Spindogs Ltd

Laravel web development

Open source Laravel web development framework. Spindogs' open source laravel framework provides bespoke templates for content editors. GDPR compliant laravel framework has an easy to use admin interface and flexible content editing features. The framework system is user friendly, and fully customisable.

Features

• Provision of Open Source development and consultancy
• Mobile optimised Open Source templates
• Multilingual capabilities
• Laravel onboarding and upgrades
• Ongoing support of laravel websites
• Development of accessibility standards compliant websites
• Open Source laravel secure managed EEA & UK hosting
• Google Analytics & Tag Manager installation as standard
• Laravel versioning
• Authentication features

Benefits

• Laravel has no license fees as it's open source
• Laravel can be made user friendly for content editors
• Laravel is fully customisable for your organisation
• Laravel can be made WCAG 2.2 AAA
• Cyber Essentials certified laravel agency
• UK based laravel developers and agency
• Laravel supports varying access and control levels
• Large online Laravel community
• Regular updates to software

£600 to £1,200 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at lgiles@spindogs.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

587310836978204

Contact

Liam Giles
02920480720
lgiles@spindogs.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: For any onboarding of existing laravel websites not built by our agency, we will need to undergo a review of your source code in order to confirm we can support and build upon this.
• System requirements: None

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Phone Calls answered within 15 seconds Target - 90% ; ; Answer Phone messages given update within 4 working hours Target - 90% ; ; Emails sent to support@spindogs.com for general support queries will receive an update within 8 working hours Target - 90% ; ; Weekends are considered out of hours and have different response times. ; ; Out of hours services come at a separate cost to a standard support package.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Support is available 9am - 5:30pm Mon-Fri and charged in 15 minute increments. Bug fixes are not covered if your site has been onboarded, and therefore was not developed by Spindogs. Bug fixes also aren’t covered if outside of the warranty period. Support bundles are available to be purchased in hourly increments or as a subscription service. Hosting is monitored 24/7/365 using Azure alerting and external uptime.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As part of any web project, we provide a training session for any members of your organisation that will be responsible for content management and editing. This can be held in our offices, at your site, or online.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
  • Other
• Other documentation formats: Video Walkthroughs
• End-of-contract data extraction: Users inform our support team (or account manager if relevant) that they will no longer be continuing with our service provision. On being informed of this, after any notice period has passed, the support and development teams can arrange: the transfer of source code, transfer of website content/database, deletion of your data post completion of transfer, co-hosting overlap, freeze on development and freeze on content.
• End-of-contract process: If we have arranged hosting for you, you can continue with the existing hosting provision or move your hosting to an alternative solution. We will arrange: the transfer of source code, transfer of website content/database, deletion of your data post completion of transfer, co-hosting overlap, freeze on development and freeze on content.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Our laravel websites are optimised for all mobile, tablet and desktop devices. Our designers provide layouts of your site in both mobile and desktop so you can always know what your site will look like on different devices.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: Service administration screens are browser based and can be customised almost without limit.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: In order to ensure that the site is technically suitable for every user, we work to strict accessibility standards as a given. Accessibility is not only a legal requirement but an important part of our design and development culture as an organisation and as such we adhere to W3C AA standards. Our designers are trained how to check colour contrasts and our developers ensure that our code ticks all the technical requirements. We develop all our websites to meet single A requirements as a minimum. We can absolutely develop your new site to AA standards or AAA as we have done so for many clients in our 15 year history. As part of our project process we do a technical accessibility check e.g. semantic markup, colour contrasts. We are very familiar with accessibility plugins such as browsealoud and have a strong relationship with Shaw Trust, with whom we can outsource accessibility testing if necessary. AA sites we’ve developed: • https://www.digitalcommunities.gov.wales/ • https://www.welshgymnastics.org/ • https://www.bcs.org/ Some examples of sites we have made accessible are: • https://www.bronafon.org.uk/ - uses browsealoud • https://www.traveline.cymru/ - uses contrasts, text size change, and browsealoud • https://www.disabilitysportwales.com/ - uses contrasts and text size change
• API: Yes
• What users can and can't do using the API: Full details can be found at: https://laravel.com/api/5.8/
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The public-facing front end and administration screens can be customised almost without limit. Depending on your implementation, customisation can be achieved through: • Software settings • Coding using HTML and CSS (and CMS dependent configurations) • Modules and Plug-ins CMS software settings customisation would need to be undertaken by a trained user. Coding and module customisation would need to be undertaken by competent web developer familiar with the CMS platform.

Scaling

• Independence of resources: For all of our projects we work to an agreed project schedule which is outlined in the project plan with key milestones and quality reviews identified. We also ensure that our project plan has a sensible amount time allocated transparently to contingency, so that if one element slightly overruns it does not immediately push back the completion date. Where project pressure points arise, the Spindogs project manager will bring in additional Spindogs resource into our project team to ensure increased operational output. Additionally, Hosting is provided independently for each client.

Analytics

• Service usage metrics: Yes
• Metrics types: We use: • Google Analytics 360 Suite • Google Analytics • Google Tag Manager • Google Optimize • Google Data Studio We can also provide custom dashboards for your organisation.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Back ups are encrypted
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Dependent on what data is required, we can provide backups/exports as part of support or include an automated export as part of the site functionality.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • PDF
  • JSON
  • XML
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • PDF
  • JSON
  • XML

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.95% uptime for sites hosted on Azure
• Approach to resilience: Available on request
• Outage reporting: Email alerts sent to designated contacts.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: We set roles/permission levels for access
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: We have developed a set of policies and standard operating procedures covering various aspects of Information security: • Information Security Policy • Hosting procedures & checks • Business Continuity • Solution Monitoring and Support • Project Quality Management • Risk Assessment • Risk Management Policy • Customer Complaints process • Data protection (GDPR) Policy • Project Delivery process • Social Media Policy • Cyber Essentials certification We have defined roles and responsibilities for information security, with overall responsibility being held by a Director.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We use internal systems to manage change throughout a project life cycle. This shows a clear line of accountability and allows us to "track and trace" the impact of amendments to original requirements. Changes are notified to relevant stakeholders automatically (where possible) via emails/IM to ensure all parties are up to date.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We monitor blogs and security announcements of the platforms we support (Umbraco, Wordpress, Kentico and Sitecore). Any critical / security vulnerabilities are assessed immediately and deployed if applicable. Timescales for deployment are dependent on the risk, with exploitable security issues taking highest priority. Our automated deployment processes ensures we can get patches onto live sites within hours or even minutes of any disclosure, if appropriate. We would always encourage clients to perform an independent penetration test of our solutions.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We set up external uptime monitoring of sites we host to ensure that they are working as expected. In addition alerts for excessive CPU/memory/high response times are configured – any anomalies are investigated to ensure there has been no system compromise. Notifications are emailed to a group email address immediately and the support team will investigate if required.
• Incident management type: Supplier-defined controls
• Incident management approach: We categorise an incident in 5 levels: critical, urgent, priority, bug and support. Each level has differing response times and methods of reporting. Critical incidents must be reported over the phone, any other incident category can be reported over the phone or via email. Details of our SLA can be found in our Service definition document. Incident reports can be received on request from our support team.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our consultancy is dedicated to integrating sustainable practices into our projects to combat climate change. We implement energy-efficient solutions in our web designs and prioritise hosting services aligned with green energy initiatives. For instance, our project for United Welsh involved developing a website that supports green initiatives, including features that promote the organisation's environmental programs. This project not only highlighted our commitment to sustainability but also enhanced the client's ability to communicate their eco-friendly messages effectively. We have a defined Net Zero strategy in place within the business with scope 1,2 & 3 carbon impact reporting in place. We also practice rigorous recycling within our office and commit to complying with the Welsh business recycling law to recycle business waste. Wales is currently third in the world when it comes to recycling waste from households and we fully support Welsh businesses to align with this.

  Covid-19 recovery

  During the Covid-19 pandemic, we supported clients in adapting to new digital ways of working to ensure continuity and resilience. A significant project in this context was for Accent Housing, where we developed a comprehensive digital solution that facilitated remote interactions and services, ensuring that their operations could continue smoothly and safely during the pandemic. This platform has been crucial in helping them manage the challenges posed by Covid-19 and maintain excellent service delivery to their communities.

  Tackling economic inequality

  We strive to address economic inequality through our projects by creating digital solutions that provide equal access to resources and opportunities. A notable example is our work with Bromford Housing, where we developed an interactive website that includes employment support services for residents, providing them with access to job listings, training resources, and career advice, directly contributing to reducing economic disparities within the community.

  Equal opportunity

  Our commitment to equal opportunity is reflected in our project execution and internal policies. For Yorkshire Housing, we designed a website that ensures accessibility standards are met, making the digital space inclusive for all users, regardless of their physical abilities. This project underscores our dedication to promoting equal access to information and services through thoughtful, user-centric design.

  Wellbeing

  Our focus on wellbeing encompasses both our internal policies and the digital solutions we create for clients. We prioritise mental health and work-life balance for our employees, offering flexible working arrangements, wellness programs, and access to mental health resources. On the client side, we design user-friendly and accessible websites that enhance the user experience and contribute to overall well-being.

Pricing

• Price: £600 to £1,200 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at lgiles@spindogs.com. Tell them what format you need. It will help if you say what assistive technology you use.