All systems operational
Live uptime monitor coming soon (Better Stack). Current status maintained manually; for outages we notify via email + the Trust Center at trust/raize.
Service Commitments
The SLAs Raize commits to publicly. These are the same numbers reproduced in our DPA + internal policy library; they apply to every customer regardless of plan. Last reviewed 2026-05-19.
Availability
Uptime target Measured over rolling 30 days. | 99.5% |
RTO (Recovery Time Objective) For full-service restoration after a P1 incident. | 4 hours |
RPO (Recovery Point Objective) Maximum tolerated data loss in worst-case recovery. | 1 hour |
Status page acknowledgement From P1 detection. | ≤ 1 hour |
Customer notification of >4h outage From the start of the outage. | ≤ 4 hours |
Security incidents
P1 incident acknowledgement Internal triage start. | 30 minutes |
Customer notification (confirmed breach) In line with UK GDPR Article 33. | ≤ 72 hours |
ICO notification (where required) For personal-data breaches likely to result in a risk to data subjects. | ≤ 72 hours |
Post-incident review (P1 / P2) Blameless post-mortem published or shared on request. | 5 business days |
Data & audit
Application audit log retention Per-row INSERT/UPDATE/DELETE with old + new payloads. | Lifetime of contract + 30 days |
Customer self-service audit log export CSV export via Dashboard → Admin → Audit Log. 100k rows per export cap. | Available at any time |
Long-term audit archive Quarterly off-site snapshot for regulatory floor. | 7 years off-site (encrypted) |
Customer data deletion on request Deletion certificate available on request. | ≤ 30 days |
Customer data deletion on termination Backups age out via 7-day PITR thereafter. | ≤ 90 days |
Data residency Primary region for all customer data + processing. | EU-West-1 |
Support
P1 (service down) Founder direct-line during launch period. | Acknowledged in 4 business hours |
P2 (major degradation) | Acknowledged in 1 business day |
P3 (minor / question) | Acknowledged in 5 business days |
Security disclosures Email security@raizehq.dev or use the platform vulnerability disclosure form. | Triaged within 24 hours |
Where these commitments live
- Customer-facing: Data Processing Agreement + Privacy Policy
- Trust evidence: Raize Trust Center
- Internal policies (auditor-accessible): Information Security, Access Control, Change Management, Incident Response, Business Continuity, Vendor Risk, Data Classification, Acceptable Use, Cryptographic Controls, Logging & Monitoring, Backup & Recovery, Risk Management — all version-controlled in the repo
- Operational SOPs (per-policy procedures): Org Chart + Succession, Code Review Checklist, Quarterly Access Review, Quarterly DR Test, Key Rotation, JML, Incident Post-Mortem Template
Procurement-ready evidence pack
Need a vendor security assessment? Email sales@raizehq.dev or request via the Trust Center. We respond to standard frameworks (CAIQ v4, SIG Lite 2024, HIPAA BAA) in under 5 business days.