Kanto Elect

Balloting Services

Kanto Elect offers three services, all of which start with and use our intuitive online customer interface: Postal balloting, online balloting and hybrid balloting.

Features

• Bespoke ballot building
• Dedicated customer services
• Robust security (ISO27001 and data controller accreditation)
• Real-time ballot management

Benefits

• Error and bias elimination
• Positional advantage elimination
• Postal and online balloting, or hybrid

£250.00 an instance

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Thomas@kantoelect.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

168006556788287

Contact

Thomas Borwick
02077769000
Thomas@kantoelect.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No constraints.
• System requirements: No requirements.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: An account manager is assigned to each new client. All services can be found in our Pricing Book which is attached to the main digitalmarketplace page. We are also available to contact if you have further questions.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Our system was designed with ease of use and a user-first approach. As such onboarding is a simple and intuitive process carried out independently through the Kanto Elect online portal which guides the user through the setup process. We can receive data through our secure .csv upload or API service. ; ; Our intuitive system and two-step approval process make sure you and your team are fully in control of the ballot process.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Our policy is to render data “beyond use” following the Information Commissioner’s guidance. This stops access to the data from Kanto Elect’s Amazon AWS cloud within 30 days of the termination date.
• End-of-contract process: There is no charge for the off-boarding process. All collected data will be sent to the client in a CSV (Excel spreadsheet) format. This will be password protected and the client will be responsible for ensuring all data is safely handled thereafter. ; ; It is then the client’s responsibility to confirm they have received all the data required. In accordance with Kanto Elect’s policy to minimise security risks, staff at Kanto Elect do not actively track the data stored..

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: A simplified weblayout
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: Our intuitive online ballot building experience gives clients real control over the creation of their ballots. For the first time they will be able to create truly bespoke ballots to their own specifications.

Scaling

• Independence of resources: Our services scale as needed with no limit on additional available resources required to meet demand.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data is exported upon request, depending on the type of data.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Included within our Services Definitions and Terms and Conditions.
• Approach to resilience: Available on request.
• Outage reporting: In the event of an unexpected app outage the client will receive the following information, dependent on the length and severity of the outage:; ; 15 Minutes or Less Outage; No formal action will be necessary to inform of an outage, but an email may be sent at a later time to inform the Client of the outage; ; 15 Minutes or More; The Client will receive an automated email, informing them of the incident. An explanation will be sent to the Client following the resolution of the issue. ; ; 1 Hour to 3 Hour Outage; The client will receive an email giving them a detailed update of the problem and the estimates we have to fix the issue.; ; 3 Hour to 24 Hour Outage; An email will be sent to all clients giving them a detailed update of the problem and the estimates to fix the issue. ; ; If there is a planned outage for any maintenance we will inform the Client a minimum of 48 before a planned outage. However, if there is a serious fault which needs rectifying, Kanto Elect reserves the right to begin the process at any time with minimal warning.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Secure login page.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BAB
• ISO/IEC 27001 accreditation date: 09/03/2015
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All security policies are outlined in our annual ISO 27001:2017 certification.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Monitoring is based on risk and risk evaluations are undertaken. Additionally, performance is monitored through internal audits and management reviews to ensure the effectiveness of the management system.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: In accordance with our Risk and Opportunities processes, we have assessed any typical/likely Information Security threats based on their potential effects on Confidentiality, Integrity, and Availability attributes.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: In accordance with our Risk and Opportunities, risks are assessed for any typical/likely Information Security threats based on their potential effects on Confidentiality, Integrity, and Availability attributes.
• Incident management type: Undisclosed
• Incident management approach: We follow all ISO 27001:2017 processes.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  We provide digital ballots with our online solutions. We also provide paper ballots, that are recycled after the balloting process is complete.
• Covid-19 recovery:

  Covid-19 recovery

  If the government changes its advice to businesses in relation to COVID, the business will revert to the below response:; ; Some staff may get ill with Covid. Some for as long as a month but maybe longer. All Staff have been offered support during this time and we encourage them to follow government guidance at all times. ; ; We review this policy every 6 months.
• Tackling economic inequality:

  Tackling economic inequality

  We promote democracy and participation across all backgrounds and we ensure our tools do not prohibit furthering inequality.
• Equal opportunity:

  Equal opportunity

  Our grouping of companies is equal opportunity employers.
• Wellbeing:

  Wellbeing

  All staff are offered the opportunity to join the company's health insurance policy which includes mental health support.; ; The company also ensures that well-being training is offered to all staff on an annual basis.

Pricing

• Price: £250.00 an instance
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Thomas@kantoelect.com. Tell them what format you need. It will help if you say what assistive technology you use.