Service Level Agreement (SLA) for Hosted Services

1. Purpose

This page sets out the level of availability clients using our hosted services can expect from Callout Computers and the support that they can expect to receive for any issues that arise.

Please note that Callout Computers do offer multiple hosted services and the services and support provided for each one differ considerably. For example our web hosting packages do not generally include website alterations, code updates, security updates or maintenance of any kind, other than to ensure that our service remains available and stable. Any services required outside of the service offered would be chargeable at our standard rate. Please confirm with us, before commencing your service, what is included and not included with the service you are looking to use.

This agreement serves the following purposes:

– Provide clear reference to service ownership, accountability, roles and/or responsibilities.
– Present a clear, concise and measurable description of our services to the client.
– Match perceptions of expected service provision with actual service support and delivery for our hosted services.

2. Service Agreement

The following services are the responsibility of Callout Computers during the agreement period.

2.1. The following services are covered by this agreement:

– Telephone support.
– Email support.
– Software & security updates appropriate to the hosted service you are using.
– Regular backups of client data.
– Facilitating with client requirements such as security testing, auditing, software delivery & day-to-day client configuration and use of the system.

2.2. What is required by the client

The client is responsible for the following under this agreement:

– Payment for all support costs within the agreed time frame.
– Reasonable availability of the client (or representatives) when resolving a service related incident or request.
– Provision of client contact details who can be informed of any actions resulting from this agreement (including maintenance window notifications).
– Providing Callout Computers with a minimum of 1 weeks notice for any modification, testing or action that could result in our service being impacted.

2.3. What is required by Callout Computers

We are responsible for the following under this agreement:

– Ensuring an uptime of 99.95% for our network and power infrastructure at our key datacentre(s).
– Meeting the response times associated with any service related incidents as described below.
– Appropriate notification to the client for scheduled maintenance and scheduled downtime through our status portal.
– Ensuring that our hosting facility, core network and data is secured.
– That security updates and bug fixes are applied with a reasonable time as determined by us and third parties.

2.4. Service Assumptions

– An on-site nightly backup of all client data (excluding cloud backup service) will be carried out and verified.
– A weekly off-site backup of all client data (excluding cloud backup service) will be carried out.
– Any changes to your service will be communicated via this document a minimum of 30 days before they are to take effect.

We do not cover service related incidents caused by the following in our hosted services agreement:

– Client’s local network or internet connection. We are happy to assist with resolving these issues however they will not count towards unscheduled downtime of our service.
– Any client or third party configured settings that could affect the performance of our hosted services. This includes but is not limited to firewall configuration, bandwidth shaping or PC configuration settings.
– Client’s domain names which are managed by the client or a third party, excluding domains managed by ourselves.
– Any service requests that require major changes will be classed as change requests and charged at our standard hourly rate. This can include (but are not limited to) software installation/uninstallation, hardware alterations or relocation of equipment.

3. Service Provision

At all times we will host all client data in a datacentre and maintain a core network that meets or exceeds the following requirements for capacity, security and resiliency:

Category Requirements
Physical Security 24/7/365 Manned security gate with ID and pass check to gain entry to the facility
Personal Access Card (PAC) to gain access to the datacentre building
Locked data cabinets with restricted access to directors of Callout Computers
100% interior CCTV coverage, monitored
Digital Security Network segmentation of customer machines & data
Maintenance of firewalls at network entry points with business requirement check on all changes
SSL/TLS security used for all external communications and internal communications where required
Extensive organisation policies to control data access, account security & third party access
Protection of Data Nightly on-site backup and verification of all customer data
Weekly off-site backup of all customer data
VESDA (Very Early Smoke Detection Apparatus) and gas based fire suppression to be maintained
Resiliency To use an N+N rated datacentre and network design to protect against individual failures, to include:
– Dual diverse network feeds from London Telehouse (East and West) delivered right through to each server
– Dual power feeds from the national grid delivered right through to cabinet level and into each server
– Separate battery backup & diesel generators attached to each power feed
– Fully redundant air cooling system in N+N designTo provide a redundant network including dual redundant router and switch design to protect against core network component failure
To provide redundancy at a hardware level with enterprise grade components, to include:
– Redundant hard drives & SSD storage for all client data
– Redundant components built into all servers, including power supply, network connections and cooling fans
– Redundant server hosts to protect against complete server failure

4. Service Management

Effective support of in-scope services is a result of maintaining consistent service levels. The following sections provide relevant details on service availability, monitoring of in-scope services and related components.

4.1. Service Availability

At all times we shall ensure that our core network and power is available for 99.95% of your contract length. Our core services, including website hosting, email hosting, cloud sync and network/security monitoring will be available for 99.95% of your contract length. The uptime of other services will be determined by multiple factors, including the type of service, client configuration and client service level requirements. Please discuss this with us before beginning your service.

Any planned maintenance work that we are required to carry out that will involve service downtime will be advised at least 2 days (48 hours) in advance in nearly all instances. Exceptions to this include security updates, released by third parties or ourselves, that require immediate application in order to keep our core network secure, provide a secure service for our client and keep client data secure. All maintenance work will be carried out outside of working hours (usually post 9PM on a Friday or Saturday evening) to ensure the minimum amount of downtime, unless otherwise agreed with the client(s) involved.

4.1. Support Availability

– We guarantee to offer telephone support between 9AM and 5PM, Monday to Friday. Phone support outside of this time maybe available but is not guaranteed.

– We guarantee to offer email support between 9AM and 5PM, Monday to Friday. Emails received outside of this time will be answered on the next working day.

4.2. Service Requests

To support the agreements made in this SLA Callout Computers will respond to service related incidents within the following timeframes:

Critical – Within 30 minutes during the hours of 8AM to 10PM and within 2 hours outside of these times
High – Within 2 hours during business hours (9AM to 5PM, Monday to Friday) and 4 hours outside of these times
Medium – Within 48 working hours
Low – Within 5 working days

The following definitions will be used to determine the priority of service related incidents unless otherwise agreed with the client:

Severity Example conditions Users Impacted
Critical Core network or critical power failure
Unavailability of core services (web, email etc.)
Major security vulnerability requiring immediate attention
> 90% of Callout Computers Clients
High Client server unavailable
Core client software or client service not available
Critical security patch affecting client software
> 90% of client’s users
Medium Client or core service unavailable for some users
Client software/service requiring updates to continue operation
Third party access to client server required
< 90% of client’s users
Low Non critical updates (eg. software upgrades)
Setup of client’s custom software / working with third parties to facilitate
General security patching schedule
< 90% of client’s users

The priority of any service related incident or request not defined above will be agreed at the time between the client and Callout Computers.

* All times stated are in GMT/BST and do not include UK bank holidays.