Plinth
Plinth supports organisations who deliver programmes in partnership with other organisations, such as Holiday Activities and Food Programmes (HAF), Community Grant programmes, Short Breaks, Family Hubs, Youth Programmes and many others. Allowing, seamless real-time data sharing, gathering insights and meeting all reporting requirements
Features
- Real time reporting
- Volunteer recruitment and brokerage
- Measure outcomes with standard surveys
- Combine local data with public open data
- Online booking platform
- Customer and case management for VCS organisations
- Quantitatively and qualitatively estimate social value
- Grant management system
- Referral network for voluntary and community services
- Automated discounts
Benefits
- Learn from monitoring reports
- Calculate the social value of your VCS projects
- Improve security of VCS data
- Encourage collaboration between community organisations
- Save time for VCS organisations doing monitoring and reporting
- Encourage volunteering and participation
- Increase access to community activities
- Make referrals to VCS organisations
- Increased volunteering
- Greater insights into community services
Pricing
£400 to £1,250 a licence a month
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
9 3 7 5 6 6 6 2 2 6 6 1 4 4 2
Contact
Time to Spare
Tom Neill
Telephone: 07411495842
Email: tom@plinth.org.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- No
- System requirements
-
- Web Browser
- Internet Access
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
On weekdays, the median response time for a support inquiry using our live chat is 2 minutes.
Our support is not guaranteed at weekends. - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
- We use Intercom for our live chat, so rely on their testing for accessibility.
- Onsite support
- Yes, at extra cost
- Support levels
- As a small team, all our support is delivered by the core members of the team that wrote the software. We charge a daily rate for significant support requests, but will make small changes/bug fixes for free.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
For buyers, we provide an onboarding call with a member of our team and can do an in-person demonstration (pandemic-permitting).
We have user guides in the form of video tutorials hosted on YouTube. - Service documentation
- Yes
- Documentation formats
- Other
- Other documentation formats
- Video
- End-of-contract data extraction
- This can be done on request in CSV or JSON format.
- End-of-contract process
- Data extraction in CSV or JSON format comes included. Anything else is an additional cost.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The reports and analytics cannot be accessed from the mobile service.
- Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- Yes
- What users can and can't do using the API
- They can use the API to access data on website visitors and locations of services.
- API documentation
- No
- API sandbox or test environment
- No
- Customisation available
- Yes
- Description of customisation
-
Public bodies (the buyer) can customise the service by requesting custom dashboards, analysis and themes.
VCS organisations (third parties) can customise the data structure they use to collect their monitoring data. They can use standard impact surveys or they can create their own.
Scaling
- Independence of resources
-
We view our service as having 2 potential scaling bottlenecks and we have taken steps to address each one.
1) Database access - we use a "global-scale" NoSQL cloud database that is very robust to heavy read and write loads.
2) Hosting - we use a multi-cloud serverless hosting service, so that our hosting will scale automatically to increased requests.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Our core service is providing reports on the work of VCS organisations. As a result, we provide metrics on the number of people these organisations work with, the frequency of their interaction and a number of other characteristics.
- Reporting types
- Real-time dashboards
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Staff screening not performed
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- Less than once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Physical access control, complying with CSA CCM v3.0
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
Some views or reports have a built-in CSV export.
For other specific details, an export can be requested using our live chat service. - Data export formats
-
- CSV
- Other
- Other data export formats
- JSON
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- None
- Approach to resilience
- Available on request.
- Outage reporting
- Email alerts.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
- All our management interfaces are restricted at account level. They require access to be specifically granted to each new team member.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- Less than 1 month
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- We take security very seriously and all members of our small team are very clear of the steps we need to take to ensure data is kept securely. We conduct regular internal audits of our data security.
- Information security policies and processes
- We maintain a detailed breach policy available on request and ensure that we are fully GDPR compliant.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- We use Git and Github for our version control and to integrate with our build and deploy system. This enables us to test and preview each change before it's made publicly available and to monitor our dependencies for security vulnerabilities.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- We deploy patches to our service as soon as we are able, usually within the day. We use Github's security vulnerability alerts to monitor our dependencies, and we proactively work internally to find security vulnerabilities in our software.
- Protective monitoring type
- Undisclosed
- Protective monitoring approach
- We respond as quickly as possible to any identified compromises.
- Incident management type
- Supplier-defined controls
- Incident management approach
- We maintain a version-controlled internal document of all incidents. For users affected by incidents, we send out an email alert within 48 hours of being made aware.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
None of our staff drive to work - we all cycle or take public transport
We write efficient code to minimise energy usage.
We volunteer to support tythe.org - an environmental charity and all full time staff of the company donate to it on a regular basis. - Covid-19 recovery
-
Covid-19 recovery
We are working with charities on the front line to support them to support individuals most at risk due to Covid and the related risks to that.
We supported businesses comply with track and trace regulations - Tackling economic inequality
-
Tackling economic inequality
We have taken on an apprentice software developer.
We provide work experience.
We work with many small charities to support them tackle economic inequality and to be more effective in their work. - Equal opportunity
-
Equal opportunity
We have an open hiring process that is based mainly on technical skills and not on interviews/cover letters, which are subject to bias.
We support people to grow whilst employed by the company. - Wellbeing
-
Wellbeing
All staff get unlimited holiday and are encouraged to take annual leave if they haven't.
We provide generous benefits such as free lunches and support where needed.
Pricing
- Price
- £400 to £1,250 a licence a month
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- We provide a free version with limited features, only including simple grant management software, a basic calendar and a referral network all showing information on up to 5 organisations.