Agreement - Xpress Bill Pay - 2024-03-13
Order Form: Q-22970-1
Date: 12/14/2023, 2:05 PM
Expires On: 1/28/2024
Phone: (800) 768-7295
Email: info@xpressbillpay.com
Ship To:
Kaitlin Tran
Costa Mesa Sanitary District, CA
290 Paularino Avenue
Costa Mesa, California 92626
ktran@cmsdca.gov
Bill To:
Kaitlin Tran
Costa Mesa Sanitary District, CA
290 Paularino Avenue
Costa Mesa, California 92626
ktran@cmsdca.gov
Gateway Administrative Service Agreement
This Master Services Agreement (this “Agreement”) is entered into by and between Xpress Solutions, Inc. (“Xpress”) and Customer identified on the
Order (“Customer”), together referred to as the “Parties” and each individually as a “Party.”
WHEREAS, Customer desires Xpress, and Xpress agrees to provide, Automated Clearing House (ACH) and other services to Customer as indicated in
and subject to the terms and conditions of, this Agreement.
NOW THEREFORE, in consideration of the mutual covenants contained herein, and the receipt of consideration, the sufficiency of which is hereby
acknowledged, the parties hereto agree as follows:
1.0 Term and Renewal: The Initial Term (the “Initial Term”) of this Agreement shall be thirty-six (36) months from the date of this Agreement.
This Agreement shall automatically renew for an additional twelve (12) months at the end of the Initial Term or any subsequent renewal term
by the Customer upon the receipt by Xpress of the applicable Fees and under the same terms and conditions set forth herein, so long as
the Customer is not and has not been in default in any term or condition of this Agreement. If Customer is a political subdivision, the parties
agree that an automatic renewal cannot occur if Customer’s governing board does not budget for payment of the Fees set forth in Section 2.0
in any given fiscal year of Customer.
2.0 Fees and Payments: Customer shall pay to Xpress a one-time set-up Fee, monthly maintenance, support, transaction and hosting Fees,
and various additional Fees as set forth in the Order Form and Exhibit A (collectively the “Fees”). Xpress reserves the right to change the
Fees at any time so long as Customer is provided no less than 30 days advance notice of a change. Customer authorizes Xpress to initiate
an electronic ACH Debit Entry from Customer’s bank account provided in Exhibit C on or about the 5th day of each month for the amount of
all Fees that accrued during the prior month for any service, support, or maintenance Fee that is due as described in Exhibit A. If there are
insufficient funds in Customer’s account to cover the Debit, Xpress will contact Customer for resolution which will include resubmission up to
three (3) times. This authorization may be revoked only by notifying Xpress in writing, which revocation shall take effect no later than five (5)
business days after receipt by Xpress. Any outstanding Fees that are not paid when due shall bear interest at the rate of 18% per annum until
the outstanding balance and all accrued interest are paid in full.
3.0 Services Provided; Obligations of Customer to ODFI: Transactions are placed through Xpress as a third-party sender of ACH
transactions with Customer as the “originator” of those transactions under the Rules and Regulations described below. Xpress will send all
transactions through an Originating Depository Financial Institution (ODFI) all in accordance with the terms of this Agreement, the Operating
Rules of the National Automated Clearing House Association (NACHA) and the applicable Federal Regulations governing ACH transactions
including, without limitation, the Electronic Funds Transfer Act and Regulation E (collectively the “Rules and Regulations”). Entry or Entries
shall mean either a Credit Entry or a Debit Entry. Customer agrees to comply with Xpress’ requests for record retention and signature
authorization. Customer hereby grants to Xpress or its designee the right to audit these authorizations and Customer’s record retention
compliance, at no expense to Xpress.
Customer hereby agrees to, and otherwise assumes, all obligations under the Rules and Regulations as an originator to the ODFI with
respect to all Entries, which includes without limitation the unconditional obligation of Customer to pay and indemnify the ODFI for all Entries
that are returned by any Receiving Depository Financial Institution (RDFI) for whatever reason.
In addition to the other services referenced in this Agreement, Xpress will provide Customer with an internet payment system. Xpress has
developed a web interface that can be used for payment of accounts using credit cards or electronic funds transfers (EFT). Xpress acts as
a payment gateway interface for Customer's account holders (the “End Users”) to make payments. Xpress will facilitate the acquisition of
the necessary merchant service accounts for credit cards. Xpress will provide the EFT and Lockbox services directly using its established
banking relationships. Customer hereby authorizes Xpress to endorse checks and other payment items on behalf of Customer into an Xpress
deposit account and deposit funds as necessary for the clearing of payments received for Customer. Xpress reserves the right to invest idle
funds in its possession for the sole benefit of Xpress. Only merchant service accounts and electronic funds transfer accounts that are certified
by Xpress may be used.
Page 1 of 9
DocuSign Envelope ID: 2C6DF682-359A-459F-8198-32653FA0A4B6DocuSign Envelope ID: 7B7D4064-56DA-4036-8144-7B8A8C16B9FA
4.0 Support Services and Service Levels: Xpress will provide technical support services, including telephone, email (seven days a week),
or other technology support implemented by Xpress, from 7:00 am to 6:00 pm (MST or MDT) for customers within the United States. The
maximum response time for service shall not exceed 5:00 pm (Customer local time) of the next business day following the request for service
by Customer. This support will be limited to the actual use of the Xpress internet payment system.
5.0 Software or Hardware: Customer will not receive any hardware or software from Xpress under this Agreement except as specified in
Exhibit B. Customer will use its own computers and agrees to have internet services through an internet service provider. Customer agrees
that the computers it uses will have sufficient memory and capacity to run at least Google Chrome, Microsoft Edge, or Mozilla Firefox.
6.0 Debit Authorization: Customer, as originator under the Rules and Regulations, hereby authorizes Xpress, or its designees, to initiate
Debit and/or Credit Entries to Customer’s bank account in accordance with this Agreement. Xpress’ authority will remain in full force and
effect until either (a) 90 days after Xpress has received written notification from Customer of the termination of this Agreement to provide
Xpress reasonable opportunity to act upon any outstanding liabilities; or (b) all obligations of the Customer to Xpress that have arisen from
this Agreement have been paid in full, including, but not limited to, those obligations described in this Agreement.
7.0 Accepting Transactions: Xpress will accept all completed batches from the Customer. Xpress is responsible for accepting and
processing only those Entries that have been received in a proper format and on a timely basis. Any Entry returned to Xpress will be re-
presented in accordance with the Rules and Regulations.
8.0 Returned Entries: Xpress will apply returned Entries to Customer’s account when they are received. All returns will be processed
and available through Xpress software, or by other means, as agreed to by Xpress and the Customer. With respect to each Notification of
Change (“NOC”) Entry or Corrected Notification of Change (“Corrected NOC”) Entry transmitted by Xpress, the parties shall ensure that
changes requested by the NOC or Corrected NOC are made by, or on behalf of, the Customer within six (6) banking days of Xpress receipt
of the NOC information from the ODFI or prior to initiating another Entry to the Receiver’s account, whichever is later.
9.0 Reports: Xpress will provide a detailed report of all funds transfers collected as a result of any and all funds’ transfers. All reporting will
be via the Internet.
10.0 Limits of Xpress Liability: Xpress will be responsible for Xpress’ performance in processing ACH services as a third-party sender of
ODFI transactions in accordance with the terms of this Agreement, and the other applicable Rules and Regulations. Xpress does not accept
responsibility for errors, acts or the failure of others to act, including, and among other entities, banks, communications carriers or clearing
houses through which Entries may be originated or Xpress receives or transmits information, and no such entity shall be deemed Xpress’
agent. Xpress shall not be responsible nor bear any loss, liability or delay caused by fires, earthquakes, wars, civil disturbances, power
surges or failures, acts of government or God, labor disputes, failures in communication networks, legal constraints or other events beyond
Xpress’ control.
11.0 Representations and Warranties Regarding End Users: Customer warrants that it will provide Xpress with relevant billing information
for End Users. Customer agrees to indemnify and hold Xpress harmless from any claim or liability relating to any inaccuracy in billing
information provided to Xpress. Customer further represents and warrants with respect to all Entries processed for Customer by Xpress that:
(a) each End User has authorized the debiting and/or crediting of his, her, or its account, (b) each Entry is for an amount agreed
to by the End User, (c) each Entry is in accordance with the Rules and Regulations and properly authorized in all other respects. Customer
agrees to defend, indemnify, and hold Xpress and all its agents harmless for any losses, liabilities, legal action costs or expenses incurred by
Xpress as a result of any breach of these representations and warranties either intentionally or unintentionally by Customer. Customer shall
cease initiating Entries immediately upon receiving actual or constructive notice of the termination or revocation by the End User of authority.
12.0 Regulatory Compliance: Customer will use its best efforts, and bears the final responsibility to ensure that Customer’s policies and
procedures meet the requirements of all applicable Rules and Regulations pertaining to ACH transactions of any kind. Xpress must and will
also comply with all Rules and Regulations pertaining to ACH transactions. Without limiting the obligations of Customer to the ODFI under
this Agreement and the Rules and Regulations for the payment of all returned Entries, Customer agrees to execute an origination agreement
with the ODFI if required by the Rules and Regulations.
13.0 Record Keeping: Customer agrees to keep full and accurate data and records of its utilization of Xpress services and of the
transactions giving rise to billing information for at least two (2) years after the date of the relevant transaction, or such longer period as
required by the Rules and Regulations. Customer understands that Xpress and the ODFI will be required to participate in certain audits of
Customer in connection with the credit card and EFT services provided by Xpress. Customer agrees to cooperate with Xpress and ODFI in
the performance of such audits, including providing information reasonably required in the course of such audits.
14.0 Compliance: Customer represents and warrants that all products and services offered, sold, or provided by Customer are offered,
sold, or provided in compliance with all applicable laws and regulations. Customer agrees to comply with Xpress’ Acceptable Use Policy
as required by the Payment Card Industry Data Security Standard (PCI DSS) as provided in Exhibit D. Xpress will meet or exceed all
applicable compliance requirements as required by current and future Payment Card Industry (PCI) rules of operation as well as the Rules
and Regulations.
15.0 Termination: This Agreement may be terminated by either party upon not less than 30 days' written notice to the other party specifying
the effective date thereof. In the event this Agreement is terminated by Customer through no fault of Xpress, Xpress shall be paid for all
services performed up to the date of termination.
Page 2 of 9
DocuSign Envelope ID: 2C6DF682-359A-459F-8198-32653FA0A4B6DocuSign Envelope ID: 7B7D4064-56DA-4036-8144-7B8A8C16B9FA
16.0 Governing Law; Attorneys' Fees: This Agreement shall be governed by and construed under the laws of the State of Utah. In the
event suit or action is instituted to interpret or enforce the terms of this Agreement, the prevailing party shall be entitled to recover from the
other party such sum as a court may adjudge reasonable as Attorneys’ fees at trial, on any appeal, and on any petition for review, in addition
to other sums provided by law.
17.0 Independent Contractors: Both Customer and Xpress are acting hereunder as independent contractors and under no circumstances
shall any of the employees of one party be deemed the employees of the other for any purpose. This Agreement shall not be construed as
authority for either party to act for the other party in any agency or other capacity, or to make commitments of any kind for the account of or
on behalf of the other, except to the extent and for the purposes provided for herein.
18.0 No Warranty: Xpress makes no warranty, expressed or implied, including warranties of merchant ability and fitness for a particular
purpose. Xpress shall have no liability with respect to its obligations under this agreement for consequential, special, direct, exemplary,
punitive, or incidental damages to Customer or to third parties dealing with Customer even if Xpress has been advised of the possibility of
such damages.
19.0 Entire Agreement: This Agreement and the exhibits hereto constitute the entire understanding and agreement among the parties with
respect to the subject matter hereof, and there are no other agreements or understandings among the parties other than those contained
herein. In the event any provision of this Agreement shall be held to be invalid, the same shall not affect in any respect the validity of the
remainder of this Agreement.
20.0 Successors and Assigns; Third Party Beneficiary: This Agreement shall be binding upon and inure to the benefit of the parties, and
their respective heirs, successors and assigns. Neither party may assign its interest under this Agreement without the prior written consent
of the other. The parties hereby agree that the ODFI with respect to any Entry, including Zions First National Bank, a Utah state bank, shall
have the right as a third-party beneficiary, in the event of a default under this Agreement or the agreement between Xpress and the ODFI,
to enforce this Agreement directly and independentlyagainst Customer including the enforcement of Customer’s liability to the ODFI as an
originator under the Rules and Regulations.
21.0 Waiver: Failure of either party at any time to require performance of any provision of this Agreement shall not limit the parties’ right to
enforce the provision. Waiver of any breach of any provision shall not be waiver of any succeeding breach of the provision or a waiver of the
provision itself or any other provision.
Page 3 of 9
DocuSign Envelope ID: 2C6DF682-359A-459F-8198-32653FA0A4B6DocuSign Envelope ID: 7B7D4064-56DA-4036-8144-7B8A8C16B9FA
By signing below, Customer and Xpress shall be legally bound and agree to the terms of this Agreement and all of
its Attachments.
Accepted by:Accepted by:
Xpress Solutions, Inc.Costa Mesa Sanitary District, CA
Signature:_________________________Signature:__________________________
Name (Print):________________________Name (Print):________________________
Title:_______________________________Title:______________________________
Date:_______________________________Date:_______________________________
Page 4 of 9
DocuSign Envelope ID: 2C6DF682-359A-459F-8198-32653FA0A4B6
3/13/2024
Scott Carroll
General Manager
DocuSign Envelope ID: 7B7D4064-56DA-4036-8144-7B8A8C16B9FA
CEO
Keith Jenkins
3/13/2024
EXHIBIT A
Fees
Initial Configuration Fees
PRODUCT DESCRIPTION RATE
Payment System - Setup & Configuration Payment System - Setup & Configuration - Online
Payment Module, Auto Pay Module, Card Swipe Module
USD 1,500.00
Training - Onsite Per Day Training - Onsite Per Day - Does not include travel. You
shall reimburse roundtrip airfare and hotel stay.
USD 0.00
Transaction Fees
PRODUCT RATE PER TRANSACTION
Credit/Debit Card Transactions USD 1.00
EFT Transactions USD 1.00
EFT Returned Item Basic - Invalid account number or unable to locate account USD 7.00
EFT Return NSF or Account Closed USD 14.00
EFT Return Stop Payment or Charge Back USD 30.00
XBP Deposit Account Withdrawals (6 Free Per Month then $6.25)USD 6.25
Maintenance & Support
PRODUCT
Monthly Support & Hosting - $0.055 per customer bill. Minimum $100.
Monthly Account Maintenance Fee - $29 - Waived if you keep a $25,000.00 minimum balance in your Xpress Deposit Account
Special Order/Invoicing Terms (if any):
Page 5 of 9
DocuSign Envelope ID: 2C6DF682-359A-459F-8198-32653FA0A4B6DocuSign Envelope ID: 7B7D4064-56DA-4036-8144-7B8A8C16B9FA
EXHIBIT B
Customer Account Information
Please provide the following information regarding Customer’s bank account to which the debit entries will
be directed for the payment of the Fees:
Name on Account: ________________________________________
Account Type: ________________________________________
Routing Number: _______________________________________
Account Number: _______________________________________
Bank Name: ________________________________________
Federal ID #: _________________________________________
Confidential. Protected under trade secret.
Page 6 of 9
DocuSign Envelope ID: 2C6DF682-359A-459F-8198-32653FA0A4B6
95-6003939
Bank of America
1458350230
122000661
Checking
Costa Mesa Sanitary District
DocuSign Envelope ID: 7B7D4064-56DA-4036-8144-7B8A8C16B9FA
EXHIBIT C
ACCEPTABLE USE POLICY
Introduction
Xpress Bill Pay is committed to providing high-quality payment services for its customers. This Acceptable Use Policy (the “Policy”) is designed to assist
in protecting the Service, our Users, and the Internet community as a whole from improper and/or illegal activity over the Internet. By using the Service,
you acknowledge that you and your Users are responsible for compliance with the Policy. You are responsible for violations of this Policy by any User
that accesses the Services through your account. The Policy will be updated and revised occasionally and posted to the Xpress Bill Pay website. The
Company reserves the right to modify this Policy at any time, effective upon posting at https://secure.xpressbillpay.com/mktg/AcceptableUsePolicy.pdf.
Purpose/Scope
The purpose of this Policy is to help protect the Company’s network, each of the Company’s clients and third-party users of the Internet, generally from
harassing, deceptive, irresponsible and/or illegal activities.
The scope of this policy is all the Company’s clients.
Policy
This Policy governs the usage of the Company’s network by any person (regardless of whether that person is a Customer). Each person utilizing
the Company network in any manner is responsible for complying with this Policy, and for providing assistance to the Company in furtherance of the
objectives hereof, as the Company may request from time to time. The Company’s Clients will be held solely responsible for the actions (or inactions) of
any of their customers, downstream users, or third-party agents that use the Company’s Network.
1.1 Prohibited Actions
It shall be prohibited by this Policy to utilize the Company network in any manner which, in the sole discretion of the Company, is (A) illegal, disruptive,
harassing or deceptive, or (B) a risk to the Company’s network, its stability or security, or (C) inconsistent with this Policy and/or the Company’s Rules
and Regulations and/or any rules or policies of upstream Company network service providers. Set forth below, is a non-exclusive list of certain actions,
omissions, etc., which are expressly prohibited under this Policy:
•Transmitting, distributing or storing any material in violation of applicable law, code or regulation is prohibited. This includes, without
limitation, material protected by copyright, trademark, trade secret, protective order, contract, or other intellectual property right used
without proper authorization. Also prohibited is material that is obscene, libelous, defamatory, constitutes an illegal threat, and/or violates
export control laws.
•Sending unsolicited bulk email messages and/or other advertising material to individuals who did not specifically request such material.
This includes, but is not limited to, messages sent as email, “Spam,” ICQ traffic, instant message traffic, GSM/GPRS data, or posting
the same or similar message to one or more news groups (excessive cross-posting or multiple-posting). The Company’s accounts or
services may not be used to solicit customers from, or collect replies to, messages sent from another Internet Service Provider where
those messages violate this Policy or the policy of the other provider. The Company reserves the right, in its sole discretion, to determine
whether commercial email on the Company’s Network complies with this Policy.
•Utilizing the Company’s network (or any relay, proxy or other network element in conjunction with the Company network) to (A) forge the
signature, IP address or other identifying mark or code of any other person, (B) impersonate or assume the identity or any other person,
or (C) engage in any other activity (including "spoofing") to attempt to deceive or mislead other persons regarding the true identity of the
user, including system identification information.
•Unauthorized attempts by a user to gain access to any account or computer resource not belonging to that user (e.g., “hacking” or
"cracking"). This includes providing, or assisting in the provision of names, passwords or access codes to persons not authorized to
receive such materials by the operator of the system requiring the password or access code.
•Obtaining or attempting to obtain service by any means or device with intent to avoid payment, violate policies or violate law. If a user is
restricted or terminated from the Company’s network, it is prohibited for a customer to make such services available to such user in an
indirect manner.
•Unauthorized access, alteration, destruction, or any attempt thereof, of any information of the Company or any of the Company’s clients
or end-users by any means or device. This includes any deliberate or other attempt or activity to distribute or post any virus, worm,
Trojan Horse, or computer code intended to disrupt services, destroy data, destroy or damage equipment, or disrupt the operation of the
Company’s network or the network of a third-party;
Page 7 of 9
DocuSign Envelope ID: 2C6DF682-359A-459F-8198-32653FA0A4B6DocuSign Envelope ID: 7B7D4064-56DA-4036-8144-7B8A8C16B9FA
•Knowingly engaging in any activities that will cause a denial-of-service (e.g., synchronized number sequence attacks) to users whether
on the Company’s network or on another provider's network.
•Advertising, transmitting, or otherwise making available any software, program, product, or service that is designed to violate this Policy
or the Policy of any other Internet Service Provider, which includes, but is not limited to, the facilitation of the means to send e-mail
spam, initiation of pinging, flooding, mail-bombing, denial of service attacks, and piracy of software.
•Using the Company’s network in any manner which interferes with the use of the Company’s network by other customers or authorized
users.
•Utilize the Company’s network in any manner that might subject the Company to unfavorable regulatory action, subject the Company to
any liability for any reason, or adversely affect the Company’s public image, reputation or goodwill, including, without limitation, sending
or distributing obscene, hateful, vulgar, racially, ethnically or otherwise objectionable materials as determined by the Company in its sole
discretion.
•Using the Company’s network to host, access, promote or otherwise distribute any child pornography or obscenity.
•Causing or allowing the Company’s network and/or the customer, its IP space or other elements of identification to be placed on so-
called “SPAM Block Lists,” “Spam Early Warning Systems,” or other directories of spam or unsolicited bulk email originators and/or
network abusers. It shall be incumbent upon each of the Company’s Clients to monitor and modify their usage, and that of their users
and customers, to ensure compliance with this Policy generally, and also of this provision specifically.
1.2 Enforcement
The Company reserves the right, with or without notice, to restrict, block, modify or terminate services to any Client or user upon the threat or occurrence
of a violation to the Policy. The Company reserves the right to cooperate with any court, law enforcement agency, investigator or network service
provider in the investigation of threats to the integrity, stability, reliability and/or legality of the products and services offered by the Company and of any
violations to the Policy.
1.3 Client Duties
Each Client is obligated to assist the Company in the investigation of any threatened, alleged or actual violation of this Policy. The Client shall cooperate
with designees of the Company in this regard. Clients of the Company are responsible for immediately reporting to the Company any issue which could
compromise the stability, service or security of any user or system connected to the Company’s network.
1.4 Client Password Policy
The Company’s clients are required to follow the payment industry’s user identification (User ID) and password best practices to protect the Company’s
sensitive credit card data. Client User IDs and passwords must meet the following requirements:
•User IDs must be unique to an individual and forever connected with a single user to whom it has been assigned.
•User must never share their IDs and/or passwords.
•Users must choose easily remembered passwords that are, at the same time, difficult for unauthorized parties to guess.
•Passwords are required to have a minimum of seven (7) characters.
•Passwords must meet strong password requirements. Passwords will contain both alphabetic and numeric characters. Passwords will
also utilize upper and lower case letters and symbols.
Page 8 of 9
DocuSign Envelope ID: 2C6DF682-359A-459F-8198-32653FA0A4B6DocuSign Envelope ID: 7B7D4064-56DA-4036-8144-7B8A8C16B9FA
1.5 Reports and Complaints
Any reports or complaints about the use or misuse of the Company’s products or services should be directed to:
Xpress Solutions, Inc.
108 South 700 East
American Fork, UT 84003
800-768-7295
security@xpressbillpay.com
1.6 Digital Millennium Copyright Act
Xpress Solutions, Inc. maintains a separate policy on the handling of complaints under the Digital Millennium Copyright Act, which may be requested by
sending an email to info@xpressbillpay.com.
1.7 Handling Charges
The Company reserves the right to assess a handling fee, at its usual emergency project labor rate, to respond to abuse complaints incurred by the
Company relating to a client and/or to handle, address, clean up and/or correct damage done to the operation of the Company’s Network and business
operations supported thereby. The fees will be billed in one (1) hour minimum increments. The Company hereby agrees to waive such fee for the first
instance per customer of any such complaint, but shall impose the fee from and after the second such complaint.
Confidential. Protected under trade secret.
Page 9 of 9
DocuSign Envelope ID: 2C6DF682-359A-459F-8198-32653FA0A4B6DocuSign Envelope ID: 7B7D4064-56DA-4036-8144-7B8A8C16B9FA