tootoot ltd

Stribe

Stribe, a staff survey and employee voice platform, paired with an expert people science team, delivers world-leading technology. We make a significant difference for the organisations we work with, improving employee voice, enhancing culture, and providing valuable insights that create a great place to work.

Features

• Flexible employee surveys - pulse, quarterly, and annual surveys
• Bespoke self-service dashboard: Real-time, overall, directorate/team and demographic reports
• Dynamic surveys automations for onboarding, offboarding and time-based surveys
• Actionable analysis: benchmarks, sentiment analysis, keyphrase extraction, and custom KPIs
• Fully accessible software, regardless of staff location and technology access
• Answer surveys through login, email, app, QR code, or quick-links
• Employee voice messenger, for always-on employee feedback
• Stribe shout-outs for peer-to-peer recognition and motivation
• with iOS and Android apps for dispersed and deskless employees
• Dedicated customer success manager and people science teams

Benefits

• Build surveys that are tailored to your organisation’s needs
• Achieve high survey response rates with simple, accessible surveys
• Create change that matters with actionable insights from tailored dashboards
• Remove the guesswork with simple to use surveys and dashboards
• ‘Message from survey’ and ‘published results’ features continue the conversation
• Measure your culture and values with custom dashboards
• Capture feedback from employees any time with employee voice messenger
• Enhance employee engagement, community, and values with shout-outs
• Work with people scientists to craft effective survey strategies
• Improve key factors such as engagement, retention, and wellbeing

£2.00 to £4.00 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@tootoot.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

303427177501661

Contact

Kieran Innes
07429341542
admin@tootoot.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Stribe is a fully cloud hosted platform that requires internet access
• System requirements:
  • Internet access is required to access Stribe
  • An organisation email address is required to access Stribe

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our team typically replies within a few minutes to initially query.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Screen reader support: the Messenger is accessible via screen readers; ; Keyboard navigation: Every component of the Messenger can be accessed using a keyboard without requiring a mouse or trackpad.; ; Color contrast: all text in the web Messenger is clearly visible when using colors with enough contrast.
• Onsite support: Yes, at extra cost
• Support levels: We include free web chat support, as well as a free support centre filled with articles and walkthroughs covering the entire platform. Phone and on-site support is available at extra cost.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We offer online training, user documentation and onsite training (at an extra cost) to all of our users. Based on our users needs, location and requirement will determine their chosen on-boarding, setup and launch support.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: We will work with users to support their data extraction. This is very easy to do within our platform
• End-of-contract process: We provide guides to extract user data - included in the contract

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The responsive mobile website has full feature parity with the main desktop version. The native mobile apps for iOS and Android have complete feature parity for the day-to-day features, but all user-administration is only supported on the desktop or mobile website.
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: The API is designed for use by the customer organisation only. Using it they can interact will the entire product, if you can do it on the website you can do it in the API.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: We offer white labelling and feature-enabling configuration options.; ; Only the administrator of an organisation can change these options.

Scaling

• Independence of resources: Being hosted on the public cloud affords us the ability to scale our services dynamically with demand.

Analytics

• Service usage metrics: Yes
• Metrics types: We have a fully featured dashboard and audit-trail that provides metrics for the entire tool. This includes but not limited too; the number of users, the number of messages, which resource articles were accessed, average time on page, login reports, who has viewed a page, when they viewed it.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: They can export their data directly in the web interface. They are able to download all user reports in separate PDFs in a single bulk action.
• Data export formats: Other
• Other data export formats:
  • PDF
  • ZIP
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our cloud hosting provider offers a 99.99% uptime which we pass onto our customers.; ; Users affected by availability issues can receive time-credit on their account.
• Approach to resilience: Available on request.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is restricted at an API level using controls set by the customer
• Access restriction testing frequency: Less than once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Security is the first question on our minds when implementing a new feature or process. We ensure at all times that there's an adequate audit trail of all interactions with our servers and product to give transparent oversight. More information available on request.
• Information security policies and processes: We ensure all employees are trained to understand their security responsibilities when working at the organisation.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: New features are assessed for potential security impact by our team and first built on a separate 'staging' version of our product for extensive testing before rollout. Most new features are configurable to be turned off / on if the customer chooses.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: We use a combination of code reviews, extensive server logging and automated tests to assess potential threats. If a bug/issue is found we deploy a patch very quickly to a staging version of our product where we can further test it's working before deploying to production.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: We employ extensive server monitoring software to help identify a potential breach/compromise. We will respond immediately in this instance and identify affected parties. We will then engage our insurers to begin a third-party investigation of the breach if required whilst at the same time communicating the breach to affected customers, taking the service offline if required and patching the compromise.
• Incident management type: Undisclosed
• Incident management approach: We want users to be able to report incidents in any way they like; they can do it by phone, email, live chat.; ; Incidents are handled on a case-by-case basis due to their uniqueness, in each instance though we will provide an update to the original author of the report once an incident has been resolved.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Available on request
• Covid-19 recovery:

  Covid-19 recovery

  We are committed to the Covid-19 recovery response. We have partnered with the Greater Manchester Good Employment Charter where we have led on a number of projects designed to understand the sentiment and response of employees within the Greater Manchester Community. ; ; As part of our investment criteria led by the GMCA, we advocate the creation of new employment and re-training within key priority areas. We also report on new jobs created to our stakeholders on a quarterly basis. We commit to supporting people and communities to manage and recover from the impacts of COVID-19 through our social impact fund. We do this by providing mental health and wellbeing technology to support local children and young people within schools, who need support in voicing their wellbeing concerns. This is interlinked with our commitment to supporting the mental health of people affected by COVID-19, including reducing the demand on health and care services.; ; - We also commit to continually Improving workplace conditions that support the COVID-19 recovery effort, both within our own organisation and the contract organisation. ; ; More information available on request
• Tackling economic inequality:

  Tackling economic inequality

  As part of successfully securing new contracts through the GCloud13 framework we commit to;; ; - Creating new employment opportunities, particularly for those who face barriers of employment and/or who are located in deprived areas.; ; - Creating employment and training opportunities, particularly for people in; industries with known skills shortages or in high growth sectors. This includes those who have a disability. ; ; - We also commit to the Greater Manchester Good Employment Charter and pledge the fair living wage for all who are employed within Tootoot Ltd. ; ; More information available on request
• Equal opportunity:

  Equal opportunity

  As a result of winning new contracts directly through the GCloud13 framework we commit to;; ; - Increasing the representation of disabled people in the contract workforce by directly hiring at least 1 person per new contract. ; ; - Supporting disabled people employed in developing new skills relevant to the contract, including through training schemes that result in recognised qualifications.; ; - Demonstrating action to identify and tackle inequality in employment, skills and pay in the contract workforce. We do this by being a partner of and committing to the Greater Manchester Good Employment Charter (https://www.gmgoodemploymentcharter.co.uk/).; ; More information available on request
• Wellbeing:

  Wellbeing

  We make organisations happier and safer places and one of our key social and business values is to ensure our people and employees are happy and safe. ; ; As a result of winning new contracts directly through the GCloud13 framework we commit to;; ; - Demonstrating action to support the health and wellbeing, including physical and mental health, in both our own workforce and our contract workforce. Our services are designed to directly support the wellbeing, engagement and safety of contract workforces and therefor is integral to our contract delivery. ; ; - Influencing staff, suppliers, customers and communities through the delivery of the contract to support health and wellbeing, including physical and mental health.; ; We also commit to improving community integration by;; ; -Demonstrating collaboration with users and communities in the co-design and delivery of our contracts to support strong integrated communities.; ; As part of our contracts we also provide a minimum of 1 local school to the contract organisation with a 12months funded tootoot license, which is specifically designed to support the mental health and wellbeing of young people within the contracts community. ; ; Each organisation through co-design is able to choose which school they provide their www.tootoot.co.uk license to. This enables us to support the wellbeing of both the contract organisation and its community.; ; More information available on request

Pricing

• Price: £2.00 to £4.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@tootoot.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.