EPTURA INTERNATIONAL LIMITED

Software as a Service

We are the pioneering market leader in scalable, cloud-based meeting room scheduling and workspace reservation solutions that also includes an Enterprise-wide, class-leading Visitor Management solution that helps some of the biggest brands across the globe get more out of their space.

Features

• Room Booking Service: Calendar Service displaying meeting room bookings
• Exchange Integration: Ability to link Room calendars with Exchange calendars
• Room/Desk Booking Mobile Apps: Native applications iOS/Android
• Service Ordering: Order food, equipment and services to room bookings
• Vendor Management: see all service items requested from dashboard
• Hardware: Room and Desk screens that show current resource status
• API's: Open API's for interaction with application
• Real Time Reporting: Ability to run custom or precreated reports
• Data Analytics: see Condeco data in separate Business Intelligence tool
• Delivery Points: Booking of service items to delivery point

Benefits

• Quickly book rooms and desks from mobile application
• Ability to search for rooms on desks based on attributes
• Presence of rooms and desks displayed on hardware
• Add services, equipment or set up styles to room bookings
• Return to office features for rooms and desks
• Outlook integration with O365 add-in
• Integration with Exchange calendars to enhance Exchange based booking experience
• Advanced business rules for room, desk and service booking
• Open API's for integration to other platforms
• Visitor Management capabilities including notification to host and pass printing

£30 to £70 a user a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at daniela.streng@eptura.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

399839107593947

Contact

Daniela Streng
+447722046766
daniela.streng@eptura.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No. Solution is powered by Microsoft Azure
• System requirements:
  • Modern Internet Browser for PC, Mac or Linuk
  • IOS 10 - Android KitKat or above for Mobile Applications

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 24/7 x 365 Support team
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: SaaS - 24x7 Support Available for all clients. ; Condeco Service Desk's primary function is to record and classify received issues (via the support web portal), undertake an immediate information-gathering effort to determine the customer’s issue and resolve the reported issue as quickly as possible. The Service Desk uses this information to designate the level of Priority of the request. ; The Premier Support Team acts as a technical escalation point when an issue cannot be resolved by the Service Desk. Prior to any further troubleshooting, it is important that the Premier Support review the work history to see what has already been accomplished by the Service Desk. The Cloud Operations Team is responsible for change management, alert set up and monitoring, Saas/Cloud infrastructure management, and maintenance for the Condeco application. ; The Software Engineering Team represents the highest level of support and is accountable for handling the most difficult problems and the development of software Defect resolutions.; Dedicated Customer Support Managers and Account Managers for each client. ; A Condeco Customer Success representative is assigned to all customers and ensures the smooth running of the application and will provide QBRs to the customer. ; Full SLA document available at request.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide full onsite training and consultation for setup as part of the project implementation. In addition, user guides are also provided for both admin and standard users.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: We can supply the booking data in the form of a Excel CSV or XLS extract.
• End-of-contract process: 90 days prior to end of contract, Condeco finance team will contact the customer, to discuss a renewal. If the customer chooses not to renew the service will lapse the day after the contract ends. All data and customer IP will be transferred back to the customer within 60 days. Fees for SaaS solution include - Azure cloud hosting, security, software updates and upgrades, payable annually. Fees for Professional Services support will be quoted for each project or customer requirment, and payable accordingly.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • IOS
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Full functionality and reporting via desktop web application and Mobile limited to Desk and Room Booking.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: We allow our client to brand elements of the software for both the web application and display on our meeting room hardware. Clients can access our REST API for 3rd party integrations that we have already done, or can work with us to develop new API's to existing suppliers and solutions.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: We allow our client to brand elements of the software for both the web application and display on our meeting room hardware.

Scaling

• Independence of resources: Condeco utilise Autoscale functionality within the Microsoft Azure cloud environment to ensure the infrastrucutre can support demand by keeping application performance at optimal levels at all times. We also have additional alerting/monitoring setup to notify the SaaS delivery/Support teams of ny high utilisation of resources, which requires attention and possible action steps.

Analytics

• Service usage metrics: Yes
• Metrics types: Yes - On request we can provide metrics on number of bookings made and other information
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data can be exported to XLS or PDF from the reporting module.
• Data export formats: Other
• Other data export formats:
  • PST
  • XLS
• Data import formats:
  • CSV
  • Other
• Other data import formats: PST

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: SLA is 99.5% uptime.; We issue service credits for any outage that exceeds that uptime.
• Approach to resilience: IT infrastructure is fully redundant (physical and logical level). A DR site is available as well.
• Outage reporting: Azure Monitor reports on any issues with site availability. This is notified immediately to relevant teams. Customer Success managers will notify companies affected without undue delay.

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Condeco utlises access based on "need-to-know" and "just-in-time" principles to ensure only authorised staff have access to the necessary resources for the appropriate length of time. this is achieved via, Access and Privilege Management controls including AD, 2FA and MFA
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Standards Institute
• ISO/IEC 27001 accreditation date: 31/03/2020
• What the ISO/IEC 27001 doesn’t cover: All elements of our Cloud Service is covered by our CSA Star Certification
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 03/05/2021
• CSA STAR certification level: Level 3: CSA STAR Certification
• What the CSA STAR doesn’t cover: None
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: CSA STAR (gold level)
• Information security policies and processes: Condeco has implemented an ISO27001 accredited Information Security Management System (ISMS) framework of policies, processes and procedures that includes all the legal, physical and technological controls and measures in place. A full list of these controls can be found in the Condeco Statement of Applicability. Condeco has an IT Governance Steering Committe in place to formally address and manage IT and Information Security needs. The IT Governance Steering Committe is comprised of the following permanent members: Chief Financial Officer • Chief Customer Officer • Chief Technology Officer, who may delegate to one or both of: o Engineering Director o CloudOps Director • IT Director • HR Director • Legal Counsel • Information Security Officer/Data Protection Officer . Condeco has implemented a programme of annual internal and external IT audits to review the effectiveness and efficiency of these policies and processes

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Any changes to the application are managed through a change management process for vendor-supplied patches, configuration, changes to the organization's internally developed software. Upon request, the provider informs customer (tenant) of policies and procedures and identified weaknesses especially if data is used as part the service and/or has some shared responsibility over implementation of control. Cloud Operations are responsible for change management, alert setup and monitoring, Saas/Cloud infrastructure management and maintenance for the Condeco application. This may include application configurations, data migrations, application deployments, application updates, and availability maintenance, etc. Further details are documented internally for the purposes of security
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Condeco utilises a combination of the following to continually monitor the system 24\7, and any automated alerts are passed to the appropriate IT or support team to assess, mitigate and resolve as necessary - MS Defender ATP - McAfee Virus Scan Enterprise - ManageEngine OppManager - MS Cloud Apps Security
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: All customer data related Information Security Incidents shall be reported promptly to the customer support helpdesk and management in accordance with the Condeco Cloud Environment Information Security Incident Reporting Procedure. All employees shall promptly report internal Information Security Incidents to the IT service desk and management in accordance with the Internal Information Security Incident Reporting Procedure. All Information Security Incidents shall be managed in accordance with either the Condeco Cloud Environment Information Security Incident Reporting Procedure or the Internal Information Security Incident Reporting Procedure depending on the nature of the incident and the reporting party.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: The Condeco Support team is available 24 hours per day, 7 days per week. Authorized users will have the ability to ask a question, report an Incident, or register a Service Request via web portal. The response method of communication will be through the portal itself. If Condeco detects an event through our infrastructure monitoring system, we will diagnose the event notice generated and open a relevant incident ticket through our incident management system. The Customer will be notified of all raised tickets by email.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Condeco is primarily a software vendor, our products are designed to provide efficiencies in the use of real estate with a positive environmental impact. Condeco has established SECR reporting for 2021 and will be targeting a 10% year-on-year reduction. We are committed to: Providing training for our staff so that we all work in accordance with this policy and within an environmentally aware culture. Developing our management processes to ensure that environmental factors are considered during planning and implementation
• Covid-19 recovery:

  Covid-19 recovery

  Condeco has been at the forefront of workspace scheduling for over a decade and has implemented thousands of workspace management solutions for enterprise customers all over the world. As the market leader in the field, we are uniquely positioned to answer these new challenges and have adapted our software to meet these new demands. As businesses are starting to plan the return to the office they need to address the following challenges to meet new guidelines and policies while maintaining employee safety and delivering business continuity. Enable social distancing Reconfigure workspace to reduce desk density and meeting room capacity in order to meet the new social distancing requirements. Lower office occupancy Reduce the number of people working in the office to a safe level following a significant reduction in available desks due to social distancing. Enforce sanitization Ensure that workspace cleaning is enforced when desks are scheduled to be used by a different employee and after meetings. Enable contact tracing Record desks used and meetings attended so that employees can be informed if they have potentially been exposed to a person who developed Covid-19. Instantly close unsafe spaces Provide the ability to quickly close unsafe spaces and notify employees of closure so they can make alternative arrangements. Keep employees informed Maintain constant contact with employees to notify them of changes to available space and updates on contact tracing.
• Equal opportunity:

  Equal opportunity

  Condeco is proud to be an equal opportunity employer. We are committed to treating all individuals in a fair and equal manner by creating an inclusive and open environment for all employees Condeco's approach is that all employees have a working environment that promotes dignity and respect and where individual differences and the contribution made are recognized and valued. Condeco will avoid unlawful discrimination in all aspects of employment including recruitment, promotion, opportunities for training, pay, and benefits. Candidates for employment or promotion will be assessed objectively again the requirements of the job, taking account of any reasonable adjustments that may be required for candidates with a disability. We will also make reasonable adjustments to its standard working practices to overcome barriers cause by disability.
• Wellbeing:

  Wellbeing

  It is the Company’s approach that health and safety is a core business value. The Company is committed to creating a future free of incidents and injuries where: ; • All stakeholders actively create safe environments ; • Leadership, passion and commitment are present at all levels; • Working safely enhances quality, improves productively and generates value ; • Attitude and behaviour replace statistics as a measure of success ; • People are enabled to make safe choices about their own and their neighbour’s safety and to challenge the environment in which they work ; • Good safety behaviour is admired, respected and recognised across the organisation ; • Peer pressure has replaced policing – acting unsafely is anti-social ; • We have a well-trained and fully competent workforce who actively contributes to the safe planning of their work ; • Our commitment to safety and long-term health contributes to making us the employer of first choice ; • Our business only welcomes those who support our vision and are willing to change – no compromise on safety ; ; Additionally: ; • The Company takes pride in everyone returning home safely every day ; • Our minimum health and safety obligations are those required by relevant legislation and authoritative guidance

Pricing

• Price: £30 to £70 a user a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Pilot schemes are available based on a set of dates and KPI's with firm commitments post pilot

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at daniela.streng@eptura.com. Tell them what format you need. It will help if you say what assistive technology you use.