Eploy

Eploy Applicant Tracking System & Recruitment CRM

Eploy Applicant Tracking System is the complete ATS recruitment platform for NHS, Central Government, Local Authorities, Education and the Public Sector. Eploy combines Applicant Tracking System, Talent CRM (Candidate Relationship Management), Talent Pools and Analytics and careers site with integrations for IDVT, HRIS, assessments, background checking and multi-posting

Features

• Job requisition & approval management
• Talent pooling & pipelines
• Candidate attraction, recruitment marketing & job posting
• Candidate relationship management & talent nurturing
• Applicant tracking system (ATS)
• Recruitment process workflows & optimisation
• Candidate assessment and video interviewing
• Job offers, onboarding & electronic signatures
• Recruitment analytics & dashboards
• Compliance features for GDPR & name-blind hiring

Benefits

• Accelerate your time to hire
• Reduce your cost of hire
• Enhance your candidate experience
• Improve your quality of hire
• Communicate your employer brand
• Build and nurture talent pools
• Manage your PSL vendors efficienty
• Improve your employee on-boarding
• Measure your recruitment processes in real-time with Eploy ATS
• Reduce unconscious bias with name-blind recruiting

£655 an instance a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bruce.groves@eploy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

946666250703572

Contact

Bruce Groves
0800 073 4243
bruce.groves@eploy.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Maintenance Events that may require interruption to the Services shall not be performed during N.B.H unless otherwise agreed to by the Customer. Eploy may interrupt the Services to perform emergency Maintenance Events at any time (including during N.B.H).; ; Maintenance Events include security updates, point releases, and version updates (typically 2-3 version updates a year). Eploy shall use all reasonable endeavours to avoid downtime for Maintenance Events.; ; Eploy provide release notes and opportunity to evaluate new versions . Eploy coordinate the day/time of the update with you to avoid disruption. Updates may require additional Services to take advantage of new features.
• System requirements: Standard web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Priority 3 Customer has a question regarding the use of the Services. Within 8 Normal Business Hours.; Priority 4 Certain non-essential features of the Services are impaired while most major components of the Services remain functional affecting any part of the user base.Within 8 Normal Business Hours.; Priority 5a Errors that are, non-disabling or cosmetic and clearly have little or no impact on the normal operation of the Services. Within 2 Business Days after initial response.; Priority 5b Requests for new features/functionality that does not exist in the current version of the Services , Within 5 Business Days
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Eploy shall provide at least a 99.9% uptime service availability level (Uptime Service Level). This availability refers to the Customer's ability to access the Eploy Recruitment System, as the Customer is responsible for its own Internet access. Availability does not include Maintenance Events, Customer-caused or third party-caused outages or disruptions, or outages or disruptions attributable in whole or in part to events not within Eploy's control.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Eploy provides both onsite and online training. Eploy also has a dedicated training facility at the company's headquarters in Kidderminster. Full user documentation is also provided and training videos are available 24/7 within Eploy's online support centre. Eploy provide a standard implementation service to ensure the successful on-boarding of new customers - this is based on Eploy's proven Implementation Methodology.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: At the end of the contract Eploy can provide the customer with a full data backup as per Eploy's back-up policy and MSA.
• End-of-contract process: (a) all licences and access to the Services granted under this agreement shall immediately terminate; (b) each party shall return and make no further use of any equipment, property, Documentation and other items (and all copies of them) belonging to the other party; (c) Eploy may destroy or otherwise dispose of any of the Customer Data in its possession unless Eploy receives, no later than 10 business days after the effective date of the termination of this agreement, a written request for the delivery to the Customer of the then most recent back-up of the Customer Data. This will be delivered to the Customer in accordance with the Eploy Backup Policy and within 30 days of its receipt of such a written request, provided that the Customer has, at that time, paid all fees and charges outstanding at and resulting from termination (whether or not due at the date of termination). The Customer shall pay all reasonable expenses incurred by Eploy in returning or disposing of Customer Data.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No key differences, Responsive Web Design is used for all Eploy portal interfaces including portals for candidates, hiring managers and recruiters.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Eploy provides browser based user interfaces for all aspects of the clients recruitment journey including core recruiter system and dedicated hiring manager, candidate and agency portals.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Eploy candidate portals have been independently verified as meeting WCAG2.1 AA standard by Digital Accessibility Centre. Customers must ensure their own content is WCAG2.1 AA compliant.
• API: Yes
• What users can and can't do using the API: Eploy’s RESTful API is available as a series of components, each designed to help you to create integrations with the Eploy recruitment platform, including:; Applications - including workflows, questions and answers, assessments & feedback and source of application.; Candidates - Integrate with your candidate profile data to create candidate-centric solutions.; Vacancies - Access vacancies, job descriptions, locations and addresses.; Placements - Including offers, placed candidates, costs, salaries, locations, integrates with HR, Payroll and other back-office systems.; Contacts - Work with Contact records, including contact details, locations and addresses.; Companies - Keep internal & external company, department and structure up to date.; Files - Such as CVs, also includes integrating with Eploy documents and e-signatures.; Actions - Exposes actions, outcomes and statuses from your recruitment workflows.; Users - Work with users and permissions to update system user records and create solutions requiring access control.; Access to the Eploy API requires API keys and uses OAuth2 for authentication. Customers can generate API keys within their Eploy System. Each API Key is tied to a specific user record to ensure that keys only inherit and allow access to the data that the tied user record has been granted permissions.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Eploy has many configuration options as standard including drop-down lists, email & document templates, fields, custom workflows and forms (for example screening, application, feedback, surveys etc. Access to configuration options is controlled by granular permissions/privileges.

Scaling

• Independence of resources: We constantly monitor individual customer instance system usage levels, this enables us to increase resources proactively for customers with growing usage profile. Webservers are load balanced using a failover methodology to ensure high availability. All load balancers and firewalls also have redundancy built in.

Analytics

• Service usage metrics: Yes
• Metrics types: User metrics (users, logins, activities etc.); Candidate / application metrics (Candidates created, applications, vacancies created etc.); Database size & bandwidth; Emails sent; SMS sent; E-signatures
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Eploy has a data export utility which enables the export of data as CSV and/or XLS. Alternatively a full SQL backup can be provided on request as per Eploy's backup policy.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Eploy guarantee a 99.9% uptime service availability level. This availability refers to the Customer's ability to access the Eploy System. Uptime includes the functioning of all network infrastructure operated by Eploy including routers, switches and cabling. Each Customer is responsible for its own Internet access. ; ; Availability does not include Maintenance Events, Customer-caused or third party-caused outages or disruptions, or outages or disruptions attributable in whole or in part to events not within Eploy's control.; In the unlikely event the Customer are unable to access the Eploy System (other than in the event of Maintenance Events, Customer-caused or third party-caused outages or disruptions, or outages or disruptions attributable in whole or in part to events not wholly within Eploy's control) Eploy will refund 5% of the Monthly Fee detailed in the Customer Service Order Form for each 60 minutes of downtime (up to 100% of Monthly Fees payable in any month). ; Eploy System downtime begins when a Customer is unable to access the Eploy System and Eploy has been notified of and has acknowledged such failure to the time the Customer is once again able to access the Eploy System.
• Approach to resilience: Available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Eploy includes its own user management and privileges system which enables users who have access to the service to be configured. Granular privileges ensure that each user only has access to the features and data they are responsible for.; Access to Eploy's helpdesk and ticketing system is also managed directly through the Eploy interface, ensuring that only customer nominated support users are able to access Eploy support services.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Schellmann & Company
• ISO/IEC 27001 accreditation date: 03/01/2022
• What the ISO/IEC 27001 doesn’t cover: This certification covers the services provided by our hosting provider - Microsoft Azure.; Eploy's Information Security Policies have been certified to the IASME standard. Eploy is IASME & Cyber Essentials Plus certified.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • IASME
  • Cyber Essentials Plus
  • Helios Stage 2 FSQS

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Eploy's hosting provider, Microsoft Azure is ISO/IEC 27001 accredited. In addition Eploy's Information Security Management processes have been certified to the IASME standard and Cyber Essentials Plus
• Information security policies and processes: Eploy’s Information Security Management System a has been accredited to the IASME standard. The IASME standard is written along the same lines as the ISO27001 but specifically for small companies. The gold standard of IASME demonstrates baseline compliance with the international standard.; Eploy has developed this Information Security Policy to: ; Provide direction and support for information security in accordance with business requirements, regulations and legal requirements;; State the responsibilities of staff, partners, contractors and any other individual or organisation having access to Eploy’s information assets. ; State management intent to support the goals and principles of security in line with business strategy and objectives. ; Provide a framework by which the confidentiality, integrity and availability of Eploy’s information assets can be maintained.; Optimise the management of risks, by preventing and minimising the impact of Information Security incidents;; Ensure that all breaches of information security are reported, investigated and appropriate action taken where required;; Ensure that supporting policies and procedures are regularly reviewed and continual improvement is maintained to ensure progressive good working practices and procedures ; Ensure information security requirements are regularly communicated to all relevant parties.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to information resources are managed and executed according to a formal change control process documented within Eploys Change Management and Control Policy (Ref: ESEC-CC-01 - available upon request). The policy includes the change management documentation and risk assessment procedures. In addition, all information assets are controlled in accordance with Eploy's IT Asset Management policy (Ref ESEC-AM-01)
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Eploy is audited by Netcraft on a monthly basis. This involves Netcraft testing our internet infrastructure and supplies us with the information we need to maintain security and eliminate vulnerabilities. The tests include a full TCP and UDP port scan to identify available services on each responding host. Each service is tested for information leaks, configuration errors and potential vulnerabilities. Netcraft’s database of vulnerabilities contains the collective experience gained from testing thousands of networks, using both public security advisories and our own research. It is continually updated, with over 250 new classes of vulnerability added each year.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: As per Eploy's Information Logging Standard (Doc Ref ESEC-CO-01) Eploy supports the formatting and storage of audit logs in such a way as to ensure the integrity of the logs and to support enterprise-level analysis and reporting. Including Microsoft Windows Event Logs collected by a centralised log management system
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are managed in accordance with Eploy's Security Incident and Event Management Procedure (Ref: ESEC-IM-02). In the event of an actual or suspected incident the incident response team informs the effected customer without undue delay (target of within 24 hours) whilst preventing the incident from escalating and retaining information for post-incident reporting.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  At Eploy, we are committed to net-negative emissions. To help us achieve this, we have a rigorous policy for calculating, reporting and offsetting our carbon emissions. ; ; We consider our entire carbon footprint, specifically those generated by:; ; Our office premises; Business Travel; Staff commuting; Our cloud data centre platform (Microsoft Azure); ; We take the calculated figures TCO2e figures, multiply them (to help us target net negative emissions, and then offset the inflated total by funding Verified Carbon Standard certified carbon reduction programmes at a local, national and global level.
• Covid-19 recovery:

  Covid-19 recovery

  The 'COVID-19 Student Response Network', CSRN was founded in the wake of lockdown to bring together talented students from all over the UK with social impact organisations impacted by COVID-19. CSRN works with established student consultancies to secure and scope high impact management consulting projects with organisations driving social impact in regions impacted by crises.; ; The goal of CSRN is to support as many charities and social enterprises as possible in navigating the challenges brought about by 2020 by bridging the gap between talented students passionate about consulting and social impact organisations in need of support. Since their inception in April, CSRN has managed to bring about the support of over 120 organisations and looks to continue acting as a platform which connects talented students with social impact organisations in need of support.; ; The scale of the network’s impact to date has amassed them international recognition with the UK Government recently profiling the organisation as an ‘Outstanding Volunteer-led Response to the Global Pandemic’ and Jack Elliott, CSRN’s co-founder & CEO, receiving a ‘Points of Light’ award and a personal letter from the UK Prime Minister, Boris Johnson. In addition to their COVID-19 response, CSRN are also responsible for running one of the world’s largest student-led responses to the Beirut explosion in Lebanon and have recently begun their expansion into Africa targeting their resources first at Rwanda, Zambia, Nigeria & Uganda.; ; To achieve their ambitions, CSRN recognised the need for a cloud-based talent acquisition platform that would enable them to recruit the very best talent from the student population to work on the expansion of their social impact globally. ; ; Eploy stepped in to provide free-of-charge access to Eploy’s Applicant Tracking System and Recruitment CRM platform, including a web-based careers portal where students can search and apply for current roles .
• Tackling economic inequality:

  Tackling economic inequality

  Eploy has been accredited as a living wage employer by the Living Wage Foundation, demonstrating the company’s commitment to being a socially responsible employer.; The real Living Wage is the only UK wage rate paid voluntarily by over 7,000 UK businesses. Real Living Wage employers believe their staff deserve a wage that meets everyday needs, going further than the government minimum and paying all staff the real Living Wage for the real cost of living.; Living Wage rates are higher than the government minimum because they are independently calculated based on what people need to get by.; Living Wage employers report that paying a decent wage, as well as being the right thing to do, has real business benefits. They talked of lower staff turnover and a better bottom line. In addition, staff felt valued, so they went the extra mile
• Equal opportunity:

  Equal opportunity

  At Eploy, we are governed by our Equality, Diversity & Inclusion policy. Eploy is committed to encouraging equality, diversity and inclusion among our workforce, and ensuring there is no unjustified or unconscious discrimination in the recruitment, retention, training and development of our staff.; ; The aim is for our workforce to be truly representative of all parts of society and our customers, and for each employee to feel respected, included and able to give their best.; ; The organisation - in providing services - is also committed against unlawful discrimination of customers or the public.; ; Support for helping our customers achieve their E,D & I objectives; Eploy’s recruitment software permits the use of “name blind” applications. Individual names and identifying information are removed from application forms in order to overcome any potential discrimination- conscious or otherwise- in the recruitment process.; ; We feel that there is still a long way to go to ensure equal opportunities in the work place. By offering name blind applications to customers at no additional cost, we are doing our little bit to ensuring work places reflect our diverse society.
• Wellbeing:

  Wellbeing

  We take staff well being seriously, including fatigue management, and forms part of every daily or weekly 1 to 1 meeting and annual reviews. An extract from our CSR-; From our hard-working, dedicated customer success team, to our award winning development and design teams- our people have made Eploy what it is today, and shape what it will become in the future. We give our employees the tools they need, back them up with unwavering standards of team training. We believe happy, healthy individuals are more productive. Some of the ways we support our employees include:; ; Continued professional development. We support our employees who want to continue their learning journey both financially and with time to study.; Flexible working locations and hours. We believe that employees thrive when they have the right work/life balance.

Pricing

• Price: £655 an instance a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Eploy can provide a 30-day trial system (extendable upon request) for prospective clients to test the service before purchase. This includes access to all core system functions and features.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bruce.groves@eploy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.