SERVICE SCHEDULE for DOCUSIGN eSIGNATURE

Service Schedule version date: May 30, 2024

Unless otherwise defined in this Service Schedule for Docusign eSignature (the “Service Schedule”), capitalized terms have the meaning given to them in the Agreement.

1. DEFINITIONS

“Customer Verification” means configuration for Signer Identification set by the Customer that: (a) deviates from the settings established by the IDV Service or the identity providers; or (b) validates the identity of a Signer when the IDV Service or the identity provider has rejected a Signer Identification.

“Docusign eSignature” means the on-demand electronic signature Docusign Service, which provides online display, certified delivery, acknowledgement, electronic signature, and storage services for eDocuments via the Internet. This definition shall include the Docusign on-demand electronic signature service previously referred to as “Docusign Signature”, the “Subscription Service”, or the “Hosted Services.”

“Docusign ID Verification” (or the “IDV Service”) means the Docusign Service that provides identification verification services to parties executing eDocuments using either Docusign Services or Third-Party Services. Specifically, the IDV Service allows a Customer to verify identity-related information of a Signer prior to Signer executing an eDocument.

“Docusign Monitor” means the Docusign eSignature add-on feature, which provides online display and alerting services for available Docusign eSignature event activity, based on an organization’s use of Docusign eSignature.

“Docusign Payments” means functionality that may be included in Docusign eSignature that allows Customer to submit agreements, invoices, and other documents to Signers via Docusign eSignature to facilitate the submission of Signer payment credentials and authorizations directly to payment applications, gateways, processors, and service providers that store, process, or transmit cardholder data as part of authorization or settlement (“Payment Applications”).

“Docusign Rooms” means the Docusign Service for transactions management, which provides online display of Rooms, management of eDocuments, people, and tasks, and storage services for eDocuments via the Internet.

“Docusign Workspaces” means the Docusign Service that facilitates the upload, access, retention, and sharing of files, data, and other content between parties via the Internet.

“Envelope” means an electronic record containing one or more eDocuments consisting of a single page or a group of pages of data uploaded to the System.

“Room(s)” means the online workspace for transactions management as created by the Customer in the Docusign Rooms service.

“Signer” means a person designated by an Authorized User to access and/or take action upon the eDocuments sent to such individual via Docusign eSignature, and in the case of Docusign ID Verification, the person who is requested to verify their identity through the IDV Service prior to electronically signing an eDocument.

“Signer Identification” means any data identifying a Signer that is collected by Customer through the IDV Service for the purpose of confirming the identity of such Signer. Such data may include a government-issued identification (e.g., a passport) or identification issued to Signer by a bank or national authority (e.g., an electronic ID), or Signer-held certificate (e.g., an electronic national ID card or equivalent delivered by a national authority).

“Transaction Data” means the metadata associated with an Envelope (such as transaction history, image hash value, method and time of Envelope deletion, sender and recipient names, email addresses and signature IDs) that Docusign may use to generate and maintain the digital audit trail required by Docusign eSignature.

“Workspace” means the online environment where Authorized Users may upload, access, retain, and share file data and other content between parties via the Internet using Docusign Workspaces.

2. ADDITIONAL USAGE LIMITATIONS AND CUSTOMER RESPONSIBILITIES

2.1 Docusign provides Docusign eSignature subject to Customer acknowledging and agreeing to the following conditions:

(a) Nothing in this Service Schedule may be construed to make Docusign a party to any eDocument processed through Docusign eSignature, Docusign Rooms or Docusign Workspaces, and Docusign makes no representation or warranty regarding the transactions sought to be effected by any eDocument;

(b) Between Docusign and Customer, Customer has exclusive control over and responsibility for the content, quality, and format of any eDocument as well as any transaction facilitated through Docusign Rooms or Docusign Workspaces;

(c) Certain types of agreements and documents may be excepted from electronic signature laws (e.g. wills and agreements pertaining to family law) or may be subject to specific regulations promulgated by various government agencies regarding electronic signatures and electronic records. Docusign is not responsible or liable to determine whether any particular eDocument is subject to an exception to applicable electronic signature laws, or whether it is subject to any particular agency promulgations, or whether it can be legally formed by electronic signatures;

(d) Docusign is not responsible for determining how long any contracts, documents, and other records are required to be retained or stored under any applicable laws, regulations, or legal or administrative agency processes. Further, Docusign is not responsible for or liable to produce any of Customer’s eDocuments or other documents to any third parties;

(e) Certain consumer protection or similar laws or regulations may impose special requirements with respect to electronic transactions involving one or more “consumers,” such as (among others) requirements that the consumer consent to the method of contracting and/or that the consumer be provided with a copy, or access to a copy, of a paper or other non-electronic, written record of the transaction. Docusign does not and is not responsible to:

(i) determine whether any particular transaction involves a “consumer”;

(ii) furnish or obtain any such consents or determine if any such consents have been withdrawn;

(iii) provide any information or disclosures in connection with any attempt to obtain any such consents;

(iv) provide legal review of, or update or correct any information or disclosures currently or previously given;

(v) provide any such copies or access, except as expressly provided in the Documentation for all transactions, consumer or otherwise; or

(vi) comply with any such special requirements;

(f) Customer undertakes to determine whether any “consumer” is involved in any eDocument presented by its Authorized Users for processing, and, if so, to comply with all requirements imposed by law on such eDocuments or their formation;

(g) Docusign eSignature is a tool to be used by Customer in the course of exercising its own professional judgment, and Docusign shall not be liable to Customer or any third party for any decision made or action taken by Customer in reliance on information or content generated, collected, stored, or otherwise processed by Customer using Docusign eSignature. Customer acknowledges and agrees that neither Docusign nor Docusign eSignature is providing Customer with legal advice, and Customer shall consult its own legal subject matter expert on all matters requiring legal advice;

(h) If Customer uses Docusign Monitor as part of Docusign eSignature, then Customer agrees that it is solely responsible for setting and enforcing its own security configurations and alerts within Docusign Monitor. Docusign Monitor may be provided to Customer with default alerts, however, Customer remains solely responsible for determining whether the alert settings meet Customer’s requirements; and

(i) If Customer is using Docusign Rooms or Docusign Workspaces as part of the Docusign eSignature service, Customer is solely responsible for its reliance on any content, advice, opinion, statement, suggestion or other information (“Third-Party Content”) offered by third parties that is shared or distributed through Docusign Rooms or Docusign Workspaces. Any such Third-Party Content presented or disseminated through Docusign Rooms or Docusign Workspaces solely represents the view of the respective author or provider of such content, who remains solely liable for the accuracy or reliability thereof.

3. eDOCUMENT STORAGE AND DELETION

3.1 Default Storage. By default, Docusign will store all completed eDocuments (including any Customer Data contained in an eDocument) sent by Customer for the duration of the Term, or until Customer deletes the eDocument, whichever occurs first. If Customer requires a different retention/deletion schedule, Customer has the option through its Account Administrator to change its Account settings to direct the deletion of all or certain designated eDocuments at an earlier date or periodic interval.

3.2 Retrieval of eDocuments. During the Term, Customer may use Docusign eSignature to retrieve electronic copies of its stored eDocuments at no additional cost. If Customer fails to retrieve its eDocuments (including Customer Data contained in an eDocument) before the Term has expired, Customer may request, no later than ninety (90) days after the Term has expired, that Docusign provide Professional Services to help retrieve completed eDocuments that remain stored in Docusign eSignature, the details of which would be set forth in a SOW for Professional Services. If Customer does not contact Docusign to initiate such retrieval within such ninety (90)-day period, then, after such ninety (90)-day period has ended, Docusign shall have no obligation to retain or provide any eDocuments (including any Customer Data contained in aneDocument) and Docusign shall have the right to delete all Customer’s Docusign Esignature Account and eDocuments (including any Customer Data contained in eDocuments) in Customer’s Docusign eSignature Account or otherwise in Docusign’s possession or control.

3.3 Transaction Data. Docusign may retain Transaction Data for as long as it has a business purpose to do so, provided that any Transaction Data that constitutes Confidential Information of Customer will at all times maintain that status, and Docusign will comply with its confidentiality obligations as provided in the Agreement.

4. SUBSCRIPTION PLANS AND FEES.

Docusign eSignature is made available based on a prepaid subscription, and is subject to any additional restrictions that may be set forth in the applicable Order Form(s). A subscription to Docusign eSignature may be based on Seat Allowance (defined below) and/or Envelope Allowance (defined below), as specified on the applicable Order Form(s).

4.1 “Seat Allowance” means the maximum number of Authorized Users that Customer may have registered in its Docusign eSignature Account at a given time. Authorized Users are assigned by Customer’s Account Administrator. For clarity, Authorized Users may be referred to as “Seats” on an Order Form. No two individuals may log onto or use Docusign eSignature as the same Authorized User, but Customer, through its Account Administrator, may unregister individuals who are Authorized Users and replace them with new individuals as Authorized Users without penalty, so long as Customer does not exceed the Seat Allowance.

4.2 “Envelope Allowance" means the cumulative number of Envelopes that may be sent by Authorized Users. There is no individual limit on the number of Envelopes that may be sent by each Authorized User, so long as the total volume sent by all Authorized Users does not exceed the Envelope Allowance. For purposes of calculating Envelope usage:

(a) An Envelope is consumed when sent by an Authorized User, regardless of whether the Envelope has been received by any recipient or any recipient has performed any action upon any eDocument in the Envelope;

(b) Usage of a Powerform will be applied against the Envelope Allowance. A Powerform will be deemed consumed at the time it is accessed by any user regardless of whether any actions are subsequently performed upon such Envelope. “Powerform” means an Envelope that may be accessed and completed by accessing a hyperlink (i.e. which does not need to be individually sent to each recipient); and

(c) An Envelope sent via bulk send or automated batch sending, including through a Docusign API, will be applied against the Envelope Allowance.

4.3 Calculation of Envelope Allowance for Seat Plans. Unless otherwise set forth in the Order Form, the Envelope Allowance for Seat plans for each twelve (12)-month period during the Order Term is calculated by multiplying the Seat Allowance times one hundred (100) Envelopes. For example, a three (3)-year subscription for ten (10) Seats would result in an Envelope Allowance of one thousand (1000) Envelopes per year. An Envelope Allowance may be augmented by purchasing additional Seats (each of which supply an additional one hundred (100) Envelopes unless otherwise set forth in the Order Form) or additional batches of Envelopes, pursuant to an Order Form.

4.4 Overages

(a) Seats. If Customer, through its Account Administrator, adds more Authorized Users than permitted under the Seat Allowance, then Customer shall be charged for one additional Seat for each additional Authorized User for the remainder of the Order Term on a pro rata basis, calculated based on the amount of time remaining in the Order Term, at the then-current list price for Authorized Users of the applicable subscription type (or such other amount as may be specified in the Order Form), and will include a pro-rata allocation of Envelopes.

(b) Envelopes. Envelopes sent in excess of the Envelope Allowance during the Term will incur a per-Envelope overage charge at the amount specified on the then-current Order Form or at the then-current list price for the applicable subscription type if the amount is not included on the Order Form.

4.5 Optional features. Optional features, such as authentication measures or fax-back services, may be purchased on a subscription or per-use basis, as set forth in the Order Form.

5. DOCUSIGN ESIGNATURE WARRANTIES. In addition to any other warranty in the Agreement, Docusign warrants that the proper use of Docusign eSignature by Customer in accordance with the Documentation and applicable law will be sufficient to meet the definition of an “electronic signature” as defined in the Electronic Signatures in Global and National Commerce Act, 15 U.S.C. ch. 96 §§ 7001 et seq. (the “ESIGN Act”); and in Regulation 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market (“eIDAS”).

6. DOCUSIGN PAYMENTS

6.1 If Customer utilizes Docusign Payments, Docusign’s provision of Docusign Payments is conditioned on Customer’s acknowledgement of and agreement to the following:

(a) The payment processing activities facilitated through Docusign Payments are between Customer and a Payment Application or another third party designated by Customer and not with Docusign. Customer is solely responsible for registering and maintaining an account with Payment Applications to facilitate the payment processing via Docusign Payments and for complying with all agreements, terms of use, or other terms and conditions between Customer and such Payment Applications. Payment Applications are independent contractors and not agents, employees, or subcontractors of Docusign. Docusign does not control the payment methods (i.e., credit card, debit card, ACH transfer) made available by the Payment Applications through Docusign eSignature nor the products or services that are sold or purchased by Customer via Docusign Payments. Customer acknowledges and agrees that Docusign cannot ensure that a Payment Application Signer or third party will complete a payment processing or that it is authorized to do so.

(b) Customer authorizes Docusign to store, process, and transmit Customer Data as necessary for a Payment Application to facilitate payment processing between Customer and a third party designated by Customer. Docusign Payments will temporarily store information received from Customer, such as account information for a Payment Application, only to facilitate the payment processing.

(c) Customer is solely responsible for complying with:

(i) any applicable standards developed and published by payment networks (such as Visa, Mastercard, American Express, and any other credit, debit, or electronic funds transfer network), including but not limited to, the current Payment Card Industry Data Security Standard (“PCI DSS”); and

(ii) all laws and regulations applicable to the payment processing conducted by Customer via Docusign Payments, including but not limited to, those that may apply to Customer:

(1) in connection with collecting and storing information, including payment credentials about Signers;

(2) making adequate, clear, and conspicuous disclosures related to the storage and use of Signers’ payment credentials; and

(3) the use of stored payment credentials to collect future payments.

(d) Customer is solely responsible for any and all disputes with any Payment Applications or Signers related to or in connection with a payment processing sought to be facilitated via Docusign Payments, including but not limited to: (i) chargebacks; (ii) products or services not received; (iii) return of, delayed delivery of, or canceled products or services; (iv) canceled transactions; (v) duplicate transactions or charges; (vi) electronic debits and credits involving bank accounts, debit cards, credit cards, and check issuances; and (vii) the amount of time to complete payment processing.

6.2 To the extent applicable to Docusign in the provision of Docusign Payments, Docusign represents that it is presently in compliance, and will remain in compliance, with the current PCI DSS Standard. Docusign acknowledges that credit and debit card account numbers or related data processed via Docusign Payments is, as applicable, owned exclusively by Customer, credit card issuers, the relevant payment networks, and entities licensed to process credit and debit card transactions on behalf of Customer, and further acknowledges that such information may be used by Docusign solely to assist the foregoing parties in completing the processing activities described in the Agreement.

7. ADDITIONAL DOCUSIGN ESIGNATURE ADD-ON TERMS. If Customer purchases one of the following additional Docusign eSignature products or add-on features, the following terms will apply to Customer’s use of that product or feature:

7.1 Docusign ID Verification. Docusign’s provision of the IDV Service is conditioned on Customer’s acknowledgement of, and agreement to, the following:

(a) The IDV Service facilitates the verification of Signer’s identity as part of a transaction with the Customer through the use of Third-Party Services. Docusign makes no representation or warranty regarding the validity or authenticity of any Signer Identification processed as part of the transaction between Signer and Customer using the IDV Service;

(b) Customer may use the IDV Service solely for the purpose of verifying the identity of a Signer as part of the execution of eDocuments within Docusign eSignature;

(c) Docusign may audit Customer’s use of the IDV Service to ensure compliance with the terms of the Agreement. This audit shall be limited to the production of documents by Customer to Docusign. If necessary, Customer shall comply with reasonable remediation actions identified by Docusign;

(d) Customer shall not use the IDV Service for the purpose of engaging in any pornographic business, any non-regulated gambling business, any illegal activities, false advertising, or to deliver regulated products and/or services without the necessary licenses in place. Failure to comply with this provision may result in Docusign’s termination of Customer’s use of the IDV Service; and

(e) Customer may utilize Customer Verification to validate Signer Identity. In each case where Customer utilizes this functionality, Customer:

(i) is solely responsible for the Signer Identification and any resulting legal or commercial losses or liabilities,

(ii) further represents and warrants that the identification it performs complies with all relevant laws and regulations, and

(iii) is solely responsible for the configuration of the content of Signer Identification data to be stored by Docusign, if any, and the definition of the retention period for such data.

7.2 Docusign Monitor.

(a) Customer acknowledges that the output data displayed within Docusign Monitor as described in the Documentation is Docusign proprietary information. Customer may use such output data only in connection with its use of Docusign Monitor for internal business purposes and solely during the Term. Upon expiration or termination of the Docusign Monitor subscription Term, Customer’s right to use the output data terminates immediately. Docusign shall have no obligation to maintain or provide any output data to Customer following termination or expiration, and Docusign may delete all output data without notice.

(b) If Customer accesses Docusign Monitor via Splunkbase, Customer acknowledges that Docusign may receive User Data, and agrees that Splunk Inc. and its affiliates are not responsible for the privacy, security or integrity of the User Data in or processed by Docusign Monitor’s application on Splunkbase. “User Data”, for purposes of this Section 8.2, shall mean the user’s contact information and information stored in Splunk Inc. and its affiliates’ systems about user’s configuration and usage of the Docusign Monitor application within Splunkbase.

7.3 Docusign Workspaces. During the Term, and subject to compliance with the terms and conditions of the Agreement, Customer and its Authorized Users, with a Docusign Workspaces-enabled Account for Docusign eSignature, will have the right: to

(a) create and/or manage Docusign Workspaces within an Account using the Docusign Workspaces API(s); and

(b) create and delete Workspaces, upload, remove, and view content, data, or eDocuments shared in Docusign Workspaces using Docusign Workspaces.

7.4 Government Products. If Customer purchases a Docusign eSignature product with a FedRAMP or for State and Local Government designation, as set forth in the Order Form ("Docusign eSignature Government Products”), the following terms will apply:

(a) Customer Data uploaded into a Docusign eSignature Government Product will be hosted within Docusign’s FedRAMP Moderate authorized boundary. “FedRAMP” means the Federal Risk and Authorization Management Program.

(b) Docusign eSignature Government Products include features and functionality that allow Customers to connect to other Docusign products or to third-party products or services for interoperability purposes. Interoperability refers to multiple computer systems that are connected in a manner that allows them to exchange information. Docusign eSignature Government Product features allowing for interoperability currently include Docusign Payments, Comments and Agreement Actions. A complete list of interoperable eSignature Government Product features can be found at: https://www.docusign.com/legal/terms-and-conditions/esignature-interoperable-features. These features are disabled by default but can be enabled by Customer request. Customers may also use “connectors” to connect Docusign eSignature Government Products to other systems to exchange information. For example, a Docusign/Salesforce Connector can be used to connect Docusign eSignature Government Products to a Salesforce product so that information may be exchanged between the two connected systems.

(c) If Customer chooses to connect Docusign eSignature Government Products to any other Docusign product or to any third-party products or services, Customer authorizes Docusign to export Customer Data outside of Docusign’s FedRAMP Moderate authorized boundary for the processing and use of Customer Data by Customer, Docusign, and/or such third parties (as applicable). For clarity, where Customers connect Docusign eSignature Government Products with any other products or services (including but not limited to by use of Payments, Comments, Connector or Agreement Action functionality), Docusign disclaims all liability for FedRAMP control compliance or Customer's obligations relating to Customer Data exported from Docusign’s FedRAMP Moderate authorized boundary.

7.5 U.S. Department of Defense (DoD) Impact Level 4 (IL-4). If Customer purchases a Docusign eSignature product with a DoD/IL-4 designation ("Docusign eSignature on DoD/IL-4 Environment”), as set forth in the Order Form, the following terms will apply:

(a) Reference the Memorandum previously provided to DISA Authorizing Official (dated October 22, 2023) detailing the Provisional Authorization (PA) granted by DISA, exceptions to/exclusions from the PA, and conditions Docusign is required to meet in order to maintain the PA for U.S. Department of Defense Impact Level 4 (DoD/IL-4); and

(b) Customer agrees: (i) not to use Docusign eSignature on DoD/IL-4 Environment in production without a BCAP connection (or DISA approval); (ii) not to process, store or transmit IL-4 production data without a BCAP connection to NIPRnet; (iii) not to use Docusign eSignature on DoD/IL-4 Environment to connect to any Docusign services or applications via an unauthorized endpoint outside of the NIPRnet or non-BCAP connections; (iv) Customer is responsible for any customer data sent to third party applications (regardless of whether third party applications are IL-4 certified); and (v) Enterprise Premier Support for IL-4 customers is available from 9 am EST - 8 pm EST.