CycleStreets: Cycle journey planner and cycle map - white label website
Embedded cycle journey planner and cycle map website, providing a web interface showing optimal bicycle route from A-B, offering a choice of route types (quietest route, fastest route, balanced route; circular leisure route also available).
Features
- Bicycle journey planning (routing) and cycle map website
- Embedded and fully-integrated within your website
- Cycle-friendly routes from A-B
- Different routing types available (quietest, fastest, balanced, leisure)
- Intermediate waypoints (A-B-C...)
- Circular leisure routes also available (at additional cost)
- Elevation-aware routing
- Routing that 'thinks like a cyclist'
- Regularly-updated data
- Takes account of very many street attribute types
Benefits
- Enables people to plan safer cycle routes
- Enables people to plan faster cycle routes
- Encourages active transport
- Assists promotion of healthy cities and healthy transport
- Cycle map designed for people cycling rather than driving
- Provides clear mapping of cycle infrastructure
Pricing
£3,599 a licence
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
8 2 0 2 0 9 4 4 8 5 5 1 2 3 9
Contact
CycleStreets Ltd
Mr. M. Lucas-Smith
Telephone: 01223 701901
Email: info@cyclestreets.net
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- None.
- System requirements
- Setting up either subdomain / proxy / simple embed code
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Within 48 hours, or sooner.
Weekend responses are not guaranteed, but we often work weekends and pick up enquiries. - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Support is provided by e-mail during the daytime, with questions answered by direct employees who run the service. We are happy to be called by phone also.
Support is provided by the two developers/directors of the company, rather than a separate technical account manager. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
-
Read documentation at:
https://www.cyclestreets.net/help/embedding/
Set up either a subdomain or a proxy, and point to our server (if necessary).
Provide a header/footer HTML extract (if necessary).
Obtain a key from:
https://www.cyclestreets.net/api/apply/
We are happy to answer queries about the white label service. These are regularly folded into the documentation to provide additional clarity. - Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
- There is no data to extract.
- End-of-contract process
-
No special activity takes place - the website service will keep running but customers are expected to remove their integration if they do not wish to renew for a further period, and we reserve the right to withdraw service.
Customers may renew for a further period if wished.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Layout adaptions for mobile.
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- A basic control panel simply giving usage rates is available, but configuration is otherwise not necessary.
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- The interface is compatible with speech browsers, e.g. JAWS. The service uses standard HTML4/5 page generation, and is not dependent on Javascript. Proper semantic structures are used. Usage graphs are also described as text-based tabular data.
- API
- No
- Customisation available
- Yes
- Description of customisation
-
Clients can specify quick links to particular geographical locations.
We are able to undertake consultancy work to add new types of routing beyond the standard types available.
Scaling
- Independence of resources
- The underlying API service is spread over multiple hosts. Where usage is non-trivial, customers are put on a specific load-balanced endpoint, isolating them from other customers.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Number of routes planned, over various time periods. These are accessed as real-time charts via the API key control panel.
- Reporting types
- Real-time dashboards
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Staff screening not performed
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Other
- Other data at rest protection approach
- There is no personal data processed in relation to the website provision.
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- There is no data to export.
- Data export formats
- Other
- Other data export formats
- There is no data to export.
- Data import formats
- Other
- Other data import formats
- There is no data to upload.
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- Other
- Other protection within supplier network
- SSH.
Availability and resilience
- Guaranteed availability
-
Standard SLA contract has 99.5% uptime.
In practice we have consistently achieved above 99.9%.
In the event of not meeting the uptime requirement, customers have the option to be refunded for time lost, at a twice pro-rata rate. - Approach to resilience
-
Users sign up to an SLA which ensures we are contractually obliged to meet service standards.
Redundancy is present, so in the event of a serious outage, we are able to switch to another endpoint in a different data centre.
Multiple data centres are used geographically.
Uptime monitoring by an external service, and internal API format monitoring, are both in place. - Outage reporting
-
There is no public dashboard.
Internal SMS alerting is in place.
Identity and authentication
- User authentication needed
- No
- Access restrictions in management interfaces and support channels
- Username and password.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- You control when users can access audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- Security is run by a Director (a direct employee) who is also an engineer involved in running the service. No aspect of security governance is outsourced.
- Information security policies and processes
-
Machines are patched regularly by the hosting provider.
Those involved in installation and deployment of services are in-house staff and are trained in security patching and resilient coding practices.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Both code and configuration are each (separately) committed to Git repositories.
Deployment is done on a continual rather than big-bang basis.
Code is reviewed regularly by other employees.
Code uses libraries developed over many years which have withstood the test of time. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Patch availability for machine-level software is notified regularly by the hosting company. Patches of a high urgency nature are usually applied by the host very shortly after, although this sometimes expedited by our in-house employees.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
DoS attacks are dealt with by the hosting company.
Application-level error logging is enabled.
Server performance logging for multiple attributes is checked regularly.
SMS alerting is set to detect slow responses, which tend to be an indication of potential problems.
Potential compromises are assessed for severity. In the case of the underlying routing API, the threat potential is low as no personal data is involved.
Incidents are dealt with as top priority, displacing other work. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Users can report incidents via e-mail or our feedback system.
In the event of a significant downtime incident, the initial response is to reconfigure the endpoints to avoid loss of service. Users would be notified by e-mail beyond this.
No personal data is being processed by the underlying API from which the site retrieves routing results. The site itself has no user login or database storage.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
Our white label site service specifically aims to facilitate increased levels of cycling, one of the most sustainable forms of transport. - Covid-19 recovery
-
Covid-19 recovery
Our white label site service specifically aims to facilitate increased levels of cycling, a form of transport identified by the government as important as part of COVID-19 recovery. - Tackling economic inequality
-
Tackling economic inequality
Our white label site service specifically aims to facilitate increased levels of cycling, a form of transport which enables people on lower incomes to have significantly greater freedom, as it is an independent form of transport which is low-cost, and which can enable people to access a wider range of employment/other opportunities. - Equal opportunity
-
Equal opportunity
Our white label site service specifically aims to facilitate increased levels of cycling, a form of transport which is accessible to everyone, regardless of gender, economic status, ethnicity, and often physical disability. - Wellbeing
-
Wellbeing
Our white label site service specifically aims to facilitate increased levels of cycling, a form of transport which is widely acknowledged as promoting positive mental and physical health for individuals, as well as reduced pollution/noise for society at large.
Pricing
- Price
- £3,599 a licence
- Discount for educational organisations
- Yes
- Free trial available
- No