DATATRAC LIMITED

Data Intelligence and Enrichment Services

Datatrac offers a robust Data Enrichment service designed to enhance existing company customer data with relevant and up-to-date information. This data service enables clients to understand your customers better, improve their experience and make better business decisions.

Features

• Hosted within AWS Environment
• Secure File Transfer by SFTP
• Large file Batch Processing via Datatrac Bureau
• Fully automated data processing
• SLA turnaround of 1 hour for files under 200k
• Contact data Append and Validation
• Data Supplier provenance for transparency
• Proprietary Data Enrichment across a broad range of permitted purposes
• Being able to link individuals through multiple channels

Benefits

• Reduces operational contact waste
• Increases Right Party Contact
• Improves Customer outcome
• Enriched data assists with contact strategy and decisioning
• Lifestyle trigger - Home mover
• Lifestyle trigger - Financial Vulnerability
• Low commercials to increase return on Investment
• Linking data assets

£0.35 a unit

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at christian.mann@datatrac.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

653792230643158

Contact

Christian Mann
07832169596
christian.mann@datatrac.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Nil
• System requirements: Clients need only have an SFTP for file transfer

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: At Datatrac our solution is fully automated however clients can gain full support through email when needed.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Datatrac support can help, how file transfer is initiated. The service is fully automated. Technical support is provided through simple guide set up. Ongoing support through email and telephone is available to help clients.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Customers can prove concept through stats only processing so that they may understand the ROI through a data sample analysis. Evaluation agreements are then entered into so that data can be returned. Data transfer is conducted via SFTP with support available to set up if needed.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Contracts are for an initial 12 months and auto renew on an annual basis. 90 days notice exists for either party. However, there are no minimum commitments in place. Should a client wish to cease using the service within any contract period, they simple stop sending files for enrichment.
• End-of-contract process: Costs are derived from what is processed and based on the unit pricing contained within the contract as outlined within an order form. There are no additional costs to a contract extension other than cost for what is processed.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Customers dictate the data enrichment required. There is no minimum commitment on how volume or number of data assets appended, validated and returned.

Scaling

• Independence of resources: Datatrac Bureau polarises data inputs and runs the data in real time. Should Datatrac ever receive a large file which would breach the 1 hour SLA for any other client, the large file is suspended until all other files are processed. Should the large file breach the SLA turn around, then the customer is automatically notified. This has been built into our Bureau as a precaution but not ever expected due to our capacity planning at the build stage.

Analytics

• Service usage metrics: Yes
• Metrics types: Datatrac provide data append and validation reports which also serve as backing sheets for invoice purposes.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: By comma delimited CSV and delivery through SFTP.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Client data is received via SFTP and can only access their own client folders.
• Data protection within supplier network: Other
• Other protection within supplier network: Client data is partitioned into its own environment within the network.

Availability and resilience

• Guaranteed availability: File return for files up to 200k is 1 hour. Should an SLA ever be breached the customer would be contacted by Datatrac. This is envisaged never to happen due to the high capacity processing. Bureau is a fully automated with files being swept from the SFTP on a 3 minute cycle.
• Approach to resilience: Available on request.
• Outage reporting: Outage would be reported via e-mail. This is derived through automated Bureau alerts.

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: Datatrac operates an automated data processing Bureau. One person has access to the Bureau only. Access is to ensure files are running, there is no requirement for any other management interface or support.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Citation Limited
• ISO/IEC 27001 accreditation date: 22/05/2024
• What the ISO/IEC 27001 doesn’t cover: N/A - Full certification attained
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: ISO 27001; ISO 9001; Cyber Essentials
• Information security policies and processes: All Policies regards Information Security and Network Security are available on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to the systems require an approved change request, backed by either a business case or addressing a vulnerability. This applies to applications, IT Infrastructure and configurations (e.g. Firewall rules).; ; Changes are assessed by our IT director and the impact documented. Prior to implement a change, a snapshot of the affected systems is taken to facilitate speedy rollback. Same applies for emergency changes. Changes are prioritized by either security severity or, if backed by a business case, by the importance to the business.; ; This procedure is followed at all times.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Datatrac use iSTORM (a 3rd party) to conduct all penetration tests. Vulnerability testing is conducted on an annual basis. Our next scheduled test will be conducted in July 2024.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We are currently scoping and sourcing Microtrend Deep Security and AWS cloudwatch is used to monitor servers. Data is encrypted at rest and in flight. Drives within AWS are KEK encrypted. ; ; Datatrac respond to all incidents immediately the detail of which is outlined withing our Data Security Incident Response plan.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Datatrac's approach plan is to effectively manage and mitigate the impact of incidents, minimize recovery time, and ensure a coordinated and efficient response. We regularly review and test the incident response plan to ensure its effectiveness and to familiarise the team with the procedures. We also update the plan regularly to reflect changes in technology, personnel, and the threat landscape. Details of how we define an event or incident type and roles and mitigation responsibilities are outlined in our Security Incident Response Plan.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity

  Tackling economic inequality

  Datatrac provide data enrichment services to Financial Organisations to support financially vulnerable customers. Persons who fall into financial difficulty, who have the willingness but not the ability to pay through changes in financial circumstances, are identified/flagged to crit originators or 3rd parties managing accounts.

  Equal opportunity

  Although Datatrac do not currently employ staff, we do have in place an Equal Opportunities and Diversity policy in place.

Pricing

• Price: £0.35 a unit
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We can offer Data Sample Analysis reports to provide analysis as part of the proof of concept and demonstrate the return on investment.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at christian.mann@datatrac.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.