Plinth
Plinth supports organisations who deliver programmes in partnership with other organisations, such as Holiday Activities and Food Programmes, Community Grant programmes, Short Breaks, Family Hubs, Youth Programmes and many others. Using the latest technology including Artificial Intelligence (AI), we help you to gather insights and meet all reporting requirements.
Features
- Real time reporting on KPIs
- Volunteer recruitment and brokerage
- Measure outcomes with standard surveys
- Combine local data with public open data
- Online booking platform for events and rooms
- Customer and case management
- Quantitatively and qualitatively estimate social value
- Grant management system
- Record and store resident information and make referrals
- Artificial Intellince (AI) enhanced tools and assessments
Benefits
- Reduced admin costs on monitoring
- Single view of residents across multiple programmes and organisations
- Reduced risk of data breaches across organisations
- Cost savings through improved use of resources
- Greater choice and visibility for residents
- Integration with other information to understand true impact
- Fast implementation
- Allows residents to self serve reducing admin costs
- Intuitive and modern design meeting accessibility requirements
- Increased visibility of impact across programmes
Pricing
£15,000 to £60,000 a licence a year
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
2 7 7 4 9 2 7 5 1 3 4 4 2 0 8
Contact
Time to Spare
Tom Neill
Telephone: 07411495842
Email: tom@plinth.org.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- No
- System requirements
-
- Web Browser
- Internet Access
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
On weekdays, the median response time for a support inquiry using our live chat is 15 minutes.
Our support is not guaranteed at weekends. - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
- We use Intercom for our live chat, so rely on their testing for accessibility.
- Onsite support
- Yes, at extra cost
- Support levels
- As a small team, all our support is delivered by the core members of the team that wrote the software. We charge a daily rate for significant support requests, but will make small changes/bug fixes for free.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
For buyers, we provide an onboarding call with a member of our team and can do an in-person demonstration. We will also support with the onboarding of all third party providers part of the programme.
We have user guides in the form of video tutorials hosted on YouTube and detailed step-by-step written guidance in our help centre. - Service documentation
- Yes
- Documentation formats
- Other
- Other documentation formats
- Video
- End-of-contract data extraction
- This can be done on request in CSV or JSON format.
- End-of-contract process
- Data extraction in CSV or JSON format comes included. Anything else is an additional cost.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The reports and analytics cannot be accessed from the mobile service.
- Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- Yes
- What users can and can't do using the API
-
To set up with the API, users can contact our development team to get access to an API key.
They can use the API to access data on:
- website visitors
- locations of services
- bookings made for services
- members registered to different services
- recorded attendances at different services - API documentation
- Yes
- API documentation formats
- HTML
- API sandbox or test environment
- No
- Customisation available
- Yes
- Description of customisation
-
Public bodies (the buyer) can customise the service by requesting custom dashboards, analysis and themes.
Customers are able to customise database fields through a form builder style GUI
Scaling
- Independence of resources
-
We view our service as having 2 potential scaling bottlenecks and we have taken steps to address each one.
1) Database access - we use a "global-scale" NoSQL cloud database that is very robust to heavy read and write loads.
2) Hosting - we use a multi-cloud serverless hosting service, so that our hosting will scale automatically to increased requests.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
We can report on two different forms of metrics, information on programme delivery and information on platform usage.
For programme delivery, we are able to report on:
- Number of individuals reached
- What services used
- Length of time being supported
- Number of notes recorded
- Attendances
- Outcomes
- Survey responses
- Bookings made
All of these can be broken down by characteristics of the resident that can be pre-defined by the customer (including geographic lookups).
For platform usage, we are able to report on:
- Feature usage
- Number of logins
- Time spent on platform - Reporting types
-
- Real-time dashboards
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Staff screening not performed
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Physical access control, complying with CSA CCM v3.0
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
Some views or reports have a built-in CSV export.
For other specific details, an export can be requested using our live chat service. - Data export formats
-
- CSV
- Other
- Other data export formats
- JSON
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
We are able to enter into service level agreements with individual customers on a case by case basis.
Where the SLAs are breached, we will refund customers for the value of the length of time that the contract has not been fulfilled. - Approach to resilience
- Available on request.
- Outage reporting
- Email alerts.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- All our management interfaces are restricted at account level. They require access to be specifically granted to each new team member.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- Less than 1 month
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
-
We take security very seriously. With all security we take the following approach:
1. Risk assessment of the nature of the data and the type of processing we are doing.
2. Ensure that appropriate policies and safeguards are in place to mitigate these risks, if not, we will not continue with the processing.
3. Continuously monitor security risks and how we are dealing with them and conduct regular audits and updates to mitigate them.
4. Continuous training and planning for if an incident were to occur. - Information security policies and processes
- We maintain a detailed breach policy available on request and ensure that we are fully GDPR compliant.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- We use Git and Github for our version control and to integrate with our build and deploy system. This enables us to test and preview each change before it's made publicly available and to monitor our dependencies for security vulnerabilities.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- We deploy patches to our service as soon as we are able, usually within the day. We use Github's security vulnerability alerts to monitor our dependencies, and we proactively work internally to find security vulnerabilities in our software.
- Protective monitoring type
- Undisclosed
- Protective monitoring approach
- We respond as quickly as possible to any identified compromises.
- Incident management type
- Supplier-defined controls
- Incident management approach
- We maintain a version-controlled internal document of all incidents. For users affected by incidents, we send out an email alert within 48 hours of being made aware.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Tackling economic inequality
We offer a free version of the tool to charities and community groups working in this area to support them to be more effective in their work.Equal opportunity
We offer a free version of the tool to charities and community groups working in this area to support them to be more effective in their work.Wellbeing
We offer a free version of the tool to charities and community groups working in this area to support them to be more effective in their work.
Pricing
- Price
- £15,000 to £60,000 a licence a year
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- We provide a free version with limited features. No data sharing across organisations is possible in the free version and we are unable to commit to any SLAs
- Link to free trial
- Plinth.org.uk