Novoville Ltd

Novoville Smart System for On-street & Off-street Parking

Novoville Smart Parking creates a seamless parking experience from the moment a driver arrives through the reporting of parking activity in the city, including permits and fines.We offer a broad range of solutions that cohesively work together and integrate with third-party IoT platforms, allowing authorities to manage parking operations remotely.

Features

  • Real-time reporting, data & analytics of parking activity
  • Supports on-street & off-street parking
  • Mobile app for motorists
  • Fine & Permit management
  • Mobile app for Civil Enforcement Officers
  • Management dashboard
  • Omni-Comms tools
  • SMS service for motorists
  • Fast & secure payments
  • Compatible with the Cisco Kinetic for Cities platform among others

Benefits

  • Integrated intelligent parking system
  • Accurate real-time information for motorists
  • Easy payment process for motorists
  • Effective management and monitoring of parking operations for local authorities
  • Reduction of traffic congestion
  • Cost-effective law enforcement
  • Real-time reporting of parking activity, including permits and fines
  • Integrates data from all IoT platforms and smart sensors
  • Easy-to-use tools to monitor and report parking violations quickly/accurately
  • Fully customisable and scalable

Pricing

£0 a licence a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@novoville.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

3 6 2 2 7 3 0 6 4 0 4 4 8 9 4

Contact

Novoville Ltd Iraklis Bourantas
Telephone: 02074425551
Email: info@novoville.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Our solution is primarily a stand-alone service, but can be integrated with existing CRM, ERP, Enforcement, Smart City systems, etc. using open and documented APIs. It is also compatible with the Cisco Kinetic for Cities platform among other IoT platforms.
Cloud deployment model
Public cloud
Service constraints
-iOS application requires OS version 9.0 or later
-Android application requires OS version 4.4 or later
-Citizen webapp requires Firefox version 45 or later, Google Chrome 48 or later, Apple Safari 10 or later.
-Client web management dashboard requires Firefox version 45 or later, Google Chrome 48 or later, Apple Safari 10 or later.
System requirements
  • Dashboard requires internet connection without firewall limitations towards novoville servers
  • IOS application requires OS version 9.0 or later
  • Android application requires OS version 4.5 or later
  • Webapp requires Firefox ≧45, Chrome ≧48, Safari ≧10
  • Dashboard requires Firefox ≧45, Chrome ≧48, Safari ≧10

User support

Email or online ticketing support
Email or online ticketing
Support response times
Novoville provides a single level of support, which is built into the subscription cost.
It includes an online help desk and ticketing system available 24/7, as well as telephone support during business hours (9am-5pm, Monday to Friday, except UK Bank Holidays). We typically respond to queries within 2 hours.
On-call support will respond to critical availability issues outside of standard business hours. Our support SLA is included in the terms of service document.
Each client has a designated account manager and will receive dedicated support for any issue.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), 7 days a week
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
We conduct twice a year accessibility testing using third-party testing software
Onsite support
Yes, at extra cost
Support levels
Novoville offers their gold plan for support to all clients. This includes account and billing questions and notifications for service quota increases. In the same plan, Novoville also offers an unlimited number of technical support cases. All customers during working hours automatically have access to their personal account manager for support on:
-Account and billing questions
-Service health checks and bug reporting
-Documentation, whitepapers, and best practice advice
-Guidance on how to use products, features, and services together
Please refer to our SLA for further information.
Support available to third parties
No

Onboarding and offboarding

Getting started
Management Dashboard users are provided with extensive training over the course of a two-day workshop. Depending on the availability and structure of the client workshops can be on-site or over videoconferencing. Additionally, novoville uses a set of onboarding forms that are filled prior to launch in order to automate the initial state of the system e.g. user accounts, internal services names, email templates etc. Every user gets access to an online manual and a series of hints available next to each button, action etc. Throughout the term of contract clients benefit from further online training for new features and best practises.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Within two weeks of contract termination clients receive through a safe transmission channel all user personal data and the corresponding transactions these have performed with the client. This export is available as a database dump or a set of CSV files.
End-of-contract process
After transmission of data to the client, all transaction information is deleted from our servers within two weeks. There are no extra costs for the transmission or deletion.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
No differences
Service interface
Yes
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
The management dashboard provides data on all activities where Novoville provides a front end, whether you’re using legacy applications, your website or a Novoville application.
The Novoville dashboard allows council employees to have access to the functions that are relevant to their role. It brings all information together on a single dashboard, giving local authorities complete control of parking & permit operations, a comprehensive picture of their ecosystem and the ability to communicate with users instantly.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
We conduct twice a year accessibility testing using third-party testing software
API
Yes
What users can and can't do using the API
The setup of the service environment does not require use of the novoville APIs. Nevertheless, the novoville APIs are available for consumption of information and resources created by novoville users (from the mobile apps and the dashboard) using a client-specific authentication, i.e. client id and API key.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Our service is customisable but requires the input of the Novoville team. In general, the customisable elements are: branding, workflows, stats & analytics/KPIs, forms, request categories, parking pricing & policies, etc.

Scaling

Independence of resources
Scaling novoville is a matter of replicating the same codebase,namely the app stack.A similar logic applies to our database cluster.A load balancing architecture takes care of distributing load to replicas of the app stack while also providing means of failsafe i.e. switching between app stacks if one of them goes down.Given our current user traction we can serve up to 200K concurrent users per app stack node.Greater load can easily be dealt with by tweaking the node configuration (more RAM/CPU) and/or introducing more app stack nodes.Novoville is deployed on Azure and allows near real-time updates of either of these resources.

Analytics

Service usage metrics
Yes
Metrics types
Indicative list of the service metrics we provide:
- Number of users
- Number of interactions
- Number of requests
-Number of parking time purchases
-Number of fines /tickets
-Number of parking permits
- Number of messages
- Number of transactions
- Number of consultation respondents
-Number of wallet top-ups
-Number and amounts of refunds
-Number of parking sessions.
All service metrics provided can be accessed and filtered by multiple criteria on the management dashboard.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Users are given the option to export transaction data in the form of a CSV or an EXCEL file. Upon request data can also be exported as a database dump from our engineers. Data exports can include all transactions or can be a filtered version using the dashboard filters prior to the export itself.
Data export formats
  • CSV
  • Other
Other data export formats
MySQL dumps
Data import formats
  • CSV
  • Other

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
The following details the nature, quality and scope of the services that novoville provides for its system up-time.
-For Web Dashboard / Back-office Module SLA is 99.9% i.e. novoville’s Web Dashboard site shall be available for use by the Customer’s staff 99.9% of the time
-For the Mobile Application SLA is 99.9% i.e. novoville’s mobile app is available on the various app stores shall be available for use by citizens 99,9% of the time
Νovoville tracks its support performance based on mutually agreed SLAs. The Customer’s end-user responsibilities will be set out in the final set terms and conditions. novoville will make sure that in the unlikely event of the availability going below the aforementioned 99.9% will do its best to recover the provided software and any data affected as quickly as possible. The intention is to work with clients towards solutions that ideally never take more than 24 hours to deploy successfully. novoville uses systems provided by Apache Foundation and Azure Cloud services to measure whether the “Software” is available. These systems are our basis for monitoring this SLA.
Please refer to our SLA for further information.
Approach to resilience
Hosting is provided by state-of-the-art Azure datacenters compatible with all principles described in ‘Asset protection and resilience’.
Outage reporting
We report outages in real-time through: the novoville dashboard, email alerts and through slack channel webhooks.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Access is performed with a username-password pair along with available two-factor authentication (typically SMS codes on the mobile phones of users).
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
31/10/2019
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
Mobile apps
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
CyberEssentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
CyberEssentials
Information security policies and processes
- We review twice a year our list of business threats
- We align our security measures with our IT strategy
- We review extensively the security policies of third party vendors we work with (or use their tech)
- We work continuously to minimize time between our continuous deployment process. This is currently between 3 and 7 days
- We do not invest in “hipster” security technologies. For example we invest more time in selecting an appropriate DDoS solutions, a CDN provider etc. than investing in a centralized SSO solution
- We are empowering from their early days in the company all of our engineers and product managers with the freedom and knowledge to report possible security flaws and vulnerabilities
- We use a series (more than 2000) of automated tests to detect vulnerabilities before exposing our system to bi-annual PEN tests from external security consultants.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Our change-management-process follows a similar approach when “change” relates to a product update or the introduction of a new module/feature, namely:
-Requirements analysis of what is going to be improved
-Solid business case for the update or new product
-Create an Agile roadmap for introducing the change
-Design method for evaluation including automated tests, UAT strategy and A-B testing approach
-Communicate upcoming changes to account managers and subsequently clients. Prepare the corresponding training material
-Monitor resistance and budget risks (including risks for clients)
-Apply Agile methodologies process-wide by revisiting requirements and problems
Vulnerability management type
Undisclosed
Vulnerability management approach
Novoville has a test-driven development approach. New features are never released without corresponding tests (currently more than 2000 of them across products) creating a first line of defence for potential threats. Additionally, we use several real-time monitoring tools to detect threats and security vulnerabilities.
In case of a problem detection we classify the issue (LOW to CRITICAL) and act upon the creation of a patch that is applied from anything between 3 hours (for most CRITICAL issues) to the next scheduled system update (for issues classified as LOW).
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Compromises are identified by a combination of 3rd party monitoring tools along with in-house tools tailored to our product.These tools perform in real-time traffic monitoring for:
-Blocking attacks from the OWASP top 10 including Cross Site Scripting (XSS),SQL injections,Shell injections etc.
-Runtime Application Self-Protection,In-App Web Application Firewalling, applying Content Security Policies
-Leveraging in-app signals to automatically detect and block bruteforce or automated credential stuffing attacks
- Leveraging dynamic risk scores and full user account timelines
- Leveraging playbooks to cover business logic threats ranging from shared user accounts,fake signups or feature abuses
- Instantly notifying the engineers and account managers
Incident management type
Undisclosed
Incident management approach
Novoville uses a web-software compatible with our continuous-deployment technology to report and absorb incidents.This includes:
-Log the incidence by recording (name of person reporting the incident,date/time,description including type of log file or screenshots if available,id number assigned to the incident)
-Categorize the incident reported (assign a logical,intuitive category/subcategory from pre-populated list,assign level of criticality according to the reporter and the evaluation of the engineer that processes the incident)
-Prioritize the incident (address all open incidents in order of prioritization,notify engineers and reschedule normal deployment of features)
-Respond to the incident (Investigation and diagnosis,Resolution and recovery,Update knowledge base for future use)

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

Novoville is committed to the Race to Zero campaign, through its subscription with the “Business Ambition for 1.5°C”. Indicatively, we have:
- Invested in upgrading the energy efficiency of our offices and their infrastructure (IT equipment, A/Cs, paperless operation, etc.).
- Funded all public transport or micro-mobility commuting for our colleagues when they travel to/from our offices.
- Invested in upgrading the car fleet of our sales team with hybrid cars.
- Migrated all of our software to Microsoft Azure, committed to be carbon negative by 2030.
- Innovated by launching the “Adopt a Tree” initiative as part of our product, whereby people are prompted to adopt a tree in their city and water it during the summer months to help it survive. We have saved 2,000 trees so far.
- Introduced a series of KPIs (the green dashboard) for our clients, mostly local authorities, that monitor the impact of their operations to the environment. We expect a 40-60% impact on emissions as we train them to improve their services using these novel metrics.
Covid-19 recovery

Covid-19 recovery

Novoville has actively been involved in activities for COVID-19 recovery, such as:
- We launched and maintained the GetVolunteering platform for managing volunteers offering Befriending services. Councils and organisations using GetVolunteering have already organised more than 2,000 volunteers and offered 5,000 hours of phone support to people in need within their communities.
- Through our mobility platform, we recently launched an advanced "loyalty system" for drivers, whereby shops can refund parking time to them as long as they decide to spend money in the local market that has suffered from shop closures due to the pandemic.
- We have implemented workplace conditions that support the COVID-19 recovery effort, including effective social distancing, remote working, hygiene measures, and sustainable travel solutions.
Equal opportunity

Equal opportunity

Novoville maintains offices in three countries and four cities. We employ people of more than ten nationalities and four ethnic backgrounds, placed approximately uniformly between administration, engineering and support/maintenance teams. We encourage travel of employees between locations to remove diversity barriers and promote our family culture.
Our products are designed to be accessible by disabled people and different demographics, empowering more than 1.1m citizens of enormous diversity.
Hiring Process & HR: Job descriptions are worded in a way that limits the probability of unintentionally describing positions towards a certain demographic. During interviews we disclose the organisation's approach to equality and diversity and why it is important.
Training: Our DPO performs annual training to managers to allow them to demonstrate, by reference to published equality information, how they have “due regard” to the requirements of the general equality duty of the company.
Safe work environment: We place a positive duty on employees to comply with the equal-opportunities policy and to ensure that their colleagues are treated with respect and dignity. Employees are encouraged to discuss any concerns, without judgement.
Education: We provide resources and educational material that include examples of different types of discrimination to make employees aware of issues they may not have recognised as discrimination before.
We celebrate differences: We celebrate diverse religious/national holidays and encourage team sports and activities. Our core purpose is to help bring people together.
We shout equality: Any actions taken by leaders attempt to uphold, communicate and display our culture and values.
We speak about wider issues: Employees are affected by current affairs, but certain topics can have a particular impact on mental wellbeing. This was especially important during COVID-19. We try to encourage these discussions in the workplace.
Work/life balance: We promote a work/life balance and offer flexible working hours and remote working.

Pricing

Price
£0 a licence a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@novoville.com. Tell them what format you need. It will help if you say what assistive technology you use.