Latest update: September 10, 2025
SLA - Senbee Connect (Hybrid / Shared Responsibility)
Purpose
This SLA defines service levels, maintenance, and incident handling for Senbee Connect deployments where hosting and operations are shared between Senbee and the Customer (“Hybrid”).
Scope
Applies when the application is operated across responsibilities (for example, Customer-managed infrastructure with Senbee-managed application services, or Senbee-managed cloud components integrating with Customer-managed network or identity).
Service Commitments
- Availability target (Senbee-managed components): 99.9% monthly uptime, excluding approved maintenance windows.
- End-to-end availability: Informational only; depends on Customer-managed components and third parties and is therefore out of scope for remedies.
- Incident response (Severity 1 affecting Senbee-managed components): Work begins immediately upon alert; coordinated updates continue until service is restored or a workaround is in place.
- Monitoring: Continuous monitoring for Senbee-managed components; Customer is responsible for monitoring Customer-managed layers.
Support Availability
Senbee provides 24/7 monitoring and incident response for Senbee-managed components. Customer-initiated support requests that are non-critical (how-to, configuration assistance) are handled during normal working hours: Monday-Thursday 08:00-16:00 CET, Friday 08:00-15:00 CET. Critical incidents with confirmed impact on a Senbee-managed component are coordinated continuously until resolved.
Roles and Responsibilities
| Layer / Activity | Senbee | Customer |
|---|---|---|
| Application (Senbee Connect) | Owns application defects, releases, hotfixes, security advisories, release notes. | Applies releases to Customer-managed environments; validates configs; performs smoke tests. |
| Platform / Container Runtime | If Senbee-managed: maintains runtime, images, base hardening. | If Customer-managed: provisions and patches runtime; enforces baseline security. |
| Operating System & Database | Advises supported versions and parameters. | Patching, backups, performance tuning, HA/DR configurations. |
| Network & Identity | Documents required endpoints, ports, SSO/OIDC/SAML claims. | Implements firewall rules, certificates, DNS, SSO/IdP configuration. |
| Backups & Restore | Provides application-level restore guidance and test procedures. | Executes backups/restore on infra; performs periodic restore tests and evidence capture. |
| Monitoring & Logging | Monitors Senbee-managed components; provides app logs and telemetry schema. | Monitors Customer-managed components; ships required logs to SIEM as agreed. |
| Security | Security advisories, CVE notifications for application code; secure configuration guides. | Vulnerability management for OS/DB/network; key and secret management; compliance of hosting environment. |
| Change Management | Publishes release calendar and maintenance advisories. | Schedules change windows; performs implementation; notifies impacted users. |
Severity and Response Targets
| Severity | Definition (Hybrid) | Senbee Response Target | Customer Obligation |
|---|---|---|---|
| 1 - Critical | Production outage or critical feature unavailable, attributable to Senbee-managed component or unknown root cause. | Immediate triage, continuous work until restoration or workaround. | Provide access/logs within 30 minutes; on-call engineer joins bridge. |
| 2 - Major | Degraded performance or functional loss with workaround. | Response within 2 hours during working hours; updates daily. | Implement recommended config changes within agreed window. |
| 3 - Minor | Non-critical defect not affecting primary workflows. | Response within 3 business days. | Test fix in next maintenance window. |
| 4 - Inquiry | How-to, configuration advice, documentation requests. | Response within 5 business days. | Provide environment details requested. |
Maintenance
- Scheduled maintenance: Coordinated change windows. Senbee aims for 7 days' notice for changes impacting Senbee-managed components.
- Emergency maintenance: May occur without notice to address security or stability issues. Senbee will notify as soon as practical.
- Customer maintenance: Customer informs Senbee at least 1 business day prior to changes that could affect the application.
Updates and Eligibility
- Senbee publishes quarterly releases and ad hoc security patches.
- Customer must remain within N-1 supported version for continued support; security patches must be applied within 30 days of release.
Incident Handling & Communication
- Customer reports incidents via the Customer Center or support@senbee.com. Senbee also initiates incidents from monitoring alerts.
- For Sev 1, Senbee hosts a bridge and provides hourly updates or as agreed.
- Post-incident review delivered within 5 business days for Sev 1 incidents affecting Senbee-managed components.
Exclusions
- Incidents caused by unsupported or outdated Customer-managed components.
- Third-party failures not contracted through Senbee.
- Customer change activities performed outside agreed windows.
Remedies
Service credits, if applicable, apply only to downtime attributable to Senbee-managed components and are calculated against the availability target defined above. Credits are the Customer's sole and exclusive remedy for such downtime.
Reporting & Review
- Monthly operational summary available on request (tickets, incidents, availability for Senbee-managed components).
- This SLA is reviewed annually or upon significant change.