Marketing Services - Data Enrichment

Service scope

Software add-on or extension: Yes, but can also be used as a standalone service
What software services is the service an extension to: Microsoft Dynamics, Blackbaud
Cloud deployment model: Public cloud

Hybrid cloud
Service constraints: Web Platform has a 2GB File Limit.
All other means os using the service do not have any limits
System requirements: We are flexible in meeting your requirements

User support

Email or online ticketing support: Email or online ticketing
Support response times: Response times are 8:30 to 5:30 Monday to Friday but additional support could be stood up if required.
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: No
Onsite support: Onsite support
Support levels: Support prerequisites are consulted and agreed upon based on client business requirements.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: In order to ascertain the precise configuration of their solution, Sagacity collaborates with clients to establish and verify their application needs. The agreed upon delivery methodology and the particular requirements of the solution will determine the onboarding and offboarding procedure. This procedure usually entails knowledge transfer and documentation tasks.
Service documentation: Yes
Documentation formats: HTML

PDF
End-of-contract data extraction: Sagacity may help the client by organising and carrying out cloud-based exit initiatives. Data is transferred to the customer via encrypted means, Dashboards, or it is deleted in accordance with GDPR regulations and the terms of the client contract. This might be decided upon during project planning to satisfy the buyer's needs.
End-of-contract process: Each contract definition includes contract exit alternatives, which are reviewed with the client at the beginning and conclusion of the agreement to make sure that any legislative requirements that were in effect at the time may be taken into consideration. There can be extra fees to compensate the difficulty of fulfilling the client's expectations, depending on the amount of extra labour needed.

Using the service

Web browser interface: Yes
Supported browsers: Internet Explorer 11

Microsoft Edge

Firefox

Chrome

Safari

Opera
Application to install: No
Designed for use on mobile devices: No
Service interface: No
User support accessibility: WCAG 2.1 AA or EN 301 549
API: Yes
What users can and can't do using the API: A RESTful API users can submit requests to perform a variety of data cleansing operations on consumer and business data using industry leading reference files, including but not limited to:
- Data Enhancement – Hundreds of individual, household and postcode level attributes, age append, telephone number append, Mosaic
- Geographic functions such as perform a radius calculation on a postcode or nearest to calculation on a single/list of postcodes

Supports single or batches of records in a single request using REST (JSON/XML) or SOAP.
Requests up to 1,000 records can be submitted synchronously, over this asynchronous requests are enforced.

Ability to retrieve matching statistics before committing to purchasing results.

Requests can be grouped together using a ProjectName, enabling the invoice to be split for easier identification processing and billing.

Specific logic/services can be added to the API, controlled either on an account by account basis, or using the IntegratorKey to identify required functionality for the operation.
API documentation: Yes
API documentation formats: Open API (also known as Swagger)

HTML

PDF
API sandbox or test environment: Yes
Customisation available: Yes
Description of customisation: All customisation requirements are agreed separately with Customers in line with their requirements.

Scaling

Independence of resources: Our platforms and infastructure is capable of handling hundreds of millions of records so scaling is rarely needed

However we have multiple technical departments which are capable of scaling up infrastructure to handle larger requests where needed

Analytics

Service usage metrics: Yes
Metrics types: The platform provides detailed usage, and where applicable, covering user and service-based usage. These are delivered within the platform is dashboards and reports and can be exported to standard formats.
Reporting types: Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Conforms to BS7858:2019
Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least once a year
Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest: Physical access control, complying with CSA CCM v3.0

Physical access control, complying with SSAE-16 / ISAE 3402

Encryption of all physical media

Scale, obfuscating techniques, or data storage sharding
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation

Deleted data can’t be directly accessed
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach: Data from the platform can be accessed directly via the end user and data can be allowed to be exported/imported to/from standard formats based on configured limits and access control policies. Data can be exported/imported to/from a variety of standard data protocols including APIs, SFTP, HTTPS. Likewise, native support for standard data formats is provided including CSV, JSON, XML, with extensible support for proprietary formats like Excel.
Data export formats: CSV

Other
Other data export formats: Excel

XML

JSON
Data import formats: CSV

Other
Other data import formats: JSON

XML

Excel

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)
Data protection within supplier network: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability: Sagacity collaborates with clients to identify appropriate service levels, ensuring that the hosted and managed services meet their needs. We ensure that the appropriate underpinning contracts and Operating Level Agreements (OLAs) are in place in order to guarantee that we can supply the necessary levels of availability. We promise that during business hours, the service will be accessible 99.9% of the time. Over the past two years, our availability has comfortably surpassed 99.5%. We can talk about different cloud deployments and designs for use cases that need stronger availability guarantees, at an extra cost.
Approach to resilience: No single hardware component is required because all cloud resources are virtualized. The availability of the underlying infrastructure is 99.999%. To reduce service expenses, all service components are typically deployed in a single availability zone. Because each client deployment is managed as a distinct cloud instance, any behaviour that affects one client deployment's performance cannot influence any other client deployments. Every day, a daily backup of all client data is performed to provide extra security against potential losses, data corruption, and service outages. Apart from the single zone service, multi zone availability is also a possibility, albeit at an extra expense, in which all service components are replicated at a second site. Primary or single zone hosting is typically situated in the UK or EEA.
Outage reporting: Incidents impacting services are emailed to the client's primary contacts. Incidents that impact service comprise not just service outages but also any observation of decreased service performance or absenteeism. Only a report of the observation may be included in the initial emails. Notification of the complete restoration of services, an estimated time frame for restoration, or more information on mitigations or workarounds will all be included in follow-up emails. Additionally, since the emails are sent by a client support team that can reply to requests for more information—rather than "no-reply" mailboxes—the assigned Sagacity Service Delivery Manager contacts customers proactively when necessary to request more information or assistance. Sagacity creates personalised online spaces for clients.

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Username or password
Access restrictions in management interfaces and support channels: SSO and support for SAML based identity providers providing common access controls such as MFA
VPN support
RBAC access controls
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Dedicated link (for example VPN)

Username or password

Audit information for users

Access to user activity audit information: Users contact the support team to get audit information
How long user audit data is stored for: User-defined
Access to supplier activity audit information: Users contact the support team to get audit information
How long supplier audit data is stored for: User-defined
How long system logs are stored for: User-defined

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: BSI
ISO/IEC 27001 accreditation date: 05/10/2023
What the ISO/IEC 27001 doesn’t cover: Sagacity do not exclude any clauses
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: No controls are excluded from ISO27001. All policies and processes are followed. Sagacity Solutions are audited by BSI annually and non-conformance of policies and procedures are raised as incidents and thereafter an investigation is started. Sagacity ensure policies are followed by informing staff of the importance of information security and regular training and updates on policies are carried out. Sagacity have a Information Security Governance Team who meet bi-weekly to discuss Information Security within the business and any external risks that may affect the business. Here concerns are raised for any project undertaken and discussed in depth.

Operational security

Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach: The ISO27001 standard is recognised for component lifecycle management, which includes safe destruction and storage overwrite. Service software is built using pre-existing (open source and commercial) software components, is only downloaded from the official repository, and is security-checked before usage. All version numbers and change dates are noted in the service deployment checklist. Reviewed for new or modified features or capabilities, as well as internal software library requirements, are planned infrastructure or software changes. Configurations are modified as appropriate to eliminate pointless new features or reduce any further security vulnerability.
Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach: In order to stay informed about new risks, we keep an eye on vendor and security researcher blogs as well as vulnerability feeds. Next, we examine the possibility of affecting service and, if so, establish the likelihood and severity of the impact. We develop a mitigation strategy based on our assessments, which can involve an upgrade that is planned, an emergency upgrade, or a modification to operation procedures. After assessment and planning, operational modifications and emergency enhancements are implemented as quickly as is reasonably possible. The standard upgrade or patching cycle accommodates planned upgrades.
Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach: Potential security issues can be easily identified, categorised, and analysed with the help of system event monitoring. All security-related incidents are categorised as having a significant impact on services, escalated appropriately, and dealt with right away. Depending on the type of infiltration, several methods and procedures are used to reduce the impact and restore service integrity. Additional information is provided upon request.
Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach: Employees are made aware of the procedure to raise incidents and report them, regardless of their perceived scale to the individual. Incidents must be managed following the process defined. Incidents must be formally recorded, analysed by a member of the IST and if necessary reviewed and approved by the ISMT.
BIA, decisions made during the incident, any approvals associated with containment and eradication measures and resolutions and lessons learned from any incidents must be recorded in detail for future reference and verification.
Sagacity may encounter incidents relating to a range of issues formal classification of incidents has been devised

Secure development

Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks: No

Social Value

Fighting climate change
Covid-19 recovery
Tackling economic inequality
Equal opportunity

Fighting climate change

Sagacity is a paperless business and requests that emails are only printed if they really need to be. In addition, old and unused IT equipment is recycled and donated to charity instead of being disposed of.

Covid-19 recovery

Our COVID19 data allows us to understand those most likely affected and for our clients to support them as necessary. Our Property data allows clients to evaluate the carbon footprints of households and businesses whilst also providing advice on how to support energy efficiency.

Tackling economic inequality

We provide vulnerability models to help clients better provide and cater for their vulnerable customers, especially those who are marked as economically vulnerable, allowing for fairer services to be provided. We also have data at a local level on health and wellbeing.

Equal opportunity

Sagacity is committed to promoting equality and diversity and promoting a culture that actively values and recognises the differences between backgrounds and cultures and the valuable experiences and insights that this offers to the workplace. Sagacity has an Equal Opportunities policy with the aim of managing diversity successfully to help the company nurture creativity and innovation, growth, and improved competitiveness.

Sagacity aims to offer an inclusive environment in which diversity is valued and used in a respectful way to create an effective and efficient workplace and recruit and retain a diverse workforce that reflects the community that we serve. Sagacity also aims to ensure that all employees have the opportunity to maximise their potential and enhance their self-development and their contribution to the business.

Pricing

Price: £320 to £12,000 a licence
Discount for educational organisations: No
Free trial available: Yes
Description of free trial: Free access to Online and Audits for data quality
Link to free trial: https://online.sagacitysolutions.co.uk

Marketing Services - Data Enrichment

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

Marketing Services - Data Enrichment

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents