# Apogee Studios Service Level Agreement

**Version 1.0** · Last updated 2026-04-12 · `legal@apogeetech.net`

This document is Apogee's operational commitment to every operator. It
binds Apogee Studios and supersedes any prior verbal or email
commitments. Operators on the standard contract automatically receive
these terms. Enterprise operators with custom SLAs take precedence over
this document where they conflict.

---

## 1. Uptime commitment

| Environment | Monthly uptime target |
|---|---:|
| **Production** (`api.apogeetech.net`, `apogeetech.net`) | **99.95%** |
| Sandbox (`sandbox-api.apogeetech.net`) | 99.5% |
| Admin panel (`admin.apogeetech.net`) | 99.0% |

**Definition.** Uptime is measured as the percentage of 60-second
rolling windows during the month in which `GET /` returns a 2xx within
3 seconds. Calculated per-region. Global availability is the max across
regions — if any region is serving, we count the minute as up.

**Excluded from the numerator:** scheduled maintenance (announced ≥ 72
hours ahead via status page), force majeure, operator-side network
issues, operator-triggered misconfiguration (e.g. Cloudflare firewall
blocking our egress).

## 2. Service credits

If we miss the monthly uptime commitment, we credit your next
invoice:

| Monthly uptime | Service credit |
|---|---:|
| 99.95% – 100.00% | 0% (no breach) |
| 99.50% – 99.949% | 5% of monthly fees |
| 99.00% – 99.499% | 10% of monthly fees |
| 95.00% – 98.999% | 25% of monthly fees |
| < 95.00% | 50% of monthly fees + right to terminate |

Credits apply to the **next** invoice, not retroactively, and cap at
50% of any single month. Credits are requested via
`billing@apogeetech.net` with a reference to the incident ID on the
status page.

## 3. Incident response

| Severity | Definition | First response | Resolution target | Escalation |
|---|---|---:|---:|---|
| **Sev-1** | Full outage, wallet API returning 5xx for >1 min, all players affected | 15 min | 2 h | Pager → on-call + eng lead |
| **Sev-2** | Partial outage, one game or one merchant affected, or wallet latency > 5s | 1 h | 8 h | On-call |
| **Sev-3** | Degradation without money impact (slow dashboards, stale stats, logged errors) | 4 h | 3 business days | Engineering queue |
| **Sev-4** | Cosmetic, non-blocking, one-customer edge case | Next business day | Next release | Engineering queue |

**First response** = acknowledgement + incident ID + ETA. Does not
mean resolution.

**Status page.** Every incident is logged at
`https://status.apogeetech.net` within the first-response window. A
`status.apogeetech.net` RSS feed and a `#apogee-incidents` Slack
webhook is available on request.

## 4. Maintenance windows

**Scheduled maintenance** happens in the following windows and is
announced on the status page at least **72 hours** in advance:

- **Routine patches**: Tuesdays 03:00–05:00 UTC
- **Database migrations**: First Sunday of each month, 02:00–06:00 UTC

**Emergency patches** can ship any time. Apogee will post to the
status page within 10 minutes of deciding an emergency patch is
needed.

## 5. Performance targets

| Metric | Target (p95) | Measurement |
|---|---:|---|
| `POST /v1/wallet/debit` round-trip (excluding operator wallet) | < 200 ms | Apogee-internal, regional |
| `POST /v1/wallet/credit` round-trip (excluding operator wallet) | < 200 ms | same |
| `GET /v1/wallet/balance` SSE first event | < 500 ms | Apogee-internal |
| `POST /v1/sessions` | < 400 ms | Apogee-internal |
| Operator wallet forward (Apogee → your URL) timeout | 8 s hard | See docs/INTEGRATION.md §6 |

Operator-side latency counts against **your** performance budget, not
ours. If your `/wallet/debit` routinely exceeds 2 seconds, the player
experience suffers and we will flag it via email from
`ops@apogeetech.net`.

## 6. Security incident response

Security-classified incidents (data breach, credential compromise,
ongoing attack, regulatory notice) have their own track:

| Severity | Target first response | Target notification | Target remediation |
|---|---:|---:|---:|
| Critical (active exfiltration, production compromise) | **15 min** | 1 h to all affected operators | 4 h |
| High (credential leak, crypto weakness, RG bypass) | 1 h | 4 h | 24 h |
| Medium (logging gap, privilege escalation vector) | 1 business day | 3 business days | 7 days |
| Low (info disclosure, non-exploitable vuln) | 2 business days | Next release | Next release |

Reports: `security@apogeetech.net` · PGP key at
`https://apogeetech.net/.well-known/security.txt`.

Breach notification: within **72 hours** per GDPR. Sooner for MGA /
UKGC operators whose own regulators require faster.

## 7. Data retention and disaster recovery

- **Transaction audit log** (`transactions/{txId}`): 90 days minimum,
  on request extended to 7 years for regulatory-compliance operators.
- **Session records**: 30 days minimum.
- **Daily backups**: Firestore nightly snapshot, retained 30 days,
  geo-redundant across 3 continents.
- **RPO** (recovery point objective): ≤ 5 minutes (last Firestore
  transaction).
- **RTO** (recovery time objective): ≤ 4 hours for Sev-1, same region.
  Cross-region failover is automatic via Cloud Run global load
  balancing.
- **Cryptographic seeds**: pre-round commitment hashes are
  write-once-read-many and retained indefinitely for provably-fair
  audit.

## 8. Contact and escalation

| Tier | When | Contact |
|---|---|---|
| Standard support | Integration questions, sandbox issues, doc typos | `support@apogeetech.net` |
| Operator partner success | Commercial, RTP tuning, custom features | `partners@apogeetech.net` |
| Billing | Invoices, service credits, disputes | `billing@apogeetech.net` |
| Security | Vulnerability reports, breach disclosure | `security@apogeetech.net` (PGP) |
| Legal | Contracts, NDAs, jurisdiction questions | `legal@apogeetech.net` |
| On-call | Production incidents (Sev-1 / Sev-2) | `oncall@apogeetech.net` + pager |

After 15 minutes with no response on a Sev-1, escalate to
`eng-lead@apogeetech.net`. After 30 minutes with no response, escalate
to `founders@apogeetech.net`.

## 9. Amendments

This SLA is versioned. When we tighten commitments (shorter response
times, higher uptime targets) we ship a new version and email every
merchant. Loosening commitments requires 90-day notice and is
negotiable per-merchant.

**Version history**:
- **v1.0** (2026-04-12) — initial public SLA.

---

*This SLA is a legal document. If you have questions, email
`legal@apogeetech.net`.*