) Notices. Any notice under this Agreement must be written. Notices must be addressed to the recipient and either (i) hand delivered; (ii) placed in the United States mail, certified, return receipt requested; (iii) deposited with an overnight delivery service; or (iv) sent via e-mail and followed with a copy sent by overnight delivery or regular mail, to the address or e-mail address specified below. Any mailed notice is effective three (3) business days after the date of deposit with the United States Postal Service or the overnight delivery service, as applicable; all other notices are effective upon receipt. A failure of the United States Postal Service to return the certified mail receipt to the dispatcher of such notice will not affect the otherwise valid posting of notice hereunder. Vigilant's address for all purposes under this Agreement is: Vigilant Solutions, LLC Attn: Steve Cintron 1152 Stealth Street Livermore, California 94551 Telephone: 925-398-2079 E-mail: steve.cintron@vigilantsolutions.com Agency's address for all purposes under this Agreement is: Attn: Telephone: E-mail: with a copy to: Holland, Johns & Penny, L.L.P. Attn: Margaret E. Holland 306 West Seventh Street, Suite 500 Fort Worth, Texas 76102 Telephone: 817-335-1050 E-mail: meh@hjpllp.com Either party may designate another address for this Agreement by giving the other party at least five (5) business days' advance notice of its address change. A party's attorney may send notices on behalf of that party, but a notice is not effective against a party if sent only to that party's attorney. (b) Disclaimer. Vigilant makes no express or implied representations or warranties regarding Vigilant's equipment, website, online utilities or their performance, availability, functionality, other than a warranty of merchantability and fitness for the particular purpose of searching for license plate locations in the database and performing other related analytical functions. Any other implied warranties of merchantability or fitness for a particular purpose are expressly disclaimed and excluded. (c) Limitations of Liability. VIGILANT WILL NOT BE LIABLE FOR AGENCY'S USE OF THE LPR DATA OR LEARN SOFTWARE SERVICE APPLICATIONS AND WILL NOT BE LIABLE TO AGENCY UNDER ANY CIRCUMSTANCES WITH RESPECT TO ANY SUBJECT MATTER OF THIS AGREEMENT UNDER ANY CONTRACT, NEGLIGENCE, TORT, STRICT LIABILITY OR OTHER LEGAL OR EQUITABLE THEORY FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR EXEMPLARY DAMAGES (INCLUDING, WITHOUT LIMITATION, LOSS OF REVENUE OR GOODWILL OR ANTICIPATED PROFITS OR LOST OF . $f9u5:::.• P4g..5..; i� \/VIE3ILANT BUSINESS). TO THE EXTENT THE FOREGOING LIMITATION OF LIABILITY IS PROHIBITED OR OTHERWISE UNENFORCEABLE VILIGANT'S CUMULATIVE LIABILITY TO AGENCY ARISING OUT OF OR RELATED TO THIS AGREEMENT SHALL NOT EXCEED THE AMOUNT PAID TO VIGILANT BY THE AGENCY FOR SERVICES SUPPLIED UNDER THIS AGREEMENT BY VIGILANT. (d) Indemnification. Agency agrees to indemnify, defend and hold harmless Vigilant and its employees, representatives, agents, officers, directors, and corporate employees (each, an "Indemnified Party"), against any and all claims, suits, actions, or other proceedings brought against the Indemnified Party based on or arising from any claim (i) resulting from Agency's or a User's breach of this Agreement, (ii) that involves any vehicle owned or operated by Agency, (iii) or any employee or independent contractor hired by Agency or (iv) any and all claims based on Agency's or a User's actions or omissions. (e) Independent Contractor Status. Each party will at all times be deemed to be an independent contractor with respect to the subject matter of this Agreement and nothing contained in this Agreement will be deemed or construed in any manner as creating any partnership, joint venture, joint enterprise, single business enterprise, employment, agency, fiduciary or other similar relationship. (f) Assignment of this Agreement. Agency may not assign its rights or obligations under this Agreement to any party, without the express written consent of Vigilant. (g) No Exclusivity. Vigilant may at any time, directly or indirectly, engage in similar arrangements with other parties, including parties which may conduct operations in geographic areas in which Agency operates. Additionally, Vigilant reserves the right to provide LPR Data to third -party entities for purposes of promotions, marketing, business development or any other commercially reasonable reason that Vigilant deems necessary and appropriate. (h) No Reliance. Agency represents that it has independently evaluated this Agreement and is not relying on any representation, guarantee, or statement from Vigilant or any other party, other than as expressly set forth in this Agreement. (i) Governing Law; Venue. THIS AGREEMENT IS GOVERNED BY AND INTERPRETED IN ACCORDANCE WITH THE LAWS OF THE STATE OF TEXAS WITHOUT REGARD TO CONFLICTS -OF -LAWS PRINCIPLES. THE PARTIES HERETO CONSENT THAT VENUE OF ANY ACTION BROUGHT UNDER THIS AGREEMENT WILL BE IN TARRANT COUNTY, TEXAS. (j) Amendments. Except as otherwise permitted by this Agreement, no amendment to this Agreement or waiver of any right or obligation created by this Agreement will be effective unless it is in writing and signed by both parties. Vigilant's waiver of any breach or default will not constitute a waiver of any other or subsequent breach or default. (k) Entirety. This Agreement and the Agency's purchase order, setting forth Vigilant's LEARN Software Service being purchased by Agency pursuant to this Agreement and the related product code and subscription price, represent the entire agreement between the parties and supersede all prior agreements and communications, oral or written between the parties. Except to the limited extent expressly provided in this Section 6(k), no contrary or additional terms contained in any purchase order or other communication from Agency will be a part of this Agreement. (I) Force Majeure. Neither party will be liable for failure to perform or delay in performing any obligation under this Agreement if nonperformance is caused by an occurrence beyond the reasonable control of such party and without its fault or negligence such as acts of God or the public enemy, acts of the Government in either its sovereign or contractual capacity, fires, floods, epidemics, quarantine restrictions, strikes, unusually severe weather, delays of common carriers, or any other cause beyond the reasonable control of such party. (m) Severability. If any provision of this Agreement is held to be invalid, illegal or unenforceable for any reason, such invalidity, illegality or unenforceability will not affect any other provisions of this Agreement, and this Agreement will be construed as if such invalid, illegal or unenforceable provision had never been contained herein. (n) CJIS Requirements. Agency certifies that its LEARN users shall comply with the GIS requirements outlined in Exhibit A. \v�W LANT IN WITNESS WHEREOF, the parties hereto have executed this Agreement by persons duly authorized as of the date and year first above written. Company: Vigilant Solutions, LLC Authorized Agent: Bill Quinlan Title: Vice President Sales Operations Date: Signature: Agency: Authorized Agent: Title: Date: Signature: [signature page — LPR Data Program State and Local Law Enforcement Agency Agreement] Vigilant Solutions — LPR Data Program Agre- �v�VIGILANT Exhibit A: CJIS Requirements Vigilant and Agency agree on the importance of data security, integrity and system availability and that these security objectives will only be achieved through shared responsibility. Vigilant and Agency agree they will more likely be successful with information security by use of the Vigilant supplied technical controls and client Agency use of those controls; in conjunction with agency and personnel policies to protect the systems, data and privacy. Vigilant and Agency agree that Agency owned and FBI-CJIS supplied data in Vigilant systems does not meet the definition of FBI-CJIS provided Criminal Justice Information (GI). Regardless, Vigilant agrees to treat the Agency -supplied information in Vigilant systems as CJI. Vigilant will strive to meet those technical and administrative controls; ensuring the tools are in place for the proper protection of systems, information and privacy of individuals to the greatest degree possible. Vigilant and Agency agree that information obtained or incorporated into Vigilant systems may be associated with records that are sensitive in nature having, tactical, investigative and Personally Identifiable Information. As such, that information will be treated in accordance with applicable laws, policies and regulations governing protection and privacy of this type of data. Vigilant and Agency agree that products and services offered by Vigilant are merely an investigative tool to aid the client in the course of their duties and that Vigilant make no claims that direct actions be initiated based solely upon the information responses or analytical results. Further, Vigilant and Agency agree that Agency is ultimately responsible for taking the appropriate actions from results, hits, etc. generated by Vigilant products and require ongoing training, human evaluation, verifying the accuracy and currency of the information, and appropriate analysis prior to taking any action. As such, the parties agree to do the following: Vigilant: 1. Vigilant has established the use of FBI-CJIS Security Policy as guidance for implementing technical security controls in an effort to meet or exceed those Policy requirements. 2. Vigilant agrees to appoint a GIS Information Security Officer to act as a conduit to the client Contracting Government Agency, Agency Coordinator, to receive any security policy information and disseminate to the appropriate staff. 3. Vigilant agrees to adhere to FBI-CJIS Security Policy Awareness Training and Personnel Screening standards as required by the Agency. 4. Vigilant agrees, by default, to classify all client supplied data and information related to client owned infrastructure, information systems or communications systems as "Criminal Justice Data". All client information will be treated at the highest level of confidentiality by all Vigilant staff and authorized partners. Vigilant has supporting guidance/policies for staff handling the full life cycle of information in physical or electronic form and has accompanying disciplinary procedures for unauthorized access, misuse or mishandling of that information. 5. Vigilant will not engage in data mining, commercial sale, unauthorized access and/or use of any of Agency owned data. 6. Vigilant and partners agree to use their formal cyber Incident Response Plan if such event occurs. 7. Vigilant agrees to immediately inform Agency of any cyber incident or data breach, to include DDoS, Malware, Virus, etc. that may impact or harm client data, systems or operations so proper analysis can be performed and client Incident Response Procedures can be initiated. Vigilant Solutions - LPR Data Program Agreement ver. 1 0 Page 8 of 10 Ia � GILur i ANT s N 8. Vigilant will only allow authorized support staff to access Agency's account or Agency data in support of Agency as permitted by the terms of contracts. 9. Vigilant agrees to use training, policy and procedures to ensure support staff use proper handling, processing, storing, and communication protocols for Agency data. 10. Vigilant agrees to protect client systems and data by monitoring and auditing staff user activity to ensure that it is only within the purview of system application development, system maintenance or the support roles assigned. 11. Vigilant agrees to inform Agency of any unauthorized, inappropriate use of data or systems. 12. Vigilant will design software applications to facilitate FBI-CJIS compliant information handling, processing, storing, and communication of Agency. 13. Vigilant will advise Agency when any software application or equipment technical controls are not consistent with meeting FBI-CJIS Policy criteria for analysis and due consideration. 14. Vigilant agrees to use the existing Change Management process to sufficiently plan for system or software changes and updates with Rollback Plans. 15. Vigilant agrees to provide technical security controls that only permit authorized user access to Agency owned data and Vigilant systems as intended by Agency and data owners. 16. Vigilant agrees to meet or exceed the FBI-CJIS Security Policy complex password construction and change rules. 17. Vigilant will only provide access to Vigilant systems and Agency owned information through Agency managed role -based access and applied sharing rules configured by Agency. 18. Vigilant agrees to provide technical controls with additional levels of user Advanced Authentication in Physically Non -Secure Locations. 19. Vigilant agrees to provide compliant FIPS 140-2 Certified 128-bit encryption to Agency owned data during transport and storage ("data at rest") while in the custody and control of Vigilant. 20. Vigilant agrees to provide firewalls and virus protection to protect networks, storage devices and data. 21. Vigilant agrees to execute archival, purges and/or deletion of data as configured by the data owner. 22. Vigilant agrees to provide auditing and alerting tools within the software applications so Agency can monitor access and activity of Vigilant support staff and Agency users for unauthorized access, disclosure, alteration or misuse of Agency owned data. (Vigilant support staff will only have access when granted by Agency.) 23. Vigilant will only perform direct support remote access to Agency systems/infrastructure when requested, authorized and physically granted access to the applications/systems by Agency. This activity will be documented by both parties. 24. Vigilant creates and retains activity transaction logs to enable auditing by Agency data owners and Vigilant staff. 25. Vigilant agrees to provide physical protection for the equipment -storing Agency data along with additional technical controls to protect physical and logical access to systems and data. 26. Vigilant agrees to participate in any Information or Technical Security Compliance Audit performed by Agency, state CJIS System Agency or FBI-CJIS Division. 27. Vigilant agrees to perform independent employment background screening for its' staff and participate in additional fingerprint background screening as required by Agency. 28. Vigilant agrees that Agency owns all Agency contributed data to include "hot -lists", scans, user information etc., is only shared as designated by the client and remains the responsibility and property of Agency. Agency: 1. Agency agrees to appoint an Agency Coordinator as a central Point of Contact for all FBI-CJIS Security Policy related matters and to assign staff that are familiar with the contents of the FBI-CJIS Security Policy. Vigilant Solutions — LPR Data Program Agreement ve Nof YIGIr� AoT o u vNs 2. Agency agrees to have the Agency Coordinator provide timely updates with specific information regarding a new FBI-CJIS, state or local information security policy requirements that may impact Vigilant compliance system/application development and, to facilitate obtaining certifications, training, and fingerprint -based background checks as required. 3. Agency agrees to inform Vigilant when any FBI-CJIS Security Awareness Training, personnel background screening or execution of FBI-CJIS Security Addendum Certifications are required. 4. Agency agrees to immediately inform Vigilant of any relevant data breach or cyber incident, to include DDoS, Malware, Virus, etc. that may impact or harm Vigilant systems, operations, business partners and/or other Agencies, so proper analysis can be performed, and Incident Response Procedures can be initiated. 5. Agency agrees that they are responsible for the legality and compliance of information recorded, submitted or placed in Vigilant systems and use of that data. 6. Agency agrees that they are responsible for proper equipment operation and placement of equipment. 7. Agency agrees that they are responsible for vetting authorized user access to Vigilant systems with due consideration of providing potential access to non -Agency information. 8. Agency agrees that responsibility and control of persons granted access to purchased Vigilant systems, along with data stored and transmitted via Vigilant systems, is that of the Agency. 9. Agency agrees that they have responsibility for all data security, handling and data protection strategies from point of acquisition, during transport and until submission ("Hotlist upload") into Vigilant systems. 10. Agency agrees to reinforce client staff policies and procedures for secure storage and protection of Vigilant system passwords. 11. Agency agrees to reinforce client staff policies for creating user accounts with only government domain emai addresses. Exceptions will be granted in writing. 12. Agency agrees to reinforce client staff policies for not sharing user accounts. 13. Agency agrees to use Vigilant role -based access as designed to foster system security and integrity. 14. Agency agrees that they control, and are responsible for, appropriate use and data storage policies as well as procedures for the data maintained outside the Vigilant systems. This includes when any information is disseminated, extracted or exported out of Vigilant systems. 15. Agency agrees that they control and are responsible for developing policies, procedures and enforcement for applying deletion/purging and dissemination rules to information within and outside the Vigilant systems. 16. Agency agrees that it is their responsibility to ensure data and system protection strategies are accomplished through the tools provided by Vigilant for account and user management features along with audit and alert threshold features. 17. Agency agrees to use the "virtual escorting" security tools provided for managing client system remote access and monitor Vigilant support staff when authorized to assist the client. 18. Agency agrees that the Vigilant designed technical controls and tools will only be effective in conjunction with Agency created policies and procedures that guide user access and appropriate use of the system. 19. Agency agrees that information and services provided through Vigilant products do not provide any actionable information, Agency users are responsible for the validity and accuracy of their data and developing procedures to verify information with the record owner and other systems (NCIC) based upon the potential lead generated. RESOLUTION NO. 2018 — 183 RESOLUTION OF THE CITY COUNCIL OF THE CITY OF NATIONAL CITY AUTHORIZING THE MAYOR TO EXECUTE A THREE-YEAR AGREEMENT WITH IPS GROUP, INC., FOR A NOT -TO -EXCEED AMOUNT OF $320,000 TO PROVIDE PARKING MANAGEMENT AND PARKING ENFORCEMENT SOLUTIONS WHEREAS, on June 20, 2017, through the adoption of Resolution No. 2017-103, the City Council approved the Parking Action Plan ("PAP") for Downtown National City to address existing and future parking demands, and directed staff to take all necessary actions for PAP implementation, including but not limited to, continued public outreach, data collection, and reporting; and WHEREAS, on November 7, 2017, through the adoption of Ordinance No. 2017- 2441, the City Council adopted the Downtown Specific Plan Proposed Amendment that identifies parking as one of the Specific Plan's goals for future public and private development; and WHEREAS, City staff researched a variety of vendors offering products and services to address the City's parking management and enforcement needs and found that IPS Group, Inc., provided a comprehensive proposal that incorporates all of the City's parking management and enforcement needs; and WHEREAS, IPS Group, Inc., is a provider of parking management equipment, products, and services that meet the City's parking management needs and is qualified by experience and ability to perform the services desired by the City, and the IPS Group is willing to perform such services; and WHEREAS, the City desires to enter into a three-year Agreement with IPS Group, Inc., for a not -to -exceed amount of $320,000 to provide parking management equipment to include single-space parking meters, hand-held mobile enforcement devices, license plate reader (LPR) equipment and software, web -based parking management enforcement and permit software, data collection, and technical support NOW, THEREFORE, BE IT RESOLVED that the City Council of the City of National City hereby authorizes the Mayor to execute a three-year Agreement with IPS Group, Inc., for a not -to -exceed amount of $320,000 to provide parking management and enforcement, solutions. PASSED and ADOPTED this 16th day of Octob , 18. / 1 ATTEST: Michael R. Dalla, - ity Clerk Morrison, Mayor APPROVED AS TO FORM: Passed and adopted by the Council of the City of National City, California, on October 16, 2018 by the following vote, to -wit: Ayes: Councilmembers Cano, Mendivil, Morrison, Rios, Sotelo-Solis. Nays: None. Absent: None. Abstain: None. AUTHENTICATED BY: RON MORRISON By: Mayor of the City of National City, California 'Gl City Clerk of the Cityf National City, California Deputy I HEREBY CERTIFY that the above and foregoing is a full, true and correct copy of RESOLUTION NO. 2018-183 of the City of National City, California, passed and adopted by the Council of said City on October 16, 2018. By: City Clerk of the City of National City, California Deputy RESOLUTION NO. 2019 - RESOLUTION OF THE CITY COUNCIL OF THE CITY OF NATIONAL CITY AUTHORIZING THE CHIEF OF POLICE TO EXECUTE AN AGREEMENT WITH VIGILANT SOLUTIONS, LLC, TO ACCESS LAW ENFORCEMENT LICENSE PLATE DATA STORED IN THEIR SYSTEMS WHEREAS, IPS Group, Inc., is a provider of parking management equipment, products, and services that meet the City's parking management needs and is qualified by experience and ability to perform the services desired by the City, and the IPS Group is willing to perform such services; and WHEREAS, City staff researched a variety of vendors offering products and services to address the City's parking management and enforcement needs and found that IPS Group, Inc., provided a comprehensive proposal that incorporates all of the City's parking management and enforcement needs; and WHEREAS, on October 16, 2018, pursuant to Resolution 2018-183, the City Council authorized the Mayor to execute a three year Agreement with IPS Group, Inc., to provide parking management and enforcement solutions services to the National City Police Department; and WHEREAS, based upon IPS Group, Inc.'s., current Agreement with the City of National City, the National City Police Department may access their partners corporation's Vigilant Solutions, LLC, law enforcement License Plate Recognition "LPR" data to assist in criminal investigations at no additional cost to the City of National City; and WHEREAS, the City desires to enter into an Agreement with Vigilant Solutions, LLC, to provide the National City Police Department access to the law enforcement License Plate Recognition "LPR" data base that will assist in criminal investigations. NOW, THEREFORE, BE IT RESOLVED that the City Council of the City of National City hereby authorizes the Chief of Police to execute an Agreement with Vigilant Solutions, LLC, to provide the National City Police Department access to the law enforcement License Plate Recognition "LPR" data base that will assist the National City Police Department in criminal investigations. PASSED and ADOPTED this 19th day of November, 2019. Alejandra Sotelo-Solis, Mayor ATTEST: Michael R. Dalla, City Clerk APPROVED AS TO FORM: Angil P. Morris -Jones, City Attorney CITY OF NATIONAL CITY Office of the City Clerk 1243 National City Blvd., National City, California 91950-4397 619-336-4228 Michael R. Dalla, CMC - City Clerk VIGILANT SOLUTIONS LPR Data Program State and Local Law Enforcement Agency Agreement Lt. Seward (Police) forwarded a duplicate original Agreement Vigilant Solutions.