SERVICE LEVEL AGREEMENT (SLA)

Version 5.0 as of February 1st, 2021

This SERVICE LEVEL AGREEMENT (the "SLA") is made and entered into the Effective Date of the MASTER SERVICE AGREEMENT (the "MSA" or the "Agreement") by and between the Contractor and the Customer.

Now therefore it is agreed as follows:

1. Definitions
   1. In this SLA the following words have the meanings set out below:
      • "APDEX (Application Performance Index)" means an index for measuring performance of software applications: where:
        • "Satisfied count" means the number of operations completed in T or less.
        • "Tolerating count" means the number of operations completed in 4T or less.
        • "T" means the target time for the operation completion.
      • "Compensation" means a sum of money which Contractor compensates to Customer in case of Incident.
      • "Critical data" means сlient information related to the unique client identificator issued by Mindbox Service. Such data can be viewed and used for processing via Mindbox Service interface.
      • "Data processing center (DPC)" means a company providing the Contractor with the following services: data transmission channel to the Internet, power supply, and physical security of servers.
      • "DDOS attack" means a denial-of-service attack (DoS attack) and distributed denial-of-service attack (DDoS attack).
      • "Incident" means an event that meets the type and criteria of one or more situations from Table of Incidents.
      • "Mindbox Service Documentation" means documentation placed into Mindbox Service interface.
      • "Monitoring system" means Contractor’s system allowing Parties to monitor Service performance.
      • "Monitoring tool" means New Reliс service (newrelic.com) that allows Parties to monitor Mindbox Service performance or other monitoring tools used by Contractor.
      • "Operations for calculating discounts and points in the basket" means any of the following operations:
        • Operations containing at least one of the steps:
          • "Calculate prices"
          • "Calculate order"
          • without containing a single step from the list:
          • "Merge"
          • "Issue prize"
        • V2 protocol operations for services:
          • Price and message calculation for goods v 2.1
          • Obtaining preliminary information about the Order v 2.1
          • Recosting the order
      • "Operations for processing orders" means any of the following operations:
        • Operations containing the step:
          • "Save order"
          • without containing a single step from the list:
          • "Merge"
          • "Issue prize"
        • V2 protocol operations for services:
          • Ordering v 2.1
      • "Operations for sending a transactional message" means operations containing at least one step from the list, if the mailing with the“ Transactional ”profile is selected in the settings of this step:
        • "Send Email"
        • "Send Sms"
        • "Send MobilePush"
      • "Service operations required to display the Customer’s client interfaces" means operations returning data in response if such operations contain at least one step from the list:
        • "Username"
        • "Register"
        • "Register or enrich"
        • "Edit"
        • "Get existing"
        • "Import"
        • "Check authentication code"
        • "Confirm mobile number and SMS subscription"
        • "Get existing order"
        • without containing a single step from the list:
        • "Merge"
        • "Issue prize"
      • "Operations for getting recommendations" means operations containing at least one step from the list:
        • "Get personal recommendations"
        • "Get popular category recommendations"
        • "Get popular product recommendations"
      • "RPM" means requests per minute.
      • "RPS" means requests per second.
      • "Table of Incidents" means a table with a list of Incidents therein.
   2. Any other words contained herein have the same meaning as in Agreement.
   3. SLA sets out the level of quality of the service "Subscription to the Service" and does not apply to other services provided by Contractor.
2. Table of Incidents
   1. Incidents interfering with customer service
   2. Incidents interfering with customer service are charged per minute. The reimbursement accounts for 0.1% of monthly subscription per minute.

   3. Type and criteria of Incidens	Exceptions
      APDEX of the requests for synchronous operations related to discounts and bonus points calculation in the basket less than 0.9 at T = 0.5 sec	RPM of the operation > 1000; Violation less than 3 consecutive minutes
      APDEX of synchronous calls of Operations for processing orders less than 0.9 at T = 1 sec	RPM of operations > 500; Violation less than 3 consecutive minutes
      APDEX of synchronous calls of Service Operations required to display the client interfaces of Customer is less than 0.8 at T = 0.5 sec	RPM of the operation > 500; RPM of the operation < 10; Violation less than 3 consecutive minutes
      Disruptions in personalisation mechanics which caused inoperability of Customer’s website including failure of display (layout) of Customer’s client interfaces;	Changing the layout of the site on the client side, which led to problems with the display of personalization blocks; Non-standard mechanics (javascript narrowing) wrote specifically for the client: AB tests, rendering by segment, and special display conditions; Operation of third-party systems blocking the execution of javascript code (for example, adblockers)
      APDEX of synchronous calls of receiving recommendations operations is less than 0.9, with T = 0.5 sec	RPM of the operation > 500; RPM of the operation < 25; Violation less than 3 consecutive minutes
      APDEX Operations for sending a transactional message (from calling the Operation for sending a transactional message to sending to a third party) is less than 0.9 at T = 60 sec	An email over 100Kb; Sending of transactional messages from trigger mechanics and scripts; Sending via Webpush and Viber channels; General RPM of the client to api.mindbox.ru > 1000

   4. Other incidents

   5. Type and criteria of Incidens	Compensation period	Compensation rate	Exceptions
      The total speed of sending manual mailings in email channels, mobile push notifications is less than X messages per hour, where X = 200,000 + 0.1 * [number of Clients in the Customer’s database], but not more than 1,500,000, while the time of the start of sending is considered as the end of recipient selection moment.	Every hour	2%	The email over 100Kb; The total speed of sending messages (with sending in other channels, trigger mechanics and sending from operations) on the project is greater than X
      Incorrect operation of automatic mechanics	Every twenty-four hours	0,75%	Incorrect setting of mechanics by Customer
      Failure to start new mechanics or change existing ones			During the first twenty-four hours period an alternative way to solve the problem was provided or the problem was fixed
      Loss of Critical Data	Every twenty-four hours of the loss	8%
      The term for responding to a request by Means of communication constituted more than one working day (a request sent at N hours of one working day was left unanswered by N hours of the next working day)	Every case	1%

3. Incident detection
   1. In a case of Incident or suspicion Customer sends to Contractor a relevant notification within 7 days since the beginning of Incident.
   2. Within 2 business days after receipt of the relevant notification Contractor sends to Customer references to Monitoring tools’ reports which contain information if the Incident occurred. The incident may be also detected by Monitoring tool after it had finished.
   3. At the request of Customer Contractor is obliged to prepare a detailed technical report on Incident within 5 business days since the end of Incident.
   4. The time of Incident is a period of time the beginning and the end of which were stated by Parties by Means of communication.
   5. The deadline for the summarizing of Incidents which occurred in Accounting period is the 11th day of the following Accounting period. Only Incidents detected prior to the deadline could be compensated.
   6. Levels of escalation in a case of Incident detection or suspicion:
      1. Contractor’s Customer support: support@mindbox.ru, intercom or other communication tool agreed by Parties.
      2. Manager.
      3. Lead manager.
4. Compensation
   1. Contractor provides compensation in % of the cost of Subscription to Mindbox Service for Accounting period when Incident took place. Total % of compensation is calculated as the time of Incident divided into the relevant compensation period rounded up and multiplied by % according toTable of Incidents hereof.
   2. Compensations for Incidents caused by the same event are not cumulative and will be provided exclusively for Incident with the maximum % of compensation.
   3. Compensation is provided exclusively as a relevant deduction of the cost of Subscription to Mindbox Service for the following Accounting periods.
5. Limitation of liability
   1. Notwithstanding anything herein to the contrary, Customer acknowledges and agrees that the liability of Contractor arising directly or indirectly, from any Incident herein is limited by Compensation.
   2. The total sum of Compensation could not exceed 100% of the cost of Subscription to Mindbox Service for relevant Accounting period.
   3. Contractor shall not incur any liability to Customer for any breach of its obligations hereunder or for any losses by the following events which shall not be considered as Incidents:
      1. Any scheduled time of disruptions agreed by Parties.
      2. Time for Contractor’s technical infrastructure maintenance:
         1. Every Monday within the period from 3 a.m. to 4 a.m. Moscow time.
         2. Every day, up to 10 minutes, at the time specified in Mindbox Service interface or agreed by Parties via Means of communication.
      3. Periods of disruptions that included less than 100 measured events (including API calls, messages sent, campaign’s operation) or periods of disruptions with RPM (or the frequency of measured events) less than 10 (less than 10 events per minute).
      4. Disruptions caused by Customer, his employees, agents, contractors or any third parties acted on his behalf, as a result of breach of compliance with Mindbox Service Documentation during or as a result of integration with Mindbox Service.
      5. Disruptions caused by disruptions in external services and tools: beefree.io, Microsoft Azure, readme.io, intercom, slack, mobile operators and other third parties. At the request of Customer Contractor is obliged to provide evidence of the disruptions in external services and tool within 10 days since the end of disruptions.
      6. Disruptions caused by directed network DDOS attacks.
      7. Disruptions caused by reasons beyond the reasonable control of Contractor which could not have reasonably been foreseen (force majeure), including but not limited to: statutory regulations that blocked service provision, injunctions, restrictive orders, wars, armed conflicts, terrorism, fire, flood, epidemics.
6. Miscellaneous
   1. SLA is applied to Subscription to Mindbox Service and can not be applied to any other services provided by Contractor.
   2. SLA supersedes Agreement provisions and understandings, whether oral or written in connection therein.

____________________________

Previous version list of SLA:

SLA version 4.0 updated October 07th, 2019
SLA version 4.0 since January 16th, 2019
SLA version 3.0 since August 17th, 2018