Support Policy (Enterprise SaaS) — Arizona

ENTERPRISE SAAS SUPPORT POLICY

ARIZONA-SPECIFIC EDITION

Support Policy Reference Number: [________________________________]

Effective Date: [__/__/____]

Last Revised: [__/__/____]

This Enterprise SaaS Support Policy ("Support Policy" or "Policy") is incorporated into and forms part of the Master SaaS Agreement or equivalent subscription agreement ("Master Agreement") between the parties identified below. Capitalized terms not defined herein shall have the meanings set forth in the Master Agreement.

Provider: [________________________________] ("Provider")

• Address: [________________________________]
• State of Organization: [________________________________]

Customer: [________________________________] ("Customer")

• Address: [________________________________]
• State of Organization: [________________________________]

Master Agreement Date: [__/__/____]

Master Agreement Reference: [________________________________]

TABLE OF CONTENTS

1. Definitions
2. Scope of Support
3. Support Tiers and Pricing
4. Support Hours and Channels
5. Named Support Contacts
6. Severity Definitions
7. Response and Resolution Targets
8. Escalation Matrix
9. Customer Obligations
10. Exclusions
11. Status Updates and Communication
12. Maintenance Windows
13. Version Support and End-of-Life
14. Service Credits
15. Support Performance Reporting
16. Security Incident Support
17. Changes to Support Policy
18. Order of Precedence
19. Arizona-Specific Legal Provisions
20. Electronic Signatures
21. Signature Blocks
22. Exhibit A: Support Contact Information
23. Exhibit B: Supported Configurations

1. DEFINITIONS

For the purposes of this Support Policy, the following terms shall have the meanings ascribed below:

1.1 "Authorized Contact" means an individual designated by Customer who is authorized to submit support requests, access the Support Portal, and communicate with Provider's support personnel on Customer's behalf.

1.2 "Business Day" means Monday through Friday, excluding federal holidays observed in the United States and state holidays observed in the State of Arizona. Arizona does not observe Daylight Saving Time; all Arizona time references are Mountain Standard Time (MST) year-round.

1.3 "Business Hours" means 7:00 AM to 5:00 PM Mountain Standard Time (MST) on Business Days, unless otherwise specified in the applicable Support Tier.

1.4 "Customer Environment" means the totality of Customer's hardware, software, network infrastructure, configurations, third-party integrations, and operating conditions in which the SaaS Service operates or with which it interacts.

1.5 "Defect" means a reproducible failure of the SaaS Service to perform materially in accordance with the applicable Documentation.

1.6 "Enhancement" means a request for new functionality, features, or capabilities not described in the current Documentation, which shall be addressed through Provider's product roadmap process rather than through this Support Policy.

1.7 "Error" means any verifiable and reproducible failure of the SaaS Service to conform to the specifications set forth in the Documentation.

1.8 "Fix" means a permanent code change or configuration modification that resolves a Defect or Error and is incorporated into a generally available release of the SaaS Service.

1.9 "Hot Fix" means an emergency code change deployed outside of the standard release cycle to address a Severity 1 or Severity 2 Incident in the Production Environment.

1.10 "Incident" means any event that is not part of the standard operation of the SaaS Service and that causes, or may cause, an interruption to or a reduction in the quality of the SaaS Service.

1.11 "Maintenance Window" means a pre-designated period during which Provider may perform scheduled maintenance, updates, patches, or upgrades to the SaaS Service infrastructure.

1.12 "Named Support Contact" means a specific individual designated by Customer in Exhibit A who is trained and authorized to serve as the primary liaison between Customer and Provider's support organization.

1.13 "Production Environment" means the live, operational instance of the SaaS Service used by Customer's end users for actual business operations, as distinguished from staging, testing, or development environments.

1.14 "Resolution" means the point at which an Incident has been resolved through a Fix, Hot Fix, Workaround, or other corrective action such that the SaaS Service operates materially in accordance with the Documentation.

1.15 "Root Cause Analysis" ("RCA") means a structured investigation to identify the underlying cause of a Severity 1 or Severity 2 Incident, resulting in a written report that includes the timeline of events, contributing factors, corrective actions taken, and preventive measures implemented.

1.16 "Service Credit" means a credit against future fees owed by Customer to Provider, calculated in accordance with Section 14 of this Policy, issued when Provider fails to meet specified Service Levels.

1.17 "Service Level" means a measurable standard of performance that Provider commits to meeting, as specified in Section 7 and the Master Agreement.

1.18 "Severity Level" means the classification assigned to an Incident based on its impact and urgency, as defined in Section 6 of this Policy.

1.19 "Support Portal" means Provider's web-based ticketing and knowledge base system accessible at [________________________________] through which Authorized Contacts submit and track support requests.

1.20 "Ticket" means a uniquely numbered record created in the Support Portal to track a support request from initial submission through Resolution.

1.21 "Uptime" means the percentage of time during a given calendar month that the Production Environment is available and operational, calculated as set forth in the Master Agreement.

1.22 "Workaround" means a temporary method of achieving a result equivalent or comparable to the intended function of the SaaS Service, which circumvents a known Defect or Error without constituting a permanent Fix.

2. SCOPE OF SUPPORT

2.1 Included Support Services

Provider shall furnish the following support services under this Policy:

(a) Break/Fix Support — Diagnosis and resolution of Errors, Defects, and Incidents that cause the SaaS Service to fail to perform materially in accordance with the Documentation.

(b) Configuration Assistance — Guidance on configuring the SaaS Service within the parameters described in the Documentation, including standard settings, user management, and role-based access controls.

(c) Standard Integration Support — Assistance with integrations documented and supported by Provider, including API usage guidance for published and supported endpoints.

(d) Software Updates — Delivery and deployment of patches, minor releases, and major releases included in the subscription, along with release notes and migration guidance where applicable.

(e) Knowledge Base Access — Self-service access to Provider's searchable library of articles, how-to guides, FAQs, and troubleshooting documentation.

(f) Health Checks — For Premium and Enterprise tier customers, periodic reviews of Customer's usage patterns, configuration, and performance metrics with recommendations for optimization.

2.2 Excluded Services

The following services are not included within the scope of this Support Policy and, if available, shall be provided under a separate statement of work or professional services agreement:

(a) Custom software development, bespoke integrations, or modifications to the SaaS Service source code;

(b) On-site support, including travel to Customer's physical locations in Arizona or elsewhere;

(c) Training services beyond standard onboarding documentation and knowledge base materials;

(d) Data migration, extraction, or conversion services;

(e) Support for third-party software, hardware, or services not listed in Exhibit B;

(f) Performance tuning or optimization of Customer's network, hardware, or third-party infrastructure; and

(g) Support for deprecated or end-of-life versions as described in Section 13.

3. SUPPORT TIERS AND PRICING

Provider offers three (3) support tiers. Customer's selected tier is identified in the Master Agreement or applicable Order Form.

Customer's Selected Tier: ☐ Standard | ☐ Premium | ☐ Enterprise

4. SUPPORT HOURS AND CHANNELS

4.1 Support Hours by Tier

Arizona Time Zone Note: Arizona does not observe Daylight Saving Time. All time references in this Policy are Mountain Standard Time (MST), which is UTC-7 year-round. During months when other states observe Daylight Saving Time, Arizona's MST is equivalent to Pacific Daylight Time (PDT).

4.2 Support Channels

4.3 After-Hours Support

For Severity 1 and Severity 2 Incidents occurring outside of standard Support Hours, Premium and Enterprise tier customers may contact the on-call support team via the emergency support line at [________________________________]. Standard tier customers may submit a Portal ticket; the SLA clock begins at the start of the next Business Day.

4.4 SLA Clock Commencement

The SLA clock for Response Time begins when a Ticket is created in the Support Portal with sufficient information for Provider to begin diagnosis. The SLA clock pauses when Provider is awaiting information or action from Customer and resumes when Customer responds.

5. NAMED SUPPORT CONTACTS

5.1 Number of Named Support Contacts

• Standard Tier: Up to two (2) Named Support Contacts
• Premium Tier: Up to five (5) Named Support Contacts
• Enterprise Tier: Up to ten (10) Named Support Contacts

5.2 Role Requirements

Each Named Support Contact shall:

(a) Have completed Provider's standard support training or onboarding process;

(b) Possess sufficient technical knowledge of the SaaS Service and Customer's environment to provide first-level triage;

(c) Have authority to approve Workarounds, schedule maintenance, and authorize access to Customer's environment for diagnostic purposes; and

(d) Be available during Business Hours to respond to Provider inquiries related to open Tickets.

5.3 Contact Change Process

Customer may change Named Support Contacts by submitting a written request through the Support Portal or by email to [________________________________]. Changes become effective within two (2) Business Days. New contacts must complete onboarding within fifteen (15) calendar days.

5.4 Contact Information

Named Support Contacts and their details are listed in Exhibit A.

6. SEVERITY DEFINITIONS

All Incidents shall be classified according to the following Severity Levels. Provider reserves the right to reclassify Severity Levels in good faith based on investigation findings, with written justification to Customer.

6.1 Severity Classification Disputes

If Customer disputes a classification, Customer may escalate to Provider's Support Manager for review within two (2) hours during Business Hours. Unresolved disputes follow the Escalation Matrix in Section 8.

7. RESPONSE AND RESOLUTION TARGETS

7.1 Response and Resolution Times by Severity and Tier

7.2 Measurement and Assumptions

(a) Response Time is measured from Ticket receipt in the Support Portal to Provider's acknowledgment and active diagnosis.

(b) Resolution Targets are goals, not guarantees, except to the extent failure triggers Service Credits per Section 14.

(c) The SLA clock pauses when: (i) Provider awaits information from Customer; (ii) the Incident requires a third-party vendor fix; or (iii) a force majeure event occurs.

(d) Resolution Targets assume Customer provides timely access as described in Section 9.

8. ESCALATION MATRIX

8.1 Internal Escalation Path

8.2 Customer-Initiated Escalation

Customer may initiate escalation at any time through the Support Portal, by emailing [________________________________], or for Enterprise tier customers, by contacting the Dedicated Account Engineer.

8.3 Escalation Documentation

All escalations shall be documented in the Ticket with reason, level, personnel, and next steps.

9. CUSTOMER OBLIGATIONS

9.1 Supported Configurations

Customer shall maintain its environment within the supported configurations listed in Exhibit B.

9.2 Log and Diagnostic Access

Customer shall provide Provider with reasonable access to relevant system logs, error messages, screenshots, and diagnostic data. For Severity 1 and Severity 2 Incidents, Customer shall use commercially reasonable efforts to provide such access within one (1) hour.

9.3 Patch and Update Application

Customer shall apply critical security patches within fourteen (14) calendar days and non-critical updates within thirty (30) calendar days of Provider's release notification.

9.4 Contact Availability

Customer shall ensure at least one Named Support Contact is available during Business Hours and, for Severity 1 Incidents, within thirty (30) minutes outside Business Hours.

9.5 Incident Reporting Quality

Customer shall submit Tickets including: (a) description of the Incident; (b) expected versus actual behavior; (c) reproduction steps; (d) business impact; (e) Customer Environment details; and (f) relevant screenshots, logs, or error messages.

9.6 Environment Change Notification

Customer shall notify Provider at least five (5) Business Days in advance of material changes to the Customer Environment that may affect the SaaS Service.

10. EXCLUSIONS

Provider shall have no obligation under this Support Policy to provide support for Incidents arising from:

(a) Customer's network, hardware, or telecommunications infrastructure;

(b) Third-party software, services, or integrations not listed in Exhibit B;

(c) Use of the SaaS Service in a manner not authorized by the Documentation;

(d) Modifications by anyone other than Provider or its authorized agents;

(e) Customer's failure to apply required patches within the timeframes in Section 9.3;

(f) Failure to maintain supported configurations per Exhibit B;

(g) Unsupported browsers, operating systems, or devices;

(h) Force majeure events as defined in the Master Agreement;

(i) Issues arising from Customer's data or content, including corrupt data inputs; and

(j) End-of-life versions as described in Section 13.

11. STATUS UPDATES AND COMMUNICATION

11.1 Update Cadence by Severity

11.2 Communication Content

Each update shall include: (a) investigation status; (b) actions taken; (c) planned next steps; (d) estimated time to milestone; and (e) any Customer action required.

11.3 Incident Resolution Notification

Upon Resolution, Provider shall deliver a closing notification with: (a) Incident summary; (b) root cause (Sev 1/2); (c) Resolution or Workaround applied; (d) Customer actions required; and (e) preventive recommendations.

12. MAINTENANCE WINDOWS

12.1 Scheduled Maintenance

Provider shall perform routine maintenance during the standard Maintenance Window of [________________________________] (e.g., Sundays 1:00 AM – 5:00 AM MST). Provider shall provide at least seventy-two (72) hours' advance written notice to Named Support Contacts.

12.2 Emergency Maintenance

Provider may perform emergency maintenance when necessary to address critical security vulnerabilities, data integrity risks, or Severity 1 issues. Provider shall use commercially reasonable efforts to provide at least four (4) hours' advance notice.

12.3 Planned Downtime

Properly noticed scheduled maintenance shall not count against the Uptime SLA. Emergency maintenance shall count against the Uptime SLA unless caused by force majeure or Customer action.

12.4 Maintenance Communication

Provider shall maintain a status page at [________________________________] displaying real-time system status, upcoming maintenance, and historical uptime.

13. VERSION SUPPORT AND END-OF-LIFE

13.1 Supported Versions

Provider shall support the current generally available version and the two (2) most recent prior major versions ("Supported Versions").

13.2 End-of-Life Notice

Provider shall provide at least one hundred eighty (180) calendar days' written notice before designating a major version as end-of-life ("EOL"), including the EOL date, migration guidance, available migration tools, and the last date of support.

13.3 Security Patches Post-EOL

Provider shall provide critical security patches for ninety (90) calendar days following the EOL date ("Extended Security Support Period"). After this period, no support or patches will be provided for EOL versions.

13.4 Migration Assistance

For Premium and Enterprise tier customers, Provider shall provide reasonable migration assistance at no additional charge, provided migration is initiated within the notice period.

14. SERVICE CREDITS

14.1 Eligibility

Service Credits are available when Provider fails to meet Response Time targets or the Uptime SLA, subject to the exclusions in Section 10.

14.2 Service Credit Calculation — Response Time Failures

14.3 Service Credit Calculation — Uptime Failures

14.4 Credit Cap

Total Service Credits in any calendar month shall not exceed one hundred percent (100%) of the monthly fees for the affected month. Credits are not redeemable for cash and shall be applied to the next invoice.

14.5 Claim Process

Customer must submit a written claim within thirty (30) calendar days following the month in which the failure occurred, identifying the Service Level failure, Ticket number(s), and dates/times. Provider shall respond within fifteen (15) Business Days.

14.6 Sole Remedy

Service Credits constitute Customer's sole and exclusive remedy for Provider's failure to meet Service Levels, except for claims arising from Provider's willful misconduct, gross negligence, or breach of confidentiality. This limitation shall not restrict remedies available under the Arizona Consumer Fraud Act (A.R.S. § 44-1521 et seq.) to the extent applicable.

15. SUPPORT PERFORMANCE REPORTING

15.1 Monthly Reports

Provider shall deliver monthly support performance reports within ten (10) Business Days of month-end, including:

(a) Tickets opened and closed by Severity Level;
(b) Response Time performance versus targets;
(c) Resolution Time performance versus targets;
(d) Escalations beyond Level 2;
(e) Monthly Uptime percentage;
(f) Severity 1/2 Incident summaries and RCA status; and
(g) Service Credit calculations.

15.2 Quarterly Business Reviews

Premium and Enterprise customers shall receive quarterly reviews. Enterprise customers shall receive monthly reviews.

15.3 Key Performance Indicators

KPIs tracked and reported include: First Response Time (average/percentile), Mean Time to Resolution, Customer Satisfaction Score, Ticket Reopen Rate, Escalation Rate, and Uptime percentage.

16. SECURITY INCIDENT SUPPORT

16.1 Security Incident Classification

Security-related Incidents shall be classified as Severity 1 by default and shall receive immediate priority treatment regardless of Support Tier.

16.2 Elevated Support During Security Incidents

During a confirmed or suspected security incident affecting Customer data, Provider shall:

(a) Assign a dedicated incident coordinator within fifteen (15) minutes;
(b) Provide status updates every thirty (30) minutes until containment;
(c) Coordinate with Customer's security team and provide forensic data as available;
(d) Deliver an interim report within twenty-four (24) hours of containment; and
(e) Deliver a full RCA within five (5) Business Days.

16.3 Arizona Data Breach Notification Compliance

In accordance with Arizona's data breach notification law (A.R.S. § 18-552), Provider acknowledges:

(a) Notification Timeline. Notification to affected individuals must be made within forty-five (45) calendar days of determination that a breach has occurred, unless an investigation or law enforcement determines notification is not required.

(b) Attorney General Notification. If a breach affects more than one thousand (1,000) Arizona residents, Provider shall cooperate with Customer to notify the Arizona Attorney General and the three largest nationwide consumer reporting agencies.

(c) Penalties. A knowing and willful violation of A.R.S. § 18-552 constitutes an unlawful practice. Civil penalties may be imposed up to $10,000 per affected individual, with a maximum of $500,000 per breach or series of related breaches.

(d) Investigation. Provider shall conduct a prompt investigation following discovery of a potential breach, in coordination with Customer and, as applicable, law enforcement.

16.4 Coordination with Customer's Incident Response

Provider's security incident support shall integrate with Customer's incident response plan. Customer shall provide Provider with a copy of its plan and designate a security incident contact in Exhibit A.

17. CHANGES TO SUPPORT POLICY

17.1 Notice of Changes

Provider may update this Policy with at least sixty (60) calendar days' prior written notice for material changes and thirty (30) calendar days' notice for non-material changes.

17.2 Material Reduction Protections

If a change constitutes a material reduction in Service Levels, support coverage, or features, Customer may within thirty (30) calendar days of notice either:

(a) Accept the revised Policy; or

(b) Require Provider to continue the prior version through the current subscription term at no additional charge.

17.3 Non-Diminishment

Provider shall not reduce Response Time or Uptime commitments below the Effective Date levels during the current term without Customer's written consent.

18. ORDER OF PRECEDENCE

18.1 Relationship to Master Agreement

This Policy is incorporated into and subject to the Master Agreement. In the event of conflict:

(a) For support-specific metrics and procedures, this Policy controls;

(b) For all other matters, the Master Agreement controls.

18.2 Relationship to Order Forms

Order Forms with differing support terms control if they expressly reference this Policy and identify the modified provisions.

19. ARIZONA-SPECIFIC LEGAL PROVISIONS

19.1 Governing Law

This Support Policy shall be governed by and construed in accordance with the laws of the State of Arizona, without regard to its conflict of laws principles.

19.2 Venue and Jurisdiction

The parties irrevocably submit to the exclusive jurisdiction and venue of the state and federal courts located in [________________________________] County, Arizona (e.g., Maricopa County — Phoenix, Pima County — Tucson) for any disputes arising from this Policy.

19.3 Consumer Fraud Act

Provider acknowledges that the Arizona Consumer Fraud Act (A.R.S. § 44-1521 et seq.) prohibits the use of deception, deceptive or unfair acts or practices, fraud, false pretenses, false promises, misrepresentation, or concealment of a material fact in connection with the sale or advertisement of merchandise, including intangible services. Provider represents that the Service Levels, support descriptions, and commitments in this Policy are truthful and not misleading. The Arizona Consumer Fraud Act defines "merchandise" broadly to include services, and SaaS services fall within this definition. To the extent applicable, the protections of the Act shall not be waived by this Policy.

19.4 Implied Warranty

Arizona follows the Uniform Commercial Code regarding implied warranties. Under A.R.S. Title 47, Chapter 2, the implied warranty of merchantability applies to goods sold by merchants. To the extent the SaaS Service is treated as a good or mixed transaction involving goods under Arizona law, implied warranties apply unless properly disclaimed in a conspicuous writing. Any disclaimer of implied warranties in the Master Agreement must comply with A.R.S. § 47-2316. This Policy does not disclaim implied warranties; any such disclaimer is solely in the Master Agreement.

19.5 Jury Waiver

TO THE FULLEST EXTENT PERMITTED BY ARIZONA LAW, EACH PARTY HEREBY KNOWINGLY, VOLUNTARILY, AND INTENTIONALLY WAIVES ANY RIGHT IT MAY HAVE TO A TRIAL BY JURY IN RESPECT OF ANY LITIGATION ARISING OUT OF, UNDER, OR IN CONNECTION WITH THIS SUPPORT POLICY OR THE MASTER AGREEMENT.

19.6 Cure Period

Provider shall have a reasonable cure period of thirty (30) calendar days following written notice from Customer of a material breach of this Policy before Customer may pursue termination or other remedies, except for Severity 1 failures that remain unresolved beyond twice the applicable Resolution Target.

19.7 Statute of Limitations

Claims arising under or related to this Support Policy shall be subject to the applicable Arizona statute of limitations. Under Arizona law, breach of written contract claims must be brought within six (6) years (A.R.S. § 12-548).

20. ELECTRONIC SIGNATURES

This Support Policy and any amendments, exhibits, or addenda hereto may be executed by electronic signature in accordance with the Arizona Electronic Transactions Act (A.R.S. § 44-7001 et seq.) and the federal Electronic Signatures in Global and National Commerce Act (E-SIGN Act, 15 U.S.C. § 7001 et seq.). Electronic signatures shall have the same legal effect, validity, and enforceability as manually executed signatures. If a law requires a paper record or notice, the parties may agree to provide it in electronic format consistent with A.R.S. § 44-7051 governing consumer protections in electronic transactions.

21. SIGNATURE BLOCKS

IN WITNESS WHEREOF, the parties have executed this Enterprise SaaS Support Policy as of the Effective Date.

PROVIDER:

Signature: [________________________________]

Printed Name: [________________________________]

Title: [________________________________]

Date: [__/__/____]

CUSTOMER:

Signature: [________________________________]

Printed Name: [________________________________]

Title: [________________________________]

Date: [__/__/____]

EXHIBIT A: SUPPORT CONTACT INFORMATION

Provider Support Contacts

Customer Named Support Contacts

Customer Security Incident Contact

EXHIBIT B: SUPPORTED CONFIGURATIONS

Supported Browsers

Supported Operating Systems

Network Requirements

Supported Third-Party Integrations

SOURCES AND REFERENCES

1. Arizona Consumer Fraud Act — A.R.S. § 44-1521 et seq.
   https://www.azleg.gov/arsDetail/?title=44

2. Arizona Data Breach Notification Law — A.R.S. § 18-552
   https://www.azleg.gov/ars/18/00552.htm

3. Arizona Electronic Transactions Act — A.R.S. § 44-7001 et seq.
   https://law.justia.com/codes/arizona/title-44/section-44-7051/

4. Arizona Uniform Commercial Code (Sales) — A.R.S. Title 47, Chapter 2
   https://www.azleg.gov/arsDetail/?title=47

5. Arizona Attorney General — Consumer Protection
   https://www.azag.gov/consumer

6. Arizona Attorney General — Data Breach FAQ
   https://www.azag.gov/consumer/data-breach/faq

This template is provided for informational purposes only and does not constitute legal advice. It must be reviewed and customized by a qualified attorney licensed in Arizona before use. Laws and regulations change frequently; verify all citations before relying on this document. This template is designed for the ezel.ai platform.