Umbraco CMS Development, Upgrades, Support and Maintenance
GrowCreate is an Umbraco Platinum partner, with many years of experience delivering high-quality Umbraco CMS solutions. Our certified developers possess in-depth knowledge of Umbraco, complemented by excellent technical and management skills. Our services include website development, migration, user experience and support.
Features
- Umbraco architecture, design, build, support, maintenance and training
- Umbraco Platinum Partner
- ISO 27001 Cyber Essentials. Microsoft Gold Silver Partner.
- Responsive Umbraco web design and user experience (UX) design
- Integrate CRMs and other systems
Benefits
- Umbraco websites meeting W3C WCAG 2.1 accessibility standards
- Umbraco CMS hosting on Microsoft Azure
- Umbraco Platinum and contributing partner providing open source Umbraco CMS
- Certified Umbraco developers based in UK
- Umbraco CMS solutions developed using Agile Scrum
- Customisable Umbraco editing, content creation and Azure cognitive search tools
Pricing
£675 to £1,500 a unit a day
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
1 6 5 0 0 2 8 3 9 8 0 0 8 7 0
Contact
GrowCreate Limited
Ainsley McWilliams
Telephone: 01844393962
Email: ainsley@growcreate.co.uk
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Primarily extended Umbraco CMS to meet client needs
- Cloud deployment model
- Public cloud
- Service constraints
- No constraints
- System requirements
- No specific system requirements
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Normal Business Hours: Monday-Friday (excluding national holidays)
Office Hours: 09:00 – 17:00 (Monday-Friday)
Standard response within 1 hour. Custom support is also available outside normal business hours. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- No
- Web chat support
- No
- Onsite support
- No
- Support levels
-
We offer Business (£975 + VAT per month) and Enterprise (£1,950 + VAT per month) support packages. Our recommended package will be dependent on the complexity of your solution.
We provide fixed-price technical support, governed by a Service Level Agreement (SLA). Our Business Support programme is for websites with some integrations or advanced functionality. The support programme covers Priority 1 and Priority 2 issues on your website, including maintenance, security patches, and managed hosting.
Our support and hosting package gives you access to a proactive monitoring service by an infrastructure specialist. Every month, our Support Engineer will review your solution and ensure it is maintained. Our service includes:
Service Level Agreement,
Unlimited bug fixes,
Ticket Management,
Website Maintenance,
Performance, Technical SEO, Accessibility monitoring,
Umbraco Licences,
Optional Retained Hours,
Dedicated Account Manager,
Azure Support Contract with Microsoft,
Umbraco HQ Support,
Out-of-hours Support Options. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
- This is highly dependant on the needs of the user and will be discussed on a case by case basis. GrowCreate engages with customers to undertake full scoping and onboarding activities.
- Service documentation
- No
- End-of-contract data extraction
- The method of data access depends entirely on the user's needs. We can either provide access for them to extract data themselves or supply copies of the data based on their preferences. We do not retain client data at the end of a contract and always strive to accommodate the user's needs in obtaining their data.
- End-of-contract process
- The term of the Contract shall be in force from the Start Date until terminated by either party in accordance with the Contract. Upon contract termination, all included services are deactivated and decommissioned. The customer can request any required data from the solutions before service termination. Such requests will be coordinated and fulfilled as needed prior to the contract's end.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Our solutions are developed with a mobile-first mentality, ensuring optimal performance and user experience across all devices.
- Service interface
- No
- User support accessibility
- WCAG 2.1 AAA
- API
- No
- Customisation available
- Yes
- Description of customisation
- We offer custom front-end and back-end web development services. We work closely with our clients to determine the project scope, taking into consideration their unique requirements and business goals. Our approach is rooted in the Agile methodology, which promotes adaptive planning, evolutionary development, early delivery, and continuous improvement, ensuring that our clients are involved every step of the way, from initial planning to final implementation.
Scaling
- Independence of resources
- Appropriate scaling of application resources for the level of expected traffic and continuous monitoring of application availability.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Usage metrics can be configured as per customer requirements
- Reporting types
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- Never
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Custom export process can be built on demand
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- Json
- Tsv
- Data import formats
-
- CSV
- Other
- Other data import formats
- Custom to client requirements
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
- Typical service availability is 99.95% The SLA offered would depend on the type of service being provided and would be agreed at the start of the contract.
- Approach to resilience
- Available on request
- Outage reporting
- Outages are available on request
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
- VPN access. 2-factor authentication. Username and Password
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- No audit information available
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Citation ISO Certification
- ISO/IEC 27001 accreditation date
- 07/10/2020
- What the ISO/IEC 27001 doesn’t cover
- None
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
We follow all recommended best practices to ensure all data in our care is
protected from unauthorised access and theft, that personal data is protected
above all else, and that our clients remain compliant with GDPR and other
regulations.
We are ISO 27001 certified and have a well-established Information Security
Management System (ISMS) in place that ensures our data’s availability, integrity,
and security is monitored and maintained. Our ISMS policy details our approach to
Information Security and how we access and manage risk, while our client data
privacy notice details the way we handle data and use it to provide services and
business operations
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- GrowCreate manage change through bespoke process and systems. Some of these tie to our ISO27001 standard and are audited externally annually. Other tried-and-tested change management processes are refined with our customer based over the years,
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- GrowCreate is an ISO27001 accredited company and all our systems and processes link through this framework.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- GrowCreate is an ISO27001 accredited company and all our systems and processes link through this framework.
- Incident management type
- Supplier-defined controls
- Incident management approach
- GrowCreate is an ISO27001 accredited company and all our systems and processes link through this framework.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
Fighting climate changeFighting climate change
Grow Create is a Net Zero web agency dedicated to implementing environmental best practices wherever practical and within available resources. Adam Weston holds overall responsibility for compliance at Grow Create, reporting to the board on the performance of the Quality (9001), Information Security (27001), Environmental Management (14001), Health & Safety frameworks, and suggesting areas for improvement.
We manage and report our use of energy, water, and chemicals, and fully comply with local environmental regulations. Currently, we source 100% renewable electricity and have SMART targets for reducing energy usage and waste.
Whenever possible and practical, we source from suppliers with robust ethical and environmental practices, such as Apple and Microsoft, who provide comprehensive reports on their environmental impact.
We encourage staff to consider the environment in all aspects of their work, promote the use of public transport among employees and directors, and provide visitors with public transport options to our offices. Lastly, we're committed to improving energy efficiency in our workplace.
Pricing
- Price
- £675 to £1,500 a unit a day
- Discount for educational organisations
- No
- Free trial available
- No