MaxContact

Omnichannel Contact Centre Software

MaxContact’s powerful contact centre platform offers scalability and flexibility to fit your organisation’s needs. Whether it’s outbound dialling or omnichannel, our solution brings together customer interactions into one seamless platform. Improve customer experience, increase efficiency, and drive continuous improvement with full visibility of your team’s performance – wherever they’re working.

Features

• Omnichannel Solutions (Voice, SMS, WhatsApp, Social Media, Web Chat)
• Inbound Contact Centre Solutions
• Advanced Outbound Dialling
• Performance Measurement & Reporting
• Speech Analytics
• Team development and Performance Insights
• AI Chatbot Functionality
• Quality Assurance Insights
• Data Management, KPI's and Dashboards
• Workforce Management

Benefits

• Consolidate customer interactions across multiple channels into one platform.
• Build streamlined IVR systems with PCI-compliant payment functionality.
• Optimise outbound with predictive dialling and Answer Machine Detection.
• Gain valuable insights with real-time and historic data.
• Harness speech analytics to increase compliance and customer experience.
• Give customers a personalised self-serve option with AI Chatbots.
• Enhance your team's skills with real-time performance data.
• Effective workforce management to optimise resourced and reduce staff churn.
• Empower your team to manage multiple inbound channels simultaneously.
• Boost customer and employee experience, all while reducing costs.

£40.00 to £85.00 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Richard.Coward@MaxContact.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

512977178078725

Contact

Richard Coward
07919566942
Richard.Coward@MaxContact.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Service available 24/7 365 days a year, maintenance is always performed outside of working hours
• System requirements:
  • Internet Connected Device
  • Modern Browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Depends on severity of ticket but between 15 minutes and 24 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Testing for visually impaired and differently-abled users
• Onsite support: Onsite support
• Support levels: We have two levels of customer support 8am-8pm or 24/7, standard 8am-8pm support is included within license costs. 24/7 support is an additional cost charged at £10 per user per month. Both support packages include all software upgrades and onsite account management as well as monthly online training courses.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We ask all customers to complete a customer onboarding document, this provides us with the customer requirements. We will then configure the system to your exact requirements and then provide onsite or remote training on how the system has been configured and how it can be amended in the future. Training is split into multiple sessions which are tailored to specific job roles and these sessions can be customised to your exact requirements. User documentation along with online videos and recordings of previous webinars are available on our knowledge base.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the end of the contract we will provide our customers with a secure Microsoft Azure Blob Storage link. This will include a copy of the database including all information along with all call recordings. We then ask for a dedicated user email address, the IP address in which you will be accessing the data and will then send a secure link which will expire after a configurable period of time. Once all the data has been downloaded we will permanently delete the data along with any backups in line with our Data Deletion Policy.
• End-of-contract process: At the end of the contract any ongoing subscriptions will stop being charged and we will provide you with the secure link as described in the previous question to download your data. We dont charge anything for this method of customer off-boarding. If a different method of off boarding was required this maybe chargeable but only if we incurred significant labour or 3rd party costs.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile devices are mainly used for managers rather than advisors, due to the lack of space on a mobile device it is difficult for advisors to be able to handle multiple concurrent interactions on a mobile device.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: There are various data management services that allow data to be imported, updated and extracted from the platform. Telephony controls can also be controlled via API to take the functionality from our system and embed it into another platform e.g. Back office system. The only limitations are that API's are locked down by IP Address, Token and username and password. These limitations are put in place for security reasons.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: All elements of the system can be customised to your exact business requirements. These include the interaction channels, configuration, dashboards, wallboards along with alerts. All customisation is available within the product and requires no technical knowledge, operational staff who have been on our training courses or read/watched our online guides will be able to perform the customisation.

Scaling

• Independence of resources: All customers have their own dedicated environment with no shared resources so it is impossible for any of our customers to have an impact on another customer. All of our customer environments are built to the required specification to handle the expected load plus an overhead for an unexpected usage

Analytics

• Service usage metrics: Yes
• Metrics types: Service Availability; Number of tickets created and resolved; Average resolution of tickets; SLA Adherence; Who created the tickets; Method ticket was received; Bugs Raised; Feature Requests Raised; Top 10 ticket types; Ticket Categorisation; Incidents Raised and Resolved; Plus any other metrics which you may require
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data can be exported within the product should the user have the permission to do this, or can be exported using our standard or custom reporting functionality. Both of these can be completed by non technical staff who have been on our training course or read/watched the user documentation. The other two options are more technical these require either accessing OData or using a replication server to export the information.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • PDF
  • SQL Database
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We contractually guarantee 99.9% platform availability, the actual uptime across the base over the last 12 months was 99.997%. Service credits are provided if the availability drops below 99.9% and is a sliding scale with the lower the availability the higher the service credit percentage.
• Approach to resilience: All UK customers are hosted in Microsoft Azure UK South (London) or UK West ( Cardiff), the system is configured to have local redundant storage which is in a different fault zone with high availability to a different fault zone in a different region so that if all data centres in one location failed the system would failover to the other region.
• Outage reporting: These are included within the monthly service reports, customer would receive email alerts if there was a problem. Internally we have dashboards which highlight any issues across infrastructure or applications.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Management interfaces are locked down by permission group, users can be added to a permission group which means they inherit the permissions from that group. Permissions can be limited to whether they can access a page or not and what functionality on the page can be seen. Permissions are very granular which can be configured to your exact requirements. Access to support channels is limited to Operational and Technical contact who need to be added at point of onboarding and can only be amended by an Operational Contact
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 15/11/2021
• What the ISO/IEC 27001 doesn’t cover: The only SoA clauses which arent covered are A11.1.6 (Delivery & Loading) & A14.2.7 Outsourced Development
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: NCC Group
• PCI DSS accreditation date: 27/04/2024
• What the PCI DSS doesn’t cover: The AoC only covers us for MOTO/Call Centre as we partner with a level 1 compliant company
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: As part of our ISO27001 accredited Information Security Management System this is made up of over 100 policies and procedures. These include but not limited to Information Security, Clear Desk ,Access Control, Acceptable Usage, BCP & DR, Change Management, Mobile Device, Patch Management. Top Level Management are involved in the ISMS and involved in the quarterly reviews, along with Weekly and Monthly meetings along with the internal quarterly audit and external annual audits. The reporting structure follows our company hierarchy with the relevant escalation procedures. We ensure that policies are followed by ensuring that all employees understand the important of Information Security and why it is critical to the success of our business. This starts from their first day of employment as Information Security is included throughout the induction training. All employees have to complete at least 6 monthly refresher training courses, with staff who have access to customer data or manage infrastructure having to complete refresher courses every 3 months. Following training courses all staff have to complete an examination on the content of the refresher course along with additional questions relating to their role or department. Any staff who dont achieve the pass have to repeat the training.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The change management process is split into three different types of change:- Standard, Normal and Emergency. The type of change is determined used our Risk & Impact Matrix which highlights the level of impact and risk. All change requests are document and go through different change processes dependent on the type, some can be authorised by Managers others must go through one of the bi weekly CAB meetings for approval. Configuration changes are split by type into Internal and Customer Initiated. This allows for all changes to be tracked and reviewed and forms part of our KPI Reporting.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerability scanning is included within Azures Security Centre, this allows for VM's, Databases and networks to be continually monitored. In the event that a threat is identified this is displayed in Wallboards within the DevOps team and creates a critical ticket in our help desk software. Patches are deployed anything from same day to 7 days depending on the severity level. The severity level is determined using a risk rating process which will then determine the priority.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Protective monitoring is in place in multiple places, the first place is part of Microsoft Azure offering is Azure Security Centre this provides tools for monitoring of infrastructure, VM's and then internal monitoring software is used to monitor the applications which are then installed on the VM's. Any alerts from Azure or internal systems automatically are flagged on to DevOps wallboards and Dashboards with a ticket created within internal helpdesk system as Critical. This emails all managers and Directors so that visibility is provided to a range of employees, with continual alerts until the alert has been verfied and mitigated.
• Incident management type: Supplier-defined controls
• Incident management approach: There are various processes for incidents depending on the type of incident e.g Compliance, security, availability. All processes are documented within our Incident Management Procedure with the relevant process flows so all staff are aware who they need to inform, how the incident should be categorised, the severity of the incident. Depending on the incident type these will be logged via internal ticket management system with the appropriate tag e.g. security, this will then alert the relevant managers or directors. Templates for different types of incidents are available within the policy to ensure the relevant information is captured.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Public Services Network (PSN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We have a carbon reduction plan in place to become Carbon neutral by 2050 with a initial plan for 2030. Microsoft Azure has also done analysis showing running services in Azure is 98% cheaper than running solutions on customer premises

  Covid-19 recovery

  By allowing for system to be accessed from any internet device allowed people to be able to work from any location to allow for people to be able to get back into work. We also supported over 2000 advisors to provide Track and Trace services during Covid

  Tackling economic inequality

  We support start up organisations for SME sized companies by providing them with access to systems which other global organisations don't provide due to the number of licenses being acquired.

  Equal opportunity

  By ensuring the all suppliers with in our supply chain guarantee they agree to manage the risks and ensure that modern slavery is not present in any of their supply chains

  Wellbeing

  Agent wellbeing feature has been added to the agent interface with reminders on exercise, hydration with reporting on how teams not individuals are interacting with the feature

Pricing

• Price: £40.00 to £85.00 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Full system access for a period of 30 days typically, however this can be extended up to a maximum of 90 days. Training and configuration is also included free of charge. The only system functionality which is excluded is bespoke integration and PCI compliant payments

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Richard.Coward@MaxContact.com. Tell them what format you need. It will help if you say what assistive technology you use.