GB Group plc

GBG Loqate

Loqate is a real-time address validation and verification solution that provides the ability to capture and validate/verify addresses/changes to postal addresses and provide insight about a specific location e.g. geo co-ordinates, building height or flood risks. Loqate can validate email addresses, Bank Account details and mobile and landline phone numbers.

Features

• Intuitive user interface and search tools
• Instant data verification
• Enrich basic location data
• Returns results in sub-second speed
• Improves on boarding experience
• Supports targeted marketing campaigns
• Validate telephone numbers, email addresses to confirm if live
• Builds great customer relationships
• Provides quality location intelligence
• Provides full global coverage

Benefits

• Validates input data to support onboarding process
• Improves overall cusomer experience
• Provides valuable insight to support targeted marketing campaigns
• Provides usable customer profiles
• provides fast and accurate validation services
• Offers global service accross 240 global territories

£200 a user a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Bid.Management@gbgplc.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

490141733793132

Contact

Rhys Davies
01244 657333
Bid.Management@gbgplc.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: The systems consuming GBG Loqate must be able to connect to HTTPS/Port 443 and also be TLS 1.2 compliant.
• System requirements:
  • HTTPS/Port443 Connection
  • Compatible Browser
  • Valid Licensed Credentials

User support

• Email or online ticketing support: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: 24/7 frontline support
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online documentation; Training available on request
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: GBG don't hold data, user credentials will be deleted 30 days after contract end (or sooner by request)
• End-of-contract process: To be discussed with the client

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: API provided access to most functionality available through the Portal. ; Some exceptions will exist such as producing PDF reports.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Via the API the service can be blended into your own applications

Scaling

• Independence of resources: Capacity planning and management are part of the GBG Loqate Service provision. The usage and consumption of resources is regularly monitored and additional infrastructure can be introduced should usage approach capacity.

Analytics

• Service usage metrics: Yes
• Metrics types: Self Service reports are available for administrators
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Via PDF reports or CSV file
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats: Other
• Other data import formats: User types in Search Criteria

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Target Availability is 99.9%
• Approach to resilience: Available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Available on request
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 07/05/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The GBG Information Security Policy combines the development, delivery, management and maintenance of secure infrastructure and applications, in support of GBG Identity Management offerings, and specifically Verification and Assurance. Within GBG, the Chief Information Security Officer (CISO) has overall accountability for Information Security and it is the responsibility of the CISO to make the appropriate provisions for establishing controls to ensure adherence to the GBG Information Security Management System. The CISO also provides the Executive Management Team and GBG Shareholders with an Information Security review at the end of the financial year. The Company Secretary chairs the quarterly Internal Controls Board, and is the main document signatory for GBG. The Company Secretary is also head of GBG’s Legal team, who are responsible for ensuring compliance to all relevant legislation.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Available on request
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Available on request
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Available on request
• Incident management type: Undisclosed
• Incident management approach: Processes are in place.; Available on request

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  At GBG our Environmental, Social and Governance Strategy (ESG) – Environment, Everyone and Ethics – reinforces our commitment to embed a sustainable and ethical approach in everything we do. It represents what makes us unique and provides the framework to drive action on the most impactful and important areas.; As part of GBG’s participation on the G-Cloud14 Framework, we have a Social Value Action Plan that is updated annually, demonstrating our commitments to meeting PPN06/20. ; GBG commits to offering equal opportunities across our global workforce, achieved through our employment, training, and career development policies and practices, promoting equality of opportunity regardless of gender, sexual orientation, age, marital status, education, disability, race, religion or other beliefs including ethnic or national origin.; Everyone in our team has access to opportunities to learn, develop skills, grow their careers and progress. Through our training platform ‘be/developed’, we offer a broad range of power skills and job specific learning opportunities, updated regularly, promoting an inclusive and diverse culture. The platform is available to all GBG team members, including part-time and contractors, who are required to complete mandated training courses. We partner with different training providers globally to provide a mix of specialist and professional development for our team.; Influencing the behaviour of our staff and the communities we work in is imperative to GBG’s mission as an organisation. Examples include:; 1. Demonstrating our commitment to Equality and Diversity.; 2. Support LGBTQ+ team members, encouraging a culture of belonging and acceptance.; 3. Tackle barriers to entry that many people experience, especially women in the technology sector.; 4. GBG is a gold sponsor of Women in Identity’s flagship research, the ID Code of Conduct.; GBG’s ESG commitments can be found here: Environmental, Social and Governance | Investors | GBG (gbgplc.com)

Pricing

• Price: £200 a user a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Included: Subject to client requirement; Not Included: Subject to client requirement; Limited Time Period: Typically 4 weeks

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Bid.Management@gbgplc.com. Tell them what format you need. It will help if you say what assistive technology you use.