GLADSTONE MRM LIMITED

Leisure Management Solution

Market leading solution to manage diverse leisure facilities. With powerful data analytics operators can make informed decisions to drive operational effectiveness. Combined with flexible payments our solutions not only provide the ultimate user experience but simultaneously work to drive sales and reduce attrition for operators, helping your organisation thrive.

Features

• Dynamic CRM solution for any size leisure facility
• Customiseable, responsive, flexible booking engine for classes, activities and events
• Future proofed consumer Mobile app for iOS and Android
• Advanced Course Management and School Swimming solution
• Powerful Retention Management solution
• Dynamic and flexible Electronic Point of Sale (ePOS)
• Access control management solution and digital check in
• Actionable KPI, data management dashboard solution (Reporting) with mobile app
• Easy to use health outcome and management solution
• Fully integrated Prospecting and Marketing solution

Benefits

• Seamless user and consumer experience with minimal clicks
• Maximise facility income and profit with swift and easy transactions
• Increase revenue through improved booking management
• Reduce burden on staff with friction free self-service
• Enhanced brand management with with our powerful, modern modules
• Efficiency savings from better facility management
• Understand your customer needs
• First class customer engagement; better communications, more purchases, greater utilisation
• Improved data and data access to make informed business decisions
• Get more people, more active, more often!

£125.00 a licence a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dblythe@gladstonesoftware.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

138230513701074

Contact

Deborah Blythe
07881013859
dblythe@gladstonesoftware.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: All updates and patches are managed by using rolling updates, using this model allows us to maintain uptime throughout this process and customer connectivity is unaffected. This model is designed to make sure we have zero downtime.
• System requirements:
  • OS Windows 10 or above
  • Static IP address
  • Good Internet connection
  • Microsoft Remote Desktop Application (if using Plus2)
  • Google Chrome (or another browser)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The application support services provided by Gladstone Customer Services is based on 4 priority levels and the target response and resolution times are provided on a reasonable endeavours basis and are not contractually binding. Each Case will be assessed based on 4 levels of case priority: critical, high, medium and low. The initial response time service targets are as follows: within 30 minutes for critical cases, 1 hour for high, 2 hours for medium and 4 hours for low.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: - 24hour web logging and tracking; - Mon - Friday 7am to 7pm coverage ; - Weekend 10am - 4pm with answer machine service; - An extended support option is available which covers Monday to Sunday 7am to 11pm (POA).; - Dedicated Account Manager to support cases and escalate as needed; - A web-based Password Generator for quicker access to Daily Password and Setup/Supplier codes; - Dedicated training support desk for configuration and user support.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Training will be delivered in a variety of ways – by recorded Webex sessions which are available on Gladstone’s website, live remote training or by group delivery of training on site to the main configurers of SLL or by Webex sessions. Training documentation will be provided along with eLearning and recorded webinars and online help.; ; Gladstone’s e-Learning project is increasing the information available online all the time.; ; A training day is from 10.00 through to 16:00 with an hour for lunch and breaks. A maximum of the 8 identified and selected ‘super users’ is allowed.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: An SFTP user account will be created and passed directly to nominated representative, who will then copy this data across to their own network within a 2-week period. Beyond this 2-week period the account will be deleted, the zip file will also be deleted. Gladstone will place a backup of this database into our normal backup location for a period of a further 4 weeks, after this time the backup will be deleted. The Gladstone Helpdesk and CRM systems will be updated to indicate buyer are no longer a customer and should not be supported with any questions about the system, the exception to this being if help is required in gaining access to the SFTP website for copying their data across. At the end of the 2-week period Gladstone Business Support will contact buyer to confirm that they have a copy of the data and if they have any other questions. Following a further 2-week period any reference to the customer in the Gladstone domain user accounts, files and folders, data backups and websites will be permanently deleted ls of how users extract their data when the contract ends.
• End-of-contract process: Firewall rule on the portal will be de-activated, removing access for users. All user accounts on the Gladstone domain will be de-activated. If applicable, all VPN accounts for remote workers will be de-activated. Any internal or external facing websites will be stopped so they can no longer be accessed. A fresh back of database will be taken and added to a password protected zip file and placed on the Gladstone SFTP website - then above process kicks in.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Access for users on mobile devices is via a browser. The system is designed to render according to the size of device being used. Gladstone also offers a powerful consumer app (progressive web app) which also renders to the device size and is used for booking classes and activities.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Gladstone offers the most extensive API on the market for LMS and is widely used by Gladstone clients across the UK for integration with, but not limited to, web pages, students/staff systems and building; management systems.; ; Gladstone’s new API’s have been re-written from the ground up using the latest .NET core with Cloud first in mind. GladstoneGo is a REST API documented by Swagger automatically. This API uses oAuth2 to authenticate.; ; MWS is a Soap based API and uses username and password-based authentication. Documentation for MWS is provided when the install of this application is completed.; ; Gladstone is consolidating our integration suite to a single set of APIs which will be used by future Marketplace partners to streamline and enhance their own integrations. Gladstone recognises that its strength lies in leisure management, but that many operators have increasingly more diverse needs. As such, Gladstone is open to working with an increasing number of partners across a wide range of specialities, to meet these needs.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: There are multiple layers to customisation within the Gladstone product suite, product configuration and user interfaces. Users with the correct permissions can customise or configure the application and modules from within the appropriate configuration areas. Full training and support is provided where needed.; ; 1) The Gladstone User interface (POS) can be customised with logo and colour theme.; 2) The Gladstone Consumer UI can be customised and branded in line with buyers requirements (corporate branding); 3) The Gladstone Solution is highly customisable. Areas which can be customised down to site or facility level are:; - POS / Till – screens, buttons and ; - Prospecting – flows and data capture; - Contact Management; - Booking sheets - activities, classes and courses (dry/wet); - Health outcome / GP Referral – down to contract level; - Digital Comms – Design, flow and triggers; - Access Control – single multi site / multi screened; 4) Workflows – workflows can be customised to support user experience and improve data integrity.

Scaling

• Independence of resources: Our solution has been tested to accommodate the highest possible user requirement.; ; Our cloud environment splits customers into different pools to limit the impact of this. These pools autoscale based on usage so no single customer can reduce the performance of another. For SQL - all databases have a usage cap so they cannot consume all the resources in the pool.

Analytics

• Service usage metrics: Yes
• Metrics types: Service uptime / downtime reports
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be imported using excel / CSV / IFD.
• Data export formats:
  • CSV
  • Other
• Other data export formats: JSON
• Data import formats:
  • CSV
  • Other
• Other data import formats: JSON

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Gladstone uses Azure to host the cloud platform. We utilise Azure PaaS offerings including Azure SQL which offers a 99.99% availability. At this time Gladstone do not offer an SLA themselves but the infrastructure we use contains resources backed by Microsofts SLA.
• Approach to resilience: The infrastructure is monitored 24/7. Automatic recovery/resolution will initiate on any critical infrastructure failures upon alarm trigger. More details available on request.
• Outage reporting: Gladstone will notify any customers of downtime. We are currently building a dashboard which will be available publicly. We use advanced 3rd party tools which are designed to monitor cloud based applications along with advanced notification tools to alert us of any issues at the point they happen.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: The Gladstone solution can only be accessed by authorised users. This is achieved using multiple authentications methods: IP whitelisting, Active Directory log in and username and password. Remote worker VPN's can be supplied as required for people wishing to access the solution securely outside of the buyer network or using a 4G/5G device.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: IP Whitelisting or VPN (for remote working or offsite working)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: National Quality Assurance (NQA)
• ISO/IEC 27001 accreditation date: 12/02/2021
• What the ISO/IEC 27001 doesn’t cover: All of the controls within ISO 27001 are applied.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: NCC Group Security Services Limited
• PCI DSS accreditation date: 21/04/2022
• What the PCI DSS doesn’t cover: All related services provided by Gladstone are included in the scope.
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Gladstone are committed to preserving the confidentiality, integrity and availability of all the physical and electronic information assets throughout the organisation in order to preserve its reputation, competitive edge, cash-flow, profitability, legal, regulatory and contractual compliance and commercial image.; ; To achieve this, Gladstone operate within the ISO27001 and ISO9001 framework and are fully accredited. The ISMS details the organisation’s direction and commitment to the security of information within the ISMS Scope. For this purpose, Gladstone have a dedicated ISMS Manager that ensures that non-compliances and exceptions are handled as defined in the ISMS procedures.; ; ISMS applies to all areas of our business and offices and includes all Gladstone equipment, whether used on Gladstone premises, client or other networks. Our ISMS considers external and internal issues that are relevant to our purposes, the needs and expectations of interested parties, and the interfaces and dependencies between our activities and those of other organisations.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Full change control will be in place throughout the contract. This will take the form of a request for change document (RFC) which includes timelines, why the change is required, the impact of the change and any additional costs incurred for implementation. In each instance an RFC will be presented to the Project Board to review to ensure clarity on any impacts to the project, costs and timelines, and then sign-off on whether the change is acceptable or not. For the cloud platform, we use Infrastructure as code so all changes are reviewed before check-in and stored in source control.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Annual Pen test is carried out by an independent accredited 3rd party on all external web apps, and internal apps. In addition an RDS breakout test is also carried out. The reports are available.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: The service is audited for all authentication successful and failed. Key event log IDs are also monitored. Applocker is also employed with event log monitoring. Automatic emails are used with the above to proactively alert any suspicious activity.; ; Gladstone are ISO27001 certified and have an procedure specifically for Operations Security IO-12, that outlines how Gladstone deal with logging and monitoring.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Security incidents are reported to our security officer and then actioned in accordence with our ISO27001 process and Data protection legistation.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Gladstone is committed to playing its part in reducing carbon footprint and strive for energy efficiency. We want to play our part in global sustainability and in turn, delivering cleaner greener air for athletes, teams and individuals in their chosen fitness regime.; ; Gladstone has the ambition to reduce its Scope 1 & Scope 2 emissions by up to 50% by 2025 with future plans towards net zero by 2030. ; ; We are now deploying our software solutions using Microsoft Azure to support sustainability and protect our ecosystems. Microsoft have target of Net Zero by 2030.; ; In addition, Gladstone are committed to supporting and following sustainability practices and policy and have taken significant steps towards improving the way we work in this area over the past several years. These goals, objectives and commitment to reducing CO2 emissions are shared with our team and from part of our corporate objectives: ; • Reduction in waste and resource consumption ; • Increase in recycling ; • Reduction in travel
• Covid-19 recovery:

  Covid-19 recovery

  Gladstone understand the pressures of Covid-19 and the long road to recovery. Gladstone did not down tools during the pandemic. We made a choice to continue to support clients throughout the pandemic challenges.; ; To support our clients during and after the pandemic, we pivoted in below areas:; 1) Generated FREE Covid-19 marketing collateral ; 2) Delivered new DD service; 3) Supported with Covid-19 related member actions
• Tackling economic inequality:

  Tackling economic inequality

  Gladstone are proud to be committed to tackling economic inequality and offer each customer a comprehensive social value commitment upon request. This includes but is not limited to:; - Generating employment in local areas - Supporting local careers fairs - Supporting mentoring schemes for local unemployed - Voluntary hours for VCSE's - charitable donations.; ; In addition Gladstone are committed to reducing customer OPEX costs and have developed technology, solutions or services in support of this e.g. transaction service and DD service saving clients on average 30% on fees, and delivering technology for digital transformation to concierge or cashless facilities again reducing opex spend and increasing participation.; ; Gladstone supports and adheres to minimum wage principles.
• Equal opportunity:

  Equal opportunity

  Gladstone is committed to equality of opportunity in all its employment practices, policies and procedures. To this end, within the framework of the law, we are committed wherever practicable to achieving and maintaining a workforce, which broadly reflects the local catchment area within which we operate. No employee or potential employee will therefore receive less favourable treatment due to their race, creed, colour, nationality, ethnic origin, age, religion, gender, gender reassignment, sexual orientation, marital status, membership or non-membership of a trade union or, unless justifiable, disability.; ; Gladstone can provide a copy of our Equal Opportunities Policy upon request.
• Wellbeing:

  Wellbeing

  At Gladstone providing our people with the tools and toys they need is very important to us, ensuring our teams are proud of and love what they do. Quality is key – we recognise and reward our people against results and output, "not" hours worked and time spent in the office.; ; At Gladstone we are all about progression and constantly challenging and developing ourselves as individuals, as a company and ultimately as an industry. Inspiring our industry to innovate and to maximise the part that technology can play in getting more people, more active, more often. ; ; Our solutions provide a shop window for members of the public to freely search, choose and buy services provided by the leisure industry. If we can help get one more person active then we've done something great, if we can help one million additional people get active, then we've done something amazing. ; ; Gladstone is heavily committed to supporting the goals of Public Health England, together with our tight integration and investment with UKactive we are working to create a culture of ‘more people, more active, more often.’ Gladstone has been a Strategic Partner to UKactive since 2018, where we engage at CEO level to help shape technology and open standards in the Leisure Industry to make it easier for operators ; to achieve their goals in the community. In addition, Gladstone has close ties with CLUK, Sport England and Sport Scotland to enhance the benefits of physical activity and community engagement programmes. ; Gladstone launched a Corporate Social Responsibility programme in 2018, working with a well-known national charity to work with our customers and partners to promote and deliver sports and activities at a community level.

Pricing

• Price: £125.00 a licence a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dblythe@gladstonesoftware.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.