This Business Online Banking Agreement “Agreement” is effective between the Bank’s customer using the Services (the “Customer”) and Chesapeake Bank (the “Bank”). By using any of the Services, the Customer represents and warrants to the Bank that the Customer has read and understands the terms and conditions hereof.

OTHER AGREEMENTS

All other agreements, laws, rules and regulations that govern the Customer’s accounts and any service that Bank renders for the Customer (including the Services) are incorporated in this Agreement by reference to the extent consistent with this Agreement. This Agreement supersedes all previous agreements and understandings, oral or written.

SUCCESSORS

This Agreement and all the terms and provisions herein shall be binding upon, and shall inure to the benefit of, the parties hereto and their respective successors.

GENERAL TERMS AND CONDITIONS

This Agreement governs the relationship between the Customer and the Bank with respect to the Bank’s electronic services described herein (the “Services”). The Bank can provide the Customer with a current version of this Agreement upon request. By accessing the Services, you can perform the Services described throughout this Agreement for which you have registered, and we have approved, subject to the limitations set forth in or otherwise incorporated into this Agreement and any applicable Account Agreement (a) automated clearing house (ACH), (b) positive pay, (c) remote deposit capture (RDC), (d) wire transfers (WTS). Unless otherwise affirmatively and specifically set forth in other Sections of this Agreement, the following provisions shall apply to this Agreement and the Services.

IF CUSTOMER’S PASSWORD OR TOKEN HAS BEEN LOST OR STOLEN

If Customer’s password or token has been lost or stolen, Customer shall call Bank immediately at (877) 436-9032, between the hours of 8:00 a.m. and 7:00 p.m. (Eastern Time), Monday through Friday and 9:00 a.m. to 12:00 p.m. on Saturday. Business account holders will assume complete liability for all fraudulent transactions.

HOLIDAY SCHEDULE

Bank will be closed on the following standard holidays observed by the Federal Reserve Bank: New Year’s Day, Martin Luther King’s Birthday, Presidents Day, Memorial Day, Juneteenth National Independence Day, Independence Day, Labor Day, Columbus Day, Veterans Day, Thanksgiving Day, and Christmas Day. Bank will not accept files for processing on these days, as well as on all Saturdays and Sundays. Entries should not be dates effective any of the above days.

SECURITY CONTROLS

The Customer acknowledges and understands that the Bank will provide and make mandatory the following security features (a) secure tokens or digital token, and (b) if the customer is processing ACH or WTS transactions, multifactor authentication.  The Customer acknowledges and understands that, while the Bank will provide the following security features, it is up to the Customer to put these features into place: (a) dual control (b) text/email alerts.  The Customer acknowledges and understands that the Bank will make available the following security controls only for Corporate Level Customers: (a) all of the above, (b) time restrict and (c) IP restrict.

SECURITY PROCEDURES

The Customer shall comply with the security procedures described in this section and elsewhere in this Agreement (the “Security Procedures”) and Customer acknowledges and agrees that the Security Procedures, including (without limitation) any code, password, personal identification number, user identification technology, token, certificate, or other element, means, or method of authentication or identification used in connection with a Security Procedure, Security Measures used in connection therewith, constitute commercially reasonable security procedures under applicable law for the initiation of ACH, positive pay, remote deposit capture (if applicable)-, and WTS entries. Customer authorizes Bank to follow any and all instructions entered, and transactions initiated using applicable Security Procedures unless and until Customer has notified Bank, according to notification procedures prescribed by Bank, that the Security Procedures or any token device has been stolen, compromised, or otherwise become known to persons other than User(s) (defined below) and until Bank has had a reasonable opportunity to act upon such notice. Customer agrees that the initiation of a transaction using applicable Security Procedures constitutes sufficient authorization for Bank to execute such transaction notwithstanding any particular signature requirements identified on any signature card or other documents relating to Customer’s deposit accounts maintained with Bank, and Customer agrees and intends that the submission of transaction orders and instructions using the Security Procedures shall be considered the same as Customer’s written signature in authorizing Bank to execute such transaction. Customer acknowledges and agrees that Customer shall be bound by any and all Entries (defined below) initiated through the use of such Security Procedures, whether authorized or unauthorized, and by any and all transactions and activity otherwise initiated by User(s), to the fullest extent allowed by law. Customer further acknowledges and agrees that the Security Procedures are not designed to detect error in the transmission or content of communications or Entries initiated by Customer and that Customer bears the sole responsibility for detecting and preventing errors. Customer agrees to keep all Security Procedures, passwords and tokens protected, secure, and strictly confidential and to provide or make available the same only to User(s). Customer agrees to instruct each User not to disclose or provide any Security Procedures or passwords to any unauthorized person. Bank shall otherwise communicate with the Administrator regarding Security Procedures. “Administrator” means any officer or employee of the Customer or other person acting on behalf of Customer to Bank that Customer designated to Bank as being an authorized representative of Customer or as authorized to act on Customer’s behalf with respect to customer’s access and use of access to all accounts and function as set forth throughout this Agreement. The Customer’s Administrator shall have responsibility to distribute key fob tokens or go through the token app registration with each designated User(s) and to ensure the proper implementation and use of the Security Procedures by User(s). Where Customer has the ability to change or modify a password or PIN (from time to time) the Customer agrees to make those changes to ensure security. Customer agrees to notify Bank immediately, according to notification procedures prescribed by Bank, if Customer believes that any Security Procedures, password, or key fob has been stolen, compromised, or otherwise become known to persons other than User(s) or if Customer believes that any ACH, positive pay, remote deposit capture and WTS or activity is unauthorized or in error. In the event of any actual or threatened breach of security, Bank may issue Customer a key fob token or establish new Security Procedures as soon as reasonably practicable, but Bank shall not be liable to Customer or any third party for any delay in taking such actions. Customer agrees to notify Bank immediately, according to notification procedures prescribed by Bank, if the authority of any Administrator(s) shall change or be revoked. Customer shall recover and return to Bank any token devices in the possession of any User(s) whose authority to have the token device is revoked. Bank reserves the right to modify, amend, supplement, or cancel any or all Security Procedures, or to cancel or replace any token at any time and from time to time in Bank’s discretion. Bank will endeavor to give Customer reasonable notice of any change in Security Procedures; provided that Bank may make any change in Security Procedures without advance notice to Customer if Bank, in its judgment and discretion, believes such change to be necessary or desirable to protect the security of Bank’s systems and assets. Customer’s implementation and use of any changed Security Procedures after any change in Security Procedures shall constitute Customer’s Agreement to the change and Customer’s Agreement that the applicable Security Procedures, as changed, are commercially reasonable and adequate for the purposes intended.

USE OF THE DUAL CONTROL APPROVAL FEATURE

Dual control approval feature is available for Customers that wish to have two individuals authorized to use the Services on behalf of Customer (each, a “User” and collectively, “Users”) to initiate transactions such as ACH initiation, RDC deposit submissions and wire transfers. Typically, one User with sufficient entitlements will input transaction information; and at least one other User with sufficient entitlements will verify and finish the transaction before it is released and processed.

AUTHORITY OF OTHER ENTITIES

If Customer requests Bank-, to include in a Service accounts that belong to a person other than the Customer and held at the Bank, then as a part of the Bank’s implementation thereof; (a) Customer, in so requesting the Bank, represents and warrants to Bank that said other person (the “third party”) has given Customer (and, if applicable, Customer’s agent, as contemplated by clause (c), below) express written authority to access the t hird-party’s a ccounts through use of any Service to the same extent Customer has with respect to its own accounts; (b) all of the provisions set forth in this Agreement will apply to the third-party’s accounts as if they were the Customer’s accounts; (c) each person who is authorized to act on Customer’s behalf with respect to a Service is also authorized, to the same extent, to act on Customer’s and said third-party ‘s behalf with respect to the t hird-party’s a ccounts; and (d) Customer and said third- party shall be jointly and severally liable for all indemnification, confidentiality and other obligations to the Bank under this Agreement with respect to the Third-Party Accounts. The Bank will require written confirmation from said third-party that it has authorized Customer (and Customer’s agent, if applicable) to include its accounts in the Bank’s implementation of Customer for the Services, and that it agrees to the indemnification, confidentiality and other obligations to the Bank hereunder. Customer agrees to notify Bank immediately if such authority is revoked or modified. Customer agrees to notify Bank immediately of any change in the information contained in any representation or warranty, or any change to any authorization or Agreement contained in this Paragraph. Notification must be provided in writing and to an officer of Bank during its normal business hours.

AMENDMENTS

Bank may amend or add to the provisions of this Agreement without prior notice. If the Customer continues to use a Service after any of these changes or additions become effective (or if Customer confirms a Service profile for an affected Service), Customer shall be bound by those changes or additions. In the event that performance of Services under this Agreement would result in a violation of any present or future statute, regulation or governmental policy to which Bank is subject, then this Agreement shall be amended to the extent necessary to comply with such statute, regulations or policy. Alternatively, Customer agrees that Bank may terminate this Agreement if it deems such action necessary or appropriate under the circumstances. Bank shall have no liability to the Customer as a result of any such violation, amendment or termination. Any practice or course of dealing between Bank and Customer, or any procedures or operational alterations used by them, shall not constitute a modification of this Agreement or the rules of the National Automated Clearing House Association, as from time to time to time in effect (including any exhibits or appendices thereto now in effect, the “NACHA Rules”), nor shall they be construed as a supplement to this Agreement. Bank will promptly give Customer subsequent notice of any such change.

CHANGES TO CUSTOMER SERVICES

Any changes requested by Customer must be in writing by the authorized account individual stating the requested change and the proposed effective date of the change. The change will take effect upon the requested effective date unless Bank requires additional documentation. In that event, the change will become effective once all necessary documentation is received by Bank.

NOTICES

Any notices required under this Agreement may be given by mail, personal delivery, e-mail or other electronic means. Bank may use any address (including e-mail or other electronic addresses) for Customer shown in Bank’s records that Customer has provided to Bank and Bank believes in good faith is valid. Any notice Bank sends Customer will be effective when sent or when Bank otherwise makes the notice available to Customer through an online Service. Customer must send any notices to Bank or Bank’s Electronic Services Representative. Any notice Customer sends Bank shall be effective when Bank actually receives it.

USE OF SYSTEM

If Customer uses software residing on a personal computer, then Bank hereby grants, subject to this Agreement, a non- exclusive, non-transferable license (“License”) to use the Bank’s software that operates the Services (the “System”). No title to, ownership interest in, or proprietary rights over, the System or related materials are granted to Customer by such License, and the System shall remain Bank’s exclusive property. Customer agrees to execute and deliver to Bank such license agreements and other documents as Bank or the vendors of such software may require in order for Customer to use such software, and Customer agrees to comply with all of such license agreements and other documents to which it agreed to be bound. Customer agrees to effect appropriate security measures to safeguard the System from theft, access, use or misuse, damage or destruction by any persons. Customer agrees to treat the System as strictly confidential at all times and hold the same in custody for Bank. Customer agrees not to, or allow any third party to, reproduce, alter, merge, modify, copy, remove, license, market, transfer, give, dispose of or otherwise exploit the System, or any component thereof, including its software, nor make any disclosures concerning the System, or any component thereof, or documentation relating thereto, to any third party. Customer agrees that Customer is responsible for and assumes the risk of any consequences of the fraudulent, unauthorized, or improper use or misuse of the System by Customer or its agents, officers, employees or representatives, and for adhering to the security measures that form part of it. Unless otherwise agreed by the parties, Customer shall be responsible for the payment of all costs of installation of any System provided in connection with the Services, as well as for the selection, installation, maintenance and repair of all hardware and other software required on Customer premises for the successful operation of the System. In addition, Customer shall be responsible for training all employees on how to use the System properly.

FORCE MAJEURE

Bank shall not be responsible for delays or failures in performance of Services resulting from circumstances beyond its reasonable control.

TERMINATION

This Agreement or any Service may be terminated by either party at any time by giving thirty (30) days’ prior written notice thereof to the other party. Bank may terminate or suspend immediately any Service without notice to Customer, if Customer fails to maintain sufficient available funds in the designated account for such Service. In addition, Bank may terminate this Agreement or terminate or suspend any Service immediately, upon notice to Customer, in the event: (a) Customer closes any account established in connection with a selected Service; (b) Customer breaches a material obligation under this Agreement, or any other a greement with Bank, or any applicable law or government regulation; (c) Customer becomes insolvent, is placed in Receivership or adjudicated bankrupt, or Customer becomes subject to any voluntary or involuntary bankruptcy proceeding, or any assignment for the benefit of Customer’s creditors; (d) Customer’s financial condition has become impaired, in Bank’s good faith opinion. (e) the continued provision of Services in accordance with the terms of this Agreement would, in Bank’s good faith opinion, violate federal or state law, or would subject Bank to unacceptable risk of loss. Upon any such termination Customer shall: (i) promptly pay to Bank all sums due or to become due under this Agreement; (ii) return immediately to Bank, at Customer’s expense, all equipment or Systems provided to Customer by Bank, and all related materials, and all copies and reproductions thereof, whether written or in magnetic media and whether received from Bank or otherwise and shall pay Bank for any damages to any such materials (ordinary wear and tear excepted); and (iii) have no further right to utilize the products or Services being provided hereunder. Termination of a Service does not affect Customer’s payment obligations for Services provided to Customer on or before the product or Service was terminated. Termination of any Service does not release Customer or Bank from any respective obligations which arose or became effective prior to such termination. All provisions of this Agreement relating to the parties’ warranties, representations, confidentiality, non-disclosure, proprietary rights, and limitations of liability or indemnification shall survive the termination of a Service and this Agreement.

INDEMNIFICATION

Customer agrees to indemnify the Bank and its successors and assigns, and hold the Bank and its successors and assigns harmless, upon demand, from and against any and all losses, claims, liabilities, expenses, penalties and other damages of any kind incurred by or threatened against Bank by reason of or arising out of or in connection with the Services provided hereunder by Bank (collectively hereinafter, “Losses”), including without limitationall L osses resulting from adjustments and including without limitation actual attorneys’ fees and expenses incurred by Bank. Bank may hire counsel of its choosing to represent it in any dispute or lawsuit that arises as a result of the Services or this Agreement. All invoices for legal s ervices submitted by Bank to Customer shall be paid within thirty (30) days after receipt. The foregoing indemnification will not, however, apply with respect to any loss solely caused by Bank’s gross negligence or willful misconduct.

LIMITATION OF LIABILITY

In the event of a Bank error or other deficiency in a Service, the Bank’s sole obligation and the Customer’s sole remedy shall be for Bank to assist the Customer in correcting or otherwise mitigating the effect of such error or deficiency, if possible. Bank shall also review its systems and procedures for the purpose of implementing changes to prevent or mitigate a future occurrence of a similar error or deficiency. IN NO EVENT SHALL BANK BE LIABLE FOR DIRECT, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES, LOST PROFITS, BUSINESS INTERRUPTION LOSSES, OR AMOUNTS PAID TO THIRD PARTIES TO SETTLE OR SATISFY CLAIMS AGAINST THE CUSTOMER. The Customer waives any right to recover damages under tort theories. Even if the Customer’s remedies are deemed to have failed in its essential purpose, Bank shall have no liability to the Customer. No lawsuit or other action may be brought by the Customer against Bank on any claim or controversy after one (1) year from the date on which the cause of action arose regardless of the nature of the claim or form of action.

LIMITED WARRANTY

Bank warrants that it will provide the Services (“Services”, as used in this Paragraph, to include any equipment and software provided by Bank in connection with said Services) in a commercially reasonable manner and substantially in accordance with industry standards. Bank assumes no other obligation as to performance or quality of the Services provided. EXCEPT AS STATED IN THE IMMEDIATELY PRECEDING SENTENCE, BANK MAKES NO WARRANTIES REGARDING THE SERVICES. ALL IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE EXPRESSLY DISCLAIMED BY BANK AND WAIVED BY THE CUSTOMER.

VENDORS

Any third-party Servicer or vendor used by Customer in connection with the Services (“Vendor”) shall be Customer’s agent and Customer will be liable for: (a) Any Vendor’s failure to comply with any security procedures or operating requirements relating to the Services; (b) All fees, costs and expenses owed to each Vendor for its Services; (c) Any Losses incurred as a result of any Vendor’s failure to perform, delay or error in performing, its Services. Customer acknowledges and agrees that no Vendor, authorized agent of Customer or Vendor, or any other person acting on its behalf is, and shall not hold themselves out to be, vested with any power or right to bind contractually or to act on Customer’s behalf as agent or otherwise.

PRIVACY

Except as expressly authorized by prior written consent of the disclosing party, each party shall,- limit access to Confidential Information (defined below) to its employees and agents who have a need to know; only use Confidential Information for the purposes for which it was disclosed, and not re-use or re-disclose confidential information for other purposes except as permitted or required by consumer laws; and safeguard all Confidential Information by implementing and maintaining appropriate administrative, technical and physical safeguards to ensure the security and confidentiality of Confidential Information, protect against any anticipated threats or hazards to the security or integrity of Confidential Information, and protect against unauthorized access to or use of Confidential Information which could result in substantial harm or inconvenience to any individual. As used herein, “Confidential Information” means non-public personally identifiable financial information, as those terms are defined by applicable consumer protection and privacy laws (including but not limited to the Gramm-Leach-Bliley Act), and the applicable regulations issued thereunder and interpretations thereof.

GOVERNING LAW; VENUE

This Agreement shall be construed in accordance with and governed by the laws of the Commonwealth of Virginia. Customer hereby irrevocably agrees to submit to the exclusive jurisdiction of the state courts of the Commonwealth of Virginia and the United States of America for the Eastern District of Virginia and agrees that any legal action or proceeding with respect to this Agreement may be commenced in such courts. In the event of any arbitration or other adversarial proceeding between the parties concerning this Agreement, the prevailing party shall be entitled to recover its reasonable attorneys’ fees and other costs in addition to any other relief to which it may be entitled.

UNDERWRITING, FINANCIAL INFORMATION, AUDIT AND ANNUAL REVIEW

Bank’s approval for use of certain Services may be subject to underwriting criteria established by Bank. If Bank requires application of underwriting criteria to approve a Customer for use of certain Services, Bank will communicate to Customer the nature and content of that criteria and the information Customer will be required to provide to Bank. Customer agrees to provide Bank such financial, business and operating information as Bank may reasonably request in connection with Bank’s underwriting and approval process. The Customer acknowledges that Bank will deny any electronic service request in which the controlling officers or principal owners do not meet the Bank’s minimum underwriting standards. Bank may, from time to time, request information from Customer in order to evaluate a continuation of any of the Services provided by Bank-, and make adjustments of any set limits. Customer agrees to provide the requested financial information immediately upon request by Bank. Customer authorizes Bank to investigate or reinvestigate at any time any information provided by Customer in connection with this Agreement. Upon request by Bank, Customer hereby authorizes Bank to enter Customer’s business premises for the purpose of ensuring that Customer is in compliance with this Agreement and Customer specifically authorizes Bank to perform an audit of Customer’s operational controls, risk management practices, staffing and the need for training and ongoing support, and information technology infrastructure. Customer hereby acknowledges and agrees that Bank shall have the right to mandate specific internal controls at Customer’s location(s) and Customer shall comply with any such mandate. In addition, Customer hereby agrees to allow Bank to review available reports of independent audits performed at the Customer location related to information technology, and any associated operational processes. Customer agrees that if requested by Bank, Customer will complete a self-assessment of Customer’s operations, management, staff, systems, internal controls, training and risk management practices that would otherwise be reviewed by Bank in an audit of Customer. If Customer refuses to provide the requested financial information, or if Bank concludes, in its sole discretion, that the risk of Customer is unacceptable, if Customer violates this Agreement or the Rules (defined below), or if Customer refuses to give Bank access to Customer’s premises, Bank may terminate the requested Services and this Agreement according to the provisions hereof. Customer authorizes Bank to retain possession of any information submitted to Bank concerning creditworthiness. Customer understands that Bank will deny any Services to a Customer where the Customer or the principal owners do not meet Bank’s minimum underwriting standards.

WAIVER

No delay or failure on the part of Bank in exercising any of Bank’s rights under this Agreement shall constitute a waiver of such rights, and no exercise of any remedy hereunder by Bank shall constitute a waiver of its right to exercise the same or any other remedy hereunder. Except for changes made in accordance with this Agreement, no deviation, whether intentional or unintentional, will constitute an amendment of this Agreement or will constitute a waiver of any right or duty of either party.

SEVERABILITY

In the event that any provision of this Agreement shall be determined to be invalid, illegal, or unenforceable to any extent, the remainder of this Agreement shall not be impaired or otherwise affected and shall continue to be valid and enforceable to the fullest extent permitted by law.

FEES

Customer agrees to pay Bank the monthly fees established for each account type as disclosed at the time the account(s) is established. If, applicable, additional fees may apply to the Services. Bank from time to time may change the fees, and will notify the Customer by giving the Customer thirty ( 30) days’ written notice thereof.

USE OF TRADEMARKS

Customer may not use Bank’s name or trademarks.