BOXXE LIMITED

boxxe Zoom

Zoom is an all-in-one collaboration platform that makes connecting easier, more immersive, and more dynamic for people and businesses. Our team chat, phone, meetings, omnichannel contact centre, whiteboard, workspace, and AI solutions help hybrid teams collaborate and get more done.

Features

• AI-powered collaboration platform that streamlines your communications and improves productivity
• AI seamlessly integrated across the platform
• Simplified video conferencing and messaging across any device
• Feature-rich cloud phone system for organizations of all sizes
• Omnichannel contact centre for prompt, accurate, and personalised customer experiences
• Instant Messaging tool designed to streamline communications between users
• Drive communication and engagement via a leading employee experience platform
• Affordable and user-friendly video conferencing rooms
• Powerful, all-in-one platform to create virtual events, webinars, and experiences
• Developer platform and existing library of over 2,500 integrations

Benefits

• Single unified communication platform for the cloud
• AI Companion included across platform at no additional cost
• Single admin console to ensure fast deployment/scalability
• Frequent updates - hundreds every year
• An easy and intuitive user experience for fast adoption
• Easy administration with powerful user reporting and dashboard
• Development releases can be managed through MSI
• Technical support available 24/7

£12.99 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@boxxe.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

188857824274267

Contact

Gemma Franklin
07704551950
tenders@boxxe.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Not applicable.
• System requirements:
  • Internet connection – broadband wired or wireless (3G or 4G/LTE)
  • Speakers and microphone – built-in, USB plug-in, wirereless Bluetooth
  • Webcam or HD webcam - built-in or USB plug-in (optional)
  • HD cam or HD camcorder with video capture card
  • Virtual camera software for use with broadcasting software
  • See more here: https://support.zoom.com/hc/en/article?id=zm_kb&sysparm_article=KB0060748

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support Hours are 24x7, including public holidays, where agents or technical engineers are available for email or live support. ; ; Target Response Time for a Support Ticket will be the time (a) commencing when Zoom receives a proper Support Ticket from Customer and (b) ending when customer receives notification that the Support Ticket has been logged. For Pro, Business, API or Education plan subscribers this will be:; Priority 1 - Urgent: 1 Hour; Priority 2 - High: 4 Hours; Priority 3 - Normal: 24 Hours; Priority 4 - Low: 24 Hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: Not applicable.
• Onsite support: No
• Support levels: We understand how important Zoom products are for keeping our clients connected. We offer several options so customers can choose the support plan that best meets your organisation's needs: Access (included with licensing fees), and Premier and Premier + (options available for an additional fee). Each programme offers access to a wealth of support tools and expertise, including 24/7 access to our Global Support Centres and the Zoom Learning Center, local language support, and Zoom status notifications. Additional support options, such as priority response, will vary based on account type, user type, and how the account is configured.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Customers will have access to Zoom's Customer Success Advisors. Starting with the onboarding journey, the CS Advisor team guides where customers can get started with learning via the Zoom Learning Center and various support guides. Once our customers are live on their Zoom solutions, this team provides proactive digital deliverables to help customers drive adoption and maximize their investment in Zoom. Our Customer Success program is focused on ensuring customers achieve the value they expect throughout their Zoom journey. This approach enables faster response times with group knowledge for better and more efficient support. Self Service Offerings also include: Zoom Learning Center (Learn anytime, anywhere and expand your product knowledge), Zoom Community (get involved, become a leader, and connect with other Zoom users and customers), Zoom Support (find answers to your product questions in our many articles and training materials, or contact the support team for technical assistance), and Webinars (attend onboarding webinars to learn about best practices and get the latest information about the Zoom platform).
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Upon contract termination, Zoom deactivates all user IDs related to the customer account and any saved data is deleted. Therefore, the customer will have to download any recorded meetings prior to their termination date by visiting their online user profile, navigating to their recordings and downloading selected recordings to an alternate source.; ; Zoom has a data retention standard that details how data is deleted when a customer terminates service (i.e., purged on day 31). Furthermore, our Data Protection Standard states how Zoom must sanitise media. Zoom has a process for records retention to ensure that Personal Information is retained for no longer than necessary to fulfill the obligations or meet legal retention requirements.
• End-of-contract process: Reports and recordings can be exported via the Zoom web portal as required.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems: Android
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: See the link below for a comparison of features between the Zoom desktop clients, mobile apps, web client, and Zoom Web App:; https://support.zoom.com/hc/en/article?id=zm_kb&sysparm_article=KB006552
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: The Zoom API is the primary means for developers to access a collection of resources from Zoom. Apps can read and write to the resources and mirror some of the most popular features available in Zoom Web Portal such as creating a new meeting, creating, adding and removing users, viewing reports and dashboards on various usage, and so on using the Zoom API. Depending on your app’s use case, you can choose from our various APIs and implement the features accordingly. All APIs under the Zoom API are based on REST architecture and are accessed via HTTPS at specified URLs. The base URL for all requests is https://api.zoom.us/v2/. The complete URL varies depending on the endpoint of the resource being accessed. For instance, you can list all users on an account via a GET request to this URL: https://api.zoom.us/v2/users/. Within our API reference pages, you can send test requests and view responses. You can also view the code for the request in various languages such as Python, Node, Java and more. With each release, we add additional APIs and enhancements to meet the needs of our customers.
• API documentation: Yes
• API documentation formats: Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Zoom offers a number of opportunities to customise the service. Zoom’s App Marketplace brings together integrations, apps, and bots built by Zoom, third-party developers, and oftentimes our own customers, making it easy for Zoom users to extend the power of Zoom for any business need. The Zoom App Marketplace hosts over 2,500 apps and integrations for our solutions. In addition, Zoom’s APIs allow for a robust extension of the core Zoom product and apps can read and write to the resources and mirror some of the most popular features available in the Zoom Web Portal such as creating, adding and removing users, viewing reports and dashboards on various usage, and so on. Experienced developers can choose to leverage Zoom’s SDKs to incorporate the Zoom experience into their own application. Lastly, role-based access control enables the creation of custom user roles that have a set of permissions that allows access only to the pages a user needs to view or edit.

Scaling

• Independence of resources: Zoom’s unique architecture allows us to quickly and easily scale to meet demand. We maintain excess capacity in all aspects of our infrastructure to accommodate growing business, healthcare, and education needs and to meet peak usage requirements. Our proven infrastructure supports billions of meeting minutes a month and our architecture is built to handle growing levels of activity, as our unified communications platform is architected from the ground up to address the most technologically difficult aspect of communications: video. Our modern cloud architecture gives our platform its trademark reliability, quality, and scalability.

Analytics

• Service usage metrics: Yes
• Metrics types: The Zoom Dashboard allows administrators on the account to view information ranging from overall usage to live data relating to Zoom solutions. This data can be used to analyse issues that may have occurred as well better understand how users are intreacting with the Zoom platform within your organisation.
• Reporting types: API access

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: Zoom

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Reports and recordings can be exported via the Zoom web portal as required.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: SLAs are addressed in Zoom's Master Services Agreement (MSA) and may include 99.9% uptime, excluding excused downtime (maintenance).
• Approach to resilience: Zoom web services leverage AWS high availability infrastructure with multi-region configuration operating in Active/Standby mode. For realtime communications, Zoom leverages multiple Tier 1 data centers running in Active/Active mode.
• Outage reporting: Zoom posts any general incident announcement and other announcements including scheduled maintenance, outages, updates, through our status page at status.zoom.us. For incidents affecting a specific customer, Zoom will notify the account owner and administrator(s) through email or as specified in fully executed agreement.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Management interfaces are accessed via user name and password derived from integration via SSO or user name and password stored in a salted hash. Interfaces are accessed based upon role based access control (RBAC).
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Schellman & Company, LLC
• ISO/IEC 27001 accreditation date: 04/01/2024
• What the ISO/IEC 27001 doesn’t cover: Not applicable.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 20/01/2023
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: Not applicable
• PCI certification: Yes
• Who accredited the PCI DSS certification: Schellman & Company, LLC
• PCI DSS accreditation date: 10/08/2022
• What the PCI DSS doesn’t cover: Not applicable.
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • SOC2 Type 2
  • TRUSTe

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Cyber Essentials, Cyber Essentials Plus, SOC2 Type 2, GDPR, TRUSTe Certified Privacy

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Change triggers for unique processes and controls are: Code, Database, Infrastructure, Data.; ; Weekly meetings held to request changes that need to be performed during maintenance windows. Change requests are presented, validated, and scheduled. Changes are approved by the Change Manager. Implementation in production should not be by the same individual who developed the change. When staffing levels do not permit this separation, management oversight and approval of the change and testing process ensure appropriate processes are followed. Dev and test environments are physically and logically segregated from production. No customer data is used in testing.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Zoom has a formal Vulnerability Management Plan in place. Zoom performs monthly vulnerability and web application scanning using an external party (Qualys). Scan reports are reviewed by our Security and technical teams and discussed with the engineering and development teams. Validated findings are tracked in our JIRA system throughout remediation.; ; Zoom has a monthly patch cadence. Zoom will patch all applications, workstations, and servers (virtual or physical) with all current operating system, database, and application patches deployed in our computing environment according to a schedule predicated on the criticality of the patch. Maintenance/patching typically will have no service downtime.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We have monthly vulnerability and web application scans. Findings are reviewed and validated by our technical and engineering team. Vulnerability rated on severity level and tracked using our JIRA system. Vulnerability fixes are release from our engineering team and follow our formal change management process for deployment to production. Zoom also has DDoS monitoring and Managed service in place. Affected traffic are diverted and filtered through a scrubbing centre.; ; Zoom responds to incidents as defined within our SOC2 report available upon execution of a mutual NDA.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Zoom communicates the incident response policy to internal and external users and instructs users to contact their supervisor and the information security representative if they become aware of a possible security breach. When a potential security incident is detected, a defined incident management process is initiated by authorised personnel. Incidents are tracked through the tracking application, which includes the corrective actions implemented in accordance with the defined policies and procedures.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  boxxe is committed to supporting environmental protection and improvement and to delivering and influencing environmentally conscious solutions to address the critical issue of climate change, focusing on achieving net zero greenhouse gas emissions and influencing all stakeholders towards environmental protection and improvement. ; Our latest Carbon Reduction Plan, available on our website confirms we are carbon neutral across all sources of emissions through investing in the Carbon Exchange-Traded Commodity. We aim to reach Net Zero by 2050 at the latest through emissions reduction initiatives e.g. renewable electricity procurement and supplier engagement.; Environmental protection is embedded in everything boxxe does and offers and we are proud to have been named as a finalist in the Best Value Chain Initiative category at the CRN Sustainability in Tech Awards 2024. ; We maintain an accredited ISO 14001 Environmental Management System covering the entire scope of our business, and our goal is to be recognized as the UK’s most sustainable IT reseller and service provider.; boxxe is committed to adopting, promoting, and implementing the principles of a Circular Economy and have developed a Circular Management Plan which articulates our strategy for waste minimisation and the enhancement of material reuse and recycling in our operations and the products we supply. This underscores our dedication to environmental stewardship, resource efficiency, and sustainable growth, driven by innovative and accountable resource and waste management practices.; We ensure that our supply chain is aware of and understand our environmental policies and we work with them to manage and continuously improve their environmental performance. We prioritise the purchase of recycled, recyclable, or re-furbished products and materials where these alternatives are available, economical, and suitable.; We conform to WEEE regulations and seek to sustainably reduce, reuse, and recycle, to ensure we and our customers minimise the impact of IT waste on the environment.

  Covid-19 recovery

  The COVID-19 pandemic fundamentally changed boxxe’s ways of working, leading us to implement a fully remote workforce to maintain customer service and operational functionality during the crisis. This transition enabled us to develop and implement a "Work from Anywhere in the UK" policy. By allowing our employees to work from any location, we have broadened our recruitment reach, enabling us to attract the best talent regardless of their geographic location. This approach has reduced barriers to inclusion, enhanced employee retention, and supported a healthier work-life balance. Additionally, remote recruitment strategies have allowed us to target candidates from areas particularly impacted by Covid-19, thereby positively contributing to their local economic recovery.; Recognising the significant skills shortages highlighted by the pandemic within the IT industry, we have taken proactive steps to retain and enhance our workforce's capabilities. We encourage continuous training and development in our employees' respective fields of expertise. Experienced staff and external specialists provide mentoring, offering a hands-on learning experience that ensures the effective application of newly acquired skills. Moreover, we are committed to inspiring the next generation by inviting local youth to experience the day-to-day life of our tech teams and organising regular hackathons and think tanks for soon-to-be graduates, providing them with career guidance.; Building on our pandemic experiences, we have developed a robust business continuity plan, ensuring that we are well-prepared to maintain uninterrupted service in the event of a similar crisis. It is worth noting that during the height of COVID-19, our strategies allowed us to maintain seamless business operations, underscoring our resilience and adaptability in challenging times. This foundation not only prepares us for future challenges but also reinforces our commitment to innovation and excellence in a post-pandemic world.

  Tackling economic inequality

  boxxe is committed to addressing disparities in employment, skills, and pay within our workforce and across our supply chain. Our ‘Work from Anywhere in the UK’ policy allows us to recruit the best talent regardless of their geographic location, removing barriers to inclusion, improving retention, and promoting a healthier work-life balance. By enabling staff to work remotely, we foster collaboration and create more equitable opportunities for all potential and current boxxe employees.; To address the skills shortages in tech industry, we invest in our staff’s continuous in-work skills development, facilitating career progression and helping retain talent. All staff have access to on-demand learning opportunities, available irrespective of role or seniority. We provide funding for a variety of training programs: specialist vendor/industry accreditations and professional qualifications. Experienced staff provide mentoring, ensuring that newly acquired skills are applied effectively.; We are dedicated to maintaining a robust and diverse supply chain by actively supporting SMEs, startups, and specialist suppliers. We invite these partners to collaborate with us, providing them with a route to market and guidance on best practices in industry and environmental, social, and governance (ESG) standards. Moreover, we have created the boxxe Community, where every employee can contribute 11½ days each year to support community and social value activities. We prioritise a local-first approach to giving, ensuring that support reaches grassroots charities and local causes where it is needed most. This includes our involvement in the 'Graduation to Employment' programme where experienced personnel volunteer to provide career coaching to university graduates.; Through the boxxe Academy, we offer apprenticeships and seasonal internships to encourage the next generation into IT. We welcome interns and apprentices to our customer service, HR, service delivery, and service delivery teams, providing them with all-round experience to kick-start a career in tech.

  Equal opportunity

  Equal opportunities, and our dedication to DEI are rooted in our mission to Making Tech Human.; boxxe is committed to a workforce that reflects diverse populations with the skills to drive a compassionate and inclusive culture and a genuine sense of belonging. We embed inclusivity, celebrate uniqueness, and foster collaboration to eradicate inequalities in employment, skills, and pay in our workforce and our supply chain.; Recruitment is focused on inclusivity and fairness, encouraging diversity in ethnicity, gender, sexuality, and socio-economic backgrounds by anonymising our candidates, concentrating on the alignment of their skills and experience, reducing conscious or unconscious bias. Our Competency Framework gives employees clear guidance on progression and developing the necessary competencies for higher level roles, integrating both technical and behavioural aspects in a Skills Matrix, and mapping out potential career paths. We offer online training and invest in our staff’s professional qualifications. Our annual pay review maintains market-aligned salaries, and we are a certified Real Living Wage employer. We offer enhanced, inclusive family policies including maternity, parental, and fertility-treatment paid leave. ; We hold Flexa accreditation and operate a ‘Work from Anywhere in the UK’ policy which enhances accessibility for candidates facing barriers to inclusion, bolsters retention and facilitates a healthier work-life balance. We are a Level 1 Disability Confident Committed employer, aiming to achieve Level 2 by 2025. We actively address underrepresentation, particularly women in tech, and racial inequality as a founding member of Technology, Community for Racial Equality. We are proud of our advancement of female leadership, recognised at the CRN Women & Diversity in Channel Awards 2023. Our involvement with the Stonewall Diversity Champions reflects our dedication to LGBTQ+ allyship. ; As a silver accredited Armed Forces Covenant member, we work to help create employment opportunities for ex-service personnel and support staff who are military reservists.

  Wellbeing

  boxxe’s Wellbeing Strategy, built on direct feedback from our employees, reflects our dedication to prioritising our workforce’s mental, physical, social, and financial wellbeing. This holistic approach recognises the importance of a comprehensive support system for overall health, satisfaction, and effectiveness of the workforce. We adhere to the Mental Health at Work Commitment and incorporate elements from the Thriving at Work guidance, despite being an organisation of less than 500 employees. This includes tailored mental health support, financial advice and low interest support loans, an EPA, occupational health support, and counselling services provided in-house by Mental Health First Aiders.; We champion a healthy workplace environment through the Mindful Business Charter, which emphasises removing unnecessary stress and promoting mental wellbeing with strategies including smart meetings, respecting rest periods, and mindful delegation. This charter serves as a guideline for all employees on small, practical changes to safeguard personal and colleague health.; To encourage open discussions about health, we foster a supportive culture where physical and mental health issues can be openly discussed, creating a safe space for employees to express concerns. We encourage our staff to participate in the boxxe Community programme, which has been shown to positively impact physical and mental wellbeing.; Our proactive engagement with the workforce includes regular wellbeing surveys, specialised training for managing stress at work, and comprehensive health benefits that cover physical and mental resources. We promote active lifestyles through incentivised physical activities, and we maintain health and safety standards in line with our ISO 45001 accreditation. We ensure wellbeing extends to our supply chain through our Supplier Code of Conduct, emphasising the importance of ethical standards and worker health and wellbeing, demonstrating our dedication to fostering a culture of health and wellbeing across all facets of our operations.

Pricing

• Price: £12.99 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Zoom provides a free Basic license that includes some of the features and functionalities of paid user licenses with a 40-minute meeting limitation, and basic, limited functionality. For further information please see the following link:; https://zoom.us/pricing
• Link to free trial: https://zoom.us/signup

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@boxxe.com. Tell them what format you need. It will help if you say what assistive technology you use.