Service Level Agreements

Service Level Agreements

PromeroMDR - Alert Logic Service Level Agreement

1). Service Level Agreement. Subject to the exceptions set forth herein, Alert Logic agrees that it will provide each Service at or above the service levels defined below (the “Service Level Agreement“). This Service Level Agreement does not apply to any free-trial, Pilot Program or beta

a) Alert Logic will provide 99.5% monthly availability for its Services. Availability will be calculated as follows for each calendar month that the hosted services are available through the Internet and that Customer has established connectivity:

“Total minutes” means the total number of minutes in the calendar month.

“Downtime” means minutes during the month that the Commerce Platform Services are not available (including Excluded Downtime).

“Excluded Downtime” includes: (i) planned downtime minutes for the month, which shall include the Alert Logic standard maintenance window and any period for which Alert Logic gives 3 day or more notice that the service will be unavailable; and (ii) any unavailability caused by circumstances beyond Alert Logic’s reasonable control, including without limitation, (a) Force Majeure Events, (b) computer or telecommunications failures or delays involving hardware or software not within Alert Logic’s possession or reasonable control, (c) network intrusions or denial of service attacks, or (d) Customer supplied hardware, software or materials or any acts or omissions of Customer or its agents, including without limitation failure to provide up-to-date SSL certifications and keys.

b). Alert Logic will notify Customer at least 3 days in advance of any additional planned maintenance occurring outside of the scheduled maintenance window and make efforts to accommodate Customer’s needs regarding such additional planned maintenance. Alert Logic will provide Customer as much notice as possible when unplanned maintenance occurs.

c). For Customers purchasing ActiveWatch, for all environments for which ActiveWatch services are deployed and properly configured (“Protected Environments“), Alert Logic will escalate detected security incidents for Protected Environments within 15 minutes of their detection by ActiveWatch. The 15 minute time period is measured from when ActiveWatch detects a security incident to the time the security incident is initially escalated to the primary customer contact via automated system log, email, or phone call.

d). For Customers purchasing review services (e.g., LogReview), Alert Logic will (a) review data for the prior day within 24 hours, (b) escalate potential security incidents detected by the review services to Customer upon detection and (c) maintain an audit trail of review activity on a daily basis that is accessible online.

e). Alert Logic will respond to properly submitted service requests within 2 hours of receipt and either resolve or escalate properly submitted service requests within 24 hours of Service requests must be submitted via Alert Logic’s web portal, e-mail or telephone.

f). Initial response time for properly submitted support requests related to Inline Devices will be within 15 minutes of receipt. The Inline Devices must be online and accessible to Alert Logic for support to be For support requests related to potential block events, Customer must provide Alert Logic with the Incident ID found on the blocking page of the Web Security Manager product.

g). Customer must provide up-to-date SSL certificates and keys in order for Alert Logic to tune or configure the Web Security Manager and Threat Manager products for monitoring and protection of HTTPS traffic. Alert Logic is not responsible if Customer fails to provide up-to- date certificates and

h). For Web Security Manager, Log Manager or Threat Manager instances deployed on Customer hardware, Alert Logic will not be responsible for any hardware-related issues and if not deployed on the most current minimum recommended hardware specifications, Alert Logic will not be responsible for supporting degradation of

For Alert Logic Cloud Defender that is fully provisioned to utilize Threat Manager, Log Manager and out-of-band Web Security Manager, Alert Logic agrees that it will provide Service at or above the service levels and subject to the limitations set forth in (a), (b), (c), (e), (g) and (h), defined above. For Alert Logic Cloud Insight, Alert Logic warrants that it will provide Service at or above the service levels and subject to the limitations set forth in (a) and (e) defined above.

 

Reliability for Hosted Services
Monthly Uptime Percentage Service Credit Percentage (percentage applies to total monthly Services fee*)
<99.5% 5%
<98.5% 10%
<97.5% 15%
<96.5% 20%
<95.5% 25%
e e

 

ActiveWatch 15-Minute Escalation Commitment
Monthly Failures Service Credit Percentage (percentage applies to monthly ActiveWatch fees*)
< 5 10%
5 or more 25%

 

Review Services 24-Hour Reporting Commitment
Monthly Failures Service Credit Percentage (percentage applies to monthly Service fees*)
< 5 10%
5 or more 25%

 

Submitted Service Requests 2-Hour Response Commitment
Monthly Failures Service Credit Percentage (percentage applies to total monthly Services fees*)
< 5 1%
5 or more 2%

e

Inline Device Service 15-Minute Commitment
Monthly Failures Service Credit Percentage (percentage applies to Inline Device monthly fees*)
< 5 occurrences 10%
5 or more occurrences 25%

* If payments or fees are paid in advance (i.e. annually)(the “Advance Fees“), then the monthly fees stated in the table above are equal to the Advance Fees divided by twelve.

2). Remedies: In the event that Alert Logic fails to provide a Service at the level required by the Service Level Agreement, Customer’s sole and exclusive remedies, and Alert Logic’s sole and exclusive liability, are as set forth in this Service Level Agreement (the “Remedies“). For Services purchased as part of a suite, the Service Credit will be based on the pro-rata portion of the cost of the applicable Service which did not meet the Service level requirement, except as provided herein, as determined by Alert Logic in its reasonable discretion.

3). Customer Must Request Remedies. In order to receive any of the Remedies, Customer must notify Alert Logic via email to AR@AlertLogic.com within seven (7) days from the date Customer becomes eligible to receive such Failure to comply with this requirement will forfeit Customer’s right to receive such Remedies.

4). Remedies Shall Not Be Cumulative; Maximum Remedy; No Remedies if Delinquent. The Remedies set forth herein are not cumulative. The aggregate maximum Service Credit for any and all failures to provide Services at the level required that occur in a single calendar month shall not exceed one calendar month of Service Credit. If Customer is late in making any undisputed payments owing pursuant to this MTC at the time of the occurrence which would otherwise entitle Customer to Remedies, none of such Remedies shall be available to

5). Excluded Services. The Service Level Agreement does not apply to any Services that expressly exclude this Service Level Agreement as stated in the Order Form for such

6). Customer Not Eligible. Service interruptions or failure to achieve the Service at the level required by the Service Level Agreement will not be eligible for Service Credits or Remedies in the event Customer does not comply with Section 2.2(b) of the MTC or is delinquent in making payment of undisputed fees. Earned Service Credits or Remedies won’t be applied until Customer is current on all payment obligations.

PromeroMDR Managed Services Service Level Agreement

  1. Scope of Support Services. Licensor Promero shall provide to Customer Support Services in accordance with the terms of this Exhibit Support Services will include the following:
        • Telephone support to resolve Performance Problems
        • Investigation of all reported incidents
        • Corrections to the customer’s environment (with customer pre-approval)
        • Suggest workarounds or alternative remediations if available
  2. Responsibilities of Customer. Customer will report any support, malfunctions, outage or service issue promptly to Promero. All critical communications (Severity Level 1 or Level 2) must be delivered via telephone by dialing 954.935.2380 or 954.935.8800 (option 5 for technical support) and by submitting a service ticket at https://www.promeromdr.com/technicalsupport/. Any non-critical (Severity Level 3 or Level 4) support communications can be submitted at https://www.promeromdr.com/technicalsupport/ If you need to send a file or screen shot to better explain the situation, send attachments to support[at]promero[dot]com.
  3.  Responsibilities of Promero. Promero shall provide Support Services subject to the conditions stated herein. In furtherance of the above, Promero shall:
        • Provide 7×24 telephone support to Customer through Customer’s Designated Representatives, excluding Promero designated holidays. Promero will provide Customer a list of scheduled Promero holidays, and notify Customer of any changes to Promero holidays in writing at least thirty (30) days in advance of those changes.
        • Investigate and supply any necessary modification to The Service.
        • Inform Customer’s Designated Representative, after initial investigation of a reported incident, of the nature of the problem.
        • With the prior approval of Customer, assist Customer and cooperate fully with third parties in order to improve the performance or utilization of The Service, the identification of whether software malfunctions are related to The Service or the hardware equipment malfunctions, and the identification of malfunctions in software supplied by Customer or third parties.
        • Promero will provide, upon Customer’s request, the Customer Designated Representative (a) a written report of the resolution of the error, and (b) a monthly written summary of remedial procedures then in process for any material failure not yet resolved

PromeroMDR Managed Services Service Level Agreement

    • Telephone Support Service. Promero shall establish and maintain the organization and processes to provide 7×24 Support Services for The Service. Telephone Support shall include but not be limited to (a) a direct response to Customer with respect to inquiries concerning the performance or operation of The Service, (b) a direct response to Customer with respect to problems or performance deficiencies with The Service, (c) a diagnosis of problems or performance deficiencies of the Service, and (d) a resolution of problems or performance deficiencies of The Service.
    • Promero will provide frequent status updates regarding open issues reported.
    • Promero will provide preferential “go to the head of the line” treatment to Severity Level One problem calls, which will be answered before standard service calls.
    • Promero will provide corrections or Remedy to Program error with the effort and response times commensurate to the levels described in the table below. The Service Level Warranty shall not apply to Performance Problems (i) caused by factors outside of Promero’s Sole Control; (ii) that resulted from any actions or inactions of Customer or any third parties; or (iii) that resulted from Customer’s equipment and/or third party equipment not within Promero’s Sole Control.
    • Performance Problems.
        • (a) “Severity Level One” – Critical Performance Problems that render The Service inoperable and/or cause it to substantially fail to perform as designed. Examples of Critical Problems include a major system impact or system down condition.

Privacy Policy

Privacy Policy – Promero will not trade, sell, or disclose to any third party any form of customer identifiable information without your consent (except as required by subpoena, search warrant or other legal process or in the case where failure to disclose information will lead to imminent harm to the customer or others). This includes information derived from registration, subscription, and use of the Promero Service

Collection / Use of Information: Promero may collect and use customer identifiable information for billing, provisioning of service, to solve problems associated with service, and to inform customers of new products or services that will better meet their needs. Promero may use customer identifiable information to market products and services to the customer, but will not disclose or make available any customer identifiable information to any third parties seeking to market products. If you choose not to participate in direct marketing of new products and services from Promero, your information will not be used for the purpose of marketing new products.

Security: Promero has invested and deployed a wide variety of technology and security features to ensure the privacy of customer information on its network. In addition, Promero has implemented strict operations guidelines to ensure customer privacy is safeguarded at every level of its organization. Promero will continue to revise policies and implement additional security features as new technologies becomes available.

Communications: Promero will not read, listen to or disclose to any third parties private e-mail, conversations, or other communications that are transmitted using the SERVICE except as required ensuring proper operation of services or as otherwise authorized by law. However, notwithstanding anything to the contrary contained herein or in the Privacy Policy, Promero reserves the right, but not the obligation, to monitor or disclose the private information you provide when using the SERVICE, including the contents of your email, voice and text messages, and recipient lists, if Promero, in its sole discretion, believes that such action is necessary: (i) to comply with applicable law, valid legal process or other legal requirements of any governmental authority; (ii) to protect Promero rights or property; (iii) to enforce Promero’s agreements with you; and (iv) to protect the interests of other Promero subscribers or any other person. In addition, Promero reserves the right under appropriate circumstances to disclose the identity of a subscriber or a recipient of any communication delivered by you using the Virtual Call Center or other Promero services to third parties in response to a valid legal subpoena and to otherwise cooperate with legitimate police and government inquiries and lawful civil proceedings.

Unlawful Activity: Promero may use customer identifiable information to investigate and help prevent potentially unlawful activity or activities that threaten the integrity of SERVICE service or network integrity or otherwise violate Promero’s Customer Agreement.

Children’s Privacy Policy: Promero does not sell products or services for purchase by children. Promero does not knowingly solicit or collect customer identifiable information from children or teenagers under the age of eighteen. In addition, Promero will not knowingly link to any third party web site that solicits or collects customer identifiable information from minors. If you believe that a minor has disclosed personally identifiable information to Promero, please contact Promero at tech [at] promero [dot] com so that the information can be promptly removed.

 


By clicking the ‘Submit Button’ you agree to be bound by the terms and conditions of this agreement and any subsequent license agreement for the software.

Service Level Agreement Acceptance - MDR