Pindar Creative

SALI

SALI is an online portal enabling you to generate a sustainable travel leaflet (suitable for both web and print), for your chosen location. Using OpenStreetMap or an existing map base and combining with one of a series of pre-defined templates, users are able to create bespoke publications.

Features

• 12 months access to the portal
• OpenStreetMap covering your area
• Two isochrones
• Six drag-and-drop icons of your choice
• Editable text panels on the front and back cover
• Save leaflets for editing later
• A4 or A3 landscape templates

Benefits

• Leaflet production much cheaper
• Create your own map
• Leaflets kept on brand/message
• Let you reuse existing map bases
• Massive time savings

£3,990 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at c.thomas@pindarcreative.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

754342364320824

Contact

Carl Thomas
01296390100
c.thomas@pindarcreative.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: There are no constraints including planned maintenance arrangements or support being limited to specific hardware configurations.
• System requirements:
  • A modern web browser
  • A PDF viewer

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: EMAIL AND ONLINE TICKETING SUPPORT. We offer technical support to customers through email, telephone and a Helpdesk ticket support system. We operate this facility during Working Days and Working Hours although customers can send emails or log issues using the Helpdesk 24/7. However, for an additional cost outlined in our pricing document, clients will receive 24/7/365 response for email and telephone requests out with normal office hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Telegram support also as support client; Facebook messenger support; Twilio; Multiple clients support; Easy theming; Co-Browsing/Screen sharing; Speech to text; Unlimited operators, chats at the same time, departments; User screenshots, see what your users sees; Files uploads, drag & drop; Visitor tracking across different subdomains of domain; Chrome extension; Operator To Operator chat; Option to have custom form attributes or pre-fill existing ones; Pro active users invitation to chat; RTL and LTR languages support
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: SUPPORT LEVELS CATEGORY A. Fault which makes the Software unusable. 1 hour response, urgent ASAP resolution. CATEGORY B. A fault which has a material effect upon the functionality, accuracy or performance of any substantial function of the Software . 2 hour response, 7 hours resolution. CATEGORY C. A Fault which does not permit the customer and its competent employees to make full, efficient and proper use of the software. 2 hour response, 21 hours resolution. CATEGORY D. Shall be a minor cosmetic Fault, which does not affect the performance of the Software or the Customer’s use of it. 4 hour response, resolved at a date agreed with the customer. TYPE OF STANDARD SUPPORT PROVIDED • Correctly assessing and categorising reported incidents. • Filtering out any end-user errors i.e. operator error • Allocating priority categories and escalating responses. • Ensuring calls are directed to the correct resource to diagnose/resolve problems. • Updating on the progress of incidents, according to the SLA requirements. • Managing change implementation • Manage version control. 'Out-of-hours' support and a dedicated Technical/Cloud Account Manager can be provided at an extra cost.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online training and documentation.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The only user data will be login data which will include first name, last name, and email and password which, apart from passwords, will be supplied back as CSV upon request.; Leaflets generated are already downloaded by the user and not stored on the server.
• End-of-contract process: Website closed down and archived

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: No
• Customisation available: Yes
• Description of customisation: All users can edit text/images on the text side of the leaflet and alter the following items on the map side: key location, icons, text, isochrones and routes

Scaling

• Independence of resources: Server resource are constantly monitored and resources added is systems start to slow down

Analytics

• Service usage metrics: Yes
• Metrics types: PDF generated counter
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Not applicable
• Data export formats: Other
• Other data export formats: Not applicable
• Data import formats: Other
• Other data import formats: Not applicable

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9% application uptime as measured through 1-minute polls using ICMP echo-requests. 99.9% network connectivity uptime of the customer service as measured through 1-minute polls using ICMP echo-requests Users are refunded by negotiated settlement outlined in the services levels in the G-Cloud 12 call off contract
• Approach to resilience: Pindar Creative do not want to make this information public. However, we are willing to share information with a specialist security expert on how we have designed our service to be resilient
• Outage reporting: Our system issues email alerts to named contacts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access only available from the server desktop. RDC over VPN locked down to IP address of business and PC.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: United Registrar of Systems
• ISO/IEC 27001 accreditation date: 3/5 2019
• What the ISO/IEC 27001 doesn’t cover: Hosting partner also holds ISO 27001
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: To preserve confidentiality, integrity and availability, Pindar Creative have implemented an Information Security Management System (ISMS) in accordance with the international standard ISO/IEC 27001. The the ISMS policy is approved by Senior Management and is reviewed at regular intervals (ISMS Management Review Meetings) or upon significant change. Management have put an audit programme in place and all sections of the ISMS are audited at least once a year to ensure that the ISMS:- a) conforms to the requirements of the relevant standards and any other legal, regulatory or contractual requirements b) meets all identified information security and business continuity requirements c) is effectively implemented and maintained d) perform as expected The ISM records decisions and actions related to: i. the improvement of the ISMS ii. updating of the risk assessment and risk treatment plan as appropriate iii. the modification of procedures and controls in response to changes in requirements iv. resource needs v. improvements to how the effectiveness of controls and objectives are measured Regular ISMS Review Meetings Any action needed is implemented and such action reviewed for effectiveness including changes to the ISMS. Appropriate documented information on the action taken is retained

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Change management is incorporated as part of our ISO/IEC 27001:2013 Accreditation
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Firewalls are configured 24/7 to alert in the event of significant intrusions or incidents occurring We use Remote Management Monitoring and live detection defence systems to detect vulnerabilities Anti-Virus is configured to be patched automatically. Our automatic patch policy covers, binary executable, source code modification, service pack and firmware patches Technical services will then identify the priority for the update to be tested and deployed dependant on the nature of the treat and any known exploits. Any patch deployment and software updates must comply with our defined change management process
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Systems are monitored 24/7 by Barracuda Remote Management Monitoring (RMM) software, calling the operations team to action when necessary. The RMM notifies of: Warning Alerts, Critical Alerts, System Down and System Recovery. Regular scanning at the gateway finds vulnerabilities such as SSL injection, cross-site scripting, and others. Any issues found will be imported into the Barracuda Web Application Filter, which automatically generates and applies mitigation rules. Servers are professionally managed and conform to guidelines under the Government's e-Government programme. The Data Centre undergoes PEN testing on a daily basis. Any reported issues are immediately dealt with.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: There is a robust incident management policy in place and enforced as part of our ISO/IEC 27001:2013 accreditation Incidents are reported on the corporate job system database The Information security Officer responds to any incidents reported in line with established control procedures. We have a full incident management plan which we are happy to supply upon request

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Wellbeing

  Fighting climate change

  School and business travel plan leaflets, accompanied by maps, can play a crucial role in aiding local authorities in their efforts to combat climate change in several ways.; ; Firstly, these leaflets can promote sustainable modes of transportation, such as walking, cycling, or the use of public transport, by highlighting convenient routes and transportation options. By encouraging individuals to choose these eco-friendly alternatives over driving, the leaflets can help reduce carbon emissions and alleviate traffic congestion, consequently mitigating the environmental impact of transportation.; ; Secondly, the inclusion of maps in the leaflets can enhance accessibility and awareness of alternative routes and transportation hubs. By providing clear and detailed information about local transport networks, including bus stops, cycle lanes, and pedestrian pathways, the leaflets empower individuals to make informed choices about their travel routes, promoting efficient and environmentally friendly transportation methods.; ; Furthermore, these leaflets can serve as educational tools, raising awareness about the environmental consequences of excessive car use and the benefits of adopting sustainable travel practices. By disseminating information about the environmental impact of transportation and the importance of reducing carbon emissions, the leaflets can inspire individuals to make environmentally conscious decisions regarding their travel habits.; ; Additionally, by promoting active modes of transportation such as walking and cycling, the leaflets can contribute to improved public health outcomes by encouraging physical activity and reducing air pollution, thus fostering healthier and more sustainable communities.; ; Overall, school and business travel plan leaflets, supplemented by maps, have the potential to support local authorities in their efforts to fight climate change by promoting sustainable transportation options, enhancing accessibility to alternative routes, raising awareness about environmental issues, and fostering healthier communities.

  Wellbeing

  Travelplan leaflets with maps can be powerful tools for local authorities to promote wellbeing in several ways. Firstly, they can encourage physical activity by promoting walking or cycling routes to schools or businesses, thereby promoting healthier lifestyles and reducing the reliance on cars, which in turn helps to decrease air pollution and traffic congestion.; ; Moreover, these leaflets can highlight green spaces, parks, and recreational areas along the travel routes, encouraging people to take breaks outdoors and enjoy nature. Access to green spaces has been shown to have numerous benefits for mental health, including stress reduction and improved mood.; ; Additionally, by providing clear and easily accessible information about public transportation options, such as bus routes or tram lines, these leaflets can help reduce the stress and anxiety associated with navigating unfamiliar areas, particularly for those who may not have access to a car. This can improve access to education and job opportunities, particularly for disadvantaged communities.; ; Furthermore, travel plan leaflets can promote community engagement and social interaction by highlighting local landmarks, cultural attractions, and community events along the travel routes. This can help foster a sense of belonging and connectedness within the community, which is important for overall wellbeing.; Overall, travel plan leaflets with maps serve as practical tools for promoting healthier and more sustainable travel options while simultaneously enhancing the wellbeing of individuals and communities.

Pricing

• Price: £3,990 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Access to demo data and the ability to create your own leaflet and map.; Map locked down to certain postcodes.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at c.thomas@pindarcreative.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.