Service Level Agreement

1. Scope

This Service Level Agreement ("SLA") applies to customers on the Intended Enterprise plan and defines uptime commitments, measurement methodology, exclusions, and service credit remedies for the Intended Authority Runtime Services. Team plan customers receive commercially reasonable uptime targets but are not eligible for service credits under this SLA. Free plan customers are not covered by this SLA. Enterprise customers with custom SLA terms in their order form or enterprise agreement should refer to those documents, which take precedence over this standard SLA.

2. Definitions

• "Downtime" — a period during which the applicable Service is unavailable or materially impaired, as measured by Intended's monitoring systems. A Service is considered unavailable if more than 5% of requests to the Service return server errors (HTTP 5xx) over a rolling 5-minute window
• "Monthly Uptime Percentage" — the total minutes in a calendar month minus Downtime minutes, divided by total minutes in the calendar month, expressed as a percentage
• "Service Credit" — a credit applied to the Customer's next invoice, calculated as a percentage of the monthly fee for the affected Service
• "Scheduled Maintenance" — planned maintenance windows communicated at least 48 hours in advance via email and the platform status page

3. Availability commitment (single-region configuration)

Intended commits to 99.5% uptime for the Authority Engine API (POST /v1/intent/authorize, POST /v1/tools/execute, GET /v1/audit/*) measured over monthly calendar periods. Availability is calculated as: (Total HTTP requests - 5xx errors) / Total HTTP requests × 100%. Failures affecting all availability zones (AZs) within the us-east-1 region or AWS regional incidents impacting us-east-1 are excluded from this commitment. This 99.5% commitment applies to Enterprise plans only. Free and Team plans are provided on a commercially reasonable effort basis without specific uptime guarantee. Uptime tracking and current status available at status.intended.so. Forward commitment: Intended targets promotion of the Authority Engine API commitment to 99.9% upon general availability of multi-region failover.

4. Availability measurement

Availability is measured as the percentage of successful HTTP responses to Intended API endpoints over a calendar month:

• Availability (%) = (Total Requests - 5xx Status Codes) / Total Requests × 100
• Where: Total Requests = all HTTP requests to covered API endpoints (Section 3) during the measurement period; 5xx Status Codes = server errors (500 Internal Server Error, 502 Bad Gateway, 503 Service Unavailable, 504 Gateway Timeout); 2xx, 3xx, 4xx responses count as successful.
• Measurement window: calendar month (e.g., April 1–30).
• Real-time availability tracking: https://status.intended.so
• 5-minute rolling window: If rolling 5-minute window has >5% 5xx error rate, incident is declared.
• Minimum traffic threshold: If fewer than 1,000 API requests occur in a month, availability cannot be assessed (deemed non-applicable).

5. Service exclusions and limitations

The following services and scenarios are excluded from the 99.5% uptime commitment:

• Preview, Beta, Alpha, or Roadmap-labeled Services: Python SDK (intended-python on PyPI), Go SDK (@intended/intended-go), Terraform Provider (intended-terraform), Kubernetes Admission Controller (@intended/k8s-admission), MCP Gateway (@intended/mcp-gateway), and any other service explicitly marked 'Preview,' 'Beta,' 'Alpha,' or 'Roadmap' in the Services documentation, README, or console UI.
• Failures affecting entire us-east-1 region (all AZs) or caused by AWS regional outage.
• Scheduled maintenance with 48 hours' advance notice via status.intended.so.
• Customer-caused outages: incorrect API usage, policy misconfiguration, denial-of-service from Customer's own systems.
• Third-party failures: failures in GitHub, Slack, Stripe, Jira, ServiceNow, or other connector targets are not Intended failures.
• General Internet outages or DDoS attacks targeting Customer's endpoints (not Intended's infrastructure).
• Services covered by this SLA: Authority Engine API, Audit API, Verification SDK, Connector SDK, Console web UI, Webhook delivery to Customer endpoints.
• Services NOT covered: Preview SDKs (per 5.a), Customer-operated connectors, third-party integrations.

6. Incident communication and transparency

For incidents affecting Authority Engine API availability for >5 minutes:

• Status Page Update: Intended will publish initial incident notice on status.intended.so within 60 minutes of detection.
• Enterprise Notifications (Annual Commitment >$50K): Intended will email customer's designated incident contact within 30 minutes of detection if incident duration likely to exceed 15 minutes AND severity is P1 (>30% API error rate) or P0 (complete API outage).
• Preliminary RCA: For incidents lasting >5 minutes, Intended will post preliminary root cause assessment on status page within 48 hours.
• Full RCA: For incidents lasting >30 minutes or affecting SLA (>0.5% monthly error rate), Intended will provide full post-incident review (RCA) with incident timeline, root cause(s), contributing factors, mitigation and remediation steps, and timeline to prevent recurrence. RCA due within 5 business days of incident resolution and shared with Enterprise customers via email.
• SLA Credit Calculation (Section 7): If monthly availability falls below 99.5% due to Intended failure, SLA credit automatically calculated and applied to next month's invoice.
• Escalation: For incidents >1 hour, Enterprise customer may contact support@intended.so for real-time incident updates. For incidents >4 hours, customer may request emergency escalation to engineering lead via security@intended.so.

7. Service credits

If Intended fails to meet the 99.5% Monthly Uptime Percentage, the Customer is eligible for Service Credits as follows:

• 99.0% to < 99.5% Monthly Uptime: 10% Service Credit on the monthly fee
• 95.0% to < 99.0% Monthly Uptime: 25% Service Credit on the monthly fee
• Below 95.0% Monthly Uptime: 50% Service Credit on the monthly fee

8. Credit request process

To receive a Service Credit, the Customer must submit a request within thirty (30) days of the end of the calendar month in which the Downtime occurred. Credit requests should be sent to support@intended.so and must include:

• The Customer's account identifier or organization name
• The dates and times of the Downtime incident(s)
• A description of how the Downtime affected the Customer's use of the Services
• Any server-side logs or evidence supporting the claim (optional but helpful for faster resolution)

9. Audit trail durability and integrity SLA

Hash-chain Audit Ledger Commitment: Intended commits to 99.99% durability of hash-chain audit entries (authority decisions, token issuances, audit records). Specifically:

• Immutability: Audit entries, once written, are cryptographically signed (HMAC-SHA-256) and cannot be modified or deleted retroactively.
• Integrity Verification: Hash-chain integrity is continuously verified. If continuity breaks (hash mismatch, missing entries), incident is declared.
• Continuity Commitment: Intended will maintain hash-chain continuity at 99.99% (allowing 1 hour of integrity loss per year).
• Notification of Integrity Compromise: If hash-chain integrity is compromised (entries missing, hashes mismatched, or chain severed), Intended will notify Customer within 1 hour of discovery, publish security advisory detailing scope of compromise, conduct forensic RCA within 24 hours, and provide remediation plan and timeline.
• Remedy for Integrity Loss: If audit ledger integrity is compromised due to Intended's failure (not Customer configuration error), Customer receives 100% SLA credit for the affected month, regardless of normal availability metrics.
• Data Durability: Audit data is stored in AWS S3 with versioning enabled (preventing accidental deletion) and Object Lock in Compliance mode for Enterprise customers (preventing even administrator deletion during retention period).

10. Maximum credit

The maximum aggregate Service Credit for any single calendar month shall not exceed fifty percent (50%) of the Customer's monthly fee. Service Credits are applied as a credit to the Customer's next invoice and are not redeemable for cash. Service Credits may not be transferred or applied to other services or accounts.

11. Sole and exclusive remedy

Service Credits as described in this SLA are the Customer's sole and exclusive remedy, and Intended's entire liability, for any failure to meet the availability commitments. This SLA does not modify or supersede the limitation of liability provisions in the Terms of Service.

12. Support response times

Enterprise plan customers receive prioritized support with the following target response times:

• Critical (P1) — Service is completely unavailable or data integrity is at risk: Initial response within 1 hour, 24/7
• High (P2) — Service is significantly degraded or a major feature is unavailable: Initial response within 4 hours during business hours
• Normal (P3) — Non-critical issue or question: Initial response within 1 business day
• Low (P4) — Feature request or general inquiry: Initial response within 2 business days

13. Changes to this SLA

Intended may update this SLA with at least 30 days advance notice. Changes will not reduce uptime commitments or service credit percentages for existing Enterprise customers during their current contract term. Notice will be provided through the Services or by email.

14. Service credit mechanism for Team plans

While the formal SLA applies to Enterprise plans, Team plan customers are eligible for service credits of 5% of their monthly fee for each full hour of unscheduled downtime exceeding 30 minutes, up to a maximum of 25% of the monthly fee. Credits must be requested within 14 days via support@intended.so.

15. Contact

For SLA-related inquiries, service credit requests, or to report a service disruption, contact support@intended.so or your dedicated account team.