Service Level Agreement

Document Version: 1.0

Effective Date: 1 July 2025

Issued by: Helm Labs Ltd

Applies to: All paid subscription plans

1. Introduction

This Service Level Agreement ("SLA") is entered into between Helm Labs Ltd, a company registered in England and Wales ("Helm Labs", "we", "us"), and the customer organisation subscribing to our services ("Customer").

This SLA sets out the performance commitments, support standards, and remedies that apply to the Helm Labs Application published on the Atlassian Marketplace (the "Application"). It forms part of, and is incorporated into, the Atlassian Marketplace Terms of Use and any Order Form or subscription agreement agreed between the parties.

2. Definitions

Availability: The percentage of time in a calendar month during which the Service is accessible and operational, excluding Scheduled Maintenance and Excused Downtime.
Business Hours: 08:00–18:00 GMT/BST, Monday to Friday, excluding UK public holidays.
Downtime: Any period during which the Service is wholly unavailable or functionally inoperable, not attributable to Excused Downtime.
Excused Downtime: Service unavailability caused by Scheduled Maintenance, Force Majeure, Customer-caused issues, or third-party infrastructure failures outside Helm Labs' reasonable control.
Incident: Any unplanned event causing or likely to cause a disruption to, or reduction in the quality of, the Service.
Response Time: The elapsed time between Helm Labs' receipt of an Incident report and the Customer's acknowledgement that work has commenced.
Resolution Time: The elapsed time between Helm Labs' receipt of an Incident report and restoration of the Service to normal operation or delivery of an accepted workaround.
Scheduled Maintenance: Planned downtime communicated at least 48 hours in advance, typically executed outside Business Hours.
Service Credit: A monetary credit applied to a future invoice as a remedy for a failure to meet the availability commitment.

3. Service Availability Commitment

3.1 Uptime Target

Helm Labs commits to a monthly Availability target of 99.5% for the Services, measured across each calendar month.

Monthly Availability	Maximum Permitted Downtime
99.5% target	~3 hours 39 minutes
99.0% (SLA breach threshold)	~7 hours 18 minutes

3.2 Availability Calculation

Monthly Availability (%) = ((Total Minutes in Month − Unplanned Downtime Minutes) ÷ Total Minutes in Month) × 100

3.3 Exclusions

The following are excluded from Availability calculations:

Scheduled Maintenance windows
Unavailability of the underlying Atlassian platform (Jira, Confluence, or Atlassian Cloud infrastructure)
Incidents caused by Customer misuse, misconfiguration, or actions contrary to the documentation
Third-party integrations or APIs not operated by Helm Labs
Force Majeure events (see Section 10)
Periods of Customer-requested suspension
Beta or preview features explicitly labelled as such

4. Incident Classification & Response Commitments

Priority	Definition	Response Time	Resolution Target
P1 — Critical	Service completely unavailable or data integrity at risk; production impact affecting all users.	1 hour (24/7)	4 hours
P2 — High	Major functionality degraded; core workflows impaired but a workaround may exist.	4 Business Hours	1 Business Day
P3 — Medium	Non-critical feature affected; limited operational impact; workaround available.	1 Business Day	5 Business Days
P4 — Low	Minor issue, cosmetic defect, or general enquiry; no immediate operational impact.	2 Business Days	Next scheduled release or as agreed

GxP Note: For regulated Customers, Helm Labs will provide written Incident summaries for P1 and P2 events upon request, suitable for inclusion in audit records and change control documentation.

5. Support Channels

5.1 How to Raise an Incident

Customers may report Incidents via the following channels, listed in priority order:

Atlassian Marketplace Support: Via the support link on the Application listing page (preferred — creates a tracked ticket)
Email: support@helmlabs.uk

5.2 Information Required

To ensure prompt triage, Customers should include: Customer name and account ID; description of the issue; steps to reproduce; business impact; affected users and environment; any recent changes that preceded the issue.

6. Scheduled Maintenance

Helm Labs will perform Scheduled Maintenance during the preferred window of 23:00–03:00 GMT/BST on Saturdays. A minimum of 48 hours' notice will be provided via email and the in-application status banner for maintenance expected to exceed 15 minutes of downtime.

Emergency maintenance required to remediate a critical security vulnerability may be executed with shorter notice; Helm Labs will communicate this as quickly as is practicable.

7. Service Credits

7.1 Eligibility

Service Credits are available where Helm Labs fails to meet the 99.5% monthly Availability commitment. Credits are calculated against the Customer's monthly subscription fee for the affected Service.

Monthly Availability Achieved	Service Credit
99.0% – <99.5%	10% of monthly fee
95.0% – <99.0%	20% of monthly fee
90.0% – <95.0%	30% of monthly fee
Below 90.0%	50% of monthly fee

7.2 Claiming a Credit

Credits must be requested within 30 calendar days of the end of the affected month by submitting a written claim to support@helmlabs.uk, referencing the relevant Incident ticket numbers. Helm Labs will validate the claim against monitoring data and, if valid, apply the credit to the Customer's next invoice.

7.3 Sole Remedy

Service Credits represent the Customer's sole and exclusive remedy for Availability failures. Credits are non-transferable, non-refundable as cash, and may not exceed the total monthly subscription fee for the affected period.

8. Data Protection & Backup

Helm Labs applications fall into one of the following two data residency models, depending on how the application is architected. The applicable model is documented on the relevant application's Marketplace listing page. All other provisions of this section apply regardless of model.

8.1 Model A — Third-Party Ecosystem (No Helm Labs Data Retention)

Where the Application operates entirely within a third-party platform ecosystem (such as the Atlassian Marketplace), Helm Labs does not store, retain, or process Customer data on its own infrastructure. All data created, managed, or accessed through the Application resides within the Customer's environment on the third-party platform and is subject to that platform's own data protection, security, and backup policies.

Under this model:

Helm Labs has no access to Customer data at rest and holds no copies of it
Data backup, retention, and recovery are the responsibility of the underlying platform provider
Any data processing during Application operation (for example, reading records to render views) is transient and is not persisted by Helm Labs
Customers should consult their platform provider's trust and security documentation for details of data residency, backup, and recovery commitments

8.2 Model B — Helm Labs Hosted (Helm Labs Data Retention)

Where the Application stores Customer data on Helm Labs infrastructure, the following commitments apply:

Backups: Automated daily backups of Customer data, retained for 30 days, stored in encrypted form in a geographically separate region
Restoration: Point-in-time restoration requests will be acknowledged within 1 Business Day, with restoration completed within 4 Business Hours of commencement
Encryption: Data is encrypted at rest (AES-256) and in transit (TLS 1.2 or above)
Access controls: Customer data is logically isolated and accessible only to authorised Customer users and, where operationally necessary, authorised Helm Labs personnel under confidentiality obligations
Data Processing Agreement: A Data Processing Agreement (DPA) is available on request and forms part of the overall subscription agreement

8.3 General Obligations (All Models)

Regardless of data residency model, Helm Labs complies with applicable UK data protection legislation including the UK GDPR and the Data Protection Act 2018. Helm Labs is registered with the UK Information Commissioner's Office (ICO). For any data protection enquiries, contact support@helmlabs.uk.

9. Change Notification (GxP Customers)

Regulated Industry Commitment: Helm Labs understands that our Customers operate in GxP-regulated environments where software changes may trigger validation obligations. We commit to the following change communication standards.

Change Type	Notice Period	Communication Method
Major release (new functionality)	30 calendar days	Email + Release Notice document
Minor release (enhancements, non-breaking changes)	14 calendar days	Email + in-app notification
Patch / bug fix	5 Business Days	Changelog + in-app notification
Emergency security patch	As soon as practicable	Email + Incident report on request

Release Notices include a summary of changes, potential impact assessment, and a statement of whether re-validation activities are recommended. Customers are responsible for their own validation decisions in accordance with applicable regulations.

10. Force Majeure

Helm Labs shall not be in breach of this SLA and shall not be liable for any delay or failure to perform its obligations where such delay or failure results from circumstances beyond its reasonable control, including but not limited to: acts of God; war, terrorism, or civil disorder; pandemic or epidemic; acts of government or regulatory authority; failure of third-party telecommunications or internet infrastructure; or cyber attacks on infrastructure not operated by Helm Labs.

Helm Labs will notify affected Customers as soon as reasonably practicable and will use commercially reasonable efforts to restore the Service.

11. Customer Responsibilities

To support Helm Labs in meeting its obligations, the Customer agrees to:

Maintain accurate and current contact details for support communications
Report Incidents promptly through the designated channels
Provide reasonable co-operation and information when requested during Incident investigation
Ensure that named Customer contacts have appropriate authority to approve or escalate decisions
Use the Services in accordance with the documentation and acceptable use policy

12. Escalation Path

Stage	Contact	When to Escalate
1 — Support Team	support@helmlabs.uk	First point of contact for all Incidents
2 — Senior Review	support@helmlabs.uk — mark subject "ESCALATION"	If Response Time is breached or issue is unresolved beyond target
3 — Director Review	support@helmlabs.uk — mark subject "P1 ESCALATION"	P1 incidents, regulatory concern, or persistent unresolved issues

13. Reporting & Review

Helm Labs will make monthly Availability reports available via the support portal. On request, Helm Labs will provide a quarterly Service Review covering: Availability statistics; Incident summary and trends; planned roadmap items; and any agreed service improvements.

14. SLA Review & Amendments

This SLA will be reviewed annually and may be updated to reflect changes in service architecture, regulatory requirements, or operational capabilities. Customers will be notified of material changes at least 30 calendar days in advance. Continued use of the Services following notice of amendment constitutes acceptance of the revised SLA.

The current version of this SLA is always available at helmlabs.uk/legal/sla.

15. Contact Information

Registered Company: Helm Labs Ltd — registered in England and Wales
All Support & Enquiries: support@helmlabs.uk