C-LINK
SERVICE LEVEL AGREEMENT (SLA)
CONTENTS
SCHEDULE
- Schedule 1 Service level agreement.
- 1. Interpretation
- 2. Support Services
- 3. Fees
- 4. Submitting Support Requests and access
- 5. Service Levels
- 6. Other remedies
- 7. Communications
Schedule 1 Service level agreement
1. Interpretation
1.1 Definitions
Commercially Reasonable Efforts: the same degree of priority and diligence with which the Supplier meets the support needs of its other similar customers.
Contact List: a current list of Supplier contacts and telephone numbers to enable the Customer to escalate its Support Requests, including:
- a) the first person to contact; and
- b) the persons in successively more qualified or experienced positions to provide the support sought.
Customer Cause: any of the following causes:
- a) any improper use, misuse or unauthorised alteration of the Software by the Customer;
- b) any use of the Software by the Customer in a manner inconsistent with the then-current Documents;
- c) the use by the Customer of any hardware or software not provided by the Supplier; or
- d) the use of a non-current version or release of the Software.
Fault: any Operational Fault or Vulnerability.
Good Industry Practice: the exercise of that degree of skill, care, prudence, efficiency, foresight and timeliness as would be expected from a [leading] company within the relevant industry or business sector.
Help Desk Support: any support provided by help desk technicians sufficiently qualified and experienced to identify and resolve most support issues relating to the Software.
Higher-level Support: any higher-level support provided by an individual on the Contact List.
Issue Resolution: The time taken to fully resolve the root cause of the issue, including implementing a permanent fix.
Known Vulnerabilities: any Vulnerability that has either:
- a) been assigned a Common Vulnerabilities and Exposures (CVE) number;
- b) been disclosed on the internet, or any [open] public database, such that it would be revealed by reasonable searches conducted in accordance with Good Industry Practice.
Latent Vulnerabilities: any instances of typical classes of Vulnerability. For example, buffer overflows, cross-site scripting (XSS) and Structure Query Language (SQL) injection.
Main Agreement: the agreement to which this schedule relates.
Mitigate: the taking of such reasonable steps that would be taken by a prudent supplier in accordance with Good Industry Practice to mitigate against the Vulnerability in question, which may include patching or coding changes, and the terms Mitigated and Mitigation shall be construed accordingly.
Operational Fault: failure of the Software to operate in all material respects in accordance with the Specification and Documents, including any operational failure or error referred to in the Service Level Table.
Out-of-scope Services: either of the following services:
- a) any services provided by the Supplier in connection with any apparent problem regarding the Software reasonably determined by the Supplier not to have been caused by a Fault, but rather by a Customer Cause or a cause outside the Supplier’s control (including any investigational work resulting in such a determination); or
- b) any Higher-level Support provided in the circumstances specified in paragraph 2.3.
Response time: The time between the initial submission of a support request and the first response from C-Link (acknowledgement and assignment of the issue).
Service Credits: the service credits specified in the table set out in paragraph 6.1.
Service Levels: the service level responses and response times referred to in the Service Level Table.
Service Level Table: the table set out in paragraph 5.1.
Service Recovery Time: The time taken to restore core service functionality to an operational state. This may involve temporary workarounds while a permanent fix is being investigated.
Solution: either of the following outcomes:
- a) correction of an Operational Fault or ;
- b) a workaround in relation to an Operational Fault (including a reversal of any changes to the Software if deemed appropriate by the Supplier) that is reasonably acceptable to the Customer; [or
- c) Mitigation of a Vulnerability that is reasonably acceptable to the Customer.
Support Fees: As per the Quotation.
Support Hours: Five days a week, 9 am to 5 pm (UK time) excluding UK Bank Holidays.
Support Period: the Term and, if requested by the Customer, any period during which the Customer transfers the Services to an alternate service provider.
Support Request: request made by the Customer in accordance with this schedule for support in relation to the Software, including correction of an Operational Fault.
Support Services: maintenance of the then-current version or release of the Software, including Help Desk Support and Higher-level Support, but excluding any Out-of-scope Services.
Vulnerability: a weakness in the computational logic (for example, code) found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, or availability, and the term Vulnerabilities shall be construed accordingly.
1.2 All initial capitalised terms in this schedule shall have the meaning given to them in the Main Agreement, unless otherwise defined herein.
2. Support Services
2.1 During the Support Period the Supplier shall perform the Support Services during the Support Hours in accordance with the Service Levels.
2.2 As part of the Support Services, the Supplier shall:
- (a) provide Help Desk Support by means of its ticketing system and knowledge base in-app and the following telephone number (+44 203 468 6430) and e-mail address (support@c-link.com);
- (b) commit appropriate resources to the provision of Higher-Level Support;
- (c) where Help Desk Support is not provided within the relevant Service Level response time and the Customer escalates its Support Request to an individual of appropriate qualification or experience on the Contact List, provide Higher-Level Support;
- (d) use Commercially Reasonable Efforts to:
- (i) correct all Operational Faults notified under paragraph 4.3(a); and
- (ii) Mitigate against all Vulnerabilities notified under paragraph 4.3(a) or detected under paragraph 2.2(f)
- (e) provide technical support for the Software in accordance with the Service Levels.
2.3 Any Higher-level Support requested by the Customer to be provided by an individual whose qualification or experience is greater than that reasonably necessary to resolve the relevant Support Request shall be deemed an Out-of-scope Service, provided that an appropriately qualified or experienced individual was available at the time when the Higher-level Support was sought.
2.4 The Supplier may reasonably determine that any services are Out-of-scope Services. If the Supplier makes any such determination, it shall promptly notify the Customer of that determination.
2.5 The Customer acknowledges that the Supplier is not obliged to provide Out-of-scope Services.
3. Fees
3.1 The provision of Support Services on a remote, off-site basis (such as over the telephone or by e-mail) within the Support Period shall be included in the Support Fees.
3.2 The provision of Support Services outside the Support Period or at the Customer Site or the provision of Out-of-scope Services shall be charged for at the applicable time and materials rates set out.
4. Submitting Support Requests and access
4.1 The Customer may request Support Services by way of a Support Request.
4.2 Each Support Request shall include a description of the Operational Fault and the start time of the incident.
4.3 The Customer shall provide the Supplier with:
- (a) rompt notice of any Faults which it becomes aware of; and
- (b) such output and other data, documents, information, assistance and (subject to compliance with all Customer’s security and encryption requirements notified to the Supplier in writing) remote access to the Customer System, as are reasonably necessary to assist the Supplier to reproduce operating conditions similar to those present when the Customer detected the relevant Operational Fault and to respond to the relevant Support Request.
4.4 Save for where the Supplier reasonably determines that it requires access to the Customer Site to provide the relevant Support Service, all Support Services shall be provided on an off-site basis (such as over the telephone or by e-mail).
4.5 The Customer acknowledges that, to properly assess and resolve Support Requests, it may be necessary to permit the Supplier direct access at the Customer Site to the Customer System and the Customer’s files, equipment and personnel.
4.6 The Customer shall provide such access promptly, provided that the Supplier complies with all the Customer’s reasonable security requirements and other policies and procedures relating to contractors entering and working on the Customer Site notified to the Supplier in writing reasonably in advance.
5. Service Levels
5.1 During Support Hours the Supplier shall:
- (a) prioritise:
- (i) all Support Requests based on its reasonable assessment of the severity level of the Fault reported;
- (ii) Mitigation of each Vulnerability based on its reasonable assessment of the risk posed by such Vulnerability; and,
- (b) respond to all Support Requests, in accordance with the responses and response times specified in the table set out below:
Severity |
Description |
Response Time |
Service Recovery |
Issue Resolution |
1 |
Critical System completely non-operational, or key data lost, or the majority of Users prevented from using the system. |
Within 1 hours |
Within 4 hours |
Within 10 days |
2 |
High Functional or operational issue with the system, which does not render the system inoperable, but does significantly impact daily operation of the system. The issue being considered sufficiently urgent to warrant an accelerated resolution turn-around. |
Within 2 hours |
Within 8 hours |
Within 10 days |
3 |
Medium Functional or operational issue with the system, which does not render the system inoperable, but which does significantly impact daily operation. The issue not warranting an accelerated resolution turn-around. |
Within 8 hours |
Within 16 hours |
Within 20 days |
4 |
Low Other problems, e.g. minor input or output problems which do not disrupt normal working, or enhancement requests, or general enquiries/clarifications. |
Within 24 hours |
N/A |
N/A |
5.2 The parties may, on a case-by-case basis, agree in writing to a reasonable extension of the Service Level response times.
5.3 The Supplier shall give the Customer regular updates of the nature and status of its efforts to correct any Fault and where requested Quarterly reports as to achievement of Service Levels and Service Credits to which the Customer has become entitled in its Quarterly Business Review Process.
6. Other remedies
6.1 If a Solution is not provided within the relevant Service Level response time, the Customer may escalate the Support Request to the parties’ respective relationship managers identified below and then to their respective senior management identified below:
-
Relationship Manager outlined in the Quotation.
-
Jeffrey Owusu – Product Manager
-
Robert Dean – CTO
7. Communications
7.1 In addition to the mechanisms for giving notice specified in clause [NUMBER] of the Main Agreement, the parties may communicate regarding any matter referred to in this by e-mail (unless specified otherwise).