Our SLA, NDA and security/confidentiality policies for the solutions
For delivering our product, we have several terms of service. These include a service level agreement, a non-disclosure agreement and a security and confidentiality policy. These terms can be summarized as follows:
We host our service, acting under Dutch law (thus not subject to the Patriot Act), using an ISO 27001 and NEN 7510 certified server. Your data is stored in a data center redundant file cluster on three different servers in two separate data centers. All communications between you and the server are encrypted with an A rated certificate which protect you against threats like Heartbleed, Poodle and Beast attacks. All data provided on Author-e is kept confidential and only authorized personnel have access to the project data. Those employees are contractually obligated to keep the information received strictly confidential. During the agreement and for a period of five years after the termination or expiration of the agreement, we retain your data, withhold it from third parties and do not use it for any purposes other than to provide the service to you. We may disclose your data to any of our affiliates only upon written consent by you and after the affiliate has entered into a secrecy agreement with you. This does not hold for data that was public knowledge at the date of disclosure, and/or was already in our possession. If data is required to be disclosed by any judicial order or decree or any governmental law or regulation, an appropriate and timely notice thereof shall be given by us, to allow you the opportunity to obtain an appropriate protection from the relevant governmental or judicial entity. The right and title to your data remains with you. After five years, the data is destroyed;
We provide access to the service for named users of the customer through an HTTPS connection using a browser;
We protect the server through a firewall, and make sure the operating system software is updated according to the supplier instructions;
We back-up data fully daily, which are stored encrypted in a physically separated environment;
We periodically maintain and update the service, and notify you of major functional changes;
We provide support via telephone or e-mail from 9.00 AM to 5.00 PM CET, Monday to Friday, except for Dutch public holidays. We are automatically informed when the service is interrupted and will take any necessary step to resolve these issues. From 8:00 AM to 10:00 PM on Monday to Friday, from 12:00 PM to 8:00 PM on Saturday and from 2:00 PM to 10:00 PM on Sunday (CET) action will be taken immediately . Outside these hours we will resolve problems as soon as possible and where possible before office hours. The response time ranges from 4 hours to 1 week, depending on the severity of the problem and the available temporary workarounds.