Spring naar hoofdinhoud

Legal & Policy

Service Description - Managed Kubernetes

Fully managed Kubernetes environment on the cloud provider of your choice.

Service Description - Managed Kubernetes

Proxy Platform B.V. · version 1.0 · April 2026

This Service Description constitutes a Schedule to the Quotation and forms part of the Agreement between Proxy and Customer. The Agreement is governed by the General Terms and Conditions of Proxy Platform B.V. (version 1, 22-04-2026), the Data Processing Agreement (Schedule 1), and the Service Level Agreement (Schedule 2). In the event of conflict between this Service Description and the General Terms and Conditions, the DPA, or the SLA, this Service Description prevails, unless the conflict relates to liability, confidentiality, personal data, availability, maintenance, or duration and termination - in which case the General Terms and Conditions, the DPA, or the SLA prevail.


Article 1 - Definitions

In addition to the definitions in the General Terms and Conditions and the SLA, the following definitions apply in this Service Description:

  • Cluster: a Kubernetes cluster provisioned and managed by Proxy based on RKE2, deployed at a Cloud Provider chosen by Customer;
  • Cloud Provider: the Provider selected by Customer within the meaning of the General Terms and Conditions on which the Cluster is deployed;
  • Workload: applications, containers, and configurations deployed on the Cluster by or on behalf of Customer;
  • Namespace: a logical separation within the Cluster for isolating Workloads and applying resource and network policies.

Article 2 - Service Description

Proxy provides Customer with a fully managed Kubernetes environment (Managed Kubernetes), consisting of the following components.

2.1 Provisioning and cluster management

Proxy is responsible for:

  1. the initial installation and configuration of the Cluster at the Cloud Provider and region chosen by Customer, via automated Infrastructure as Code;
  2. performing version upgrades, patches, and updates of the Kubernetes environment;
  3. ongoing management of Cluster operations;
  4. configuring and enforcing resource limits and network policies per Namespace.

2.2 Security

Proxy is responsible for:

  1. hardening of the Cluster in accordance with the CIS Kubernetes Benchmark;
  2. enabling and configuring SELinux at cluster level;
  3. a consistent firewall policy applied uniformly across all supported Cloud Providers;
  4. continuous vulnerability scanning of cluster components;
  5. audit logging in accordance with the requirements of ISO 27001, NEN 7510, and NIS 2, and - depending on the chosen Cloud Provider and region - the HAVEN standards.

2.3 Monitoring

Proxy is responsible for:

  1. monitoring Cluster performance;
  2. notifications upon incidents and threshold deviations;
  3. making real-time metrics, logs, and traces available to Customer via the Customer Portal.

Primary availability of the Cluster and the underlying infrastructure is governed by the SLA of the Cloud Provider chosen by Customer. Schedule 2 (SLA) to the General Terms and Conditions additionally applies to Proxy's services and covers incident handling, maintenance, helpdesk support, and the credit scheme in Article 3 of the SLA where Proxy is a contributing cause of a deviation from the availability committed by the Cloud Provider.

Article 3 - Supported Cloud Providers

Proxy delivers the Service on multiple Cloud Providers. The current list of supported Cloud Providers and available regions is made available by Proxy via the Customer Portal. Proxy reserves the right to add or remove Cloud Providers subject to thirty (30) days' notice in accordance with Article 14 of the General Terms and Conditions.

Article 4 - Data Sovereignty

4.1
Customer determines at the start of the Service in which region and at which Cloud Provider the Cluster is deployed. Proxy will not move Customer Data to another location without Customer's prior written consent.
4.2
The Service is deployed by default at European Cloud Providers. Choosing a location outside the European Union requires Customer's explicit written consent and is subject to Article 3 of the Data Processing Agreement (Schedule 1).
4.3
Proxy is certified in accordance with ISO 27001, NEN 7510, and NIS 2 and delivers the Service in compliance with those certifications. Where Customer chooses a Cloud Provider and region that complies with the HAVEN standards, the Service also complies with those standards. Proxy will inform Customer upon request which Cloud Providers and regions are HAVEN-compliant.

Article 5 - Customer Responsibilities

5.1

Customer is solely responsible for:

  1. deploying, configuring, and managing Workloads on the Cluster using its own tooling such as kubectl, Helm, or CI/CD pipelines;
  2. managing application-specific configurations, environment variables, and secrets, unless otherwise explicitly agreed in writing;
  3. managing container images and application code;
  4. DNS management outside the provided cluster environment;
  5. complying with the terms of use of the chosen Cloud Provider.
5.2
Customer is not permitted to modify the security settings of the Cluster without Proxy's prior written consent.
5.3
The remaining obligations of Customer are as set out in Article 5 of the General Terms and Conditions.

Article 6 - Onboarding and Delivery Time

6.1
Upon receipt of Customer's configuration choices and confirmation of the Agreement, Proxy will deliver the Cluster within one (1) business day.
6.2

The onboarding process is as follows:

StepActionResponsible party
1Selection of Cloud Provider, region, and node sizeCustomer
2Automated provisioning, network configuration, and security baselineProxy
3Delivery of production-ready ClusterProxy
4Deployment of WorkloadsCustomer
6.3
The delivery time referred to in paragraph 1 is indicative and not a firm deadline, unless otherwise agreed in writing, in accordance with Article 4.6 of the General Terms and Conditions.

Article 7 - Additional Services

The Service may be combined with the following additional Proxy services, each governed by separate service descriptions:

  • Managed Databases - managed PostgreSQL HA database alongside the Cluster;
  • Managed Nextcloud - GDPR-compliant collaboration on your own infrastructure.

Heeft u vragen of wilt u direct contact?

Ik help u graag verder.