Sagacity Solutions Ltd

Marketing Services - Data Quality

By utilising our proprietary Goneaway, Deceased & Mover solutions along with advanced matching, we help businesses guarantee the highest quality of the data with duplicates corrected and the most up-to-date information. This allows businesses to maximise the effectiveness of their marketing campaigns, saving time, money, and resources.

Features

• Goneaway Suppressions: removing individuals who have moved house
• Deceased Suppressions: removing individuals who have passed away
• Address Formatting and Deduplication: using our powerful matching logic
• Screen data against the Mail, Telephone and Fax Preference Service
• Email, Mobile and Landline Validation

Benefits

• Minimise return mail with accurate, reliable customer data
• Avoid heavy fines and stay GDPR compliant ensuring data accuracy
• Save time, money, and resources – increasing ROI
• Reduce the risk of brand damage
• Avoid losing touch with valuable customers

£320 to £12,000 a licence

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at AGaughan@sagacitysolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

845711981473103

Contact

Adrian Gaughan
07900407901
AGaughan@sagacitysolutions.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Microsoft Dynamics, Blackbaud
• Cloud deployment model:
  • Public cloud
  • Hybrid cloud
• Service constraints: Web Platform has a 2GB File Limit.; All other means os using the service do not have any limits
• System requirements: We are flexible in meeting your requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times are 8:30 to 5:30 Monday to Friday but additional support could be stood up if required.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Support prerequisites are consulted and agreed upon based on client business requirements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: In order to ascertain the precise configuration of their solution, Sagacity collaborates with clients to establish and verify their application needs. The agreed upon delivery methodology and the particular requirements of the solution will determine the onboarding and offboarding procedure. This procedure usually entails knowledge transfer and documentation tasks.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Sagacity may help the client by organising and carrying out cloud-based exit initiatives. Data is transferred to the customer via encrypted means, Dashboards, or it is deleted in accordance with GDPR regulations and the terms of the client contract. This might be decided upon during project planning to satisfy the buyer's needs.
• End-of-contract process: Each contract definition includes contract exit alternatives, which are reviewed with the client at the beginning and conclusion of the agreement to make sure that any legislative requirements that were in effect at the time may be taken into consideration. There can be extra fees to compensate the difficulty of fulfilling the client's expectations, depending on the amount of extra labour needed.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: A RESTful API users can submit requests to perform a variety of data cleansing operations on consumer and business data using industry leading reference files, including but not limited to:; - PAF address validation and correction, plus rapid address lookup; - Individual and household level deduplication; - Deceased and goneaway Suppression; - TPS, CTPS, FPS and MPS flagging; - Redirection address identification and append; - Email and telephone number validation; - Data Enhancement – Hundreds of individual, household and postcode level attributes, age append, telephone number append; - Geographic functions such as perform a radius calculation on a postcode or nearest to calculation on a single/list of postcodes; ; Supports single or batches of records in a single request using REST (JSON/XML) or SOAP.; Requests up to 1,000 records can be submitted synchronously, over this asynchronous requests are enforced.; ; Ability to retrieve matching statistics before committing to purchasing results.; ; Requests can be grouped together using a ProjectName, enabling the invoice to be split for easier identification processing and billing.; ; Specific logic/services can be added to the API, controlled either on an account by account basis, or using the IntegratorKey to identify required functionality for the operation.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: All customisation requirements are agreed separately with Customers in line with their requirements.

Scaling

• Independence of resources: Our platforms and infastructure is capable of handling hundreds of millions of records so scaling is rarely needed ; ; However we have multiple technical departments which are capable of scaling up infrastructure to handle larger requests where needed

Analytics

• Service usage metrics: Yes
• Metrics types: The platform provides detailed usage, and where applicable, covering user and service-based usage. These are delivered within the platform is dashboards and reports and can be exported to standard formats.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data from the platform can be accessed directly via the end user and data can be allowed to be exported/imported to/from standard formats based on configured limits and access control policies. Data can be exported/imported to/from a variety of standard data protocols including APIs, SFTP, HTTPS. Likewise, native support for standard data formats is provided including CSV, JSON, XML, with extensible support for proprietary formats like Excel.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • XML
  • JSON
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • JSON
  • XML
  • Excel

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Sagacity collaborates with clients to identify appropriate service levels, ensuring that the hosted and managed services meet their needs. We ensure that the appropriate underpinning contracts and Operating Level Agreements (OLAs) are in place in order to guarantee that we can supply the necessary levels of availability. We promise that during business hours, the service will be accessible 99.9% of the time. Over the past two years, our availability has comfortably surpassed 99.5%. We can talk about different cloud deployments and designs for use cases that need stronger availability guarantees, at an extra cost.
• Approach to resilience: No single hardware component is required because all cloud resources are virtualized. The availability of the underlying infrastructure is 99.999%. To reduce service expenses, all service components are typically deployed in a single availability zone. Because each client deployment is managed as a distinct cloud instance, any behaviour that affects one client deployment's performance cannot influence any other client deployments. Every day, a daily backup of all client data is performed to provide extra security against potential losses, data corruption, and service outages. Apart from the single zone service, multi zone availability is also a possibility, albeit at an extra expense, in which all service components are replicated at a second site. Primary or single zone hosting is typically situated in the UK or EEA.
• Outage reporting: Incidents impacting services are emailed to the client's primary contacts. Incidents that impact service comprise not just service outages but also any observation of decreased service performance or absenteeism. Only a report of the observation may be included in the initial emails. Notification of the complete restoration of services, an estimated time frame for restoration, or more information on mitigations or workarounds will all be included in follow-up emails. Additionally, since the emails are sent by a client support team that can reply to requests for more information—rather than "no-reply" mailboxes—the assigned Sagacity Service Delivery Manager contacts customers proactively when necessary to request more information or assistance. Sagacity creates personalised online spaces for clients.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: SSO and support for SAML based identity providers providing common access controls such as MFA ; VPN support ; RBAC access controls
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 05/10/2023
• What the ISO/IEC 27001 doesn’t cover: Sagacity do not exclude any clauses
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: No controls are excluded from ISO27001. All policies and processes are followed. Sagacity Solutions are audited by BSI annually and non-conformance of policies and procedures are raised as incidents and thereafter an investigation is started. Sagacity ensure policies are followed by informing staff of the importance of information security and regular training and updates on policies are carried out. Sagacity have a Information Security Governance Team who meet bi-weekly to discuss Information Security within the business and any external risks that may affect the business. Here concerns are raised for any project undertaken and discussed in depth.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: The ISO27001 standard is recognised for component lifecycle management, which includes safe destruction and storage overwrite. Service software is built using pre-existing (open source and commercial) software components, is only downloaded from the official repository, and is security-checked before usage. All version numbers and change dates are noted in the service deployment checklist. Reviewed for new or modified features or capabilities, as well as internal software library requirements, are planned infrastructure or software changes. Configurations are modified as appropriate to eliminate pointless new features or reduce any further security vulnerability.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: In order to stay informed about new risks, we keep an eye on vendor and security researcher blogs as well as vulnerability feeds. Next, we examine the possibility of affecting service and, if so, establish the likelihood and severity of the impact. We develop a mitigation strategy based on our assessments, which can involve an upgrade that is planned, an emergency upgrade, or a modification to operation procedures. After assessment and planning, operational modifications and emergency enhancements are implemented as quickly as is reasonably possible. The standard upgrade or patching cycle accommodates planned upgrades.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Potential security issues can be easily identified, categorised, and analysed with the help of system event monitoring. All security-related incidents are categorised as having a significant impact on services, escalated appropriately, and dealt with right away. Depending on the type of infiltration, several methods and procedures are used to reduce the impact and restore service integrity. Additional information is provided upon request.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Employees are made aware of the procedure to raise incidents and report them, regardless of their perceived scale to the individual. Incidents must be managed following the process defined. Incidents must be formally recorded, analysed by a member of the IST and if necessary reviewed and approved by the ISMT.; BIA, decisions made during the incident, any approvals associated with containment and eradication measures and resolutions and lessons learned from any incidents must be recorded in detail for future reference and verification.; Sagacity may encounter incidents relating to a range of issues formal classification of incidents has been devised

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity

  Fighting climate change

  Sagacity is a paperless business and requests that emails are only printed if they really need to be. In addition, old and unused IT equipment is recycled and donated to charity instead of being disposed of.

  Covid-19 recovery

  Our COVID19 data allows us to understand those most likely affected and for our clients to support them as necessary. Our Property data allows clients to evaluate the carbon footprints of households and businesses whilst also providing advice on how to support energy efficiency.

  Tackling economic inequality

  We provide vulnerability models to help clients better provide and cater for their vulnerable customers, especially those who are marked as economically vulnerable, allowing for fairer services to be provided. We also have data at a local level on health and wellbeing.

  Equal opportunity

  Sagacity is committed to promoting equality and diversity and promoting a culture that actively values and recognises the differences between backgrounds and cultures and the valuable experiences and insights that this offers to the workplace. Sagacity has an Equal Opportunities policy with the aim of managing diversity successfully to help the company nurture creativity and innovation, growth, and improved competitiveness.; ; Sagacity aims to offer an inclusive environment in which diversity is valued and used in a respectful way to create an effective and efficient workplace and recruit and retain a diverse workforce that reflects the community that we serve. Sagacity also aims to ensure that all employees have the opportunity to maximise their potential and enhance their self-development and their contribution to the business.

Pricing

• Price: £320 to £12,000 a licence
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free access to Online and Audits for data quality
• Link to free trial: https://online.sagacitysolutions.co.uk

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at AGaughan@sagacitysolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.