APPCAPTION

AppCaption

A VoIP phone system, providing IP desk phones, WebPhones, a feature-rich phone system, with IVR, ring groups, music-on-hold, call recording, voicemail-to-email, and more.

Features

• A business phone system, IVR, voicemail
• Call recording
• Conference call
• Use and manage inbound phone numbers
• File share securely within the orangisation
• IM message colleagues securely
• Video call
• Video meetings
• Delivered via Mobile or Desktop apps
• Connect your desk phone to the service too

Benefits

• All in one VoIP cloud communication software service
• Easy to use Admin and User dashboard
• Communicate securely
• No extra hardware needed, use your mobile or PC
• Work from anywhere there's internet
• Stay connected to internal and external stakeholders

£1.00 to £1.99 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kh@appcaption.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

668422583347745

Contact

Kamal Hussain
03333058000
kh@appcaption.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Service will support iOS, Android, Windows and Mac, and Chrome.
• System requirements:
  • Will support all environments, i.e. VM or Desktops.
  • Will support iOS 13+ and Android 7+
  • When connecting via Web-phone will need Chrome

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: SLA's:; Weekdays within 1 hour; Weekends and Bank holidays within 4 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: They can contact us with their queries related to our service and we will support them to deal with their questions, it's not restricted as we support all aspects of our cloud software and service.
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: 1. Dedicated Technical Account Manager; 2. 1st Line Support, via phone, email, chat; 3. 2nd Line Support for further troubleshooting; ; The cost for the above is included in our service fees.; ; Onsite support is extra and generally not required as we deliver everything via the cloud and our Apps. This is subject to quotation.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: There is a dedicated Account Manager who will help the users onboard via directing them to:; - FAQ Page: appcaption.com/faq; - Training videos; - Doing training sessions; - Helping any users with queries they may have; ; This is an ongoing process that is always available for them, in addition, they may contact our Support Team via email, chat, or phone.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: All data from the apps is stored on their end-point and we have no access to it.; ; No personal data or any data from Chat or files sharing is stored on our servers and all information is saved on the user's Smartphone or PC. ; ; Once the Company Administrator (customer) deletes them from the dashboard then their information is deleted from our databases.; ; VoIP call recordings are deleted after 30 days when calling external companies, peoples.; ; Our database purges their data immediately once you advise us or yourselves to remove that user or even company.
• End-of-contract process: We require 30 days' notice to terminate. ; ; Once terminated the apps and software will no longer be usable.; ; If you purchased any hardware they remain yours.; ; If you leased any equipment then it will need to be returned or collected if not purchased outright.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Firefox
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: They match both in features.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: It's designed for ease of use and shows how to access different parts of the features. ; ; You have The 'Chat' icon to chat share files and call colleagues, this is for internal communications.; ; You have the 'Phone' icon to make calls to external companies, people etc. as you can dial any phone number.; ; Then you have the 'My Conference Link' to create video meetings.
• Accessibility standards: None or don’t know
• Description of accessibility: It's designed for ease of use and shows how to access different parts of the features. ; ; You have The 'Chat' icon to chat share files and call colleagues, this is for internal communications.; ; You have the 'Phone' icon to make calls to external companies, people etc. as you can dial any phone number.; ; Then you have the 'My Conference Link' to create video meetings.
• Accessibility testing: None.
• API: Yes
• What users can and can't do using the API: We can bespoke our API to any parameters that our service offers and can customise workflows to your requirements.
• API documentation: Yes
• API documentation formats: Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: We offer custom software development to our service according to your requirements.

Scaling

• Independence of resources: We have Nagios server monitoring system on AWS that ensures we are scaling up our resources as needed. Our current capacity can handle 100's of thousands of users.

Analytics

• Service usage metrics: Yes
• Metrics types: You can see call statistics, costs, and destinations dialed all in real-time.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Via the Account Admin for your organisation.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: We use AES256 bit encryption across our apps to share files, chat and for app to app calling.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: We have a robust security policy in place using multiple firewall systems and ensuring our systems are encrypted. Only authorised users can access the systems.

Availability and resilience

• Guaranteed availability: Our terms can be viewed here. https://www.appcaption.com/terms-conditions/; ; - We guarantee 99.9% uptime.
• Approach to resilience: Available on request.
• Outage reporting: We run the following using a Nagios system:; - a public dashboard; - an API; - email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Only the IT Admin Desk have admin access to our systems, should internal staff require access they would need to follow our admin access process and complete a request form which is submitted to the company Director for authorisation. A company Director creates an internal ticket to authorise the creation of the new Administrator user of the systems, this ticket is then fulfilled by an IT Systems Administrator who would create the necessary user with access and invites to the administrator systems, which is backed up by a full audit trail leading back to the authorisation from a company Director.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: Responsible Person: Kamal Hussain; Role: Company Director; Make decisions about the computers, laptops, servers, tablets, mobile phones and network equipment within the organisation and ensures the company is following its procedures and policies.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Once all of the CIs have been identified and the most current configuration baseline has been tested and approved, changes can be applied to the systems. Baseline configurations are modified to maintain compliance with internal and external requirements and organisational goals. For a typical information technology system, the baseline should address installed software, patch levels, security posture, and system function. Automated tools are used to apply the configurations is recommended. This lowers the risk of incorrectly applying configurations and provides an audit trail of the steps taken.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We use vulnerability management software to automate this process. Vulnerability scanners and sometimes endpoint agents inventory a variety of systems on a network and find vulnerabilities on them. Once vulnerabilities are identified, the risk they pose needs to be evaluated in different contexts so decisions can be made about how to best treat them. For example, vulnerability validation can be an effective way to contextualize the real severity of a vulnerability. Patches are applied immediately across all of our systems where discovered , information is fed from our Nagios system.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Nagios provides monitoring of all mission-critical infrastructure components including applications, services, operating systems, network protocols, systems metrics, and network infrastructure. Hundreds of third-party addons provide for monitoring of virtually all in-house and external applications, services, and systems.; ; We respond immediately to potential threats once notified with patches.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Once the team identifies the incident, they log the incident as a ticket with the following information:; ; - User name and contact info; - Description of the issue; - Date and time of the report; ; Robust data collection around the issues to help the management team identify patterns among incidences to improve root cause analysis efforts.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  We have a comprehensive sustainability program, which is designed to minimize our impact on the environment, looking at everything from how we manage our facilities to how we lessen the effects of climate change in our community.
• Equal opportunity:

  Equal opportunity

  Equity, Diversity and Inclusion are woven into our core values and are an integral part of AppCaption. We firmly believe we must live and breathe the same passion and desire to make a positive contribution and genuinely understand the meaning of these values and the benefits they deliver to themselves, our clients, and society.; ; Fostering a working environment free from bullying, harassment, victimisation and unlawful discrimination, promoting dignity and respect for all, and where individual differences and the contributions of all employees are recognised and valued.; ; Creating opportunities for learning, development and progression for all employees, who will be supported and encouraged to develop their full potential, so their talents can be fully maximised.; ; Taking seriously complaints of bullying, harassment, victimisation and unlawful discrimination by fellow employees, clients, suppliers, visitors, the public and any others in the course of the organisation’s work activities.; ; Monitoring the make-up of the workforce to facilitate equality, diversity and inclusion and the effectiveness of our supporting policies and procedures.
• Wellbeing:

  Wellbeing

  AppCaption Top Management and employees are committed to ensure the Health, Safety and Wellbeing (HSW) of all persons who conduct or could be affected by our work activities, including, at least:  Company employees and the self-employed, Customers, Visitors to our premises including contractors, and members of the general public. We will also ensure that whilst delivering, installing or servicing equipment at Clients' premises we will respect both AppCaptions’ and the Customers’ Health, Safety and Wellbeing policies and procedures and will operate to best practice.

Pricing

• Price: £1.00 to £1.99 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: There is a free version for up to 5 users. All features are included in this version. Also included is 60 Uk landline minutes free of charge. (01,02 numbers)other phone calls are chargeable.; ; Inbound virtual numbers are chargeable. For UK government bodies, e.g. schools, authorities 0333 numbers are free.
• Link to free trial: https://www.appcaption.com/pricing/

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kh@appcaption.com. Tell them what format you need. It will help if you say what assistive technology you use.