Service Level Agreement (SLA) for Hosted Services
1. Purpose
This page sets out the level of availability clients using our hosted services can expect from Callout Computers and the support that they can expect to receive for any issues that arise.
Please note that Callout Computers do offer multiple hosted services and the services and support provided for each one differ considerably. For example our web hosting packages do not generally include website alterations, code updates, security updates or maintenance of any kind, other than to ensure that our service remains available and stable. Any services required outside of the service offered would be chargeable at our standard rate. Please confirm with us, before commencing your service, what is included and not included with the service you are looking to use.
This agreement serves the following purposes:
– Provide clear reference to service ownership, accountability, roles and/or responsibilities.
– Present a clear, concise and measurable description of our services to the client.
– Match perceptions of expected service provision with actual service support and delivery for our hosted services.
2. Service Agreement
The following services are the responsibility of Callout Computers during the agreement period.
2.1. The following services are covered by this agreement:
– Telephone support.
– Email support.
– Software & security updates appropriate to the hosted service you are using.
– Regular backups of client data.
– Facilitating with client requirements such as security testing, auditing, software delivery & day-to-day client configuration and use of the system.
2.2. What is required by the client
The client is responsible for the following under this agreement:
– Payment for all support costs within the agreed time frame.
– Reasonable availability of the client (or representatives) when resolving a service related incident or request.
– Provision of client contact details who can be informed of any actions resulting from this agreement (including maintenance window notifications).
– Providing Callout Computers with a minimum of 1 weeks notice for any modification, testing or action that could result in our service being impacted.
2.3. What is required by Callout Computers
We are responsible for the following under this agreement:
– Ensuring an uptime of 99.95% for our network and power infrastructure at our key datacentre(s).
– Meeting the response times associated with any service related incidents as described below.
– Appropriate notification to the client for scheduled maintenance and scheduled downtime through our status portal.
– Ensuring that our hosting facility, core network and data is secured.
– That security updates and bug fixes are applied with a reasonable time as determined by us and third parties.
2.4. Service Assumptions
– An on-site nightly backup of all client data (excluding cloud backup service) will be carried out and verified.
– A weekly off-site backup of all client data (excluding cloud backup service) will be carried out.
– Any changes to your service will be communicated via this document a minimum of 30 days before they are to take effect.
We do not cover service related incidents caused by the following in our hosted services agreement:
– Client’s local network or internet connection. We are happy to assist with resolving these issues however they will not count towards unscheduled downtime of our service.
– Any client or third party configured settings that could affect the performance of our hosted services. This includes but is not limited to firewall configuration, bandwidth shaping or PC configuration settings.
– Client’s domain names which are managed by the client or a third party, excluding domains managed by ourselves.
– Any service requests that require major changes will be classed as change requests and charged at our standard hourly rate. This can include (but are not limited to) software installation/uninstallation, hardware alterations or relocation of equipment.
3. Service Provision
At all times we will host all client data in a datacentre and maintain a core network that meets or exceeds the following requirements for capacity, security and resiliency:
| Category | Requirements |
|---|---|
| Physical Security | 24/7/365 Manned security gate with ID and pass check to gain entry to the facility Personal Access Card (PAC) to gain access to the datacentre building Locked data cabinets with restricted access to directors of Callout Computers 100% interior CCTV coverage, monitored |
| Digital Security | Network segmentation of customer machines & data Maintenance of firewalls at network entry points with business requirement check on all changes SSL/TLS security used for all external communications and internal communications where required Extensive organisation policies to control data access, account security & third party access |
| Protection of Data | Nightly on-site backup and verification of all customer data Weekly off-site backup of all customer data VESDA (Very Early Smoke Detection Apparatus) and gas based fire suppression to be maintained |
| Resiliency | To use an N+N rated datacentre and network design to protect against individual failures, to include: – Dual diverse network feeds from London Telehouse (East and West) delivered right through to each server – Dual power feeds from the national grid delivered right through to cabinet level and into each server – Separate battery backup & diesel generators attached to each power feed – Fully redundant air cooling system in N+N designTo provide a redundant network including dual redundant router and switch design to protect against core network component failure To provide redundancy at a hardware level with enterprise grade components, to include: – Redundant hard drives & SSD storage for all client data – Redundant components built into all servers, including power supply, network connections and cooling fans – Redundant server hosts to protect against complete server failure |
4. Service Management
Effective support of in-scope services is a result of maintaining consistent service levels. The following sections provide relevant details on service availability, monitoring of in-scope services and related components.
4.1. Service Availability
At all times we shall ensure that our core network and power is available for 99.95% of your contract length. Our core services, including website hosting, email hosting, cloud sync and network/security monitoring will be available for 99.95% of your contract length. The uptime of other services will be determined by multiple factors, including the type of service, client configuration and client service level requirements. Please discuss this with us before beginning your service.
Any planned maintenance work that we are required to carry out that will involve service downtime will be advised at least 2 days (48 hours) in advance in nearly all instances. Exceptions to this include security updates, released by third parties or ourselves, that require immediate application in order to keep our core network secure, provide a secure service for our client and keep client data secure. All maintenance work will be carried out outside of working hours (usually post 9PM on a Friday or Saturday evening) to ensure the minimum amount of downtime, unless otherwise agreed with the client(s) involved.
4.1. Support Availability
– We guarantee to offer telephone support between 9AM and 5PM, Monday to Friday. Phone support outside of this time maybe available but is not guaranteed.
– We guarantee to offer email support between 9AM and 5PM, Monday to Friday. Emails received outside of this time will be answered on the next working day.
4.2. Service Requests
To support the agreements made in this SLA Callout Computers will respond to service related incidents within the following timeframes:
Critical – Within 30 minutes during the hours of 8AM to 10PM and within 2 hours outside of these times
High – Within 2 hours during business hours (9AM to 5PM, Monday to Friday) and 4 hours outside of these times
Medium – Within 48 working hours
Low – Within 5 working days
The following definitions will be used to determine the priority of service related incidents unless otherwise agreed with the client:
| Severity | Example conditions | Users Impacted |
|---|---|---|
| Critical | Core network or critical power failure Unavailability of core services (web, email etc.) Major security vulnerability requiring immediate attention |
> 90% of Callout Computers Clients |
| High | Client server unavailable Core client software or client service not available Critical security patch affecting client software |
> 90% of client’s users |
| Medium | Client or core service unavailable for some users Client software/service requiring updates to continue operation Third party access to client server required |
< 90% of client’s users |
| Low | Non critical updates (eg. software upgrades) Setup of client’s custom software / working with third parties to facilitate General security patching schedule |
< 90% of client’s users |
The priority of any service related incident or request not defined above will be agreed at the time between the client and Callout Computers.
* All times stated are in GMT/BST and do not include UK bank holidays.
5. Limitation of Liability
In the event that Callout Computers cannot provide the service as defined in section 4 or that the service is unavailable for an extended length of time then the client maybe able to claim compensation from Callout Computers. In this event the following table will determine the amount of compensation that is due to be paid based on the downtime experienced by the client. The compensation claims are based on the contract length, for example a user on a monthly contract is able to claim compensation for downtime after 1 hour 30 minutes in their billing month, whereas a user on a 12 month contract is able to claim compensation after 17 hours 31 minutes in their billing year.
5.1. Notification of Service Unavailability
Callout Computers must be notified by the client that their service is unavailable. The following must have taken place for the client to be able to claim for downtime or systems/data being unavailable:
– Downtime will only be counted from the point at which the client makes Callout Computers aware of an incident that is affecting their business.
– Callout Computers must be made aware that the incident is affecting the clients entire business and is stopping them from working/using our services. Compensation claims for single user incidents will be discussed separately from the table below.
– The incident must be as a result of Callout Computers being unable to provide the service(s) agreed with the client. Callout Computers cannot be held liable for incidents that have been caused by the client in any way (for example if a user maliciously deletes files or disables the clients service then we will not be held liable and the above timeframes do not apply).
– The below compensation table governs Callout Computers cloud services only and does not apply to on-site work as this can be affected by factors outside of Callout Computers control (for example site access).
5.2. Exclusions from Compensation Claims
Callout Computers will not be held liable for compensation claims if the fault that caused the incident is proved to be outside of Callout Computers control. In this event we will endeavour to claim for the outage from the responsible third party and pass this onto clients were compensation is received by Callout Computers. An example of this would include a large scale internet outage in the Kent area which disrupts connectivity for multiple clients as well as our datacentres.
5.3. Compensation Claims Requirements
The following table determines the amount of compensation that Callout Computers will be liable for based on the severity of the outage:
| Service uptime drops below | Liability |
|---|---|
| 99.8% Approximately 1 hour 30 minutes in a given month |
Callout Computers will credit the client with up to 25% of that months contract price upon request and receiving proof of the outage length and that all users of the client were affected |
| 99.5% Approximately 3 hours 40 minutes in a given month |
Callout Computers will credit the client with up to 50% of that months contract price upon request and receiving proof of the outage length and that all users of the client were affected |
| 99% Approximately 7 hours 18 minutes in a given month |
Callout Computers will credit the client with up to 75% of that months contract price upon request and receiving proof of the outage length and that all users of the client were affected |
| Less than 98% Approximately 14 hours 36 minutes in a given month |
Callout Computers will credit the client with up to 100% of that months contract price upon request and receiving proof of the outage length and that all users of the client were affected |