Initial Audit / Diagnostic Services
In most cases, we will conduct an initial audit of your information technology (IT) environment to determine the readiness for, and compatibility with, our proposed ongoing managed services. This audit may include some or all the following:
Audit to determine general Environment (defined below) readiness and functional capability
Review of hardware and software configurations
Review of current vendor service / warranty agreements for Environment hardware and software
Basic security vulnerability check
Basic backup and file recovery solution audit
Speed test and ISP audit
Print output audit
Office telephone vendor service audit
Asset inventory
Email and website hosting audit
IT support process audit
If deficiencies are discovered during the auditing process (such as outdated equipment or unlicensed software), we will bring those issues to your attention and discuss the impact of the deficiencies on our provision of the Services and provide you with options to correct the deficiencies. Please note, unless otherwise expressly agreed by us in writing, auditing services do not include the remediation of any issues, errors, or deficiencies (“Issues”), and we cannot guarantee that all Issues will be detected during the auditing process. Issues that are discovered in the Environment after the auditing process is completed may be addressed in one or more subsequent quotes.
Onboarding Services
Onboarding is the stage during which we prepare the Environment for the managed services described in the Quote. During this phase, we will work with your Authorized Contact(s) to review the information we need to prepare the targeted environment. In addition:
It is Client’s responsibility to have its previous IT service providers’ tools and software agents (“Prior Tools”) removed in cooperation with Savvy’s installation of our tools, as well as to uninstall then-existing administrative passwords or keys (or provide us with those passwords and keys) as necessary for Savvy to implement its services. Additional charges may apply if Savvy is required to uninstall Prior Tools, seize administrative access, or undertake any other efforts reasonably necessary for Savvy to acquire administrative access.
Uninstall any monitoring tools or other software installed by previous IT service providers (“Prior Tools”). Please note: If we are unable to uninstall or disable Prior Tools remotely, then an onsite visit may be required for which additional fees, such as travel time, may apply. In any event, if Prior Tools cannot be removed then we will bring that situation to your attention and, to the extent reasonably practicable, quarantine the Prior Tools so they become inoperative. We do not warrant or guarantee that all Prior Tools will be capable of being removed permanently, or that unremovable Prior Tools will become or remain inoperative.Compile a full inventory of all protected servers, workstations, and laptop
Uninstall any previous endpoint protection and install our managed security solutions (as indicated in the Quote)
Install remote support access agents (i.e., software agents) on each managed device to enable remote support
Configure Windows® and application patch management agent(s) and check for missing security updates
Uninstall unsafe applications or applications that are no longer necessary
Optimize device performance including disk cleanup and endpoint protection scans
Review firewall configuration and other network infrastructure devices
Review status of battery backup protection on all mission critical devices
Stabilize network and assure that all devices can securely access the file server
Review and document current server configuration and status
Determine existing business continuity strategy and status; prepare backup file recovery and incident response option for consideration
Review password policies and update user and device passwords.
As applicable, make recommendations for changes that should be considered to the managed environment
This list is subject to change if we determine, at our discretion, that different or additional onboarding activities are required.
If deficiencies are discovered during the onboarding process, we will bring those issues to your attention and discuss the impact of the deficiencies on our provision of our monthly managed services. Please note, unless otherwise expressly stated in the Quote, onboarding-related services do not include the remediation of any issues, errors, or deficiencies (“Issues”), and we cannot guarantee that all Issues will be detected during the onboarding process.
The duration of the onboarding process depends on many factors, many of which may be outside of our control—such as product availability/shortages, required third party vendor input, etc. As such, we can estimate, but cannot guarantee, the timing and duration of the onboarding process. We will keep you updated as the onboarding process progresses.
Ongoing / Recurring Managed Services
The table below describes all managed services provided or facilitated by Savvy; however, only those services specifically described in the Quote will be facilitated and/or provided to you (collectively, the “Services”). Please review the Quote to determine which of the managed services listed below will be provided to / facilitated for you.
Ongoing/recurring managed services are provided to you or facilitated for you on an ongoing basis and, unless otherwise indicated in a Quote, are billed monthly. Some ongoing/recurring services will begin with the commencement of onboarding services; others will begin when the onboarding process is completed. Please direct any questions about start or “go live” dates to your account manager.
Services Guide
This Services Guide contains provisions that define, clarify, and govern the scope of the services described in the quote that has been provided to you (the “Quote”), as well as the policies and procedures that we follow (and to which you agree) when we provide a service to you or facilitate a service for you. If you do not agree with the terms of this Services Guide, you should not sign the Quote and you must contact us for more information.
This Services Guide is our “owner’s manual” that generally describes all managed services provided or facilitated by Savvy Solutions Company (“Savvy,” “we,” “us,” or “our”); however, only those services specifically described in the Quote will be facilitated and/or provided to you.
This Services Guide is governed under our Master Services Agreement (“MSA”). You may locate our MSA through the link in your Quote or, if you want, we will send you a copy of the MSA by email upon request. Capitalized terms in this Services Guide will have the same meaning as the capitalized terms in the MSA, unless otherwise indicated below.
Activities or items that are not specifically described in the Quote will be out of scope and will not be included unless otherwise agreed to by us in writing.
Please read this Services Guide carefully and keep a copy for your records.
| Service | General Description | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Backup and File Recovery |
Implementation and facilitation of a backup and file recovery solution from our designated Third Party Provider.
Backup Data Security: All backed up data is encrypted in transit and at rest in 256-bit AES encryption. All facilities housing backed up data implement physical security controls and logs, including security cameras, and have multiple internet connections with failover capabilities. Backup Retention: Backed up data will be retained for the periods indicated below, unless a different time period is expressly stated in the Quote. This includes both on-premise and cloud backups.
Backup Alerts: Managed servers will be configured to inform of any backup failures. Recovery of Data: If you need to recover any of your backed up data, then the following procedures will apply:
|
|||||||||||||||||||||||||||
| Compliance-as-a-Service (CaaS) |
Implementation and facilitation of a regulatory compliance solution from our designated Third Party Provider.
Note: CaaS requires Client’s ongoing cooperation and participation. To the extent that Client provides incomplete, inaccurate, or outdated information, the results of the CaaS may be incorrect or incomplete and should not be relied upon. Certification of completion of regulatory compliance is valid as of the date on which such certification is awarded, but does not guarantee that Client will continue to be regulatory compliant in the future. It is strongly suggested that Client always maintain this Service with no lapse in the provision of this Service to help ensure ongoing compliance. |
|||||||||||||||||||||||||||
| Domain & DNS Management |
Implementation and facilitation of domain and DNS management services for Client’s managed environment, which may include coordination with Client’s registrar, DNS host, and/or other designated Third Party Providers. Scope may include:
Limitations / Exclusions:
|
|||||||||||||||||||||||||||
| Email Threat Protection |
Implementation and facilitation of a trusted email threat protection solution from our designated Third Party Provider.
Message Security Bundle (Add-On): Email security and email backup services apply only to mailboxes expressly included in the applicable Quote. If Client requires email security and/or email backup coverage for additional mailboxes beyond those included in the Quote (including shared, legacy, or otherwise active mailboxes), such coverage must be purchased as an add-on in “Message Security Bundles,” each consisting of five (5) mailboxes per bundle, unless otherwise stated in the Quote. Please see Anti-Virus; Anti-Malware and Breach / Cyber Security Incident Recovery sections below for important details. All hosted email is subject to the terms of our Hosted Email Policy and our Acceptable Use Policy. |
|||||||||||||||||||||||||||
| Endpoint Antivirus & Malware Protection |
Implementation and facilitation of an endpoint malware protection solution from our designated Third Party Provider.
Please see Anti-Virus; Anti-Malware and Breach / Cyber Security Incident Recovery sections below for important details. |
|||||||||||||||||||||||||||
| Extended Detection & Response (XDR) |
Implementation and facilitation of an endpoint malware protection solution with extended functionalities from our designated Third Party Provider.
Requires: at least two layers (e.g., endpoint, email, network, servers, and/or cloud workload.) Please see Anti-Virus; Anti-Malware and Breach / Cyber Security Incident Recovery sections below for important details. |
|||||||||||||||||||||||||||
| End User Security Awareness Training |
Implementation and facilitation of a security awareness training solution from an industry-leading third party solution provider.
Please note: Untrained staff could create or cause security vulnerabilities. Client must notify us if Client hires new staff/personnel, since those persons must undergo awareness training to ensure consistent security protocols and processes across Client’s IT environment. Client’s personnel may receive reminders (generally by email). It is Client’s responsibility to ensure that its staff undertakes training on a consistent basis. Please see Anti-Virus; Anti-Malware and Breach / Cyber Security Incident Recovery sections below for important details. |
|||||||||||||||||||||||||||
| Firewall as a Service (firewall appliance provided by Savvy) |
|
|||||||||||||||||||||||||||
| Firewall Solution (firewall appliance provided / purchased by Client) |
|
|||||||||||||||||||||||||||
| Managed Detection & Response (MDR) |
Implementation and facilitation of a top-tier MDR solution from our designated Third Party Provider.
Remediation services provided on a time and materials basis. Please see Anti-Virus; Anti-Malware and Breach / Cyber Security Incident Recovery sections below for important details. |
|||||||||||||||||||||||||||
| User Onboarding & Offboarding (User Lifecycle Management) |
Implementation and facilitation of employee onboarding and offboarding services for Client’s authorized personnel, including provisioning and deprovisioning of user access, accounts, and managed devices as applicable to the Services purchased under the Quote. So Savvy (Basic) – Onboarding (Add-On Fee Applies) For So Savvy seats, onboarding services are provided as an add-on and billed at the standard onboarding fee listed in the applicable Quote ($179 per new user, unless otherwise stated in the Quote). Onboarding services may include:
Real Savvy (Premium) – Onboarding (Included) For Real Savvy seats, onboarding services are included in the monthly service tier unless otherwise stated in the applicable Quote. Premium onboarding may include:
So Savvy (Basic) – Offboarding Basic offboarding services may include:
Real Savvy (Premium) – Offboarding Premium offboarding services may include:
Limitations / Exclusions:
Shipping and Handling: Client is responsible for all shipping, handling, courier, and related logistics costs associated with onboarding and offboarding (including return boxes, prepaid labels, device shipment to employees, and device return shipments), unless otherwise expressly stated in the applicable Quote. |
|||||||||||||||||||||||||||
| Password Manager |
Implementation and facilitation of a password management protection solution from our designated Third Party Provider.
|
|||||||||||||||||||||||||||
| Penetration (Pen) Testing |
Penetration testing (or “pen” testing) simulates a cyberattack against your IT infrastructure to identify exploitable vulnerabilities. Unlike ongoing vulnerability scanning services that provide a constant, static level of network scanning, pen testing may involve several stages of reconnaissance and actual attack methodologies (such as brute force attacks and/or SQL injection attacks) and may include unconventional and targeted attacks that occur during business and non-business hours. Pen testing may consist of any of the following:
Please see additional terms for Penetration Testing below. |
|||||||||||||||||||||||||||
| Remote Helpdesk |
End-User Support (L1/L2 Assistance): Remote assistance for day-to-day technical issues affecting Client’s managed IT environment. Support is limited to issues involving software that is acquired through Savvy; any other software assistance, if provided, is on a best efforts basis with no guarantee of resolution. Incident Logging & Ticket Processing: Service requests are logged, categorized, and prioritized. Response and resolution times are subject to the Service Levels described in this Guide, and are not guaranteed unless expressly stated as such. Remote Troubleshooting: We may use remote access tools to diagnose and remediate issues. Remote support is contingent on the availability of a stable internet connection, functioning remote-access agents, and appropriate user authorization. Password Resets & Basic Account Assistance: Upon request, we will perform password resets and related account unlock services for supported authentication systems. Email & Productivity Application Support: We will provide support for standard functions within Microsoft 365, Google Workspace, and other applications licensed through Savvy. We will also provide support for most line-of-business applications, regardless of whether they are acquired through Savvy; however, such support is on a best efforts basis with no guarantee of issue resolution. Support does not include custom configurations, scripting, complex data migrations, or development work. Workstation and Peripheral Assistance: We will assist remotely with basic configuration of supported devices and peripherals. Physical repairs, on-site adjustments, cabling issues, or hardware replacements are excluded unless separately contracted. Network Connectivity Assistance: We may assist with basic Wi-Fi, VPN, and network connectivity issues affecting the managed IT environment. We are not responsible for ISP outages, environmental interference, building wiring, or Client-owned network equipment not under a separate management plan. Hardware-Related Support (Remote Only): We may diagnose potential hardware failures remotely. We are not required to open devices, perform repairs, replace components, or dispatch technicians unless separately contracted. How-To Guidance: We may provide short, informal guidance on the use of supported software and features. Such guidance does not include formal training, user education programs, or professional instruction. Periodic Service Reports: Upon request, we can provide Client with service performance summaries. |
|||||||||||||||||||||||||||
| Remote Monitoring and Management |
Software agents installed in Covered Equipment (defined below) report status and IT-related events on a 24x7 basis; alerts are generated and responded to in accordance with the Service Levels described below.
Event Coverage
|
|||||||||||||||||||||||||||
| Security Incident & Event Monitoring (SIEM) |
Implementation and facilitation of an industry leading SIEM solution from our designated Third Party Provider. The SIEM service utilizes threat intelligence to detect threats that can exploit potential vulnerabilities against your managed network. Initial Assessment: Prior to implementing the SIEM service, we will perform an initial assessment of the managed network at your premises to define the scope of the devices/network to be monitored (the “Initial Assessment”). Monitoring: The SIEM service detects threats from external facing attacks as well as potential insider threats and attacks occurring inside the monitored network. Threats are correlated against known baselines to determine the severity of the attack. Alerts & Analysis: Threats are reviewed and analyzed by third-party human analysts to determine true/false positive dispositions and actionability. If it is determined that the threat was generated from an actual security-related or operationally deviating event (an “Event”), then you will be notified of that Event. Events are triggered when conditions on the monitored system meet or exceed predefined criteria (the “Criteria”). Since the Criteria are established and optimized over time, the first thirty (30) days after deployment of the SIEM services will be used to identify a baseline of the Client’s environment and user behavior. During this initial thirty (30) day period, Client may experience false positives and/or not all anomalous activities may be detected. Note: The SIEM service is a monitoring and alert-based system only; remediation of detected or actual threats are not within the scope of this service and may require Client to retain Savvy’s services on a time and materials basis. |
|||||||||||||||||||||||||||
| Server Monitoring & Maintenance |
As part of our RMM service, we will monitor and maintain managed servers as follows:
|
|||||||||||||||||||||||||||
| Multi-Factor Authentication |
Multi-Factor Authentication (“MFA”) adds an additional layer of security to user logins by requiring more than one method of verification, typically something the user knows (a password) and something the user has (an authentication app, mobile device, token, or code). MFA substantially reduces the likelihood of unauthorized access caused by weak, stolen, or compromised passwords. MFA Configuration & Deployment: We will assist with the initial configuration and deployment of an MFA solution from our designated third party provider. Policy & Enforcement Settings: We will configure applicable MFA enforcement settings consistent with security best practices, including conditional access rules where supported. User Enrollment Support: We will provide remote guidance during the MFA setup process (e.g., installing an authenticator app, enrolling a mobile device, scanning QR codes, etc.). Ongoing Administration: We will assist with MFA-related administrative tasks such as device resets, re-enrollment, and verification-method updates, subject to Client approval. Client Responsibilities:
|
|||||||||||||||||||||||||||
| Updates & Patching |
Please note: Patches are developed by third party vendors and, on rare occasions, may make the Environment unstable or cause managed equipment/software to fail even when installed correctly. We will not be responsible for downtime or losses arising from or related to installation or use of any Patch. We reserve the right to refrain from installing a Patch if we are aware of technical problems caused by the Patch or believe a Patch may render the Environment unstable. |
|||||||||||||||||||||||||||
| Virtual Chief Information Officer (vCIO) |
Act as the main point of contact for certain business-related IT issues and concerns.
Note: This service does not guarantee any specific business, financial, operational, security, or compliance outcomes. Recommendations are advisory only and are based on information provided by Client. Client retains all authority and responsibility for final decisions, budget approvals, policy adoption, risk acceptance, and operational execution. Through this service, we are not acting as a fiduciary, officer, director, or employee of the Client. Our vCIO services do not create any fiduciary, agency, or employer/employee relationship. |
|||||||||||||||||||||||||||
| Voice Over IP (VoIP) Services |
Implementation and facilitation of an industry-recognized VoIP solution from our designated Third Party Provider. Features include:
Important: There are additional terms related to the VoIP service, including your use of E911 features, toward the end of this Services Guide. Please read them carefully. You may be required to sign an additional consent form indicating your understanding and acceptance of the limitations of 911 dialing using the VoIP services. |
|||||||||||||||||||||||||||
| Vulnerability Scanning |
Implementation and facilitation of an industry-recognized vulnerability scanning solution from our designated Third Party Provider. External vulnerability scans (which pertain to the IP address assigned to each customer location through the Client’s ISP) are run monthly. Internal vulnerability scans (which pertain to all systems inside the managed network) are run at least annually. Vulnerability results will be discussed during business review meetings with Client. Vulnerability reports will be made available on request. Please see additional terms for vulnerability scanning below. |
|||||||||||||||||||||||||||
| Wi-Fi Services |
Savvy will install at the Client’s premises Wireless Access Points to provide bandwidth in all areas requiring wireless network coverage, as agreed upon by Savvy and Client.
Please note: Any Wi-Fi devices supplied by Client cannot be older than five (5) years from the device’s original date of manufacture and must be supported by the manufacturer. |
|||||||||||||||||||||||||||
| Workstation Monitoring & Maintenance |
Software agents installed in covered workstations report status and IT-related events on a 24x7 basis; alerts are generated and responded to in accordance with the Service Levels described below.
|
Managed Services
(Please refer to the Quote to determine which Managed Services you will be receiving.)
Project-Related Services
For project-based services, one-time or limited-time engagements, or similar engagements listed in a Quote (“Projects”), the following provisions shall apply:
All our labor will be billed to you at our then-current hourly rate in one (1) hour increments, with partial increments being rounded to the next highest increment.
Project-related services will be performed during normal work hours only. If Project work is required to be performed after-hours or during non-business hours, our hourly rates will be increased as per the table below for the time expended in off-hours or non-business hours.
You agree to reimburse us for all reasonable and pre-approved travel costs and expenses that are directly attributable to, or are reasonably required to be incurred, while providing Project-related services. Savvy reserves the right to require pre-payment of anticipated travel costs and expenses.
Our current hourly rates, and applicable rate multipliers for after-hours or non-business hours work, are as follows:
Policies and Procedures Applicable to Services
Software Licensing: All software provided to you by or through Savvy is licensed, not sold, to you (“Software”). In addition to any Software-related requirements described in Savvy’s Master Services Agreement, Software may also be subject to end user license agreements (EULAs), acceptable use policies (AUPs), and other restrictions all of which must be strictly followed by you and any of your authorized users.
When installing/implementing software licenses in the managed environment or as part of the Services, we may accept (and you agree that we may accept) any required EULAs or AUPs on your behalf. You should assume that all Software has an applicable EULA and/or AUP to which your authorized users and you must adhere. If you have any questions or require a copy of the EULA or AUP, please contact us.
Covered Environment. Services will be applied to the number of devices indicated in the Quote (“Covered Hardware”). The list of Covered Hardware may be modified by mutual consent (email is sufficient for this purpose); however, we reserve the right to modify the list of Covered Hardware at any time if we discover devices that were not previously included in the list of Covered Hardware and which are receiving Services, or as necessary to accommodate changes to the quantity of Covered Hardware.
Services are billed per “User Environment”, then it applies to one (1) primary physical workstation and, if applicable, one (1) associated user-specific virtual workspace (VM or VDI). Any additional physical devices, shared systems, or standalone virtual machines are treated as separate managed devices unless otherwise specified in the applicable Quote. We offer two tiers for managed services:
So Savvy – Our core managed service designed around a standard user environment. Best suited for organizations where each user primarily operates from a single workstation with limited additional systems.
Real Savvy – An expanded managed service tier that supports additional devices and more complex environments, providing broader coverage and flexibility for users who require multi-device support and enhanced service workflows.
We will provide support for any software applications that are licensed through us. Such software (“Supported Software”) will be supported on a “best effort” basis only and any support required beyond Level 2-type support will be facilitated with the applicable software vendor/producer. Coverage for non-Supported Software is outside of the scope of the Quote and will be provided to you on a “best-effort” basis and a time and materials basis with no guarantee of remediation. Should our technicians provide you with advice concerning non-Supported Software, the provision of that advice should be viewed as an accommodation and not an obligation to you.
If we are unable to remediate an issue with non-Supported Software, then you will be required to contact the manufacturer/distributor of the software for further support. Please note: Manufacturers/distributors of such software may charge fees, some of which may be significant, for technical support; therefore, we strongly recommend that you maintain service or support contracts for all non-Supported Software (“Service Contract”). If you request that we facilitate technical support for non-Supported Software and if you have a Service Contract in place, our facilitation services will be provided to you at our then-current hourly rates.
In this Services Guide, Covered Hardware and Supported Software will be referred to as the “Environment” or “Covered Equipment.”
User/Seat Definitions and Shared Mailboxes:
A “Seat” is a single, identifiable human end user (employee or contractor) authorized to receive Services under the Quote.
Seats are not tied to email addresses or service accounts and cannot be shared by multiple individuals.
Shared mailboxes such as info@, support@, hr@ are included at no charge only if they are not used as the primary mailbox of a human end user.
If more than one person operates under a shared mailbox identity, each individual constitutes a separate Seat.
Service accounts and automation accounts do not qualify as Seats and are not supported.
Contractor / Temporary Users:
Contractors and temporary workers count as Seats.
Billed monthly.
May be removed effective the last day of any month with notice.
Support for Non-Seat Individuals:
Savvy will not provide support to any individual who is not listed as an active Seat.
At CLIENT’s request, Savvy may:
Add the individual as a Seat and begin billing immediately (including mid-month billing), or
Provide one-time support at the current On-Demand hourly rate.
Savvy may decline support for non-Seat individuals unless CLIENT has explicitly approved one of the options above in writing.
Server Projects (Out of Scope):
Server projects such as migrations, major version upgrades, cloud transitions, or material reconfiguration are out of scope for managed services and will be billed separately unless expressly included in the applicable Quote.
Physical Locations Covered by Services. Services will be provided remotely unless, at our discretion, we determine that an onsite visit is required. Savvy visits will be scheduled in accordance with the priority assigned to the issue (below) and are subject to technician availability. Unless we agree otherwise, all onsite Services will be provided at Client’s primary business location. Additional fees may apply for onsite visits: Please review the Service Level section below for more details.
Evolving Technologies: Technologies can evolve rapidly. In certain instances, depending on the scope and timing of an applicable service, technologies comprising or included in a service may evolve before the service can be fully implemented. Should this occur, we will provide you with options to leverage the latest version of the evolved technology and inform you of the attendant fees and costs to do so. If you decline to implement the evolved technology, then we will continue to implement the service as indicated in the Quote; however, you understand and agree that (i) you will not benefit from improvements in the evolved technology, and (ii) the applicable technology and service may become obsolete more quickly.
Minimum Requirements / Exclusions. The scheduling, fees and provision of the Services are based upon the following assumptions and minimum requirements, all of which must be provided/maintained by Client at all times:
Server hardware must be under current warranty coverage
All equipment with Microsoft Windows® operating systems must be running then-currently supported versions of such software and have all the latest Microsoft service packs and critical updates installed.
All software must be genuine, licensed, and vendor- or OEM-supported.
Server file systems and email systems (if applicable) must be protected by licensed and up-to-date virus protection software.
The managed environment must have a currently licensed, vendor-supported server-based backup solution that can be monitored.
All wireless data traffic in the managed environment must be securely encrypted.
All servers must be connected to working UPS devices.
Recovery coverage assumes data integrity of the backups or the data stored on the backup devices. We do not guarantee the integrity of the backups or the data stored on the backup devices. Server restoration will be to the point of the last successful backup.
Client must provide all software installation media and key codes in the event of a failure.
Any costs required to bring the Environment up to these minimum standards are not included in this Services Guide.
Client must provide us with exclusive administrative privileges to the Environment.
Client must not affix or install any accessory, addition, upgrade, equipment, or device on to the firewall, server, or NAS appliances (other than electronic data) unless expressly approved in writing by us.
Exclusions. Services that are not expressly described in the Quote will be out of scope and will not be provided to Client unless otherwise agreed, in writing, by Savvy. Without limiting the foregoing, the following services are expressly excluded, and if required to be performed, must be agreed upon by Savvy in writing:
Customization of third party applications, or programming of any kind.
Support for operating systems, applications, or hardware no longer supported by the manufacturer.
Data/voice wiring or cabling services of any kind.
Battery backup replacement.
Equipment relocation.
The cost to bring the managed environment up to these minimum requirements (unless otherwise noted in the Quote).
The cost of repairs to hardware or any supported equipment or software, or the costs to acquire parts or equipment, or shipping charges of any kind.
Service Levels. Automated services are provided on an ongoing (i.e., 24x7x365) basis. Response, repair, and/or remediation services (as applicable) will be provided only during our business hours (currently M-F, 8:30 AM – 5:30 PM Eastern Time , excluding legal holidays and Savvy-observed holidays as listed below), unless otherwise specifically stated in the Quote or as otherwise described below.
We will respond to problems, errors, or interruptions in the provision of the Services in the timeframe(s) described below. Severity levels will be determined by Savvy in our discretion after consulting with the Client. All remediation services will initially be attempted remotely; Savvy will provide onsite service only if remote remediation is ineffective and, under all circumstances, only if covered under the Service plan selected by Client.
| Category | Business Hours Onsite ($/hr) |
Business Hours Remote ($/hr) |
Onsite Minimum (hours) |
Remote Minimum (hours) |
After-Hours Rate Premium Multiplier |
Priority Rate Premium Multiplier |
|---|---|---|---|---|---|---|
| Network Engineer | $225 | $225 | 2 | 1 | 1.5× | 2× |
| Server Engineer | $225 | $225 | 2 | 1 | 1.5× | 2× |
| Technical Specialist | $225 | $225 | 2 | 1 | 1.5× | 2× |
| Consulting Services | $225 | $225 | 1 | 1 | 1.5× | 2× |
| Trouble / Severity | Response Time |
|---|---|
|
Critical / Service Not Available (e.g., all users and functions unavailable) |
Response within two (2) business hours after notification. |
|
Significant Degradation (e.g., large number of users or business-critical functions affected) |
Response within four (4) business hours after notification. |
|
Limited Degradation (e.g., limited number of users or functions affected; business process can continue) |
Response within eight (8) business hours after notification. |
|
Small Service Degradation (e.g., business process can continue; one user affected) |
Response within two (2) business days after notification. |
| Long-Term Project / Preventative Maintenance | Response within four (4) business days after notification. |
* All time frames are calculated as of the time that we are notified of the applicable issue / problem by Client through our designated support portal, help desk, or by telephone at the telephone number listed in the Quote. Notifications received in any manner other than described herein may result in a delay in the provision of remediation efforts.
Support During Off-Hours/Non-Business Hours: Technical support provided outside of our normal business hours is offered on a case-by-case basis and is subject to technician availability. If Savvy agrees to provide off-hours/non-business hours support (“Non-Business Hour Support”), then that support will be provided on a time and materials basis (which is not covered under any Service plan), and will be billed to Client at the rates (and hourly multipliers) indicated in the table in “Project-Related Services,” above.
Savvy-Observed Holidays: Savvy observes the following holidays:
New Year’s Day
Martin Luther King Jr. Day
President’s Day
Good Friday – Half Day
Memorial Day
Independence Day
Labor Day
Thanksgiving Day
The day following Thanksgiving Day
Christmas Eve
Christmas Day
New Year’s Eve – Half Day
Fees. The fees for the Services will be as indicated in the Quote.
Reconciliation. Fees for certain Third Party Services that we facilitate or resell to you may begin to accrue prior to the “go-live” date of other applicable Services. (For example, Microsoft Azure or AWS-related fees begin to accrue on the first date on which we start creating and/or configuring certain hosted portions of the Environment; however, the Services that rely on Microsoft Azure or AWS may not be available to you until a future date). You understand and agree that you will be responsible for the payment of all fees for Third Party Services that are required to begin prior to the “go-live” date of Services, and we reserve the right to reconcile amounts owed for those fees by including those fees on your monthly invoices
Changes to Environment. Initially, you will be charged the monthly fees indicated in the Quote. Thereafter, if the managed environment changes, or if the number of authorized users accessing the managed environment changes, then you agree that the fees will be automatically and immediately modified to accommodate those changes.
Travel Time. If onsite services are provided for managed services, we will travel up to 45 minutes from our office to your location at no charge. Time spent traveling beyond 45 minutes (e.g., locations that are beyond 45 minutes from our office, occasions on which traffic conditions extend our drive time beyond 45 minutes one-way, etc.) will be billed to you at our then current hourly rates. In addition, you will be billed for all tolls, parking fees, and related expenses that we incur if we provide onsite services to you.
Appointment Cancellations. You may cancel or reschedule any appointment with us at no charge by providing us with notice of cancellation at least one business day in advance. If we do not receive timely a notice of cancellation/re-scheduling, or if you are not present at the scheduled time or if we are otherwise denied access to your premises at a pre-scheduled appointment time, then you agree to pay us a cancellation fee equal to two (2) hours of our normal consulting time (or non-business hours consulting time, whichever is appropriate), calculated at our then-current hourly rates.
Access Licensing. One or more of the Services may require us to purchase certain “per seat” or “per device” licenses (often called “Access Licenses”) from one or more Third Party Providers. (Microsoft “New Commerce Experience” licenses as well as Cisco Meraki “per device” licenses are examples of Access Licenses.) Access Licenses cannot be canceled once they are purchased and often cannot be transferred to any other customer. For that reason, you understand and agree that regardless of the reason for termination of the Services, fees for Access Licenses are non-mitigatable and you are required to pay for all applicable Access Licenses in full for the entire term of those licenses. Provided that you have paid for the Access Licenses in full, you will be permitted to use those licenses until they expire.
Term; Termination. The Services will commence, and billing will begin, on the date indicated in the Quote (“Commencement Date”) and will continue through the initial term listed in the Quote (“Initial Term”). We reserve the right to delay the Commencement Date until all onboarding/transition services (if any) are completed, and all deficiencies / revisions identified in the onboarding process (if any) are addressed or remediated to Savvy’s satisfaction.
The Services will continue through the Initial Term until terminated as provided in the Agreement, the Quote, or as indicated in this Service Guide (the “Service Term”).
Per Seat/Per Device Licensing: Regardless of the reason for the termination of the Services, you will be required to pay for all per seat or per device licenses that we acquire on your behalf. Please see “Access Licensing” in the Fees section above for more details.
Removal of Software Agents; Return of Firewall & Backup Appliances: Unless we expressly direct you to do so, you will not remove or disable, or attempt to remove or disable, any software agents that we installed in the managed environment or any of the devices on which we installed software agents. Doing so without our guidance may make it difficult or impracticable to remove the software agents, which could result in network vulnerabilities and/or the continuation of license fees for the software agents for which you will be responsible, and/or the requirement that we remediate the situation at our then-current hourly rates, for which you will also be responsible. Depending on the particular software agent and the costs of removal, we may elect to keep the software agent in the managed environment but in a dormant and/or unused state.
Within ten (10) days after being directed to do so, you must remove, package and ship, at your expense and in a commercially reasonable manner, all hardware, equipment, and accessories leased, loaned, rented, or otherwise provided to you by Savvy “as a service.” If you fail to timely return all such equipment to us, or if the equipment is returned to us damaged (normal wear and tear excepted), then we will have the right to charge you, and you hereby agree to pay, the replacement value of all such unreturned or damaged equipment.
Offboarding. Subject to the requirements in the MSA, Savvy will off-board Client from Savvy’s under a plan agreed-upon by Client and Savvy. Please note, we strongly recommend that, for transition purposes, you overlap Savvy’s services with the services of any incoming provider for at least one (1) full calendar month. This will help avoid gaps in critical services and a more efficient and effective transition process. As noted elsewhere in this Services Guide, neither Client nor its incoming provider may remove any of the software agents installed in the Environment without Savvy’s consent. Doing so may cause Client to incur additional costs and fees for which Client will be solely responsible.
Additional Policies
The following additional policies (“Policies”) apply to Services that we provide or facilitate under a Quote. By accepting a Service for which one or more of the Policies apply, you agree to the applicable Policy
Authenticity
Everything in the managed environment must be genuine and licensed, including all hardware, software, etc. If we ask for proof of authenticity and/or licensing, you must provide us with such proof. All minimum hardware or software requirements as indicated in a Quote or this Services Guide (“Minimum Requirements”) must be implemented and maintained as an ongoing requirement of us providing the Services to you.
Monitoring Services; Alert Services
Unless otherwise indicated in the Quote, all monitoring and alert-type services are limited to detection and notification functionalities only. Monitoring levels will be set by Savvy, and Client shall not modify these levels without our prior written consent.
Configuration of Third Party Services
Certain third party services provided to you under a Quote may provide you with administrative access through which you could modify the configurations, features, and/or functions (“Configurations”) of those services. However, any modifications of Configurations made by you without authorization could disrupt the Services and/or cause a significant increase in the fees charged for those third party services. For that reason, we strongly advise you to refrain from changing the Configurations unless we authorize those changes. You will be responsible for paying any increased fees or costs arising from or related to changes to the Configurations.
Modification of Environment
Changes made to the Environment without our prior authorization or knowledge may have a substantial, negative impact on the provision and effectiveness of the Services and may impact the fees charged under the Quote. You agree to refrain from moving, modifying, or otherwise altering any portion of the Environment without our prior knowledge or consent. For example, you agree to refrain from adding or removing hardware from the Environment, installing applications on the Environment, or modifying the configuration or log files of the Environment without our prior knowledge or consent.
Anti-Virus; Anti-Malware
Our anti-virus / anti-malware solution will generally protect the Environment from becoming infected with new viruses and malware (“Malware”); however, Malware that exists in the Environment at the time that the security solution is implemented may not be capable of being removed without additional services, for which a charge may be incurred. We do not warrant or guarantee that all Malware will be detected, avoided, or removed, or that any data erased, corrupted, or encrypted by Malware will be recoverable. To improve security awareness, you agree that Savvy or its designated third party affiliate may transfer information about the results of processed files, information used for URL reputation determination, security risk tracking, and statistics for protection against spam and malware. Any information obtained in this manner does not and will not contain any personal or confidential information.
Breach/Cyber Security Incident Recovery
Unless otherwise expressly stated in the Quote, the scope of the Services does not include the remediation and/or recovery from a Security Incident (defined below). Such services, if requested by you, will be provided on a time and materials basis under our then-current hourly labor rates. Given the varied number of possible Security Incidents, we cannot and do not warrant or guarantee (i) the amount of time required to remediate the effects of a Security Incident (or that recovery will be possible under all circumstances), or (ii) that all data or systems impacted by the incident will be recoverable or remediated. For the purposes of this paragraph, a Security Incident means any unauthorized or impermissible access to or use of the Environment, or any unauthorized or impermissible disclosure of Client’s confidential information (such as user names, passwords, etc.), that (i) compromises the security or privacy of the information or applications in, or the structure or integrity of, the managed environment, or (ii) prevents normal access to the managed environment, or impedes or disrupts the normal functions of the managed environment.
Environmental Factors
Exposure to environmental factors, such as water, heat, cold, or varying lighting conditions, may cause installed equipment to malfunction. Unless expressly stated in the Quote, we do not warrant or guarantee that installed equipment will operate error-free or in an uninterrupted manner, or that any video or audio equipment will clearly capture and/or record the details of events occurring at or near such equipment under all circumstances.
Fair Usage Policy
Our Fair Usage Policy (“FUP”) applies to all services that are described or designated as “unlimited” or which are not expressly capped in the number of available usage hours per month. An “unlimited” service designation means that, subject to the terms of this FUP, you may use the applicable service as reasonably necessary for you to enjoy the use and benefit of the service without incurring additional time-based or usage-based costs. However, unless expressly stated otherwise in the Quote, all unlimited services are provided during our normal business hours only and are subject to our technicians’ availabilities, which cannot always be guaranteed. In addition, we reserve the right to assign our technicians as we deem necessary to handle issues that are more urgent, critical, or pressing than the request(s) or issue(s) reported by you. Consistent with this FUP, you agree to refrain from (i) creating urgent support tickets for non-urgent or non-critical issues, (ii) requesting excessive support services that are inconsistent with normal usage patterns in the industry (e.g., requesting support in lieu of training), (iii) requesting support or services that are intended to interfere, or may likely interfere, with our ability to provide our services to our other customers.
Hosted Email
You are solely responsible for the proper use of any hosted email service provided to you (“Hosted Email”).
Hosted Email solutions are subject to acceptable use policies (“AUPs”), and your use of Hosted Email must comply with those AUPs—including ours. In all cases, you agree to refrain from uploading, posting, transmitting or distributing (or permitting any of your authorized users of the Hosted Email to upload, post, transmit or distribute) any prohibited content, which is generally content that (i) is obscene, illegal, or intended to advocate or induce the violation of any law, rule or regulation, or (ii) violates the intellectual property rights or privacy rights of any third party, or (iii) mischaracterizes you, and/or is intended to create a false identity or to otherwise attempt to mislead any person as to the identity or origin of any communication, or (iv) interferes or disrupts the services provided by Savvy or the services of any third party, or (v) contains Viruses, trojan horses or any other malicious code or programs. In addition, you must not use the Hosted Email for the purpose of sending unsolicited commercial electronic messages (“SPAM”) in violation of any federal or state law. Savvy reserves the right, but not the obligation, to suspend Client’s access to the Hosted Email and/or all transactions occurring under Client’s Hosted Email account(s) if Savvy believes, in its discretion, that Client’s email account(s) is/are being used in an improper or illegal manner.
Backup (BDR) Services
All data transmitted over the Internet may be subject to malware and computer contaminants such as viruses, worms and trojan horses, as well as attempts by unauthorized users, such as hackers, to access or damage Client’s data. Neither Savvy nor its designated affiliates will be responsible for the outcome or results of such activities.
BDR services require a reliable, always-connected internet solution. Data backup and recovery time will depend on the speed and reliability of your internet connection. Internet and telecommunications outages will prevent the BDR services from operating correctly. In addition, all computer hardware is prone to failure due to equipment malfunction, telecommunication-related issues, etc., for which we will be held harmless. Due to technology limitations, all computer hardware, including communications equipment, network servers and related equipment, has an error transaction rate that can be minimized, but not eliminated. Savvy cannot and does not warrant that data corruption or loss will be avoided, and Client agrees that Savvy shall be held harmless if such data corruption or loss occurs. Client is strongly advised to keep a local backup of all stored data to mitigate against the unintentional loss of data.
Procurement
Equipment and software procured by Savvy on Client’s behalf (“Procured Equipment”) may be covered by one or more manufacturer warranties, which will be passed through to Client to the greatest extent possible. By procuring equipment or software for Client, Savvy does not make any warranties or representations regarding the quality, integrity, or usefulness of the Procured Equipment. Certain equipment or software, once purchased, may not be returnable or, in certain cases, may be subject to third party return policies and/or re-stocking fees, all of which shall be Client’s responsibility in the event that a return of the Procured Equipment is requested. Savvy is not a warranty service or repair center. Savvy will facilitate the return or warranty repair of Procured Equipment; however, Client understands and agrees that (i) the return or warranty repair of Procured Equipment is governed by the terms of the warranties (if any) governing the applicable Procured Equipment, for which Savvy will be held harmless, and (ii) Savvy is not responsible for the quantity, condition, or timely delivery of the Procured Equipment once the equipment has been tendered to the designated shipping or delivery courier.
Business Review / IT Strategic Planning Meetings
We strongly suggest that you participate in business review/strategic planning meetings as may be requested by us from time to time. These meetings are intended to educate you about recommended (and potentially crucial) modifications to your IT environment, as well as to discuss your company’s present and future IT-related needs. These reviews can provide you with important insights and strategies to make your managed IT environment more efficient and secure. You understand that by suggesting a particular service or solution, we are not endorsing any specific manufacturer or service provider.
VCTO or VCIO Services
The advice and suggestions provided by us in our capacity as a virtual chief technology or information officer (if applicable) will be for your informational and/or educational purposes only. Savvy will not hold an actual director or officer position in Client’s company, and we will neither hold nor maintain any fiduciary relationship with Client. Under no circumstances shall Client list or place Savvy on Client’s corporate records or accounts.
Sample Policies, Procedures.
From time to time, we may provide you with sample (i.e., template) policies and procedures for use in connection with Client’s business (“Sample Policies”). The Sample Policies are for your informational use only, and do not constitute or comprise legal or professional advice, and the policies are not intended to be a substitute for the advice of competent counsel. You should seek the advice of competent legal counsel prior to using or distributing the Sample Policies, in part or in whole, in any transaction. We do not warrant or guarantee that the Sample Policies are complete, accurate, or suitable for your (or your customers’) specific needs, or that you will reduce or avoid liability by utilizing the Sample Policies in your (or your customers’) business operations.
Penetration Testing; Vulnerability Scanning
You understand and agree that security devices, alarms, or other security measures, both physical and virtual, may be tripped or activated during the penetration testing and/or vulnerability scanning processes, despite our efforts to avoid such occurrences. You will be solely responsible for notifying any monitoring company and all law enforcement authorities of the potential for “false alarms” due to the provision of the penetration testing or vulnerability scanning services, and you agree to take all steps necessary to ensure that false alarms are not reported or treated as “real alarms” or credible threats against any person, place, or property. Some alarms and advanced security measures, when activated, may cause the partial or complete shutdown of the Environment, causing substantial downtime and/or delay to your business activities. We will not be responsible for any claims, costs, fees, or expenses arising or resulting from (i) any response to the penetration testing or vulnerability scanning services by any monitoring company or law enforcement authorities, or (ii) the partial or complete shutdown of the Environment by any alarm or security monitoring device.
No Third Party Scanning
Unless we authorize such activity in writing, you will not conduct any test, nor request or allow any third party to conduct any test (diagnostic or otherwise), of the security system, protocols, processes, or solutions that we implement in the managed environment (“Testing Activity”). Any services required to diagnose or remediate errors, issues, or problems arising from unauthorized Testing Activity are not covered under the Quote, and if you request us (and we elect) to perform those services, those services will be billed to you at our then-current hourly rates.
Obsolescence
If at any time any portion of the managed environment becomes outdated, obsolete, reaches the end of its useful life, or acquires “end of support” status from the applicable device’s or software’s manufacturer (“Obsolete Element”), then we may designate the device or software as “unsupported” or “non-standard” and require you to update the Obsolete Element within a reasonable time period. If you do not replace the Obsolete Element reasonably promptly, then in our discretion we may (i) continue to provide the Services to the Obsolete Element using our “best efforts” only with no warranty or requirement of remediation whatsoever regarding the operability or functionality of the Obsolete Element, or (ii) eliminate the Obsolete Element from the scope of the Services by providing written notice to you (email is sufficient for this purpose). In any event, we make no representation or warranty whatsoever regarding any Obsolete Element or the deployment, service level guarantees, or remediation activities for any Obsolete Element.
Licenses
If we are required to re-install or replicate any software provided by you as part of the Services, then it is your responsibility to verify that all such software is properly licensed. We reserve the right, but not the obligation, to require proof of licensing before installing, re-installing, or replicating software into the managed environment. The cost of acquiring licenses is not included in the scope of the Quote unless otherwise expressly stated therein.
VoIP-Related Policies/Requirements
VOIP – Dialing 911 (Emergency) Services
The following terms and conditions apply to your use of any VoIP service that we facilitate for you or that is provided to you by a third party provider of such service. Please note, by using VoIP services you agree to the provisions of the waiver at the end of this section. If you do not understand or do not agree with any of the terms below, you must not subscribe to, use, or rely upon any VoIP service and, instead, you must contact us immediately.
There is an important difference in how 9-1-1 (i.e., emergency) services can be dialed using a VoIP service as compared to a traditional telephone line. Calling emergency services using a VoIP service is referred to as “E911.”
Registration: You are responsible for activating the E911 dialing feature by registering the address where you will use the VoIP service. This will not be done for you, and you must take this step on your own initiative. To do this, you must log into your VoIP control panel and provide a valid physical address. If you do not take this step, then E911 services may not work correctly, or at all, using the VoIP service. Emergency service dispatchers will only send emergency personnel to a properly registered E911 service address.
Location: The address you provide in the control panel is the location to which emergency services (such as the fire department, the police department, etc.) will respond. For this reason, it is important that you correctly enter the location at which you are using the VoIP services. PO boxes are not proper addresses for registration and must not be used as your registered address. Please note, even if your account is properly registered with a correct physical address, (i) there may be a problem automatically transmitting a caller's physical location to the emergency responders, even if the caller can reach the 911 call center, and (ii) a VoIP 911 call may go to an unstaffed call center administrative line or be routed to a call center in the wrong location. These issues are inherent to all VoIP systems and services. We will not be responsible for, and you agree to hold us harmless from, any issues, problems, incidents, damages (both bodily- and property-related), costs, expenses, and fees arising from or related to your failure to register timely and correctly your physical location information into the control panel.
Address Change(s): If you change the address used for E911 calling, the E911 services may not be available and/or may operate differently than expected. Moreover, if you do not properly and promptly register a change of address, then emergency services may be directed to the location where your services are registered and not where the emergency may be occurring. For that reason, you must register a change of address with us through the VoIP control panel no less than three (3) business days prior to your anticipated move/address change. Address changes that are provided to us with less than three (3) business days notice may cause incorrect/outdated information to be conveyed to emergency service personnel. If you are unable to provide us with at least three (3) business days notice of an address change, then you should not rely on the E911 service to provide correct physical location information to emergency service personnel. Under those circumstances, you must provide your correct physical location to emergency service dispatchers if you call them using the VoIP services.
If you do not register the VoIP service at your location and you dial 9-1-1, that call will be categorized as a “rogue 911 call.” If you are responsible for dialing a rogue 911 call, you will be charged a non-refundable and non-disputable fee of $250/call.
Power Loss: If you lose power or there is a disruption to power at the location where the VoIP services are used, then the E911 calling service will not function until power is restored. You should also be aware that after a power failure or disruption, you may need to reset or reconfigure the device prior to utilizing the service, including E911 dialing.
Internet Disruption: If your internet connection or broadband service is lost, suspended, terminated or disrupted, E911 calling will not function until the internet connection and/or broadband service is restored.
Account Suspension: If your account is suspended or terminated, then all E911 dialing services will not function.
Network Congestion: There may be a greater possibility of network congestion and/or reduced speed in the routing of E911 calls as compared to 911 dialing over traditional public telephone networks.
Messaging: All messages sent through the VoIP service must conform to the following requirements and restrictions:
Recipients must give their consent to receive text messages from you. This can be direct consent or, depending on the circumstances, implied consent (such as a pre-existing business relationship, contact initiated by the recipient, etc.).
Recipients must be provided with an opt-out mechanism to avoid receiving future text messages from you.
You shall not mis-identify yourself or cause the message to appear as if it was sent from a telephone number other than the number assigned to you by the VoIP service.
All messaging-related activities must strictly comport with the requirements and restrictions of the Telephone Consumer Protection Act (47 USC §227) (“TCPA”). You agree to indemnify and hold us harmless from any costs, fees, expenses, and/or penalties that we incur because of your failure to abide strictly by the TCPA. If, in our reasonable judgment, we believe that your activities violate the TCPA, we reserve the right to suspend the messaging service until we receive reasonable assurances that the activity has stopped and will not be repeated. Repeated violation of the TCP is a material breach of your agreement with us.
WAIVER: You hereby agree to release, indemnify, defend, and hold us and our officers, directors, representatives, agents, and any third party service provider that furnishes VoIP-related services to you, harmless from any and all claims, damages, losses, suits or actions, fines, penalties, costs and expenses (including, but not limited to, attorneys’ fees), whether suffered, made, instituted or asserted by you or by any other party or person (collectively, “Claims”) arising from or related to the VoIP services, including but not limited to any failure or outage of the VoIP services, incorrect routing or use of, or any inability to use, E911 dialing features. The foregoing waiver and release shall not apply to Claims arising from our gross negligence, recklessness, or willful misconduct.
AI-Enabled Services
Privacy & Use Disclosure
This Disclosure describes how certain services implemented or facilitated by Savvy use artificial intelligence (“AI”)-based technologies and how data processed through those services is collected, managed, and used.
AI Deployment
AI-driven tools and technologies (“AI Tools”) may be included in certain third party services we facilitate or implement for you. Depending on the services, AI Tools may be used to help enhance efficiency, automate tasks, analyze information, and provide you with advice, strategies, and insights about your business operations, your managed information technology (“IT”) infrastructure, and/or how to automate time-consuming tasks to enhance efficiency and productivity.
We strive to offer Services that incorporate AI Tools managed by reputable third-party providers who represent that their AI technologies are used solely for the specific, authorized tasks for which they are designed, and for no other purpose.
Use of Data
The AI Tools are developed and maintained by third-party providers. To the best of our knowledge (except as otherwise stated below), these AI Tools do not access or use your data for any reason other than to perform the specific and authorized functions for which they have been implemented. Virtually all third-party AI Tools process data in an anonymized and de-identified manner to enhance or improve the algorithms, systems, or overall performance of the AI platform. The anonymization/de-identification process strips processed data of all personal information as well as any information that could be tracked back to you or the applicable data subject, protecting privacy while preserving data utility for training or analysis.
Most often, this process cannot be avoided and, therefore, you should expect that part or all of your data may be anonymized, de-identified, and subsequently used by the AI Tools for training and analytical purposes. If we are given the ability to modify the privacy settings of the AI Tools accessed through the services, we will select the most restrictive settings to help ensure that your data is not used for any purposes other than stated in this Disclosure.
Shared Risk
As with any emerging technology designed to deliver advanced strategies and operational efficiencies, AI may sometimes act in unpredictable ways or produce results that differ from the intended purpose. There is also the possibility that one or more third parties that develop or maintain the AI tools could fail to comply with their stated privacy policies or with applicable data-security standards, which could result in data leakage or unauthorized disclosure.
While these risks are considered low, they are not nonexistent. We believe that the benefits, efficiencies, and overall advantages of using the services that use AI Tools significantly outweigh the relatively small risks described above. Accordingly, unless we have actual knowledge that a specific AI Tool or its provider fails to maintain generally accepted privacy or data-security practices, we will not monitor, restrict, or otherwise interfere with the operation of any Service that includes such AI tools.
If we become aware of an ongoing privacy or security issue associated with any AI tool, we may modify the affected services to remove or disable that tool.
By using the services, you acknowledge the inherent risks associated with the AI Tools and agree that Savvy will not be liable for any AI Tool-related act, omission, or outcome that is outside our control.
You are also advised as follows:
You should independently evaluate and verify the accuracy, relevance, and suitability of any AI Tool-generated advice, recommendation, or strategy before relying upon it;
You are the final decision maker regarding whether to adopt, reject, or modify any AI Tool-generated result or strategy; and,
We make no representation or warranty that AI Tool-generated results will be correct, complete, or fit for your intended purpose.
Inquiries
You may request additional information about the AI Tools by sending us an email at helpdesk@followsavvy.com.
Vendor-Specific Policies Applicable to the Services
To the extent that the Services include or use any of the third party solutions listed in the table below, you understand and agree that the applicable services’ end user license, reseller, and/or customer agreements as listed below shall apply to your use or the Service(s).
| Third Party Solution Provider | Service | Terms |
|---|---|---|
| 3CX | VoIP, Telephony | Terms & Conditions |
| Acronis | Network Security, Data Backup, Disaster Recovery | EULA |
| Arctic Wolf | Security, SIEM Solution |
If Client is a direct customer: Solutions Agreement |
| Adobe Sign | Digital Signature / Acceptance | Terms |
| Altaro Backup | Backup | EULA |
| Autotask | Professional Services Automation |
Covered under Kaseya Master Agreement: View Agreement |
| Auvik | IT Asset Management, Network Analysis | Privacy & Legal |
| Axcient | Disaster Recovery | Master Subscription Agreement |
| Backblaze | Backup | Terms of Service |
| Barracuda | Help Desk | Terms & Conditions |
| Bitdefender Antivirus | Security, Endpoint Protection | EULA |
| Blackpoint Cyber | Managed Detection & Response; Security | Reseller Agreement |
| BreachSecureNow | Security Awareness Training | Terms & Conditions |
| Bullphish | Security Awareness Training |
Covered under Kaseya Master Agreement: View Agreement ID Agent Terms |
| Cisco Umbrella | Networking Solutions, Cybersecurity | Cisco Legal |
| CloudRadial | Ticketing Portal, vCIO Planner, Warranty Reporting | Terms |
| Compliancy Group | Compliance Assessment & Training | Terms of Use |
| CrowdStrike | Endpoint Protection, Network Detection, Recovery, Compliance | Terms of Use |
| CyberHawk / RapidFire Tools | Network IT Change Detection | EULA |
| CyberQP | Password Management | Terms & Conditions |
| Duo | Multifactor Authentication | Cisco General Terms |
| Fortinet | Network Security | Service Terms |
| NinjaOne | RMM, IT Asset Management, Patch Management, MDM | License Agreement |
| SentinelOne | Security |
Master Subscription Agreement Additional Legal Terms |
| Veeam | Backup, Data Recovery, Storage | EULA |
| WatchGuard | Network Security, VPN, License Management | Terms of Use |
Acceptable Use Policy
The following policy applies to all hosted services provided to you, including but not limited to (and as applicable) hosted applications, hosted websites, hosted email services, and hosted infrastructure services (“Hosted Services”).
Savvy does not routinely monitor the activity of hosted accounts except to measure service utilization and/or service uptime, security-related purposes and billing-related purposes, and as necessary for us to provide or facilitate our managed services to you; however, we reserve the right to monitor Hosted Services at any time to ensure your compliance with the terms of this Acceptable Use Policy (this “AUP”) and our master services agreement, and to help monitor and ensure the safety, integrity, reliability, or security of the Hosted Services.
Similarly, we do not exercise editorial control over the content of any information or data created on or accessible over or through the Hosted Services. Instead, we prefer to advise our customers of inappropriate behavior and any necessary corrective action. If, however, Hosted Services are used in violation of this AUP, then we reserve the right to suspend your access to part or all of the Hosted Services without prior notice.
Violations of this AUP: The following constitute violations of this AUP:
Harmful or illegal uses: Use of a Hosted Service for illegal purposes or in support of illegal activities, to cause harm to minors or attempt to contact minors for illicit purposes, to transmit any material that threatens or encourages bodily harm or destruction of property or to transmit any material that harasses another is prohibited.
Fraudulent activity: Use of a Hosted Service to conduct any fraudulent activity or to engage in any unfair or deceptive practices, including but not limited to fraudulent offers to sell or buy products, items, or services, or to advance any type of financial scam such as “pyramid schemes,” “Ponzi schemes,” and “chain letters” is prohibited.
Forgery or impersonation: Adding, removing, or modifying identifying network header information to deceive or mislead is prohibited. Attempting to impersonate any person by using forged headers or other identifying information is prohibited. The use of anonymous remailers or nicknames does not constitute impersonation.
SPAM: Savvy has a zero tolerance policy for the sending of unsolicited commercial email (“SPAM”). Use of a Hosted Service to transmit any unsolicited commercial or unsolicited bulk e-mail is prohibited. You are not permitted to host, or permit the hosting of, sites or information that is advertised by SPAM from other networks. To prevent unnecessary blacklisting due to SPAM, we reserve the right to drop the section of IP space identified by SPAM or denial-of-service complaints if it is clear that the offending activity is causing harm to parties on the Internet, if open relays are on the hosted network, or if denial of service attacks are originated from the hosted network.
Internet Relay Chat (IRC): The use of IRC on a hosted server is prohibited.
Open or “anonymous” proxy: Use of open or anonymous proxy servers is prohibited.
Cryptomining: Using any portion of the Hosted Services for mining cryptocurrency or using any bandwidth or processing power made available by or through a Hosted Services for mining cryptocurrency, is prohibited.
Hosting spammers: The hosting of websites or services using a hosted server that supports spammers, or which causes (or is likely to cause) our IP space or any IP space allocated to us or our customers to be listed in any of the various SPAM databases, is prohibited. Customers violating this policy will have their server immediately removed from our network and the server will not be reconnected until such time that the customer agrees to remove all traces of the offending material immediately upon reconnection and agree to allow Savvy to access the server to confirm that all material has been completely removed. Any subscriber guilty of a second violation may be immediately and permanently removed from the hosted network for cause and without prior notice.
Email/message forging: Forging any email message header, in part or whole, is prohibited.
Unauthorized access: Use of the Hosted Services to access, or to attempt to access, the accounts of others or to penetrate, or attempt to penetrate, Savvy’s security measures or the security measures of another entity's network or electronic communications system, whether or not the intrusion results in the corruption or loss of data, is prohibited. This includes but is not limited to accessing data not intended for you, logging into or making use of a server or account you are not expressly authorized to access, or probing the security of other networks, as well as the use or distribution of tools designed for compromising security such as password guessing programs, cracking tools, or network probing tools.
IP infringement: Use of a Hosted Service to transmit any materials that infringe any copyright, trademark, patent, trade secret or other proprietary rights of any third party, is prohibited.
Collection of personal data: Use of a Hosted Service to collect, or attempt to collect, personal information about third parties without their knowledge or consent is prohibited.
Disruptive Activity: Use of the Hosted Services for any activity which affects the ability of other people or systems to use the Hosted Services or the internet is prohibited. This includes “denial of service” (DOS) attacks against another network host or individual, “flooding” of networks, deliberate attempts to overload a service, and attempts to “crash” a host.
Distribution of malware: Intentional distribution of software or code that attempts to and/or causes damage, harassment, or annoyance to persons, data, and/or computer systems is prohibited.
Excessive use or abuse of shared resources: The Hosted Services depend on shared resources. Excessive use or abuse of these shared network resources by one customer may have a negative impact on all other customers. Misuse of network resources in a manner which impairs network performance is prohibited. You are prohibited from excessive consumption of resources, including CPU time, memory, and session time. You may not use resource-intensive programs which negatively impact other customers or the performances of our systems or networks.
Allowing the misuse of your account: You are responsible for any misuse of your account, even if the inappropriate activity was committed by an employee or independent contractor. You shall not permit your hosted network, through action or inaction, to be configured in such a way that gives a third party the capability to use your hosted network in an illegal or inappropriate manner. You must take adequate security measures to prevent or minimize unauthorized use of your account. It is your responsibility to keep your account credentials secure.
To maintain the security and integrity of the hosted environment, we reserve the right, but not the obligation, to filter content, Savvy requests, or website access for any web requests made from within the hosted environment.
Revisions to this AUP: We reserve the right to revise or modify this AUP at any time. Changes to this AUP shall not be grounds for early contract termination or non-payment.
Data Processing Policy (“DPP”)
Responsibility for Processing of Personal Information
Roles: You are a Controller, and Savvy is a Processor, for the Processing of Personal Information pursuant to the services provided by Savvy under any Quote (the “Services”).
Purposes: You and we acknowledge that the Personal Information you disclose to us is provided only for the limited and specified Business Purpose(s), and for no other reason. We will Process Personal Information solely for the purpose of providing or facilitating (as applicable) the Services.
No Additional Obligations: Unless otherwise specified in the Quote or otherwise agreed in writing by us, you shall not provide us with any data that imposes specific data security or data protection obligations on us other than those obligations specified in this DPP or a Quote. If you require additional services to address specific data security or data protection requirements applicable to your business, they must be agreed upon in writing between us and you before they can be implemented. We do not warrant or guaranty that we can or will agree to any such additional data security or data protection requirements. Until and unless we agree to provide such additional data-related services, you remain responsible for compliance with your specific regulatory, legal or industry data security obligations that apply to such data.
Restrictions: Savvy will not: (a) Sell or Share any Personal Information; (b) retain, use, or disclose any Personal Information (i) for any purpose other than for the Business Purpose, or (ii) outside of the direct business relationship between Savvy and you; or (c) combine Personal Information received from or on behalf of you with Personal Information received from or on behalf of any third party, or collected from Savvy’s own interaction with Individuals, except to perform a Business Purpose permitted by applicable law and/or the applicable Quote.
We will notify you of our use of Savvy Affiliates and Third Party Subprocessors in accordance with this DPP, and we will make sure that Savvy Affiliates and Third Party Subprocessors are subject to applicable written agreements as per Applicable Law.
We will provide a level of protection to Personal Information as required by the Quote, the MSA, and Applicable Law which, in all cases, shall be a reasonable care of protection. Notwithstanding the foregoing, you may take such reasonable steps as may be necessary (a) to remediate our unauthorized use of Personal Information, and (b) to ensure that Personal Information is used in accordance with the terms of this DPP by exercising your rights under this DPP and the Services Agreement. We will notify you if we determine that we are unable to meet our privacy or confidentiality obligations.
Your Instructions
You may provide additional instructions in writing to us regarding the Processing of Personal Information in accordance with Applicable Data Protection Law. We will promptly comply with all such instructions to the extent necessary for us to (i) comply with our Processor obligations under Applicable Data Protection Law or (ii) assist you to comply with your Controller obligations under Applicable Data Protection Law relevant to your use or receipt of the Services.
We will follow your instructions at no additional cost to you and within the timeframes reasonably necessary for you to comply with your obligations under Applicable Data Protection Law. We will immediately inform you if, in our opinion, your instructions infringe Applicable Data Protection Law; however, (a) under no circumstances shall we be responsible for providing legal advice to you, and (b) no communication from us to you shall be considered to be, or relied upon as, legal advice.
Privacy Inquiries; Requests
If you receive a request or inquiry from an Individual related to Personal Information Processed by us, including an Individual’s request to access, delete or erase, restrict, rectify, receive and transmit (data portability), block access to or object to Processing of specific Personal Information, you must forward that request to our designated Privacy Officer (listed below) for follow-up. If we directly receive any inquiries from Individuals that have identified you as the Controller, we will promptly pass on such requests to you without responding to the Individual. Otherwise, we will advise the Individual to identify and contact the relevant controller(s).
Savvy’s Affiliates and Third Party Subprocessors
General Authorization: You hereby provide Savvy with general written authorization to engage Savvy Affiliates and Third Party Subprocessors as necessary to assist in the performance and/or provision of the Services.
Requirements: To the extent we engage Third Party Subprocessors and/or Savvy Affiliates, we will require those entities to have and maintain the same level of data protection and security as Savvy under the terms of this DPP and Applicable Data Protection Law. You will be entitled, upon written request, to receive copies of the relevant privacy and security terms of our agreement with any Third Party Subprocessors and Savvy Affiliates that may Process Personal Information.
Subprocessor List: Savvy maintains a list of Savvy Affiliates and Third Party Subprocessors that may Process Personal Information (“Subprocessor List”). The Subprocessor List is below, and we will provide you with an updated list throughout the term of the Services if you request us to do so in writing. Changes, if any, will automatically modify and be included in the Subprocessor List.
Objections: Within thirty (30) calendar days of us providing notice to you (as described above), you may object to the intended involvement of a Third Party Subprocessor or Savvy Affiliate by notifying us of the objection in writing. We will work together with you in good faith to find a mutually acceptable resolution to address any timely objection.
Cross-Border Data Transfers
Personal Information will be stored in our designated data storage centers in the United States or such other locations described in a Quote or other documentation from us to you; however, we may Process Personal Information globally as necessary to perform the Services, such as for support, incident management or data recovery purposes. Should it be necessary to do so, you and we will review supplemental measures that may be required based on applicable Data Protection Law for the transfer of Personal Information to countries that do not offer an adequate level of protection. Under those circumstances, you and we agree to work together in good faith to find a mutually acceptable resolution to address such supplementary measures.
Security; Confidentiality
We will maintain appropriate technical and organizational security measures for the Processing of Personal Information in our possession or control designed to prevent accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Information. Our security measures may include, for example, (i) utilizing firewall, router, and VPN-based access controls, (ii) regular examinations of security risks, (iii) role-based access controls implemented in a manner consistent with the principle of “least privilege,” (iv) logging of all access to host servers, applications, databases, routers, switches, etc., (v) password protection that includes minimum length requirements and periodic resets, (vi) implementation of anti-malware and anti-spyware solutions, and (vii) security incident and event management (SIEM) systems. All Savvy and Savvy Affiliates employees, and Third Party Subprocessors that Process Personal Information, are subject to written confidentiality arrangements.
Audit Rights
Timing: You may audit our compliance with our obligations under this DPP up to one time per year at your cost. More frequent audits will be permitted if expressly required by Applicable Data Protection Law.
Requests: We must receive your request for an audit in writing and no less than two (2) weeks before the proposed audit date. Your request must describe the proposed scope, duration, and start date of the audit. We will promptly review the proposed audit plan and provide you with any concerns or questions, and work cooperatively with you to agree on a final audit plan within a reasonable timeframe. Audits must be conducted during regular business hours and may not unreasonably interfere with our normal business activities.
Third Party Auditors: If you engage a third party auditor to conduct an audit, the third party must be mutually agreed to by you and by us unless the third party is a Regulator. We will not unreasonably withhold our consent to a third party auditor; however, prior to conducting any audit, a third party auditor must execute a written confidentiality agreement reasonably acceptable to us or otherwise be bound by a statutory or legal confidentiality obligation.
Copies: You agree to promptly provide us with a copy of any audit report, which will be considered confidential information. You agree to use or disclose the audit report only for the purposes of meeting your regulatory audit requirements and/or confirming compliance with the requirements of this DPP, and for no other purpose. Each party will bear its own costs in relation to the audit, unless we promptly inform you upon our review of the audit plan that we expect to incur additional charges or fees in the performance of the audit that are not covered by the fees payable under the Services Agreement, such as additional license or third party contractor fees. You will be responsible for paying those fees; however, we agree to try in good faith to mitigate those fees to the extent reasonably practicable.
Acceptance of Prior Reports. Notwithstanding the foregoing, if the scope of a proposed audit is addressed in a SOC, ISO, NIST, PCI DSS, HIPAA or a similar audit report issued by a qualified third party auditor within the prior twelve (12) months from the date of your audit request, and if we provide that report to you confirming there are no known material changes in the controls audited, you agree to accept the findings of the report in lieu of an audit of the same controls covered by the report.
Incident Management and Breach Notification
If we confirm that an Information Breach has, or likely has, occurred, then we will notify you the situation without undue delay but at the latest within 72 hours after confirmation. As information regarding the Information Breach is collected or otherwise becomes available to us, we will also provide you with (i) a description of the nature and reasonably anticipated consequences of the Information Breach; (ii) the measures taken to mitigate any possible adverse effects and prevent a recurrence; and (iii) where possible, information about the types of information that were the subject of the Information Breach. You agree to coordinate with us on the content and timing of any public statements or required notices to affected Individuals and/or notices to relevant Regulators.
Return and Deletion of Personal Information
Upon termination of the Services, we will either promptly return or destroy (at our discretion) the Personal Information in our custody or control; provided, however, we shall be entitled to retain a copy of part or all of the Personal Information as reasonably necessary to evidence the parties’ business relationship and/or the scope or type of Services provided or facilitated thereunder. Any Personal Information retained shall be considered to be your confidential information, and shall be treated as such at all times.
Legal Requirements
If we are required by law to provide access to Personal Information (such as to comply with a subpoena or other legal process, or to respond to government requests), then we will promptly inform you of that requirement. If, in the opinion of our counsel, a request for access (“Access Request”) is legally valid and binding on us, then we will provide access as required unless we are otherwise ordered by a court of competent jurisdiction to refrain from doing so. You agree to indemnify us for all fees, costs, and expenses we incur in the process of determining whether the Access Request is valid, as well as any subsequent fees and costs we may incur relevant to the disclosure process.
Data Protection Officer
Savvy’s Chief Privacy Officer and local Data Protection Officer is Christopher Berger, email: cberger@followsavvy.com.
Definitions
“Applicable Data Protection Law” means all data privacy or data protection laws or regulations globally that apply to the Processing of Personal Information under this DPP, including Applicable European Data Protection Law, Applicable UK Data Protection Law, the California Consumer Privacy Act as amended (“CCPA”) and other U.S. state laws.
“Applicable European Data Protection Law” means (i) the EU General Data Protection Regulation EU/2016/679, as supplemented by applicable EU Member State law and as incorporated into the EEA Agreement; and (ii) the Swiss Federal Act of 19 June 1992 on Data Protection, as amended.
“Applicable UK Data Protection Law” means (i) the UK GDPR, meaning the EU General Data Protection Regulation EU/2016/679, as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 pursuant to amendments to the EU General Data Protection Regulation EU/2016/679 made by The Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 and 2020; and (ii) the UK Data Protection Act 2018, as amended.
“Europe” means for the purposes of this Data Processing Agreement (i) the European Economic Area, consisting of the EU Member States, Iceland, Liechtenstein and Norway; and (ii) Switzerland.
“Individual” shall have the same meaning as the term “data subject” or the equivalent term under Applicable Data Protection Law.
“Information Breach” means a breach of security leading to the misappropriation or accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information transmitted, stored or otherwise Processed on systems controlled by Savvy.
“Master Services Agreement” means the master terms and conditions applicable to all services provided or facilitated by Savvy, a copy of which can be found at https://www.followsavvy.com/terms.
“Process/Processing”, “Controller”, “Processor” and “Binding Corporate Rules” (or the equivalent terms) have the meaning set forth under Applicable Data Protection Law.
“Quote” shall have the meaning set forth in the Master Services Agreement.
“Service Provider”, “Sell”, “Share”, “Business Purpose”, and “Commercial Purpose” have the meaning set forth under the law of the state in which you are headquartered; however, if no such law reasonably applies or defines such terms, then the terms shall have the same meaning as indicated in the CCPA.
“Savvy Affiliate(s)” means the subsidiar(y)(ies) of Savvy that may Process Personal Information as set forth in this DPP.
“Personal Information” shall have the same meaning as the term “personal data”, “personally identifiable information (PII)” or the equivalent term under Applicable Data Protection Law.
“Regulator” shall have the same meaning as the term “supervisory authority”, “data protection authority” or the equivalent term under Applicable Data Protection Law.
“Services” or the equivalent terms “Service Offerings” or “services” means any services that you have purchased through one or more Quotes.
“Third Party Subprocessor” means a third party, other than a Savvy Affiliate, which Savvy subcontracts with and which may Process Personal Information as set forth in this DPP.
List of Approved Savvy Subprocessors
Note: Subprocessors may have their own list of subprocessors. Please see each subprocessor’s site for details.
Additional Terms Applicable to Microsoft Products
You shall comply with the special product terms published by Microsoft for all its partners that participate in Microsoft’s New Commerce Experience (NCE)/Cloud Solution Provider (CSP) reseller programs. Those product terms are located here: https://partner.microsoft.com/en-us/licensing/licensing-agreements.
If you obtain Microsoft licenses through Savvy, you agree to Microsoft’s terms and conditions for such licenses. This includes, but is not limited to: (a) pricing and the contract length during which that pricing is effective; (b) contract length acquired (e.g., annual or monthly); (3) type of payment (e.g., annual or monthly); (4) license co-terms to the annual or monthly license date for added licenses; (5) all licenses set to auto-renew unless explicitly set to not renew; (6) Microsoft’s renewal date, which may differ from Savvy’s contractual date, in which case you shall be bound to Microsoft even after the Services terminate; and (8) your obligation to Microsoft if you terminate a Microsoft license early.
Microsoft’s current contract terms are 36-months, 12-months or 30-days from license purchase date. Additional licenses can be purchased co-terminus to initial license purchase and term. During those term(s), Microsoft does not allow a decrease in license counts beyond their reduction allowance period and any termination or decrease in license counts by you shall not result in a decrease of contract costs. You are responsible for such Microsoft charges regardless of your usage of such licenses. Savvy will make every effort to align your licenses and minimize license usage when you cooperate with such efforts, but Savvy is limited by Microsoft requirements within the program and as such, you are bound to those terms and shall pay such Microsoft charges for the entire length of Microsoft’s contract requirements.
| Entity Name | Processing Activity | Location |
|---|---|---|
| ActiveCampaign activecampaign.com |
Email Marketing | USA |
| Akamai Technologies | Sales & Customer Support | USA |
| Amazon Web Services (AWS) aws.amazon.com |
Hosting | USA |
| Backblaze backblaze.com |
Hosting | USA |
| Box | Data Storage | USA |
| Calendly | Administrative | USA |
| DocuSign | Electronic Signature | USA |
| Cloudflare, Ltd. cloudflare.com |
Content Delivery | Processed at the data center closest to the end user |
| CloudRadial cloudradial.com |
Customer Service | USA |
| ChurnZero churnzero.com |
Security | USA |
| Dropbox | Data Storage | USA |
| Endear | Marketing | USA |
| Fortinet fortinet.com |
Security | USA |
| Google Cloud Platform cloud.google.com |
Cloud Infrastructure; Hosting | USA |
| Huntress huntress.io |
Security | USA |
| HubSpot | Marketing | USA |
| Ironclad | Contract Management | USA |
| KnowBe4 knowbe4.com |
Security Awareness Training | USA |
| Limelight Networks limelight.com |
Hosting | USA |
| Looker | Data Analytics | USA |
| Mailchimp mailchimp.com |
Marketing | USA |
| Microsoft Azure azure.microsoft.com |
Cloud Infrastructure; Hosting |
Ireland (default) USA (on request) |
| NetSuite | Accounting | USA |
| NorthPass northpass.com |
Customer Education | USA |
| ShareIt mycommerce.com |
Payment Processing | USA |
| SafeAeon safeaeon.com |
Cloud Infrastructure; Security; Security Assessments | USA |
| Salesforce.com salesforce.com |
Customer Relationship Management; Customer Support | USA |
| Snowflake Inc. snowflake.com |
Cloud Infrastructure | Germany |
| Twilio, Inc. twilio.com |
Calling & SMS Functionality | USA |
| Wasabi Technologies wasabi.com |
Hosting | USA |
| WithSecure withsecure.com |
Security | USA |
| Zendesk, Inc. zendesk.com |
Customer Support | USA |
| Zoho Corporation zoho.com |
Customer Support | USA |