Service Level Agreement
Applicable on all commercial services of C42 d.d. 23-06-2016
Table of content
1. Latest updates
New in this version (23-06-2016)
Added maintenance of non-standard services
New in the version of (24-05-2016)
New in the version of 01-11-2015
New in the version of 27-04-2015
Parties to the agreement
All commercial C42 services are provided by C42 or it’s subcontractors. Therefore this is an Annex to a contractual agreement between Ambit B.V. operating under the name of C42, located at the Oude Delft 207, 2611 HD, in Delft, registered at the chamber of commerce under the number of 52184935 (hereinafter referred to as "C42" or “the Supplier”) and Client (hereinafter referred to as “the Client”).
This agreement outlines the terms and conditions under which the Supplier will provide specified Services (collectively referred to as “the Services”) to its Client or its Affiliates. The objective is to provide a basis and framework for the delivery of high quality services that meet the needs of the Client.
This Agreement commences on the Commencement Date (sign up date) for an initial period of at least 30 days. Thereafter, the Agreement will be automatically renewed monthly for successive monthly periods unless notice is received at least 30 days before such an expiry date.
The Supplier will provide to the Client, at least 30 days written notice of any price changes due to take effect from each renewal date.
It is understood and agreed that this Agreement does not grant to the Supplier any exclusive rights to do business with the Client and also that the Client may contract with other suppliers for the procurement of similar services. Nothing in the Agreement prevents the Supplier from marketing, developing, using and performing similar services or products to other potential clients.
3. Scope of work
All standard services to be delivered under this agreement are provided as SaaS (Software as a Service), PaaS (Platform as a Service) or DaaS (Data as a Service) and are made available through (web) API, services or applications.
Non-standard services to be delivered under this Agreement are as listed, described and specified as:
The availability, operational reliability and response times of the Standard Services to be delivered under this Agreement are as specified as:
* Availability is calculated by the following formula: A = (T – M – D) / (T – M) x 100%
A = Availability
T = Total Monthly Minutes
M = Maintenance Time (routine and scheduled maintenance)
D = Downtime (unscheduled downtime)
Service performance concurrent requests
In order to ensure the best quality service for all of our accounts, C42 operates based on a fair use policy regarding concurrent requests. We recommend for both your own and our other users benefit to request no more than 6 concurrent API requests. Concurrent API requests are requests sent within the same 1 second interval.
C42 works during the whole process only with hosting- and service providers that are residing in the European Union and work within the boundaries of the European judiciary system. In this way C42 meets the requirements to not to adhere to the United States of America’s Patriot Act.
Third party dependency
Supported browsers & OS of non-standard services
The actual marketshare is defined based on the statistics provided by Statcounter. You can check the latest statistics at:
* YYYYMMDD should be replaced with the actual date of delivery, e.g. 20420101
Maintenance of non-standard services
The maintenance of non-standard services (web, mobile or tablet applications) covers corrective (bugfixes and quality/performance improvements) and preventive (testing and updating according to new OS or browsers) maintenance. The development of new features or a change of service is not included in this agreement.
End user terms (EULA)
All individual end users need to accept the standard end user terms that are applicable for the C42 services. C42 keeps record of the consent of users through a detailed audit trail containing, but not limited to, the date, time, and User ID of acceptance of these terms.
All API end users need to accept the standard API licence that is applicable for the C42 services.
Open Source Licenses
C42 makes use of open source licenses. An overview of all licenses used is provided on: http://cal42.com/13342
Public source code
The public repository including licenses and documentation of by C42 published source code is available on http://calendar42.org/
5. Incident management
Support and Service desk Services
The Supplier will provide ongoing assistance to the Client to support the Services provided. This will include comprehensive Service desk facilities and Maintenance and Support services.
Incidents should be reported clearly indicating the priority level of the incidents according to the following format:
The incident priorities are defined by assessing its impact and urgency, where:
If incidents are defined to rate urgency and impact the following priority levels are applicable (urgency/impact):
Our reply will contain one of the following scenario’s:
Dedicated support or a more thorough analysis provided by C42 can be offered for a standard rate of €125,-/hour, we will include in our response an estimation of time required. After acceptance of this quote, we will start with executing the work required.
Our service desk is active during office hours 9:00/18:00 CET/CEST
Incident resolution time
To ensure that the Client receives senior management attention
To ensure that the Client receives senior management attention on unresolved issues, the Supplier operates an incident escalation procedure in order that any unresolved incidents are notified to the Supplier's operational and management personnel on a priority basis dependent upon the severity of the incident.
6. Service updates, changes and patches
All our services are enabled using a Development, Testing, Acceptance and Production (DTAP) street.
Functional updates or new code releases are developed based on 3-n weekly iterations and made available on the C42 acceptance environments for a period of at least 1 week before being deployed to production.
All change notes relating to new releases will be published here.
C42 strives for maximum backwards compatibility and will actively inform Clients in the case of an exception.
In case of functional and/or security incidents that require immediate code patches or releases these patches will be deployed as soon as possible to our Acceptance environments and after thorough integration and smoke testing deployed during the maintenance windows on the Production environments.
Acceptance environments are clearly marked by its subdomain (e.g. beta.calendar42.com/app). The Acceptance environment comes with an Best Effort SLA and might be periodically erased of all of it’s data. It is therefore highly discouraged to use the Acceptance environment for anything else then acceptance tests or as a playground for external development on top of the C42 platform.
Changes to services
Either party may propose changes to the scope, nature or time schedule of the Services being performed under this Service Level Agreement. The parties will mutually agree to any proposed changes regarding adjustments to fees and expenses as a result of any changes to the Services.
7. Performance, tracking & reporting
Key personnel changes
Key personnel are not required to be specifically named within this Agreement unless stated otherwise but the Supplier will notify the Client in advance of changes to any key personnel that could affect the delivery of the Services to the Client.
Client may terminate the Agreement should Client be of the opinion that – and is in the position to substantiate that – it cannot do business with this change in key personnel.
Key subcontractors changes
Key (sub)contractors are not required to be specifically named within this Agreement unless stated otherwise, but the Supplier will notify the Client in advance of changes to any key (sub)contractors that could affect the delivery of the Services to the Client.
Client may terminate the Agreement should Client be of the opinion that – and is in the position to substantiate that – it cannot do business with this subcontractor.
The performance of each individual Service will be monitored. A real-time status dashboard and incident list is provided via this dashboard. Several methods are being used in order to monitor the complete C42 platform, ranging from visitor and usages statistics to real-time performance monitoring.
The security of the production and development environments of C42 has been thoroughly tested by external organisations, and has for example successfully passed the "Security Healthcheck" of the Information Security Forum.
C42 is open for external security checks, audits and penetration tests as long as this will not harm the operational infrastructure and services of C42.
Service Review Meetings
Service Review meetings can, on the Client’s request, be held on a quarterly basis at the Suppliers offices. Upon request quarterly reports can be provided.
The issues to be covered will include (if applicable):
Penalties for non-compliance
On a per-Service basis, for each month in which the availability is below the targeted average as calculated in Service availability, Supplier will reduce the amounts due and payable to it relating to such Service for such month by 5%. In addition, for every 1% loss of availability below the targeted average availability during the same calendar month, Supplier will further reduce the amounts due and payable to it relating to such Service for such month by another 5%.
On a per-Request basis, for each support & service desk request that is not handled as defined in Support and service desk services and notified by Client toSupplier,Supplier will reduce the amounts due and payable by Client for the same calendar month by 5%.
In all cases, the maximum, aggregate cumulative SLA credit/penalty in any given month for any given Service and for all service levels combined, is 25% of the underlying fees for such Service for such month.
8. Client duties and responsibilities
Supplier is responsible for providing and distribution of software updates and or improvements relating the Standard services. These up-dates will be provided to Client without costs. Client is responsible for ensuring to be able to handle the latest version of the software provided under the standard services.
Requests will be charged based on actual usage according to the price model agreed. When you expect to surpass your current bundle you are obliged to inform us upfront (at first convenience).
Approvals and Information
The Client will respond promptly, and in any case, within ten (10) working days, to any Supplier requests to provide direction, information, approvals, authorisations or decisions that are reasonably necessary for the Supplier to perform the services, including inaccuracies in invoices or reports.
The Client will pay accepted invoices within the 30 day payment term, referring to the invoice number stated on the invoice provided.
All prices are defined in Euro and excluding VAT (BTW: 21%).
At the first of every month the actual requests will be calculated based on the actual executed requests. When more requests have been executed then your plan providers, your plan will be raised to this new level.
Supplier will provide Client with digital invoices meeting Dutch requirements stated by law and clearly stating the charged plans, including a summarised report of the actual amount of requests (at least on a total amount of request per charged service base).
Supplier can adjust it’s pricing once a year based on the “prijsindexcijfer van de consumentenprijsindex (CPI) januari 2013 =112,77 (2006 = 100%)” as published by the Centraal Bureau voor de Statistiek (CBS).
10. Warranties and remedies
Quality of Service
The Supplier warrants that the Services will be performed in a professional and workmanlike manner consistent with industry standards reasonably applicable to such services. If the Client considers that a breach of this warranty has occurred and notifies the Supplier in writing stating the nature of the breach, then the Supplier will be required to correct any affected services within two (2) working days in order that they comply with the warranty. If Supplier is not able to correct the services, Client has the right to terminate the Agreement with immediate effect.
If, as a result of the Supplier’s negligence, the Client or Client’s employees suffer injury or property damage, the Supplier will reimburse the Client for that portion of any damages for which the Supplier is found to be liable.
Third party claims
The Supplier warrants that any works of authorship written by the Supplier’s personnel will not infringe any third party copyrights, patents or trade secrets. If a third party takes action against the Client for any infringements of this nature, then the Supplier will, at its own expense, settle the claim or arrange to defend the Client in such proceedings, and, in such circumstances, the Supplier will pay all settlement costs, damages, and legal fees and expenses finally so awarded.
The Supplier is not responsible for any infringements to third party copyrights, patents or trade secrets where the Client has made amendments to original documents and similar works prepared by the Supplier without the express approval of the Supplier, or where the Client fails to use the most recent versions of such works that have been delivered by the Supplier.
Remedies for breaches
In the event of any defective performance from the Supplier or failure to furnish the agreed level of service, the Supplier will make reasonable efforts to restore the service to a good operating condition within two (2) working days.
Except in respect of payment liabilities, neither party will be liable for any failure or delay in its performance under this Agreement due to reasons beyond its reasonable control, including acts of war, earthquake, flood, riot, embargo, sabotage, governmental act or failure of the Internet, provided the delayed party gives the other party prompt notice of the reasons for such cause.
Supplier is always entirely responsible for Supplier’s (non-)affiliated subcontractors and -third parties used to execute part of the Services. Supplier shall enforce the same requirements as set out in this Agreement upon these subcontractors, who must in turn do the same with their (sub-) subcontractors if any.
Supplier is responsible for the correct execution of Services by (sub)contractors used by Supplier. Supplier hereby indemnifies Client for any liability of Supplier, and/or its subcontractors, towards Supplier personnel and (sub-) contractors, their personnel, with regards to activities performed in favour of Client, of any nature whatsoever.
11. Access policy and security
The Client is to ensure that the Supplier’s employees and sub-contractors are given necessary access to the software and systems in order that the Services may be delivered and maintained in accordance with the terms of this Agreement.
Compliance with Client Security Policies
In the event that the Client operates formal security policies, the Supplier will ensure that its employees are made aware of such policies and will also ensure ongoing compliance with these policy statements. The Client will provide the Supplier with up to date information on its security policies and will keep the Supplier informed about any changes to these policies.
Information and data security measures
The Supplier will manage information and data security with reasonable efforts to restrict unauthorised access. The Supplier will make best endeavours in accordance with recognised industry standard to ensure that its employees and representatives are fully aware of the risks associated with information and data security issues. The information the Client provides the Supplier with will be stored on secure servers. Transaction of data is encrypted (AES) for the Client’s safety. Supplier ensures to stay up-to-date with the developments in cryptography and security: updating the implemented security measures when needed.
All C42 infrastructure is protected by a firewall on the network. This enables protected public access to our services. For more extensive (server level) access by C42 and (network) administrator VPN connections are required.
Separation of data
Access to data at the application level for our different Clients or end-users is based on built-in ACLs (Access Control Lists).
In order to prevent the loss of personal information, all (personal) data stored on C42 servers is backed up and stored securely on at least two separate locations. C42 has the ability to do point-in-time database restores over the last seven days for the purposes of specific data retrieval.
For forensic and/or research purposes our weekly full database backups are made based on a grandfather-father-son rotation scheme. Respectively the daily backups are stored for a week, the weekly backups for a month and the monthly backups for a year.
Our complete servers system are on a nightly full backup rotation scheme of which the data is also stored off-site for 7 days. In case of an emergency the newest available backup will be used for data recovery.
The Supplier will ensure that information and data under its responsibility is properly backed up and also that arrangements are made for recovery processes to be installed to minimise any potential disruption to the Client’s business. The Supplier is required to ensure that proper measures are in place to enable continuation of services in the event of unexpected disruptive events. These measures should include implementation and pre-testing of formal disaster recovery and business continuity planning within the Supplier’s business.
C42 provides the services of a collective SaaS escrow which can be added to this standard Service Level Agreement. Request more info...
In order to provide you with our services and to improve our platform as fast as possible, we need to collect and process data of you in the following ways:
Our use of your information
Information stored or collected regarding your usage of our services is solely used for providing you and our end users with our services, billing, communicating about, and improving our services.
We will never share or sell your personal data to third parties.
C42 reserves the right to anonymise and aggregate personal data which will be used for research and development purposes and may be disclosed to external partners. This aggregated data could provide a basis for statistics about events including, but not limited to, the amount of subscriptions and amount of recommendations. This information will never be connected to any personal information, neither directly or via any traceback.
All data we collect about you and your usage of our service is accessible by you as a Client. If you wish to have access to our data collection of your (personal) information this if free of charge for the first request, we are required to request proof of identity. Multiple or following requests will be charged with a processing and administration fee of €5,-.
13. Intellectual property rights and confidential information
Ownership of information
The original source data owner is and remains the rightful owner of their (personal) information.
Intellectual property rights
Both parties acknowledge the intellectual property rights of the other party whether registered or not.
The term “Confidential Information” means any and all information that by its nature is confidential, irrespective of the form of communication, such as but not limited to non-public proprietary and confidential know-how, brand strategy, tools, marketing plans, specifications, instructions and all further data and other information, which is furnished by Client to Supplier now or in the future and all other Confidential Information of which Supplier came aware during this agreement.
Supplier shall keep the Confidential Information strictly confidential and shall not disclose the Confidential Information to any person, firm or company whomsoever except to persons directly involved and to whom it shall be essential to disclose the same (and Supplier shall impose upon all such persons the same confidentiality clause).
The obligations do not extend to any Confidential Information which:
14. Legal compliance and resolution of disputes
This agreement is created and interpreted in accordance with the law of the Netherlands. The competent court in Amsterdam, The Netherlands, has the exclusive authority to be informed of all disputes with respect to this agreement.
In the event of dispute, the parties will attempt to resolve any such disputes through informal negotiation and discussion. Formal proceedings should not be commenced until such informal negotiations and discussions are concluded without resolution.
Termination after initial Agreement term
This Agreement commences on the Commencement Date for an initial period of at least 30 days. Thereafter, the Agreement will be automatically renewed monthly for successive monthly periods unless notice is received at least 30 days before such an expiry date.
The Supplier will provide to the Client, at least 30 days written notice of any price changes due to take effect from each renewal date.
Termination for Convenience
Either party may terminate this agreement at any time by giving at least 30 days written notice to the other party.
Termination for Cause
If either party fails to perform its obligations under this Agreement, and does not, within 30 days of receiving written notice describing such failure, agree to take measures to cure such failure, then this Agreement may be terminated forthwith.
Payment on termination
In the event of termination of this Agreement for any cause, the Supplier will continue to be paid up to the effective date of termination for any fees or expenses due for services delivered up to that date.
Notices required under this Agreement are to be sent to the contact information as provided by Client. Notices are to be sent in writing by either registered post, electronic post, recorded post, express courier service or be delivered personally.
Standard of care
Each party will act in good faith in the performance of its respective duties and responsibilities and will not unreasonably delay or withhold the giving of consent or approval required for the other party under this Agreement. Each party will provide an acceptable standard of care in its dealings with the other party and its employees.
This Agreement shall be binding on the parties and their respective successors and assignees. Supplier may not assign this Agreement (or any of the rights, claims, benefits or obligations under this Agreement) without the prior written consent of Client, which consent shall not be unreasonably withheld or delayed.
Client may assign the Agreement or part of its rights and delegate all or part of its duties hereunder to one or more affiliated companies and will inform Supplier in writing after this assignment. Supplier hereby confirms that it accepts this assignment to affiliated companies unconditionally. Notwithstanding such an assignment, Client shall remain responsible for the due fulfilment of all the obligations under the Agreement unless otherwise agreed in writing.
This document constitutes the entire agreement between the parties and supersedes all other prior agreements between the parties for the provision of such services.
Supplier is not directly related to any external information provider or third party unless specifically stated otherwise.
This Agreement can change over time. The latest version of this agreement is available on our website. When we change this agreement we will notify you and we will request acceptance of these changes before you are able to continue to use our service(s).
Please feel free to contact us with queries, requests, or comments you may have about our Service Level Agreement. We welcome any communication via this email address: firstname.lastname@example.org
17. Additional services & terms
Our standard services include the delivery (in an aggregated way) of standard (public) data services on which specific terms apply. Accepting these services, also results in accepting the specific terms applicable to our standard services as defined in the following schedule:
Our data will be updated according to the following schedule:
Our software will be updated according to the following schedule:
Article 4 of the Dutch Databank Law (Databankenwet) states that user of a database which is made available to the public may not perform acts which brings the normal exploitation of the database in danger or creates unjustified harm to the producer of this database.
“De rechtmatige gebruiker van een databank welke op enigerlei wijze aan het publiek ter beschikking is gesteld, mag geen handelingen verrichten waardoor hij de normale exploitatie van de databank in gevaar brengt of ongerechtvaardigde schade aan de producent toebrengt.”
In the context of this article datadumps towards third parties (such as C42) are only provided under strict conditions. One of these conditions is that the data may not be used for commercial targets such as (Direct) Marketing and only be offered in the context of the intended use: Bag42 linked (reverse) geocoder.
The BAG is provided under a Public Domain License and therefore freely available and may be used for both commercial and non commercial purposes.
OpenStreetMap is open data, licensed under the Open Data Commons Open Database License(ODbL). You are free to copy, distribute, transmit and adapt this data, as long as you credit OpenStreetMap and its contributors. If you alter or build upon this data, you may distribute the result only under the same licence. The full legal code explains your rights and responsibilities.