Service Level Agreement

1.  Definitions

All terms defined in this SLA shall have the meaning set out in the EULA, unless defined otherwise below.

‘Bug’means an unwanted or unintended property of the Services that can be reproduced and causes the Services to malfunction but does not affect the availability of the Services;
‘Business Day’means Monday to Friday excluding any national holiday in Dubai, United Arab Emirates
‘Business Hours’means 8am to 8pm EEST;
‘Disaster’ means the hosting centre where the Services are hosted becomes unusable, with little chance of a short term recovery;
Emergency Maintenancemeans maintenance, upgrades, Updates, repairs to hardware and software related to resolving immediate problems causing instability in the Services;
‘Incident’means a malfunction of the Services which can be reproduced, is not a Bug and whose root cause is found in the hosting service, network, hardware or third party software components;
‘Planned Maintenance’means maintenance, upgrades, Updates, installation of new versions and repairs which are non-critical and not urgent, to hardware and software;
‘Release’means a modification in the functionality of the Services which results in a change in the version number set out in the SLA;
‘Updates’means any new or updated applications services or tools (including any software programmes) made available by the Company as part of the Services during the Term.

2. Hosting Services

All terms defined in this SLA shall have the meaning set out in the EULA, unless defined otherwise below.

2.1 Availability

The Company will take all appropriate measures in terms of redundancy, monitoring and platform management to make the Services available via the Internet 99.8% during Business Hours measured monthly from the go live date. The events set out in clause 8 of this SLA and Planned Maintenance shall be excluded from the calculation of availability of the Services.

3.  Security 

The following infrastructure and security is provided at the Company’s data centres in the United States of America with Microsoft Azure Cloud Computing Services. The Company reserves the right to change the data centre during the Term, provided that any new data centre provides at least the same level of services and security as the current data centre.

3.1  Data Centre Network

The Company provides web servers, application servers, database servers and physical data storage in which data is stored in a redundant multi-drive configuration that provides mirrored storage and the necessary software to host the Services. Web-based application use Secure HTTP (HTTPS) to protect selective data transmissions over the Internet. Virtual Private Network (VPN) technology is used to protect other transmissions, such as access to the reporting database.

3.2  Security and Environment

The hosting services are provided in a secure, limited access environment. There is an uninterrupted power source, climate control and the data centre is hardened against natural disaster. The Company continuously provides and maintains up to date virus protection. In case there are reasonable doubts about the security of the data centre, the Customer may instruct an independent third party to check the security systems at the data centre at its own cost and provided that the Customer reimburses the Company for all costs it incurs in assisting with such inspection, in particular any fees that the Company must pay to the data centre. Access to the data centre infrastructure will be at the sole discretion of the data centre.

Access to the data centre is limited to specific staff members and a select number of production support specialists and information technology specialists, who may only access the data centre to perform routine maintenance and Upgrades.

3.3  Monitoring

The Company provides the following 24 x 7 monitoring:

  • server hardware;
  • system availability;
  • network infrastructure;
  • operating systems services (WWW, SMTP, SQL);
  • application availability.

All Company servers are protected by Firewall appliances. All servers accessible from the Internet are located in a DMZ, servers storing Customer data are located within the protected network. All servers are installed with the latest security patches and are hardened as per manufacturer’s recommendations.

3.4  System Backup

The Company ensures that data is protected using backup to disk and tape. A full database differential backup is performed to tape and disk daily.

3.5  Disaster Recovery

In the event of a Disaster, the Company’s data centre will initiate its disaster recovery procedure.

4.  Support Services 

Support services shall include maintenance of the Services and Customer platform including corrective maintenance and enhancements and a customer support service for the Services and Customer platform as set out below

4.1  Scope of Support Services

Maintenance and support services shall not be provided for issues arising from (i) modifications, alteration or configuration of any of the Services by the Customer or a third party that have not been authorised in writing by the Company and/or (ii) technology or IPR that has not been provided by the Company pursuant to the Agreement.

4.2  Problem Notification 

The Company provides support services which is available to named support users. Support services are provided in English.

Problems may be reported to the support team by email or telephone.

4.3  Support Hours

The Company offers support for the Services during Business Hours on Business Days in English.

5.  Problem Resolution

Problems with the Services will be dealt with in accordance with their level of severity. The time frame in which problems will be resolved will depend upon whether they are classified as a Bug or Incident as set out below.

5.1  Problem Severity Classification

HighA problem is classified as high if the Services are not available at all, or the Customer or Authorised Users cannot log in or if there appear to be serious performance or access problems.
MediumA problem is classified as medium if a key feature or service is unavailable and the availability of the Services is not affected.
LowA problem is classified as low if there is any other problem that does not fall into another severity category.

5.2  Response and Target Resolution Times

SeverityResponse TimeTarget Resolution Time for Incidents Target Resolution Time for Bugs
Temporary work aroundPermanent Temporary work aroundPermanent
HighWithin 1 Business Hour4 Business Hours12 Business Hours1 Business Days10 Business Days
MediumWithin 2 Business Hours2 Business Days10 Business DaysNext Release
LowWithin 1 Business Day5 Business Days15 Business DaysNext Release

Releases will contain new or amended features. There may be some need for configuration and additional user training in order to obtain the maximum benefit of the new features. Releases do not significantly impact the existing technical setup of the Customer or training materials. Releases are numbered as follows: 3.1, 3.2, 3.3, etc.

6.2  Patches

The Services will be patched regularly for performance and security, after such patches are regression tested with the Services to ensure continued compatibility.

6.3  Planned Maintenance

The Company usually carries out Planned Maintenance at weekends or in the evenings. If Planned Maintenance is to be performed outside of these times the Company shall give the Customer at least 48 hours prior notice.

6.4  Emergency Maintenance

The Company shall where possible, provide the Customer with prior notice of Emergency Maintenance. However, work may commence at any time and shall continue until completed. The Company shall attempt, but cannot guarantee scheduling Emergency Maintenance during non Business Hours.

7.  Customer’s Obligations 

The Customer has the following obligations under this SLA:

  • to provide access to a computer system capable of running the TCP/IP network protocol and an Internet web browser and uses a web browser that supports JavaScript;
  • to provide all suitable hardware and software and telecommunications equipment required for accessing the Services;
  • responsibility for the network connection between the Company’s hosting centres and the Customer’s premises (backend) connection to a telecommunications network;
  • to inform the Company without delay of any problems with the Services;
  • to purchase upgrades for its own software, if necessary, for the error free operation of its own software with the Services;
  • to check its systems for the most commonly known worms and viruses;
  • to have a current virus scanner installed for each Customer system accessing the Services.

8.  Limitation of Liability

The Company shall not be liable for, and shall have no obligation to fix, any errors, Incidents, problems or Bugs or any lack of availability of the Services caused by the following:

  • any breach of the Customer’s obligations set out in clause 7 above;
  • use of the Services on a system not supported by the Company or specifically agreed in writing in this Agreement;
  • unavailability of telecommunications;
  • faults or omission of ISPs;
  • any lack of connectivity caused by a third party;
  • any Bugs or defects in any third party software that interacts with the Customer’s data once it leaves the Company’s data centres;
  • any denial of service attacks, network floods and hacking;
  • interconnection of the Services with other software products not supplied by the Company except as expressly agreed in writing in this Agreement;
  • any DNS issues not within the direct control of the Company i.e. a fault on the Customer’s network or own equipment configuration;
  • problems or errors that occur while the Company is waiting for the Customer to provide information to enable it to rectify a fault or restore services;
  • faults caused by the Customer’s management or connection to the Services;
  • the Customer failing to take part in training offered by the Company, necessary for use of the Services;
  • Force Majeure.