Causeway Donseed
A biometric time and attendance solution for your field workforce that enables you to streamline time and attendance logging while reducing time theft and other risks. It allows you to secure higher standards for security, prioritise health and safety, and take control over resourcing and staff costs.
Features
- Encrypted biometric templates for enhanced security
- Hub and spoke biometric template synchronization
- Browser based access to cloud-based customer portal
- Data available via real-time dashboards and reports
- Portable fingerprint recognition tablet integration
- Online Inductions and real-time toolbox talks and rollcalls
- iOS and Android Mobile Application integration
- Access control and turnstile integration
- Smart Card integration eg CSCS, MyFare and Vicarda Cards
Benefits
- Record accurate site attendance details with biometric identification
- Fully build up to gross pay with overtime and expenses
- Produce accurate times sheets for employees and integrate to payroll
- Validate operative smartcards in real-time, such as CSCS cards
- Manage qualifications, Right to Work records and other documents
- Establish cost controls, review budgeted hours versus hours worked
- Assign specific trades and resources to ensure effective deployment
- Create company or site-specific inductions for new staff
- Run accurate rollcalls of site attendance with biometric identification
- Manage health and safety compliance
Pricing
£50 to £84 a user a year
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
7 0 5 0 7 1 3 8 5 5 9 6 6 8 5
Contact
Causeway Technologies Limited
Hywel Evans
Telephone: 01628552000
Email: hywel.evans@causeway.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- Our services include planned maintenance which will be discussed during on-boarding.
- System requirements
- Modern device to access the service.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Within the teams standard Support hours 08:00 - 17:30 Monday - Friday
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- 1st, 2nd and 3rd-line Support for all customers. Support charges are included within annual fees. We provide a dedicated Customer Success Manager (CSM) for certain customers, with access to the CSM team for renewals for the remaining customers.
- Support available to third parties
- No
Onboarding and offboarding
- Getting started
- Onboarding support via professional services if requested. How to guides, Online training videos.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Available on request from supplier in agreed format.
- End-of-contract process
- User access would be removed and an engagement to export any required data would be initiated. The customer data would then be deleted.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
Mobile Application is Individually focused.
Tablet Application is site location focused and support multiple Individuals.
The core web admin interface is not designed for use on mobile devices. - Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
-
Access through a secure online portal accessible from any device – just log in with your username, password, and permission credentials.
Donseed prioritises security. Login includes Multi-Factor Authentication (MFA) as a standard feature, adding an extra layer of protection for your account. - Accessibility standards
- None or don’t know
- Description of accessibility
- We endeavour to conform to level AA and higher of the World Wide Web Consortium (W3C) Web Content Accessibility Guidelines (WCAG) 2.1.
- Accessibility testing
- We endeavour to apply a testing framework to measure compliance in accordance with the WCAG AA and WCAG 2.1
- API
- Yes
- What users can and can't do using the API
-
Donseed offers a powerful API for approved users to connect your existing systems with our platform. This integration ensures seamless data flow and simplifies workforce management.
Enhanced Security:
- Leverage secure connections (SSL) and Identity Authentication to ensure authorised access and data protection.
- User permissions are strictly enforced, granting access only to relevant data based on individual roles.
RESTful Service with ODATA Protocol:
- Donseed's API adheres to industry standards, making integration with your existing systems straightforward.
- Utilises a familiar RESTful service structure for easy data exchange. - API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Product functionality can be configured in conjunction with system administrators. We work with customers to identify needs and provide product specific to their requirements.
Scaling
- Independence of resources
- Usage and performance monitoring in parallel with onboarding management. All of our services are cloud based and are designed to scale with any increased service demands.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Dashboards and reports are available within the service, accessible to users with relevant permissions. Additional metrics can be provided upon request.
- Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
- Other
- Other data at rest protection approach
- Data at rest is encrypted using industry standard algorithms. Access control, data retention and DLP policies are in place.
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Via the service client or API.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- JSON
- XML
- XLS
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- JSON
- XLS
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- Other
- Other protection within supplier network
- Products are predominately segregated within cloud environments to reduce lateral movement risk and technical access control policies are in place to ensure principle of least privilege is applied to users. Firewalls are also in place at internet gateways and anti DDOS solutions ensure availability.
Availability and resilience
- Guaranteed availability
- Each product has a set of SLAs which can be provided on request but do not fall below 99%
- Approach to resilience
- Our product are designed with multi-zone redundancy, with snap shots and back ups of data taken a regular intervals.
- Outage reporting
- Systems fully monitored. Server and database issue/outage alerts and alarms. Monitoring systems vary depending on the native solutions to the cloud environments in use.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Other
- Other user authentication
-
We employ Active Directory and Microsoft technologies to manage identity & access management across our estate.
This will be a combination of Username and Password, SSO or MFA. During the requirements phase of any deployment these can be discussed in detail. - Access restrictions in management interfaces and support channels
- Access management processes are in place that meet the requirements of ISO27001. Further details can be provided upon clear client requriements and contract engagement.
- Access restriction testing frequency
- At least once a year
- Management access authentication
- Other
- Description of management access authentication
- We employ Active Directory and Microsoft technologies to manage Identity & Access Management across out estate.
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- LRQA - UKAS Registered Certification Body
- ISO/IEC 27001 accreditation date
- Originally accreditation 20/01/2014 and maintained since then
- What the ISO/IEC 27001 doesn’t cover
- The scope covers all of Causeway.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- ISO22301
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Causeway’s Information Security Management Framework (“ISMF”) has been developed to maintain the highest standard of confidentiality, integrity and availability of internal, customer and supplier information. Policies are tested and reviewed periodically.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- The Asset Management policy requires assets to be recorded in the CMBD where assets are recorded and changes to those assets are managed through the Change Management Process. The process looks at the risk associated with those changes. These include, Security, Privacy, Legal and Operational.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
"The Vulnerability management process is structured in four phases. The vulnerability management process phases are:
• Identifying Technical Vulnerabilities
• Evaluating Technical Vulnerabilities
• Address Technical Vulnerabilities
• Vulnerability Management Improvement" - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Our SoC consumes log data from a number of sources (Product, M365 and Infrastructure) to correlate and analyse activity that may relate to threat actor behaviour. These are triaged and managed in line with SOPs and where necessary incident response process are initiated to respond, contain and recover from any incident.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Customer incidents can be raised directly and these are handled by a customer facing incident management team. These work with different parts of the organisation investigate and resolve customer incidents. Depending on the incidents customer are updated in line with standard SLAs.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Causeway recognise the importance of protecting our environment and addressing the climate emergency. Causeway is a carbon neutral company and we offset our calculated carbon footprint. However, we recognise that offsetting is not a permanent solution, so we set environmental objectives to reduce our footprint year-on-year.
The configurability of our solutions provide a platform for the reduction of a wide range of paper-based processes. Our SaaS platforms are hosted by key hosting providers such as AWS and Azure, of which some are using 100% renewable energy and zero carbon.
A number of our software solutions support our customers to reduce the impact of their operations on the environment, particularly in the areas of infrastructure design, operational and strategic asset and service management. Our software helps customers to assess the carbon impact of a range of possible works programmes, thereby helping stakeholders assess multiple scenarios and make decisions with a fuller understanding of the impact of their decisions. We have also developed a product, Tradex Carbon, that enables our customers to measure their Scope 3 carbon emissions from the invoice spend.Covid-19 recovery
During the Covid-19 pandemic we provided facilities and equipment for all staff to work remotely. We continue to operate a hybrid working policy through the organisation, with teams encouraged to attend offices on the same day to achieve wellbeing benefits.
Prompted in part by the events of Covid-19, over 1,400 construction and maintenance workers took our mental health survey unveiling some truly devastating results, including 56% experiencing mental health problems and 12% experiencing suicidal thoughts. Causeway are committed to encouraging and promoting improved mental health practices in all elements of our business and campaigning for companies across the industry to do the same. To achieve this, we work closely with a charity partner and have appointed former Everton FC and England midfielder Trevor Steven as our mental health ambassador. Trevor works on sector-specific campaigns for Causeway staff and customers and helps to tackle the silent epidemic within the industry, educating the workforce that it is okay not to be okay.
Trevor notes: ""We’ve had some very frank conversations over the last 18 months about the reality of working in the industry and how it can impact mental health and it is clear we need to do more than just hanging a few signs up around sites. Mental health needs to be approached in the same way as health and safety."" Further details can be found at https://www.causeway.com/mental-health-commitmentTackling economic inequality
Causeway regularly review our employee’s remuneration. This includes process's we follow, regular benchmarking using good quality information from external markets and committing to being a Real Living Wage employer.
We also undertake a number of initiatives that focus on promoting skills development and providing training opportunities, particularly to provide more exposure to the areas of software development and computer science. We are supporting young people who chose not to go on to higher education to have a career in software engineering. Our first apprentice started this Autumn was female.
A number of our staff have also been involved in the Royal Institute Masterclasses, which bring together year 9 (13-14 year old) students with an emerging interest in computer science and technology. We provide them with a hands-on experience beyond the curriculum, engage them with the kind of problems they can solve and show them the impact they can have on the world through a computer science career. Masterclasses excite young people in the creativity and practice of computer science and technology. These sessions are delivered by Causeway employees on a Saturday morning from our offices in Middlesbrough.Equal opportunity
Causeway is an equal opportunities employer. We adopt fair, objective and innovative employment practices in a variation of areas, including but not limited to, recruitment, development, talent succession, ultimately giving everyone an equal chance to succeed.
We also undertake a number of initiatives that focus on promoting skills development and providing training opportunities, particularly to provide more exposure to the areas of software development and computer science. We are supporting young people who chose not to go on to higher education to have a career in software engineering. Our first apprentice started this Autumn was female.
A number of our staff have also been involved in the Royal Institute Masterclasses, which bring together year 9 (13-14 year old) students with an emerging interest in computer science and technology. We provide them with a hands-on experience beyond the curriculum, engage them with the kind of problems they can solve and show them the impact they can have on the world through a computer science career. Masterclasses excite young people in the creativity and practice of computer science and technology. These sessions are delivered by Causeway employees on a Saturday morning from our offices in Middlesbrough.Wellbeing
We take good care of our employees and we give well-being the same priority as our other business goals. We are also working on a mental health awareness project with construction and maintenance workers in the UK. Causeway are committed to encouraging and promoting improved mental health practices in all elements of our business and campaigning for companies across the industry to do the same. To achieve this, we work closely with a charity partner and have appointed former Everton FC and England midfielder Trevor Steven as our mental health ambassador. Trevor works on sector-specific campaigns for Causeway staff and customers and helps to tackle the silent epidemic within the industry, educating the workforce that it is okay not to be okay.
Trevor notes: ""We’ve had some very frank conversations over the last 18 months about the reality of working in the industry and how it can impact mental health and it is clear we need to do more than just hanging a few signs up around sites. Mental health needs to be approached in the same way as health and safety."" Further details can be found at https://www.causeway.com/mental-health-commitment
Pricing
- Price
- £50 to £84 a user a year
- Discount for educational organisations
- No
- Free trial available
- No