Trusted Delivery

Employee Survey & Internal Communications App

Our internal communications app is designed to improve internal communications performance by keeping employees informed and engaged. It is a mobile & desktop app that allows a company to send vital news alerts, perform company surveys, monitor employee well-being and satisfaction and view powerful employee engagement metrics.

Features

• Reach every employee in your company, even your non-desk employees
• Publish engaging articles, videos and surveys to an employee app
• Real-time feedback and analytics that provide insight into employee well-being
• Total security including ISO27001 certification and single Sign-on
• No unsubscribe button for employees to click as with email
• Targeted communication through teams and company specific teams
• Dedicated account management and unlimited phone support
• Running within 48 hours thanks to fast track on-boarding
• Seamless integration with your Azure active directory
• Easy to use online dashboard for content authors and managers

Benefits

• Improved internal communication through personalised targeted communications
• Increase employee engagement and productivity across the company
• Use vital feedback to promote employee well-being
• Perform employee surveys to gauge opinion and state of mind
• Monitor company performance with employee net promoter score tools
• Publish news articles and videos instantly with push notification
• Instant access to documents and manuals via secure docs library
• Support employee growth and training with skills gap monitoring
• View actionable metrics and insights that improve internal communication strategies
• Set your own engagement benchmarks and track your performance

£12 to £24 a unit a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at darren@trusteddelivery.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

568924780963120

Contact

Darren Hepburn
01392447200
darren@trusteddelivery.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Extensive integration with Microsoft 365 VRAMP's API can provide user notifications and full integration with third-party platforms
• Cloud deployment model: Public cloud
• Service constraints: No constraints.
• System requirements:
  • IPhone users download the app from the Apple App Store.
  • Android users download the app from Google Play.
  • Internet Connectivity with a supported web browser or mobile device.
  • Users will require an invite via email or SMS.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Unless stated otherwise, users have access to our support team by calling +44 1392 984175 and can submit queries to support@vramp.io. Our account management team are available to respond to phone or email queries from 9am to 5pm, Monday to Friday.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: New client on-boarding can take place online via video conferencing or in person at a location of your choosing. Unless stated otherwise, users have access to our support team by calling +44 1392 984175 and can submit queries to support@vramp.io. Our account management team are available to respond to phone or email queries from 9am to 5pm, Monday to Friday. A dedicated Account Manager will be appointed to each client, to successfully manage the on-boarding of the platform and provide Account Management throughout the partnership with the client. All support, account management and on-boarding is free.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The client on-boarding begins at the point the organisation becomes a new client. The new team is introduced to a new dedicated account manager who works with the team leader to create an on-boarding plan. The key stages of this plan are: Introductions and goal benchmarking. Configure teams, feeds and audience data to meet expectations. User training for content authors (Administrators). First post walk-through, once the account is ready and the audience members are in place, everything is ready to complete the first post.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data is retained for the life of the account engagement. When the account is closed, we will ask what you want us to do with your data. If you do not ask us to delete it sooner we will delete the data within 30 days.
• End-of-contract process: At the end of the contract shall no longer provide the Services to the client and the client shall promptly cease using the services. Each party shall promptly return or destroy all Confidential Information of the other party in its possession. Within 30 days following termination. There are no cancellation costs levied at the client unless the service is accessed/used after the agreed cancellation date.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Content Authors (Administrators) use the platform via browser or mobile app to manage, send and track communications. Employees (Audience) access VRAMP using our mobile app or web browser. They can see information relevant to them using either method.
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: Our web-based Admin Portal allows configuration of the platform as well as management of Users, Teams, Feeds content and Integrations.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: The user interfaces are fully accessible and support WCAG 2.1 A compliance. The service has been used by poor/partially sighted customers who provided feedback and guidance on accessibility in both the user and administrator interfaces.
• API: Yes
• What users can and can't do using the API: All popular services available via the web UI and mobile UI (adding post content, publishing communications, sending surveys, scheduling eNPS, extracting reporting data, etc) are also available via our RESTful API.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Clients can add their own brand logo. Each user also has a personalised Feed and Feed based on their Team membership - ensuring they only see relevant content.

Scaling

• Independence of resources: Our software is a web-based SaaS platform hosted on Amazon Web Services (AWS) using a distributed cluster architecture with auto-scaling. This ensures that not only is the platform scalable but also resilient to Availability Zone failures. There are no technical, capacity or commercial limits on the number of users who can access, send or receive communications at the same time.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide in-depth reporting metrics on how many employees (audience members) you have on the system and how many posts and articles you have published. Audience members can be drilled down into sub category statuses of active and invited.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Reporting data can be exported from the web admin dashboard.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Microsoft Excel Workbook (XLSX)
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Azure Active Directory
  • Microsoft Excel Workbook (XLSX)

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We will use commercially reasonable efforts to make available with a monthly up-time percentage of at least 99.5% during any monthly billing cycle excluding scheduled upgrade downtime. Maintenance Notification: If the platform needs to be made unavailable, we shall notify users via email at least 8 hours prior to the scheduled downtime. We shall attempt to avoid any downtime between 8am to 6pm, Monday to Friday and work closely with our clients to understand their communication schedules to minimise any impact of system updates or maintenance downtime. When minor system updates take place, the platform shall be available but certain functions may be unavailable.
• Approach to resilience: We commit to a Service Level Agreement (SLA) that can be produced on request. We can also present historical logs of service availability on request.
• Outage reporting: Initial responses will be posted on the VRAMP status website within 1 hour at https://status.vramp.com. Updates posted regularly on https://status.vramp.com. If the issue has not been resolved with 4 hours, users shall be notified of the issue by email. Once the issue is resolved an update shall be posted on https://status.vramp.com and we shall provide a report on the reason for the outage.

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Users are authenticated by One-Time Passwords via SMS when logging in with a mobile phone number or email. All API calls are protected with short lived JSON web tokens.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: Initial Certification 11/05/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: IDM Award in General Data Protection Regulation

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Certified
• Information security policies and processes: We operate the following internal and external security & GDPR auditing systems. A bi-annual internal audit managed by the named board-level person and head of development at VRAMP. A bi-annual external penetration test performed by a 3rd party accredited agency covering web application OWASP and mobile application penetration testing. Adhoc external assessments from our clients auditors or their regulators.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change controls and processes are independently assessed for compliance within ISO27001 guidelines. All changes are made on a branch in our code repository. Automated tests are run against each branch and code must be peer reviewed and approved before merging to the master branch where the change is automatically deployed to our Staging environment. Our QA team must manually verify and pass all tickets before a deployment to production can be requested. Deployments are co-ordinated by our lead developer. Security patches may be deployed to production on management authority.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Change controls and processes are independently assessed for compliance within ISO27001 guidelines. Host and network vulnerability management is managed by AWS who are certified to appropriate security governance standards.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Change controls and processes are independently assessed for compliance within ISO27001 guidelines.
• Incident management type: Supplier-defined controls
• Incident management approach: Change controls and processes are independently assessed for compliance within ISO27001 guidelines. In the event of a security incident, an investigation lead will be selected by director. They will determine time scales and details with regards to method of communication appropriate to the severity and nature of the incident.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  t is the responsibility of us all to fight climate change. We belong to a group dedicated to fighting climate change. We wanted a way to not just offset our carbon footprint but to identify where our carbon emissions come from in our business, how we can reduce these before looking at how we can effectively offset these remaining emissions with the ambitious goal of going beyond net zero greenhouse gas emissions. We provide all employees with the opportunity to benefit from a company electric vehicle scheme and 30% of our workforce now drive electric vehicles. We support a cycle to work scheme, encourage employees to walk to work where possible or use public transportation. As part of our goal to go beyond net zero we have created a new business called “Beyond Carbon” which has a multi-faceted approach to fighting climate change. We have purchased 35 acres of land nearby to where we are based in Devon and are in the process of planting over 12,500 trees as part of the creation of a new complex community woodland. The new woodland will sequester more than 65 tonnes of CO2 per year. It is widely proven and accepted that we need to reduce the amount of CO2 in the atmosphere, and we can as a business contribute greatly to this global challenge as trees will extract CO2 from the air and convert it into oxygen and plant material through photosynthesis. Beyond Carbon intends to use the carbon reduction, woodland and habitat creation to help other local businesses fight climate change as well by offering workshops, shared learning experiences and offering local schools the opportunity to be involved directly in the project. It is our intention to attain ISO14064 and PAS 2060 accreditation. More details can be found here: https://beyondcarbon.life
• Covid-19 recovery:

  Covid-19 recovery

  COVID-19 has had a devastating effect on the economy, our communities, how and where we work and the mental and physical health of many people. The strain on our health and care services has never been greater. Several customers have struggled incredibly because of COVID-19, especially within the hospitality sector. We have supported them through extended payment terms, extended contract terms and in cases of severe impact we have opted to provide our services completely free of charge to enable these customers to have extra financial headroom to recover. We are supporting new employment opportunities for those left struggling to find employment because of COVID-19, especially the youth workforce who have been disproportionality affected. New jobs have been created via the Government Kickstart scheme which has resulted in new permanent employment at VRAMP. We continue create new employment opportunities as we grow. We are supporting Modern Apprenticeships to allow our youth employees to benefit from employment at the same time as gaining a recognised qualification in our high-tech industry. We have delivered a Mental Health Charter at VRAMP that supports all our employees to achieve a healthy work/life balance and to provide support where needed. All employees are now entitled to counselling sessions every year fully funded by us. Our workforce is now enabled to work remotely where practical and more than 50% of our workforce now remote work on at least 1 day a week. We actively encourage our workforce to use sustainable travel solutions including walking to work, public transport, and electric vehicles. We provide all employees with the opportunity to benefit from a company EV car scheme. 30% of our employees have now switched to an electric vehicle.
• Tackling economic inequality:

  Tackling economic inequality

  We are a 100% privately owned small British business. We are owned by the founding entrepreneurs and continue to grow by innovating within our industry. Due to our size, we can react and deliver solutions quicker than our larger competitors. Based in the Westcountry we bring high-tech employment to a predominantly rural area. We have a long history of creating employment and training opportunities and our investment in our employees is rewarded with more than 60% of our workforce having worked for VRAMP for longer than 5 years, significantly above the national average. VRAMP delivers solutions to schools, universities, public infrastructure organisations and NHS Trusts. Our solutions deliver ways to communicate with an organisations entire workforce whether they are based on premise or work remotely. Our communications solutions for the NHS have been recognised for the benefit they bring to NHS Trusts with an award for Technology & Innovation. As part of our Social Value Charter, we recognise the importance of our role in fighting climate change which has led to the creation of a new business within our group focused entirely on exactly that.
• Equal opportunity:

  Equal opportunity

  As an employer we recognise the value that every one of our employees brings to our business. Our inclusive approach to employment is supported by our mental health charter, our workplace being suitable for those with physical disabilities and our approach to providing all employees with ongoing training. We provide extra equipment to support employees with disabilities including screens, screen readers, desks, chairs and other equipment as necessary. We do not tolerate discrimination of any sort within our workplace.
• Wellbeing:

  Wellbeing

  We have an active Mental Health Charter and recognise the importance of supporting all employees with their physical and mental health. We provide extra equipment to support employees with disabilities including specialist screens, screen readers, desks, chairs, and other equipment as necessary. We provide all staff with free access to counselling to support their mental wellbeing and promote an active calendar of employee social events to help all employees feel as equally valued outside of the workplace as they are in the workplace.

Pricing

• Price: £12 to £24 a unit a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We offer a trial to all businesses completely free of charge for a period of 30 days.
• Link to free trial: https://newzapp.co.uk/solutions/employee-engagement-platform.php

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at darren@trusteddelivery.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.