Melissa Data Ltd

Data Quality Platform

Melissa's all-in-one ready to use standalone collaborative software platform that can be accessed through the cloud or hosted on-premise. Melissa Unison centralises all requirements for data quality including: UK & global address; name, phone and email verification/cleansing; matching and consolidation data profiling; generalised cleansing, and report analysis.

Features

• Easy to Use and Wizard Driven GUI Interface
• Address, Phone, Name and Email Verification/Cleansing
• Data Profiling and Visualisation
• Matching, De-duplication, Golden Record and Survivorship
• Data Quality Report Generation
• High Throughput Rates and High Scalability
• Multi-User Collaborative Environment
• Flat File, SQL, MySQL, and Oracle Connectivity
• Cloud or On-Premise Availability
• Support for UK & International Data

Benefits

• Ensures only fully verified contact information in your data
• Removal of duplicate records optimise data storage
• Reports provide insight on the levels of data quality uplift
• Profiling reports facilitate data analytics providing insight on data issues
• High throughput rates ensure fast processing
• Access to global data quality
• Reduce issues created by inaccurate or bad data
• Improve customer experience
• Empower Data Stewards to powerful data quality routines
• Maximise and optimise data cleansing jobs through collaborative projects

£950 a user

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info.uk@melissa.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

169289762840823

Contact

Barley Laing
020 7718 0070
info.uk@melissa.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: On-Premise Installation require manual updates for most up-to-date data.
• System requirements:
  • Ubuntu Server (On-Premise Only)
  • SSD Drive
  • Web Browser
  • Internet Access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times are within 3 hours during week days, and by 12 noon for the following work day after a weekend.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard support is 20 hrs a day Mon to Fri. This can be via email, phone or webex. This support is provided for free for the lifetime of the service licence, and includes service training and integration assistance. Standard support is based on a ticketed system and accesses all of our global support agents. SLA's - tailored support packages are available. These vary depending on requirement but can provide response times of within 3 hours 24/7, with named technical support engineers in a tiered escalation process. SLA costs are based on the individual requirements for uptime and support levels.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Initial training sessions with Sales Engineer. Full service start up guidance is available through our online wiki: video guides, technical documentation and FAQs. Onsite, Telephone, Online webex, and Email training is also available.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: This is clarified at the beginning of individual contracts, and is covered in our service Licence and T&C's, Melissa Data conform to the relevant regulations and procedures.
• End-of-contract process: Contracts & T/C's detail the period for which a service is licenced and how it can be used. Licencee's can renew at the end of the agreed initial licence, or stop licencing the service without penalty - as long as no agreed conditions or contractual arrangements have been breached.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
• Application to install: Yes
• Compatible operating systems: Linux or Unix
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Unison uses it's own custom GUI accessed through a browser. It is a wizard driven application for easier project creation with access to past projects and reports.
• Accessibility standards: None or don’t know
• Description of accessibility: Users can access Unison using a standard browser, preferable Microsoft Edge or Chrome
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: Users can consume the service through an API. Full documentation, sample code, examples and technical details are provided. Users will use a Web Portal to determine transaction counts.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The format and integration of the service can be defined by the license holder.

Scaling

• Independence of resources: Unison uses container technology allowing to scale using multiple worker nodes as needed.

Analytics

• Service usage metrics: Yes
• Metrics types: Reporting includes total records processed, processing speeds, data cleansing/uplift reports, data de-duplication reports and data profiling metrics.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Unison's interface has the option to create downloadable zip files for processed data allowing for users to download.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Custom delimited text files
• Data import formats:
  • CSV
  • Other
• Other data import formats: Custom delimited text files

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Services will be available during each calendar quarter at least 99% of the time, measured inside Melissa Data’s data centers.
• Approach to resilience: Unison runs on a mirrored multi-cluster environment, hosted in different data centers. Each data center serves as a backup to one another.
• Outage reporting: Via email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Username and Password are required to access portals. Callers for support will need to provide an encrypted License key or have an email requesting support from an authorized person in the authorized distribution group for the requesting company.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Beyond Security
• PCI DSS accreditation date: 14/01/2024
• What the PCI DSS doesn’t cover: Melissa can attest to testing web service endpoints with the PCI-DSS standard penetration tests, however Melissa does not send or receive financial information.
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • SOC 2 type 1 & 2
  • HITECH

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: SSAE16 SOC 2 PCI DSS HITECH
• Information security policies and processes: Melissa Data's Information Security Policy ensures that information, as defined hereinafter, in all its forms--written, spoken, recorded electronically or printed--will be protected from accidental or intentional unauthorized modification, destruction or disclosure throughout its life cycle. This protection includes an appropriate level of security over the equipment and software used to process, store, and transmit that information. All policies and procedures must be documented and made available to individuals responsible for their implementation and compliance. All activities identified by the policies and procedures must also be documented. Policies will be periodically reviewed for appropriateness and accuracy in reflecting current practices. At each department and/or department level, additional policies, standards and procedures will be developed detailing the implementation of this policy and set of standards, and address any additional information systems functionality in such department. All departmental policies must be consistent with this policy. All systems implemented after the effective date of these policies are expected to comply with the provisions of this policy where possible.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Project compatibility is maintained throughout the lifetime of the service. New versions are periodically rolled out but any deprecated elements are maintained to support existing projects. Changes are communicated well in advance for anything that is user-interface impacting. All planned releases follow a security testing model that is OWASP compliant to ensure security.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Periodic training is conducted to keep all information security personnel up to date with security bulletins and vendor patches. All services are tested using the OWASP framework to ensure security guidelines are followed. Patches are rolled after testing within a few hours to a few days time depending on severity. Information security personnel are briefed by Enterprise Vendors for equipment and antivirus software, Open Threat Exchange and misc. Security professional websites.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Unison keeps track of all user activity including logs-ins, changes to projects, and project execution. With on-premise Unison installation, no data goes outside the network, therefore minimizing any sort of breach to the system.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Logging and audit trails are kept in the log history and are reviewed continuously by the administrators. Users can report incidents directly to the IT staff and reports on outages and or intrusions will be sent out via a special web service bulletin email when an event is detected and when the postmortem is generated and the remedies identified.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  Correct addresses results in fewer delivery issues and associated logistics that cause CO2 emissions

Pricing

• Price: £950 a user
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Full Access to Unison Platform, with restrictions to number of users.
• Link to free trial: https://www.melissa.com/customer-data-validation-platform

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info.uk@melissa.com. Tell them what format you need. It will help if you say what assistive technology you use.