Service Level Agreement (SLA)

This SLA applies to deBroome customers in Cloud Environment 1.

1. Service Level


1.1. Definition of Service

These service levels apply to the Steady State phase from the actual production start date. They do not apply to the planning and implementation phase prior to the Steady State phase. The service level includes cloud and on-prem infrastructure, hardware, operating systems and deBroome AB’s applications.

1.2. Support

1.2.1. Support Contact Details

Contact our support at support@debroome.com.

1.2.2. Support Availability

Our support is available from 9 AM to 5 PM (CET), Monday to Friday, with the exception of Swedish holidays.

1.2.3. Response Times

Severity Condition Response Time Resource Commitment
Level 1: Critical Impact Inability to use the platform. Temporary work-around not possible. 2 business hours 1. Investigation and assessment after receiving report.
2. Setting Highest Priority
3. Remediation and Mitigation (Hotfix) as soon as possible
Level 2: Major Impact Major functionality of the platform inoperable. Temporary work-around not possible. 4 business hours 1. Investigation and assessment after receiving report
2. Setting High Priority
3. Remediation, Mitigation (Hotfix) as soon as possible
Level 3: Minor Impact Non-essential components on the platform having issues or being inoperable. 8 business hours 1. Workaround
2. Investigation of report and assessment of the issue
3. Fix any issues within regular release cycle

1.3 Availability

The services will be available throughout the day, except for planned updates, malfunctions or other causes that cannot be predicted by deBroome AB.

1.3.1. Definition of Availability

Availability is defined as the availability for the customers to access the service and the data provided by deBroome AB.

Target availability: 99.9%

1.4. Availability Compensation

Deviation from the service levels will be compensated from the monthly cost of the service. Compensations for deviation are measured over a one-month period where the average value of the percentage is calculated. The compensation is deducted from the upcoming months invoice.

Availability compensation applies only during outages that makes the entire platform inoperable. Outages related to planned maintenance are not included.

Monthly Uptime Percentage (Actual) Service Credit Percentage
Less than 99.9% but equal or greater to 99.0% 3%
Less than 99.0% but equal or greater to 97.0% 10%
Less than 97.0% but equal or greater to 95% 30%
Less than 95% 50%

1.5. Exceptions

Exceptions to the availability can be the following:

  • Technical maintenance
  • Patching or servicing of applications
  • Other service work
Planned service and maintenance will be carried out during non-production hours to minimize disruptions to the customer’s business activities.

When applicable, deBroome leverages CI/CD principles and tools, as well as different deployment patterns to deploy updates to our platforms without causing downtime for end-users.

1.6. Force Majeure

If deBroome AB is prevented to accomplish their undertaking according to SLA due to circumstances outside the control of deBroome AB, such as act of war, natural catastrophe, strike, blockade or any other similar event, this SLA is not valid and deBroome AB cannot be held responsible for actions not taken.

1.7. Planned Maintenance

deBroome AB reserves the right to perform system maintenance work anytime during the day.

If the system will be non-accessible for more than 30 minutes during 08.00 AM to 06.00 PM (CET) the customer should be informed at least 2 days before the actual work starts.

1.8. Emergency Maintenance

In case of an emergency situation, system maintenance can be performed without prior notice. Customers will be informed as soon as possible should a situation like that appear.

1.9. Notification Procedures

The customer will be informed 2 days before the system maintenance work. The notification will be sent out with e-mail to the customer’s contact person.

2. Security

2.1. Physical Access to Data and Network

2.1.1. Facilities

The facilities that deBroome leases or owns that are operated within (offices, server rooms et al) are protected according to industry best practices.

2.1.2 Cloud Service Providers

deBroome leverages Cloud Service Providers (IaaS, SaaS, PaaS) to host our products and software-as-a-service offerings.

deBroome makes sure that these Cloud Service Providers can meet the standards that deBroome sets on physical access controls.

To read more about what Cloud Service Providers and Sub Processors that deBroome uses, please refer to our page on the deBroome website (https://debroome.com/documents/sub-processors).

3. Data Security


3.1. User Authentication

Customers of our platform are provided with a range of different authentication choices depending on their use-case.

3.2. Data

deBroome AB encrypts all data in transit using SSL/TLS. By using SSL/TLS certificates, information in transit is assured to be kept private.

Data at rest is encrypted using industry-standard encryption.

3.3. Procedure in Case of a Security Breach or Other Incident

deBroome has a procedure in case of a security breach or any other type of incident. The following steps are taken in case of a security breach:

  • inform customers
  • assessment 
  • mitigation 
  • remediation 
  • fixes 
  • post-mortems 

4. Monitoring and Reporting


4.1. Systems Monitoring

All systems are monitored continuously and automatic alarms pages engineering and IT teams in case of elevated error rates or failures.

4.2. Monitoring of System Availability

System availability is monitored by an automatic monitoring-system. Downtime is calculated from the data collected by this system.

4.3. Service Level Reports

deBroome AB can upon request make availability-reports available to the customer.

5. Contingency, Backup and Disaster Recovery


5.1. Backup of Data and Applications

5.1.1 Backups and Retention

deBroome AB takes backup of all structured and unstructured data belonging to our customers every 6 hours.

deBroome AB creates backups of all data that should be persisted, including structured and unstructured data every 6 hours. The backups are kept for a maximum of 30 days. Refer to the table below for specific details.

Backup Interval Minimum Retention Maximum Retention Type
Once every 6 hours 12 hours 30 days Full
Once every 7 days 14 days 30 days Full
Once every 30 days 30 days 30 days Full

5.1.2 Data Loss Caused by deBroome

If data loss caused by deBroome AB were to occur, deBroome AB will initiate its data recovery plan immediately and start the recovery process of data.

5.1.3 Data Loss Caused by customer

Data loss caused by a customer will be charged according to deBroome’s price list on data recovery. This process can be initiated during support hours.

5.2. System Redundancy

All systems in production at deBroome AB are redundant, highly available and distributed where applicable.

5.3. Disaster Recovery

In the event of a total catastrophe all data can be restored. deBroome AB have a disaster recovery plan should a situation like that appear.

6. Compensations


6.1. Limitations to SLA-compensations

deBroome AB will not compensate more than 50 % of the licence fees paid for the last year.

6.2. Requests for Compensation

For a request for compensation is to be considered the customer must:

  1.  Send in a written request for compensation via e-mail or mail.
  2. The request must be received by deBroome AB within 30 days after the trouble ticket was opened. 

6.3. Compensation Eligibility
 
Compensation is only available to clients with current contracts and no outstanding or disputed invoices.
 
See section 1.4 for Availability Compensation.

7. Termination


Termination of the contract is specified in the main agreement.

8. Ownership


All data inserted and used in the applications are the customer’s responsibility. The customer agrees to not insert any material that is illegal under Swedish law.

Revision History

Date Editor
2017-09-14 Freddie Brandt
2018-10-04 Lars Duman
2021-03-03 Simon Arledal
2021-03-31 Simon Arledal