Document toolboxDocument toolbox

General Service Provision Regulations

Owned by Janis Pilsetnieks
Last updated: Aug 14, 2023 by Zane Stārostniece (Deactivated)
17 min read

Version

1.1

 

Date of last changes

01.06.2023.

 

1. Service level regulations

1.1. Service level

  1. When concluding a contract with the Contractor, the Customer chooses the desired Service level, hereinafter referred to as the SL.

  2. The SL Fee is determined as part of the Customer’s total subscription fee for the system, which is calculated as the full amount of licences of HansaWorld, Excellent Latvija, Atlassian or other software suppliers, as well as subscription fees for the Contractor’s solutions, without discounts, hereinafter referred to as the Subscription Fee.

  3. The Contractor is entitled to review the SL Fee once a month, according to changes in the configuration of the Customer’s licenses or the configuration of the Contractor’s solutions

  4. The Service level determines the following rights and obligations of the Customer:

    • The right to obtain a SL Discount from the Service invoice for the period in the amount expressed as a part of the SL Fee in the period,

    • The right to obtain a free evaluation of the System use efficiency once per calendar year, if any determined by the SL,

    • The right to request the Contractor’s response to requests created in accordance with the procedure provided for in these regulations within the Response Time provided for in the SL,

    • The right to communicate with the Contractor’s representatives by phone during the Support working hours determined by the SL,

    • The right to receive the services at the reduced service price determined in the service pricelist,

    • The right to a free status meeting lasting one hour once per the SL period, if provided for in the Customer’s SL,

    • The obligation to pay the corresponding SL Fee expressed as a part of the Customer’s current Subscription Fee.

  5. The working day corresponds to the calendar of working days provided for in the legislation of the Republic of Lithuainia

  6. The Contractor offers the following Service Levels:

 

Service level

Start

Basic

Standard

Business

Service level

Start

Basic

Standard

Business

SL paid amount

0%

10%

20%

60%

SL minimum monthly fee

0 EUR

10 EUR

30 EUR

100 EUR

SL discount amount

0%

0%

50%

60%

Consultation rate

Standard

Reduced

Reduced

Reduced

Support working hours

working days 9 am – 5 pm

working days 9 am – 5 pm

working days 8 am – 6 pm

working days 8 am – 8 pm

Response time

2 working days or 16 working hours

1 working day or 8 working hours

4 working hours

2 working hours

Free status meetings

Not included

Not included

Included

Included

Free system use efficiency evaluation

Not included

Included

Included

Included

1.2. Response time

  1. The response time depends on the SL Support working hours.

  2. The response time is only counted when the person responsible for the JIRA Task is one of the Contractor’s representatives

  3. Accounting of the response time is restarted every time it is allocated from the Customer to the Contractor.

  4. During the calculation and solution of the evaluation of the task, as well as during the time until the requested advance payment is received, the response time accounting is suspended.

1.3. Service description

  1. As the consulting service for the purpose of these regulations are considered consultations about software, its adaptation, system development and other issues at the discretion of the Customer.

1.4. Status meetings

  1. If the SL provides for it, then both the customer and the consultant are entitled to request a status meeting to discuss the current situation with the system, open tasks, planned tasks and other current issues

  2. If the customer or consultant cannot agree on a meeting time, then it is postponed to the next SL period

  3. Regulations for applying, determining the scope and solving the consulting service

2. Regulations for applying, determining the scope and solving the consulting service

2.1. Customer’s representatives

  1. Services are provided based on the Customer’s request, hereinafter referred to as the Task, which is created in the request management system, hereinafter referred to as JIRA.

  2. The request can be submitted by any representative of the Customer.

  3. The Customer is obliged to ensure the smallest possible number of the Customer’s representatives, in order to reduce the possibility of provision of repeated services.

  4. The Customer is obliged to designate one or more responsible representatives of the Customer having the authority to make a decision on the necessity of the Task, the suitability of the proposed solution, acceptance of the solution and the service budget.

  5. The responsible representatives of the Customer are registered in JIRA Tasks intended for them (type Project manager, status Active).

  6. The Customer is entitled to cancel the existing responsible representatives of the Customer (status Closed).

  7. The Customer is obliged to monitor the status of the Customer’s own responsible representatives and is entitled to represent the Customer in JIRA.

2.2. Task creation

  1. The task can be created in the following ways:

    • The Customer’s representative, who is already a JIRA user, creates a JIRA Task on the Customer’s account website http://services.burti.lv,

    • The Customer’s representative sends an e-mail to support@eberstein.lt, which automatically creates a JIRA Task,

    • The Customer’s representative submits a request by phone or verbally. In this case, the Contractor creates a JIRA Task on behalf of the Customer’s representative.

  2. In order for the Contractor to accept the Task, at least the following parameters of the Task must be known:

    • Name and surname of the Customer’s representative,

    • The Customer’s name,

    • HansaWorld, Excellent Latvia, Atlassian or other supplier’s product name,

    • The company of the Task if the Customer uses software in several companies,

    • Comprehensible Task description.

  3. If this information is not specified, the Contractor reserves the right to not accept the Task for fulfilment. It will be assigned to the Customer or the Customer’s representative, who submitted the Task, to clarify the necessary information.

  4. If the Customer’s representative does not have a JIRA user, it will be created automatically or manually by notifying to the e-mail of the Customer’s representative.

  5. A unique identifier is assigned to the task, which is used in the management of the Task specifications, status, responsible persons, priority and other parameters, as well as for the purposes of working time evaluation, accounting and payment.

  6. The task is considered completed if it has the Waiting for support or Open status and is assigned to the Contractor’s representative.

  7. The Customer’s responsible representative is obliged to regularly review the Tasks submitted by the Customer’s representatives in JIRA and, in case of questions or claims, immediately discuss those with the Contractor.

2.3. Task solving time estimation

  1. The Tasks, the estimated time required for solving which does not exceed the minimum time accounting Step, are solved without additional agreement with the Customer. The step is defined in the amount of 1 hour.

  2. The Tasks, the estimated time required for solving which exceeds the specified Step, together with the estimate of the estimated time, hereinafter referred to as the Assessment, and the proposed Fulfilment term, are sent for approval to the Customer’s responsible representative using the request processing system JIRA (status Estimated).

  3. The estimate cannot be considered a fixed evaluation of the scope of work and may change during the course of work for objective reasons.

  4. If these changes exceed 10% of the Estimate approved by the Customer, the Contractor’s representative timely informs the Customer thereof.

2.4. Estimate approval

  1. The Customer’s responsible representative is obliged to approve (status Estimate Accepted) or reject (status Closed, solution Won’t fix) the Estimate and the Fulfilment term within 14 days.

  2. If the Estimate is not approved within 10 days from the date of submission of the Estimate, an automatic reminder thereof is sent to the Customer in JIRA.

  3. If the Estimate is not approved by the specified time, it is automatically rejected (status Closed, solution Won’t fix) with the possibility to open it again (status Open, assigned to the Contractor).

  4. If the Customer approves the estimate (status Estimate Accepted), then work on the Task is commenced at the time specified in the Customer’s Service level or within the specified Fulfilment term.

  5. If the Customer has objections regarding the planned Task Fulfilment term, then, upon an agreement between the Parties, an agreement is reached on the time acceptable to the Parties. If no agreement is reached, the Task is closed (status Closed, solution Won’t fix).

2.5. Task solving and handover

  1. In case of additional questions arising during the fulfilment of the task (status In Progress or Waiting for support), the fulfilment may be suspended (the responsible person is changed to the Customer’s representative) until the necessary additional information is received (the responsible person is changed to the Contractor’s representative). In this case, the specified Task fulfilment term may be affected.

  2. If the Task is related to code changes, after the changes have been prepared, it is assigned to the programmer (status Ready for code review), who checks the compliance of the code with the Task and quality guidelines (status Code review).

  3. After the Task is completed, the solution is submitted for internal quality testing (status Ready for testing) and testing is performed in the Contractor’s or Customer’s test system (status Testing).

  4. If the code or solution does not meet the requirements, it is returned for elimination of the identified deficiencies (status Reopened).

  5. If the task is completed, it is assigned to the Customer’s representative for testing (status User acceptance).

  6. Along with the handover of the task solution, the Contractor places it on the test server, if any available to the Contractor, or hands it over in another way, for example, in form of instructions and/or output code.

2.6. Task acceptance

  1. The customer’s task is to check the Task solution within 5 days and accept it in case of a satisfactory result (status Ready for Deploy).

  2. If questions arise during the testing on how to do it or on the details of the solution, the Customer returns the task to the Contractor with specific questions.

  3. If specific deficiencies are discovered during the testing, the Customer records the deficiencies with all necessary information such as screenshots, video recordings, data examples and re-opens the task (status Reopened), assigning it to the Contractor.

  4. If no specific objections or questions are raised within the specified period, the assignment is automatically considered accepted (status Auto Accepted).

2.7. Task placement in System Working Environment

  1. Accepted and Automatically accepted Tasks, which need to be placed in the System’s Working Environment, are appropriately marked (status Ready to deploy) by the Customer’s representative and assigned to the Contractor.

  2. The Contractor periodically places one or more Task solutions marked by the Customer in JIRA, in the System Working Environment (status Deployed) and assigns them to the Customer’s representative.

  3. After ascertaining the correctness of placement of the Task solution, the Customer’s representative closes them (status Closed) within 30 days after placing them in the Working Environment.

  4. If no specific objections or questions are raised within the specified period, the task is automatically considered accepted and closed (status Closed).

  5. If specific deficiencies are discovered during the testing of the working environment, then the Customer records the deficiencies with all necessary information such as screenshots, video recordings, data examples and reopens the task (status Reopened), assigning it to the Contractor.

2.8. Payment procedure

  1. The Contractor issues an invoice for the Services at the beginning of the month for the works accepted in the previous month.

  2. The Contractor may also issue an invoice for the Services at another time, if the Parties so agree.

  3. The Contractor may issue an Advance Payment invoice for 50% of the total Task Estimate or less. In this case, the work is not commenced until the Advance Payment invoice is paid. After ascertaining the payment date of the Advance Payment invoice, the Customer may be offered a new Task fulfilment term.

  4. If the invoice for the Service includes the Tasks for which an Advance Payment invoice has been paid, all or part of the advance payment will be deducted from the amount of the invoice for the Service.

  5. If there is a remaining amount to be paid for the invoice for the Service and the Customer’s Service level provides for the SL Discount for the services, then it is assigned to the remaining amount of the invoice for the Service.

  6. The amount of the SL Discount in money is calculated as the percentage of the SL Discount determined for the Service level from the SL Fee paid in the period.

  7. The SL Discount can be assigned to a number of invoices for the Service until the total amount of the SL Discount for the specific period has been used.

  8. The SL Discounts are not summed up or carried over to the next periods.

  9. HansaWorld Cloud Services regulations

3.1. Scope of the Cloud Service

  1. The Cloud Services for the purpose of these regulations include provision of shared or allocated virtual server space, HansaWorld server operation, monitoring and making of backup copies.

  2. The Contractor and the Customer agree on the amount or capacity of the Cloud Services corresponding to the needs of the Customer’s HansaWorld system, hereinafter referred to as the System.

  3. According to the agreement of the Parties, the Customer’s System can be deployed both on allocated and shared resources.

  4. In case of shared resources, the performance of the Customer’s System may be affected by the operation of other Systems using these resources.

  5. If necessary, the Contractor may change (move from a shared resource to an allocated resource or increase the capacity of an allocated resource) the type of System hosting resource.

  6. The Customer’s responsible representative, by creating a corresponding JIRA Task, can ask to change the type or amount of the System hosting resources. Changes are made after the changes have been agreed with the Contractor and by agreement of the Parties.

  7. The Contractor undertakes to ensure the operation of the resources necessary for the operation of the System and the Internet connection.

  8. Before reporting a Cloud Service availability problem, the Customer’s representative is obliged to ascertain a sufficient Internet connection.

3.2. Provision of the Cloud Service

  1. The Contractor connects the Cloud Service chosen by the Customer after the payment of the invoice for the first period of the service.

  2. The Contractor is entitled to disable the access to the Cloud Service if the Customer delays the payment of the invoice for more than 10 days.

  3. If, in case of Access disconnection, the Customer makes a full payment within 5 days, the Contractor restores the operation without additional charge within 2 working days.

  4. If the payment is not made within 5 days from the moment of Access disconnection, then the Contractor is entitled to disable the Cloud Service without guaranteeing the preservation of the hosted Customer data.

  5. If the Customer wishes to restore the Cloud Service after performing the obligations, the Contractor does it for an additional connection fee within 5 working days after payment of the services and connection fee.

3.3. System operation monitoring

  1. The Contractor monitors various parameters of the System’s operation (for example, processor or memory load, memory space availability, etc.) at own discretion.

  2. In case of problems or as a preventive measure, the Contractor, independently or, if necessary, by agreeing with the Customer, performs the necessary activities to normalise the operation of the System.

  3. To the extent possible, the Contractor tries to perform operations with System resources so as not to interfere with the work of the Customer.

  4. In case of a stoppage of the system or its hosting resource, the Contractor undertakes to prioritise the performance of activities necessary to restore the operation of the System.

  5. The other Tasks related to hosting are performed in accordance with the current Service Level.

3.4. Backup copies

  1. The Contractor monitors the creation of backup copies in a technically separated storage, however does not check the completeness and content thereof.

  2. To the extent possible, the Contractor provides a copy of the text of the database for the last 30 days of accesses by the Customer at the request of the appropriate responsible representative of the Customer.

4. Data use and protection regulations

4.1. Basic regulation of data processing

  1. When using the Services provided by the Contractor, the Customer may process the data of identified or identifiable natural persons at its own discretion, hereinafter referred to as the Personal Data. Regarding the Personal data, the Customer is the data controller, who determines the purpose of processing of the Personal Data, as well as whether the Contractor (created system users for its employees) is granted access to the Personal Data (the Customer also determines which processing operations, which types of data and data subject categories are granted access).

  2. In case where the Contractor is not granted access to the Personal Data, the Contractor ensures the provision of the contracted Services by providing the relevant technical and information technology resources, but without accessing and processing the Personal Data available to the Customer.

  3. Without the Customer’s acceptance expressed in writing or in JIRA, the Contractor has no access to the rights data included in the Customer’s System or in the used databases.

  4. In case where the Customer has granted the Contractor the access to data, the Contractor uses it for the specified purposes (maintaining the System, performing the Tasks, providing and improving services), as well as the Contractor in such case is considered a data processor. Chapter 4.2 of the Service Provision Regulations applies to the Contractor, if the Contractor is considered a Personal Data processor, in accordance with the provisions of this chapter.

  5. The Customer undertakes to inform the Contractor in advance if the protected Personal Data are processed within the scope of the provided Services, specifying whether the processing could pose a high risk to the rights and freedoms of natural persons.

  6. The Customer undertakes, using the services provided by the Contractor, to only process legally obtained data and to process them in a legal manner, including in accordance with the General Data Protection Regulation, if applicable. The Contractor is entitled to request the confirming information and documents proving the performance of the Customer’s obligations provided for in this paragraph, and the Customer undertakes to submit those to the Contractor immediately upon request.

  7. The Customer undertakes to not transfer to the Contractor or make it to process the Personal Data which have not been collected legally or processing of which does not correspond to the purpose communicated to the data subject.

  8. The Customer is obliged to ensure that the access details provided to it are confidential, that measures are taken against unauthorised disclosure of data and access details, and that the users created by the Customer have undertaken to observe confidentiality and are authorised to perform activities with data on behalf of the Customer within the framework of the Services and services provided by the Contractor.

  9. Data processing within the framework of the Services (including automated sorting, storage, etc.) taking place with the Contractor’s technological resources or software created or maintained by the Contractor, but within which the Contractor cannot access the data and where data processing is initiated and determined by the Customer, does not give the Contractor the status of a data processor.

  10. The Parties ensure that the persons authorised to process the data have undertaken in writing to observe confidentiality or have a corresponding obligation to observe confidentiality.

  11. Each Party undertakes to train its employees on data protection issues in respect of the Personal Data held by the Customer and the Contractor.

  12. The Parties undertake to comply with the General Data Protection Regulation and applicable legal enactments in their activities, ensuring adequate protection of the Personal Data.

4.2. Rights and obligations of the parties in data processing

  1. The Contractor is obliged to ensure appropriate technical and organisational measures so that, when providing the Services, the technical and information technology resources correspond with the expected and adequate security requirements and comply with the General Data Protection Regulation, including to protect the Personal Data from accidental or illegal destruction or accidental loss.

  2. The Customer ensures that appropriate technical and organisational measures are implemented in such a way that the requirements of the General Data Protection Regulation are observed in the processing of the Personal Data and the protection of the data subject’s rights is ensured.

  3. The Contractor undertakes to not modify the Personal Data, unless such a task has been given by the Customer or a person authorised by the Customer, or it does not result from the contract. Any such modification of the personal data performed by the Contractor must be recorded by the Contractor.

  4. During the term of the contract (or for a shorter period, if it is determined by the Contractor’s data processing procedure), the Contractor stores electronic audit records of all Personal Data processing activities performed by the Contractor with the data received within the framework of the Service.

  5. The Contractor may only process, including use and organise the Personal Data, in accordance with the purpose of processing of the Personal Data provided for in the contract or the Customer’s instructions. The Customer’s instructions are not binding upon the Contractor if they conflict with the provisions of the contract and the Parties have not agreed on changes to the contract.

  6. The Contractor may engage other processors in the provision of the Services and services, if data confidentiality is ensured, or the Contractor’s cooperation partners are not provided access to the Personal Data stored by the Customer. The Customer is entitled to receive information about the Contractor’s cooperation partners having access to the Personal Data within the framework of the provision of the Services.

  7. Upon agreement between the parties, the Customer may request to make available the essential information necessary to certify that the Contractor complies with the requirements provided for in the legal enactments in the provision of the Services, and to allow the Customer to conduct audits and checks of the security of processing of the Personal Data.

  8. In case where the Customer audits the data processing processes at its own expense, the Contractor provides explanations and information about the data processing processes within a reasonable term.

  9. The Contractor ensures that only authorised employees of the Contractor have access to the Personal Data and technical resources used for the protection thereof.

  10. The Contractor does not store the obtained Personal Data longer than necessary, observing the legal basis of data processing and the purpose of processing.

  11. The Parties immediately, but not later than within 48 (forty-eight) hours, as soon as the Party becomes aware of a violation of protection of the Personal Data (data processing incident), notify the other Party thereof, including the following information in the report:

    1. date and time when the violation occurred (was detected);

    2. description of the breach, including, if possible, the categories and approximate number of respective Personal Data subjects and the categories and approximate number of respective Personal Data entries, possible consequences;

    3. measures taken to manage the breach (identification, evaluation, reduction, control);

    4. responsible person’s contact information.

  12. If the Party becomes aware of a violation of protection of the Personal Data (data processing incident), it preserves the available evidence and information.

  13. The Parties agree that upon termination of the contract, the Contractor deletes all data within 5 (five) working days after full performance of the contractual obligations, as far as the applicable legal enactments and legitimate interests of the Contractor allow. If the agreement of the Parties provides for it, the Contractor returns the received Personal Data to the Customer, deleting all copies. The Contractor is not obliged to save and continue to maintain the received data after the termination of the contract.

4.3. Cooperation of the parties to ensure the rights of data subjects

  1. The Parties undertake to cooperate, including, but not limited to, the preparation and submission of documents, communication with other persons (including natural persons and legal entities, companies, organisations and institutions) in order to promote the protection of the Personal Data and the observance of the rights of data subjects.

  2. The Parties mutually inform each other upon receipt of any legally binding request to disclose the Personal Data processed within the framework of the Service or a request of a data subject in connection with the processing of the data within the framework of the Service, unless the disclosure of such information is prohibited by applicable legal enactments.

  3. The Customer is obliged to provide a timely response to the requests of data subjects made to the Customer or the Contractor in connection with the processing of the data within the framework of the Service. This obligation of the Customer does not deprive the Contractor of the right to directly respond to the requests of data subjects and to perform the actions provided for in the legal enactments.

  4. The Contractor, at the Customer’s request, undertakes to provide the necessary information at the disposal of the Contractor and assistance, so that the Customer can perform its obligation by responding to the requests of personal data subjects and exercising the rights of the Personal Data subjects.

  5. Taking into account the nature of the processing of the Personal Data handed over to the Contractor, the Contractor supports the Customer in: notifying the supervisory authority of a breach of protection of the Personal Data; informing the data subject about a violation of protection of the personal data; if the Customer consults with the supervisory authority in relation to the processing of the Personal Data; or the Customer performs an evaluation of how the planned processing operations will affect the protection of the Personal Data.

  6. Taking into account the nature of the processing of the data handed over, the Customer, if necessary, immediately provides the Contractor with information and support in order to respond to the requests of the data subjects and to ensure compliance with the rights of the data subjects.

  7. The Contractor’s time and technical resources, providing information and support to the Customer, as well as processing the requests of data subjects, are paid for by the Customer as the Services provided by the Contractor, in accordance with the procedure provided for in the contract and the Contractor’s pricelist.

  8. The Customer undertakes to provide support to the Contractor in conducting an evaluation of the impact on data protection and in cases where technical and organisational data security measures are evaluated.

  9. The Customer immediately informs the Contractor if the Customer considers the processing of the Personal Data within the framework of the Service to be unsafe or unacceptable.

  10. The Customer is obliged to timely notify the supervisory authority and, if necessary, also the data subject of a violation of the protection of Personal Data discovered by one of the Parties within the scope of the provision of the Service.

  11. The Contractor is only entitled to issue the Personal Data to any third parties in cases provided for in the regulatory enactments, having previously identified the information requester and evaluated the legal basis of the request of information. If the legal enactments allow it, the Contractor informs the Customer of the transfer of data.