Skip to main content

Help us improve the Digital Marketplace - send your feedback

Retinue Solutions

Ryalto

Ryalto is a mobile app for workers in the public sector, to stay connected to their organisations peers. They pick up news and protocol information direct in the app and complete satisfaction surveys. There is a powerful shift booking tool that can standalone or be connected to a rostering system.

Features

  • News feed targeted to different user groups
  • WhatsApp style messenger contains no personal data
  • Shift booker presenting worker shifts. Standalone or rostering system connection
  • Survey tool for bespoke surveys to complete in app
  • Push notifications sent to individuals/groups of workers in emergencies
  • Mobile and desktop enabled
  • Customer success team who upgrade the app continuously

Benefits

  • Integration support
  • Customer success team on hand for support
  • Mobile enabled for use on the go
  • Targeted or non-targeted surveys and notifications
  • Drives retention of the workforce through engagement
  • Shift booking tailored to the client requirements
  • MI data to inform decision makers strategies
  • No personal data is available, fully GDRP compliant
  • In-app support and a help bot.

Pricing

£1 to £20 a unit a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@retinue-solutions.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

6 2 1 0 4 8 2 5 7 2 4 1 0 5 8

Contact

Retinue Solutions Retinue Sales Team
Telephone: 0845 521 9481
Email: enquiries@retinue-solutions.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Can link to a customers VMS, ATS or rostering system
Cloud deployment model
Public cloud
Service constraints
None applicable
System requirements
  • App download
  • Wifi/Internet connection
  • Up to date internet browsers required
  • IOS version 12 minimum requirement
  • Android 5 Lollipop minimum requirement

User support

Email or online ticketing support
Email or online ticketing
Support response times
The below refers to standard response times:

If requested the same Business day our SLAs are as follows:
In App support- 4 hours
Email Support- 4 hours
Shift booking issues- 2 hours
Admin panel support- withing 4 hours .

If requested in the evening, or overnight (out of working UK hours)- these will be responded to the next working day.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 A
Web chat accessibility testing
N/A
Onsite support
Yes, at extra cost
Support levels
Ryalto offers, as standard, a complete package of after sales support including:

• Dedicated help desk access via phone and email. Phones are managed by a person between 9am and 5pm on usual UK working days and outside of that an answer phone is supplied. Emails are responded to within 24 working hours.
• In-app support and a help bot.
• A dedicated Customer Success Team that run regular service reviews, provide management information and can be a point of contact should the service need to change (expend or shrink).
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Ryalto offers a fully managed onboarding experience. Managed under PRINCE2, Ryalto run a tried and tested programme with all buyers that follows these steps:

• Current process mapping
• Process re-mapping to the desired new ways of working
• Configuration of Ryalto to meet the new processes
• User Acceptance Testing (UAT)
• Communication / change management support
• Managed roll-out to all users
• Stabilisation phase support
• Handover to BAU.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • Word
  • Ppt
  • Excel
End-of-contract data extraction
The customer can request all or a subset of data upon exit in a csv format. Additional data formatting can be requested at additional cost
End-of-contract process
Ryalto offers a fully managed offboarding experience. Including:

• Documenting all processes and data access points that need offboarding.
• Communications planning and implementation.
• Supply back of all data in pre-agreed formats and in a secure way.
• Sign-off to ensure all stakeholders are satisfied.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Functionality remains the same for mobile and desktop. There are additional features for organisation Admins on the desktop version.
Service interface
No
User support accessibility
WCAG 2.1 AA or EN 301 549
API
Yes
What users can and can't do using the API
All API requests require a token that is generated on a secure authenticated user and can be revoked remotely when needed.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Once in the app, clients can have white labelled/branded pages so that workers/users view the functionality in the clients own branding.

Admin users/Super Users will have the functionality to create news feeds/chats/post shifts for workers/create bespoke surveys.

However, only Ryalto can control the UX components.

Scaling

Independence of resources
This is created with collaboration of the Cloud service provider Amazon Web Services. Snapshots of the database are taken every hour and have a 24-hour life. In addition, daily backups are taken and stored on different servers and have a time to live of 7 days.

Business Continuity is assured through the use of replication services within AWS. If the EC2 instance fails, it immediately switches to the replicated service without any interruption to the service.

Analytics

Service usage metrics
Yes
Metrics types
Detailed user usage analytics on key features and functionality, to provide relevant insights on user engagement within the application
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
The customer can request all or a subset of data in a csv format. Additional data formatting can be requested at additional cost.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Availability system uptime – 99%. Maintenance updates will be notified with at least 7 days-notice. Where emergency maintenance is required only limited notice may be possible.

The service uptime is targeted at 99.5%.
Ryalto provides the Services so that they are available twenty-four (24) hours a day, seven (7) days a week, except for:
(a) Planned maintenance carried out during the maintenance window where Ryalto has provided a minimum of seven (7) Business Days’ notice in writing of such planned maintenance; and
(b) During any period of emergency downtime arising due to an urgent maintenance requirement to address faults, defects or any other significant issues immediately, providing that such issue(s) are not a result of the acts, omissions or negligent performance of Ryalto.
Approach to resilience
Ryalto technology operates the highest security standards. These include:

• Wildcard SSL certificate for all connections using the SHA-2 algorithm.
• All API requests require a token that is generated on a secure authenticated user and can be revoked remotely when needed.
• All data is secured at rest on the server using AES-256 encryption, passwords are stored ‘hashed’.
• Mobile phone numbers, if entered by the app user, are stored as a hash and never readable by another human in the app or the Ryalto databases.
Outage reporting
Availability system uptime – 99%. Maintenance updates will be notified with at least 7 days-notice in writing. Where emergency maintenance is required only limited notice may be possible.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
User cannot access software unless profile is created by an Administrator in the system. User is then provided with a unique username (e-mail address) and password to access the system. When logging in technology will use Captcha technology to authenticate user. All actions completed by that user when logged in is time and date stamped for audit trail.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
27/03/2023
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We have ISO27001 and Security Policies are managed and audited in line with the requirements for continued certification.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We employ a robust configuration and change management process adhering to modern software development best practices. Each change has several stages of review. At the planning stage we review potential security, performance and user experience impact. We have automated testing, automated security scanning, manual code review and QA on every change. We also implement a versioning and deployment system that allows for easy and quick reversion of changes.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Our vulnerability management process is proactive and systematic. We assess potential threats by conducting regular security audits and utilizing threat intelligence platforms. Patches are deployed swiftly, usually within 14 hours of identification, depending on the severity. We source information on potential threats from reputable industry databases, security bulletins, and partnerships with cybersecurity experts. This multi-faceted approach ensures our services remain resilient against emerging vulnerabilities.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Our protective monitoring process is designed to swiftly identify and mitigate potential compromises. We utilise a combination of real-time analytics, threat intelligence, and behavioural monitoring to detect unusual activities indicative of a security breach. Upon detection, our incident response team is alerted immediately, and we follow a predefined protocol to assess and contain the threat. Our response time to incidents is typically within one hour, ensuring rapid resolution and minimal impact. We continuously refine our monitoring processes to adapt to evolving cyber threats.
Incident management type
Supplier-defined controls
Incident management approach
Incidents reported by user to the client technical support. If they cannot resolve then escalated to Ryalto technical support team. This is raised through our helpdesk portal and a ticket number assigned to each issue. When raising ticket must define if impact is to individual user, group of users, system wide etc. and issue is applied priority status. Dependant on severity of issue will define course of action i.e. time in which it is addressed, communication to whole client or individual user. All fixes always reported within release notes.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Ryalto is proud to be a Carbon Neutral business, certified as such by Carbon Neutral Britain. We have set rigorous emissions reduction targets, aiming to be net-zero by 2050, and to have halved our emissions output by 2030. Our most recent Carbon Reduction Plan for FY 2022/23 can be found on our website (https://www.ryaltogroup.com/ ) which outlines the areas of our business we are focused on reducing our emissions output. These are as follows:
• Business Travel – we commit to recruiting as locally as possible to our office sites, and also to reducing business travel by arranging virtual meetings, rather than face-to-face meetings where possible, promoting ride sharing and sustainable transport methods where we can (i.e. train travel)
• Mains Gas Combustion – mains gas can be avoided altogether by adopting more sustainable options such as heat pumps, biomass systems, and solar thermal heating systems where possible. All of our offices are leased site but despite this, we will endeavour to put pressure on our property providers to switching to these alternative heating methods. If this is unsuccessful, we will explore moving to sites that offer more suitable and sustainable heating sources.
• Electricity Consumption – we will, where possible, reduce our electricity consumption through energy efficient alternatives such as low voltage lighting, and low energy monitors for our office sites. We have already adopted a hybrid working pattern with some of our employees working remotely. We will consider limiting the number of staff within each office site and downsizing on renewal of our leases and so significantly reducing our electricity consumption as a business.
Further to this, we hold both the ISO 14001 and ISO 9001 certificates, showcasing our commitment to protecting the surrounding environment and fighting climate change.

Covid-19 recovery

Ryalto has adopted a hybrid working policy with all its staff, with a portion working fully remotely meaning staff are not obligated to work full time from a Ryalto office site. This ensures opportunities to a wider range of candidate, but also ensures a working pattern where we are able to travel to client sites as and when is needed, or through virtual online meeting. As a result of this, Ryalto is continuing to ensure opportunities and flexible work patterns so to open up communities, while making sure the economy is rebuilding through greater working relationships.
Furthermore, we actively champion and look to work with SMEs within our supply chain. This therefore drives and promotes opportunities in diverse SMEs, so ensuring economic and community stability following the COVID 19 pandemic.

Tackling economic inequality

We are committed to hiring locally as possible to our sites, both for internal roles, but also for those roles advertised within client contracts. This ensures we are championing local talent and so building the local economy, rather than bringing in external talent to fill the advertised roles.
Ryalto is proud to be promoting SMEs within our supply chain. This ensures promoting local opportunities and as such, reduces economic inequality through championing smaller businesses.

Equal opportunity

We are actively working to ensure all communities have equal opportunities to employment. Ryalto ensure this by posting to jobs boards focussed at attracting groups such as BAME communities, ex-offenders, military veterans etc. On top of this, we hold a number of business partnerships and accolades with organisations looking to provide employment opportunities. These include:
• The Armed Forces Covenant – as a signatory, we are committed to providing interviews and advertising roles to ex- military veterans and their partners
• Neurodiversity in Business Charity: Corporate Member – educating our hiring managers and internal staff on reasonable adjustments for neurodiverse candidates, language to use in adverts, and the benefits of hiring neurodiverse talent and incorporating them into our employee pool
• Prince’s Responsible Business Network: Race at Work Charter Signatory – by being a signatory, Ryalto has made a public commitment to ensuring employment and progression opportunities to BAME communities in the hiring process, both for external, and internal talent
• Disability Confident Employer – as a Disability Confident Employer, Ryalto ensures that, as long as the minimum criteria of the role is met, we will guarantee an interview and not overlook disabled talent. This includes providing reasonable adjustments to both physical and non-physical disabilities throughout the hiring process.
On top of this, we have a well defined business relationship with the Bridge of Hope, a business looking to drive social value by ensuring employment opportunities for marginalised communities in society. They do this by partnering with corporations to promote roles, so both providing a pathway for diverse, often overlooked talent, and allowing businesses to deliver an inclusive workforce and deliver social value.

Wellbeing

We are actively working to ensure all communities have equal opportunities to employment. Ryalto ensure this by posting to jobs boards focussed at attracting groups such as BAME communities, ex-offenders, military veterans etc. On top of this, we hold a number of business partnerships and accolades with organisations looking to provide employment opportunities. These include:
• The Armed Forces Covenant – as a signatory, we are committed to providing interviews and advertising roles to ex- military veterans and their partners
• Neurodiversity in Business Charity: Corporate Member – educating our hiring managers and internal staff on reasonable adjustments for neurodiverse candidates, language to use in adverts, and the benefits of hiring neurodiverse talent and incorporating them into our employee pool
• Prince’s Responsible Business Network: Race at Work Charter Signatory – by being a signatory, Ryalto has made a public commitment to ensuring employment and progression opportunities to BAME communities in the hiring process, both for external, and internal talent
• Disability Confident Employer – as a Disability Confident Employer, Ryalto ensures that, as long as the minimum criteria of the role is met, we will guarantee an interview and not overlook disabled talent. This includes providing reasonable adjustments to both physical and non-physical disabilities throughout the hiring process.
On top of this, we have a well defined business relationship with the Bridge of Hope, a business looking to drive social value by ensuring employment opportunities for marginalised communities in society. They do this by partnering with corporations to promote roles, so both providing a pathway for diverse, often overlooked talent, and allowing businesses to deliver an inclusive workforce and deliver social value.

Pricing

Price
£1 to £20 a unit a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@retinue-solutions.com. Tell them what format you need. It will help if you say what assistive technology you use.