Free Rein Limited

Event Management System

Free Rein has created a series of flexible and powerful Event Management System (EMS) to allow the full implementation, management and running of websites focussed on event registration and attendee communication. Handles roadshows, multi-session, multi-venue, conferences, networking and breakout sessions. Multi-language option. Secure hosting and payment gateway.

Features

• Based on flexible Content Management System (CMS)
• Event microsites – choose banners, colour scheme, content structure, forms.
• Payment options and closed user areas
• Online delegate sign-up and registration
• Event Management - booking limits, invitation lists, registration codes
• HTML plain text emails or SMS alert option
• Mailing lists, invitation lists, target lists or static data files
• Real-time Reporting – Email delivery,
• Open, Click-Through, Forward, Print, booking and reserves
• Feedback forms and follow-up communications

Benefits

• End to End attendee management
• Download attendee information in multiple file formats
• Import contact information for event invites improving the customer experience
• Multiple contact triggers leading up to the event
• Promoted and cross-sell event add-ons increasing revenue
• Manage multiple events from a single administration dashboard
• Fully customised WYSIWYG editor interface
• Multilingual and multi-location capabilities

£95 a unit an hour

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@free-rein.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

309219225423063

Contact

Alex Addison
01473 810002
contact@free-rein.net

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Working Hours: 60 minutes; (Monday to Friday excluding bank holidays from 9 am to 5 pm); ; Outside Office Hours: 4 hours; (Monday to Friday 5pm to 9 am); ; Weekends: 4 hours; ; Bank Holidays: 6 hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: N/A
• Web chat accessibility testing: The web chat is currently undergoing testing and validation.
• Onsite support: Yes, at extra cost
• Support levels: Support is available generally Mon - Fri 9am - 5pm to solve any user issue or technical problem to registered users. If we get repeated questions we would rather solve the cause than the symptom.; Optional support at other times.; Each client has a dedicated user/semi technical account manager.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Users supported initially with recommended onsite training (couple of hours desk based), then online manual and optional webinars for specific needs.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Part of the contract closure arrangements include Free Rein extracting all data required and confirming what data, and when, it can be safely destroyed.
• End-of-contract process: Data extraction and safe disposal of data not required. Any design or content files are managed during the contract into the clients own safe keeping.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Length of scroll to view whole page contents; Reduced detail in table presentations and media lists in a single screen
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Standard on some configurations. Activated as add-on on case by case basis with access to sandpit for client developers.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Number of standard versions all of which can be customised to expand to campaign management, extended communication (e.g. SMS), XML feeds and CRM support

Scaling

• Independence of resources: Managed cluster loading of virtual servers – most automated except under DDOS conditions where manual intervention often required.

Analytics

• Service usage metrics: Yes
• Metrics types: All event data is reported on dashboard and in personal reports.; Automatically link to Google Analytics with client access.; Optional self-generated reports to client requirements. Reports on demand in any format
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Controls to initiate and manage contents of the data exports are provided by the web interface when enabled and access conditions are satisfied.
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 100% availability excluding planned and emergency maintenance.; Refunds automatic as double proportion of the monthly or annual contract, no claim required.
• Approach to resilience: Further detail available on request.
• Outage reporting: Email alerts available on a request for subscription basis

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Systems are initially created with a core group of users from the client organisation who will act as administrators and manage all other users in compliance with their own internal policies.; User capabilities are determined by the roles they have been assigned and the privileges granted to each role.; Support channels are limited to authorised individuals who will be granted appropriate permissions. No external management is available on support channels.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Essentials
  • We don't store payment information in the cloud services

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials accredited moving up to Plus en route for IASME
• Information security policies and processes: The ISMS contains policies and processes that are critical to provide assurance that data is handled consistently and securely. These cover all aspects including asset management, application usage, accounts, emails, storage devices, access controls, and the handling of data.; Procedures exist to ensure actions comply with the defined policies and what to do in the event of non-compliance.; In the event of a suspected incident, the IT manager (or nominee) is responsible for authorising access to equipment, services and data to allow investigations to proceed.; Wherever possible, policies are enforced by automation but in many cases manual intervention is necessary. In these situations procedures define the process required to ensure each policy is being followed and the frequency the process is to be executed.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: On receipt of a documented change request, a risk assessment is performed to determine the potential effect the change will have on system components, security and running costs.; Changes will then be implemented in a controlled test environment, where testing and reviews can performed. All changes are be retained within source control.; Once approved, changes will be announced and documented as required before release.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: OS and application patches are constantly monitored and when available they will be assessed and implemented. For critical patches an emergency process is in place to action quickly.; Announcements of potential threats and exploits are received through numerous notification services including CVE databases and OS maintainers.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Networks and systems are monitored for abnormal performance and resource usage which may indicate a potential attack or system malfunction. Automated alerts are sent when defined thresholds have been reached.; Activity logs are retained to allow for forensic analysis of actions if an issue arrises.; AntiVirus software is used to scan incoming files and emails to the environment with regular full system scans as an extra measure.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents can be raised by users through the support channels or from the automated monitoring systems, all of which have a process to be followed.; Many incidents can be handled either automatically or manually by help desk staff but for complex or time critical incidents, specialist technical support staff will be assigned to ensure a timely resolution.; Incident reports will be made available upon request.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Covid-19 recovery:

  Covid-19 recovery

  The original purpose of Events Finder (created for BEIS) was to help Government support any organisation running B2B events to grow and reach new markets. Locally, or sector, focussed implementations can really extend those benefits.; Each of the regional Events Finders have been used extensively to support organisations running economic recovery and Covid-19 responses.
• Equal opportunity:

  Equal opportunity

  The solution is internet, browser based which then opens up non-geographic dependent employment/selection of candidates. The system presents a centralised view of your website allowing your team to share management with other departments.; Extensive roles and security group access controls allow administrators to look after groups or individuals as they develop confidence and skills without compromising data. Additional moderation and workflow features help manage a user's growth and trust extended as their skills develop.

Pricing

• Price: £95 a unit an hour
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@free-rein.net. Tell them what format you need. It will help if you say what assistive technology you use.