PRAXIIS LIMITED

Microsoft Dynamics 365 Marketing

Dynamics 365 Marketing is a marketing automation application that helps turn prospects into business relationships. Create graphical email messages and online content to support marketing initiatives, design customer journeys to nurture leads with personalised experiences, organise, and publicise events, make survey results more actionable.

Features

• Email marketing.
• Customer journeys.
• Behaviour tracking.
• Lead scoring.
• Marketing pages.
• Event planning and management.
• Online surveys and results analysis.
• Real-time marketing.
• Advanced segmentation.
• Social media marketing.

Benefits

• Customisable templates for emails and landing pages.
• Intuitive drag-and-drop design tools simplify content creation.
• Drag-and-drop journey designer to create an automated, multi-channel campaigns.
• Securely share information about leads and contacts across your business.
• Develop a deeper understanding of your market.
• Host webinar events using built in Microsoft Teams integration.
• Use dashboards to track the performance of your marketing initiatives.
• Automated lead-scoring rules that automatically identify your hottest leads.
• Easy-to-create surveys help you gather actionable feedback from customers.

£1,131.20 an instance a month

• Free trial available

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jason@praxiis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

234428666172271

Contact

Jason Daraz
07764480819
jason@praxiis.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Dynamics 365, Microsoft 365 including Excel etc., Power Automate, Power BI, SharePoint, Dataverse, OneNote, Azure and almost limitless third party software with an API.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: The service is designed to be as constraint free as possible. There are minimum requirements for mobile and desktop apps and there may be service limits (e.g. number of data calls) dependent on the purchased license(s). We can advise and support on these matters.
• System requirements:
  • Mobile apps platforms: iOS, Android, Windows
  • Supported browsers: Google Chrome, Microsoft Edge, Mozilla Firefox, Apple Safari
  • Operating Systems: Windows, macOS, iOS, Android

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Response times are based on ticket priority as detailed below:; ; High Priority 1 hour; Medium Priority 2 hours; Low Priority 4 hours; Change Requests 8 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide a single level of support that can be purchased as an annual support agreement which is costed based on the complexity of the delivered solution, or as a pre-paid block of support hours.; ; A technical account manager is provided.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide any level of onboarding depending on requirements. We can offer a full service where we can teach users from the very basics, through to training for more experienced members of staff. Onsite and online training is available and user documentation is also provided.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: Word
• End-of-contract data extraction: Subscription and use of PowerApps does not have to end when the contract ends with our company. Organisations can continue to use the services and products. However, should you wish to extract your data then this is possible a number of ways:; ; Dataflows and PowerQuery can be used to export data to other data sources (in addition to cleaning and transforming it).; Azure Data Factory allows data to be transported in a low-code/no-code approach.; All data tables can be exported manually from the 'maker portal'.; Data can be exported to Excel or CSV from within apps that have been created.; Data export service is available to replicate and export all data to a SQL database.; Power Automate can also be used in some scenarios where appropriate to extract data.
• End-of-contract process: The price of the contract can include licenses in addition to our time for development, training and support.; ; At the end of the contract, your Power Apps tenant remains yours, on going use is subject to continued license costs with Microsoft (and not us unless agreed as part of an ongoing package). All customisations and development remains available for you to use unless otherwise agreed.; ; Unless agreed, migration of data is not included in the price of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The services are responsive and can run on a mobile browser or via a native mobile app downloaded from the Apple App Store, Android Play Store or Windows Store.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: PowerApps (mobile, desktop or web portal) can be customised almost endlessly and can be made to fit with your organisation's or business requirements.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have experience of working with NHS BSA to ensure PowerApps were consistent with WCAG standards. Specifically, the PowerApp conformed to NHS website standards and allowed for use of a screen reader and 'tabbing' through content.
• API: Yes
• What users can and can't do using the API: PowerApps utilises the Dataverse Web API which is a RESTful web service interface that you can use to interact with data in Microsoft Dataverse (the underlying database for PowerApps) using a wide variety of programming languages and libraries.; ; A web API endpoint URL is provided. HTTP requests can be constructed to query as well as create, read, update, delete data. The API can be used to retrieve and execute predefined queries, use functions and actions created inside dataverse, execute batch operations, impersonate another user, perform conditional operations and detect duplicate data. Client-side JavaScript can also utilise the Web API in desktop apps.
• API documentation: Yes
• API documentation formats:
  • HTML
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: By its very nature PowerApps is designed to be customisable. All aspects from the underlying database (Dataverse), to mobile and desktop apps as well as online web portals (websites), Power Virtual Agents (chatbots) and custom AI can all be customised to meet with supplied requirements.; ; Users customise all aspects of PowerApps via a "maker" portal which is available through a web browser. It is also possible to customise using code and third party applications.; ; Any user can be given access to customise based on an organisation's security policy.

Scaling

• Independence of resources: This service is based in the Microsoft cloud with a uptime service level agreement of 99.9%. The numbers of requests that users can make is governed by their license which means that the entire system scales dependent on the number of licenses and what individual users are assigned. The entire Microsoft Power Platform is designed to meet enterprise-level scalability. Service protection limits are in place to guard against malicious behaviour that would otherwise disrupt service for other users.

Analytics

• Service usage metrics: Yes
• Metrics types: Analytics are provided to enable admins to track how many users are using an app, how many active users, which versions of PowerApps are being used, locations of users, errors, service performance (such as response time) and connectors usage. Additionally, API calls, active users can also be monitored through usage metrics.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: ISO 27001/2, SOC 1, SOC 2
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Dataflows and PowerQuery can be used to export data to other data sources (in addition to cleaning and transforming it).; Azure Data Factory allows data to be transported in a low-code/no-code approach.; All data tables can be exported manually from the 'maker portal'.; Data can be exported to Excel or CSV from within apps that have been created.; Data export service is available to replicate and export all data to a SQL database.; Power Automate can also be used in some scenarios where appropriate to extract data.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XLS
  • DOC
  • SQL
  • XML
  • Transformation available for many more formats
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XLS
  • XML
  • SQL
  • Possible to import from virtually any source

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our services are based on Microsoft technologies with a service level agreement from Microsoft of 99.9% service up time. Should the service not be available, a request may be made for a refund service credits. Downtime is the sum of the length (in minutes) of each incident that occurs during a month multiplied by the number of users affected. Less than 99.9% up time results in 25% service credit refund. Less than 99% up time results in a 50% service credit refund. Less than 95% up time results in a 100% service credit refund.
• Approach to resilience: Access to physical datacentre facilities is tightly controlled by outer and inner perimeters with increasing security at each level, including perimeter fencing, security officers, locked server racks, integrated alarm systems, around-the-clock video surveillance by the operations centre, and multi-factor access control. Only required personnel are authorized to access Microsoft datacentres. Logical access to Microsoft 365 infrastructure, including customer data, is prohibited from within Microsoft datacentres.; ; Microsoft employs a variety of safeguards to protect against environmental threats to datacentre availability. Datacentre sites are strategically selected to minimize risk from a variety of factors, including floods, earthquakes, hurricanes, and other natural disasters. Microsoft datacentres use climate control to monitor and maintain optimized conditioned spaces for staff, equipment, and hardware. Fire detection and suppression systems and water sensors help to detect and prevent fire and water damage to equipment.; ; Microsoft online services are regularly audited for compliance with external regulations and certifications, including: ISO 27001/27002 (Azure), State of Applicability Certification, SOC 1 (Azure), SOC 2 (Azure).
• Outage reporting: The Microsoft 365 Admin centre provides admins with a real-time snapshot of all services as well as service health history. Planned maintenance is displayed in the message centre. Additionally, email alerts are provided to admins.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: Dataverse security model supplements authentication: once a user has authenticated with the service, the security model determines which aspects of the system/database they can access, view, update etc.
• Access restrictions in management interfaces and support channels: This service allows certain users to become admins or 'super users'. This service is governed by a substantial and secure security model that allows security roles to be defined at a granular level. This means that only pre-defined users with the relevant security roles can access management interfaces and support channels. Furthermore, access can be limited so that a user may be able to read data but not edit, delete, share etc.
• Access restriction testing frequency: Never
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Description of management access authentication: Dataverse security model supplements authentication: once a user has authenticated with the service, the security model determines which aspects of the system/database they can access, view, update etc.

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI Group
• ISO/IEC 27001 accreditation date: 29/07/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 19/06/2020
• CSA STAR certification level: Level 3: CSA STAR Certification
• What the CSA STAR doesn’t cover: N/A
• PCI certification: Yes
• Who accredited the PCI DSS certification: Coalfire Systems Inc
• PCI DSS accreditation date: June 2018
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • UK G-Cloud
  • UK PASF
  • EU Cloud Code of Conduct
  • European Standards EN 301 549
  • ENISA IAF
  • GDPR
  • European Union Model Clauses

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: Dataverse is the database platform on which all of this service's apps and features are built upon. Dataverse complies with ISO27001 / 27002, SOC 1 and SOC 2. Praxiis operates a "clear desk" policy meaning we do not work with physical documents where possible and no documents are left in view of anyone. Praxiis is aligned with and complies with the requirements of the Information Commissioner's Office. Praxiis employee devices (laptops, phones etc.) are managed using device management software, meaning Praxiis controls those devices and can ultimately remove all data.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: At Praxiis we utilise Microsoft DevOps to track all changes and configuration within the platform. This approach means that we keep a repository of all code and configuration with history and all changes backed up in the cloud. We have deployment pipelines set up to ensure consistency at all points. All our work goes through separate System Test and Test environments before reaching production to enable testing at all stages including regression testing and security impact testing.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: This service is based on the Microsoft cloud-based dataverse platform in Microsoft datacentres located in the UK and other parts of the EU and the rest of the world. Microsoft follow the Security Development Lifecycle that support security assurance and compliance requirements. Dataverse provides and extensive security model that we configure in consultation with you to ensure access is provided only to those who require it. Any security threats or required changes are made based on severity and can be under 24 hours.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Microsoft Dataverse / Datacentres
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are detected and identified to us via a call, email, Teams message, DevOps ticket or other agreed method or automation. Incidents are logged in our internal Dynamics 365 system and graded accordingly to the incident. The incident is subject to an SLA depending on its grade. The incident is assigned to an individual within Praxiis and it is investigated. The incident is then moved to resolved. The person that notified us of the incident is provided a summary of the outcome and what steps were taken to resolve the incident.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Praxiis is committed to fighting climate change. We are a "work from home" business who only travel when necessary when requested by our clients. We use public transport at all opportunities. By using Microsoft technology we are also aligned with their commitments to sustainability such as becoming water positive, carbon negative and zero waste by 2030. Microsoft is committed to processing e-waste on their sites and datacentres that we use for our systems. Microsoft is on track to reuse 90% of its e-waste by 2025.
• Covid-19 recovery:

  Covid-19 recovery

  Praxiis is committed to COVID-19 recovery and we have experience support organisations such as the NHS during the pandemic. We can operate around the clock if required and offer the flexibility to build and support systems in a quickly changing environment. We have effectively delivered solutions to organisations during the pandemic by making use of remote working and utilising our fantastic communication abilities to get the job done.
• Tackling economic inequality:

  Tackling economic inequality

  Praxiis is committed to tackling economic inequality through our policy of rewarding on merit only. Where our staff come from in the UK or what their backgrounds are does not matter to us, if they perform to the level we expect from our consultants, developers and support staff then they are rewarded appropriately.
• Equal opportunity:

  Equal opportunity

  Praxiis is an employer of equal opportunity through our own policy of recruiting based on merit rather than on background. We are committed to helping to train and nurture our staff from whatever background they are from and offering all our staff the same opportunities to train and certify in our industry. We believe we offer people fantastic opportunities and we are committed to being fair and honest.
• Wellbeing:

  Wellbeing

  Wellbeing of the people we employ is our biggest concern when it comes to our staff. This is why we offer our staff the time to train without the pressures of projects during work time, excellent holiday entitlement and healthcare for all. We believe that the wellbeing of our staff contributes to the success of our company and therefore it is at the heart of everything we do.

Pricing

• Price: £1,131.20 an instance a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A 30-day free trial is available for licenses only (this does not include our costs). All features are included as part of the free trial period.

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jason@praxiis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.