SurveyMind

SurveyMind: AI Analysis for Consultation Responses

A summarisation and analysis platform that supercharges analysis of consultation responses. Simply upload your consultation responses and SurveyMind's technology will analyse the contents.

SurveyMind guarantees complete data sovereignty with full GDPR compliance by ensuring all operations and data-hosting occur and remain within the UK.

Features

• Utilise AI to analyse consultation responses to uncover new insights.
• Data is hosted and processed solely in the UK.
• Simple to use SaaS platform.
• Transcribe and translate into multiple languages.
• Ability to transcribe complex terminology, including medical and technical.
• Accepts all major audio and video file formats.
• Web browser based.

Benefits

• Quickly categorise your consultation response
• Easily track progress of transcriptions and summaries.
• Bulk upload multiple files at once for processing.
• Analyse across multiple consultation responses to explore key themes.
• State-of-the-art Security infrastructure to protect your data

£1.80 a unit an hour

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at alex.sunley@surveymind.io. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

458200040174038

Contact

Alex Sunley
07525758490
alex.sunley@surveymind.io

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: We aim for 99.9% uptime, and users will be notified of any planned maintenance windows, which are typically undertaken at weekends.
• System requirements:
  • Desktop, Laptop or Tablet to use for system access.
  • Secure network and connectivity to a standards-compliant web browser.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We aim to respond to all queries within 24 hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support can be accessed by email or phone. We aim to respond to all issues - both simple or requiring technical support - within 24 hours.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Documentation and tailored support are provided within the platform to help users get started. We also provide additional free training to Enterprise Account holders.; ; Any further training can be provided based on an individual's needs (at extra cost).
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Transcripts and reports are saved on the users account and become their property. The user may extract their data at anytime (transcripts are by default in .txt format).; ; Audio/Video recordings and their associated transcripts and summaries can be deleted from the service by the user.
• End-of-contract process: Should the agreement come to an end, we will, at the request of the Customer, either return or erase the Customer's Personal Data. Additionally, we will eliminate any copies of this data in our possession, unless we are obligated to keep the Customer Personal Data in compliance with relevant UK legislation.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The site is optimised for use on Desktop, Laptop and Tablet (width greater than 768px) as a browser-based application, though it is also accessible on mobile and tablet devices with a width less than this.
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: The service is accessed by a web-based browser.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: We've conducted interface testing for users of assistive technologies, which includes use of screen readers and keyboard-only navigation.
• API: No
• Customisation available: No

Scaling

• Independence of resources: Our services are powered by AWS and Microsoft Azure, enabling us to dynamically scale in response to user demand. This infrastructure not only allows for seamless scalability but also ensures unparalleled reliability, guaranteeing that our services remain robust and consistently available, regardless of the load.

Analytics

• Service usage metrics: Yes
• Metrics types: We monitor usage in a variety of cases;; - Duration of audio/video uploaded;; - Languages Spoken, ; - No of Speakers
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: All transcripts and analysis are stored in the user's account until such time as they delete them. Data can be exported using the service interface.
• Data export formats: Other
• Other data export formats: .txt
• Data import formats: Other
• Other data import formats:
  • Word (.docx)
  • Text (.txt)
  • Audio (mp3, mp4, mpeg, mpga, m4a, wav, and webm)
  • Video (mp4, mpeg, mpga, m4a, and webm)

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9%
• Approach to resilience: Service is hosted in cloud with automatic recovery of system.
• Outage reporting: Email Alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Firstly, we mandate the use of Multi-Factor Authentication for all staff users. ; ; Secondly, access to management interfaces is governed by Role-Based Access-Control mechanisms. ; ; Moreover, we conduct regular audits to review access levels, ensuring they remain appropriate for each user’s role.; ; In the event of a security breach, our response team is immediately mobilised to address and mitigate any potential damage, with a clear protocols in place. Regular training programs are conducted to ensure that all employees are aware of the importance of security practices. Finally, we conduct regular security assessments to identify and address potential weaknesses in our access-control mechanisms.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: All staff members are trained on Information Security and provided a handbook as part of their onboarding. We also have regular training on latest developments in information security.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All components of our service (hardware, software, network devices, etc.) are inventoried. ; ; We use continuous monitoring tools to monitor the status of our service at all times.; ; Regular audits are conducted to ensure that the configurations match the documented baselines in full.; ; All changes undergo a rigorous assessment process to evaluate their potential security impact. This includes a detailed review of the change proposal, risk analysis, testing in a controlled environment, and formal approval by our change advisory board.; ; Comprehensive documentation for each change includes the rationale, impact analysis, testing results, and approvals, securely archived for future audits and reviews.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: How we assess potential threats: We employ automated vulnerability scanning tools throughout our infrastructure, which are deeply integrated into our CI/CD pipeline, and are continually monitoring for potential threats.; ; Patch Development: We deploy immediate patches for critical vulnerabilities, using blue-green deployment techniques to minimise downtime and ensure service continuity. Non-critical patches are scheduled during less busy hours within a week of identification.; ; How we source our information: In addition to the industry-standard threat detection tools, we are in continuous communication with industry experts as well as trusted advisors and specialised sources, including AWS and Azure security advisories.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We implement a continuous monitoring approach that uses automated tools to identify potential compromises as soon as possible. These tools employ state-of-the-art algorithms and data analytics to detect any behavioural anomalies that are indicative of a potential threat. We combine this automated approach with best-practice management and oversight, with regular audits of the entire system conducted thoroughly on a defined schedule.; If a potential compromise is detected, we respond immediately, notifying the incident-response-team, who are on call 24/7 for this purpose. They make an initial assessment and contain within hours, and eradicate and recover as soon as possible thereafter.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: All staff are given formal training in how to respond to incidents appropriately, including detailed and specific instructions for who to notify, how and when. This includes our Incident-Response-Team, who are on call for all major incidents 24/7, and who have a defined process for dealing with disaster recovery; threat isolation, containment and eradication; and critical system support. Users report all critical incidents immediately by notifying the incident response team via telephone, and as soon as this is done they then fill in a preliminary incident report form; this is completed by the IRT once the situation is resolved.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  In our commitment to enhancing health, well-being, and community integration, we adopt a holistic approach to promote the well-being of our workforce.; ; Our regular activities are designed to foster an environment of inclusivity, health, and mutual support.; ; We actively support and champion the charity, Colour of Research, hosting events for the charity that champion diversity within market research. Such engagement encourages a sense of belonging and community among our workforce, and supports our DEI initiatives.; ; Understanding the critical role of physical health in overall well-being, we provide our staff with gym memberships and access to wellness programs. These resources empower individuals to take charge of their health, enhancing their physical well-being, which in turn supports mental health. Recognising the importance of balance, we also offer well-being days off, allowing our team members to recharge and pursue activities that contribute to their holistic well-being.; ; To improve community integration and foster strong, integrated communities, we engage in collaborative efforts with users and communities in the co-design and delivery of our contracts. ; ; Furthermore, we extend our influence beyond our immediate circle by encouraging our staff, suppliers, and customers to adopt similar practices. Through workshops, seminars, and community events, we share knowledge and strategies on promoting health, well-being, and community integration, thus amplifying our impact.; ; In conclusion, our comprehensive approach to supporting health, well-being, and community integration reflects our commitment to not just meeting contractual obligations, but enriching the lives of all stakeholders involved. Through targeted activities, strategic partnerships, and a culture of inclusivity and support, we aim to create a ripple effect of positive change that extends far beyond the scope of our contracts.

Pricing

• Price: £1.80 a unit an hour
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Users are able to get 5 free hours of transcription time and 50,000 free Words for analysis, summarisation and translation tasks.
• Link to free trial: https://surveymind.io/sign_up/?freetrial

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at alex.sunley@surveymind.io. Tell them what format you need. It will help if you say what assistive technology you use.