This page summarises, in plain language, the core terms of ArvaSafe's Master Service Agreement (MSA) and its schedules (DPA, SLA, Acceptable Use Policy). It's for information before signing, it is not itself a binding contract. The actual engagement is governed exclusively by the signed contract bundle, which we send you before any commitment.
1. What the service includes
Automated daily backups of declared workstations (and servers, priced separately), storage exclusively within the EU/EEA with client-side encryption before upload, immutable storage (Object Lock, compliance mode) for ransomware protection, 500GB of storage per workstation (pooled), 10-year retention as a default safety margin, GDPR Article 32 documentation, backup-failure monitoring, and restore support on request.
2. What's excluded
Hardware or software support beyond the backup agent, cybersecurity incident response, any other IT services, and legal or compliance advisory services. The client remains solely responsible for assessing the service's suitability for their own legal compliance.
3. Pricing & payment
€49/workstation/month or €490/workstation/year (~17% discount), with 500GB/workstation included and additional storage at €5/100GB (billed in 50GB increments). The price agreed at signing stays fixed for the full contract period. Before any renewal price change you receive 60 days' written notice and the right to a free full data export. Invoices are issued at the start of each period, payable within 15 calendar days; on late payment, ArvaSafe may suspend new backups without affecting your access to existing data.
4. Term & termination
The contract renews automatically, with 60 days' written notice before each renewal. The client may terminate with 30 days' notice (monthly) or 60 days' (annual). In case of material breach by either party, a 15-day cure period applies before termination, except for a confirmed data breach or a serious GDPR violation by the client, where ArvaSafe may terminate immediately.
5. Data portability
Full export of your data in standard S3-compatible format, whenever requested and within 30 days of termination, with zero egress fees. ArvaSafe never withholds data under any circumstances, including during a payment dispute.
6. Encryption key management
Your data is encrypted client-side (AES-256) before it leaves your computer. Encryption keys are managed by ArvaSafe, so that restores are possible whenever needed, with secure key backup. No storage or platform sub-processor has access to your file content.
7. Limitation of liability
ArvaSafe's total liability is capped at the amount paid over the last 3 months, with no liability for lost profits or consequential damages. The cap doesn't apply to intent or gross negligence, and doesn't affect liability toward data subjects under GDPR Article 82.
8. Acceptable use
The service is intended exclusively for the client's lawful business data, not illegal content, third-party business data without a written agreement, or personal use unrelated to the business. The full Acceptable Use Policy is delivered with the contract bundle.
9. Service level
Target ≥99% monthly backup success rate, failure notification within 4 hours, restore requests started within 4 business hours (2 hours for critical restores after ransomware or total loss). Technical support Mon–Fri 09:00–18:00 (Greece time). Full SLA targets, exclusions, and credits are set out in the SLA schedule.
10. Governing law
The contract is governed by Greek law. The competent courts are those of the client's registered seat or Athens, at the client's choice.
For the complete, binding contract text (MSA, DPA, SLA, Acceptable Use Policy), contact us, we send it before any signature is required.