Drieam B.V.

Eduframe

Eduframe is the Continuing Professional Development (CPD) Storefront & SIS for Canvas VLE. Universities, business schools & government use Eduframe to provide CPD education, enabling them to provide a cutting edge end-to-end learning experience for non-traditional learners, from course catalogue & student registration, to certificate awarded.

Features

• Stackable education: combine multiple courses into programmes
• Personalised programmes: students can take their own programme pathway
• Customised storefront, registration & payment on your institution’s website
• Plan & manage both online and face-to-face education
• Sync courses & learners to Canvas LMS for direct access
• Manage B2B/group enrolments, in addition to individual learners
• Effortless course & program management: templates, automations & bulk actions
• Provide certificates, transcripts and award programme credits
• Participant & business portals to track own progress & results
• Powerful integrations & robust open API

Benefits

• Increase enrolment numbers by converting non-traditional learners
• Meet learner expectations with a modern learner experience
• Save time of staff, even when numbers are going up
• Provide learners with flexible education: when, where and how
• Easily integrate Eduframe in your existing tech infrastructure
• Customise Eduframe to match your unique requirements
• Rest assured your data is safe & secure

£4.40 to £22.90 a user a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@drieam.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

378236379203547

Contact

Jim Bouw
+31403046346
sales@drieam.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Canvas VLE (by Instructure) https://www.instructure.com/en-gb
• Cloud deployment model: Public cloud
• Service constraints: Our service does not have any constraints that buyers should be aware of.
• System requirements:
  • An internet connection
  • A browser-enabled computer or mobile device

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Drieam offers second-tier support to address all issues. Our support team is available on working days (Monday to Friday) from 9 to 5 (UK time). For the incoming e-mail and phone support a KPI of 80% response within 1 working day applies.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Drieam offers the same high-quality service to all clients, as part of our standard SLA. A key aspect of our service is providing each institution with a dedicated Customer Success Manager to ensure optimal use of Eduframe. ; ; They will be available via email or phone or ad hoc queries, as wel as regular Executive Business Review meeting.; ; Additionally, Drieam offers second-tier support to the institution's designated contact points from Monday to Friday, 9 am to 5 pm (UK time). For the incoming e-mail and phone support a KPI of 80% response within 1 working day applies. For priority 1 issues, a response target of 4 hours applies
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Drieam offers a wide range of services to support a successful implementation and adoption of Eduframe. We combine our technical and didactical expertise with our deep knowledge on Eduframe and continuing education. Our implementation consultants will guide new and existing customers through the implementation process. Depending on the needs and context of the institution, our team is able to provide adequate training, documentation, and assistance. ; ; The Eduframe implementation always includes a set of admin training (can be onsite and/or online) following the train-the-trainer principle, meaning admins will later train other stakeholders working with Eduframe, including new/future employees. ; ; User documentation is publicly available for admin users. As Eduframe can be highly customised according to an institution’s specific use case, it is common that during the implementation specific user manuals or guidelines are created for end users (including different types of admins). ; ; Additionally implementing a new SIS may also involve process optimization. In cases with many drastic changes in the processes, we can help you with an extensive functional & technical analysis, in which old and new processes are mapped, gaps are identified and together we work to implement the ideal process to work, with Eduframe integrated in your existing infrastructure.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data extraction from Eduframe is supported in the following ways:; - Data in Eduframe can be exported to Excel via the user interface; - Data in Eduframe can be exported via API; - Data in Eduframe can be exported into Microsoft PowerBI via the Microsoft certified PowerBI connector with Eduframe to build custom exports; Excel export, export via API and custom PowerBI exports can be done by Eduframe admins of our customer. Drieam can offer (technical) consultancy to help get data exported via API to the format that's needed for migration to a new system. As the amount of work is dependent on the format that's needed for migration, Drieam uses daily rates for this consultancy.; ; Because it is so easy to migrate/export data from Eduframe, even a user with limited ICT experience can export their own data. However, in reality, we would recommend to form a project group to identify and carry out the following tasks:; - Identify what data are to be exported and by whom; - A schedule to ensure that the exports are carried out in a timely manner; - A "quality control" guide to enable users to evaluate which data to export
• End-of-contract process: At Drieam, we are proud of the long-term relationships we form with our customers. These lasting bonds are an essential part of our company culture. Our experts in technology and education play a crucial role in this. In the unlikely event that you choose to leave Eduframe, we will support you throughout the process to end the relationship in a positive manner, providing you with the help you need to successfully transition to your new provider. Eduframe’s open nature makes it easy for the data to talk to other systems.; ; Your Customer Success Manager will continue to support you throughout the phase-out process and will provide advice on migrating data from the Eduframe system. The specific tasks and timelines will depend on the scope and nature of the content within Eduframe that you wish to transfer to another platform. As we begin the phase-out process, we will discuss in detail what specific tasks need to be performed. ; ; In line with GDPR guidelines, we ensure the secure deletion of data within 60 days after the end of contract. Every offboarding action apart from data deletion will be offered in a separate quote in advance.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Eduframe consists of 4 portals for different user groups, that have been optimised for varying screen sizes and devices according to the needs of each group. ; ; The portals for participants and organisations (participant portal and business portal) are fully responsive and optimised for the use on phones, tablets and desktops. There is no difference in functionality. ; ; The portals for administrators and teachers show more information simultaneously in the same screen and therefore are optimised for desktop devices and tablets. All functionalities of these portals are accessible on mobile devices as well, but the experience isn’t optimised for these devices.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Eduframe provides access (available after login) to a user interface based on roles: admin, participant, teacher or key contact of an organisation. All roles get access to their own portal via a modern web interface which is accessible through web browsers. In their own portal, users get access to core product features depending on their role and permissions. ; ; Additionally, Eduframe provides a JSON API to allow integration with third party applications.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We’ve established comprehensive procedures to ensure our Eduframe's accessibility. This includes conducting in-depth manual testing procedures. For instance, we perform browser tests with axe and WAVE extensions, tools designed to identify and fix accessibility issues. ; ; We also conduct performance tests using VoiceOver, a screen reader, to assess Eduframe’s compatibility with such assistive technology. Keyboard testing in various browsers is another crucial part of our process, given its importance to people with motor disabilities or those who opt not to use a mouse.; ; Furthermore, we simulate conditions like color blindness and contrast loss using Firefox to ensure visual accessibility for users with different visual impairments. As part of our commitment to enhanced accessibility, we adhere to an accessibility checklist during the Quality Assurance (QA) process for every epic.; ; Our testing process also involves our customer base, whose feedback helps us understand real-world use cases and identify areas for improvement. Therefore, even without direct testing with assistive technology users, we employ a variety of manual testing methods and customer feedback to strive for maximum accessibility.
• API: Yes
• What users can and can't do using the API: Eduframe provides an extensive and open REST (JSON) API consisting of Create/Read/Update/Delete (CRUD) functionality for nearly every function within Eduframe. We provide a standard OpenAPI specification to our API. Users of the API are authenticated through either a pregenerated API key or OAuth2 flow.; ; Users with appropriate permissions can set up multiple aspects of Eduframe via the API including (but not limited to): courses, planned courses, programmes, leads, enrollments, teachers, grades, attendances, invoices, payments, credits and even custom data fields. Eduframe also provides webhooks for event-driven integrations.; ; Changes to Eduframe via the API can be done using any standard method such as Javascript or cURL. Each admin user can generate an API token which is used to execute API commands.; ; Any admin user in Eduframe can use the API; however, they can only make changes based on the permissions they have been granted. ; ; Full documentation of the Eduframe API can be found here: https://developer.eduframe.nl/
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Eduframe has been built to be a flexible solution for Continuing Professional Development and as such there are a number of ways in which the service can be customised. A few examples are the following: ; ; -Custom fields: Use custom fields on objects in Eduframe to store information that is specific to your needs as an institution;; ; -Custom registration forms: Ask customers for course- or programme-specific information during their registration, according to the course or programme they are signing up for;; ; -Labels: With labels on objects in Eduframe like contacts, teachers, organisations, courses and orders, it’s easy for admins to identify elements with a specific attribute or to search for them;; ; -LTI apps: Eduframe supports 1EdTech open standards like LTI 1.3, making it easy to extend Eduframe functionality. An example is 'Gradesync LTI', which synchronises course grades from Canvas to Eduframe.; ; -Integrations: Additionally it is possible to extend Eduframe functionality by integrating with third party applications. Eduframe offers a number of out-of-the-box integrations, but it is also easy to connect Eduframe with a custom integration using our Open API or an integration platform. Examples of our standard integrations include: Stripe, Microsoft PowerBI & PowerAutomate, Google Analytics & Tag Manager.

Scaling

• Independence of resources: Eduframe provides an SLA with a 99.5% uptime guarantee. The application is hosted on scalable cloud infrastructure, provided by Heroku and AWS. This means that as demand fluctuates, our service automatically scales up or down to accommodate the incoming traffic. Whether it's a sudden surge or a gradual increase, our system adjusts dynamically to ensure optimal performance for all users. Thanks to additional proactive monitoring systems, we are able to quickly identify bottlenecks and optimize resource allocation.

Analytics

• Service usage metrics: Yes
• Metrics types: Eduframe offers a number of ways to access data from the system: using the Excel exports available from within Eduframe (filters can be applied in the screens), using our (by Microsoft certified) PowerBI connector and/or using our API to pull data from Eduframe. Specifically enrolments can be exported to Excel (including filter on date range), enabling reporting on enrolments as the base for Eduframe pricing.; ; The total number of active learners during the licence period is shared upon request through our support channels and/or during CSM meetings.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data extraction from Eduframe is supported in the following ways:; - Data in Eduframe can be exported to Excel via the user interface; - Data in Eduframe can be exported via API; - Data in Eduframe can be exported into Microsoft PowerBI via the Microsoft certified PowerBI connector with Eduframe to build custom exports
• Data export formats: Other
• Other data export formats: XLSX
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Drieam will use commercially reasonable efforts to make Eduframe is available with an annual uptime percentage of at least 99.5% (“Service Commitment”). The availability of the production environment and of the IP-connectivity will be measured on an annual basis. In the event Drieam does not meet the this commitment, Customer will be eligible to receive a service credit as described below. Each hour, on top of the guaranteed availability, that the production environment is not available will be credited based on the average daily costs of the yearly payment. Crediting takes place once per year. There can be limitations or disturbances of the services that are outside of Drieam’s influence. If Drieam cannot comply to this agreement due to circumstances beyond Drieam’s control, Drieam has the right to postpone the agreement. Examples of circumstances beyond Drieam’s control are: not by Drieam influenceable technical limitations of the internet, large interruptions in power supply, fire, natural disasters and/or Denial of Services attacks. When preventive maintenance is planned, Client will be notified via an announcement. Preventive maintenance does not comply with the above mentioned guaranteed availability rate.
• Approach to resilience: Drieam is committed to maintaining the quality of our continuous service. We have established a Backup Policy, Disaster Recovery Plan, and Incident Response Plan in accordance with SOC2 norms to ensure uninterrupted service delivery.; ; All data for UK customers is hosted in the European Economic Area with hosting provided by Amazon Web Services (AWS) in Ireland. Continuous backups are maintained in our secondary database in Germany. AWS is the most established and trusted cloud hosting provider worldwide, offering high levels of physical and network security as well as diverse hosting options. AWS maintains high-level security compliance, including SOC 2 and ISO 27001. Due to this setup, we can deliver an RPO of 1 hour and an RTO of 4 hours.; ; Over the past year, we maintained 99.99% uptime, which equates to less than 56 minutes of downtime throughout the year. We perform automatic ""hands-free"" upgrades and updates, ensuring customers never have to worry about patches or version numbers. Furthermore, Eduframe resilience is ensured by Drieam's self-healing architecture and automatic scaling.; ; Our Security Team diligently works on maintaining resilient and continuous service. By regularly (at least annually) testing the IRP and DRP, we ensure readiness for all possible scenarios.
• Outage reporting: At Drieam, transparency is a core value. That's why we provide real-time information about Eduframe's availability through our public online dashboard. This platform enables customers to stay informed about Eduframe's performance and availability effortlessly.; ; You can access the availability details at the following dashboard: status.drieam.com. Customers can sign up for email notifications about any potential issues with Eduframe, ensuring they remain fully informed and updated about its status.; ; If the customer has any questions or concerns regarding Eduframe's availability, they can always contact their Customer Success Manager or our support team.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: Another way of authenticating users when they access Eduframe is by access token.
• Access restrictions in management interfaces and support channels: Restricting access to management interfaces is defined based on roles and permissions within Eduframe. For support channels, access is restricted by mapping specific recognised users to resources in our support systems.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Description of management access authentication: Another way of authenticating management access is by access token.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • SOC 2 Type 2
  • 1EdTech Data Privacy Standard

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: - SOC 2 Type 2; - 1EdTech Data Privacy Standard
• Information security policies and processes: Drieam has established comprehensive internal security policies encompassing various areas such as information classification, secure development, maintenance, privacy, change management, media protection, risk management, awareness training, third-party management policy, and several other topics. All employees accept these policies when starting at Drieam, and any updates require employees to acknowledge and accept the changes. To gain an understanding of all policies, customers can request our SOC2 report. ; ; The security team reviews all security policies at least once a year to ensure that they are being followed consistently across all teams and that security is a company-wide priority.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Drieam has a formalized security and systems development methodology that includes project planning, design, testing, implementation, maintenance, and disposal or decommissioning. Proposed changes are evaluated to determine if they present a security risk and what mitigating actions, including employee and user entity notifications, must be performed.; ; Changes to infrastructure and software are developed and tested in a separate development or test environment before implementation. Additionally, non admin developers cannot migrate their own code changes into production environments. Access to migrate a change to production is restricted to approved Engineering personnel.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability scanning tools are utilized to automatically scan our application's codebase and identify potential vulnerabilities. Identified vulnerabilities are ranked by risk (high, medium, low) to prioritize their remediation. We adhere to the following remediation times for these vulnerabilities:; - p0: 7 days; - p1: 30 days; - p2: 60 days; - p3: 90 days; Penetration tests, including a full scope of blended attacks such as client-based and web application attacks, are conducted at least once a year. Any discovered issues are directed through our incident and risk management processes for resolution.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We utilise various applications to monitor processes and identify potential compromises, such as analysing request logs. Additionally, we offer customers the ability to notify us if they suspect a potential compromise.; ; Upon becoming aware of a potential compromise, we initiate our well-defined and tested incident response plan. This plan outlines all necessary steps to address different types of compromises. We keep our customers updated on the incident's progress and ensure a swift response to any breaches.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Users can report a potential incident through various methods including email, a support portal, and phone.; ; Upon receiving an incident, Drieam applies their predefined Incident Response Plan. This plan outlines the process of identifying, prioritising, communicating, assigning, and tracking incidents until they are resolved. The Security team communicates these incidents externally if necessary. Details such as analysis, impact, and resolution of the incident are documented and possibly shared.; ; The Security team also conducts annual tests of the IRP, either through simulation (table-top exercise) or retrospective of a real event. Any lessons learned from these tests are incorporated into the plan.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  In a bid to reduce greenhouse gas emissions and foster a greener future, our company has proactively adopted a sustainable mobility policy alongside our existing paperless policy. The cornerstone of this policy is an internal mobility pool of two electric lease cars. These eco-friendly vehicles are made available to all our employees. ; ; Moreover, we recognize that public transportation is a key component in the fight against climate change. To this end, we encourage our employees to utilize public transit systems. To make this a viable option, we provide our employees with public transportation cards, giving them unrestricted travel within a certain area. ; ; In addition, our sustainable mobility policy also includes a bike leasing program. This program provides our employees the opportunity to lease high-quality bikes for a certain period. The leasing scheme includes maintenance and insurance, making it a cost-effective and flexible option. ; ; Beyond internal sustainability efforts, we also place a high importance on selecting suppliers who are conscious of their environmental impact. A prime example of such a supplier is AWS, our data provider. AWS not only guarantees safe storage and data processing but also places a high premium on sustainability. Research by 451 Research indicates that AWS's infrastructure is 3.6 times more energy-efficient than the median energy consumption of US data centers and up to five times more energy-efficient than the average in Europe. Furthermore, the same research shows that AWS can reduce the CO2 footprint of customer workloads by almost 80% compared to other data centers, and even up to 96% when AWS runs entirely on renewable energy. By opting for AWS, we are making a concerted effort to lessen our environmental impact.

  Covid-19 recovery

  Drieam aids COVID-19 recovery by offering educators and students a robust virtual platform, ensuring activities can take place wherever they are. During the pandemic, we supported a record number of users as institutions transitioned fully online. We continue to support institutions in their recovery and progression, enabling them to adapt and thrive in the post-pandemic landscape.; ; In addtion, we offer a flexible work model for our staff, allowing them to choose their preferred work location. Employees can work entirely remotely, fully in-office, or opt for a hybrid setup, supporting COVID-19 recovery efforts. This flexibility enables those who benefit from social office spaces to do so for their mental health, while also allowing employees who need to shield or have ongoing COVID-19 concerns to work entirely from home.

  Tackling economic inequality

  Drieam upholds Social, Labor, and Environmental policies to promote the well-being of our employees and community. We ensure our team members receive a living wage and strictly adhere to local labor laws. We also hold our suppliers to these same standards. By fostering ethical practices across our supply chain, we contribute to a more equitable and sustainable future.; ; Furthermore, Drieam is a company that demonstrably spends a lot of time offering internships for students and young professionals. At Drieam, the development of the intern is central, and we offer various opportunities to stimulate this development. For example, we regularly organize training and workshops to improve the intern's skills, and we provide tailored guidance to ensure that the intern can get the most out of his or her internship.

  Equal opportunity

  At Drieam, we value the inclusion of all, both in our culture and in our Eduframe product. Eduframe is designed to cater to a diverse user base, including individuals who may require assistance. We are dedicated to ongoing improvements to enhance accessibility, reflecting our strong commitment to this goal. Currently, we comply with WCAG 2.1 AA standards, and we aim to further increase accessibility for our users.; ; In addition we strongly believe in the value of an inclusive and diverse culture, offering equal opportunities to all. We embrace the diversity of cultures, nationalities, and gender differences within our company and ensure that everyone feels accepted and valued. This is also visible within Drieam, where a diverse team has emerged with different cultures, genders, and nationalities.

  Wellbeing

  At Drieam, our primary responsibility is to ensure absolute compliance with local labor laws across all the regions we operate in. This is a topmost priority for us, as we firmly believe in establishing a lawful and ethical business environment. We are committed to meeting, and where possible, exceeding all regulations and guidelines set forth by local authorities.; ; In addition, we also place a high value on the wellbeing of our employees. This is not merely a policy but a core value that defines our business operations. We recognize that our workforce is our most valuable asset and we are dedicated to maintaining a healthy, happy, and productive environment for them.; ; In our commitment to employee wellbeing, we provide various benefits to enrich both personal and professional lives. For instance, we offer discounts on sports subscriptions. Our consistent focus on employee wellbeing results in a low turnover rate, a fact that we take great pride in.

Pricing

• Price: £4.40 to £22.90 a user a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@drieam.com. Tell them what format you need. It will help if you say what assistive technology you use.