Purchase Order Terms and Conditions

The following standard purchase order terms and conditions apply to all purchases unless otherwise specified in an agreement mutually signed by authorized signers:

1. Acceptance—This order is subject to immediate acceptance by the Seller or Contractor (hereinafter "SELLER"), or Miami University (hereinafter "UNIVERSITY") reserves the right to cancel the order. Once accepted, the order shall constitute the entire contract between the UNIVERSITY and SELLER and shall not be altered, amended, supplemented, or canceled except in writing by an authorized representative of the UNIVERSITY.
2. Price—If no firm price is specified herein, charges shall not exceed SELLER's standard price for merchandise of like quality and quantity. If no price is specified but a price agreement or contract number is indicated on the order, then pricing shall be applied by the SELLER in accordance with that document
3. Samples—May be requested for inspection and approval prior to manufacture or delivery.
4. Delivery—Unless otherwise specified on the order, delivery shall be FOB Miami University, freight prepaid and allowed, to the address indicated and SELLER shall bear all costs for cartage, boxing, or containers as required. Where freight charges are to be the responsibility of the UNIVERSITY, the SELLER shall agree to ship in the most economical way, consistent with the delivery needs of the UNIVERSITY. SELLER shall retain title and bear the risk of loss or damage to the items purchased until they are delivered in conformity with this order at the specified F.O.B. point. The passing of title upon such delivery shall not constitute acceptance by the UNIVERSITY. The UNIVERSITY also reserves the right to cancel this order, in whole or in part, if any shipment of goods covered hereby is not received by the time specified.
5. Changes, Additions, Cancellation—From time to time, the UNIVERSITY may make changes and issue additional instructions. Require additional work or direct the omission of work previously ordered. Such changes shall be issued in writing to the SELLER by an authorized representative of the UNIVERSITY, and all conditions and provisions of this purchase order shall apply to all such modifications. No extra work, additions, or alterations will be paid for by the UNIVERSITY unless approved by and performed pursuant to the written order of the UNIVERSITY. The UNIVERSITY may cancel this order at any time by providing written notice to the SELLER. Except for cancellation resulting from default by the SELLER, the UNIVERSITY may negotiate an equitable payment to the SELLER for any materials or work completed or in process at the time of the cancellation.
6. Inspection, Approval, Warranty—All articles sold and materials and work supplied hereunder shall conform to the specifications, drawings, samples, or other description furnished by the UNIVERSITY, and will be of good quality, free from any defects, and fit and sufficient for the purposes intended. All goods delivered or work provided shall be delivered free from any security interest, lien, encumbrance, or other claims of any third person. These warranties shall survive inspection, acceptance, the passage of title, and payment by the UNIVERSITY. All goods delivered or work provided shall be received subject to inspection and approval by the UNIVERSITY. The UNIVERSITY's inspection, failure to inspect or reject nor payment, therefore; Shall relieve the SELLER of any obligation hereunder, and such inspection shall not exclude any warranties in respect to such goods delivered or work provided.
7. Patents—The SELLER warrants that the material is delivered, either alone or in combination with other materials. Will not infringe on any patents in the United States or any foreign country.
8. Indemnification—The SELLER agrees to indemnify the UNIVERSITY and hold it harmless from and against all liability, loss, and expense (including reasonable legal fees) resulting from patent infringements, damages, or injuries incurred by the UNIVERSITY by reason of any defect in material, workmanship, and/or design of any goods furnished or work provided hereunder. Pursuant to Ohio Revised Code section 9.27, Seller expressly acknowledges and agrees that nothing in this document shall be construed as requiring Miami to indemnify or hold harmless Seller or any other third party.
9. Bankruptcy—In the event of any proceedings in bankruptcy or insolvency by or against the SELLER, or in the event of the appointment (with or without the SELLER's consent) of an assignee for the benefit of creditors, or of a receiver, the UNIVERSITY may cancel this order for default.
10. Ohio Law—The performance of this order and all other matters pertaining thereto shall be governed by the laws of the State of Ohio, including, but not limited to Ohio Revised Code Section 9.27. The parties agree that nothing in this order shall be construed as a waiver of the sovereign immunity of Miami and/or the State of Ohio beyond the waiver provided in Ohio Revised Code 2743.02.
11. Equal Employment Opportunity/Non-Discrimination—As a condition of this order the SELLER agrees that neither they nor any of their subcontractors, shall discriminate against any employee or applicant for employment because of age, sex, race, color, religion, national origin, ancestry or handicap; will take affirmative action to ensure equal employment opportunity and treatment of all employees and applicants in all matters regarding employment and will conform to all law and regulations regarding equal opportunity and non-discrimination of the State of Ohio and the United States of America, as well as executive orders of the Governor and the President respectively, relating thereto. Any breach thereof may be regarded by the UNIVERSITY as a material breach of this purchase order.
12. Supplier Code of Conduct - Miami University is dedicated to maintaining excellence and integrity in all aspects of its educational and business activities. The trust of the community we serve -- our students and their families, our trustees and staff, our business associates, and the general public -- is vital to the image and economic success of our institution. In keeping these core values, we depend upon the responsible, law- abiding, and morally correct behavior of all suppliers we conduct business with.
    Miami has a Supplier Code of Conduct that describes the fundamental ethical and behavioral principles that govern all suppliers who do business with any of our institutions. We expect all suppliers to honor this commitment and abide by the provisions of this Supplier Code of Conduct as a condition of doing business with Miami.
    In doing business with Miami, our suppliers and their representatives are expected to: Engage in legally-compliant and ethically-sound behavior during the course of business; Promote fair and respectful interaction with University personnel and third parties; Display a commitment to the environment and to society; Be committed to workplace and product safety; Reject all forms of discrimination & harassment; Display professionalism, fairness, and reliability in all business relations.
    It is the responsibility of each supplier to ensure that its representatives understand and comply with the Miami Supplier Code of Conduct. Further, participation in conduct or practices that violate the terms and spirit of this Supplier Code of Conduct may result in termination of a supplier’s business relationship with Miami.
13. Invoicing—Individual invoices must be issued for each purchase order. Invoices shall be submitted in triplicate (one marked ORIGINAL). Unless otherwise specified, invoices shall be mailed the day shipments are made. Discount terms must be stated on the invoice and will be calculated from the date material of the invoice is received, whichever is later. The vendor's Federal Tax Identification number shall be shown on all invoices.
14. Single-Use Accounts—It is Miami’s strong preference that all amounts due and owing under this Agreement will be paid via Miami’s Single Use Account (SUA) virtual credit card program (the “Program”), currently offered through J.P. Morgan Chase. If Contractor enrolls in the Program, then all payments due under this Agreement will be paid immediately upon Miami’s processing of each invoice submitted by Contractor. If Single Use Account is not accepted, Miami will set payment terms as 2%/Net10, Net30 via ACH. Unless otherwise set forth in a SOW, Miami shall pay the Fee in equal monthly installments during the Term, with the first installment payable on the date that is thirty (30) days from the Effective Date of this Agreement. Thereafter, all subsequent undisputed installments will be payable on the anniversary date of the first installment payment.
15. Order Number—THE UNIVERSITY'S PURCHASE ORDER NUMBER MUST SHOW ON ALL INVOICES, PACKING LISTS, AND BILLS OF LADING.
16. Taxes—Miami University is an instrumentality of the State of Ohio, and as such, is exempt from all Federal Excise Taxes and from Ohio Sales and Use Tax.
17. EDGE AND MBE—Miami University supports the State of Ohio (MBE) Minority Business Enterprise and (EDGE) Encouraging Diversity, Growth, and Equity Business Development Programs. The University has established goals for EDGE Certified Business Participation for University contracts that include goods, services, construction, and professional design services. Similar goals are established for MBE. If you are an MBE or EDGE-certified vendor, please indicate so as a part of your response to this request. For further information on MBE/EDGE Programs, please refer to http://www.das.ohio.gov/Divisions/Equal-Opportunity/Business-Certification
18. Buy Ohio—The award of this contract will be subject to Sections 125.09 and 125.11 of the Ohio Revised Code.
19. Recovery Finding—Seller warrants that it is not subject to an unresolved finding for recovery under O.R.C. 9.24. If the warranty is false on the date the parties enter into an agreement, this agreement is void ab initio, and the Seller must immediately repay any funds paid under this agreement
20. DMA—Seller hereby represents and warrants to the University that it has not provided any material assistance, as that term is defined in O.R.C. Section 2909.33(C), to any organization identified by and included on the United States Department of State Terrorist Exclusion List and, if required, that it has truthfully answered "no" to every question on the "Declaration Regarding Material Assistance/Non-assistance to a Terrorist Organization: Seller further represents and warrants that it has provided or will provide such to the University prior to execution of this agreement if required. If these representations and warranties are found to be false, this agreement is void ab initio, and Seller shall immediately repay to the University any funds paid under this agreement.
21. Information Security - This section applies if: 1) Miami is purchasing or leasing software, or processing a software renewal; 2) Supplier is creating any code for Miami; 3) Supplier receives, stores, or analyzes Miami Data (including if the data is not online); 4) Supplier is hosting, or managing by infrastructure outside of Miami, including in the cloud, Miami Data; or 5) Supplier is collecting PII or Miami Data via a link on an Miami.edu or another Miami managed webpage.
    All systems, software, services, and devices that store, transmit, or otherwise process Miami Data (each, a System) must be designed, managed, and operated in accordance with information security best practices and in compliance with all applicable laws, rules, and regulations. Miami Data means: all data and information that Miami provides to Supplier, as well as all data and information managed by Supplier on behalf of Miami, including all output, reports, analyses, and other materials relating to, derived from, or generated pursuant to this Agreement, even if generated by Supplier, as well as all data obtained or extracted through Miami’s or Supplier’s use of such data or information. Miami Data also includes all data and information provided directly to Supplier by Miami students and employees, and includes personal data, metadata, and user content.
    1. With respect to each System, Supplier and its contractors at all tiers (directly and through their third-party service providers) will meet the following requirements:
       1. Access Control. Control access to Miami's resources, including Miami Data, limiting access to legitimate business need based on an individual’s job-related assignment, approve and track access to ensure proper usage and accountability, and make such information available to Miami for review, upon Miami’s request.
       2. Incident Reporting. Report information security incidents that affect Miami Data immediately to Miami (including those that involve information disclosure incidents, unauthorized disclosure of Miami Data, successful network intrusions, malware infection, and unauthorized access or modifications).
       3. Off Shore. Ensure (i) that all development or modification of software for Miami is performed only within the borders of the United States, and (ii) all Miami Data (including any backup copies) are stored, accessed from, and otherwise processed only within the borders of the United States.
       4. Patch Management. Carry out updates and patch management for all Systems in a timely manner and to the satisfaction of Miami. Updates and patch management must be deployed using an auditable process that can be reviewed by Miami upon Miami’s request.
       5. Encryption. Ensure all Systems use an industry standard encryption protocol for sensitive data, personal data, or personally identifiable data, as those terms may be defined in applicable laws, rules and regulations (PII), in transit and at rest (as documented in NIST 800-57, or equivalent).
       6. Notifications. Notify Miami immediately if Supplier receives any kind of subpoena for or involving Miami Data, if any third-party requests Miami Data, or if Supplier has a change in the location or transmission of Miami Data. All notifications to Miami required in this Information Security paragraph will be sent to Miami Information Security at infosec@MiamiOH.edu, in addition to any other notice addresses in this Agreement.
       7. Backup and Restoration. Ensure that all Miami Data is available and accessible, and that adequate systems are in place to restore the availability and accessibility of all Miami Data in a timely manner in the event of a physical or technical threat.
       8. Privacy by Design. When developing, designing, selecting, and using Systems for processing sensitive data, personal data, or personally identifiable data, as those terms may be defined in applicable laws, rules and regulations (PII), Supplier will, with due regard to the state of the art, incorporate and implement data privacy best practices.
       1. In addition to Section 17(a) above, the following provisions apply if: (i) Supplier receives, stores, or analyzes Miami Data (including if the data is not online); or (ii) Supplier is hosting, or managing by infrastructure outside of Miami, including in the cloud, Miami Data:
       2. Third Party Security Audits. Complete certified third-party audit (such as SOC2 Type II or substantially equivalent) in accordance with then current industry standards, which audits are subject to review by Miami upon Miami’s request. Currently, no more than two audits per year are required.
       3. Penetration Tests. Perform periodic third-party scans, including penetration tests, for unauthorized applications, services, code, and system vulnerabilities on each System in accordance with industry standards and Miami standards (as documented in NIST 800-115 or equivalent), and Supplier must provide proof of testing to Miami upon Miami’s request.
       4. Vulnerability Scanning. All web-based Systems are required to have a remediation plan and third-party web application security scans in accordance with then current industry best practices or when required by applicable industry regulations or standards. Supplier must correct weaknesses within a reasonable period of time, consistent with applicable industry regulations or standards, and consistent with the criticality of the risk, and Supplier must provide proof of testing to Miami upon Miami’s request.
    2. In addition to Sections 17(a)-(b) above, the following provision applies if: (i) Miami is purchasing or leasing software, or processing a software renewal; (ii) Supplier is creating any code for Miami; or (iii) Supplier is hosting, or managing by infrastructure outside of Miami, including in the cloud, Miami Data:
       1. Miami Rights. Allow Miami (directly or through third party service providers) to scan and/or penetration test any System regardless of where it resides.
    3. In addition to Sections 17(a)-(c) above, the following provision applies if: (i) Miami is purchasing or leasing software, or processing a software renewal; (ii) Supplier is creating any code for Miami; (iii) Supplier is hosting, or managing by infrastructure outside of Miami, including in the cloud, Miami Data; or (iv), Supplier is collecting PII or Miami Data via a link on an Miami.edu or other Miami managed webpage:
       1. Secure Development. Use secure development and coding standards including secure change management procedures in accordance with industry standards. Prior to releasing new software versions, Supplier will perform quality assurance testing and penetration testing and/or scanning. Supplier will provide to Miami for review, upon Miami’s request, evidence of a secure software development life cycle (SDLC)
22. Payment Card Industry Data Security Standard - The terms of this section apply if the Supplier is processing credit or debit card transactions as part of the Agreement. For e-commerce business and/or payment card transactions, Supplier will comply with the requirements and terms of the rules of all applicable payment card industry associations or organizations, as amended from time to time (PCI Security Standards), and be solely responsible for security and maintaining confidentiality of payment card transactions processed by means of electronic commerce up to the point of receipt of such transactions by a qualified financial institution.
    Supplier will, at all times during the Term, follow the then current standard for Payment Card Industry Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS) for software, and PIN Transaction Security (PCI PTS) for hardware. Supplier will provide attestation of compliance to Miami annually by delivering to Miami current copies of the following: (i) Supplier’s “Attestation of Compliance for Onsite Assessments – Service Providers;” (ii) an attestation that all Miami locations are being processed and secured in the same manner as those in Supplier’s “PCI Report on Compliance;” and (iii) a copy of Supplier’s PCI Report on Compliance cover letter. Supplier will notify Miami immediately if Supplier becomes non-compliant, and of the occurrence of any security incidents (including information disclosure incidents, network intrusions, successful virus attacks, unauthorized access or modifications, and threats and vulnerabilities).
    Supplier’s services must include the following:
    1. Supplier maintains its own network operating on its own dedicated infrastructure. Supplier’s network includes a firewall that (i) includes access control rules that separate Supplier’s PCI network from Miami, and (ii) restricts any communication between Supplier’s network devices and Miami systems.
    2. Supplier treats the Miami network as an untrusted network and no unencrypted cardholder data traverses or otherwise is stored on Miami’s network, and Miami has no ability to decrypt cardholder data.
    3. All devices must be SRED (secure reading and exchange of data), EMV (Europay, MasterCard and VISA) and PTS POI compliant.
23. Conflicts of Interest and Ethics—Seller hereby certifies that all applicable parties listed in Division (I)(3) or (J)(3) of O.R.C. Section 3517.13 are in full compliance with Divisions (I)(1) and (J)(1) of O.R.C. Section 3517.13. Seller represents, warrants, and certifies that it and its employees engaged in the administration or performance of this agreement are knowledgeable of and understand the Ohio Ethics and Conflicts of Interest laws and Executive Order No. 2007-01S. Seller further represents, warrants, and certifies that neither Seller nor any of its employees will do any act that is inconsistent with such laws and Executive Order.
24. Insurance:  The contractor shall maintain effective comprehensive automobile liability insurance and general liability insurance during the full length of any resulting contract and the University shall be provided with Certificates of Insurance, naming Miami University as an additional insured, for the required policies in the minimums listed below:
    • Automobile Liability Insurance $1,000,000 combined single limit per accident for bodily injury and property damage.  This requirement is necessary if a contractor will operate owned vehicles or rental vehicles on any of Miami’s campuses. 
    • General Liability $1,000,000 each occurrence and $3,000,000 aggregate.
    • If the Provider will have access to Miami’s information technology or information systems, then Provider shall procure Cyber Liability Insurance, including first party and third-party coverage, with limits no less than $2,000,000 per occurrence and $5,000,000 in the aggregate.

    Vendor shall also be responsible for carrying Worker's Compensation Insurance for its employees, and a valid certificate of coverage shall be provided the University at inception of the contract. 

    Other insurance requirements can be found in section 2.04 Non Construction Goods & Services Insurance Requirements at https://www.miamioh.edu/fbs/strategic-procurement/purchasing/transacting/handbook/index.html?_ga=2.193725869.104507703.1679927516-1644876759.1649685401
25. The terms of this Purchase Order shall control all invoices of Seller, even if submitted subsequent to this Purchase Order. In the event that the University and Seller enter into a definitive written agreement relating to the sale of the goods/services, then any dispute between the parties shall be determined by giving the following order of precedence to the documentation: (1) the agreement between the parties, (2) this Purchase Order, and (3) any invoices of the Seller.