Service Level Agreement

OVERT SOFTWARE SOLUTIONS SERVICE LEVEL AGREEMENT

Table of Contents

INTRODUCTION

By registering and utilising our services you agree to the following terms and conditions. These terms are effective for the length of your contract. Please note that the services that are detailed in Schedule 2 only apply to those services that you have purchased and that are displayed within your support portal which can be viewed here https://overtsoftware.com/helpdesk. By purchasing any of the services provided by Overt Software Solutions Ltd you acknowledge that you have read and understood the terms listed below.

DEFINITIONS AND INTERPRETATIONS

In this document the following words shall have the following meanings:

24/7 - 24 hours a day, 7 days a week.
Account Business Day - A day other than a Saturday, Sunday, or public holiday in England when banks in England are open for business.
Active Directory Federation Service (ADFS) - A software component developed by Microsoft, can run on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries.
Agreement - The Order Form and these Terms & Conditions together with any documents referred to herein. In the event of a conflict, an Order Form accepted by Overt Software prevails over these Terms & Conditions.
Apache HTTP web server – A popular open-source HTTP web server used for our Moodle/Mahara implementations.
API web service - Application programming interface (API) is an interface that defines interactions between software applications. An API allows you to communicate data between multiple systems in a standardised way by requesting information via commands to and from a particular service.
Applicable Laws - Applicable Laws refers to all laws, rules, regulations, and orders from governmental authorities.
Authentication - The process or action of verifying the identity of an end user.
Backup - A copy of a file, system, or other items of data made in case the original is lost or damaged.
Business Day - Regular working days; Monday – Friday, excluding United Kingdom statutory national holidays.
Business Hours - Regular working hours; 9 am – 5 pm Greenwich Mean Time (GMT) / British Summer Time (BST).
Charges - A charge is an amount of money that a customer has to pay to Overt Software Solutions Ltd.
Cloud - A vast network of remote servers that are linked together to operate as a single ecosystem and can be accessed over the internet.
Confidential Information - Restricted or private information that only entrusted parties should be allowed to access.
Contracted Service - Contract Services means services provided through agreement with Overt Software Solutions Ltd.
Credentials - qualities or attributes (such as a digital certificate) that enable users to access secured systems or resources.
Customer - A recipient of a service and/or product from Overt Software Solutions Ltd.
Customer Software - Software owned and/or used by the customer that Overt Software Solutions does not supply or manage.
Customer’s Servers - A server that the customer owns onsite or rents from a different supplier other than Overt Software Solution Ltd.
Data Controller - A data controller is a person, company, or other body that determines the purpose and means of personal data processing; Overt Software Solutions Ltd is a data controller regarding its customer's information.
Data Subject - A data subject is a person who can be identified, directly or indirectly, via their personal data.
Database - A database is an organized collection of data, generally stored and accessed electronically from a computer system.
DDoS Attack - Stands for Denial-of-service attack. It is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users.
Discontinued - No longer accessible by users or supported by Overt Software Solutions Ltd.
Documentation - Material that provides official information.
Encrypted - In cryptography, encryption is the process of encoding or translating information and data into another form, or code, so that only people with access to a secret key (formally called a decryption key) or password can read it.
End User - Persons or systems associated with an organisation that issues them with Credentials.
Fast Identity Online (FIDO2) - FIDO stands for Fast Identity Online. With an added number two at the end, this acronym is based upon previous work done by the FIDO Alliance, particularly in terms of developing the Universal 2nd Factor (U2F) authentication standard. Enables users to leverage common devices to easily authenticate to online services in both mobile and desktop environments.
Good Practice - Good business practice is generally accepted within the IT industry.
Google Authenticator - A software-based authenticator by Google that implements two-step verification services using the Time-based One-time Password Algorithm and HMAC-based One-time Password algorithm, for authenticating users of software applications.
Granular Access - Granular access controls/defines which end users can have access to each part of a system, as well as what they can do with that access.
HA Cloud – High Availability Cloud service – A cloud-hosted service that automatically scales under load.
Hard Stress Testing - Is a software and hardware testing activity that determines the robustness of resources by testing beyond the limits of normal operation.
Hardware tokens – Are small devices, typically in the general form factor of a credit card or keychain fob. They provide a basic way of authenticating as on request the token will generate a new 2FA passcode.
Hosting - The act of storing data on a server or other computers so that it can be accessed over the internet.
Identity Provider (IdP) - An IdP is a service that verifies a user's identity against a data store (such as LDAP / Active directory).
Indemnity - Security or protection against a loss or other financial burden via the promise of one party to provide financial recompense to another for any loss or liability suffered as a consequence of operational negligence.
Intellectual Property Rights (IPR) - Any patent, trademark, service mark, registered design, copyright, design right, database right, rights protecting confidential information, any applications for or rights to apply for any of the above and any other intellectual property right recognised in any part of the world, whether or not now existing or applied for, and all accrued rights of action in respect of any such rights.
Java – A programming language and runtime environment that allows the operating system to execute Java bytecode.
Level 2 Support Service - Level 2 support services provide In-depth technical support. Support engineers have a deep understanding of the company products and extensive experience in troubleshooting.
Lightweight Directory Active Protocol (LDAP) - An open, vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over a network. Popular examples include Microsoft Active Directory / OpenLDAP.
MIS Integration - MIS stands for Management Information Systems. Overt Software Solutions combines MIS Software so they can be used in tandem.
Multi-Factor Authentication (MFA) - Authentication processes that entail multiple verifications of identity, for example, a username/password combination and a separate verification code.
Normal Day Rate – This constitutes 7 ½ hours’ Labour, including traveling to and from your premises but excluding statutory breaks for £800. If we supply more than 7 1⁄2 hours’ Labour in a day, we may charge you for any extra time at the rate of £106.00 per hour, in 1⁄4 hour units rounded up to the nearest 1⁄4 hour. In addition to our charges, you must pay all our out-of-pocket expenses, including travel (at the rate of 45p per mile if we travel by car), accommodation, and subsistence costs.
One Time Passwords (OTP) – Are 6 digit codes used for Multi-Factor Authentication (MFA). OTP’s can be generated on hardware tokens and software such as Google Authenticator.
Operating system (OS) - A software that supports a computer or device’s basic functions for programs and monitors the device's hardware.
Organisation - Any organisation using the Overt Software Solution Ltd Services and/or products.
Organisation Data - The data input by the Organisation or Overt Software Solutions Ltd on the organisation’s behalf for the purpose of using the Service or facilitating the organisation's use of Overt Software Solutions Ltd services and/or products.
OvertADLink – Overt Software Solutions Ltd's OvertADLink creates a secure encrypted SSH tunnel from your Active Directory.
OvertIdP Dashboard – Created by Overt Software Solutions ltd this dashboard is a fully-featured suite of statistical and Shibboleth IdP tooling. Free with all Overt Shibboleth IdP’s allow your staff to explore Shibboleth stats.
OvertMISLink – Overt Software solutions specific MIS integration software.
Parties - Individual(s) or business’ who have entered into a binding contractual agreement with Overt Software Solutions Ltd. This can be as a customer, supplier, or sub-processor.
Patch - A set of changes to a computer program/ software or its supporting data designed to update, fix, or improve it. This includes fixing security vulnerabilities and other bugs, with such patches usually being called bug fixes or bug fixes.
Personal Data - Personal Data is information that relates to an identified or identifiable individual, such as, names, emails, location data, etc.
Prerequisites - A thing that is required as a prior condition for something else to happen or exist such as upgrades and patches.
Products - A product is an item or software offered for sale by Overt Software Solutions Ltd.
Proposal - A formally set plan or suggestion created by Overt Software Solutions Ltd to aid with the services/ products Overt Software Solutions Ltd provides and the implementation of those services and products.
RAID Monitoring - Is a data storage virtualisation technology that combines multiple physical disk drive components into one or more logical units for the purposes of data redundancy, performance improvement, or both.
Recovery Point Objective (RPO) - An RPO is a measurement of time from the failure, disaster, or comparable loss-causing event. RPOs measure back in time to when your data was preserved in a usable format, usually to the most recent backup.
Remember Me Support – Option that allows an authenticated user to be trusted for a set period of days before having to sign in with MFA again.
Response Times - The time it takes for Overt Software Solutions Ltd support engineers to reply to a ticket once it has been opened.
SAML Proxy - A SAML Identity Provider (IdP) Proxy is a bridge or gateway between a federation of SAML IdPs and a federation of SAML SPs.
Secure File Transport Protocol (SFTP) - Allows you to upload/download files and folders from your hosted server securely.
Secure Shell Tunnels / SSH Tunnels - Encrypted Secure Shell Tunnels that connect two machines using popular cryptographic libraries for encryption.
Security Assertion Markup Language (SAML) - SAML is an XML-based open standard for the exchange of authorisation and authentication data. The Shibboleth software is based on SAML.
Self Service Password Reset (SSPR) - An Overt Software product that allows users to reset their LDAP-based passwords remotely in a self-service fashion.
Servers - A computer that manages access to centralised resources in a network of other computers.
Service Provider (SP) - A third-party resource that can be logged into using SAML authentication.
Services - Services Overt Software Solutions Ltd carries out to assist and support the customer but does not deliver a tangible commodity.
Shibboleth - An open-source standard used for Identity and Access Management.
Shibboleth Azure Authentication Module (SAAM) - Proxies a Shibboleth IdP through ADFS or Azure AD. It allows for single sign-on between Shibboleth and Microsoft ADFS/Azure AD.
Short Message Service (SMS) - SMS is a text messaging service component of most telephone, Internet, and mobile device systems.
Single Sign-On (SSO) - SSO refers to systems where a single login is used to provide a user access to various protected federated resources.
Sub-Contractor - An individual or organisation hired to carry out work as part of an existing contract. An example of a sub-contractor is a graphic designer who is hired on a one-off basis by a web design company to contribute visual iconography to a contract for a site’s renovation.
Sub-Processor - A sub-processor is a third-party data processor that works with Overt Software Solutions Ltd to provide our products and service to customers. Approved sub-processors will potentially have access to or process customer-protected data.
Support Portal / https://overtsoftware.com/helpdesk - The area where customers can access and view all of their services and renewal dates as well as access their support tickets.
Technical Specification - A technical specification is a document that defines a set of requirements that a product or assembly must meet or exceed.
Terms & Conditions - Overt Software Solutions Ltd Terms and Conditions.
Third-Party - An individual or organisation unaffiliated with either the service provider, their customer, or a sub-contractor.
Third-Party Software - Software that Overt Software Solutions Ltd does not own but uses to provide customers with services and products.
Time-based one-time password (TOTP) - This is a temporary code, generated by an algorithm, for use in authenticating access to computer systems.
TrueSSO – The ability for users to authenticate to resources without having to enter usernames or passwords. Typically achieved using Kerberos/SPNEGO protocols.
UK-GDPR - General Data Protection Act is a regulation in United Kingdom law on data protection and privacy use within the United Kingdom and its economic area.
Universal 2nd Factor (U2F) - Is an open standard that strengthens and simplifies two-factor authentication (2FA) using specialized Universal Serial Bus (USB) or near-field communication (NFC) devices based on similar security technology found in smart cards.
Upgrade - Upgrading is the process of replacing a product with a newer version of the same product. In computing an upgrade is generally a replacement of hardware or software with a newer or better version, to bring the system up to date or to improve its characteristics.
Virtual Learning Environment (VLE) - In educational technology, a Virtual Learning Environment or VLE is a web-based platform for digital teaching and learning. VLEs offers educators digitally-based solutions aimed at creating and presenting interactive and active learning resources to students.
Virtual Learning Environment (VLE) - Virtual Learning Environment. Examples of VLEs include Moodle and Mahara.
Virtual Private Server (VPS) - This is a virtual machine sold as a service by an Internet hosting service.
Website - A set of related web pages located under a single domain name. Websites are typically produced and belong to a single person or organisation.

1.0. TERMS AND CONDITIONS OF SUPPLY OF SERVICES

This Agreement sets out the terms on which Overt Software Solutions Ltd supplies services, software (whether Overt Software Solutions Ltd proprietary software or third-party software supplied by Overt Software Solutions Ltd) and hardware, systems and associated products to the customer. This Agreement is supplementary to our Terms and Conditions of Business, a copy of which the Customer has already been provided with and which the Customer is deemed to have accepted. Where a provision of this Agreement is inconsistent with one or more provisions in our Terms and Conditions of Business, this Agreement takes precedence. You can find a copy of our terms and conditions on our website at; https://www.overtsoftware.com/tandc/.

2.0. ORDER ACCEPTANCE

2.1. Unless otherwise expressly agreed by Overt Software Solutions Ltd in writing, the terms set out in this Agreement will apply to any orders from the Customer for Services, Software or Products, and will supersede any other terms and conditions referred to, offered, or relied on by the Customer. Any schedules attached to this Agreement will form part of these terms and conditions. Any such schedules, and any specific written documentation or terms and conditions provided by Overt Software Solutions Ltd relating to the Services, Software or Products, including the letter to the Customer or other documentation setting out the proposal for the Services, will prevail over this agreement in the event of any conflict. In respect of the Software, the conditions of any licence agreements will apply. Subject to this, no variation to this agreement will be binding unless signed by the Directors of Overt Software Solutions Ltd. Software or Products which are not owned by Overt Software Solutions Ltd are supplied by Overt Software Solutions Ltd on the terms and conditions of the relevant third-party supplier where such third-party terms and conditions apply.

2.2. Overt Software Solutions Ltd agrees to provide and the Customer agrees to take and pay for the Services and any Software or Products to be supplied, as these are specified, at the rates or for the sums stated in Schedule 1. The Charges are based upon this Agreement and Overt Software Solutions Ltd, therefore, reserves the right to pass on to the Customer any external legal costs incurred as a result of any re-negotiation or amendment of this agreement arising out of special requirements of the Customer, or the use of documents other than Overt Software Solutions Ltd standard documents at the request of the Customer.

3.0. SERVICES

3.1. Overt Software Solutions Ltd will use its best endeavours to provide the Services in accordance with the Service Level Commitment set out in Schedule 2 for the duration of this Agreement.

3.2. Overt Software Solutions Ltd will provide the Services using its technical expertise at the Customer's request. The Customer acknowledges its responsibility for verifying that the Services are suitable for its own needs and business purposes and Overt Software Solutions Ltd accepts no responsibility for this.

3.3. Where the Charges are based on time scales and are stated in the Proposal to be an estimate, the Customer acknowledges that time scales scheduled by Overt Software Solution Ltd are estimates only of the amount of time required for the provision of the Services, and the customer will be invoiced for the actual time spent by Overt Software Solutions Ltd in providing the Services to the Customer. Time will not be of the essence to this (notwithstanding any provision to the contrary).

3.4. Overt Software Solutions Ltd will provide in respect of the software such category/categories of technical support and within such response time(s) as is set out in Schedule 2.

3.5. Overt Software Solutions Ltd may, at its sole discretion, agree to provide such extra Services as may be required at its normal Day rate.

3.6. The Customer will provide Overt Software Solutions Ltd with such information as it may reasonably need concerning the Customer's operations and answers to queries, decisions, and approvals which may be reasonably necessary for Overt Software Solutions Ltd to undertake the Services or supply the Products.

3.7. The Customer is responsible for ensuring that such information and answers are accurate and complete.

3.8. The Customer will at agreed times and upon request during the term of this Agreement provide, free of charge, in connection with the Services or supply of the Products access to and use of the Customer's equipment, the Customer's employees, the Customer’s computer systems and hardware and the Customer’s premises.

3.9. The Customer warrants to Overt Software Solutions Ltd has provided it with specific instructions, orders, or requirements together with sufficient information and specification to enable Overt Software Solutions Ltd to undertake the Services or supply the Products in accordance with this Agreement.

4.0. SOFTWARE

4.1. Software may be specifically developed for the customer by Overt Software Solutions Ltd. Software is licensed only for use on systems supplied by or supported by Overt Software Solutions Ltd.

4.2. Copyright subsists in all software including its documentation, whether it is Overt Software Solutions Ltd software, customer software, or third-party software, and in website design.

4.3. All software is licensed under the terms and conditions of its applicable licence agreement, whether or not such licence agreement has been signed and/or returned to Overt Software Solutions Ltd or the third-party licensor.

4.4. Unless otherwise specified in writing, Overt Software Solutions Ltd will run software tests as it considers necessary to ensure that the software is installed correctly on the customer's Servers. Upon completion of these tests, the software will be deemed to be accepted.

5.0. CHARGES

5.1. All Charges are exclusive of Value Added Tax and any similar taxes. All such taxes are payable by the Customer and will be applied in accordance with UK legislation in force at the tax point date.

5.2. Overt Software Solutions Ltd will be entitled to increase the Charges on the anniversary of the commencement of the provision of the Services and/or supply of the Software and thereafter not more than once in any successive period of 12 months by giving not less than 45 days' notice to the Customer.

5.3. All Charges are exclusive of expenses reasonably incurred in the performance of the Services by Overt Software Solutions Ltd.

5.4. Unless otherwise agreed, the initial Charges will be due and payable to Overt Software Solutions Ltd against invoice on completion of installation. The Customer will be invoiced in advance or at other regular intervals for other Charges. Overt Software Solutions Ltd invoices are due for payment within 30 days of the date of the invoice.

5.5. If you fail to pay an invoice on the due date, we may charge interest on the amount unpaid at the rate of 8% per annum above the base rate from time to time of HSBC Bank plc. We may also cease to supply goods and/or services to you without further notice. You must pay all fees, costs, and expenses we incur in collecting any outstanding charges or other sums from you.

5.6. Overt Software Solutions Ltd will be entitled to levy reasonable additional Charges in the manner set out in this Agreement if it has to provide the Services (or any part thereof) in circumstances where any reasonably skilled and competent service provider would have judged the Customer’s request to have been unnecessary.

6.0. WARRANTY

Subject, as set out below Overt Software Solutions Ltd, warrants that it will carry out the services with all reasonable skill and care.

7.0. LIMITS OF LIABILITY

7.1. The Customer agrees that it accepts these terms and conditions in the knowledge that Overt Software Solutions Ltd liability is limited and that the Charges are calculated accordingly. The Customer is advised to make its own insurance arrangements if it desires to limit further its exposure to risk or if it requires a further or different cover.

7.2. Overt Software Solutions Ltd makes no representations and gives no warranties, guarantees, or undertakings, express or implied, statutory or otherwise concerning its performance of the Services or in respect of the Software except as expressly set out in these terms and conditions. All other warranties, express or implied, by statute or otherwise, are excluded.

7.3. Except as expressly stated in these terms and conditions, any liability of Overt Software Solutions Ltd for any loss or damage of whatsoever nature and howsoever caused which in any way arises out of or is connected with the performance or non-performance by Overt Software Solutions Ltd of its obligations will not exceed in the aggregate of damages, costs, fees and expenses capable of being awarded to the Customer the Charges payable for twelve months by the Customer. This is except for:

(a) liability for death or personal injury caused by Overt Software Solutions Ltd negligence, which shall not be subject to financial limit; and
(b) liability for direct damage to property caused by Overt Software Solutions Ltd negligence, which will not exceed £1,000,000 for any one event or series of connected events.
(c) Professional Indemnity negligence, which will not exceed £50,000 for any one event or series of connected events.

7.4. Except as expressly stated in this Agreement, Overt Software Solutions Ltd disclaims all liability in contract or in tort (including negligence or breach of statutory duty) to the Customer including but not limited to liability for loss of profits whether in the course of the Customer’s business or otherwise, and in no event will Overt Software Solutions Ltd be liable to the Customer for special, indirect or consequential damages.

7.5. Provision of the Services is always subject to performance by the Customer of any express conditions or undertakings associated with such Services.

7.6. Overt Software Solutions Ltd shall not be liable for any damages arising from negligence or otherwise unless the Customer has established reasonable backup, accuracy checks, and security precautions to guard against possible malfunctions, loss of data, or unauthorised access.

7.7. If Overt Software Solutions Ltd fails to comply with its obligations under this Agreement, then it shall be entitled to be given a reasonable opportunity to correct any errors and to perform its obligations.

7.8. Except where Overt Software Solutions Ltd is providing specific security backup or archiving services specified in the Proposal, the parties agree that the Customer is the best judge of the value and importance of its data, and the Customer will be solely responsible for

(a) Instituting and operating all necessary backup procedures, for its own benefit, to ensure that data integrity can be maintained in the event of loss of data for any reason.
(b) Archiving; taking out any insurance policy or other financial cover for loss or damage which may arise from loss of data for any reason.

7.9. The Customer is responsible for health and safety at its premises.

8.0. CONFIDENTIALITY AND DATA PROTECTION

8.1. The parties each acknowledge and agree that the terms of the Data Processing Agreement (the “DPA”) will govern any Personal Data (as defined in the DPA) which is shared between Overt Software Solutions Ltd and the Customer, in accordance with this Service Level Agreement and the DPA.

Instructions to view and sign the DPA can be seen at https://www.overtsoftware.com/security-and-data-protection/.

9.0. INTELLECTUAL PROPERTY RIGHTS AND INDEMNITY

9.1. The Customer retains ownership of any Intellectual Property in data and information supplied by the Customer and in any online resources of the Customer.

9.2. Overt Software Solutions Ltd or its licensors own all Intellectual Property in the Products and the documentation supplied with the Products.

9.3. Overt Software Solutions Ltd confirms that it has all the rights in relation to the Service and the Documentation that are necessary to grant all the rights it purports to grant under, and in accordance with, the terms of this agreement.

9.4. The Customer acknowledges and agrees that agreement does not grant the customer any rights to, or in, patents, copyright, database right, trade secrets, trade names, trademarks (whether registered or unregistered), or any other rights or licenses in respect of the Service or the Documentation.

9.5. Overt Software Solutions Ltd will indemnify the Customer from all claims that the Products infringe the Intellectual Property of any third party provided that:

(a) Such indemnity shall not apply to the extent that the infringement arises out of misuse of the Software or any combination, operation, or use of the Software with software, systems, or equipment not approved by Overt Software Solutions Ltd
(b) The Customer does not knowingly make or intimate any admission, settlement, opinion, or undertaking that may be detrimental to Overt Software solutions Ltd defense.
(c) The Customer gives Overt Software Solutions Ltd prompt written notice of any claim made against the Customer and Overt Software Solutions Ltd shall have the right to defend and settle such claims at its own discretion.
(d) The Customer will give assistance as Overt Software Solutions Ltd may reasonably require to settle or oppose any such claim.
(e) The Customer applies all reasonable endeavors to mitigate Overt Software Solutions Ltd exposure under this indemnity.
(f) Overt Software Solutions Ltd shall be entitled to secure the right for the Customer to continue using the Products or to avoid the infringement by modifying the Products or replacing the Products or infringing part with software or service of similar capability.

10.0. SERVICE AVAILABILITY

10.1. Overt Software Solutions Ltd will use all reasonable endeavours to make the Services available as described in Schedule 2, but the Services may nevertheless be suspended for so long as is necessary to enable work to be carried out in order to correct, maintain or upgrade the Services.

10.2. Overt Software Solutions Ltd does not and cannot control the network on which the Services operates, or which depend on the performance of services provided or controlled by third parties.

11.0. CONTRACT

11.1. This Agreement together with the proposal and website information to which they refer, constitutes the entire agreement between the parties. Each of the parties acknowledges and agrees that in entering into this agreement, it does not rely on, and shall have no remedy in respect of any statement of fact or opinion not recorded in these terms and conditions, the documentation or the website information, whether negligently or innocently made, except for any representation made fraudulently.

11.2. Any contractual notice given by either party to the other must be in writing and may be delivered personally or by first-class pre-paid recorded mail and in the case of post will be deemed to have been given 2 working days after the date of posting. Notices shall be delivered or sent to Overt Software Solutions Ltd at the address stated in Appendix A, and to the Customer at its registered office address or to any other address notified by it to Overt Software Solutions Ltd for the purpose of receiving notices.

12.0. TERM AND DURATION

12.1. This Agreement shall come into force on the date set out in Schedule 1 of this Agreement for an initial period of the support portal. This Agreement will be renewed on an annual basis or on an agreed basis via client instruction.

12.2. This Agreement may be terminated by either party giving the other not less than 45 days’ notice of such intention. Overt Software Solutions Ltd may terminate this Agreement immediately if it reasonably believes that the Customer is in breach of any provision hereof.

12.3. Upon termination of this Agreement for whatever cause Overt Software Solutions Ltd will be paid all money due to it after taking into account amounts previously paid, together with all other relevant costs as specified in this Agreement.

12.4. Any termination of this Agreement shall be without prejudice to any other rights or remedies a party may be entitled to hereunder or at law and shall not affect any accrued rights or liabilities of either party.

13.0. DISCONTINUATION OF PRODUCTS AND/OR SERVICES

13.1. Overt Software Solutions Ltd will give you notice of no less than 90 days when we discontinue a product or service we provide.

13.2. Overt Software Solutions Ltd will continue to support your product or service until the end on your contract period as stated in Schedule 1.

14.0. MISCELLANEOUS

14.1. The waiver by either party of a breach or default of any of the provisions of this Agreement by the other party shall not be construed as a waiver of any succeeding breach of the same or other provisions nor shall any delay or omission on the part of either party to exercise or avail itself of any right, power or privilege that it has or may have hereunder operated as a waiver of any breach or default by the other party.

14.2. The parties confirm that no right is conferred to any third party under this Agreement and accordingly the Contracts (Rights of Third-Parties) Act 1999 shall not apply.

14.3. If any provision of this Agreement shall be found by any court or administrative body of competent jurisdiction to be invalid or unenforceable the invalidity or unenforceability of such provision shall not affect the other provisions of this agreement and all provisions not affected by such invalidity or unenforceability shall remain in full force and effect. The parties hereby agree to attempt to substitute for any invalid or unenforceable provision a valid or enforceable provision that achieves to the greatest extent possible the economic, legal, and commercial objectives of the invalid or unenforceable provision.

14.4. Overt Software Solutions Ltd shall not be liable to the Customer for loss arising from or in connection with any representations, agreements, statements, or undertakings made prior to the date of execution of this Agreement other than those representations, agreements, statements, or undertakings confirmed by a duly authorised representative of Overt Software Solutions Ltd in writing or expressly incorporated or referred to in this Agreement.

14.5. This Agreement shall be binding upon and ensure for the benefit of the successors in title of the parties hereto.

14.6. The Customer shall not be entitled to assign or otherwise transfer this Agreement nor any of its rights or obligations hereunder without the prior written consent of Overt Software Solutions.

SCHEDULE 1

Description of Services and Charges

Please see the support portal for your contact details and contract period for the products and services you have with Overt Software Solutions Ltd: https://overtsoftware.com/helpdesk.

Description of products and services

Please see Schedule 2 for the description of the products and services you have purchased and are listed in your support portal: https://overtsoftware.com/helpdesk.

SCHEDULE 2

This schedule provides a definition of the services and service levels provided by Overt Software Solutions Ltd.

General Service Level 2 Commitments

Overt Software Solutions Ltd will endeavor to:

The Overt Software Solutions Ltd support desk will log and resolve calls with all associated services.
Provide remote support by Overt Software Solutions Ltd, personnel from 9.00 a.m. to 5.00 p.m. during normal working days, excluding Statutory Public Holidays. Unless you have purchased 24/7 support – see section H in schedule 2.
Priority Level response times for support during business hours: 2hr High priority, 4hr Medium priority, 3 days Low priority.
Perform such general services, environmental systems software maintenance, and other actions as are reasonably required to maintain the customer’s products and services.
Notify the customer during business hours, or where outside business hours at the start of the next business day, any security incident affecting the customer.
Ensure timely installation of software as part customer’s contracted products and services.
User access for the support portal issued within 1 working day after payment.
Provide notice of any planned work to the services outlined below.

Description of products and services

Please note that the services that are detailed below only apply to those services that you have purchased and that are displayed within your support portal which can be viewed here: https://overtsoftware.com/helpdesk.

A) Hosting

Hosted servers are located within the United Kingdom in Tier 3 data centres or an ISO-27001 Tier 4 data centre.
Multiple server hosting options available:
- (a) VPS servers
- (b) Dedicated servers
- (c) Load balanced server clusters
- (d) Private cloud HA VPS servers
HA load balancing for maximum uptime (Only applicable for Load balanced Servers and Private cloud HA VPS servers such as cloud-hosted Shibboleth IdP nodes)
100% Power and Network Uptime
Full root access to the server upon request
Free SSL Certificates
Offsite encrypted disaster recovery backups (Encrypted in transit and at rest using AES256), encrypted backups stored in Germany, EU
Protection against DDoS Attacks
Fully Managed Operating System Support
Fully managed servers monitored 24/7
Daily vulnerability scans of hosted servers
Performed during installation of Dedicated Servers
Hard Stress Testing
RAID monitoring

B) Enhanced Web Security Bundle

Add-on for LMS/VLE Server
Pro-active defense with Bitdefender anti-malware scans
Advanced anti-exploit technology
Live kernel patching
Web- application advanced firewall
Intrusion detection and protection

C) Shibboleth IdP Service Support

Unlimited Technical support during normal business days and hours.
24/7 packages are available for additional support – See section H in Schedule 2 for details.
Custom branding and login page customisation
TrueSSO and desktop Single sign-on
Active Directory / LDAP Integration
ADFS / Azure AD support using Overt Software Solutions Ltd’s SAAM bridge
Support for external databases and API web service authentication
Full Federation support
Unlimited SAML service provider connections
Support with connectivity to Shibboleth compatible Federations and Service Providers
Maintenace of Shibboleth IdP server and OS prerequisites such as patches and upgrades
Ability to host onsite or on Overt Software Solutions Ltd’s private HA cloud.
Maintenace of Java and all Shibboleth IdP pre-requisite software
Premium OvertIdP Dashboard
Support for granular access
Installation support for secure LDAP SSH tunnels via OvertADLink

D) Multi-Factor Authentication and SSPR Support

Unlimited Technical support during normal business days and hours.
24/7 packages are available for additional support – See section H in Schedule 2 for details.
Custom branding and login page customisation
Assistance with configuring and managing SSPR MFA Portal
Assistance with onboarding users to MFA/SSPR
Assistance configuring services for MFA using OvertIdP Dashboard
Assistance with onboarding services for MFA.
LDAP integration
Support for custom MFA rules and triggers
Statistical reporting of MFA authentications and failures
“Remember me” support
Support for OTP / FIDO2 / U2F / TOTP / SMS / Hardware tokens / Google Authenticator
Fully integrated with Shibboleth IdP OvertIdP Dashboard
Hosted Onsite or Cloud

E) Shibboleth SAAM ADFS/Azure AD Bridge Support

Unlimited Technical support during normal business days and hours.
24/7 packages are available for additional support – See section H in Schedule 2 for details.
Support for ADFS / Azure AD
Assistance configuring Azure AD / ADFS to release attributes to Shibboleth IdP
Configuring Shibboleth IdP to consume attributes passed over from ADFS/Azure AD via Shibboleth SAML Proxy
Multiple attribute resolution options available using SAAM

F) Virtual Learning Environment Support

Unlimited Technical support during normal business days and hours.
24/7 packages are available for additional support – See section H in Schedule 2 for details.
VLE upgrade and patch instillations
Third-party plugin installation
Basic adjustments to theming and basic theme modifications.
Shibboleth SP and SAML authentication support for your Moodle instance
Operating system support (Linux and windows) for Moodle components; installing required software and maintenance via patches and upgrades
No restrictions on file size uploads and streaming except the overall 10TB per month
Full access to server for data transfers using encryption (SFTP)
Authentication support and maintenance to Moodle (Shibboleth/LDAP/SAML/External database)
Sandbox VLEs included for with every support contract for testing upgrades and plugin installations
Installation support for secure LDAP SSH tunnels via OvertADLink
Assisted installation of MIS integration, inclusive of script installation, establishing a connection between your MIS server and the Moodle server, scheduled task setup on your MIS server and the Moodle server and installation support for secure MIS SSH tunnels (OvertMISLink) - included with separate MIS Integration product
Installation and support for the Mahara/Moodle SSO link (Mahoodle)
Basic scripting and SQL query writing
Support for minor custom code changes
Basic Microsoft 365 plugin integration support
Microsoft Teams integration via mConnect supported by Skooler Limited
Support for document conversion via the Unoconv PDF converter service built into Moodle
Training is not provided within Overt Software Solutions Ltd’s VLE support packages. We can provide third-party training for an additional fee upon request.

G) Linux Operating System Support

Unlimited Technical support during normal business days and hours.
Applying patches and upgrades to Linux operating systems. Note this contract does not cover any third-party applications
Resolution of OS errors/failures that impact the service in a negative way
Guidance for Linux configuration setup, filesystems, services, security, networking etc
Monitoring of server
Assistance with allocating additional server resources such as addition of more memory, expanding disks, and attaching mounted storage

H) 24/7 Support Packages for VLEs and Shibboleth

Direct access to technical support out of business hours
24/7 telephone support with a private PIN
Enhanced backups
Enhanced hosting SLA
Packages available:
- (a) Basic Package – Support during out of hours: 12 calls per year, 12hr response time. Support during business hours: Unlimited Calls Response times - 2hr High priority, 4hr Medium priority, 3 days Low priority.
- (b) Standard Package - Support during out of hours: 32 calls per year, 8hr response time. Support during business hours: Unlimited Calls Response times - 2hr High priority, 4hr Medium priority, 3 days Low priority.
- (c) Premium Package - Support during out of hours: 48 calls per year, 4hr response time. Support during business hours: Unlimited Calls Response times - 2hr High priority, 4hr Medium priority, 3 days Low priority.
- (d) Enterprise Package - Support during out of hours: 64 calls per year, 1hr response time. Support during business hours: Unlimited Calls Response times - 2hr High priority, 4hr Medium priority, 3 days Low priority.
Scheduled ‘out of hours work’ support will be deducted from your associated 24/7 support package call limits.

I) VLE Administration

User and enrollment management.
Course management - please note, course creation requires content materials to be provided and does not include SCORM content creation.
Assignment and Quiz management.
Set up and management of H5P, Video Conferencing, File Repositories, and External LTI Tools.
Uploading pre-existing SCORM Content Packages onto VLE systems.
Preferential rates on SCORM Content development.
Provide VLE Reports and course completion tracking.
Amendments to Site Policies and TOU.
Accessibility audits.
Plugin installation and updates.
Please be advised that this product is only available for Moodle Virtual Learning Environments.

APPENDIX A

Contacts for Overt Software Solutions Ltd are as follows:

Company Address: Unit 2 Hawford business centre, Hawford, Worcester, Worcestershire, WR3 7SG, United Kingdom

Company Telephone: 01905 955037

Success Team: success@overtsoftware.com

Support Portal: https://overtsoftware.com/helpdesk

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	2 years	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
tve_leads_unique	1 month	This cookie is set by the provider Thrive Themes. This cookie is used to know which optin form the visitor has filled out when subscribing a newsletter.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
c3po.jpg	Session	This pixel tracker, set by metricool.com, collects data on the user’s navigation and behaviour on the website. This is used to compile statistical reports and heatmaps for the website owner.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook as part of their embedded services on our websites (likes, sharing etc.).
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
AnalyticsSyncHistory	1 month	No description
ClientId	1 year	No description available.
li_gc	2 years	No description
OIDC	6 months	No description available.
OutlookSession	session	No description available.
tl_1206_1206_4	1 month	No description
tl_544_544_1	1 month	No description