GC Notify is a
- Software as a Service (SaaS) system operated by the Canadian Digital Service (CDS).
- Cloud-hosted system using Amazon Web Services (AWS). AWS hosts GC Notify on their cloud services.
- Medium integrity, and medium availability service. We cannot support urgent and emergency use cases requiring higher levels of integrity or availability.
You’re a GC Notify client if you’re
- A department or agency using GC Notify.
- Staff of these departments and agencies who use GC Notify’s interface or API.
- Services on GC Notify that are created by these departments, agencies and staff.
This agreement covers CDS responsibilities for the GC Notify system. It does not cover
- Devices such as computers or mobile phones.
- Other services or infrastructure, such as internet or email service providers.
- Services that recipients need to receive an email or text, such as mobile phone carriers, internet or email service providers.
CDS is responsible to
Maintain GC Notify’s security, including
- Ensure GC Notify can accept Protected A information. To learn about our security profile, read Security.
- Follow the AWS Shared Responsibility model. We’re responsible for securing areas assigned to the customer in the model.
- Patch security vulnerabilities in a timely manner, based on our determination of the level of threat. We patch major vulnerabilities as soon as possible but no more than a month after we find the root cause. To learn more, read CDS Patch Management Guide.
Provide, operate and support GC Notify
- Allow you to sign in and use GC Notify’s features.
- Display a dashboard that shows delivery status of emails and domestic text messages.
- Restore the system to operation if there’s unplanned downtime. Downtime is an interruption in which you experience a reduction in the existing quality of service or an event that will impact the existing service. Unplanned downtime triggers automated alarms to GC Notify staff.
- Respond quickly to incidents, following the TBS Directive on Security Management. We use an Incident Response process to resolve issues in a timely manner.
- Support your use of GC Notify, including requests submitted through our contact us page:
(a) Non-urgent requests: We respond within 1 business day, between 9am-5pm Eastern Time.
(b) Urgent requests: We provide 24/7 support and respond within 1 hour if you include the phrase “this is urgent” in all caps in the request.
Maintain timely operations
10. Ensure GC Notify’s websites are available for use, We aim for a minimum of 99.9% uptime, excluding any downtime experienced by AWS. AWS promises 99.9% uptime.
11. Keep page load time at less than 3 seconds in Canada on high-speed internet.
12. Meet our Service Level Objectives (SLOs)
Inform you of service interruptions or discontinuation
13. Contact you one week in advance if we plan downtime and minimize interference with your use. Whenever possible, we schedule downtime on weekends between 8:00 pm and 11:59pm EST. GC Notify uses a continuous delivery approach, sometimes patching multiple times a day without downtime.
14. Alert you as soon as we learn that GC Notify will be shut down or inaccessible for any reason. We also update you on AWS downtime.
15. Inform you if we’re no longer able to operate and support GC Notify. We’ll email you 3 months in advance at the address used to create your GC Notify account. GC Notify is open source so you can create your own version based on the open source code.
CDS is not responsible for
1. Issues with AWS including:
- AWS failing to deliver messages.
- Problems or failure of AWS cloud service infrastructure that impact our uptime and availability.
- AWS enforcing its terms of service.
2. Preparing alternative or backup plans to communicate your messages.
Last updated: April 13, 2023