DOPE.SECURITY SERVICE LEVEL AGREEMENT (SLA)
LAST UPDATED 05-04-2022
1. Terms and Conditions
1.1 dope.security inc. provides these SLAs subject to the terms and conditions of the current dope.security End User License Agreement (also known as Cloud Service Agreement) as applicable and as may be updated by dope.security from time to time (the “Agreement”). The defined terms therein have the same meaning when used in this Service Level Agreement. “Subscriber” and “Licensee” under the Agreement are referred to as “Customer” in these SLAs. The current version of these SLAs can be found at https://dope.security/legal and may be modified or updated by dope.security from time to time in its sole discretion with or without notice to the Customer.
1.2 A customer must submit a claim in writing within 5 days of the occurrence of the failure to meet an SLA (or earlier if specifically set forth below) (the “Credit Request”), and promptly provide dope.security with reasonable evidence to support the basis for the credit request. If dope.security confirms that an SLA was not met, then Customer will be eligible for a “Service Credit” entitling the Customer to the free use of the affected Service for the time period set forth in the applicable SLA.
1.3 Service Credits for any failure to meet an SLA will only be provided under a single SLA for a single claim, as identified by the Customer in the credit request. One claim cannot result in Service Credits under multiple SLAs.
1.4 The SLAs will not apply to situations where:
- The Service is unavailable for 1 hour or less or the Customer fails to timely submit a Credit Request in compliance with Section 1.2.
- The Customer has used the Cloud Service for 30 days or less
- The Customer is a trial or evaluation customer.
- The Customer is misusing the Service or is otherwise in violation of the Agreement.
- The failure to comply with the SLA is based on reasons beyond dope.security’s reasonable control as set out in the Agreement.
- The Service is incorrectly configured by the customer, including the use of Customer-provided networking software or equipment that does not meet the guidance in the Documentation.
- The Customer configures equipment, network, or software in a manner such that Customer’s connection does not utilize the high-availability capabilities of the Cloud Service.
- The Customer provides incorrect or inaccurate information (including change information) to dope.security.
- dope.security is performing scheduled or routine maintenance of the Service, where the Customer has been notified of the maintenance less no less than 5 days in advance, or as otherwise set forth below.
- dope.security is performing emergency maintenance to apply security patches to the Service.
- The Customer’s applications or equipment or Internet connection has failed, or the equipment is switching between service connection points.
- There is an issue with the Customer’s or a third party’s hardware or software, or an issue caused by third parties who gain access to the Service using Customer’s accounts or equipment.
- There is an issue with the Customer’s routing infrastructure (e.g. router, identity provider, or other network equipment of a third-party).
- There is a network unavailability outside of dope.security-controlled systems (cloud infrastructure, servers, hardware, and associated software) that are responsible for delivering the Service.
1.5 The remedies set forth in this Service Level Agreement are the Customer’s sole and exclusive remedy for any failure by dope.security to comply with the SLAs. Further information regarding remedies is set forth in the Agreement.
2. SLAs for the dope.security Secure Web Gateway (SWG)
2.1 Service Availability
- Secure Web Gateway Cloud Service will be available 99.9% of the time.
- Secure Web Gateway “Service Unavailability” means the inability of Customer to access or configure the Secure Web Gateway cloud management console, or the inability for a Customer Device endpoint to access required data as specified in dope.security’s published documentation (as may be updated by dope.security from time to time), and measure over a calendar month.
- In the event of Service Unavailability for more than 0.1% of any calendar month, Customer may be eligible for a Service Credit equal to 1 day for each 2 hour period of Service Unavailability, subject to a maximum credit of 5 days in any 1 calendar month.
3. Technical Support SLAs for dope.security Service(s)
3.1 Support Availability
- If dope.security is providing Technical Support to Customer, Technical Support is included as part of the Service as specified below. If Technical Support is being provided by a reseller, this section does not apply. Support can be reached at firstname.lastname@example.org.
- Support is available on a twenty-four (24) hours/day by seven (7) days/week basis to assist Customer with configuration of the Service features and to resolve reported problems with the Service.
- Once a severity level is assigned to a Customer submission for Support, dope.security will make every reasonable effort to respond per the response targets defined in the table below. Faults originating from Customer’s actions or requiring the actions of other service providers are beyond the control of dope.security and as such are specifically excluded from this Support commitment.
PROBLEMS BY SEVERITY:
1. Outage (Severity 1): A problem has occurred where no workaround is immediately available in one of the following situations: (i) Customer’s mission critical system is down or has had a substantial loss of service; or (ii) a substantial portion of Customer’s mission critical data is at a significant risk of loss or corruption.
- Initial Response Targets*: Within 1 hour
- Time to resolution: ASAP
2. Critical (Severity 2): A problem has occurred where a major functionality is severely impaired. Customer’s operations can continue in a restricted fashion, however long-term productivity might be adversely affected.
- Initial Response Targets*: Within 4 hours
- Time to resolution: Within 2 business days
3. Important (Severity 3): A problem has occurred with a limited adverse effect on Customer’s business operations.
- Initial Response Targets*: Within the next business day**
- Time to resolution: As soon as practical
4. Monitor (Severity 4): A problem has occurred where Customer’s business operations have not been adversely affected.
- Initial Response Targets*: Within the next business day**
- Time to resolution: As agreed
The above Support Response Targets are attainable during normal service operations and do not apply during Maintenance to the Service and/or supporting infrastructure as described in the Maintenance section below.
* Target response times pertain to the time to respond to the request, and not resolution time (the time it takes to close the request).
** A “business day” means standard regional business hours and days of the week in Customer’s local time zone, excluding weekends and local public holidays. In most cases, “business hours” mean 9:00 a.m. to 5:00 p.m. in Customer’s local time zone.
3.2 Maintenance to the Service and/or supporting Service Infrastructure
dope.security must perform maintenance from time to time. For information on Service status, planned maintenance and known issues, visit https://status.dope.security and subscribe to dope.security status email service to receive the latest updates. The following applies to such maintenance:
- Planned Maintenance: Planned Maintenance means scheduled maintenance periods during which Service may be disrupted or prevented due to non-availability of the Service Infrastructure. During Planned Maintenance, Service may be diverted to sections of the Infrastructure not undergoing maintenance which may result in no disruption of the Service. For Planned Maintenance, dope.security will provide seven (7) calendar days’ notification posted on dope.security Status Page.
- Unplanned Maintenance: Unplanned Maintenance means scheduled maintenance periods that do not allow for seven (7) days notification and during which Service may be disrupted or prevented due to non-availability of the Service Infrastructure. dope.security will provide a minimum of one (1) calendar day notification posted on the dope.security Status Page. During Unplanned Maintenance, Service may be diverted to sections of the Infrastructure not undergoing maintenance which may result in no disruption of the Service. At times dope.security will perform Emergency Maintenance. Emergency Maintenance is defined as maintenance that must be implemented as quickly as possible to resolve or prevent a major incident. Notification of Emergency Maintenance will be provided as soon as practicable.
- Routine Maintenance: dope.security may perform updates or routine maintenance to the Management Console with no prior notification as these activities do not result in Service disruption.