Service Level Agreement for BindID™

Transmit Security will use commercially reasonable efforts to make the Cloud Service available. As Transmit Security Cloud Services are offered uniformly across all customers, this Support and Service Level Agreement (“SLA”) cannot be modified on a customer-by-customer basis. The following SLA is only for enterprise subscriptions.

Capitalized terms herein shall have the same meaning as defined in the Transmit Security Agreement for Cloud Services and any applicable Schedule or Order Form executed by and between Transmit Security and the Customer (the “Agreement”).

  1. Hours of Operation. Transmit Security products are designed to be available 24 hours a day, 7 days a week, 365 days a year, except during maintenance periods, technology upgrades, and as otherwise set forth in this SLA.
  2. Availability. 
    1. Commencing on Transmit Security’s activation of the Cloud Service to Customer, Transmit Security strives to meet the target service availability of 99.99% for the production tenant (the “Availability Target”).
    2. The foregoing is contingent on the Customer’s adherence to Transmit Security’s recommended minimum technical configuration requirements for accessing and using the Cloud Service from Customer’s network infrastructure.
  3. Measurement of Availability. 

    Following the end of each calendar month of the applicable Schedule Term, Transmit Security measures the service availability of the Cloud Service over the immediately preceding month by dividing the difference between the total number of minutes in the monthly measurement period and any Adjusted Unplanned Downtime (as further defined below) by the total number of minutes in the measurement period, and multiplying the result by 100 to reach a percent figure (“Availability Level”).

    The Cloud Service is considered available in the following scenarios:

    1. Administrators are able to log in to the administrator portal and make any settings changes in it.

    2. The Cloud Service is able to process user and server requests.

  4. Definition of Unplanned Downtime.
    1. The Cloud Service is deployed in resilient computing facilities with resilient infrastructure, redundant network connections, and power at each hosting facility.
    2. “Unplanned Downtime” means any time during which an issue with the Cloud Service prevents the Customer’s connectivity. Unplanned Downtime does not include any time during which the Cloud Service, or any component thereof, are not available due to the following:
      1. maintenance periods (as further discussed below);
      2. circumstances outside of Transmit Security’s control or other Force Majeure events;
      3. any actions or inactions by the Customer or its users (e.g., restarting, stopping, filling up storage, misconfiguring database parameters, installation of third-party agents/software, misconfiguration of security groups, VCN configurations or credential settings, disabling encryption keys or making the encryption keys inaccessible, not allocating adequate resources for Customer’s workload or exceeding limits specified for the Cloud Service, third party malicious acts against Customer or its users, etc.); or
      4. any suspension by Transmit Security permitted under the Agreement.
  5. Adjusted Unplanned Downtime will be calculated as: total minutes of Unplanned Downtime in a given month multiplied by the percentage of Users affected by Unplanned Downtime. Examples of this calculation are provided below for clarity:
    1. If in a given month the Unplanned Downtime affects 5% of Users for a period lasting two hours, the Adjusted Unplanned Downtime will be calculated as 120 minutes x 0.05 = 6 minutes of Adjusted Unplanned Downtime.
    2. If in a given month the Unplanned Downtime affects 50% of Users for a period lasting 10 minutes, then Adjusted Unplanned Downtime will be calculated as 10 minutes x 0.50 = 5 minutes of Adjusted Unplanned Downtime.
  6. If Transmit Security fails to meet the Availability Target during any given month for a production tenant of the Cloud Service and Customer requests a service level credit, then Transmit Security will provide Customer with a credit as described in the table below (“Service Level Credit”). If any Service Level Credits are not used upon expiration of your subscription, then Transmit Security will apply the credits to any other fees or expenses owed by Customer. If there are no such other fees or expenses then Transmit Security will refund the Service Level Credit amount. Service Level Credits are Customer’s only remedy to resolve Transmit Security’s failure to meet the Availability Target.
    1. Apportioned Monthly Fee means the apportioned monthly amount of the Minimum Annual Fee for the applicable contract year.
      Cloud Service Availability LevelService Level Credit
      99.90% – 99.99%5% of the Apportioned Monthly Fee applicable to month in which failure occurred
      99.0% – 99.90%10% of the Apportioned Monthly Fee applicable to month in which failure occurred
      95.0% – 99.0%20% of the Apportioned Monthly Fee applicable to month in which failure occurred
      < 95%50% of the Apportioned Monthly Fee applicable to month in which failure occurred

    Claims. Customers must submit a claim within sixty (60) days of the end of the contracted month that the Availability Target was missed. Service Level Credits cannot exceed 50% of the Apportioned Monthly Fee.

    Exclusions. No Service Level Credits are given for failure to meet the Availability Target related to:

    • Beta, trial, experimental, evaluations, proofs of concept, or no-charge Cloud Services.
    • Test, development or other non-production tenants
    • Preview Features (as defined below)
    • Customer infrastructure failures, including network, hardware, facility, or power.
    • Customer errors or failures to provide needed information or access to resolve an outage.
    • Customer-caused security incidents or security testing.
    • Any exclusions set forth in Section 4.2.
    • Other causes beyond Transmit Security’s reasonable control.
  7. Change Management Policy
    1. Cloud Service Change Management and Maintenance

      The Transmit Security Operations team performs changes to cloud hardware infrastructure, operating software, product software, and supporting application software that is provided by Transmit Security as part of the Cloud Service to maintain operational stability, availability, security, and performance of the Cloud Service. Transmit Security follows formal change management procedures to review, test, and approve changes prior to application in the production service.
      Changes made through change management procedures include system and service maintenance activities, upgrades and updates, and customer-specific changes. Transmit Security’s change management procedures are designed to minimize service interruptions during the implementation of changes.

    2. Emergency Maintenance

      Transmit Security may be required to execute emergency maintenance in order to protect the security, performance, availability, or stability of the Cloud Service. Emergency maintenance is required to address an exigent situation that cannot be addressed except on an emergency basis.

  8. Cloud Service Support Policy
    1. Severity Level Guidelines and Response Time Objectives

      Level 1: Critical Business Impact/Service Down. Business critical functionality is inoperable or critical interface has failed. This usually applies to a production environment and indicates an inability to access the Cloud Service resulting in a critical impact on operations. This condition requires an immediate solution. The Customer must log a Service Down within 24 hours of first becoming aware that there is a critical business impact and the Cloud Service is not available. Please Note: Telephone call must follow the opening of a ticket. Transmit Security will work with the Customer 24 hours a day, seven days a week to resolve critical problems provided the Customer has a technical resource available to work during those hours and Customer must reasonably assist Transmit Security with any problem diagnosis and resolution.

      Level 2: Significant Business Impact. A service, business feature, or function of the Cloud Service is severely restricted in its use.

      Level 3: Minor Business Impact. The Cloud Service or functionality of the Cloud Service is usable and the issue can be worked around without significant inconvenience.

      Level 4: Minimal business impact. An inquiry, non-technical request or general questions.

    2. Response Time Objectives & Coverage

      The following table outlines response time objectives that Transmit Security strives to achieve, measured from the time Transmit Security receives the Customer’s initial request for support to the time Transmit Security provides an initial communication back to the Customer regarding its request.

      IncidentResponse Time ObjectivesResponse Time Objectives
      Level 1Within 1 hour24×7
      Level 2Within 2 hoursMonday through Friday 
      9:00 AM – 6:00 PM (local time)
      Level 312 hours Monday through Friday 
      9:00 AM – 6:00 PM (local time)
      Level 4Within 1 business dayMonday through Friday 
      9:00 AM – 6:00 PM (local time)

      Response Time Objectives are intended to describe Transmit Security’s goals only, and do not represent a guarantee of performance.

  9. Non-Enterprise Subscriptions

    None of the above mentioned terms is assured to be honored in the case of non-Enterprise subscriptions, this includes proofs of concept, free trial or evaluation subscriptions and any other non-Enterprise Cloud Service subscription to be introduced in the future by Transmit Security.

  10. Contact Information and Escalation Process
    Contact Information and Escalation Process
    Support System

    All support tickets must be entered into the following Support System:

    https://transmitsecurity.com/support

    Make sure your support personnel have a username and password to the above system.

    Support Contact

    Technical (EMERGENCIES & DOWNTIME ONLY):

    Please submit all cases via Support System. Avoid calling these numbers unless you are experiencing a production down-time.

  11. Support Terms and Details
    1. Transmit Security will be solely responsible for categorizing incidents; however, the Customer may request to re-categorize the incident.
    2. The Customer must contact the Transmit Security Technical Support number immediately after opening a Level 1 online ticket in order to facilitate an emergency response.
    3. In a timely and expedient manner, Customer agrees to: (i) provide Transmit Security with reasonable detail of the nature of and circumstances surrounding an error, (ii) confirm that Transmit Security has received complete requested logs of products, and (iii) provide Transmit Security with reasonable access to Customer’s environment, as necessary, to enable Transmit Security to provide support.
    4. Customer acknowledges and agrees that Transmit Security may not have a satisfactory response, or that response timelines may be significantly delayed due to Customer’s inability to produce relevant requested information about error, or Customer’s inability to respond to Transmit Security’s requests in general.
    5. Transmit Security must be able to reproduce the reported error with given information, and that error must be determinable and reproducible to resolve the issue with either a work-around or a fix.
    6. If the problem is diagnosed to be something other than the Transmit Security platform, then the reported issue will exit the Transmit Security escalation process and will be considered resolved.
    7. Transmit Security has no obligation to provide support to Customer: (i) for any software, hardware or other element of the Customer environment not provided by Transmit Security, (ii) if Customer or a third party has altered or modified any portion of the Cloud Service, or (iii) if Customer has not used the Cloud Service in accordance with Documentation or instructions provided by Transmit Security, including failure to follow implementation procedures.
    8. Customer agrees that Transmit Security is not responsible for the support of (i) the externally connected databases except for Transmit Security policies and configurations, (ii) any third-party system or API connected to the Transmit Security platform provided by another vendor, (iii) the underlying operating system unless there are conflicts with the Transmit Security platform, (iv) any network connectivity on the Customer’s premises, involving mobile device communication over a mobile network, or the Internet, (v) any firewall or networking devices that may be blocking communication between platform components due to no fault of Transmit Security.
    9. Support is only available in the English language.
    10. Transmit Security platform includes phone and web support for teams of up to five (5) Customer team members.
  12. Additional Terms
    1. Preview Features. Transmit Security may make experimental, preview, or beta features available to Customer for trial or evaluation use (“Preview Features”). Transmit Security can modify or withdraw the Preview Features at any time and is under no obligation to make the Preview Features generally available. Preview Features are provided as-is without warranties of any kind, and are not subject to SLAs and support services.
    2. Customer is not permitted to conduct penetration, intrusion or stress testing of the Cloud Service.