FireText Communications Limited

FireText UK Secure (Official) SMS, RCS, WhatsApp Messaging & Advanced Messaging

FireText provides a secure and user-friendly web platform for two-way SMS messaging, omnichannel API messaging, RCS, and WhatsApp. Our UK-based cloud platform is accredited to ISO27001, Cyber Essentials Plus and NHS DSP Toolkit standards. We undergo annual penetration testing by a CREST and NCSC CHECK accredited company.

Features

• Send SMS messages from FireText's secure SMS service
• Rich Communication Services (RCS) via our RCS platform
• Send WhatsApp messages & receive WhatsApp messages
• Advanced Messaging
• Two-way messaging for inbound SMS & outbound SMS
• UK-based data centres & Tier 1 direct UK routing
• Omnichannel messaging platform with option for API messaging
• Real-time delivery reports & user-friendly click reports
• Communicate with end users from our easy-to-use messaging platform
• Send international SMS messages & receive international SMS messages

Benefits

• Send secure & reliable campaigns for peace of mind
• Send timely reminders, reduce missed meetings & reduce missed appointments
• Send personalised bulk SMS from our user-friendly web platform
• Quick communication with easy-to-use web platform & user-friendly messaging platform
• Deliver Carbon Neutral SMS & send sustainable SMS campaigns
• Send time-critical information, share time-sensitive information & notify end users
• Integrate with existing platforms for easily integrated messaging
• Digital by Default SMS for cost-effective messaging
• UK-based private cloud servers
• Dedicated account manager & UK-based hand-holding support

£0.05 to £0.05 a unit

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@firetext.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

678986701048554

Contact

James Huff
0800 038 5522
gcloud@firetext.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Accurx, APPT Health, eConsult, e-shot, Firefish, Freshdesk, Forfront, HeroHealth, influence, integromat, iPlato, itris, Keap, Livi, Make, Microsoft Power Automate, Millcare (Dedalus), MJog, PATCHS, SmartSurvey, Syml Connect, Wellola, Zapier, Zendesk, Zoho.
• Cloud deployment model: Private cloud
• Service constraints: International SMS availability varies on a country-by-country basis, and even on a network-by-network basis within each country. There may be specific requirements in order for international SMS to be successful, and FireText will endeavour to provide the most accurate and up-to-date guidance available. For instance, some countries require pre-registration of service, and others require all messages to be sent from a local reply number.
• System requirements:
  • Requires internet connection
  • Access to a browser that supports TLS 1.2 or above
  • API requests must be made using TLS 1.2 or above
  • Web User Interface requires javascript to be enabled

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 1 hour during normal office hours, 4 hours outside normal office hours. Normal office hours are Monday to Friday, 0900 to 1700 (excluding bank holidays).
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: FireText provides phone and email support during normal office hours, Monday to Friday, 0900 to 1700 (excluding bank holidays). This support includes hand-holding assistance for account management, features, billing, and any technical queries you may have. All support requests are escalated to the appropriate department internally. Technical account managers are available to provide support on standby. Outside of normal office hours, email support is available for emergency technical queries. These levels of support are available at no additional cost.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: On-boarding is simple. Users can access the FireText platform via the web browser, and it is completely free of charge to set up an account. To get started, prospective users can visit www.firetext.co.uk/pricing/trial/gcloud to create an account. Creating an account requires first name, surname, organisation name and email address. ; ; Once the account is verified, you can upload contacts immediately using a .csv file or by pasting them into the easy-to-use contact uploader. ; ; Once you have SMS credits on the account, you can send messages straight away or schedule these for a later date. You can pay for credits and/or inbound SMS tools instantly using a debit or credit card, or by speaking with the support team, where credits can be added on receipt of a valid purchase order number. Costs are available in our pricing document. ; ; The FireText team provide on-boarding support over emails or phone calls during our normal office hours of Monday to Friday, 0900 to 1700 (excluding bank holidays). We provide this at no additional cost.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: As an account user, you can download data as a .csv file, including sent messages, received messages and contacts. You can also obfuscate account data on account closure by requesting this from FireText's support team. There are no additional costs for this.
• End-of-contract process: Off-boarding is straightforward. You can utilise FireText platform for as many (or as few) SMS campaigns as you need. There are no long-term contracts.; ; Accounts can be closed upon request from users, or at the end of the call-off contract period.; ; The team provides off-boarding support over email and phone calls during our normal office hours of Monday to Friday, 0900 to 1700 (excluding bank holidays). We provide this at no additional cost.; ; As an account user, you can download data as a .csv file, including sent messages, received messages and contacts. You can also obfuscate account data on account closure by requesting this from FireText's support team. There are no additional costs for this.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: On both mobile and desktop, users can send and schedule messages to individuals and existing groups, review messages and campaigns that have been sent as well as delivery and click reports. On desktop, you can download data and upload CSV files. On mobile, you can download data but you cannot upload CSV files.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Users can access the FireText service via the easy-to-use web platform or developer API. You need to have access to the internet to be able to connect, and web pages are also mobile optimised.
• Accessibility standards: None or don’t know
• Description of accessibility: The FireText system has been built to run without the requirement for JavaScript in a lesser capacity. All images have clear alt tags. Text is used for all buttons and functions, and as such can be manipulated for a variety of cases using popular in-built and add-on browser functionality.
• Accessibility testing: No formal testing.
• API: Yes
• What users can and can't do using the API: You must already have either a full or trial account with FireText to utilise the API. You can send and receive messages via the API, as well as check credits, manage contacts, schedule messages, access message reports, create sub accounts, transfer credits to sub accounts, add message templates, and manage keywords including adding forwarding rules. Authentication is via either username and password or via apiKey. API requests are supported using TLS 1.2 or above.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: FireText account managers can enable features on the web platform upon request. We can enable sub accounts, message templates, fixed SMS sender ID, international sending, country-specific contact validation, a branded URL shortener, restriction of data uploads and downloads, sharing of pooled credits between sub accounts, and sharing of suppression list with sub accounts. These features are enabled at no extra cost. International destinations (non-UK) are charged at 4 credits per SMS (160 GSM characters) for each recipient.; ; Users can integrate an existing or custom-made platform with FireText using the API.; ; There is also the option for Rich Communication Services (RCS), WhatsApp and Advanced Messaging.

Scaling

• Independence of resources: HA Load balancers are present at each data centre. From here, it is possible to spread load across multiple servers to deliver services. FireText operates Ansible playbooks to allow for quick provisioning of additional servers, should our monitoring indicate failures or the need for additional resources.

Analytics

• Service usage metrics: Yes
• Metrics types: Delivery reports, click reports and credit usage.
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: You can download account data as a .csv file, including sent messages, received messages and contacts.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: FireText utilise firewalls and access controls to restrict communications between systems in our network.

Availability and resilience

• Guaranteed availability: FireText will guarantee 99.9% monthly availability of the Services 24/7/365. Should the FireText SLA be violated and the customer has made a pre-purchase of SMS credits, the user can request a refund of any remaining credits.
• Approach to resilience: We operate in multiple geographically separated data centres with multiple clusters within each data centre. More information is available on request.
• Outage reporting: FireText use StatusPage for communication during outages. Users can view the StatusPage here: http://status.firetext.co.uk/ and can also subscribe via this page to receive updates via email.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
• Other user authentication: Users are authenticated through the web platform with a username and password. Through the API, users can be authenticated with a username and password or an apiKey. Additionally, 2-factor authentication can be enabled.
• Access restrictions in management interfaces and support channels: FireText management enables access control for all members of staff, and manages permissions as required. Permissions are managed independently for interfaces as well as support channels. Access can be restricted at various levels, including complete or partial restriction.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The British Assessment Bureau
• ISO/IEC 27001 accreditation date: 03/07/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: NHS DSP Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: NHS DSP Toolkit, Cyber Essentials and Cyber Essentials Plus.
• Information security policies and processes: As per FireText's ISMS Manual, management is committed to defining and establishing its ISMS policy. This includes, but is not limited to, defining objectives, the roles and responsibilities, approach to risk assessment, regular audits and continued improvements. Training is provided to all staff when they join, and at least on an annual basis. All staff can report directly to SIRO.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: FireText adopts a strict version control for all source code and configuration in order to investigate and rollback deployments as required. Maintenance of physical components is managed by an accredited data centre provider, and components are tracked using reporting tools such as Runscope and Opsgenie. All changes are assessed for security impact.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: FireText monitors and applies patches and updates when they become available. The infrastructure is designed with security as the priority. Any potential threats are mitigated through the design of the infrastructure, the servers and data centre configuration, and is re-enforced by external annual penetration testing by an approved third party security company. Threats are monitored via information provided by the National Cyber Security Centre.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The FireText systems sit behind multiple layers of security. The technical team proactively monitor for abnormal activities and investigate any alerts triggered immediately. Should any incident occur, these would be communicated transparently to any impacted end user, with regular updates, following standard internal protocols.; ; We endeavour to respond to issues within 30 minutes. In the event of a disaster requiring restoration from backups, we aim to restore the data within 2 hours.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are communicated with all customers, using StatusPage to communicate regular updates. This includes an initial report of the incident, the investigation into the incident, the status of the incident, right through to resolution. Incidents are followed up by a 'post-mortem' which details the incident. All of which are communicated instantly via email to subscribed customers. Users can report incidents through our normal support channels, those being email and phone.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  FireText is Carbon Neutral and committed to achieving Net Zero carbon emissions by 2030. FireText's dedicated Climate Champion works with the team and supply chain - including data centres and networks - to find opportunities to reduce carbon emissions and increase energy efficiency. Our key targets are to:; ; • Explore and implement more carbon-saving opportunities in FireText's supply chain; ; • Encourage our supply chain to create reporting mechanisms based on exact energy usage; ; • Conduct carbon reduction training for the team for work and home (from FireText's Carbon Literacy-approved Climate Champion); ; • Explore further team activities that inspire positive change for the natural environment, e.g. tree-planting and beach cleans; ; • Inspire customers and businesses to reduce carbon footprints with marketing content and opportunities.; ; You can view our Environmental Statement on our website here: https://www.firetext.co.uk/environmental-statement

  Covid-19 recovery

  The transition from the ‘new normal’ in COVID-19 recovery continues, with FireText providing SMS communications for businesses, charities and sectors across the UK as SMS becomes one of the core communication tools for delivering vital messages.; ; As FireText continues to grow post-COVID-19, this has presented career opportunities in the local Cornish community, including recruiting for a new full-time role and taking on a local creative freelancer, specialising in graphic design. ; ; FireText implements the 5 foundational principles of the Good Work Plan. Our directors invest time into understanding each team member’s individual needs to safeguard well-being and safety, as well as encouraging transparency to create job satisfaction. Fair pay is deeply valued, and FireText is accredited as a Living Wage Employer, ensuring employees’ needs are met amidst the cost of living crisis, as well as further rewarding merit. ; ; Each team member is allocated 10 hours of Personal Professional Development, helping each individual thrive in their career and expand their skill set. This is regularly reviewed to ensure the team are getting the most out of training opportunities.; ; We have a strong focus on community-led initiatives, with a goal to create a human connection between our team and the local community. With the economic impact of COVID-19 contributing to the Cost of Living Crisis, FireText continues to contribute monthly food bank donations to our local food bank. Every month, a member of the team delivers food and resources requested by the food bank, and supports people and families in times of need, while building rapport between our team and the wider local community. To both fight climate change and create more community-led initiatives, we would like to partake in more activities such as beach cleans. We will continue to explore further opportunities.

  Tackling economic inequality

  FireText has an open-door policy when it comes to employee professional development and organisational learning. Our weekly team catch-ups and away days allow for the whole team to support each other with professional development and wellbeing. ; ; Our work experience and apprenticeship programs with local colleges have provided career and learning opportunities for individuals from different backgrounds. Our directors and team are also able to pass on their business knowledge to recruits joining the team, as well as allocated 10 hours of Personal Professional Development allocated to each team member.; ; FireText engages and collaborates with a diverse supply chain, such as establishing new partnerships and integrations with software providers across the UK. ; ; We also work with the supply chain and partners to build resilience. As a Mobile Ecosystem Forum (MEF) signatory, we work with the forum to operate a business SMS code of conduct that protects people from receiving unwanted messages. ; ; Information security is at the core of FireText’s offering, and we hold ISO27001:2017 and Cyber Essentials Plus accreditation. This is to protect users and recipients. A CREST and NCSC CHECK provider complete external penetration testing for FireText every year, which allows us to operate and maintain a business with security at the core of all of our operations. FireText's management team audits and reviews our key suppliers, and as part of our supplier procurement process, will ask any new suppliers to complete an environmental questionnaire.; ; As well as managing cyber security risks, FireText is committed to ensuring no modern slavery or human trafficking takes place across our business - including our supply chains.; ; FireText has assessed the risk of Slavery and Human Trafficking in the business and in our ongoing supply chain to be low. A Modern Slavery Statement is published on our website.

  Equal opportunity

  In line with our Equal Opportunities policy, FireText is committed to providing a working environment in which employees are able to realise their full potential and to contribute to its business success irrespective of their gender, race, disability, sexual orientation, marital status, part time status, age, religion or belief.; ; This is a key employment value to which all employees are expected to give their support. In order to create conditions in which this goal can be realised, FireText is committed to identifying and eliminating unlawful discriminatory practices, procedures and attitudes throughout FireText. FireText expects employees to support this commitment and to assist in its realisation in all possible ways.; ; Specifically, FireText aims to ensure that no employee or candidate is subject to unlawful discrimination, either directly or indirectly, on the grounds of gender, race (including colour, nationality or ethnic origin), disability, sexual orientation, marital status, part time status, age, religion or belief. This commitment applies to all aspects of employment, including:; ; • recruitment and selection, including advertisements, job descriptions, interview and; selection procedures; • training; • promotion and career development opportunities; • terms and conditions of employment, and access to employment related benefits and; facilities; • grievance handling and the application of disciplinary procedures; and; selection for redundancy.; ; Equal opportunities practice is developing constantly as social attitudes and legislation change. We will keep our policies under review and will implement changes where these could improve equality of opportunity. ; ; This commitment applies to all FireText’s employment policies and procedures, not just those specifically connected with equal opportunities.

  Wellbeing

  FireText focuses on creating a comfortable, happy and open environment for the whole team. The directors invest in the physical and mental health of the team by creating this environment and arranging regular feedback sessions. Here, the FireText team is given the space and time to voice their needs and to raise any individual concerns they have. This atmosphere cannot be ‘measured’ or ‘processed’ but is nurtured to allow every individual to provide feedback on how they need to be supported in the workplace. ; ; An action as a result of this is FireText’s new hybrid working structure. This includes a combination of office and remote working, allowing for a balance: space to concentrate on individual tasks at home, and time to spend working with the team.; ; As well as a great work-life balance, this open and honest environment is fostered in many ways: daily walks through across Falmouth University Campus, team away day adventures, monthly virtual quizzes and even team 10K runs. ; ; As an Equal Opportunities Employer, FireText echoes this open environment in the recruitment process itself, ensuring that opportunities are accessible to individuals irrespective of their gender, race, disability, sexual orientation, marital status, part time status, age, religion or belief.

Pricing

• Price: £0.05 to £0.05 a unit
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Users can set up a free trial account online to access to the full web platform. It can also be accessed via the API. Users receive 25 free trial SMS credits for testing, which expire after 30 days. Users can upload contacts, create groups and send SMS messages following verification.
• Link to free trial: Www.firetext.co.uk/pricing/trial/gcloud

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@firetext.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.