Candor Tech Solutions
0 Support Portal

Co-Managed IT Services Attachment

Effective Date: September 8, 2025

Terms for engagements where Candor Tech Solutions works alongside an internal IT team or another provider. You can also download the PDF version or return to the Legal page.

This Service Attachment is between Provider (sometimes referred to as “we,” “us,” or “our”), and the Client found on the applicable Order (sometimes referred to as “you,” or “your”) and, together with the Order, Master Services Agreement, Schedule of Services, and other relevant Service Attachments, forms the Agreement between the parties the terms to which the parties agree to be bound. The parties further agree to the following responsibility matrix: Provider will deliver only the Services itemized in the Services section of the Order. Here's an outline for the co-managed portions of an IT managed services contract, focusing on cooperation and coordination, change management, and the separate schedule for roles and responsibilities: Cooperation and Coordination

  • Designated contact persons from both parties
  • Information sharing and access to resources
  • Establishing processes and procedures for coordinating activities
  • Regular meetings and communication

Change Management

  • Mutually agreed-upon change management process
  • Documentation, approval, and implementation of changes
  • Assessing potential impact of proposed changes
  • Notification of affected parties

Roles and Responsibilities Schedule for Co-Managed Environments

Network and Systems Management

Provider Responsibilities:

  • Monitor network devices and servers for performance, availability, and security.
  • Perform regular maintenance, updates, and patches on managed devices and servers.
  • Provide remote and on-site support for network and server-related issues.

Client Responsibilities:

  • Provide physical access to network devices and servers as needed for Provider to perform its responsibilities.
  • Notify Provider of any planned changes or updates to network devices and servers.
  • Maintain an up-to-date inventory of all network devices and servers.

Security Management

Provider Responsibilities:

  • Conduct periodic vulnerability assessments and provide remediation recommendations.
  • Monitor and manage security devices, such as firewalls and intrusion detection systems.
  • Ensure antivirus and anti-malware software is up-to-date on all managed devices.

Client Responsibilities:

  • Implement security policies and procedures as recommended by Provider.
  • Provide Provider with necessary access to security devices and systems for monitoring and management purposes.
  • Promptly notify Provider of any security incidents or breaches.

Backup and Disaster Recovery

Provider Responsibilities:

  • Develop and maintain a backup and disaster recovery plan in collaboration with Client.
  • Manage and monitor backup processes for managed systems and data.
  • Periodically test backup and disaster recovery procedures to ensure data integrity and system recoverability.

Client Responsibilities:

  • Ensure critical data and systems are identified for backup and disaster recovery purposes.
  • Provide necessary access to systems and data for backup processes.
  • Participate in testing and validation of backup and disaster recovery procedures.

Strategy and Planning

Provider Responsibilities:

  • Provide guidance and recommendations on IT strategy and planning based on industry best practices and Client's business needs.
  • Assist Client in evaluating and selecting new technologies and solutions.

Client Responsibilities:

  • Collaborate with Provider on IT strategy and planning initiatives.
  • Make final decisions on technology investments and implementations.
  • Communicate IT strategy and goals to internal stakeholders.

EXCLUSIONS

Provider is not responsible for failures to provide Services that are caused by the existence of any of the following conditions:

  • Expired Manufacturer Warranty or Support - Parts, equipment or software not covered by a current vendor/manufacturer warranty or support.
  • Alterations and Modifications not authorized by Provider - Any repairs made necessary by the alteration or modification of equipment other than that authorized by Provider, including alterations, software installations or modifications of equipment made by Client’s employees or anyone other than Provider.
  • Hardware or Software Malfunction – Any time there is a defect or malfunction in any hardware or software not caused by Provider that adversely affects Provider’s ability to perform the Services.
  • Client Resource Problems – Any time a problem occurs resulting from a Client resource that are not under Provider’s management or control.
  • Network Changes - Any changes Client may have made to the networking environment that were not communicated to or approved by Provider.
  • Task Reprioritization - Any problems or failures related to a prioritization or reprioritization of tasks by Client.
  • Force Majeure - Any problems resulting from a Force Majeure Event as described in the Master Services Agreement.
  • Client Actions - Any problem resulting from Client actions or inactions.
  • Client Responsibilities - Any problems resulting from Client’s failure to fulfill any responsibilities or obligations under the relevant Agreements.
  • Internet Connectivity Loss - Any loss of internet connectivity that occurs at Client locations for any reason.
  • Software Maintenance - Any maintenance of applications software packages, whether acquired from Provider or any other source.

Provider is not responsible for failures to provide Services that occur during any period of time in which any of the following conditions exist:

  • Problem Ticket Management - The time interval between the initial occurrence of a desktop malfunction or other issue affecting functionality and the time Client reports the desktop malfunction or issue to Provider.
  • Power Supply Malfunction – Instances where an uninterruptable power supply (UPS) device malfunctions and renders Provider unable to connect to the network or troubleshoot the device in question.

The following list of items are excluded from the scope of included Services, and may incur additional charges or require a separate billable project:

  • Scheduled Maintenance - Any part of the Service outside designated or scheduled maintenance windows or other agreed-upon periods of time that are necessary for repairs or maintenance.
  • Agreed Temporary Exclusions - Any temporary exclusion that Provider we may request, subject to Client’s approval, to implement changes in applications, environments, conversions or system software.
  • Software Maintenance – Unusual work that results from a failed software patch or update that results in an interruption in Client’s business, with the exception of Microsoft Windows updates and patches.
  • Programming Modifications - Any programming (modification of software code) and program (software) maintenance occurs.
  • Training - Any training service of any kind.
  • Software and Web Development - Any Services requiring software and web development work.
  • Remote Computers -– Unless otherwise specified in an Order, home or remote computers that are not covered under the Agreement.
  • Replacement Software – Implementation of new or replacement software.
  • Relocation / Satellite Office – Office relocation/satellite office setup.
  • Equipment Refresh – Any non-workstation equipment refreshes.

The following list of items are costs that are considered separate from the Service pricing: Costs Outside Scope of the Service – The cost of any parts, equipment, or shipping charges of any kind. The cost of any software, licensing, or software renewal or upgrade fees of any kind. The cost of any third-party vendor or manufacturer support or incident fees of any kind. The cost of additional facilities, equipment, replacement parts, software or service contract.

DATA LOSS AND SECURITY

Data Loss

Provider is not responsible for the restoration of data to server including site content, email, databases and other types of data. If a hardware failure is experienced and subsequent data loss occurs, Client is ultimately responsible for the data and data restoration. Provider shall not be liable for loss of data under any circumstances. Client shall maintain insurance in a policy amount sufficient to cover any loss of data, software and/or hardware. In addition, Client acknowledges that it may, at its own option and expense, develop a system that uses mirrored off site servers, offsite backup solutions and/or other means to minimize risk, reduce the loss of revenue and insure continuous hosting of data in the event of a major loss. Provider recommends this approach for all critical web applications including those that generate significant revenue.

Server Audits

Provider does not take responsibility for the overall security of servers. If servers are compromised in any way, Provider reserves the right to immediately audit the server. Security is the responsibility of the Client regardless of the service plan. Provider reserves the right to cancel service if servers are compromised via the implementation of weak password schemes, elderly backend application content and scripting, or for any other reason as deemed necessary by Provider. An hourly labor fee will be incurred with respect to any security related work performed due to any such server being compromised by negligence on the part of the Client.

ACCEPTABLE USE AND SERVICE PARAMETERS

Acceptable Use Policy

Client shall comply with all policies for acceptable use of the Services.

Client Liability

Client is responsible for damages resulting from its violation of this Service Attachment, which damages will be subject to the obligations of indemnification set forth in the MSA. Provider's hosting of any software solution Services or Client Data does not relieve Client of its responsibility or its obligation to indemnify Provider pursuant to the terms of the MSA.

IP Address Ownership

If Provider assigns Client an Internet Protocol address for Client’s use, the right to use that Internet Protocol address shall belong only to Provider and Client shall have no right to use that

Internet Protocol address except as permitted by Provider in its sole discretion in connection with the Services, during the term of this Agreement. Provider shall maintain and control ownership of all Internet Protocol numbers and addresses that may be assigned to Client by Provider, and Provider reserves the right to change or remove any and all such Internet Protocol numbers and addresses, in its sole and absolute discretion. Provider may periodically review IP address usage, and if Provider finds that clients are using IP addresses where name-based hosting could be used, Provider will revoke authorization to use those IP addresses that could be used with name-based hosting.

Domain Names

Client is responsible for its own domain names unless Provider is contracted to provide such services under separate agreements, including, but not limited to, domain name registration information, renewals, payments, conflicts and zone files. Client must have valid and current information on file with Client’s domain name registrar for any domain hosted on the Provider Network. “Provider Network” is defined as the equipment, software, and facilities within the Provider critical network segments, including Provider’s contracted connectivity services to which the Provider hosting environments are connected and are collectively utilized by Provider to provide dedicated and co-location services.

TERM AND TERMINATION

Term

This Service Attachment is effective on the date specified on the Order. Unless properly terminated by either party, this Attachment will remain in effect through the end of the term specified on the Order (the "Initial Term").

Renewal

"RENEWAL" MEANS THE EXTENSION OF ANY INITIAL TERM SPECIFIED ON AN ORDER FOR AN ADDITIONAL TWELVE (12) MONTH PERIOD FOLLOWING THE EXPIRATION OF THE INITIAL TERM, OR IN THE CASE OF A SUBSEQUENT RENEWAL, A RENEWAL TERM. THIS SERVICE ATTACHMENT WILL RENEW AUTOMATICALLY UPON THE EXPIRATION OF THE INITIAL TERM OR A RENEWAL TERM UNLESS ONE PARTY PROVIDES WRITTEN NOTICE TO THE OTHER PARTY OF ITS INTENT TO TERMINATE AT LEAST SIXTY (60) DAYS PRIOR TO THE EXPIRATION OF THE INITIAL TERM OR OF THE THEN-CURRENT RENEWAL TERM. ALL RENEWALS WILL BE SUBJECT TO PROVIDER’S THEN-CURRENT TERMS AND CONDITIONS.

Month-to-Month Services

If the Order specifies no Initial Term with respect to any or all Services, then we will deliver those Services on a month-to-month basis. We will continue to do so until one party provides written notice to the other party of its intent to terminate those Services, in which case we will cease delivering those Services at the end of the next calendar month following receipt such written notice is received by the other party.

Early Termination by Client With Cause

Client may terminate this Service Attachment for cause following sixty (60) days’ advance, written notice delivered to Provider upon the occurrence of any of the following:

  • Provider fails to fulfill in any material respect its obligations under the Service Attachment and fails to cure such failure within thirty (30) days following Provider’s receipt of Client’s written notice.
  • Provider terminates or suspends its business operations (unless succeeded by a permitted assignee under the Agreement).

Early Termination by Client Without Cause

If Client has satisfied all of its obligations under this Service Attachment, then no sooner than ninety (90) days following the Service Start Date, Client may terminate this Service Attachment without cause during the Initial or a Renewal Term (the “Term”) upon sixty (60) days’ advance, written notice, provided that Client pays Provider a termination fee equal to all discounts and concessions provided, plus fifty percent (50%) of the recurring, Monthly Service Fees remaining to be paid from the effective termination date through the end of the Term, based on the prices then in effect.

Termination by Provider

Provider may elect to terminate this Service Attachment upon thirty (30) days’ advance, written notice, with or without cause. Provider has the right to terminate this Service Attachment immediately for illegal or abusive Client conduct. Provider may suspend the Services upon ten (10) days’ notice if Client violates a third-party’s end user license agreement regarding provided software. Provider may suspend the Services upon fifteen (15) days’ notice if Client’s action or inaction hinder Provider from providing the contracted Services.

Effect of Termination

As long as Client is current with payment of: (i) the Fees under this Attachment, (ii) the Fees under any Order for Off-Boarding, and/or (iii) the Termination Fee prior to transitioning the Services away from Provider’s control, then if either party terminates this Service Attachment, Provider will assist Client in the orderly termination of services, including timely transfer of the Services to another designated provider. Client shall pay Provider at our then-prevailing rates for any such assistance. Termination of this Service Attachment for any reason by either party immediately nullifies all access to our services. Provider will immediately uninstall any affected software from Client’s devices, and Client hereby consent to such uninstall procedures. Upon request by Client, Provider may provide Client a copy of Client Data in exchange for a data-copy fee invoiced at Provider’s then-prevailing rates, not including the cost of any media used to store the data. After thirty (30) days following termination of this Agreement by either party for any reason, Provider shall have no obligation to maintain or provide any Client Data and shall thereafter, unless legally prohibited, delete all Client Data on its systems or otherwise in its possession or under its control. Provider may audit Client regarding any third-party services. Provider may increase any Fees for Off-boarding that are passed to the Provider for those third-party services Client used or purchased while using the Service. Client agrees that upon Termination or Off-Boarding, Client shall pay all remaining third-party service fees and any additional third-party termination fees.