Service Level Agreement

Effective Date: November 9, 2025

Applicability. This SLA applies only to Enterprise plan customers who have an active paid subscription for the covered Service. Self‑serve plans do not include uptime credits.

Definitions

  • Service: The Atomic Edge reverse‑proxy / WAF platform, including edge proxying of HTTP(S) traffic for contracted domains, and the dashboard/API used to configure that proxying.

  • Affected Region: The geographic ingress region(s) selected/contracted by Customer for traffic entry. Multi‑region deployments are measured per region.

  • Downtime: The period during which the Service, in an Affected Region, fails valid proxied HTTP(S) requests for Customer’s configured domains with an error rate ≥ 5% (HTTP 5xx from Atomic Edge edge or complete timeouts) for at least five (5) consecutive minutes, excluding SLA Exclusions. Intermittent errors that do not meet the threshold and isolated customer‑specific misconfigurations are not Downtime.

  • Monthly Uptime Percentage (MUP) (per Affected Region): 100% − (Total Downtime minutes in calendar month ÷ Total minutes in calendar month × 100).

Target Uptime

99.90% MUP per Affected Region each calendar month.

Measurement & Evidence

Atomic Edge measures availability using consolidated edge telemetry, health probes, and control‑plane status. Customer may submit corroborating evidence (edge request IDs, origin/edge logs, third‑party monitors). If there is a discrepancy, the parties will act in good faith to reconcile data; Atomic Edge’s measurements will control absent clear error.

Scheduled & Emergency Maintenance

  • Scheduled maintenance windows will be announced with at least 72 hours’ advance notice (typical windows: Sundays 02:00–05:00 Eastern Time).

  • Emergency maintenance may be performed without advance notice where necessary for security or stability; Atomic Edge will post updates to the status page and provide incident communications.

SLA Exclusions

Downtime does not include unavailability or errors caused by:
(a) Customer configuration, origin failure, origin firewall/security controls, or invalid TLS certificates at the origin;
(b) DDoS or abuse directed at Customer origin or networks upstream of the Service;
(c) DNS resolution or propagation outside Atomic Edge’s control, or Customer‑managed DNS;
(d) third‑party outages beyond Atomic Edge’s reasonable control (e.g., registries/registrars/TLD issues, upstream carriers, cloud provider platform incidents not caused by Atomic Edge configuration);
(e) features labelled beta/preview;
(f) traffic blocked under the AUP or required by law;
(g) force majeure events.

Service Credits

If MUP for an Affected Region falls below the Target in a month, Customer may request a credit within 30 days after month end:

  • MUP < 99.9% and ≥ 99.0% → 5% of monthly fees for the affected Service/region

  • MUP < 99.0% and ≥ 98.0% → 10%

  • MUP < 98.0% → 20%
    Caps: Total credits for a month are capped at 50% of monthly fees for the affected Service/region. Credits apply to future invoices and are the sole and exclusive remedy for SLA failures.

Chronic Failure — Termination Right

If MUP for the same Affected Region is < 99.0% in two (2) of any three (3) consecutive months (and the shortfalls are not due to SLA Exclusions), Customer may terminate the affected Service for convenience on 30 days’ written notice and receive a pro‑rata refund of prepaid, unused fees for the terminated portion.

Support Commitments (Targets)

Response targets are non‑creditable but tracked for performance:

  • P1 Critical (material impact to majority of proxied traffic): first response ≤ 1 hour (24×7).

  • P2 High (degradation/security event with workaround): first response ≤ 4 hours.

  • P3 Normal (how‑to/requests): first response ≤ 1 business day.
    Escalations and updates via Enterprise support channels and https://status.atomicedge.io.

RTO/RPO & Customer Responsibilities

This SLA does not guarantee specific RTO/RPO. Customer remains responsible for origin resiliency, backups, domain/DNS control, and appropriate WAF/rate‑limit configurations. Security log retention and deletion are defined in the Privacy Policy/DPA.