The URL can be used to link to this page

Clubessential Holdings, LLC Updated Cyber 22-23INSURANCE REVIEW RE: Please list the Contracting Party / Vendor Name, type of agreement to be executed, including any change orders or amendments, and the type of services to be provided. Make sure to list any related Project No. and Project Name. Insurance certificates required per the Agreement: ACCORD Certificate dated 10-days prior or less _____________________________ enter ACCORD issue date Commercial General Liability Insurance: $1,000,000 per occurrence/$2,000,000 aggregate OR $2,000,000 per occurrence/$4,000,000 aggregate Additional Insured Endorsement naming City of La Quinta Primary and Non-Contributory Endorsement Automobile Liability: $1,000,000 combined single limit for bodily injury and property damage. Workers’ Compensation: Statutory Limits / Employer’s Liability $1,000,000 per accident or disease Workers’ Compensation Endorsement with Waiver of Subrogation Sole Proprietor Professional Liability (Errors and Omissions): Errors and Omissions Liability insurance with a limit of not less than $1,000,000 per claim Cyber Liability/Technology Errors and Omissions Liability Insurance: $1,000,000 per occurrence/loss Other: ________________________________________________________ List other insurance types such as – molestation, harassment, etc. Approved by: ________________________ Date: ________________________ SHOULD ANY OF THE ABOVE DESCRIBED POLICIES BE CANCELLED BEFORE THE EXPIRATION DATE THEREOF, NOTICE WILL BE DELIVERED IN ACCORDANCE WITH THE POLICY PROVISIONS. INSURER(S) AFFORDING COVERAGE INSURER F : INSURER E : INSURER D : INSURER C : INSURER B : INSURER A : NAIC # NAME:CONTACT (A/C, No):FAX E-MAILADDRESS: PRODUCER (A/C, No, Ext):PHONE INSURED REVISION NUMBER:CERTIFICATE NUMBER:COVERAGES IMPORTANT: If the certificate holder is an ADDITIONAL INSURED, the policy(ies) must have ADDITIONAL INSURED provisions or be endorsed. If SUBROGATION IS WAIVED, subject to the terms and conditions of the policy, certain policies may require an endorsement. A statement on this certificate does not confer rights to the certificate holder in lieu of such endorsement(s). THIS CERTIFICATE IS ISSUED AS A MATTER OF INFORMATION ONLY AND CONFERS NO RIGHTS UPON THE CERTIFICATE HOLDER. THIS CERTIFICATE DOES NOT AFFIRMATIVELY OR NEGATIVELY AMEND, EXTEND OR ALTER THE COVERAGE AFFORDED BY THE POLICIES BELOW. THIS CERTIFICATE OF INSURANCE DOES NOT CONSTITUTE A CONTRACT BETWEEN THE ISSUING INSURER(S), AUTHORIZED REPRESENTATIVE OR PRODUCER, AND THE CERTIFICATE HOLDER. OTHER: (Per accident) (Ea accident) $ $ N / A SUBR WVD ADDL INSD THIS IS TO CERTIFY THAT THE POLICIES OF INSURANCE LISTED BELOW HAVE BEEN ISSUED TO THE INSURED NAMED ABOVE FOR THE POLICY PERIOD INDICATED. NOTWITHSTANDING ANY REQUIREMENT, TERM OR CONDITION OF ANY CONTRACT OR OTHER DOCUMENT WITH RESPECT TO WHICH THIS CERTIFICATE MAY BE ISSUED OR MAY PERTAIN, THE INSURANCE AFFORDED BY THE POLICIES DESCRIBED HEREIN IS SUBJECT TO ALL THE TERMS, EXCLUSIONS AND CONDITIONS OF SUCH POLICIES. LIMITS SHOWN MAY HAVE BEEN REDUCED BY PAID CLAIMS. $ $ $ $PROPERTY DAMAGE BODILY INJURY (Per accident) BODILY INJURY (Per person) COMBINED SINGLE LIMIT AUTOS ONLY AUTOSAUTOS ONLY NON-OWNED SCHEDULEDOWNED ANY AUTO AUTOMOBILE LIABILITY Y / N WORKERS COMPENSATION AND EMPLOYERS' LIABILITY OFFICER/MEMBER EXCLUDED? (Mandatory in NH) DESCRIPTION OF OPERATIONS below If yes, describe under ANY PROPRIETOR/PARTNER/EXECUTIVE $ $ $ E.L. DISEASE - POLICY LIMIT E.L. DISEASE - EA EMPLOYEE E.L. EACH ACCIDENT EROTH-STATUTEPER LIMITS(MM/DD/YYYY)POLICY EXP(MM/DD/YYYY)POLICY EFFPOLICY NUMBERTYPE OF INSURANCELTRINSR DESCRIPTION OF OPERATIONS / LOCATIONS / VEHICLES (ACORD 101, Additional Remarks Schedule, may be attached if more space is required) EXCESS LIAB UMBRELLA LIAB $EACH OCCURRENCE $AGGREGATE $ OCCUR CLAIMS-MADE DED RETENTION $ $PRODUCTS - COMP/OP AGG $GENERAL AGGREGATE $PERSONAL & ADV INJURY $MED EXP (Any one person) $EACH OCCURRENCE DAMAGE TO RENTED $PREMISES (Ea occurrence) COMMERCIAL GENERAL LIABILITY CLAIMS-MADE OCCUR GEN'L AGGREGATE LIMIT APPLIES PER: POLICY PRO-JECT LOC CERTIFICATE OF LIABILITY INSURANCE DATE (MM/DD/YYYY) CANCELLATION AUTHORIZED REPRESENTATIVE ACORD 25 (2016/03) © 1988-2015 ACORD CORPORATION. All rights reserved. CERTIFICATE HOLDER The ACORD name and logo are registered marks of ACORD HIRED AUTOS ONLY 3/29/2022 Arthur J. Gallagher Risk Management Services, Inc. 201 E. 4th Street, Ste 625 Cincinnati OH 45202 Susan D. Masters, CIC 513-977-3139 513-977-4641 susan_masters-oh@ajg.com Continental Insurance Company 35289 CLUBLLC-01 Continental Casualty Company 20443Clubessential Holdings, LLC and all of its subsidiaries 4600 McAuley Place Ste 350 Cincinnati OH 45242-4765 Valley Forge Insurance Company 20508 Crum & Forster Specialty Insurance Co 44520 Indian Harbor Insurance Company 36940 568481790 C X 1,000,000 X 100,000 5,000 1,000,000 2,000,000 X X X Y N 6079684571 11/15/2021 11/15/2022 2,000,000 C 1,000,000 X X X Hired PhyDam N N 6079684568 11/15/2021 11/15/2022 Hired PhyDam 75,000 A X X 2,000,000607968460411/15/2021N 11/15/2022 2,000,000 X 10,000 A A XY6079684599 WC679684585 11/15/2021 11/15/2021 11/15/2022 11/15/2022 1,000,000 1,000,000 1,000,000 D B E Prof/Cyber-CM Crime-3rd Party Excess Prof/Cyber-CM TCM102448 652175238 MTE9044869 3/23/2022 11/15/2021 3/23/2022 3/23/2023 11/15/2022 3/23/2023 Ea Claim/Agg Ea Claim Ea Claim $5,000,000 $1,000,000 $5,000,000 Complete Named Insured: Clubessential Holdings LLC; CE Management Holdings, LLC; Clubessential, LLC; ClubReady, LLC; LEGP II Blocker(CR), Inc; ClubReady Canada Software ULC; GYM HQ, LLC; FitBPO Solutions, LLC; PrestoSports, LLC; RecTrac, LLC dba Vermont Systems; Immersion Media, Inc. dba ScoreShots; (eff 1/29/21) iKizmet, Inc; (eff 2/19/21) Golf Compete, Inc dba foreUP; (eff 5/25/21): Exerp Buy Co.; Exerp America Inc.; Exerp Holdings ApS; Exerp ApS; Exerp Asia-Pacific Pty Ltd; (9/14/21) SuperFanU, Inc OH Employers Defense Liability(Stop Gap): Policy# 6079684571 11/15/2021-11/15/2022 $1,000,000/$1,000,000/$1,000,000 CGL: CNA74872XX(01/15) CNA Technology Broadening Endorsement provides: See Attached... City of La Quinta 78-495 Calle Tampico La Quinta CA 92253 USA ACORD 101 (2008/01) The ACORD name and logo are registered marks of ACORD © 2008 ACORD CORPORATION. All rights reserved. THIS ADDITIONAL REMARKS FORM IS A SCHEDULE TO ACORD FORM, FORM NUMBER:FORM TITLE: ADDITIONAL REMARKS ADDITIONAL REMARKS SCHEDULE Page of AGENCY CUSTOMER ID: LOC #: AGENCY CARRIER NAIC CODE POLICY NUMBER NAMED INSURED EFFECTIVE DATE: CLUBLLC-01 1 1 Arthur J. Gallagher Risk Management Services, Inc.Clubessential Holdings, LLC and all of its subsidiaries 4600 McAuley Place Ste 350 Cincinnati OH 45242-4765 25 CERTIFICATE OF LIABILITY INSURANCE -Additional Insured by Contract, Agreement or Permit when required in a written contract with you; -Waiver of Subrogation when required in a written contract with you PKG: CNA62665XX(10/15) CNA Paramount Technology Broadening Endorsement provides: -Employee Dishonesty including ERISA $50,000 Ea Occ Limit/$2,500 Deductible As of 6/30/21-the only scheduled vehicle was deleted and previous Additional Insured/Waiver of Subrogation endorsements were replaced with CNA83700XX(10/2015) Extended Coverage-BA Plus-For Hired and Non-Owned Autos which provides the following: -Additional Insureds Required by Written Contracts -Employee-Hired Autos -Waiver of Subrogation -Primary and Non-Contributory When Required By Contract WC: WC000313(04/84) Blanket Waiver of Subrogation when required in a written contract with you where allowed by State law. WC: WC420304B(06/14) Texas Blanket Waiver of Subrogation when required in a written contract with you. Umbrella is follow form regarding underlying: CGL BA WC Prof/Cyber Retention: $100,000; Retro Active 3/23/11 Prof/Cyber: TCM-POL-001 (01/19) C&F TCM Technology E&O, Cyber and Multimedia Liability Insurance Policy coverage form: -pg 6 Automatic Additional Insured status when required by written contract with you; -pg 15 Automatic Waiver of Subrogation where required by written contract with you. Third Party Crime Deductible: $5,000 Excess Prof/Cyber: Underlying Limit $5,000,000; Underlying Retention $100,000; Retro Active 3/23/2020 The City of La Quinta is additional insured with regard to general liability on a primary and non-contributory basis where required by written contract. A workers' compensation waiver of subrogation applies in favor of the City of La Quinta. 11/15/2021 11/15/2021 11/15/2021 11/15/2021 11/15/2021 11/15/2021 11/15/2021 11/15/2021 11/15/2021 11/15/2021 11/15/2021 11/15/2021 11/15/2021 11/15/2021 11/15/2021 6079684599 11/15/2022 11/15/2021 11/15/2021 11/15/202111/15/2022 6079684599 TCM-POL-001 (01/19) Page 1 of 16 C&F TCM TECHNOLOGY E&O, CYBER AND MULTIMEDIA LIABILITY INSURANCE POLICY In consideration of the premium paid, the Insured’s compliance with the conditions of this Policy and subject to its terms (including all endorsements); and in reliance on the statements made in the Application and the information and documents provided to the Insurer by the Insured, all of which are made a part of this Policy, the Insurer agrees with the Insured as follows: I. INSURING AGREEMENTS Only those Insuring Agreements indicated in Item 3. of the Declarations as PURCHASED shall be applicable to the Insured’s coverage hereunder. If the Declarations do not indicate that a Coverage was purchased, that Coverage of this Policy has not been purchased by the Insured and no coverage shall apply for the corresponding Insuring Agreement(s). Coverage A: Technology E&O and Professional Liability The Insurer will pay on behalf of the Insured such Damages and Claims Expenses in excess of the Deductible that any Insured is legally obligated to pay because of a Claim first made against an Insured during the Policy Period because of a Technology/Professional Error that first takes place on or after the Retroactive Date provided that such Claim is reported to the Insurer in full compliance with the Notice Requirements. Coverage B: Cyber Liability The Insurer will pay on behalf of the Insured such Damages and Claims Expenses in excess of the Deductible that any Insured is legally obligated to pay because of a Claim first made against an Insured during the Policy Period because of a Cyber Event provided that such Claim is reported to the Insurer in full compliance with the Notice Requirements. Coverage C: Multimedia Liability The Insurer will pay on behalf of the Insured such Damages and Claims Expenses in excess of the Deductible that any Insured is legally obligated to pay because of a Claim first made against an Insured during the Policy Period for Multimedia Liability provided that such Claim is reported to the Insurer in full compliance with the Notice Requirements. Coverage D: Breach Costs The Insurer will reimburse the Named Insured for all Breach Costs in excess of the Deductible resulting from an actual or reasonably suspected Cyber Event that the Insured Entity first discovers during the Policy Period and that is reported to the Insurer in full compliance with the Notice Requirements. Provided that when the Named Insured agrees to utilize vendors nominated by the Crum & Forster Cyber Response Team shown in Item 11. of the Declarations, the Insurer shall pay on behalf of the Insured those Breach Costs set forth in the paragraph above applicable to such vendor nominated by the Crum & Forster Cyber Response Team. Coverage E: eCrime Loss The Insurer will indemnify the Named Insured for direct financial loss in excess of the Deductible resulting from an eCrime Event that the Insured Entity first discovers during the Policy Period and that is reported to the Insurer in full compliance with the Notice Requirements. Coverage F: First Party Loss The Insurer will indemnify the Named Insured for First Party Loss in excess of the Deductible resulting from a Cyber Event that the Insured Entity first discovers during the Policy Period and that is reported to the Insurer in full compliance with the Notice Requirements. TCM-POL-001 (01/19) Page 2 of 16 With respect to each Insuring Agreement stated above, the amount that the Insurer is obligated to pay is limited based on the applicable Limit of Liability as described in Section VI., Limits of Liability. In addition, in connection with any Cyber Event that results in Breach Costs or First Party Loss that exceeds the Deductible,the Insurer will also provide Supplemental Payments & Services which shall be part of, and not in addition to, the Aggregate Limit of Liability specified in Item 4. of the Declarations. II. DEFENSE AND SETTLEMENT OF CLAIMS A. Defense of Claims: The Insurer shall have the right and duty to defend, subject to all the provisions, terms and conditions of this Policy, any Claim made against an Insured seeking Damages which are payable under the terms of this Policy, even if any of the allegations of the Claim are groundless, false or fraudulent. Defense counsel shall be mutually agreed between the Named Insured and the Insurer, provided that in the absence of such agreement, the Insurer’s decision will be final. B. Settlement of Claims: The Insurer may not settle any Claim without the written authorization of the Named Insured. If the Named Insured refuses to consent to any settlement or compromise recommended by the Insurer and acceptable to the claimant and elects to contest the Claim , then the Insurer will have the right to withdraw from the further defense of such Claim and the Insurer’s liability for Damages and Claims Expenses shall not exceed: 1. the amount for which the Claim could have been settled, less the remaining Deductible, plus the Claims Expenses incurred up to the time of such refusal; plus 50% of any Claims Expenses incurred after the date such settlement or compromise was recommended to the Insured plus 50% of any Damages above the amount for which the Claim could have been settled. The remaining 50% of such Claims Expenses and Damages must be borne by the Insured at their own risk and uninsured; or 2. the applicable Limit of Liability, whichever is less. The Insured may settle any Claim where the Damages and Claims Expenses do not exceed the Deductible, provided that the entire Claim is resolved and the Insured obtains a full release on behalf of all the Insureds and the Insurer from all claimants. III. DEFINITIONS A.Breach Costs means the following reasonable and necessary expenses incurred by the Insured Entity with respect to a Cyber Event and with the prior written consent of the Insurer, provided that if services are recommended by the Crum & Forster Cyber Response Team shown in Item 11. of the Declarations, and the Named Insured agrees to utilize the applicable vendors nominated by the Crum & Forster Cyber Response Team, then prior consent of the Insurer shall not be required: 1. for an attorney to provide necessary legal advice to the Insured Entity to evaluate the Insured Entity’s legal obligations in connection with an actual or reasonably suspected Cyber Event; 2. for a computer security expert, or experts, to determine the existence, cause and scope of a Cyber Event as well as the costs to contain an ongoing Cyber Event, including the cost to retain a PCI Forensic Investigator if required by a written agreement between the Insured Entity and a financial institution, credit or debit card company, credit or debit card processor, merchant bank or any other entity offering or providing merchant card transaction processing or payment gateway services to the Insured Entity; 3. to notify individuals or entities whose Protected Information was potentially impacted by a Cyber Event. This shall include costs incurred by the Insured Entity to directly notify individuals on behalf of a third party that has the legal obligation to notify such individuals, provided that such third party agrees to allow the Insured Entity to notify such individuals on their behalf; 4. for a call center to respond to inquiries from individuals that the Insured Entity has notified because their Protected Information was potentially impacted by a Cyber Event; 5. to provide a credit monitoring or identity monitoring product to individuals that the Insured Entity has notified because their Protected Information was potentially impacted by a Cyber Event. Such credit monitoring or identity monitoring product will be provided for a period of 12 months unless the Insured Entity is required by law or regulation to provide such a credit monitoring or identity monitoring product for a longer period of time. TCM-POL-001 (01/19) Page 3 of 16 In that case, such credit monitoring or identity monitoring product will be provided for the period of time required by law or regulation; and 6. for public relations and crisis management costs directly related to mitigating harm to the Insured Entity which are approved in advance by the Insurer. B.Claim means a written demand for money, services, non-monetary relief or injunctive relief, including service of suit or arbitration proceedings made against any Insured. Only as respects Coverage B., Cyber Liability, Claim also means a request for information from, or civil proceeding against, the Insured Entity brought by a Regulatory Body directly arising from an Insured’s actual or alleged violation of any Privacy Law. Multiple Claims arising from the same or a series of related or repeated acts, errors or omissions, or from any continuing acts, errors or omissions, or from a series of related or repeated Technology/Professional Errors or Cyber Events, shall be considered a single Claim for the purposes of this Policy, regardless of the number of claimants or Insureds involved in the Claim. All such Claims shall be deemed to have been made at the time of the first such Claim . C.Claims Expenses means: 1. reasonable and necessary legal fees, costs and expenses directly resulting from the investigation, adjustment, settlement and/or defense of a Claim ; and 2. the premiums for appeal, attachment or similar bonds, but only for bond amounts within the applicable Limits of Liability. The Insurer does not have to furnish these bonds. Claims Expenses do not include: a. salaries, wages, fees, remuneration, overhead, benefits or expenses of an Insured; b.Damages, fines, penalties, fees, or taxes levied or assessed against an Insured; c. fees, costs, or expenses incurred by the Insured prior to the time that a Claim is made or which are paid or incurred without the Insurer’s prior written consent. These unilaterally incurred fees, costs or expenses will not be reimbursed by the Insurer and will not reduce any Deductible under the Policy; or d. the costs and expenses required to comply with any injunctive or other non-monetary, equitable, declaratory, regulatory or administrative relief, including but not limited to specific performance, or any agreement to provide such relief. D.Continuity Date means the date listed in Item 7. of the Declarations. E.Control Group means any principal, partner, corporate officer, director, general counsel (or most senior legal counsel) or risk manager of the Insured Entity and any individual in a substantially similar position. F.Cyber Event means: 1. a Cyber Extortion Threat; 2. an unintentional and unplanned interruption of any computer system; 3. a theft, loss or Unauthorized Disclosure of Protected Information that is in the care, custody or control of an Insured or a third party for whose theft, loss or Unauthorized Disclosure of Protected Information the Insured Entity is legally responsible for; 4. the storage, collection, use or disclosure of Protected Information by or on behalf of the Insured Entity that is in violation of a Privacy Law; 5. the failure to notify a third party of a theft, loss or Unauthorized Disclosure of Protected Information in violation of a Privacy Law; or 6. the access to, or the use of, a computer system by a person or organization that is not authorized to do so. G.Cyber Extortion Threat means a demand made against the Insured Entity for the payment of monies (including a digital currency), marketable goods or services in order to prevent or terminate the: 1. disclosure of Protected Information; 2. introduction of unauthorized, unwanted or harmful program, computer code or script into a computer system. An unwanted or harmful program, computer code or script includes a computer virus, Trojan horses, worms, time or logic bombs, spyware, malware, spiderware, or ransomware; 3. corruption, alerting, deletion or destruction of data or software stored on a computer system; TCM-POL-001 (01/19) Page 4 of 16 4. restriction or hindering of access to a computer system or to data stored on a computer system; 5. interruption or suspension of a computer system; or 6. electronic communication with the Insured Entity’s customers impersonating the Insured Entity in order to obtain Protected Information. H.Cyber Terrorism means any act directed against a computer system by an individual or group(s) of individuals, whether acting alone, on behalf of or in connection with any organization(s) or government(s), to cause unauthorized access to, unauthorized use of, or a targeted denial of service attack or transmission of unauthorized, corrupting or harmful software code to a computer system for the purpose of furthering social, ideological, religious, economic or political objectives, intimidating or coercing a government or the civilian population thereof, or disrupting any segment of the economy that is not accompanied by, directly associated with or coordinated with armed conflict or the use of physical force. I.Damages means a monetary judgment, award or settlement including prejudgment and post-judgment interest, and punitive damages, exemplary damages or any damages which are a multiple of compensatory damages (if insurable under the applicable law most favorable to the insurability of punitive, exemplary or multiple damages), which the Insured becomes legally obligated to pay as the direct result of a covered Claim . Solely with respect to Coverage B., Cyber Liability, Damages also include: 1. civil fines or penalties levied upon an Insured by a Regulatory Body, provided that this does not include amounts for matters uninsurable under the law; 2. any fine, penalty, reimbursement, fraud recovery, or assessment imposed upon or owed by an Insured under the terms of a written agreement between the Insured Entity and a financial institution, credit or debit card company, credit or debit card processor, merchant bank or any other entity offering or providing merchant card transaction processing or payment gateway services to the Insured Entity; provided that this does not include any charge back amounts, interchange fees, discount fees, or other prospective fees owed under such an agreement; and 3. up to $2,500 for the costs and expenses of complying with any injunctive or other non-monetary relief. As respects all coverage parts under this Policy, Damages do not include: a. any amount for which the Insured is not liable or is not legally obligated to pay; b. except as noted in paragraph 1. and 2. above, any fines or monetary penalties or multiples thereof; c. taxes or the loss of tax benefits; d. liquidated damages, but only to the extent that such damages exceed the amount for which the Insured would have been liable in the absence of such liquidated damages agreement; e. matters uninsurable under the laws applicable to this Policy; f. past, present and future earned and unearned royalties, profits, fees, costs, expenses, commissions, and profits unlawfully or unjustly held or obtained including, but not limited to, the return, offset, disgorgement or restitution of such royalties, profits, fees, costs, expenses, commissions, and profits unlawfully or unjustly held or obtained; g. except as noted in paragraph 3. above, the costs and expenses of complying with any injunctive or other non-monetary equitable, declaratory, regulatory or administrative relief including, but not limited to, specific performance, or any agreement to provide such relief; h. costs incurred by an Insured to correct, re-perform or complete any Professional Services or Technology Services;and i. discounts, prizes, awards, coupons or other incentives offered to the Insured’s clients or customers. J. Deductible means the amount listed in Item 5. of the Declarations and described in Section VII. of this Policy. K.Dependent Systems Event means the unintentional and unplanned interruption of computers or associated hardware, software, or firmware, including network devices and backup components owned, leased, operated or controlled by a third party that provides services or products to the Insured Entity pursuant to a written contract. L.eCrime Event means: 1. the loss of the Insured Entity’s money or securities that results solely from a wrongful transfer, payment or delivery of such money or securities by an Insured as a sole result of fraudulent electronic or telephone instructions provided by a third party, that is intended to mislead the Insured through the misrepresentation of TCM-POL-001 (01/19) Page 5 of 16 a material fact which is relied upon in good faith by such Insured, including such loss resulting from business e-mail compromise, social engineering, spear-phishing and e-mail spoofing; 2. the loss of money or securities from an account at a financial institution resulting solely from fraudulent electronic or telephone instructions issued by a third party to a financial institution directing such institution to transfer, pay or deliver money or securities from any account maintained by the Insured Entity at such institution, without the Insured Entity's knowledge or consent; or 3. the act of a third party gaining access to and using the Insured Entity’s telephone system in an unauthorized manner. eCrime Event does not include: a. any loss arising, directly or indirectly from an Insured’s acceptance, deposit or handling of: i. counterfeit currency or bank drafts; ii. a bank draft, check or other financial instrument returned due to insufficient funds; iii. counterfeit securities, bonds or other financial instruments; or iv. counterfeit goods of any kind, including, but not limited to, loss arising from a transfer of money by an Insured to a third party associated with an Insured’s acceptance, deposit or handling of such items; b. any loss arising, directly or indirectly, from loan fraud, mortgage fraud or accounting fraud including, but not limited to, check kiting, money laundering or fraudulent loan schemes. This includes loss arising from a transfer of money by an Insured to a third party associated with any such fraud; c. any actual or alleged use of credit, debit, charge, access, convenience, customer identification or other cards; d. any transfer involving a third party who is not a natural person Insured, but had authorized access to the Insured’s authentication mechanism; e. the processing of, or the failure to process, credit, check, debit, electronic benefit transfers or mobile payments for merchant accounts; f. any accounting or arithmetical errors or omissions, or the failure, malfunction, inadequacy or illegitimacy of any product or service; or g. any fraudulent, dishonest or criminal act committed by any natural person Insured. M.First Party Loss means the value of monies (including money in the form of a digital currency), marketable goods or services paid or delivered under duress by or on behalf of the Insured Entity,with the Insurer’s prior written consent, solely for the purpose of terminating a Cyber Extortion Threat. If the Declarations indicates that the Insured has purchased “Extended” First Party Loss coverage, then First Party Loss also means: 1. the reasonable and necessary costs charged by a vendor designated or approved in writing by the Insurer to restore, replace or recreate software or electronic data to its condition immediately prior to the Cyber Event but only for such costs that are as a direct result of the Cyber Event; 2. the reasonable and necessary expenses incurred by the Insured Entity during the Indemnity Period to continue or maintain normal operations that are over and above those expenses the Insured Entity would have incurred had no Cyber Event occurred; 3. the net profit or loss without interest and before tax that the Insured Entity would have earned or incurred during the Indemnity Period due to the actual interruption or impairment of the Insured Entity’s business operations as a direct result of the Cyber Event, plus the continuing normal operating expenses incurred by the Insured Entity during the Indemnity Period (including payroll), but only to the extent that such operating expenses must necessarily continue during the Indemnity Period; and 4. the cost to repair or replace computer hardware or equipment that is damaged or impaired and must be replaced. First Party Loss does not include, except as described in Section V.,Supplemental Payments & Services,any costs attributed to an upgrade or improvement of electronic data, software or computer systems beyond what existed prior to the Cyber Event unless such upgrade or improvement is reasonable because of improvements in the available technology. N.Indemnity Period means the period of time that begins after the elapse of the Waiting Period indicated in Item 8. of the Declarations and ends 60 days after the time when the Insured Entity could have resumed normal TCM-POL-001 (01/19) Page 6 of 16 operations with the exercise of due diligence and dispatch, not limited by the expiration date of this Policy. Despite any other provisions in this Policy, the maximum Indemnity Period is 180 days. O.Insured means: 1. the Named Insured, each Subsidiary and each Newly Acquired Entity; 2. any past or present employee (including a part time, temporary, leased or season employee), principals, partners, executive officers or directors of an Insured Entity but only while acting within the scope of their duties as such; 3. any past or present natural person independent contractor who performs labor or service for the Insured Entity pursuant to a written contract or agreement, where such labor or service is under the exclusive direction of the Insured Entity, but only while acting in the scope of their duties as such and in the performance of labor or service to the Insured Entity. The status of an individual as an independent contractor shall be determined as of the date of an alleged act, error or omission by any such independent contractor; 4. any spouse or the legally recognized domestic partner (whether by state or federal law) of any person otherwise qualifying as an Insured, but solely with respect to their status as such; 5. in the event of death, incapacity, bankruptcy or insolvency of any Insured, such Insured’s heirs, estate, executors, administrators and legal representative in his or her capacity as such, but only with respect to matters for which the Insured otherwise would have been entitled to coverage under this Policy; and 6. only as respects Coverage A., Technology E&O and Professional Liability, Coverage B., Cyber Liability and Coverage C., Multimedia Liability, any person or entity that the Insured Entity has agreed in writing to add as an additional insured under this Policy prior to the commission of any act for which such person or entity would be provided coverage under this Policy, but only for the vicarious liability of such additional insured for the wrongful acts of an Insured. P.Insured Entity means the Named Insured, each Subsidiary and each Newly Acquired Entity. Q.Insurer means the insurance company listed in the Declarations. R.Loss means Breach Costs,First Party Loss, financial loss from an eCrime Event,Damages and Claims Expenses. S.Multimedia Liability means one or more of the following acts committed by, or on behalf of, the Insured Entity in the course of creating, displaying, broadcasting, publishing, disseminating or releasing Multimedia Material to the public: 1. defamation, libel, slander, product disparagement, trade libel, infliction of emotional distress, outrage, outrageous conduct, or other tort related to disparagement or harm to the reputation or character of any person or organization; 2. a violation of the rights of privacy of an individual, including false light, intrusion upon seclusion and public disclosure of private facts; 3. invasion or interference with an individual’s right of publicity, including commercial appropriation of name, persona, voice or likeness; 4. plagiarism, piracy, or misappropriation of ideas under implied contract; 5. infringement of copyright; 6. infringement of domain name, trademark, trade name, trade dress, logo, title, metatag, or slogan, service mark or service name; 7. improper deep-linking or framing; 8. negligent publication of content; or 9. unfair competition, if alleged in conjunction with any of the acts listed in paragraphs 5. or 6. above. T.Multimedia Material means the content of material published or broadcast by, or on behalf of, the Insured Entity , including any information, words, sounds, numbers, images or graphics included in such content, but will not include computer software or the actual goods, products or services described, illustrated or displayed in such content. U.Named Insured means the entity, individual, partnership or corporation shown in Item 1. of the Declarations. TCM-POL-001 (01/19) Page 7 of 16 V.Newly Acquired Entity means any entity formed or acquired by the Named Insured during the Policy Period and in which the Named Insured has more than 50% of the legal or beneficial interest, provided that if the trailing 12 month revenues for such entity exceed 15% of the Named Insured's annual revenues for the same trailing 12 month period, then only if all of the following conditions are met: 1. within 90 days of the formation of a Newly Acquired Entity, the Named Insured notifies the Insurer in writing of the details of such merger, acquisition, or newly created joint venture or partnership; 2. the Named Insured agrees to any changes in terms and conditions of this Policy related to the Newly Acquired Entity including, but not limited to, the payment of additional premium, if any, charged by the Insurer; and 3. the Insurer has issued a written endorsement specifically noting the addition of the Newly Acquired Entity as a covered Insured under this Policy. W.Notice Requirements means the requirements described in Section VIII. of this Policy. X.Policy Period means the length of time between the effective date shown in Item 2. of the Declarations and the earlier of: 1. the expiration date shown in Item 2. of the Declarations; or 2. the cancellation date of this Policy. Y.Privacy Law means a federal, state or foreign statute or regulation: 1. requiring the Insured Entity to protect the confidentiality or security of Protected Information; 2. requiring notice to a person or organization whose Protected Information was accessed or reasonably may have been accessed by an unauthorized person; or 3. governing the collection, use or storage of Protected Information by the Insured Entity. Z.Professional Services means professional services performed for others by or on behalf of the Insured Entity for a fee or other consideration, but does not include Technology Services, any services involving the creation, development, sale, distribution, installation, licensing or manufacturing of Technology Products, or work or activities performed by or on behalf of the Insured Entity or for the Insured Entity as an accountant, actuary, attorney, architect, surveyor, health care provider, lawyer, insurance or real estate agent or broker, or civil or structural engineer. AA.Protected Information means the following information that an Insured has a legal obligation to safeguard, protect or maintain in confidence: 1. non-public individually identifiable information as defined by any federal, state, local or foreign statute, rule or regulation; 2. an individual’s social security number, taxpayer identification number, unpublished telephone number, driver’s license number, state identification number, passport number, financial account number, credit card number, debit card number or the magnetic strip information from a credit or debit card; and 3. any trade secret, data, design, interpretation, forecast, formula, method, record, report or other item of information of a third party that is not available to the general public. BB.Regulatory Body means any federal, state, local or foreign governmental entity in such entity’s regulatory or official capacity. CC.Retroactive Date means the date listed in Item 6. of the Declarations. DD.Subsidiary means any entity in which the Named Insured as of the effective date of the Policy, either: 1. directly or indirectly owns more than 50% of the issued and outstanding voting equity securities; or 2. controls voting rights representing the present right to vote for election or to appoint more than 50% of the directors or trustees. EE.Supplemental Payments & Services means the amounts described in Section V. of this Policy. TCM-POL-001 (01/19) Page 8 of 16 FF.Technology/Professional Error means: 1. a negligent act, error, omission, misstatement, misleading statement or misrepresentation in rendering or failure to render Professional Services or Technology Services; 2. a negligent act, error, omission, misstatement, misleading statement or misrepresentation that results in a failure of Technology Products to perform the function or serve the purpose intended; 3. an unintentional breach of a contractual obligation to perform Professional Services or Technology Services, or to deliver Technology Products; or 4. an unintentional infringement of copyright committed by the Insured Entity with respect to software Technology Products. GG.Technology Products means any computer or telecommunications hardware or software product, or related electronic product, including software updates, service packs and other maintenance releases provided for such products, that is: 1. created, manufactured or developed by the Insured Entity for others in exchange for a fee or other consideration; or 2. distributed, licensed, leased or sold by the Insured Entity to others in exchange for a fee or other consideration. HH.Technology Services means any of the following services performed by or on behalf of the Insured Entity for others for a fee or other consideration: 1. computer information technology, Internet, network or website analysis, development, programming, installation, integration, networking, hosting, processing, management, operations, data security, maintenance, repair, optimization, support, or training; 2. providing, collecting, recording, caching, compiling, mining, analyzing, storing, hosting, processing, securing, backup, wiping, or destroying software or data; 3. telecommunications services, including Internet, voice, video, web, email, text, data, or broadband services, any call center or customer service support related to such telecommunications services; 4. any services similar to those services described in paragraphs 1-3 above; or 5. any other information technology-related services provided in conjunction with Technology Products. II.Unauthorized Disclosure means the disclosure (including disclosure resulting from phishing) of or access to information in a manner that is not authorized by the Insured Entity and is without knowledge, consent or acquiescence of any member of the Control Group. JJ. Waiting Period means the period starting upon the actual interruption or impairment of the Insured Entity’s business operations caused by a Cyber Event and ending after the number of hours specified in Item 8. of the Declarations. IV. EXCLUSIONS The Insurer shall not be liable to defend, pay, indemnify or reimburse the Insured with respect to any Claim or Loss based upon, resulting from, arising out of, in consequence of, or in any way connected with or involving, directly or indirectly: A. the actual or alleged distribution of unsolicited email, text messages, direct mail, facsimiles or other communications (including, but not limited to, any actual or alleged violation of the Telephone Consumer Protection Act of 1991 or the CAN-SPAM Act of 2003), wire tapping, audio or video recording, or telemarketing, if such distribution, wire tapping, recording or telemarketing is done by or on behalf of an Insured;however this exclusion will not apply to Claims Expenses incurred in defending the Insured against allegations of unlawful audio or video recording; B. any act, error, omission, incident or event committed or occurring prior to the effective date of this Policy if any member of the Control Group on or before the Continuity Date knew or could have reasonably foreseen that such act, error or omission, incident or event might be expected to be the basis of a Claim or Loss; C. any Claim ,Loss, incident or circumstance for which notice has been provided under any prior policy of which this Policy is a renewal or replacement; TCM-POL-001 (01/19) Page 9 of 16 D. any criminal, dishonest, fraudulent, or malicious act or omission, or intentional or knowing violation of the law, if committed by an Insured, or committed by others if an Insured colluded or participated in any such conduct or activity; but this exclusion will not apply to: 1.Claims Expenses incurred in defending any Claim alleging the foregoing until there is a final non-appealable adjudication establishing such conduct, at which time the Named Insured shall reimburse the Insurer for all Claims Expenses incurred defending such Claim ; 2. any natural person Insured, if such Insured did not personally commit, participate in or know about any act, error, omission, incident or event giving rise to such Claim or Loss; and 3. the Insured Entity, provided that no member of the Control Group personally committed, participated in or knew about any act, error, omission, incident or event giving rise to such Claim or Loss; E. any actual or alleged infringement, misuse or abuse of patent or patent rights; F. solely with respect to Coverage B., Cyber Liability, any actual or alleged infringement, use, misappropriation or disclosure of any intellectual property, including but not limited to trade secret misappropriation, copyright infringement, trademark infringement, trademark dilution or trade dress infringement; but this exclusion will not apply to any Claim or Loss resulting from a theft, use or disclosure of Protected Information by a person who is not a past, present or future employee, director, officer, partner or independent contractor of an Insured and without the knowledge, consent or acquiescence of any member of the Control Group; G. any actual or alleged use or misappropriation of any ideas or trade secrets by, or on behalf of, an Insured, or by any other person or entity if such use or misappropriation is done with the knowledge, consent or acquiescence of any member of the Control Group; H. a Claim made by or on behalf of: 1. any Insured; but this exclusion will not apply to a Claim made by an individual that is not a member of the Control Group under Coverage B., Cyber Liability, or a Claim made by any person or entity that the Insured Entity has agreed in writing to add as an additional insured under this Policy; or 2. any business enterprise in which an Insured has greater than 15% ownership interest or made by any parent company or other entity which owns more than 15% of an Insured Entity; I. any loss, transfer or theft of monies, securities or tangible property of the Insured or others in the care, custody or control of an Insured, but this exclusion will not apply to coverage under Coverage E., eCrime Loss; J. nuclear reaction, nuclear radiation, radioactive contamination, radioactive substance, electromagnetic field, electromagnetic radiation, or electromagnetism; K. war, invasion, acts of foreign enemies, hostilities (whether or not war is declared), rebellion, revolution, insurrection, war-like action, coup, usurped powers or military power; but this exclusion will not apply to Cyber Terrorism; L. any economic or trade sanction imposed by the United States including, but not limited to, sanctions administered and enforced by The United States Treasury Department’s Office of Foreign Assets Control (“OFAC”); M. any presence, discharge, dispersal, release or escape of smoke, vapors, soot, fumes, acids, alkalis, toxic chemicals, liquids or gases, oil or other petroleum substances or derivatives, waste materials or other irritants, contaminants, pollutants or any other substances including, but not limited to, asbestos, fungus, mold and lead, which are or may be injurious to public health, property or the environment (“hazardous substances”) or the cost to: 1. clean up or removal of hazardous substances; 2. monitor, assess or evaluate, the presence, discharge, dispersal, escape, release, or threat of same, of hazardous substances; 3. dispose of hazardous substances or take such other action as may be necessary to temporarily or permanently prevent, minimize, or mitigate damage to the public health or welfare or to property or the environment, which may otherwise result; or TCM-POL-001 (01/19) Page 10 of 16 4. directly or indirectly respond to or address any government direction or request that the Insured test for, monitor, clean up, remove, contain, treat, detoxify or neutralize hazardous substances; N. any actual or alleged violation of the federal Fair Debt Collection Practices Act (FDCPA); O. any employment or labor relations policies, practices, acts or omissions, or any actual or alleged refusal to employ any person, or misconduct with respect to employees, whether such Claim is brought by an employee, former employee, applicant for employment, or relative or domestic partner of such person; provided, that this exclusion shall not apply to Coverage B., Cyber Liability, as respects an otherwise covered Claim by a current or former employee of the Insured Entity for Damages arising strictly from a Cyber Event; P. solely with respect to Coverage A., Technology E&O and Professional Liability: 1. any Technology/Professional Error committed or occurring prior to the Retroactive Date; 2. any liability assumed in any hold harmless or indemnity agreement other than a hold harmless or indemnity agreement with respect to intellectual property rights or breaches of the confidentiality of information of any third party; 3. the actual or alleged inaccurate, inadequate or incomplete description of the price of goods, products or services, cost guarantees, cost representations, contract price estimates, or the failure of any goods or services to conform with any represented quality or performance; 4. any gambling, contest, lottery, promotional game or other game of chance; 5. any breach of any express warranty or representation, except for an agreement to perform within a reasonable standard of care or skill consistent with applicable industry standards, or breach of any other contractual obligation which goes beyond an express or implied duty to exercise a degree of care or skill consistent with applicable industry standards; 6. any breach of guarantee, promises of cost savings, profits or return on investment; 7. delay in delivery or performance, or failure to deliver or perform at or within an agreed upon period of time, but this exclusion shall not apply if such delay or failure to deliver or perform is a consequence of a negligent act, error or omission committed during the course of providing Professional Services or Technology Services if the Insured has made diligent efforts to deliver or perform such Professional Services or Technology Services; 8. any costs or expenses incurred or to be incurred by an Insured or others for the withdrawal, recall, inspection, repair, replacement, reproduction, removal or disposal of: (a) Technology Products including, but not limited to, any products or other property of others that incorporate Technology Products; (b) work product resulting from or incorporating the results of Professional Services or Technology Services; or (c) any products or other property on which Professional Services or Technology Services have been performed; 9. any Claim covered under the terms of a commercial general liability insurance policy maintained by the Insured Entity, provided that this shall not apply to Damages or Claims Expenses in excess of the limits of liability of any such insurance policy; or 10. any actual or alleged deceptive trade practices, unfair trade practices, violation of consumer protection laws, antitrust violation, restraint of trade, unfair competition, false advertising, deceptive advertising, misleading advertising or violation of the Sherman Antitrust Act, the Clayton Act or the Robinson-Patman Act, as amended; Q. solely with respect to Coverages B., Cyber Liability, and C., Multimedia Liability: 1. any actual or alleged violation from the failure to properly truncate credit, debit or payment card information on receipts or statements as required by the Fair and Accurate Credit Transactions Act of 2003 (FACTA); 2. any Claim covered under the terms of a commercial general liability insurance policy, or an employment practices liability insurance policy maintained by the Insured Entity, provided that this shall not apply to Damages or Claims Expenses in excess of the limits of liability of any such insurance policy; and 3. the ownership, sale or purchase of, or the offer to sell or purchase stock or other securities, or an actual or alleged violation of a securities law or regulation; R. solely with respect to Coverage C., Multimedia Liability, any: 1. contractual liability or obligation; but this exclusion will not apply to a Claim for misappropriation of ideas under implied contract; 2. actual or alleged obligation to make licensing fee or royalty payments; TCM-POL-001 (01/19) Page 11 of 16 3. costs or expenses incurred or to be incurred by the Insured or others for the reprinting, reposting, recall, removal or disposal of any Multimedia Material or any other information, content or media including, but not limited to, any media or products containing such Multimedia Material, information, content or media; 4.Claim brought by or on behalf of any intellectual property licensing bodies or organizations; 5. actual or alleged inaccurate, inadequate or incomplete description of the price of goods, products or services, cost guarantees, cost representations, contract price estimates, false advertising or the failure of any goods or services to conform with any represented quality or performance; 6. gambling, contest, lottery, promotional game or other game of chance; or 7.Claim made by or on behalf of any independent contractor, joint venturer or venture partner arising out of or resulting from disputes over ownership of rights in Multimedia Material or services provided by such independent contractor, joint venturer or venture partner; S. solely with respect to Coverage E., eCrime Loss: any loss covered under the terms of a commercial crime insurance policy maintained by the Insured Entity, provided that this shall not apply to direct financial loss in excess of the limits of liability of any such insurance policy. T. solely with respect to Coverage F., First Party Loss, any First Party Loss: 1. arising from the seizure, nationalization, confiscation, or destruction of property or data by order of any governmental or public authority; 2. arising from fire, flood, earthquake, volcanic eruption, explosion, lighting, wind, hail, damage by water, landslide, act of God or any other physical event; 3. for additional costs to update, replace, restore, assemble, reproduce, recollect or enhance data or computer systems to a level beyond that which existed prior to a Cyber Event, except as covered under Section V., Supplemental Payments & Services; 4. arising from any failure or malfunction of satellites or of power, utility, mechanical or telecommunications (including, but not limited to, the internet) infrastructure or services that are not under the Insured Entity’s direct operational control; or 5. covered under the terms of a property insurance policy providing coverage for risks of direct physical loss to property maintained by the Insured Entity, provided that this shall not apply to First Party Loss in excess of the limits of liability of any such insurance policy; V. SUPPLEMENTAL PAYMENTS & SERVICES In addition to the amounts described in Section I., Insuring Agreements, of this Policy, in the event of an actual Cyber Event that results in Breach Costs or First Party Loss that exceeds the Deductible,the Insurer shall also pay the following costs but only to reasonably and significantly reduce the possibility of a similar Cyber Event from occurring in the future: A. up to $10,000 for a third party consultant recommended by the Insurer to provide ongoing assistance to the Insured Entity to improve and upgrade computer security; and B. up to $5,000 for the purchase of computer equipment or computer software recommended by such third party consultant recommended by the Insurer. Such payments shall be part of, and not in addition to, the Aggregate Limit of Liability specified in Item 4. of the Declarations. VI. LIMITS OF LIABILITY A. The Aggregate Limit of Liability specified in Item 4. of the Declarations is the most the Insurer will pay for all Loss under this Policy. Once the Aggregate Limit of Liability has been exhausted, the Insurer shall have no further duty to defend the Insured for any Claim which may otherwise be covered by this Policy. B. The eCrime Loss Sublimit of Liability specified in Item 4. of the Declarations is the maximum amount the Insurer is obligated to pay in the aggregate for direct financial loss arising from an eCrime Event. The eCrime Loss Sublimit of Liability shall be part of, and not in addition to the Aggregate Limit of Liability. C. The Dependent Business Sublimit of Liability specified in Item 4. of the Declarations is the maximum amount the Insurer is obligated to pay in the aggregate for First Party Loss arising from a Dependent Systems Event.The TCM-POL-001 (01/19) Page 12 of 16 Dependent Business Sublimit of Liability shall be part of, and not in addition to the Aggregate Limit of Liability. D. The Aggregate Limit of Liability specified in Item 4. of the Declarations is the maximum the Insurer will pay regardless of the number of Insureds, individuals or organizations that make a Claim, the number of Claims made, the number of incidents, or the number of Dependent System Events,Cyber Events,eCrime Events, Supplemental Payments & Services or actual or alleged wrongful acts VII. DEDUCTIBLE The Deductible, as shown in Item 5. of the Declarations, applies separately to each act, incident or event giving rise to Breach Costs,Claims Expenses,Damages, direct financial loss or First Party Loss under Coverages A., B., C., D., E. and F., provided however, that multiple incidents or events arising from the same or a series of related or repeated acts or from any continuing acts, shall be considered a single incident or event for the purposes of this Policy and only one Deductible shall apply to all resulting Loss. The Insurer shall only be obligated to pay any Loss under this Policy in excess of the Deductible , provided that if services are recommended by the Crum & Forster Cyber Response Team shown in Item 11. of the Declarations, and the Insured Entity agrees to utilize only those vendors nominated by the Crum & Forster Cyber Response Team, then the Deductible shall not apply to the following Breach Costs: A. for an attorney to provide necessary legal advice to the Insured Entity to evaluate the Insured Entity’s legal obligations in connection with an actual or reasonable suspected Cyber Event; and B. for a computer security expert, or experts, to determine the existence, cause and scope of a Cyber Event as well as the costs to contain an ongoing Cyber Event, including the cost to retain a PCI Forensic Investigator if required by a written agreement between the Insured Entity and a financial institution, credit or debit card company, credit or debit card processor, merchant bank or any other entity offering or providing merchant card transaction processing or payment gateway services to the Insured Entity. The Deductible shall be borne by the Named Insured. In the event that this Policy provides coverage for Loss in excess of the limits available under other insurance, then the Insurer shall recognize payment by the Insured Entity of any retention or deductible applicable to such other insurance against the Deductible. VIII. NOTICE REQUIREMENTS A. The Named Insured must give the Insurer written notice of any Claim as soon as practicable, but in no event later than: (i) 60 days after the end of the Policy Period; or (ii) the expiration of any applicable Extended Reporting Period. Notice must be provided through the contacts listed in Item 10. of the Declarations. All notices of Claims must provide the following information: the potential claimant(s) by name or description, the names of the Insureds involved, the time, date, location and the description of the specific incident which forms the basis of the Claim including the nature of the potential Damages arising from such specific Claim or incident, the circumstances by which the Insured first became aware of the specific Claim, and the reason the Insured reasonably believes the subject Claim is likely to trigger coverage under this Policy. B. With respect to Breach Costs, the Named Insured must notify the Insurer of any actual or reasonably suspected Cyber Event as soon as practicable after discovery by the Insured but in no event later than 60 days after the end of the Policy Period. Notice may be provided to the Crum & Forster Cyber Response Team shown in Item 11. of the Declarations. Otherwise notice must be provided through the contacts listed in Item 10. of the Declarations. Notice of an actual or reasonably suspected Cyber Event in conformance with this paragraph will also constitute notice of a circumstance that could reasonably be the basis for a Claim . C. With respect a Cyber Extortion Threat, the Named Insured must notify the Insurer via the email address listed in Item 10. of the Declarations as soon as practicable after discovery of a Cyber Extortion Threat but in no event later than 60 days after the end of the Policy Period. The Named Insured must obtain the Insurer’s consent prior to paying any ransom or demand related to a Cyber Extortion Threat. D. With respect to any other First Party Loss or a loss from an eCrime Event, the Named Insured must notify the Insurer through the contacts listed in Item 10. of the Declarations as soon as practicable after discovery of the Cyber Event or eCrime Event.The Named Insured will provide the Insurer a proof of First Party Loss or TCM-POL-001 (01/19) Page 13 of 16 financial loss under the eCrime Loss Coverage. All loss described in this paragraph must be reported, and all proofs of loss must be provided, to the Insurer no later than six months after the end of the Policy Period unless the Insurer has agreed in writing to extend this deadline. E. Any Claim arising out of a Loss that is covered under Coverages D., Breach Costs, E., eCrime Loss or F., First Party Loss, and that is reported to the Insurer in conformance with paragraphs B., C. or D. above will be considered to have been made during the Policy Period. F. With respect to any circumstance that could reasonably be the basis for a Claim ,the Named Insured may give written notice of such circumstance to the Insurer through the contacts listed in Item 10. of the Declarations. Such notice must include: 1. the specific details of the act, error, omission or event that could reasonably be the basis for a Claim ; 2. the injury or damage which may result or has resulted from the circumstance; and 3. the facts by which the Insured first became aware of the act, error, omission or event. If such notice that meets the requirements outlined above is made during the Policy Period, then any subsequent Claim made against the Insured arising out of any circumstance reported to the Insurer will be considered to have been made at the time written notice complying with the above requirements was first given to the Insurer. IX. EXTENDED REPORTING PERIOD As a condition precedent to obtaining an Automatic Extended Reporting Period (AERP) or an Optional Extended Reporting Period (OERP), the full premium of this Policy, premium for any endorsements, and payment of Deductibles must have been paid in full. Neither the AERP nor the OERP reinstate or increase the Limits of Liability. Neither the AERP nor the OERP extend the Policy Period or change the scope of coverage afforded by this Policy. A. Automatic Extended Reporting Period If the Insurer or Named Insured cancel or non-renew this Policy for any reason other than non-payment of premium, non-payment of Deductible, non-compliance with any terms and conditions of this Policy or fraud or material misrepresentation, then the Named Insured shall be entitled to an AERP of 60 days from the date of Policy expiration or cancellation to report Claims in writing to the Insurer which are first made against the Insured during the AERP and which arise from a Technology/Professional Error or a Cyber Event that first occurs before the end of the Policy Period or from Multimedia Material first disseminated before the end of the Policy Period. If the OERP in subsection B. below is purchased, then this AERP shall be included within such OERP and will not further extend such OERP. B. Optional Extended Reporting Period If the Insurer or Named Insured cancel or non-renew this Policy for any reason other than non-payment of premium, non-payment of Deductible, non-compliance with any terms and conditions of this Policy or fraud or material misrepresentation, then the Named Insured shall be entitled to purchase an OERP from the options below. If elected, the OERP will begin on the date the Policy expires or is cancelled and would entitle the Insured to notify the Insurer in writing of Claims which are first made against the Insured during the OERP and which arise from a Technology/Professional Error or a Cyber Event that first occurs before the end of the Policy Period or from Multimedia Material first disseminated before the end of the Policy Period. C. OERP Options 1. 12 months for a premium not to exceed 100% of the annual premium; 2. 24 months for a premium not to exceed 150% of the annual premium; or 3. 36 months for a premium not to exceed 175% of the annual premium. D. In order to purchase the OERP, the Named Insured must provide the Insurer with written notice of its intention to do so no later than 30 days after the expiration or cancellation date of this Policy and must include full payment of premium for the OERP at that time. The entire OERP premium is fully earned and non-refundable as of the date the Named Insured notifies the Insurer of its intent to purchase the OERP and full payment must be made at that time for the OERP to apply. TCM-POL-001 (01/19) Page 14 of 16 X. OTHER CONDITIONS A. Cooperation The Named Insured shall immediately send the Insurer copies of all demands, notices, summonses or legal papers received in connection with a Claim or Loss.The Insured must do whatever is necessary to secure and affect any rights of indemnity, contribution or apportionment that the Insured may have. The Insured shall cooperate with counsel and the Insured shall refrain from discussing any Claim or Cyber Event with anyone other than counsel retained to represent the Insured or the Insurer’s representatives. All Insureds must fully assist and cooperate with the Insurer in the conduct, defense, investigation, negotiation and settlement of any Claim or Loss. At the Insurer’s request, the Insured must submit to an examination under oath, provide the Insurer with written statements as requested by the Insurer, attend meetings and negotiations; and produce and make available all information, records, documents and other materials which the Insurer deems relevant to the Claim or Loss. As respects any Claim,theInsured must attend hearings, depositions, proceedings, trials and appeals; and assist the Insurer in affecting settlements, securing and giving evidence and obtaining the attendance of witnesses, and pursuing or enforcing any right of contribution or indemnity against a person or entity who may be liable to any Insured. Except as otherwise provided in Section II., Defense and Settlement of Claims, Part A., no Insured will, except at its own cost, admit liability, settle a Claim , incur any expense to investigate a Claim, retain attorneys, incur Claims Expenses, assume any other obligation or incur any other expense with respect to a Claim without the Insurer’s prior written consent. Compliance with a statute or regulation that requires notice to government authorities, regulatory authorities or to persons whose personal information may have been accessed by an unauthorized individual, will not be considered an admission of liability for purposes of this clause. B. Due Dispatch The Insured Entity shall make every reasonable effort to restore operations as quickly as possible after a Cyber Event. If the Insured Entity does not resume operations, or does not resume operations as quickly as possible, the Insurer may reduce the payment of First Party Loss to the amount of First Party Loss based on the length of time it would have taken to resume operations as quickly as possible. C. Action Against the Insurer and Bankruptcy 1. No action shall be taken against the Insurer unless, as a condition precedent thereto, the Insureds shall have fully complied with all the terms and conditions of this Policy, nor until the amount of the Insured’s obligation to pay Damages for any Claim shall have been fully and finally determined either by judgment against the Insured or by written agreement between the Insureds, the claimant, and the Insurer. 2. Nothing contained herein shall give any person or entity any right to join the Insurer as a party to any Claim against the Insureds to determine their liability. Nor shall the Insurer be impleaded by the Insureds or their legal representative in any Claim. 3. Bankruptcy or insolvency of the Insured or of the estate of the Insured shall not relieve the Insurer of its obligations nor deprive the Insurer of its rights or defenses under this Policy. D. Cancellation and Nonrenewal 1. This Policy may be canceled by the Named Insured by returning the Policy to the Insurer or its authorized representatives, or the Named Insured can cancel this Policy by written notice to the Insurer, stating at what future date cancellation is to be effective. If the Named Insured cancels, earned premium shall be computed using the customary short rate table. Provided, however, the premium shall be deemed fully earned if any Claim or Loss or other circumstance that could reasonably be the basis for a Claim or Loss is reported to the Insurer on or before the date of cancellation. 2. The Insurer can cancel the Policy by written notice to the Named Insured, at the address listed in Item 1. of the Declarations. The Insurer will provide written notice at least 30 days before cancellation is to be effective TCM-POL-001 (01/19) Page 15 of 16 and the earned premium will be computed pro-rata. However, if the Insurer cancels because the Named Insured has failed to pay a premium or Deductible when due, only 10 days written notice of cancellation will be required. 3. This Policy will terminate on the effective date of the cancellation. Return of unearned premium is not a condition of cancellation. Unearned premium will be returned as soon as practicable. 4. The Insurer will not be required to renew this Policy upon its expiration. If the Insurer elects not to renew this Policy, the Insurer will mail to the Named Insured, at the address listed in Item 1. of the Declarations, written notice of nonrenewal at least 30 days prior to the expiration date of this Policy. Any offer of renewal on terms involving a change of Deductible, premium, Limit of Liability, or other terms and conditions shall not constitute, nor be construed as, a failure or refusal by the Insurer to renew this Policy. 5. Proof of mailing of any notice of cancellation or nonrenewal shall be sufficient proof of notice. E. Assignment of the Insured’s Interest The interest of the Insured under this Policy is not assignable to any other person or organization, except with the Insurer’s prior written consent. F. Subrogation If any payment is made under this Policy and there is available to the Insurer any of the Insured’s rights of recovery against any other party, then the Insurer will maintain all such rights of recovery. The Insured will do whatever is reasonably necessary to secure such rights and will not do anything after an incident or event giving rise to a Claim or Loss to prejudice such rights. If the Insured has waived its right to subrogate against a third party through written agreement made before an act, incident or event giving rise to a Claim or Loss has occurred, then the Insurer will waive its rights to subrogation against such third party. Any recoveries will be applied first to subrogation expenses, second to Loss paid by the Insurer, and lastly to the Deductible.Any additional amounts recovered will be paid to the Named Insured. G. Changes Made to this Policy The terms and conditions of this Policy cannot be waived or changed except by specific written endorsement issued by Insurer and made part of the Policy. H. Application The statements contained in the Application, and any and all attachments, constitute the representations of all Insureds and are material. This Policy is issued and continued in force by the Insurer in reliance upon the truth, accuracy and completeness of such representations, which are the basis of this Policy and current as of the date of binding. Upon the binding of coverage, the Application and any and all attachments are incorporated in and form a part of the Policy. No knowledge or information possessed by any Insured shall be imputed to any other Insured, except for material facts or information known to the person or persons who signed the Application. In the event of any material untruth, misrepresentation or omission in connection with any of the particulars or statements in the Application, this Policy shall be void with respect to any Insured who knew of such untruth, misrepresentation or omission or to whom such knowledge is imputed. I. False or Fraudulent Claims If an Insured reports any Claim or Loss knowing such to be false or fraudulent, this Policy shall become void and all insurance coverage hereunder shall be forfeited as to the inception date of this Policy. J. Terms and Conditions of Policy Conformed to Statute Where necessary, the terms and conditions of this Policy will be amended to conform to applicable law. TCM-POL-001 (01/19) Page 16 of 16 K. Change in Risk If, during the Policy Period, an Insured is dissolved, sold, acquired by, merged into, or consolidated with another entity such that the Insured is not the surviving entity; or a third party receiver, conservator, trustee, liquidator, rehabilitator or any similar official is appointed for or with respect to the Insured, then coverage under this Policy shall continue in full force and effect until the expiration date or any earlier cancellation or termination date, but only with respect to events, acts or incidents that occur prior to such consolidation, merger or acquisition. L.Named Insured as Agent The Named Insured will be considered the agent of all Insureds, and will act on behalf of all Insureds with respect to the giving of or receipt of all notices pertaining to this Policy, and the acceptance of any endorsements to this Policy. The Named Insured is responsible for the payment of all premiums and Deductibles and for receiving any return premiums. M. Other Insurance 1. With respect to Coverage D., this Policy shall be primary of any other insurance policy. 2. With respect to Coverages A., B., C., E. and F.: all Loss payable under this Policy shall be in excess of and shall not contribute with other existing insurance including, but not limited to, any insurance under which there is a duty to defend regardless of whether any Loss is collectible or recoverable under such other insurance, unless such other insurance is written specifically excess of this Policy. This Policy shall not be subject to the terms or conditions of any other insurance. N. Policy Territory This insurance applies to Claims made and acts, errors or omissions committed, or Loss occurring anywhere in the world except countries or states against which the United States has implemented trade or diplomatic sanctions. O. Economic and Trade Sanctions or Violations of Law Any Loss, Claim , covered event or other transaction or matter which is uninsurable under any act, statute, rule, regulation, ordinance, common law, or other law of the United States of America concerning trade or economic sanctions or export control laws are not covered under this Policy. P. Entire Agreement The Insureds agree that this Policy, including the Application, Declarations and any endorsements, constitutes the entire agreement between them and the Insurer or any of its agents relating to this insurance.