Odoo Online - Service Level Agreement
- Customer databases are hosted in the closest Odoo data center (EMEA: France, Americas: Canada, APAC: Hong Kong or Taiwan)
- Each customer instance is replicated in real-time on a hot-standby system located in the same data center
- We work with different hosting providers worldwide (and we can switch at anytime), but they always deliver at least 99.9% uptime guarantee.
- So we can guarantee a minimum of 99.9% uptime (3 nines, excluding planned maintenance)*
- This corresponds to a maximum unplanned downtime of 1.44min/24h or 8h/year.
- We usually deliver much better uptime than this (100% most months), as our providers always deliver a much better uptime than their SLA too.
* these metrics refer to the availability of the platform itself for all customers. Individual databases may be temporarily unavailable for specific reasons, typically related to the customer's actions or customizations.
- Our data centers are Tier-III certified or equivalent, with N+1 redundancy for power, network and cooling
- Each customer database is replicated in real-time on a hot-standby server located in the same data center
- 14 full backups up to 3 months: 1/day for 7 days, 1/week for 4 weeks, 1/month for 3 months
- Backups replicated on at least 3 different machines in different data centers
- Users can download manual backups of their live data at any time
- For a permanent disaster impacting one server only, our Disaster Recovery Plan has the following metrics:
- RPO (Recovery Point Objective) = 5 minutes, i.e. can lose maximum 5 minutes of work
- RTO (Recovery Time Objective) = 30 minutes, i.e the service will be back online after maximum 30 minutes (Standby promotion time + DNS propagation time included)
For data center disasters (one entire data center is completely and permanently down), Disaster Recovery Plan has these metrics:
- RPO (Recovery Point Objective) = 24h, i.e. you can lose maximum 24h of work if the data cannot be recovered and we need to restore the last daily backup
- RTO (Recovery Time Objective) = 24h, i.e. the service will be restored from the backup within 24 hours in a different data center
- SSL - All web connections to client instances are protected with 256-bit SSL encryption (HTTPS with a 2048-bit modulus SSL certificate), and running behind Grade A SSL stacks. All our certificates chains are using SHA-2 already.
- Reliable Platform - Servers with full hardware guarantee, redundant data storage, network and electrical supplies
- Passwords - Customer passwords are protected with industry-standard PBKDF2+SHA512 encryption (salted + stretched for thousands of rounds)
- Safe System - Our servers are running recent Linux distribution with up-to-date security patches, with firewall and intrusion counter-measures (not disclosed for obvious reasons)
- Isolation - Client data stored in dedicated databases - no sharing of data between clients, no access possible from one database to another