Zipporah Ltd

Accommodation Bookings and property management

Accommodations booking is an all-in-one property and accommodation management system, designed and built for hotels, conference centres, and just-about anything else. Browser based and hardware-independent, the solution manages guests from booking to checkout, providing staff with optimal handling of customer traffic through a well-designed and stylish interface.


  • Book accommodation online
  • Check in online
  • Check out online
  • Take online payments
  • Advertise your various accommodation packages
  • Define charge-bands depending on season
  • Access the system from anywhere, via any online device
  • Arrange cleaning staff as appropriate
  • Add promotional offers and deals as needed
  • Contact your customers easily and quickly via integrated SMS/email etc


  • Enhances guests experience resulting in happier customers
  • Cater for busy periods
  • Vast amounts of information gathered and presented clearly
  • Provide constant and relevant information to customers
  • Reduced queues and build up of enquiries, boosting happiness
  • Take bookings and payments 24/7
  • Allocate rooms
  • Add discounts and define your charge structures based on demand
  • Arrange cleaning staff around booked rooms
  • Advertise your properties effectively


£8,000 to £36,000 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

9 0 1 7 8 8 2 1 9 1 6 7 7 0 1


Zipporah Ltd Scott or Emma
Telephone: 02921 202042

Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
System requirements
Internet browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
Category A - system is inoperable and business operations are halted.
Respond within 1 hour and endeavour to provide a correction or workaround within 4 hours.

Category B - system is operational and still useable for business operations. Impact may reflect data issues on input or reporting or an irregular issue which does not affect general usage.
Respond within 24 hours and endeavour to provide a correction within 4 working days.

Category C - system is operational and useable for business operations. A non-essential function identified.
Respond within 24 hours and endeavour to provide a correction within 7 working days.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
Tested with Dragon
Onsite support
Yes, at extra cost
Support levels
Zipporah support provides first line support telephone and email support is included within service charge for the annual use of the software solutions. This is support is provided Monday to Friday from 09:00 - 17:00. A dedicated support team is provided to support any issues that you might experience. In addition the up-time guarantee for the service is 99.9% based on 24/7/365 days of the year.
Support available to third parties

Onboarding and offboarding

Getting started
Zipporah’s onboarding package is aimed to ensure that your system is set up and ready to go and that your teams are confident and capable of fully understanding the system and of administering it once it is operational. Zipporah will onboard your team by phasing the implementation, led by an experienced Zipporah project manager. Our aim is to transfer knowledge and skills to your team. As part of our structured and phased approach to skills transfer sessions, we find that our customers benefit most by have shorter training sessions. Initially Zipporah will demonstrate how to set up and configure the system and then arrange for further sessions where your team does the hand on set up, using our Delivery Specialists and Trainers for QA. Zipporah will provide all training materials, user guides and videos as required.
Service documentation
Documentation formats
  • PDF
  • Other
Other documentation formats
End-of-contract data extraction
Zipporah is able to provide the customer with a complete database in Microsoft CSV, XML or Excel formats as standard. We are also able to offer a number of other formats which would be discussed on a case-by-case basis.
End-of-contract process
There are no additional costs at the end of the contract. Zipporah provide customers with its data in Microsoft formats.

Using the service

Web browser interface
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
Service interface
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
Open API standards
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
What users can and can't do using the API
The Zipporah API layer allows for all aspects of the Zipporah booking and resource management processes to be accessible directly and securely. Zipporah has created front ends which are available through the API structure which allow a start point for clients who want to use them. However we have, for clients with the relevant knowledge and understanding, opened the system for them to utilise the APIs for a range of functions. The services are written as Open APIs and can be called through a range of technologies whether its Javascript or AJAX. The APIs can be used to effectively create a client specific front end, calling the core functionality of the product, allowing it to sit behind existing systems. Alternatively they can call and drop into Zipporah processes through the API or can start processes in other systems such as CRMs or Forms engines. All the logic of Zipporah is provided back through the APIs with no limitations to how they use or present the API data.
API documentation
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Customisation available
Description of customisation
The Zipporah solution is a highly configurable and customisable solution that allows the user to control and customise almost all of public facing elements and back office views as desired.

Intuitive tools, provided through the user-interface allows the user the ability to edit buttons, emails and page content so that they can create a solution which has their full look and feel.

Users are able to customise a wide-variety factors such as the type of accommodation, conference room style, charging structure and more.

The system also includes the ability for roles to be defined which determines user access. This customisation of roles allows the system administrator to define who has the authority to customise various elements of the system.


Independence of resources
We supply individual hosting for clients based on their needs or requirements. Clients therefore have their own, dedicated server which ensures no interference with the solution. Clients are able to opt for shared hosting, with client specific, independent databases - where we isolate every client through the options provided to us via IIS and put upper limits on each individual site. Zipporah utilise real time monitoring tools to review speed and uptime tolerances of all clients as well as utilising CPU usage alerts which are set to alert Zipporah should any CPU reach 75% utilisation.


Service usage metrics
Metrics types
The service metrics we provide are within an array of application specific reporting suites. These reports allow clients to access a wide range of metrics from systems and provide comprehensive and clear information about how the service is functioning.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
There are a number of standard reports that contain all system information - the user is able to export these in a number of Microsoft formats.
Data export formats
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • Spreadsheet
  • JSON

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
The Standard SLA covers: 99.9% monthly network up-time guarantee, 5-hour hardware failure response time Credit allowances for hardware or network failure beyond SLAs 24.7 automated SLA monitoring and notification. On top of this we offer a network guarantee of 99.9% monthly network up-time for our ISP network. In the event of a network fault that takes your server off-line, we will offer a credit allowance.
Approach to resilience
Available on request.
Outage reporting
Networks are continuously and automatically monitored. Zipporah are immediately informed of any potential problem so that it is normally rectified before your service is affected. If any complications arise, the support team will be in regular contact to update clients of on-going progress and expected resolution time-frames. This service would usually be provided via email.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Identity and authentication controls restrict access through the following mechanisms: Authentication federation, Username and password, Two factor authentication, Username and strong password/passphrase enforcement.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
Initial accreditation date 26 January 2016 Last awarded 25 January 2022
What the ISO/IEC 27001 doesn’t cover
Everything is covered by our ISO 27001 accreditation.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
The Zipporah information security policy covers all forms of information security such as data stored on computers, transmitted across networks, printed or written on paper, stored on discs and drives, stored in the Cloud or spoken in conversation or over the telephone. All managers are directly responsible for implementing the Policy within their business areas, and for adherence by their staff. It is the responsibility of each employee to adhere to the policy. Disciplinary processes will be applicable in those instances where staff fail to abide by this or any other Zipporah Ltd security policy. It is the policy of the company to ensure that information will be protected against unauthorised access, that confidentiality of information is assured, that integrity of information is maintained, that regulatory and legislative requirements regarding intellectual property rights, data protection and privacy of personal information are met, that business continuity & disaster recovery plans will be produced, maintained and tested, that staff shall receive sufficient information security training and that all risks are identified, measured, communicated, controlled and where necessary, reduced in magnitude. All breaches of information security, actual or suspected are reported and investigated by the Zipporah Security and Risk Committee.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Zipporah use GitHub as our code library which maintains all changes and check-ins performed on Zipporah code, allowing us to compare any check-ins to review what was done. The use of GitHub allows us to manage branching of our solutions to maintain versions for specific clients. Zipporah operate a job monitoring system allowing monitoring of support and development jobs. Jobs are matched to check-ins to reference change and reasons for change. In achieving accreditation for ISO27001:2017 we have processes for designing and writing software including security considerations and impacts. This includes stages of peer review for security and pen testing.
Vulnerability management type
Vulnerability management approach
We have a Cisco ASA 5516 firewall with Firepower. Windows updates through GFI, deploying Critical updates automatically. We obtain all the cyber threats through firesight management and have also been given a portal to Mi5’s Cyber security.
Protective monitoring type
Protective monitoring approach
Our data centre deploys the Cisco Firesight Management Center alongside Cisco 5516x firePOWER IPS, Apps, AMP and URL with Smartnet.
Incident management type
Incident management approach
As part of our ISO 27001 and 9001 certifications Zipporah has a complete process to for Non-Conformance Control, Information Security Incidents & Corrective Actions. Any non conformance report can be submitted via telephone or email. Corrective Actions and Actions to Prevent Recurrence are identified and recorded on the NCR. Once complete NCRs when appropriate are returned to the customer, then filed and reviewed at the Management Review Meeting.

Incidents can be reported through a variety of means whether directly to our support system or via telephone. Equally where we have automated tools this may issue us alerts.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

Zipporah has always taken its environmental responsibilities seriously and as such has revised and restructured its working practices and procedures in recent years. We now operate hybrid working practises where our team work from home as well as attending the office when required. This has a positive impact on both the environment and on the well being of our team. Our office procedures include recycling and a no-print policy if possible. We use recycled paper if needed. We limit travel to client sites and attend only if the client requires a face to face meeting – we are client led on this. We are moving to electric company cars later this year. Our offices are fitted with energy saving lighting. Our solutions and products are all online systems and we can implement and support them with no travel to the client sites. The products we provide have no negative impact on the environment and only a positive impact on the environment.
Covid-19 recovery

Covid-19 recovery

Zipporah takes its social responsibilities seriously and as such ensures it plays a part to assist where possible. During the past 24 months, to combat the COVID crisis and its impact on Local Authorities and their partner organisation, Zipporah further developed its solutions to cater for safe and secure working environments. We listened to our clients and enhanced our resource management solutions to cater for hybrid working functionality that met the demanding needs of hybrid working patterns, including automating slots for office sanitising to take place. Zipporah operate using an hybrid working model that we believe benefits both the company and the employees. Zipporah employees have the option for remote working and travelling to and from the office, especially where public transport is used, has been removed as a barrier. Our offices have been restyled so that social distancing is created in our office space and the number of team members working at the office at one time is managed and monitored. Zipporah ensure we create a safe and secure environment for our team.
Tackling economic inequality

Tackling economic inequality

Zipporah takes its social responsibilities seriously and as such ensures it plays a part to assist where possible. Where appropriate within a client implementation, we are able to roll out the system to the council's third party users, such as various charities and digital hubs. These can access the system and create their own resources in order to promote their own services, generating income for such charities.
Equal opportunity

Equal opportunity

Zipporah is an Equal Opportunities employer and as such recruits, employs and manages our team members adhering to our Equal Opportunity Policy. We are proud of our diverse team and we believe this adds to the wealth of knowledge and innovation that allows us to be a market leader within the online resource management and online bookings market place. Zipporah's Directorship is 50% female and the middle management tier is 60% female which, which again we are proud to claim and recognise as a IT employer. We operate a single, transparent pay structure for all team members.


Zipporah operate using an hybrid working model that we believe benefits both the company and the employees. Zipporah listen to its employees and identifies their unique requirements to cater for flexible working options. Zipporah believe that hybrid working assists with work life balancing but also appreciates that this doesn't suit all team members and we ensure that sufficient resources are available for those choosing to work from our office base on a regular or rota basis. Zipporah also provide access to mental health and well being support via our Employee Assistance Programme.


£8,000 to £36,000 a licence a year
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.