Service Level
Last updated: May 5, 2026This page describes what we commit to — and just as importantly, what we don’t — for paid Zafronix API products (currently the World Cup API, “wc-api”). It applies in addition to the API Terms of Service.
Short version: best effort, no SLA
We don’t commit to a contractual uptime number. We aim for high availability and we’ll always tell you when something’s wrong, but we won’t issue service credits or refunds for downtime as a routine matter. If you need a contractual SLA — specific uptime numbers tied to specific remedies — talk to us about an Enterprise agreement.
This is the honest position for a small team running a paid API. The alternative — promising a 99.99% uptime on a service we don’t have the headcount to defend at that level — would be worse than saying nothing. So we’d rather be upfront.
Internal target
Internally, we target 99.5% monthly availability for the API, measured externally from at least one independent monitoring service. That works out to roughly 3.6 hours of downtime per month at the worst end of acceptable. We publish this number so you know what we’re trying for; we don’t commit to it as a contractual obligation.
We track availability publicly at status.zafronix.com (when available; the public status page is being set up). Until that’s live, you can email us for the most recent month’s availability data.
What we do commit to
We make a small set of specific commitments where the cost is low and the value to customers is high:
- Security patches within 7 days of a vulnerability being responsibly disclosed to us at security@zafronix.com — or sooner for active exploitation. Customer impact is communicated by email and on the status page.
- 30 days’ notice for breaking API changes. We don’t silently break clients. Endpoint deprecation, response-shape changes, and authentication changes all carry a minimum 30-day deprecation window with email notice to active customers and a banner on the status page. Bug fixes that bring behavior in line with documentation are not breaking changes.
- Support response within 2 business days for tickets emailed to support@zafronix.com. Response means a human reply, not necessarily a resolution. Operational support is in English; business hours are US Central Time.
- Incident communication. When we’re aware of a material outage or degradation, we post on the status page within 30 minutes of detection and email active customers if downtime exceeds an hour.
- No silent data changes. If we discover that a meaningful portion of historical data was wrong, we’ll fix it AND tell you what was wrong, when it was wrong, and what we changed. We don’t backfill silently.
What we don't commit to
For clarity, here’s what we don’t promise on this page or any other:
- No uptime SLA. No contractual percentage. No automatic service credits for downtime. The Refund Policy carves out pro-rata credits for unavailability exceeding 24 consecutive hours due to issues on our side — that’s the only financial remedy for downtime, and it has to be requested.
- No 24/7 support. Operational support is business hours, weekdays. Security incidents are an exception — we’ll respond off-hours when we can.
- No commitment to specific endpoints existing forever. We retain the right to deprecate endpoints with 30 days’ notice. We’ll do this only when there’s a good reason and we’ll generally provide a successor endpoint.
- No commitment to specific data points being available. Data sources we depend on can withdraw, change format, or impose new licensing terms; when that happens we may have to drop fields. We’ll communicate when it does.
Enterprise agreements
If your application requires a contractual SLA — specific uptime numbers tied to service credits, named technical contacts, off-hours coverage, faster security disclosure, audit cooperation — we offer an Enterprise tier that’s configured per-customer. Email enterprise@zafronix.com with your use case and we’ll see whether it’s a fit.
Default terms on the published Plans (Free, Starter, Pro) are governed by this page; no individual SLA is offered or implied unless we’ve signed a separate written agreement.
Maintenance windows
We don’t schedule recurring maintenance windows. Most deployments are zero-downtime; the few that aren’t are announced on the status page in advance. There is no “we’re down every Sunday at 3am” window to plan around.
Incident severity
For internal triage and communication consistency, we classify incidents by severity:
- Sev-1 (outage): the API is materially unavailable for all customers, or returns incorrect data at scale. Status page updated within 15 minutes; email to active customers within 1 hour.
- Sev-2 (degradation): a subset of endpoints, regions, or customers is affected, or response times are materially elevated. Status page updated within 30 minutes; email if duration exceeds 1 hour.
- Sev-3 (minor): non-critical issues, isolated customer impact, cosmetic data issues. Tracked privately; no status page entry unless duration exceeds 24 hours.
Severity is set when the incident is opened and may be revised as understanding improves. Final severity is published in the post-incident review.
Post-incident reviews
For every Sev-1 and selected Sev-2 incidents, we publish a post-incident review on the Zafronix blog within 14 days. The review covers what happened, why, what we did to resolve it, and what we’re changing to prevent recurrence. We don’t blame individuals; we describe systems.
Changes
This page may be updated as the service matures. Material changes — especially anything that reduces the commitments above — are announced 30 days in advance to active customers by email. Improvements (faster response, broader coverage) take effect when published.
Contact
Operational support: support@zafronix.com · Security: security@zafronix.com · Enterprise: enterprise@zafronix.com · Contact form