TradeSaver

Service scope

Software add-on or extension: No
Cloud deployment model: Private cloud
Service constraints: None
System requirements: Internet Connection

Compatible Internet Browser

User support

Email or online ticketing support: Email or online ticketing
Support response times: Within 2 hours, Monday to Friday 9am-6pm
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: None or don’t know
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: No
Onsite support: Yes, at extra cost
Support levels: All packages will have support provided, as required.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: A customer success manager is available to work along side the initial cohort of users to create champions within the organisation.
Service documentation: Yes
Documentation formats: HTML

PDF
End-of-contract data extraction: Organisation administrators have the option of making data requests that once fulfilled, have the option to request the deletion of the data of their organisation and its users.
End-of-contract process: Organisations can download all their analytics and data that they have supplied to the Property Momentum and the application, once safe receipt is confirmed the data is deleted and the performance data is anonymised.

Using the service

Web browser interface: Yes
Supported browsers: Internet Explorer 11

Microsoft Edge

Firefox

Chrome

Safari
Application to install: No
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: Analytics would be a reduced service for mobile use.
Service interface: No
User support accessibility: None or don’t know
API: Yes
What users can and can't do using the API: APIs to manage user access, and access the various data points are available, the commercial benefits available through the application won't be available through the API
API documentation: Yes
API documentation formats: Open API (also known as Swagger)
API sandbox or test environment: Yes
Customisation available: Yes
Description of customisation: Branding/White label.
Custom prices import

Scaling

Independence of resources: To ensure users aren't affected by demand, we utilise scalable infrastructure, resource allocation policies, and load balancing techniques. Our infrastructure dynamically adjusts to demand fluctuations for consistent performance. Resource allocation prioritises critical processes, preventing any user from monopolizing resources. Load balancing evenly distributes requests across servers, preventing overloads. Real-time performance monitoring swiftly detects issues for immediate resolution. Additionally, capacity planning anticipates future demand to maintain system integrity. These measures uphold high performance and reliability for all users, regardless of demand. By prioritising user experience and investing in robust infrastructure and monitoring, we aim to provide a seamless and dependable service.

Analytics

Service usage metrics: Yes
Metrics types: Usage
Performance KPIs such as savings, efficiency gains
Reporting types: API access

Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Staff screening not performed
Government security clearance: Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: No
Datacentre security standards: Supplier-defined controls
Penetration testing frequency: At least every 6 months
Penetration testing approach: In-house
Protecting data at rest: Encryption of all physical media
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation

Deleted data can’t be directly accessed
Equipment disposal approach: In-house destruction process

Data importing and exporting

Data export approach: Users have a portal to request their data, and will have access to APIs that will allow the organisation's (subject to permissions) and their own data to be access as a JSON
Data export formats: CSV

Other
Other data export formats: JSON

XML
Data import formats: CSV

Other
Other data import formats: JSON

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)
Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability: The service is available 99.9% of the time, and where downtime occurs incident notices are sent to the users of the service to provide an explanation of any downtime and the estimated time for the service to be restored.
Approach to resilience: Available on request
Outage reporting: A public dashboard
An API
Email Alerts

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Identity federation with existing provider (for example Google Apps)

Username or password
Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is restricted using Role-Based Access Control (RBAC), ensuring users have permissions based on their roles. Multi-Factor Authentication (MFA) adds an extra layer of security. IP whitelisting limits access to trusted networks. We maintain detailed access logs and monitor for suspicious activities. Regular audits and reviews ensure access restrictions align with security policies, bolstering the overall security posture.
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Identity federation with existing provider (for example Google Apps)

Username or password

Audit information for users

Access to user activity audit information: Users have access to real-time audit information
How long user audit data is stored for: At least 12 months
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: At least 12 months
How long system logs are stored for: At least 12 months

Standards and certifications

ISO/IEC 27001 certification: No
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: No
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: Other
Other security governance standards: In process of obtaining ISO certification and Cyber Security
Information security policies and processes: Documented information security policy on which all staff are trained and instructed to follow.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: Our configuration and change management involves meticulous component tracking via Git. Changes undergo thorough security assessments, including code reviews and adherence to standards. We prioritise updating dependencies to mitigate vulnerabilities, employing automated testing tools.

Our change management follows a workflow from initiation to deployment, with changes proposed, reviewed, and approved through code reviews. We monitor status using issue tracking systems and handle emergencies rigorously.

Continuous improvement is key, with processes refined based on feedback and best practices. We track indicators like mean time to detect and resolve incidents, ensuring stability, security, and reliability.
Vulnerability management type: Undisclosed
Vulnerability management approach: Our vulnerability management process entails ongoing assessment of potential threats to our services through regular security scans and monitoring. We deploy patches promptly, prioritising critical vulnerabilities and utilising automated systems for rapid updates. We obtain information about potential threats from trusted sources such as security advisories, industry forums, and threat intelligence feeds. This proactive approach ensures timely identification and mitigation of vulnerabilities, safeguarding the security and integrity of our services.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Our protective monitoring processes involve continuous monitoring for potential compromises through real-time alerts and anomaly detection. We identify suspicious activities by analyzing system logs, network traffic, and user behavior. Upon detecting a potential compromise, we follow predefined incident response procedures, isolating affected systems and containing the threat. Response times vary based on severity, with critical incidents addressed immediately. Our aim is to respond swiftly to incidents, minimizing impact and restoring normal operations as quickly as possible to uphold the security and resilience of our systems.
Incident management type: Supplier-defined controls
Incident management approach: Our incident management processes include predefined procedures for common events, ensuring prompt responses. Users report incidents via designated channels like helpdesk portals or email. Upon receipt, our team assesses the incident's severity and takes appropriate actions, including containment and resolution. Incident reports are shared with stakeholders through clear and concise communication channels, outlining the incident's nature, impact, actions taken, and preventive measures. This transparent approach enables timely resolution and fosters trust in our incident management capabilities.

Secure development

Approach to secure software development best practice: Supplier-defined process

Public sector networks

Connection to public sector networks: No

Social Value

Fighting climate change
Equal opportunity

Fighting climate change

TradeSaver's unique feature of pinpointing nearby merchants in close proximity to job sites offers a significant advantage in bolstering operational efficiency while also championing environmental responsibility. By reducing travel distances for deliveries, this feature minimises the carbon footprint associated with transportation, aligning perfectly with efforts to combat climate change.

Through TradeSaver, businesses can source materials and tools from local suppliers, reducing the need for long-distance transportation. This not only streamlines procurement processes but also fosters community engagement and supports local economies.

In summary, TradeSaver's commitment to locating nearby merchants not only enhances operational efficiency but also champions sustainability, making a tangible contribution to the global fight against climate change.

Equal opportunity

TradeSaver's dedication to providing a platform for accessing affordable tools and materials within the construction industry resonates deeply with the value of equal opportunity. By facilitating the discovery of cost-effective resources, TradeSaver ensures that individuals and businesses, regardless of their background or financial status, can compete on a level playing field.

Furthermore, by prioritising operational efficiency, TradeSaver contributes to promoting equal opportunity. Streamlined procurement processes not only save time and resources but also empower users to allocate their savings towards other essential aspects of their projects. This approach fosters an environment where success is determined by skill and innovation rather than financial means alone.

In summary, TradeSaver's commitment to affordability and efficiency embodies the essence of equal opportunity, empowering all stakeholders to thrive within the construction industry, irrespective of their starting point.

Pricing

Price: £199.99 to £599.99 a licence a month
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: 2 weeks trial

However, certain advanced features, such as premium analytics or personalized recommendations, are not included in the free version. Additionally, there may be limitations on the number of searches or transactions allowed per month.

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

TradeSaver

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents