Skip to main content

Help us improve the Digital Marketplace - send your feedback

SAFE 2 DRIVE SOLUTIONS LIMITED

Safe2Drive Driving Licence Checking & Grey Fleet Service

UK driving licence checking and reporting solution that provides online status, entitlement, and conviction data for UK licence holders using the DVLA ADD service. For professional drivers, it returns CPC and tacho-card dates. Clients access their portal 24/7. The speed of a check response is immediate. A fully managed service.

Features

  • UK Electronic Licence Checks
  • Live UK GDPR Online Response
  • ISO27001 Accredited - Security Management Certification
  • Direct DVLA data
  • Automated rechecks according to risk & frequency
  • Immediate & upcoming warnings dashboard and email
  • Driver risk scores
  • Changes since previous check & history
  • Foreign & Northern Irish Licence Verification
  • Grey Fleet Service & Management

Benefits

  • Real-time dashboards for real-time insights
  • A comprehensive system that provides a friendly interface
  • Supports UK GDPR data retention and deletion policy
  • Self Check Facility
  • Fastest Electronic Boarding of Client Data
  • Multi User & Location Licence
  • Automated rechecks reduces workload & errors
  • Secure & encrypted cloud hosting
  • API & Also Available -Mobile Applications - IOS & Android
  • Email Alerts - Flags immediate actions to management & drivers

Pricing

£1.70 a transaction

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@safe2drive.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

3 8 3 8 4 2 4 9 6 9 7 7 0 3 5

Contact

SAFE 2 DRIVE SOLUTIONS LIMITED Allan Gibbons | Sinead Moy | Scott McLennan
Telephone: 0141 260 7272
Email: admin@safe2drive.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Safe2Drive is a hosted agile solution that provides clients with a selection of different services according to their requirements. Services available include our mobile application "Driving for Work," Grey Fleet, Driver File, FileSafe, and also E-Driver Training & Fleet Management.
Cloud deployment model
Public cloud
Service constraints
No
System requirements
  • No Special System Requirements
  • Client Internet Access

User support

Email or online ticketing support
Email or online ticketing
Support response times
Immediately during business hours
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We provide an all Tier support to all clients inclusive in the cost for the service.

Tier 1 Basic help desk resolution and service desk delivery.
Tier 2 In-depth technical support.
Tier 3 Expert product and service support.
Tier 4 Outside support for problems not supported by the organisation.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
As we are ISO 27001 certified, we provide clients with a boarding process that includes service and support along with online training (free) and, where required, onsite training (at an agreed fixed fee).
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
Video
End-of-contract data extraction
They export their data (CSV)
End-of-contract process
The client extracts their driver data (CSV) and then the driver data would then form part of our driver deletion policy as per UK GDPR & DVLA guidance.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
There is a specific mobile application for Safe2Drive that provides modified reporting and supports driver licence & grey fleet capability for managers and drivers. We support Android and Apple devices.
Service interface
No
User support accessibility
None or don’t know
API
Yes
What users can and can't do using the API
We provide an API that is available to return all driver licence data points & vehicle data and facilitate driver permission. Access to the API, test account, and integration notes is provided along with the API key.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The service can be customised, such as the User Hierarchy | User locations | Driver check frequencies | User defined filters & reporting

Scaling

Independence of resources
There is no restriction due to the scalability of the platform and the hosting provider.

Analytics

Service usage metrics
Yes
Metrics types
This is provided through the system audit trail and logins of the system users. This shows system utilisation as well as the dashboard providing all stats and priorities.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
As authorised, the user would be able to export their driver data from the reporting suit via a CSV file.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
99.5% SLA excluding notified downtime, by MS Azure or the DVLA but in practice, service availability is far greater than this.
Approach to resilience
The service is hosted in Tier 4 data centres (with 99,995% uptime, we can state that an Azure Datacentre exceeds the expectations of a tier 4 datacentre) located all within the UK, with an automated failover from the main data centre to the secondary data centre that replicates the service.
Outage reporting
If an outage on our service happened, we would report the service status by email or via the public website.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication
The users credentials will be checked against active directory within the system
Access restrictions in management interfaces and support channels
The user name & password would be checked against the active directory
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
The British Assessment Bureau
ISO/IEC 27001 accreditation date
10 February 2023
What the ISO/IEC 27001 doesn’t cover
Third party data suppliers
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials
Information security policies and processes
ISO 27001 security policies use internal auditors and an annual audit by an external certifying body.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All hardware and hosting are provided under contract with Microsoft Azure. The development of services uses agile methodology, with software development and testing policies requiring security assessment and review.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Potential threats form part of software development policy and code testing and review. Annually, an authorised third party scans internal and hosted service vulnerabilities and conducts external system penetration tests. All patches and updates are managed centrally. Potential threats are monitored.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Service uses full Microsoft Security Suite and other logging and monitoring services that run continuously. Any high-level vulnerabilities or incidents will be responded to immediately as a matter of urgency in accordance to our ISO 27001 ISMS.
Incident management type
Supplier-defined controls
Incident management approach
Our ISO 27001 policies cover incident management, and they are dealt with according to the nature of the incident. In the event of a data breach, they have a separate policy and notification process that are covered in the Data Breach Policy again part of our ISO 27001 standard.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

Wellbeing

Wellbeing

Our business supports the wellbeing of the workforce and the general public by ensuring that those driving vehicles for work-related purposes are suitably qualified to operate their vehicle, irrespective of the vehicle's ownership.

Pricing

Price
£1.70 a transaction
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Up to 10 UK electronic driving licence checks are to be used within 7 days.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@safe2drive.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.