KAJIMA PARTNERSHIPS LIMITED

BookingsPlus, booking software for community lettings

A lettings website that manages the end-to-end customer booking process for community lettings. Booking software that eliminates manual lettings processes and creates automated lettings processes for local authorities and MATs. Digital transformation of community lettings and school lettings. Achieves community engagement and income generation goals.

Features

• Online lettings platform to manage community bookings and venue lettings
• Advertise spaces to communities using images, text and virtual tours
• Customisable rules including dynamic pricing, booking workflows and user journeys
• Availability calendars that visualise bookings for single and repeat bookings
• Payment provider integration and accounting system integration
• Create a venue marketplace by letting third-party-owned venues
• Detailed analytics, dashboard reporting for business insight and management information
• Dedicated onboarding, complete system setup, ongoing support and training service
• Hirer compliance feature capturing compliance documentation, organise scheduled compliance reviews
• Centralised facilities booking platform offering standardised booking journeys

Benefits

• Improve access to venue information, venue availability and venue content
• Market community venues, shared spaces and hireable spaces
• Customised client-tailored information with clear booking workflows
• Flexibility for room booking, hireable spaces, letting facilities, letting management
• Booking data synchronisation, native system integration for seamless data transfer
• Third party venue promotion to increase revenue
• Data visualisation and KPI tracking providing Management Information
• Fully managed implementation, dedicated support and future development
• Efficient compliance information management including prompted renewals and inbuilt prioritisation
• Organisation-wide booking service for all categories of spaces

£400 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at G-cloud@kajima.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

426689242487771

Contact

Jack Woodley
07896621557
G-cloud@kajima.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No - all upgrades and maintenance are carried out of business hours with minimum disruption to end users.
• System requirements:
  • Access to the internet
  • Any major up to date web browser installed

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our average response time in January 2022 is 25 minutes. We guarantee a response within one working day, however the reality is our team of experts are able to vastly exceed that target.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Kajima offers 9-5.30pm support on weekdays from a dedicated team. You will also have access to an Account Manager who deals with strategic matters and account-level relationships. Training is incorporated into your support package, and you will have access to a wide-range of online training resources (written and videos), as well as humans that are available to help.; ; The support service is "second line" support only (i.e. for administration users, whereas "first line" would be for your hirers). Customers are entitled to unlimited support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide comprehensive online training for users. In certain cases we can deliver onsite training if preferred. We provide a comprehensive training resource toolkit, including training videos, written training guides, and an online "knowledge bank" platform. ; ; Our customer services team are available within business hours to support customers with their usage, including addressing immediate training needs.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: We will work with customers to extract their data when the contract ends. Customers can do this themselves if preferred, however we will allocate the time and resource necessary to export the data into a useable format. We will store data typically for a couple of weeks after contract termination before deleting permanently, unless instructed otherwise by clients.
• End-of-contract process: When a client gives their 30 day notice period, we agree an end of service date when the service will be turned off. Within the notice period, we instruct customers on how to export all of their data from the platform. We will archive data as per customer's requirement. We can export customer content in a database format.; ; All of the above is within the contract price. Any additional data extractions or requirements above and beyond what is reasonable will require additional charge.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There are no functional differences. Sizing changes for components in the back-end of the system. For hirers, the website renders as any mobile-optimised website would. Mobile devices may not have software installed to handle exported reports e.g. Excel.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: For hirers, the front-end service interface is a website that contains venue information and booking functionality. They also have access to a "user area" which contains their historic activities, bookings, payments etc.; ; For administrators, the back-end service is a restricted portal that they use to manage the website, including venue information, availability, approval/rejection/amendment of bookings, reporting and more. It is web-based and accessed by login.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: None
• API: Yes
• What users can and can't do using the API: The APIs published are compliant with the Open Data Standard and provide information about the venues and spaces setup on the system. The APIs also support bookings process however the API integration for bookings needs engagement with the consumer as they are not publicly accessible.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Much of the functionality on the customer site is customisable - for example certain features within the booking process can be turned on or off. The customer journeys have some customisation, as they can be optimised to fit your desired processes. For example, certain types of customers could be served different pricing levels.; ; All onsite content is customisable and administrators have complete control over this, for example, imagery. written descriptions, feature lists, news articles.; ; Customisation is discussed during the onboarding process and built into your platform. Customisation to the platform tends to be delivered by our support team under customer instruction.

Scaling

• Independence of resources: Our AWS infrastructure is set up to have spare capacity to meet with increased demand from all users. We conduct regular reviews of the load placed on our system and adjust capacity as needed. Dashboard reporting provides real-time analytics so reviews happen multiple times per week.

Analytics

• Service usage metrics: Yes
• Metrics types: We measure bookings, enquiries, payments, space utilisation. Once a website goes live we assign Google Analytics to the website which provides a wide range of website analytical data e.g. site visits, page visits, time on page etc. Audits track total logins and last logins.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported from the admin section. Each report can be exported, including lists of data. Alternately we can export data on your behalf and securely transfer to you.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee 99.8% availability and offer scaled refunds based on the percentage of monthly fee relative should this target be missed. They are banded and between 2% to 25% are offered. For substantial missing of targets, customers can invoke contract cancellation period. The full SLA can be found in our service documentation.
• Approach to resilience: The AWS infrastructure is spread across multiple availability zones. The London region has 3 availability zones and we make use of all of these to provide redundancy. The EC2 nodes that provide the compute capacity for the Kubenetes cluster are part of an auto-scaling group. If an instance fails, a new instance is started and added to the cluster to maintain capacity. In addition to this, Kubenetes would see the node had failed and reassign containers scheduled on the failed node to the remaining nodes in the cluster. If there is a fault in a single availability zone the application will continue to function as the instances in the other availability zones will still be available, and the auto-scaling group will bring up new capacity in the unaffected zones. For AWS provided services such as RDS, Elasticsearch, Redis and RabbitMQ these are clustered and we maintain a hot standby in a separate availability zone. In the event that the master becomes unavailable (due to fault or issues with the availability zone) then the hot standby will be promoted to the master. More information is available in our Service Definition Document.
• Outage reporting: Email alerts are sent to our support teams to report outages. There are dashboards available to our technical teams that report on status. Customers are informed as necessary.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: On the customer side, only administrators are permitted to access management interfaces. End-users (e.g. hirers) have a different user type and cannot access them.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: PQAL - www.pqal.co.uk
• ISO/IEC 27001 accreditation date: 20/04/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Kajima has a group-wide internal information security policy which is concerned with ensuring data is protected. The policy is shared with all staff and regular refresher training ensures all staff are compliant. The fundamental approaches are:; 1) Organisation - To establish the system for information security by drawing up a set of security policies.; 2) Human resources - To observe basic measures thoroughly by implementing a set of security policies (the Code of Conduct for Information Security Measures) and security training.; 3) Technology - To protect important data using user account control and encryption. The introduction of tools.; 4) Physical measures - to establish physical security measures (e.g. room access control and wire locks).

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Any changes to the live services have to go through an internal development, testing and QA process.; During the development process there is peer review and security checks are carried out to ensure that the component deployed to the live service do not create any security risks.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: AWS provide security updates for any patch updates. Github alerts alert us to any patches that are required to be updated. Automated tools carry out security scanning on the underlying code. An annual penetration test process is carried out. Speed of patch deployment depends on the severity of the identified threat. High risk items are delivered in 2 weeks. Medium risk are within 6 weeks. Low risk are within 6 months.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The development team has automated tools such as Sonarqube which scans the application code regularly and reports on any vulnerabilities found in the code. The development team reviews these reports and works on addressing them as part of the development process. In addition there is an annual penetration test carried out by an independent CREST-accredited company. This tests aspects of the application for various user journeys with varying levels of access ensuring vulnerabilities covered by the OWASP standard such as CSS, code injection and others can be detected and reported.
• Incident management type: Supplier-defined controls
• Incident management approach: We have a pre-defined process - customers report an incident to our Client Services team who log a ticket. The ticket is assigned to an agent who investigates. Where technical input is required, it is escalated to the technical support team. Depending on the severity of the incident, the appropriate action is taken. Incident reports are provided by the Client Services team, and shared with the customer and development stakeholders.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Covid-19 recovery:

  Covid-19 recovery

  Our platform helps increase utilisation of community spaces. Utilisation increase means more money is directly sent back to the council to be spent on local initiatives which will benefit local people.; ; Utilisation positively impacts development of social fabric. For example, community groups and initiatives will use space to provide activities which positively impact Covid-19 recovery, for example:; ; SPORT & PHYSICAL ACTIVITY:; Activities that involve exercise and positively contribute to physical and mental health, such as yoga, football, dance etc. These activities contribute to healthier lifestyles which reduces pressure on local health services that have been impacted by Covid-19.; ; SOCIAL ACTIVITY:; Activities such as parties where local people engage with one another. This helps to rebuild local connections that may have been affected by Covid-19.; ; SUPPORT GROUPS :; Increase in support groups such as bereavement support networks provides greater mental health support in local areas, including those affected by Covid-19.; ; EDUCATION:; Educational programmes using local space helps to develop skills in local populations that may be attractive to employers. This in turn improves employability for those left out of work by Covid-19.
• Tackling economic inequality:

  Tackling economic inequality

  SUPPLY CHAIN:; Community spaces offer great opportunities for entrepreneurs, start-ups, SMES and VCSES that require access to cost-effective space. Making these organisations aware of available space, and making it easy to find, book and pay for spaces, creates opportunities for these organisations to establish and prosper in your area. Our platform allows you to promote their activities, which in turn positively impacts their cause and creates engagement with communities.; ; EFFICIENCY:; BookingsPlus creates efficiencies amongst your teams by automating elements of the process that are laborious and ineffective. This frees up teams to focus on productive, positive activities, for example proactively engaging VCSE organisations that might wish to use community space. Increased productivity has positive effects for the council and community, which is achieved by adopting a modern digital solution.; ; SCALABILITY:; As with you would expect from SaaS platforms, BookingsPlus is designed to handle increased demand and provides scalability. The pricing model (percentage of revenue) is designed with scalability in mind - you pay less for low usage and more for increased success. Increases space utilisation means more income and therefore the platform is paid for with profits.
• Wellbeing:

  Wellbeing

  Our platform makes major contributions to Wellbeing in local populations. Ultimately our platform increases utilisation of local spaces, which has the following impacts.; ; IMPROVE HEALTH & WELLBEING:; Increased utilisation of spaces almost entirely positively impacts on health & wellbeing. Increased utilisation of spaces means an increase in the following types of activities, and their associated impacts.; ; SPORT & PHYSICAL ACTIVITY:; Activities that involve exercise directly positively affect to physical and mental health, such as yoga, football, dance etc. These activities contribute to healthier lifestyles which reduces pressure on local health services that have been impacted by Covid-19.; ; SOCIAL ACTIVITY:; Activities such as parties where local people engage with one another. This helps to foster local relationships which are vital for positive mental health and wellbeing.; ; SUPPORT GROUPS:; Increase in support groups such as bereavement support networks provides greater mental health support in local areas, including those affected by Covid-19.; ; EDUCATION: ; Educational programmes using local space helps to develop skills in local populations that may be attractive to employers. This in turn improves employability for those out of work. Being in regular employment is vital for positive wellbeing, and therefore these initiatives have a huge impact.; ; COMMUNITY INTEGRATION:; All of the above involves bringing local people together. It gets more people in the same room and leads to improved local relationships, connections and ultimately community. ; ; Greater utilisation of council space is important for communities and the council, as it supports resilient community objectives. Councils provide space more cost-effectively to communities than private companies, creating additional value and positively affecting perceptions of the council.

Pricing

• Price: £400 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at G-cloud@kajima.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.