ZYWPEIT SOLUTIONS LTD

Passenger Monitoring Platform - Mobility as a Service dedicated for Smart Cities

We provide a portable Passenger Monitoring Platform that also enables Local Authorities to support residents, engage businesses and drive economic growth in one flexible system. Our Passenger Monitoring Platform connects communities through travel and provides an independent travel solution for vulnerable passengers. We fully adhere to national bus strategy requirements.

Features

• Real time ability to communicate directly with passengers
• Live passenger monitoring for family members/carers
• Real time monitoring and reporting capability
• Full training/account management provided for users, operators and drivers
• Precise passenger embarking/disembarking and vehicle location monitoring
• Built in safety features for vulnerable travellers
• Readers compatible with smart cards, wearables and our passenger app
• Complete real time visibility of driver’s schedule
• Real time route viewer and stop reminders for passengers
• Store and report on COVID tests for passengers and drivers

Benefits

• Additional revenue streams built in for authorities and small businesses
• Efficiency savings from real-time data management, billing accuracy, and forecasting
• Data collection enables effective management of transport schedules
• Ability to perform detailed demographic data analysis of passenger travel
• Passengers can book and pay for public transport remotely
• No requirement for a driver app
• Allows safe, monitored independent travel for vulnerable passengers
• Fully flexible, portable and standalone, no requirement for integration/installation
• White labelled solution allows for full local authority branding
• No obligation pilot offering available

£83.00 a unit a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@zywpeit.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

124315899017036

Contact

SIMON WHAPSHOTT
07793603709
info@zywpeit.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: There are no service constraints
• System requirements: There are no system requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email support will be available during standard working hours (9AM -5PM). We guarantee that client support emails will be responded to within 24 hours, and endeavour to respond within an hour. Priority of support requests can be managed directly through the appointed Account Manager.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Zywpeit provide a standard support package across our entire team. All support is provided at no extra cost. ; ; Our support package provides the client with a Technical / Client Account Manager, who will act as the key point of contact throughout the entire contract. The Account Manager will provide support during initial training and setup and will continue to provide support on an ongoing basis throughout the contract.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Zywpeit will provide the client with full support during the start of the contract in the form of a dedicated Account Manager. This individual will be available during standard working hours for ongoing support, and will manage the implementation of the system with the client, providing support for the initial data upload. We will provide the client with the required number of bespoke readers, which are portable and do not require installation.; ; In addition to an Account Manager, we will also provide the client with a range of resources to support the implementation of our service. This includes both onsite and online training at a range of different levels according to the needs of the client. We will also make documentation available to the client, which can be provided to the end-user if necessary.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: All data recorded in the app, and reporting system can be reported on and extracted when the contract ends. If at any point (including the end of the contract) the user wishes to extract their data, the user can generate reports through our dedicated reporting area within the dashboard, by logging in with an administrator account (which is provided to all clients). Information can be extracted across any time frame in which the service has been active. At the end of the contract, once relevant information has been extracted, the user should contact their Account Manager, who will ensure their data is deleted from our internal system in line with our Data Retention and Deletion Policy.
• End-of-contract process: The end of contract process will be managed by the client's designated Zywpeit account manager. The necessary processes, procedures and infrastructure is in place to delete or transfer data at the end of a contract, depending on the client's preference. Where contract is deleted, the deletion process will be audited by our Senior Management Team, and we will provide deletion certifications upon completion. If data is transferred, we will use a secure file transfer protocol as standard practice (clients should know that we are open to other methods if necessary). Additionally, a Zywpeit representative will collect our bespoke readers. Due to our readers being portable, no formal removal request is required, and the council's vehicles will not need to be removed from circulation for any period of time.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The administrator dashboard can be accessed by any device via Wifi /GSM, We also provide a mobile application to be downloaded by the passenger and/or passenger guardian. The application is used by the passengers to touch against our scanners upon entering/exiting the vehicle. Passengers/guardians can view live transport routes, receive client communications and access local retail discounts supporting local business footfall. Information recorded by the application is uploaded into the reporting dashboard, where passengers travel and location of on/off boarding can be monitored and reported on by relevant parties such as Friends and family or carers and guardians
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Our service has an open API which can be integrated into any service that councils may already use for their public/home to school and SEND transport (for example vehicle telematics systems). The API will be managed by our team, with users making requests to their account manager when they wish to set up/make changes to the service through the API. From the technological perspective, there are no limitations to how users can set up or make changes through the API.
• API documentation: No
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Zywpeit is a white-label service, and both our passenger app and reporting dashboard can be fully customised to meet the needs of the client. This includes the ability to add images of the clients choosing (logos etc.) where needed, and the ability for the user to adjust the colour scheme to co-ordinate with their own branding. ; ; To customise the design of the service, clients must contact their Account Manager, who will work with the client to understand the needs of the user. All customisation will then be performed by our internal team. If at any point in the contract the client wishes to customise the display of their service, they must contact their Account Manager.

Scaling

• Independence of resources: Our data is hosted on AWS servers, which can handle a high data volumes. Our system has also been built to scale to handle high volume simultaneous transactions. The system is regularly load tested to ensure it can handle appropriate usage from our clients

Analytics

• Service usage metrics: Yes
• Metrics types: Using our reporting dashboard, the client will be able to view and report on all data stored within the system covering a wide range of service metrics. An example of, but not limited to, reports that can be generated are the following;; Passenger Capacity, Passenger On and Off Boarding and location thereof, Driver details, Booking, Payments, Reserved passengers on routes, Route detail, Uptake Metrics ; The buyer will also be able to view real time service metrics on both the passenger travel and the vehicles location where our bespoke readers have been deployed.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: All clients are provided with an administrator account. Using the administrator account, users can access a reporting section through the Zywpeit dashboard, which will allow the user to export any data that has been recorded by the system over the contract. The administrator will have access to all data recorded during the time in which the service has been active, and will be able to specify a timeframe as necessary. Reports are displayed within the dashboard, and can be exported to a variety of formats.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We operate at an industry standard SLA of a 99.5% uptime. We are also open to discussing specific SLA's with our clients and do not expect a need to refund users, but will make arrangements regarding refunding as appropriate.
• Approach to resilience: Available on request
• Outage reporting: Service outages are very uncommon for our system. All service maintenance is performed overnight, when transport is not active, and our service would not be in use. In the event that there is a planned service outage, we would notify all customers via email alerts, and ensure that the outage does not affect service operations. ; ; In the rare event that an unplanned service outage occurs, all customers would be notified immediately via a notification through our mobile app and email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Management interfaces and support channels can only be accessed by members of our team with the designated login. 2 factor authentication is also enabled for all staff logins for an additional layer of security, and we maintain a password policy which ensures management logins are changed every 2 months. We regularly monitor access to management interfaces and support channels to ensure only relevant parties have accessed.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Security Governance is maintained throughout Zywpeit through a number of Information Security policies and procedures (all of which are reviewed on an annual basis). All staff complete Information Governance training during induction, and will refresh their training annually. Our Information Governance Lead regularly completes audits across the organisation to ensure data is appropriately handled/managed at every level. We meet all GDPR and Data Protection Act 2018 regulations and measure our performance against the National Data Guardian's Data Security Standards.
• Information security policies and processes: We maintain a suite of information security policies and processes. All staff must read our information security policy and sign to confirm their understanding, and information security processes have been incorporated into staff training programs. The Director performs audits throughout the year to ensure our procedures are adhered to by staff at all times. We have a detailed reporting structure, with issues reported to senior members of the team, who continue to pass on the issue unless they are in a position to manage and solve a problem.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our Change Advisory Board (CAB) manage all changes to the system through a four step process, where changes are assessed, implementation is strategized, the change is approved/rejected and finally recorded in our Change Control System. Whilst assessing the need for a change, a Data Security Risk Assessment is completed by the CAB, who will identify potential risks to the service as well as means to mitigate the risk. This Risk Assessment is revisited throughout the change-process as needed.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We assess potential threats through two means. On a daily basis we perform static code analysis, scanning our code at the beginning of each working day. By performing scans at the beginning of the day, we can identify issues as early as possible, and allow our teams to deploy patches as soon as possible. We also perform automated penetration testing on a weekly basis. In the event that either the daily or weekly security scans identify security issues in the system, they are prioritised on a vulnerability basis, based on the potential damage an issue could cause.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We use several firewalls to monitor incoming communication to both our mobile application and our system. In the event that a compromise is found, our Incident Response Plan will immediately be implemented. Our plan uses a 5 step process where breaches are confirmed, contained, assessed, reported and reviewed. In the event that an incident occurs, it will become our top priority issue and we will dedicate relevant resources to solving the issue. All incidents are acknowledged and responded to as soon as they are discovered.
• Incident management type: Supplier-defined controls
• Incident management approach: We maintain an Incident Management Policy and an Incident Response plan to ensure all incidents are appropriately managed and reviewed within our organisation. End-Users will be provided with a support email to contact in the event they wish to report an incident. If the incident is being reported on behalf of the client, then the report should be made to the Account Manager. Incident Reports will be available on request following any incident that occurs.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Our service inherently combats climate change through a variety of methods. Through implementing our service, public transport becomes an incentivised and inclusive transport option for a wide audience who may have been hesitant to use it beforehand. Zywpeit provides unique promotional opportunities to clients, including discounts and promotions for local businesses, allowing the client to maximise their promotion of transport. Additionally, we can provide options to the client to maximise their efficiency, including the ability plan/forecast the capacity of the vehicles, ensuring that the fleets carbon footprint is minimised. Our service can also be implemented with a number of existing services that are likely in use by clients at the moment, including route optimization software and driver braking trackers.
• Covid-19 recovery:

  Covid-19 recovery

  We can offer our clients a unique option of providing support to businesses within the local community through unique marketing activities. Using our service, the client will be able to communicate directly with their local residents and offer the chance to businesses to market directly to travellers using both the passenger app and the bespoke readers on-board each vehicle. Businesses can also use the system via the client to offer local business discounts and promotions to service users.
• Tackling economic inequality:

  Tackling economic inequality

  By implementing our service, buyers will be able to contribute to their goals of tacking economic inequality within a focused area, that being the area in which they operate. For example, buyers can use our business to directly support small businesses in their local area, using our service to advertise businesses and provide discounts to Zywpeit users. As Zywpeit grows as a business, we will investigate ways in which our recruitment practices can contribute to tackling economic inequality.
• Equal opportunity:

  Equal opportunity

  Equality of opportunity is of the utmost importance to Zywpeit in both the manner in which we as an organisation conduct our operations as well as the service we provide. We maintain an Equality, Diversity and Inclusion policy as well as a Safer Recruitment policy to ensure that all roles within our organisation are filled based solely on the individuals ability to perform in a role. Equal pay is monitored across the organisation, and all staff are paid based on their role in the business. Our service inherently promotes equal opportunity by supporting vulnerable passengers to use public transport independently. Our platform has been specifically designed to ease this process for both the passenger and the guardian as much as possible.
• Wellbeing:

  Wellbeing

  In the modern environment, Zywpeit are aware of the importance of prioritising the wellbeing of both our staff and our users. Our passenger monitoring service offers a unique opportunity for wellbeing to be prioritised within the buyer’s local community. Our system allows vulnerable passengers to travel safely, which is crucial for their mental health. The passenger can be monitored at all times, allowing parents/guardians/carers the peace of mind that public transport cannot normally provide. Additionally, our service has built in SOS features, which allows the passenger to send location information and communication for help instantly to either guardians or police services. This shows the importance we place on the safety and wellbeing of all our passengers. This focus extends beyond passengers and into the Zywpeit team. We conduct regular wellbeing assessments of all staff members, ensuring that their work does not have a negative impact on their life. Whilst such an occasion hasn't happened, in the event that an assessment identifies an issue we have procedures in place to prioritise the mental and physical wellbeing of all staff.

Pricing

• Price: £83.00 a unit a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@zywpeit.com. Tell them what format you need. It will help if you say what assistive technology you use.