Product Overview: 3CAD Next

Cyncly Agreement Document

 

1.   FUNCTIONAL OVERVIEW

1.1  The Product can be used as an integrated system to:

1.1.1   configure, price and quote for kitchen, bathroom, living room and bedroom products.

1.1.2   design spaces.

1.1.3   create sales catalogues.

1.1.4   integrate with Ecommerce and ERP solutions.

1.1.5   manage orders from point of sale to manufacture/production.

1.2   The adopted architecture allows to encapsulate system functionalities, managed by following modules:

1.2.1   Backend: server-side component where resides the business logic to manage data exchange, consistency, process phases. This module allows the interaction of 3CAD Next with several types of consumers/provider (e.g. Frontends, third party software, data exchange interfaces).

1.2.2   Frontend: custom web user interface for the workflow processing. In this context, the frontend is mainly oriented to support the User on project configuration, including the feature set provided by 3CAD Next.

1.2.3   Data storage: this module manages and ensures the data structure persistency for the processing of involved systems, coming from catalogue (content) or software generated (e.g. order data).

1.2.4   The centralised Backend and Data storage components allow 3CAD Next to be interpolated with multiple type and number of clients, orchestrating the shared information flow and uniformity.

1.3   The user interface is designed as Single Page Application (SPA), it is a web site that can also be hosted on local servers in a local network (LAN), or accessible externally through WAN and/or internet.

1.4   The system allows to create and maintain the content data that will be consumed by 3CAD Next. It is an independent entity that can be updated separately, from Users with required catalogue products knowledge (e.g. customer employees, provider consultants).

1.5   The catalogue contains specifications, data, logics that allow proper design activity, compliant with the 3CAD Next core features.

2.   LICENSING – BASIC INFRASTRUCTURE

2.1   Basic Server: 3CAD Next environment hosted by MS© Azure cloud platform in a shared production virtual machine.
The solution includes software updates:

2.1.1   Data backup based on Customer archiving policies (e.g. daily backup).

2.1.2   Server virtual hardware maintenance and monitoring.

2.1.3   Server replication for recovery procedures.

2.2   Additional Server: Scaling of the basic server solution with additional servers.
Mainly required in the following cases:

2.2.1   Cover additional Azure hosting regions except the base area (e.g. US, China, South America).

2.2.2   Solution needs to manage a different product line or catalogue.

2.2.3   Increasing of system performances.

2.3   Technical Workstation (Catalogue Creation and maintenance):

2.3.1   LayEdit instance hosted by MS© Azure cloud platform in a shared virtual machine.

2.3.2   LayEdit allow to build and maintain autonomously the catalogue content consumed by 3CAD Next, with the definition of:

2.3.2.1   Furniture components configuration rules (graphic and management).

2.3.2.2   List of variants and options.

2.3.2.3   Bill of Material.

2.3.2.4   Price lists management with relative Bill of Price.

2.3.2.5   Manufacturing layer (machinery file generation, technical drawings).
The solution provides a Test and Production environment.

2.4   Internal Order Entry:

2.4.1   Internal Professional Use, Franchisee, agents and owned stores.

2.4.2   License per 3CAD Next user, reserved to internal resellers points owned by the customer.

2.5   Shop Users:

2.5.1   Professional use in non-owned shops.

2.5.2   License bundle managed by the customer, distributable to external resellers for 3CAD Next usage.

2.5.3   The unit price is recalculated based on the indicated 3CAD Next users number thresholds.

2.6   Factory Modules (Production):
Included features:

2.6.1   CNC Data Creator – Job.

2.6.2   Extended BOM.

2.7   Guest BtoC:

2.7.1   First dedicated server.

2.7.2   Server environment aimed to support the B2C model (e.g. integration with customer ecommerce).

2.7.3   The system allows non-professional users/guest customers to perform autonomously a basic product configuration, quotation, purchase (if supported) from a public entry point (e.g. ecommerce integrated in the website).

2.8   Additional dedicated server:

2.8.1   Extends the first server solution with additional environment(s).

2.8.2   Mainly required in the following cases:

2.8.2.1   Cover additional Azure hosting regions except the base area (e.g. US, China, South America).

2.8.2.2   Solution needs to manage a different product line or catalogue.

2.8.2.3   Increasing of system performances.

3.   MARKET AND GEOGRAPHIC REGION

The Product is for the KB&F (Manufacture) market and is sold worldwide.

4.   CONTRACT TYPE

SaaS.

5.   TERM

A fixed Term of 36 months. The Term shall automatically renew for a further 12 months, unless terminated on at least 12 months’ written notice.

6.   ACCESS RIGHTS

6.1   The Product is subject to the following Access Rights:

6.1.1   limited to the Modules/Optional Modules which appear in the Order form.

6.1.2   limited to the quantity of Professional Users, Guest Users and/or Shops specified in the Order form.

6.1.3   limited to the quantity of Catalogues specified in the Order form.

6.1.4   use of the Product is restricted to use in connection with a single Customer trading brand.

6.1.5   use of the Product is restricted to use in the Territories specified in the Order form.

7.   ARCHITECTURE

7.1   The Product is cloud native, meaning it is designed and developed to run on and consume Microsoft Azure public cloud resources.

7.2   The SaaS solution is based on a single instance of the Product which is being used by multiple customers in the production environment and which are sharing public cloud resources (this is referred to as a multi- tenant model.) The product can alternatively be hosted singularly with a dedicated production instance. The product is also made available to all customers in a staging environment so that they can become familiar with Updates and Upgrades before they are moved into the production environment. Development and Test (staging) environment is based on a multi tenant architecture, where same instance is shared between all customers, maintaining data isolation.

7.3   The production environment is configured to the Customer’s needs and can be hosted by a dedicated instance (single tenant), based on agreement with the Customer.

7.4   The Product is hosted in the appropriate Azure region and zones based on the geographic location of the Customer and taking into account data privacy laws.
Azure Regions:

7.4.1   Australia East.

7.4.2   Brazil South.

7.4.3   Central US.

7.4.4   France Central.

7.4.5   Germany West Central.

7.4.6   North Europe.

7.4.7   West Europe.

7.4.8   South East Asia.

7.5   The SaaS and virtual infrastructure provided by Microsoft Azure is designed taking into account the following design constraints:

7.5.1   Availability - equal to or greater than 99.5% (24/7/365, subject to planned downtime (see below)).

7.5.2   RTO (Recovery Time Objective) – [n] hours 30 mins.

7.5.3   RPO (Recovery Point Objective) – [n minutes or hours] <35 min.

7.6   Daily incremental Back up.

7.7   60 Days retention.

7.8   Backup centre for back up monitoring and management (changes are not included).

7.8.1   System security:
The system provides native/integrated solutions aimed to guarantee following security principles:

7.8.1.1   Confidentiality: ensure access control to proprietary information, avoiding data consumption from unauthorised users/entities.

7.8.1.2   Integrity: data protection against modification/destruction from unauthorised sources.

7.8.1.3   Availability: ensure access to data at any time, based on agreed uptime periods.

7.8.2   User authentication:
The system allow access to the application through the authentication process managed by native identity provider. User must provide credentials of a personal account which is properly preconfigured with the required rights.

7.8.3   User authorisation:
The system manages user rights of each registered account. Based on the combination of enabled permissions, User can perform specific actions, allowing custom restrictions according to the required authorization level.

7.8.4   Data encryption:

7.8.4.1   The system protects information transmission through connection encryption.

7.8.4.2   3CAD Next supports following connection security standards:

7.8.4.2.1.1   Scheme: HTTPS

7.8.4.2.1.2   Protocol: TLS 1.2

7.8.4.2.1.3   CA: R3

7.8.4.2.1.4   Cipher: ECDHE_RSA_ with P384, AES_256_GCM

8.   THIRD PARTY SOFTWARE

8.1   Web-GL open-source software is used as part of the Product graphics engine.

8.2   DevExpress is used as part of the Product print-out/layout management functionality.

9.   PRE-REQUISITES FOR USING THE PRODUCT

9.1   Minimum configuration:

9.1.1   Operating system: Windows 8.1, Windows 10 (64bit), Windows 11.

9.1.2   Processor: IntelR Core™ i5, or i7.

9.1.3   RAM Memory: 8 GB.

9.1.4   Supported video cards: Intel, NVidia, AMD 1 GB memory, compatible shader 3.0 (NVidia Quadro not supported).

9.1.5   Hard disk: SSD 256.

9.1.6   Browser: Chrome 61, Firefox 55, Safari 10.1, or Edge 15.

9.1.7   Internet connection: 20Mbps, 3G, 4G/LTE.

9.1.8   Port-related firewall settings: HTTP (80), HTTPS (443), FTP (21).

9.2   Recommended configuration:

9.2.1   Operating system: Windows 10 (64bit), Windows 11.

9.2.2   Processor: IntelR Core™ i7, i9.

9.2.3   RAM Memory: 16 GB.

9.2.4   Supported video cards: Intel, Nvidia, AMD 1 GB memory, compatible shader 3.0 (NVidia Quadro not supported).

9.2.5   Hard disk: SSD 512.

9.2.6   Browser: Chrome 61, Firefox 55, Safari 10.1, Edge 15.

9.2.7   Internet connection: 100Mbps, 3G, 4G/LTE.

9.2.8   Port-related firewall settings: HTTP (80), HTTPS (443), FTP (21).

9.3   3CAD Next is supported only on some devices with iOS operating system.

9.4   Since the features and functions may vary from the version of the operating system and the device model used, Supplier reserves the right to evaluate case by case.

10.   SUPPORTED VERSION

10.1   For the multi-tenant development and test environments, where customers are using the same instance of the Product, all customers are using the same Version (which will be the latest Version).

10.2   For a single tenant production environment, the Customer decides when the Update or Upgrade is to be installed, which may result in the Customer using a Version of the Product which is not covered by Maintenance & Support – the Supplier will only provide Maintenance & Support in respect of the current Version of the Product (N), or the previous Version (N-1).

11.   SUPPORT SERVICES AND SERVICE LEVEL COMMITMENT

11.1   Product Specific Information:
Please refer to the Specific Terms for SaaS for general principles applicable to the Service Desk.
The table below specifies Product specific information:

11.1.1   Support Hours:

11.1.1.1   Monday – Friday: 08:30-12.30 and 14.00-18.00 Central Europe Time (CET/CEST)

11.1.1.2   Weekend: Excluded
Excluding public holidays (in Italy)

11.1.2   Channels of communication with the Service Desk:
User Support 2nd level support services PHONE (+39 0438 981034)

11.1.3   Who may contact the Service Desk:

11.1.3.1   The Customer’s staff need to be pre-registered.

11.1.3.2   The Customer’s staff who are pre-registered will be working on the Customer’s service desk or will be in a resolver group associated with the Service Desk. The Service Desk will not deal direct with end users or resellers.

11.1.4   Service Credits for failing to meet the Service Level for incident management:
N/A

11.1.5   Information needed when contacting the Service Desk:
Before contacting the Service Desk, the Customer’s support specialist must ensure:

11.1.5.1   The anomaly has been analysed in order to confirm it is not an issue related to the catalogue or data created by the Customer, or an issue related to the Customer’s [and/or resellers’ internal systems that are used with the Product (for example the Customer’s login system, the Customer’s appointment booking system, or the Customer’s ordering system, or others as applicable).

11.1.5.2   Gather the information and documents that will allow the Supplier to reproduce and diagnose the incident:

11.1.5.2.1   the complete URL of the site where the incident occurs.

11.1.5.2.2   the name and version of the operating system on which the incident can be reproduced (e.g. Windows 8.1, Windows 10, etc.).

11.1.5.2.3   the name and version of the web browser used to reproduce the incident (e.g. Chrome version 56.0.2924.87).

11.1.5.2.4   a description line, which will allow the incident to be recognized easily and understood when presented in a list.

11.1.5.2.5   a detailed description of the incident with the step-by-step procedure that reproduces the incident.

11.1.5.2.6   the results normally expected when the software is working properly, as well as the results observed when the incident occurs.

11.1.5.2.7   indicate if the incident occurs on computers in the stores or only for users on the web.

11.1.5.2.8   a screenshot of when the incident occurs.

11.1.5.2.9   the priority of the incident, according to the agreed classification.

11.1.5.2.10   any other information or files that may help to reproduce or diagnose the incident.

11.2   3CAD Incident Categorisation:

11.2.1   Critical:

11.2.1.1   Incident management response time during support hours:
Within 30 minutes

11.2.1.2   Incident management response time outside support hours:
Within 1.5 hours.

11.2.1.3   Contractors’ commitment to troubleshooting:

11.2.1.3.1   Management escalation: immediate

11.2.1.3.2   Status update: <2 hours

11.2.1.3.3   Continuous until the error is solved, alternatively until a temporary workaround solution is in place.

11.2.1.3.4   An Incident that has a temporary workaround will automatically be downgraded to a High priority.

11.2.2   High:

11.2.2.1   Incident management response time during support hours:
Within 1 hour.

11.2.2.2   Incident management response time outside support hours:
Within 3 hours.

11.2.2.3   Contractors’ commitment to troubleshooting:

11.2.2.3.1   Management escalation: immediate

11.2.2.3.2   Status update: <8 hours

11.2.2.3.3   Investigate the issue and report continuously to the Customer. Proposals for workaround or final solutions

11.2.3   Medium:

11.2.3.1   Incident management response time during support hours:
Within one working day.

11.2.3.2   Incident management response time outside support hours:
Within one working day.

11.2.3.3   Contractors’ commitment to troubleshooting:

11.2.3.3.1   Management escalation: within 2 working days

11.2.3.3.2   Status update: <3 working days

11.2.3.3.3   Investigate the issue, real time testing, checking different solutions

11.2.4   Low:

11.2.4.1   Incident management response time during support hours:
Within two working days.

11.2.4.2   Incident management response time outside support hours:
Within two working days.

11.2.4.3   Contractors’ commitment to troubleshooting:

11.2.4.3.1   Management escalation: within 10 working days only if the problem is not solved

11.2.4.3.2   Status update: <5 working days

11.2.4.3.3   Committed to verify the causes of the problem, test the feasibility of the request.

11.3   Support Monitoring and Reporting:
The cloud monitoring system:

11.3.1   Cloud architecture access control system:

11.3.1.1   The VM’s are monitored 24/7/365 web system implemented by the Contractor.

11.3.1.2   The redundant system checks every 2 minutes:

11.3.1.3   access to databases.

11.3.1.4   internet connection.

11.3.1.5   In case of malfunction of the system, automatic messages and emails are sent to a set of supervisors with a report related to the critical status of the infrastructure.

11.3.1.6   The supervisors, after analysis, intervene to solve the problem and restore the cloud system.

11.3.2   Cloud architecture performance control system:

11.3.2.1   Each VM is provided with a software agent that monitors the usage levels of:

11.3.2.1.1   CPU

11.3.2.1.2   RAM

11.3.2.1.3   space on HDD

11.3.2.2   In case of the levels exceed the defined guard levels automatic messages and emails are sent to a set of supervisors with a report related to the critical status of the infrastructure.

11.4   Support Reporting:

11.4.1   Service Desk Report:

11.4.1.1   Description:
Contains the list of requests/incidents received and performed by the service desk containing response time, criticality, expected time to solution (if not solved yet).

11.4.1.2   Regularity:
Monthly

11.4.2   Capacity Report:

11.4.2.1   Description:
Contains the list of incidents due to capacity shortages, resolution time, capacity adjustments and capacity reserves

11.4.2.2   Regularity:
Quarterly

11.4.3   Availability Report:

11.4.3.1   Description:
Contains the list of service interruptions and their duration

11.4.3.2   Regularity:
Monthly

11.4.4   Application Responsiveness Report:

11.4.4.1   Description:
This document contains the list of WS with their response time. The list can be defined time by time by the Customer

11.4.4.2   Regularity:
on demand

11.4.5   Security Report:

11.4.5.1   Description:
Contains the list of incidents due to security issues classified by severity

11.4.5.2   Regularity:
Quarterly

11.4.6   Incidents Report:

11.4.6.1   Description:
Contains the global list of all incidents (capacity, availability, responsiveness, security) in a defined period (month, quarter, year)

11.4.6.2   Regularity:
on demand

11.4.7   Questions Report:

11.4.7.1   Description:
Contains the list of questions and related status (open, in charge, not accepted, closed) related to a defined period (month, quarter, year)

11.4.7.2   Regularity:
on demand

11.4.8   Cloud architecture Performance Report:

11.4.8.1   Description:
Contains the performance indicators related to the cloud architecture) in a defined period (month, quarter, year)

11.4.8.2   Regularity:
on demand