Dig Inclusion Ltd

Hugr: Accessibility auditing software

Hugr provides further assistance to clients who need ongoing support and dynamic delivery of audit-testing procedures.
This can be used by your team or with our testers to follow a guided testing methodology for WCAG 2.1 accessibility audits, support consultancy and solutions.


  • Everything you need to perform an accessibility test
  • Support available from accessibility experts when needed
  • Cloud based for easy collaboration
  • Team or Enterprise license available
  • Use Hugr framework or build your own
  • Easy team management for multiple teams
  • Test against accessibility guidelines including WCAG 2.1 and Section 508
  • Library of code solutions
  • Real time reporting of issues
  • Ability to allocate tasks


  • 20 years accessibility knowledge built in
  • Access to our comprehensive knowledge base
  • Access for multiple teams and sites
  • Ability to manage team and access rights
  • Raise tickets for consultancy support
  • Solutions linked to issues for ease of use
  • Guided testing methodology


£0 a licence a month

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sarah@diginclusion.com. Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

1 0 8 0 7 3 0 0 3 4 0 5 1 1 2


Dig Inclusion Ltd Sarah Ronald
Telephone: 07903688521
Email: sarah@diginclusion.com

Service scope

Software add-on or extension
Cloud deployment model
Hybrid cloud
Service constraints
Accessibility support helpdesk limited to Monday - Friday 8am - 5pm
Currently this works on desktop and not responsive, although this feature is planned for the first quarter of 2021.
System requirements
None: Software as a service

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Monday - Friday between 7am - 3pm - Within 3 hours
Weekends and all other times would be next working day
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Teams and Enterprise solution available with support, with onsite and remote support at additional cost.
Remote support from £90 per hour plus VAT
Onsite prices start at £750 per day plus VAT and expenses
Both Account Manager and a Cloud support engineer provided to support
Support available to third parties

Onboarding and offboarding

Getting started
Both remote and onsite training can be provided, although support is not anticipated for team licenses onboarding and guidance documentation is built in.
Onboarding sessions can be organised.
Community forum provides additional support for users.
Service documentation
Documentation formats
End-of-contract data extraction
All reports can be exported in multiple formats .Docx .pdf and .HTML
End-of-contract process
Rolling monthly subscription options available, no end of subscription costs.
You have the option to pause your subscription, and keep your reports stored subject to GDPR data retention policies or you can delete your account and all associated reports are deleted.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Designed for use on mobile devices
Service interface
User support accessibility
WCAG 2.1 AA or EN 301 549
Customisation available
Description of customisation
Users can create their own test methodology and create bespoke solutions.
White label service is coming expected 4th quarter of 2020.


Independence of resources
Hybrid cloud infrastructure allows for automatic scaling.


Service usage metrics


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Reports can be down loaded as .docx .pdf and .HTML
Data export formats
Other data export formats
  • .docx
  • .pdf
  • .HTML
Data import formats
Other data import formats
Not in scope of the product

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Planned maintenance and downtime to be scheduled outside 9-5 GMT Monday to Friday.
Uptime guarantee not normally required however an 8 hour response time is provided and full backups are kept.
SLA can be provided on request.
Approach to resilience
Employs Google cloud services and Kubernetes to provide load balanced service.
Service is monitored.
Outage reporting
Service status page with email alerts.

Identity and authentication

User authentication needed
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Users can manage their team members, individuals access levels and remove team members themselves.
Multiple access control levels defined.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Less than 1 month

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Details can be provided on request.
Information security policies and processes
Infrastructure is managed by a third party.
Our Information Security Policy can be provided on request.
All policies are reviewed annually as a minimum and signed off by a Director.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Technical decisions are defined and approved at a management level before development. Development is managed through GitHub, All changed are subject to automated testing and require review and approval from two or more people before integration to mitigate any potential vulnerabilities and maintain code quality.
Vulnerability management type
Vulnerability management approach
Regular Internal auditing, bug fixes and patches, all tested within a test environment before deployment.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Sensitive data such as passwords are stored using industry standard encryption.
All services are monitored and if a compromise is detected services can be instantly suspended.
Incident management type
Supplier-defined controls
Incident management approach
Constant monitoring internally plus the Hugr community where issues can be reported to us by users.
All incident reports are responded to via the forum for transparency depending on the severity of the incident.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks

Social Value



The aim of the Mental Health and Wellbeing Policy is ‘To create an open and inclusive culture that supports the wellbeing of all’. Dig Inclusion’s responsibilities towards employees include:

- Ensuring that information on mental health is readily available; including access to the Mental Health and Wellbeing policy, annual training, and inductions for new starters.

- Employing a Mental Health First Aider(s) to provide thorough, confidential support, and ensuring that managers carry out regular reviews to touch base with employees.

- Issuing clear responsibilities and realistic targets, and offering flexible and reasonable working hours.

- Taking a hard line against workplace discrimination of any kind, including (but not limited to) racism, sexual harassment, and bullying. We aim to ensure that all employees feel able to speak up, and to foster good and healthy communication between employees.

- Providing an Employee Assistance Programme (EAP) with access to counsellors, and providing Wellness Action Plans for individual use (to be reviewed annually). These Wellness Action Plans are confidential, and are only required to be shared with the Mental Health First Aider.

- Not discriminating against anybody experiencing mental ill health, including new applicants, and current employees who take leave due to their mental health. A gradual and supported return to work will be offered for any such employees.

- Prioritising confidentiality, and discussing any issues in a considerate, sensitive manner. Information regarding an employee’s mental health will only be shared with their prior consent (unless in emergency cases where there is a risk of harm).

It is the responsibility of employees to raise any issues or concerns for themselves or others, and seek appropriate support from their line manager or the Mental Health First Aider. To ensure its relevance, the Mental Health and Wellbeing policy will be reviewed every twelve months.


£0 a licence a month
Discount for educational organisations
Free trial available
Description of free trial
One person license is free.
Team options are paid for.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sarah@diginclusion.com. Tell them what format you need. It will help if you say what assistive technology you use.