pagespry Publication Automation & Pagination

Service scope

Software add-on or extension: Yes, but can also be used as a standalone service
What software services is the service an extension to: ECommerce Platforms,
Content Management Systems,
Product Lifecycle Management Systems,
Cloud deployment model: Public cloud

Private cloud

Hybrid cloud
Service constraints: Planned maintenance will be undertaken without disruption to live services. However, in the unlikely event that maintenance may affect live services, a maintenance period will be scheduled and communicated to customers in advance
System requirements: All that is required is any modern browser

User support

Email or online ticketing support: Email or online ticketing
Support response times: EMAIL AND ONLINE TICKETING SUPPORT. We offer technical support to customers through email, telephone and a Helpdesk ticket support system. We operate this facility during Working Days and Working Hours although customers can send emails or log issues using the Helpdesk 24/7.

However, for an additional cost outlined in our pricing document, clients will receive 24/7/365 response for email and telephone requests out with normal office hours
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: WCAG 2.1 A
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: Web chat
Web chat support availability: 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard: WCAG 2.1 A
Web chat accessibility testing: The web chat software we deploy is 'Live helper chat' and has been tested by our team
Onsite support: Yes, at extra cost
Support levels: SUPPORT LEVELS
CATEGORY A.
Fault which makes the Software unusable. 1 hour response, urgent ASAP resolution.
CATEGORY B.
A fault which has a material effect upon the functionality, accuracy or performance of any substantial function of the Software . 2 hour response, 7 hours resolution.
CATEGORY C.
A Fault which does not permit the customer and its competent employees to make full, efficient and proper use of the software. 2 hour response, 21 hours resolution.
CATEGORY D.
Shall be a minor cosmetic Fault, which does not affect the performance of the Software or the Customer’s use of it. 4 hour response, resolved at a date agreed with the customer.

TYPE OF STANDARD SUPPORT PROVIDED
• Correctly assessing and categorising reported incidents.
• Filtering out any end-user errors i.e. operator error
• Allocating priority categories and escalating responses.
• Ensuring calls are directed to the correct resource to diagnose/resolve problems.
• Updating on the progress of incidents, according to the SLA requirements.
• Managing change implementation
• Manage version control.
'Out-of-hours' support and a dedicated Technical/Cloud Account Manager can be provided at an extra cost.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: We offer full on-boarding sessions with training on the platform, as required. We also provide extensive service documentation, from quick start for 'users' through to technical documentation for administrators, to suit users of all levels.
Service documentation: Yes
Documentation formats: PDF
End-of-contract data extraction: We have a full off-boarding process for the purposes of handing over data and other assets at the end of a contract. Pindar Creative provides data export facilities for transaction, product catalogue and customer data, with controls to define the export format. Additionally we can provide bespoke export facilities using our API if required.
End-of-contract process: We have a full off-boarding process for the purposes of handing over data and other assets at the end of a contract, as well as closing off the contract formally and ensuring that all contractual requirements have been met in relation to the closure of work. This is managed by the terms negotiated on the T&C's depending on each agreement.

Using the service

Web browser interface: Yes
Supported browsers: Microsoft Edge

Firefox

Chrome

Safari
Application to install: No
Designed for use on mobile devices: No
Service interface: Yes
User support accessibility: WCAG 2.1 A
Description of service interface: A permanently, viewable, static, side panel, enables one click access to SYSTEM ADMINISTRATION: (Customer details/System statistics), ADMINISTRATION: (user details/data definitions/language), PROJECTS: (Project data/Data import/Publications/Data export/Log out/Support).
A ‘Drag-and-Drop’ interface enables users to perform many actions simultaneously.
Users drag products from a category list, to an appropriate area on the screen, to automatically create catalogue pages. When users drag products, adverts or even content pages/covers into this area, a preview of all the catalogue pages is instantly generated. They can drag and move product positions or pages around and instantly preview the changes. THIS IS ALL ACHIEVED IN ONE SINGLE SCREEN
Accessibility standards: None or don’t know
Description of accessibility: Access to the system is through username and password and therefore not public. Therefore the user must be able to use the mouse to take advantage of the drag and drop functionality.
Accessibility testing: There is no requirement to test the interface in terms of assistive technology
API: Yes
What users can and can't do using the API: The API is not public facing, access is controlled by our Development Team, who respond and clients in setting up the service through the API.

API's are documented (PDF) enabling users to easily set up the service.

Each API endpoint can create new records as well as read existing records, allowing for seamless integration into apps and external websites, backend systems and services such as product information management, bookkeeping, warehouse management, customer relationship management and other services
API documentation: Yes
API documentation formats: PDF
API sandbox or test environment: Yes
Customisation available: Yes
Description of customisation: BRANDING. Users can brand or 'white label' the User Interface, as well as configure or customise a vast array of features and functionality using a user friendly GUI. Templates, Provide page layout flexibility and customisation and enable export directly to PDF, InDesign, QuarkXPress for print editions for further refinement

PLUGINS. Functionality is governed by a series of settings and plugins which can be configured to determine specific features for each customer. This includes any connections to interfaces or systems which may be unique to each client

Initial customisation / set up of the system is undertaken by Pindar Creative. However, customer employees can be trained to create and modify their own page templates and In-house developers can be trained and provided with relevant API code giving them total control and ability to customise any part of the service.

Scaling

Independence of resources: Separate VLANS and Firewalls are deployed therefore segmenting system resources ensuring different organisations sharing the same infrastructure are kept apart.
Pindar Creative employ realtime monitoring services which provide visibility, reporting and alerting of server performance

Extra systemic resource can be quickly deployed to meet any unexpected peak in demand, enabling Pindar Creative to maintain SLA compliance to all users.

Analytics

Service usage metrics: Yes
Metrics types: Service metrics on the following;
number of products inducted,
number of pages produced,
number of publications produced,
user activity.
Custom reports available.
Reporting types: API access

Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Other security clearance
Government security clearance: Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: No
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least every 6 months
Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest: Physical access control, complying with CSA CCM v3.0

Encryption of all physical media
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation

Deleted data can’t be directly accessed
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach: We have a full off-boarding process for the purposes of handing over data and other assets at the end of a contract. We provide data export facilities for transaction, product catalogue and customer data, with controls to define the export format.

Users can export data into many formats; MySQL, Amazon DBs, Google Big Query, Excel, Google Spreadsheets and XML.

Additionally we can provide bespoke export facilities using our API if required.
Data export formats: CSV

Other
Other data export formats: XML

IDML

HTML5
Data import formats: CSV

Other
Other data import formats: XML

Data-in-transit protection

Data protection between buyer and supplier networks: Private network or public sector network

TLS (version 1.2 or above)

IPsec or TLS VPN gateway
Data protection within supplier network: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability: 99.9% application uptime as measured through 1-minute polls using ICMP echo-requests. 99.9% network connectivity uptime of the customer service as measured through 1-minute polls using ICMP echo-requests Users are refunded by negotiated settlement outlined in the services levels in the G-Cloud 12 call off contract
Approach to resilience: Pindar Creative do not want to make this information public.
However, we are willing to share information with a specialist security expert on how we have designed our service to be resilient
Outage reporting: Our system issues email alerts to named contacts

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Dedicated link (for example VPN)

Username or password
Access restrictions in management interfaces and support channels: All access to service interfaces and support channels are constrained to authenticated and authorised individuals with appropriate access privileges. Complex Password policy in place, passwords changed at regular defined periods in line with current policies and procedures. Formal starters and leavers process ensures correct level of access at start and removal at termination of employment. Internal Audits ensure compliance
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Dedicated link (for example VPN)

Username or password

Audit information for users

Access to user activity audit information: Users have access to real-time audit information
How long user audit data is stored for: User-defined
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: User-defined
How long system logs are stored for: User-defined

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: United Registrar of Systems
ISO/IEC 27001 accreditation date: 27/04/2018
What the ISO/IEC 27001 doesn’t cover: The Statement of Applicability covers all 27001 controls with the exception of loading bays
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001

Other
Other security governance standards: Cyber Essentials
Information security policies and processes: To preserve confidentiality, integrity and availability, Pindar Creative have implemented an Information Security Management System (ISMS) in accordance with the international standard ISO/IEC 27001. The the ISMS policy is approved by Senior Management and is reviewed at regular intervals (ISMS Management Review Meetings) or upon significant change. Management have put an audit programme in place and all sections of the ISMS are audited at least once a year to ensure that the ISMS:-
a) conforms to the requirements of the relevant standards and any other legal, regulatory or contractual requirements
b) meets all identified information security and business continuity requirements
c) is effectively implemented and maintained
d) perform as expected The ISM records decisions and actions related to:
i. the improvement of the ISMS
ii. updating of the risk assessment and risk treatment plan as appropriate
iii. the modification of procedures and controls in response to changes in requirements
iv. resource needs
v. improvements to how the effectiveness of controls and objectives are measured Regular ISMS Review Meetings Any action needed is implemented and such action reviewed for effectiveness including changes to the ISMS. Appropriate documented information on the action taken is retained

Operational security

Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach: Change management is incorporated as part of our ISO/IEC 27001:2013 Accreditation.
Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach: Firewalls are configured 24/7 to alert in the event of significant intrusions or incidents occurring
We use Remote Management Monitoring and live detection defence systems to detect vulnerabilities
Anti-Virus is configured to be patched automatically. Our automatic patch policy covers, binary executable, source code modification, service pack and firmware patches
Technical services will then identify the priority for the update to be tested and deployed dependant on the nature of the treat and any known exploits.
Any patch deployment and software updates must comply with our defined change management process.
Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach: Systems are monitored 24/7 by Barracuda Remote Management Monitoring (RMM) software, calling the operations team to action when necessary. The RMM notifies of: Warning Alerts, Critical Alerts, System Down and System Recovery.

Regular scanning at the gateway finds vulnerabilities such as SSL injection, cross-site scripting, and others. Any issues found will be imported into the Barracuda Web Application Filter, which automatically generates and applies mitigation rules.
Servers are professionally managed and conform to guidelines under the Government's e-Government programme. The Data Centre undergoes PEN testing on a daily basis. Any reported issues are immediately dealt with.
Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach: There is a robust incident management policy in place and enforced as part of our ISO/IEC 27001:2013 accreditation
Incidents are reported on the corporate job system database
The Information security Officer responds to any incidents reported in line with established control procedures.
We have a full incident management plan which we are happy to supply upon request.

Secure development

Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks: No

Social Value

Fighting climate change

Catalogue automation software can significantly aid local authorities in streamlining their catalogue processes while contributing to the fight against climate change. By automating catalogue creation, updates, and maintenance, this software reduces the need for extensive paperwork, printing, and manual data entry, leading to a substantial decrease in paper consumption and associated carbon emissions.
Furthermore, catalogue automation software facilitates the implementation of sustainability criteria in procurement processes. It can integrate features that prioritize eco-friendly and energy-efficient products, enabling local authorities to make environmentally responsible purchasing decisions. By promoting the procurement of sustainable goods and services, this software contributes to reducing greenhouse gas emissions and conserving natural resources.
Moreover, automation enhances data accuracy and transparency, enabling local authorities to monitor and analyse their procurement activities more effectively. This insight empowers them to identify opportunities for further environmental improvements, such as optimizing transportation routes to reduce carbon emissions from deliveries and fostering partnerships with environmentally conscious suppliers.
Finally, the software can create bespoke versions of catalogues, which are smaller in pagination and customer-focused rather than supplying a full catalogue to customers.
The catalogues can also be created as digital editions therefore removing any need to print.

Pricing

Price: £13,573.00 a licence a year
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: There is access to a demonstration system but only include generic data. Output options include PDF and IDML exports.
The time limit depends upon customer requirements.

pagespry Publication Automation & Pagination

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

pagespry Publication Automation & Pagination

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents