Cinolla Activity Centre Software
A Booking Platform for Activity Centres, Outdoor Education Centres and Country Parks. The system includes unique group booking management features and includes CRM, Resource and Staff management.
Supports facility hire and memberships.
Features
- Bookings platform including online booking and payments
- Group bookings including activity scheduling
- Staff rotas, allocation and qualifications
- Customer relationship management (CRM) functionality
- Email sending and receiving using powerful templating
- Powerful Custom Forms module including worfklows
- Resource management
- Flexible memberships module
- Facility hire and accommodation bookings
- Extensive pre-built report Library
Benefits
- Eliminate disconnected spreadsheet with a single source of data
- Online rota simplifies communication with staff
- Online booking frees up your customer service teams
- Easily review customer correspondence from a booking
- Group booking features can streamline important participant information
Pricing
£4,320 to £7,200 a unit a year
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
3 2 3 7 3 5 2 8 4 0 9 6 2 1 5
Contact
CINOLLA SOFTWARE LIMITED
Sales Team
Telephone: 01202 937620
Email: hello@cinolla.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- NA
- System requirements
- Service constraints are managed by Cinolla
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Please refer to our Terms of Service Document
- User can manage status and priority of support tickets
- No
- Phone support
- No
- Web chat support
- No
- Onsite support
- No
- Support levels
-
Core business support is provided via email support between 9am and 5pm Monday to Friday (excluding bank holidays).
Users can access our Knowledge Base for information on specifics of using our platform.
Screen-share calls are available on request to help customers make the most of the platform.
Our team monitor the general availability of the platform 24/7. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Our team will work with customers via an initial series of screen-share calls to ensure the customer understands the capabilities of the system and how to best configure the system to meet their requirements.
Our Knowledge Base can be used for detailed instructions on how to use specific functionality of the system. - Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
-
There is a screen to enable an account owner to run a series of exports for most of the data in the system.
Data stored in files or customer data not available via the export screen will be provided by Cinolla within 1 month of the end of the contract. - End-of-contract process
-
Cinolla will assist the customer to ensure they have their exported data (upon request).
Cinolla will delete the data from the system within 60 days of the end of the contract or sooner if requested by the customer.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
Mobile support is focussed on end customer user to enable online booking via mobile.
Desktop version is focussed on internal users. - Service interface
- No
- User support accessibility
- WCAG 2.1 A
- API
- No
- Customisation available
- Yes
- Description of customisation
-
An administrator of the system can customise a variety of setup options including price tariffs, resource setup, line items, email templates, custom forms.
For the online booking there are options around data capture required for each course/event/item sold. The basic colour scheme can be chosen plus detailed CSS overrides can be added. The menu structure of the online booking portal can be customised.
There are options to customise the generated documents also (booking confirmations, receipts, invoices) and other fully bespoke documents.
These customisations are all done via the administration screens, access to which can be controlled via custom defined system roles.
Scaling
- Independence of resources
- Our service runs as a single common platform across all customers, we use granular auto-scaling, multi-zone availability and detailed monitoring to ensure a reliable service to all users.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
For online booking portal, it is possibly to add your own analytics or tracking to your booking portal to allow analytics to be visible in your chosen analytics provider.
We don't provide analytics for internal users usage, but we do have audit trail logging of actions users take.
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Many of the Cinolla reports provide either CSV or PDF or both as export formats
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
Cinolla has a stated availability of 99.5% excluding downtime caused by Scheduled Maintenance, Emergency Maintenance or a Force Majeure event.
This availability has been met every year for the last 3 years.
We do not offer refunds for any outages. - Approach to resilience
- Available on request
- Outage reporting
- Cinolla use email to communicate with customers with regards to either any planned maintenance or unplanned outages.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
- Access restrictions in management interfaces and support channels
-
Authentication via username, password and two factor authentication.
Authorisation of users is achieved via system roles which are assigned to users. The customer can create and configure system roles to suit their business needs. - Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- Self Assessment
- PCI DSS accreditation date
- 13/07/2023
- What the PCI DSS doesn’t cover
- NA
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- Follow ISO27001
- Information security policies and processes
-
Cinolla follow policies and processes in line with ISO27001.
These policies and processes are used seek continuous improvement in our security posture.
Any identified issues are mitigated and our engineering team takes the lead on these mitigation measures.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
-
All changes made to Cinolla service components are tracked and reviewed with security impact assessments carried out on all changes.
Detailed testing is carried out in our staging environment before being released to the production environment.
Cinolla maintain an update log for functionality improvements or fixes that would be visible to customers, and the Cinolla Knowledge base will give customers information on how to use current functionality. - Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
Cinolla use regular security scanning to cover potential vulnerabilities such as open ports, cross site scripting vulnerabilities or cookie data security (and many other potential issues).
Cinolla run monitoring and IDS systems including automated network level blocking of known malicious hosts.
Operating systems and code frameworks are consistently reviewed for any required patches which are applied as appropriate.
Our external penetration is carried out as a minimum annually, with a core set of functionality tested every year plus additional testing as appropriate for example if a new module or service is introduced. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
-
Cinolla use a combination of monitoring tools operating at the different levels in the system such as the load balancer(s), network level traffic and server monitoring tools.
Real-time Intrusion Detection Systems (IDS) are installed and running at all times including the ability to auto apply network level blocks to any suspicious external hosts. Additional third party tools are used to continuously monitor system traffic and any potential threats.
File integrity is also monitored in real time via our IDS.
Alerts are sent to our engineering team who operate an on call rota 24/7 365 days per year. - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
Cinolla use an established processed for common events. Users can report events via email to our support team.
If a major incident occurred which involved service interruption, Cinolla will update users when the issue is resolved and the reasons for it.
Any planned outages will be notified in advance via email to the key users at each customer.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
Fighting climate change
Cinolla are committed to helping to fight climate change.
We use AWS data centres and one study by 451 Research (Oct 2019) found that AWS' infrastructure is five times more energy efficient that the average in Europe. Our use of auto-scaling infrastructure helps us to be more energy efficient and we our customers can reduce printing needs significantly by switching to screen based reports within Cinolla.
Our flexible work policy can reduce travel on days that staff work at home. Our shared office has invested in a range of environmental friendly measures such as waste recycling.Tackling economic inequality
Cinolla believe the SMEs such as ourselves can make a significant contribution to tackling economic inequality. Cinolla are committed to paying a fair and competitive salary to our staff, to invest in staff training and development to allow staff progression.
Cinolla is used by a lot of charity organisations who contribute to tackling economic inequality. Cinolla enables these charities to be more cost effective and streamline their operations and therefore indirectly contribute to the good work many of our customers are doing.Equal opportunity
Cinolla is an Equal Opportunities employer and is committed to following complying with relevant guidelines and legislation such as the Equality Act 2010.
Pricing
- Price
- £4,320 to £7,200 a unit a year
- Discount for educational organisations
- No
- Free trial available
- No