Terms of Service / Service Level Agreement
Service Level Agreement
Effective Date: May 31, 2026
Version 1.0
1. Availability Target
99.5%
Monthly uptime target (excludes planned maintenance)
Permitted downtime: 3 hours 39 minutes per month
Availability is measured from the health endpoint (/api/v1/health) response codes over rolling 30-day windows.
2. Covered Services
- Axiom Sovereign Engine dashboard (sovereign.tenova.io)
- Witness ingestion API (/api/v1/witness, /api/v1/witness/batch)
- Public verification endpoint (/verify)
- Anchor verification API (/api/v1/merkle)
3. Recovery Objectives
Recovery Time Objective (RTO)
4 hours
From incident detection to service restoration
Recovery Point Objective (RPO)
24 hours
Maximum acceptable data loss. Witness anchors in the ledger are not affected.
4. Incident Response Times
| Severity | Description | Response | Resolution |
|---|---|---|---|
| Critical | Complete service outage or data integrity breach | 30 minutes | 4 hours |
| High | Partial service degradation or API errors | 2 hours | 8 hours |
| Medium | Non-critical feature unavailable | 4 hours | 24 hours |
| Low | Cosmetic issues, documentation errors | Next business day | 5 business days |
5. Planned Maintenance
- Maintenance window: Tuesdays 02:00 - 04:00 UTC
- 24 hours advance notice for scheduled maintenance
- Frequency: As needed, typically bi-weekly for deployments
- Planned maintenance is excluded from availability calculations
6. Backup Schedule
- Daily encrypted backup at 02:00 UTC (AES-256, 7-day retention)
- Weekly encrypted backup on Sundays (AES-256, 4-week retention)
- Database: Supabase managed continuous backup with point-in-time recovery
- Witness anchors already transmitted to the ledger reside in Supabase managed infrastructure and are not affected by application-layer backup gaps
7. Exclusions
The following are excluded from availability calculations:
- Planned maintenance within the designated maintenance window
- Force majeure events (natural disasters, government actions)
- Supabase managed service outages (covered by Supabase SLA)
- Third-party dependency failures (PyPI, npm, GitHub)
- Client-side network or DNS issues
8. Contact
To report a service incident or inquire about SLA compliance, contact support@tenovaai.com.
This SLA is incorporated by reference into the Terms of Service. For security details, see our Security page.