Support Policy

Definitions

Defined terms used in this Support Services Policy shall have the same meaning as in Content Catalyst Limited’s (“Content Catalyst”) Services Order Form Terms and Conditions.

Standard Support

1. Helpdesk

We provide a Helpdesk support service that may be contacted by your nominated personnel to provide assistance in connection with issues encountered in the operation of the Services.
We endeavour to respond to all Helpdesk enquiries same or next UK business day.
The Helpdesk may be contacted via a ticketing system or by email. We will agree a list of your nominated personnel who may use the Helpdesk upon commencement of the support service.

2. Training

Basic training on all standard features of the Services is provided via web conference as part of the site launch process for a new Customer. Typically, training lasts 2 hours and covers the administrative, Content User, content conversion and upload aspects of the Services.

3. Account reviews

Our account management team will be available to both provide and receive general feedback during quarterly review sessions.

4. Hosting

Content Catalyst’s services are hosted in the US with AWS, Microsoft Azure and Rackspace and leverage global Content Delivery Networks.

A full, up-to-date list of our hosting providers including the data we process and how we and our suppliers process it, can be found here.

4.1. Location

Our systems are located in the US, primarily in Amazon’s AWS North Virgina datacentres.

4.2. Data Protection

Each of our core hosting providers is certified under the Privacy Shield Framework. More detail on how we process data can be found here.

4.3. Security

Information on our hosting providers’ security policies can be found here.

4.4. Availability

We use multi-node, load-balanced, high availability solutions to maximise site uptime.

4.5. Performance

We leverage cloud infrastructure to provide optimum performance. Server-side page requests are typically served at <1s although client-side page loads may vary based on network speeds, distance to datacentre and other factors.

5. Backups

Backups are taken at multiple levels and stored in multiple formats and at multiple locations. Full backups are taken each week.

6. Security

6.1. Security statement

We recommend that Customers access our Services through industry standard Transport Layer Security (TLS) technology (commonly referred to still as SSL). When you access our site using TLS, your information is protected using both server authentication and data encryption, ensuring that your data is safe, secure and available only to your Authorised Users.
The platform provides each of your Authorised Users with a unique username and password that must be entered each time an Authorised User logs on. The platform issues a session “cookie” only to record encrypted authentication information for the duration of a specific session. The session “cookie” does not include either the username or password of the Authorised User. The software does not use “cookies” to store other confidential user and session information, but instead implements more advanced security methods based on dynamic data and encoded session IDs.
In addition to the security in place through our hosting provider, we have many additional systems in place including but not limited to:

6.2. Firewalls

Our production systems are protected by industry-standard access control policies and network design.

6.3. Hardened Operating Systems

We monitor the security industry’s news channels and practice hardened Operating System patching.

6.4. Antivirus

We use a combination of industry standard antivirus tools to maximise the security of our systems.

6.5. Encryption

Sensitive information such as user passwords are stored encrypted, using a one-way hashing algorithm.