Service Level Agreement

Here you can find information on our commitments to availability, support and performance.

SERVICE LEVEL AGREEMENT

BACKGROUND

AM Hultdin System AB, 556687-9127, has developed three cloud services, Documents, Cases and Maintenance (hereafter collectively the "Services"). This Service Level Agreement (hereinafter referred to as the “SLA”) describes AM Hultdin System AB’s undertakings regarding accessibility, support and the manner in which the company addresses any faults or outages in the Services. Furthermore, this SLA describes AM Hultdin System AB’s security measures and routines for back-up copying of the Customer’s data. The SLA constitutes part of the agreement between AM Hultdin System AB and the Customer. The terms defined in the General Provisions shall have the same meanings ascribed to them therein in this SLA.

DELIVERY

AM Hultdin System AB provides a cloud service which is under constant development. Accordingly, the Customer shall have continued access to updates and improvements. AM Hultdin System AB accordingly reserves the right to alter the design, functionality, technical specifications and other functions of the Services. Changes which have a material effect on the principal functions of the Services shall be notified prior to delivery to the Customer.

QUALITY

AM Hultdin System AB works to deliver good quality in which the goal is that (i) the Services shall meet the Customer’s specific requirements, (ii) that the Services is uninterrupted, fast, secure and free of faults, (iii) that the results which may be obtained from the use of the Services will be correct and reliable, (iv) that the quality of all products, services, information and other material purchased or obtained by the Customer via the Services meet expectations and (v) that any faults in the Services will be corrected.                                   

SUPPORT

AM Hultdin System AB undertakes to provide support during the term of the Agreement for the Services. “Support” means in this Agreement support in order that the Customer may be able to use the Services in the intended manner. Such support is provided in the manner stated here.

AM Hultdin System AB addresses a support matter as soon as possible, but not later than within 24 hours (this means 3 working days of 8 hours) provided that the support matter has been received in the manner set forth in the link above. AM Hultdin System AB does not provide support free-of-charge for equipment for which the Customer is responsible, e.g., but not limited to, Equipment (defined in section 3.4 of the General Provisions).

PRODUCT UPDATES

Service updates are provided regularly in the during the term of the Agreement. In conjunction with larger updates which affect the manner in which the Customer uses the Service, such shall be notified to the Services’ Administrator. AM Hultdin System AB is entitled to change the procedure for giving notice of regular updates.

PRODUCT UPGRADES

Updates are implemented automatically, while Upgrades are planned with the Customer. Upgrades are offered in the Service and are implemented by the Customer and AM Hultdin System AB. In the event the fee for the Service increases as a consequence of the fact that the Customer chooses an Upgrade, the Customer shall be informed thereof.

USER MANUAL

AM Hultdin System AB provides a user manual for the Services with a description of the functions available in the Services and the manner in which the User may use the Services. The user manual is available at our Helpdesk . The Customer is aware that access to the user manual may be temporarily limited during periods of time in which AM Hultdin System AB develops or updates the user manual. AM Hultdin System AB shall be entitled to alter the appearance and navigation and whether the User has access to the user manual. AM Hultdin System AB is responsible for regularly updating and maintaining the user manual. The Customer is aware that there may be a certain lag between versions and new functionality in the user manual.

SYSTEM REQUIREMENTS

The Service is an entirely web-based system with low system requirements for the Customer’s IT environment. The Service need not be installed on the Customer’s server. The User obtains access to the Service through its browser. AM Hultdin System AB currently supports not less than the three most recent versions of all modern browsers. The Customer thus need not install and maintain special software to operate the Services. The Services are responsive, which entails that it may be used on various types of units. The Service is not platform-dependent, which entails that it may be used on different platforms (e.g. Windows and Mac).

AVAILABILITY

AM Hultdin System AB uses Amazon AWS for operation of the Services. The Services are provided as a rule 24 hours per day, seven days per week, 365 days per year. AM Hultdin System AB does not warrant, however, that the Services and www.amsystem.com (hereinafter the “Website”) are free of faults or outages during the aforementioned period of time.    
The Services shall be taken off-line from time to time for measures (hereinafter “Measures”) such as, for example, but not limited to, maintenance, service and updating. AM Hultdin System AB reserves the right to suspend access to the Services in order to pursue such Measures. Such outages shall, to the extent possible, be planned for times at which use of the Services is normally low. In conjunction with Measures of a more extensive nature, AM Hultdin System AB shall inform the Customer not less than seven (7) days in advance. “Extensive in nature” means Measures which entail that inaccessibility of the Services exceeds one (1) hour.

TROUBLESHOOTING

Faults or outages in the Services for which AM Hultdin System AB is responsible according to the Agreement shall be rectified without cost for the Customer. “Faults or outages in the Services” means in this Agreement that the Services do not work in the intended manner or are not available. Troubleshooting takes place on regular workdays between 08.00 and 16.00 (Swedish time) (hereinafter “Office Hours”). AM Hultdin System AB undertakes to commence troubleshooting in respect of the fault within twenty-four (24) hours (this means 3 working days of 8 hours) after the fault notice has been received by the company in respect of more basic faults, and within five (5) hours following receipt of the fault notice by AM Hultdin System AB in respect of faults which are more serious in character. In the event the notice of fault is received by AM Hultdin System AB outside Office Hours, the aforementioned periods of time shall commence at 08.00 on regular workdays which fall immediately after the fault notice was received by the company. “Commencement of troubleshooting” means in this Agreement that personnel from AM Hultdin System AB will actively troubleshoot. In the event the respective periods of time for commencement of troubleshooting are exceeded, the Customer shall be granted a price deduction in relation to the scope of the fault.    

Since the Services are web-based, the Customer is aware that temporary outages and delays in Internet services do not constitute a fault or outage in the Shares. AM Hultdin System AB shall have no obligation to rectify faults or outages beyond AM Hultdin System AB’s control which the company could not have reasonably foreseen and the consequences of which the company could not have reasonably avoided or overcome such as, for example (but not limited to) faults, deficiencies or outages in the Customer’s hardware, software or Internet connection. Nor does AM Hultdin System AB have any obligation to rectify faults or outages where such are prevented due to circumstances beyond the company’s control such as, for example, but not limited to, accidents, explosions, armed conflicts or similar circumstances, riots, fires, lightning strikes, floods, leakage, electrical outages, labour conflicts, pandemics, actions or omissions attributable to governmental authorities and new or amended legislation.

This shall also apply where sub-contractors or third parties with whom AM Hultdin System AB cooperates are prevented from providing the Services due to such circumstances referred to herein. The Customer shall be obliged when giving notice of fault to state the manner in which the fault manifests. In addition, where so requested by the personnel involved in troubleshooting, the Customer shall be obliged to demonstrate how the fault manifests. Following an agreement between the Parties, however, AM Hultdin System AB, to the extent of availability and competence, may assist the Customer in rectifying faults which are not covered by AM Hultdin System AB’s responsibility for faults in accordance with the above. In the event the Parties cannot otherwise agree, such work shall be carried out on an open-account basis, and compensation shall be paid per hour in accordance with the price list applied by AM Hultdin System AB from time to time for consultancy services. The Customer may adduce faults regarding the Services only where the Customer provides AM Hultdin System AB with notice of the fault (fault report) within a reasonable time after the Customer detected or should have detected the defect.

In conjunction with operational problems, Customers may follow the incident on status.amsystem.com at which the entire chain of events is documented.

SECURITY

Data Center

AM Hultdin System AB uses Amazon Web Services (AWS) for the operation of the Services. The physical servers are situated with AWS’s data centre in Frankfurt. AWS is certified in accordance with ISO/IEC 27001:2013 and ISO/IEC 27018:2014. More information regarding AWS compliance programs may be found on AWS's website.

Backup

All data stored in AM Hultdin System AB’s Services are regularly backed up in order to ensure that no data is lost upon the occurrence of an unexpected event in which restoration is necessary. The databases are replicated on several servers and the closest server may take over operation upon the occurrence of an event. As regards all database servers, a daily so-called “point-in-time backup” is carried out in order to make possible restoration from a specific point in time. We also create daily backups of all databases which are stored which are encrypted with 256-bit AES for 180 days. AM Hultdin System AB does not restore data which the Customer has deleted by mistake. Restoration takes place only by AM Hultdin System AB for the purpose of maintaining operation of the Services.

In-Transit Encryption

AM Hultdin System AB uses the Transport Layer Security (TLS) industrial standard for all connections. In the event an unencrypted connection is attempted, the connection is relocated to a secure, encrypted connection. We use the TLSv1.3 and TLSv1.2 protocols. Cipher list

”At-rest” encryption

All stored data is encrypted with AES-256 encryption with individual keys for each individual server.

Network security

AM Hultdin System AB uses AWS Network ACL and Security Groups in order to limit access to each individual system. The only open public access to AM Hultdin System AB Services (port 80, 443) goes through several security layers in order to ensure that the traffic is not harmful.                          

Event logging

AM Hultdin System AB saves all traffic/events for a minimum of 180 days in order to be able to monitor the functioning of all systems as they should and in order to be able to identify harmful traffic. In the main, logs containing any personal data are erased or anonymised. In a number of cases, these logs are stored for a maximum of 30 days in order to analyse any events. Only authorised personnel at AM Hultdin System AB have access to these logs. Automated alarms and AI are used in order to detect/validate deviations in the systems.                 

Password & Security in AM System

As regards passwords managed in the Services, we recommend compliance with NIST 800-63 which describes the manner in which passwords are to be managed. The Services provide assistance in order to be able to comply with these recommendations. 

Here are some examples of other security functions available in the Service:

  1. The password must contain at least 8 characters.
  2. The administrator may allow the user to request a new password via e-mail.
  3. The administrator can control permission in order to “Keep me logged-in”.
  4. The administrator may activate compulsory password change in conjunction with the next log-in.
  5. The administrator can determine the number of failed log-on attempts.
  6. The administrator may set a time at which a user’s account is automatically prevented from logging-in.
  7. Locked access to the service by providing access only from specific IP- address(es).
  8. The administrator can activate two-factor authentication.
  9. AM Hultdin System may assist the customer in activating Azure AD synchronisation.