DevOps On-Demand Subscription Agreement

Provider: Webera, Inc, a Delaware Company ("Provider")

Last Updated: January 1, 2026

By subscribing to the DevOps On-Demand service, Customer agrees to the terms and conditions set forth below.

1. Engagement and Services

1.1. Engagement. Provider agrees to provide, and Customer agrees to subscribe to, the DevOps On-Demand services as outlined in this Agreement and detailed in the Provider's service catalog.

1.2. Services. Provider shall:

  • Perform the DevOps On-Demand services as described in the service catalog.
  • Devote the necessary resources and time to deliver services within the agreed timeframes.
  • Provide services in a professional and timely manner, ensuring high-quality standards.
  • Ensure that all materials and equipment used are of good quality and suitable for the services provided.

1.3. Subscription Plans. Customer may select from different subscription plans as detailed on Provider's website, each tailored to meet diverse needs and including specific service entitlements.

2. Subscription Terms

2.1. Term. This Agreement begins on the date of subscription and continues until terminated by either party as per the termination clause below.

2.2. Termination.

  • By Customer: Customer may pause or cancel the subscription at any time via the online platform.
  • By Provider: Provider may terminate this Agreement with 30 days' written notice or immediately for cause, including non-payment of fees, violation of terms, or misuse of services by Customer.

3. Service Delivery and Scope

3.1. Kick-Off. Services commence with a kick-off call to understand Customer's requirements and set up a GitHub repository for collaboration.

3.2. Communication Channels.

  • For the Standard plan, collaboration and communication will primarily take place through the designated GitHub repository.
  • For the Pro plan and above, a shared Slack channel will be set up in addition to the GitHub repository to facilitate real-time communication and collaboration.

3.3. Request Handling.

  • Requests should align with the selected subscription plan.
  • Provider will acknowledge requests within 4 business hours and strive to deliver within an average of 48 hours, depending on the complexity of the request.
  • For complex requests, timelines may be adjusted in consultation with Customer.
  • Provider will communicate with Customer about the progress of the services and any issues that may arise.

4. Service Methodology

4.1. AI-Assisted Delivery. Provider utilizes artificial intelligence agents ("AI Agents") to perform infrastructure discovery, configuration, monitoring setup, and documentation tasks. AI Agents operate under the supervision of Provider's engineering team.

4.2. Human Oversight. All AI Agent outputs are reviewed by Provider's engineers before delivery. No changes are deployed to Customer's infrastructure without:

  • Pull request creation with documented changes
  • Engineering review and approval
  • Customer visibility into proposed changes (via GitHub or designated platform)

4.3. Quality Assurance. Provider maintains the following quality controls:

  • All infrastructure changes require pull request approval
  • Automated validation of configurations before deployment
  • Human engineer sign-off on all deliverables
  • Customer opportunity to review changes before merge (where applicable)

4.4. Transparency. Customer acknowledges that AI Agents may access Customer's infrastructure for discovery purposes, generate configurations, dashboards, alerts, and documentation, and that Provider continuously improves AI Agent capabilities.

5. Infrastructure Access

5.1. Access Requirements. Service delivery requires access to Customer's infrastructure. Provider may require access to cloud provider consoles, Kubernetes clusters, CI/CD systems, monitoring platforms, and source code repositories based on the agreed service scope.

5.2. Principle of Least Privilege. Provider requests only the minimum permissions necessary for the agreed service scope. Access levels are documented in the Customer's service configuration.

5.3. Credential Handling.

  • All credentials are encrypted at rest and transmitted only over encrypted channels
  • Credentials are never transmitted via email or unencrypted messaging
  • AI Agents access credentials programmatically for service delivery and do not persist credentials beyond session scope
  • All credential access is logged

5.4. Customer Responsibilities. Customer shall:

  • Provide credentials through secure, agreed-upon methods
  • Maintain access for Provider during the subscription term
  • Notify Provider of credential rotations that affect service delivery
  • Revoke access promptly upon service termination

5.5. Access Revocation. Customer may request immediate access revocation at any time. Provider will disable all access within 4 business hours of request. Upon service termination, Provider will delete all stored Customer credentials within 5 business days.

6. Service Level Agreement

6.1. Response Times.

Metric Standard Pro Enterprise
Request acknowledgment 4 business hours 2 business hours 1 business hour
Simple request delivery 48 business hours 24 business hours 12 business hours
Complex request estimate 8 business hours 4 business hours 2 business hours
Emergency response Best effort 4 hours (24/7) 1 hour (24/7)

6.2. Definitions.

  • Business hours: Monday-Friday, 9:00 AM - 6:00 PM Eastern Time, excluding US federal holidays.
  • Request acknowledgment: Provider confirms receipt and provides initial assessment or clarifying questions.
  • Simple request: Tasks completable within standard delivery timeframe (single-service scope, no architectural decisions required).
  • Complex request: Tasks requiring architectural decisions, multi-service scope, or dependency resolution. Provider will communicate estimated timeline within the "Complex request estimate" window.
  • Delivery: A pull request is created with the requested changes, ready for Customer review. Deployment timing depends on Customer's merge and release process.

6.3. SLA Exclusions. SLA commitments do not apply when delays result from:

  • Customer's failure to provide required access or information
  • Customer's delayed review or approval of pull requests
  • Third-party service outages affecting Customer infrastructure
  • Requests outside the agreed service scope
  • Force majeure events

6.4. SLA Credits (Pro and Enterprise Plans). If Provider fails to meet SLA commitments due to Provider's fault:

  • Response time missed by 1-4 hours: 5% of monthly fee credit
  • Response time missed by 4-8 hours: 10% of monthly fee credit
  • Response time missed by 8+ hours: 20% of monthly fee credit
  • Monthly SLA attainment below 95%: 25% of monthly fee credit
  • Maximum monthly credit: 50% of monthly subscription fee
  • Credits must be requested within 30 days of the incident

7. Payment and Billing

7.1. Fees. Subscription fees are payable monthly in advance as per the rates listed on Provider's website. Fees are non-refundable, and no additional compensation will be payable after termination.

7.2. Billing. Payments must be made using the provided payment methods. Failure to make timely payments may result in service suspension or termination.

8. Support and Communication

8.1. Support Levels. Support is provided according to the terms of the selected subscription plan, which may include different levels of email, Slack, and direct support.

8.2. Escalation Process. If a request exceeds standard service scope, Provider will inform Customer within 8 business hours and initiate an escalation process to find a suitable solution.

9. Confidentiality and Security

9.1. Confidentiality. Provider will treat all Customer information as confidential, use it solely for the purpose of delivering services under this Agreement, and not disclose it to third parties without Customer's prior written consent, except as required by law.

9.2. Security. Provider commits to handling Customer's data according to its Privacy Policy and implementing industry-standard security measures including encryption at rest and in transit, access controls and authentication, regular security assessments, and incident response procedures.

9.3. Public Disclosure. All Customer infrastructure, configurations, and deliverables are confidential by default. Provider will not publicly disclose, showcase, or reference Customer's infrastructure or use of services without prior written consent. This includes:

  • Case studies and testimonials
  • Marketing materials and website references
  • Conference presentations and publications
  • Social media posts

Customer may grant consent for specific disclosures at any time. Customer may opt-in to anonymous case studies, named case studies with Customer review and approval, or logo usage on Provider's website.

10. Intellectual Property

10.1. Ownership. All work product and deliverables created by Provider in connection with the services shall be owned by Customer upon full payment. This includes all configurations, scripts, dashboards, alerts, runbooks, and documentation created for Customer's infrastructure.

10.2. Deliverable Structure. Provider creates and maintains artifacts in Customer's repository, typically in a designated directory (e.g., .webera/). These artifacts may include infrastructure discovery results, operational configurations, onboarding progress tracking, work documentation, operational runbooks, and monitoring dashboard definitions.

10.3. Artifact Ownership. All artifacts in Customer's repository are owned by Customer upon creation. Customer may modify, delete, or extend these artifacts at any time. Upon service termination, all artifacts remain in Customer's repository with full ownership and usage rights.

10.4. Provider Retained Rights. Provider retains the right to use anonymized patterns, templates, and methodologies derived from service delivery to improve its services and AI agents, provided no Customer-identifiable information is disclosed.

11. Data Processing

11.1. Data Categories. During service delivery, Provider may collect and process:

  • Infrastructure data: Resource inventory, configurations, network topology, cost data (stored in Customer's repository)
  • Operational data: Metrics patterns, log patterns, alert configurations (stored in Customer's repository and monitoring platforms)
  • Service delivery data: Communication logs, change history (retained by Provider for support and audit purposes)

11.2. Processing Principles. Provider processes Customer data solely for delivering agreed services, improving service quality, and complying with legal obligations. Provider collects only data necessary for service delivery.

11.3. Customer Rights. Customer may access all data stored in their repository at any time. Upon request, Provider will export any Provider-retained Customer data in machine-readable format within 30 days. Upon termination, Provider deletes Customer-identifiable data within 30 days.

11.4. Subprocessors. Provider uses third-party services to deliver services, including GitHub (repository hosting, communication), Anthropic (AI agent capabilities), and cloud infrastructure providers. Customer will be notified of material subprocessor changes with 30 days notice. For complete details, see Provider's Privacy Policy.

12. Disclaimers and Limitations

12.1. Service Quality. Provider will use commercially reasonable efforts to deliver high-quality solutions but does not guarantee uninterrupted or error-free services.

12.2. Liability. Provider's total liability for any and all claims under this Agreement shall not exceed the total amount paid by Customer to Provider during the twelve (12) months preceding the claim. Provider shall not be liable for any indirect, incidental, special, consequential, or punitive damages.

13. Force Majeure

Neither party shall be liable for delays or failures in performance resulting from circumstances beyond the reasonable control of that party, including but not limited to: acts of God, natural disasters, war, terrorism, riots, embargoes, acts of civil or military authorities, fire, floods, pandemics, strikes, or internet or telecommunications failures. The affected party shall notify the other party promptly and use reasonable efforts to mitigate impact. If force majeure continues for more than 30 days, either party may terminate without liability.

14. Dispute Resolution

Before initiating litigation, parties agree to:

  1. Attempt resolution through direct negotiation for 30 days
  2. If unresolved, submit to mediation for 30 days
  3. If mediation fails, proceed to binding arbitration or litigation

15. Governing Law

15.1. Law and Jurisdiction. This Agreement is governed by the laws of the Commonwealth of Virginia, and any disputes shall be resolved in the courts of the Commonwealth of Virginia.

16. Notices

16.1. Delivery Methods. Any notice required or permitted under this Agreement shall be in writing and shall be deemed to have been duly given if delivered personally, sent by nationally recognized overnight courier, or by email to the addresses specified by each party.

17. Severability

17.1. If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.

18. Entire Agreement

This Agreement, along with the Terms of Service, Privacy Policy, and the subscription details provided on Provider's website, constitutes the entire agreement between the parties and supersedes all prior communications and agreements.

By subscribing to the DevOps On-Demand service, Customer acknowledges and agrees to the terms of this Agreement. This subscription acts as an implicit acceptance and signing of this Agreement.