GOSS Interactive Ltd

GOSS Bookings

GOSS Bookings enables users to define, create, build and manage an extensive range of bookable services. Delivered as a cloud-based enterprise platform removing manual processes and streamlining the online customer experience. GOSS Bookings supports services such as Room bookings, local government recycling centre visits, registrars, pitch bookings, events, and more.

Features

• Create flexible intuitive booking processes to control availability and resources.
• Offer wide ranging ticket types, packages and bundles to customers.
• Automated attendee lists and waiting lists.
• Offers multiple integration options such as .GOV Notify and Pay.
• Intuitive administration tools to control rules and restrictions.
• Provides central portal management of citizen/staff bookings.
• Interactive calendars enabling easy viewing and management of bookings.
• Ability to automate staged emails such as provisional, confirmed/cancelled.
• Supports the creation and application of complex charging including discount-codes.
• Add booking plug-ins for specific usage such as Registrars appointments.

Benefits

• Generate additional revenue via ticket sales. Increase efficiency via self-service.
• Increase customer choice and convenience, greatly improving access to services.
• Reduce call volumes freeing up valuable resource and administration time.
• Provide centralised reporting on all your bookable services/resources in real-time.
• Flexible solution that evolves alongside your services delivering digital transformation.
• Promotes local events and functions enhancing community cohesion.
• Efficiently manage bookings in a centralised online environment.
• Efficiently and centrally manage single or multiple bookings.
• Teams/Departments can schedule, monitor and track resource usage 24/7.
• Automated communication capability for delegates & attendees.

£1,675 to £2,850 a licence a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@gossinteractive.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

194940783192347

Contact

Simon Smith
+44 844 880 3637
enquiries@gossinteractive.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Scheduled maintenance applied as per Service Definition. Scheduled maintenance will be agreed as required. Support available for GOSS-trained users.
• System requirements:
  • An appropriate browser such as:
  • Microsoft Edge
  • Firefox
  • Chrome

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support response will vary in line with the Software Service purchased and the incident severity/nature. Responses from 30 mins to 4 hours. UK-based Service Helpdesk open 8am to 6pm Monday to Friday excluding English Bank Holidays for emails, calls, webchat where applicable. Online ticketing available 24/7/365. Hosting Monitoring provided 24/7/365. Please refer to detailed support SLAs in the GOSS Service Definition document.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The GOSS Support provided within the GOSS Cloud Software Service fee includes:; - Service monitoring and maintenance by a team of dedicated Network Support Engineers, maintaining and supporting the hosting infrastructure 24/7/365.; - Application updates automatically applied, or as required by new software releases and relevant to software service level chosen.; - Dependent upon Software Service Level purchased, user support will be provided for GOSS-trained users by either (i) online 24/7/365 ticketing, (ii) office hours email, (iii) office hours Help Desk support, or a combination of these. Incidents are allocated a priority level appropriate to the incident/issue and responded to accordingly.; ; Where applicable, a dedicated Client Support Technician is allocated, however all Help Desk staff are trained to support all clients. An Account Manager is allocated to each GOSS client and will be in regular contact, ensuring ongoing customer satisfaction. Support upgrades and additional support and consultancy can be provided based on a day rate or Service increase if required. ; ; Please refer to the GOSS Pricing and Service Definition Documents.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Project Management: A Project Manager and Account Manager are assigned, and will review any client requirements for specific configuration and support. A deployment plan is generated in agreement with the client which covers the deployment of the requested Cloud Service, together with any optional expansions (modules) and known configuration requirements. The on-boarding deployment process commences, whilst the training consultation takes place to ensure the training programme meets the needs of the range of trainees. Customers are provided a selection of training depending upon their specific needs, with certain training being mandatory. This can include online webinars, onsite training, offsite training. User documentation includes: online context sensitive help and help website, training guides. Help site provided for Cloud Software Service and training guides when training provided. A range of Cloud Support services are available to support a variety of projects.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: As detailed in the online GOSS Client Service Manual, the secure offboarding data extract process will be agreed as part of the Client Exit Plan and agreed within the Client Call-Off Contract. GOSS can provide a data extract in a structured, commonly used and machine readable format. Once complete and after the agreed retention period, data will be destroyed in line with GOSS ISO 27001 information security policies.
• End-of-contract process: The GOSS Exit Plan is deployed as per the Call-Off Agreement in line with GOSS ISO 27001 processes. The Leaver Checklist process actions are performed within the termination period and include: data extraction and transfer, financial settlements, GOSS/support systems access disabled, GOSS internal system updates and decommissioning of servers. Whether an exit occurs as a result of contract expiry or termination, GOSS Interactive will ensure a continued service, as defined in the original contract, is maintained throughout the notice period, that relevant data is held, transferred, returned and destroyed securely, that knowledge and documentation transfer takes place as required, and that costs, timescales, governance and legal requirements are clear and transparent.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The booking websites, intranets or self/assisted-service portals managed using this service are responsively designed so that content including pages and electronic booking forms, will automatically resize appropriate to the device accessing the page, be this a desktop, tablet or mobile device, enabling end customers/citizens to view sites as required.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The GOSS Bookings application is accessed via a suitable browser and used by clients to configure sites/portals with booking information and forms. Staff and customers then use browser-based device responsive & accessible sites/intranet/portals to access, make and manage bookings as required.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: For all products, services and themes, GOSS checks non-functional requirements (i.e. performance, security and accessibility) at various stages of the software development lifecycle; from simple component performance and security testing to large solution-based performance/penetration testing. The testing of mark-up validity (W3C Compliance) and browser/device compatibility helps to make sure the interface is usable for assistive technology users and beyond.; ; Before building solutions, we can run testing sessions with users of assistive technology, to check the design usability by creating prototypes enabling users to click through the designs to see which areas are working and showing alternative solutions (A/B tests). We ensure GOSS solution-managed websites are WCAG 2.1 AA compliant and verify this using various accessibility validators and testers to ensure compliance with the standard. As there are a huge number of commercially available assistive technologies on the market, it would be impossible to test all, so our approach is to ensure compliance with the international standard, that these assistive technologies will themselves support and comply with. GOSS Cloud Software Services include accessible site themes/portals tested to WCAG 2.1 AA, and GOSS clients use a range of assistive technologies to gain access to the websites/intranets and portals.
• API: No
• Customisation available: Yes
• Description of customisation: The flexibility of GOSS Bookings allows an administrator to schedule the dates and times, create packages of tickets in different price bands, host repeat events at different locations, set capacity and availability in the booking options and configure a range of payment providers. Once an event has been scheduled the management interface lets the organiser message bookers and update the event details, including the date, times, capacity, location and package (ticket) availability. Use the GOSS Communications Template Manager to configure email communications.

Scaling

• Independence of resources: The infrastructure allows us to seamlessly increase resources for a particular service or expand the resilience and capacity by adding more virtual machines to the environment. Tenants of the platform are fully segregated using logical security controls, dedicated private networks and dedicated resource reservations. Each individual server and service is carefully calibrated to achieve optimum efficiency and performance. The data of different users is not placed in any shared storage. Services are scaled to meet client transactional volumetric requirements and anticipated growth, in line with the suggested fair usage policy, as detailed in the Service Definition Document.

Analytics

• Service usage metrics: Yes
• Metrics types: Monthly Availability performance reports shared with all Cloud clients. Performance dashboards can be deployed to share performance information: Bookings over time, Attendance over time, Ticket sales over time, Booking summary, Attendance summary, Discounts used.
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Dashboard reports to CSV
• Data export formats: CSV
• Data import formats: Other
• Other data import formats:
  • JSON (Config data)
  • HTML (Email templates)

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: We aim to implement the Transport Layer Security protocol (TLS version 1.2) to protect data in transit for all services and service access. We also apply certificate and TLS hardening best practices wherever necessary.; Where HTTPS cannot be used, such as some connections between our service and 3rd party suppliers (or your own systems) we implement IPSec VPN gateways. IPSec VPN gateways are also used for non-http based integrations.; GOSS can work with individual clients to ascertain and meet protection needs, based on their individual security/service requirements. Please note additional GOSS Cloud Support fees may be applicable.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Data flows and storage from different clients are segregated from one another, flowing across dedicated networks and stored in dedicated locations for each client using security best practices recommended by the cloud provider. All traffic and storage will be kept within the cloud provider’s secure networks and not traverse the internet unencrypted. Any data that is stored outside of the cloud provider, such as offsite backups, are encrypted with industry standard encryption methods such as GPG.

Availability and resilience

• Guaranteed availability: 99.95% site/portal availability with 99.99% network availability. 24/7/365 hosting support. See GOSS Terms and Conditions for Service Credit schedule relating to Site/Network availability.
• Approach to resilience: The GOSS Cloud Services infrastructure is powered by various public cloud providers including Amazon Web Services and Google Cloud Platform, enabling GOSS to deliver a cloud-agnostic, high performance, high security and most of all highly reliable platform for the delivery of client services. Further details on our approach to availability and resilience is available upon request and will be detailed in the online client Services Manual provided to all GOSS clients.
• Outage reporting: GOSS Incident ticketing system is used.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: 2-factor authentication for site registration only. 3rd party (i.e. Google, social media etc) via GOSS Expansions. VPN expansion available. See Pricing/Service Definition for more details.
• Access restrictions in management interfaces and support channels: Management Interfaces are controlled by a powerful and granular user management system. System Administrator can configure a range of users with access to various parts of the Service as required. ; ; Support is provided only to GOSS-trained users as listed in the GOSS Support System. Any system config is subject to the GOSS ISO certified Change Control procedure which requires sign-off by system admin as defined in the GOSS Service Manual.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: Initially 27/7/16 and re-certification on 21/2/22 valid until 2/8/25.
• What the ISO/IEC 27001 doesn’t cover: Nothing, please note that 3rd party hosting service provision is covered by the 3rd party's own ISO 27001 certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: GOSS are certified in ISO 27001:2013 for Information Security Management and ISO 9001:2015 for Quality Management. All GOSS Staff are inducted and regularly trained and assessed in all relevant ISO Information Security Policies and processes as defined in the GOSS Information Security Manual. GOSS employs an ISO Business Manager who (reporting into the CEO) is responsible for ensuring the ongoing training, deployment, enhancement of the company ISO policies and to ensure that all staff comply. Internal and external audits take place regularly to ensure ongoing compliance. The GOSS secure staff Intranet includes links to the GOSS Information Security Manual, information asset list, statement of applicability and other information. There is also secured access to additional information and processes such as the Disaster Recovery Plan/Business Continuity Plan. The Information Security Manual (ISMS) details the company Security Policy, various staff/team responsibilities, risk management, asset management, HR Security, physical/environmental security, access control, operational control, Business Continuity Management. The Senior Management team are informed of any new ISO information/issues which are then shared as appropriate across the various teams - however ALL staff have a responsibility to ensure their actions are compliant with both ISO policies and procedures.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All changes are assessed in line with our ISO 9001:2015 Change Control Process (details available on request), including security issues/risks/impact. Covers major releases, patches and hot fixes as required. All components are logged and managed via Subversion/GitLab; to enable a full roll back to previous versions. Subversion records changes made including user-ID, date and change reason. Code Changes audit trail includes the ability to compare versions across the entire delivery platform including templates, style sheets, JavaScript and application code. Staged deployment process across various environments. Hot fixes may be supplied and deployed as required to address urgent security issues.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: GOSS ISO 27001:2013 process: regularly monitor and scan servers, computers and network for vulnerabilities. Should any be found it is policy to assess for severity, impact and urgency and mitigate the issues as required.; Constant monitoring across all major security bulletins ensures that our Development/Network Engineers are immediately notified should problems arise. Actively review OWASP news feeds to learn, adapt to, implement latest security standards in all GOSS products and services. ; Network Engineers monitor security bulletins from relevant vendors and organisations such as CERT UK, US CERT, Cisco, Red Hat, Microsoft and VMware.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: GOSS ISO 27001:2013 process following industry best practice: Network Engineers monitor security bulletins from relevant vendors and organisations such as CERT UK, US CERT, Cisco, Red Hat, Microsoft and VMware and take positive action where required in line with the GOSS ISO Security Manual. A centralised site availability monitoring system is used to automatically alert engineers in and out of hours, depending on the impact and the severity of the event. An event will automatically get escalated if an on call engineer does not investigate within a certain period of time as per our Incident Management Policy and SLA.
• Incident management type: Supplier-defined controls
• Incident management approach: The GOSS ISO27001 Security Manual details the Incident Management Policy for the management/reporting of security incidents. The objective is to minimise the damage from security incidents and to monitor and learn from such incidents. The process for incident management covers software, hosting or client support related issues including documented call-out procedure and escalation procedure. Support process defines incident priorities and response/resolution timescales. Support service varies with Software Service Level chosen: client incident reporting via 24/7/365 online ticketing system, email or phone during stated helpdesk hours. Incident reports and updates are provided via the GOSS online ticketing and reporting system.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Environmental sustainability is an issue that impacts us all, and as a business we are committed to doing all we can to support this cause. ; Positive environmental initiatives: Policies and procedures are reviewed annually to assess the impact of our environmental performance and what, if any, additional measures can be taken to further reduce or prevent our global environmental impact.; Reducing carbon footprint Our office is powered by 100% renewable electricity. We recently added our first three electric cars to the GOSS car pool to help reduce carbon emissions. We prioritise using video conferencing facilities wherever possible. Since the outbreak of the COVID-19 pandemic, this has become the default option for client meetings as well as our user groups and community webinars. Our remote training delivery has been praised by new and existing clients and will continue where possible. Our hosting partners, AWS and Google Cloud, are committed to delivering carbon neutral hosting for environmental sustainability. ; Decreasing congestion: We ensure flexible hours and working practices are implemented enabling appropriate work/life balance for all to help reduce carbon emissions and decrease congestion, as does the GOSS staff Cycle to Work scheme. ; Minimising waste: GOSS has full recycling facilities within our office, and we securely recycle hardware internally where and when appropriate, to reduce unnecessary purchases. ; Using environmentally friendly goods: GOSS uses only FSC approved paper.; GOSS ensure that new equipment delivers efficient energy use and our practice ensures all workstations, lights, fans and other electrical equipment are turned off at the end of the business day. Servers are powered off when not in use to reduce energy wastage. Our Management Team monitors energy usage on a quarterly basis and identifies any areas where savings can be made.; Please refer to https://gossinteractive.com/social-value for the latest information on GOSS Social Value.
• Covid-19 recovery:

  Covid-19 recovery

  Throughout the pandemic, our clients used the GOSS no-code and low-code Platform to deliver crucial support to their local communities and staff alike, with online services for offering and requesting vital support during lockdowns. The GOSS Platform has been used by a number of Local Authority clients to promote local businesses to their communities, to help encourage residents to ‘shop local’ thus helping support local businesses and to encourage community cohesion. Again throughout the pandemic lockdowns, the GOSS Bookings solution was used very efficiently to easily manage self-service recycling centre bookings for thousands of citizens across the UK. It is also used to manage bookings for a wide range of community events designed to bring people safely together – these have included training, learning and social events.; The low-code and no-code code nature of the GOSS Platform has meant that many clients can easily configure new digital services themselves, with many Local Authority clients still offering online support services to those citizens who are still vulnerable and shielding. The GOSS Platform tools provide CRM-lite capabilities which can be easily configured and customised by clients, to deliver specific case management and online self-service for a plethora of use cases thus reducing inbound calls to the call centre staff. This reduction means the client staff are able to focus on delivering services to those customers who are most in need and less able to help themselves such as the digitally disadvantaged and vulnerable.; The GOSS head office has re-opened for those staff who prefer to work in that environment, however GOSS continues to support the many staff who prefer to work from home, as they have done very effectively, since the start of the pandemic.; Please refer to https://gossinteractive.com/social-value for the latest information on GOSS Social Value.
• Tackling economic inequality:

  Tackling economic inequality

  • Apprenticeships and Student Placements: Based in the vibrant university city of Plymouth, we look to take on local graduates and value the opportunity to work with apprentices and students to provide practical work experience help build their confidence and skills. GOSS regularly hosts students within our wider business. We understand that by supporting these students, we are helping to increase the skills of our local community and also generating possible future employees for our growing business. This year includes a marketing placement under the University of Plymouth Micro Internship Programme. We have 4 students on placement at GOSS across both technical and commercial teams.; • Supporting The UK Digital Skills Taskforce in acquiring skills for the future: GOSS supports the UK Digital Skills Taskforce having previously coordinated and hosted the South-West regional meeting, whereby local businesses and authorities work together to highlight practical solutions to enable UK business to meet the persistent skills gaps by identifying, developing and using home-grown talent.; • Modern and easy to use online capabilities: The very core of what we do is to provide the latest in online digital capability as such the GOSS Platform is continually enhanced to facilitate improved digital transformation for our clients. Our solutions help reduce operational costs whilst delivering an excellent modern online user experience. Accessible forms open up online service requests to all digital citizens. Use of the full GOSS Platform provides integrated self-service and assisted service capabilities, ensuring all citizens (digital or not) can be served efficiently, enabling your staff to focus on citizens who need focussed support. The GOSS Service Directory expansion, allows local businesses to promote their services: see https://www.hillingdon.gov.uk/businessdirectory which is supporting nearly 200 local businesses.; Please refer to https://gossinteractive.com/social-value for the latest information on GOSS Social Value.
• Equal opportunity:

  Equal opportunity

  Accessible customer sites: A key focus for GOSS is, and has been virtually since our inception, ensuring we provide accessible solutions, to enable our client’s customers to self-serve themselves digitally first wherever possible, allowing customer teams more time to support the digitally excluded or disadvantaged.; Local Skills: We believe in providing opportunities for local people to learn digital skills and to gain work experience to help them start their careers in the digital industries. We aim to help build a thriving digital industry in the South West so that together with other local companies, we can work to ensure we retain these skills within the region, thus driving up the local economy.; Supporting The UK Digital Skills Taskforce in acquiring skills for the future: GOSS supports the UK Digital Skills Taskforce and have previously coordinated and hosted the South-West regional meeting, whereby local businesses and authorities work together to highlight practical solutions to enable UK business to meet the persistent skills gaps by identifying, developing and using home-grown talent. ; Apprenticeships and Student Placements: As well as taking on local graduates, GOSS also value the opportunity to work with apprentices and students to provide practical work experience and to help build their confidence and skills within the workplace. GOSS regularly hosts students within our administrative and marketing departments and has also hosted students within our applications development team. GOSS understand that by supporting these students, we are helping to increase the skills of our local community, generating possible future employees for our growing business. A recent example in 2021-22 includes a marketing placement under the University of Plymouth Micro Internship Programme. We currently have 4 students on placement at GOSS across both technical and commercial teams (2021-2022).; Please refer to https://gossinteractive.com/social-value for the latest information on GOSS Social Value.
• Wellbeing:

  Wellbeing

  Charitable Causes: The GOSS 'Great' Team is an internal team comprised of staff across all departments, which manages social and charitable activities for all GOSS staff (and their families). Examples of activities include stock donations for local charity shops, food collections to support the local food bank and other fundraising events. The benefits not only include the direct benefits realised by the users of the charities; they also raise awareness within the GOSS staff community of the needs of their local community and potential opportunities for volunteering.; GOSSfit: supporting staff health and wellbeing, GOSS employees can choose to realise the benefit of an advantageous corporate membership to a local gym studio with a daily lunchtime class schedule for varied fitness classes, in order to support employees in living an active, healthy lifestyle. In addition, GOSS employees can take advantage of our Cycle to Work scheme. Shower and changing facilities are available on site at the office to support our employees in making these choices. ; Supporting employees during COVID-19: GOSS provided loans of a limited number of company laptops and chargers for as long as required during the pandemic to help employees who were struggling with hardware resource at home through lockdown requirement for parents to home-school. The laptops were supplied 'ready to use' with a clean installation of Windows 10 configured.; Flexible Working: GOSS supports flexible working, with many staff choosing to remain working from home since the Pandemic. The office is open for staff who prefer office working, with regular staff engagement events (meetings and socials) to help support effective team working and staff well-being. ; Please refer to https://gossinteractive.com/social-value for the latest information on GOSS Social Value.

Pricing

• Price: £1,675 to £2,850 a licence a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@gossinteractive.com. Tell them what format you need. It will help if you say what assistive technology you use.