TRUSTBOX SERVICE LEVEL AGREEMENT

Appendix 11 – Board Meeting 30 April 2015

TRUSTBOX SERVICE LEVEL AGREEMENT

Article 1 Definitions, Scope and Objectives

1. Definitions

“Confirmation”: GS1 will confirm within the Response Time receipt of the Notification – GS1 assigns in the Confirmation a classification of the Incident;

“Datacenter Services” shall mean the services as set forth in Section 2.1.2.1;

“GS1 Business Day(s)” shall mean a GS1 working day excluding national holidays and excluding Saturdays and Sundays.

“GS1 Business Hour” shall mean hours during a GS1 Business Day from 8:30 till 16:30 (CE(S)T).

“GS1 Business Minutes” shall mean minutes during a GS1 Business Hour.

“Implementation Services” shall mean the Services as defined in Section 2.1.0;

“Incident” shall mean a malfunction of the Trustbox Service that has been reported by a Trustbox Beneficiary and registered, classified and confirmed by GS1 in accordance with Section 2.1.3. An Incident can be an Incident with regards to the Datacenter Services or with regards to System Software Services.

“Incident Handling” shall mean the service level of the handling of the Incidents as described in Annex 1 to the Trustbox SLA;

“Notification” Incident notification by Trustbox Beneficiaries –

“Resolution Time” shall mean the time frame that starts as from the Notification and during which GS1 solves an Incident in accordance with the Trustbox SLA;

“Response Time” shall mean no later than one (1) GS1 Business Hour as from the Notification in which GS1 will send the Confirmation to the Trustbox Beneficiary. This period concerns only the communication and not the Incident resolving or work around itself;

“Third Parties” are for the purpose of the Trustbox SLA third parties with exception of GS1 subcontractors providing Trustbox Services.

“Trustbox Beneficiaries” shall mean, jointly and/or individually, the Food Business Operators, Users that have Access to the Validated MFI pursuant to, respectively, the Trustbox Terms of Supply and the Trustbox Terms of Use and Nubel vzw/asbl to effectuate its corporate goal as included in its By-laws published in the Belgian Official Gazette of 13 July 2009.

“Validated MFI” shall mean MFI validated by the Food Business Operator, as described in the Trustbox Terms of Supply.

1.1. This Trustbox SLA sets forth between GS1 and the Trustbox Beneficiaries in an exhaustive manner with regards to the Trustbox Service and in particular with regards to the Implementation Services, the Datacenter Services and System Software Services:

- a service description and the applicable Service Levels; - the applicable Support

- the development, maintenance and data Backup

This Trustbox SLA contains in a limitative and exhaustive manner the services delivered by GS1. The Trustbox SLA is attached to and forms integral part of the contractual agreement of the Trustbox Services, in addition to the GS1 General Terms and Conditions, the Trustbox Terms of Supply and the Trustbox Terms of Use. In the event of a conflict between or among the GS1 General Terms and Conditions, the Trustbox Terms of Use, the Trustbox Terms of Supply and/or the Trustbox SLA the order of precedence shall be the Trustbox SLA, over Trustbox Terms of Use and/or the Trustbox Terms of Supply, over GS1 General Terms and Conditions. The latest published version of GS1 General Terms and Conditions, the Trustbox Terms of Use, the Trustbox Terms of Supply and the Trustbox SLA will prevail every previous published version.

1.2. The Trustbox Beneficiaries are enabled to access and use the Database using a network connection over the Internet. Access to the Database shall be provided by GS1 as from the interconnection point as set out in Figure 1.

Any and all liabilities are stipulated in the respective Trustbox Terms of Use and Trustbox Terms of Supply. The provisioning of the Trustbox Service and this Trustbox SLA is always subject to:

 The installation and maintenance of an internet connection by the Trustbox Beneficiary up to the Interconnection Point (Figure 1);

 The installation and maintenance of the Implementation Services by the Trustbox Beneficiary;

 Implementation of all updates/ upgrades with regards to the Trustbox Service pursuant to the guidelines communicated at least by email by GS1 that may change from time to time;

1.3 The Trustbox Service, defined hereunder, is provided for by GS1 and the Trustbox SLA applies to the Trustbox Beneficiaries, and the compliance with the (technical) guidelines and requirements that are applicable with regards to the Trustbox Service as duly communicated by GS1 and as may change from time to time. In the event of material changes to the Trustbox SLA and/or the (technical) guidelines and requirements - and for the avoidance of doubt changes regarding input/output availability of Trustbox, the service handling as described in article 2.1.1 en 2.1.3, and the maintenance as described in article 3.2 hereunder) will always be considered as material changes - GS1 shall invite Trustbox Beneficiaries to workshops informing Trustbox Beneficiaries about material changes to come to the Trustbox SLA and inciting the Trustbox Beneficiaries to comply. In case of continued (material) non-compliance of the Trustbox Beneficiaries, the provision of Trustbox Services can be denied or cancelled without GS1 being due any compensation whatsoever provided a prior written notice of default sent by GS1 to the non-complying Trustbox Beneficiary including a reasonable grace period to cure any such non-compliancy. As a consequence no further use of the Trustbox Services shall be allowed.

(Figure 1)

Article 2 Trustbox Service

2.1.0. Implementation Services

Trustbox Beneficiaries (Data Suppliers (Food Business Operator) and Data Recipients (Users) are accompanied by GS1 in implementing the Trustbox Service being:

2.1.0.1 for Food Business Operators: - Foreseeing in a:

o Database test (UAT) and production environment;

o And Access

o Enabling the Food Business Operator to upload the MFI;

2.1.0.2 for Users

- Foreseeing in a:

o Personalized Access to the Database and the Validated MFI via a GS1 SFTP server, API (Application programming interface) or other ways defined between GS1 and Trustbox Beneficiaries;

o With individualized logins;

2.1.0.3 for Food Business Operators, and Users

- Support (by e-mail or telephone during GS1 Business Hours) with regards to the implementation services;

- Training for the key-users of Trustbox Beneficiary during GS1 Business Hours (see the GS1 website).

- Implementation manuals;

- Possibility to participate in Trustbox workshops and seminars; - A Trustbox training for Trustbox Beneficiaries and their employees

2.1.1. Trustbox Service

2.1.1.1 for Food Business Operators:

- Food Business Operators will upload their MFI on a on need basis and into the Database by means of:

o a WebUI via a personal login and password or o an Excel upload via a personal login and password or

o a XML (GDSN CIN message) via a publication from a GDSN data pool.

- Validated MFI of which the validation took place by the Food Business Operator before 18.00 of a GS1 Business Day becomes available the next GS1 Business Day.

- GS1 provides access to the Database 24/24 and 7/7 except in case of Downtime.

2.1.1.2 for Users

- Validated MFI is made available, in an individualized manner, by GS1 to the respective Users every GS1 Business Day at 20.00 hrs at the latest.

- Users receive exported (download) Validated MFI in CSV-format or XML-format. Validated MFI is pushed by GS1 to the Trustbox SFTP server. The Trustbox Beneficiaries can access and download the Validated MFI (Validated MFI of the actual working day, and a “backlog file of the Validated MFI of ten (10) working days (except in start up phase, shorter than ten working days)”.

2.1.2. Trustbox Service underlying supporting services:

2.1.2.1 Datacenter Services

GS1 hosts its Database in a “state of the art first class” Hosting Party in Belgium equipped with not exhaustively listed services such as, but not limited to:

 UPS (Uninterruptible Power Supply);

 air conditioning;

 fire detection;

 temperature control;

 environmental and security systems.

Network infrastructure is redundant, which in practice means that all systems are installed in duplicate, or better.

The Datacenter Services availability committed to by GS1:

2.1.2.1.1 MFI Input availability

To measure availability at the input side (uploading MFI into Database), the following formula is used:

whereby

 Maximum availability = period (in minutes) during which the Trustbox Service could have been available at its maximum. This equals 60 minutes x 24 hours x the number of days in the month. The availability levels must be complied with on a monthly base, the availability levels are also calculated per calendar month.

 Downtime = period (in minutes) during which the Trustbox Service is not available due to a Priority 1 Incident or maintenance, changes or upgrades, not including downtime due to Force Majeure.

 Downtime :

o starts at Notification of a Priority 1 Incident (as defined in Annex 1) by Trustbox Beneficiary

and ends when the Priority 1 Incident is resolved or a work around has been provided for;

o starts when maintenance operations begin and ends when these maintenance operations

have been completed;

starts when changes or upgrades are initiated and ends when the changes or upgrades have been implemented.

GS1 must meet at least 99% availability.

2.1.2.1.2 Validated MFI Output availability

Regarding availability at the output side GS1 will make all necessary Validated MFI available 24/7.

2.1.2.1.3 General availability and circumstances of Datacenter equipment and network

ability of air conditioning >= 99 %

– 65% – 26°C

2.1.2.3 System Software Services

The Database is operated by the System Software initially being the software called Q*Aggregator.

GS1 shall

- cause the System Software to perform and operate in accordance with the then current GS1 Source standards and provide all updates, upgrades and modifications to the System Software;

- cause the System Software to operate under new versions or releases of GS1 Source Standards as may change from time to time;

- install and maintain new versions or releases with respect to the System Software - inform the Trustbox Beneficiaries of all technical compliance issues.

2.1.3. Trustbox Service Support 2.1.3.1 Incidents and Support level

IN GENERAL:

Incident Reporting:

a. During GS1 Business Hours b. Per:

a. Phone (helpdesk) on tell number +32 2 229.18.80 b. Email: [email protected].

c. By Trustbox Beneficiaries registering Incidents by providing details of all information relevant to the Incident and the name and telephone number of the Trustbox Beneficiary reporting the Incident.

Incident Handling

See Annex 1

a. Incident handling starts upon Notification.

c. GS1 assigns an Incident classification in the Confirmation.

c. Support Services are provided for during GS1 Business Hours only, implying that Incident handling started during GS1 Business Hours and is interrupted during non- GS1 Business Hours, and the timing shall continue as from the next GS1 Business Hour.

Article 3 Development, Maintenance and Data Backup

GS1 shall on a consistent manner improve and further develop the Trustbox Service.

GS1 may issue System Software updates and releases with regards to the Trustbox Service. Trustbox Beneficiaries will be notified by GS1 about releases, provided this is reasonably possible, 2 (two) months in advance of its implementation.

Minor updates will be performed for by GS1 as they occur. Trustbox Beneficiaries will be informed of any minor updates, provided this is reasonably possible, at least 3 (three) business days in advance. An update may only be considered a minor update if no change is needed at the Trustbox Beneficiaries’ side.

3.2. Maintenance

(i) with respect to the Datacenter Services GS1 shall perform maintenance activities windows outside GS1 Business Hours:

Planned Maintenance Windows: If GS1 claims a planned maintenance window, implying Service Downtime, Trustbox Beneficiaries are informed three (3) business days in advance.

Unplanned maintenance Windows: If unplanned maintenance windows or repair work are necessary, implying Trustbox Service Downtime, these are notified and carried out as fast as possible by GS1.

(ii) With respect to System Software Services there will be periods of Downtime for maintenance and upgrades, and, sometimes, for unplanned reasons. GS1 will provide at least two (2) business days of notice for planned maintenance or Downtime.

3.3 (Validated) MFI Backup 3.3.1 OS backup: Veeam

For backups of the OS, Veeam is used - a virtualization-aware solution.

First, a ‘full’ backup is made before the environment goes into production. This one-off, high-volume backup will be completed before the platform is taken into production.

From then on forward, a daily ‘snapshot’ will be taken of the full system including its files / documents. ‘Snapshotting’ will only copy the changed and new file blocks and not the entire file system.

The backups are stored in another room of the primary data center, some 150 meters away. That room is fully independently powered, air-conditioned, etc.

3.3.2 Data backup: Microsoft Data Protection Manager

Data Protection Manager (‘DPM’) is a Microsoft product intended for ‘near continuous’ backups. The DPM is used for the following categories of systems:

 Files on (Windows) file systems, shares and folders;

 The ‘System State’ of Window (protected fileservers and application servers);

 Application-specific data, including:

o The so-called ‘storage groups’ of Microsoft Exchange Server; o Microsoft SQL Server databases;

o Windows SharePoint Services farms.

The technology uses the snapshot principle, meaning that only the changed bits are Backed-up. When the time comes to restore data, DPM will combine the incremental snapshots to reconstruct the dataset.

Disk-based backup infrastructures are used so that the data is instantly available whenever necessary.

3.4 Firewall and virus protection 3.4.1 Shared Firewalls

Shared Firewalls are security devices that are clustered and spread over two data centers. These high-performance firewalls offer extreme levels of protection and are fully managed.

The nodes of the Shared Firewall clusters are ‘Geo-clustered’, meaning that each node sits in its own data center. Should a node fail, the open sessions are instantly migrated towards the other node (and traffic is rerouted between the data centers over DWDM inter-DC-links).

Each firewall cluster can handle 10 Gbit of sustained throughput. As a standard, the firewalls filter out all traffic except the following types:

ktop (3389)

and SFTP 3.4.2 Anti-virus

The ESET NOD32 Antivirus software is installed and centrally managed.

Specifications and updates on this antivirus software can be found on:

http://static3.esetstatic.com/fileadmin/Images/INT/Docs/Datasheet/Product-Overview-ESET-NOD32-Antivirus.pdf

Description of the Service Level

Incident What Notification Resolution

Time

Comment

Priority 1 Trustbox Data not available on

SFTP or via API (and unavailability is not due to a Scheduled Maintenance)

NotificationBefore 1100 hrs - on a GS1 Business Day

Before 1630 hrs same GS1 Business Day

Trustbox Dataset provided for

NotificationAfter 1100 hrs - on a GS1 Business Day

0900 hrs next GS1 Business Day

Trustbox Data provided for of Incident day together with the Trustbox Data of the new GS1 Business Day

Priority 1 Datacenter Services down

(Business-critical Incidents and unavailability is not due to a Scheduled Maintenance) It is referred to failures affecting the Datacenter infrastructure, datacenter network, hardware, and server services that lead to a demonstrable 100%

unavailability of the relevant Trustbox Service.

Notification GS1 Business Day 6 GS1 Business Hours after Notification

Restore availability

Priority 1 A production problem that

causes the System Software to be in whole or partially inoperable in a production environment (and unavailability is not due to a Scheduled Maintenance, the impact of which is that the operations, data integrity or system functionality is impacted, the business' production systems are down, not relevantly functioning or not relevantly 100% reliable operational or there is a loss of production data and no procedural work around exists.

Notification GS1 Business Day Within 6 GS1 Business Hours after Notification

Restore reliable operationality

Priority 2 Priority 2 (Non-business critical

Incidents)

It is referred to failures occurring in the Datacenter infrastructure, Datacenter network, hardware, and server services that leave the Trustbox Service still available. This may include, among other things, configuration changes.

Notification GS1 Business Day Within 4 GS1 Business Days after Notification

An effort is taken to solve the Incident or to provide for a work around and the Incidents are processed on first-come, first-served basis.

Priority 2 System Software problem - A

problem where the System Software operates in a severely limited capacity in a production environment and the operations, data integrity or system functionality is impacted to a significant level

Notification GS1 Business Day Within 8 GS1 Business Hours after Notification

An effort is taken to solve the Incident or to provide for a work around and the Incidents are processed on first-come, first-served basis.

Priority 2 Low quality of the Trustbox Data

uploaded by the Food Business Operator

Notification GS1 Business Day See Trustbox Terms of

Supply, article 4 §1 - procedure

Priority 3 System Software problem - A

low impact problem that involves non-critical functionality loss, a problem or issue which impairs some operations but allows Trustbox Beneficiaries to continue to function. The problem may be a minor issue with limited loss or no loss of functionality or impact to the business’ operation and issues in which there is a simple work around or functions that can be avoided without causing significant business impact.

Notification GS1 Business Day Next System Software release or in agreed upon hotfix or temporary workaround.

Description of the Service Level

Priority 4 Incidents that do not relate to

Datacenter Services or System Software Services and do not relate to system components or procedures that are maintained by GS1.

No Notification N/A Is be provided by Trustbox

Beneficiaries based on the training and

implementation manual and documentation provided for by GS1