BuildSafe Service Level Agreement (SLA)
1. Agreement Overview
1.1 BuildSafe Sweden AB, company Reg. No. 559001-9179, Sveavägen 166, 113 46 Stockholm, Sweden (“BuildSafe” or “we”) provides the service BuildSafe (the “Service”) to its customers (hereinafter referred to as the “Customer”) under the terms stated in the Agreement and the General Terms and Conditions.
1.2 If the Agreement also contains this Service Level Agreement as an appendix then this appendix acts as a specification for its provisioning of the services required to support and sustain the Service.
1.3 This Service Level Agreement remains valid for the duration of the Agreement or until superseded by a revised agreement which will have to be approved in writing by the Customer for validity.
2. Commitment to Security
2.1 At BuildSafe we respect our customers data, its sensitivity and the value it holds.
Therefore, we are committed to putting considerable efforts into protecting your data and make sure protecting your data is the fundament for our business, and every bit as important as the sum of our operations.
3. Infrastructure, Data Storage and Encryption
3.1 All our services and data are stored and hosted in Amazon Web Services (AWS) facilities in Ireland and distributed across three different data centers (Europe (Ireland) Region, EC2 Availability zones: 3).
All servers are within our own virtual private cloud (VPC) with network access control lists (ACL’s) that prevent unauthorized requests getting to our internal network. By communication over a Hypertext Transfer Protocol within a connection encrypted by Transport Layer Security (HTTPS), we make sure that all data sent to or from BuildSafe is encrypted.
All data is stored in multi-tenant datastores; however, we have developed strict controls in both our architecture and application code to ensure data privacy and to prevent any unauthorised access to our customers’ data.
4.1 We use Amazon S3 services for our dedicated backup and archive storage. Backup of static and dynamic data is performed continuously in order to provide fast data recovery to our customers.
Every backup process is logged and team is immediately informed of any errors to prevent data loss.
5.1 We measure our reliability in terms of service uptime which we guarantee to be 99.9% or higher at any time during a 30-day running interval.
Downtime is defined as the time when the customer is unable to access the service but does not include downtime due any of the following reasons:
a) Maintenance that has been previously notified
b) Systemic Internet failures
c) Failures due to customer’s actions, hardware, software or network connection
d) Force majeure or other issues outside of the direct control of BuildSafe
If we deviate from this reliability metric with more than 0,9 percentage units we will indemnify the customer with a 15% discount on the invoice for that month. The total indemnification during any given month will be limited to 15% so this indemnification cannot be combined with indemnifications from deviations in the responsiveness metrics.
See section 9. Monitoring and Reporting of Service Levels below for more info.
6.1 We employ incident response plans as a formal procedure for security incidents. When such incidents occur, they are reported in our emergency channel where responsible teams are notified and assembled to address the issue. Each incident is reported and analysed for the future prevention of such instances.
Our responsiveness is measured by our response time which we during business hours guarantee to follow the limits in the table below:
Level Definition criteria Response time
1 Unplanned interruption rendering the services unavailable 15 minutes
2 Services unavailable for single user or small percentage of users affected 60 minutes
3 Minor intermittent problem 120 minutes
In case of a disaster we can recover the service from our latest backup version within 2 hours from our internal problem detection.
If we deviate from these responsiveness metrics we will indemnify the customer with a 15% discount on the invoice for that month. The total indemnification during any given month will be limited to 15% so this indemnification cannot be combined with indemnifications from deviations in the reliability metric.
7. Maintenance Procedures
7.1 All updates and maintenance are planned minutely in advance so as not to interrupt our customers use of the service.
The service is constantly updated through the process of a continuous deployment approach where patches and bug fixes are deployed without service interruption which therefore do not prompt any notifications to customer.
The customer is notified about service feature updates after deployment through our internal chat support function with a short information about the updates and how they improve the service.
All scheduled maintenance is notified to the customer at latest 48 hours in advance through email and internal chat support function.
Emergency maintenance may be initiated without prior notice in order to secure the continuous service and protection of our customers’ data.
8.1 We operate an in-service chat and phone support channel that is available at all hours of the day. During 07.00 and 17.00 CET on Swedish business days we respond within 15 minutes. Outside of those hours we respond at the start of the following Swedish business day.
Our support phone lines are available at:
Sweden: +46 8 480 011 00
UK: +44 203 966 08 00
9. Monitoring and Reporting of Service Levels
9.1 We continuously monitor and log our service’s compliance with reliability and responsiveness. We also monitor and log user activity for both web and mobile applications for access and error logs for support and quality assurance.
For auditing and information purposes we can deliver a “Service Level Report” and give access to level monitoring logs at request.