zoommail limited

GOV-EMAIL.UK for central government

Use GOV-EMAIL.UK to distribute email to your community and stakeholders. Deliver trusted email to promote your services and engage with your community. With GOV-EMAIL.UK's email marketing platform deliver authenticated email and increase public visibility and service usage.

Features

• Drag & drop email editor
• Send trusted email using <your-organisation>.gov-email.uk
• Email authenticated maximising delivery to Gmail, Yahoo and Outlook.com.
• GDPR compliant subscriber management
• Campaign reports display email opens & clicks
• Create email automations
• Create drip feed series on signup
• Integrated with CRM systems
• Add personalisation to emails
• Trigger emails on dates and activity

Benefits

• Quickly distribute email information to your subscriber audience
• Allow subscribers to unsubscribe from every email
• Adhere to GDPR legislation
• No drain on internal IT resources
• Target email groups with relevant messages
• Allow recipients to define email preferences

£2,736 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@gov-email.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

733326597940351

Contact

David Hazzard
01752393325
info@gov-email.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: CRM Connectivity - synchronised and keep your subscriber data up to date; Web Tracking - track your subscribers on your website; EmailAI - Lead scoring and AI identifying your genuine hotleads; Email Verification - verify email addresses; We can also provide Dedicated Domains and IP addresses
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: Computer with access to a modern Internet Browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within a working day - Monday-Friday 9am-5pm
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide 1st, 2nd and 3rd line support with our in-house expertise.; No cost for support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: During the initial 30 days GOV-EMAIL.UK will outline an onboarding for you, to include templates, sign-up forms, custom fields, data import, automation and staff training.; Email configuration - dmarc, dkim, spf - all setup by GOV-EMAIL.UK. If you need us to talk to your IT Team, that’s no problem but it’s usually not necessary.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • Other
• Other documentation formats: Video
• End-of-contract data extraction: You can export the subscriber status and data via CSV at any time via the platform.
• End-of-contract process: At the end of the contract there are no exit costs. Data can be exported from the system using the platform. The data export format is CSV. The customer's data will be removed from the system.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Access is provided using OAuth2 authentication.; Our API is REST based, allowing users to add users to groups and send emails.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can create their own email designs using our drag and drop editors. Users can upload their own html emails. Users can brand their own unsubscribe and subscriber preference pages.

Scaling

• Independence of resources: We have over 20 years experience in this field. GOV-EMAIL.UK is created with the ability to increase resources when the demand increases.

Analytics

• Service usage metrics: Yes
• Metrics types: Subscriber numbers, emails sent, email opens and links clicked.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Through the browser users can export their subscriber data.
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XLS
  • XLSX

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Over 99% system availability with 24/7 monitoring.
• Approach to resilience: Our system, sending, tracking and web-apps are separate entities. While they are all monitored, the lack of availability of one component is designed to have no effect on the others. ; Our system is hosted on the Microsoft Azure platform in their UK South data centre. ; We are RIPE members with our own range of IP addresses.
• Outage reporting: Our system is monitored on a 10minute frequency from several locations throughout the world. Outages are informed to system administrators by email and text.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Management and support access only given after training. This access is regulated dependant on user and they have limited access to the system.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: CyberEssentials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Aligned to industry best practice, maintaining policies across device management, secure connectivity, data security and internal operations.
• Information security policies and processes: Aligned to industry and NCSC best practice for security governance. Our practices include; CEO responsibility of information security, a documented framework with policies, risk management and processes to identify and comply with legal and regulatory requirements.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All changes are assessed in line with our Change Control Process (details available on request), including security issues/risks/impact. Covers major releases, updates & fixes as required. All components are stored within a source control system, enabling comparison and roll back to previous versions. Code Changes audit trail includes the ability to compare versions across the entire delivery platform including application code and database changes. ; Update fixes may be supplied and deployed as required to address urgent security issues.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Aligned to CSA CCM v3.0 in the identification, management and resolution of vulnerabilities to pre-defined timescales based on severity.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Aligned to CSA CCM v3.0. All security logging is turned on, centralised and continuously monitored for security events. Access to logs is limited to defined privileged users.
• Incident management type: Supplier-defined controls
• Incident management approach: Aligned to CSA CCM v3.0. Pre-planned incident management processes are in place to minimise impact on services.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Tackling economic inequality

  ZoomMail believes in employing staff within our local area, benefitting the local economic environment.

  Equal opportunity

  ZoomMail believes in educating staff, raising their knowledge, developing new skills and subsequently move into higher paid work.

  Wellbeing

  ZoomMail promote health and wellbeing within our workforce. ZoomMail provide health club membership for staff and their families.

Pricing

• Price: £2,736 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Email create, send and track. Limited to 1000 email addresses. You cannot schedule sends and other times events. No limited time period to free version.
• Link to free trial: https://s20.zoommail.co.uk/Account/Register

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@gov-email.uk. Tell them what format you need. It will help if you say what assistive technology you use.