The URL can be used to link to this page

Home My WebLink About26 - Submissions - SS4A Demonstration Activity - Safety Data PlatformFrom:Kristine Sloan (Citian) To:Bozeman Procurement Cc:Ryan Westrom (Citian); Jianwei Wang (Citian) Subject:[EXTERNAL]Citian proposal - SS4A COMPREHENSIVE DEMONSTRATION ACTIVITY – SAFETY DATA PLATFORM -02.19.26 by 3PM MST Date:Thursday, February 19, 2026 1:26:51 PM Attachments:img-4d783930-53c6-4dd0-a308-c5277dbb424bCitian proposal - Bozeman RFP SS4A Safety Data Platform_compressed.pdfCitian proposal - Bozeman RFP SS4A Safety Data Platform_Redacted_compressed.pdf CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Hello, On behalf of my firm, Citian, I am submitting a proposal in response to the City of Bozeman’s RFP titled SS4A Comprehensive Demonstration Activity - Safety Data Platform. The deadline on the RFP is February 19, 2026, 3PM MST. We have prepared a single, searchable PDF under 25 MB per the RFP’s requirement. In the event that the City receives a public records request, we have also attached a redacted version of the proposal. Please respond with written confirmation that you have successfully received our proposal—for our own documentation. Thank you, Kristine Sloan | Technical Proposal Writer City of Bozeman RFP SS4A Comprehensive Demonstration Activity – Safety Data Platform Point of Contact: Ryan Westrom Chief Product & Strategy Officer (202) 240-9112 ryan@citiansolutions.com i Table of Contents Table of Contents Cover Letter ........................................................................................................................................... 1 Executive Summary ............................................................................................................................... 2 Our Understanding ............................................................................................................................. 2 Who We Are ....................................................................................................................................... 3 What Citian Can Offer the City of Bozeman .......................................................................................... 3 Our Response to Bozeman’s RFP ......................................................................................................... 5 Firm/Individual Profile ........................................................................................................................... 7 Firm Profile ........................................................................................................................................ 7 Project Team ...................................................................................................................................... 8 Staffing Approach ................................................................................................................................... 8 Organizational Chart ............................................................................................................................... 8 Core Personnel and Resumes ................................................................................................................. 9 Scope of Services ................................................................................................................................ 15 Project Management and Delivery ..................................................................................................... 15 Implementation Approach ................................................................................................................ 15 Phase 1: Discovery, Data Collection, and Onboarding ............................................................................ 15 Phase 2: Configuration and Testing ........................................................................................................ 16 Phase 3: Launch and Training ................................................................................................................ 16 Description of Proposed Solution ......................................................................................................... 18 CRASH – Citian’s Safety Data Platform .............................................................................................. 18 Digital Twin Environment .................................................................................................................. 18 Data Acquisition, Integration, and AI-Driven Refinement .................................................................... 19 High-Injury Network Identification and Safety Pattern Analysis .......................................................... 20 Predictive Modeling, Countermeasure Selection, and Investment Optimization .................................. 21 Monitoring, Evaluation, and SS4A Reporting Automation .................................................................... 23 Maintenance and Support for City Staff ................................................................................................. 25 Continued Partnership Beyond Implementation ................................................................................ 25 Ongoing Support and Maintenance .................................................................................................... 25 Related Experience with Projects Similar to the Scope .......................................................................... 28 City of Madison – Crash Safety Analysis Platform ............................................................................... 28 Southern California Association of Governments ............................................................................... 29 San Joaquin County .......................................................................................................................... 30 City of Helena .................................................................................................................................. 31 References .......................................................................................................................................... 32 Proposed Schedule .............................................................................................................................. 34 Price Proposal ..................................................................................................................................... 35 Required Forms Attachment A: Signed Affirmation of Nondiscrimination ................................................................................. 36 Attachment B: Proposed Changes to SaaS Agreement .................................................................................. 37 Attachment C: Cloud Services Questionnaire ............................................................................................... 39 Appendices Appendix A: Exhibit B, referenced in SaaS Agreement .................................................................................... 42 Appendix B: Incident Response Plan ............................................................................................................ 43 Appendix C: Disaster Recovery Plan ............................................................................................................. 44 Appendix D: Business Continuity Plan .......................................................................................................... 45 ii Table of Figures Figure 1: Citian Firm Qualifications ........................................................................................................................... 3 Figure 2: Citian Leadership ................................................................................................................................................. 7 Figure 3: Organizational Chart ........................................................................................................................................... 9 Figure 4: ADDIE Instructional Framework ........................................................................................................................ 17 Figure 5: Interactive maps provide user-friendly visualizations of historical collisions. Correlating factors can be easily overlaid for dynamic safety analysis. ............................................................................................................................... 18 Figure 6: Crash data location is enhanced through automatic, context sensitive AI refinement .................................... 19 Figure 7: Top corridors ranked by total crashes. Filters can be applied to provide additional focus on organizational priority searches. ............................................................................................................................................................. 20 Figure 8: Analyze Area Tool provides custom defined study areas, swiftly created by selecting segments and intersections. Selecting historical collisions can deepen analysis. ................................................................................... 21 Figure 9: Areas that are under or overperforming are highlighted to show urgent safety issues and "role model" locations. .......................................................................................................................................................................... 22 Figure 10: Crash data and correlating factors are distilled to provide insight into anomalous driving behavior. ........... 23 Figure 11: The Countermeasure Recommendation Tool shows the potential safety impact of a variety of countermeasures in a given study area. Users can toggle desired countermeasures to see their predicted impact on crash outcomes. ............................................................................................................................................................... 23 Figure 12: A heat map reveals trends in the frequency and severity of crashes in Madison over time .......................... 28 Figure 13: Helena Asset Condition Status ........................................................................................................................ 31 Table of Tables Table 1: How Citian Will Meet or Exceed the City's Requirements ................................................................................... 5 Table 2: How CRASH Operationalizes FHWA SS4A Compliance ....................................................................................... 24 Table 3: Cost Breakdown ................................................................................................................................................. 35 Cover image source: https://www.pexels.com/photo/mountain-near-house-534415/ 1 Cover Letter City of Bozeman Attn: Taylor Lonsdale, PE P.O. Box 1230 Bozeman, MT 59771-1230 RE: RFP SS4A Comprehensive Demonstration Activity – Safety Data Platform Dear Mr. Lonsdale and Members of the Selection Committee, Citian, Inc. (Citian) is pleased to submit this proposal in response to the City of Bozeman’s Request for Proposal, “SS4A Comprehensive Demonstration Activity – Safety Data Platform.” Citian is a software provider and data intelligence firm founded by engineers and planners, the kinds of specialized end users who themselves would make use of our software. What sets our firm apart is our subject matter expertise and deep experience in the transportation industry, which allows us to tailor solutions to the varied demands found across departments like Transportation and Engineering. Citian is mission-driven, shaping our solutions to public sector needs. Our drive to bring innovation to the public sector is evidenced by our active contribution to national industry forums where we share original research and applied insights, such as findings we’ve presented at the Transportation Research Board Annual Meeting. Based on our review of the RFP, we understand that the Safety Data Platform is a central implementation tool within the City’s SS4A Planning and Demonstration Grant, not a standalone software purchase. It must operate in direct coordination with development of the Comprehensive Safety Action Plan and the demonstration of advanced intersection safety data collection equipment. The platform is expected to integrate historic crash data with newly collected intersection analytics, enabling High Injury Network identification, countermeasure evaluation, and defensible performance tracking aligned with FHWA Safe Systems principles. In doing so, it serves as the analytical backbone of the grant—translating data into actionable insights that guide plan development and support ongoing evaluation throughout the three-year demonstration period of Citian’s safety data platform. Citian would like to offer the City of Bozeman CRASHTM, our cloud-based traffic safety intelligence platform. We are end-to-end implementers, taking great care to customize and configure our prebuilt offering to client needs. CRASH utilizes artificial intelligence to drive a variety of features, such as crash narrative processing, high injury network identification, automated pattern identification, severity risk modeling, crash diagram production, cost predictive crash modeling, and more. Citian believes its solution meets and exceeds the City’s requirements for a proactive, actionable system. By submitting this proposal, the Citian team agrees to be bound by all commitments, representations, and terms set forth herein. Citian agrees to be bound by the laws of the State of Montana. Our firm proposes a few changes to the Software-as-a-Service (SaaS) Agreement; see Attachment B. We acknowledge that the City will not entertain changes to section 9 of Attachment B. We appreciate the opportunity to respond to this solicitation and would welcome any further discussion of our software and project approach. Please do not hesitate to contact us should you have any questions or require additional information. Sincerely, Steven Houh, ME, PE | Founder and CEO 2 Executive Summary Our Understanding Pedestrian and bicycle fatalities in the United States have risen sharply over the past decade, reversing years of progress and underscoring the urgent need for systemic change. These tragedies can rarely be described as random; serious injuries and fatalities are often the predictable result of design, operational, and behavioral factors interacting within the transportation system. Growing cities like Bozeman face the dual responsibility of accommodating rapid population growth while reinforcing a commitment to safety for all roadway users. In 2022, the tragic bicycle fatalities in Bozeman that prompted adoption of the Streets Are For Everyone (SAFE) Action Plan made clear that even a single loss of life warrants systemic evaluation. Under a Safe Systems framework, no fatality is acceptable. The event underscored vulnerabilities at arterial crossings and reinforced the need to proactively examine intersection design, signal timing, multimodal visibility, speed management, and network-level risk patterns. Not only in response to incidents, but in anticipation of them. Through its SS4A Planning and Demonstration Grants, the City has committed to developing a Comprehensive Safety Action Plan grounded in defensible analysis and measurable outcomes. The effectiveness of that Plan, however, will depend on the rigor and completeness of its data foundation. A Safety Action Plan, as a policy document, is only as strong as the analytical picture it creates. That picture must support defensible identification of a High Injury Network, transparent prioritization of projects and programs, ongoing evaluation of impact, and structured reporting to FHWA in accordance with SS4A requirements. Currently, City staff must review individual crash reports to identify trends, a process that requires significant time and limits proactive safety management. More broadly, transportation safety analysis often involves the manual labor of examining disconnected, Excel-logged data, where crash information, network characteristics, and demographic context are stored separately and reconciled through painstaking effort. This approach constrains staff capacity, delays insight generation, and makes it difficult to institutionalize consistent, reproducible analyses. A shift in analytic paradigm is called for—one that moves beyond fragmented review toward an integrated, transparent, and system-level safety data environment. The City is not simply procuring software; it is undertaking a three-year demonstration of how modern safety analytics can institutionalize proactive safety management. The selected platform must integrate crash data, transportation network information, demographic overlays, and advanced safety equipment outputs into a unified analytical framework that enhances—not replaces— engineering judgment. Citian’s technology was built specifically to support a wide range of traffic safety analyses within Safe Systems contexts. When paired with the analytic expertise of the Comprehensive Safety Action Plan consultant, the platform will enable the City to: • Identify and validate a defensible High Injury Network (HIN) • Prioritize projects and countermeasures using transparent criteria • Evaluate safety impacts over time • Produce structured documentation and reporting required under SS4A Equally important, the platform will advance operational goals central to this demonstration: reduced staff time spent on manual crash review, improved access to crash information across departments, and the provision of usable, transparent tools that empower City staff to conduct proactive safety analysis beyond the life of the grant. We are proposing a safety data platform that, in partnership with the City and its planning consultant, will 3 transform fragmented crash review into a defensible, rigorously validated analytical framework, thus strengthening the credibility, sustainability, and long-term impact of Bozeman’s Comprehensive Safety Action Plan. Who We Are Citian, Inc. (Citian) is a transportation safety and right-of-way data intelligence firm focused on helping public agencies modernize how they holistically understand, manage, and invest in roadway safety. The firm was founded by engineers and planners who experienced firsthand the limitations of manual safety data collection and analysis and set out to build software shaped around the realities of public sector operations. Our firm is not simply a software provider. Our platform offerings are built with specialized engineering operations and workflows in mind. Citian’s approach centers on transforming complex, multi- source data environments from static records into strategic management. By unifying crash data, real-time traffic and speed data, roadway GIS-based geometry and network data, behavioral and contributing factor data, and demographic and socioeconomic information within a single environment, agencies gain a clearer understanding of their networks and the tradeoffs inherent in shaping safety initiatives. This unified view becomes the foundation for aligning daily operations, planning decisions, and long- term investment strategies, supporting not only transportation planning but also public communication and compliance reporting. What Citian Can Offer the City of Bozeman At the core of Citian’s offering is CRASHTM (Crash Reduction through Analysis of Safety Hazards), a cloud-based traffic safety intelligence platform designed to transform how agencies understand, prioritize, and reduce roadway risk. CRASH brings together machine learning–powered crash report refinement, advanced spatial analytics, predictive modeling rooted in Highway Safety Manual (HSM) methodologies, and integrated environmental and behavioral datasets into a unified operational environment. The platform functions as a central view of traffic safety data, leveraging AI, natural language processing, advanced analytics, and decades of engineering know-how to support defensible, data-driven decision-making. Importantly, CRASH places particular emphasis on Vulnerable Road User (VRU) safety (including pedestrians and cyclists), equipping agencies to examine crash patterns involving pedestrians, bicyclists, and other non- motorized users with clarity and precision. Through refined crash coding, behavioral factor analysis, special ranking based on VRU crashes, VRU dashboard, VRU reporting, and spatial screening tools, the platform enables targeted identification of VRU crash patterns to support federally compliant safety planning and high-injury network prioritization. By maintaining refined crash data, roadway network information, traffic volumes, near-miss and behavioral indicators, demographic context, and engineering reference datasets within a single digital twin environment, CRASH provides agencies with a living representation of roadway safety performance. This continuously evolving environment supports interactive exploration, automated engineering intelligence, grant-ready safety Figure 1: Citian Firm Qualifications 4 planning, benchmarking and goal tracking, and complaint-to-resolution workflows—all within the same platform. The result is not simply a crash database, but an integrated safety management system that equips agencies to move from reactive reporting toward proactive, prevention-oriented safety planning aligned with an SS4A framework. The following table summarizes how Citian and the CRASH platform meet or exceed the City’s stated requirements and directly support the objectives outlined in the RFP: City of Bozeman’s Needs How Citian & CRASHTM Meets or Exceeds the Requirements A platform that will improve the ability for city staff to utilize crash data: Improve staff capacity to access, interpret, and apply crash data in daily operations and planning decisions ✓ Centralized, AI-refined crash repository that converts raw reports into structured, analysis-ready data ✓ Natural-language query tools and customizable interactive dashboards that eliminate manual spreadsheet workflows ✓ Lane-level digital twin mapping that allows staff to visually interpret crash trends and contributing factors Utilization of this platform to inform the development and evaluation of a Comprehensive Safety Action Plan: Citian will work with the City’s chosen consultant to structure data, screening outputs, and performance metrics so that the platform directly supports plan development, prioritization, and documentation ✓ Automated HIN analysis, screening tools, and pattern identification to support priority corridor selection ✓ Predictive modeling and countermeasure evaluation aligned with Safe Systems principles ✓ Report-ready outputs and exportable graphics that integrate directly into the Comprehensive Safety Action Plan Utilization of crash data and data from the demonstration of advanced safety data collection equipment: Integrate traditional crash data with near-miss, speeding, and behavioral data collected through advanced safety technologies (stationed at sites of interest in the City) to support proactive risk identification ✓ Integration of demonstration equipment data (e.g., red- light running, near misses, speeding events) into the same analytical environment as crash data ✓ Driver behavior predictive tools that correlate anomalous behaviors with crash risk ✓ Combined crash and behavioral screening to identify emerging high-risk locations before severe crashes occur Platform must be capable of importing and analyzing crash data, transportation network information, and demographic data: ✓ CRASH supports API-based integration and structured data ingestion from police RMS, state crash repositories, and legacy systems; Citian can perform migration from PDF reports, spreadsheets, and flat-file exports for immediate analysis in CRASH ✓ Integration with the transportation network information and demonstration advanced safety data collection equipment, 5 Provide seamless ingestion and integration of multi-source datasets into a unified analytical environment which would collect data on vehicles running red lights, near misses, speeding, and any other desired safety data (e.g. harsh breaking, rapid acceleration, etc.) ✓ Automated geolocation of crash data with roadway network and demographic layers for corridor-level and block- group analysis Platform must provide in-depth analytical and visualization capabilities: Deliver advanced screening, mapping, modeling, and visualization tools to support engineering-grade safety analysis ✓ Identify and rank the High Injury Network using configurable screening criteria ✓ Generate automated crash diagrams and perform structured crash pattern analysis ✓ Define and model potential countermeasures using HSM-, SPF-, and CMF-informed methodologies Platform must facilitate ongoing monitoring and evaluation of the safety plan and demonstrate SS4A fulfillment: Support performance tracking, documentation, and reporting requirements throughout plan implementation ✓ Custom reporting templates aligned with FHWA, SS4A, SHSP, and HSIP requirements ✓ Dashboard-based performance monitoring with configurable safety metrics and trend tracking, including a VRU dashboard focusing on pedestrian and cyclist crash outcomes ✓ Export-ready charts, tables, and maps suitable for Commission updates, public communication, and federal reporting Building a proactive, prevention- oriented safety posture through improved operations: Shift from reactive crash response toward predictive, risk-based safety management and investment planning ✓ AI-driven crash refinement and predictive modeling that identifies risk before severe outcomes occur ✓ Integrated countermeasure recommendation and budget optimization tools to prioritize high-impact investments ✓ Centralized digital twin platform that unifies previously disconnected workflows into a continuous safety management process Table 1: How Citian Will Meet or Exceed the City's Requirements Our Response to Bozeman’s RFP In response to the City’s RFP requirements, we have prepared a proposal that is outlined as follows: • Executive Summary: An overview of Citian’s proposed offer and how it addresses the City’s needs. • Firm/Individual Profile: A profile of Citian and our proposed project team. • Scope of Services: The activities that would be performed to deliver a safety data platform for a 3-year demonstration period to the City. • Description of Proposed Solution: A description of CRASH, Citian’s proposed safety data platform. • Maintenance and Support for City Staff: A description of the services Citian will provide to the City after 6 platform deployment. • Related Experiences with Projects Similar to the Scope of Services: Featured descriptions of past Citian projects. • References: Points of contact associated with each past Citian project featured in the section above. • Proposed Schedule: The proposed project schedule. • Price Proposal: The proposed price with an accompanying narrative. We have included the required Attachments as well: • Attachment A: Signed Affirmation of Nondiscrimination • Attachment B: Proposed Changes to the Software as a Service Agreement. • Attachment C: Completed City of Bozeman Cloud Services Questionnaire We have provided additional material to supplement the RFP’s submittal requirements: • Appendix A: Citian has added an “Exhibit B” within Attachment B, the Software as a Service Agreement. This is Citian’s Master Subscription Agreement. Appendix A of this proposal package is the Exhibit B referenced in the revised SaaS Agreement. • Appendix B: Citian Incident Response Plan, as referenced in our response to Attachment C, the Cloud Services Questionnaire. • Appendix C: Citian Disaster Recovery Plan as referenced in our response to Attachment C, the Cloud Services Questionnaire. • Appendix D: Citian Business Continuity Plan as referenced in our response to Attachment C, the Cloud Services Questionnaire. 7 Firm/Individual Profile Firm Profile Citian is a transportation safety and roadway data intelligence firm focused on helping public works agencies modernize how they holistically understand, manage, and invest in their safety initiatives. Our technologies enable our clients to optimize existing data with the latest advances in AI and Machine Learning and propel their planning capabilities into the new era. Based in our nation’s capital, Washington, D.C., Citian brings together decades of engineering talent, research, data science, and computer programming to serve clients and transportation professionals from the local to the federal level. Citian’s staff is led by a qualified, experienced team of industry leaders with decades of experience in transportation and engineering, safety, and planning. Citian’s leadership team is helmed by Steven Houh, P.E., Jianwei Wang, Ph.D., and Ryan Westrom P.E., PTP. Each has decades of relevant transportation industry experience (see Project Team). Citian’s executive team is supported by a broader team of software architects, AI programmers, data scientists, researchers, and transportation professionals. Citian distinguishes itself through its domain expertise in transportation and engineering, bringing an interdisciplinary approach to software. Importantly, our approach to data centralization is purpose-built to support downstream engineering analysis and decision- making. Rather than requiring agencies to overhaul established practices, our approach supports organizational change management by modernizing workflows in a way that complements existing roles, preserves institutional knowledge, and reduces friction across departments. This operational innovation enables agencies to transition from manual, reactive crash review toward a coordinated, transparent, and system-level safety management environment aligned with Safe Systems principles. Figure 2: Citian Leadership 8 Project Team Staffing Approach Our firm staffs projects through three integrated verticals: transportation domain experts, data scientists, and software engineers. We take this interdisciplinary approach because roadway safety management is not merely a matter of analyzing crash records or deploying analytics tools. It is a domain-specific decision problem that sits at the intersection of engineering judgment, operational reality, and technology. Many software platforms represent their tool as a generalized industrial or enterprise problem, focusing primarily on data capture and visualization. While these tools can efficiently extract information, they often stop short of delivering immediate, practical value to specialized end users such as engineers, planners, and public works managers. This gap emerges when systems lack embedded domain logic, which results in outputs that require significant translation before they can be used for improvement planning, capital programming, or policy decisions. Our staffing model is intentionally designed to close that gap. Organizational Chart The project team is structured to provide clear lines of accountability, efficient coordination across disciplines, and direct access to decision-makers throughout the project lifecycle. The Project Manager, Ryan Westrom, PE, PTP, serves as the single point of overall responsibility and authority for the project. All functional leads report to Mr. Westrom, ensuring unified oversight of scope, schedule, quality, and technical alignment. This centralized reporting structure allows project decisions to be made quickly while maintaining consistency across software delivery, data development, and field activities. Supporting the Project Manager on the side of project execution, contract delivery, and coordination are: • Client Experience Lead, Theresa Hall, is responsible for stakeholder engagement, communication cadence, and ongoing client support, ensuring that the City and participating municipalities remain informed, supported, and confident in system adoption. Ms. Hall will determine when to engage: o The Client Success Team, who oversees platform configuration, user onboarding, and rollout activities, works closely with both technical teams and end users to support a smooth transition from deployment to active use. o Account Manager, Rahul Kapoor, provides executive-level oversight and contractual coordination, remaining available to client leadership as needed while supporting long-term partnership objectives. Technical execution is managed through discipline-specific leads who report directly to the Project Manager: • Data Lead, Jianwei Wang, PhD, leads data architecture, analytics, and quality assurance efforts, including transportation data and GIS analysis. • Engineering Lead, Cristian Arteaga, PhD, leads analytical methodology and predictive modeling validation, aligning safety analyses with established engineering standards and best practices. • Software Development Lead, Jeff Lee, is responsible for application development, system functionality, and technical integration. See the project team organizational chart below for an overview of Citian’s reporting structure: 9 Core Personnel and Resumes Ryan Westrom, PE, PTP, will serve as Project Manager of this project. In this role, Mr. Westrom will provide day-to-day project leadership while ensuring that all technical work remains aligned with real-world transportation planning and public works decision-making needs. As a licensed Professional Engineer and certified Professional Transportation Planner with more than two decades of transportation project management experience, he brings a dual perspective that bridges project delivery discipline with domain-specific judgment. Mr. Westrom will coordinate all project activities across the software, data, and transportation domain teams; manage schedule, scope, and quality; and serve as the primary point of contact for the City. Drawing on his transportation planning background, he will actively guide how crash and roadway data are structured, interpreted, and presented so that system outputs are engineering-defensible, implementation- ready, and directly usable for maintenance prioritization, budgeting, and long-term capital planning, while working closely with City stakeholders to clarify objectives and refine use cases as needs evolve. Jianwei Wang, PhD will serve as the Data Lead. In this role, Dr. Wang will be responsible for defining, governing, and validating the data and analytics that underpin the platform, ensuring that all roadway and crash information is accurate, consistent, and engineering- defensible. Drawing on more than two decades of experience leading transportation data, traffic safety management initiatives for public agencies, he will oversee how raw field and AI-derived data are transformed into structured, decision-ready information aligned with accepted engineering and planning practices. Dr. Wang will lead data architecture, extraction logic, quality assurance, and compliance evaluation workflows, working closely with the software and transportation domain teams to confirm that system outputs support real- world improvements, prioritization, and capital planning decisions. His role ensures that the platform delivers more than organized data—providing reliable, transparent analytics that agency staff can confidently use for planning, reporting, and long-term infrastructure management. Figure 3: Organizational Chart 10 Jeffrey Lee will serve as the Software Development Lead. In this role, he will direct the technical architecture, system integration, and full-stack development, delivering a secure, scalable system aligned with operational safety analysis needs. Drawing on more than 20 years of experience leading complex SaaS and cloud-based engineering initiatives, including high-volume data environments and enterprise system integrations, he brings deep expertise in solutions architecture, agile delivery, and technical strategy to complex public- sector implementations. Mr. Lee will lead application development, integrations, environment buildout, and system performance optimization, working closely with data and engineering leads to translate analytical and reporting requirements into a cohesive, production-ready platform. His experience guiding statewide, regional, and citywide CRASH deployments, including integrations with statewide crash repositories and local police data systems, demonstrates his ability to direct large-scale data ingestion, AI-enabled processing workflows, and disciplined, end-to-end systems delivery. His role is key to creating a resilient, high-performing technical environment capable of supporting long-term safety analysis and reporting objectives. Theresa Hall will serve as the Client Experience Lead. With deep expertise in client success skills—defining roadmaps that optimize client ROI, leading adoption strategies, and guiding organizations through change—she focuses on translating implementations into sustained, long-term value. She also brings experience delivering targeted user training and supporting post-implementation stabilization to reinforce adoption and operational confidence. Ms. Hall brings over eight years of experience leading complex SaaS implementations across public- and private-sector environments, serving as a primary bridge between client stakeholders and cross- functional delivery teams. She works closely with executive leadership and operational users to align implementation strategies with current business objectives while anticipating future growth and evolving requirements. Her experience spans requirements definition, implementation planning, go-live readiness, and post-deployment refinement, with an emphasis on usability, organizational readiness, and durable, self-sustaining system use. 11 Ryan Westrom, P.E., PTP Project Manager Ryan Westrom has over 20 years of experience in transportation and professional experience as both a transportation engineer and planner in both public and private settings across the country working with federal, state, and city DOTs on strategy, policy, design & innovation, and related work. He is an experienced leader serving as Chief Strategy Officer at Citian with expertise in statewide planning, safety design, spatial accessibility, data analytics, and designing smart infrastructure for multimodal networks. His extensive planning, programming, and analytical management project work in Washington, DC, and beyond includes broad-based project management of projects at all scales. Selected Relevant Experience CRASH Regional Buildout | Southern California Association of Governments (SCAG) Led as Project Manager in the development and deployment of the regional CRASH safety data analytics software for the Southern California Association of Governments (SCAG). Worked to customize features such as artificial intelligence and advanced data analytics to ingest, refine, and audit SWITRS, CCRS, and TIMS crash data. Developed local custom dashboards and analysis approaches to promote easy, accurate, safety analysis and issue remediation across the metropolitan area as well as customizing for local agencies. CRASH Citywide Buildout | City of Madison, WI Led the Citian implementation team as Project Manager to deploy CRASH safety data analytics software in Madison. Worked to customize features such as dashboards, reports, automated countermeasure recommendations, and network screening functionality to meet local needs. Developed specialized approaches to promote effective, expedited safety analysis across the City. CRASH Statewide Buildout | Minnesota DOT Served as project lead in the completion of the statewide buildout of the CRASH safety data analytics software for the Minnesota Department of Transportation (MnDOT). This work included evaluation of crash reporting, algorithmic insertion of various crash and geometric data into the active SaaS system, addition of customized software elements, and management of the program rollout. Additionally, live training for MnDOT staff was completed to orient them to the system. ADAPT Citywide Buildout | Helena, MT Served as Project Manager in the completion of a citywide asset management inventory and ADAPT buildout. This work involved close coordination with city stakeholders as well as Tectonic to scan over 250 miles of road and extract hundreds of assets across Helena’s pedestrian network. Supervised Citian’s QA/QC team as assets were extracted from LiDAR scans and measurements were taken on sidewalks, curb ramps, curbs, gutters, signage, road cross slopes, road striping, and other assets to ensure compliance with Federal, State, and local ADA policies and regulations. Delivered a comprehensive, data-driven asset management system in ADAPT. Supported the implementation of this platform and training of all Helena users. Education M.S. Transportation Massachusetts Institute of Technology B.A. Urban and Regional Planning University of Illinois at Urbana- Champaign B.S. Civil and Environmental Engineering University of Illinois at Urbana- Champaign Certifications Professional Engineer Professional Transportation Planner Professional Affiliations Institute of Transportation Engineers ITS- America Transportation Research Board 12 Jianwei Wang Data Lead Jianwei Wang has led software development, crash report data extraction, crash data analysis, and traffic engineering projects for DOTs and government agencies for over 20 years. As Citian’s Chief Technology Officer, he holds a B.S. and Ph.D. in Civil Engineering with a focus in Transportation. Dr. Wang specializes in transportation software, database development, traffic safety analysis and engineering, and GIS. Selected Relevant Experience CRASH Regional Buildout | Southern California Association of Governments (SCAG) Managed the development and implementation of the metro-wide CRASH safety analysis software for SCAG. Acted as a liaison between traffic safety engineering stakeholders and the Citian project team to ensure timely completion, data refinement quality, and crash analysis accuracy of deliverables. Managed budgets, data exchange, and training to ensure timely project success. Worked to customize features such as artificial intelligence and advanced data analytics to ingest, refine, and audit SWITRS, CCRS, and TIMS crash data. CRASH Countywide Buildout | San Joaquin County, CA Managed the data integration and database build for a countywide CRASH safety analysis software implementation for San Joaquin County in California. Worked directly with the project manager and county traffic safety data stakeholders to tailor CRASH’s AI and machine learning refinement algorithms and ensure accurate and prompt completion of all data-related deliverables. Worked to customize features such as artificial intelligence and advanced data analytics to ingest, refine, and audit SWITRS, CCRS, and TIMS crash data. CRASH District Buildout | Washington, DC Managed development and deployment of the citywide CRASH safety data analytics software in the District of Columbia for the District Department of Transportation (DDOT). The CRASH software platform was launched initially for DDOT and has developed to become the industry-leading CRASH software. Worked to customize features such as artificial intelligence and advanced data analytics to ingest, refine, and audit crash data. Developed local custom dashboards and predictive analysis approaches to promote effective, expedited safety analysis and issue remediation across the District. CRASH Statewide Buildout | Oklahoma Department of Transportation Served as Project Lead in the completion of a statewide buildout of the CRASH safety data analytics software for the Oklahoma Department of Transportation. This work included an evaluation of crash reporting, algorithmic insertion of various crash and geometric data into the active SaaS system, the addition of customized software elements, and management of the program rollout. Additionally, live training for the State staff was completed to orient them to the system. Education Ph.D. Transportation Tsinghua University B.S. Civil and Environmental Engineering Tsinghua University Professional Affiliations American Society of Civil Engineers American Council of Engineering Companies of Metropolitan Washington Transportation Research Board 13 Jeffrey Lee Software Development Lead Jeffrey Lee is a distinguished technical executive with a robust two-decade career spanning the entire software development lifecycle. His expertise encompasses critical industries including cable/telecom, financial services, and software-as-a-service (SaaS). As the head of engineering at Citian, Jeffrey spearheads the development of cutting-edge civil engineering solutions as well as the onboarding and service of new and existing clients. His deep knowledge in solutions delivery, agile methodology, and technical strategy is pivotal in driving innovation and ensuring the successful execution of complex projects, on time and under budget. Selected Relevant Experience CRASH Regional Buildout | Southern California Association of Governments (SCAG) Served as principal engineer for the CRASH project with SCAG, driving solution design, clarifying delivery goals, and ensuring execution. Managed software development and coordinated all integration efforts. Expertise in agile methods, technical strategy, and complex systems delivery was central to driving progress and exceeding project benchmarks for the high volume of data encountered in this region. Worked to customize features such as artificial intelligence and advanced data analytics to ingest, refine, and audit SWITRS, CCRS, and TIMS crash data. CRASH County Buildout | San Joaquin County, CA Served as lead architect and systems lead for Oklahoma DOT’s CRASH implementation, aligning technical strategy, defining success criteria, and resolving complex delivery challenges. Directed software development and oversaw end-to-end system integration and environment buildout. Worked to customize features such as artificial intelligence and advanced data analytics to ingest, refine, and audit SWITRS, CCRS, and TIMS crash data. Deep expertise in solutions delivery, agile practices, and technical architecture was instrumental in driving innovation and ensuring the project was completed on time and under budget. CRASH Citywide Buildout | Elk Grove, CA Led technical architecture and delivery for Elk Grove, CA’s implementation of CRASH, establishing system design direction, defining key outcomes, and guiding the project through technical and operational challenges. Managed development efforts and coordinated full lifecycle system integration, including environment setup and data workflows. Implemented an integration process to ingest crash data from the Crossroads crash reporting system, aggregating it for analytical processing. Applied deep expertise in agile execution and software delivery to enable an efficient deployment and successful project outcome. Education B.S. Information Systems Carnie Mellon University Certifications AWS Cloud Practitioner 14 Theresa Hall Client Experience Lead Theresa Hall has over 8 years of experience leading complex, large-scale SaaS implementations and cross-functional project delivery efforts across both public and private sector environments. She brings deep expertise in project management, implementation strategy, and operational enablement. She works closely with executive stakeholders and delivery teams to ensure solutions are aligned to current business objectives all while maintaining an eye on future needs and growth of the client’s environment. Notably, she brings deep expertise change management and harmonizing operations with digital solutions. She focuses on smooth adoption, sensible usability, and making sure clients receive long-term value. Selected Relevant Experience CRASH Implementation | MetroPlan Orlando Ms. Hall served as Client Experience Lead and Project Lead for a five-month implementation of a Citian’s CRASH platform for a regional Metropolitan Planning Organization overseeing three counties and associated cities. The engagement involved replacing fragmented crash data sources from state and local systems with a centralized, analytics-driven solution designed to support efficient deployment of safety resources and roadway safety decision-making. She led requirements gathering across MPO leadership and county stakeholders, developed the implementation plan, and defined system workflows to align with existing operational processes. Following implementation, she led training for approximately 25 MPO, county, and city staff and technical users, equipping users to leverage crash and GIS analytics to inform police deployment strategies, prioritize roadway investments, and support data-driven safety initiatives. CRASH Implementation | Benton County, WA Ms. Hall serves as Client Experience Lead and Project Lead for the accelerated implementation of a CRASH analytics platform for Benton County who was seeking to strengthen its Highway Safety Improvement Program (HSIP) funding competitiveness. The primary objective of the engagement was to enable faster, more strategic prioritization of crash trends, speed analysis, and countermeasure planning to maximize funding allocations each HSIP cycle. Ms. Hall executed a streamlined deployment plan. She overlapped system configuration with stakeholder training to compress time to value, so staff could begin utilizing HSIP ranking and crash-speed analytics functions as soon as deployment was complete. Process Optimization and Technology Implementation Planning | US Department of Agriculture Ms. Hall served as Project Manager for a public-sector process optimization initiative for the U.S. Department of Agriculture, partnering with cross-functional stakeholders to gather requirements and assess how new technology could be integrated into existing operational workflows. She facilitated stakeholder workshops to document current-state processes and guide future-state optimization discussions. The resulting Implementation Plan addressed both immediate operational needs and longer-term process improvements, delivering a technology implementation strategy grounded in real-world operations and supporting successful adoption and long-term usability. Education B.S. Supply Chain and Operations Management North Carolina State University 15 Scope of Services Project Management and Delivery Citian applies PMBOK-aligned project governance with consistent oversight of scope, schedule, cost, risk, quality, and stakeholders, while delivering the platform through an Agile SaaS model that uses iterative cycles, milestone- based reviews, and unified governance across all partners. Citian supports this delivery model with a structured communications approach, designating a single primary point of contact for the City of Bozeman, establishing escalation paths, and maintaining a schedule of projects meetings. These meetings will include will focus on milestones, risks, decisions, and upcoming activities. This communication plan will be documented in the Project Plan. Implementation Approach Phase 1: Discovery, Data Collection, and Onboarding Citian’s approach to implementing CRASH is structured to align with the City’s unique processes and requirements. In Phase 1, Citian will commence with a comprehensive Kickoff Meeting to establish milestones, review timelines, and engage stakeholders. During the first four weeks of our engagement, we will conduct a Customization Workshops with City staff, IT staff, GIS staff to capture the City’s operational requirements and processes and align it to configuration and customization goals. We plan to include, if the City prefers, members of the selected Consultant (who will prepare the Safety Action Plan) in initial Phase 1 planning activities, and we can engage them throughout implementation as much as the City and the Consultant would want. Detailed Requirements and Backlog Preparation: Citian’s approach to requirement gathering begins with an initial Discovery Phase, during which our team takes time to learn, validate, and frame the problem before locking down technical requirements. During this phase, we provide advice and guidance on configuration approaches aligned with industry best practices, engage stakeholders through targeted interviews and working sessions, review existing systems, data sources, and workflows, and clarify business objectives, constraints, and success criteria. We work with users to understand roles, needs, and pain points, and develop high-level as-is and to-be process models that ground technical decisions in real operational context. Citian will produce a set of foundational deliverables that establish a clear, actionable path to implementation. A Requirements Backlog documents the City’s requirements and confirm what the system must support, directly informing configuration decisions and delivery sequencing. Project Plan defines the implementation roadmap, including key activities, responsibilities, levels of effort, critical tasks, and milestone dates. These deliverables validate scope, schedule, and effort assumptions and establish a shared foundation for delivery. Configuration decisions and integration details are captured through technical documentation to support transparency. Base Data Exchange and Import: Citian’s base data exchange and import process minimizes City effort while establishing the foundational data environment for CRASH. The City should expect to provide available GIS base layers, such as roadway transportation network information and jurisdictional boundaries, in their current formats, without preprocessing or reformatting. Citian manages intake of City-provided and external datasets, including relevant demographic data, such as U.S. Census data, and any additional contextual data. Citian’s GIS team reviews, validates, and aligns all datasets with CRASH’s spatial framework and data schemas to confirm usability within the platform. Base data import occurs early in implementation to support system configuration using real data and to reduce downstream rework. City data remains City-owned and is preserved in a structured format to support ongoing use. 16 Phase 2: Configuration and Testing Initial Data Extraction and System Setup: Following Discovery, Citian initiates Initial Data Extraction and System Setup to establish a functional, reviewable CRASH environment using real client data. Citian provisions the platform, configures foundational settings to reflect the City’s organization, geography, and user roles, and enables core modules based on validated Phase 1 requirements. In parallel, Citian ingests available datasets, to validate structure, geometry, and refinement logic and produce a baseline for stakeholder review. Feedback from this review is managed through the established requirements backlog and prioritization process, allowing controlled refinement while maintaining governance over scope, schedule, and impact as the platform is configured and scaled. Data Ingestion, Integration, and Refinement: Citian’s data extraction and ingestion process is designed to accommodate a range of source systems and data formats while establishing a defensible analytical foundation for CRASH. The platform supports API-based integrations, scheduled file transfers, and structured data migration from police records systems, state crash repositories, transportation databases, and legacy archives. Historical data may be provided via bulk export in formats such as CSV, XLSX, XML, AASHTOWare files, or PDF crash reports, all of which Citian currently processes for active clients. Where advanced safety data collection equipment is deployed, datasets capturing red-light running, near misses, speeding, or other behavioral indicators can be ingested and aligned with crash and roadway network data within the same environment. Initial implementation may begin with a secure bulk download of historical records to establish the analytical baseline, followed by configuration of recurring data feeds to support ongoing monitoring. Upon intake, all datasets undergo schema alignment, geo-association, and AI-assisted refinement. Crash records are standardized, location attributes validated, and key fields such as injury severity and contributing factors reviewed to produce a structured, reproducible crash repository. Records are linked to roadway segments, intersections, and corridors within the City’s GIS framework, forming the digital twin foundation. The duration of this phase may vary depending on source system accessibility, export formats, data cleanliness, and whether live integrations are configured during initial onboarding. In most cases, ingestion and refinement can be completed within two to four weeks; more complex integration environments may extend this window modestly to allow for coordination with IT staff, testing of automated feeds, and validation of data mappings prior to full deployment. Testing, Staging Environments, and Readiness: As consistent with the Testing Plan confirmed in Phase 1, testing for CRASH includes a rigorous suite of functional test cases covering both regression testing and newly developed features and functionality. Citian provides both test and production environments to support controlled validation prior to release. Automated testing, including unit and integration tests, is being incorporated to supplement—though not replace—manual functional testing. Performance testing is conducted as needed, particularly when new or updated functionality is expected to be performance-intensive, such as APIs and batch processes. Citian applies structured readiness protocols and Go-Live Plans to confirm production readiness following completion of configuration, testing, QA/QC, and data validation in staging. These activities verify system behavior, workflows, integrations, data pipelines, and access controls. Phase 3: Launch and Training Deployment: Deployment transitions CRASH into live production through a controlled release process, promoting validated data and configurations from staging, activating role-based access, and confirming system availability. An initial stabilization period includes heightened monitoring and issue management through defined QA/QC and 17 tracking processes, with deployment coordinated alongside training and client success activities. User Training and Education: Citian’s training and enablement approach is grounded in a hybrid instructional model based on the ADDIE framework (Analyze, Design, Develop, Implement, and Evaluate), which is widely recognized and trusted across the Learning and Development and IT implementation communities. Citian applies ADDIE as a flexible, user-centric framework that supports adult learners while accommodating the realities of SaaS platform deployment, where users benefit most from progressive exposure to a live system and reinforcement over time. Figure 4: ADDIE Instructional Framework The training plan includes multiple formats to support onboarding, reinforcement, and ongoing use. In-person, instructor-led training is conducted during onboarding to introduce users to the live platform, system navigation, and core workflows in a guided setting tailored to participant roles. Digital user manuals provide a centralized, continuously updated reference documenting key features, workflows, and common tasks, supporting day-to-day use and onboarding of new staff. Virtual, asynchronous training sessions are delivered throughout the contract to reinforce prior training, introduce new functionality, and address evolving needs, typically aligned with system milestones. Clinic sessions are offered as needed to provide focused, hands-on support for specific workflows or questions. 18 Description of Proposed Solution CRASH – Citian’s Safety Data Platform Citian proposes CRASH, a comprehensive, cloud-based safety data platform purpose-built to support Safety Action Plan development and long-term SS4A implementation. CRASH centralizes crash, roadway, traffic, and contextual data into a spatially intelligent digital twin and equips staff with tools for high injury network (HIN) analysis, crash diagrams, systematic crash pattern identification, network screening, predictive modeling, countermeasure evaluation, and ongoing safety performance monitoring. Rather than functioning as a static reporting dashboard, the platform operates as an integrated safety intelligence environment, supporting diagnosis, prioritization, investment planning, and ongoing evaluation within a single system. CRASH offers many customizable tools and analysis functions because modern roadway safety policy is not static, single-metric, or one-size-fits-all anymore. Under older safety models, a city might simplify crash count data, fix high profile intersections, publish a memo and move on. Under a Safe Systems framework, which is driven by SS4A, agencies must find ways to conduct more thorough systemic analyses. CRASH offers a way to quickly and intuitively perform such analyses. Digital Twin Environment CRASH is built on a SaaS platform architecture that consolidates all crash and roadway data into a centralized, continuously updated digital twin repository. It is, essentially, a centralized database for Bozeman’s safety data. The platform ingests Bozeman’s GIS data to replicate the City’s roadway as a digital twin. To facilitate precise location, crash data is overlaid with additional sources, with crashes placed at the correct lane, intersection quadrant, segment, and corridor level. CRASH automatically geo-associates events with intersections, segments, corridors, and mileposts, creating a structured spatial foundation for analysis. Figure 5: Interactive maps provide user-friendly visualizations of historical collisions. Correlating factors can be easily overlaid for dynamic safety analysis. 19 • Dedicated intersection and segment profile pages break out and feature key information and insights about a given intersection or segment, including detailed crash data pertaining to that particular roadway selection. This gives Bozeman to the ability to find available crash information, even down to individual crashes, based on location. The interactive digital twin enables staff to seamlessly scale analysis from citywide trends to corridor-level review and down to individual intersection exploration. Crashes are visualized in real-world context, layered over basemaps and roadway geometry, supporting intuitive interpretation of trends and risk clusters. By eliminating siloed spreadsheets and static PDF-based review workflows, the digital twin creates a shared safety intelligence environment that improves cross-department coordination and provides a durable platform for both plan development and long-term monitoring. Data Acquisition, Integration, and AI-Driven Refinement CRASH ingests crash and supplemental datasets from multiple sources, including state crash systems, local agency data, traffic volumes, roadway geometry, probe data, and behavioral datasets. It does this through a structured Multi-Source Data Ingestion engine. Both real-time and historical crash data are continuously incorporated alongside roadway geometry, environmental, and traffic context data through integration of real- time and historical data, allowing analysis to reflect current roadway conditions as well as long-term trends. CRASH is capable of integrating with real-time data captured through traffic signal equipment stationed at any given signalized location, such as the equipment being procured by the City through the same SS4A funding (referenced in the RFP). Citian has integrated its system with real-time data capture equipment before, such as in our implementations for the Southern California Association of Governments and Macomb County, Michigan. At the core of the platform is a Crash Refinement Engine that utilizes artificial intelligence, machine learning, and natural language processing to automate crash report parsing, narrative extraction, location correction, and validation of injury severity, contributing factors, and involved parties. Automated Crash Verification improves the accuracy of location coding and crash attributes, while the Unique Crash & Asset ID System assigns crashes to intersections and segments for consistent tracking and ease of auditability. By transforming raw crash records into structured, validated intelligence, the platform significantly reduces staff time spent cleaning and reconciling data and increases confidence in downstream HIN analysis and project prioritization decisions. To this point, the City of Madison, who uses CRASH, would utilize an entire department’s worth of resources across the span of a month to review individual crash reports, compile data, and create their annual crash pattern report. After implementing CRASH for them, it now takes them mere minutes to generate Figure 6: Crash data location is enhanced through automatic, context sensitive AI refinement 20 the same crash report. High-Injury Network Identification and Safety Pattern Analysis CRASH provides a comprehensive suite of automated screening and analytical tools to support defensible HIN analysis and systematic crash pattern identification. • Automated network screening via the Priority Corridors Tool allow users to identify and rank segments and corridors (that may constitute the HIN) based on total crashes, total fatalities, Safety Performance Functions (SPFs), Total Equivalent Property Damage Only (EDPO), and Level of Safety Service (LOSS), and other configurable criteria. • Sliding Window Analysis enables micro-level screening to identify and rank segments that meet organizational priority criteria. Users can investigate through customizable distance increments (such as 0.1-mile, 0.3-mile, and 1-mile), allowing focused corridor or school-zone review. This supports precise corridor-level and school-zone analysis aligned with SS4A’s requirement to identify and prioritize high-risk segments—not just intersections. Ultimately, this tool directly supports creation of a defensible HIN and countermeasure planning. • Crash Tree Tool provides deeper statistical insight through behavioral disaggregation, box- and-whisker comparisons, and over/under performance detection across functional classifications. This feature will help Bozeman move beyond simple crash counts toward systemic risk analysis, helping meet SS4A expectations for data-driven prioritization and transparent identification of contributing crash Figure 7: Top corridors ranked by total crashes. Filters can be applied to provide additional focus on organizational priority searches. 21 patterns (e.g., turning conflicts, speed-related severity, VRU vulnerability). • Network Analysis Tool supports systemwide screening and comparative performance analysis, enabling identification of over- and under-performing corridors or facility types across the network. This directly supports SS4A’s requirement for network-level safety analysis and allows Bozeman to evaluate whether certain roadway classifications (arterials, collectors, downtown streets) are disproportionately contributing to serious injuries. This informs a Safe System-aligned investment strategy. • Analyze Areas Tool allows staff to define custom study geographies—by radius, jurisdictional boundary, or corridor aggregation—to support targeted project-level review. This enables focused analysis of specific community concern areas (e.g., recent fatal crash locations, growth corridors, school districts) and supports SS4A’s emphasis on equity-informed and community-responsive planning. • Collision Diagram Tool automates traditional diagramming for intersections, segments, and custom areas, allowing users to generate one-click diagrams with detailed crash attributes (date, time, severity, weather, lighting, collision type), refine locations and narratives within an intuitive editor, and export business-ready visuals for reporting and project documentation. This supports Bozeman’s need to communicate clearly with elected officials, the public, and FHWA by transforming raw crash data into intuitive, defensible visual documentation for Safety Action Plan development, project justification, and annual reporting. Together, these tools replace subjective crash cluster identification with structured, repeatable methodology. The result is a defensible prioritization process aligned with SS4A expectations, enabling Bozeman to identify high-risk corridors quickly and transparently while documenting methodology clearly within the Safety Action Plan. Predictive Modeling, Countermeasure Selection, and Investment Optimization CRASH moves beyond descriptive analysis by integrating predictive modeling rooted in both Highway Safety Figure 8: Analyze Area Tool provides custom defined study areas, swiftly created by selecting segments and intersections. Selecting historical collisions can deepen analysis. 22 Manual (HSM) methodology and machine learning. It offers the analytic infrastructure necessary to translate historical crash data into a proactive, investment-ready safety strategy aligned with SS4A requirements. Below are the analytic tools that make this happen: • HSM Predictive Analysis Dashboard identifies, visualizes, and predicts safety trends at the intersection and segment level across the City. The dashboard incorporates SPFs and produces Predicted vs. Observed comparisons, EPDO outputs, and LOSS metrics to quantify excess crash risk and highlight underperforming locations. This supports defensible High Injury Network validation and satisfies SS4A’s requirement for data-driven safety analysis grounded in established methodologies such as the HSM. • Safety Performance Function (SPF) Tool assists the users in developing localized SPFs so prediction can be more accurate and reflect local context. This tool aggregates crashes by intersections and segments, so the user can select segments by AADT, functional class, or number of lanes and intersections by control types, entering volume, or legs. Results can be filtered by any customized attributes of intersections/segments. The tool then generates localized SPFs based on the selections and filters. • Before and After Study Tool assists in monitoring the performance of safety mitigation interventions, assess the effectiveness and impact of countermeasures, and learn from past project outcomes. Users can toggle data based on construction periods and customized date ranges to focus their analysis. This directly supports SS4A’s requirement for measurable safety goals and annual progress reporting to FHWA, enabling Bozeman to demonstrate outcome-based accountability and continuous improvement. • Countermeasure Recommendation Tool generates location-specific mitigation strategies using crash- pattern logic. CRASH pulls its list of recommended countermeasures and their associated CMFs and SPFs from the U.S. Department of Transportation’s FHWA CMF Clearinghouse, which features a range of interventions that serve to improve safety conditions and support multimodal, complete streets, and vulnerable road user safety. This supports the need to link crash diagnosis to evidence-based treatments and aligns recommended projects with federal best practices—an essential element for SS4A grant defensibility and future implementation funding applications. Figure 9: Areas that are under or overperforming are highlighted to show urgent safety issues and "role model" locations. 23 • Cost/Benefit Analysis allows staff to evaluate benefit/cost ratios, optimize fixed budgets, and compare multiple investment scenarios. These capabilities directly support data-driven capital planning, linking risk diagnosis to quantifiable engineering treatments and maximizing the safety return on limited infrastructure funding. Each countermeasure is tied to its associated construction bid items, which are tailored to the City. Recommended countermeasures are designed by default to maximize a benefit/cost ratio. This capability directly supports SS4A’s prioritization and implementation planning requirements while equipping Bozeman to allocate limited capital resources in a transparent, data-driven manner. Monitoring, Evaluation, and SS4A Reporting Automation CRASH prepares report-ready outputs by structuring crash and roadway data into organized, exportable formats suitable for internal analysis, federal reporting, and public transparency. Individual Collision Profiles and Intersection and Segment Profiles consolidate validated crash records, generate crash diagrams through the Automated Collision Diagram Generator, and present summary statistics alongside predicted crash reduction outputs. This allows staff to move directly from analysis to documentation without reformatting or manual diagram production. The Natural Language Query Tool, Saved & Shareable Queries, and Custom Dashboard Builder support rapid generation of tables, charts, maps, and performance summaries tailored to specific audiences, whether for Commission briefings, interdepartmental coordination, or public-facing materials. Federally Aligned Reporting Support facilitates documentation aligned with VRU Safety Assessments, SHSP, and HSIP reporting requirements, while the Public-Facing Dashboard Toggle enables transparent publication of safety metrics with built-in PII protections. Further, CRASH contains a dedicated VRU dashboard facilitating comprehensive VRU reporting. This will allow Bozeman to focus directly on pedestrian or bicyclist crash outcomes and seek to mitigate any identified safety issues. By embedding reporting functionality within the same environment used for screening, prioritization, and predictive modeling, CRASH streamlines the transition from analysis to communication, reduces redundant formatting work, and supports consistent, defensible safety reporting across all audiences. In summary, CRASH supports a Safe Systems–aligned safety approach and transforms a complex, multi-source data landscape into a structured, intuitive analytical environment. The table below summarizes how the platform’s core capabilities directly support FHWA and SS4A requirements: Figure 10: The Countermeasure Recommendation Tool shows the potential safety impact of a variety of countermeasures in a given study area. Users can toggle desired countermeasures to see their predicted impact on crash outcomes. 24 FHWA / SS4A Requirement Federal Expectation Bozeman’s Needs How CRASH Operationalizes Compliance Baseline Safety Metrics (Fatalities, Serious Injuries, VRU) Document current safety conditions and trends Improve ability for staff to utilize crash data • Automated severity parsing • VRU filtering • Multi-year trend analysis • export-ready baseline tables High Injury Network Identification Defensible, reproducible HIN methodology Analyze high injury network for Plan development • Configurable network screening • GIS concentration mapping • Documented thresholds • Exportable HIN shapefiles Equity Analysis Identify disproportionate crash burden and prioritize investments equitably Overlay demographic data and support prioritization • Census integration • Crash burden by tract • Equity-weighted prioritization scoring Countermeasure Identification Align strategies with Safe System principles and evidence-based practices Identify potential countermeasures • CMF-integrated recommendations • HSM-based modeling • Risk-reduction projections Evaluation Framework Establish performance measures and ongoing tracking Facilitate ongoing monitoring and evaluation • Before/after study automation • Statistical comparison tools • KPI dashboards Demonstration Reporting Document effectiveness of technology deployment Demonstrate efficiency gains and improved analysis • Automated crash diagrams • Workflow time reduction • Usage analytics reporting Federal Grant Progress Reporting Provide auditable documentation of activities and outcomes Support SS4A grant evaluation tasks • Exportable reports • Stored methodologies • Reproducible analysis workflows Table 2: How CRASH Operationalizes FHWA SS4A Compliance 25 Maintenance and Support for City Staff Continued Partnership Beyond Implementation Citian’s continued partnership approach is centered on a dedicated Client Success (CS) team whose primary responsibility is to drive institutionalized use of the CRASH platform and support long-term value realization over the duration of the contract. In addition to routine engagement and support, the Client Success team plays an active role in identifying and advancing continual platform enhancements that allow CRASH to evolve alongside the City’s programmatic needs after deployment. Rather than shifting the relationship to a reactive, support-only model, Citian assigns the City a named Client Success professional who serves as the ongoing point of accountability for effective platform use, alignment with organizational goals, and sustained return on investment. The assigned Client Experience Lead owns routine client engagement and maintains a proactive, vendor-led relationship designed to eliminate the need for uphill self- advocacy by client staff in order to secure attention, guidance, or value from the platform. Citian initiates engagement and raises opportunities for refinement or improvement even when no issues have been formally reported. The CS team uses a set of structured, vendor-led engagement mechanisms to support effective platform use, surface insights, and reinforce long-term value, including: • Quarterly Business Reviews (QBRs): Regular, vendor-led sessions focused on macro-level platform usage, progress toward the City’s programmatic goals, satisfaction with advisory support, and identification of any shifts to configuration, workflows, or data needed to better support evolving priorities. • Ad Hoc Training and Support Sessions: Targeted, on-demand sessions addressing micro-level questions, common usage challenges, and workflow clarification, reinforcing correct system use and supporting sustained adoption as staff roles, data, or needs change. Insights gathered through these engagements inform continual platform enhancements delivered throughout the contract term. These enhancements may include configuration refinements, workflow adjustments, or feature updates that improve how the platform supports the City’s objectives. Enhancements are distinguished from break/fix support and are introduced in a governed manner based on observed usage patterns, recurring needs, and strategic priorities identified during QBRs and ongoing engagement. This approach allows CRASH to improve over time without requiring the City to formally escalate requests or advocate repeatedly for incremental value. While CS leads day-to-day partnership, engagement, and enhancement activities, Citian’s Account Manager remains involved as needed to preserve continuity around contractual obligations and commercial alignment. This role is intentionally limited to ensure the City’s primary experience remains focused on outcomes, guidance, and long-term value rather than sales activity. Through this structured, proactive partnership model, Citian provides the City with sustained support, clear accountability, and built-in mechanisms for continual improvement that position CRASH as a durable, evolving component of the City’s operations. Ongoing Support and Maintenance In addition to driving effective platform use and long-term value, Citian’s Client Success team also serves as the primary point of coordination for ongoing support and maintenance activities. This model provides the City with a clear, consistent entry point for reporting issues and requesting assistance, while capitalizing on the interconnected nature of customer support and Client Success. 26 Client support requests are managed through a centralized ticketing process overseen by the CS team. Tickets are logged, prioritized, and tracked to resolution, with the Client Experience Lead maintaining visibility and communication throughout the process. This approach allows City staff to report issues without navigating internal vendor structures or escalating concerns independently. Bug fixes and software patches are addressed through a structured support lifecycle. When an issue is identified, Citian uses the following structured process: 1. Issue Identification and Prioritization: Reported issues are logged and reviewed to assess their nature, severity, and potential impact, allowing Citian to assign an appropriate priority level and response path 2. Root Cause Analysis and Remediation: Citian investigates the underlying cause of the issue and implements corrective action tailored to the identified condition, whether through configuration adjustment, code correction, or patch development. 3. Validation in Controlled Environment: All fixes and patches are tested and validated in a controlled staging environment prior to release to confirm proper behavior and avoid unintended impacts 4. Production Deployment: Once validated, fixes are promoted to the production environment in a controlled manner designed to preserve system stability and minimize disruption to users 5. Follow-Up Review and Communication: Resolved issues and applied fixes are documented and reviewed during routine client success meetings to confirm resolution, address any related questions, and identify opportunities to prevent recurrence To provide clear expectations around responsiveness, Citian applies defined service level targets for initial response based on issue priority. These service levels are designed to ensure timely acknowledgment and communication while allowing appropriate flexibility in resolution based on issue complexity. The following section outlines Citian’s response targets by support priority level: Priority Definition Target Response Times Target Resolution Times Target Level of Effort P1 Urgent: System inaccessibility to authorized users Within 6 hours Within 24 hours Continuous, 24 hours per day, 7 days per week until impact is reduced to P2 or lower P2 High: Core functionality fails Within 12 hours Within 72 hours As appropriate, Monday through Friday, 8AM to 5PM, local time P3 Medium: Any defect that significantly impedes work Within 24 hours Within 1 week As appropriate, Monday through Friday, 8AM to 5PM, local time P4 Low: Any defect that does not significantly impede work Within 24 hours Within 4 weeks As appropriate, Monday through Friday, 8AM to 5PM, local time P5 Feature Request: Cosmetic issues or requests for platform enhancements, new tools, or expanded functionality Within 24 hours Varies by complexity of the request Varies by complexity of the request 27 Regular Software Updates In addition to issue-driven fixes, Citian periodically introduces planned platform updates to support stability, security, and long-term maintainability. These updates are infrequent, preserve existing configuration and workflows, and are coordinated through the CS team to confirm readiness and minimize operational impact. 28 Related Experience with Projects Similar to the Scope City of Madison – Crash Safety Analysis Platform The City of Madison sought CRASH to centralize and expedite traffic safety analysis as part of their Vision Zero focus. Citian is collaborating with a variety of data stakeholders to enhance available regional data available for analysis and maximize the impact of the CRASH platform. Historically, the City of Madison relied on multiple datasets owned by a wide group of stakeholders, including State, local, and university partners. Timely access to key data and standardized formatting for efficient incident layering, mapping, and analysis became a perennial challenge. Citian engaged with these data owners, such as the University of Wisconsin-Madison Traffic Operations and Safety (TOPS) Laboratory, to integrate and centralize mission-critical datasets into CRASH. For example, AADT information, alongside additional roadway context data, integrates into CRASH to overlay and inform analysis of factors that correlate with crashes. CRASH will enable the City to conduct analysis and mapping of existing high-risk locations, including the creation of a HIN. This rich contextual data also informs CRASH’s predictive modeling tools. For the first time, Madison can proactively identify locations and more comprehensively perform network analysis. With CRASH, previously manual data exchange processes have been automated, and the City will be equipped to proactively address high- risk safety locations faster than ever before. As a result, Madison has experienced a 58% decline in traffic fatalities on city-owned roadways, realizing a total economic benefit of over $8M in public benefit. Madison has sped up countermeasure implementation. Previous workflows had been time- consuming and required extensive back and forth between staff to develop lists of appropriate interventions. Assessing the potential impact of these interventions took longer still. CRASH’s countermeasure recommendations tool automates much of this workflow, expediting engineering decision-making and intervention deployment. Client City of Madison, Dept. of Transportation Project Location Madison, Wisconsin Key Professional Services Platform Implementation and Configuration Digital Transformation Enterprise Data Management and Governance Figure 11: A heat map reveals trends in the frequency and severity of crashes in Madison over time 29 Southern California Association of Governments – Transportation Safety Predictive Modeling and Analysis Platform Citian has supported the Southern California Association of Governments (SCAG) in taking a proactive approach to traffic safety throughout the Southern California region using CRASH and many of its predictive capabilities. SCAG has a growing population exceeding 18 million residents and encompasses six counties and 191 local partner agencies. Citian collaborated with SCAG to develop their custom CRASH environment tailored to the automated reporting, predictive modeling, and proactive safety goals of the region. Citian ingested and refined ten years of crash data from disparate data sources, including the Statewide Integrated Traffic Records System (SWITRS), the California Crash Reporting System (CCRS), and the Transportation Injury Mapping System (TIMS), to immediately upgrade the overall data accuracy, access, and timeliness for SCAG and all of their local partner agencies. Citian layered on analysis and reporting tools to serve as the foundation for network screening, predictive analysis, and traffic safety improvement operations across the region. CRASH’s mapping and querying tools are being leveraged to easily navigate over 1.2M crashes across the region. CRASH combined this highly enriched crash data with several supplemental datasets, including jurisdictional breakdowns, travel behavior data (e.g. speeding data, near- miss data, etc.), equity data, roadway data, and more to facilitate context-sensitive engineering and planning studies. CRASH is being used by SCAG to automate much of the safety analysis and reporting performed at the regional level, including localized fact sheets for each local partner agency to set and monitor performance metrics. Throughout the buildout and launch of the CRASH environment, Citian's worked closely with SCAG's leadership to ensure a seamless project delivery. In SCAG’s buildout, several customizations were completed, including APIs to automate data transfer processes, dashboards to navigate programming and track progress, and role-based access for SCAG and their local partner agencies. Citian developed further customizations for SCAG to calibrate CRASH’s predictive safety models across the region. The Citian team conducted on-site training as the system was deployed for SCAG as well as virtual product demonstrations for their local partners, including their monthly ‘Toolbox Tuesday’, to ensure users were fully onboarded and proficient in CRASH. SCAG has prioritized traffic safety through its CRASH deployment by providing those responsible for safety on their roads access to refined crash data, industry-leading predictive models, and the tools required to streamline much of the manual work associated with their operational workflows. Both at the regional and local levels, users can get ahead of emerging patterns and focus their time on more meaningful analysis and decision-making. Client Southern California Association of Governments Project Location Los Angeles, CA Key Professional Services Platform Implementation and Configuration Digital Transformation Enterprise Data Management and Governance 30 San Joaquin County – Transportation Safety Predictive Modeling and Analysis Platform San Joaquin County has introduced CRASH to modernize their approach to citation and report data. As one of California’s fastest- growing regions—with a mix of urban centers like Stockton, suburban cities such as Manteca and Lodi, and rural areas spanning agricultural corridors—San Joaquin faces a complex set of transportation challenges. CRASH is now helping local agencies work together more effectively by unifying data across jurisdictions and equipping teams with tools to make faster, smarter decisions about roadway safety. In the past, transportation and law enforcement staff throughout the County relied largely on crash data aggregated by state systems like the California Crash Reporting System (CCRS) and visualized through the TIMS platform at UC Berkeley. While these tools offered broad access to crash records, they often suffered from delays in data availability and inconsistencies that made it difficult to capture the full picture of roadway risk. Citian addressed these issues by supplanting data sourced from the state with crash records directly captured by officers in the County. Now, public safety teams can view near real-time information on crashes and have access to crash reports to verify critical information. This enables the County to identify high-risk locations, understand how they relate to crash patterns, and verify state data against the ground truth in crash reports. Planners and engineers are also using CRASH to better inform infrastructure investments. The County can analyze crash hot spots and citation trends in combination with roadway design features, traffic volumes, and demographic context. For instance, recurring crashes near school zones in South Manteca or pedestrian injury clusters in East Stockton can now be analyzed alongside enforcement data to evaluate the potential impact of speed management strategies, signal upgrades, or pedestrian crossing improvements. CRASH further improves data reliability by automatically correcting common issues such as vague crash locations or inconsistent violation descriptions. These improvements ensure that across the County are working from a shared, accurate foundation, reducing duplication and enabling more effective collaboration between transportation and public safety teams. Built-in dashboards and reporting tools allow agencies to monitor performance across the network, track the outcomes of targeted enforcement campaigns, and generate customized reports for public meetings, Caltrans programs, or state and federal grant applications. Whether evaluating the impact of a DUI study or planning corridor improvements, staff can now access meaningful insights in minutes instead of months. By linking enforcement data with infrastructure data in one integrated system, San Joaquin County is creating a more proactive and coordinated traffic safety framework. CRASH gives agencies the ability to act quickly, focus resources where they’re most needed, and design interventions that reflect both the reality on the ground and the long-term goals of safer, more connected communities. Client San Joaquin County Project Location Stockton, CA Key Professional Services Platform Implementation and Configuration Digital Transformation Enterprise Data Management and Governance 31 City of Helena – Street Asset Inventory and Computerized Maintenance Management Scope of Entire Project: Citian supported the City of Helena in their efforts to develop a holistic and comprehensive transportation network asset management system software to fully understand pedestrian accessibility and ADA compliance. LiDAR was used to scan approximately 260 miles of City roads over three weeks. Citian used automated tools to extract over 45,000 assets and their related measurements. Sidewalks, curb ramps, curbs, gutters, signage, road cross slopes, and road striping were all captured and evaluated. After a thorough QA/QC process to ensure accuracy, this robust asset inventory data was then used to populate ADAPT for easy, intuitive maintenance and management. Helena users leverage ADAPT to generate data-driven insights and invest equitably across their pedestrian network, closing sidewalk gaps and addressing compliance challenges in priority areas. Users can view all relevant details for any asset scanned across their network, including ADA compliance status and the cost to remediate any issues. Users can further monitor total network compliance, conduct top-down analysis of assets for top corridors, and even generate automated remediation plans for any selection of ROW assets across their network. Nature of the Service Provider’s/Firm's responsibility in the project: Citian was responsible for the asset inventory and ADAPT deployment. Citian worked with Helena to develop a prioritized list of ROW assets and launched a computerized maintenance management system to comprehensively operate Helena’s transportation network asset system. The team extracted and documented tens of thousands of unique assets in DC and efficiently categorized assets by their ADA compliance within ADAPT. Further, they automatically recommended necessary remedial actions, estimated repair costs, and provided planning and programming guidance for Helena’s pedestrian network planning. Figure 12: Helena Asset Condition Status Client City of Helena Project Location Helena, MT Key Professional Services Platform Implementation and Configuration CMMS Platform Delivery ADA Asset Inventory Enterprise Data Management and Governance 32 References Reference 1 Client Name City of Madison, Department of Transportation Address 215 Martin Luther King Jr. Boulevard Madison, WI 53703 Point of Contact Yang Tao, PhD, PE – Director of Traffic Engineering Contact Information ytao@cityofmadison.com, (608) 266-4815 Reference 2 Client Name Southern California Association of Governments Address 900 Wilshire Boulevard, Suite 1700 Los Angeles, CA 90017 Point of Contact Anita Au – Planning Supervisor (reassigned but still at SCAG) Sarai Osorio – Project Manager (newly assigned) Contact Information Anita Au - au@scag.ca.gov, (213) 236-1874 Sarai Osorio - osorios@scag.ca.gov 33 Reference 3 Client Name San Joaquin County, Department of Public Works Address 1810 E Hazelton Avenue Stockton, CA 95205 Point of Contact Jeffrey Levers, T.E. – Senior Transportation Engineer Contact Information jlevers@sjgov.org, (209)-953-7631 Reference 4 Client Name City of Helena Address 316 N Park Ave Helena, MT 59623 Point of Contact David Knoepke - Transportation Systems Director Contact Information dknoepke@helenamt.gov, (406) 457-8571 34 Proposed Schedule The proposed timeline is organized into three phases that balance upfront planning with early execution, allowing configuration, data collection, and user onboarding to progress in parallel where appropriate. This sequencing is designed to accelerate validation, reduce downstream rework, and move the project from planning to practical use as efficiently as possible. We are proposing a project timeline of 13-17 weeks, from kickoff to deployment. An outline of our proposed schedule, along with overview of high-level implementation activities, is below: Phase 1: Discovery, Data Extraction, and Onboarding [4-6 weeks] • Project Initiation and Planning: Project kickoff, detailed requirements confirmation, cross-department alignment on strategy, data validation, implementation planning, configuration decisions. • Base Data Exchange and Import: Secure transfer and ingestion of historical and current crash, roadway, and related safety datasets from City and partner systems (e.g., police RMS, state repositories, GIS). Data are standardized and refined to establish a structured, reproducible analytical baseline within CRASH prior to configuration and testing. Phase 2: Configuration and Testing [8-10 weeks] • System Configuration, Integrations, Continued Data Refinement, and Testing: CRASH platform configuration, GIS synchronization, integrations setup, and iterative testing. Initial onboarding occurs to familiarize users as well as gather feedback. The wider variance in allotted project weeks reflects differences in data ingestion, refinement, and integration complexity, as source systems, data volumes, and integration methods directly influence the overall implementation timeline. Phase 3: Launch and Training [1 week of readiness activities] • Readiness and Deployment: Go-live planning to validate configuration, data quality, integrations, workflows. May overlap with training. • **User Onboarding and Training: This phase includes live in-person training sessions, office hours, and targeted ad hoc training as needed. **Not included in the 13–17-week implementation timeline. 35 Price Proposal The total proposed cost for implementation and three (3) years of Safety Data Platform demonstration is $144,000, structured as $48,000 per year over the three-year contract term. For administrative simplicity and grant alignment, Citian proposes invoicing the full $144,000 at contract execution. Year 1 $48,000 Year 2 $48,000 Year 3 $48,000 Table 3: Cost Breakdown This pricing reflects a comprehensive, enterprise-level SaaS deployment and includes: • Full platform implementation and configuration, including onboarding, data ingestion setup, system configuration, and coordination with the City and the Comprehensive Safety Action Plan consultant. • Unlimited fusion of datasets, allowing the City to integrate crash records, intersection safety equipment outputs, roadway network data, and demographic layers without volume-based pricing constraints. • Unlimited user access, ensuring that engineering, planning, leadership, and partner stakeholders may access the system without per-seat licensing fees. • Ongoing hosting and infrastructure costs, with the platform securely hosted on AWS. No additional cloud storage or data volume fees will be charged during the demonstration period. • Maintenance, upgrades, and technical support throughout the three-year term, including feature enhancements and platform updates at no additional cost. This fixed-fee structure provides the City with cost certainty over the entire demonstration period and aligns directly with the SS4A grant allocation identified in the RFP. By eliminating variable licensing, storage, and data volume charges, the City can fully leverage the platform for Safety Action Plan development, High Injury Network analysis, countermeasure evaluation, and ongoing FHWA reporting without risk of incremental cost escalation. 36 Attachment A: Signed Affirmation of Nondiscrimination Attachment A: Signed Affirmation of Nondiscrimination Attachment A NONDISCRIMINATION AND EQUAL PAY AFFIRMATION ____________________________________(name of entity submitting) hereby affirms it will not discriminate on the basis of race, color, religion, creed, sex, age, marital status, national origin, or because of actual or perceived sexual orientation, gender identity or disability and acknowledges and understands the eventual contract will contain a provision prohibiting discrimination as described above and this prohibition on discrimination shall apply to the hiring and treatments or proposer’s employees and to all subcontracts. In addition, ____________________________________(name of entity submitting) hereby affirms it will abide by the Equal Pay Act of 1963 and Section 39-3-104, MCA (the Montana Equal Pay Act), and has visited the State of Montana Equal Pay for Equal Work “best practices” website, https://equalpay.mt.gov/BestPractices/Employers, or equivalent “best practices publication and has read the material. ______________________________________ Name and title of person authorized to sign on behalf of submitter Citian, Inc. Citian, Inc. Steven Houh, Chief Executive Officer 37 Attachment B: Proposed Changes to SaaS Agreement Attachment B: Proposed Changes to SaaS Agreement 38 Proposed Changes to the Software as a Service Agreement Below is a list of the edits Citian has made to Attachment B – Software as a Service Agreement. Per the RFP, we have proposed no exceptions to section 9. Overview of changes: - Under (1) Definitions, added terms (j) through (o). - Section 10, Audit Right, was revised. - Section 14, Transition Assistance, was revised. - Section 18, Intellectual Property Ownership; Feedback, was revised, with newly added subsections at (d) and (e). - Section 22, Data Incidents, was revised. - Exhibits A, B, and C are newly added. Exhibits A and C are in the revised Agreement itself. Exhibit B is Appendix A of this proposal package. See below for our proposed copy of Attachment B. Software as a Service Agreement This Software as a Service Agreement (“Agreement”), is made and entered into this _____ day of ____________, 202__ (“Effective Date”), by and between the City of Bozeman, Montana, a self-governing municipal corporation organized and existing under its Charter and the laws of the State of Montana, 121 North Rouse Street, Bozeman, Montana, with a mailing address of PO Box 1230, Bozeman, MT 59771, hereinafter referred to as “City,” and, Citian Inc., a Delaware Corporation_______________, with a mailing address of 99 M St SE, Suite 755, Washington, DC 20003__________________, hereinafter referred to as “Provider.” The City and Provider may be referred to individually as “Party” and collectively as “Parties.” In consideration of the mutual covenants and agreements herein contained, the receipt and sufficiency whereof being hereby acknowledged, the Parties hereto agree as follows: 1. Definitions. a. “Aggregated Statistics” means data and information related to the City's use of the Services that is used by Provider in an aggregate and anonymized manner, including to compile statistical and performance information related to the provision and operation of the Services. b. “Authorized User” means the City's employees, consultants, contractors, and agents (i) who are authorized by the City to access and use the Services under the rights granted to the City pursuant to this Agreement and (ii) for whom access to the Services has been purchased hereunder. c. “Confidential Information” means, subject to Montana’s Open Records Law, all written or oral information, disclosed by either Party to the other, related to the operations of either Party or a third party that has been identified as confidential or that by the nature of the information or the circumstances surrounding disclosure ought reasonably to be treated as confidential. With respect to the City, Confidential Information must also include any and all information transmitted to or stored by Provider in connection with performance of its obligations under this Agreement, including, but not limited to, personally identifiable information (“PII”) of residents, employees or people included within the City’s data, including name, address, phone number, e-mail address, date of birth, social security number, patient records, credit card information, driver’s license number, account numbers, PINs and/or passwords, any other information that could reasonably identify a person, and products, confidential intellectual property, trade secrets, third-party confidential information, and other sensitive or proprietary information, whether orally or in written, electronic, or other form or media/in written or electronic form or media, and whether or not marked, designated, or otherwise identified as “confidential.” Confidential Information does not include information that, at the time of disclosure is: (a) in the public domain; (b) known to the receiving Party at the time of disclosure; (c) rightfully obtained by the receiving Party on a non-confidential basis from a third party; or - page 2 of 16 - (d) independently developed by the receiving Party without reference to or use of the disclosing Party’s Confidential Information. d. “City's Data” means, other than Aggregated Statistics, information, data, and other content, in any form or medium, that is submitted, posted, or otherwise transmitted by or on behalf of the City or an Authorized User through the Services, including, without limitation, the City's meter data and other energy data related to the City's facilities located in the State of Montana. This information, data, and content may also include that which is considered Confidential Information. e. “Data Incident” means a breach of the City or the Provider’s security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to the City’s Data through the Services licensed to the City by the Provider. f. “Documentation” means Provider’s user manuals, handbooks, and guides relating to the Services provided by Provider to the City either electronically or in hard copy form/end user documentation relating to the Services. g. “Intellectual Property Rights” or “IP Rights” means any and all rights that may exist under patent law, copyright law, publicity rights law, moral rights law, trade secret law, trademark law, unfair competition law or other similar protections, whether or not such rights are registered or perfected. h. “Provider IP” means the Services, the Documentation, and any and all intellectual property provided to the City or any Authorized User in connection with the foregoing. For the avoidance of doubt, Provider IP includes Aggregated Statistics and any information, data, or other content derived from Provider’s monitoring of the City's access to or use of the Services, but does not include the City's Data. i. “Services” means the on premise software-as-a-service license described in the Scope of Services. See attached Exhibit A. j. “Order Form” means a mutually executed document between the City and the Provider that identifies the Offering to be provided, the applicable fees, the Subscription Term, and any other applicable usage limitations. See attached Exhibit B. k. “Professional Services” means implementation, configuration, training, optimization, or other technical services provided by Provider to City as described in a mutually executed Scope of Services. l. “Service Level Agreement” means Providers’s policies, procedures and practices regarding system performance, monitoring and technical support in Exhibit C. Provider reserves the right to change such policies, procedures and practices as required in Providers’s reasonable judgment, provided that such changes may never degrade in any material respect the standard of service or protections. See attached Exhibit C m. “Deliverable” means all custom-developed documents, designs, and other materials that are authored or prepared by the Provider for the City pursuant to the Scope - page 3 of 16 - of Services and that are specifically identified on such Scope of Services as a “Deliverable”. The term “Deliverable” does not include the Offering (including all modifications, improvements and enhancements to the Offering), the Offering documentation, Provider’s proprietary education and training content, and all pre-existing materials related to Provider’s Professional Services processes, know-how and methodologies. n. “Offering” means any of Provider’s commercially available software as a service (SaaS) application that are ordered by City via one or more Order Form(s). o. “Subscription Term” means the period during which the City is authorized to access and use the Offering, as set forth in the applicable Order Form or Scope of Services. 2. Purpose. City agrees to enter into this Agreement with Provider to perform for the City the Services described in the Scope of Services, incorporated into this Agreement and attached as Exhibit A. 3. Term and Termination. a. Term. The initial term of this Agreement begins on the Effective Date and, unless terminated earlier pursuant to this Agreement’s express provisions, will continue in effect for _______ months from such date (the “Initial Term”). This Agreement will automatically renew for additional successive one (1) year terms unless earlier terminated pursuant to this Agreement’s express provisions. The Parties may extend this Agreement for three (3) additional one (1) year terms. b. Notice of Non-Renewal. A Party to this Agreement gives the other Party written notice of non-renewal at least thirty (30) days prior to the expiration of the then- current term (each a “Renewal Term” and together with the Initial Term, the “Term”). c. Termination. i. Provider may terminate this Agreement, effective on written notice to the City if the City: 1) fails to pay any amount when due hereunder, and such failure continues more than sixty (60) days after Provider’s delivery of written notice thereof; or 2) breaches any of its obligations under Paragraph 6 of this Agreement ii. Any Party to this Agreement may terminate their obligations under this Agreement, effective on written notice to the other Parties, if another Party materially breaches this Agreement, and such breach: 1) is incapable of cure; or 2) being capable of cure, remains uncured sixty (60) days after the non-breaching Party provides the breaching Party with written notice of such breach; or - page 4 of 16 - iii. Any Party to this Agreement may terminate this Agreement, effective immediately upon written notice to the other Parties, if the other Party: 1) becomes insolvent or is generally unable to pay or fails to pay its debts as they become due; 2) files or has filed against it a petition for voluntary or involuntary bankruptcy or otherwise becomes subject, voluntarily or involuntarily, to any proceeding under any domestic or foreign bankruptcy or insolvency law; 3) makes or seeks to make a general assignment for the benefit of its creditors; or 4) applies for or has appointed a receiver, trustee, custodian, or similar agent appointed by order of any court of competent jurisdiction to take charge of or sell any material portion of its property or business. d. Expiration. Provider must notify the City 90 days in advance of this Agreement’s expiration date. e. Effect of Expiration or Termination. No expiration or termination will affect the City's obligation to pay all Fees that may have become due before such expiration or termination or entitle the City to any refund. 4. Scope of Services. Provider must perform the work and provide the services in accordance with the requirements of the Scope of Services. For conflicts between this Agreement and the Scope of Services, unless specifically provided otherwise, this Agreement governs. Provider agrees to be bound by its responses to the City’s Cloud Questionnaires, incorporated into and attached to this Agreement as Exhibit B and made part of this Agreement. Such responses constitute material consideration for the City to enter into this Agreement and the responses are material representations regarding the Provider’s performance. 5. Access and Use. a. Provision of Access to Services. Subject to and conditioned on the City's payment of fees and compliance with the terms and conditions of this Agreement, Provider grants the City a non-exclusive, non-transferable license to the Services during the Term. This license to the Services is solely for use by the City and its Authorized Users and must be accessed and used in accordance with the terms and conditions set forth in this Agreement. Unless otherwise agreed upon and detailed in the Scope of Services, such access and use is limited to the City's internal use. If applicable, Provider must provide to the City the necessary passwords and network links or connections to allow the City to access the Services. b. Documentation License. Subject to the terms and conditions contained in this Agreement, Provider grants to the City a non-exclusive, non-sublicensable, non- transferable license to use the Documentation during the Term solely for the City's internal business purposes in connection with its use of the Services. c. Designated Authorized Users. The City may designate the number of Authorized Users permitted to access the Services. - page 5 of 16 - d. Reservation of Rights. Provider reserves all rights not expressly granted to the City in this Agreement. Except for the limited rights and licenses expressly granted under this Agreement, nothing in this Agreement grants, by implication, waiver, estoppel, or otherwise, to the City or any third party any intellectual property rights or other right, title, or interest in or to the Provider IP. e. Suspension. Notwithstanding anything to the contrary in this Agreement, Provider may temporarily suspend the City's and any Authorized User’s access to any portion or all of the Services if: i. Provider reasonably determines 1) there is a threat or attack on any of the Provider IP; 2) the City's or any Authorized User’s use of the Provider IP disrupts or poses a security risk to the Provider IP or to any other Customer or vendor of Provider; 3) the City, or any Authorized User, are using the Provider IP for fraudulent or illegal activities; or 4) Provider’s provision of the Services to the City or any Authorized User is prohibited by applicable law; ii. any vendor of Provider has suspended or terminated Provider’s access to or use of any third-party services or products required to enable the City to access the Services; or iii. in accordance with Section 5(a)(iii) (any such suspension described in sub- section (i), (ii), or (iii), a “Service Suspension”). Provider must use commercially reasonable efforts to provide written notice within five (5) business days prior to any planned Service Suspension to the City and provide updates regarding resumption of Services following any Service Suspension. Provider must use commercially reasonable efforts to resume providing access to the Services as soon as reasonably possible after the event giving rise to the Service Suspension is cured. Provider may be subject to liability for any damage, liabilities, losses (including any loss of data or profits), or any other consequences that the City or any Authorized User may incur as a result of a Service Suspension. f. Aggregated Statistics. Notwithstanding anything to the contrary in this Agreement, Provider may monitor the City's use of the Services, and collect and compile Aggregated Statistics. As between Provider and the City, all right, title, and interest in Aggregated Statistics, and all intellectual property rights therein, belong to and are retained solely by Provider. The City acknowledges that Provider may compile Aggregated Statistics based on the City's Data input into the Services. The City agrees that Provider may: 1) make Aggregated Statistics publicly available in compliance with applicable law, and 2) use Aggregated Statistics to the extent and in the manner permitted under applicable law; provided that such Aggregated Statistics do not identify the City or the City's Confidential Information. 6. The City's Responsibilities. a. The City is responsible for all uses of the Services and Documentation resulting from access provided by the City, directly or indirectly. The City must use - page 6 of 16 - reasonable efforts to make all Authorized Users aware of this Agreement’s provisions as applicable to such Authorized User’s use of the Services, and must cause Authorized Users to comply with such provisions. b. Unless otherwise agreed, the City is responsible for creating and modifying its data into the Services, and keeping the City’s data into the Services current and accurate. c. The City must reasonably cooperate with Provider’s performance of Professional Services. The City recognizes and agrees that performance of Professional Services is contingent upon the City’s cooperation and as set forth in Paragraph 7. d. The City may test the Provider’s Services in a live production environment to ensure that it conforms to the specifications set forth in this Agreement and all Exhibits. Upon acceptance, the City must pay the Provider in accordance with the Scope of Services. See attached Exhibit A. If the City determines that the Services do not meet the specifications set forth in this Agreement and all Exhibits, upon 60 days of receiving written notice of such deficiencies, the City may terminate this Agreement if the Provider does not cure the deficiencies. Provider must refund the City all sums already paid within five (5) business days. Such termination and refund does not bar the City from pursuing other remedies available under the Agreement or law. 7. Provider’s Obligations. To induce the City to enter into this Agreement, Provider makes the following representations: a. Provider has familiarized itself with the nature and extent of this Agreement, all exhibits including but not limited to the Scope of Services, and with all local conditions and federal, state and local laws, ordinances, rules, and regulations that in any manner may affect cost, progress or performance of the Scope of Services. b. Provider represents and warrants to the City that it has the experience and ability to perform the services required by this Agreement; that it will perform the services in a professional, competent and timely manner and with diligence and skill; that it has the power to enter into and perform this Agreement and grant the rights granted in it; and that its performance of this Agreement must not infringe upon or violate the rights of any third party, whether rights of copyright, trademark, privacy, publicity, libel, slander or any other rights of any nature whatsoever, or violate any federal, state and municipal laws. The City will not determine or exercise control as to general procedures or formats necessary to have these services meet this warranty. c. Provider must ensure the Services delivered under this Agreement are adequately secure, and must provide a secure environment for all of the City’s Confidential Information, which may include, but is not limited to any hardware and software (including servers, network and data components) to be provided or used by the Provider as part of its performance under this Agreement. Provider represents that the security measures it takes in performance of its obligations under - page 7 of 16 - this Agreement are, and at all times will remain in compliance with all applicable laws and regulations governing Provider’s access to, use of, and handling of the City’s Data. d. If Provider creates a new version of the Services, it must make the new version available to the City at no additional cost. Provider must also provide the City with any additional features or functionalities of the Services that it may develop at no additional cost to the City. 8. Security. Provider must provide a secure environment for all of the City’s Confidential Information and any hardware and Software (including servers, network and data components) to be provided or used by Provider as part of its performance under this Agreement. Provider represents that the security measures it takes in performance of its obligations under this Agreement are, and will at all times remain in agreement with the industry’s minimum standards. Provider’s failure to comply with the industry’s minimum standards in fulfilling its obligations under this Agreement constitutes a breach of this Agreement. Additionally, Provider must contractually require any subcontractors or agents with access to the City’s Confidential Information to adhere to such Security Best Practices. 9. Indemnity/Waiver of Claims/Insurance. For other than professional services rendered, to the fullest extent permitted by law, Provider agrees to release, defend, indemnify, and hold harmless the City, its agents, representatives, employees, and officers (collectively referred to for purposes of this Section as the City) from and against any and all claims, demands, actions, fees and costs (including attorney’s fees and the costs and fees of expert witness and consultants), losses, expenses, liabilities (including liability where activity is inherently or intrinsically dangerous) or damages of whatever kind or nature connected therewith and without limit and without regard to the cause or causes thereof or the negligence of any party or parties that may be asserted against, recovered from or suffered by the City occasioned by, growing or arising out of or resulting from or in any way related to: (i) the negligent, reckless, or intentional misconduct of the Provider; or (ii) any negligent, reckless, or intentional misconduct of any of the Provider’s agents. For the professional services rendered, to the fullest extent permitted by law, Provider agrees to indemnify and hold the City harmless against claims, demands, suits, damages, losses, and expenses, including reasonable defense attorney fees, to the extent caused by the negligence or intentional misconduct of the Provider or Provider’s agents or employees. Such obligations must not be construed to negate, abridge, or reduce other rights or obligations of indemnity that would otherwise exist. The indemnification obligations of this Section must not be construed to negate, abridge, or reduce any common-law or statutory rights of the City as indemnitee(s) which would otherwise exist as to such indemnitee(s). Provider’s indemnity under this Section must be without regard to and without any right to contribution from any insurance maintained by City. Should the City be required to bring an action against the Provider to assert its right to defense or indemnification under this Agreement or under the Provider’s applicable insurance policies - page 8 of 16 - required below, the City must be entitled to recover reasonable costs and attorney fees incurred in asserting its right to indemnification or defense but only if a court of competent jurisdiction determines the Provider was obligated to defend the claim(s) or was obligated to indemnify the City for a claim(s) or any portion(s) thereof. In the event of an action filed against the City resulting from the City’s performance under this Agreement, the City may elect to represent itself and incur all costs and expenses of suit. Provider also waives any and all claims and recourse against the City, including the right of contribution for loss or damage to person or property arising from, growing out of, or in any way connected with or incident to the performance of this Agreement except “responsibility for [City’s] own fraud, for willful injury to the person or property of another, or for violation of law, whether willful or negligent” as per 28-2-702, MCA. These obligations must survive termination of this Agreement and the services performed hereunder. In addition to and independent from the above, Provider must at Provider’s expense secure insurance coverage through an insurance company or companies duly licensed and authorized to conduct insurance business in Montana which insures the liabilities and obligations specifically assumed by the Provider in this Section. The insurance coverage must not contain any exclusion for liabilities specifically assumed by the Provider in this Section. The insurance must cover and apply to all claims, demands, suits, damages, losses, and expenses that may be asserted or claimed against, recovered from, or suffered by the City without limit and without regard to the cause therefore and which is acceptable to the City. Provider must furnish to the City an accompanying certificate of insurance and accompanying endorsements in amounts not less than as follows: ● Workers’ Compensation – statutory; ● Employers’ Liability - $1,000,000 per occurrence; $2,000,000 annual aggregate; ● Commercial General Liability - $1,000,000 per occurrence; $2,000,000 annual aggregate; ● Automobile Liability - $1,000,000 property damage/bodily injury per accident; ● Professional Liability - $1,000,000 per claim; $2,000,000 annual aggregate; and ● Cyber Liability - $1,500,000 per occurrence; $3,000,000 annual aggregate. The above amounts must be exclusive of defense costs. The City must be endorsed as an additional insured on a primary non-contributory basis on the Commercial General, Employer’s Liability, Automobile Liability, and Cyber Liability policies. The insurance and required endorsements must be in a form suitable to City and must include no less than a thirty (30) day notice of cancellation or non-renewal. Provider must notify City within two (2) business days of Provider’s receipt of notice that any required insurance coverage will be terminated or Provider’s decision to terminate any required insurance coverage for any reason. The City must approve all insurance coverage and endorsements prior to the Provider commencing work. - page 9 of 16 - 10. Audit Right. Provider will make available, upon written request, a copy of its most recent SOC 2 Type II report or equivalent third-party security assessment, if such a report is available. If no such report exists, Provider will respond in good faith to the City’s reasonable written security inquiries, subject to mutual confidentiality obligations. If requested by the City, Provider will permit one (1) annual security review of its information security policies and procedures, subject to at least thirty (30) days’ advance written notice and mutual agreement on the scope, method, and timing of the review. Such review shall not include vulnerability scans, penetration testing, or access to production environments unless separately agreed to in writing by the Provider. Provider or its nominee (including its accountants and auditors) may, on reasonable request, inspect and audit the City's use of the Services under this Agreement at any time during the Term. The City must make available all books, records, equipment, information, and personnel, and provide all such cooperation and assistance, as may reasonably be requested by or on behalf of Provider with respect to such audit. 11. General Use Restrictions. Copies of the Services created or transferred pursuant to this Agreement are licensed and may only be used as set forth in this Agreement. The City does not receive any rights to the Services other than those specifically granted in this Agreement and its incorporated exhibits. Other than what is expressly permitted by the terms of this Agreement, the City and its authorized users must not directly or indirectly copy or reproduce all or any part of the Services, whether electronically, mechanically or otherwise, in any form including, but not limited to, the copying of presentation, style or organization, without Provider’s prior written permission. However, notwithstanding this restriction, the City has the right to reproduce and distribute any of the Services generated from the City’s Data. Without limiting the above restriction and right, the City receives no right to and must not: a. copy, modify, create derivative works from, distribute, publicly display, or publicly perform the Application; b. sublicense or otherwise transfer any of the rights granted to it in this Agreement and the Scope of Services; c. reverse engineer, decompile, disassemble, or otherwise attempt to derive source code or other trade secrets from the Application; d. remove any proprietary notices from the Services or Documentation; or e. use the Services or Documentation in any manner or for any purpose that infringes, misappropriates, or otherwise violates any intellectual property right or other right of any person, or that violates any applicable law. 12. Independent Contractor Status/Labor Relations. The Parties agree that Provider is an independent contractor for purposes of this Agreement and is not considered a City employee for any purpose. Provider is not subject to the terms and provisions of the City’s personnel policies handbook and may not be considered a City employee for workers’ compensation or any other purpose. Provider is not authorized to represent the City or otherwise bind the City in any dealings between Provider and any third parties. - page 10 of 16 - 13. Resources and Support. Provider must, throughout the Term, make available such resources, including Provider personnel, as are reasonably required to: a. train designated employee(s) of the City in the use of the Services; b. support the obligations of the City provided in Paragraph 6; c. develop modifications to the Services as agreed to by the Parties in any exhibit attached to this Agreement; and d. Provider must provide technical support to the City as described in Exhibit A, Scope of Services, for the duration of this Agreement. 14. Transition Assistance. The Provider must provide transition assistance to the City when requested in writing. Upon termination of this Agreement for any reason, including but not limited to termination for cause, the Provider must assist the City in the orderly transition to a new Provider. The City will retain a right to access and retrieve its data in a commonly used, machine-readable format for a period of ninety (90) days. This Agreement does not grant the City any ownership rights in or to the Provider’s software, source code, object code, or proprietary application(s), and the City acknowledges that all such rights are and shall remain the exclusive property of the Provider. 15. Limitation of Liability. The Provider's liability for contract damages is limited to direct damages. The Provider must not be liable for special, incidental, consequential, punitive, or indirect damages. Damages caused by injury to persons or tangible property, or arising from any Provider indemnification under this Agreement, are not subject to a cap on the amount of damages. 16. Fees and Payment. Fees. The City must pay Provider the fees and make all payments as set forth in the Scope of Services, without offset or deduction. See attached Exhibit A. Any alteration or deviation from the described Services that involves additional costs above the Agreement amount will be performed by Provider only upon receiving a written request from the City. Any alteration or deviation from the Services will become an additional charge over and above the amount listed in the Scope of Services. The City must agree in writing before Provider bills for any additional charges. All Fees and other amounts payable by the City under this Agreement are exclusive of taxes and similar assessments. The City is responsible for all sales, use, and excise taxes, and any other similar taxes, duties, and charges of any kind imposed by any federal, state, or local governmental or regulatory authority on any amounts payable by the City as set forth in this Agreement, other than any taxes imposed on Provider’s income. 17. Confidential Information. a. From time to time during the Term, a Party to this Agreement may disclose or make available to the other Party Confidential Information, as defined in Section 1 of this Agreement, about its business affairs. The receiving Party must not disclose the disclosing Party’s Confidential Information to any person or entity, except to the receiving Party’s Authorized Users who have a need to know the - page 11 of 16 - Confidential Information for the receiving Party to exercise its rights or perform its obligations established in this Agreement. b. Notwithstanding the foregoing, each Party may disclose Confidential Information to the limited extent required: i. in order to comply with the order of a court or other governmental body, or as otherwise necessary to comply with applicable law, provided that the Party making the disclosure pursuant to the order must first have given written notice to the other Party; ii. to establish a Party’s rights under this Agreement, including to make required court filings; or iii. to any Authorized User who may need to access Confidential Information in order to facilitate or execute the purpose of this Agreement. c. Unless otherwise required by law, each Party must not disclose Confidential Information to any other third party not otherwise identified in this agreement without the other Party’s prior written consent. Each Party’s obligations of non- disclosure with regard to Confidential Information are effective as of the Effective Date, and survive this Agreement and do not terminate. However, with respect to any Confidential Information that constitutes a trade secret (as determined under applicable law), such obligations of non-disclosure will survive the termination or expiration of this Agreement for as long as such Confidential Information remains subject to trade secret protection under applicable law. d. Each Party must protect Confidential Information with the same degree of care it uses to protect its own Confidential Information with of similar nature and importance, but with no less than reasonable care. Each Party agrees to promptly notify the other Party if there is a misuse or misappropriation of Confidential Information. 18. Intellectual Property Ownership; Feedback. a. Provider IP. The City acknowledges that, as between the City and Provider, Provider owns all right, title, and interest in and to the Offering, the Services, and all Deliverables (excluding any embedded City Data), all Aggregated Statistics, and all related intellectual property, including modifications, enhancements, or derivative works, where or not suggested or requested by the City. No rights are granted to the City hereunder other than as expressly set forth in this agreement. b. The City's Data. Provider acknowledges that, as between Provider and the City, the City owns all right, title, and interest, including all intellectual property rights, in and to the City's Data. The City grants to Provider a non-exclusive, royalty-free, worldwide license to reproduce, distribute, and otherwise use and display the City's Data and perform all acts with respect to the City's Data as may be necessary for Provider to provide the Services to the City. The City also grants to Provider a non- - page 12 of 16 - exclusive, perpetual, irrevocable, royalty-free, worldwide license to reproduce, distribute, modify, host, store, and otherwise use and display the City's Data incorporated within the Aggregated Statistics and to improve the Offering in aggregate, de-identified form. Any such use will not disclose personally identifiable information or identify the City. c. Feedback. If the City or any of its Authorized Users sends or transmits any communications or materials to Provider by mail, email, telephone, or otherwise, suggesting or recommending changes to the Provider IP, including without limitation, new features or related functionality, or any comments, questions, suggestions, or the like (“Feedback”), Provider may use the City’s Feedback irrespective of any other obligation or limitation between the Parties governing such Feedback. The City retains all right, title, and interest in the Feedback. d. Aggregated Statistics. The Provider may create and use Aggregated Statistics derived from City Data and system usage, provided that such data is anonymized and does not identify the City or its users. Aggregated Statistics shall be owned solely by the Provider and may be used to enhance, benchmark, and develop the Offering e. Deliverables. As between the City and the Provider, the Provider retains ownership of all Deliverables developed in connection with this Agreement, subject to the City’s right to use such Deliverables solely for its internal business purposes. 19. Data Location. Provider must not transfer the City’s Data outside of United States or the Provider’s location as identified in the first paragraph of this Agreement unless it receives the City’s prior written consent or unless the transfer is to the Provider’s data center and such transfer is necessary for the execution of the Services. 20. Access to Data. The City may access and copy any of the City’s Data in Provider’s possession at any time. Provider must reasonably facilitate such access and copying promptly after Customer’s request. In this instance, Provider may charge its reasonable standard fees for any such access and copying or for any fees related to the de-conversion of data. 21. Deletion of Data. Except as authorized by applicable law, Provider must not erase the City’s Data or any copy without the City’s prior written consent. 22. Data Incidents. Provider must implement and maintain a program for managing unauthorized disclosure of, access to, or use of the City’s Data. In case of a Data Incident, Provider must notify the City, in writing or by phone, within 48-hours of the incident. Provider must cooperate with the City and law enforcement agencies to investigate and resolve the Data Incident, including but not limited to providing reasonable assistance to the City in notifying injured third parties. In addition, if the Data Incident results from Provider’s breach of this Agreement as a result of the Provider’s gross negligence or willful misconduct, Provider must compensate the City for any reasonable, documenteds, and direct expenses incurred solely due to such incident, up to a maximum of an amount equal to the total fees paid to the Provider under this Agreement in the twelve (12) months preceding the incident. Provider will work in - page 13 of 16 - good faith with the City to determine whether credit monitoring or other remedies are appropriate and required by law. Provider must give the City prompt access to such records related to a Data Incident subject to applicable confidentiality obligations and security controls. . 23. Functional Warranty. Provider warrants that the Application and Services, including any modifications that are made by Provider or under Provider’s instructions do not contain any material defects, and will conform in all material respects to the specifications, functions, descriptions, standards and criteria set forth in the Agreement, its Exhibits, and the Documentation, which are all incorporated herein by reference. Provider further warrants that all post-Acceptance updates, alterations, or modifications to the Services will not materially diminish the features or functionality of the Application and Services. Provider must promptly correct any errors identified by the City in the Application and in any modification to the Application at no cost to the City. If, Provider is unable to correct such errors within 30 days following notification by the City, then Provider must at the City’s request accept return of the Application and return all money paid for the Application and maintenance. The City may also pursue any other remedies available to it under this Agreement or by law or equity. 24. Virus Warranty. Provider warrants that it has used commercially reasonable efforts to ensure against introduction of any virus into the City’s systems. Provider must immediately advise the City, in writing, upon reasonable suspicion or actual knowledge that the Services may contain a Virus. If a Virus is found to have been introduced into the City’s systems by the Services within 30 days after the Effective Date of this Agreement, Provider must repair or replace the Services within ten (10) business days. If Provider cannot accomplish the foregoing within such time, then the City must discontinue use of the Services, and Provider must refund all money paid for the Services and maintenance as set forth in the Scope of Services. See Exhibit A. Provider must use all reasonable commercial efforts, at no additional charge, to assist the City in reducing the effects of the Virus and, if the Virus causes a loss of operational efficiency or loss of data, to assist the City to the same extent to mitigate and restore such losses. In addition, Provider must indemnify, defend and hold the City harmless from any claims, suits, damages, liabilities, losses, and reasonable attorney fees resulting from any such Viruses. The limitation of liability described in Paragraph 15 does not apply to this indemnification obligation. 25. Remedy for When Services are Subject of a Claim. If any Services furnished are likely to or does become the subject of a claim of infringement of a third party’s IP Rights, then the Provider may request the City accept an alternative Service and the City may agree to one of the following alternative Services: 1) procure for the City the right to continue using the alleged infringing Services; 2) modify the Service so that it becomes non-infringing; 3) or replace it with one that is at least functionally equivalent. If the Provider is unable to any of the above three remedies, or if the use of the Services by the City is prohibited by an injunction, temporary restraining order, or other court order, the City must return the Services to the Provider within five (5) days of receiving Provider’s request in writing. The Provider must then give the City a credit equal to the amount paid to the Provider for the creation of the Services. The City is not precluded from seeking other remedies available agreed upon in this Agreement or in equity or law for any damages it may sustain due to its inability to continue using the Services. The Limitations of Liability set forth in Paragraph 15 of this Agreement does not apply to Provider’s obligations under - page 14 of 16 - this Section and the City’s right to seek additional remedies arising from Provider’s ‘infringement of a third party’s IP Rights. 26. Representatives and Notices. a. City’s Representative. The City’s Representative for the purpose of this Agreement must be _________________ or such other individual as City must designate in writing. Whenever approval or authorization from or communication or submission to City is required by this Agreement, such communication or submission must be directed to the City’s Representative and approvals or authorizations must be issued only by such Representative; provided, however, that in exigent circumstances when City’s Representative is not available, Provider may direct its communication or submission to other designated City personnel or agents as designated by the City in writing and may receive approvals or authorization from such persons. b. Provider’s Representative. The Provider’s Representative for the purpose of this Agreement must be _____________________ or such other individual as Provider must designate in writing. Whenever direction to or communication with Provider is required by this Agreement, such direction or communication must be directed to Provider’s Representative; provided, however, that in exigent circumstances when Provider’s Representative is not available, City may direct its direction or communication to other designated Provider personnel or agents. c. Notices. All notices required by this Agreement must be in writing and must be provided to the Representatives named in this Section. Notices must be deemed given when delivered, if delivered by courier to Party’s address shown above during normal business hours of the recipient; or when sent, if sent by email or fax (with a successful transmission report) to the email address or fax number provided by the Party’s Representative; or on the fifth business day following mailing, if mailed by ordinary mail to the address shown above, postage prepaid. 27. Miscellaneous. a. Entire Agreement. This Agreement, together with any other documents incorporated herein by reference and all related Exhibits, including the Cloud Services Questions, constitutes the sole and entire agreement of the Parties with respect to the subject matter of this Agreement and supersedes all prior and contemporaneous understandings, agreements, and representations and warranties, both written and oral, with respect to such subject matter. In the event of any inconsistency between the statements made in the body of this Agreement, the related Exhibits, and any other documents incorporated herein by reference, the following order of precedence governs: 1) this Agreement, excluding its Exhibits; 2) the Exhibits to this Agreement as of the Effective Date; and 3) any other documents incorporated herein by reference. b. Permits. Provider must provide all notices, comply with all applicable laws, ordinances, rules, and regulations, obtain all necessary permits, licenses, including - page 15 of 16 - a City of Bozeman business license, and inspections from applicable governmental authorities, and pay all fees and charges in connection therewith. c. Laws and Regulations. Provider must comply fully with all applicable state and federal laws, regulations, and municipal ordinances including, but not limited to, all workers’ compensation laws, all environmental laws including, but not limited to, the generation and disposal of hazardous waste, the Occupational Safety and Health Act (OSHA), the safety rules, codes, and provisions of the Montana Safety Act in Title 50, Chapter 71, MCA, all applicable City, County, and State building and electrical codes, the Americans with Disabilities Act, and all non- discrimination, affirmative action, and utilization of minority and small business statutes and regulations. d. Nondiscrimination and Equal Pay. Provider agrees that all hiring by Provider of persons performing this Agreement must be on the basis of merit and qualifications. Provider will have a policy to provide equal employment opportunity in accordance with all applicable state and federal anti-discrimination laws, regulations, and contracts. Provider will not refuse employment to a person, bar a person from employment, or discriminate against a person in compensation or in a term, condition, or privilege of employment because of race, color, religion, creed, political ideas, sex, age, marital status, national origin, actual or perceived sexual orientation, gender identity, physical or mental disability, except when the reasonable demands of the position require an age, physical or mental disability, marital status or sex distinction. Provider must be subject to and comply with Title VI of the Civil Rights Act of 1964; Section 140, Title 2, United States Code, and all regulations promulgated thereunder. Provider represents it is, and for the term of this Agreement will be, in compliance with the requirements of the Equal Pay Act of 1963 and Section 39-3-104, MCA (the Montana Equal Pay Act). Provider must report to the City any violations of the Montana Equal Pay Act that Provider has been found guilty of within 60 days of such finding for violations occurring during the term of this Agreement. Provider must require these nondiscrimination terms of its subcontractors providing services under this Agreement. e. Force Majeure. In no event must a Party to this Agreement be liable to another Party, or be deemed to have breached this Agreement, for any failure or delay in performing its obligations under this Agreement, if and to the extent such failure or delay is caused by any circumstances beyond one Party’s reasonable control, including but not limited to acts of God, flood, fire, earthquake, explosion, war, terrorism, invasion, riot or other civil unrest, strikes, labor stoppages or slowdowns or other industrial disturbances, or passage of law or any action taken by a governmental or public authority, including imposing an embargo. f. Intoxicants; DOT Drug and Alcohol Regulations/Safety and Training. Provider must not permit or suffer the introduction or use of any intoxicants, including - page 16 of 16 - alcohol or illegal drugs, by any employee or agent engaged in services to the City under this Agreement while on City property or in the performance of any activities under this Agreement. Provider acknowledges it is aware of and must comply with its responsibilities and obligations under the U.S. Department of Transportation (DOT) regulations governing anti-drug and alcohol misuse prevention plans and related testing. The City must have the right to request proof of such compliance and Provider must be obligated to furnish such proof. The Provider must be responsible for instructing and training the Provider’s employees and agents in proper and specified work methods and procedures. The Provider must provide continuous inspection and supervision of the work performed. The Provider is responsible for instructing its employees and agents in safe work practices. g. Modification and Assignability. This Agreement may not be enlarged, modified or altered except by written agreement signed by both parties hereto. The Provider may not subcontract or assign Provider’s rights, including the right to compensation or duties arising hereunder, without the prior written consent of the City. Any subcontractor or assignee will be bound by all of the terms and conditions of this Agreement. h. Reports/Accountability/Public Information. Provider agrees to develop and/or provide documentation as requested by the City demonstrating Provider’s compliance with the requirements of this Agreement. Provider must allow the City, its auditors, and other persons authorized by the City to inspect and copy its books and records for the purpose of verifying that the reimbursement of monies distributed to Provider pursuant to this Agreement was used in compliance with this Agreement and all applicable provisions of federal, state, and local law. The Provider must not issue any statements, releases or information for public dissemination without prior approval of the City. i. Non-Waiver. A waiver by either Party of any default or breach by the other Party of any terms or conditions of this Agreement does not limit the other Party’s right to enforce such term or conditions or to pursue any available legal or equitable rights in the event of any subsequent default or breach. j. Attorney’s Fees and Costs. In the event it becomes necessary for either Party to retain an attorney to enforce any of the terms or conditions of this Agreement or to give any notice required herein, then the prevailing Party or the Party giving notice must be entitled to reasonable attorney's fees and costs, including fees, salary, and costs of in-house counsel including the City Attorney’s Office staff. k. Taxes. Provider is obligated to pay all taxes of any kind or nature and make all appropriate employee withholdings. l. Dispute Resolution. - page 17 of 16 - i. Any claim, controversy, or dispute between the Parties, their agents, employees, or representatives must be resolved first by negotiation between senior-level personnel from each Party duly authorized to execute settlement agreements. Upon mutual agreement of the Parties, the Parties may invite an independent, disinterested mediator to assist in the negotiated settlement discussions. ii. If the Parties are unable to resolve the dispute within thirty (30) days from the date the dispute was first raised, then such dispute may only be resolved in a court of competent jurisdiction in compliance with the Applicable Law provisions of this Agreement. m. Survival. Provider’s indemnification must survive the termination or expiration of this Agreement for the maximum period allowed under applicable law. n. Headings. The headings used in this Agreement are for convenience only and are not be construed as a part of the Agreement or as a limitation on the scope of the particular paragraphs to which they refer. o. Severability. If any portion of this Agreement is held to be void or unenforceable, the balance thereof must continue in effect. p. Applicable Law. The Parties agree that this Agreement is governed in all respects by the laws of the State of Montana. q. Binding Effect. This Agreement is binding upon and inures to the benefit of the heirs, legal representatives, successors, and assigns of the Parties. r. No Third-Party Beneficiary: This Agreement is for the exclusive benefit of the parties, does not constitute a third-party beneficiary agreement, and may not be relied upon or enforced by a third party. s. Integration. This Agreement and all Exhibits attached hereto constitute the entire agreement of the Parties. Covenants or representations not contained herein or made a part thereof by reference, are not binding upon the Parties. There are no understandings between the Parties other than as set forth in this Agreement. All communications, either verbal or written, made prior to the date of this Agreement are hereby abrogated and withdrawn unless specifically made a part of this Agreement by reference. t. Counterparts. This Agreement may be executed in counterparts, which together constitute one instrument. u. Consent to Electronic Signatures. The Parties have consented to execute this Agreement electronically in conformance with the Montana Uniform Electronic Transactions Act, Title 30, Chapter 18, Part 1, MCA. **** END OF AGREEMENT EXCEPT FOR SIGNATURES **** - page 18 of 16 - IN WITNESS WHEREOF, the Parties hereto have executed this Agreement as of the Effective Date. PROVIDER City of Bozeman By:_______________________________ Name: ____________________________ Title: _____________________________ By:_______________________________ Name: ____________________________ Title: _____________________________ - page 19 of 16 - Exhibit A Services Provider will be deploying its CRASH™ (Crash Reduction through Analysis of Safety Hazards) software for the City . CRASH™ leverages machine learning, natural language processing, advanced data analytics, and decades of engineering know-how to help government clients meet traffic safety goals. CRASH™ has been fine-tuned to understand raw traffic crash report data and improve their quality and reliability using automated Artificial Intelligence/Machine Learning (AI/ML) algorithms. CRASH™ uses this foundation of quality crash data to produce instant analysis and data-driven decision support on safety programming at a network level as well as specific study locations. CRASH™ will include: • Real-Time Accurate Data: CRASH™ instantly audits and refines new crash reports with up to 98% accuracy • Complete Project Evaluation: Assess and share safety outcomes of new construction projects with instant before-and-after studies • Interactive Data Exploration: Pivot seamlessly between integrated search methods such as query, mapping, and reporting • User-Friendly Analysis and Summaries: Navigate live dashboards, AI-driven predictive analytical tools, and one-click, auto-generated reporting • Benchmarking and Goal Setting: Track key federal reporting measures and progress toward local and state policy goals such as HSIP and SHSP • Instant Audits and Alerts: Collaborate easily with up-to-date crash insights, temporal analysis, and alerts for high-priority outcomes • Data-Driven Decision Support: Guide programming recommendations using automatic HSM countermeasures, CMF benefit/cost reports, collision diagrams, and more • Full Environmental Data Immersion: Take a Complete Streets approach integrating diverse data, like equity analysis, ADA compliance, or lighting photometrics to provide context • Crash Query Tool Kit: Investigate crash patterns or locations in your jurisdiction with flexible queries considering all relevant safety and location data • Real-time, Digital Twin Geomapping: Gain immediate line-of-sight into historical and predictive crash patterns mapped directly onto the built environment Provider’s CRASH™ (Crash Reduction through Analysis of Safety Hazards) software will serve the City through the duration of this agreement adhering to Exhibit C and all features listed in Exhibit A. All services rendered for the execution of this software and all additional aspects of software delivery beyond the license agreement will be mutually agreed upon or as permitted by the license agreement. Scope Description: Provider will work directly with ________________ to deliver its CRASH software. Provider will work ________________ to schedule a Project Kickoff meeting, where Provider and ________________ will discuss the details of the project. Following the Project Kickoff Meeting, there will be a data exchange process, where Provider will work with the ________________ to tap into all crash data necessary to build the CRASH platform, as well as - page 20 of 16 - include other datasets the City wants to incorporate into the software. Provider will provide a comprehensive Base Data and Crash Data checklist, which the ________________ Project Managers may review and advise on as desired. Provider has experience accessing crash data through a variety of methods, including a secure established application programming interface (API) into current crash databases. Provider will utilize at least five years of previous crash data from the City to build the initial environment and train algorithms in data trends across the _______________. Provider will also work to incorporate other dynamic datasets, such as data on segments and intersections, Complete Streets context with locations of schools and transit stops; demographic datasets such as census demographics, jurisdictional breakdowns of the City; roadway conditions such as traffic enforcement cameras, and streetlights, to make the system holistic and robust. Additional data outside of the base data checklist that is of interest to The City may also be identified during this period. A Customizations and Localization Workshop will be scheduled within the first1-2 months, where Provider and participating planners, engineers, and GIS employees will meet to discuss desired customizations to the tool. Provider will incorporate these ideas before the final development and delivery of the tool. A majority of the coordination for this project may be handled via email, outside of the initial Project Kickoff Meeting and the Customizations and Localization Workshop. Provider Account/Project Managers are available for ad-hoc meetings with The City employees throughout the buildout period and duration of the subcontract if desired. Provider and the City will set an agreed-upon go-live date, targeting 2-3 months after Provider receives all of the necessary data to create the tool. The week of the go-live date, Provider will provide two days of in-person onboarding and training in the CRASH tool, if desired by the City. Training will consist of custom demonstrations, individual assistance, workflow training, and workshops. Unlimited users from the City will have access to the City CRASH environment. Onboarding may also be handled via virtual meetings if preferred. The 12-month contract term will commence upon system launch for the City. Following launch, Provider will provide ongoing support and continued account support for the life of the pilot. Targeted Schedule: Full buildout of the CRASH tool to be complete 2-3 months after Provider receive all data necessary (historical crash data, necessary base data layers). - page 21 of 16 - Exhibit B Order Form (Attached Separately) - page 22 of 16 - Exhibit C Service Level Agreement 1. Service Availability 1.1 Measure. The Offering will be available 99.5% of the time (24x7x365), except as provided below. Offering availability will be calculated per calendar quarter, as follows: total – nonexcluded - excluded > 99.5% total - excluded Where: • total means the total number of minutes for the quarter • nonexcluded means downtime that is not excluded • excluded means the following: o Any planned downtime of which Provider gives 8 hours or more notice. Provider will use commercially reasonable efforts to schedule all planned downtime during non-peak usage times (i.e., the hours from 6:00 p.m. Friday to Sunday midnight, U.S. Eastern Time). o Any unavailability caused by circumstances beyond Provider's reasonable control, including without limitation, a Force Majeure Event. o Any unavailability as a result of (i) non-compliance by City with any provision of this SLA; (ii) incompatibility of City’s equipment or software with the Offering; (iii) actions or inactions of City or third parties; (iv) City’s use of the Offering after Provider has advised City to modify its use of the Offering, if City did not modify its use as advised; (v) acts or omissions of City or City’s employees, agents, contractors, or vendors, or anyone gaining access to the Offering by means of City’s passwords or equipment; (vi) performance of City’s systems or the Internet; (vii) any systemic Internet failures; or (viii) network unavailability or City’s bandwidth limitations. o For purposes of the availability calculation, “downtime” means a measurement interval during which time the Offering is not responsive to an automated request ("Monitoring Transaction") generated by Provider's monitoring software. Measurement intervals for Monitoring Transactions are no more than five (5) minutes on a 24X7 basis. Monitoring Transactions used for the availability calculation include network and application availability requests. The monitoring process does not cover every feature of the Offering. With respect to such features, Provider will investigate any suspected availability problem reported by City or which it otherwise becomes aware of and take commercially reasonable efforts to correct any such issues that can be verified by Provider. o For any partial calendar quarter during which City subscribes to the Offering, availability will be calculated based on the entire calendar quarter, not just the portion for which City subscribed. 1.2 Remedies: Should Provider fail to meet 99.5% availability of the Offering for a calendar quarter, City shall have the option of one (but not both) of the following. First, - page 23 of 16 - City may continue to use the Offering but receive credit for one full day of the Offering subscription usage (as of the end of the quarter in which the failure occurred), for each full or partial hour of Offering unavailability below 99.5%. Any such credit shall be applied to City's next invoice (or refunded if there are no forthcoming invoices). Second, if Provider fails to meet 98% availability of the Offering for a calendar quarter, City may terminate its Agreement with Provider for cause and stop using the Offering, in which case Provider will refund to City any prepaid fees for the remainder of the Term after the date of termination. The remedies specified in this “Remedies” section shall be the sole remedies available to City for breach of this SLA. 1.3 Reporting and Claims: To file a claim under this SLA, City must send an email to info@Providersolutions.com with the following details: • Billing information, including company name, billing address, billing contact and billing contact phone number • Downtime information with dates and time periods for each instance of downtime during the relevant period • An explanation of the claim made under the Agreement, including any relevant calculations. Claims may only be made on a calendar quarter basis within 30 days of the end of the relevant quarter, except for periods at the end of the Agreement that do not coincide with a calendar quarter, in which case City must make any claim after the end of its Agreement. All claims will be verified against Provider's system records. 2. Return of City Data. Upon termination or expiration of the Agreement, Provider shall (i) ensure that City has access to the City Data from the Offering for a period no more than thirty (30) days for the production environment and the sandboxes. In no event may Provider preclude City from retrieving the City Data after the expiration or termination of the Agreement. 3. Support Management. Provider will provide complete system support for Offering including standard and City-specific configurations and customizations and all future releases of system updates and new features. Coverage parameters specific to the services covered in this Agreement are as follows: • 24 hours per day, 7 days per week, 365 calendar days per year technical application support (subject to the limitations set forth herein); • Telephone support: 8:00 AM to 6:00 PM Eastern Time, Monday through Friday; • Email support: 8:00 AM to 6:00 PM Eastern Time, Monday through Friday; • Calls or emails received out of regular business hours will be forwarded to the mobile telephone of the assigned Provider Client Support Lead; • The Provider Service Desk will provide emergency support outside of regular business hours for critical requests (for example, Offering software system experiences unplanned downtime or is otherwise unavailable or a software feature is unavailable); - page 24 of 16 - • For non-critical requests received outside of regular business hours, the Provider Service Desk will respond as soon as possible during regular business hours and take the appropriate action(s) as described in this Agreement; • See Provider Service Desk published policy for further information regarding support request management, defect handling, recurring issues identification and escalation procedures, outage resolution and disaster recovery; • Any outages or planned downtimes in relation to the Provider Service Desk will be in line with the service support and availability SLA as set out in this Agreement; and • The Provider Service Desk shall provide access to the City’s service, tickets, and outage data and details for report creation and data export. 4. Incident Response. 4.1. Upon discovery or reasonable belief of any data breach or security threat (“Data Breach”) to the Offering software system’s integrity or City’s data, Provider will provide notice, by telephone and email, to the City within 24 hours of said Data Breach or after Provider reasonably believes there has been such a Data Breach. 4.2 To the extent known at the time of notification, Provider’s notice shall include: the nature of the Data Breach; o the data accessed, used or disclosed; o the person(s) who accessed, used, disclosed or received data (if known); o what Provider has done or will do to quarantine and mitigate the Data Breach; and o what corrective action Provider has taken or will take to prevent future Data Breaches. 4.3 Provider will provide daily updates, or more frequently if required by City, regarding findings and actions performed by Provider until the Data Breach has been effectively resolved to the City’s satisfaction. Provider shall quarantine the Data Breach, ensure secure access to data, and repair the Offering as needed in accordance with this SLA. Failure to do so may result in the City exercising its options for assessing damages or other remedies under this Agreement. 4.4 Provider shall investigate the Data Breach and share the report of the investigation with the City. The City or its authorized agents shall have the right to lead (if required by law) or participate in the investigation. Provider shall cooperate fully with the Agency, its agents and law enforcement. 4.5. Provider will respond to City’s requests for support services regarding Offering in accordance with the procedures identified below. In each case, City may describe and submit service request by telephone or email to the Provider Service Desk in accordance with Section 3 of this SLA: The Provider Service Desk escalates all Incident Requests to the Provider Support Team for immediate resolution. The Provider Service Desk will acknowledge the Incident Request within 15 minutes and immediately notify the Provider Support Team for Action. 5. Service Performance. 5.1 Response Time. Provider represents and warrants that 95 percent of all transactions shall process at a mutually agreed upon time threshold. City retains the right to use a third-party service to validate the performance of Provider’s response times. - page 25 of 16 - 5.2 Concurrent Users. Provider represents and warrants that the performance service levels set forth in this Agreement shall be valid up to an unlimited number of users using the Offering at any given time. 5.3 Service Architecture. Provider shall provide City with detailed architectural diagrams upon written request from the City. The architectural diagrams will include without limitation: servers, hardware, software solution (operating system, application servers, databases, identity repository) and network architecture (dataflow diagram, firewalls, proxies, IDS/IPS). Provider shall allow City reasonable access to review such architecture. 6. Service Maintenance. 6.1 Given the software-as-a-service (SaaS) model of Offering, Provider will provide City with the latest and generally available supported version of Offering, including all maintenance patches, software upgrades and new features, at no additional cost for the lifetime of the Order Form or SOW. 6.2 Provider will schedule and perform standard maintenance services including planned critical security and maintenance patch releases during non-peak hours outside of regular business hours (for example, midnight (12am) Eastern Time) or during weekends (“Standard Maintenance Window”). Provider will coordinate with City to develop a mutually agreed standard maintenance schedule. 6.3 The Provider Service Desk welcomes feature requests from clients. City or its employees, contractors or agents who are Authorized Users of Offering may provide Provider with such requests by email. Provider will consider all feature requests for utility, functionality and feasibility. 6.4 Provider will document all critical security patches, maintenance patches and release management standards, provide standard and emergency maintenance services and apply all critical security and maintenance patches to Offering. Provider will provide written guidance by email to City describing any significant updates to Offering. Updated system documentation will be provided to City via the Offering in-application help documentation and by email. 6.5 Provider shall provide 48 hours advance notice to City of any scheduled maintenance downtime that will occur outside of the Standard Maintenance Window outlined above. In case of emergency, Provider shall use its best efforts to notify City by telephone and email of any planned downtime as soon as practicable. 7. Data Management. 7.1 Provider will provide robust data management services to transmit, retain, store, delete and otherwise handle City’s data. 7.2 Data Processing and Hosting. Provider will ensure production data is not used outside of the production environment. Provider will notify City at least 90 days prior to any relocation of City’s data to a different hosting facility. City reserves the right to terminate the Agreement without penalty if City objects to the new hosting facility. All City data will be kept for the mutually agreed upon number of years or as otherwise required by applicable laws, rules and regulations. 7.3 Data Storage and Disposal. Provider shall retain all City data until City deletes or requests deletion of City’s data or for a minimum number of years as mutually agreed or - page 26 of 16 - such other time period required by applicable laws, rules and regulations or as otherwise mutually agreed to by the parties in this Agreement. Provider shall store City data in a non-proprietary format as mutually agreed upon between Provider and City. At City’s election, Provider will either securely destroy or transmit to City’s repository any backup copies of City’s data. 7.4 Data Backup. Provider shall provide geographically disparate storage on a daily basis of all backup discs, data or materials of any type whatsoever produced in whole or in part in connection with or relating to the performance by Provider of its obligations under this Agreement (including without limitation any discs, tapes, other storage media, work papers and partial drafts of documentation code). Provider shall use appropriate and reliable storage media. Provider shall regularly backup City’s data and retain such backup copies for a minimum time period as mutually agreed or otherwise required by applicable laws, rules or regulations. 7.5 Discovery (Legal Proceedings). If Provider receives a request that may be reasonably interpreted as requiring access to City’s data or City’s use of the Offering, Provider shall provide notice by telephone and email to City, unless prohibited by law from providing such notice. Provider shall provide such notice within 48 hours of receiving the request. Provider shall not respond to subpoenas, service of process, Public Records Act requests or other legal requests directed at Provider regarding this Agreement without first notifying City, unless prohibited by law from providing such notification. Where Provider is allowed to provide such notification, Provider shall provide its intended responses to City with adequate time for City to review, revise and, if necessary, seek a protective order in a court of competent jurisdiction. Provider shall not respond to legal requests directed at City unless authorized in writing to do so by City. 8. Information Security. 8.1 Provider will employ the latest and industry-leading cybersecurity and data security practices and policies as set out in this section. 8.2 Data Security. Provider assumes responsibility for the security and confidentiality of the City data under its control. Provider shall (i) certify the sufficiency of its security standards, tools, technologies and procedures in providing Offering under this Agreement; (ii) undergo an annual Standards for Attestation Engagements (SSAE) Service Organization Control (SOC) 2 Type II audit or equivalent such as ISO 27001 for Provider’s Control Environment. Provider shall provide City with results of such audit and Provider’s plan to correct any negative findings within seven (7) calendar days upon Provider’s receipt of such audit results; and (iii) provide City with detailed description of the audited Control Environment. If City determines the Control Environment is not satisfactory, City may request that Provider correct any deficiencies. 8.3 Provider shall implement and at all times during this Agreement maintain all appropriate administrative, physical, technical and procedural safeguards in accordance with this section to secure the City’s data from any Data Breach, protect the data and Offering from any hacks or known or reasonably known security threats, including the introduction of viruses, disabling devices, malware or other forms of malicious or inadvertent acts that can disrupt City’s access to its data. - page 27 of 16 - 8.4 Provider shall allow City reasonable access to Offering’s security logs, latency statistics and other related security data that affect this Agreement and City’s data. 8.5 Provider shall not copy, modify, destroy or delete any City’s data other than for normal operations or maintenance of Offering during the Term without prior written notice and written approval of City. 8.6 Data Encryption/Handling PII. Information designated as sensitive including personally identifiable information (PII) shall be encrypted end-to-end while it is transit and at rest. Provider shall encrypt data using the most current Federal Information Processing Standard (FIPS) 140-2 validated cryptographic modules and the current Advanced Encryption Standard algorithm with respect to data that is at rest or in motion. 8.7 Confidentiality. Provider and City shall handle Confidential Information in accordance with the terms of this Agreement. 9. Service Reliability. 9.1 Provider will take all necessary steps to ensure business continuity in the event of disaster or catastrophic failure as set out in this section. 9.2 Provider shall use appropriate and reliable storage media for Data Backup. 9.3 Provider commits to an RPO of four (4) hours and RTO of twelve (12) hours or as otherwise mutually agreed between Provider and City. In other words, when unscheduled downtime occurs, Provider will resume service with data matching what the Offering software system contained at some point within the four (4) hours preceding the unscheduled downtime. Additionally, the Offering system cannot be down for longer than twelve (12) hours during unscheduled downtime. 9.4 In the event of disaster or catastrophic failure that results in significant data loss or extended loss of access to data (“Data Loss”), Provider shall notify City with by telephone and email within 24 hours of such Data Loss or after Provider reasonably believes there has been such disaster or catastrophic failure. In the notification, Provider shall inform City of: • the scale and quantity of the Data Loss; • what Provider has done or will do to recover the data and mitigate any deleterious effect of the Data Loss; and • what corrective action Provider has taken or will take to prevent any future Data Loss. Provider shall restore continuity of the Offering, restore data in accordance with the RPO and RTO set forth in this SLA, restore accessibility of data and repair the Offering as needed to meet the performance requirements under this SLA. Failure to do so may result in City exercising its option for assessing damages or other remedies under this Agreement. Provider shall investigate such disaster or catastrophic failure and share the report of the investigation with City. City or its authorized agents shall have the right to lead (if required by law) or participate in the investigation. Provider shall cooperate fully with City, its agents and law enforcement. 10. Audits and Compliance. - page 28 of 16 - 10.1 Provider will undertake annual audits, whether internally or by independent third- party auditor, to ensure that Offering complies with all relevant security control standards, regulations and expectations of City. Provider may also request an annual audit of City’s use of the Offering to ensure compliance with City’s responsibilities under this Agreement. 10.2 If Provider performs an internal security controls assessment, such audit shall be based on the current standards as mutually agreed or required by law, rules or regulations. Provider shall provide attestation of compliance along with the results of such assessment documented in a Security Assessment Report (SAR) to City. If Provider retained an independent third-party auditor, such audit will provide Statement on Standards for Attestation Engagements (SSAE-18) certifications. Provider shall provide City with System Operation Controls report (SOC 2) once per year and any applicable or Bridge/Gap letter. 10.3 If City requests in writing to conduct an audit of Offering, Provider agrees that City or its designated representative shall have access to all relevant operational documentation, reports and databases, including online inspections, that relate to Offering. The online inspection shall allow City, its authorized agents or a mutually agreed third party to test that controls are in place and working as intended. Tests may include without limitation: operating system and network vulnerability scans, web application vulnerability scans, database application vulnerability scans and any other scans to be performed by City or on behalf of City. 10.4 After any significant Data Loss or Data Breach or as a result of any disaster or catastrophic failure, Provider will at its expense have an independent, industry- recognized and City-approved third party perform an information security audit. Provider shall share the audit results with City within seven (7) calendar days of Provider’s receipt of such results. Upon Provider’s receipt of such audit results, Provider will provide City with written evidence of planned remediation within 30 days and promptly modify its security measures to meet its obligations under this Agreement. 10.5 Provider may, upon 60 calendar days’ notice to City but not more frequently than once per year, either: • request a signed certification by an officer of City verifying that Offering is being used in accordance with the terms of this Agreement; or • audit City’s use of Offering to ensure compliance with the terms and conditions of this Agreement. Any such audit will be conducted at Provider’s expense during regular business hours at City’s offices and shall not unreasonably interfere with City’s business activities. Provider shall provide documentation to City defining the scope of the audit not less than 30 calendar days prior to the audit. City shall have 60 calendar days to review Provider’s audit findings. 39 Attachment C: Cloud Services Questionnaire Attachment C: Cloud Services Questionnaire 40 Cloud Services Questions 1) Service Levels: What level of service should we expect? What is the City’s recourse for excessive downtime? Refund of percentage of monthly fee? Service Level: The Software will be available 99.5% of the time (24x7x365). Remedies: Should Citian fail to meet 99.5% availability of the Software for a calendar quarter, Customer shall have the option of one (but not both) of the following. First, Customer may continue to use the Software but receive credit for one full day of the Software subscription usage (as of the end of the quarter in which the failure occurred), for each full or partial hour of Software unavailability below 99.5%. Any such credit shall be applied to Customer's next invoice (or refunded if there are no forthcoming invoices). Second, if Citian fails to meet 98% availability of the Software for a calendar quarter, Customer may terminate its Agreement with Citian for cause and stop using the Software, in which case Citian will refund to Customer any prepaid fees for the remainder of the Term after the date of termination. 2) Data Ownership: Who owns the data we provide and what can be done with the data? As between Customer and Citian, Customer shall retain all right, title and interest to all Customer Data. All refined data can be downloaded by Customer or sent to the Customer’s database automatically via API or Customer defined format. 3) ADA Compliance: If your proposed services include websites, they must be AA compliant as defined by WCAG (Web Content Accessibility Guidelines) standards. Citian’s CRASH system meets WCAG 2.1, Level AA. 4) Data Security: How secure is our data and how is it being kept secure? a. If this is a multi-tenant environment on the same hardware how is our data kept separate and secure from other customers, including any PII (Personally Identifiable Information) that may be gathered? Each customer/tenant has its own data schema separately from others. Users from a customer can only access his own data schema. We do not gather nor put PII in the database. We also have algorithm and ML model to double check and remove PII in case the data includes PII from the Customer. b. If PII is gathered, is it encrypted in transit and at rest? PII is not gathered. All customer data is encrypted in transit and at rest. c. If credit card transactions are occurring is your system fully PCI compliant? Credit card transactions will not occur in our system. 5) Data Integrity: What do you do as a vendor to ensure our data maintains its integrity? Citian runs its ETL pipelines in accordance with Medallion architecture principles. Raw data is imported into the system in a minimally processed format. Data aggregation and refinement take place in separate schemas, ensuring a consistent process with full traceability of data lineage. Activity and audit logs are maintained to ensure that any and all changes to data can be traced back to the original source, including user edits in the system. 41 6) We require data centers to be located in the United States: What country will our data be located in? Citian stores all customer data in database cloud providers (AWS and Snowflake) in regions located in the continental United States. 7) Responding to legal demands to disclose data: What is your process when someone subpoenas or requests our data from you as a vendor? Customer has full access to the data. The data process procedure is also available in the system. Citian will assist Customer with subpoenas if needed. 8) Reporting: What is your protocol for data breaches? Please see the attached Citian Incident Response Plan (Appendix B). 9) Disaster Recovery: What protections/protocols do you have in place to mitigate disasters? Please see the attached Citian Disaster Recovery Plan (Appendix C). 10) Business Continuity/Exit: If you decide to bring your business to an end or we end our relationship what happens to our data? If you give us a copy of our data, what format options will there be for our data and what assistance will you provide getting our data to us? Customer can download the data in csv format in the system anytime or retrieve the data via API into the Customer’s database in real time. Please check the attached Citian Business Continuity Plan (Appendix D) for more details. 11) Termination rights and consequences: What is your termination policy both for you as a vendor and us as a customer? Citian (Provider) may terminate this Agreement, effective on written notice to the City if the City: 1) fails to pay any amount when due hereunder, and such failure continues more than sixty (60) days after Provider’s delivery of written notice thereof; or 2) breaches any of its obligations under Paragraph 6 of the SaaS Agreement, Any Party to the Saas Agreement may terminate their obligations under the Agreement, effective on written notice to the other Parties, if another Party materially breaches the Agreement, and such breach: 1) is incapable of cure; or 2) being capable of cure, remains uncured sixty (60) days after the non-breaching Party provides the breaching Party with written notice of such breach; or Any Party to the Agreement may terminate the Agreement, effective immediately upon written notice to the other Parties, if the other Party: 1) becomes insolvent or is generally unable to pay or fails to pay its debts as they become due; 2) files or has filed against it a petition for voluntary or involuntary bankruptcy or otherwise becomes subject, voluntarily or involuntarily, to any proceeding under any domestic or foreign bankruptcy or insolvency law; 3) makes or seeks to make a general assignment for the benefit of its creditors; or 4) applies for or has appointed a receiver, trustee, custodian, or similar agent appointed by order of any court of competent jurisdiction to take charge of or sell any material portion of its property or business. Questionnaire Completed by: Jianwei Wang, Chief Technology Officer Date: 02/18/2026 42 Appendix A: Exhibit B, referenced in SaaS Agreement Appendix A: Exhibit B, referenced in SaaS Agreement Citian, Inc. Master Subscription Agreement This Master Subscription Agreement is entered into on _________________ (“Effective Date”) by and between Citian, Inc., a Delaware corporation with its principal place of business at 99 M Street, SE, Suite 755, Washington, DC 20003 (“Citian”), and_________________ (“Customer”). 1 Definitions. 1.1 “Agreement” as used herein includes this Master Subscription Agreement and any exhibits, schedules, amendment, addenda or appendices hereto, any documents incorporated herein and any Order Forms or SOWs referencing this Agreement. 1.2 “Authorized User” means any employee or independent contractor or other end user of Customer who has been authorized by Customer to access and use the Offering in accordance with the terms herein and who has separately agreed to Citian’s standard terms of use agreement. 1.3 “Confidential Information” has the meaning set forth in Section 7 of this Agreement. 1.4 “Control” means either the direct or indirect control of 50 percent or more of the shares or other equity interests of the subject entity entitled to vote in the election of directors or other matters (or, in the case of an entity that is not a corporation, for the election or appointment of the corresponding managing authority). 1.5 “Customer Data” means any and all information entered or uploaded to the Offering by or on behalf of Customer or an Authorized User. 1.6 “Deliverable” means all custom-developed documents, designs, and other materials that are authored or prepared by Citian for Customer pursuant to an SOW and that are specifically identified on such SOW as a “Deliverable”. The term “Deliverable” does not include the Offering (including all modifications, improvements and enhancements to the Offering), the Offering documentation, Citian’s proprietary education and training content, and all pre-existing materials related to Citian’s Professional Services processes, know-how and methodologies. 1.7 “Force Majeure Events” has the meaning set forth in Section 21 of this Agreement. 1.8 “Offering” means any of Citian’s commercially available software as a service (SaaS) application that are ordered by Customer via one or more Order Form(s). 1.9 “Order Form” has the meaning set forth in Section 4 of this Agreement. 1.10 “Professional Services” has the meaning set forth in Section 6 of this Agreement. 1.11 “Service Description Document” means the document titled “Service Description Document,” which includes functional descriptions of Citian’s commercially available software application to be deployed, as may be updated from time to time. The current version (as of the Effective Date) of the Service Description Document is attached hereto as Exhibit C. Updated versions of the Service Description Document will be provided to Customer by Citian any time during the Term upon request. 1.12 “SOW” has the meaning set forth in Section 6 of this Agreement. 1.13 “Subscription Term” has the meaning set out in Section 3.4 of this Agreement. 1.14 “Term” has the meaning set forth in Section 2.1 of this Agreement. 2 Term and Termination. 2.1 Term of Agreement. The duration of this Agreement commences on the Effective Date and continues until terminated in accordance with the terms herein (“Term”). This Agreement will automatically terminate upon the expiration of all Order Forms entered into pursuant to this Agreement. 2.2 Term of Order Forms and SOWs. The term of each Order Form or SOW will be as set forth in such Order Form or SOW. If no term is set forth on an Order Form or SOW, the term will commence on the effective date of such Order Form or SOW and continue for a period of one (1) year. Thereafter, the term of the Order Form or SOW will automatically renew for successive one (1) year terms, unless and until either party provides the other party with written notice of its intent not to renew the Order Form or SOW at least thirty (30) days prior to the end of the then-current term. 2.3 Right to Terminate. Either party may terminate the Agreement or an Order Form or SOW in the event that the other party has materially breached the Agreement (or the applicable Order Form or SOW) and such breach has not been cured (or, if the breach is not capable of being cured, discontinued with appropriate changes to ensure that it is not repeated) within thirty (30) days of written notice of breach from the other party. Either party may terminate this Agreement immediately if the other party terminates or suspends its business as a result of bankruptcy, insolvency or similar event. All Order Forms and SOWs will terminate upon the termination of this Agreement. 3 Offering Usage Rights. 3.1 General Rights. Through the expiration or termination of the Agreement, Citian grants to Customer a limited, non-transferable, non-exclusive right to access and use the features and functionality of the Offering and Offering documentation for Customer’s internal business purposes. The Offering shall be made available to Customer as a service that Customer may access and use for the Subscription Term set out in an Order Form(s). Citian will host and retain physical control over the Offering and make the Offering available through the Internet for access, use and operation by Customer through a web browser. Other than as specifically set forth above and unless otherwise agreed to by Citian in writing, no provision under this Agreement shall obligate Citian to deliver or otherwise make available any copies of computer programs or code from the Offering to Customer, whether in object code or source code form. 3.2 General Restrictions. Except where applicable law prohibits such restrictions, Customer agrees that it shall not: (i) license, sublicense, sell, resell, rent, lease, transfer, distribute, time share or otherwise commercially exploit or make the Offering available to any third party other than as contemplated by this Agreement; (ii) make derivative works of, disassemble, reverse compile or reverse engineer any part of the Offering or Offering documentation; or (iii) access the Offering or Offering documentation in order to build a similar or competitive product or service (or contract with a third party to do so). Customer may not remove or alter any of the logos, Appendix A (Exhibit B of SaaS Agreement) trademark, patent or copyright notices, confidentiality or proprietary legends or other notices or markings within the Offering or Offering documentation. 3.3 Use By Authorized Users. Subject to the usage limitations described below, Customer may allow Authorized Users to access and use the Offering solely for Customer’s internal business purposes. The obligations and limitations as to Customer that are set forth in this Agreement also apply to Authorized Users that are provided access to the Offering. Customer is responsible for ensuring that its employees, any third parties and its Authorized Users (and their employees) are aware of and comply with the terms of this Agreement. Any breach of this Agreement by such entities or individuals shall be deemed to be a breach by Customer and Customer is liable for such breaches. 3.4 Usage Limitations. Each Order Form may set forth a user limit or other usage limitation. Use of the Offering by Customer is restricted to the number and type of users (or such other usage limitation) as set forth in the Order Form. A user means an individual human being and may be an employee, consultant, contractor or agent of Customer or an Authorized User. User rights are granted for a specific time period as set out in an Order Form and use of the Offering by Customer is limited to such time period (“Subscription Term”). User rights may be transferred from one person to another person by Customer, but user rights may not be shared or used concurrently by more than one person at a time. 4 Order Forms. The Offering ordered by Customer shall be listed in a mutually executed ordering document on Citian’s form (“Order Form”). Each Order Form will specify the specific Offering application(s) ordered, the fees and the payment terms for use of the Offering. The Subscription Term for each Order Form commences on the start date specified in each Order Form and continues for the term specified therein. Each Order Form during the Term is governed by the terms of this Agreement. In the event of a conflict or discrepancy between the terms of an Order Form and the terms of the Agreement, the Agreement shall govern except as to which specific Offering applications were ordered, the Subscription Term for the order, and the fees, currency and payment terms for the order, for which the Order Form shall govern. Except as otherwise specified in an Order Form: fees are based on services purchased and not actual usage; payment obligations set forth in an Order Form are non-cancelable; fees paid are non-refundable; and the number of subscriptions purchased cannot be decreased during the relevant subscription term stated on the Order Form. 5 Services Levels and Support. Citian’s policies, procedures and practices regarding system performance, monitoring and technical support are as set forth in the Service Level Agreement (“SLA”) contained in Exhibit A. Citian reserves the right to change such policies, procedures and practices as required in Citian’s reasonable judgment, provided that such changes may never degrade in any material respect the standard of service or protections described Exhibit A. 6 Professional Services. Citian offers certain professional services including services related to implementation and optimization of the Offering, change management and business practice optimization, and education and training (“Professional Services”). Such Professional Services are typically purchased via a mutually executed statement of work (“SOW”). Unless otherwise set forth in the SOW, Customer shall have a non- exclusive, internal-use license to the Deliverables resulting from Citian’s Professional Services for the duration of the SOW. Each SOW during the Term is governed by the terms of this Agreement and in the event of any conflict or discrepancy between an SOW and the terms of the Agreement, the Agreement shall govern except as to the scope of work, fees, currency, expenses and payment terms for the Professional Services, for which the SOW will govern. 7 Confidential Information. Each party agrees: (i) that it will use (and will ensure that its employees, Authorized Users, agents, contractors and other allowed third parties use) reasonable efforts (which shall be no less than the efforts used to protect its own confidential information of a similar nature) to prevent the disclosure of the other party’s Confidential Information to any person or entity, unless authorized by the other party; and (ii) that it will not use Confidential Information of the other party for any purpose other than as authorized by this Agreement or by the other party. As to Citian, the term “Confidential Information” includes information specifically designated as confidential or that would be understood to be confidential or proprietary by a reasonable person, the features and functions of the Offering that are not available to the general public via the public internet (including screenshots of the same), future product plans, any Offering documentation or specifications provided to Customer, the commercial terms (including pricing) of this Agreement and any Order Form or SOW (but not the mere existence of this Agreement), audit, performance and security test results (whether conducted by Citian or Customer), and any other proprietary, financial or business information supplied to Customer by Citian. As to Customer, the term “Confidential Information” includes information specifically designated as confidential or that would be understood to be confidential or proprietary by a reasonable person, login credentials for accessing the Offering, and Customer Data (including personally identifiable data). Notwithstanding the foregoing, “Confidential Information” shall not include (i) information which is or becomes publicly known through no act or omission of the receiving party, or (ii) information gained by the receiving party independent of the disclosing party. Notwithstanding the foregoing, it shall not be a breach of this Agreement to disclose Confidential Information required to be disclosed pursuant to administrative or court order, government or regulatory investigation or requirement, or arbitration or litigation arising out of this Agreement; provided, however, that to the extent permissible, each party shall, in advance of any such disclosure, promptly notify the other party in order to provide the other party reasonable time to seek a protective order with respect to the requested information or otherwise challenge or oppose the disclosure requirement. Additional information regarding Confidential Information along with Citian’s Mutual Non-Disclosure Agreement, which will be adhered to throughout the term of this contract, can be found in Exhibit B. 8 Ownership. As between Customer and Citian, Customer shall retain all right, title and interest to all Customer Data. Citian shall retain all right, title and interest in and to (i) the Offering, the Offering documentation, all modifications, improvements and enhancements to the Offering (regardless of the source of inspiration for any such enhancement or modification and regardless of whether Customer has provided input regarding such modifications and enhancements) and all inventions or discoveries embodied within the Offering; (ii) proprietary education or training content; (iii) pre-existing materials related to Citian’s Professional Services processes, know-how and methodologies; and (iv) all Deliverables, provided that no Customer Confidential Information (including any personally identifiable information or Customer proprietary data) is shared or revealed by or included within the portion of any Deliverable later used by Citian. Notwithstanding any other term of this Agreement, Citian may access and use and shall retain all right, title and interest in transactional and performance data related to use of the Offering, which may include aggregated and anonymized data based upon Customer Data, so long as such data does not reveal any personally identifiable information or specific traits of any particular individual person or of Customer or an Authorized User. Citian reserves to itself all rights that are not expressly granted pursuant to this Agreement. 9 Customer Data. 9.1 License; Ownership. Customer is solely responsible for any and all obligations with respect to the accuracy, quality and legality of Customer Data. Customer will obtain all third-party licenses, consents and permissions needed for Citian to use the Customer Data to provide the Offering or Professional Services. Without limiting the foregoing, Customer will be solely responsible for obtaining from third parties all necessary rights for Citian to use the Customer Data submitted by or on behalf of Customer for the purposes set forth in this Agreement. Customer grants Citian a non-exclusive, worldwide, royalty-free and fully paid license (a) during the Term to use the Customer Data as necessary for purposes of providing and improving the Services; (b) during the Term to use the Customer trademarks, service marks, and logos as required to provide the Services; and (c) during and after the Term to use the Customer Data in an aggregated and anonymized form to: (i) improve the Offering and Citian’s related products and services; (ii) provide analytics and benchmarking services; and (iii) generate and disclose statistics regarding use of the Offering, provided that no Customer-only statistics will be disclosed to third parties without Customer’s consent. The Customer Data and all worldwide intellectual property rights in it are the exclusive property of Customer. All rights in and to the Customer Data not expressly granted to Citian in this Agreement are reserved by Customer. 9.2 Customer Warranty. Customer represents and warrants that any Customer Data will not (a) infringe any copyright, trademark, or patent; (b) misappropriate any trade secret; (c) be deceptive, defamatory, obscene, pornographic or unlawful; (d) contain any viruses, worms or other malicious computer programming codes intended to damage Citian’s system or data; and (e) otherwise violate the rights of a third party. Citian is not obligated to back up any Customer Data; the Customer is solely responsible for creating backup copies of any Customer Data at Customer’s sole cost and expense. Customer agrees that any use of the Offering contrary to or in violation of the representations and warranties of Customer in this Section 9.2 constitutes unauthorized and improper use of the Offering. 9.3 Artificial Intelligence Automated Decision Use. Citian’s software platform employs machine-learning models solely to automate data validation, aggregation, and reporting functions. All predictive outputs are provided for informational purposes and are not used to make enforcements, legal, or adjudicative determinations. Citian does not use Customer Data to train models for any third-party customers. 9.4 Data Segregation and Minimization. Citian maintains logical separation of each customer’s production data and limits access to the minimum necessary personnel for support and maintenance. Data is encrypted at rest and in transit using FIPS 140-2 validated cryptographic modules. 10 Payments. 10.1 Payment and Taxes. Customer agrees to pay to Citian all amounts set forth on the applicable Order Forms and SOWs. All fees and other charges payable by Customer to Citian under this Agreement are stated exclusive of all federal, state, local and foreign taxes, levies and assessments of any nature (including value-added, use or withholding taxes). Customer agrees to bear and be responsible for the payment of all such taxes, levies and assessments imposed on Customer or Citian arising out of this Agreement, excluding any tax based on Citian’s net income. If Customer is required by any applicable law to deduct or withhold amounts otherwise payable to Citian hereunder, Customer will pay the required amount to the relevant governmental authority and pay to Citian, in addition to the payment to which Citian is otherwise entitled under this Agreement, such additional amount as is necessary to ensure that the net amount actually received by Citian free and clear of all taxes equals the full amount Citian would have received had no such deduction or withholding been required. 10.2 Late Payment. In the event payment is not made within thirty (30) days of the date payment was due and such payment is not the subject of a reasonably basis written dispute, Citian shall have the right, at its sole option, to suspend Customer's access to the Offering until payment is made. Citian will provide written notice to Customer prior to suspension of access to the Offering. 11 Citian Warranties. Citian represents and warrants as follows: (i) the Offering will perform substantially in accordance with the Service Description Document; (ii) Professional Services shall be provided in a professional manner consistent with industry standards; (iii) Citian has the right to grant license for Offering to the Customer; (iv) Offering is free from all viruses detectable by industry standard means; and (v) Offering is free from all material defects and further that Citian will correct any such defect in the Offering at no additional cost to Customer. Customer must notify Citian in writing of any claim that the Offering does not perform substantially in accordance with the Service Description Document no later than thirty (30) days after the last day of the month in which the asserted non-performance occurred. Customer must notify Citian in writing of any claim of breach of warranty relating to Professional Services within ninety (90) days of completion of the Professional Services engagement (normally an SOW) under which the Professional Services were delivered. For any breach of the warranty claim with respect to the Services Description Document, Customer’s exclusive remedy and Citian’s entire liability shall be for Citian to (i) provide the support required hereunder to bring the Offering in compliance with the Service Description Document; or if both parties agree that such support will or has not remedied the non-complying Offering, (ii) terminate the Agreement or applicable Order Form and refund the prepaid fees for the Offering, on a pro rata basis, for the period following termination. For any breach of warranty claim relating to Professional Services, Customer’s exclusive remedy and Citian’s entire liability shall be for Citian to (i) re-perform the deficient Professional Services; or if both parties agree that re-performance will not remedy the deficient Professional Services, (ii) refund the fees paid for the Professional Services. 12 DISCLAIMER OF WARRANTY. EXCEPT AS EXPLICITLY SET FORTH IN THIS AGREEMENT OR TO THE EXTENT NOT PROHIBITED BY APPLICABLE LAW, CITIAN DISCLAIMS AND EXCLUDES ALL WARRANTIES, CONDITIONS AND OTHER TERMS IMPLIED BY STATUTE, COLLATERALLY OR OTHERWISE, INCLUDING WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CITIAN DOES NOT GUARANTEE OR WARRANT THAT THE SOFTWARE WILL PERFORM ERROR-FREE OR UNINTERRUPTED. 13 Indemnification. 13.1 General Indemnity. Citian agrees to defend, indemnify and hold harmless Customer and its directors, officers and employees from and against any demands, damages or liabilities (including reasonable attorneys’ fees) arising from a third-party claim that Citian caused bodily injury (including death) or damaged real or tangible personal property in the provision of the Offering or Professional Services hereunder. 13.2 Infringement Indemnity. Citian shall at its expense defend, or at its option settle any claim, action or allegation brought against Customer alleging that the Offering, when used as authorized herein, or any Deliverable infringes any valid U.S. copyright, patent, trade secret or any other proprietary right of any third party and shall pay any final judgments awarded or settlements entered into, provided that Customer gives prompt written notice to Citian of any such claim, action or allegation of infringement and gives Citian the authority to proceed as contemplated herein. In the event any infringement claim, action or allegation is brought or threatened, Citian may, at its sole option and expense: (a) procure for Customer the right to continue use of the Offering, Deliverable or infringing part thereof; (b) modify, amend or replace the Offering, Deliverable or infringing part thereof with other software having substantially the same or better capabilities; or, if neither of the foregoing is in Citian’s opinion commercially practicable, (c) terminate this Agreement (or the portion of any Order Forms for allegedly infringing materials) and refund to Customer the prorated amount of the fees prepaid by Customer under the relevant Order Forms or SOWs that were to apply to the remainder of the unexpired Term, as calculated from the termination date through the remainder of the unexpired Term. The foregoing obligations will not apply to the extent the infringement arises as a result of (i) any use of the Offering in a manner expressly prohibited by this Agreement (including any modification of the Offering by any party other than Citian); or (ii) any use by Customer of the Offering in combination with other products, equipment, devices, software, systems or data not supplied by Citian to the extent such claim is directed against such combination, provided that this exclusion shall not be applicable to combinations with hardware, software or other technology required to access and use the Offering (e.g., a web browser, an internet connection and a personal computer, upon which certain Citian applications are built). This Section states the exclusive remedy of Customer and the entire liability of Citian with respect to infringement of any patent, copyright, trade secret or other intellectual property right. 13.3 Customer Indemnity. Customer shall at its expense defend, or at its option settle any claim, action or allegation brought against Citian arising out of a breach by Customer of Section 9.2 or Section 24 of this Agreement, provided that Citian gives prompt written notice to Customer of any such claim, action or allegation of infringement and gives Citian the authority to proceed as contemplated herein. 13.4 Indemnity Process. The indemnifying party will have the exclusive right to defend any indemnified claim (including the right to select and control the work of counsel) and make settlements thereof at its own discretion. The indemnifying party may not settle or compromise any indemnified claim, action or allegation that requires payment of fees by the indemnified party or an admission of liability by the indemnified party, except with prior written consent of the indemnified party. The indemnified party shall give such non-monetary assistance and information as the indemnifying party may reasonably require to settle or defend indemnified claims. 13.5 Indemnification from AI and Predictive Analytical Outputs. Ctitian’s indemnification obligations exlude any claim solely from Customer’s use of predictive or analytical outputs for regulatory or enforcement purposes. 14 Limitation of Liability. IN NO EVENT WILL EITHER PARTY BE LIABLE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, PUNITIVE OR EXEMPLARY DAMAGES OR ANY LOSS OF REVENUE, PROFITS OR DATA USE ARISING OUT OF THIS AGREEMENT. CITIAN’S MAXIMUM LIABILITY IN CONNECTION WITH THIS AGREEMENT, ON THE BASIS OF ANY THEORY OF LIABILITY OR CAUSE OF ACTION, SHALL BE LIMITED TO THE FEES COLLECTED BY CITIAN FROM CUSTOMER PURSUANT TO THIS AGREEMENT IN THE TWELVE (12) MONTHS PRECEDING THE IMPOSITION OF LIABILITY. THE EXCLUSIONS AND LIMITATIONS OF THIS SECTION DO NOT APPLY (A) TO THE EXTENT PROHIBITED BY APPLICABLE LAW, (B) TO CUSTOMER’S CONTRACTUAL PAYMENT OBLIGATIONS, (C) TO THE INDEMNITY OBLIGATIONS SET FORTH IN SECTIONS 13, (D) TO ANY BREACH OF CONFIDENTIALITY OBLIGATIONS SET FORTH IN SECTION 7 OR (E) TO DAMAGES AS A RESULT OF A PARTY’S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT. 15 Governing Law and Dispute Resolution. This subcontract shall be interpreted and construed in accordance with the laws of Delaware, without regard to its conflict of laws provisions. In the event of a dispute, the parties shall first attempt to resolve by face-to-face negotiation with employees from each party with a title of vice president or higher in attendance, for a period of no less than fifteen (15) days. For any dispute that the parties fail to resolve by negotiation, the parties agree to next attempt to resolve such dispute through non-binding mediation prior to initiating arbitration. The mediation shall last at least eight (8) hours unless otherwise agreed to by the parties. The parties shall equally share the cost of the mediator. In the event that the parties cannot agree to a mediator, then Citian shall propose three (3) experienced, neutral mediators, and Customer shall select one (1) mediator from the list proposed by Citian. In the event that the parties have not resolved such dispute through non- binding mediation, either party can refer the dispute to binding arbitration through JAMS, in accordance with the JAMS Streamlined Arbitration Rules and Procedures. Such arbitration shall be held in a place mutually agreed by the parties and will be administered by one (1) arbitrator to be mutually agreed upon by the parties. Any award or decision of such arbitrator will be binding on the parties and may be enforced by any court of competent jurisdiction. Notwithstanding the foregoing, either party may seek emergency equitable relief at any time in any court of competent jurisdiction. 16 Export Control Laws. Each party shall comply with the export control laws of the United States which are applicable to the Offering. Such export control laws may prohibit use of the Offering in certain sanctioned or embargoed countries. 17 Pricing Adjustment. Citian offers the Offering to Customer for the annual license fee and other fees set forth in the Order Form (“Price”). Such Price shall not increase during the initial term of the Order Form. Before renewal of the initial term of the Order Form in accordance with Section 2.2 of this Agreement, Citian reserves the right to escalate the Price for the renewal term of the Order Form by no more than three percent (3%) to adjust for increases in the cost of equipment, staffing, hosting and other relevant goods and services. This section does not apply if the parties execute a new Order Form. 18 Advertising. Citian will not use the Customer or the name of any agency in any advertisement, news release, or professional or trade publication without prior written approval from Customer. 19 Independent Contractors. Citian and Customer are independent contractors. Neither party has the authority to bind or make any commitment on behalf of the other party. None of either party’s employees are entitled to any employment rights or benefits of the other party. Citian will be solely responsible for: (i) paying all wages and other compensation to Citian employees; (ii) withholding and payment of federal and state individual income tax, FICA, FUTA and other taxes and applicable amounts with respect to payments made to Citian’s employees; (iii) providing all insurance and other employment-related benefits to Citian’s employees; and (iv) making any overtime payments to Citian's employees if required by law or regulations. 20 Waiver, Entire Agreement and Amendments, Representations, Severability and Purchase Orders. The failure of either party to enforce at any time any of the provisions of this Agreement, or the failure to require at any time performance by the other party of any of the provisions of this Agreement, will not be construed to be a waiver of such provisions, or in any way affect the right of either party to enforce such provision thereafter. The Agreement encompasses the entire agreement between Customer and Citian with respect to the subject matter hereof and supersedes all prior representations, agreements and understandings, written or oral. This Agreement may not be altered, amended or modified except by written instrument signed by the duly authorized representatives of both parties. Customer acknowledges and agrees that in entering into this Agreement it does not rely on any statement, representation (whether innocent or negligent), assurance or warranty (whether or not in writing) of Citian, or any other person (whether or not party to this Agreement) other than as expressly set out in the Agreement. Customer specifically agrees that it has not relied upon and its purchase of subscriptions is not contingent upon the future availability of any software, products, services, programs, modifications, enhancements or updates in entering into the payment obligations in this Agreement. If any provision, or portion thereof, of this Agreement is or becomes invalid under any applicable statute or rule of law, it is to be deemed stricken and the rest of the Agreement shall remain in full force and effect. The terms and conditions appearing on any purchase order issued by Customer for this Agreement, if any, shall not change, add to, or modify the terms or conditions of this Agreement and shall have no effect. 21 Assignment. Neither party may transfer or assign this Agreement without the other party’s prior written consent, except to an entity who acquires all or substantially all of the business or assets of the party to which this Agreement pertains (whether by merger, acquisition, consolidation, reorganization, sale or other corporate transaction), and agrees in writing to be bound by the terms and conditions of this Agreement. 22 Survival. The provisions of this Agreement that are intended to survive termination or expiration of this Agreement in order to achieve the fundamental purposes of this Agreement shall so survive, including, without limitation, the provisions regarding confidentiality, disclaimer of warranties and limitation of liability. 23 Force Majeure. Citian shall not be held responsible for any delay or failure in performance hereunder caused in whole or in part by fire, flood, wind, storm, lightning or similar act of God, or by embargo, acts of sabotage, terrorism, riot or civil unrest, internet outages or mandatory compliance with any governmental act, regulation or request (“Force Majeure Events”). If a Force Majeure Event occurs and disrupts the services to be provided under this Agreement, the Agreement shall be deemed extended by the duration of the Force Majeure Event. 24 Notices. All notices or other communications required or permitted to be given pursuant to this Agreement shall be in writing and shall be considered properly given or made if hand delivered, mailed first class mail (postage prepaid and return receipt requested) or sent by recognized courier service (e.g., Federal Express, DHL, UPS), and addressed (i) if to Customer then to the attention of “Legal” at the addresses listed in the last signed Order Form (or to such other address as Customer may have designated by like notice forwarded to Citian hereto) or (ii) if to Citian then to the attention of “Legal” at 99 M Street, SE, Suite 755, Washington, DC 20003. 25 No Third-Party Beneficiaries. There are no third-party beneficiaries to this Agreement. 26 Customer’s Use of Third-Party Licensed Data. To the extent that Customer stores data in the Offering that has been purchased or licensed from third parties, Customer is responsible for ensuring its use, processing, reporting against, combination, comingling and manipulation of such data complies with its agreements with the third-party data provider, and Customer will indemnify and hold Citian harmless against any claims by such third-party data providers arising from Customer’s use of such third-party data in the Offering. 27 Execution. This Agreement may be executed in counterparts and exchanged by facsimile or electronically scanned copy exchanged via email or via electronic signature. Each such counterpart shall be deemed to be an original and all such counterparts together shall constitute one and the same Agreement. The authorized representatives of the parties have executed this Agreement by their signatures below: Citian, Inc. Customer By: By: Name: Name: Title: Title: Date: Date: Exhibit A Service Level Agreement 1. Service Availability 1.1 Measure. The Offering will be available 99.5% of the time (24x7x365), except as provided below. Offering availability will be calculated per calendar quarter, as follows: total – nonexcluded - excluded > 99.5% total - excluded Where: • total means the total number of minutes for the quarter • nonexcluded means downtime that is not excluded • excluded means the following: o Any planned downtime of which Citian gives 8 hours or more notice. Citian will use commercially reasonable efforts to schedule all planned downtime during non-peak usage times (i.e., the hours from 6:00 p.m. Friday to Sunday midnight, U.S. Eastern Time). o Any unavailability caused by circumstances beyond Citian's reasonable control, including without limitation, a Force Majeure Event. o Any unavailability as a result of (i) non-compliance by Customer with any provision of this SLA; (ii) incompatibility of Customer’s equipment or software with the Offering; (iii) actions or inactions of Customer or third parties; (iv) Customer’s use of the Offering after Citian has advised Customer to modify its use of the Offering, if Customer did not modify its use as advised; (v) acts or omissions of Customer or Customer’s employees, agents, contractors, or vendors, or anyone gaining access to the Offering by means of Customer’s passwords or equipment; (vi) performance of Customer’s systems or the Internet; (vii) any systemic Internet failures; or (viii) network unavailability or Customer’s bandwidth limitations. o For purposes of the availability calculation, “downtime” means a measurement interval during which time the Offering is not responsive to an automated request ("Monitoring Transaction") generated by Citian's monitoring software. Measurement intervals for Monitoring Transactions are no more than five (5) minutes on a 24X7 basis. Monitoring Transactions used for the availability calculation include network and application availability requests. The monitoring process does not cover every feature of the Offering. With respect to such features, Citian will investigate any suspected availability problem reported by Customer or which it otherwise becomes aware of and take commercially reasonable efforts to correct any such issues that can be verified by Citian. o For any partial calendar quarter during which Customer subscribes to the Offering, availability will be calculated based on the entire calendar quarter, not just the portion for which Customer subscribed. 1.2 Remedies: Should Citian fail to meet 99.5% availability of the Offering for a calendar quarter, Customer shall have the option of one (but not both) of the following. First, Customer may continue to use the Offering but receive credit for one full day of the Offering subscription usage (as of the end of the quarter in which the failure occurred), for each full or partial hour of Offering unavailability below 99.5%. Any such credit shall be applied to Customer's next invoice (or refunded if there are no forthcoming invoices). Second, if Citian fails to meet 98% availability of the Offering for a calendar quarter, Customer may terminate its Agreement with Citian for cause and stop using the Offering, in which case Citian will refund to Customer any prepaid fees for the remainder of the Term after the date of termination. The remedies specified in this “Remedies” section shall be the sole remedies available to Customer for breach of this SLA. 1.3 Reporting and Claims: To file a claim under this SLA, Customer must send an email to info@citiansolutions.com with the following details: • Billing information, including company name, billing address, billing contact and billing contact phone number • Downtime information with dates and time periods for each instance of downtime during the relevant period • An explanation of the claim made under the Agreement, including any relevant calculations. Claims may only be made on a calendar quarter basis within 30 days of the end of the relevant quarter, except for periods at the end of the Agreement that do not coincide with a calendar quarter, in which case Customer must make any claim after the end of its Agreement. All claims will be verified against Citian's system records. 2. Return of Customer Data. Upon termination or expiration of the Agreement, Citian shall (i) ensure that Customer has access to the Customer Data from the Offering for a period no more than thirty (30) days for the production environment and the sandboxes. In no event may Citian preclude Customer from retrieving the Customer Data after the expiration or termination of the Agreement. 3. Support Management. Citian will provide complete system support for Offering including standard and Customer-specific configurations and customizations and all future releases of system updates and new features. Coverage parameters specific to the services covered in this Agreement are as follows: • 24 hours per day, 7 days per week, 365 calendar days per year technical application support (subject to the limitations set forth herein); • Telephone support: 8:00 AM to 6:00 PM Eastern Time, Monday through Friday; • Email support: 8:00 AM to 6:00 PM Eastern Time, Monday through Friday; • Calls or emails received out of regular business hours will be forwarded to the mobile telephone of the assigned Citian Client Support Lead; • The Citian Service Desk will provide emergency support outside of regular business hours for critical requests (for example, Offering software system experiences unplanned downtime or is otherwise unavailable or a software feature is unavailable); • For non-critical requests received outside of regular business hours, the Citian Service Desk will respond as soon as possible during regular business hours and take the appropriate action(s) as described in this Agreement; • See Citian Service Desk published policy for further information regarding support request management, defect handling, recurring issues identification and escalation procedures, outage resolution and disaster recovery; • Any outages or planned downtimes in relation to the Citian Service Desk will be in line with the service support and availability SLA as set out in this Agreement; and • The Citian Service Desk shall provide access to the Customer’s service, tickets, and outage data and details for report creation and data export. 4. Incident Response. 4.1. Upon discovery or reasonable belief of any data breach or security threat (“Data Breach”) to the Offering software system’s integrity or Customer’s data, Citian will provide notice, by telephone and email, to the Customer within 24 hours of said Data Breach or after Citian reasonably believes there has been such a Data Breach. 4.2 To the extent known at the time of notification, Citian’s notice shall include: the nature of the Data Breach; o the data accessed, used or disclosed; o the person(s) who accessed, used, disclosed or received data (if known); o what Citian has done or will do to quarantine and mitigate the Data Breach; and o what corrective action Citian has taken or will take to prevent future Data Breaches. 4.3 Citian will provide daily updates, or more frequently if required by Customer, regarding findings and actions performed by Citian until the Data Breach has been effectively resolved to the Customer’s satisfaction. Citian shall quarantine the Data Breach, ensure secure access to data, and repair the Offering as needed in accordance with this SLA. Failure to do so may result in the Customer exercising its options for assessing damages or other remedies under this Agreement. 4.4 Citian shall investigate the Data Breach and share the report of the investigation with the Customer. The Customer or its authorized agents shall have the right to lead (if required by law) or participate in the investigation. Citian shall cooperate fully with the Agency, its agents and law enforcement. 4.5. Citian will respond to Customer’s requests for support services regarding Offering in accordance with the procedures identified below. In each case, Customer may describe and submit service request by telephone or email to the Citian Service Desk in accordance with Section 3 of this SLA: The Citian Service Desk escalates all Incident Requests to the Citian Support Team for immediate resolution. The Citian Service Desk will acknowledge the Incident Request within 15 minutes and immediately notify the Citian Support Team for Action. 5. Service Performance. 5.1 Response Time. Citian represents and warrants that 95 percent of all transactions shall process at a mutually agreed upon time threshold. Customer retains the right to use a third-party service to validate the performance of Citian’s response times. 5.2 Concurrent Users. Citian represents and warrants that the performance service levels set forth in this Agreement shall be valid up to an unlimited number of users using the Offering at any given time. 5.3 Service Architecture. Citian shall provide Customer with detailed architectural diagrams upon written request from the Customer. The architectural diagrams will include without limitation: servers, hardware, software solution (operating system, application servers, databases, identity repository) and network architecture (dataflow diagram, firewalls, proxies, IDS/IPS). Citian shall allow Customer reasonable access to review such architecture. 6. Service Maintenance. 6.1 Given the software-as-a-service (SaaS) model of Offering, Citian will provide Customer with the latest and generally available supported version of Offering, including all maintenance patches, software upgrades and new features, at no additional cost for the lifetime of the Order Form or SOW. 6.2 Citian will schedule and perform standard maintenance services including planned critical security and maintenance patch releases during non-peak hours outside of regular business hours (for example, midnight (12am) Eastern Time) or during weekends (“Standard Maintenance Window”). Citian will coordinate with Customer to develop a mutually agreed standard maintenance schedule. 6.3 The Citian Service Desk welcomes feature requests from clients. Customer or its employees, contractors or agents who are Authorized Users of Offering may provide Citian with such requests by email. Citian will consider all feature requests for utility, functionality and feasibility. 6.4 Citian will document all critical security patches, maintenance patches and release management standards, provide standard and emergency maintenance services and apply all critical security and maintenance patches to Offering. Citian will provide written guidance by email to Customer describing any significant updates to Offering. Updated system documentation will be provided to Customer via the Offering in-application help documentation and by email. 6.5 Citian shall provide 48 hours advance notice to Customer of any scheduled maintenance downtime that will occur outside of the Standard Maintenance Window outlined above. In case of emergency, Citian shall use its best efforts to notify Customer by telephone and email of any planned downtime as soon as practicable. 7. Data Management. 7.1 Citian will provide robust data management services to transmit, retain, store, delete and otherwise handle Customer’s data. 7.2 Data Processing and Hosting. Citian will ensure production data is not used outside of the production environment. Citian will notify Customer at least 90 days prior to any relocation of Customer’s data to a different hosting facility. Customer reserves the right to terminate the Agreement without penalty if Customer objects to the new hosting facility. All Customer data will be kept for the mutually agreed upon number of years or as otherwise required by applicable laws, rules and regulations. 7.3 Data Storage and Disposal. Citian shall retain all Customer data until Customer deletes or requests deletion of Customer’s data or for a minimum number of years as mutually agreed or such other time period required by applicable laws, rules and regulations or as otherwise mutually agreed to by the parties in this Agreement. Citian shall store Customer data in a non-proprietary format as mutually agreed upon between Citian and Customer. At Customer’s election, Citian will either securely destroy or transmit to Customer’s repository any backup copies of Customer’s data. 7.4 Data Backup. Citian shall provide geographically disparate storage on a daily basis of all backup discs, data or materials of any type whatsoever produced in whole or in part in connection with or relating to the performance by Citian of its obligations under this Agreement (including without limitation any discs, tapes, other storage media, work papers and partial drafts of documentation code). Citian shall use appropriate and reliable storage media. Citian shall regularly backup Customer’s data and retain such backup copies for a minimum time period as mutually agreed or otherwise required by applicable laws, rules or regulations. 7.5 Discovery (Legal Proceedings). If Citian receives a request that may be reasonably interpreted as requiring access to Customer’s data or Customer’s use of the Offering, Citian shall provide notice by telephone and email to Customer, unless prohibited by law from providing such notice. Citian shall provide such notice within 48 hours of receiving the request. Citian shall not respond to subpoenas, service of process, Public Records Act requests or other legal requests directed at Citian regarding this Agreement without first notifying Customer, unless prohibited by law from providing such notification. Where Citian is allowed to provide such notification, Citian shall provide its intended responses to Customer with adequate time for Customer to review, revise and, if necessary, seek a protective order in a court of competent jurisdiction. Citian shall not respond to legal requests directed at Customer unless authorized in writing to do so by Customer. 8. Information Security. 8.1 Citian will employ the latest and industry-leading cybersecurity and data security practices and policies as set out in this section. 8.2 Data Security. Citian assumes responsibility for the security and confidentiality of the Customer data under its control. Citian shall (i) certify the sufficiency of its security standards, tools, technologies and procedures in providing Offering under this Agreement; (ii) undergo an annual Standards for Attestation Engagements (SSAE) Service Organization Control (SOC) 2 Type II audit or equivalent such as ISO 27001 for Citian’s Control Environment. Citian shall provide Customer with results of such audit and Citian’s plan to correct any negative findings within seven (7) calendar days upon Citian’s receipt of such audit results; and (iii) provide Customer with detailed description of the audited Control Environment. If Customer determines the Control Environment is not satisfactory, Customer may request that Citian correct any deficiencies. Citian maintains a security and privacy program designed to comply with the security control families defined in NIST SP 800-53 Rev. 5 and aligns with FedRAMP Moderate Authorization equivalent standard. Citian is SOC 2 Type I certified [Month 2025] and Type II certified [Month 2025]. Certification reports will be made available to Customer upon request under an NDA. 8.3 Citian shall implement and at all times during this Agreement maintain all appropriate administrative, physical, technical and procedural safeguards in accordance with this section to secure the Customer’s data from any Data Breach, protect the data and Offering from any hacks or known or reasonably known security threats, including the introduction of viruses, disabling devices, malware or other forms of malicious or inadvertent acts that can disrupt Customer’s access to its data. 8.4 Citian shall allow Customer reasonable access to Offering’s security logs, latency statistics and other related security data that affect this Agreement and Customer’s data. 8.5 Citian shall not copy, modify, destroy or delete any Customer’s data other than for normal operations or maintenance of Offering during the Term without prior written notice and written approval of Customer. 8.6 Data Encryption/Handling PII. Information designated as sensitive including personally identifiable information (PII) shall be encrypted end-to-end while it is transit and at rest. Citian shall encrypt data using the most current Federal Information Processing Standard (FIPS) 140-2 validated cryptographic modules and the current Advanced Encryption Standard algorithm with respect to data that is at rest or in motion. 8.7 Confidentiality. Citian and Customer shall handle Confidential Information in accordance with the terms of this Agreement. 9. Service Reliability. 9.1 Citian will take all necessary steps to ensure business continuity in the event of disaster or catastrophic failure as set out in this section. 9.2 Citian shall use appropriate and reliable storage media for Data Backup. 9.3 Citian commits to an RPO of four (4) hours and RTO of twelve (12) hours or as otherwise mutually agreed between Citian and Customer. In other words, when unscheduled downtime occurs, Citian will resume service with data matching what the Offering software system contained at some point within the four (4) hours preceding the unscheduled downtime. Additionally, the Offering system cannot be down for longer than twelve (12) hours during unscheduled downtime. 9.4 In the event of disaster or catastrophic failure that results in significant data loss or extended loss of access to data (“Data Loss”), Citian shall notify Customer with by telephone and email within 24 hours of such Data Loss or after Citian reasonably believes there has been such disaster or catastrophic failure. In the notification, Citian shall inform Customer of: • the scale and quantity of the Data Loss; • what Citian has done or will do to recover the data and mitigate any deleterious effect of the Data Loss; and • what corrective action Citian has taken or will take to prevent any future Data Loss. Citian shall restore continuity of the Offering, restore data in accordance with the RPO and RTO set forth in this SLA, restore accessibility of data and repair the Offering as needed to meet the performance requirements under this SLA. Failure to do so may result in Customer exercising its option for assessing damages or other remedies under this Agreement. Citian shall investigate such disaster or catastrophic failure and share the report of the investigation with Customer. Customer or its authorized agents shall have the right to lead (if required by law) or participate in the investigation. Citian shall cooperate fully with Customer, its agents and law enforcement. 10. Audits and Compliance. 10.1 Citian will undertake annual audits, whether internally or by independent third-party auditor, to ensure that Offering complies with all relevant security control standards, regulations and expectations of Customer. Citian may also request an annual audit of Customer’s use of the Offering to ensure compliance with Customer’s responsibilities under this Agreement. 10.2 If Citian performs an internal security controls assessment, such audit shall be based on the current standards as mutually agreed or required by law, rules or regulations. Citian shall provide attestation of compliance along with the results of such assessment documented in a Security Assessment Report (SAR) to Customer. If Citian retained an independent third-party auditor, such audit will provide Statement on Standards for Attestation Engagements (SSAE-18) certifications. Citian shall provide Customer with System Operation Controls report (SOC 2) once per year and any applicable or Bridge/Gap letter. 10.3 If Customer requests in writing to conduct an audit of Offering, Citian agrees that Customer or its designated representative shall have access to all relevant operational documentation, reports and databases, including online inspections, that relate to Offering. The online inspection shall allow Customer, its authorized agents or a mutually agreed third party to test that controls are in place and working as intended. Tests may include without limitation: operating system and network vulnerability scans, web application vulnerability scans, database application vulnerability scans and any other scans to be performed by Customer or on behalf of Customer. 10.4 After any significant Data Loss or Data Breach or as a result of any disaster or catastrophic failure, Citian will at its expense have an independent, industry-recognized and Customer-approved third party perform an information security audit. Citian shall share the audit results with Customer within seven (7) calendar days of Citian’s receipt of such results. Upon Citian’s receipt of such audit results, Citian will provide Customer with written evidence of planned remediation within 30 days and promptly modify its security measures to meet its obligations under this Agreement. 10.5 Citian may, upon 60 calendar days’ notice to Customer but not more frequently than once per year, either: • request a signed certification by an officer of Customer verifying that Offering is being used in accordance with the terms of this Agreement; or • audit Customer’s use of Offering to ensure compliance with the terms and conditions of this Agreement. Any such audit will be conducted at Citian’s expense during regular business hours at Customer’s offices and shall not unreasonably interfere with Customer’s business activities. Citian shall provide documentation to Customer defining the scope of the audit not less than 30 calendar days prior to the audit. Customer shall have 60 calendar days to review Citian’s audit findings. 11. Notices. 11.1 All notices or other communications required under this Agreement must be provided to the following persons: Exhibit B Mutual Non-Disclosure Agreeement This Mutual Non-Disclosure Agreement (this "Agreement") is entered into between Citian, Inc., a District of Columbia corporation ("Company"), and the other party named on the signature page hereto ("Other Signatory") as of________________(the "Effective Date"),to protect the confidentiality of certain confidential information of Company or Other Signatory to be disclosed under this Agreement solely for use in or in connection with evaluating or pursuing a potential transaction related to Company's software products (the "Permitted Use"). Company and Other Signatory may be referred to herein individually as a "Party" and collectively as the "Parties." 1. As used herein, the "Confidential Information" of a Party will mean any and all technical and non technical information disclosed by such Party (the "Disclosing Party") to the other Party (the "Receiving Party"), which may include without limitation: (a) patent and patent applications; (b) trade secrets; (c) proprietary and confidential information, ideas, techniques, sketches, drawings, visualizations, works of authorship, models, inventions, know-how, processes, apparatuses, equipment, algorithms, software programs, software source documents, and formulae related to the current, future, and proposed products and services of each of the Parties, such as information concerning research, experimental work, development, design details and specifications, engineering, financial information, procurement requirements, purchasing, manufacturing, customer lists, investors, employees, business and contractual relationships, business forecasts, sales and merchandising, and marketing plans; and (d) all other proprietary, confidential, or trade secret information disclosed in any form that the Receiving Party knew, or reasonably should have known, was the Confidential Information of the Disclosing Party. 2. Subject to Section 3, the Receiving Party agrees that at all times and notwithstanding any termination or expiration of this Agreement it will hold in strict confidence and not disclose to any third party any Confidential Information of the Disclosing Party, except with the Disclosing Party's prior written consent, and will use the Confidential Information of the Disclosing Party for no purpose other than the Permitted Use. The Receiving Party will also protect such Confidential Information with at least the same degree of care that the Receiving Party uses to protect its own Confidential Information, but in no case, less than reasonable care. The Receiving Party will limit access to the Confidential Information of the Disclosing Party to only those of the Receiving Party's employees or authorized representatives (collectively, Representatives") having a need to know such information strictly for the Permitted Use and who have signed confidentiality agreements containing, or are otherwise bound by, confidentiality obligations at least as restrictive as those contained herein. The Receiving Party shall be liable for the acts or omissions of its Representatives and any breach of the terms of this Agreement by its Representatives. 3. The Receiving Party will not have any obligations under this Agreement with respect to a specific portion of the Confidential Information of the Disclosing Party if such Receiving Party can demonstrate with competent evidence that such portion of Confidential Information: (a) was in the public domain at the time it was disclosed to the Receiving Party; (b) entered the public domain subsequent to the time it was disclosed to the Receiving Party, through no fault of the Receiving Party; (c) was in the Receiving Party's possession free of any obligation of confidence at the time it was disclosed to the Receiving Party; (d) was rightfully communicated to the Receiving Party free of any obligation of confidence subsequent to the time it was disclosed to the Receiving Party; or (e) was developed by employees or agents of the Receiving Party who had no access to any Confidential Information. 4. Notwithstanding the above, the Receiving Party may disclose certain Confidential Information of the Disclosing Party, without violating the obligations of this Agreement, to the extent such disclosure is required by a valid order of a court or other governmental body having jurisdiction, provided that the Receiving Party provides the Disclosing Party with reasonable prior written notice of such disclosure and makes a reasonable effort to obtain, or to assist the Disclosing Party in obtaining, a protective order preventing or limiting the disclosure and/or requiring that the Confidential Information so disclosed be used only for the purposes for which the law or regulation required, or for which the order was issued. 5. The Receiving Party will immediately notify the Disclosing Party upon becoming aware of or suspecting any loss or unauthorized disclosure of the Confidential Information of the Disclosing Party. The Receiving Party shall take all reasonable measures to prevent the further loss or unauthorized disclosure of the Disclosing Party's Confidential Information. 6. Upon termination or expiration of this Agreement, or upon written request of either Party, a Receiving Party shall immediately cease use of the Disclosing Party's Confidential Information received hereunder and shall immediately return to the Disclosing Party or destroy all documents and other materials representing the Disclosing Party's Confidential Information and all copies and derivatives thereof. The Receiving Party shall certify in writing to the Disclosing Party that it has complied with the foregoing upon completion. 7. Confidential Information is and will remain the sole property of the Disclosing Party. The Receiving Party recognizes and agrees that nothing contained in this Agreement will be construed as granting any property rights, by license or otherwise, to any Confidential Information of the Disclosing Party, or to any invention or any patent, copyright, trademark, or other intellectual property right that has issued or that may issue, based on such Confidential Information. Neither Receiving Party will make, have made, use, or sell for any purpose any product or other item using, incorporating, or derived from any Confidential Information of the Disclosing Party. Neither this Agreement nor the disclosure of any Confidential Information hereunder will result in any obligation on the part of either Party to enter into any further agreement with the other, license any products or services to the other, or to require either Party to disclose any particular Confidential Information. Nothing in this Agreement creates or will be deemed to create any employment, joint venture, or agency between the Parties. 8. The Receiving Party will not reproduce the Confidential Information of the Disclosing Party in any form except as required to accomplish the intent of this Agreement. Any reproduction by a Receiving Party of any Confidential Information of the Disclosing Party will remain the property of the Disclosing Party and will contain any and all confidential or proprietary notices or legends that appear on the original, unless otherwise authorized in writing by the Disclosing Party. 9. This Agreement will commence as of the Effective Date and terminate five (5) years after the Effective Date, unless otherwise terminated by either Party at any time upon 30 days’ written notice to the other Party. Each Party's obligations under this Agreement will survive termination of this Agreement and will be binding upon such Party's heirs, successors, and assigns. Each Party's obligations with respect to the other Party's trade secrets will continue for as long as such information is deemed to be a trade secret under applicable law. Each Party's obligations with respect to all other Confidential Information of the other Party will terminate only pursuant to Section 3. 10. The Disclosing Party is providing Confidential Information on an "as is" basis for use by the Receiving Party at its own risk. The Disclosing Party disclaims all warranties, whether express, implied, or statutory, including without limitation any implied warranties of title, non- infringement of third-party rights, merchantability, or fitness for a particular purpose. 11. This Agreement and any action related thereto will be governed, controlled, interpreted, and defined by and under the laws of the District of Columbia, without giving effect to any conflicts of laws principles that require the application of the law of a different state. Any disputes under this Agreement may be brought in the state courts and the Federal courts for the county in which Company's principal place of business is located, and the Parties hereby irrevocably consent to the personal jurisdiction and exclusive venue of these courts. This Agreement may not be amended except by a written agreement signed by both Parties. 12. The Other Signatory acknowledges and agrees that its actual or threatened breach of this Agreement will cause irreparable damage to the Company and hereby agrees that the Company shall be entitled to obtain injunctive or other equitable or provisional relief under this Agreement, as well as such further relief as may be granted by a court of competent jurisdiction. The Other Signatory hereby waives any requirement for the securing or posting of any bond or the showing of actual monetary damages in connection with such claim. In the event that the Company institutes any legal suit, action or proceeding against the Other Signatory arising out of related to this Agreement, the prevailing Party in such suit, action or proceeding shall be entitled to receive, in addition to all other damages to which it may be entitled, the costs and expenses (including reasonable attorney's fees and court costs) incurred by such Party in conducting the suit, action or proceeding. 13. If any provision of this Agreement is found by a proper authority to be unenforceable or invalid, such unenforceability or invalidity will not render this Agreement unenforceable or invalid as a whole and, in such event, such provision will be changed and interpreted so as to best accomplish the objectives of such unenforceable or invalid provision within the limits of applicable law or applicable court decisions. Any waiver or failure to enforce any provision of this Agreement on one occasion will not be deemed a waiver of any other provision or of such provision on any other occasion. 14. Neither Party will communicate any information to the other Party in violation of the proprietary rights of any third party. 15. Neither Party will assign or transfer any rights or obligations under this Agreement without the prior written consent of the other Party and any attempted assignment, subcontract, delegation, or transfer in violation of the foregoing will be null and void, except that a Party may assign this Agreement without such consent to its successor in interest by way of merger, acquisition, or sale of all or substantially all of its assets. The terms of this Agreement will be binding upon assignees. 16. The Receiving Party will not export, directly or indirectly, any U.S. technical data acquired pursuant to this Agreement, or any products utilizing such data, in violation of the United States export laws or regulations. 17. All notices or reports permitted or required under this Agreement will be in writing and will be delivered by personal delivery, electronic mail, facsimile transmission or by certified or registered mail, return receipt requested, and will be deemed given upon personal delivery, five (5) days after deposit in the mail, or upon acknowledgment of receipt of electronic transmission. Notices will be sent to the addresses set forth at the end of this Agreement or such other address as either Party may specify in writing. 18. Each Party acknowledges that software programs created by the other Party (the "Software") contain valuable confidential and proprietary information and that such software is Confidential Information and therefore subject to the confidentiality and non-disclosure provisions hereof. Further, each Party specifically agrees that it will not modify, reverse engineer, decompile, create other works from, or disassemble any Software or and that a breach thereof shall constitute a material breach of this Agreement. 19. This Agreement is the final, complete and exclusive agreement of the Parties with respect to the subject matters hereof and supersedes and merges all prior discussions between the Parties with respect to such matters. 20. This Agreement may be executed in two or more counterparts, each of which will be deemed an original, but all of which together will constitute one and the same instrument. Counterparts may be delivered via facsimile, electronic mail (including pdf or any electronic signature complying with the U.S. federal ESIGN Act of 2000, Uniform Electronic Transactions Act or other applicable law) or other transmission method and any counterpart so delivered will be deemed to have been duly and validly delivered and be valid and effective for all purposes. Exhibit C Service Description Document Citian will be deploying its CRASH™ (Crash Reduction through Analysis of Safety Hazards) software for ________________ . CRASH™ leverages machine learning, natural language processing, advanced data analytics, and decades of engineering know-how to help government clients meet traffic safety goals. CRASH™ has been fine-tuned to understand raw traffic crash report data and improve their quality and reliability using automated Artificial Intelligence/Machine Learning (AI/ML) algorithms. CRASH™ uses this foundation of quality crash data to produce instant analysis and data-driven decision support on safety programming at a network level as well as specific study locations. CRASH™ will include: • Real-Time Accurate Data: CRASH™ instantly audits and refines new crash reports with up to 98% accuracy • Complete Project Evaluation: Assess and share safety outcomes of new construction projects with instant before-and-after studies • Interactive Data Exploration: Pivot seamlessly between integrated search methods such as query, mapping, and reporting • User-Friendly Analysis and Summaries: Navigate live dashboards, AI-driven predictive analytical tools, and one-click, auto-generated reporting • Benchmarking and Goal Setting: Track key federal reporting measures and progress toward local and state policy goals such as HSIP and SHSP • Instant Audits and Alerts: Collaborate easily with up-to-date crash insights, temporal analysis, and alerts for high-priority outcomes • Data-Driven Decision Support: Guide programming recommendations using automatic HSM countermeasures, CMF benefit/cost reports, collision diagrams, and more • Full Environmental Data Immersion: Take a Complete Streets approach integrating diverse data, like equity analysis, ADA compliance, or lighting photometrics to provide context • Crash Query Tool Kit: Investigate crash patterns or locations in your jurisdiction with flexible queries considering all relevant safety and location data • Real-time, Digital Twin Geomapping: Gain immediate line-of-sight into historical and predictive crash patterns mapped directly onto the built environment Citian will be deploying its ADAPT™ (Accessibility Design, Assessment and Planning Tool) for [Account.Name]. Citian’s ADAPT software utilizes data analytics and machine learning to automatically identify accessibility assets and challenges as well as recommends cost-effective treatments to better budget and prioritize infrastructure remediation. This software will include: • Interactive and immersive digital-twin map of pedestrian assets with drill-down abilities and Complete Streets data layers for cross- factor relationships • In-field ADAPT Mobile web application with step-by-step instructions and automatic geolocational tagging to ensure up-to-date inventory of pedestrian assets • Comprehensive inventory of all assets within Pedestrian Access Route (PAR) • Proprietary algorithms to automate evaluation of asset compliance with local accessibility standards • Network wide compliance overview broken down by assets and/or administrative areas • Automatic investment recommendations for cost-efficient remedial actions • Custom priority system to focus on highest-urgency ADA compliance issues • Custom query tools to target compliance issues and groups of assets meeting specific attribute(s) criteria • Save, import, and export functionality for data (assets, cost estimates, plans) • Customizable low-code dashboards to create live-updated data summaries and focus areas • Instant cost estimation of required ADA upgrades for all filtered assets as well as for custom reporting areas – bus routes, intersections and corridors, and more • Top recommended corridors and bus routes to focus resources by total repair costs, ADA priority, and maximum benefit-cost ratio of the repairs • Customizable settings in low-code environment: construction unit costs, ADA priority levels, remedial construction bid items and actions, and more • Project plans include instant construction cost estimates and summary of quantities • Customizable user-based permissions • Full data activity logs for oversight and transparency • Public-facing dashboards as specified with custom levels of information sharing Exhibit D Statement of Work Citian’s CRASH™ (Crash Reduction through Analysis of Safety Hazards) software will serve ___________________ through the duration of this agreement adhering to Exhibit A and all features listed in Exhibit C. All services rendered for the execution of this software and all additional aspects of software delivery beyond the license agreement will be mutually agreed upon or as permitted by the license agreement. Scope Description: Citian will work directly with ________________ to deliver its CRASH software. Citian will work ________________ to schedule a Project Kickoff meeting, where Citian and ________________ will discuss the details of the project. Following the Project Kickoff Meeting, there will be a data exchange process, where Citian will work with the ________________ to tap into all crash data necessary to build the CRASH platform, as well as include other datasets the County wants to incorporate into the software. Citian will provide a comprehensive Base Data and Crash Data checklist, which the ________________ Project Managers may review and advise on as desired. Citian has experience accessing crash data through a variety of methods, including a secure established application programming interface (API) into current crash databases. Citian will utilize at least five years of previous crash data from the Customer to build the initial environment and train algorithms in data trends across the _______________. Citian will also work to incorporate other dynamic datasets, such as data on segments and intersections, Complete Streets context with locations of schools and transit stops; demographic datasets such as census demographics, jurisdictional breakdowns of the County; roadway conditions such as traffic enforcement cameras, and streetlights, to make the system holistic and robust. Additional data outside of the base data checklist that is of interest to The Customer may also be identified during this period. A Customizations and Localization Workshop will be scheduled within the first1-2 months, where Citian and participating planners, engineers, and GIS employees will meet to discuss desired customizations to the tool. Citian will incorporate these ideas before the final development and delivery of the tool. A majority of the coordination for this project may be handled via email, outside of the initial Project Kickoff Meeting and the Customizations and Localization Workshop. Citian Account/Project Managers are available for ad-hoc meetings with The Customer employees throughout the buildout period and duration of the subcontract if desired. Citian and the Customer will set an agreed-upon go-live date, targeting 2-3 months after Citian receives all of the necessary data to create the tool. The week of the go-live date, Citian will provide two days of in-person onboarding and training in the CRASH tool, if desired by the Customer. Training will consist of custom demonstrations, individual assistance, workflow training, and workshops. Unlimited users from the Customer will have access to the Customer CRASH environment. Onboarding may also be handled via virtual meetings if preferred. The 12-month contract term will commence upon system launch for the Customer. Following launch, Citian will provide ongoing support and continued account support for the life of the pilot. Targeted Schedule: Full buildout of the CRASH tool to be complete 2-3 months after Citian receive all data necessary (historical crash data, necessary base data layers). 43 Appendix B: Incident Response Plan Appendix B: Incident Response Plan 1 Citian Incident Response Plan 1. Purpose The purpose of this incident response plan (the “Plan”) is to guide and support the actions of Citian (together with its subsidiaries, “Citian”, “we”, and/or “us”) in the event of a Security Incident. For the purpose of this Plan, “Security Incident” means any actual or reasonably suspected breach of security leading to the accidental, unlawful, or unauthorized access to, or destruction, alteration, disclosure, misuse, loss of access to, or compromise of “Personal Information,” which means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a natural person. This Plan is intended to help Citian meet its Information Security Policy and comply promptly with its legal obligations and reduce the risk of a Security Incident that could cause serious harm to affected individuals and Citian’s reputation and finances. 2. Scope This Plan applies to all employees, temporary staff, contractors, and consultants (collectively, “Personnel”) at all locations and to all business operations involving or affecting all IT and communication systems owned or operated by or on behalf of Citian and to all platforms and all application systems (collectively, “Systems and Networks”). This Plan applies to all Security Incidents related to Citian information, whether in paper or electronic form. In addition, as a Security Incident can result in litigation and/or legal or regulatory proceedings, there should be an assessment of whether privilege should be asserted over the investigation. If a decision is made to conduct a privileged investigation of a Security Incident, then all internal written reports and communications about a Security Incident should be clearly identified with the notice: “Privileged & Confidential, Attorney-Client Privileged, Prepared at the Direction of Counsel/Attorney Work Product.” See Attachment B for a guide to establishing privilege. 3. Incident Response Team Citian has designated a team comprised of Personnel that are responsible for coordinating responses to Security Incidents (the “Incident Response Team”). The Incident Response Team consists of the individuals listed in Attachment A, with the noted roles and responsibilities. Incident Response Team members may take on additional roles during a Security Incident, as needed. Contact information for Incident Response Team members, including a primary and secondary email address, and office and mobile telephone numbers, will be maintained by the Incident Response Team and circulated to the entire team. The Incident Response Team will draw upon subject matter experts, additional Personnel, third-party consultants or other resources as needed, for the analysis, remediation, and recovery processes of an incident. Appendix B 2 In the event of an incident, a member of the Incident Response Team will be designated as the Incident Response Manager (IRM), who will take on the lead organizational and coordination roles of the Incident Response Team during an incident where the Incident Response Team is activated . 4. Detect and Report Security Incidents should immediately be reported via the security notification email (security@citiansolutions.com). The response begins when a Security Incident is reported to the Incident Response Team via the security notification email. From the initial reporter, the following information should be obtained: ● What is happening? ● When did it start? ● What caused you to notice this unusual activity and realize something suspicious was ongoing? ● What were you doing? ● Where are you (e.g., in the office or offsite)? ● Which Systems and Networks, including any software, programs, laptops, or products, appear to be affected? ● Where is the affected information or Systems and Networks located? (e.g., on-site, vendor, cloud service data center) ● Could this have a potential impact on Citian’s products or operations? ● What information is potentially involved (e.g. electronic or paper records)? ● Is Personal Information potentially involved? o Which individuals may be affected? o How many individuals are potentially affected? o Where do such individuals reside? ● Is this Security Incident related to any other Security Incidents (e.g., perpetrated by the same threat actor)? When escalation to the Incident Response Team is necessary, the Incident Response Team should be notified and will determine whether a Security Incident has occurred and what type of Security Incident has occurred. The Incident Response Team should actively monitor whether there are other similar calls or reports regarding the incident. The Incident Response Team must also immediately (no more than 24 hours after report) assess whether the Security Incident potentially implicates data relating to Notification to IT. Notification to members of Incident Response Team. Incident Response Team gathers details in coordination with IT. Incident Response Team, with Legal, updates the others, as needed. 3 proprietary or confidential information, financial information, personally identifiable information (PII), customer/supplier/vendor information, or other protected information, in which case the Incident Response Team should immediately escalate the Security Incident to Human Resources and other senior management and initiate this Plan. Relevant log files should be reviewed to identify the origin of the Security Incident and the type of Security Incident. The Incident Response Team should assess the health of Systems and Networks, as appropriate. Senior management will determine whether to engage outside counsel and advise on whether and how to conduct the assessment under attorney-client privilege. The Incident Response Team will also determine, either independently or with outside counsel, whether there are any immediate reporting obligations, either to a govermental authority or to an insurance provider, which must be resolved within the first 24-72 hours after the Security Incident. If the available information indicates that an unauthorized party gained access to or obtained personal data, it is possible that there are immediate reporting obligations. The Incident Response Team will determine whether a third-party computer forensics vendor should assist Citian in containing or investigating the Security Incident. If the Incident Response Team determines that a third-party computer forensics vendor should be engaged, through outside counsel if appropriate, they will retain the third-party vendor to conduct the investigation under privilege. The engagement letter should specify that the vendor will act at the direction of counsel for the purposes of conducting an investigation in anticipation of legal or regulatory proceedings. The Chief Technology Officer also will determine whether to report the Security Incident to a cyber insurer to seek coverage for the investigation and response to the Security Incident. 5. Contain The Incident Response Team will swiftly stop, contain, and control the Security Incident to prevent further compromise or impact to Personal Information, while preventing the loss of evidence, if practicable in the circumstances. If possible, the Incident Response Team will segregate the issue quickly through the use of remote tools to remediate or shutdown and quarantine end user computers. A third-party computer forensics vendor might also be able to assist with containment efforts (see above for instructions regarding retaining a third-party computer forensics vendor). In the event of a non-electronic Security Incident, for example, involving paper files, the Incident Response Team will take appropriate steps to contain and control the Security Incident, including immediately securing physical areas and changing locks and access codes and securing any available video monitoring or other tracking information, if available. In the event that an insider is reasonably suspected to be the cause or a contributing cause of the Security Incident, Human Resources should be consulted, as additional policies may apply. 4 6. Preserve Evidence The Incident Response Team will keep a record of the steps taken in response to the Security Incident (see Attachment C for a sample incident log), and will take care to: ● Preserve the confidentiality, integrity, and availability of systems and information; ● Preserve evidence, including through the use of a proper chain of custody; and ● Safeguard information related to the investigation (including that the investigation is occurring). When appropriate, a document preservation notice will be issued to preserve information relating to the Security Incident. Only outside legal counsel may declare a Security Incident to be a “data breach” as defined under applicable law. All other Personnel should take care to avoid characterizing any Security Incident as such without direct guidance. In addition, all Personnel aware of or involved in the response to the Security Incident should resist speculation and limit statements to those that can be substantiated at the time. 7. Fact Gathering The Incident Response Team will determine the cause, nature, and scope of the Security Incident. In some cases, due to mandatory notification timelines, it may be necessary to anticipate notification requirements before a threat has been fully contained and eradicated. The following information will be considered: ● The date, time, duration, and location of the Security Incident; ● How the Security Incident was discovered, by whom, and any other known details regarding method of intrusion, entry or exit points, paths taken, and whether information was deleted, modified, viewed, etc.; ● What Systems and Networks were affected; ● What type of information is stored on or accessible through those Systems and Networks; ● Whether Personal Information has been or could have been accessed or compromised; ● If Personal Information is involved, who the affected individuals are, where they reside, and, for each person or category of persons, what information has been affected or compromised; ● Whether there has been a loss of availability, confidentiality, or integrity of Systems and Networks, including disruption of availability of key Systems and Networks; ● The magnitude of files, records, documents, or devices affected or reasonably believed to have been affected; and ● Additional relevant factors. 8. Assess Statutory and Regulatory, and Compliance Implications Data breach notification laws differ in their criteria for when the facts in a Security Incident may trigger Citian’s public or individual notification obligations, what must be included in the notices provided, the individuals and entities that may need to be notified, when the notification(s) must 5 issue, and more. It is therefore important when responding to a Security Incident to review the requirements in all applicable jurisdictions in light of factual circumstances. Human Resources may consult outside counsel regarding potential obligations. Generally, the following key factors are necessary or beneficial to any legal analysis regarding which obligations may apply to a Security Incident: ● Residency of affected individuals: The laws of the jurisdiction in which an affected individual resides generally determine which law applies to a breach of Personal Information with respect to that individual. ● Type of Personal Information affected: Certain data breach notification laws, particularly in U.S. states and territories, only apply and require notifications for a defined set of Personal Information, including an individual’s first and last name with a social security number, driver’s license or state-issued identification card, or bank account number with an access code, among other specific types of Personal Information. The U.S. states of North Dakota and Washington include name with a date of birth as Personal Information that could trigger notification obligations. Further, the type of Personal Information affected can impact the risk of harm analysis discussed below. ● Nature of the Security Incident: Data breach notification laws frequently turn on unauthorized acquisition of Personal Information, which is roughly analogous to the exfiltration of data from Systems and Networks by an unauthorized person, or unauthorized access to Personal Information. Further, the nature of the Security Incident can impact the risk of harm analysis discussed below, as unauthorized access to Personal Information generally poses less of a risk of harm than unauthorized acquisition of Personal Information, and both of these Security Incidents generally pose less of a risk of harm than unauthorized publication of Personal Information. ● Risk of harm: Some data breach notification laws, including the General Data Protection Regulation (“GDPR”) in the EU and UK depend on a risk of harm analysis to determine whether notifications are required under applicable law. The risk of harm analysis may also affect who must be notified, as in the EU/UK pursuant to the GDPR. Citian will conduct such a risk of harm analysis when required by applicable law. ● Encryption and redaction: As part of a risk of harm analysis, applicable law may specify that a notification is not mandatory if the Personal Information affected was encrypted or redacted, and the means of deciphering such encrypted or redacted information was not compromised. In such cases, the hashing algorithm, salts, or other means of rendering the information undecipherable will be key factors in determining whether applicable law would require a notification. ● Contractual obligations: Citian may have entered into contracts with certain partners that may include notification requirements. If the Security Incident involves information that is governed by a contract, the Account Manager should review relevant contracts to evaluate any notification obligations. 9. Determine Required Notification Timing, Content and Method of Delivery 6 If required under applicable data breach notification laws, Citian will notify regulators, individuals, consumer reporting agencies, and others in compliance with applicable laws and regulations. Citian will abide by applicable laws and regulations regarding the timing, content, and method of delivery of required notifications. Outside legal counsel will: ● Determine the timeline for required notifications, which may be within 24 hours of the discovery of a breach (for online service providers in South Korea) or within 72 hours of the discovery of a breach (in the EU, UK, Turkey, Singapore, and other jurisdictions), or earlier, depending on applicable law. ● Analyze the mandatory and optional contents for any required notifications, as further described in Section 5, including whether Citian wishes to offer consumer protection services to potentially affected individuals, including identity and device monitoring services, identity theft insurance, brochures or other information regarding identity theft, or compensation for identity theft. ● Assess the required or permitted methods of delivery for such required notifications. For example, most regulators in the U.S., EU, UK, and Canada have authorized the submission of notifications by a form or webpage. However, not all fields may be required by law, and each should be carefully considered. Notifications to individuals may be permitted by email in some cases; in others, such as particularly large groups of affected individuals, “substitute notice” involving media publications may be permitted in lieu of specific, personal notice to such individuals. Outside legal counsel will consider the requirements of applicable law as well as legitimate business needs in advising Citian regarding a method of delivery for any required notifications. Citian may be required or wish to notify: ● Affected individuals, including users or employees; ● Business partners; ● Government agencies or regulators; ● Law enforcement; ● Media; and ● Domain hosting services or search engines, if information was posted on a public website The Incident Response Team also can consider whether voluntary notifications to individuals, business partners, law enforcement, search engines, or others may be appropriate in light of such factors as type of information affected by a Security Incident, mitigating factors, Citian’s reputational interests, and litigation and regulatory enforcement risk. See Attachment E for a guide on when and how to notify law enforcement. It is important that messages to any third parties or public statements by any and all Personnel are consistent and accurate. In some cases, it may be prudent to acknowledge that not all of the answers are known while an investigation is ongoing. All external communications should be reviewed. 7 10. Recover and Remediate Recovery involves restoring systems to normal operations and should only be undertaken after the Security Incident is contained and eradicated. Recovery actions may include rebuilding systems, replacing compromised information from backups, installing patches, changing passwords, and tightening security of Systems and Networks. The Incident Response Team will review the events and circumstances surrounding the Security Incident, as well as all actions taken by Citian and/or other parties. The Incident Response Team will identify and address gaps or vulnerabilities discovered as a result of the Security Incident, as appropriate. This review should cover applicable access controls and procedures, intrusion detection and monitoring solutions, and configurations, tools, and capabilities that can aid in future Security Incident response efforts. The Incident Response Team will review this Plan and other relevant policies and determine whether any changes are warranted in light of lessons learned in the Security Incident and implement as appropriate; and redistribute any updated documents to Personnel. 11. Annual Review Annually, members of the Incident Response Team receive a copy of the Plan and will review it. As needed, the Plan will be modified and approved by the Incident Response Team based upon any actual or potential Security Incidents that may have taken place, and significant developments in applicable law. 12. Effective Date This Incident Response Plan was effective as of February 15, 2024, and as updated below. 12. Revision History Date of Revision Revision Number Summary of Changes Revision made by Approved by 2/15/2024 1.0 Plan Initiation R. Westrom S. Houh 6/19/2025 1.1 Annual Policy Review R. Westrom S. Houh 8 ATTACHMENT A – INCIDENT RESPONSE TEAM Team Contact Name and Title Email Technology Jianwei Wang, CTO jianwei@citiansolutions.com Incident Response Manager Jeff Lee, VP Engineering jeff@citiansolutions.com Board and/or Senior Management Ryan Westrom, CSO ryan@citiansolutions.com Account Team Bar Asherov, Account Executive bar@citiansolutions.com HR Harlen Valenzuela, HR Director harlen@citiansolutions.com Others may be added to assist with the response to a specific Security Incident as needed, including outside counsel: Role Name Phone Number Email Outside Counsel Demian Ahn, WSGR 202-255-0937 dahn@wsgr.com Cyber Insurer CFC Underwriting Limited 844-677-4155 cyberclaims@cfc.com Core Team Roles 1. Technology a. Maintain proactive cybersecurity policies and procedures b. Discover and/or verify cyber incidents c. Notify Incident Response Team members of Security Incidents d. Coordinate computer forensic and technical remediation activities e. Apply corrective actions to technology infrastructure f. Operational impact and/or overall data exposure assessment 2. Incident Response Manager (IRM) a. Coordinate communications and activities of the Incident Response Team when it is activated 3. Senior Management and Board a. Financial impact and financial data exposure b. Final determination of SEC reporting obligations 4. Account Team a. Client relations b. External and internal communication 9 5. HR a. Communication to Personnel b. Employee data exposure issues 6. Legal a. Assess reporting obligations b. Provide advice on legal risk c. Lead and direct privileged investigations d. Take appropriate steps to assert appropriate privileges e. Make determinations about whether to inform law enforcement Optional Team Members 1. Vendors (conducting Security Incident monitoring and/or computer forensics) 2. Partners (if incident involves a teamed account) 3. Public relations vendor 4. Insurance provider 44 Appendix C: Disaster Recovery Plan Appendix C: Disaster Recovery Plan Disaster Recovery Plan Citian ____________________________________________________________________________ Purpose This policy establishes procedures to recover Citian following a disruption resulting from a disaster. This Disaster Recovery Policy focuses on technical system recovery and restoration. For business operations continuity, see the Business Continuity Policy. This Disaster Recovery Policy is maintained by the Citian Chief Technology Officer (CTO). The Incident Response Team will govern during the disaster recovery period. Background The following objectives have been established for this plan: • Maximize the effectiveness of contingency operations through an established plan that consists of the following phases: ◦Notification/Activation phase to detect and assess damage and to activate the plan. ◦Recovery phase to restore temporary operations and recover damage done to the original system. ◦Reconstitution phase to restore system processing capabilities to normal operations. • Identify the activities, resources, and procedures needed to carry out Citian processing requirements during prolonged interruptions to normal operations. • Identify and define the impact of interruptions to Citian systems. • Assign responsibilities to designated personnel and provide guidance for recovering Citian systems during prolonged periods of interruption to normal operations. • Ensure coordination with other Citian staff who will participate in the Disaster Recovery Planning strategies. • Ensure coordination with external points of contact and vendors who will participate in the Disaster Recovery Planning strategies. Policy Examples of the types of disasters that would initiate this plan are natural disasters, political disturbances, man-made disasters, external human threats, and internal malicious activities. Citian defines two categories of systems from a disaster recovery perspective: •Critical Systems. These systems host application servers and database servers or are required for functioning of systems that host application servers and database servers. These systems, if unavailable, affect the integrity of data and must be restored, or have a process begun to restore them, immediately upon becoming unavailable. •Non-critical Systems. These are all systems not considered critical by the definition above. These systems, while they may affect the performance and overall security of critical systems, do not prevent Critical systems from functioning and being accessed appropriately. These systems are restored at a lower priority than critical systems. Threat and Risk Assessment and Management There are many potential disruptive threats which can occur at any time and affect the normal business process. We have considered a wide range of potential threats and the results of our deliberations are included in this section. Each Appendix C potential environmental disaster or emergency situation has been examined. The focus here is on the level of business disruption which could arise from each type of disaster. The Citian IT Risk Assessment documents a full detailed assessment of threats. Testing and Maintenance The CTO shall establish criteria for validation/testing of a Disaster Recovery Plan, an annual test schedule, and ensure implementation of the test. This process will also serve as training for personnel involved in the plan's execution. At a minimum, the Disaster Recovery Plan shall be tested annually. The types of validation/testing exercises include tabletop and technical testing. Tabletop Testing The primary objective of the tabletop test is to ensure designated personnel are knowledgeable and capable of performing the notification/activation requirements and procedures as outlined in the Disaster Recovery Plan, in a timely manner. The exercises include, but are not limited to: •Testing to validate the ability to respond to a crisis in a coordinated, timely, and effective manner, by simulating the occurrence of a specific crisis. Technical Testing The primary objective of the technical test is to ensure the communication processes and data storage and recovery processes can function at an alternate site to perform the functions and capabilities of the system within the designated requirements. Technical testing shall include, but is not limited to: •Process from backup system at the alternate site •Restore system using backups •Switch compute and storage resources to alternate processing sites. Disaster Recovery Procedures Notification and Activation Phase This phase addresses the initial actions taken to detect and assess damage inflicted by a disruption to Citian. Based on the assessment of the Event, sometimes according to the Citian Incident Response Policy, the Disaster Recovery Plan may be activated by the CTO or an appointed deputy. Notification Sequence •The first responder is to notify the CTO. All known information must be relayed to the CTO or an appointed deputy. •The CTO is to contact the rest of the Incident Response Team and inform them of the event. The CTO is to begin assessment procedures. •The CTO is to notify team members and direct them to complete the assessment procedures outlined below to determine the extent of damage and estimated recovery time. If damage assessment cannot be performed locally because of unsafe conditions, the CTO is to follow the steps below. Damage Assessment •The CTO is to logically assess damage, gain insight into whether the infrastructure is salvageable, and begin to formulate a plan for recovery. Alternate Assessment •Upon notification, the CTO is to follow the procedures for damage assessment with combined DevOps and Web Services Teams. •The Citian Disaster Recovery Plan is to be activated if one or more of the following criteria are met: ◦Citian systems will be unavailable for more than 48 hours. ◦Hosting facility is damaged and will be unavailable for more than 24 hours. ◦Other criteria, as appropriate and as defined by Citian. •If the plan is to be activated, the CTO is to notify and inform team members of the details of the event and if relocation is required. •Upon notification from the CTO, group leaders and managers are to notify their respective teams. Team members are to be informed of all applicable information and prepared to respond and relocate if necessary. •The CTO is to notify the hosting facility partners that a contingency event has been declared and to ship the necessary materials (as determined by damage assessment) to the alternate site. •The CTO is to notify remaining personnel and executive leadership on the general status of the incident. •Notification can be delivered via message, email, or phone. Recovery Phase This section provides procedures for recovering the application at an alternate site, whereas other efforts are directed to repair damage to the original system and capabilities. The following procedures are for recovering the Citian infrastructure at the alternate site. Procedures are outlined per team required. Each procedure should be executed in the sequence it is presented to maintain efficient operations. Recovery Goal The goal is to rebuild Citian infrastructure to a production state. The tasks outlined below are not sequential and some can be run in parallel. 1.Contact Partners and Customers affected. 2.Assess damage to the environment. 3.Begin replication of new environment using automated and tested scripts. At this point it is determined whether to recover in Rackspace, AWS, GCP, Heroku, Azure, or another cloud environment. 4.Test new environment using pre-written tests. 5.Test logging, security, and alerting functionality. 6.Assure systems are appropriately patched and up to date. 7.Deploy environment to production. 8.Update DNS to new environment. Reconstitution Phase This section discusses activities necessary for restoring Citian operations at the original or new site. The goal is to restore full operations within 24 hours of a disaster or outage. When the hosted data center at the original or new site has been restored, Citian operations at the alternate site may be transitioned back. The goal is to provide a seamless transition of operations from the alternate site to the computer center. Original or New Site Restoration •Begin replication of new environment using automated and tested scripts (DevOps) •Test new environment using pre-written tests (Web Services) •Test logging, security, and alerting functionality (DevOps) •Deploy environment to production (Web Services) •Assure systems are appropriately patched and up-to-date (DevOps) Version Date Editor Approver Description of Changes Format 1.0 7/5/2024 R. Westrom H. Valenzuela Initial Policy •Update DNS to new environment (DevOps) Plan Deactivation If the Citian environment is moved back to the original site from the alternative site, all hardware used at the alternate site should be handled and disposed of according to Citian policy. Revision History 45 Appendix D: Business Continuity Plan Appendix D: Business Continuity Plan Business Continuity Plan Citian ____________________________________________________________________________ Purpose This policy establishes procedures to recover Citian following a disruption in conjunction with the Disaster Recovery Plan. Policy Citian policy requires that: • A plan and process for business continuity, including the backup and recovery of systems and data, must be defined and documented. • The Business Continuity Plan shall be simulated and tested at least once a year. Metrics shall be measured and identified recovery enhancements shall be filed to improve the process. • Security controls and requirements must be maintained at primary and alternate/backup sites during all Business Continuity Plan activities, and disruptions. Roles and Responsibilities This Policy is maintained by the Citian Chief Technology Officer. All executive leadership shall be informed of any and all contingency events. Line of Succession The following order of succession ensures that decision-making authority for the Citian Business Continuity Plan is uninterrupted. The CEO is responsible for ensuring the safety of personnel and the execution of procedures documented within this Plan. The Director of Engineering is responsible for the recovery of Citian technical environments. If the CEO or Director of Engineering is unable to function as the overall authority or chooses to delegate this responsibility to a successor, the Business Operations Lead shall function as that authority or choose an alternative delegate. Response Teams and Responsibilities The following teams have been developed and trained to respond to a contingency event affecting Citian infrastructure and systems. • HR & Facilities is responsible for ensuring the physical safety of all Citian personnel and environmental safety at each Citian physical location. The team members also include site leads at each Citian work site. The team leader is the Head of HR who reports to the CEO. • DevOps is responsible for assuring all applications, web services, platforms, and their supporting infrastructure in the Cloud. The team is also responsible for testing re-deployments and assessing damage to the environment. The team leader is the Head of Engineering. • Security is responsible for assessing and responding to all cybersecurity related incidents according to Citian Incident Response policy and procedures. The security team shall assist the above teams in recovery as needed in non-cybersecurity events. The team leader is the Security Officer. Appendix D Members of the above teams must maintain local copies of the contact information of the Business Continuity Plan succession team. Additionally, the team leads must maintain a local copy of this policy in the event Internet access is not available during a disaster scenario. Policy Operational Resilience Strategy Citian's strategies for operational resilience take a holistic approach to the company and its business process and are developed with consideration of acceptable limits regarding the company's risk appetite and tolerance. These strategies are developed through: •Risk assessment: to identify internal and external threats to the company's ability to conduct business particularly in the areas of technology, human resources, facilities, and third parties; •Vulnerability analysis: to identify weaknesses that could raise the level operational disruption risk; •Business impact analysis: (a) to define mission critical business processes, along with the technology, people and facilities that enable them; and, (b) to assess the potential effects on the company if those processes cannot be performed. Business Impact Analysis (BIA) The BIA will determine the criticality of business activities to ensure operational resilience and business continuity during and after a disruption. The BIA will help identify and prioritize system components by correlating them to the business processes that the system supports. It will allow for the characterization of the impact on the processes if the system becomes unavailable. The BIA has three steps: •Determine business processes and recovery criticality.Business processes supported by the system are identified and the impact of a system disruption to those processes is determined along with outage impacts and estimated downtime. The downtime should reflect the maximum that an organization can tolerate while still maintaining the mission. •Identify resource requirements.Realistic recovery efforts require a thorough evaluation of the resources required to resume mission/business processes and related interdependencies as quickly as possible. Examples of resources that should be identified include facilities, personnel, equipment, software, data files, system components, and vital records. •Identify recovery priorities for system resources.Based upon the results from the previous activities, system resources can more clearly be linked to critical mission/business processes. Priority levels can be established for sequencing recovery activities and resources. •See Appendix A for the BIA breakdown. Work Site Recovery In the event a Citian facility is not functioning due to a disaster, employees will work from home or locate to a secondary site with Internet access, until the physical recovery of the facility impacted is complete. Citian’s software development organization has the ability to work from any location with Internet access and does not require an office provided Internet connection. Application Service Event Recovery In the event of a service disruption, Citian will provide direct updates to customers by email or a similar channel in accordance with SLAs. Communications will include estimated time to restore service when such information is knowable.