DISPACE TECHNOLOGY LIMITED

Switch Booking and Event Management System

Switch online booking and events management system for the public sector. Provides external and internal room and facilities bookings and end to end events management tools. Booking services are accessible, have integrated payments processing, CRM with Microsoft integration and full reporting suite for all your booking and events management needs.

Features

• Online booking and payment processing for hiring resources
• Rules based calendar availability and pricing to drive booking
• Built in CRM with email marketing to convert bookings
• Integrated email and SMS service for events management comms
• Automated workflows for booking reminders and task scheduling
• Configurable budgets and events management reporting suite
• Customer portal for self-service on bookings
• Event ticketing for booking one-off events and short courses
• Cloud based with open API for 3rd party service integrations
• Kanban based to-do lists for team events management

Benefits

• Improved lead generation by creating online booking of services
• Improved booking conversion with simple online booking journeys
• Increased revenue from hiring resources with streamlined booking services
• Operational efficiency from simplifying and automating booking operations
• Better credit control using online payments processes and automated reminders
• Free internal booking capacity by simplifying edit and cancel
• Improved prospect and customer management with CRM and promotional tools
• New asset opportunities by digitising availability and optimising sales opportunities
• Clear reporting on booking revenue, costs and utilisation
• Better functioning teams with clear ownership for actions

£199 a licence a month

• Education pricing available

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ross.cox@dispace.co. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

315314309874054

Contact

Ross Cox
07519098299
ross.cox@dispace.co

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements: Up to date Internet Browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Subject to criticality of a ticket, response times are between 1 to 4 hours during business hours (Monday to Friday, 9am to 5pm).; ; Our basic package does not included weekend support but this can be arranged as a premium service based on the purchase of additional hours, charged at £40 per hour.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: No
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: Basic manual checks by zooming in, navigating with keyboard only and viewing in greyscale.
• Onsite support: Yes, at extra cost
• Support levels: We provide full training at the outset, which is recorded and made available to client teams. We then provide annual onsite training thereafter. All of which is included in our standard implementation and licence fees. Our clients have access to our knowledge centre with guides and regularly updated 'how to' video content. They also have access to a peer to peer Slack channel to discuss usability with other clients. We are onsite once a quarter for account reviews and can cover any support issues at these sessions and monthly reviews that are conducted remotely.; ; The value in our software is reliant on our customers understanding how to use it, so we will endeavour to provide the support required to facilitate that.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We fully project manage implementation using a detailed onboarding plan to capture the information required to get the system ready for use. Once the initial system setup is complete, we carry out a full day's onsite training with teams, which is recorded for on demand access as a reminder and to help with new starters. The users then carry out an intensive testing programme to help identify any setup issues and for them to familiarise themselves with using the software in a non-live environment. Once live there is a knowledge centre accessible from within the product containing user guides, FAQs and 'how 2' video content. Live support is also provided through the software.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: General principles are of end of contract data extraction are as follows:; ; · System access and use of web services is maintained for 1 month from the termination date, on a read-only basis.; · For a reasonable fee, all system data relating to the client's customers, bookings and enquiries is provided as a data file extract on the termination date and updated 1 month from the termination date to allow the client to continue its operations; · System access and use of web services will not be available after 1 month from termination, but customer data will be retained for 3 months from termination at which point it will be permanently deleted from our records; ; We shall provide all reasonable assistance and co-operation to clients to ensure the successful transfer of all Customer Data in our possession and control to either the client or to an alternative third party supplier as directed by the client (again, subject to a reasonable fee). This will include providing the client with a complete and secure encrypted and appropriately authenticated download file of all Customer Data held by us as supplier in the format, and on the media, reasonably specified by the client.
• End-of-contract process: Up until the termination date the client is able to download all its data in csv format using the standard functionality of the software. ; ; If, after the termination date or where the client requires a bespoke file format, we can provide a chargeable extract to the client with a complete and secure encrypted and appropriately authenticated download file of all Customer Data held by us in the format, and on the media, specified by the client.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Consumer facing functionality implements a responsive design accessible through both mobile and desktop.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The service interface is a responsive Single Page Application designed and tested to run in most modern web browsers.
• Accessibility standards: None or don’t know
• Description of accessibility: All functionality is accessible trhough keyboard, mouse and where applicable touch screen.; ; Colours and Fonts of public facing sites are all configurable.
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: All functionality provided by the platform is conducted through a rich REST API.; ; Users wishing to make use of the API will bve issued with an API key, from which they can generate an Access Token.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Customers can customise all our web tools using a full white labelling 'no code' interface in the back end to give all customer facing features of Switch a look and feel consistent with the client's brand.; All rules and controls are fully configurable so the client can full control availability, price and customer management of all its services that are available for hire to internal and external customers, i.e. they are able to completely reflect the particulars of their specific operation without having to rely on free text notes and manual data entry.; ; The client is able to integrate Switch with various services (subject to the 3rd party permission and API functionality) including but not limited to Microsoft, cloud account, payments processors, email marketing and business insights software.

Scaling

• Independence of resources: The platform is built upon Microsoft Azure infrastucture, each customer instance is hosted in their own MS-SQL database, which can be scaled to meet demand.; ; Application code runs as a Microsoft App Service which can be scaled up and out.; ; All interaction with the service is conducted through a stateless RESTful API.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export data in a .csv format to be shared and used across their business.; ; Reporting tool outputs can also be exported in html, PDF and Excel formats.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Availability service levels are captured fully in our standard terms and conditions included as part of this application.; ; Performance standards; ; Availability - 98% (measured monthly); System response to ping - <1 second (measured hourly); System responsiveness - <5 seconds to render web page (measured at 3 times during each business day); Generation of single page report - <2 minutes (measured weekly)
• Approach to resilience: The platform is built upon the Micorsoft Azure Environment and implements Availability zones to ensure platform resiliance.
• Outage reporting: Service outages are monitored internally and clients notified by email as required.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to Application Management Interfaces are restricted via a VPN, and User Authentication.; ; The Support ticket system is restricted by user authentication.
• Access restriction testing frequency: Less than once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We have implemented Microsoft Defender for Cloud which performs constinual assesements of the platform against the following security standards.; ; ISO 27001:2013; ISO 27001; PCI DSS 3.2.1; Azure Security Benchmark V3; SOC TSP
• Information security policies and processes: Dispace maintains the following policies...; ; Information Security Policy; Incident Management Policy; BYOD Policy; Asset Management Policy; Access Control Policy; Acceptable Use Policy; ; Policies are reviewed annualy by the CTO and changes are reviewed and approved by the board of directors.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All Applications changes are tracked through a source management solution.; ; Deployment to Pre production and Prodcution envrionments is managed through a DevOps procedure; ; We are currently in the process of sourcing tools to perform vulnerability scanning as part of the DevOps procedure.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: The bulk of the platform infrastucture is Managed and Patched as part of the Managed Service.; ; Microsoft Defender for Cloud reguarly scans the environment for vulnerability issues.; ; Regular Application vulnerability scanning using a third party is currently being implemented.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Monitoring is carried out using Microsoft Defender for Cloud which provides a live dashboard of compliance and raises alerts if a potential threat occurs.; ; Response times targets are 24 hours and Mitigation or resolution within 5 Working Days
• Incident management type: Supplier-defined controls
• Incident management approach: Dispace has a documented information security incident response process, which seeks to provides a framework for reporting and managing: ; ; • Security incidents affecting the information and IT systems. ; • Losses of information; and ; • Near misses and information security concerns; ; Users would be expected to report incidents through the Live ticketing system.; ; The CTO is the Lead Officer responsible for reporting, investigating and taking appropriate action to address breaches of physical security and suspected attempts to gain unauthorised access to secure areas, and for escalating incidents to the Board of Directors.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  We are a fully committed flexible employer and therefore our teams work remotely. This limits required travel time to periodic get togethers rather than having a regular commute into an office space.
• Equal opportunity:

  Equal opportunity

  As a flexible employer we remove the natural discrimination that is a consequence of fixed working hours and travelling to a place of work. We are an output focused organisation and do not stipulate fixed working hours, giving our team more flexibility to balance out of work commitments. Likewise we allow our teams to be remote based, giving them greater flexibility when it comes to how and where they work from.
• Wellbeing:

  Wellbeing

  Our flexible working policy is a central strategy to our business as it creates a more rational, productive operating model that gives teams the environment to do their best work.; ; We are incredibly focused on work / life balance and emphasise output and communication over set hours and days, so that teams are in control of their time and don't have to make personal sacrifices for the sake of being at work at a certain time.; ; We recognise that with fewer time-based boundaries and a remote model of working it is even more important to stay in touch and ensure our teams are striking the right balance between their work and homelife. So we still stipulate a minimum annual leave policy and have team get togethers at least monthly, with the emphasis on building relationships and having fun, not on updating everyone on what you're working on.; ; We have a wellbeing service - Better Space - that we provide our teams credits to use, with them granted the freedom to choose the right products and services for them.

Pricing

• Price: £199 a licence a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ross.cox@dispace.co. Tell them what format you need. It will help if you say what assistive technology you use.