SPECIAL TERMS AND CONDITIONS FOR
HIRING OF AGENCY FOR IT PROJECTS – MILESTONE BASIS

1. Preamble
A. All contracts related to milestone-based hiring of Agencies for IT Projects placed through GeM shall be governed by the following set of Terms and Conditions:
I. General terms and conditions for Goods and Services.
II. Service STC contained in this document
III. BID / Reverse Auction specific ATC

B. The above terms and conditions are in reverse order of precedence i.e. ATC supersedes Service specific STC which supersede GTC, whenever there are any conflicting provisions. 

C. This document represents the Special Terms and Conditions (STC) and the Service Level Agreement (SLA) governing the contract between the Government/Buyer and Agency/Service Provider. The purpose of this document is to outline the scope of work, stakeholders’ obligations and terms and conditions of all services covered as mutually understood by the stakeholders.

2. Objectives and Goal
The objective of this document is to ensure that all the special terms and conditions are in place to ensure consistent delivery of services to the buyer by the service provider. The goal of this document is to:
⦁ Provide clear reference to service ownership, accountability, roles and responsibilities of both parties
⦁ Present a clear, concise and measurable description of services offered to the buyer
⦁ Establish terms and conditions for all the involved stakeholders, it also includes the actions to be taken in case of failure to comply with conditions specified
⦁ To ensure that both the parties understand the consequences in case of termination of services due to any of the stated reasons
This document will act as a reference document that both the parties have understood the above-mentioned terms and conditions and have agreed to comply by the same. 

3. Stakeholders
The main stakeholders associated with this agreement are:
1. Buyer: The Buyer/ Client is responsible to provide clear instructions, approvals and timely payments for the services availed as per the contractual terms
2. Service Provider: The service provider is responsible to provide all the required services in timely manner. The service provider may also include seller, supplier/bidder/contractor, any authorized agents, permitted assignees, successors, and nominees as per the context and as described in the document.
The responsibilities and obligations of the stakeholders have been outlined in this document. The document also encompasses payment terms and penalties in case of non-adherence to the defined terms and conditions. 

4. Service Scope
This service “Hiring of Agency for IT Projects – Milestone based” may be availed for hiring a software development agency for undertaking a project related to development or maintenance of an IT solution.

5. Terms and Conditions
5.1 Buyer’s Obligations
(i) Any documentation/guidelines with respect to the scope of the project and necessary work permits to access buyers’ premises are to be provided by buyer. 
(ii) The Officer-In-Charge nominated by buyer organization shall look after general supervision and direction of the work like development methodologies, use of open-source applications, etc as may be directed in the scope of work. 
(iii) The buyer is expected to share with service provider the details of stakeholders and facilitate meetings that may be required by the service provider to carry out the assigned work. 
(iv) In the absence of any Standard/ Specification/Code of practice for detailed specifications covering any part of the work covered in this tender, the instructions/directions of the Officer-in-charge will be binding on the Service Provider.

5.2 Service Provider’s Obligations
(i) The Service Provider shall keep the Buyer updated about the deployment plan of resources onsite for the project.
(ii) Adequate access control procedures should be defined to secure the entire IT system, physically and logically.
(iii) The Service Provider must also ensure compliance with all the e-governance standards published by MeitY for e-Governance projects.
(iv) Service provider must ensure all the changes/new developments are deployed on production after testing on UAT. 
(v) Service Provider must provide monthly/quarterly reports on bug fixing and SLA to the buyer.
(vi) For the required maintenance activities, service provider must define the scheduled maintenance time and ensure that the required permissions are granted by the buyer. 

5.3 Standard Terms and Conditions
(i) The Service Provider shall designate a Coordinator who will be responsible for maintaining regular contact with the Buyer Department to ensure that the best possible services of the people deployed are provided without interruption. 
(ii) Without the Authority's prior written consent, the Service Provider may not transfer, assign, pledge, or subcontract its rights and duties under this Agreement to any other agency or organization, regardless of name.
(iii) The service provider shall carry out the design and development in their own environment or specified by the buyer for the development of website/mobile application.
(iv) Service provider shall develop and maintain the staging/ test environment including hardware and other components at bidder’s own environment for the complete contract period. The UAT shall be conducted over the same environment. 
(v) Any license procured as part of the project must be in the name of the Buyer. 
(vi) All the documentations related to the resources such as license, permissions should be valid throughout the contract.
(vii) The Buyer or its agent shall have the right to inspect and/or test the services/Solution/Technology to confirm that they conform with the contract specifications at no additional expense to the Buyer.
(viii) All websites/portals developed as part of scope of work must follow latest GIGW guidelines.
(ix) Service Provider shall ensure requisite support from the Cloud Service Provider/OEM for various aspects of project including configuration, customization, sizing, performance tuning and implementation support.
(x) Service Provider must provide the Buyer with a comprehensive exit management plan or transition plan.
(xi) Service Provider shall provide the performance warranty in respect of performance of the installed hardware and software to meet the performance requirements and service levels specified by Buyer.
(xii) Service Provider shall maintain data regarding entitlement for software upgrades, enhancements, refreshes, replacements and maintenance. The Service Provider shall also provide for software license management and control. 
(xiii) Appropriate firewalls, IPS, SSL devices etc. should be used to ensure Network security. The solution should support SSL encryption mechanism for transferring data across network and between client and server.
(xiv) Adequate access control procedures should be defined to secure the entire IT system, physically and logically
(xv) The solution should have appropriate authentication mechanisms, like encryption of transactions, web application firewalls, CERT-In compliance, etc. 
(xvi) Event logging should create an accurate record of user activity such as which users accessed which system, and for how long. The solution should log all types of events especially those related to security. 
(xvii) The solution should support SSL encryption mechanism for transferring data across network. Provision should be made to ensure that data in any form should not be copied on to any external media without authorization. The data transferred across network should be encrypted using Public Key Infrastructure (PKI). Complete end point data protection should be provided at client site such that any type of data pilferage using unauthorized copying, storing and emailing could be prohibited. Access to all system resources including data files, devices, processes and audit files should be provided to the intended users only. All mobile applications should be designed and developed in a way that it ensures security of the application and data on the device.
(xviii) The system should limit to only one session per user or process ID. The system should put a limit on the maximum time length of an idle session, which should ensure that automatic session termination takes place after expiry of the specific time length.
(xix) The definition of all terms used in the bid, which are not explicitly defined in the bid document, may be interpreted as defined in MeitY’s Model RFP for IT Implementation Agencies.

6. Payment Schedule
(i) The Payment Procedure shall be in as specified in the General Terms and Conditions of GeM. 
(ii) Payment schedule to be as per payment terms specified in bid document. 
(iii) Payment will be inclusive of travelling charges for site, boarding and lodging expenses unless specified otherwise by buyer in ATC section. 

7. SLAs, Penalties and Termination