Version 2.2 – March 2026
This Service Level Agreement (hereinafter "SLA") defines the service levels guaranteed by SecBox (hereinafter "Provider") to the Client within the scope of the contract for the provision of the SecBox Shield service. This document constitutes an integral part of the service contract and the Terms and Conditions.
1. Definitions
For the purposes of this SLA, the following terms shall mean:
"Service Availability": the percentage ratio, calculated on a monthly basis, between the time the Service is fully operational and the total time of the reference period (in minutes). The formula applied is: ((Total minutes in the month – Non-excluded downtime minutes) / Total minutes in the month) × 100.
"Downtime": the continuous period exceeding 5 minutes during which the Service is unavailable or not functionally usable, excluding the cases set forth in Art. 4 (Exclusions).
"Critical Incident": an event that results in the complete unavailability of the managed firewall, the total interruption of VPN access, or any anomaly that substantially impedes the Client's normal business operations.
"Major Incident": a significant degradation of the Service's performance such as to partially impair its use, without, however, causing its complete unavailability.
"Minor Incident": a marginal malfunction that does not affect the Client's normal business operations.
"Response Time": the time interval between the reporting of the ticket by the Client via the Client Portal and the first response from the Provider's technical team.
"Restoration Time": the time interval between the reporting of the ticket and the restoration of the Service's normal operating conditions.
"Business Hour": any hour within the support hours provided for the subscribed plan (Mon-Fri 9:00 AM-6:00 PM, excluding national holidays, for the Core and Pro plans).
"Scheduled Maintenance": a planned intervention communicated to the Client at least 48 hours in advance via email, which is not included in the calculation of Downtime.
2. Guaranteed Service Levels by Plan
Shield Core Plan
| Metric | Guaranteed value |
|---|---|
| Monthly Service Availability | 99.0% |
| Response Time – Critical Incident | 8 business hours |
| Response Time – Major Incident | 24 business hours |
| Restoration Time – Critical Incident | 24 business hours |
| Support Hours | Monday-Friday, 9:00 AM-6:00 PM (excluding holidays) |
| Support Channel | Ticket via Client Portal |
| Uptime Reporting | Not included |
The tolerated monthly downtime limit is 7 hours and 12 minutes (99.0% on a monthly basis of 720 hours).
Shield Pro Plan
| Metric | Guaranteed value |
|---|---|
| Monthly Service Availability | 99.5% |
| Response Time – Critical Incident | 4 business hours |
| Response Time – Major Incident | 8 business hours |
| Restoration Time – Critical Incident | 8 business hours |
| Support Hours | Monday-Friday, 9:00 AM-6:00 PM (excluding holidays) |
| Support Channel | Priority ticket via Client Portal |
| Uptime Reporting | Monthly report sent by the 5th of the following month |
The tolerated monthly downtime limit is 3 hours and 36 minutes (99.5% on a monthly basis of 720 hours).
Shield XDR Plan
| Metric | Guaranteed value |
|---|---|
| Monthly Service Availability | 99.9% |
| Response Time – Critical Incident | 1 hour (24/7, 365 days) |
| Response Time – Major Incident | 4 hours (24/7, 365 days) |
| Restoration Time – Critical Incident | 4 hours (24/7, 365 days) |
| Support Hours | 24 hours a day, 7 days a week, 365 days a year |
| Support Channel | 24/7 priority ticket + emergency technical contact (available within the Provider's operational limits indicated upon activation) |
| Uptime Reporting | Detailed monthly report by the 5th of the following month |
The tolerated monthly downtime limit is 43 minutes and 12 seconds (99.9% on a monthly basis of 720 hours).
3. Incident Reporting Procedure
3.1 Opening a ticket
All incidents must be reported exclusively via the Client Portal at clients.secbox.it, by filling out the ticket submission form with the following information:
- Detailed description of the issue encountered
- Severity classification (Critical, Major, Minor)
- Time the issue was first detected
- Estimated potential impact on business operations
- Available screenshots or logs
The Response Time begins from the moment the ticket is correctly opened on the Client Portal. Reports made through other channels (e.g., informal email) are not guaranteed under the SLA terms, except for Critical Incidents for XDR plans for which the 24/7 emergency line is available.
3.2 Severity Classification
The severity classification is indicated by the Client when opening the ticket. The Provider reserves the right to reclassify the severity of the incident upon acknowledgement, justifying the different classification in the ticket response. In case of disagreement, the Client may request an escalation pursuant to Art. 3.3.
3.3 Escalation Procedure
If the Client believes that the response times are not being met or that the quality of the response is inadequate, they may request an escalation according to the following procedure:
| Level | Recipient | How to contact |
|---|---|---|
| Level 1 | SecBox Technical Team | Reply to the open ticket |
| Level 2 | Technical Manager | Escalation request in the ticket, subject "ESCALATION L2" |
| Level 3 | SecBox Management | Email to [email protected], subject "ESCALATION L3 – [ticket number]" |
The Provider undertakes to respond to a Level 2 escalation request within 4 business hours and to a Level 3 request within 24 hours of receipt.
4. SLA Exclusions
The guaranteed service levels do not apply, and the related period is not included in the calculation of downtime, in the following cases:
a) Scheduled Maintenance: periods of planned maintenance communicated to the Client at least 48 hours in advance. The Provider undertakes to schedule maintenance during periods of lower operational impact (preferably outside the 9:00 AM-6:00 PM time frame) and to minimize the duration of the interruption.
b) Attacks exceeding the contractual threshold: DDoS events or other cyberattacks whose intensity or complexity exceeds the mitigation capacity contractually provided for the subscribed plan.
c) Causes attributable to the Client: disruptions resulting from unauthorized changes to the Provider's configurations, failure to provide updated credentials, conduct by the Client's personnel contrary to the technical instructions received, or any other action or omission by the Client.
d) Third-party services: interruptions attributable to connectivity providers, data centers, cloud infrastructures, CDNs, or other services over which the Provider has no control.
e) Force Majeure: extraordinary and unforeseeable events beyond the Provider's control, including natural disasters, widespread Internet network outages, measures by public authorities, or states of emergency.
f) Tests and simulations: periods of planned testing or attack simulations agreed upon with the Client.
5. Monitoring and Reporting
5.1 Continuous Monitoring
The Provider continuously monitors the availability of the Service through automated systems. Downtime events are recorded with an indication of the start time, end time, and cause.
5.2 Reporting
Clients with Pro and XDR plans receive, by the 5th of each month, a summary report for the previous month containing: the actual percentage availability, a summary of incidents (number, type, response and restoration times), periods of Scheduled Maintenance, and any credit accrued.
Clients with the Core plan may request information on actual uptime via a ticket on the Client Portal.
6. Penalties for SLA Non-Compliance
6.1 Credit Mechanism
In the event of failure to meet the guaranteed availability levels in the monthly reference period, the Client is entitled to a credit on the monthly fee calculated as follows:
| Actual Availability | Credit granted |
|---|---|
| From 98.0% to the plan's guaranteed value (exclusive) | 10% of the monthly fee |
| From 95.0% to 97.9% | 25% of the monthly fee |
| Below 95.0% | 50% of the monthly fee |
The maximum credit that can be granted is in any case equal to 50% of the monthly fee for the subscribed plan. Credits are not cumulative with other forms of compensation and are not convertible into cash, except in the event of the Client's withdrawal due to the Provider's breach of contract.
6.2 Procedure for Credit Recognition
The credit is not granted automatically. To obtain the credit, the Client must:
- Submit a written request via a ticket on the Client Portal, with the subject "SLA Credit Request – [month/year]", within 30 days from the end of the reference month
- Indicate in the request: the start and end date and time of the reported downtime, the corresponding ticket number (if opened), and the calculation of the requested credit
The Provider will review the request within 10 business days and respond by indicating the credit granted or the reasons for denial. In case of dispute, the escalation procedure set forth in Art. 3.3 shall apply.
6.3 Application of Credit
The granted credit is applied as a deduction on the first invoice issued after its recognition. The credit does not entitle the Client to suspend the obligation to pay the fee for the reference period.
7. Amendments to this SLA
The Provider reserves the right to amend this SLA to adapt it to technological, infrastructural, or regulatory changes. Amendments shall be communicated to the Client with at least 30 days' prior notice via email. Should the amendments result in a reduction of the guaranteed service levels, the Client has the right to withdraw from the contract without penalty within the notice period.
For any matter concerning this SLA: [email protected] — Certified Email (PEC): [email protected]