1. Compliance posture
If you serve regulated industries (Med, Legal, Edu, EU customers), compliance is а gating concern, not а nice-to-have.
-
Are you HIPAA-compliant? Will you sign a BAA?
Why it matters: Without BAA, your firm assumes liability for any PHI processed by the vendor.
SLAtech answer: Yes — SLAtech Medical ships а BAA-eligible single-tenant option. BAA executed before any PHI ingest.
How к verify: Ask the vendor к send you а sample BAA. If they say "contact sales" instead of sharing — that's а signal.
-
Where is data stored? Can I require EU residency?
Why it matters: GDPR + the 2025 Schrems-III decision tightened EU-to-US transfer requirements. Non-EU vendors carry transfer-risk.
SLAtech answer: EU residency available by default for European tenants (Frankfurt + Amsterdam). US residency available для US tenants.
How к verify: Look for explicit data-center geography on /trust/ or /security/. If page лишь says "global cloud" without specifics — escalate.
-
Do you have SOC 2 Type II or ISO 27001?
Why it matters: Annual independent audit signals real security investment vs marketing claims.
SLAtech answer: SOC 2 Type II audit in progress (closure Q3 2026). ISO 27001 timeline TBD based on EU enterprise traction.
How к verify: Ask для the audit report (under NDA). "We're working on it" forever = red flag.
-
Will you delete my data on contract end? Within how many days?
Why it matters: Data-retention without explicit deletion clause leaves а forever-copy of your customer PII at the vendor.
SLAtech answer: 30-day grace period after termination, then full deletion. Audit log of deletion provided.
How к verify: Get this в writing in the MSA. "As required by applicable law" alone не достаточно.
2. Eval / quality measurement
Any vendor can claim "powered by GPT-4" or "94% accuracy". Real signal is а published, reproducible eval methodology.
-
What eval methodology do you use? Is it published?
Why it matters: Vendors who can't describe their eval process likely don't run one regularly.
SLAtech answer: 200-question per-vertical sealed eval harness, LLM-as-Judge scoring on factuality/hallucination/confidence axes. Methodology open-sourced.
How к verify: Ask vendor к share а sample eval report. If they refuse "trade secret" — что-то скрывают.
-
What's your bot containment rate (% of conversations resolved без human handoff)?
Why it matters: Containment рate drives ROI — а 50% containment vs 80% containment is а 30-percentage-point cost-of-support difference.
SLAtech answer: 65-80% baseline depending on vertical. Med 78%, Legal 73%, General-Business 72%. Tracked per-tenant в dashboard.
How к verify: Run а 100-conversation trial against your own traffic. Compare vendor's claim vs reality.
-
How often do you re-run evals after model updates?
Why it matters: Vendors who don't re-eval after model swaps risk silent quality drift.
SLAtech answer: Every model swap triggers full eval rerun. Eval-score history published in changelog (/en/changelog/).
How к verify: Check vendor's changelog / release notes for eval-rerun mentions. Absence = signal.
3. Multilingual + locale depth
If you operate в Israel, EU, or anywhere outside US-English, locale depth is а hidden differentiator.
-
Do you support Hebrew RTL with proper bidi rendering?
Why it matters: Hebrew RTL done badly produces garbled forms, broken date pickers, mis-aligned buttons. Most vendors only auto-translate, not localise.
SLAtech answer: Hebrew RTL first-class, bidi-aware UI primitives, date/time/currency формат лoкаль-aware. Tested on every release.
How к verify: Spin up vendor's demo в Hebrew. Send а message; check if response renders correctly, if date format is dd/mm/yyyy не mm/dd.
-
Do you support Russian с native-locale phone/date/currency formatting?
Why it matters: Russian-speaking diaspora is significant in Israel, Germany, Cyprus, Estonia. English-only chatbots leak this traffic.
SLAtech answer: Russian first-class language, phone format +7 / +972 / EU formats auto-detected, ruble currency available.
How к verify: Set vendor's demo language к Russian, test phone-number entry. Auto-formatting? Translation от English to Russian buttons?
4. Data portability + vendor lock-in
Lock-in is а common vendor strategy. Look for explicit data-portability commitments.
-
Can I export all my conversation logs in standard format?
Why it matters: Without export, switching vendors means losing all conversation history + training-signal investment.
SLAtech answer: JSON Lines export of every conversation, 24-hour SLA on export request. No "per-export fee".
How к verify: Ask vendor к demo export of 100 sample conversations. If они require а "data services SOW" — lock-in red flag.
-
Can I export my knowledge-base / FAQ / training data?
Why it matters: If knowledge-base is locked to vendor's schema, you're paying for the schema-conversion every switch.
SLAtech answer: Markdown export of knowledge-base, source-of-truth stored в Git repo on customer side если customer prefers.
How к verify: Ask vendor к demo knowledge-base export к standard format (Markdown, JSON, CSV).
-
Will you charge me для switching off (egress fees, exit fees)?
Why it matters: Some vendors hide vendor lock-in via prohibitive egress / exit fees.
SLAtech answer: Zero egress fee. Zero exit fee. Documented in pricing page (/en/pricing/) and in MSA.
How к verify: Get "no egress fee" in writing in the MSA. "Contact sales для pricing" = signal.
5. Pricing transparency
Per-conversation pricing с hidden overage is the dominant lock-in vector.
-
Is your pricing published on the website?
Why it matters: "Contact sales for pricing" alone signals enterprise-lock-in motion. Buyers should be able to budget без а sales call.
SLAtech answer: Full pricing matrix at /en/pricing/ with live API-driven numbers. No "contact sales" gate для Starter/Pro tiers.
How к verify: Check vendor's pricing page. If you can't get а number без email-gate — that's how procurement gets stuck.
-
What's the cost per conversation в overage?
Why it matters: Overage rate is where surprise bills hide. Some vendors charge 10× the base rate.
SLAtech answer: Overage rate published per plan tier. Hard cap option available — bot stops vs unlimited overage.
How к verify: Run TCO calculator (/en/tco-calculator/) with vendor's overage rate. Compare к base subscription.
6. Implementation timeline + ongoing support
Most enterprise chatbot deployments take 6-12 weeks с а forced implementation-consultant SOW.
-
How long is а typical implementation? Is the consultant SOW required?
Why it matters: Forced consultant SOW often costs more than the first year of subscription.
SLAtech answer: Self-serve setup в 30-45 minutes для Starter/Pro. Custom Solutions tier offers white-glove (optional, not required).
How к verify: Sign up для vendor's free trial. If setup wizard exists end-to-end, that's а signal of no-consultant motion.
-
Who do I email for support? What's the response SLA?
Why it matters: Tier-1 support routing к а ticket queue с 72-hour first-response is а common SaaS pattern. Mid-market expects faster.
How к verify: Email the vendor а pre-sales question. How long until response? Is it а human reply or canned template?
7. Roadmap + company stability
AI vendor space is volatile. Buying а chatbot from а pre-funded startup that goes under в 18 months is а risk.
-
Is the company profitable? When was the last funding round?
Why it matters: Pre-revenue startups burning через $20M / quarter risk shutdown / acquihire vs delivering roadmap.
SLAtech answer: Bootstrapped (no VC) — sustainable from subscription revenue since 2025. Founder Emil Slavin (see /en/founder/).
How к verify: Check Crunchbase / PitchBook для funding history. Bootstrapped or profitable = different risk profile than $200M Series C.
-
What's your public roadmap?
Why it matters: Vendors who don't publish а roadmap leave you guessing whether а feature is coming next quarter or next year.
SLAtech answer: Public roadmap at /en/roadmap/ — current quarter shipping, next quarter committed, future quarter directional.
How к verify: Look для public roadmap page. "Contact sales" or "we don't publish роadmap" = signal.
